Design and implementation of secure multicast based on SDN

Multicast communication is an important requirement for many types of applications such as IPTV, video conference. In current IP multicast architecture, any host can join a multicast group without authentication because no host identification information is maintained by routers, which leads to security risks. In addition, the routers need to be involved in both forwarding packets and maintaining route states, which results in massive complexity of the devices and produces a lot of control overheads. This paper proposes a multicast clean-slate scheme based on Software-defined Networking (SDN), aiming to improve security and controllability of multicast networks. A multicast controller logically centralized is designed to be responsible for handling multicast events, calculating multicast tree and authentication the identity of host. A prototype is implemented in our SDN platform. The result proves that our scheme is superior to the traditional IP multicast, which is reflected in two aspects: firstly, the illegal users are prevented from joining multicast group effectively. Secondly, the delay of joining a group is less than the traditional IP multicast.

[1]  Matthew J. Moyer,et al.  A survey of security issues in multicast communications , 1999, IEEE Network.

[2]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[3]  Stephen E. Deering,et al.  Host extensions for IP multicasting , 1986, RFC.

[4]  Christophe Diot,et al.  Deployment issues for the IP multicast service and architecture , 2000, IEEE Netw..

[5]  Wang Li,et al.  A Survey of Multicast Control in Mobile Internet , 2006, 2006 International Conference on Wireless Communications, Networking and Mobile Computing.

[6]  Kazuya Suzuki,et al.  A Design and Implementation of OpenFlow Controller Handling IP Multicast with Fast Tree Switching , 2012, 2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet.

[7]  Dongxu Zhang,et al.  OpenFlow-based multicast in IP-over-LOBS networks: A proof-of-concept demonstration , 2012, 2012 17th Opto-Electronics and Communications Conference.

[8]  Martín Casado,et al.  NOX: towards an operating system for networks , 2008, CCRV.

[9]  S. V. Raghavan,et al.  Survey of multicast routing algorithms and protocols , 2002 .

[10]  César A. C. Teixeira,et al.  CastFlow: Clean-slate multicast approach using in-advance path processing in programmable networks , 2012, 2012 IEEE Symposium on Computers and Communications (ISCC).

[11]  T. V. Lakshman,et al.  Abstracting network state in Software Defined Networks (SDN) for rendezvous services , 2012, 2012 IEEE International Conference on Communications (ICC).

[12]  Yang Yu,et al.  OFM: A Novel Multicast Mechanism Based on OpenFlow , 2012 .

[13]  William C. Fenner Internet Group Management Protocol, Version 2 , 1997, RFC.