FR2919137A1 - Data exchanging method for ad-hoc network, involves assuring authentication, authorization and accounting service to consumer node by active node e.g. portable telephone, of ad hoc network - Google Patents

Abstract

The method involves assuring authentication, authorization and accounting service to a consumer node by an active node i.e. ad hoc node, such as computer terminal e.g. portable telephone, of an ad hoc network (2). Service network or applicative network and or authentication, authorization and accounting network is ensured by the active node, where the active node includes hardware and/or software architecture approved and validated by an authorized entity. A service addressed to a new ad-hoc node is ensured by the ad-hoc node. An independent claim is also included for a hardware component to permit a terminal to constitute an active node within ad-hoc network, comprising an operator module.

Description

The present invention relates to ad hoc computer networks. We

  designates, by ad hoc network, a wireless computer network without any operator-type network infrastructure. It comprises a plurality of nodes communicating with each other without the intervention of an access point. An ad hoc node can communicate directly with neighboring nodes that are in range. In the case of a node out of reach, it can communicate indirectly through intermediate ad hoc nodes that only route / relay the traffic to the destination ad hoc node. This type of network, unlike the infrastructure type network, is self-organized and can support the mobility of the nodes that could join or leave the ad hoc network spontaneously. One of the wireless technologies implemented by today's ad hoc networks is Wi-Fi technology, which complies with the IEEE 802.11 standard. Other types of wireless technologies like WiMAX, or Bluetooth ... can also be used to build an ad hoc network. Ad hoc networks known by their self-organized nature suffer from a lack of security. Due to the lack of access keys and trusted third parties in an ad hoc network, the concept of trust is relatively difficult to implement. A trusted third party is a network entity capable of establishing trust relationships between the nodes of the network. A first example of a trusted third party is the Authentication, Authorization, Accounting (AAA) server whose role is to authenticate nodes, to allow them to access network resources and to account for their consumption. Another example is an organization authorized to implement electronic signatures based on public key infrastructure architectures also called PKI (Public Key Infrastructure). In infrastructure networks having a plurality of nodes communicating with each other through access points, the architecture is secured through AAA servers. AAA servers are the servers that manage node authentication (A--), their network access permissions (-A-), and the accounting (--A) for the use of network resources. AAA servers are, for example, RADIUS servers that implement the IETF-defined RADIUS protocol in RFC 2865, TACACS servers developed and deployed by Cisco, and IETF-defined Diameter servers to extend the RADIUS solution to customers. roaming users according to roaming agreements. There is currently no knowledge of the plaintiff of the means to establish and maintain a relationship of trust between two ad hoc nodes, which may explain the delay of the ad hoc technology to integrate the value chain. telecommunications networks. The idea of using an AAA server as it exists today in the infrastructure networks is hardly conceivable in the ad hoc network given the distributed, spontaneous and mobile nature of an ad hoc network. In addition, because of the dynamic and self-organizing nature of an ad hoc network, it may happen that the AAA server is no longer reachable by a group of ad hoc nodes that have detached themselves from the initial ad hoc network. In addition, as in the case of the infrastructure network, the centralized character of a server may be unsuitable from the point of view of fault tolerance. The patent application US 2005/022010 discloses an architecture of access to a network through an ad hoc network in the context of an ad hoc communication, where a node of the ad hoc network transmitting or receiving data is debited and where Intermediate actors relaying these data are rewarded for the service rendered. Transactions are centralized by an AAA server outside the ad hoc network. The patent application EP 1 289 197 discloses a global mobile network architecture with service discovery and an ad hoc network usage scenario. EP 1 289 197 does not specify how the security of the environment is carried out by the authentication (A--), authorization (-A-) and accounting (--A) services. Furthermore, neither US 2005/022010 nor EP 1 289 197 discloses how the real-time extension of the access network is performed using the ad hoc technology. The wwrw.fon.com website is known as a router that transforms a personal connection to the Internet into an access point accessible to computer terminals of nomadic users in the vicinity of the FON router. These terminals need to have a WiFi card compatible with the FON access point router. The FON router serves as a relay for the authentication of these mobile users with an operator server. This authentication is done by a weak method based on a password and an identifier, which can pose problems in terms of security. Moreover, the Internet access provider with which the subscription allowing the personal connection to the Internet has been subscribed can not distinguish the flows originating from the subscriber terminal from those originating from a terminal equipped with the compatible WiFi card. the FON router through which the personal connection can be used as an access point. Illicit flows in terms of morals or in terms of industrial property rights can circulate via a subscriber's Internet connection without the latter's knowledge. In addition, a terminal equipped with a WiFi card compatible with the FON router has no way of verifying that it is not in the presence of a fake FON router controlled by a hacker. In addition, FON routers are implemented in infrastructure networks.

  P. LAMSAL's AAA and PKI in ad hoc networks discloses an ad hoc architecture in which the ad hoc nodes have different statuses depending on whether they are newly arrived, accepted in the ad hoc network or as actors in the ad hoc network. acceptance of newcomers. This publication does not disclose which knowledge bases the authentication and authorization services are based on, nor how the accounting service is provided in the ad hoc network. J. ZHANG's Virtual Operator Based AAA in Wireless LAN Hot Spots with Ad-hoc Networking Support discloses an architecture that provides AAA services in any AP using a single account for each known client. by its service provider. This publication suggests, without specifying a protocol, that mobile authentication is done over the IP layer so that the access point can authenticate and authorize the newly arrived ad hoc nodes using a RADIUS server. . The ad hoc network is used to transport flows between the ad hoc nodes and the access point to the Internet. The ad hoc nodes that contributed to the relaying of packages are then rewarded. The counting of the number of packets relayed by each ad hoc node and the number of packets sent by each node is carried out by the access point. The publication Authentication, Authorization and Accounting (AAA) in Hybrid Ad Hoc Hotspot's Environments by H. MOUSTAFA et al. considers the ad hoc network only as a transport network for the flows between the ad hoc node and the Internet.

  It extends the 802.1 li protocol to the multi-hop ad hoc environment and defines a virtual infrastructure for this purpose in which each cluster (or cluster of terminals) elects a primary node responsible for relaying EAP-TLS authentication messages for the outgoing nodes. access router range. These nodes implement the RADIUS proxy feature. This publication does not address the accounting aspects. There is a need to develop security mechanisms to establish trusted relationships between ad hoc nodes and to protect exchanges between trusted nodes. There is still a need to develop security mechanisms to control ad-hoc network access to the ad hoc network and applications through authentication and authorization. There is still a need to develop security mechanisms to account for resources consumed in an ad hoc network and to securely collect the amount of such data. There is also a need to encourage the nodes of an ad hoc network to participate in the development and sustainability of the ad hoc network and to offer new services such as content distribution. The invention aims to meet all or part of these needs. According to one of its aspects, the subject of the invention is a method for exchanging data in an ad hoc network comprising active nodes and consumer nodes, in which at least one active node is an ad hoc node and provides at least one authentication (A--), authorization (-A-) and accounting (--A) service to at least one consumer node or to a new ad hoc node. The invention makes it possible to construct a secure architecture for the use of ad hoc networks as support for user services by borrowing the security means usually present only at the level of the ad hoc network access network and deploying security means at the ad hoc network level. Active node denotes a node providing a service in the ad hoc network for the other nodes. The active nodes may comprise at least one ad hoc node and / or at least one operator node. An ad hoc node is a node of the ad hoc network which is a computer terminal belonging to a user or at the disposal of a user equipped with software and / or hardware modules enabling ad hoc multi-hop connectivity. This computer terminal is for example a computer, a microcomputer, a personal digital assistant, a mobile phone, a vehicle equipped with a communicating interface, an electronic payment means, a satellite positioning device, for example GPS, a sensor active or passive and more generally any electronic device having a component arranged to allow connection to a wireless network.

  A consumer node designates an ad hoc node consuming a service in the ad hoc network. An operator node designates a node managed by at least one operator administering the ad hoc network. The service provided may be of the network and / or application and / or AAA type.

  AAA services means all combinations of the sub-services: A--, -A-, - A. By network service is meant any type of service useful to the operation of the ad hoc network, such as the Virtual Private Network (VPN) service, the ad hoc routing service, the addressing service, the access service to a particular computer network or announcement service. The term "addressing service" designates the service responsible for managing all the addresses of the nodes in the ad hoc network. This service can take the form of an address allocation service in which a server is responsible for assigning temporary or permanent addresses to the new ad hoc nodes.

  By access service to a computer network is meant the service offering an ad hoc node of the network the possibility of accessing a computer network, for example a wide area network (WAN) such as the Internet or a local network such as the Intranet. Access to the Internet may be through an Internet Service Provider connected to the ad hoc network by one or more ad hoc Gateway (s).

  An advertisement service is the service consisting, for an active node, of sending to a new node of the ad hoc network all the services available in the ad hoc network, namely the network, application or AAA services. Such an announcement service can make it possible to inform a new ad hoc node about the services available in the ad hoc network and to help it to decide whether to connect or not. This service can also give the characteristics of the services rendered by this ad hoc network such as the bandwidth available for connection to the computer network or the QoS parameters of this ad hoc network.

  Application service refers to a service hosted by an active node, such as advertising, network games, content distribution, real-time auction, especially in a auction room, cinema with download of trailers, the purchase of seats or obtaining evidence of purchases to enter a theater, an exhibition or a stadium. The invention can still find applications by providing application services such as downloading free or paid musical sequences in the field of video on demand. The application services may also include applications for spontaneous meeting between nodes of the ad hoc network, for example in a bar, or a campus. A passive node designates an ad hoc node consuming a service in the ad hoc network and not providing network, application or AAA services. By new ad hoc node is meant a new ad hoc node connecting to the ad hoc network. An AAA server in the access network provides all three AAA services at a time. In the ad hoc network according to the invention, these services can be delegated totally or in part to certain nodes of the ad hoc network. Such nodes are then AAA service provider active nodes. These active nodes may, for example, provide the A-service (authentication), the service -A- (authorization), and / or the service -A (accounting for data relating to the service consumed). Alternatively, an active node may provide AA- (authentication and authorization) service. By decomposing the AAA services into three authentication (A--), authorization (-A-) and accounting (--A) services partially executed in the ad hoc network, the invention can provide delegation of these services to ad hoc nodes. These ad hoc nodes can move geographically by physically transporting all or part of the AAA services with them, which can increase the coverage of the access network by ad hoc technology while providing the AAA service essential for deployment. billable network services by the operator.

  In addition, delegated AAA services can be guaranteed to the ad hoc nodes of the network when the access network is not reachable and therefore can not provide AAA services directly. The invention, by increasing the probability that a node can, by connecting to an ad-hoc node providing at least one AAA service, benefit from AAA services in the network, makes the exchanges in the ad hoc networks more reliable. . The invention can be particularly useful for applications with trusted third parties through an ad hoc network by providing AAA services. The invention may for example be implemented in ad hoc networks 10 located in restaurants, public transport such as trains, buses or even station or airport halls. The active nodes may comprise approved nodes, which may be ad hoc nodes and / or operator nodes. The authorized nodes may comprise terminals whose hardware and / or software architecture may have been previously approved and validated by an authorized entity, which may be the equipment manufacturer or the subscription operator to whom the terminal owner has subscribes. This approval can be embodied by a hardware architecture and / or secure software for executing on the user's terminal operations related to the operator. Such an approved node may constitute an active node of the network and not a simple passive node consuming the resources of the network as is the case in infrastructure networks. This preliminary approval step can make it possible to verify the hardware and / or software architecture of a terminal on other criteria than on the good faith of the user of the terminal. A previously approved node may, when connected to the network, connect to an online approval server of the ad hoc network to obtain authorization to use its homologation to declare itself an approved active node. The authorized node may transmit to this server the proof of its approval including elements relating to the structure of the computer components of its terminal, the memory capacity available to it, the information relating to the programs available to it, to its computer system. operation, its antivirus system, the type of service it wants to provide in the ad hoc network ... Where appropriate, the online probate server can be arranged to check the information sent by the node, the Antivirus system of the node and the files that the node wishes to use as part of the provision of a service. Verifying the antivirus system, for example, prevents the spread of viruses in the ad hoc network. Verification of files makes it possible, for example, to prevent services in connection with illicit contents in terms of morals or in terms of intellectual property rights being provided by authorized nodes within the ad hoc network. The on-line probate server may be arranged to temporarily and locally grant the right of a node to assert its licensed node properties to render certain services. This authorization may or may not depend on dynamic criteria relating to the composition of the ad hoc network. Such criteria are for example the number of registered nodes already providing a given service, the number of ad hoc nodes in the ad hoc network and a predefined ratio between the number of service nodes of this service and the number of nodes in the network. At the end of this online approval operation, the online approval server may be arranged to transmit parameters to the node authorized to assert its status of registered node; these parameters may be in the form of an identifier, an address, or any means allowing the other nodes to identify it as an authorized node authorized to assert its status as a registered node. The on-line probate server may issue for the registered node a local and temporary certificate proving that the probate server has authorized that node to use its registered node status for the provision of certain services only or for the providing all the services available in the network. At least one operator node may not be registered. All ad hoc nodes in the ad hoc network can be trusted nodes.

  A packet associated with a new node having an initial address in the network can only be transmitted if it is related to the authentication procedure of this new node. The initial address is the address in the network of a new node of the ad hoc network before the new node has been authenticated. This initial address can be a temporary address or a definitive address in the ad hoc network. A packet associated with a node denotes a packet whose address of the sender or the address of the addressee is that of the node.

  In the case of an addressing service requiring the intervention of one or more ad hoc nodes, at least one active node, in particular an ad hoc node, can provide an addressing service for at least one new ad hoc node. At least one active node, being an authorized operator node or ad hoc node, can provide at least one authentication service (A--) of a new ad hoc node having an initial address. Node A - denotes such an active node. An A-- node may also provide authorization (-A-) and accounting (--A) services in which case it is designated AAA node. Prior to the authentication operation, a node A-- may, when connecting a new ad hoc node, check whether this node satisfies at least one predefined condition, for example by checking the antivirus system and the size of the terminal's mass memory of the new node. For this, he can collaborate with the online probate server and require the new node to present the certificate provided by the online probate server. The invention can thus make it possible to select the new nodes, to avoid access to the ad hoc network of nodes introducing viruses and to optimize exchanges in the network by preventing nodes from slowing down the exchanges. The node A-- can communicate with an AAA server of an access network connected to the ad hoc network, notably an Internet access network, to authenticate the new ad hoc node when it arrives in the network, and for then re-authenticate it. This communication is for example carried out via the ad hoc gateway / infrastructure, also called Adln. The AAA server of the access network connected to the ad hoc network can communicate with the AAA server of the network managed by the operator with whom a new ad hoc node has subscribed to perform the authentication of the new ad hoc node. successful authentication, a new ad hoc node provided with a temporary address can receive a definitive address in the network provided by an active node, including a registered node ad hoc, ensuring the addressing service, the latter may be the same active node that served as A-- node.

  The node A-- can address according to a predefined period and / or in response to a predefined action of an already authenticated ad hoc node, a re-authentication request to this ad hoc node. The value of the period may be greater or less depending on the level of confidence sought by the user and / or the operator.

  The predefined action is for example the displacement of the active node and / or the consumer node in the ad hoc network. Reauthentication can be used to guard against the identity theft of an authenticated node and can facilitate the accounting service for data relating to the service consumed by the consumer node.

  In the case of an ad hoc node that did not properly leave the ad hoc network, for example as a result of a failure of its equipment, reauthentication may allow for example to see the departure of this node ad and to close its session in the ad hoc network. At least one active node can provide at least one authorization service (-A-) 20 for the consumption of a service by a consumer node. A node -A- denotes such an active node, being an authorized operator node or ad-hoc node, controlling whether a consumer node can access services available in the ad hoc network or in an infrastructure network accessible by this ad hoc network. . An -A- node may also provide the authentication and accounting services. An -A- node may allow the routing of packets associated with an ad hoc node only if that node is previously authenticated and authorized by the AAA server in which the subscription level of the ad hoc node is registered to the network or if packets associated with the ad hoc node are related to the authentication procedure of a new ad hoc node in the ad hoc network. Where appropriate, an -A- node may provide the addressing service which may take the form of an address allocation service.

  At least one active node can provide at least one accounting service (--A) for data relating to the consumption of a service by a consumer ad hoc node. By node --A is designated such an active node, being an authorized operator node or ad hoc node, providing the service of accounting data relating to the consumption of a service by a consumer node. This --A node can also provide authentication and authorization services. The invention may allow the billing of AAA services rendered in the ad hoc network.

  The invention can enable the billing of network services such as the addressing service, the routing of packets, etc. and application services such as the distribution of contents. The node - A can account for the data relating to consuming at least one network service provided to a consumer node.

  The data counted by the node --A may include the volume of the routed packets associated with the consumer node and / or the duration of the connection of the consumer node to the ad hoc network and / or the access network. The consumer node can perform its own accounting of data relating to the service it has consumed and transmit them to the node --A.

  The --A node can transmit the counted data to a billing server. This billing server is for example an AAA server of the network managed by the operator with whom the ad hoc node has subscribed. This data can be transmitted indirectly through an AAA proxy of the ad hoc network. Proxy AAA is a device that relays AAA messages to an AAA server. The billing server may compare the consumed service data counted by the --A node with that counted by the consumer node when the invoice is established. At least one active node may be an approved ad hoc node and be rewarded by the billing server as a result of service provided by that ad hoc node in the ad hoc network. This reward can be a bank transfer, free access or discounted rates to paid services from the network, access to reserved services, granting more bandwidth in the case of a connection to a network access, an advertisement to the other nodes of the ad hoc network to encourage them to consume the service provided by the active node via the announcement service for example. At least one account associated with a consumer node may be debited by the billing server as a result of the billing of a service consumed by this consumer node. The billing server may charge the provided network service to a consumer node at actual consumption when the counted data includes the volume of the routed packets associated with the consumer node and / or the connection duration associated with that consumer node. Alternatively or in combination with the foregoing, a network service consumed by a consumer node may be prepaid to the billing server by the consumer node according to a single activation prepayment system or a multiple activation prepayment system.

  One-time prepayment is a prepayment system in which once the consumption of a service has started, the consumer node can not suspend this service and has until the expiration of the validity period of its identifier. Multi-activation prepayment means a prepayment system in which at any time the consumer node can suspend the consumption of a service and reactivate it later, each packet sent by the consumer node containing the proof of its authorization to be issued. In another variant, a consumer node of a network service can also provide a network and / or application service. The billing server can then set up a fair exchange system, by incrementing a counter associated with this active node according to the service provided, by decreasing it according to the service consumed, and by rewarding or debiting an account associated with the node. active following the counter balance. The node --A may count the consumption data of at least one application service provided to a consumer node.

  The data counted by the node --A may include the type of application service provided and / or the duration during which the application service is provided to the consumer node. The node --A can transmit the data relating to the consumption of the application service by a consumer node to at least one billing server, being for example an accounting server for ad hoc application (CAAH) arranged to directly debit an account associated with the consumer node that has benefited from the application service. The CAAH server can belong to the ad hoc network or the access network. The CAAH server can be arranged to carry out the billing operations, either directly, for example by banking transactions, or indirectly through the AAA proxy of the ad hoc network. In the latter case, the CAAH server can be coupled to the AAA proxy of the ad hoc network, which performs the accounting operations for the application services, as it does for the network service. An advantage may be for customers to see the withdrawals or credits managed by their underwriting operators.

  The billing server may charge the application service provided to a consumer node at actual consumption when the counted data includes the type of application service provided and / or the duration during which the application service is provided to the consumer node. Alternatively, an application service consumed by a consumer node may be prepaid to the billing server by the consumer node according to a single activation time prepayment system, a multi-activated duration prepayment system, a prepayment system. a single service or a prepayment system for a multiple service. Prepayment to the one-time duration is defined as the prepayment system according to which, once the consumption of a service has started, the consumer node can not suspend the service and has until the expiry of its validity period. ID. Prepayment to the multi-activation duration is the prepayment system in which, at any time, the consumer node can suspend the consumption of an application service and reactivate it later. Prepayment of a single service is the prepayment system in which, once the consumption of an application service has started, the consumer node can no longer benefit from other application services without performing a new prepayment operation. Multi-service prepayment means the prepayment system according to which the consumer node can benefit from a fixed number of application services without performing a new prepayment operation. In another variant, the billing of a consumed application service may involve the equitable exchange system previously mentioned. In another variant, the same service provided to a consumer node may be billed differently depending on the billing system chosen by the consumer node. The ad service can be free and advertise both network and application services. The counted data may be addressed by the A-node to the billing server according to a predefined period and / or as a result of a predefined action of the consumer node and / or the active node providing the service in the ad hoc network. This counted data may for example be addressed by the node --A to the billing server as a result of a movement of the active node providing the service and / or a displacement of the consumer node. Network services, application services, and AAA services may be provided exclusively by the approved ad hoc nodes or by the operator nodes. The service consumed by a consumer node may involve several intermediate nodes, including several intermediate accredited ad hoc nodes, and the service may be charged to the consumer node regardless of the number of intermediate nodes routing the packets related to the service consumed. Alternatively, the service may be charged to the consumer node depending on the quality of service or the number of intermediate nodes routing packets related to the service consumed. The ad hoc network may be connected to an access network and the access network may charge the authentication (A--), authorization (-A-) and accounting (--A) services that 'he rocks.

  Another subject of the invention, according to another of its aspects, is a method of providing at least one service in an ad hoc network by a computer terminal of a user, this terminal being able to constitute an authorized node and comprising a component computer with a secure module that only an authorized third party can access. A module is defined as a programming structure or an execution environment in a computer component or a hardware component. By authorized third party is designated the operator managing the ad hoc network, the content provider deciding to remotely manage his own content hosted on the terminal comprising the computer component, or any person or system authorized by the latter to perform the management of the module. of the terminal. A content provider is a company offering different types of electronic content such as photo, video, or audio content on a computer network that are accessible for free or for a fee via the computer network. By accessing the module, it is necessary to understand any operation to initialize, modify or consult the information contained within this module. It can be information about the implementation code of one or more applications run by the module or information stored in a memory of this module. The invention further relates, in another aspect, to a method of billing at least one service provided by an active node to a consumer node in an ad hoc network, in which an account associated with the active node is credited. and wherein an account associated with the consumer node is debited based on service information, which information is at least partially collected by an ad hoc node. The service may be at least one of an authentication (A--), authorization (-A-) and accounting (--A) service, an application service and / or an authentication service. network service. Another aspect of the invention is, according to another of its aspects, a computer component intended to enable a terminal to constitute an active node within an ad hoc network to provide at least one authorization service (-A- ) and / or data accounting (--A) and / or a network service, the computer component comprising: - an operator module arranged to be accessible only to an authorized third party and to provide at least a partial AAA service a user module arranged to be accessible only to the user of the terminal and not accessible remotely, in particular by the other ad hoc nodes, and an ad hoc module, arranged to carry out the routing of the packets on the ad hoc network. The terminal may also be arranged to provide an application service and the component may comprise a provider module arranged to be accessible only to an authorized third party such as a content provider and / or the user, according to the policy of security. The different modules can be compartmentalized, compartmentalization can be provided by hardware independence, for example through separate processors or separate media, or by logical independence through different partitions. The invention further relates, in another of its aspects, to a computer component intended to enable a terminal to constitute an active node within an ad hoc network to provide authentication services (A--), authorization (-A-) and accounting (--A) and / or network services and / or application services in the ad hoc network, the computer component comprising: - first computing means arranged to allow the active node to satisfy the specific IT needs of the user of the terminal and to cover his communication needs on the ad hoc network and, second computing means arranged to enable the active node to provide services to other nodes ad hoc network services -A-, --A, and / or network and / or applications. For the user's own computer needs, for example, the messaging service, the Internet browsing service, or any application useful to the user for private or professional use. These private network services may include the means useful for remote connection of this node to a private network such as VPN software.

  The first and second computing means may each comprise a processor, a microprocessor, a memory, a component to be introduced into an electronic device arranged to connect to a wireless network, for example an electronic card, a device to be connected to a terminal computer science...

  The first and second means can belong to the same electronic device, being separated at the software or hardware level. As a variant, the first and second computer means may constitute separate components. The first computer means may comprise only the user module 10 defined above. The second computer means may comprise the ad hoc modules operator and provider defined above. The first and second computing means may have a physical link layer in common, or have their own physical link layer. The component can be integrated with one of the electronic devices arranged to connect to a wireless network, for example by means of a WiFi card, previously mentioned. The invention will be better understood on reading the description which will follow, non-limiting examples of implementation thereof, and in view of the accompanying drawing, in which: - Figure 1 shows schematically an example of a computer architecture comprising an ad hoc network in which is implemented the method according to the invention, an access network and a network managed by a parent subscription operator, - Figure 2 shows an example of a component of a passive ad hoc node; FIGS. 3 to 5 and 7 show various examples of computer components of approved active ad hoc nodes; FIG. 6 shows an example of an approved node device with two corresponding wireless network interfaces; to the computer components shown in FIGS. 5 and 7, FIG. 8 schematically represents an example of a method of authenticating a new node joining an ad hoc network selo n the invention, - Figures 9 and 10 illustrate examples of provision and accounting of network services to one or more ad hoc nodes, - Figure 11 schematically shows an example of billing an application service consumed by a ad hoc node according to the invention, and - Figure 12 shows an example of supply and billing an application service to an ad hoc node. FIG. 1 schematically represents a computer architecture 1 comprising a wireless network, in particular WiFi, ad hoc 2 according to the invention. The ad hoc network 2 communicates with an access network 3 and with a network 6 managed by a parent subscription operator (OMS) to which at least one node of the ad hoc network 2 has subscribed. A contract can be concluded between the access network 3 and the ad hoc network 2 which can be considered as a special subscriber of the access network 3, the access network providing, for example, the access service to the Internet and than its own AAA services. The ad hoc network 2 may, where appropriate, benefit from the AAA services provided by the access network 3, in addition to the AAA services distributed in the ad hoc network 2. Moreover, a roaming agreement allowing the subscribers of the network 6 to use the access network 3 may for example have been concluded.

  In the example described, the access network 3 is an Internet access network managed by an Internet access provider but it is not beyond the scope of the present invention when the access network 3 is a network. local, like an intranet network set up within a company. The access network 3 is in the example described an infrastructure mode network and comprises an AAA server 30 providing the authentication services A--, authorization -A- and accounting --A in the network. access 3. The access network 3 also includes a billing server 31 which will be described later. The access network 3 may be a wired network and have a plurality of access points 33 for connection to the access network 3 from the ad hoc network 2. It is not beyond the scope of the present invention when the network access 3 is a wireless network, including WiFi.

  The access network 3 can control access to its network by the AAA server 30 which is for example a RADIUS server, a TACACS server or a Diameter server. The access network 3 may also comprise, as will be specified below and as illustrated in FIG. 8, an AAA proxy 34 by means of which the ad hoc network 2 may for example communicate with the network 6 managed by the parent operator of subscription. The network 6 comprises an AAAH server 60 providing the AAA functions in the network 6 (OMS) and a billing server 59 which will be described later. The AAAH server 60 is arranged to authenticate a node wishing to connect to the ad hoc network 2 and to define its access authorization level services. The AAAH server 60 comprises, for example, information relating to the identity of the node, its administrative coordinates such as its main address, bank details, etc. The ad hoc network 2 may be managed by an ad hoc operator or may be managed by a user. infrastructure operator extending its access network with ad hoc technology. The ad hoc network 2 comprises a plurality of nodes 20 constituted by terminals selected for example from computers, microcomputers, PDAs, mobile phones, vehicles equipped with a communicating interface, electronic payment means, satellite positioning apparatus, for example GPS, an active or passive sensor or more generally any electronic device comprising a component arranged to allow connection to a wireless network, for example a WiFi card. The ad hoc network 2 may comprise active nodes and passive nodes. Among the active nodes, one distinguishes the operator nodes 20a managed by one of the aforementioned 25 operators and the ad hoc nodes 20b approved. The operator nodes 20a are active nodes and provide in the example described network services and possibly application services. Among these operator nodes 20a, so-called gateway nodes 20a 'are fixed or reduced mobility nodes disposed in the ad hoc network 2 so as to be able to connect to the access points 33 of the network. 3. Each terminal serving gateway node is in the described example limited to a terminal constituting an operator node 20a.

  The gateway nodes 20a 'can perform ad hoc routing in the network 2 and IP routing in the Internet access network 3 and can constitute a functional bridge between the ad hoc network 2 and the access network 3. These nodes 20a 'can ensure the routing of all the traffic between the access network 3 and a node of the ad hoc network 2.

  The gateway nodes 20a 'may implement the AAA proxy function or the AAAF server. An AAAF server is an active node controlling the access of a new node to the ad hoc network 2 not registered at home. For example, the gateway nodes share a security association with the AAA server 30, this association enabling them to authenticate and secure their exchanges with the access network 3. The path between gateway nodes 20a 'and access network 3 may be momentarily lost, but may be valid most of the time. It is not beyond the scope of the present invention when at least one gateway node 20a 'also provides one or more network or application services.

  The network represented in FIG. 1 also comprises other active nodes, the authorized ad hoc nodes 20b which are ad hoc nodes having agreed to participate in the operation of the ad hoc network. This collaboration is reflected, for example, in the provision of network services and / or application services. These ad hoc nodes 20b are paid by the billing server 59 or by the billing server 31.

  This remuneration is done for example by crediting an account associated with an ad hoc node 20b approved, by a bank transfer, by granting more bandwidth in case of connection to the Internet or by free access or preferential rates to billed services. The billing server 31 participates, for example, in the transaction if the authorized ad hoc node 20b is registered with the access network and its account is credited. Approved 20b ad hoc nodes can provide various AAA partial services such as AA- services, --A services, AA services, -A- services or full AAA services. Thus AA-node is designated an active node, operator and / or ad hoc approved, providing the authentication and authorization services of an ad hoc node and possibly the service of accounting for data relating to a service consumed by the node in which case it is AAA node. A node -AA designates an active node, operator and / or ad hoc homologated, ensuring the authorization services of the ad hoc nodes to consume one or more services available in the network and the service of accounting data relating to this (s). ) service (s) consumed. Trusted ad hoc nodes and operator nodes providing only one network service may be referred to as AA- nodes because they must relay only packets carrying AAA messages and authenticated and authorized packets using the security elements provided in the protocol. identifier of the ad hoc node receiving and / or sending the packets. Approved 20b ad hoc nodes providing an application service also provide an authorization and accounting service since they authorize or not an ad hoc node to access their application service and account for the data relating to the consumption of this service. The delegation of AAA services by the operator to the operating nodes 20a or ad hoc nodes ad hoc 20b of the ad hoc network may require protection of AAA services within these nodes 20a or 20b. It may be desirable that any system or network intrusion or attack of a node providing at least one of the network services and in particular the AAA services can not affect the service provided, which may require that the nodes operators 20a and the approved nodes 20b consist of terminals comprising specific computer components whose hardware and / or software architecture is validated by a certification server 20d which will be described later.

  FIG. 2 shows a first example of a computer component 35 '. The computer component 35 'has a network card 44 comprising a user module 36 and an ad hoc module 39. The user module 36 is, in the example described, controlled by the owner of the computer terminal, being for example a user. This user module 36 conventionally contains the directory manager system, the files, the programs and is protected from network or system attacks. A computer component comprising a user module 36 can be used to constitute an operator node 20a, the presence of such a user module for the provision of the operator node to users, if any. The ad hoc module 39 may include all the elements necessary for the operation of the ad hoc network 2. These include, for example, routing services, and / or temporary or definitive address allocations, for example the DHCP service. The active programs and the data hosted in this ad hoc module 39 may for example be limited so as to restrict the scope of possible attackers and limit the gain of a successful intrusion.

  A terminal comprising such a component 35 'can thus provide a routing service but has no way of accounting for its consumed resources and is generally not remunerated for services rendered. The active nodes 20a or 20b thus advantageously comprise a computer component 35 shown in FIGS. 3 and 4, comprising a structure divided into several modules partitioned with respect to one another. This structure may comprise a user module 36, a provider module 37, an operator module 38 and an ad hoc module 39. The user 36 and ad hoc modules 39 are for example similar to those described with reference to FIG. 2.

  The provider module 37 can host the content that can be distributed by an ad hoc node provider, providing an application service. These contents are for example under the control of a service provider who sets the access rules, the prices and who performs the updates of the contents. The operator module 38 is in the example described entirely controlled by the operator of the ad hoc network 2 and implements an AAA service at least partially. The exchanges between the operator module 38 and the other modules can be controlled so that no attack of this operator module can be performed, whether by an action on the operating system, on the exchanges between modules. the same node or from the access network 3.

  In the case of FIG. 3, a single network card 42, on which the different modules are plugged, is active and the compartmentalization principle of the aforementioned modules may prove difficult to respect. Indeed, access to the network card could then allow access to sensitive modules such as user modules, operator and provider. In the case of FIG. 4, two network cards 40 and 41 are simultaneously active and make it possible to isolate the operations performed in the user, operator and provider modules of the operations performed in the user module. An active node being made to move, the computer component 35 may also include a not shown module arranged to disable the services offered by this node. This deactivation may make it possible to avoid offering services to ad hoc nodes by active nodes that are no longer able to provide them.

  Regardless of the number of network cards, the operator module 38 may be separated from the rest of the environment, for example in the form of a smart card or a dedicated and highly secure processor. Physical separation between the user module on one side and operator, provider, and ad hoc modules on the other may prevent the user of the terminal from changing the access settings configured by an authorized third party. The different modules may already be present in the computer component 35 during the supply thereof or, under the control of the operator, may be added, completed or replaced, for example in the case of a new version of a software application. 'a module.

  FIGS. 5 and 7 show exemplary computer architecture of active nodes 20a or 20b from the protocol point of view. The computer component 35 may comprise first computer means and second computer means. The component 35 shown in FIG. 5 comprises first and second computer means 27 and 28 which may comprise any processors and useful memories and having a physical link layer 37 in common. The component 35 shown in FIG. 7 comprises first and second computing means 22 and 23 each having a natural link layer 37. The first computing means 22 and 27 may only be used by the user to satisfy his own computing needs. These first computer means may allow the user to connect to the network 2 in order to benefit, for example, from application services or the access service to the computer network 3. None of these first computing means may be made available to the user. other ad hoc nodes, except the link layer 37 when it is common to the first and second computing means.

  The second computer means 23 and 28 may comprise a provider application 24, an operator application 25 and an ad hoc routing service 26. The provider application 24 may be arranged to perform the management of the contents of the terminal, for example updating, the control of access to the service and the accounting of the services consumed. This content maintenance and control can be provided by remote content providers. The operator application 25 can be arranged to allow the management of authentication, authorization and accounting services, network services, advertisement, access to a computer network and application services in the ad hoc network. This operator application 25 can host a AAAF or proxy AAA server. An AAA proxy or AAAF server can be hosted on any 20b node. The ad hoc routing service 26 can be arranged to perform the provision of public network services such as, for example, ad-hoc packet routing, or the allocation of addresses to the new ad hoc nodes, for example by the DHCP protocol. addressing terminals. This ad hoc routing application 26 can also be arranged to allow the presentation of the services by ad hoc nodes 20b 'of the ad hoc network 2 which will be described later. As shown in FIG. 6, the first and second computer means can each be associated with an antenna 50 enabling the non-wired communication with the ad hoc network 2 or with the access network 3. The ad hoc network 2 represented in FIG. FIG. 1 also comprises passive ad hoc nodes 20c which are ad hoc nodes connected to the ad hoc network 2 not participating in the operation of the ad hoc network, providing no function such as routing or allocation of an address to the ad hoc network. new nodes and no application services. These ad hoc passive nodes 20c comprise for example a computer component 35 'as described with reference to FIG. 2, but it is not beyond the scope of the present invention when at least one passive ad hoc node comprises a computer component 35 such that described with reference to FIGS. 3 to 7, the same ad hoc node can be a passive node during a session in an ad hoc network and an active node during another session.

  Such ad hoc nodes 20c are consumer nodes and can access services provided by the active nodes 20a or 20b. A passive ad hoc node 20c can nevertheless ensure the authentication of the packets that it sends. The ad hoc network 2 may also comprise at least one online approval server 20d. During the on-line approval operation of an ad hoc node 20b or operator 20a, the latter can communicate with the on-line approval server 20d in order to exchange information relating to the size of its mass memory, its antivirus system or the content of the files it wishes to use in the context of the provision of a service. The on-line approval server 20d can be arranged to locally and temporarily homologate a node according to dynamic criteria relating to the composition of the ad hoc network. Such criteria are for example the number of registered nodes already providing a given service, the number of ad hoc nodes in the ad hoc network and a predefined ratio between the number of service nodes of this service and the number of nodes in the network. At the end of this online approval operation, the on-line approval server 20d can be arranged to transmit parameters to the authorized node allowing its identification as authorized authorized node, for example an identifier, an address ... can distinguish three types of services provided by the active nodes: - network services including the ad hoc routing of packets in the ad hoc network 2, the access service to the Internet or to an intranet-type local network via the network of access 3, or the announcement service, or the addressing service; - AAA services, and application services.

  Access to each of these services by a consumer node can be controlled by the authentication / authorization services and give rise to billing for the consumer node. The ad hoc passive nodes 20c are for example billed according to the services they consume, the billing being for example carried out via the billing server 59. The addressing service is for example the DHCP service, provided by the module ad hoc 39 of an operator node 20a and / or an ad hoc node 20b approved. The routing service can be provided by all the nodes 20a and 20b. The routing of packets associated with a node may be limited to packets useful for authentication. The other packets can thus be routed only if they are associated with an authenticated node, the ad hoc nodes routing these packets performing a service -A-, by checking whether these packets are authorized or not to be routed. A new ad hoc node not yet authenticated can be assigned a temporary address and only route packets useful for its authentication to the ad hoc network. An authenticated node may be assigned a definitive address that entitles it to issue data packets on the ad hoc network. An ad hoc node providing the routing service checks the source addresses of the packets, and decides whether to route these packets on the model of a mechanism, for example similar to the IEEE 802.lx scheme but at the IP level.

  Internet access services or a local network type for example Intranet can be controlled by gateway nodes 20a 'which provide AAA services and have the role of AAAF server of the ad hoc network or proxy AAA. These nodes 20a 'can filter IP packets. The AAAF servers of the ad hoc network and the proxy AAA can be hosted in the same gateway node 20a 'or in two different gateway nodes. In another variant, one of the AAAF server and the AAA proxy may be hosted in an approved ad hoc node 20b and the other in a gateway node 20a '. AAA services can be made available to ad-hoc nodes and ensure the security of transactions related to the consumption of services in the ad hoc network 2.

  In the case of access to an application service, the AAA services may be billed to the distributor nodes 20b 'in the form of a levy on each transaction made for the benefit of the distributor node. Advertisement services may allow a new ad hoc node to be aware of the aforementioned services available in the ad hoc network, such advertisement being performed by the service announcement mechanism. When a node leaves the ad hoc network, it can announce to the AAAF server of the ad hoc network 2 its departure to end the session. The server AAAF can then be arranged to broadcast in the ad hoc network 2 the information of the departure of an authenticated node 10. The application services may be provided by active nodes 20b 'which will be referred to hereafter as the distributor nodes. In the example described, a distributor node 20b 'is an approved ad hoc node acting as a local distributor of a service provider and comprising a provider module 24 hosting the application service to be provided. It is not beyond the scope of the present invention when at least one distributor node is an operator node. The invention may allow a service provider, such as a music distributor, to make available certain content in the ad-hoc nodes approved for the benefit of the other consumer ad-hoc nodes. These distributor nodes 20b 'can manage the access of the consumer nodes to their application services by implementing the node function -AA. The distributor nodes 20b 'may be nodes -AA (or -A- in case of non-paying service). The ad hoc network 2 according to the invention may be deployed according to various scenarios which will now be described. According to a first example of deployment, the ad hoc network can be used by an ad hoc node as an access provider, for example the Internet. In a first case, the ad hoc network 2 is set up by the operator of the access network 3. This operator can set up gateway nodes 20a 'that are not very mobile and can still access the access network 3. These gateway nodes 20a 'comprise in the example described an ad hoc module 39 arranged to extend the network with new active or passive nodes joining the ad hoc network 2. In this ad hoc network 2, the operator can also deploy nodes providing application services. Such an architecture, comprising two AAAF servers, one in the ad hoc network at a gateway node 20a 'or a node 20b and the other in the access network 3, for example the AAA server 30 , can allow to have a better response time for the ad hoc nodes, to limit the ad hoc exchanges / access network, and to avoid overloading the access network server AAAF 30 with the access control of the access network. ad hoc nodes. In a second case, the ad hoc network 2 can be managed by an operator 10 different from that managing the access network 3. The ad hoc network comprises in this case gateway nodes 20a 'which are advantageously known to the access network. 3 to provide Internet access to new ad hoc roaming nodes. Such an ad hoc network can be implemented in public places such as restaurants, station halls or airport for example. According to a second example of deployment, the ad hoc network 2 can be used as an application service provider. In a first case not shown, the application services are provided by content servers deployed by the operator and whose services are announced to new ad hoc nodes joining the ad hoc network by the announcement service. In a second case, the application services are provided in whole or in part by the distributor nodes 20b 'to the other nodes of the ad hoc network 2. Such active nodes are prior to their arrival in the ad hoc network approved by authorities such as the manufacturer of the terminal or the subscription operator of the user of the terminal constituting the ad hoc node. Upon their arrival in the ad hoc network, these nodes may request authorization to make use of their approval in the ad hoc network from the online probate server 20d. This authorization can be performed under the control of the AAA services and the registered ad hoc node can then register as a distributor node before it can act in the ad hoc network as a distributing node. For example, the distribution nodes appear in the list of services advertised by the announcement service.

  The access of a new ad hoc node to an ad hoc network 2 according to the invention can be carried out according to the method represented in FIG. 8. The step 61 corresponds to the allocation to the node joining the ad hoc network. a temporary address by an active node 20a or 20b located at a jump of the new ad hoc node in the ad hoc network, that is to say by a node to which the new ad hoc node is directly connected in the network without intermediate , this node 20a or 20b comprising a computer component 35 described with reference to FIGS. 3 and 4. During this step, the ad hoc module 39 of the node 20a or 20b detects the arrival of the new ad hoc node connecting to the network and provides a temporary address until the node is authenticated in the network. During this same step, the operator module 38 of a node 20a or 20b also comprising a computer component 35 described with reference to FIGS. 3 and 4 located at a jump of the new node in the network can also evaluate the compatibility of the new node. ad hoc with predefined conditions. These conditions can be the duration of battery life of the new node, the size of the mass memory of the terminal of the new node, the quality of its antivirus system or its operating system. The temporary address provided in step 61 to the ad hoc node can enable it to consult the services available in the ad hoc network and to authenticate itself.

  Step 62 corresponds to the announcement of services to the ad hoc node joining the network. The available services can be advertised through ad hoc active ad hoc nodes providing the ad service to the ad hoc nodes upon their arrival in the ad hoc network 2, or at any time upon request from the node, or periodically.

  The services advertised at this step 62 include Internet access services, application services and AAA services. AAA services, even if they are implicit, are announced to the new node that can solicit them if it decides to connect to the ad hoc network. Step 63 is an authentication step that allows the new ad hoc node to obtain a definitive address enabling it to access network, application or AAA services. In this step 63, the ad hoc node that joined the ad hoc network 2 contacts one of the AAAF servers announced in the list of services at step 62 to authenticate. The temporary address provided in step 61 allows the ad hoc node to communicate with this FAC server. Several exchanges may be necessary between the ad hoc node and the AAAF server to carry out this authentication step. To prevent the ad hoc node from being cheated by a fake ad-hoc network managed by a hacker, the chosen authentication method may require mutual authentication. In the case where the server AAAF is hosted by a gateway node 20a ', the latter can directly contact the AAA proxy 34 of the access network 3. In the case where the server AAAF is hosted by another node 20b, the latter can issue an AAA request to the AAA proxy of the ad hoc network hosted in the access network or in the gateway node 20a ', the latter transmitting it to the proxy AAA 34 of the access network 3. The passage through a gateway node 20a' can make it possible to restrict the exchanges between the ad hoc network 2 and the access network 3 to the exchanges between the gateway nodes 20a 'and the proxy AAA 34 of the access network 3, which can make it possible to limit the number of addresses of the ad hoc network to be known by the AAA proxy 34 to the only addresses of gateway nodes 20a '. The AAA proxy 34 of the access network 3 can then contact the AAAH 60 server of the network managed by the OMS to verify the authenticity of the information provided and to know the level of authorization of the access of this node to the services provided. .

  This authentication relies for example on a protocol of the Challenge / Response type. Challenge / Response is a strong authentication method in which the node desiring to authenticate proves to the node that it is authenticating its knowledge of a secret shared with that authenticator without revealing this secret to the intermediate nodes. In step 64, the ad hoc node is assigned by the AAAF server of the gateway node or the access network in case of successful authentication an identifier comprising a final network address in the network as well as one or more elements. authentication / authorization, for example a certificate, a token or access authorization token to services ... This identifier and the associated elements have for example a limited duration set by the server AAAF according to subscription subscribed by the node with WHO.

  In the example described, two types of authorizations can be distinguished: the network level authorization authorizing the routing of the authenticated packets associated with a node in the ad hoc network 2 by means of the identifier provided during the authentication, application level authorization authorizing an ad hoc node to access an application service provided by a distributor node by means of the identifier provided during the authentication. The authentication / authorization elements included in the identifier may, for example, express different privileges according to the subscription subscribed by the node to the OMS.

  The identifier and the elements received at this step 64 may allow the ad hoc node to ensure the authenticity of its packets to other nodes likely to provide network services, applications or AAA. In a step 65, the authenticated and authorized ad hoc node may choose to be an active node, a consumer node or both.

  If the authenticated node chooses to be an active node, it can contact the on-line probate server 20d to perform the probing procedure already described. The authenticated node can then record the services that its ad hoc modules 39 and, if applicable, provider 37 can provide, such as AAA services, the routing services and / or application services to the active ad hoc node (s). responsible for announcing services in the ad hoc network. During a step 66, an already authenticated ad hoc node may receive a reauthentication request. In order to optimize the accounting service service consumed by a consumer node, the ad hoc network's AAAF server may periodically request an ad hoc node to re-authenticate itself. In the case of an ad hoc node that did not properly leave the ad hoc network 2, for example due to the failure of its equipment, reauthentication can make it possible to be aware of its departure and thus to close the session. ad hoc node that has left the ad hoc network. This re-authentication request can be made according to a predefined period. This period may be small enough to provide a high level of security without generating too much authentication traffic in the network.

  Step 66 may make it possible to guard against identity theft of an authenticated node. The gateway nodes 20a 'and the AAAF server of the ad hoc network, whether or not it is hosted by a gateway node 20a', can synchronize their knowledge bases, which makes it possible, for example, to re-authenticate a node later. in the event of a failure of an AAAF server or a gateway node that has performed the authentication procedure for the node. FIGS. 9 to 12 show exemplary methods of counting and billing services consumed by consumer nodes.

  The nodes --A are in the example described the operator nodes 20a and 20b approved active nodes that can through their operator module 38 provide accounting services. Whatever the service consumed by an ad hoc node, namely the AAA, application or network services in the case of a pay service, accounting data can be transmitted by the node --A to a billing server, either directly from a gateway node in charge of accounting, or via the proxy AAA of the ad hoc network. This billing server is for example the server 59 of the network managed by the OMS or the billing server 31 of the access network 3.

  Unlike a conventional AAA application where only the possibility of debiting an account associated with a consumer node is possible, the invention may make it possible to reward an ad hoc node 20b approved for services rendered, or an operator of a network ad hoc. In the first case, the billed service may be a network service.

  Subsequently, there will be different billing systems depending on whether the billing is done at actual consumption, prepaid, or a fair exchange system is implemented. FIG. 9 shows an example of real billing by the billing server 59 of a network service provided to a new ad hoc node wishing to connect to the Internet from the ad hoc network 2. In the example of In actual billing, the billing server 59 can invoice the node: - the volume of packets routed, each intermediate ad hoc node counting the number of packets associated with the same consumer node which he has managed routing. Each transmitted packet is authenticated, which allows for example the intermediate node to count only the packets from a clearly identified consumer node, or - to the duration, each intermediate ad hoc node counting the duration during which it will perform the routing packets for the same consumer node. Considered in the example described a new ad hoc node that has not subscribed a subscription from the operator managing the access network 3 which is for example an Internet access network. It is also considered in this example an ad hoc node being in the ad hoc network 2 to at least three jumps, that is to say separated by at least three intermediate ad hoc nodes, a gateway node 20a '. The network service is provided to this new ad hoc node by operating nodes 20a and ad hoc nodes 20b authenticated ad hoc network 2 that will ensure the routing of packets transmitted and transmitted to this new node ad hoc, by nodes gateway 20a 'which will serve as access gateway of the ad hoc network 2 to the access network 3, by the ad hoc network's AAAF server 2 which may be a gateway node 20a' or an operator node 20a of any kind, by the server AAAF 34 of the access network 3 and by the AAAH server 60 of the network managed by the parent subscription operator to which the new ad hoc node has subscribed. The access network access procedure 3 through the ad hoc network 2 comprises a first step 90 during which the new ad hoc node establishes a level 2 connectivity in the sense of the OSI model with a first operator node 20a or ad. approved 20b ad hoc network 2.

  In step 91, this node 20a or 20b provides the new ad hoc node with a temporary address. In step 92, the new ad hoc node receives the list of services offered by the ad hoc network 2 via the announcement service and selects the Internet access service. The authentication procedure described with reference to FIG. 8 is performed in step 93. In step 94, the ad network AAA proxy registers a billing request for the AAA services provided in steps 91 to 93 and sends to the access network's AAAF server all of its records linked to the ad hoc node when the node is disconnected in step 97. At step 95, the new ad hoc node that is a consumer node starts to send and receive packets to the Internet. The intermediate nodes 20a and 20b count the relayed packets or the connection time of the ad hoc node to the Internet, each packet being authenticated by the new ad hoc node. Whether at the volume or the duration, the operator module 38 of each intermediate node can keep an accounting function of each consumer node. Each intermediate node that sees its network service requested by a consumer node can transmit the accounting data relating to the service consumed by that node periodically or after a predefined number of seconds of routing inactivity for that consumer node. An intermediate node may also transmit the recorded data referred to above if it makes a significant move in the ad hoc network that could compromise the transmission of its accounting information or if the consumer node performs such a move. The intermediate node can stop its accounting operations and send the recorded data to the AAAF server of the ad hoc network 2. The access between the consumer node and the access network 3 can, if necessary, be reformed by means of other means. Approved operator nodes or ad hoc nodes that will proceed with the accounting in the same way as the node previously used to route the packets of the consumer node. The counted information can then be grouped and sent periodically to the AAA proxy 34 of the access network 3. In step 96, the consumer node disconnects from the Internet and releases its connection, which can terminate the accounting operations performed. by the intermediate nodes used to route the packets of this consumer node. In the case of a wild disconnection, the accounting operations can be interrupted by an absence detection mechanism of the consumer node intrinsic to the routing protocol. The use of such a mechanism is common in an ad hoc network because of the frequency with which the nodes join and leave the ad hoc network. The routing protocol can for example modify the routes by involving only the nodes still present in the network.

  The counted data can be communicated to the AAA proxy of the ad hoc network 2 at step 97 by all the nodes having participated in the network service. The recorded data may include the AAA services implemented both in the ad hoc network 2 and in the access network 3.

  In order to increase the guarantees regarding the invoice that will be established for the new consumer node, the latter can send its own recorded data concerning the service it has received to the AAA proxy of the ad hoc network 2 which can transmit to the proxy AAA 34 of the access network 3. In step 98, the data is transmitted by the proxy AAA 34 of the access network 3 to the server AAAH 60 which transmits them to the billing server 59. The latter performs a processing of these data. This processing can lead to two types of invoicing: - fixed cost for the consumer node, which allows it, regardless of its location in the ad hoc network, to always pay the same price. Intermediate ad hoc nodes may be credited with fixed or variable remuneration depending on the agreement with the operator managing the ad hoc network. For example, they may be remunerated in proportion to their contributions (in routed packets or routing implementation time) to packet routing between the two endpoints, that is, between the consumer node and the provider node. variable cost for the consumer node as a function of its distance in terms of the number of hops relative to the service provider node. For example, the operator managing the ad hoc network has the strategy of adapting the billed rate to the distance between the consumer node and the gateway node, that is to say, according to the number of intermediate nodes requested. Intermediate ad hoc nodes are credited with fixed or variable remuneration according to the agreement established with the operator managing the ad hoc network. When preparing the invoice, the billing server 59 may take into account the routing services provided by the intermediate nodes 20a and 20b and the AAA services. The billing server may also reward the intermediate nodes with respect to the rendered routing service. In step 99, the billing server can proceed to the payment of the invoice by coming into contact with the consumer node of the billing service.

  In a variant, in step 98, the data is transmitted by the proxy AAA 34 of the access network 3 to the billing server 31 which performs a processing of these data similar to that performed by the billing server 59 in the step 98 previously described.

  Still in this variant, in step 99, the billing server 31 of the access network 3 sends its billing report to the billing server 59 so that it proceeds to the payment by coming into contact with the consumer node of the billed service. . The billing server 31 rather than billing each intermediary node or consumer, can for example bill its AAA services to the ad hoc network 2, possibly to the ad hoc wireless operator who administers the ad hoc network offering a network extension. infrastructure access. In the case of a consumer node already authenticated in the ad hoc network 2, only steps 95 to 99 can be executed. In another variant not shown, the network service provided to a consumer ad hoc node can also be prepaid. Such a billing system may be announced to the ad hoc node joining the network by the announcement service. An ad hoc node interested in this prepayment system can connect to a prepayment server installed on an approved active node, or to a gateway node 20a 'which requests the services of the AAA proxy of the ad hoc network 2 to authenticate the nodes requesting this prepayment service. The AAA proxy of the ad hoc network 2 can then carry out accounting exchanges with the AAA proxy 34 of the access network 3 for billing purposes. Alternatively, the prepayment server can perform banking transactions independently of the AAA system. Once the new node obtains its identifier in step 64 of FIG. 8, two operating modes can be set up: the single activation prepayment in which once the consumption of the service has started, the consuming node can not suspend this service and has until the expiry of the validity period of its identifier. Each intermediate node verifies that the identifier is authentic by contacting, for example, the AAA proxy of the ad hoc network, and / or - the multi-activation prepayment in which at any time the user can suspend the consumption of a network service and reactivate it later, each packet issued by the consumer node containing the proof of its authorization to be issued.

  Another not shown variant of billing a network service provided to a consumer node according to the invention may be based on a fair exchange system. Rather than billing the routing service, a barter system is set up between the consumer node and the operator nodes 20a. Equitable barter can then be regulated by an operator node 20a. The operator nodes 20a may for example invite the nodes 20b to participate in the network in exchange for a routing service, free AAA services or at reduced rates or the granting of a higher bandwidth in the case of a connection of active or passive ad-hoc nodes to the Internet. Active ad hoc nodes 20b that did not wish to participate in barter are paid and credited for routing service or AAA provided by the AAA proxy of the ad hoc network.

  In addition, the actors involved in the provision of AAA services such as the ad hoc network 2, the access network 3 and the network managed by WHO 6 are credited according to the partnership agreement that binds them. There is shown in FIG. 10 an example of billing of a network service and AAA services provided to an ad hoc node wishing to securely communicate with another node of the ad hoc network 2. These two ad hoc consumer nodes consume AAA services and wish in the example described communicate with each other with a level of trust operator quality that is to say a level of security offered by an AAA service .. At step 100, the ad hoc nodes consumers establish level 2 connectivity in the sense of the OSI model to each other via the same or different nodes 20a or 20b. The operator or trusted nodes provide the consumer nodes with two temporary addresses at step 101. The consumer nodes receive the list of services available in the ad hoc network 2 via the announcement service in step 102 and select the service of the service provider. ad hoc routing.

  The authentication procedure is performed for the two consumer nodes in step 103 in a manner similar to that described with reference to FIG. 8. Each consumer node obtains at the end of this step 103 a definitive address enabling it to route its packets.

  In step 104, the ad network AAA proxy registers a billing request for the AAA services provided in steps 101 to 103 and sends to the access network's AAA server all of its consumer node-related records at the same time. disconnection of these. These records include for example the billing of AAA services or the routing service in the case where the consumer nodes are several jumps from one another. The AAA services provided thus guarantee the identity of the two consumer nodes and can help build trust between them. FIGS. 11 and 12 show examples of application services billing provided by a distributor node 20b 'to an ad hoc node.

  Several types of contracts between the service provider and the distribution node 20b 'are possible: - fixed rate paid by the service provider to the distributor node for the distribution of its contents. For example, in order to become better known or to make its content more easily known, particularly in the launching phase of a service provider or certain content that it proposes, the service provider can offer free content to the consumer nodes. by paying a fixed price that it regulates to the dispensing node, fixed price paid by the distributor node to the service provider. The service provider is remunerated by a fixed price and the distributor node is remunerated, for example, on the transaction by the ad hoc consumer nodes. - the transaction. The service provider and the distribution node are paid for each transaction passed by the consumer nodes. The billing of an application service may involve a metering server for ad hoc applications (CAAH) 8. This server may be the billing server 31 or alternatively be a server of the ad hoc network 2. This server is responsible for carry out billing operations, either directly as by credit card transactions, or indirectly through the AAA proxy of the ad hoc network. In the latter case, the CAAH server 8 can be coupled to the proxy AAA of the ad hoc network, which can perform, as in the case of the consumption of a network service as described with reference to FIG. accounting for application services. The application service consumer nodes can thus see the withdrawals or credits managed by their subscription operators. As in the case of the consumption of a network service, we can distinguish several billing systems depending on whether the billing is done at actual consumption, prepaid, or a fair exchange system is implemented. FIG. 11 shows an example of a billing system for real consumption of an application service by a consumer node. The consumer node presents at a step 110 to a distributor node 20b 'assuring the application service that it wishes to consume an identifier allowing it to access the application service. The distributor node 20b 'communicates at a step 111 with the proxy AAA 15 hosted in a gateway node 20a' to check the information received in the previous step. Following this step 111, and in case of authorization issued by the proxy AAA, the distributor node provides during the step 112 the application service to the consumer node and starts the accounting operations relating to the consumption 20 of this application service. This billing can be done using one of the following methods: - billing to the accessed service. The distribution node counts the consumption of a node as service units. The service units are modulated according to the service accessed and correspond to the application of a certain tariff 25 per application, - the duration: the distribution node counts the period during which the consumer node accesses the application services. Whatever the billing method, the operator module 38 of the distributor node 20b 'holds in the example described an accounting for each consumer node. The distributor nodes can then transmit the data recorded in a step 113 to the CAAH server 8 either according to a predefined period, or after a predefined period of inactivity, for example two minutes for this consumer node, or if the distributor node or the consumer node makes a significant move that could compromise the delivery of its posting information. The consumer node can also perform its own accounting for the consumed application service and transmit it to the CAAH server. If necessary, the CAAH server 8 can compare the data counted by the distributor node 20b 'and the consumer node. The transaction management service provided by the CAAH server as well as the AAA services provided by the ad hoc network and, if applicable, the access network can be taken into account in addition to the application service consumed during the establishment. by the CAAH server of the total bill. The CAAH server 8 can then debit an account associated with the consumer node and reward the service provider and the distributor node according to two alternatives.

  In a first alternative, the CAAH server 8 performs the banking transactions directly, for example knowing the credit card number of the consumer node, and the banking details of the service provider and the distributor node. Alternatively, the CAAH billing server 8 may communicate the different counted data to the AAA proxy or AAAF server of the ad hoc network 2 in order to reward the distributing node and debit an account associated with the consumer node. The CAAH server can adapt the application service units communicated by the distributing node to the network service units in the ad hoc network to have a single or uniform unit billing. In case of remuneration of the content provider, the CAAH server 8 can carry out the banking transaction itself. In a variant not shown, the application service provided to a consumer node ad hoc can be prepaid. Such a billing system may be advertised to the ad hoc node joining the network by the announcement service.

  The interested ad hoc node can then connect to the CAAH server 8. Once the new node obtains its identifier, four examples of operation can then be set up. According to a first example, once the service is activated, the consumer node can not suspend this service and has until the expiration of its validity period. We are talking here of prepayment to the single activation duration. According to a second example, at any time, the consumer node can suspend the consumption of the application service and reactivate it later, with the risk of no longer finding the provider ad hoc node providing the service. We are talking here about prepayment to the duration with multiple activations. According to a third example, once the application service is activated, the consumer node can not benefit from other application services without performing a new prepayment operation. We are talking here about prepaying a single service. According to a fourth example, the consumer node can benefit from a fixed number of application services without performing a new prepayment operation. We are talking here about multi-service prepayment. As with actual consumer billing, the CAAH 8 server can bill the service directly through bank transactions or rely on the AAA proxy of the ad hoc network.

  Another non-represented variant of billing an application service provided to a consumer ad hoc node according to the invention may be based on the fair exchange system set up between a consumer node also providing an application service and the distributor node or nodes. providing him the consummate service. Equitable barter can then be regulated by the CAAH 8 server.

  Such a barter system is suitable when the service provider does not need to be paid for the transaction. This is typically a flat fee, similar to the peer-to-peer exchange model. FIG. 12 illustrates steps of an exemplary method of billing an application service for distributing musical content consumed by one or more consumer nodes of the ad hoc network.

  This method involves a distributor node 20b ', ad hoc nodes 20b, nodes 20a of the ad hoc network, and one or more consumer nodes of the ad hoc network. The method may also involve the ad hoc network's AAAF server 5 and / or the access network's AAAF server, the ad hoc network's AAA proxy and the CAAH server 8. The distribution node 20b 'of this example comprises a component computer 35 as previously described with reference to Figures 3 and 4 and for example has a contract with an online music publisher. A consumer node decides in the example described to download music from the distributor node 20b 'registered with an authorized active ad hoc node responsible for the announcement of the services. Step 120 corresponds to the authentication steps 90 to 93 described with reference to FIG. 9. In step 121, the consumer node having obtained a definitive address selects the music download server which, in this example, is the distributor node 20b 'and sends him a request. It is assumed that the ad hoc path that will be used for routing comprises several intermediate nodes. In step 122, the distributor node 20b 'accepts, after checking the authorization associated with the consumer node, to distribute the selected musical title to it. The operator module 38 of the distributor node starts its accounting operations related to the service consumed. The intermediate nodes can carry out the accounting operations of the routing services described with reference to FIG. 9. The consumer node decides in step 123 to stop its connection to the distribution node 20b ', causing the transmission of the transmission report. service accounting by the distributor node 20b 'to the CAAH server 8. Moreover, during this same step 123, the routing service accounting reports provided by the intermediate nodes 20a and / or 20b of the ad hoc network 30 are sent to the CAAH server 8. In step 124, the CAAH server 8 performs the billing operations of the consumer node following the downloading of content from the distribution node 20b 'according to one of the three real consumption billing systems, by prepayment or by the fair exchange system previously described. In addition, the actors who have participated in CAAH and AAA services such as the ad hoc network 2, the access network 3 and the network 6 managed by WHO are credited according to the partnership agreement that binds them. In the case of a consumer node already authenticated in the ad hoc network 2, only the steps 121 to 124 can be executed. The invention is not limited to the examples which have just been described. For example, characteristics introduced in different examples can be combined with one another. The invention may for example apply to the archiving of time stamped documents by an operator. This service can be in the form of a notarization server responsible for archiving messages signed by their transmitters with the acknowledgments of these messages signed by their receivers. Each archive can be timestamped by the server. The server can be protected against any attempt to compromise its integrity. The AAA server can be used to establish an accounting service record rendered. The invention can be used for the certification of electronic documents by the trusted third party operator. An ad hoc node does not necessarily have a public key and therefore does not have the ability to sign electronic documents that it wishes to send over the network. This service can take the form of a server strongly coupled to the AAA server. The AAA server can authenticate the origin of the request and vouch for the origin of the documents from the certification server. Thus, the certification server can issue a certificate proving the origin of the document.

  The invention can also be applied to electronic payment between individuals, equivalent to current checks between individuals. The operator can behave like a banker by positioning himself in the heart of cash flows between individuals. The AAA server can play a fundamental role by relying on the A-- service to authenticate the individuals involved, on the -A- service to allow them to perform debit / credit operations, and on the --A service to proceed. to the transaction. The invention can serve as a means of payment of an individual to a commercial or governmental company. The system can be based on the same technical principle as electronic payment between individuals. The parking meter payment can be one of the applications: parking meters are for example connected ad hoc with the parked cars and the vehicle owner can choose the parking period and validate the payment from his vehicle. Another application is the direct payment of tickets via the ad hoc network: this can be a ticket related to the wrong parking of the vehicle, in which case the ticket is sent via the ad hoc network to the vehicle and the owner can pay his ticket directly from his vehicle. Another application may involve electronic payment to beverage, sandwich, and banknote dispensers. The invention can also be applied to electronic games of chance. It can be a scratch card but also an interactive game where a machine game is reconstituted in virtual form. The virtual instance of the game can be transmitted by the ad hoc network to the user's terminal which can then virtually ask to scratch the card, activate the one-armed bandit or any other operation usually performed physically on game cards or casino machines. The expression containing one must be understood as being synonymous with at least one, unless the opposite is specified.

Claims (33)

  A method of exchanging data in an ad hoc network comprising active nodes and consumer nodes, wherein at least one active node is an ad hoc node and provides at least one authentication service (A). -), authorization (-A-) and accounting (--A) to at least one consumer node.   2. Method according to claim 1, in which at least one active node, in particular an ad hoc node, provides a network and / or application service and / or AAA.   3. Method according to the preceding claim, wherein the active nodes comprise at least one operator node and / or at least one ad hoc node.   4. Method according to the preceding claim, wherein at least one ad hoc active node comprises a hardware and / or software architecture approved and validated by an authorized entity.   5. The method of claim 3, wherein the active nodes comprise at least one operator node whose hardware and / or software architecture is not validated by an authorized entity.   6. The method of claim 4, wherein an accredited node addresses an on-line probate server of the ad hoc network to obtain authorization to use its homologation to declare itself an accredited active node. 20   7. Method according to any one of the preceding claims, in which an active node, in particular an ad hoc node, provides an addressing service to at least one new ad hoc node.   The method of any one of claims 4 to 7, wherein an active node A--, including an approved ad hoc node (20b), provides at least one authentication service (A--) of a new ad hoc node with an initial address.   9. Method according to the preceding claim, wherein the node A - communicates with an AAA server of an access network connected to the ad hoc network to authenticate the new ad hoc node.   The method of one of claims 8 and 9, wherein the AAA server of the access network communicates with an AAA server of an operator-managed network from which the new ad hoc node has subscribed to authenticate. this new ad hoc node.   11. A method according to any one of claims 8 to 10, wherein a node A-- transmits to a new authenticated ad hoc node and having a temporary address, a final address in the network.   The method according to any one of claims 8 to 11, wherein the node A - addresses according to a predefined period and / or in response to a predefined action of an ad hoc node already authenticated a reauthentication request to that ad hoc node.   The method according to any of claims 4 to 12, wherein at least one active node -A-, in particular an ad hoc registered node (20b), provides at least one authorization service (-A-) of the consumption of a service by a consumer node. 10   14. The method according to the preceding claim, wherein a node -A-only authorizes the routing of packets associated with a node authenticated and authorized by an AAA server in which the subscription level of the ad hoc node is recorded or that of packages related to the authentication procedure of a new ad hoc node.   15. A method according to any one of claims 4 to 13, wherein at least one active node --A, in particular an authorized ad hoc node (20b), provides at least one data accounting service (--A). relating to the consumption of a service by a consumer node.   16. The method according to the preceding claim, the node --A counting data relating to the consumption of at least one network service provided to a consumer node, the data comprises the volume of routed packets associated with this consumer node and / or the duration of connection to the ad hoc network of this consumer node.   17. Method according to one of claims 15 or 16, the --A node accounting for consumption data of at least one application service provided to a consumer node, the data comprising the type of application service provided and / or the duration during which the application service is provided to the consumer node.   The method of any one of claims 15 to 17, wherein the consumer node performs its own accounting of the consumed service data and transmits this data to the node --A.   The method of any one of claims 15 to 18, wherein the --A node transmits service consumed data by a consumer node to at least one billing server.   The method of claim 19, wherein the billing server rewards an authenticated node that has provided service in the ad hoc network.   21. Method according to one of claims 19 or 20, wherein an account associated with a consumer node is debited by the billing server following the billing of a service consumed by this node.   The method of any one of claims 19 to 21, wherein the --A node transmits the consumed service data to the billing server according to a predefined period and / or as a result of a predefined action of the consumer node. and / or the active node providing the service in the ad hoc network.   The method of any one of claims 19 to 22, wherein the service consumed by a consumer node involves a plurality of intermediate trusted nodes and wherein an account associated with the consumer node is debited by the billing server regardless of the number of nodes. intermediate.   The method of any one of claims 19 to 22, wherein the service consumed by a consumer node involves a plurality of intermediate trusted nodes and wherein an account associated with the consumer node is debited by the billing server based on the number of intermediate nodes and according to the quality of service.   25. A method according to any one of the preceding claims, being implemented in an ad hoc network located in a restaurant, a means of public transport such as a train, a bus or a station or airport hall.   A method according to any one of the preceding claims, wherein the ad hoc network (2) is connected to an access network (3) and wherein the access network charges the authentication services (A-- ), authorization (-A-) and the posting it insures.   27. A method of providing at least one service in an ad hoc network (2) by a computer terminal of a user, this terminal being able to constitute an approved node and comprising a computer component comprising a secure module to which only an authorized third party can to access.   28. The method according to the preceding claim, the service provided being at least one of an authentication service (A--), authorization (-A-), accounting (--A), a network service and application service   29. Computer component intended to enable a terminal to constitute an active node within an ad hoc network to provide at least one authorization service (-A-) and / or data accounting (--A) and or a network service, the computer component comprising: an operator module arranged to be accessible only to an authorized third party and to provide at least one of a service (-A-) and a service ( --A), - a user module arranged to be accessible only to the user of the terminal and not accessible remotely, in particular by the other ad hoc nodes and, - an ad hoc module, arranged to carry out the routing packets on the ad hoc network,   30. Component according to claim 29, the terminal being arranged to provide at least one application service, the component comprising a provider module arranged to be accessible only to an authorized third party such as a content provider and / or 'user. 1 0   31. Component according to one of claims 29 or 30, the modules being compartmentalized, compartmentalization being ensured by a material independence, in particular through separate processors or separate media, or by a logical independence, in particular through different partitions .   32. Computer component for enabling a terminal to form an active node within an ad hoc network to provide authentication (A--), authorization (-A-) and accounting (ùA) services. ) and / or network services and / or application services in the ad hoc network, the computer component comprising: first computing means arranged to enable the active node to satisfy the specific computing needs of the terminal user and to cover its 20 communication requirements on the ad hoc network and, second computing means arranged to enable the active node to provide other ad-hoc nodes of the network with services -A-, -A, and / or network and / or applications.   33. Component according to any one of claims 29 to 32, being integrated with an electronic device arranged to connect to a wireless network, in particular by means of a WiFi card, chosen from a computer, a microcomputer, a computer personal digital assistant, a mobile phone, a vehicle equipped with a communicating interface, an electronic means of payment or a satellite positioning device, in particular a GPS. 30