D11.1: Collection of Topics and Clusters of Mobility and Identity – Towards a Taxonomy of Mobility and Identity

Title: NETWORKS

As described in the previous section, in order to provide security (including anonymity) mobile ad hoc networks need some kind of security framework that includes the ability to uniquely identify users. A number of such proposals have been published in recent years, which can be classified according to the following taxonomy. In all these groups, the user’s identities could be based on, for instance, certificates, public/private key pairs or anonymous credentials:

1. Security models that assume that mobile ad hoc networks connect periodically (or at least occasionally) to an established infrastructure such as the Internet. Therefore, it is possible to rely on the established security infrastructure that already exists in the Internet, such as a PKI (Public Key Infrastructure). Security schemes in this group include (Kargl et al., 2004), for instance.

1. Security models that assume some centralised control for a certain number of devices, such as personal Certificates Authorities (CA) and repositories. They assume that one or more devices have a special role in the network, such as issuing certificates and publishing revocation lists, for instance. Solutions such as the Resurrecting Duckling model (Stajano, Anderson, 1999; Stajano, 2000) are based on a central device that controls the network. In Martucci, et al. (Martucci, et al. 2004), a security architecture is presented using multiple CA-like devices that control and secure a service-oriented ad hoc network belonging to a single entity, such as a home user or an enterprise. These solutions can operate isolated from an established infrastructure, although one or more nodes play a special role regarding security in the mobile ad hoc network, such as issuing certificates or building a network awareness regarding trust levels, for instance.

1. Security models that are based on threshold cryptography correspond to the third group. In this approach, a set of ad hoc network devices has parts of a private key that is used to issue digital certificates. As long as a sufficient part of these nodes is the network range, digital certificates can be issued. Threshold cryptography was first proposed in the context of ad hoc networks in Zhou and Haas (Zhou, Haas, 1999) and later improved in Luo et al. (Luo et al., 2002). How many nodes and which nodes are needed to issue a certificate is usually implementation dependent. As in the previous group, some nodes play a special role in the mobile ad hoc network.

1. The last group is PGP-like (Pretty Good Privacy) security models. They assume that every device has one or more public/private key pair (see FIDIS Deliverable D3.2 for more information) and that every device can issue its own certificates and distribute them in the mobile ad hoc network. Security often relies on the concept of web of trust. Such solutions are distributed enough to operate in complete isolation from any deployed infrastructure. Public key repositories are not allowed as part of proposed models in this group (otherwise it is not classified as part of this group). PGP-like solutions can be found in papers such as Hubaux et al. (Hubaux et al., 2001) and Capkun et al. (Capkun et al., 2003).