Security and privacy issues in middleware for emergency and rescue applications

Mobile ad-hoc networks (MANETs) are a natural candidate for communication and information exchange in emergency and rescue operations. The personnelpsilas movements, network disruptions and other system dynamics make it hard to implement robust applications for such environments. The MIDAS project aims at creating a middleware platform to simplify the task of developing and deploying mobile and robust services for events in which the network might be set-up at short notice. MANETs may be used because infrastructure is non-existing, and the number of users might be very high. One of the application domains addressed by MIDAS are emergency and rescue operations. To get a broad acceptance of the MIDAS solutions, security and privacy issues need also to be addressed. In this paper, we analyze the security threats and present a two-way approach to securing the MIDAS architecture. In the bottom-up approach, we use an efficient key management protocol to establish trust, and in the top-down approach we use dynamic role based access control to secure the system and provide privacy.

[1]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[2]  Thomas Plagemann,et al.  A Data Sharing Facility for Mobile Ad-Hoc Emergency and Rescue Applications , 2007, 27th International Conference on Distributed Computing Systems Workshops (ICDCSW'07).

[3]  Grzegorz Kolaczek,et al.  APPLICATION OF DEONTIC LOGIC IN ROLE-BASED ACCESS CONTROL , 2002 .

[4]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[5]  Emil C. Lupu,et al.  The uses of role hierarchies in access control , 1999, RBAC '99.

[6]  Yves Roudier,et al.  SKiMPy: A Simple Key Management Protocol for MANETs in Emergency and Rescue Operations , 2005, ESAS.

[7]  Philippe Jacquet,et al.  Optimized Link State Routing Protocol (OLSR) , 2003, RFC.

[8]  Ralf Steinmetz,et al.  On the effect of node misbehavior in ad hoc networks , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).