Authentication and services access control in a cooperative ad hoc environment

Userspsila authentication and authorization to services access are two important challenges standing against the deployment of ad hoc networks by networks operators. In this paper we consider ad hoc networks real deployment scenarios, in which advanced services are provided to users (ex, multimedia services, audio-visual services, remote control services), and nodes cooperate allowing services provision to each others in a multi-hop fashion. We propose a novel solution allowing, the mutual authentication of each user with respect to the network operator/service provider, the authentication of each ad hoc node with respect to its neighbors, and the authorization of each user to access the required services (according to the user profile, some services can be offered to him and others could not be). We employ a Kerberos authentication model, extending it to the ad hoc network environment, where the Kerberos server is managed by the network operator/service provider and plays a role of a trusted third party (besides its classical role) for ad hoc nodes. The principle of using tickets (distributed credentials) in Kerberos allows for enforcing the cooperation between nodes and controlling the services access in a distributed manner. A security analysis of the proposed solution shows its efficiency and resistance against a number of attacks. Some issues are also highlighted on the possible business models for ad hoc networks deployment.