nach oben

2008 | Buch

Network-Aware Security for Group Communications

verfasst von: Yan Sun, Wade Trappe, K. J. R. Liu

Verlag: Springer US

Enthalten in: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Einloggen, um Zugang zu erhalten

Über dieses Buch

Group-oriented communications will play a significant role in the next generation of networks as many services, such as pay-per-view media broadcasts and the delivery of network control messages, will rely upon the ability to reliably deliver data simultaneously to a large group of users. As these networks become increasingly pervasive and these multi-user services become increasingly ubiquitous, it will become essential that a complementary suite of security solutions are deployed in order to protect these services from a broad spectrum of security threats that are unique to group communications.

This book aims to fill a growing need in the research community for a reference that describes the state of the art in securing group communications. Network-Aware Security for Group Communications focuses on tailoring the security solution to the underlying network architecture (such as the wireless cellular network or the ad hoc/sensor network), or to the application using the security methods (such as multimedia multicasts).

Inhaltsverzeichnis

Frontmatter

1. Introduction

Communication technologies are rapidly maturing, and already the past decade has witnessed new forms of communication services being deployed. The deployment of various broadband communication technologies, such as digital subscriber line (DSL) and fiber optical communications, has led to a rapid price drop for bandwidth. Access networks, such as wireless local area networks (WLAN), are now commonplace and are rapidly evolving into metropolitan-style mesh networks.

Parallel to the rapid development of communication technologies, has been a surge in information applications. Multimedia content has become ubiquitous. Content editing software and hardware, such as digital cameras, are allowing for users to easily create. The availability of the Internet and the Web has encouraged artists, both professional and amateur, to share their creative expressions. This combination of application and communication technologies has created opportunities for new businesses to meet the growing global demand for information and entertainment.

2. Centralized Multi-user Key Management

One of the most important challenges for securing group-oriented communications is the issue of key management. As we outlined in the introductory chapter, managing keys in a group-oriented scenario is harder than traditional key management services.

In this chapter, we explore the challenges associated with centralized key management for group-oriented applications. We will begin with an overview of the fundamental limits governing centralized multicast key distribution, and then provide a survey of several approaches that exist in the literature.We then develop a new framework for multicast key management that reduces the communication overhead associated with key management, and show how to best tune this key management scheme to reduce communication overhead.

3. Group Key Agreement Techniques in Heterogeneous Networks

Prior to the delivery of data intended for a group of recipients, it is necessary to initially establish keying material used to secure the group application. In this chapter we investigate the initial key agreement problem for both homogeneous and heterogeneous networks, whereby the members of a group each make contributions to establishing secret information that may be used to form a group encryption key.

4. Optimizing Rekeying Costs in Group Key Agreement

In this chapter, we describe two contributory schemes that employ novel tree structures and rekeying algorithms, with the aim to achieve the low bound of rekeying cost. Particular, the first method, referred to as JET [60, 63], uses a special join-tree/exit-tree topology and takes advantage of cost amortization. This method can significantly reduce the rekeying cost for user join. The second method is consist of a new key tree structure, called PFMH, and a key agreement protocol, called PACK [64, 65]. This method only needs O(1) rounds of two-party DH upon any single user join event and O(log n) rounds of two-party DH upon any single user leave event, which achieves the lower bound described in the previous paragraph.

5. Optimizing Multicast Key Management for Cellular Multicasting

There has been significant advancements in building a global wireless infrastructure that will free users from the confines of static communication networks. Users will be able to access the Internet from anywhere at anytime. As wireless connections become ubiquitous, consumers will desire to have multicast applications running on their mobile devices. In order to meet such a demand, there has been increasing research efforts in the area of wireless multicast [75-77].

In wireless networks, where bandwidth is limited and transmission error rate is high, the design of key management schemes need to consider the transmission of the rekeying messages. When the design of key management schemes can take advantage of the broadcast nature of wireless media as well as the wireless network topology, the communication overhead introduced by key management can be reduced. As a direct consequence, the reliability of key distribution can be greatly improved.

In this chapter, some important properties of tree-based centralized key management scheme will be exploited. Based on these properties, the concept of topology-aware key management will be introduced. A specific design of such topology-aware key management scheme is then presented in detail, followed by performance evaluation.

6. Key Management and Distribution for Securing Multimedia Multicasts

The distribution of identical data to multiple parties using the conventional point-to-point communication paradigm makes inefficient usage of resources. The redundancy in the copies of the data can be exploited in multicast communication by forming a group consisting of users who receive similar data, and sending a single message to all group users [1]. Access control to multicast communications is typically provided by encrypting the data using a key that is shared by all legitimate group members. The shared key, known as the session key (SK), will change with time, depending on the dynamics of group membership as well as the desired level of data protection. Since the key must change, the challenge is in key management- the issues related to the administration and distribution of keying material to multicast group members.

In order to update the session key, a party responsible for distributing the keys, called the group center (GC), must securely communicate with the users to distribute new key material. The GC shares keys, known as key encrypting keys (KEKs), that are used solely for the purpose of updating the session key and other KEKs with group members.

7. Hierarchical Access Control for Multi-Group Scenarios

Many group applications contain multiple related data streams and group members have different access privileges. These applications are prevalent in various scenarios.

Multimedia applications distributing data in a multi-layer coding format [114]. For example, in video broadcast, users with a normal TV receiver can receive the normal format, while others with HDTV receivers can receive the normal format and the extra information needed to achieve HDTV resolution.
Multicast programs containing several related services, such as weather, news, traffic and stock quote.
Communications in hierarchically managed organizations where participants have various access authorization.

In these scenarios, group members subscribe to different data steams, or possibly multiple of them. In other words, the access control mechanism needs to supports multi-level access privilege. This is referred to as the hierarchical group access control [115, 116].

Traditional key management schemes are not designed to handle key management issues associated with multiple services occurring concurrently that have correlated memberships. Although access control for individual data stream can be managed separately using existing key management schemes, this leads to inefficient use of keys and does not scale well when the number of data streams increases.

In this chapter, we formulate the hierarchical group access control problem and presents the solutions [115, 116] in both centralized and contributory environments.

8. Protecting Membership Information in Secure Multicasting

Many existing key management schemes focus on maintaining key secrecy and reducing the communication overhead associated with updating the associated keys [78] [7] [56]. However, it is found that key management can disclose information about dynamic group membership to both insiders and outsiders. In other words, while the content of group communication is protected by encryption using the secret keys, group dynamic information is disclosed through key management. Group dynamic information (GDI) is the information that describes the dynamic group membership, including the number of users in a multicast group as a function of time, and the number of joining or departing users in a time interval.

In many secure group applications, group dynamic information should be kept confidential [123, 124]. Key management is a technology that enables key updating in real time as group membership changes. Future commercial multicast services, which could occur in non-traditional broadcast media such as Internet and 3G/4G wireless networks, will allow a user to subscribe to an arbitrary set of programs and change his/her subscription at any time [125] [10]. The users can choose to pay for exactly what they get, instead of a fixed monthly fee. This new type of services give the most flexibility to users, as well as opportunities to new business models. Over the non-traditional broadcast media, the global media giants as well as small multimedia producers can be the service providers. The service providers perform group management and have the knowledge of GDI, i.e audience statistics. However, it is highly undesirable to disclose instant and detailed GDI to competitors. Assume a competitor can monitor the audience statistics of the service provider X. Then, the competitor may broadcast its programs at different time slots and see how it affects its own and X’s audience statistics. As a consequence, the competitor can develop the best program schedule to compete with X. This example also shows that GDI should also be concealed from insiders. A regular user, who receives the multicast content, should not know the overall audience statistics. Otherwise, the competitor can send one of its employees to register as X’s member for a small cost, and collect valuable audience statistics from X. In addition, there are multicast communication scenarios where GDI represents sensitive deployment information about the network. For example, in a sensor network, the base station sends many broadcast messages to sensors. The base station and sensors form a secure multicast group. If some sensors are compromised, the group key should be updated such that the compromised sensors cannot decrypt future multicast messages from the BS. One possible way to update group keys is to use group key management schemes. In such an application scenario, GDI represents the number of sensors deployed in an area, and the number of revoked sensors. In this example, if GDI is not protected, attackers can obtain sensor deployment information by exploiting the key management scheme.

9. Reducing Delay and Enhancing DoS Resistance in Multicast Authentication

In this chapter, our objective is to present strategies that reduce the delay associated with multicast authentication, make more efficient usage of receiver-side buffers, make delayed key disclosure authentication more resilient to buffer overflow denial of service attacks, and allow for multiple levels of trust in authentication. Throughout this chapter, we will focus our discussion on the popular multicast authentication scheme, Timed Efficient Stream Loss Tolerant Authentication (TESLA), though our techniques can apply to other authentication methods based upon the delayed key disclosure principle. Like other schemes based upon delayed key disclosure, TESLA is susceptible to DoS attacks and is not well-suited for delaysensitive applications. At the heart of our approach is a modification to TESLA, which we call Staggered TESLA, that employs several message authentication codes (MACs) that correspond to authentication keys that are staggered in time. Staggered MACs provide notions of partial authentication and allows for forged packets to be more readily removed from the buffer, thereby improving usage of the receiver’s buffer. A benefit of partial authentication is that one may define security policies that allow for partially authenticated packets to pass through the buffer, and thus packets will remain in the buffer for a shorter duration. In many scenarios accepting partially authenticated packets is unacceptable, and therefore we present two further techniques that may be used to reduce the delay needed for full authentication. The first strategy requires that the source has a guarantee that there are no adversaries within a certain network distance of the source. By having a guarantee of proximity protection, partially authenticated packets may be accepted as fully authentic. The second strategy for reducing full authentication delay that we present involves replicating the key distribution functionality within the network, and having a set of distributed key distributors transmit the key seeds. A benefit of all of these strategies is that they mitigate the threat of a buffer overflow DoS attack since an adversary must conduct a DoS attack at a higher attack rate.

10. An Authentication Service for Sensor and Ad Hoc Networks

Remote sensing applications are becoming an increasingly important area for research and development due to the critical need for applications that will perform environmental monitoring, provide security assurance, assist in healthcare services and facilitate factory automation. In remote sensing scenarios, one or more applications are connected to a sensor network through a communication network. The sensors in the sensor network make measurements, such as local temperature or barometric pressure, and communicate this data with the appropriate application via the network. Providing security mechanisms for sensor networks is of critical importance since sensors will ultimately be used to assist in our daily lives. The authentication of the data source as well as the data are critical concerns since adversaries might attempt to capture sensors and tamper with sensor data. Traditional authentication frameworks based on public key cryptography are not suitable for sensor networks since the sensor network will ultimately consist of small, low-powered devices that are mobile. The limited computational and storage resources available to sensors necessitates alternatives to authentication based on public key certificates.

Recently, a set of security protocols for sensor networks, known as SPINS, has been proposed [163]. SPINS addresses authentication on limited resource sensor networks by introducing two security protocols that rely on the presence of a more powerful basestation and an initial shared secret between the basestation and each participating sensor node: SNEP and μTESLA. SNEP is a simple protocol that provides data confidentiality, two-party data authentication, and evidence of data freshness using only symmetric keys and counters. μTESLA is a modified version of the TESLA protocol, which performs bootstrapping without using a public key infrastructure (PKI) and discloses one key each epoch independently of the packet rate to provide broadcast authentication. Another work that focused on authentication for ad hoc networks was presented in [164]. In this chapter, a distributed light-weight model for authentication was presented that involves network nodes requesting trust references from neighboring nodes in order to establish the trust relationships needed for network authentication. Each entity maintains a list of trusted entities, and using these lists trusted communication paths between two arbitrary entities can be derived. One drawback of this method, however, is its scalability. For large networks, the size of the trust tables can become prohibitive. Another work on authentication for ad hoc networks that addressed the issue of scalability was presented in [165], which introduced the use of cluster heads to reduce the amount of control packets needed. In this work, the network is divided into cluster regions, and cluster heads are elected from the regular network nodes within each cluster. Authentication is provided by using a public key infrastructure that, unfortunately, is not suitable for small sensor devices.

These methods focus on ad hoc networks employing a flat topology. However, ad hoc networks have been recently shown to have capacity limitations, and one approach to address this drawback is to employ a hierarchical ad hoc network. In this chapter we will further explore the advantages of hierarchical ad hoc networks, particularly focusing on the advantages of the hierarchical ad hoc sensor network for performing authentication when compared with flat ad hoc networks. Authentication in hierarchical ad hoc networks has been essentially untouched, and we are aware of only one work in this direction [166], which focused on a military environment. The security of their work is based largely on the assumption that the access points, which corresponded to unmanned aerial vehicles, are unable to be compromised. This is an assumption that does not hold in non-military applications, and therefore we consider a three-tier hierarchical ad hoc network that is suitable for more general remote sensing applications running on the Internet. We develop an authentication framework for our three-tier hierarchical sensor network that addresses the hardware resources of the three-tier network, and employs cryptographic primitives that are appropriate for each type of node.

Backmatter

Titel: Network-Aware Security for Group Communications
verfasst von: Yan Sun
Wade Trappe
K. J. R. Liu
Verlag: Springer US
Electronic ISBN: 978-0-387-68848-0
Print ISBN: 978-0-387-68846-6
DOI: https://doi.org/10.1007/978-0-387-68848-0

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Jonas Klose/© Pine Valley Capital GmbH, Carina Kießling von der Strategieberatung Roland Berger/© Monika Walther Fotografie | ATZ, Beijing Auto Show 2024: Deutsche Hersteller wollen angreifen./© EKH-Pictures / Generated with AI / Stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade

Springer Professional