Trusted application-centric ad-hoc networks

Gang Xu, Cristian Borcea, Liviu Iftode

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations

Abstract

Nodes in MANETs lack the protection offered by firewalls in infrastructure-based networks because malicious nodes can roam into the vicinity of another node and start launching attacks. This paper presents a distributed mechanism that allows trusted nodes to create protected networks in MANETs. A protected network is created to run a specific application and enforce a common network access control policy associated with that application. To become a member in the protected network, a node has to demonstrate its trustworthiness by proving its ability to enforce policies. Attacks from untrusted nodes are impossible because these nodes are not allowed to establish wireless links with member nodes. Attacks from member nodes are stopped at the originators by the network policy. The trusted execution of all programs involved in policy enforcement is guaranteed by a kernel agent. We demonstrate the correctness of our solution through security analysis and its feasibility through a prototype implementation tested over an IEEE 802.11 ad hoc network.

Original languageEnglish (US)
Title of host publication2007 IEEE Internatonal Conference on Mobile Adhoc and Sensor Systems, MASS
DOIs
StatePublished - 2007
Event2007 IEEE Internatonal Conference on Mobile Adhoc and Sensor Systems, MASS - Pisa, Italy
Duration: Oct 8 2007Oct 11 2007

Publication series

Name2007 IEEE Internatonal Conference on Mobile Adhoc and Sensor Systems, MASS

Other

Other2007 IEEE Internatonal Conference on Mobile Adhoc and Sensor Systems, MASS
Country/TerritoryItaly
CityPisa
Period10/8/0710/11/07

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Control and Systems Engineering

Fingerprint

Dive into the research topics of 'Trusted application-centric ad-hoc networks'. Together they form a unique fingerprint.

Cite this