| Security in Mobile Ad-Hoc Network (MANET) is getting a lot of attention due to its inherent vulnerability to a wide spectrum of attacks. Threats exist in every layer of MANET stack, and different solutions have been adapted for each security problem. Additionally, availability is an important criterion in most MANET solutions, but many security frameworks did not consider it. Public-Key Infrastructure (PKI) is no exception, and its deployment in MANET needs major design and implementation modifications that can fit constraints unique to this environment. Our focus in this dissertation is to adapt and increase the availability of Certificate Authority (CA) services, as a major PKI entity, in MANET.; Several attempts have been proposed to deal with the problem of deploying CA in MANET to provide a generic public-key framework, but each either ends up sacrificing system security or availability. Here, the main goal of our work is to provide a solution that addresses performance and security issues of providing MANET-based PKI. Particularly, we would like to maintain the availability of the services provided by CA while keeping the network's packet overhead as low as possible.; In this dissertation, we present a MANET-based framework suitable for exchanging public-key certificates by collaborative caching between MANET clients. We show that our system can meet the challenges of providing robust and secure CA services in MANET. Augmented by simulation results, we demonstrate quantitatively the feasibility of our work as we were able to reduce network overhead associated with threshold based CA queries up to 92% as compared to related work in addition to having a very short response time. The dependency on CA servers has been reduced, and the system was able to tolerate as much as two-third inoperative CA servers without noticeable decrease in the service performance. |
