Related Research Efforts
-
The Rampart
system (Cornell University) was the first to demonstrate the feasibility
of reliable and atomic group multicast in asynchronous distributed systems
in the presence of Byzantine failures.
-
The Immune (UCSB) system
secure the low-level ring protocol of the Totem
system against Byzantine failures.
-
Ensemble
security (Cornell University) allows application-dependent trust
models, optimizes certain aspects of group key generation and distribution
protocols. The group key exchange protocols used in Ensemble are extensions
of symmetric cryptographic tools such as PGP or Kerberos. Moreover, Ensemble
relies on a trusted group leader to perform and initiate key generation.
-
Secure Spread
(Johns Hopkins University) approach is differente from the Ensemble approach
since Secure Spread uses a fully distributed group key generation protocol;
namely Cliques.
-
IETF Multicast
SECurity Working Group (MSEC)
-
IRTF Secure
Multicast Research Group (SMuG)
Drafts
-
Group Secure Association Key Management Protocol, Hugh Harney, Eric
Harder
The Group Secure Association Key Management Protocol (GSAKMP) provides
a security framework for creating cryptographic groups on a network. It
provides mechanisms to disseminate group security policy, perform access
control based upon PKI certificates, generate group keys, and recover from
compromise. This framework addresses group scalability issues by facillitating
delegation of process-intensive actions in a secure and controlled manner.
-
A Framework for Group Key Management for Multicast Security, T.
Hardjono, B. Cain and N. Doraswamy
This document provides a framework for group key management for multicast
security, motivated by three main considerations, namely the multicast
application, scalability and trust-relationships among entities. It introduces
two planes corresponding to the network entities and functions important
to multicasting and to security. The key management plane consists of two
hierarchy-levels in the form of a single 'trunk region' (inter-region)
and one or more 'leaf regions' (intra-region). The advantages of the framework
among others are that it is scalable, it has reduced complexity and allows
the independence in regions of group key management.
[an error occurred while processing this directive]