2nd International ICST Workshop on Cooperative Wireless Communications and Networking

Research Article

Authentication and Services Access Control in a Cooperative Ad hoc Environment

  • @INPROCEEDINGS{10.1109/BROADNETS.2008.4769038,
        author={Hassnaa Moustafa and Gilles Bourdon},
        title={Authentication and Services Access Control in a Cooperative Ad hoc Environment},
        proceedings={2nd International ICST Workshop on Cooperative Wireless Communications and Networking},
        publisher={IEEE},
        proceedings_a={CONET},
        year={2010},
        month={5},
        keywords={Ad hoc Networks Cooperation Authentication Services Access Services Commercialisation.},
        doi={10.1109/BROADNETS.2008.4769038}
    }
    
  • Hassnaa Moustafa
    Gilles Bourdon
    Year: 2010
    Authentication and Services Access Control in a Cooperative Ad hoc Environment
    CONET
    IEEE
    DOI: 10.1109/BROADNETS.2008.4769038
Hassnaa Moustafa1,*, Gilles Bourdon1,*
  • 1: France Telecom R&D (Orange Labs) 38-40 rue de General Leclerc 92794 Issy les Moulineaux-Cedex 9, France
*Contact email: hassnaa.moustafa@orange-ftgroup.com, gilles.bourdon@orange-ftgroup.com

Abstract

Users’ authentication and authorization to services access are two important challenges standing against the deployment of ad hoc networks by networks operators. In this paper we consider ad hoc networks real deployment scenarios, in which advanced services are provided to users (ex, multimedia services, audio-visual services, remote control services), and nodes cooperate allowing services provision to each others in a multi-hop fashion. We propose a novel solution allowing, the mutual authentication of each user with respect to the network operator/service provider, the authentication of each ad hoc node with respect to its neighbors, and the authorization of each user to access the required services (according to the user profile, some services can be offered to him and others could not be). We employ a Kerberos authentication model, extending it to the ad hoc network environment, where the Kerberos server is managed by the network operator/service provider and plays a role of a trusted third party (besides its classical role) for ad hoc nodes. The principle of using tickets (distributed credentials) in Kerberos allows for enforcing the cooperation between nodes and controlling the services access in a distributed manner. A security analysis of the proposed solution shows its efficiency and resistance against a number of attacks. Some issues are also highlighted on the possible business models for ad hoc networks deployment.