Fast multicast scheme with secure network coding in cloud data centers

Multicast is widely applied in cloud data centers. Because intermediate nodes can encode the packets, network coding improves the capacity and robustness of multicast applications. However, this system is vulnerable to pollution attacks. Existing schemes mainly focus on homomorphic cryptographic technologies against such attacks. However, the homomorphic cryptographic technology introduces complicated key management and calculation and storage overhead. This paper proposes a novel, fast, and secure network-coding multicast on software-defined networks. This scheme separates the complicated secure multicast management from fast data transmission. In the control layer, when users and switches try to join the secure multicast, they are authenticated and authorized by the controller. Only trusted nodes can join the forwarding paths. In the data layer, the trusted nodes only forward the data. The proposed scheme can use traditional cryptography without homomorphy; thus, it greatly reduces computation complexity, improves transmission efficiency, and thwarts pollution and eavesdropping attacks.

[1]  Chau Yuen,et al.  A Tag Encoding Scheme against Pollution Attack to Linear Network Coding , 2014, IEEE Transactions on Parallel and Distributed Systems.

[2]  Peter Sanders,et al.  Polynomial time algorithms for multicast network code construction , 2005, IEEE Transactions on Information Theory.

[3]  Markus Winter,et al.  Data Center Consolidation: A Step towards Infrastructure Clouds , 2009, CloudCom.

[4]  Joseph Naor,et al.  On the effect of forwarding table size on SDN network utilization , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[5]  Dan Boneh,et al.  Homomorphic MACs: MAC-Based Integrity for Network Coding , 2009, ACNS.

[6]  Nick McKeown,et al.  A network in a laptop: rapid prototyping for software-defined networks , 2010, Hotnets-IX.

[7]  Masato Tsuru,et al.  Delivering a File by Multipath-Multicast on OpenFlow Networks , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[8]  Hong Shen,et al.  Achieving inter-domain routing security based on distributed translator trust model , 2015, Comput. Sci. Inf. Syst..

[9]  Reza Curtmola,et al.  Practical defenses against pollution attacks in intra-flow network coding for wireless mesh networks , 2009, WiSec '09.

[10]  Hui Li,et al.  LMTM: Multi-tree multicast with inter-layer network coding for layered multimedia streaming , 2013, 2013 8th International Conference on Communications and Networking in China (CHINACOM).

[11]  Dan Boneh,et al.  Preventing Pollution Attacks in Multi-Source Network Coding , 2010, IACR Cryptol. ePrint Arch..

[12]  D Cente,et al.  Research on the Architecture of Reconfigurable Fundamental Information Communication Network , 2015 .

[13]  Xinchang Zhang,et al.  A two-tiered reliable application layer multicast , 2011, Comput. Sci. Inf. Syst..

[14]  Rudolf Ahlswede,et al.  Network information flow , 2000, IEEE Trans. Inf. Theory.

[15]  Yong Guan,et al.  An Efficient Scheme for Securing XOR Network Coding against Pollution Attacks , 2009, IEEE INFOCOM 2009.

[16]  Shuo-Yen Robert Li,et al.  Linear network coding , 2003, IEEE Trans. Inf. Theory.

[17]  Fang Zhao,et al.  Signatures for Content Distribution with Network Coding , 2007, 2007 IEEE International Symposium on Information Theory.

[18]  Dan Li,et al.  Exploring efficient and scalable multicast routing in future data center networks , 2011, 2011 Proceedings IEEE INFOCOM.

[19]  Bei Hua,et al.  NCoS: A framework for realizing network coding over software-defined network , 2014, 39th Annual IEEE Conference on Local Computer Networks.

[20]  Muriel Medard,et al.  On network coding for security , 2007, MILCOM 2007 - IEEE Military Communications Conference.

[21]  Ulas C. Kozat,et al.  On diagnosis of forwarding plane via static forwarding rules in Software Defined Networks , 2013, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[22]  Jonathan Katz,et al.  Signing a Linear Subspace: Signature Schemes for Network Coding , 2009, IACR Cryptol. ePrint Arch..

[23]  Shuo-Yen Robert Li,et al.  On theory of linear network coding , 2005, Proceedings. International Symposium on Information Theory, 2005. ISIT 2005..

[24]  Muriel Medard,et al.  On Randomized Network Coding , 2003 .

[25]  Hsing-Chung Chen,et al.  A secure e-mail protocol using ID-based FNS multicast mechanism , 2014, Comput. Sci. Inf. Syst..

[26]  Zheng Yan,et al.  Autonomic Trust Management for a Component-Based Software System , 2011, IEEE Transactions on Dependable and Secure Computing.

[27]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[28]  J. J. Garcia-Luna-Aceves,et al.  KHIP—a scalable protocol for secure multicast routing , 1999, SIGCOMM '99.

[29]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[30]  Song Guo,et al.  Efficient privacy-preserving multicast in cloud data centers , 2014, 2014 IEEE International Conference on Communications (ICC).

[31]  Minghua Chen,et al.  RIPPLE Authentication for Network Coding , 2010, 2010 Proceedings IEEE INFOCOM.