Abstract
In ad-hoc networks and other highly distributed and decentralized environments, authorization certificates can be used to control access. Moreover, it is possible to delegate rights listed in the certificate to another users. Several such subsequent delegations build a chain of certificates. Chains of delegation certificates can improve the capability and manageability of systems. Distributed group membership management, i.e. managing groups of users in a distributed environment, utilizes the efficiency of certificate chains. Adding, removing as well as authentication of users is managed by chains of delegation certificates. On the other hand, the size of certificate chains could be too long to be usable. In this paper we take a look at distributed group membership management based on delegation certificates. Then we present a new kind of certificate, the implanted chain certificate, and its characteristics. With this new kind of certificate the verification time of a certificate chain can be decreased without losing delegation information. Finally, we compare our verification method to reduce the time of verification.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
T. Aura, C. Ellison. “Privacy and Accountability in Certificate Systems.” Research Report A61, Laboratory for Theoretical Computer Science, Helsinki University of Technology, Espoo, Finland, April 2000.
T. Aura, S. Maki. “Towards a survivable security architecture for ad-hoc networks.” In Proc. Security Protocols, 9th International Workshop, LNCS No. 2467, pp. 63–79, Cambridge, UK, April 2001
C. Ellison, B. Franz, B. Lampson, R. Rivest, B. M. Thomas, T. Ylönen. “SPKI certificate theory.” RFC 2693, IETF Network Working Group, September 1999.
S. L. Keoh, E. Lupu. “Towards Flexible Credential Verification in Mobile Ad-hoc Networks.” Proceedings of the Second SIGACT International Workshop on Principle of Mobile Computing (POMC 02), Toulouse, France, October 2002.
J. Kong, P. Zerfos, H. Luo, S. Lu, L. Zhang. “Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks,” International Conference on Network Protocols (ICNP), pp. 251–260, 2001.
A. Levi, M. U. Caglayan. “An Efficient, Dynamic and Trust Preserving Public Key Infrastructure”, Proceedings of 2000 IEEE Symposium on Security and Privacy, pp. 203–214, Oakland, CA, USA, May 2000.
B. Lee, K. Kim, M. Seo, W. Huh. “Efficient Offline Path Validation”, First International Workshop for Asian Public Key Infrastructure (IWAP2001), pp. 117–125, October 2001
H. Luo, S. Lu. “Ubiquitous and Robust Authentication Services for Ad Hoc Wireless Networks.” Technical Report TR-200030, Dept. of Computer Science, UCLA, 2000.
S. Maki, T. Aura, M. Hietalahti. “Robust Membership Management for Ad-hoc Groups.” Proceedings of the 5th Nordic Workshop on Secure IT Systems (NORDSEC 2000).
A. Shamir. “How to Share a Secret.” Communications of the ACM, 22(11), pp. 612–613, November 1979.
S. Yi, R. Kravets. “MOCA: Mobile Certificate Authority for Wireless Ad Hoc Networks”, 2nd Annual PKI Research Workshop Program (PKI 03), Gaithersburg, Maryland, April, 2003.
P. R. Zimmermann, “The Official PGP User’s Guide”, MIT Press, 1995.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer Science + Business Media, Inc.
About this paper
Cite this paper
Huraj, L., Reiser, H. (2004). Efficient Verification of Delegation in Distributed Group Membership Management. In: Farkas, C., Samarati, P. (eds) Research Directions in Data and Applications Security XVIII. IFIP International Federation for Information Processing, vol 144. Springer, Boston, MA. https://doi.org/10.1007/1-4020-8128-6_18
Download citation
DOI: https://doi.org/10.1007/1-4020-8128-6_18
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4020-8127-9
Online ISBN: 978-1-4020-8128-6
eBook Packages: Springer Book Archive