论文信息 - An Architecture for Conference-Support Using Secured Multicast

An Architecture for Conference-Support Using Secured Multicast

The current work argues that from a security perspective there is much to be gained by employing a “secured” IP multicast at the Network layer to support the formation and management of secure conferences at the Application layer. A secured IP multicast -- with group authentication and confidentiality -- already achieves a reasonable level of security, and therefore fulfils a large part of the basic requirements of secure conferencing. If host-to-host authentication and confidentiality has been achieved through an N-to-N multicast that has been secured, then to a large extent the basic security needs of conferencing has been satisfied. What remains would be for the other conference-specific security requirements to be satisfied using methods which are particular to a given conference scheme, such as cheater detection/identification methods based on cryptographic techniques. In the current work we propose an architecture called the Multicast/Conference Security Architecture (MCSA) to facilitate the use of (a secured) IP multicast at the Network layer for establishing (a secured) conference at the Application layer.

Thomas Hardjono | Brad Cain | Naganand Doraswamy

[1] W. Douglas Maughan,et al. Internet Security Association and Key Management Protocol (ISAKMP) , 1998, RFC.

[2] Gene Tsudik,et al. Diffie-Hellman key distribution extended to group communication , 1996, CCS '96.

[3] John Moy,et al. Multicast Extensions to OSPF , 1994, RFC.

[4] Stephen T. Kent,et al. Security Architecture for the Internet Protocol , 1998, RFC.

[5] Dan Harkins,et al. The Internet Key Exchange (IKE) , 1998, RFC.

[6] David Chaum,et al. Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[7] Stephen Farrell,et al. Internet X.509 Public Key Infrastructure Certificate Management Protocols , 1999, RFC.

[8] Suvo Mittra,et al. Iolus: a framework for scalable secure multicasting , 1997, SIGCOMM '97.

[9] Kenji Koyama,et al. Identity-based Conference Key Distribution Systems , 1987, CRYPTO.

[10] Stephen E. Deering,et al. Host extensions for IP multicasting , 1986, RFC.

[11] Tony Ballardie,et al. Scalable Multicast Key Distribution , 1996, RFC.

[12] Chak-Kuen Wong,et al. A conference key distribution system , 1982, IEEE Trans. Inf. Theory.

[13] Hugh Harney,et al. Group Key Management Protocol (GKMP) Specification , 1997, RFC.