Requirements and architectures for Intrinsically Assurable Mobile Ad hoc Networks

An intrinsically assurable mobile ad hoc network (IAMANET) will directly support the integrity, availability, reliability, confidentiality, and safety of MANET communications and data. In contrast, the dominant Internet paradigm is intrinsically insecure. For example, the Internet does not deny unauthorized traffic by default and therefore violates the principle of least privilege. In addition, there are no provisions for non-repudiation or accountability and therefore adversaries can probe for vulnerabilities with impunity because the likelihood of attributing bad behavior to a particular adversary is limited. Finally (although not exhaustively) existing protocols are not robust to Byzantine failures and malicious behavior, leaving entire Internet-based systems vulnerable. This paper expands on these high-level requirements and threat models. It then presents an early view of two high-level architectures for an IAMANET, PIANO and Zodiac.