论文信息 - Efficient Verification of Delegation in Distributed Group Membership Management

Efficient Verification of Delegation in Distributed Group Membership Management

In ad-hoc networks and other highly distributed and decentralized environments, authorization certificates can be used to control access. Moreover, it is possible to delegate rights listed in the certificate to another users. Several such subsequent delegations build a chain of certificates. Chains of delegation certificates can improve the capability and manageability of systems. Distributed group membership management, i.e. managing groups of users in a distributed environment, utilizes the efficiency of certificate chains. Adding, removing as well as authentication of users is managed by chains of delegation certificates. On the other hand, the size of certificate chains could be too long to be usable. In this paper we take a look at distributed group membership management based on delegation certificates. Then we present a new kind of certificate, the implanted chain certificate, and its characteristics. With this new kind of certificate the verification time of a certificate chain can be decreased without losing delegation information. Finally, we compare our verification method to reduce the time of verification.

Ladislav Huraj | Helmut Reiser | Helmut Reiser | L. Huraj

[1] Adi Shamir,et al. How to share a secret , 1979, CACM.

[2] M. Ufuk Çaglayan,et al. An efficient, dynamic and trust preserving public key infrastructure , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[3] Robin Kravets,et al. MOCA : MObile Certificate Authority for Wireless Ad Hoc Networks , 2004 .

[4] Jiejun Kong,et al. Providing robust and ubiquitous security support for mobile ad-hoc networks , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[5] T. Aura,et al. Robust Membership Management for Ad-hoc Groups , 2000 .

[6] Tuomas Aura,et al. Privacy and Accountability in Certificate Systems , 2000 .

[7] Haiyun Luo,et al. Ubiquitous and Robust Authentication Services for Ad Hoc Wireless Networks , 2000 .

[8] Tuomas Aura,et al. Towards a Survivable Security Architecture for Ad-Hoc Networks , 2001, Security Protocols Workshop.

[9] Emil C. Lupu,et al. Towards flexible credential verification in mobile ad-hoc networks , 2002, POMC '02.

[10] Butler W. Lampson,et al. SPKI Certificate Theory , 1999, RFC.

[11] Kwangjo Kim,et al. Efficient Offline Path Validation , 2001 .

[12] Philip R. Zimmermann,et al. The official PGP user's guide , 1996 .