ID-NAC: Identity-based network access control for MANETs

Security in mobile ad hoc networks (MANETs) is an active research topic. Bulks of prior work focused on key management and secure routing without addressing an important pre-requisite: network access control, the problem of admission and revocation of ad hoc nodes. In this paper, we present ID-NAC, identity-based network access control for MANETs. In ID-NAC each node in the network maintains a profile table, which contains information about the behavior of the nodes in the MANET. It is used to assign a quantitative value for the trustworthiness of a node. Since, there is no observation about the behaviors of prospective members at first; they are admitted to the network tentatively. Then, their behaviors are monitored in the network and if they behave well, they can obtain an identity-based membership tokens based on their trustworthiness. In addition, using profile tables provide protection against wrongful revocation of membership tokens through malicious accusations. The feasibility of ID-NAC was verified by simulation.

[1]  Gene Tsudik,et al.  Admission control in peer groups , 2003, Second IEEE International Symposium on Network Computing and Applications, 2003. NCA 2003..

[2]  Jeong Hyun Yi,et al.  Identity-Based Access Control for Ad Hoc Groups , 2004, ICISC.

[3]  David A. Maltz,et al.  Dynamic Source Routing in Ad Hoc Wireless Networks , 1994, Mobidata.

[4]  Charles E. Perkins,et al.  Ad hoc On-Demand Distance Vector (AODV) Routing , 2001, RFC.

[5]  Haiyun Luo,et al.  Self-securing ad hoc wireless networks , 2002, Proceedings ISCC 2002 Seventh International Symposium on Computers and Communications.

[6]  Haiyun Luo,et al.  Adaptive security for multilevel ad hoc networks , 2002, Wirel. Commun. Mob. Comput..

[7]  Jeong Hyun Yi,et al.  Access control in ad hoc groups , 2004, 2004 International Workshop on Hot Topics in Peer-to-Peer Systems.

[8]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[9]  M. Gerla,et al.  GloMoSim: a library for parallel simulation of large-scale wireless networks , 1998, Proceedings. Twelfth Workshop on Parallel and Distributed Simulation PADS '98 (Cat. No.98TB100233).

[10]  Muthucumaru Maheswaran,et al.  A localized certificate revocation scheme for mobile ad hoc networks , 2008, Ad Hoc Networks.

[11]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[12]  Jeong Hyun Yi,et al.  Threshold cryptography in P2P and MANETs: The case of access control , 2007, Comput. Networks.

[13]  Srdjan Capkun,et al.  Self-Organized Public-Key Management for Mobile Ad Hoc Networks , 2003, IEEE Trans. Mob. Comput..

[14]  Alexandra Boldyreva,et al.  Efficient threshold signature, multisignature and blind signature schemes based on the Gap-Diffie-Hellman-Group signature scheme , 2002 .

[15]  Haiyun Luo,et al.  Adaptive Security for Multi-layer Ad-hoc Networks , 2002 .

[16]  Diana K. Smetters,et al.  Secret handshakes from pairing-based key agreements , 2003, 2003 Symposium on Security and Privacy, 2003..

[17]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[18]  Jeong Hyun Yi,et al.  Access control in ad hoc groups , 2004 .

[19]  Haiyun Luo,et al.  URSA: ubiquitous and robust access control for mobile ad hoc networks , 2004, IEEE/ACM Transactions on Networking.

[20]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[21]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.