How to Specify and How to Prove Correctness of Secure Routing Protocols for MANET

Secure routing protocols for mobile ad hoc networks have been developed recently, yet, it has been unclear what are the properties they achieve, as a formal analysis of these protocols is mostly lacking. In this paper, we are concerned with this problem, how to specify and how to prove the correctness of a secure routing protocol. We provide a definition of what a protocol is expected to achieve independently of its functionality, as well as communication and adversary models. This way, we enable formal reasoning on the correctness of secure routing protocols. We demonstrate this by analyzing two protocols from the literature

VANET Connectivity Analysis

Vehicular Ad Hoc Networks (VANETs) are a peculiar subclass of mobile ad hoc networks that raise a number of technical challenges, notably from the point of view of their mobility models. In this paper, we provide a thorough analysis of the connectivity of such networks by leveraging on well-known results of percolation theory. By means of simulations, we study the influence of a number of parameters, including vehicle density, proportion of equipped vehicles, and radio communication range. We also study the influence of traffic lights and roadside units. Our results provide insights on the behavior of connectivity. We believe this paper to be a valuable framework to assess the feasibility and performance of future applications relying on vehicular connectivity in urban scenarios

A Micro-Payment Scheme Encouraging Collaboration in Multi-Hop Cellular Networks

We propose a micro-payment scheme for multi-hop cellular networks that encourages collaboration in packet forwarding by letting users benefit from relaying others` packets. At the same time as proposing mechanisms for detecting and rewarding collaboration, we introduce appropriate mechanisms for detecting and punishing various forms of abuse. We show that the resulting scheme -- which is exceptionally light-weight -- makes collaboration rational and cheating undesirable

A Survey of Distributed Enterprise Network and Systems Management Paradigms

Since the mid 1990s, network and systems management has steadily evolved from centralized paradigms, where the management application runs on a single management station, to distributed paradigms, where it is distributed over many nodes. In this survey, our goal is to classify all these paradigms, especially the new ones, in order to help network and systems administrators design a management application, and choose between mobile code, distributed objects, intelligent agents, etc. Step by step, we build an enhanced taxonomy based on four criteria: the delegation granularity, the semantic richness of the information model, the degree of specification of a task, and the degree of automation of management

A programmable architecture for the provision of hybrid services

The success of new service provision platforms will largely depend on their ability to blend with existing technologies. The advent of Internet telephony, although impressive, is unlikely to make telephone customers suddenly turn in favor of computers. Rather, customers display increasing interest in services that span multiple networks (especially Internet Protocol-based networks and the telephone and cellular networks) and open new vistas. We refer to these services as hybrid services and propose an architecture for their provision. This architecture allows for programming the service platform elements (i.e., network nodes, gateways, control servers, and terminals) in order to include new service logics. We identify components that can be assembled to build these logics by considering a service as a composition of features such as address translation, security, call control, connectivity, charging and user interaction. Generic service components are derived from the modeling of these features. We assure that our proposal can be implemented even in existing systems in return for slight changes: These systems are required to generate an event when a special service is encountered. The treatment of this event is handled by an object at a Java Service Layer. Java has been chosen for its platform-neutrality feature and its embedded security mechanisms. Using our architecture, we design a hybrid closed user group service

Secure Vehicular Communication Systems: Implementation, Performance, and Research Challenges

Vehicular Communication (VC) systems are on the verge of practical deployment. Nonetheless, their security and privacy protection is one of the problems that have been addressed only recently. In order to show the feasibility of secure VC, certain implementations are required. In [1] we discuss the design of a VC security system that has emerged as a result of the European SeVeCom project. In this second paper, we discuss various issues related to the implementation and deployment aspects of secure VC systems. Moreover, we provide an outlook on open security research issues that will arise as VC systems develop from today's simple prototypes to full-fledged systems

PAN: Providing Reliable Storage in Mobile Ad Hoc Networks with Probabilistic Quorum Systems

Reliable storage of data with concurrent read/write accesses (or query/update) is an ever recurring issue in distributed settings. In mobile ad hoc networks, the problem becomes even more challenging due to highly dynamic and unpredictable topology changes. It is precisely this unpredictability that makes probabilistic protocols very appealing for such environments. Inspired by the principles of probabilistic quorum systems, we present a Probabilistic quorum system for Ad hoc Networks (PAN), a collection of protocols for the reliable storage of data in mobile ad hoc networks. Our system behaves in a predictable way due to the gossip-based diffusion mechanism applied for quorum accesses, and the protocol overhead is reduced by adopting an asymmetric quorum construction. We present an analysis of our PAN system, in terms of both reliability and overhead, which can be used to fine tune protocol parameters to obtain the desired tradeoff between efficiency and fault tolerance. We confirm the predictability and tunability of PAN through simulations with ns-2

SmarPer: Context-Aware and Automatic Runtime-Permissions for Mobile Devices

Permission systems are the main defense that mobile platforms, such as Android and iOS, offer to users to protect their private data from prying apps. However, due to the tension between usability and control, such systems have several limitations that often force users to overshare sensitive data. In this work, we address some of these limitations with SmarPer, an advanced permission mechanism for Android. First, to address the rigidity of current permission systems and their poor matching of users' privacy preferences, SmarPer relies on contextual information and machine learning to predict permission decisions at runtime. Using our SmarPer implementation, we collected 8,521 runtime permission decisions from 41 participants in real conditions. Note that the goal of SmarPer is to mimic the users decisions, not to make privacy-preserving decisions per se. With this unique data set, we show that tting an efcient Bayesian linear regression model results in a mean correct classication rate of 80% (3%). This represents a mean relative improvement of 50% over a user-dened static permission policy, i.e., the model used in current permission systems. Second, SmarPer also focuses on the suboptimal trade-off between privacy and utility; instead of only “allow” or “deny” decisions, SmarPer also offers an “obfuscate” option where users can still obtain utility by revealing partial information to apps. We implemented obfuscation techniques in SmarPer for different data types and evaluated them during our data collection campaign. Our results show that 73% of the participants found obfuscation useful and it accounted for almost a third of the total number of decisions. In short, we are the first to show, using a large dataset of real in situ permission decisions, that it is possible to learn users’ unique decision patterns at runtime using contextual information while supporting data obfuscation; this an important step towards automating the management of permissions in smartphones

A Survey of Distributed Network and Systems Management Paradigms

Since the mid 1990s, network and systems management has steadily evolved from a centralized paradigm, where all the management processing takes place in a single management station, to distributed paradigms, where management is distributed over a potentially large number of nodes. Some of these paradigms, epitomized by the SNMPv2 and CMIP protocols, have been around for several years, whereas a flurry of new ones, based on mobile code, distributed objects or intelligent agents, only recently emerged. The goal of this survey is to classify all major network and systems management paradigms known to date, in order to help network and systems administrators design a management application. In the first part of the survey, we present a simple typology, based on a single criterion: the organizational model. In this typology, all paradigms are grouped into four types: centralized paradigms, weakly distributed hierarchical paradigms, strongly distributed hierarchical paradigms and cooperative paradigms. In the second part of the survey, we gradually build an enhanced typology, based on four criteria: delegation granularity, semantic richness of the information model, degree of specification of a task, and degree of automation of management. Finally, we show how to use our typologies to select a management paradigm in a given context. KEYWORDS Distributed Network Management, Distributed Systems Management, Integrated Management, Mobile Code, Distributed Objects, Intelligent Agents, Typology