Академический Документы
Профессиональный Документы
Культура Документы
group member computes and broadcast: Xi = base. They have similar functionality but different
(Zi+1/Zi-1)xi [11]. Consider the security mechanism scope. Different agents can be installed within the
in from the system architecture view. It depicts GPA, DPAs or LPAs to enable different
the five layer security architecture for MANETs functionality. Policy Enforcer is the entity
as: Layer 5 SL5, End to End security layer. Layer responsible for enforcing policies. It monitors
4 SL4 Network Security Layer. Layer 3 SL3, events and evaluates conditions to decide which
Routing security Layer. Layer 2 SL2, agent should be instructed to perform its
Communication security layer. Layer 1 SL1, Trust management action. They can receive events
Infrastructure Layer. [12] has implemented key published by other system components via an
management service and described the use of event bus. Each agent implements a standard
RSA key generation technique to create a interface that enables the policy enforcer to
threshold certificate authority. The creation of this communicate with agents. Policy distributor is
scalable key management solution does not rely used to receive policy updates from the remote
on prior infrastructure for its inception. Public key node and to send these updates to the LPA's on its
Infrastructure (PKI) is the most scalable form of node.
key management. Several different PKI The network considered is not very highly
techniques exist: [13], [14], and [15]. Aura [16] volatile.
proposes the use of a group oriented Public key
infrastructure for large group formation. The 3.2 Working of System
leader of the group acts as a certificate authority
(CA), which issues group membership Ideally it is considered that the cooperation is
certificates. Zhou [17] suggests the use of based on mutual consent, but practically the veto
threshold cryptography to create a distributed power this mechanism gives to each member or
threshold certificate authority. each node can paralyze the activities of the
cluster. By properly choosing the k and x
3. Proposed Work parameters we can give sufficiently large majority
of authority to take some action while giving any
A dynamically adjustable multi-tier hierarchy is sufficiently large minority the power to block it.
used which enhances the scalability of the The proposed new structure of each node is
management system by expanding or shrinking of shown below. This includes the node
number of tiers in hierarchy depending on the identification number (n), current location of the
network conditions. The basic idea is to form the node (Xn,Yn) which is calculated with the GPS
clusters and implement the threshold scheme (K, which is on each and every node. It also helps in
i) for the management of cryptographic keys, predicting the direction on movement of the node.
which are used for the security of the data while Cluster Head Identification number (CH) is used
movement. Threshold scheme are ideally suited to specify the cluster leader and different number
to the applications in which a group of mutually of clusters in one network. The threshold scheme
suspicious individuals or must say here the nodes considered is the dynamic threshold scheme
with conflicting interests cooperate. Different because lets say threshold minimum number of
types of agents are used and detailed according to votes is say t then proactive secret sharing doesnt
their property to do specific jobs. Intelligent help as resultant size of the group is less than t i.e.
agents/Policy agents are the agents who are to (n-t) <= t so in such a case it is necessary to
behave intelligently. This policy agent is reduce t. Similar condition is if larger member of
responsible for enforcing the policies of the policy the group leaves. Similar condition arises when at
domain. The policy agent of an atomic policy group inception time first few members join. In
domain is referred to as Local Policy Agent such special cases the group needs some special
(LPA). The policy agent of top level policy admission rules. In dynamic threshold the
domain is referred to as Global Policy Agent minimum number of votes is a fraction of the
(GPA). Intermediate Policy agents are called number of current group member. As it is
Domain Policy Agents (DPA). decentralized Scheme one network (N) is divided
in different clusters, which carries the information
Assumptions of all the members present in the cluster and when
a member node becomes mobile it informs the
The GPA, DPA and LPA of all the networks have cluster head (CH) about its migration and on
the same basic structure and consist of same code traveling to a new region boundary it will send
IJCSI International Journal of Computer Science Issues, Vol. 7, Issue 3, No 10, May 2010 47
ISSN (Online): 1694-0784
ISSN (Print): 1694-0814
request packet to the current cluster head for its current cluster into two clusters, based on
membership. network conditions e.g. if the cluster become
geographically dispersed and so the
management performance is adversely impacted
2 (which is detected using the GPS system of
each node). The cluster leader then appoints one
of its associates as the leader for a subset of its
associates. If an associate detects the existence
3 of another GPA, it notifies its own GPA, who
C then initiates a negotiation session with the
other GPA. The other GPA signals the session
initiator its decision to remain GPA or to
become a child of the session initiator. Once the
1 session initiator acknowledges this decision, the
A two domain merge and one of the GPAs step
down to become a child of the other. The LPA
carries the secret key named SK of the node and
1 B store it in the ACL (Access Control List) and
the PK is carried with the GPA and stored in its
ACL.
shares which are distributed among x users a node at any instant within the network by just
trusted dealer is chosen [1] and it chooses the issuing a mobile agent. The Intelligent agent then
large prime p & select the polynomial f(z) over carries the message to the corresponding cluster
to Zp of degree t-1. To distribute share among head. The cluster head then becomes responsible
The new node structure is used with the detail for delivering the message to proper destination.
of in which cluster it is and the main network Analog to the real life, these agents actually play
for which it is working for or the network the role of messengers and the cluster heads play
basically which is sending the message. The the role of post offices in the adhoc wireless
structure of the node is as shown in Fig. 3 scenario. The cooperating agent scheme has been
explicitly designed to reduce the agent traffic in
Node Identification No. (n) the network. The unnecessary redundant node
Current Location (Xn , Yn) visits made by the agents moving for a common
Cluster Identification No. (CH) destination has been avoided by sharing and
Network Identification (N) merging with other agents. These agents together
Threshold Scheme (K, i) with the cluster heads take the responsibility of
providing communication services and
improvement of overall traffic coordination in the
Fig. 3 Structure of the Node
network.
2. Number of Messages in the system i.e. the total
The dealer computes each user share SSi such that
number of mobile agents traffic issued by the
SSi= f(i)mod (q) and securely transfer SSi to Mi.
node in network.
Then any group of t members can recover the
secret. This solves the issue specified in Eq. 1 by
Verifiable Secret Sharing
making use of polynomial interpolation and
Modular arithmetic which gives the verification
The t members receive their share ssi and each
that the specified node is a valid node member of
member Mi verifies ssi by
t. [1]
t-1
t
Gssi= (wj)ij mod (p)
f(z) = SSi li (z) mod (p)
j=0
i=1
Where wi is the witness and
t
wi = gai mod (p)
Where li (z) = (z-j) / (i-j) (1)
The TD publishes this wi-s in ACL of GPA.
j=1
ij
Acknowledgments
Since f (0) = S the secret share is expressed as
Author gives heartfelt thanks to both the guides
t
Dr. Navin Rajpal and Dr A.K. Sharma for
S= f (0) = ssi li(0) mod (p) (2)
devoting time and patience for this work to get
i=1
some conclusion and to the Director Er. Navneet
Agarwal, JIET for his cooperation while
So secret share will be recovered only is
completing this work.
minimum required keys of node are combined.
References
4. Performance of Proposed work
[1] A. Shamir. How to share a secret. Commun.
The network used for the simulation of 500 nodes
ACM, 22(11), 1979
in 250m X 250m simulation area. The movement
[2] Sugandha Singh, Dr. Navin Rajpal, Dr. A.K.
of nodes is kept random so nodes are allowed to
Sharma. Mobile Agent Based Message
move not more than 30m/sec.
Communication in Large Ad hoc Networks
Performance is calculated for the below specified
through Co-operative Routing using Inter-
criterias
Agent Negotiation at Rendezvous Points. In 4th
1. Secret verification share has fixed time slot/
international conference of challenges and
period. E.g. Mobile Intelligent agents hop around
developments in IT, at Punjab College of
the network for delivering messages in this
Technical education, May 2008.
current flexible and decentralized framework any
autonomous node can send message to any other
IJCSI International Journal of Computer Science Issues, Vol. 7, Issue 3, No 10, May 2010 49
ISSN (Online): 1694-0784
ISSN (Print): 1694-0814
[3] F. Stajano, R. Anderson. The resurrecting [10] Johann van der Merwe, Professor D. Dawoud and
duckling: Security issues for adhoc wireless Mr. S. McDonald. Military Mobile Ad hoc
networks, The 7th Intl workshop on security Network Security: Group Key Management. In
protocols, LNCS 1796, Berlin: Springer, 2000. Journal of ARMSCOR university of Kwazulu-
pp. 172-194 Natal.
[4] Rony H. Rahman and Lutfar Rahman A New [11] Shuyao Yu, Youkun Zhang, Chuck Song and Kai
Group key Management Protocol for Wireless Chen. A security architecture for Mobile AdHoc
Ad-Hoc Networks, International Journal of Network ACM Workshop on Wireless Security
computer and Information Science and (Wise 2003), San Diego, CA, September 19, 2003
Engineering, Springer 2008. pp. 74-79 [12] B. Lehane, L. Doyle and D.O Mahony. Shared
[5] B. Carlsson and A. Jacobsson, Security RSA Key generation in Mobile Adhoc networks
Consistency in information Ecosystems: Structure European Office of Aerospace Research and
of risk environment on the Internet, Journal of Development, 2003.
Information system security 2(1), p 2-26, 2006. [13] http://world.std.com/~cme/html.charters/spki.html
[6] N. Asokan and P. Ginzboorg, Key agreement in [14] http://www.pgpi.org
ad-hoc networks In Elsevier Journal of Computer [15] http://www.ietf.org/html.charters/pkix-
Communications. Computer Commun. 23 (2000) charter.html
1627-1637. [16] T. Aura, S. Maki. Towards survivable security
[7] A. Ballardie, Scalable Multicast Key architecture for ad-hoc networks Security
Distribution. RFC 1949, 1996. protocols 9th international workshop. Cambridge,
[8] S. Setia, S. Koussih, S. Jajodia and E. Harder. UK, April 01, LNCS 2467, p 63-73 2002
Kronos: A scalable group re-keying approach for [17] L. Zhou, Z. J. Haas. Securing Ad-Hoc
secure multicast. IEEE Symposium on security Networks IEEE Networks, 13(6): 24-30, 1999.
and Privacy, May 2000. [18] S. Rafaeli, and D. Hutchison. Hydra: a
[9] B. DeCleene, L. Dondeti, S. Griffin, T. Hardjono, decentralized group key management. 11th IEEE
D. Kiwior, J. Kurose, D. Towsley, S. Vasudevan, International WETICE: Enterprise security
and C. Zhang. Secure Group communications Workshop, June 2002.
for wireless networks. MILCOM, June 2001.