Daidalos Security Framework for Mobile Services

Mobility is now the central focus of the lives of European citizens in business, education, and leisure. This will be enriched by pervasiveness in the future. The Daidalos vision is to seamlessly integrate heterogeneous network technologies that allow network operators and service providers to offer new and profitable services, giving users access to a wide range of pervasive, personalised voice, data, and multimedia services. This paper discusses the security issues that need to be addressed to make Daidalos a real viable solution for future pervasive mobility. Issues include among others privacy & identity management, secure protocols, distributed key management, security in ad hoc networks

Design and Validation of Receiver Access Control in the Automatic Multicast Tunneling Environment

Standard IP multicast offers scalable point-to-multipoint delivery, but no control over who may send and who may receive the data stream. Participant Access Control has been developed by Islam and Atwood, but only for multicast-enabled network regions. Automatic Multicast Tunneling has been developed by the Internet Engineering Task Force. It extends the range of multicast data distribution to unicast-only network regions, but provides no Participant Access Control. We have designed the additional features that AMT must have, so that AMT has the necessary Participant Access Control at the receiver's end in the AMT environment. In addition, we have validated our design model using the AVISPA formal modeling tool, which confirms that the proposed design is secure

Design and Validation of a Secured Tunnel in the Automatic Multicast Tunneling (AMT) Environment

IP multicasting is a communication mechanism in which data are communicated from a server to a set of clients who are interested in receiving those data. Any client can dynamically enter or leave the communication. The main problem of this system is that every client that is interested in receiving the multicast data has to be in a multicast enabled network. The Network Working Group at the Internet Engineering Task Force (IETF) has come up with a solution to this problem. They have developed a protocol named Automatic Multicast Tunneling (AMT). This protocol offers a mechanism to enable the unicast-only clients to join and receive multicast data from a multicast enabled region through an AMT tunnel, which is formed between the two intermediate participants named Gateway and Relay. However, AMT does not provide any Participant Access Control (PAC). Malla has designed an architecture for adding PAC at the receiver’s end in the AMT environment. His work is based on the assumption that the AMT tunnel is secure and the tunnel can recognize and pass the additional message types that his design requires. We have designed the solution to secure the AMT tunnel. We also defined the additional message types. Lastly, we validated our work using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool to ensure that our design is secure