Skip to main content Accessibility help
×
Home
Hostname: page-component-99c86f546-5rzhg Total loading time: 0.241 Render date: 2021-12-03T08:07:48.939Z Has data issue: true Feature Flags: { "shouldUseShareProductTool": true, "shouldUseHypothesis": true, "isUnsiloEnabled": true, "metricsAbstractViews": false, "figures": true, "newCiteModal": false, "newCitedByModal": true, "newEcommerce": true, "newUsageEvents": true }

4 - Trust management

Published online by Cambridge University Press:  26 February 2010

Amitabh Mishra
Affiliation:
Virginia Polytechnic Institute and State University
Get access

Summary

The previous chapters discussed mandatory security requirements, which include confidentiality, authentication, integrity, and non-repudiation. These, in turn, require some form of cryptography, certificates, and signatures. Some other security-related mechanisms include user authentication, explicit transaction authorization, end-to-end encryption, accepted log-on security (biometrics) instead of separate personal identification numbers (PINs) and passwords, intrusion detection, access control, logging, and audit trail. In this chapter, I present some of the security schemes that govern trust among the communicating entities. Governance of the trust can be based on principles and practices of key management in distributed networks or other means such as authentication. Additionally, this chapter discusses several well known methods that are related to key management and authentication.

The resurrecting duckling

The resurrecting duckling security model [1] has been developed to solve the secure transient association problem. An example of this would be when a person buying a remote control would not want any other person to be able to use another remote control bought at the same shop to work at his place, but then the remote control has to work for some other person who might buy it from the first owner. Like a duckling, who considers the first moving object it sees to be its mother, in the same way a device would recognize the first entity that sends it a secret key as its owner. When necessary, the owner could later clear the imprinting and let the device change its owner.

Type
Chapter
Information
Publisher: Cambridge University Press
Print publication year: 2008

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Stajano, F. and Anderson, R., “The resurrecting duckling: security issues for ad-hoc wireless networks,” in Proc. 7th International Workshop on Security Protocols, Lecture Notes in Computer Science, Springer-Verlag, Berlin, Germany, Apr. 1999. Available from www.cl.cam.ac.uk/~fms27/duckling/duckling.html.Google Scholar
Stajano, F., “The resurrecting duckling – what next?” Proc. 8th International Workshop on Security Protocols, Lecture Notes in Computer Science, Springer-Verlag, Berlin, Germany, April 2000. Available from www.cl.cam.ac.uk/~fms27/duckling/ duckling-what-next.html.Google Scholar
Asokan, N. and Ginzboorg, P., “Key agreement in ad hoc networks,” Computer Communications, vol. 23, 2000, pp. 1627–1637.CrossRefGoogle Scholar
R. R. S. Verma, D. O'Mahony, and H. Tewari, NTM – Progressive Trust Negotiation in Ad Hoc Networks, www.cs.tcd.ie/Donal.Omahony/iei-ntm.pdf.
S. Jacobs, Mobile IP Public Key Based Authentication, Internet draft, IETF, www3.tools.ietf.org/html/draft-jacobs-mobileip-pki-auth-02, Mar. 1999.
Fasbender, A., Kesdogan, D., and Kubitz, O., “Variable and scalable security: protection of location information in mobile IP,” Mobile Technology for the Human Race, IEEE 46th Vehicular Technology Conference, 1996.Google Scholar
P. Eronen, C. Gehrmann, and P. Nikander, Securing Ad Hoc Jini Services, www.niksula.hut.fi/~peronen/publications/nordsec_2000.pdf, 2000.
J. Kong, P. Zerfos, H. Luo, S. Lu, and L. Zhang, “Providing robust and ubiquitous security support for mobile ad-hoc networks,” 9th IEEE International Conference on Network Protocols, Riverside, CA, Nov. 2001, pp. 251–260.
S. Mäki, M. Hietalahti, and T. Aura, A Survey of Ad-Hoc Network Security, Interim report of project 007 – Security of Mobile Agents and Ad-Hoc Societies, Helsinki University of Technology. Laboratory for Theoretical Computer Science, Sep. 2000.
H. Luo and S. Lu, Ubiquitous and Robust Authentication Services for Ad Hoc Wireless Networks, Technical Report TR-200030, Dept. of Computer Science, UCLA, 2000.
S. Jacobs and M. S. Corson, MANET Authentication Architecture, http://ietfreport.isoc.org/all-ids/draft-jacobs-imep-auth-arch-00.txt, 1999.
L. Venkatraman and D. P. Agrawal, “A novel authentication scheme for ad-hoc networks,” 2nd IEEE Wireless Communications and Networking Conference, Chicago, Sep. 2000.
M. Jiang, J. Li, and Y. C. Tay, “Cluster Based Routing Protocol,” http://tools.ietf.org/html/draft-ietf-manet-cbrp-spec-01.txt, Aug 1999.
S. Levijoki, Authentication, Authorization and Accounting in Ad Hoc Networks, www.tml.tkk.fi/Opinnot/Tik-110.551/2000/papers/authentication/aaa.htm, 2000.
Blaze, M., Feigenbaum, J., and Lacy, J., “Decentralized trust management,” IEEE Symposium on Security and Privacy, May 1996, pp. 164–173.Google Scholar
M. Blaze, J. Feigenbaum, J. Ioannidis, and A. Keromytis, The KeyNote Trust-Management System Version 2, www.ietf.org/rfc/rfc2704.txt, Sep. 1999.
J. Myers, Simple Authentication and Security Layer (SASL), www.ietf.org/rfc/rfc2222.txt, Oct. 1997.
D. Maughan, M. Schertler, M. Schneider, and J. Turner, Internet Security Association and Key Management Protocol (ISAKMP), http://www.ietf.org/rfc/rfc2408.txt, Nov. 1998.
D. Harkins and D. Carrel, The Internet Key Exchange (IKE), www.ietf.org/rfc/rfc2409.txt, Nov. 1998.

Send book to Kindle

To send this book to your Kindle, first ensure no-reply@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about sending to your Kindle.

Note you can select to send to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be sent to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

  • Trust management
  • Amitabh Mishra, Virginia Polytechnic Institute and State University
  • Book: Security and Quality of Service in Ad Hoc Wireless Networks
  • Online publication: 26 February 2010
  • Chapter DOI: https://doi.org/10.1017/CBO9780511619755.005
Available formats
×

Send book to Dropbox

To send content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about sending content to Dropbox.

  • Trust management
  • Amitabh Mishra, Virginia Polytechnic Institute and State University
  • Book: Security and Quality of Service in Ad Hoc Wireless Networks
  • Online publication: 26 February 2010
  • Chapter DOI: https://doi.org/10.1017/CBO9780511619755.005
Available formats
×

Send book to Google Drive

To send content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about sending content to Google Drive.

  • Trust management
  • Amitabh Mishra, Virginia Polytechnic Institute and State University
  • Book: Security and Quality of Service in Ad Hoc Wireless Networks
  • Online publication: 26 February 2010
  • Chapter DOI: https://doi.org/10.1017/CBO9780511619755.005
Available formats
×