Method and system for source authentication in group communications

A method and system for authentication is provided. A central node for issuing certificates to a plurality of nodes associated with the central node in a network is also provided. The central node receives a first key from at least one node from among the plurality of nodes and generates a second key based on the received first key and generates a certificate for the at least one node. The generated certificate is transmitted to the at least one node

Key Management for Secure Multicast in Hybrid Satellite Networks

Keywords: This paper proposes a design for key management for secure multicast in hybrid satellite networks. Communication satellites offer an efficient way to extend IP multicast services for groups in wide-area networks. In order to be commercially viable, the multicast traffic should be accessible only to paying subscribers. Access control can be achieved by data encryption. This requires secure and efficient methods to generate, distribute and update the keys. Most current key management protocols do not scale well when applied to large dynamic groups in wide-area networks. This paper attempts to solve the above problem for groups in a hybrid network that is composed of terrestrial Ethernet LANs interconnected by ATM-based satellite channels. We investigate current group key management protocols, and design a framework for secure and scalable key management for the multicast routing architecture in the satellite network. The proposed framework is presented in detail, alongwith analysis and simulation results. Satellite network, secure multicast, group key management. 1

PIM-SM = Protocol Independent Multicast- Sparse Mode

This paper proposes a design for IP multicast routing in hybrid satellite networks. The emergence of IP multicast for Internet group communication has placed focus on communication satellites as an efficient way to extend the multicast services for groups with distributed membership in wide-area networks. This poses interesting challenges for routing. Hybrid satellite networks can have both wired and wireless links and also combine different link-layer technologies like Ethernet and ATM. No proposed IP multicast routing protocol for wired networks offers an integrated solution for such networks. This paper attempts to provide a solution by proposing a design for IP multicast routing in wide-area networks that have terrestrial Ethernet LANs interconnected by A TM-based satellite channels. The paper reviews the multicast services offered by IP and A TM, and proposes a multicast routing framework that combines PIM-SM protocol for terrestrial multicasting with the A TM MARS and VC mesh architecture for multicast routing over the satellite links. Modifications are made to the standard protocols to suit the unique needs of the network being considered. The feasibility of the proposed design is tested by performing simulations. The proposed framework is presented in detail, along with analysis and simulation results

Improving Network Performance, Security and Robustness in Hybrid Wireless Networks Using a Satellite Overlay

In this thesis we propose that the addition of a satellite overlay to large or dense wireless networks will result in improvement in application performance and network reliability, and also enable efficient security solutions that are well-suited for wireless nodes with limited resources. We term the combined network as a hybrid wireless network. Through analysis, network modeling and simulation, we quantify the improvement in end-to-end performance in such networks, compared to flat wireless networks. We also propose a new analytical method for modeling and estimating the performance of hybrid wireless networks. We create a loss network model for hybrid networks using the hierarchical reduced loss network model, adapted for packet-switched networks. Applying a fixed point approximation method on the set of relations modeling the hierarchical loss network, we derive a solution that converges to a fixed point for the parameter set. We analyze the sensitivity of the performance metric to variations in the network parameters by applying Automatic Differentiation to the performance model. We thus develop a method for parameter optimization and sensitivity analysis of protocols for designing hybrid networks. We investigate how the satellite overlay can help to implement better solutions for secure group communications in hybrid wireless networks. We propose a source authentication protocol for multicast communications that makes intelligent use of the satellite overlay, by modifying and extending TESLA certificates. We also propose a probabilistic non-repudiation technique that uses the satellite as a proxy node. We describe how the authentication protocol can be integrated with a topology-aware hierarchical multicast routing protocol to design a secure multicast routing protocol that is robust to active attacks. Lastly, we examine how the end-to-end delay is adversely affected when IP Security protocol (IPSEC) and Secure Socket Layer protocol (SSL) are applied to unicast communications in hybrid networks. For network-layer security with low delay, we propose the use of the Layered IPSEC protocol, with a modified Internet Key Exchange protocol. For secure web browsing with low delay, we propose the Dual-mode SSL protocol. We present simulation results to quantify the performance improvement with our proposed protocols, compared to the traditional solutions

IP ROUTING AND KEY MANAGEMENT FOR SECURE MULTICAST IN SATELLITE ATM NETWORKS

Communication satellites offer an efficient way to extend IP multicast services for groups in wide-area networks. This poses interesting challenges for routing and security. Satellite networks can have wired and wireless links and different link-layer technologies like Ethernet and ATM. For security, the multicast traffic should be restricted to legitimate receivers, which can be achieved by data encryption.This requires secure and efficient methods to manage the encryption keys. This thesis attempts to solve the above problems for secure multicast in wide-area networks that have Ethernet LANs interconnected by ATM-based satellite channels. The thesis reviews the multicast services offered by IP and ATM and proposes a multicast routing framework for hybrid satellite networks. The thesis also investigates current group key management protocols, and designs a scheme for secure and scalable key management for the proposed multicast architecture. The various proposed schemes are presented in detail, alongwith analysis and simulation results

Screening of Volatile Constituents of N. sativa on Calcium Depleted Heart Model

The number of deaths from cardiovascular disorders is rising every year. Nigella sativa, one of the accessible natural plants, has a broad range of pharmacological effects. The Nigella sativa seeds were removed, cleaned, and preserved in order to research the effects of the plant on the cardiovascular system. After being ground into a fine powder, the seeds were used to extract the volatile oil from the seeds using the steam distillation process. The hypodynamic model was used after the rat\u27s heart was removed. Using the standard kreb\u27s hanselet salt solution to mount the isolated heart, a typical graph was produced. As the calcium concentration was reduced, the graph\u27s negative tropic activity became apparent. When N. sativa was administered it has produced additional negative tropic effect on hypodynamic heart. At 0.1 ml produced negative tropic effect and keeps on decreasing as the dose increases by 0.2, 0.4, 0.8ml in dose dependent manner

A Certificate-based Light-weight Authentication Algorithm For Resource-constrained Devices

In this work, we analyze and extend a recently proposed design of digital certificates called TESLA certificates. Certificates are a necessary tool in today's secure networks to certify the identity of nodes taking part in communication. Most prevalent certificate technologies make use of public-key cryptography. Messages generated by the user are signed using its private key, and the signature can be verified by any node who knows the user's public key via its certificate. Signature generation and verification using public-key cryptography is computationally expensive for devices with limited computation power and energy resources. In this situation TESLA certificates can be very useful to certify identity, since they rely on symmetric cryptography which is computationally much more efficient. In this paper we explain the concept of TESLA certificates and provide a preliminary description of proposed modifications to the original algorithm to strengthen its security. We extend the original proposal by combining hash chains with TESLA certificates and come up with an efficient source and message authentication protocol based on symmetric key certificates. We also propose a new type of TESLA certificates called Group Certificates for use in multicast group communication. Through analysis, we show that our protocol is secure against malicious adversaries. We also give an initial estimate of the performance of our algorithm and the related comparison to public-key signatures, and we highlight network scenarios where the TESLA certificates could be particularly useful

Framework for IP Multicast in Satellite ATM Networks

This paper proposes a design for IP multicast routing in hybrid satellite networks. The emergence of IP multicast for Internet group communication has placed focus on communication satellites as an efficient way to extend IP multicast services for groups with distributed membership in wide-area networks. This poses interesting challenges for routing. Satellite networks can have both wired and wireless links and also combine different link-layer technologies like Ethernet and ATM. No proposed IP multicast routing protocol for wired networks offers an integrated solution for such networks. This paper attempts to provide a solution by proposing a design for IP multicast routing in wide-area networks that have terrestrial Ethernet LANs interconnected by ATM-based satellite channels. The paper reviews the multicast services offered by IP and ATM, and proposes a multicast routing framework that combines PIM-SM protocol for terrestrial multicasting with the ATM MARS and VC mesh architecture for multicast routing over the satellite links. Modifications are made to the standard protocols to suit the unique needs of the network being considered. The feasibility of the proposed design is tested by performing simulations. The proposed framework is presented in detail, along with analysis and simulation results

Security Issues in Hybrid Satellite Networks

Satellites are expected to play an increasingly important role in providing broadband Internet services over long distances in an efficient manner. Future networks will be hybrid in nature - having terrestrial nodes interconnected by satellite links. Security is an important concern in such networks, since the satellite segment is susceptible to a host of attacks including eavesdropping, session hijacking and data corruption. In this paper we address the issue of securing communication in satellite networks. We describe the different kinds of hybrid network topologies considered for deployment. We discuss various security attacks that are possible in these networks, and survey the different solutions proposed to secure communications in the hybrid networks. We point out important drawbacks in the various proposed solutions, and suggest a hierarchical approach to add security to the hybrid networks

HYBRID NETWORKS WITH A SPACE SEGMENT - TOPOLOGY DESIGN AND SECURITY ISSUES

In this paper we investigate a hybrid network topology that is suitable for supporting interplanetary communications. We define an architecture comprised of a network of sensor nodes on a remote planetary surface, connected to a hybrid terrestrial network of wired and wireless LANs through a series of satellite relays. All the nodes in the network are IPaddressable and support public and symmetric key cryptography. The resulting network forms a hierarchical hybrid mesh that connects users on Earth to networks on or around a remote planetary surface. We describe the design of the network and present preliminary simulation results illustrating the network performance for various parameters. We also discuss how algorithms for user authentication, message integrity and data confidentiality can be incorporated in the network infrastructure for secure end-to-end communication