Session Management in Multicast

As a new network technique to efficiently distribute information from a small number of senders to large numbers of receivers, multicast encounters many problems in scalability, membership management, security, etc. These problems hinder the deployment of multicast technology in commercial applications. To overcome these problems, a more general solution for multicast technology is needed. In this paper, after studying current multicast technologies, we summarized the technical requirements for multicast, including data delivery, scalability, security, group management, reliability, and deployment. In order to understand and meet the requirements, we define a life cycle model that most multicast sessions should follow. According to the requirements and the life cycle model, we propose and design a general solution that can control each phase of a session and satisfy most requirements for multicast technology. This general solution has three parts: hierarchical topology auto-configuration algorithm, Session Management Mechanism, and techniques supporting different multicast protocols. To verify the feasibility of our solution and compare its performance with other multicast techniques, we simulate our solution and compare it with PIM-SM and ESM

Modélisation et vérification de protocoles pour des communications sécurisées de groupes

Dans le monde des systèmes qui utilisent des communications sous forme de diffusion de groupes, le critère de sécurité devient un facteur de plus en plus important. Le choix des mécanismes pour la protection de cette communication, mécanismes basés sur des échanges de clés symétriques et asymétriques, influe sur l'efficacité du système. Nous avons procédé à l'analyse des besoins et nous avons défini un modèle qui permet de représenter la dynamique des groupes et la communication entre leurs membres. Nous avons défini l'architecture d'un système dont l'élément central est la fonction de création, d'échange et de mise en place correcte des clés. La modélisation de ce système dans un environnement UML 2.0 a permis son analyse en termes de garantie de propriétés temporelles et de sécurité. L'approche suivie pour l'étude des exigences temporelles est généralisable à de nombreux systèmes distribués. La valorisation de nos études a été faite dans le cadre du projet national RNRT SAFECAST. ABSTRACT : Systems that implement communications in the form of group multicast have increasingly raised security problems. The protection mechanisms applied to that communication rely on symmetrical and asymmetrical key exchanges, and the way these mechanisms are selected does influence the system's efficiency. Following an in depth analysis of the needs captured by these systems, we defined a model for representing the dynamics of groups, as well as communication among group members. We defined one system architecture which focuses on key creation, exchange and management functions. The system was modeled in UML 2.0 and checked against security and temporal properties. The approach we followed to investigate temporal requirements may be extended to a broad variety of distributed system

Antigone: Implementing Policy in Secure Group Communication

Significant strides have been made in achieving strong semantics and security guarantees within group communication and multicast systems. However, the scope of available security policies in these systems is often limited. In contrast, the applications that require the services provided by these systems can differ significantly in their security policy needs. Often application designers have to either make significant compromises in using a given group communication system or build their own customized solutions, an error-prone task. This paper presents Antigone, a framework that provides a suite of mechanisms from which flexible application security policies may be implemented. With Antigone, developers may choose a policy that best addresses their security and performance requirements of an application requiring group communication. We describe the Antigone's mechanisms, consisting of a set of micro-protocols, and show how different security policies can be implemented usin..