This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: A Survey of Key Management for Secure Group Communication SANDRO RAFAELI AND DAVID HUTCHISON Computing Department, Lancaster University Group communication can benefit from IP multicast to achieve scalable exchange of messages. However, there is a challenge of effectively controlling access to the transmitted data. IP multicast by itself does not provide any mechanisms for preventing nongroup members to have access to the group communication. Although encryption can be used to protect messages exchanged among group members, distributing the cryptographic keys becomes an issue. Researchers have proposed several different approaches to group key management. These approaches can be divided into three main classes: centralized group key management protocols, decentralized architectures and distributed key management protocols. The three classes are described here and an insight given to their features and goals. The area of group key management is then surveyed and proposed solutions are classified according to those characteristics. Categories and Subject Descriptors: C.2.2 [ Computer Systems Organization ]: Network Protocols; K.6.5 [ Computing Milieux ]: Security and Protection General Terms: Design, Management, Security Additional Key Words and Phrases: Multicast Security, Group Key Distribution 1. INTRODUCTION Group communication applications can use IP multicast [Deering 1989] to trans- mit data to all n group members using minimum resources. Efficiency is achieved because data packets need to be transmit- ted once and they traverse any link be- tween two nodes only once, hence saving bandwidth. This contrasts with unicast- based group communication where the sender has to transmit n copies of the same packet. However scalable, IP multicast does not provide mechanisms to limit the access The work presented here was done within the context of ShopAware—a research project funded by the European Union in the Framework V IST Programme. Authors’ address: D. Hutchison, Computing Department, Faculty of Applied Sciences, Engineering Building, Lancaster University, Lancaster LA1 4YR, United Kingdom; S. Rafaeli, Rua Atanasio Belmonte, 175/828, Porto Alegre, Brazil, CEP 90520-550; email: [email protected] Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or direct commercial advantage and that copies show this notice on the first page or initial screen of a display along with the full citation. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, to redistribute to lists, or to use any component of this work in other works requires prior specific permission and/or a fee. Permissions may be requested from Publications Dept., ACM, Inc., 1515 Broadway, New York, NY 10036 USA, fax: + 1 (212) 869-0481, or [email protected], or [email protected]...
View Full Document
This note was uploaded on 07/30/2011 for the course COP 4810 taught by Professor Staff during the Spring '11 term at University of Central Florida.
- Spring '11
- Computer Science