13 research outputs found
Security in Distributed, Grid, Mobile, and Pervasive Computing
This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security
Mobile Ad Hoc Networks
Guiding readers through the basics of these rapidly emerging networks to more advanced concepts and future expectations, Mobile Ad hoc Networks: Current Status and Future Trends identifies and examines the most pressing research issues in Mobile Ad hoc Networks (MANETs). Containing the contributions of leading researchers, industry professionals, and academics, this forward-looking reference provides an authoritative perspective of the state of the art in MANETs. The book includes surveys of recent publications that investigate key areas of interest such as limited resources and the mobility of mobile nodes. It considers routing, multicast, energy, security, channel assignment, and ensuring quality of service. Also suitable as a text for graduate students, the book is organized into three sections: Fundamentals of MANET Modeling and Simulation—Describes how MANETs operate and perform through simulations and models Communication Protocols of MANETs—Presents cutting-edge research on key issues, including MAC layer issues and routing in high mobility Future Networks Inspired By MANETs—Tackles open research issues and emerging trends Illustrating the role MANETs are likely to play in future networks, this book supplies the foundation and insight you will need to make your own contributions to the field. It includes coverage of routing protocols, modeling and simulations tools, intelligent optimization techniques to multicriteria routing, security issues in FHAMIPv6, connecting moving smart objects to the Internet, underwater sensor networks, wireless mesh network architecture and protocols, adaptive routing provision using Bayesian inference, and adaptive flow control in transport layer using genetic algorithms
Mobile Ad Hoc Networks
Guiding readers through the basics of these rapidly emerging networks to more advanced concepts and future expectations, Mobile Ad hoc Networks: Current Status and Future Trends identifies and examines the most pressing research issues in Mobile Ad hoc Networks (MANETs). Containing the contributions of leading researchers, industry professionals, and academics, this forward-looking reference provides an authoritative perspective of the state of the art in MANETs. The book includes surveys of recent publications that investigate key areas of interest such as limited resources and the mobility of mobile nodes. It considers routing, multicast, energy, security, channel assignment, and ensuring quality of service. Also suitable as a text for graduate students, the book is organized into three sections: Fundamentals of MANET Modeling and Simulation—Describes how MANETs operate and perform through simulations and models Communication Protocols of MANETs—Presents cutting-edge research on key issues, including MAC layer issues and routing in high mobility Future Networks Inspired By MANETs—Tackles open research issues and emerging trends Illustrating the role MANETs are likely to play in future networks, this book supplies the foundation and insight you will need to make your own contributions to the field. It includes coverage of routing protocols, modeling and simulations tools, intelligent optimization techniques to multicriteria routing, security issues in FHAMIPv6, connecting moving smart objects to the Internet, underwater sensor networks, wireless mesh network architecture and protocols, adaptive routing provision using Bayesian inference, and adaptive flow control in transport layer using genetic algorithms
SEMAN - uma proposta de Middleware seguro para as redes ad hoc móveis
Orientador : Prof. Dr. Luiz Carlos Pessoa AlbiniTese (doutorado) - Universidade Federal do Paraná, Setor de Ciências Exatas, Programa de Pós-Graduação em Ciência da Computação. Defesa: Curitiba, 04/04/2014Inclui referênciasResumo: Devido às particularidades das redes ad hoc móveis (MANETs - Mobile Ad Hoc Networks), como a topologia dinâmica, a ausência de infraestrutura e a sua característica decentralizada, a implementação de aplicações complexas e flexíveis para estas redes torna-se um desafio. Para permitir o desenvolvimento dessas aplicações, diversas soluções de middleware foram propostas. Contudo, as soluções encontradas não consideram plenamente os requisitos de segurança dessas redes. Este trabalho apresenta um estudo dos middlewares propostos para as MANETs, relatando o seu funcionamento e apresentando um comparativo das funcionalidades disponíveis. Esses middlewares são categorizados de acordo com a seguinte classificação, proposta neste trabalho: baseados em espaços de tuplas, baseados em P2P, baseados em contexto, cross-layer e orientados à aplicação. Em seguida, com base nas limitações estudadas, é proposto um novo middleware de segurança para as MANETs, chamado de SEcure Middleware for Ad hoc Mobile Networks (SEMAN - Middleware seguro para as redes ad hoc móveis), que fornece um conjunto de serviços de segurança para facilitar o desenvolvimento de aplicações distribuídas, complexas e flexíveis. Para fornecer tais serviços e garantir a segurança, o SEMAN considera o contexto das aplicações e organiza os nós em grupos, também baseados nesses contextos. O middleware prevê três módulos: serviço, processamento e segurança. O módulo de serviço é responsável por manter todos os serviços e aplicações que são disponibilizados pelo nó hospedeiro a outros nós da rede. O módulo de processamento é responsável por manter o funcionamento central do middleware, atendendo os pedidos e gerenciando o registro dos serviços e componentes disponíveis. O módulo de segurança é o ponto principal do middleware e o foco desta tese. Ele possui os componentes de gerenciamento de chaves, de confiança e de grupos. Todos esses componentes foram desenvolvidos pelo autor e são descritos neste trabalho. Eles são suportados por um núcleo de operações criptográficas e atuam de acordo com regras e políticas de segurança. A integração desses componentes fornece garantias de segurança contra ataques às aplicações que utilizam o middleware.Abstract: Due to the particularities of Mobile Ad Hoc Networks (MANETs), as their dynamic topology, lack of infrastructure and decentralized characteristic, the implementation of complex and flexible applications is a challenge. To enable the deployment of these applications, several middleware solutions were proposed. However, these solutions do not completely consider the security requirements of these networks. This thesis presents middleware solutions for MANETs, by describing their operations and presenting a comparative of the available functionalities. The middlewares were grouped according to this classification: tuple space-based, P2P-based, context-based, cross-layer and applicationoriented. Then, based on the limitations of the studied solutions, a new secure middleware is proposed, called SEcure Middleware for Ad hoc Networks (SEMAN), which provides a set of basic and secure services to MANETs aiming to facilitate the development of distributed, complex and flexible applications. To provide such services and ensure security to the applications, SEMAN considers the context of applications and organizes nodes into groups, also based on these contexts. The middleware includes three modules: service, processing, and security. Service module is responsible for maintaining all services and applications hosted by nodes. The processing module is responsible for maintaining the middleware core operation, listening the requests and managing the registry of available services and components. The security module is the main part of the middleware and the focus of this thesis. It has the following components: key management, trust management and group management. All these components were developed and are described in this work. They are supported by a cryptographic core and behave according to security rules and policies. The integration of these components provides security assurance against attacks to the applications that use the middleware
A policy-based security framework for ad-hoc networks
Imperial Users onl
Proceedings of the Third Edition of the Annual Conference on Wireless On-demand Network Systems and Services (WONS 2006)
Ce fichier regroupe en un seul documents l'ensemble des articles accéptés pour la conférences WONS2006/http://citi.insa-lyon.fr/wons2006/index.htmlThis year, 56 papers were submitted. From the Open Call submissions we accepted 16 papers as full papers (up to 12 pages) and 8 papers as short papers (up to 6 pages). All the accepted papers will be presented orally in the Workshop sessions. More precisely, the selected papers have been organized in 7 session: Channel access and scheduling, Energy-aware Protocols, QoS in Mobile Ad-Hoc networks, Multihop Performance Issues, Wireless Internet, Applications and finally Security Issues. The papers (and authors) come from all parts of the world, confirming the international stature of this Workshop. The majority of the contributions are from Europe (France, Germany, Greece, Italy, Netherlands, Norway, Switzerland, UK). However, a significant number is from Australia, Brazil, Canada, Iran, Korea and USA. The proceedings also include two invited papers. We take this opportunity to thank all the authors who submitted their papers to WONS 2006. You helped make this event again a success
Private and censorship-resistant communication over public networks
Society’s increasing reliance on digital communication networks is creating unprecedented opportunities for wholesale
surveillance and censorship. This thesis investigates the use of public networks such as the Internet to build
robust, private communication systems that can resist monitoring and attacks by powerful adversaries such as national
governments.
We sketch the design of a censorship-resistant communication system based on peer-to-peer Internet overlays in which
the participants only communicate directly with people they know and trust. This ‘friend-to-friend’ approach protects
the participants’ privacy, but it also presents two significant challenges. The first is that, as with any peer-to-peer
overlay, the users of the system must collectively provide the resources necessary for its operation; some users might
prefer to use the system without contributing resources equal to those they consume, and if many users do so, the
system may not be able to survive.
To address this challenge we present a new game theoretic model of the problem of encouraging cooperation between
selfish actors under conditions of scarcity, and develop a strategy for the game that provides rational incentives for
cooperation under a wide range of conditions.
The second challenge is that the structure of a friend-to-friend overlay may reveal the users’ social relationships to
an adversary monitoring the underlying network. To conceal their sensitive relationships from the adversary, the
users must be able to communicate indirectly across the overlay in a way that resists monitoring and attacks by other
participants.
We address this second challenge by developing two new routing protocols that robustly deliver messages across
networks with unknown topologies, without revealing the identities of the communication endpoints to intermediate
nodes or vice versa. The protocols make use of a novel unforgeable acknowledgement mechanism that proves that a
message has been delivered without identifying the source or destination of the message or the path by which it was
delivered. One of the routing protocols is shown to be robust to attacks by malicious participants, while the other
provides rational incentives for selfish participants to cooperate in forwarding messages
A trading model and security regime for mobile e-commerce via ad hoc wireless networking
Ad hoc wireless networking offers mobile computer users the prospect of trading
with others in their vicinity anywhere anytime. This thesis explores the potential
for developing such trading applications. A notable difficulty in designing their
security services is being unable to use trusted parties. No one can be guaranteed
present in each ad hoc wireless network session. A side benefit is that their costs
don't have to be paid for.
A reference model is defined for ad hoc m-commerce and a threat model is for-
mulated of its security vulnerabilities. They are used to elicit security objectives
and requirements for such trading systems. Possible countermeasures to address
the threats are critically analysed and used to design security services to mitigate
them. They include a self-organised P2P identity support scheme using PGP cer-
tificates; a distributed reputation system backed by sanctions; a group membership
service based on membership vouchers, quorate decisions by some group members
and partial membership lists; and a security warning scheme.
Security analysis of the schemes shows that they can mitigate the threats to an
adequate degree to meet the trading system's security objectives and requirements
if users take due care when trading within it. Formal verification of the system
shows that it satisfies certain safety properties
Estabelecimento de redes de comunidades sobreponíveis
Doutoramento em Engenharia InformáticaUma das áreas de investigação em Telecomunicações de interesse crescente
prende-se com os futuros sistemas de comunicações móveis de 4a geração
e além destes. Nos últimos anos tem sido desenvolvido o conceito de redes
comunitárias, no qual os utilizadores se agregam de acordo com interesses
comuns. Estes conceitos têm sido explorados de uma forma horizontal em
diferentes camadas da comunicação, desde as redes comunitárias de comunicação
(Seattle Wireless ou Personal Telco, p.ex.) até às redes de interesses
peer-to-peer. No entanto, estas redes são usualmente vistas como redes de
overlay, ou simplesmente redes de associação livre. Na prática, a noção de
uma rede auto-organizada, completamente orientada ao serviço/comunidade,
integralmente suportada em termos de arquitetura, não existe. Assim este
trabalho apresenta uma realização original nesta área de criação de redes
comunitárias, com uma arquitetura subjacente orientada a serviço, e que suporta
integralmente múltiplas redes comunitárias no mesmo dispositivo, com
todas as características de segurança, confiança e disponibilização de serviço
necessárias neste tipo de cenários (um nó pode pertencer simultaneamente
a mais do que uma rede comunitária). Devido à sua importância para
os sistemas de redes comunitárias, foi dado particular atenção a aspetos de
gestão de recursos e controlo de acessos. Ambos realizados de uma forma
descentralizada e considerando mecanismos dotados de grande escalabilidade.
Para isso, é apresentada uma linguagem de políticas que suporta a
criação de comunidades virtuais. Esta linguagem não é apenas utilizada para
o mapeamento da estrutura social dos membros da comunidade, como para,
gerir dispositivos, recursos e serviços detidos pelos membros, de uma forma
controlada e distribuída.One of the research areas with increasing interest in the field of telecommunications,
are the ones related to future telecommunication systems, both 4th
generation and beyond. In parallel, during the last years, several concepts
have been developed related to clustering of users according to their interested,
in the form of community networks. Solutions proposed for these concepts
tackle the challenges horizontally, for each layer of the communication
stack, ranging from community based communication networks (e.g. Seattle
Wireless, or Personal Telco), to interest networks based on peer-to-peer protocols.
However, these networks are presented either as free joining, or overlay
networks. In practice, the notion of a self-organized, service and community
oriented network, with these principles embedded in its design principles, is
yet to be developed. This work presents an novel instantiation of a solution in
the area of community networks, with a underlying architecture which is fully
service oriented, and envisions the support for multiple community networks
in the same device. Considerations regarding security, trust and service availability
for this type of environments are also taken. Due to the importance of
resource management and access control, in the context of community driven
communication networks, a special focus was given to the support of scalable
and decentralized management and access control methods. For this
purpose, it is presented a policy language which supports the creation and
management of virtual communities. The language is not only used for mapping
the social structure of the community members, but also to, following
a distributed approach, manage devices, resources and services owned by
each community member