1. Field of the Invention
The invention relates generally to ad-hoc networks. More specifically, the invention relates to a method for providing security services for a local ad-hoc network, especially for a mobile ad-hoc network (MANET). The security services here refer to mechanisms that support the accomplishment of authenticity, confidentiality, and/or integrity within the ad-hoc network.
2. Description of the Related Art
The rapid development towards truly mobile computing and ubiquitous networking has brought on the evolvement of so-called ad-hoc networks, which offer unrestricted mobility without any underlying infrastructure. The nodes of an ad-hoc network are often mobile, in which case the network is called a mobile ad-hoc network (MANET). Unlike traditional wireless networks, ad-hoc networks thus lack an underlying infrastructure, such as base stations. Instead, all the nodes of an ad-hoc network share the responsibility of network formation and management. In an ad-hoc network, each node therefore acts as a router transmitting messages to other nodes of the network, and the messages between two nodes located far apart from each are relayed by intermediate ad-hoc nodes. Standalone ad-hoc networks are useful at least whenever it is impossible to use a fixed network infrastructure due to geographical, terrestrial, or time constraints, for example. Local ad-hoc networks can also be integrated into legacy networks, such as mobile networks. The dynamically changing topology of an ad-hoc network sets high requirements for the routing protocols used in the ad-hoc nodes. This is one reason why activities in the development of the ad-hoc networks have for the present related mainly to the routing aspects.
Because of the basic characteristics of the ad-hoc networks, the handling of security aspects also becomes problematic: there is no infrastructure for handling the creation, storage and distribution of security keys, for example. Furthermore, an ad-hoc network, with wireless links connecting the nodes, is easily exposed to security attacks, such as eavesdropping, Denial of Service (DoS), impersonation, etc. Moreover, authentication and authorization cannot be performed similarly as in conventional wireless networks.
Due to the above reasons, ad-hoc networks need a robust security architecture.
The security features that have been developed so far for the ad-hoc networks have mainly been an integrated part of the routing functions. In other words, the security aspects of the ad-hoc networks have concentrated mainly on the link/route security. Therefore, the overall management of the security issues of the ad-hoc networks has not yet been resolved in an adequate manner. These security issues include the above-mentioned key issues such as authentication, integrity, and encryption.
The invention relates to the problem of handling the security aspects of ad-hoc networks, especially mobile ad-hoc networks.