Information Technology Reference
In-Depth Information
role. DEAPspace targets at one hop ad hoc network
(Nidd, 2001). Nodes take turns to broadcast their
service information together with the information
about other services that they have learned from
the broadcast messages. To disseminate service
advertisements beyond a simple hop and to re-
duce the overhead of flooding the networks, a
mechanism, called Service*, selectively chooses
some neighbors as brokers to forward the service
information (Nedos, Singh, & Clarke, 2005). If a
backbone is established in a wireless sensor net-
work or an ad hoc network, service information
and requests may be distributed and forwarded
to the backbone nodes. Thus, the service infor-
mation is accessible to all nodes and a node can
search the whole network for services(Kozat &
Tassiulas, 2004). In cluster based networks, nodes
that form clusters may exchange their service
information within a cluster as in Allia (Ratsimor,
Chakraborty, Joshi, & Finin, 2002)and let cluster
heads store and forward service information as
in Service Ring (Klein, Konig-Ries, & Obreiter,
2003). Cluster heads (known as Service Access
Points in Service Ring,) further form other level
of hierarchy to exchange information among the
cluster heads.
Integration into routing protocols.
Service
discovery protocols may be tightly integrated
with routing protocols. Instead of sending service
discovery messages separately, the messages
may be embedded into routing protocols such as
DSR or AODV (Garcia-Macias & Torres, 2005;
Varshavsky, Reid, & Lara, 2005). Simulations
results have shown that integrated service dis-
covery protocols always outperform application
layer service discovery protocols in ad hoc net-
works (Varshavsky, et al., 2005). It is especially
beneficial when it is necessary to rediscover or
reselect services.
integrity, non-repudiation, availability, and user
privacy for service discovery protocols. Although
there is much research related to service discov-
ery, a few protocols have security and privacy
functionalities.
User Authentication and Service Authoriza-
tion.
Protecting services from unauthorized use is
essential. For example, one does not want a home
theater service to be accessible by anyone. The
problem is that it is difficult for each service even
in home environments to maintain its users and an
access control list (Ellison, 2002). Authentication
and authorization in home environments may as
complex as enterprise environments. As users
interact with many different service providers
in various environments, they may have many
credentials to interact with the service providers.
Authentication becomes more tedious and less
usable. PrudentExposure encodes all credential
information of a user into a network packet and
discovers the appropriate credential information
for authentication and authorization purposes
(Zhu, Mutka, & Ni, 2006). The credential informa-
tion exchanged between a client and a service is
in a code word format, such that only legitimate
service providers recognize the code words. The
approach is limited to the case the users and
service providers know each other and share
secrets. Splendor project targets public environ-
ments, where users and service providers may
not be familiar with each other (Zhu, Mutka, &
Ni, 2003). Users/clients, services, and directories
exchange their public key certificates to verify
their identities. Authentication is less feasible in
ad hoc environments unless other methods such
as side channels are used for clients and services
to verify each other (Zhu, Mutka, & Ni, 2005). It
is even worse for some devices with very limited
processing and communication capability to do
authentication and authorization.
Confidentiality and Integrity.
Confidentiality
and integrity in service discovery are primarily
communication security. Communication between
service discovery components needs to be safe.
Security and Privacy
We discuss security in the following aspects: user
authentication, authorization, confidentiality,
Search WWH ::
Custom Search