Advertisement

Delegation of Signalling Rights

  • Pekka Nikander
  • Jari Arkko
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2845)

Abstract

Consider a network of interconnected nodes where each node is identified with a public key. Each node uses the corresponding private key to sign signalling messages. This allows those nodes that know a given node (by its public key) to verify the authenticity of the signalling messages. Under these circumstances, a node may delegate the right to send signalling messages to another node. The delegation may be expressed, for example, in the form of authorization certificates. In this paper we describe how such delegation could be used to optimise signalling paths in mobile and ad hoc network settings. Additionally, we consider the constraints and limitations of the proposed approach.

Keywords

Mobile Node Session Initiation Protocol Signalling Proxy Signalling Message Correspondent Node 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Aura, T., Nikander, P.: Stateless connections. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 87–97. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  2. 2.
    Blaze, M., Feigmenbaum, J., Lacy, J.: Decentralized Trust Management. In: IEEE Conference on Security and Privacy, Oakland, CA (May 1996)Google Scholar
  3. 3.
    Ellison, C., et al.: SPKI Certificate Theory, RFC 2693, IETF (September 1999)Google Scholar
  4. 4.
    Rivest, R.L., Lampson, B.: SDSI – A Simple Distributed Security Infrastructure, published several times (1996), http://theory.lcs.mit.edu/~rivest/sdsi10.html
  5. 5.
    Lehti, I., Nikander, P.: Certifying trust. In: Imai, H., Zheng, Y. (eds.) PKC 1998. LNCS, vol. 1431, p. 83. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  6. 6.
    Nikander, P.: An Architecture for Authorization and Delegation in Distributed Object-Oriented Agent Systems. Ph.D. Dissertation, Helsinki University of Technology (March 1999)Google Scholar
  7. 7.
    Abadi, M.: On SDSI’s linked local name spaces. In: Proc. 10th IEEE Computer Security Foundations Workshop, Rockport, MA, June 1997, pp. 98–108. IEEE Computer Society Press, Los Alamitos (1997), http://citeseer.nj.nec.com/abadi98sdsis.html CrossRefGoogle Scholar
  8. 8.
    Howell, J., Kotz, D.: A Formal Semantics for SPKI. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, pp. 140–158. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  9. 9.
    Kortesniemi, Y., Hasu, T., Särs, J.: A revocation, validation and authentication protocol for SPKI based delegation systems. In: Proceedings of the 2000 Network and Distributed System Security Symposium (NDSS 2000), San Diego, California, February 2000, pp. 85–101 (2000)Google Scholar
  10. 10.
    Perlman, R.J.: Network layer protocols with Byzantine robustness. Ph.D. Thesis, Massachusetts Institute of Technology (1988)Google Scholar
  11. 11.
    Moskowitz, R.: Host Identity Payload Architecture, work in progress, Internet Draft (expired) (February 2001), http://klovia.htt-consult.com/draftmoskowitz-hip-arch-02.txt
  12. 12.
    Moskowitz, R.: Host Identity Payload and Protocol, work in progress, Internet Draft (November 2001), draft-moskowitz-hip-05.txt http://klovia.httconsult.com/draft-moskowitz-hip-05.txt
  13. 13.
    Moskowitz, R.: Host Identity Protocol Implementation, work in progress, Internet Draft (expired) (February 2001), draft-moskowitz-hip-impl-01.txt http://klovia.htt-consult.com/draft-moskowitz-hip-impl-01.txt
  14. 14.
    Zapata, M.G.: Secure Ad hoc On-Demand Distance Vector (SAODV) Routing, unpublished manuscript, sent to the manet mailing list, October 08 (2001), ftp://manet.itd.nrl.navy.mil/pub/manet/2001-10.mail
  15. 15.
    Dahill, B., Levine, B.N., Royer, E., Schields, C.: A Secure Routing Protocol for Ad Hoc Networks., Technical Report UM-CS-2001-037, University of Michigan (August 2001)Google Scholar
  16. 16.
    Nikander, P.: A Case for the Host Identity Payload: An Architecture for Multi- Homed Mobile Hosts. Unpublished manuscript submitted for consideration to be published at Mobicom 2002, Ericsson Research (March 2002)Google Scholar
  17. 17.
    Aura, T., Arkko, J.: MIPv6 BU Attacks and Defenses, work in progress, Internet Draft (February 2002) draft-aura-mipv6-bu-attacks-01.txt

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Pekka Nikander
    • 1
  • Jari Arkko
    • 1
  1. 1.Ericsson Research NomadicLabJorvasFinland

Personalised recommendations