Communication satellites offer an efficient way to extend IP multicast services for groups in wide-area networks. This poses interesting challenges for routing and security. Satellite networks can have wired and wireless links and different link-layer technologies like Ethernet and ATM. For security, the multicast traffic …
Author: Roy-Chowdhury, Ayan
Source: University of Maryland
Download Link: Click Here To Download This Report (PDF)
Reference URL 1: Visit Now
Reference URL 2: Visit Now
Contents
1 Introduction 1
1.1 Contributions . . . . . . . . . . . . 3
1.2 Organization . . . . . . . . . .. . . 5
2 IP Multicast: Concepts and Routing Protocols 6
2.1 IP Multicast Fundamentals . . . . . . . 6
2.2 Wide-Area Multicast Routing via Satellites . . . . 10
2.3 Challenges of Multicast Routing Protocols . . . . 13
2.4 Intra-domain Multicast Routing Protocols . .. . . . 14
2.4.1 Multicast Extensions to Open Shortest Path First (MOSPF) . . . 15
2.4.2 Distance Vector Multicast Routing Protocol (DVMRP) . . . . . 16
2.4.3 Core-Based Tree (CBT) . . . . . . . . . . . . 18
2.4.4 Protocol Independent Multicast – Dense Mode (PIM-DM) . . . 21
2.4.5 Protocol Independent Multicast – Sparse Mode (PIM-SM) . . . 22
2.4.6 Multicast Internet Protocol (MIP) . . . .. . . 26
2.5 Inter-domain Multicast Routing Protocols . .. . 26
2.5.1 Hierarchical DVMRP (HDVMRP) . . . . . . . . . 27
2.5.2 Hierarchical PIM (HPIM) . . . . . . . . . . . 28
2.5.3 PIM-DM/PIM-SM . . . . . . . . . . . . . . . . . 29
2.5.4 Border Gateway Multicast Protocol (BGMP) .. . . 29
3 ATM Support for IP Multicast 32
3.1 ATM Point-to-Multipoint VC . . . . . . . . . . . . 33
3.2 ATM Multipoint-to-Multipoint Communication Model . . . . 34
3.2.1 VC Mesh . . . . . . . . . . . . . . . . . . . . . . . 34
3.2.2 Multicast Server (MCS) . . . . . . . . . . . . .. . 36
3.3 IP Multicast Support in ATM: MARS Architecture . .. . 39
4 Framework for IP Multicast Routing in Satellite ATM Network 43
4.1 Satellite Network Architecture . . . . . . . . . . . . 43
4.2 IP/ATM Multicast Routing Framework . . . . . . . . . . 45
4.2.1 Selection of Intra-domain Multicast Routing Protocol .. . . 45
4.2.2 Selection of Inter-domain Multicast Routing Protocol .. . . 46
4.2.3 Description of the Multicast Routing Framework . . . . . . 49
4.2.3.1 IP Multicast Framework in each Subnet . . . . . . 49
4.2.3.2 ATM Multicast Framework over the Satellite Links . 50
4.2.3.3 Creation of a Multicast Group When a Source Becomes Active . . 52
4.2.3.4 Source Join to an Existing Multicast Group . . . . . 56
4.2.3.5 Receiver Join to a Multicast Group . . . . . . . . . 57
4.2.3.6 Source Leave from a Multicast Group with One Source 59
4.2.3.7 Source Leave when Multiple Sources are Present .. . 60
4.2.3.8 Receiver Leave from a Multicast Group . . . . . . . 60
4.3 Issues with the Multicast Framework . . . . . . . . . . 62
5 Routing Framework Simulation and Results 64
5.1 Implementation Issues . . . . . . . . . . . . . . . . . 64
5.2 Simulation Configuration . . . . . . . . . . . . . . . . 66
5.3 Simulation Results . . . . . . . . . . . . . . . . . . 68
5.3.1 Many-to-Many Scenario Results . . . . . . . . . . . . 68
5.3.2 One-to-Many Scenario Results . . . . . . . . . . . . 71
6 Review of Group Key Management Protocols 78
6.1 Features of Group Key Management Systems . . . . . . . 78
6.1.1 Security Requirements . . . . . . . . . . . . . . . . 78
6.1.2 Cost Metrics . . . . . . . . . . . . . . . . . . . . 79
6.2 Security Terminology . . . . . . . . . . . . . . . . . 81
6.3 Centralized Key Distribution vs. Distributed Key Management . . . . . 82
6.3.1 Centralized Key Distribution . . . . . . . . . . . . . 82
6.3.2 Distributed Key Generation . . . . .. . . . . . . . 83
6.4 Review of Key Management Protocols . . . . . . . . . . 84
6.4.1 Key Predistribution Systems . . . . . .. . . . . . . 84
6.4.2 Broadcast Encryption . . . . . . . . . . . . . . . . 85
6.4.3 Secure Lock . . . . . . . . . . . . . .. . . . . . . 86
6.4.4 Conditional Access Systems . . . . . . . . . . . . . 87
6.4.5 Group Key Management Protocol . . . . .. . . . . . . 88
6.4.6 Key Agreement based on Hidden Fractional Keys .. . . 89
6.4.7 Group Diffie-Hellman Protocols . . . . . . . . .. . . 91
6.4.8 Tree Based Key Distribution Protocols . . . . .. . . 93
7 Multicast Key Management in Satellite ATM Network 100
7.1 Trust Model and Security Assumptions . . . . . . . . 100
7.2 Tiered Tree Based Key Management . . . . . . . . . . 104
7.2.1 Key Management in the Overlay: RP Tree . . . . . . 106
7.2.1.1 RP Tree Setup . . . . . . . . . . . . . . . . . 106
7.2.1.2 Tree Update on Member Join, Leave . . . . . . . 113
7.2.1.3 Tree Removal on Group Termination . . . . . . . 114
7.2.2 Key Management in the Subnet: SN Tree . . . . . . 115
7.2.2.1 SN Tree Setup . . . . . . . . . . . . . . . . . 115
7.2.2.2 Tree Update on Member Join . . . . . . . . . . . 117
7.2.2.3 Tree Update on Member Leave . . . . . . . . . . . 117
7.2.2.4 Group Termination . . . . . . . . . . . . . . . . 118
7.2.3 Synchronization of Group Information at the RP . . . 118
7.2.4 Secure Data Transmission in a Group . . . . . 119
7.2.5 Algorithms for Managing the Key Tree .. . . . 120
7.2.5.1 One-Way Function Tree . . . . . . 121
7.2.5.2 ELK Protocol . . . . . . . . . . . 122
8 Key Management Framework Analysis and Simulation 124
8.1 Security Analysis . . . . . . . . . . . . . . . . 124
8.1.1 Passive Adversary . . . . . . . . . . . . . . . 124
8.1.2 Active Adversary . . . . . . . .. . . . . . . . . 125
8.2 Cost Analysis . . . . . . . . . . . . . . . . . . . 128
8.3 Simulation . . . . . . . . . . . . . . . . . . . . . 134
8.3.1 Results . . . . . . . . . . . . . . . . . . . . . 135
8.3.1.1 One-to-Many Traffic Scenario . . . . . . . . . . 135
8.3.1.2 Many-to-Many Traffic Scenario .. . . . . . . . . . 138
9 Conclusions and Future Work 146
9.1 Comments on the Routing Framework . . . . . .. . . . . 146
9.2 Comments on the Key Management Framework . . . . . . . 147
9.3 Conclusions . . . . . . . . . . . . . . 149
9.4 Future Work . . . . . . . . . . . . . . 151
Bibliography 160