Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Mobile Ad Hoc Networks

Guiding readers through the basics of these rapidly emerging networks to more advanced concepts and future expectations, Mobile Ad hoc Networks: Current Status and Future Trends identifies and examines the most pressing research issues in Mobile Ad hoc Networks (MANETs). Containing the contributions of leading researchers, industry professionals, and academics, this forward-looking reference provides an authoritative perspective of the state of the art in MANETs. The book includes surveys of recent publications that investigate key areas of interest such as limited resources and the mobility of mobile nodes. It considers routing, multicast, energy, security, channel assignment, and ensuring quality of service. Also suitable as a text for graduate students, the book is organized into three sections: Fundamentals of MANET Modeling and Simulation—Describes how MANETs operate and perform through simulations and models Communication Protocols of MANETs—Presents cutting-edge research on key issues, including MAC layer issues and routing in high mobility Future Networks Inspired By MANETs—Tackles open research issues and emerging trends Illustrating the role MANETs are likely to play in future networks, this book supplies the foundation and insight you will need to make your own contributions to the field. It includes coverage of routing protocols, modeling and simulations tools, intelligent optimization techniques to multicriteria routing, security issues in FHAMIPv6, connecting moving smart objects to the Internet, underwater sensor networks, wireless mesh network architecture and protocols, adaptive routing provision using Bayesian inference, and adaptive flow control in transport layer using genetic algorithms

Mobile Ad Hoc Networks

Guiding readers through the basics of these rapidly emerging networks to more advanced concepts and future expectations, Mobile Ad hoc Networks: Current Status and Future Trends identifies and examines the most pressing research issues in Mobile Ad hoc Networks (MANETs). Containing the contributions of leading researchers, industry professionals, and academics, this forward-looking reference provides an authoritative perspective of the state of the art in MANETs. The book includes surveys of recent publications that investigate key areas of interest such as limited resources and the mobility of mobile nodes. It considers routing, multicast, energy, security, channel assignment, and ensuring quality of service. Also suitable as a text for graduate students, the book is organized into three sections: Fundamentals of MANET Modeling and Simulation—Describes how MANETs operate and perform through simulations and models Communication Protocols of MANETs—Presents cutting-edge research on key issues, including MAC layer issues and routing in high mobility Future Networks Inspired By MANETs—Tackles open research issues and emerging trends Illustrating the role MANETs are likely to play in future networks, this book supplies the foundation and insight you will need to make your own contributions to the field. It includes coverage of routing protocols, modeling and simulations tools, intelligent optimization techniques to multicriteria routing, security issues in FHAMIPv6, connecting moving smart objects to the Internet, underwater sensor networks, wireless mesh network architecture and protocols, adaptive routing provision using Bayesian inference, and adaptive flow control in transport layer using genetic algorithms

SEMAN - uma proposta de Middleware seguro para as redes ad hoc móveis

Orientador : Prof. Dr. Luiz Carlos Pessoa AlbiniTese (doutorado) - Universidade Federal do Paraná, Setor de Ciências Exatas, Programa de Pós-Graduação em Ciência da Computação. Defesa: Curitiba, 04/04/2014Inclui referênciasResumo: Devido às particularidades das redes ad hoc móveis (MANETs - Mobile Ad Hoc Networks), como a topologia dinâmica, a ausência de infraestrutura e a sua característica decentralizada, a implementação de aplicações complexas e flexíveis para estas redes torna-se um desafio. Para permitir o desenvolvimento dessas aplicações, diversas soluções de middleware foram propostas. Contudo, as soluções encontradas não consideram plenamente os requisitos de segurança dessas redes. Este trabalho apresenta um estudo dos middlewares propostos para as MANETs, relatando o seu funcionamento e apresentando um comparativo das funcionalidades disponíveis. Esses middlewares são categorizados de acordo com a seguinte classificação, proposta neste trabalho: baseados em espaços de tuplas, baseados em P2P, baseados em contexto, cross-layer e orientados à aplicação. Em seguida, com base nas limitações estudadas, é proposto um novo middleware de segurança para as MANETs, chamado de SEcure Middleware for Ad hoc Mobile Networks (SEMAN - Middleware seguro para as redes ad hoc móveis), que fornece um conjunto de serviços de segurança para facilitar o desenvolvimento de aplicações distribuídas, complexas e flexíveis. Para fornecer tais serviços e garantir a segurança, o SEMAN considera o contexto das aplicações e organiza os nós em grupos, também baseados nesses contextos. O middleware prevê três módulos: serviço, processamento e segurança. O módulo de serviço é responsável por manter todos os serviços e aplicações que são disponibilizados pelo nó hospedeiro a outros nós da rede. O módulo de processamento é responsável por manter o funcionamento central do middleware, atendendo os pedidos e gerenciando o registro dos serviços e componentes disponíveis. O módulo de segurança é o ponto principal do middleware e o foco desta tese. Ele possui os componentes de gerenciamento de chaves, de confiança e de grupos. Todos esses componentes foram desenvolvidos pelo autor e são descritos neste trabalho. Eles são suportados por um núcleo de operações criptográficas e atuam de acordo com regras e políticas de segurança. A integração desses componentes fornece garantias de segurança contra ataques às aplicações que utilizam o middleware.Abstract: Due to the particularities of Mobile Ad Hoc Networks (MANETs), as their dynamic topology, lack of infrastructure and decentralized characteristic, the implementation of complex and flexible applications is a challenge. To enable the deployment of these applications, several middleware solutions were proposed. However, these solutions do not completely consider the security requirements of these networks. This thesis presents middleware solutions for MANETs, by describing their operations and presenting a comparative of the available functionalities. The middlewares were grouped according to this classification: tuple space-based, P2P-based, context-based, cross-layer and applicationoriented. Then, based on the limitations of the studied solutions, a new secure middleware is proposed, called SEcure Middleware for Ad hoc Networks (SEMAN), which provides a set of basic and secure services to MANETs aiming to facilitate the development of distributed, complex and flexible applications. To provide such services and ensure security to the applications, SEMAN considers the context of applications and organizes nodes into groups, also based on these contexts. The middleware includes three modules: service, processing, and security. Service module is responsible for maintaining all services and applications hosted by nodes. The processing module is responsible for maintaining the middleware core operation, listening the requests and managing the registry of available services and components. The security module is the main part of the middleware and the focus of this thesis. It has the following components: key management, trust management and group management. All these components were developed and are described in this work. They are supported by a cryptographic core and behave according to security rules and policies. The integration of these components provides security assurance against attacks to the applications that use the middleware

A policy-based security framework for ad-hoc networks

Imperial Users onl

Proceedings of the Third Edition of the Annual Conference on Wireless On-demand Network Systems and Services (WONS 2006)

Ce fichier regroupe en un seul documents l'ensemble des articles accéptés pour la conférences WONS2006/http://citi.insa-lyon.fr/wons2006/index.htmlThis year, 56 papers were submitted. From the Open Call submissions we accepted 16 papers as full papers (up to 12 pages) and 8 papers as short papers (up to 6 pages). All the accepted papers will be presented orally in the Workshop sessions. More precisely, the selected papers have been organized in 7 session: Channel access and scheduling, Energy-aware Protocols, QoS in Mobile Ad-Hoc networks, Multihop Performance Issues, Wireless Internet, Applications and finally Security Issues. The papers (and authors) come from all parts of the world, confirming the international stature of this Workshop. The majority of the contributions are from Europe (France, Germany, Greece, Italy, Netherlands, Norway, Switzerland, UK). However, a significant number is from Australia, Brazil, Canada, Iran, Korea and USA. The proceedings also include two invited papers. We take this opportunity to thank all the authors who submitted their papers to WONS 2006. You helped make this event again a success

Private and censorship-resistant communication over public networks

Society’s increasing reliance on digital communication networks is creating unprecedented opportunities for wholesale surveillance and censorship. This thesis investigates the use of public networks such as the Internet to build robust, private communication systems that can resist monitoring and attacks by powerful adversaries such as national governments. We sketch the design of a censorship-resistant communication system based on peer-to-peer Internet overlays in which the participants only communicate directly with people they know and trust. This ‘friend-to-friend’ approach protects the participants’ privacy, but it also presents two significant challenges. The first is that, as with any peer-to-peer overlay, the users of the system must collectively provide the resources necessary for its operation; some users might prefer to use the system without contributing resources equal to those they consume, and if many users do so, the system may not be able to survive. To address this challenge we present a new game theoretic model of the problem of encouraging cooperation between selfish actors under conditions of scarcity, and develop a strategy for the game that provides rational incentives for cooperation under a wide range of conditions. The second challenge is that the structure of a friend-to-friend overlay may reveal the users’ social relationships to an adversary monitoring the underlying network. To conceal their sensitive relationships from the adversary, the users must be able to communicate indirectly across the overlay in a way that resists monitoring and attacks by other participants. We address this second challenge by developing two new routing protocols that robustly deliver messages across networks with unknown topologies, without revealing the identities of the communication endpoints to intermediate nodes or vice versa. The protocols make use of a novel unforgeable acknowledgement mechanism that proves that a message has been delivered without identifying the source or destination of the message or the path by which it was delivered. One of the routing protocols is shown to be robust to attacks by malicious participants, while the other provides rational incentives for selfish participants to cooperate in forwarding messages

A trading model and security regime for mobile e-commerce via ad hoc wireless networking

Ad hoc wireless networking offers mobile computer users the prospect of trading with others in their vicinity anywhere anytime. This thesis explores the potential for developing such trading applications. A notable difficulty in designing their security services is being unable to use trusted parties. No one can be guaranteed present in each ad hoc wireless network session. A side benefit is that their costs don't have to be paid for. A reference model is defined for ad hoc m-commerce and a threat model is for- mulated of its security vulnerabilities. They are used to elicit security objectives and requirements for such trading systems. Possible countermeasures to address the threats are critically analysed and used to design security services to mitigate them. They include a self-organised P2P identity support scheme using PGP cer- tificates; a distributed reputation system backed by sanctions; a group membership service based on membership vouchers, quorate decisions by some group members and partial membership lists; and a security warning scheme. Security analysis of the schemes shows that they can mitigate the threats to an adequate degree to meet the trading system's security objectives and requirements if users take due care when trading within it. Formal verification of the system shows that it satisfies certain safety properties

車両・無人航空機を活用した災害時情報共有のためのDTNプロトコル

電気通信大学202

Estabelecimento de redes de comunidades sobreponíveis

Doutoramento em Engenharia InformáticaUma das áreas de investigação em Telecomunicações de interesse crescente prende-se com os futuros sistemas de comunicações móveis de 4a geração e além destes. Nos últimos anos tem sido desenvolvido o conceito de redes comunitárias, no qual os utilizadores se agregam de acordo com interesses comuns. Estes conceitos têm sido explorados de uma forma horizontal em diferentes camadas da comunicação, desde as redes comunitárias de comunicação (Seattle Wireless ou Personal Telco, p.ex.) até às redes de interesses peer-to-peer. No entanto, estas redes são usualmente vistas como redes de overlay, ou simplesmente redes de associação livre. Na prática, a noção de uma rede auto-organizada, completamente orientada ao serviço/comunidade, integralmente suportada em termos de arquitetura, não existe. Assim este trabalho apresenta uma realização original nesta área de criação de redes comunitárias, com uma arquitetura subjacente orientada a serviço, e que suporta integralmente múltiplas redes comunitárias no mesmo dispositivo, com todas as características de segurança, confiança e disponibilização de serviço necessárias neste tipo de cenários (um nó pode pertencer simultaneamente a mais do que uma rede comunitária). Devido à sua importância para os sistemas de redes comunitárias, foi dado particular atenção a aspetos de gestão de recursos e controlo de acessos. Ambos realizados de uma forma descentralizada e considerando mecanismos dotados de grande escalabilidade. Para isso, é apresentada uma linguagem de políticas que suporta a criação de comunidades virtuais. Esta linguagem não é apenas utilizada para o mapeamento da estrutura social dos membros da comunidade, como para, gerir dispositivos, recursos e serviços detidos pelos membros, de uma forma controlada e distribuída.One of the research areas with increasing interest in the field of telecommunications, are the ones related to future telecommunication systems, both 4th generation and beyond. In parallel, during the last years, several concepts have been developed related to clustering of users according to their interested, in the form of community networks. Solutions proposed for these concepts tackle the challenges horizontally, for each layer of the communication stack, ranging from community based communication networks (e.g. Seattle Wireless, or Personal Telco), to interest networks based on peer-to-peer protocols. However, these networks are presented either as free joining, or overlay networks. In practice, the notion of a self-organized, service and community oriented network, with these principles embedded in its design principles, is yet to be developed. This work presents an novel instantiation of a solution in the area of community networks, with a underlying architecture which is fully service oriented, and envisions the support for multiple community networks in the same device. Considerations regarding security, trust and service availability for this type of environments are also taken. Due to the importance of resource management and access control, in the context of community driven communication networks, a special focus was given to the support of scalable and decentralized management and access control methods. For this purpose, it is presented a policy language which supports the creation and management of virtual communities. The language is not only used for mapping the social structure of the community members, but also to, following a distributed approach, manage devices, resources and services owned by each community member