移动Ad Hoc网络组播安全研究
|
摘要
在移动Ad Hoc网络(MANET:Mobile Ad Hoc Networks)中,节点必须通过相互之间的合作互助才能完成一系列工作,而组播主要支持一些以组或协作为特点的网络应用,二者共有的群组通信特性,使得移动Ad Hoc网络中的组播成为新的研究热点。然而,移动Ad Hoc网络的开放性和受限性,又使得组播通信的密钥管理和访问控制等安全问题愈发突出,且难以采用传统的方式去解决,阻碍了移动Ad Hoc网络组播在实际应用中的发展。因此,分析移动Ad Hoc网络组播安全的特殊需求,给出适合的安全解决方案,对移动Ad Hoc网络组播安全的技术发展与应用都具有重要的意义。
本论文从组密钥管理、证书撤销机制、访问控制和安全性评估等几个方面研究了移动Ad Hoc网络的组播安全问题,并提出了相应的解决方案。本论文的研究工作受到了国家自然科学基金项目‘'Ad Hoc网络中公钥管理与性能评估技术的研究(No.60572035)”和通信与信息系统北京市重点实验室项目(No.JD100040513)的资助。
针对移动Ad Hoc网络组播安全,论文的主要工作与创新点如下:
1.提出了一种基于网格的部分分布式组播密钥管理方案。该方案利用服务器组形成分布式组密钥管理核心,把对组播组成员的信任限制在可控范围内,从而提高了安全性;同时通过维护基于网格的服务器组,提高了组密钥服务的易获得性。
2.提出了一个基于树与分簇结构的分层组密钥管理方案。该方案首先对节点进行分簇处理,然后在簇首之间建立全局分布式逻辑密钥树,并在各簇内部建立本地集中式的逻辑密钥树,构成了一个两级结构的组密钥管理框架。两级逻辑密钥树的建立降低了簇首之间以及各簇内部密钥更新的开销,而分簇将密钥更新的大部分通信开销限制在一簇之内,并且由多个并发的局部通信或计算代替全局串行处理过程,降低了处理时延,减小了安全空窗期,提高了系统安全性。
3.提出了一种可逆的节点证书状态转换模型以改进证书撤销机制的性能。在模型中,节点证书的信任度决定于其历史记录以及其他节点发出的信任度因子的加权和,可以根据证书信任度的计算结果确定其状态。为了避免证书的频繁撤销和重新颁发,模型在原来的直接撤销之前增加了一种挂起状态,并允许将某些处于挂起状态的证书信任度提高,使之重新有效,这样既可以延长这些证书的生命期,避免误码和干扰等环境问题带来的误判,也减少了重新颁发证书的计算量与通信开销。
4.提出了一种基于角色的组播访问控制模型。模型结合分布式的组成员监控机制,通过引入用户角色证书和策略证书,来实现对组用户发送与接收权限的细粒度访问控制。利用角色和策略证书,不仅可以控制组播成员的权限,而且降低了成员与权限的关联性,增强其对动态环境的适应性。
5.提出了静态与动态的系统安全性评估模型。静态模型研究了MANET网络节点数量和节点被俘获概率对秘密共享方案门限值的影响,并通过这两个参数来量化系统的安全性;此外,利用随机过程方法,对网络系统受到的攻击过程建立了攻击流模型,并在此基础上建立了动态安全性能评估模型。利用该模型可以预测系统的最大危险时刻和系统安全门限值,以便给出MANET网络系统安全性随时间的动态变化趋势。
移动Ad Hoc网络的组播应用刚刚起步,其安全问题的研究也将随着应用领域的广泛而逐渐深入,得到长足的发展。
In Mobile Ad Hoc Networks (MANET), tasks need carrying out by a group of nodes while multicast is a suitable technique for collaborative applications. The group communication nature makes the combination of these two techniques a new application direction. According to the openness and resource lacking in MANET, security mechanisms and schemes tailored for wired networks and multicast environment will not work well if being introduced into MANET multicast directly. Security issues become the drawback in the extensive application of MANET multicast. It is necessary to study its special requirements and propose some efficient security mechanisms suitable for multicast over MANET.
The thesis studies the security issues of the multicast over MANET from the view of group key management, certificate revocation, access control and security evaluation. Some schemes are provided in this thesis to resolve the issues.The research work of this thesis is supported by National Natural Science Foundation of China (No.60572035) and Beijing Municipality Key Laboratory of Communication and Information System (No. JD100040513).
The main innovations of the thesis are as follows:
1. A partial distributed multicast key management scheme based on mesh is proposed. It applies a distributed group key management center made up of a group of server nodes. The center limits the trust of the group member to a controllable range which promotes the security. The maintenance of the server group based on mesh improves the availability of group key service.
2. A tree and cluster based group key management architecture is proposed here. Nodes are grouped into clusters and select a cluster-head for each cluster. A distributed logical key tree (LKT) is built among all the cluster-heads which is named global LKT (GLKT). There is also a centered local LKT (LLKT) ruled by cluster-head in every cluster whose leaves are corresponding to ordinary nodes. The two-level architecture integrates the advantages of the cluster and LKT which can limit most key updating overhead to local area with clustering and decrease the cost of contributory key negotiation among cluster-head by building GLKT. The time delay in key updating is reduced for the global serial processing is instead of multi-local parallel processing.
3. A certificate state management model with reversible characteristic is proposed to improve the performance of the certificatie revocation. A certificate credit is decided by other's opinion about its history credit record and transform factor according to its behavior. The certificate state can be deduced by the computation result of the credit. A certificate suspending process is introduced as a middle state before its revocation and a certificate in suspending can be promoted to be reactivating. The reversible states can prolong the lifetime of the good certificate and avoid its frequent revocation and reissue. The computation and communication overhead is also reduced.
4. An RBAC model is proposed to provide sender and receiver access control for the group member. The model introduces user role certificate and policy certificate which are combined with group member monitoring mechanism to realize a fine-grained sender and receiver access control. The permissions of multicast member are controlled by roles which can weaken the relationship between member and permissions and enhance their adaptability to the dynamic environment.
5. The static and dynamic security evaluation models are proposed for the security service based on threshold cryptography in MANET. The probability of the compromised nodes during the whole lifetime and the influence to the threshold of the secret share scheme are studied in static model. The number and the compromised probability of the nodes can be used to evaluate the system security quantitatively. On the other hand, using stochastic process approach the attack process and attack model are studied firstly, based on which a dynamic evaluation model is followed. The models can help predict the tendency of the network security and give the proper value of threshold and updating period of sharing secret.
The research work on multicast security in Ad Hoc networks will be further on with the extention of its application.
本论文从组密钥管理、证书撤销机制、访问控制和安全性评估等几个方面研究了移动Ad Hoc网络的组播安全问题,并提出了相应的解决方案。本论文的研究工作受到了国家自然科学基金项目‘'Ad Hoc网络中公钥管理与性能评估技术的研究(No.60572035)”和通信与信息系统北京市重点实验室项目(No.JD100040513)的资助。
针对移动Ad Hoc网络组播安全,论文的主要工作与创新点如下:
1.提出了一种基于网格的部分分布式组播密钥管理方案。该方案利用服务器组形成分布式组密钥管理核心,把对组播组成员的信任限制在可控范围内,从而提高了安全性;同时通过维护基于网格的服务器组,提高了组密钥服务的易获得性。
2.提出了一个基于树与分簇结构的分层组密钥管理方案。该方案首先对节点进行分簇处理,然后在簇首之间建立全局分布式逻辑密钥树,并在各簇内部建立本地集中式的逻辑密钥树,构成了一个两级结构的组密钥管理框架。两级逻辑密钥树的建立降低了簇首之间以及各簇内部密钥更新的开销,而分簇将密钥更新的大部分通信开销限制在一簇之内,并且由多个并发的局部通信或计算代替全局串行处理过程,降低了处理时延,减小了安全空窗期,提高了系统安全性。
3.提出了一种可逆的节点证书状态转换模型以改进证书撤销机制的性能。在模型中,节点证书的信任度决定于其历史记录以及其他节点发出的信任度因子的加权和,可以根据证书信任度的计算结果确定其状态。为了避免证书的频繁撤销和重新颁发,模型在原来的直接撤销之前增加了一种挂起状态,并允许将某些处于挂起状态的证书信任度提高,使之重新有效,这样既可以延长这些证书的生命期,避免误码和干扰等环境问题带来的误判,也减少了重新颁发证书的计算量与通信开销。
4.提出了一种基于角色的组播访问控制模型。模型结合分布式的组成员监控机制,通过引入用户角色证书和策略证书,来实现对组用户发送与接收权限的细粒度访问控制。利用角色和策略证书,不仅可以控制组播成员的权限,而且降低了成员与权限的关联性,增强其对动态环境的适应性。
5.提出了静态与动态的系统安全性评估模型。静态模型研究了MANET网络节点数量和节点被俘获概率对秘密共享方案门限值的影响,并通过这两个参数来量化系统的安全性;此外,利用随机过程方法,对网络系统受到的攻击过程建立了攻击流模型,并在此基础上建立了动态安全性能评估模型。利用该模型可以预测系统的最大危险时刻和系统安全门限值,以便给出MANET网络系统安全性随时间的动态变化趋势。
移动Ad Hoc网络的组播应用刚刚起步,其安全问题的研究也将随着应用领域的广泛而逐渐深入,得到长足的发展。
In Mobile Ad Hoc Networks (MANET), tasks need carrying out by a group of nodes while multicast is a suitable technique for collaborative applications. The group communication nature makes the combination of these two techniques a new application direction. According to the openness and resource lacking in MANET, security mechanisms and schemes tailored for wired networks and multicast environment will not work well if being introduced into MANET multicast directly. Security issues become the drawback in the extensive application of MANET multicast. It is necessary to study its special requirements and propose some efficient security mechanisms suitable for multicast over MANET.
The thesis studies the security issues of the multicast over MANET from the view of group key management, certificate revocation, access control and security evaluation. Some schemes are provided in this thesis to resolve the issues.The research work of this thesis is supported by National Natural Science Foundation of China (No.60572035) and Beijing Municipality Key Laboratory of Communication and Information System (No. JD100040513).
The main innovations of the thesis are as follows:
1. A partial distributed multicast key management scheme based on mesh is proposed. It applies a distributed group key management center made up of a group of server nodes. The center limits the trust of the group member to a controllable range which promotes the security. The maintenance of the server group based on mesh improves the availability of group key service.
2. A tree and cluster based group key management architecture is proposed here. Nodes are grouped into clusters and select a cluster-head for each cluster. A distributed logical key tree (LKT) is built among all the cluster-heads which is named global LKT (GLKT). There is also a centered local LKT (LLKT) ruled by cluster-head in every cluster whose leaves are corresponding to ordinary nodes. The two-level architecture integrates the advantages of the cluster and LKT which can limit most key updating overhead to local area with clustering and decrease the cost of contributory key negotiation among cluster-head by building GLKT. The time delay in key updating is reduced for the global serial processing is instead of multi-local parallel processing.
3. A certificate state management model with reversible characteristic is proposed to improve the performance of the certificatie revocation. A certificate credit is decided by other's opinion about its history credit record and transform factor according to its behavior. The certificate state can be deduced by the computation result of the credit. A certificate suspending process is introduced as a middle state before its revocation and a certificate in suspending can be promoted to be reactivating. The reversible states can prolong the lifetime of the good certificate and avoid its frequent revocation and reissue. The computation and communication overhead is also reduced.
4. An RBAC model is proposed to provide sender and receiver access control for the group member. The model introduces user role certificate and policy certificate which are combined with group member monitoring mechanism to realize a fine-grained sender and receiver access control. The permissions of multicast member are controlled by roles which can weaken the relationship between member and permissions and enhance their adaptability to the dynamic environment.
5. The static and dynamic security evaluation models are proposed for the security service based on threshold cryptography in MANET. The probability of the compromised nodes during the whole lifetime and the influence to the threshold of the secret share scheme are studied in static model. The number and the compromised probability of the nodes can be used to evaluate the system security quantitatively. On the other hand, using stochastic process approach the attack process and attack model are studied firstly, based on which a dynamic evaluation model is followed. The models can help predict the tendency of the network security and give the proper value of threshold and updating period of sharing secret.
The research work on multicast security in Ad Hoc networks will be further on with the extention of its application.
引文
[1] J Macker, S Corson. Mobile Ad-Hoc Networks (MANET) Charter. http://www.ietf.org/html.charters/manet-charter.html, 1999.
[2] C E Perkins. Ad Hoc Networking. Boston: Addison Wesley Professional, 2000.
[3] 郑相全等.无线自组网技术实用教程.北京:清华大学出版社,2004.
[4] 郑少仁,王海涛,赵志峰等.Ad Hoc网络技术.北京:人民邮电出版社,2005.
[5] 于宏毅等.无线移动自组织网.北京:人民邮电出版社,2005,
[6] 陈林星,曾曦,曹毅.移动Ad Hoc网络.北京:电子工业出版社,2006.
[7] J Jubin, J D Tumow. The DARPA Packet Radio Network Protocols. Proceedings of the IEEE. 1987.21-32.
[8] A David, Beyer. Accomplishments of the DARPA Survivable Adaptive Networks SURAN Program. Proceedings of the IEEE MILCOM Conference. 1990.
[9] M Barry, Leiner, Robert Ruth, Ambatipudi R Sastry. Goals and Challenges of the DARPA GloMo Program. IEEE Personal Communications, Volume 3, Issue 6, Dec. 1996 Page(s):34-43.
[10] http://www.ieee802.org/11/.
[11] http://www.cartalk2000.net.
[12] http://www.fleetnet.de.
[13] http://www.terminodes.org.
[14] Zhou L. and Z. Haas. Securing Ad Hoc Networks. IEEE Network Magazine, Vol. 13, Issue 6, Page(s):24-30, 1999.
[15] D. Djenouri, L. Khelladi, and N. Badache. A Survey of Security Issues in Mobile Ad Hoc and Sensor Networks. IEEE Commun. Surveys & Tutorials, vol. 7, no. 4, 4th Quarter 2005.
[16] 易平,蒋嶷川,张世永,钟亦平.移动Ad Hoc网络安全综述.电子学报,2005,33(5):893—899.
[17] 王海涛,郑少仁.移动Ad Hoc网络中的安全问题.中国数据通信,2002,4(8):65-68.
[18] 周海刚,肖军模.Ad Hoc网络安全模型的研究.解放军理工大学学报,2002,3(3):5-8.
[19] Panlong Yang, Shaoren Zheng. Security Management in Hierarchical Ad Hoc Network. 2001 International Conferences on Info-tech and Info-net. NEW YORK: IEEE, 2001. 642-649.
[20] 王海涛,王晓明.Ad Hoc网络的安全问题综述.计算机安全,2004,7:26-30.
[21] Ballardie, A. Scalable Multicast Key Distribution. http://www.ietf.org/rfc/rfc1949.txt, June 1996.
[22] Harney H, Muckenhirn C. Group key management protocol (GKMP) specification. http://www.ietf.org/rfc/rfc2093.txt, 1997.
[23] D. Wallner, E. Harder, and R. Agee. Key Management for Multicast: Issues and Architectures. http://www.ietf.org/rfc/rfc2627.txt, June 1999.
[24] K. McCloghrie, D. Farinacci, D. Thaler. Internet Group Management Protocol MIB. http://www.ietf.org/rfc/rfc2933.txt, October 2000.
[25] T. Hardjono, B. Weis. The Multicast Group Security Architecture. http://www.ietf.org/rfc/rfc3740.txt, Nov. 2003.
[26] Baugher M, Canetti R, Dondeti L, et al. Multicast Security (MSEC) Group Key Management. http://www.ietf.org/rfc/rfc2933.txt,2004.
[27] 徐明伟,董晓虎,徐恪.组播密钥管理的研究进展.软件学报,Vo1.15,No.1,141-150,2004.
[28] ANNE MARIE HEGLAND, ELIWINJUM, STIG E MJφLSNES, CHUNMING RONG, φIVIND KURE, AND P(A)L SPILLING. A survey of key management in ad hoc networks. IEEE Communications Surveys & Tutorials, Volume 8, Issue 3,3rd Qtr. 2006 Page(s):48-66.
[29] K. Fokine. Key Management in Ad Hoc Networks. Master Thesis, LiTH-ISY-EX-3322-2002, Lindkopings tekniska hogskola, 2002.
[30] S. Rafaeli and D. Hutchison. A Survey of Key Management for Secure Group Communication. ACM Computing Surveys, vol. 35, no. 3, Sep. 2003, pp. 309-329.
[31] J.v.d. Merwe, D. Dawoud, and S. McDonald. A Survey on Peer-to-Peer Key Management for Military Type Mobile Ad Hoe Networks. The Military Information and Commun. Symp. Of South Africa-MICSSA, 2005.
[32] W. Diffie and M. E. Hellman. New Directions in Cryptography. IEEE Trans. Info. Theory, vol. IT-22, no. 6, Nov. 1976, pp.644-654.
[33] Steiner M., Tsudik G., Waidner M., Diffie-Hellman. Key Distribution Extended to Groups. 3rd ACM Conference on Computer & Commun. Security, ACM Press, 1996.31-37.
[34] I. Ingemarsson, D. Tang, and C. Wong. A Conference Key Distribution System. IEEE Trans. Info. Theory, vol. 28, no. 5, Sept. 1982, pp. 714-720.
[35] M. Burmester, and Y. Desmedt. A Secure and Efficient Conference Key Distribution System. Proc. EUROCRYPT'94, 1994, pp. 275-286.
[36] K. Becker and U. Wille. Communication Complexity of Group Key Distribution. Proc. 5th ACM Conf. Comp. and Commun. Security, 1998, pp. 1-6.
[37] N. Asokan and E Ginzboorg. Key Agreement in Ad Hoc Networks. Computer Commun, vol. 23, no. 17, Nov. 2000, pp.1627-37.
[38] M. Steiner, G. Tsudik, and M. Waidner. CLIQUES: A New Approach to Group Key Agreement. Proc. ICDCS'98, 1998.
[39] M. Steiner, G. Tsudik, and M. Waidner. Key Agreement in Dynamic Peer Groups.IEEE Trans. Parallel and Distributed Syst., vol. 11, no. 8, Aug. 2000, pp. 769-80.
[40] Wong C K, Gouda M G, Lam S S. Secure Group Communications Using Key Graphs. Proceedings of the IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Society Press, 2000, 215-228.
[41] Canetti R, Caray J, Itkis G, Micciancio D, Naorr M, Pinkas B. Multicast security: A taxonomy and some efficient constructions. In: Proc. of the INFOCOM'99. New York, 1999. 708-716.
[42] Balenson D, McGrew D, Sherman A. Key management for large dynamic groups: One-Way function trees and amortized initialization. IETF Internet Draft (work in progress), 2000.
[43] D.A. McGrew and A.T. Sherman. Key Establishment in Large Dynamic Groups Using One-Way Function Trees. Technical Report No.0755, TIS Labs at Network Associates, Inc., Glenwood, MD May 1998.
[44] 陈璟,杨波,田春岐.基于单向函数树的多播密钥管理方案安全性分析.西安电子科技大学学报,Vo1.31,pp959-962,2004.
[45] 赵志国,杨波.一种多播密钥管理方案.电子科技,Vo1.6,pp7-10,2004.
[46] 祝烈煌,曹元大.基于huffman单向函数树的组播密钥更新协议.北京理工大学学报,Vo1.24,pp524-527,2004.6
[47] 许勇,陈恺.安全多播中基于成员行为的LKH方法,软件学报,Vo1.16,No.4 601-608,2005.
[48] 朱文涛,熊继平,李津生,洪佩琳.安全组播密钥管理的层次结构研究.电子与信息学报,Vo1.26(1)7-13,2004.
[49] Haibin Lu. A novel high-order tree for secure multicast key management. IEEE TRANSACTIONS ON COMPUTERS, VOL.54, NO.2 214-224, 2005.
[50] Rodeh O, Birman K, Dolev D. Optimized group rekey for group communication systems. Technical Report, Hebrew University, 1999.
[51] Yang L, Li XS, Zhang XB, Lam SS. Reliable group rekeying: A performance analysis. In: ACM SIGCOMM 2001. San Diego, 2001.27-31.
[52] Lee PPC, Lui JCS, Yau DKY. Distributed collaborative key agreement protocols for dynamic peer groups. In Proc. of the ICNP2002. 2002.53-62.
[53] Ozkan M. Erdem. EDKM: Efficient Distributed Key Management for Mobile Ad Hoc Networks. Proc. ISCC 2004. Vo1.1, 2004 Page(s):325-330.
[54] Yan Sun, Wade Trappe, and K. J. Ray Liu. A scalable multicast key management scheme for heterogeneous wireless networks. IEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 12, NO.4, pp653-666, AUGUST 2004.
[55] Anindo Mukherjiee, Meetu Gupta, Hongmei Deng and Dharma P. Agrawal. Level-Based Key Establishment for Multicast Communication in Mobile Ad Hoc Networks. In Proceedings of IEEE PIMRC, September 2004. Barcelona, Spain. 2871-2875.
[56] Seung Yi, Robin Kravets. Composite Key Management for Ad Hoc Networks. In proceedings of the First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services (MobiQuitous'04), 22-26 Aug. 2004 Page(s):52-61.
[57] Isabella Chang, Robert Engel, Dilip Kandlur, Dimitrios Pendarakis, and Debanjan Saha. Key management for secure Internet multicast using Boolean function minimization techniques. IEEE INFOCOM 1999, p. 689-698.
[58] Zhang, C., DeCleene, B., Kurose, J., Towsley, D. Comparison of Inter area Rekeying Algorithms for Secure Wireless Group Communications. Performance Evaluation, 2002, 49(1-4):1-20.
[59] Andre BOUMSO, Boucif AMAR BENSABER, Ismail BISKRI, GAKAP, Multicast Key Agreement Protocol for Ad Hoc Networks Based On Group Activity Probability. Proceedings of the 29th Annual IEEE International Conference on Local Computer Networks (LCN'04), 16-18 Nov. 2004 Page(s):700-704.
[60] Sencun Zhu, Sanjeev Setia, Shouhuai Xu, Sushil Jajodia. GKMPAN: An Efficient Group Rekeying Scheme for Secure Multicast in Ad-Hoc Networks. In proceedings of the First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services (MobiQuitous'04), 22-26 Aug. 2004 Page(s):42-51.
[61] Ravi K Balachandran, Byrav Ramamurthy, Xukai Zou and N.V.Vinodchandran. CRTDH: an effective key agreement scheme for secure group communications in wireless ad hoc networks. In the Proceedings of the 40th annual IEEE International Conference on. Communications 2005 (ICC 05), Vol: 2, pages 1123-1127, 2005.
[62] Wen Tao Zhu. Optimizing the Tree Structure in Secure Multicast Key Management, IEEE COMMUNICATIONS LETTERS, VOL. 9, NO. 5, MAY 2005, pp477-479.
[63] Jen-Chiun Lin, Feipei Lai, Hung-Chang Lee. Efficient group key management protocol with one-way key derivation. Proceedings of the IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05), 15-17 Nov. 2005 Page(s):336-343.
[64] Yingjie Wang, Jianhua Li, Ling Tie, Hongwen Zhu. An Efficient Method of Group Rekeying for Multicast Communication. IEEE 6th CAS Symp. On Emerging Technologies: Mobile and Wireless Comm.Shanghai, China, May 31-June 2, 2004, Volume 1, Page(s):202-207.
[65] Jen-Chiun Lin, Chien-Hua Tzeng, Feipei Lai, Hung-Chang Lee, Optimizing Centralized Secure Group Communications with Binary Key Tree Recomposition. In Proceedings of the 18th International Conference on Advanced Information Networking and Application (AINA'04), 2004.
[66] Y. Kim, A. Perrig, and G. Tsudik. Communication-efficient group key agreement. In Proc. of the 17th International Information Security Conference, IFIP SEC'01, 2001.
[67] A.Perrig. Efficient Collaborative Key Management Protocols for Secure Autonomous Group Communication. In International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC '99), 1999, pages 192-202.
[68] YONGDAE KIM. Tree-Based Group Key Agreement. ACM Transactions on Information and System Security, Vol. 7, No. 1, February 2004, Pages 60-96.
[69] M. Manulis. Contributory Group Key Agreement Protocols, Revisited for Mobile Ad-hoc Groups. In Proceedings of MASS 2005, WSNS 2005. IEEE Computer Society, 2005.
[70] SUVO Mittra. Iolus: A Framework for Scalable Secure Multicasting. Proceedings of ACM SZGCOMM '97, Cannes, France, 1997.
[71] Juan Hernandez-Serrano, Josep Pegueroles, Miguel Soriano. GKM over large MANET. IEEE: Proc. of SNPD/SAWN'05, 23-25 May 2005 Page(s):484-490.
[72] Banerjee S, Bhattacharjee B. Scalable secure group communication over IP multicast. JSAC Special Issue on Network Support for Group Communication, 2002, 20(8): 156-163.
[73] Jiejun Kong, Yeng-zhong Lee, Mario Gerla. Distributed multicast group security architecture for mobile ad hoc networks. IEEE Wireless Communications and Networking Conference (WCNC 2006), Vol. 2, 3-6 April 2006 Page(s):640-645.
[74] Ing-Ray Chen, Jin-Hee Cho, Ding-Chau Wang. Performance Characteristics of Region-Based Group Key Management in Mobile Ad Hoc Networks. IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing. Volume 1, 5-7 June 2006 Page(s):411-419.
[75] Xiang Yang Li, Yu Wang, Ophir Frieder. Efficient hybrid key agreement protocol for wireless ad hoc networks. Proceedings. Eleventh International Conference on Computer Communications and Networks, 14-16 Oct. 2002 Page(s):404-409.
[76] Jiang Zhang, Jian-Guang Luo, Bin Li, Shi-Qiang Yang. SIKAS: A Scalable Distributed Key Management Scheme for Dynamic Collaborative Groups. IEEE International Conference on Multimedia and Expo, July 2006 Page(s): 1205-1208.
[77] A. Shamir. How to Share a Secret. Communication of the ACM, Vol.22, No. 11, pp612-613, 1979.
[78] 况晓辉,胡华平,卢锡城.移动自组网络组密钥管理框架.计算机研究与发展,Vo1.41,No.4,704-709,Apr.2004.
[79] 况晓辉,朱培栋,卢锡城.移动自组网络分布式组密钥更新算法.软件学报,Vo1.15,No.5,757-766,2004.
[80] Anindo Mukherjee, Anurag Gupta, Dharma R Agrawal. Totally Distributed Key Management for Dynamic Groups in MANETs. In Proc. of IPCCC 2005, p185-192.
[81] A.M. Eskicioglu and M. R. Eskicioglu. Multicast Security Using Key Graphs and Secret Sharing. Proceedings of the Joint International Conference on Wireless LANs and Home Networks and Networking, Atlanta, GA, August 26-29, 2002, pp. 228-241.
[82] A.M. Eskicioglu, S. Dexter, and E. J. Delp. Protection of multicast scalable video by secret sharing: simulation results. Proceedings of SPIE Security and Watermarking of Multimedia Content V, Vol. 5020, pp. 505-515, Santa Clara, CA, January 21-24, 2003.
[83] Scott Dexter, Roman Belostotskiy, Ahmet M. Eskicioglu. Multi-layer multicast key management with threshold cryptography. Proceedings of the SPIE Security, Steganography, and Watermarking of Multimedia Contents VI Conference, Vol. 5306, San Jose, CA, January 19-22, 2004.
[84] LIU Xin-xing, YANG Ming, WANG Xiao-kang. Key management for secure muhicast communication using secret sharing-based revocation scheme. IEEE International Symposium on Communications and Information Technologies 2005. Beijing, China, 2005: 1262-1266.
[85] S. Jacobs. S. Corson. MANET Authentication Architecture. http://www.ietf.org/ietf/1id-abstracts.txt,Draft-jacobs-imep-auth-arch-01.txt, 1999.
[86] Adrian Perrig, Ran Canetti, J.D.Tygar, Dawn Song. Efficient Authentication and Signing Of Multicast Streams over Lossy Channels. In Proc. of IEEE Symposium On Security And Privacy, 14-17 May 2000 Page(s):56-73.
[87] Perrig A, Szewczyk R, Wen V, et al. SPINS: Security protocols for sensor networks,Wireless Networks, 2002, 8 (8):521-534.
[88] Phillip G. Bradford, Olga V. Gavrylyako. Foundations of Security for Hash Chains in Ad Hoc Networks. Proceedings. 23rd International Conference on Distributed Computing Systems Workshops, 19-22 May 2003 Page(s):743-748.
[89] Sencun Zhu, Shouhuai Xu, Sanjeev Setia, Sushil Jajodia. LHAP: A Lightweight Hop-By-Hop Authentication Protocol for Ad-Hoc Networks. Proceedings of the 23rd International Conference on Distributed Computing Systems Workshops (ICDCSW'03), 19-22 May 2003 Page(s):749-755.
[90] Bin Lu, Udo W. Pooch. A Lightweight Authentication Protocol for Mobile Ad Hoc Networks. Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05), 4-6 April 2005, Volume 2, Page(s):546-551.
[91] L. Zhou, F. B. Schneider, and R. van Renesse. COCA: a secure distributed on-line certification authority. ACMTrans. Computer Syst. Vol.20, No.4, pp. 329-368, Nov. 2002.
[92] S.Capkun, L.Buttyan, J.-P.Hubaux. Self-organized public-key management for mobile ad hoc networks. IEEE Transactions on Mobile Computing, Volume 2, Issue l,Jan.-March 2003 Page(s):52-64.
[93] S.Yi, R.Kravets. MOCA: Mobile certificate authority for wireless ad hoc networks. In Proc of the 2nd Annual PKI research workshop(PKI03), Apr.2003
[94] H Luo, S Lu. Ubiquitous and robust authentication services for ad hoc wireless networks. Technical Report, UCLA Computer Science Department, 2000.
[95] Zheng Yan. Security in Ad Hoc Networks. http://citeseer.nj.nec.com/536945.html.
[96] Jie jun Kong, Haiyun Luo, et al. Adaptive security for multilevel ad hoc networks. WIRELESS COMMUNICATIONS AND MOBILE COMPUTING. Wirel Commom Mob Comput, 2002, 2(5):533-547.
[97] Bing Wu, Jie Wu, Eduardo B.Fernandez. Secure and Efficient Key Management in Mobile Ad Hoc Networks. In proceedings of the 19th IEEE IPDPS'05.
[98] Y. Dong, H. W. Go, A. F. Sui, Victor O. K. Li, Lucas C. K. Hui, S. M. Yiu. Providing Distributed Certificate Authority Service in Moblie Ad Hoc Networks[C]. IEEE SecureComm 2005. Page(s): 149 -156.
[99] Pirzada A A, McDonald C. Kerberos Assisted Authentication in Mobile Ad-hoc Networks.Castro EV Ed.The 27th conference on Australasian Computer Science.New Zealand, Dunedin: 2004, 26:41-46.
[100] Stajano F, Anderson R. The resurrecting duckling: security issues for Ad hoc wireless networks. In: Christianson, B, Crispo B, Roe M, Eds. The 7th IntL Workshop on Security Protocols, LNCS 1796, Springer-Verlag, 1999.172-194.
[101] 林闯,封富君,李俊山.新型网络环境下的访问控制技术.April 2007,Vol.18,No.4, pp.955-966.
[102] H.Luo and Jiejun Kong, Petros Zerfos. URSA: Ubiquitous and robust access control for mobile ad hoc networks. IEEE/ACM Transactions on Networking, 2004. 12(6): 1049-1063.
[103] Hao Yang, Xiaoqiao Meng, Songwu Lu, Self-organized network-layer security in mobile ad hoc networks, IEEE Journal on Selected Areas in Communications, vol.24, No.2, 2006: 261-273.
[104] Dayou Qian, Chi Zhou, Jinsong Zhang. Cooperation Enforcement in Ad Hoc Networks with Penalty. IEEE International Conference on Mobile Ad hoc and Sensor Systems Conference, 2005. 7-10 Nov. 2005.
[105] Vikram Srinivasan, Pavan Nuggehalli, Chiasserini C.F., Rao R.R. Cooperation in Wireless Ad Hoc Networks. INFOCOM 2003. Twenty-Second Annual Joint Conferences of the IEEE Computer and Communications Societies. IEEE Volume 2, 30 March-3 April 2003 Page(s):808-817.
[106] Kaya T, Lin G, Noubir G, Yilmaz A. Secure Multicast Groups on Ad Hoc Networks. In proc. of the 2003 ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN '03), George W. Johnson Center at George Mason University, Fairfax, VA, USA, 2003.
[107] Nitesh Saxena, Gene Tsudik, Jeong Hyun Yi. Access Control in Ad Hoc Groups. IEEE International Workshop on Hot Topics in Peer-to-Peer Systems (HOT-P2P), Volendam, Nederlands, Oct. 2004, pp.2-7.
[108] Mohit Choudhary, Prashant Sharma, Dheeraj Sanghi. Secure Multicast Model For Ad-Hoc Military Networks. Proceedings of 12th IEEE International Conference on Networks (ICON 2004), Volume 2, 16-19 Nov. 2004 Page(s):683-688.
[109] 林闯,汪洋,李泉林.网络安全的随机模型方法与评价技术.计算机学报,Dec.2005,Vo1.28,No.12,PP.1943-1956.
[110] 肖道举,杨素娟,周开锋,陈晓苏.网络安全评估模型研究.华中科技大学学报(自然科学版),Vo1.30,No.4,pp.37-39.
[111] Dongyan Chen, Sachin Garg, Kishor S. Trivedi. Network Survivability Performance Evaluation: A Quantitative Approach with Applications in Wireless Ad hoc Networks. Proceedings of the International Workshop on Modeling, Analysis and Simulation of Wireless and Mobile Systems.2002.61-68.
[112] Xueping Li, Dengfeng Yang, A Quantitative Survivability Evaluation Model for Wireless Sensor Networks. Proceedings of the 2006 IEEE International Conference on Networking, Sensing and Control (ICNSC '06), 23-25 April 2006 Page(s):727-732.
[113] 陈菲,宋志高,陈克非.无线传感器网络中对密钥管理评估指标研究.计算机仿真.Vo1.22.No.5.DO.137-140.
[114] Ning Hongzhou. Ad Hoc Network Security Measurement and Evaluation. IEEE, Proc. of ICEMI 2005, 2005.
[115] Bo Zhu, Guilin Wang, Zhiguo Wan, Mohan S. Kankanhalli, Feng Bao, Robert H. Deng. Providing Efficient Certification Services against Active Attacks in Ad Hoc Networks. Proc. IEEE International Performance Computing and Communications Conference (IPCCC 2005), Phoenix, April 2005, pp.285-292.
[116] P. Feldman. A practical scheme for non-interactive verifiable secret sharing. Proceedings of the 28th IEEE Symposium on the Foundations of Computer Science, 1987, pp. 427-437.
[117] Y. Frankel, P. Gemmell, P. MacKenzie, and M. Yung. Proactive RSA. In Advances in Cryptology - Crypto '97, LNCS 1294, 1997, pp. 440-454.
[118] M. Kaaniche, E. Alata, V. Nicomette, Y. Deswarte, M. Dacier. Empirical analysis and statistical modeling of attack processes based on honeypots. WEEDS 2006 Workshop on empirical evaluation of dependability and security, June 25-28, 2006, Philadelphia, USA.
[119] E. Alata, M. Dacier, Y. Deswarte, M. Kaaniche, K.Kortchinsky, V.Nicomette, V.H. Pham, F. Pouget. Collection and analysis of attack data based on honeypots deployed on the Internet. QOP 2005, 1st Workshop on Quality of Protection, September 15, 2005, Milan, Italy.
[120] E. Alata, M. Dacier, Y. Deswarte, M. Kaaniche, K.Kortchinsky, V.Nicomette, V.H. Pham, F. Pouget. CADHo: Collection and Analysis of Data from Honeypots. Proceedings of 5th European Dependable. Computing Conference, April 2005.
[121] Jonsson E., Olovsson T. A quantitative model of the security intrusion process based on attacker behavior. IEEE Transactions on Software Engineering, 1997, 23(4):235-245.
[122] Baker D, Ephremides A. The Architectural Organization of a Mobile Radio Network via a Distributed Algorithm. Communications, IEEE Transactions on [legacy, pre-1988] Volume 29, Issue 11, Nov 1981 Page(s): 1694-1701.
[123] Lin C R, Gerla M. A distributed architecture for multimedia in dynamic wireless networks. Global Telecommunications Conference, 1995. GLOBECOM '95, IEEE Volume 2, 13-17 Nov, 1995 Page(s):1468-1472, Digital Object Identifier 10.1109/GLOCOM. 1995, 502646, 1468-1472.
[124] Gerla M, Tsai J T C. Multicluster, Mobile, Multimedia Radio Network. Wireless Networks, 1995, 1(3): 255-265.
[125] S Basagni. Distributed Clustering for Ad Hoc Networks. International Symposiun on Parallel Architectures, Algorithms and Networks, June 1999. 310-315.
[126] Amis A D, Prakash R. Load-balancing clusters in wireless ad hoc networks. Application-Specific Systems and Software Engineering Technology, 2000 Proceedings 3rd IEEE Symposium on 24-25 March 2000 Page(s):25-32.
[127] Daniel Lihui Gu, Guangyu Pei, Henry Ly, et al. Hierarchical Routing for Multi-Layer Ad-Hoc Wireless Networks with UAVs. In Proceedings of IEEE Milcom 2000. Los Angeles, USA, 2000(10).
[128] M.Bechler, H -J. Hof, et al. A Cluster-Based Security Architecture for Ad Hoc Networks. INFOCOM 2004. Page(s):2393 - 2403 vol.4.
[129] Giovanni Di Crescenzo, Renwei Ge, Mariusz Fecko, and Gonzalo R. Arce. Securing weakly-dominating virtual backbones in mobile ad hoc networks. Proceedings of the 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM 2006), June 2006 Page(s):5 pp. 26-29.
[130] Wu Ya-feng, Xu Yin-long, Chen Guo-liang, Wang Kun. On the construction of virtual multicast backbone for wireless ad hoc networks. 2004 IEEE International Conference on Mobile Ad-hoc and Sensor Systems, 25-27 Oct. 2004 Page(s):294-303.
[131] Maria Striki, John Baras. Efficient Scalable Key Agreement Protocols for Secure Multicast Communication in MANETs. Technical Report, CSHCN TR 2002-28, 2002.
[132] Crepeau Claude, Carlton R Davis. A Certificate Revocation Scheme for Wireless Ad Hoc Networks. 1st ACM Workshop on Security of Ad Hoc and Security of Ad Hoc and Sensor Networks. New York: Association for Computing Machinery, 2003. 54-61.
[133] Carlton R Davis. A Localized Trust Management Scheme for Ad Hoc Networks. 3rd International Conference on Networking-ICN'04. 2004. 671-675.
[134] Stanistaw Jarecki, Nitesh Saxena, and Jeong Hyun Yi. An Attack on the Proactive RSA Signature Scheme in the URSA Ad Hoc Network Access Control Protocol. In ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN), pages 1-9, October 2004.
[135] D F Ferraiolo, D R Kuhn. Role-based access control. In Proc. of 15th National Computer Security Conference. October, 1992. 554-563.
[136] Nyanchama M, Osbom S L. Information flow analysis in role-based security system. Journal of Computing and Information, 1994, 1(1) : 1368-1384.
[137] Ravi Sandhu, Edward J. Coyne, Hal L. Feinstein, Chall E. Youman. Role-based access control models. IEEE Computer, February 1996, 29(2): 38-47.
[138] Ferraiolo DF, Sandhu R, Guirila S, Kuhn DR, Chandramouli R. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security, 2001, 4(3):224-274.
[139] Mounir Kellil, Imed Romdhanl, Hong-Yon Lach. Multicast receiver and sender access control and its applicability to mobile IP environments: a survey. IEEE Comm. Surveys & Tutorials 7(2), pp. 46-70, 2005.
[140] Qiong Zhang, Yuke Wang. A Centralized Key Management Scheme for Hierarchical Access Control. Proc. IEEE GLOBECOM 2004, pp.2067-2071, 2004.
[141] Yogesh Karandikar, Xukai Zou and Yuanshun Dai. Secure Group Communication Based Scheme for Differential Access Control in Dynamic Environments. Proceedings of the 2005 11th International Conference on Parallel and Distributed Systems (ICPADS'05), 2005:448-452.
[142] Li-Xin, Zhang-Peng, Ye-Chengqing. GAC/GKM: A Group Access Control Architecture for Secure Multicast. International Conference on Communications, Circuits and Systems. New York: IEEE, 2005, Vo1.1:502-507.
[143] Di Ma, Robert H. Deng, Yongdong Wu, and Yieyan Li. Dynamic Access Control for Multi-privileged Group Communications. J. L'opez, S. Qing, and E. Okamoto (Eds.): ICICS 2004, LNCS 3269, pp. 508-519, 2004.
[144] 李斓,冯登国,徐震.RBAC与MAC在多级关系数据库中的综合模型.电子学报,Vo1.32,No.10,pp.1635-1639,Oct.2004.
[145] Edward RC. Kao, An Introduction to Stochastic Process. China Machine Press, Beijing, 2003.7, pp. 48-55.
[146] 柳金甫,李学伟.应用随机过程.北京:中国铁道出版社,2000.
[147] Ns-2 (The Network Simulator). http://www.isi.edu/nsnam/ns/.
[2] C E Perkins. Ad Hoc Networking. Boston: Addison Wesley Professional, 2000.
[3] 郑相全等.无线自组网技术实用教程.北京:清华大学出版社,2004.
[4] 郑少仁,王海涛,赵志峰等.Ad Hoc网络技术.北京:人民邮电出版社,2005.
[5] 于宏毅等.无线移动自组织网.北京:人民邮电出版社,2005,
[6] 陈林星,曾曦,曹毅.移动Ad Hoc网络.北京:电子工业出版社,2006.
[7] J Jubin, J D Tumow. The DARPA Packet Radio Network Protocols. Proceedings of the IEEE. 1987.21-32.
[8] A David, Beyer. Accomplishments of the DARPA Survivable Adaptive Networks SURAN Program. Proceedings of the IEEE MILCOM Conference. 1990.
[9] M Barry, Leiner, Robert Ruth, Ambatipudi R Sastry. Goals and Challenges of the DARPA GloMo Program. IEEE Personal Communications, Volume 3, Issue 6, Dec. 1996 Page(s):34-43.
[10] http://www.ieee802.org/11/.
[11] http://www.cartalk2000.net.
[12] http://www.fleetnet.de.
[13] http://www.terminodes.org.
[14] Zhou L. and Z. Haas. Securing Ad Hoc Networks. IEEE Network Magazine, Vol. 13, Issue 6, Page(s):24-30, 1999.
[15] D. Djenouri, L. Khelladi, and N. Badache. A Survey of Security Issues in Mobile Ad Hoc and Sensor Networks. IEEE Commun. Surveys & Tutorials, vol. 7, no. 4, 4th Quarter 2005.
[16] 易平,蒋嶷川,张世永,钟亦平.移动Ad Hoc网络安全综述.电子学报,2005,33(5):893—899.
[17] 王海涛,郑少仁.移动Ad Hoc网络中的安全问题.中国数据通信,2002,4(8):65-68.
[18] 周海刚,肖军模.Ad Hoc网络安全模型的研究.解放军理工大学学报,2002,3(3):5-8.
[19] Panlong Yang, Shaoren Zheng. Security Management in Hierarchical Ad Hoc Network. 2001 International Conferences on Info-tech and Info-net. NEW YORK: IEEE, 2001. 642-649.
[20] 王海涛,王晓明.Ad Hoc网络的安全问题综述.计算机安全,2004,7:26-30.
[21] Ballardie, A. Scalable Multicast Key Distribution. http://www.ietf.org/rfc/rfc1949.txt, June 1996.
[22] Harney H, Muckenhirn C. Group key management protocol (GKMP) specification. http://www.ietf.org/rfc/rfc2093.txt, 1997.
[23] D. Wallner, E. Harder, and R. Agee. Key Management for Multicast: Issues and Architectures. http://www.ietf.org/rfc/rfc2627.txt, June 1999.
[24] K. McCloghrie, D. Farinacci, D. Thaler. Internet Group Management Protocol MIB. http://www.ietf.org/rfc/rfc2933.txt, October 2000.
[25] T. Hardjono, B. Weis. The Multicast Group Security Architecture. http://www.ietf.org/rfc/rfc3740.txt, Nov. 2003.
[26] Baugher M, Canetti R, Dondeti L, et al. Multicast Security (MSEC) Group Key Management. http://www.ietf.org/rfc/rfc2933.txt,2004.
[27] 徐明伟,董晓虎,徐恪.组播密钥管理的研究进展.软件学报,Vo1.15,No.1,141-150,2004.
[28] ANNE MARIE HEGLAND, ELIWINJUM, STIG E MJφLSNES, CHUNMING RONG, φIVIND KURE, AND P(A)L SPILLING. A survey of key management in ad hoc networks. IEEE Communications Surveys & Tutorials, Volume 8, Issue 3,3rd Qtr. 2006 Page(s):48-66.
[29] K. Fokine. Key Management in Ad Hoc Networks. Master Thesis, LiTH-ISY-EX-3322-2002, Lindkopings tekniska hogskola, 2002.
[30] S. Rafaeli and D. Hutchison. A Survey of Key Management for Secure Group Communication. ACM Computing Surveys, vol. 35, no. 3, Sep. 2003, pp. 309-329.
[31] J.v.d. Merwe, D. Dawoud, and S. McDonald. A Survey on Peer-to-Peer Key Management for Military Type Mobile Ad Hoe Networks. The Military Information and Commun. Symp. Of South Africa-MICSSA, 2005.
[32] W. Diffie and M. E. Hellman. New Directions in Cryptography. IEEE Trans. Info. Theory, vol. IT-22, no. 6, Nov. 1976, pp.644-654.
[33] Steiner M., Tsudik G., Waidner M., Diffie-Hellman. Key Distribution Extended to Groups. 3rd ACM Conference on Computer & Commun. Security, ACM Press, 1996.31-37.
[34] I. Ingemarsson, D. Tang, and C. Wong. A Conference Key Distribution System. IEEE Trans. Info. Theory, vol. 28, no. 5, Sept. 1982, pp. 714-720.
[35] M. Burmester, and Y. Desmedt. A Secure and Efficient Conference Key Distribution System. Proc. EUROCRYPT'94, 1994, pp. 275-286.
[36] K. Becker and U. Wille. Communication Complexity of Group Key Distribution. Proc. 5th ACM Conf. Comp. and Commun. Security, 1998, pp. 1-6.
[37] N. Asokan and E Ginzboorg. Key Agreement in Ad Hoc Networks. Computer Commun, vol. 23, no. 17, Nov. 2000, pp.1627-37.
[38] M. Steiner, G. Tsudik, and M. Waidner. CLIQUES: A New Approach to Group Key Agreement. Proc. ICDCS'98, 1998.
[39] M. Steiner, G. Tsudik, and M. Waidner. Key Agreement in Dynamic Peer Groups.IEEE Trans. Parallel and Distributed Syst., vol. 11, no. 8, Aug. 2000, pp. 769-80.
[40] Wong C K, Gouda M G, Lam S S. Secure Group Communications Using Key Graphs. Proceedings of the IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Society Press, 2000, 215-228.
[41] Canetti R, Caray J, Itkis G, Micciancio D, Naorr M, Pinkas B. Multicast security: A taxonomy and some efficient constructions. In: Proc. of the INFOCOM'99. New York, 1999. 708-716.
[42] Balenson D, McGrew D, Sherman A. Key management for large dynamic groups: One-Way function trees and amortized initialization. IETF Internet Draft (work in progress), 2000.
[43] D.A. McGrew and A.T. Sherman. Key Establishment in Large Dynamic Groups Using One-Way Function Trees. Technical Report No.0755, TIS Labs at Network Associates, Inc., Glenwood, MD May 1998.
[44] 陈璟,杨波,田春岐.基于单向函数树的多播密钥管理方案安全性分析.西安电子科技大学学报,Vo1.31,pp959-962,2004.
[45] 赵志国,杨波.一种多播密钥管理方案.电子科技,Vo1.6,pp7-10,2004.
[46] 祝烈煌,曹元大.基于huffman单向函数树的组播密钥更新协议.北京理工大学学报,Vo1.24,pp524-527,2004.6
[47] 许勇,陈恺.安全多播中基于成员行为的LKH方法,软件学报,Vo1.16,No.4 601-608,2005.
[48] 朱文涛,熊继平,李津生,洪佩琳.安全组播密钥管理的层次结构研究.电子与信息学报,Vo1.26(1)7-13,2004.
[49] Haibin Lu. A novel high-order tree for secure multicast key management. IEEE TRANSACTIONS ON COMPUTERS, VOL.54, NO.2 214-224, 2005.
[50] Rodeh O, Birman K, Dolev D. Optimized group rekey for group communication systems. Technical Report, Hebrew University, 1999.
[51] Yang L, Li XS, Zhang XB, Lam SS. Reliable group rekeying: A performance analysis. In: ACM SIGCOMM 2001. San Diego, 2001.27-31.
[52] Lee PPC, Lui JCS, Yau DKY. Distributed collaborative key agreement protocols for dynamic peer groups. In Proc. of the ICNP2002. 2002.53-62.
[53] Ozkan M. Erdem. EDKM: Efficient Distributed Key Management for Mobile Ad Hoc Networks. Proc. ISCC 2004. Vo1.1, 2004 Page(s):325-330.
[54] Yan Sun, Wade Trappe, and K. J. Ray Liu. A scalable multicast key management scheme for heterogeneous wireless networks. IEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 12, NO.4, pp653-666, AUGUST 2004.
[55] Anindo Mukherjiee, Meetu Gupta, Hongmei Deng and Dharma P. Agrawal. Level-Based Key Establishment for Multicast Communication in Mobile Ad Hoc Networks. In Proceedings of IEEE PIMRC, September 2004. Barcelona, Spain. 2871-2875.
[56] Seung Yi, Robin Kravets. Composite Key Management for Ad Hoc Networks. In proceedings of the First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services (MobiQuitous'04), 22-26 Aug. 2004 Page(s):52-61.
[57] Isabella Chang, Robert Engel, Dilip Kandlur, Dimitrios Pendarakis, and Debanjan Saha. Key management for secure Internet multicast using Boolean function minimization techniques. IEEE INFOCOM 1999, p. 689-698.
[58] Zhang, C., DeCleene, B., Kurose, J., Towsley, D. Comparison of Inter area Rekeying Algorithms for Secure Wireless Group Communications. Performance Evaluation, 2002, 49(1-4):1-20.
[59] Andre BOUMSO, Boucif AMAR BENSABER, Ismail BISKRI, GAKAP, Multicast Key Agreement Protocol for Ad Hoc Networks Based On Group Activity Probability. Proceedings of the 29th Annual IEEE International Conference on Local Computer Networks (LCN'04), 16-18 Nov. 2004 Page(s):700-704.
[60] Sencun Zhu, Sanjeev Setia, Shouhuai Xu, Sushil Jajodia. GKMPAN: An Efficient Group Rekeying Scheme for Secure Multicast in Ad-Hoc Networks. In proceedings of the First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services (MobiQuitous'04), 22-26 Aug. 2004 Page(s):42-51.
[61] Ravi K Balachandran, Byrav Ramamurthy, Xukai Zou and N.V.Vinodchandran. CRTDH: an effective key agreement scheme for secure group communications in wireless ad hoc networks. In the Proceedings of the 40th annual IEEE International Conference on. Communications 2005 (ICC 05), Vol: 2, pages 1123-1127, 2005.
[62] Wen Tao Zhu. Optimizing the Tree Structure in Secure Multicast Key Management, IEEE COMMUNICATIONS LETTERS, VOL. 9, NO. 5, MAY 2005, pp477-479.
[63] Jen-Chiun Lin, Feipei Lai, Hung-Chang Lee. Efficient group key management protocol with one-way key derivation. Proceedings of the IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05), 15-17 Nov. 2005 Page(s):336-343.
[64] Yingjie Wang, Jianhua Li, Ling Tie, Hongwen Zhu. An Efficient Method of Group Rekeying for Multicast Communication. IEEE 6th CAS Symp. On Emerging Technologies: Mobile and Wireless Comm.Shanghai, China, May 31-June 2, 2004, Volume 1, Page(s):202-207.
[65] Jen-Chiun Lin, Chien-Hua Tzeng, Feipei Lai, Hung-Chang Lee, Optimizing Centralized Secure Group Communications with Binary Key Tree Recomposition. In Proceedings of the 18th International Conference on Advanced Information Networking and Application (AINA'04), 2004.
[66] Y. Kim, A. Perrig, and G. Tsudik. Communication-efficient group key agreement. In Proc. of the 17th International Information Security Conference, IFIP SEC'01, 2001.
[67] A.Perrig. Efficient Collaborative Key Management Protocols for Secure Autonomous Group Communication. In International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC '99), 1999, pages 192-202.
[68] YONGDAE KIM. Tree-Based Group Key Agreement. ACM Transactions on Information and System Security, Vol. 7, No. 1, February 2004, Pages 60-96.
[69] M. Manulis. Contributory Group Key Agreement Protocols, Revisited for Mobile Ad-hoc Groups. In Proceedings of MASS 2005, WSNS 2005. IEEE Computer Society, 2005.
[70] SUVO Mittra. Iolus: A Framework for Scalable Secure Multicasting. Proceedings of ACM SZGCOMM '97, Cannes, France, 1997.
[71] Juan Hernandez-Serrano, Josep Pegueroles, Miguel Soriano. GKM over large MANET. IEEE: Proc. of SNPD/SAWN'05, 23-25 May 2005 Page(s):484-490.
[72] Banerjee S, Bhattacharjee B. Scalable secure group communication over IP multicast. JSAC Special Issue on Network Support for Group Communication, 2002, 20(8): 156-163.
[73] Jiejun Kong, Yeng-zhong Lee, Mario Gerla. Distributed multicast group security architecture for mobile ad hoc networks. IEEE Wireless Communications and Networking Conference (WCNC 2006), Vol. 2, 3-6 April 2006 Page(s):640-645.
[74] Ing-Ray Chen, Jin-Hee Cho, Ding-Chau Wang. Performance Characteristics of Region-Based Group Key Management in Mobile Ad Hoc Networks. IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing. Volume 1, 5-7 June 2006 Page(s):411-419.
[75] Xiang Yang Li, Yu Wang, Ophir Frieder. Efficient hybrid key agreement protocol for wireless ad hoc networks. Proceedings. Eleventh International Conference on Computer Communications and Networks, 14-16 Oct. 2002 Page(s):404-409.
[76] Jiang Zhang, Jian-Guang Luo, Bin Li, Shi-Qiang Yang. SIKAS: A Scalable Distributed Key Management Scheme for Dynamic Collaborative Groups. IEEE International Conference on Multimedia and Expo, July 2006 Page(s): 1205-1208.
[77] A. Shamir. How to Share a Secret. Communication of the ACM, Vol.22, No. 11, pp612-613, 1979.
[78] 况晓辉,胡华平,卢锡城.移动自组网络组密钥管理框架.计算机研究与发展,Vo1.41,No.4,704-709,Apr.2004.
[79] 况晓辉,朱培栋,卢锡城.移动自组网络分布式组密钥更新算法.软件学报,Vo1.15,No.5,757-766,2004.
[80] Anindo Mukherjee, Anurag Gupta, Dharma R Agrawal. Totally Distributed Key Management for Dynamic Groups in MANETs. In Proc. of IPCCC 2005, p185-192.
[81] A.M. Eskicioglu and M. R. Eskicioglu. Multicast Security Using Key Graphs and Secret Sharing. Proceedings of the Joint International Conference on Wireless LANs and Home Networks and Networking, Atlanta, GA, August 26-29, 2002, pp. 228-241.
[82] A.M. Eskicioglu, S. Dexter, and E. J. Delp. Protection of multicast scalable video by secret sharing: simulation results. Proceedings of SPIE Security and Watermarking of Multimedia Content V, Vol. 5020, pp. 505-515, Santa Clara, CA, January 21-24, 2003.
[83] Scott Dexter, Roman Belostotskiy, Ahmet M. Eskicioglu. Multi-layer multicast key management with threshold cryptography. Proceedings of the SPIE Security, Steganography, and Watermarking of Multimedia Contents VI Conference, Vol. 5306, San Jose, CA, January 19-22, 2004.
[84] LIU Xin-xing, YANG Ming, WANG Xiao-kang. Key management for secure muhicast communication using secret sharing-based revocation scheme. IEEE International Symposium on Communications and Information Technologies 2005. Beijing, China, 2005: 1262-1266.
[85] S. Jacobs. S. Corson. MANET Authentication Architecture. http://www.ietf.org/ietf/1id-abstracts.txt,Draft-jacobs-imep-auth-arch-01.txt, 1999.
[86] Adrian Perrig, Ran Canetti, J.D.Tygar, Dawn Song. Efficient Authentication and Signing Of Multicast Streams over Lossy Channels. In Proc. of IEEE Symposium On Security And Privacy, 14-17 May 2000 Page(s):56-73.
[87] Perrig A, Szewczyk R, Wen V, et al. SPINS: Security protocols for sensor networks,Wireless Networks, 2002, 8 (8):521-534.
[88] Phillip G. Bradford, Olga V. Gavrylyako. Foundations of Security for Hash Chains in Ad Hoc Networks. Proceedings. 23rd International Conference on Distributed Computing Systems Workshops, 19-22 May 2003 Page(s):743-748.
[89] Sencun Zhu, Shouhuai Xu, Sanjeev Setia, Sushil Jajodia. LHAP: A Lightweight Hop-By-Hop Authentication Protocol for Ad-Hoc Networks. Proceedings of the 23rd International Conference on Distributed Computing Systems Workshops (ICDCSW'03), 19-22 May 2003 Page(s):749-755.
[90] Bin Lu, Udo W. Pooch. A Lightweight Authentication Protocol for Mobile Ad Hoc Networks. Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05), 4-6 April 2005, Volume 2, Page(s):546-551.
[91] L. Zhou, F. B. Schneider, and R. van Renesse. COCA: a secure distributed on-line certification authority. ACMTrans. Computer Syst. Vol.20, No.4, pp. 329-368, Nov. 2002.
[92] S.Capkun, L.Buttyan, J.-P.Hubaux. Self-organized public-key management for mobile ad hoc networks. IEEE Transactions on Mobile Computing, Volume 2, Issue l,Jan.-March 2003 Page(s):52-64.
[93] S.Yi, R.Kravets. MOCA: Mobile certificate authority for wireless ad hoc networks. In Proc of the 2nd Annual PKI research workshop(PKI03), Apr.2003
[94] H Luo, S Lu. Ubiquitous and robust authentication services for ad hoc wireless networks. Technical Report, UCLA Computer Science Department, 2000.
[95] Zheng Yan. Security in Ad Hoc Networks. http://citeseer.nj.nec.com/536945.html.
[96] Jie jun Kong, Haiyun Luo, et al. Adaptive security for multilevel ad hoc networks. WIRELESS COMMUNICATIONS AND MOBILE COMPUTING. Wirel Commom Mob Comput, 2002, 2(5):533-547.
[97] Bing Wu, Jie Wu, Eduardo B.Fernandez. Secure and Efficient Key Management in Mobile Ad Hoc Networks. In proceedings of the 19th IEEE IPDPS'05.
[98] Y. Dong, H. W. Go, A. F. Sui, Victor O. K. Li, Lucas C. K. Hui, S. M. Yiu. Providing Distributed Certificate Authority Service in Moblie Ad Hoc Networks[C]. IEEE SecureComm 2005. Page(s): 149 -156.
[99] Pirzada A A, McDonald C. Kerberos Assisted Authentication in Mobile Ad-hoc Networks.Castro EV Ed.The 27th conference on Australasian Computer Science.New Zealand, Dunedin: 2004, 26:41-46.
[100] Stajano F, Anderson R. The resurrecting duckling: security issues for Ad hoc wireless networks. In: Christianson, B, Crispo B, Roe M, Eds. The 7th IntL Workshop on Security Protocols, LNCS 1796, Springer-Verlag, 1999.172-194.
[101] 林闯,封富君,李俊山.新型网络环境下的访问控制技术.April 2007,Vol.18,No.4, pp.955-966.
[102] H.Luo and Jiejun Kong, Petros Zerfos. URSA: Ubiquitous and robust access control for mobile ad hoc networks. IEEE/ACM Transactions on Networking, 2004. 12(6): 1049-1063.
[103] Hao Yang, Xiaoqiao Meng, Songwu Lu, Self-organized network-layer security in mobile ad hoc networks, IEEE Journal on Selected Areas in Communications, vol.24, No.2, 2006: 261-273.
[104] Dayou Qian, Chi Zhou, Jinsong Zhang. Cooperation Enforcement in Ad Hoc Networks with Penalty. IEEE International Conference on Mobile Ad hoc and Sensor Systems Conference, 2005. 7-10 Nov. 2005.
[105] Vikram Srinivasan, Pavan Nuggehalli, Chiasserini C.F., Rao R.R. Cooperation in Wireless Ad Hoc Networks. INFOCOM 2003. Twenty-Second Annual Joint Conferences of the IEEE Computer and Communications Societies. IEEE Volume 2, 30 March-3 April 2003 Page(s):808-817.
[106] Kaya T, Lin G, Noubir G, Yilmaz A. Secure Multicast Groups on Ad Hoc Networks. In proc. of the 2003 ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN '03), George W. Johnson Center at George Mason University, Fairfax, VA, USA, 2003.
[107] Nitesh Saxena, Gene Tsudik, Jeong Hyun Yi. Access Control in Ad Hoc Groups. IEEE International Workshop on Hot Topics in Peer-to-Peer Systems (HOT-P2P), Volendam, Nederlands, Oct. 2004, pp.2-7.
[108] Mohit Choudhary, Prashant Sharma, Dheeraj Sanghi. Secure Multicast Model For Ad-Hoc Military Networks. Proceedings of 12th IEEE International Conference on Networks (ICON 2004), Volume 2, 16-19 Nov. 2004 Page(s):683-688.
[109] 林闯,汪洋,李泉林.网络安全的随机模型方法与评价技术.计算机学报,Dec.2005,Vo1.28,No.12,PP.1943-1956.
[110] 肖道举,杨素娟,周开锋,陈晓苏.网络安全评估模型研究.华中科技大学学报(自然科学版),Vo1.30,No.4,pp.37-39.
[111] Dongyan Chen, Sachin Garg, Kishor S. Trivedi. Network Survivability Performance Evaluation: A Quantitative Approach with Applications in Wireless Ad hoc Networks. Proceedings of the International Workshop on Modeling, Analysis and Simulation of Wireless and Mobile Systems.2002.61-68.
[112] Xueping Li, Dengfeng Yang, A Quantitative Survivability Evaluation Model for Wireless Sensor Networks. Proceedings of the 2006 IEEE International Conference on Networking, Sensing and Control (ICNSC '06), 23-25 April 2006 Page(s):727-732.
[113] 陈菲,宋志高,陈克非.无线传感器网络中对密钥管理评估指标研究.计算机仿真.Vo1.22.No.5.DO.137-140.
[114] Ning Hongzhou. Ad Hoc Network Security Measurement and Evaluation. IEEE, Proc. of ICEMI 2005, 2005.
[115] Bo Zhu, Guilin Wang, Zhiguo Wan, Mohan S. Kankanhalli, Feng Bao, Robert H. Deng. Providing Efficient Certification Services against Active Attacks in Ad Hoc Networks. Proc. IEEE International Performance Computing and Communications Conference (IPCCC 2005), Phoenix, April 2005, pp.285-292.
[116] P. Feldman. A practical scheme for non-interactive verifiable secret sharing. Proceedings of the 28th IEEE Symposium on the Foundations of Computer Science, 1987, pp. 427-437.
[117] Y. Frankel, P. Gemmell, P. MacKenzie, and M. Yung. Proactive RSA. In Advances in Cryptology - Crypto '97, LNCS 1294, 1997, pp. 440-454.
[118] M. Kaaniche, E. Alata, V. Nicomette, Y. Deswarte, M. Dacier. Empirical analysis and statistical modeling of attack processes based on honeypots. WEEDS 2006 Workshop on empirical evaluation of dependability and security, June 25-28, 2006, Philadelphia, USA.
[119] E. Alata, M. Dacier, Y. Deswarte, M. Kaaniche, K.Kortchinsky, V.Nicomette, V.H. Pham, F. Pouget. Collection and analysis of attack data based on honeypots deployed on the Internet. QOP 2005, 1st Workshop on Quality of Protection, September 15, 2005, Milan, Italy.
[120] E. Alata, M. Dacier, Y. Deswarte, M. Kaaniche, K.Kortchinsky, V.Nicomette, V.H. Pham, F. Pouget. CADHo: Collection and Analysis of Data from Honeypots. Proceedings of 5th European Dependable. Computing Conference, April 2005.
[121] Jonsson E., Olovsson T. A quantitative model of the security intrusion process based on attacker behavior. IEEE Transactions on Software Engineering, 1997, 23(4):235-245.
[122] Baker D, Ephremides A. The Architectural Organization of a Mobile Radio Network via a Distributed Algorithm. Communications, IEEE Transactions on [legacy, pre-1988] Volume 29, Issue 11, Nov 1981 Page(s): 1694-1701.
[123] Lin C R, Gerla M. A distributed architecture for multimedia in dynamic wireless networks. Global Telecommunications Conference, 1995. GLOBECOM '95, IEEE Volume 2, 13-17 Nov, 1995 Page(s):1468-1472, Digital Object Identifier 10.1109/GLOCOM. 1995, 502646, 1468-1472.
[124] Gerla M, Tsai J T C. Multicluster, Mobile, Multimedia Radio Network. Wireless Networks, 1995, 1(3): 255-265.
[125] S Basagni. Distributed Clustering for Ad Hoc Networks. International Symposiun on Parallel Architectures, Algorithms and Networks, June 1999. 310-315.
[126] Amis A D, Prakash R. Load-balancing clusters in wireless ad hoc networks. Application-Specific Systems and Software Engineering Technology, 2000 Proceedings 3rd IEEE Symposium on 24-25 March 2000 Page(s):25-32.
[127] Daniel Lihui Gu, Guangyu Pei, Henry Ly, et al. Hierarchical Routing for Multi-Layer Ad-Hoc Wireless Networks with UAVs. In Proceedings of IEEE Milcom 2000. Los Angeles, USA, 2000(10).
[128] M.Bechler, H -J. Hof, et al. A Cluster-Based Security Architecture for Ad Hoc Networks. INFOCOM 2004. Page(s):2393 - 2403 vol.4.
[129] Giovanni Di Crescenzo, Renwei Ge, Mariusz Fecko, and Gonzalo R. Arce. Securing weakly-dominating virtual backbones in mobile ad hoc networks. Proceedings of the 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM 2006), June 2006 Page(s):5 pp. 26-29.
[130] Wu Ya-feng, Xu Yin-long, Chen Guo-liang, Wang Kun. On the construction of virtual multicast backbone for wireless ad hoc networks. 2004 IEEE International Conference on Mobile Ad-hoc and Sensor Systems, 25-27 Oct. 2004 Page(s):294-303.
[131] Maria Striki, John Baras. Efficient Scalable Key Agreement Protocols for Secure Multicast Communication in MANETs. Technical Report, CSHCN TR 2002-28, 2002.
[132] Crepeau Claude, Carlton R Davis. A Certificate Revocation Scheme for Wireless Ad Hoc Networks. 1st ACM Workshop on Security of Ad Hoc and Security of Ad Hoc and Sensor Networks. New York: Association for Computing Machinery, 2003. 54-61.
[133] Carlton R Davis. A Localized Trust Management Scheme for Ad Hoc Networks. 3rd International Conference on Networking-ICN'04. 2004. 671-675.
[134] Stanistaw Jarecki, Nitesh Saxena, and Jeong Hyun Yi. An Attack on the Proactive RSA Signature Scheme in the URSA Ad Hoc Network Access Control Protocol. In ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN), pages 1-9, October 2004.
[135] D F Ferraiolo, D R Kuhn. Role-based access control. In Proc. of 15th National Computer Security Conference. October, 1992. 554-563.
[136] Nyanchama M, Osbom S L. Information flow analysis in role-based security system. Journal of Computing and Information, 1994, 1(1) : 1368-1384.
[137] Ravi Sandhu, Edward J. Coyne, Hal L. Feinstein, Chall E. Youman. Role-based access control models. IEEE Computer, February 1996, 29(2): 38-47.
[138] Ferraiolo DF, Sandhu R, Guirila S, Kuhn DR, Chandramouli R. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security, 2001, 4(3):224-274.
[139] Mounir Kellil, Imed Romdhanl, Hong-Yon Lach. Multicast receiver and sender access control and its applicability to mobile IP environments: a survey. IEEE Comm. Surveys & Tutorials 7(2), pp. 46-70, 2005.
[140] Qiong Zhang, Yuke Wang. A Centralized Key Management Scheme for Hierarchical Access Control. Proc. IEEE GLOBECOM 2004, pp.2067-2071, 2004.
[141] Yogesh Karandikar, Xukai Zou and Yuanshun Dai. Secure Group Communication Based Scheme for Differential Access Control in Dynamic Environments. Proceedings of the 2005 11th International Conference on Parallel and Distributed Systems (ICPADS'05), 2005:448-452.
[142] Li-Xin, Zhang-Peng, Ye-Chengqing. GAC/GKM: A Group Access Control Architecture for Secure Multicast. International Conference on Communications, Circuits and Systems. New York: IEEE, 2005, Vo1.1:502-507.
[143] Di Ma, Robert H. Deng, Yongdong Wu, and Yieyan Li. Dynamic Access Control for Multi-privileged Group Communications. J. L'opez, S. Qing, and E. Okamoto (Eds.): ICICS 2004, LNCS 3269, pp. 508-519, 2004.
[144] 李斓,冯登国,徐震.RBAC与MAC在多级关系数据库中的综合模型.电子学报,Vo1.32,No.10,pp.1635-1639,Oct.2004.
[145] Edward RC. Kao, An Introduction to Stochastic Process. China Machine Press, Beijing, 2003.7, pp. 48-55.
[146] 柳金甫,李学伟.应用随机过程.北京:中国铁道出版社,2000.
[147] Ns-2 (The Network Simulator). http://www.isi.edu/nsnam/ns/.
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |