【正文】 modeled the certification process of each surveyed trust model using stochastic Petri s (SPN). As you will see in the following sections， this allows a better understanding of the performances of the different models and how to leverage some parameters for higher certification service availability. While a number of surveys covering the issues of key management in mobile ad hoc works， have provided some insightful overviews of the different schemes proposed in the literature， none of them focuses on issues related to certificates management thoroughly (the scheme architecture， how the certificates are stored and managed， the plexity evaluation of the certification protocol， etc.). To plement those efforts， this work provides detailed taxonomy of certificationbased trust models， and illustrates in depth the different schemes by providing the advantages and drawbacks of each one with respect to relevant criteria. The careful examination and analysis has allowed us to carry out a parative study of the proposed schemes based on an analytic evaluation. The ultimate goal of this paper is to identify the strengths and weaknesses of each scheme in order to devise a more effective and practical certificatebased trust models which can achieve a better tradeoff between security and performance. The remaining of this paper is structured as follows. In Section 2， we recall background material relating to basic concepts on cryptography and threshold cryptography. Then， in Section 3， we identify requirements relating to certificates management with respect to mobile ad hoc works environment and constraints， and in Section 4 we propose a tax on o my of the existing certificationbased trust models. Respectively， in Sections 5 and 6， we review the authoritarian models， and anarchic models. For each solution， we provide a brief description and discuss its advantages and short ings. We model the different solutions using stochastic Petri s and provide analytical results and conclusions. Then， we make a general analysis and parison against some important performance criteria. We finally conclude this paper in Section 7 with the sender. Each publickey is published， and the corresponding privatekey is kept secret by the sender. Message encrypted with the sender’s publickey can be decrypted only with the sender’s privatekey. In general， to send encrypted message to someone， the sender encrypts the message with that receiver’s publickey， and the receiver decrypts it with the corresponding privatekey authentication is a service related to identification. This function applies to both entities and information itself. Two parties entering into a munication should identify each other. The publickey certificate is a digital data structure issued by a trusted third party to certify a publickey’s ownership. Among other information a publickey certificate contains: (1) certificate number。 (2) issuer’s identity。 (3) owner’s identity。 (4) owner’s publickey。 (5) signature algorithm。 (6) period of validity。 and (7) the issuer’s signature， and eventually other extensions. CA (Certification Authority) is a trusted third party， which is usually a trustworthy entity for issuing certificates. If the same CA certifies two users， then they would have the same CA in mon as a third trust party. The two users would then use the CA’s publickey to verify their exchanged certificates in order to authenticate the included publickeys and use them for identification and secure munication. Each CA might also certify publickeys of other CAs， and collectively forms a hierarchical structure. If different CAs certification two users， they must resort to higherlevel CAs until they reach a mon CA (cf. Fig. 1). Weboftrust model does not use CAs. Instead， every entity certifies the binding of identities and public keys for other entities. For example， an entity u might think it has good knowledge of an entity v and is willing to sign’s publickey certificate. All the certificates issued in the system forms a graph of certificates， named weboftrust (cf. Fig. 2). 2. Background In this section we recall the definition of some security services using cryptographic mechanisms. . Security services and basic cryptography mechanisms Confidentiality is a service used to keep the content of information from all， but those authorized to have it. Confidentiality is guaranteed using encryption. Encryption is a cryptographic transformation of the message into a form that conceals the message original meaning to prevent it from being known or used. If the transformation is reversible， the corresponding reversal process is called decryption， which is a transformation that restores the encrypted message to its original state. With most modern cryptography， the ability to keep encrypted information secret is based not on the cryptographic encryption algorithm， which is widely known， but on a piece of information called a key that must be used with the algorithm to produce an encrypted result or to decrypt previously encrypted information. Depending on whether the same or different keys are used to encrypt and to decrypt the information We distinguish between two types of encryption systems used to assure confidentiality: Symmetrickey encryption: a secret key is shared between the sender and the receiver and it is used to encrypt the message by the sender and to decrypt it by the receiver. The encryption of the message produces a nonintelligible piece of information。 the decryption reproduces the original message. Publickey encryption: also called asymmetric encryption， involves a pair of keys (public and private keys) 3. Design issues The distribution of publickeys and management of certificates have bee