Security Issues and Solutions in Multicast Environment through Tree based Scheme

Multicast is the delivery of a message or information to a group of destination computers simultaneously in a single transmission from the source creating copies automatically in other network elements, such as routers, only when the topology of the network requires it. Multicasting security is hard because of Open group membership, everyone gets same pack ets, Senders need not be members. We first present taxonomy of mu lticast scenarios on the Internet and point out relevant security concerns. Next we address two major security problems of multicast communication: source authentication, and key revocation. Maintaining authenticity in multicast protocols is a much more complex problem than for unicast, in particular known solutions are prohibitively inefficient in many cases. We present a solution that is reasonable for a range of scenarios. Our approach can be regarded as a midpoi nt between traditional Message Authentication Codes and digital signatures. We also present an improved solution to the key revocation problem

Hastily Formed Networks (HFN) As an Enabler for the Emergency Response Community

The effects of natural or manmade disasters in communications infrastructures are so severe that immediately after the disaster the emergency responders are unable to use them. In addition, some areas do not have any useful infrastructure at all. To bridge this gap in communications, a need exists for a reliable technology not dependent on the existing infrastructure. This thesis focuses on first identifying the problem of communications gaps during natural or manmade disasters and reviewing the impact and potential benefit of implementing a solution based on the Hastily Formed Networks (HFN) model. The research explores the different technological solutions to solve this problem by evaluating documentation for commercial off-the-shelf technologies (COTS). Additionally, the thesis reviews the results of field experimentation conducted to evaluate the performance of these technologies in the field. The ultimate goal is to introduce the HFN concept as an enabler for the Emergency Response Community (ERC). Throughout this research, the focus revolves around testing COTS technologies. The research provides emergency responders with the background knowledge to make decisions on how to best bridge the gap of lack of communications under austere environments, and therefore enable them to provide better response.http://archive.org/details/hastilyformednet109456762Lieutenant Commander, United States Nav

Differentially secure multicasting

In this age of information, the efficient use of electronic communications is essential. As technology advances and becomes more complex, it is imperative that groups be able to discuss ideas and disseminate information among members effectively. Multicast groups are established to facilitate these information transactions. Since the members of these groups may be spread across the globe, the communications must be secure as well as efficient. Secure multicasting is an active area of research today. Though the areas of secure multicast group architecture, key distribution, and sender authentication are under scrutiny, one topic that has not been explored is how to integrate these with multilevel security. Multilevel security is the ability to distinguish subjects according to classification levels, which determines to what degree they can access confidential objects. In the case of groups, this means that some members can exchange messages at a higher sensitivity level than others. The Bell-La Padula model outlines the rules of these multilevel accesses. In multicast groups that employ multilevel security, some of these rules are not desirable so a modified set of rules was developed and is termed differential security. This thesis proposes three possible methods in which to set up a differenti0y secure multicast group: a naive approach, a multiple tree differential security (DiffSec) approach, and a single DiffSec tree approach. In order to evaluate the performances (in terms of the number of links used per packet transmitted) of these approaches, extensive simulation experiments were conducted by varying the network connectivity and group size for both uniform and nonuniform membership distribution across security levels. Our studies show that the multiple tree and single DiffSec tree approaches perform much better than the naive situation. While the multiple tree approach could be implemented using current technology, this scheme consumes many times more addresses and network resources than the single DiffSec tree approach. From our studies, we conclude that the single DiffSec tree is a viable option for supporting multilevel security as it maximizes the resource utilization and is also scalable

Elements of Trusted Multicasting

Multicast is rapidly becoming an important mode of communication as well as a good platform for building group-oriented services. However, to be used for trusted communication, current multicast schemes must be supplemented by mechanisms for protecting traffic, controlling participation, and restricting access of unauthorized users to the data exchanged by the participants. In this paper, we consider fundamental security issues in building a trusted multicast facility. We discuss techniques for group-based data encryption, authentication of participants, and preventing unauthorized transmissions and receptions. 1 Introduction Emerging distributed applications, such as multimedia teleconferencing, computer-supported collaborative work, and remote consultation and diagnosis systems for medical applications, depend on efficient information exchange among multiple participants. Network-based multi-destination switching is an essential mode of communication for such applications. Little co..