Securing User-Controlled Routing Infrastructures

Designing infrastructures that give untrusted third parties (such as end-hosts) control over routing is a promising research direction for achieving flexible and efficient communication. However, serious concerns remain over the deployment of such infrastructures, particularly the new security vulnerabilities they introduce. The flexible control plane of these infrastructures can be exploited to launch many types of powerful attacks with little effort. In this paper, we make several contributions towards studying security issues in forwarding infrastructures (FIs). We present a general model for an FI, analyze potential security vulnerabilities, and present techniques to address these vulnerabilities. The main technique that we introduce in this paper is the use of simple lightweight cryptographic constraints on forwarding entries. We show that it is possible to prevent a large class of attacks on end-hosts and bound the flooding attacks that can be launched on the infrastructure nodes to a small constant value. Our mechanisms are general and apply to a variety of earlier proposals such as , DataRouter, and Network Pointers.     

A taxonomy of multicast data origin authentication: Issues and solutions

Multicasting is an efficient communication mechanism for group-oriented applications such as videoconferencing, broadcasting stock quotes, interactive group games, and video on demand. The lack of security obstructs a large deployment of this efficient communication model. This limitation motivated a host of research works that have addressed the many issues relating to securing the multicast, such as confidentiality, authentication, non-repudiation, integrity, and access control. Many applications, such as broadcasting stock quotes and video-conferencing, require data origin authentication of the received traffic. Hence, data origin authentication is an important component in the multicast security architecture. Multicast data origin authentication must take into consideration the scalability and the efficiency of the underlying cryptographic schemes and mechanisms, because multicast groups can be very large and the exchanged data is likely to be heavy in volume (streaming). Besides, multicast data origin authentication must be robust enough against packet loss because most multicast multimedia applications do not use reliable packet delivery. Therefore, multicast data origin authentication is subject to many concurrent and competitive challenges, when considering these miscellaneous application-level requirements and features. In this article we review and classify recent works dealing with the data origin authentication problem in group communication, and we discuss and compare them with respect to some relevant performance criteria.     

A New Model for Secure Dissemination of XML Content

The paper proposes an approach to content dissemination that exploits the structural properties of an Extensible Markup Language (XML) document object model in order to provide an efficient dissemination and at the same time assuring content integrity and confidentiality. Our approach is based on the notion of encrypted postorder numbers that support the integrity and confidentiality requirements of XML content as well as facilitate efficient identification, extraction, and distribution of selected content portions. By using such notion, we develop a structure-based routing scheme that prevents information leaks in the XML data dissemination, and assures that content is delivered to users according to the access control policies, that is, policies specifying which users can receive which portions of the contents. Our proposed dissemination approach further enhances such structure-based, policy-based routing by combining it with multicast in order to achieve high efficiency in terms of bandwidth usage and speed of data delivery, thereby enhancing scalability. Our dissemination approach thus represents an efficient and secure mechanism for use in applications such as publish-subscribe systems for XML Documents. The publish-subscribe model restricts the consumer and document source information to the routers to which they register with. Our framework facilitates dissemination of contents with varying degrees of confidentiality and integrity requirements in a mix of trusted and untrusted networks, which is prevalent in current settings across enterprise networks and the Web. Also, it does not require the routers to be aware of any security policy in the sense that the routers do not need to implement any policy related to access control.     

Tracetree: a scalable mechanism to discover multicast tree topologies in the Internet

The successful deployment of multicast in the Internet requires the availability of good network management solutions. Discovering multicast tree topologies is an important component of this task. Network managers can use topology information to monitor and debug potential multicast forwarding problems. In addition, the collected topology has several other uses, for example, in reliable multicast transport protocols, in multicast congestion control protocols, and in discovering network characteristics. We present a mechanism for discovering multicast tree topologies using the forwarding state in the network. We call our approach tracetree. First, we present the basic operation of tracetree. Then, we explore various issues related to its functionality (e.g., scalability, security, etc.). Next, we provide a detailed evaluation by comparing it to the currently available alternatives. Finally, we discuss a number of deployment issues. We believe that tracetree provides an efficient and scalable mechanism for discovering multicast tree topologies and therefore fills an important void in the area of multicast network management.     

IP multicast security: Issues and directions

Security represents one of the major current obstacles to the wider deployment of IP multicast. The present work identifies and discusses various concepts and issues underlying multicast security. A classification of the current issues is provided, covering some core problems, infrastructure problems, and certain complex applications that might be built atop secure ip multicast. Three broad core problems are defined, namely fast and efficient source authentication for high data-rate applications, secure and scalable group key management techniques and the need for methods to express and implement policies specific to multicast security. The infrastructure problem areas cover the issues related to the security of multicast routing protocols and reliable multicast protocols. The topic of complex application covers more advanced issues, typically relating to secure group communication at (or above) the session layer which may be built using an eventual secure multicast infrastructure. A brief summary of the relevant developments, including those in the ietf, is provided.     

TEE based session key establishment protocol for secure infotainment systems

Most vehicles are now produced with infotainment features. However, as reported in various security conferences, security vulnerabilities associated with an infotainment system can cause serious security issues, e.g., an attacker can control in-vehicle systems through the infotainment system. To address such security issues, in this paper, we propose a session key establishment protocol using Elliptic Curve Cryptography. The proposed protocol enables secure authentication and key distribution between a user device and a telematics control unit. We also shows how a trusted execution environment is used for the proposed protocol. We present detailed protocol operations with conducted security analysis results.     

基于单向函数树的多播密钥安全性分析

文章对SMuG草案之一的基于单向函数树(OFT)的密钥管理方案的安全性进行了详细分析,指出OFT方案在实现前向安全和后向安全上的漏洞,提出了可以实现完整的前向安全和后向安全的OFT改进方案。     

Femtocell网络安全问题的分析与研究

分析Femtocell网络的安全威胁问题,提出三大安全问题的爆发点:空中接口、用户接入终端以及IP公网,针对每个爆发点分析可能出现的安全问题,并提出相应的解决方案。     

A survey of security issues in multicast communications

The emergence and popularity of group-oriented applications on the World Wide Web has triggered a demand for scalable security solutions for group communication. One such solution, secure multicast is appealing because it leverages the efficiency of multicast data delivery. However, it also presents several research challenges, most notably in a group communication architecture, group key management, and message source authentication. In this survey, we discuss these issues and review proposed solutions to them     

IP多路广播在推广中存在的问题

IP多路广播是提高网络资源利用率的有效途径，其实验网Mbone已经运行多年，然而商业推广却十分缓慢。文章分析IP多路广播在访问控制、地址分配、可靠性、安全性、QoS和商业运营方面存在的问题，并总结IP多路广播的发展趋势。     

基于消息认证码的安全有效的组播源认证

组播通信正成为不断增长的应用基础，而其关键是要为组通信提供可靠的安全机制，然而，现有的组播安全协议仅能提供部分的解决方法，考虑到源认证是组的最主要安全事务之一，文章基于消息认证码提出了一种安全有效的组播源认证方法。     

Delay analysis of feedback-synchronization signaling for multicast flow control

Feedback signaling plays a key role in flow control because the traffic source relies on the signaling information to make correct and timely flow-control decisions. Design of an efficient signaling algorithm is a challenging task since the signaling messages can tolerate neither error nor latency. Multicast flow-control signaling imposes two additional challenges: scalability and feedback synchronization. Previous research on multicast feedback-synchronization signaling has mainly focused on algorithm design and implementation. However, the delay properties of these algorithms are, despite their vital importance, neither well understood nor thoroughly studied. We develop both deterministic and statistical binary-tree models to study the delay performance of the multicast signaling algorithms. The deterministic model is used to derive the expressions of each path's feedback roundtrip time in a multicast tree, while the statistical model is employed to derive the general probability distributions of each path becoming the multicast-tree bottleneck. Using these models, we analyze and contrast the signaling delay scalability of two representative multicast signaling protocols - the soft-synchronization protocol (SSP) and the hop-by-hop (HBH) scheme - by deriving the first and second moments of multicast signaling delays. Also derived is the optimal flow-control update interval for SSP to minimize the multicast signaling delay.     

Multicast security and its extension to a mobile environment

Multicast is rapidly becoming an important mode of communication and a good platform for building group-oriented services. To be used for trusted communication, however, current multicast schemes must be supplemented by mechanisms for protecting traffic, controlling participation, and restricting access of unauthorized users to data exchanged by the participants. In this paper, we consider fundamental security issues in building a trusted multicast facility. We discuss techniques for group-based data encryption, authentication of participants, and preventing unauthorized transmissions and receptions. We also describe the application of these principles and techniques in designing an architecture for secure multicast in a mobile environment.     

A mutual authentication and privacy mechanism for WLAN security

IEEE 802.11 wireless local area networks (WLAN) has been increasingly deployed in various locations because of the convenience of wireless communication and decreasing costs of the underlying technology. However, the existing security mechanisms in wireless communication are vulnerable to be attacked and seriously threat the data authentication and confidentiality. In this paper, we mainly focus on two issues. First, the vulnerabilities of security protocols specified in IEEE 802.11 and 802.1X standards are analyzed in detail. Second, a new mutual authentication and privacy scheme for WLAN is proposed to address these security issues. The proposed scheme improves the security mechanisms of IEEE 802.11 and 802.1X by providing a mandatory mutual authentication mechanism between mobile station and access point (AP) based on public key infrastructure (PKI), offering data integrity check and improving data confidentiality with symmetric cipher block chain (CBC) encryption. In addition, this scheme also provides some other new security mechanisms, such as dynamic session key negotiation and multicast key notification. Hence, with these new security mechanisms, it should be much more secure than the original security scheme. Copyright © 2006 John Wiley & Sons, Ltd.     

Security for multimedia adaptation: architectures and solutions

Multimedia content adaptation enables users with different access networks, client devices, and/or user profiles to access the same information source. However, content adaptation also introduces security implications. We conduct an in-depth investigation into the potential security issues involved and analyze general security architectures and requirements. In particular, we address the issue of where to place the security functions and how this affects functionality.     

基于网格的一种安全组播密钥分配策略

在网格中,组播是实现大规模信息资源共享的一种重要方式,然而,如何保障组播的安全性是一个十分复杂的问题.本文将以集中控制和分布式管理所采用的密钥管理策略为基础,在遵循网格组播机制的前提下,考虑成员动态变化因素,提出了分层方法、成员发现协议、分簇协议和密钥分配策略,从而形成了一种基于网格的安全组播密钥分配策略.仿真实验结果表明此密钥分配策略具有良好的可行性和有效性.     

Internet multicast routing and transport control protocols

Multicasting is a mechanism to send data to multiple receivers in an efficient way. We give a comprehensive survey on network and transport layer issues of Internet multicast. We begin with an introduction to the current Internet protocol multicast model-the "host group" model and the current Internet multicast architecture, then discuss in depth the following three research areas: (1) scalable multicast routing; (2) reliable multicast; and (3) multicast flow and congestion control. Our goal is to summarize the state of the art in Internet multicast and to stimulate further research in this area     

Efficient IP-Based TV Service Over UMTS Networks

The problem of providing an efficient and low-cost video streaming service over wireless access networks is considered in this work. In order to tackle the ??last mile?? bottleneck for video delivery to the home, we propose a content-aware architecture, that incorporates popularity-dependent video patching with application-enabled multicast content delivery. The key idea is to exploit the Broadcast/Multicast Service Center (BM-SC) in Universal Mobile Telecommunications System (UMTS) networks, by forwarding individual requests for popular data to the BM-SC, and then to serve these requests efficiently by multicast content distribution. The proposed method offers a tremendous bandwidth saving, in comparison with the MAC-enabled multicasting currently exists in wireless networks. We analyze the conditions under which multicast content delivery offers a better QoS, in terms of service delay, over the individual service currently used for video streaming.     

Multicast server selection: problems, complexity, and solutions

We formulate and investigate fundamental problems that arise when multicast servers, that deliver content to multiple clients simultaneously, are replicated to enhance scalability and performance. Our study consists of two parts. First, we consider the problem under the assumption that the multicast clients are static for the duration of the multicast content distribution session. In this context, we examine two models for server behavior: fixed-rate servers, which transmit at a constant rate, and rate-adaptive servers, which adapt their transmission rate based on network conditions and/or feedback from clients. In both cases, we show that general versions of the client assignment problems are NP-hard. We then develop and evaluate efficient algorithms for interesting special cases, as well as heuristics for general cases. Second, we consider the case in which the set of clients changes dynamically during the multicast content distribution session. We again consider both fixed-rate and rate-adaptive servers. We formulate the problem as a Markov decision process, capturing the costs associated with trees, as well as the transition costs to dynamically change the trees. We use the properties of optimal solutions for small examples to develop a set of dynamic server selection heuristics.     

OMAC: A new access control architecture for overlay multicast communications

Multicast communications concern the transfer of data among multiple users. Multicast communications can be provided at the network layer—an example is IP multicast—or at the application layer, also called overlay multicast. An important issue in multicast communications is to control how different users—senders, receivers, and delivery nodes—access the transmitted data as well as the network resources. Many researchers have proposed solutions addressing access control in IP multicast. However, little attention has been paid to overlay multicast. In this paper, we investigate the access control issues in overlay multicast and present OMAC: a new solution to address these issues. OMAC provides access control for senders, receivers, and delivery nodes in overlay multicast. The proposed architecture, which is based on symmetric key cryptosystem, centralizes the authentication process in one server whereas it distributes the authorization process among the delivery nodes. Moreover, delivery nodes are utilized as a buffer zone between end systems and the authentication server, making it less exposed to malicious end systems. To evaluate our work, we have used simulation to compare the performance of OMAC against previous solutions. Results of the simulation show that OMAC outperforms previous multicast access control schemes. Copyright © 2010 John Wiley & Sons, Ltd.