Factors Impacting Key Management Effectiveness in Secured Wireless Networks

The use of a Public Key Infrastructure (PKI) offers a cryptographic solution that can overcome many, but not all, of the MANET security problems. One of the most critical aspects of a PKI system is how well it implements Key Management. Key Management deals with key generation, key storage, key distribution, key updating, key revocation, and certificate service in accordance with security policies over the lifecycle of the cryptography. The approach supported by traditional PKI works well in fixed wired networks, but it may not appropriate for MANET due to the lack of fixed infrastructure to support the PKI. This research seeks to identify best practices in securing networks which may be applied to new network architectures

Modeling and Performance Evaluation of MANET Handover

A Mobile Ad Hoc Network (MANET) is an unstructured collection of wireless nodes that move arbitrarily and use multi-hop protocols to communicate between each other. There is not a predefined infrastructure in a MANET as there is in other types of wireless networks. Now days, MANET networks integrate with other networks, like the Internet, permitting ad hoc nodes to communicate with hosts placed in any part of the world. But the integration of MANETs with fixed infrastructures must be carefully studied to evaluate how it performs. In such integrated scenario, commonly known as Hybrid Ad Hoc Network, a MANET can be seen as an extension to the existing infrastructure, whose mobile nodes seamlessly communicate with hosts on the fixed network by forwarding packets throughout the gateways found on the edge that join both types of network. Connecting MANETs to the Internet does not come without difficulties. Ad hoc routing protocols work different than the regular routing protocols used on the Internet, and their interoperability becomes an important issue. But when MANETs integrate with the Internet, a more demanding challenge emerges if node mobility is considered. A moving node may lose registration with its current gateway, and may then need to register to a different gateway (a handover) to continue communicating. During a handover, any ongoing communication will be interrupted affecting network performance. In order to improve this performance, an IP mobility management protocol must be used. The main objective of this research is to develop a model that may be used to evaluate the performance of MANET handovers under different scenarios. Different issues about MANET integration with the Internet are considered: the IP mobility protocol implemented, the external route computation procedure, the type of ad hoc routing protocol used, and the gateway discovery approach used. For this evaluation, a mobile node in a MANET holding a communication with a correspondent node in the Internet roams to a different sub-network, having to change its registration to a different gateway. The different scenarios considered to evaluate the handover performance include the use of different types of MANET protocols, the use of different gateway discovery approaches, and the use of different versions of the Mobile IP protocol. During the research a review was made of the functioning conditions for the proposed scenario. Then, a handover model was proposed, which was used to develop some metrics that were later used to evaluate the MANET handover performance. This metrics are the broken communication time, the probability of handover failure, and the average communication interruption time. In all the results found, we could confirm that the proactive discovery approach has a better handover performance than the reactive discovery approach, which permit us to conclude that regardless the MANET routing protocol, and the Mobile IP version, the proactive agent discovery approach should be used in highly mobile scenarios, preferable, with the reactive routing protocol

On secure communication in integrated internet and heterogeneous multi-hop wireless networks.

Integration of the Internet with a Cellular Network, WMAN, WLAN, and MANET presents an exceptional promise by having co-existence of conventional WWANs/WMANs/WLANs with wireless ad hoc networks to provide ubiquitous communication. We call such integrated networks providing internet accessibility for mobile users as heterogeneous multi-hop wireless networks where the Internet and wireless infrastructure such as WLAN access points (APs) and base stations (BSs) constitute the backbone for various emerging wireless networks (e.g., multi-hop WLAN and ad hoc networks. Earlier approaches for the Internet connectivity either provide only unidirectional connectivity for ad hoc hosts or cause high overhead as well as delay for providing full bi-directional connections. In this dissertation, a new protocol is proposed for integrated Internet and ad hoc networks for supporting bi-directional global connectivity for ad hoc hosts. In order to provide efficient mobility management for mobile users in an integrated network, a mobility management protocol called multi-hop cellular IP (MCIP) has been proposed to provide a micro-mobility management framework for heterogeneous multi-hop network. The micro-mobility is achieved by differentiating the local domain from the global domain. At the same time, the MCIP protocol extends Mobile IP protocol for providing macro-mobility support between local domains either for single hop MSs or multi-hop MSs. In the MCIP protocol, new location and mobility management approaches are developed for tracking mobile stations, paging, and handoff management. This dissertation also provides a security protocol for integrated Internet and MANET to establish distributed trust relationships amongst mobile infrastructures. This protocol protects communication between two mobile stations against the attacks either from the Internet side or from wireless side. Moreover, a secure macro/micro-mobility protocol (SM3P) have been introduced and evaluated for preventing mobility-related attacks either for single-hop MSs or multi-hop MSs. In the proposed SM3P, mobile IP security has been extended for supporting macro-mobility across local domains through the process of multi-hop registration and authentication. In a local domain, a certificate-based authentication achieves the effective routing and micro-mobility protection from a range of potential security threats