The quest for security in mobile ad hoc networks
MobiHoc '01 Proceedings of the 2nd ACM international symposium on Mobile ad hoc networking & computing
COCA: A secure distributed online certification authority
ACM Transactions on Computer Systems (TOCS)
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Self-Organized Public-Key Management for Mobile Ad Hoc Networks
IEEE Transactions on Mobile Computing
Supporting Cooperative Caching in Ad Hoc Networks
IEEE Transactions on Mobile Computing
Performance evaluation on CRL distribution using flooding in mobile ad hoc networks (MANETs)
Proceedings of the 43rd annual Southeast regional conference - Volume 2
Integrating a trust framework with a distributed certificate validation scheme for MANETs
EURASIP Journal on Wireless Communications and Networking
Certificate status validation in mobile ad hoc networks
IEEE Wireless Communications
IEEE Network: The Magazine of Global Internetworking
BECSI: Bandwidth efficient certificate status information distribution mechanism for VANETs
Mobile Information Systems
Hi-index | 0.00 |
Certificate status validation is a hard problem in general but it is particularly complex in Mobile Ad-hoc Networks (MANETs) because we require solutions to manage both the lack of fixed infrastructure inside the MANET and the possible absence of connectivity to trusted authorities when the certification validation has to be performed. In this sense, certificate acquisition is usually assumed as an initialization phase. However, certificate validation is a critical operation since the node needs to check the validity of certificates in real-time, that is, when a particular certificate is going to be used. In such MANET environments, it may happen that the node is placed in a part of the network that is disconnected from the source of status data at the moment the status checking is required. Proposals in the literature suggest the use of caching mechanisms so that the node itself or a neighbour node has some status checking material (typically on-line status responses or lists of revoked certificates). However, to the best of our knowledge the only criterion to evaluate the cached (obsolete) material is the time. In this paper, we analyse how to deploy a certificate status checking PKI service for hybrid MANET and we propose a new criterion based on risk to evaluate cached status data that is much more appropriate and absolute than time because it takes into account the revocation process.