research-article

Secure communication for ad-hoc, federated groups

Authors:

Andreas Sjöholm,

Babak SadighiAuthors Info & Claims

IDtrust '08: Proceedings of the 7th symposium on Identity and trust on the Internet

Pages 48 - 58

https://doi.org/10.1145/1373290.1373298

Published: 04 March 2008 Publication History

Abstract

Ad-hoc federated groups are getting increasingly popular as means of addressing collaborative tasks that require information sharing. However, in some application scenarios, the security of the shared information is vital. Managing the communication security of such groups in an efficient way is a difficult task.

This paper presents an architecture that enables secure communication for ad-hoc, cross-organisational groups. Our architecture covers group admission control, group key management and secure group communication. The groups in question are expected to be ad-hoc groups where the potential participants have no prior knowledge of each other and thus federation mechanisms need to be used to establish group admission rights. In order to handle group admission we use the SAML and XACML standards, for group key management we use the TGDH protocol. Our approach thus supports decentralised management of the most important tasks in secure group communication using an integrated approach based on established security standards. We have also produced a demo implementation to show the feasibility of our architecture.

This research was pursued as part of the TrustDis project funded by the Swedish Governmental Agency for Innovation Systems (Vinnova).

References

[1]

A. Sjöholm. Secure Group Management in Dynamic Networks. Master Thesis at Department of Computer and System Sciences, Royal Institute of Technology, Stockholm, Sweden, 2008.

[2]

D. Agarwal, O. Chevassut, M. Thompson, and G. Tsudik. An Integrated Solution for Secure Group Communication in Wide-Area Networks. In Proceedings of the Sixth IEEE Symposium on Computers and Communications (ISCC'01), Hammamet, Tunisia, July 2001. IEEE Computer Society.

Digital Library

[3]

A. Anderson. Xacml References and Products, Version 1.83, January 2007. http://docs.oasis-open.org/xacml/xacmlRefs.html.

[4]

S. Cantor, J. Kemp, R. Philpott, and E. Maler Eds. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) v2.0. Standard, Organization for the Advancement of Structured Information Standards (OASIS), March 2005. http://www.oasis-open.org.

[5]

A. Chan and E. Rogers. Distributed Symmetric Key Management for Mobile Ad hoc Networks. In Twenty-third Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), volume 4, pages 2414--2424, Hong Kong, China, March 2004. IEEE Computer Society.

[6]

S. Godik and T. Moses Eds. eXtensible Access Control Markup Language (XACML). Standard, Organization for the Advancement of Structured Information Standards (OASIS), February 2003. http://www.oasis-open.org/committees/xacml.

[7]

P. Judge and M. Ammar. GOTHIC: A Group Access Control Architecture for Secure Multicast and Anycast. In Proceedings of the 21st Annual Joint Conference of the IEEE Computer and Communications INFOCOM, volume 3, pages 1547--1556, New York, USA, June 2002. IEEE Computer Society.

[8]

Y. Kim, D. Mazzocchi, and G. Tsudik. Admission Control in Peer Groups. In Proceedings of the Second IEEE International Symposium on Network Computing and Applications, pages 131--139, Cambridge, MA, USA, April 2003. IEEE Computer Society.

Digital Library

[9]

Y. Kim, A. Perrig, and G. Tsudik. Tree-based Group Key Agreement. ACM Trans. Inf. Syst. Secur., 7(1):60--96, 2004.

Digital Library

[10]

J. Kohl and C. Neuman. The Kerberos Network Authentication Service (V5). Technical report, The Internet Engineering Task Force IETF, 1993. http://www.ietf.org/rfc/rfc1510.txt.

[11]

Y. Mao, Y. Sun, M. Wu, and R. Liu. Dynamic Join-Exit Amortization and Scheduling for Time-Efficient Group Key Agreement. In Twenty-third Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), volume 4, pages 2617--2627, Hong Kong, China, March 2004. IEEE Computer Society.

[12]

B. Martin and B. Jano Eds. Wap binary xml content format. W3c recommendation, World Wide Web Consortium, June 1999. http://www.w3.org/TR/wbxml/.

[13]

E. Rissanen, H. Lockhart, and T. Moses Eds. XACML v3.0 administrative policy. Standard, Organization for the Advancement of Structured Information Standards (OASIS), June 2006. http://www.oasis-open.org/committees/xacml.

[14]

J. Vollbrecht, P. Calhoun, S. Farrell, L. Gommans, G. Gross, B. de Bruijn, C. de Laat, M. Holdrege, and D. Spence. AAA Authorization Framework. Request For Comments (RFC) 2904, Internet Engineering Task Force (IETF), August 2000. http://www.ietf.org/rfc/rfc2904.txt.

Digital Library

[15]

W. Wang and B. Bhargava. Key Distribution and Update for Secure Inter-group Multicast Communication. In Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks (SASN), pages 43--52, Alexandria, VA, USA, 2005. ACM.

Digital Library

[16]

W. Yu, Y. Sun, and R. Liu. Minimization of Rekeying Cost for Contributory Group Communications. In Proceedings of Global Telecommunications Conference GLOBECOM, volume 3, pages 1716--1720, St. Louis, MO, USA, November 2005. IEEE Computer Society.

Cited By

Osman HTaylor H(2010)Managing group membership in ad hoc m-commerce trading systems2010 10th Annual International Conference on New Technologies of Distributed Systems (NOTERE)10.1109/NOTERE.2010.5536717(173-180)Online publication date: May-2010
https://doi.org/10.1109/NOTERE.2010.5536717
Ren RBoukerche BMokdad M(2010)A novel framework of secure network management for wireless and mobile networksProceedings of the 2010 IEEE 35th Conference on Local Computer Networks10.1109/LCN.2010.5735793(676-683)Online publication date: 10-Oct-2010
https://dl.acm.org/doi/10.1109/LCN.2010.5735793
Ren YBoukerche APazzi R(2010)Performance Evaluation of a Hybrid Cryptosystem with Authentication for Wireless Ad hoc Networks2010 IEEE Global Telecommunications Conference GLOBECOM 201010.1109/GLOCOM.2010.5684001(1-5)Online publication date: Dec-2010
https://doi.org/10.1109/GLOCOM.2010.5684001
Show More Cited By

Index Terms

Secure communication for ad-hoc, federated groups
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

A role-based XACML administration and delegation profile and its enforcement architecture
SWS '09: Proceedings of the 2009 ACM workshop on Secure web services

The OASIS technical committee published the XACML v3.0 administration and delegation profile (XACML-Admin) working draft on 16 April 2009 [3] in order to provide policy administration and dynamic delegation services to the XACML runtime. We enhance this ...
A network access control approach based on the AAA architecture and authorization attributes

Network access control mechanisms constitute an increasingly needed service, when communications are becoming more and more ubiquitous thanks to some technologies such as wireless networks or Mobile IP. This paper presents a particular scenario where ...
An XML standards based authorization framework for mobile agents
MADNES'05: Proceedings of the First international conference on Secure Mobile Ad-hoc Networks and Sensors

An outstanding security problem in mobile agent systems is resource access control, or authorization in its broader sense. In this paper we present an authorization framework for mobile agents. The system takes as a base distributed RBAC policies ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

IDtrust '08: Proceedings of the 7th symposium on Identity and trust on the Internet

March 2008

149 pages

ISBN:9781605580661

DOI:10.1145/1373290

General Chair:
Ken Klingenstein
Internet2
,
Program Chair:
Kent Seamons
Brigham Young University

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Internet2
The National Institute of Standards and Technology
OASIS IDtrust Member Section
FPKIPA: Federal Public Key Infrastructure Policy Authority

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 March 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

IDtrust 2008

Sponsor:

FPKIPA

IDtrust 2008: 7th Symposium on Identity and Trust on the Internet

March 4 - 6, 2008

Maryland, Gaithersburg, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
274
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 27 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Osman HTaylor H(2010)Managing group membership in ad hoc m-commerce trading systems2010 10th Annual International Conference on New Technologies of Distributed Systems (NOTERE)10.1109/NOTERE.2010.5536717(173-180)Online publication date: May-2010
https://doi.org/10.1109/NOTERE.2010.5536717
Ren RBoukerche BMokdad M(2010)A novel framework of secure network management for wireless and mobile networksProceedings of the 2010 IEEE 35th Conference on Local Computer Networks10.1109/LCN.2010.5735793(676-683)Online publication date: 10-Oct-2010
https://dl.acm.org/doi/10.1109/LCN.2010.5735793
Ren YBoukerche APazzi R(2010)Performance Evaluation of a Hybrid Cryptosystem with Authentication for Wireless Ad hoc Networks2010 IEEE Global Telecommunications Conference GLOBECOM 201010.1109/GLOCOM.2010.5684001(1-5)Online publication date: Dec-2010
https://doi.org/10.1109/GLOCOM.2010.5684001
Griffin Lde Leastar E(2009)Social networking healthcareProceedings of the 6th International Workshop on Wearable, Micro, and Nano Technologies for Personalized Health10.1109/PHEALTH.2009.5754825(75-78)Online publication date: Jun-2009
https://doi.org/10.1109/PHEALTH.2009.5754825

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten