An AAA Framework for IP Multicast Communication in Next Generation Networks

An AAA Framework for IP Multicast Communication in Next Generation Networks

Prashant Pillai (University of Bradford, UK)
DOI: 10.4018/978-1-60566-108-7.ch003
OnDemand PDF Download:
$37.50

Abstract

IP multicast mechanisms provide efficient bandwidth consumption and distribution of high volume contents such as audio/video streaming, audio/video-on-demand and file sharing to multiple users. To commercially deploy multicast services in next generation networks it is important for Network Providers (NPs) to be able to control user access to the multicast content and to be able to account the multicast usage. This chapter compares some of the existing security mechanisms and highlights their inadequacies for providing efficient multicast security. The chapter then describes an AAA framework for IP multicast, which combines the IETF MSEC architecture with efficient AAA techniques to provide secure multicast content and to enable NPs to authenticate, authorise and provide efficient access control of end users requesting multicast content. This AAA framework also supports both post-paid and pre-paid accounting of users and allows the monitoring of session information like session duration and data volume for each multicast session.
Chapter Preview
Top

Introduction

When an end user wants to access multicast content, he or she needs to send an Internet Group Management Protocol (IGMP) (Cain, 2002) Join message to its next hop router. Upon receiving the request, this router uses a multicast protocol such as Protocol Independent Multicast (PIM) (Estrin, 1998) for setting up a distribution tree so that the multicast data can be routed from the source to the receiver. As stated by Cain (2002), joining a multicast group is an “unprivileged operation”, or in other words, in standard multicast operation, any end user (i.e. host device) is allowed to join any multicast group and gain access to multicast traffic without authentication. This implies that there is not a single mechanism defined to restrict access of the multicast traffic only to an authenticated and authorised set of users, or to inhibit un-authenticated users gaining access to multicast traffic, which are meant only for a specific user group. Hence NPs cannot limit or control the access to the multicast content making it impossible to account the users for their multicast service usages. In addition, these protocols do not enable the sender i.e. the Content Provider (CP) to know who is accessing the multicast data at any given time. Hence the sender cannot account users for the multicast usage, leading to an unclear business model for both the NP and the CP (Savola, 2005).

The traditional method of providing any form of accounting for multicast services is to associate it with security. In this mechanism, the multicast content is encrypted by the CP before transmission and the users who require access to this content have to request the security keys from the CP to decrypt the transmitted content. The CP may then charge these users to disclose the security keys to them. Though this provides a simple method in which the CP may charge users accessing the multicast content, it is merely a method to charge users once for providing the keys. This method does not provide the flexibility offered by standard Authentication, Authorisation and Accounting (AAA) protocols to allow access control by the NP, nor does it provide time and/or volume based pre-paid and post-paid charging. The Group Security Association and Key Management Protocol (GSAKMP) (Harney, 2006) and the Group Domain of Interpretation (GDOI) (Baugher, 2003) multicast security protocols based on the multicast security architecture (Baugher, 2005) defined by Internet Engineering Task Force (IETF) Multicast Security (MSEC) working group also use this traditional method for securing the multicast traffic. The biggest drawback with such a mechanism is that only the CP has the ability to control and charge the users. In a distributed architecture, the NP to which the user may be connected, has no control on the multicast usage and hence cannot charge the user for their network usage, making IP multicast service provision unattractive to the NP for commercial deployment. Since the NP has no control, a malicious user may send an IGMP Join message to join any multicast group with the intention to launch a Denial-of-Service attack.

Key Terms in this Chapter

EAP: Extensible Authentication Protocol.

GSAKMP: Group Security Association and Key Management Protocol.

PIM: Protocol Independent Multicast.

CHAP: Challenge handshake Authentication Protocol.

GDOI: Group Domain of Interpretation.

CP: Content Provider.

AAA: Authentication, Authorisation and Accounting.

DR: Designated Router.

ACS: Access Control Server.

EAPoL: EAP over LAN.

NAS: Network Access Server.

RADIUS: Remote Authentication for Dial-in User Service.

GCKS: Group Controller and Key Server.

PAP: Password Authentication Protocol.

IETF: Internet Engineering Task Force.

IGMP: Internet Group Management Protocol.

PAE: Password Authenticated Exchange.

TTLS: Tunnelled Transport Layer Security.

TLS: Transport Layer Security.

OPNET: Optimised Network Engineering tool.

MSEC: Multicast Security.

SAKE: Shared-secret Authentication and Key Establishment.

IGAP: Internet Group membership Authentication Protocol.

WLAN: Wireless Local Area Network.

Complete Chapter List

Search this Book:
Reset
Editorial Advisory Board
Table of Contents
Foreword
Robert A. Walker, Drew Parker
Preface
Stavros Kotsopoulos, Konstantinos Ioannou
Acknowledgment
Chapter 1
Dzmitry Kliazovich, Michael Devetsikiotis, Fabrizio Granelli
The layering principle has been long identified as a way to increase the interoperability and to improve the design of telecommunication protocols... Sample PDF
Formal Methods in Cross Layer Modeling and Optimization of Wireless Networks: State of the Art and Future Directions
$37.50
Chapter 2
Dimitris Toumpakaris, Jungwon Lee
This chapter presents an introduction to cross-layer scheduling and resource allocation for wireless systems and an overview of some of the... Sample PDF
Cross-Layer Resource Allocation and Scheduling for Wireless Systems
$37.50
Chapter 3
Prashant Pillai
IP multicast mechanisms provide efficient bandwidth consumption and distribution of high volume contents such as audio/video streaming... Sample PDF
An AAA Framework for IP Multicast Communication in Next Generation Networks
$37.50
Chapter 4
N. Merlemis, D. Zevgolis
This chapter is an introduction of the Wavelength-division multiplexing (WDM) technologies (such as Dense WDM and coarse WDM) and their recent... Sample PDF
Wavelength Division Multiplexing Technologies and their Applications
$37.50
Chapter 5
Sotiris Karabetsos, Spiros Mikroulis, Athanase Nassiopoulos
The high capacity offered by the optical fiber, combined with the mobility and the flexibility of wireless access, either fixed or not, provides an... Sample PDF
Radio over Fiber for Broadband Communications: A Promising Technology for Next Generation Networks
$37.50
Chapter 6
Konstantinos Birkos
High Altitude Stratospheric Platforms (HASPs) have gained much of attention from the scientific society and the communication industry in the recent... Sample PDF
High Altitude Stratospheric Platforms (HASPs)
$37.50
Chapter 7
Dimitrios K. Lymberopoulos
The Next Generation Network (NGN) is a very complex environment, where various parties (network operators, services and application providers... Sample PDF
Test Template for Data Mining Publications
$37.50
Chapter 8
Konstantinos S. Kotsopoulos
Next Generation Networks (NGNs) will accommodate heterogeneous architectures that need to be managed in order to provide services with high QoS to... Sample PDF
The Adoption of Service-Oriented Architecture (SOA) in Managing Next Generation Networks (NGNs)
$37.50
Chapter 9
Ioannis Papapanagiotou, Georgios S. Paschos
The present chapter contains a thorough investigation of Quality of Service, Energy Conservation and mobility in 802.11 and 802.16 standards.... Sample PDF
A Case Study on the QoS, Energy Consumption and Mobility of WLANs and WMANs
$37.50
Chapter 10
Panagiotis Kasimatis, Dimitra Varla
This chapter deals with the description of the various applied Mobile System Architectures, showing the evolution path towards the IP Convergence... Sample PDF
Mobile Telecom System Architectures—IMS an Evolution Path Towards IP Convergence
$37.50
Chapter 11
Peter Brida, Peter Cepel, Jan Duha
This chapter deals with mobile positioning in wireless heterogeneous next generation networks. Positioning process is analyzed and the chapter gives... Sample PDF
Mobile Positioning in Next Generation Networks
$37.50
Chapter 12
Anthony Ioannidis, Jiorgis Kritsotakis
Convergence in the communication industry is a reality – networks are being integrated, digital devices are being unified, and organizations seeking... Sample PDF
Converged Networks and Seamless Mobility: Lessons from Experience
$37.50
Chapter 13
Costas Chaikalis, Felip Riera-Palou
Modern and future wireless communication systems such as UMTS and beyond 3G systems (B3G) are expected to support very high data rates to/from... Sample PDF
Efficient Receiver Implementation for Mobile Applications
$37.50
Chapter 14
Apostolos Georgiadis, Carles Fernández Prades
Multi-antenna systems incorporating smart antenna techniques present numerous advantages compared to their single antenna counterparts including... Sample PDF
Novel Multi-Antenna and Smart Antenna Techniques for Next Generation Wireless Communication Networks
$37.50
Chapter 15
Stelios A. Mitilineos, Christos N. Capsalis, Stelios C.A. Thomopoulos
Small-scale fading strongly affects the performance of a radio link; therefore radio channel simulation tools and models are broadly being used in... Sample PDF
Simulation of Small-Scale Fading in Mobile Channel Models for Next-Generation Wireless Communications
$37.50
Chapter 16
Petros Karadimas
This chapter studies a composite stochastic model, in which the diffuse component arises from three dimensional (3-D) multipath scattering. That... Sample PDF
Stochastic Modeling of Narrowband Fading Channels with Three Dimensional Diffuse Scattering
$37.50
Chapter 17
Anastasios Papazafeiropoulos
As a consequence of the growing interest in wireless communications systems, much effort is being devoted to the channel characterization and... Sample PDF
Channel Characterization and Modelling for Mobile Communications
$37.50
Chapter 18
Fotis C. Kitsios, Spyros P. Angelopoulos, John Zannetopoulos
There is no doubt that e-government is a phenomenon of our era. E-business is becoming vital on the private sector as well as in the governmental... Sample PDF
Innovation and E-Government: An in Depth Overview on E-Services
$37.50
Chapter 19
Spyros P. Angelopoulos, Fotis C. Kitsios, Eduard Babulak
Telecommunications and Internet Technologies have evolved dramatically during the last decade, laying a solid foundation for the future generation... Sample PDF
From E to U: Towards an Innovative Digital Era
$37.50
Chapter 20
Fotis C. Kitsios
Nowadays that the world depends more and more in services, there is no issue more fundamental for service organizations than understanding the... Sample PDF
Service Innovation Management: New Service Development Strategies in the Telecommunication Industry Test Template for Data Mining Publications
$37.50
Chapter 21
D. M. Emiris
Auctioning over Wireless Networks, constitutes an attractive emerging class for m-commerce applications and formulates a procurement negotiation... Sample PDF
The Expansion of E-Marketplace to M-Marketplace by Integrating Mobility and Auctions in a Location-Sensitive Environment: Application in Procurement of Logistics Services
$37.50
Chapter 22
Achilles D. Kameas
This chapter describes a human centric approach for designing and deploying ubiquitous computing applications. These are considered as activity... Sample PDF
Deploying Ubiquitous Computing Applications on Heterogeneous Next Generation Networks
$37.50
Chapter 23
Eduard Babulak, Konstantinos G. Ioannou, Athanasios Ioannou
Transportation and Internet Technologies have evolved dramatically during the last decade, laying solid foundation for the future generation of the... Sample PDF
Channel Management Schemes to Support Services in Ubiquitous Communications Infrastructures for Future Transportation Technologies
$37.50
About the Contributors