A Cluster-Based Security Architecture - M. Bechler

—Abstract—

Secure communication is very important in computer
networks and authentication is one of the most eminent
preconditions. However, common authentication schemes are not
applicable in ad hoc networks because public key infrastructures
with a centralized certification authority are hard to deploy
there. We propose and evaluate a security concept based on a
distributed certification facility. A network is divided into clusters
with one special head node each. These cluster head nodes execute
administrative functions and hold shares of a network key used
for certification. New nodes start to participate in the network
as guests; they can only become full members with a networksigned
certificate after their authenticity has been warranted by
some other members. The feasibility of this concept was verified
by simulation. Three different models for node mobility were
used in order to include realistic scenarios as well as make the
results comparable to other work. The simulation results include
an evaluation of the log-on times, availability, and communication
overhead.