Abstract

Mobile ad-hoc networks support interactions and collaborations among autonomous devices by enabling users to share resources and provide services to each other, whether collaborations are for business or leisure purposes. It is therefore important to ensure that interactions are subject to authentication and access control in order to restrict access to only those resources and services that the user intends to share. Existing access control models that are based on membership certificates incur redundant verifications and therefore require significant computation. They are inefficient because devices have to repeatedly verify the requestor’s certificates and check the authorisation policies for each service access request received. In this paper, we present an efficient access control model that combines a membership list with the role-based access control (RBAC) model. Each ad-hoc network has a coordinator that is responsible for maintaining the membership and broadcasting a signed membership list to all participants at regular intervals. The model authorises a service request if the requestor is listed in the membership list and its assigned role is authorised to perform the requested actions. Through experiments, we have observed the efficiency gains obtained through use of this model.