R ESEARCH B ACKGROUND AND M OTIVATION

Throughout the past decades, wireless communication network has become more popular than wired communication network. It is easier to deploy wireless communication network than conventional wired networks. They provide seamless connectivity within the coverage area. According to network attachment methods, there are two types of wireless networks: infrastructure-based and infrastructure-less wireless networks. In infrastructure-based networks, the mobile nodes rely on access points to attach the Internet. Typically examples of infrastructure-based networks are WLAN, GSM, and UMTS, etc. In infrastructure-less networks, the mobile nodes are capable of organizing themselves, by discovering their neighbors and communicating over the wireless medium. In other words, nodes in such networks, they communicate with their destination nodes by the help of their neighbors through store and forward technique. In recent years, infrastructure-less ad hoc networking technologies such as Wireless Ad-Hoc Networks (WANs) and Bluetooth have received critical attention in both academic and industry. In WANs, wireless mobile nodes are collected and each of these can be considered as an individual portable devices. The network topology in WANs changes frequently due to arbitrary movement of mobile nodes and is without any centralized administration or fixed infrastructure. Each node communicates directly with the nodes within its wireless range. However, the nodes need to collaborate together to deliver their information between nodes that are beyond the wireless range of the source. In WANs, nodes are more vulnerable to attacks because of their lack of a fixed infrastructure over the wireless environment. Any mobile node within the radio range of another node can always listen to what is being broadcasted, thus violating the privacy of the broadcasting node. Consequently, security is an important issue in WANs. Confidentiality, authentication, integrity, non-repudiation and access control are considered as the main services of a security system. Providing security support for WANs is a challenge because of: (1) wireless networks are susceptible to attacks ranging from passive eavesdropping to active interfering; (2)

mobile users demand anywhere and anytime services; (3) a scalable solution is a must for a large-scalable mobile network. To provide a secure communication environment for mobile users and applications over WANs is our goal.

This dissertation considers a scenario of designing some security schemes and mechanisms for digital rights management (DRM) system, electronic book as an example in this dissertation, in cluster-based WANs. This scenario provides a pure mobile commerce environment for participants. Traditionally, there are four roles in the publication system: authors, publishers, distributers, and consumers. An author or editor is responsible for writing articles and essays. A publisher is responsible for revising authors‟ manuscripts and adding some plates and contacting with distributers to discuss how to set up a distribution channel to sell these published books. A distributer is responsible for selling the books from publishers. And, a consumer could buy the books he/she wanted from a brick-and-mortar store. However, with the advent of digital information systems and the Internet, the scope of publishing has expended to include electronic resources, such as the electronic versions of books. They could be sold online. There are three roles to online selling services in this dissertation:

authors, distributers, and consumers. The role of a publisher is substituted by the authors and distributers. Assume there is a virtual team which offers the team work of authors. Each of them concentrates on their own expertise. Then, they integrate their works and deliver the final work to a distributer. The distributer distributes the digital contents to customers using cluster-based WANs. Hence, authors could co-work and focus on their domain knowledge to finish their works under this scenario. For example, a producing procedure of electronic voice book, to finish this work, the members should include: an editor, a drawer, and a recording engineer, etc. Because of their cooperation, the work could be done by themselves without a publisher. For a distributer, the duties of him/her include: to distribute the digital contents to his/her customers, to be a clusterhead and construct cluster-based WANs, to provide a repository to store published and protected e-books, and maintain a web service system. The web service keeps the related works which are not finished and unpublished. These works could be cited by other valid authors.

In this framework, shown in Figure 1, users or clients could request their favorite contents from a content provider, author, and then the content provider delivers the protected contents to users. The content received by client cannot be used without a

legal license because of encryption. When the user pays money and starts a license acquisition protocol with clearinghouse, the role of a distributer, for the content through DRM Agent in the client, the client can get the corresponding license for the content from the clearinghouse, and then the content can be rendered according to the usage rules in the license. A legal license should be confirmed by a consumer. This confirmation could be done by signature scheme. In addition, users in the communication network are legal group members. Members or authors, in the same cluster, could communicate and form a communication group by multicasting protocol. Thus, they could co-work to create an attractive work. Multicasting is an efficient way to deliver data to a large group of users in many applications such as Internet stock quotes, audio and music delivery, file and video distribution, etc. Data confidentiality is one of the most challenging problems in secure multicast. To achieve this goal, a secure multicast scheme must address key management issues, which include efficient organization and distribution of keys with low communication overheads, key storage cost, and scheme complexity. Moreover, in the proposed DRM system, it also supports peer-to-peer communications. Members or authors in the same cluster share their files, video, and audios with each other. For a supervising requirement, the clusterhead, the distributor, should supervise their communications to prevent the members violate some regulations. Furthermore, the proposed DRM system also provides web service for the group members. A legal member, author, who wants to get resources or gain access to the web service should register to the web service and be assigned a corresponding role associated with his/her identity.

Then, he/she could issue a request in any cluster to access resources to the web service in the communications network.

Figure 1. The framework of the proposed dissertation

For these reasons mentioned above, this dissertation focuses on the signature, key management, access control, and supervision security problems in WANs. The design principles of our study are developing some security protocols which support such security problems. Here, the related issues in signature, key management, supervision, and access control areas are described roughly, and more detailed discussions are explored in the further sections.

(1) Signature:

Signature is an important mechanism in any real applications. Digital signature is especially used in electronic-based transactions. The digital signature is analogous to the handwritten signature. The digital signature scheme allows a recipient of data to prove the source and integrity of data and protect against forgery. A group-oriented digital signature scheme is a kind of digital signature scheme. It supports a group of authenticated users to cooperatively sign a message instead of a single user. The same, the verification procedure must be done by the verifier. Such collaborative and group-oriented applications and protocols are useful in WANs.

In this work, the scenario of signature issues in DRM systems deployed in WANs is discussed. In DRM systems, digital licensing controls the contents to be accessed by the consumers. One of the major issues raised by DRM systems concerns the integrity of this license. Digital signatures provide data integrity, non-repudiation, and authentication. Therefore, digital signature is an important security mechanism for license-based DRM systems. Because of the properties of WANs, nodes may leave the network with high possibility than wired or infrastructure-based networks. In such case, a digital content provider may not sign the digital license in time. The consumer could not verify the validity of the protected digital contents and play digital contents on his/her platform. In this work, a group-oriented nominative proxy signature scheme is proposed. In such way, the content provider delegates his/her signing ability to the partial members of the proxy group having n members and to designates the partial members of the verifier group having l members to verify his/her digital licenses signed by a group of proxy signers. Therefore, (t, n) proxy signers sign the specific license on behalf of the original signer and (w, l) verifiers verify the validity of this proxy signature.

(2) Key management:

Securing group communications in resource constrained, infrastructure-less environments such as WANs has become one of the most challenging research directions in the area of wireless network security. This dissertation focuses on providing security from the perspective of enabling and protecting communication data among nodes, so that the appropriate data reaches the intended recipients and only these recipients have access right to read it. An important issue of providing such secure group communications in WANs is group key management. The group key shared by all group members is suitable for multicast communications. This key is used to encrypt communication data. Thus, only the group members could decrypt the encrypted data. Therefore, the group key must be protected from taking by non-group members. In addition, there are two important key factors while trying to design an efficient key management protocol, they are: the number of keys each node should keep and the number of rekeying operations should be done. Because of the nature topologies of WANs, nodes may join or leave the group frequently. Key management is an important security issue. In general, the key management protocol supports three kinds of rekeying operations: join, leave, and periodic rekeying operations.

In this work, a group key management protocol is proposed in WANs. It is based on the centralized key management frameworks. A key management protocol is designed such that batch rekeying operations are supported in cluster-based WANs.

Therefore, the group key for encrypting multicast data is protected.

(3) Supervision:

Supervision is one of the security considerations. The term supervision is used to imply somewhat indirect degree of control over security operations. In supervising mechanism, a supervisor supervises the communications among nodes whose security level is lower than him/her. The concept of the supervising idea is especially important for government networks.

In this work, the supervising problem in Peer-to-Peer applications in cluster-based WANs is considered. A two-key agreement based supervising mechanism is proposed.

The mechanism supports any two nodes within the same cluster communicate with each other and no other nodes overhear their communications other than the clusterhead of their domain and the global clusterhead. The proposed mechanism is designed for cluster-based applications in P2P.

(4) Access control:

Access control is the ability to limit and control the access to systems and applications via communications networks. It is a variety of mechanisms that enforce access rights to resources. A role-based access control model (RBAC) [43] is a kind of access control. In RBAC, roles are defined based on job functions, permissions are associated with roles, and users are made members of appropriate roles, thereby acquiring the roles‟ permissions. This indirect association between users and permissions greatly simplifies the management of user‟s permissions. There are many access control models which are designed based on the concept of RBAC model, such as Spatially Aware RBAC model [4][26][23], etc.

In this work, a scenario of access control for web services in WANs is discussed.

In this scenario, the idea of reputation management is introduced into the access control model. In other words, each user‟s access ability is determined by both the initial assigned role and its reputation information. This access control mechanism is called flexible access control. Flexible access control is designed to enable access control while a requester asks for services from the web server. Flexible access

control is a combination of requester‟s role, location, requester‟s reputation, and the trust degree of the routing path. This mechanism is especially applicable to web services in WANs. Because users in WANs may roam randomly, they may suffer from some security attacks. The physical place where they stay may be insecure.

Therefore, the user‟s access right has to be changed to prevent the possible attacks.

Finally, this dissertation describes the roles of each member in this communications network. They will be shown while constructing security schemes and mechanisms for a DRM system which supports digital content provision, group communication, peer-to-peer file sharing, and web service in cluster-based WANs.

The roles of a global clusterhead and a clusterhead will be characterized in this session.

(1) The roles of a clusterhead:

 It is a domain broker and a key server. To be a domain broker, it has to manage the network of this cluster. To be a key server, it has to manage all kinds of keys for its domain users.

 It is a cleaninghosue and one of the proxy signers. To be a cleaninghouse, it has to sign a message for any content provider.

 A group of clusterheads should cooperatively sign a digital license on behalf of the content provider.

(2) The roles of a global clusterhead:

 There is a unique global clusterhead in cluster-based WANs.

 In addition, being one of the clusterheads, it has to manage the whole network.

(3) The roles of a group member in a cluster

 It could be a content provider or a consumer.

 It could join or leave a cluster freely.

 Peer members in the same cluster have to cooperatively generate their common session key for file sharing.

 A group of members purchase the goods from a content provider and they should cooperatively verify a signed digital license.