| Multicast is an efficient way to exchange data within groups for it achieving low network transmission overheads and high user scalability. There are a number of group applications that make good use of multicast capability, such as stock quote services, distribution of digital media, video-conferencing, pay-per-view TV, Internet radio, and so on. As the security threats on the Internet increase, many multicast applications need to secure the communications between the group members and to restrict access of the multicast communications to only the legitimate subscribers. The commonly used technique to secure the group communications is to use a common key that is known to all group members, but is unknown to non-members. This raises the problem of group key management.At first, the concept of multicast is introduced. Then, we describe the security requirements, related issues and design principles of group key management. Based on some current schemes and rules for group key management, classification for group key management schemes is studied. Then a framework of group key management is provided for multicast security. The advantages of the framework among others are that it is scalable, and allows the independence in regions of group key management. Based on the presented framework, the common architecture is defined for group key management protocols. This architecture can be used in the "intra-region" and "inter-region" group key management, and supports a variety of application, transport, and network layer security protocols. We describe the group key management solutions proposed so far in literatures, distributing them into the classes of centralized group key management protocols, decentralized architectures and distributed key management protocols. We analyze them comparatively within their respective class and give an insight to their features and goals. The known approaches are so complex that the serious performance degradation is caused. In this paper, a secure, efficient and distributed group key management scheme is presented and its security is proved. The scheme is based on hierarchical key tree and multi-party key agreement, and has the desired properties, suck as key independence and statelessness. The related analysis shows that the ternary key tree is most applicable to group key management, and the corresponding key management scheme is efficient in the computation cost, storage cost and feasibility.
|
PDF Full Text Request