IJCSI International Journal of Computer Science Issues, Vol. 7, Issue 3, No 10, May 2010ISSN (Online): 1694-0784ISSN (Print): 1694-0814
group member computes and broadcast: X
. Consider the security mechanismin from the system architecture view. It depictsthe five layer security architecture for MANET’sas: Layer 5 SL
, End to End security layer. Layer 4 SL
Network Security Layer. Layer 3 SL
,Routing security Layer. Layer 2 SL
,Communication security layer. Layer 1 SL
, TrustInfrastructure Layer.  has implemented keymanagement service and described the use of RSA key generation technique to create athreshold certificate authority. The creation of thisscalable key management solution does not relyon prior infrastructure for its inception. Public keyInfrastructure (PKI) is the most scalable form of key management. Several different PKItechniques exist: , , and . Aura  proposes the use of a group oriented Public keyinfrastructure for large group formation. Theleader of the group acts as a certificate authority(CA), which issues group membershipcertificates. Zhou  suggests the use of threshold cryptography to create a distributedthreshold certificate authority.
3. Proposed Work
A dynamically adjustable multi-tier hierarchy isused which enhances the scalability of themanagement system by expanding or shrinking of number of tiers in hierarchy depending on thenetwork conditions. The basic idea is to form theclusters and implement the threshold scheme (K,i) for the management of cryptographic keys,which are used for the security of the data whilemovement.
are ideally suitedto the applications in which a group of mutuallysuspicious individuals or must say here the nodeswith conflicting interests cooperate. Differenttypes of agents are used and detailed according totheir property to do specific jobs.
are the agents who are to behave intelligently. This
isresponsible for enforcing the policies of the policydomain. The policy agent of an atomic policydomain is referred to as
Local Policy Agent(LPA).
The policy agent of top level policydomain is referred to as
Global Policy Agent(GPA).
Intermediate Policy agents are called
Domain Policy Agents (DPA).
The GPA, DPA and LPA of all the networks havethe same basic structure and consist of same code base. They have similar functionality but differentscope. Different agents can be installed within theGPA, DPA’s or LPA’s to enable differentfunctionality.
is the entityresponsible for enforcing policies. It monitorsevents and evaluates conditions to decide whichagent should be instructed to perform itsmanagement action. They can receive events published by other system components via anevent bus. Each agent implements a
that enables the policy enforcer tocommunicate with agents.
isused to receive policy updates from the remotenode and to send these updates to the LPA's on itsnode.The network considered is not very highlyvolatile.
3.2 Working of System
Ideally it is considered that the cooperation is based on mutual consent, but practically the veto power this mechanism gives to each member or each node can paralyze the activities of thecluster. By properly choosing the
parameters we can give sufficiently large majorityof authority to take some action while giving anysufficiently large minority the power to block it.The proposed new structure of each node isshown below. This includes the nodeidentification number (n), current location of thenode (X
) which is calculated with the GPSwhich is on each and every node. It also helps in predicting the direction on movement of the node.Cluster Head Identification number (CH) is usedto specify the cluster leader and different number of clusters in one network. The threshold schemeconsidered is the dynamic threshold scheme because let’s say threshold minimum number of votes is say
then proactive secret sharing doesn’thelp as resultant size of the group is less than t i.e.
(n-t) <= t
so in such a case it is necessary toreduce
. Similar condition is if larger member of the group leaves. Similar condition arises when atgroup inception time first few members join. Insuch special cases the group needs some specialadmission rules. In dynamic threshold theminimum number of votes is a fraction of thenumber of current group member. As it isdecentralized Scheme one network (N) is dividedin different clusters, which carries the informationof all the members present in the cluster and whena member node becomes mobile it informs thecluster head (CH) about its migration and ontraveling to a new region boundary it will send