Laiha Mat Kiah (2007) A key management framework for secure group communication in wireless mobile environment.
Full text access: Open
Multicast functionality can be used to enable group communication more efficiently than the traditional unicast networks. Like unicast environments, multicast or group-based applications are expected to deliver same level of service to both end users and service or content providers. One of the problem areas concerns with provision of secure group communication is the management of keying material, which is primarily managed by an infrastructure, referred to as a group key management framework (GKMF). The main function of a GKMF is providing common cryptographic key(s) to all group members of a multicast group communication. While security issues pertaining to deployment of secure group communication in fixed unicast networks are widely research, very little consideration is given for establishing such communications in wireless mobile environments (WMobEs). Inherent characteristics of WMobEs such as restricted capabilities of mobile devices, as well as mobility of group members provide further challenge for deploying secure group communication in such environments. Thus, this thesis concerns key management frameworks for secure group communication in WMobEs. There are three main parts to the work. First, we begin with an introduction to multicast technology, including its capability to enable group (or multicast) communication. Second, we focus the work on one area, the management of group keying material within a GKMF, including its main components and processes (or protocols). Third, we propose a specification for a GKMF for secure group communication, based on a specific wireless mobile architecture. Finally, we conclude our work by identifying future research directions. The main contribution of this thesis is to design, specify and analyze a GKMF for group communication in WMobEs.
This is a Published version This version's date is: 05/2007 This item is peer reviewed
https://repository.royalholloway.ac.uk/items/b929b5ef-99d5-44f9-9b6b-700c60b65b55/1/
Deposited by () on 28-Jun-2010 in Royal Holloway Research Online.Last modified on 14-Dec-2010
Almeroth, K. C. (2000). The Evolution of Multicast: From the MBoneto Inter-Domain Multicast to Internet2 Deployment. Network IEEE,14(1):10–20.
Ammer, C. (2000). The American Heritage Dictionary of the English Language,Fourth Edition. Houghton Mifflin Company.
Apple (2007). iPhone: Internet in Your Pocket, published by Apple Inc.http://www.apple.com/iphone/.
Ballardie, A. (1996). Scalable multicast key distribution. RFC 1949.
Baugher, M., Canetti, R., Dondeti, L., and Lindholm, F. (2003).Group Key Management Architecture. Internet Draft IETF MSEC WG.http://www2.tools.ietf.org/html/draft-ietf-msec-gkmarch-04.
Baugher, M., Canetti, R., Dondeti, L., and Lindholm, F. (2005). MulticastSecurity (MSEC) Group Key Management Architecture. RFC 4046.BBC (2007). Launch date for iPhone revealed, reported by BBC News.http://news.bbc.co.uk/1/hi/technology/6717865.stm.
Bhargava, B., Kamisety, S. B., and Madria, S. K. (2000). Fault-tolerant authenticationand group key management in mobile computing. Technicalreport, Center for Education and Research in Information Assuranceand Security, and Department of Computer Science Purdue University.http://www.cs.purdue.edu/homes/bb/cs690b/report.ps.
Bruschi, D. and Rosti, E. (2002). Secure multicast in wireless networks ofmobile hosts: Protocols and issues. Mobile Networks and Applications,7(6):503–511.
BS (1997). Information technology - Security techniques - Entity authentication- Part 1: General (BS ISO/IEC 9798-1). British Standards.
BS (2002). Information technology - Security techniques - Time-stampingservices - Part 1 (BS ISO/IEC 18014-1). British Standards.
Canetti, R., Garay, J., Itkis, G., Micciancio, D., Naor, M., and Pinkas, B.(1999). Multicast security: A taxonomy and some efficient constructions.In Proceeding of IEEE Eighteenth Annual Joint Conference ofthe IEEE Computer and Communications Societies (INFOCOMM)’99.http://citeseer.ist.psu.edu/canetti99multicast.html.
Caronni, G., Lubich, H., Aziz, A., Markson, T., and Skrenta,R. (1996). SKIP: Securing the internet. In Proceedings of WETICE ’96 Fifth Workshop on Enabling Technologies, pages 62–67.http://citeseer.ist.psu.edu/caronni96skip.html.
Casner, S. and Deering, S. (1992). First IETF Internet Audiocast.SIGCOMM Computer Commununication Review, 22(3):92–97.http://citeseer.ist.psu.edu/casner92first.html.
Chlamtac, I. and Redi, J. (1998). Mobile Computing: Challenges and Potential.Encyclopedia of Computer Science, 4th Edition, InternationalThomson Publishing.
Ciscosystem (2006). Cisco internetworking terms and acronyms.http://www.cisco.com/univercd/cc/td/doc/cisintwk/ita/index.htm.
Comer, D. E. (2001). Computer Networks and Internets with Internet Applications,pages 99–137. Prentice Hall, third edition.
Dankers, J., Garefalakis, T., Schaffelhofer, R., andWright, T. (2004). PKI inmobile systems. In Security for Mobility by C. J. Mitchell, pages 11–32.The Institution of Electrical Engineers (IEEE), London UK.
Davies, J. (2003). Understanding IPv6. Microsoft Press.
Decleene, B., Dondeti, L., Griffin, S., Hardjono, T., Kiwior, D., Kurose, J.,Towsley, D., Vasudevan, S., and Zhang, C. (2001). Secure group communicationsfor wireless networks. In Proceedings of IEEE MILCOM’01,pages 66–73.
Deering, S. (1989). Host extensions for IP multicasting. RFC 1112.
Devereaux-Weber, D. (2006). Mbone (internet multicasting backbone) andmultimedia resources. http://www.mbone.net/, owned by Solution Box,Inc.
Diot, C., Levine, B. N., Lyles, B., Kassem, H., and Balensiefen, D. (2000).Deployment issues for the ip multicast service and architecture. NetworkIEEE, 14(1):78–88.
FIPS (2001). Advanced Encryption Standard (AES). National Instituteof Standards & Technology (NIST). Federal InformationProcessing Standards Publication 197 (FIPS PUB 197),http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf.
FIPS (2004). Standards for Security Categorization of Federal Informationand Information Systems. National Institute of Standards & Technology(NIST). Federal Information Processing Standards Publication 199(FIPS PUB 199), http://csrc.nist.gov/publications/fips/fips199/FIPSPUB-199-final.pdf.
Forman, G. H. and Zahorjan, J. (1994). The challenges ofmobile computing. Technical report, Computer Science& Engineering, University of Washington. TR-93-11-03,http://citeseer.ist.psu.edu/article/forman94challenges.html.
Gong, L. and Shacham, N. (1995). Multicast security and its extension to amobile environment. Wireless Networks, 1(3):281–295.
Gove, R. A. (2000). Fundamentals of cryptography and encryption. In InformationSecurity Management Handbook, 4th Edition by H. F. Tiptonand M. Krause. Auerbach.
Goyeneche, J.-M. D. (2004). Multicast over TCP/IP HOWTO.http://www.tldp.org/HOWTO/Multicast-HOWTO.html.
GSEC (2007). The Group Security Research Group (GSEC) of InternetResearch Task Force (IRTF). http://www.securemulticast.org/gsecindex.htm.
Hardjono, T., Cain, B., and Doraswamy, N. (2000a). A Frameworkfor Group Key Management for Multicast Security. InternetDraft IETF. http://www3.ietf.org/proceedings/00jul/I-D/ipsecgkmframework-02.txt.
Hardjono, T., Cain, B., and Monga, I. (2000b). Intra-DomainGroup Key Management Protocol. Internet Draft IETF.
http://www.securemulticast.org/draft-ietf-ipsec-intragkm-03.txt.Hardjono, T. and Dondeti, L. R. (2003). Multicast and Group Security.Artech House.
Hardjono, T. and Tsudik, G. (2000). IP Multicast Security: Issuesand Directions. Annales de Telecom, pages 324–340.http://citeseer.ist.psu.edu/hardjono99ip.html.
Hardjono, T. and Weis, B. (2004). The Multicast Group Security Architecture.RFC 3740.
Harkins, D. and Carrel, D. (1998). The Internet Key Exchange (IKE). RFC2409.
Harney, H. and Muckenhirn, C. (1997). Group Key Management Protocol(GKMP) specification. RFC 2093.
Hillebrand, F. (2002). GSM and UMTS: The Creation of Global Mobile Communication.John Wiley & Sons, Ltd.
Hinden, R. and Deering, S. (2006). IP Version 6 Addressing Architecture.RFC 4291.
Huitema, C. (1995). Routing in the Internet. Prentice Hall.
IANA (2005). Internet Protocol v4 Multicast Address Assignments, IP Version6 Addressing Architecture. Internet Assigned Numbers Authority(IANA) (Standard Documents), http://www.iana.org/ipaddress/ipaddresses.htm.
IETF (2007). The Internet Engineering Task Force (IETF).http://www.ietf.org/home.html.
IIyas, M. (2003). The Handbook of Ad Hoc Wireless Networks. CRC Press.
Ikbal, J. (2003). An introduction to cryptography. In Information SecurityManagement Handbook, 4th Edition by H. F. Tipton and M. Krause.Auerbach.
IRTF (2007). Internet Research Task Force (IRTF). http://www.irtf.org/.ISO (1988). Information technology-Banking-Key Management (ISO/IEC8732). International Standard.
ISO (1989). Information processing systems - Open Systems Interconnection- Basic Reference Model - Part 2: Security Architecture (ISO 7498-2).International Standard.
ISO (1994a). Information technology - Security techniques - Data integritymechanism based on H-MAC algorithm (ISO/IEC 9797-2). InternationalStandard.
ISO (1994b). Information technology - Security techniques - Data integritymechanism using a cryptographic check function employing a block cipheralgorithm (ISO/IEC 9797-1). International Standard.
ISO (1996a). Information technology - Security techniques - Key management- Part 1: Framework (ISO/IEC 11770-1). International Standard.
ISO (1996b). Information technology - Security techniques - Key management- Part 2: Mechanism using symmetric techniques (ISO/IEC 11770-2). International Standard.
ISO (1999a). Information technology - Security techniques - Entity authentication- Part 2: Mechanisms using symmetric encipherment algorithms(ISO/IEC 9798-2). International Standard.
ISO (1999b). Information technology - Security techniques - Entity authentication- Part 4: Mechanisms using a cryptographic check function(ISO/IEC 9798-4). International Standard.
Lin, Y. and Chlamtac, I. (2001).Wireless and Mobile Network Architectures.John Wiley & Sons, Inc.
MatKiah, M. L. and Martin, K. M. (2005). Group communication: Designchallenges in the development of key management frameworks in wirelessmobile environments. In Proceedings of International Conference onSecurity and Management SAM’05, pages 385–390. CSREA Press.
MatKiah, M. L. and Martin, K. M. (2006). A generic group key managementframework for group communication in wireless mobile environments.In Proceedings of the Sixth International Network Conference INC2006,pages 347–354. University of Plymouth.
Maughan, D., Schertler, M., Schneider, M., and Turner, J. (1998). Internetsecurity association and key management protocol (ISAKMP). RFC2408. http://www.ietf.org/rfc/rfc2408.txt.
McDaniel, P., Prakash, A., and Honeyman, P. (1999). Antigone: A flexibleframework for secure group communication. In Proceedings of the8th USENIX Security Symposium, pages 99–114. USENIX. WashingtonD.C., USA, August 23-26.
Michiardi, P. and Molva, R. (2006). Ad hoc network security. In Handbookof Information Security: Key Concepts, Infrastructure, Standards, andProtocols, Volume 1 Editor-in-chief H. Bidgoli. John Wiley & Sons, Inc.
Miller, C. K. (1999). Multicast Networking and Applications. Addison Wesley.
Mittra, S. (1997). Iolus: A framework for scalable secure multicasting. InProceedings of ACM SIGCOMM, pages 277–288, Cannes, France.
MSEC (2007). Multicast Security (MSEC) Group of Internet EngineeringTask Force (IETF). http://www.ietf.org/html.charters/mseccharter.html.
Murray, W. H. (2000). Principles and applications of cryptographic key management.In Information Security Management Handbook, 4th Edition byH. F. Tipton and M. Krause. Auerbach.
Nichols, R. K. and Lekkas, P. C. (2002). Wireless Security: Models, Threats,and Solutions. McGraw-Hill.
Noubir, G., Zhu, F., and Chan, A. H. (2002). Key managementfor simultaneous join/leave in secure multicast. In Proceedings ofIEEE International Symposium on Information Theory, pages 325–331.http://citeseer.ist.psu.edu/552621.html.
Park, J., Suh, Y., and Kang, S. (2002). Supporting mobile multicast in mobilenetworks by considering host mobility. In IDMS/PROMS 2002: Proceedingsof the Joint International Workshops on Interactive DistributedMultimedia Systems and Protocols for Multimedia Systems, pages 263–273. Springer-Verlag.
Perrig, A. and Tygar, J. (2003). Secure Broadcast Communication in Wiredand Wireless Networks. Kluwer Academic Publishers.Pessi, P. (2003). Secure multicast. http://www.tml.tkk.fi/Opinnot/Tik-110.501/1995/multicast.html.
Potlapally, N. R., Ravi, S., Raghunathan, A., and Jha, N. K. (2006). Astudy of the energy consumption characteristics of cryptographic algorithmsand security protocols. Proceedings of IEEE Transactions on MobileComputing, 5(2):128–143.
Reid, B. (1997). What is multicast? Edited archived of the SCADA mailinglist, http://members.iinet.net.au/ ianw/archive/x1584.htm.Rodeh, O., Birman, K., and Dolev, D. (2000). Optimized group rekey forgroup communication systems. In Proceedings of ISOC Network and DistributedSystems Security, pages 39–48, San Diego, CA. Cornell University.
Savetz, K., Randall, N., and Lepage, Y. (1998). MBONE:Multicasting Tomorrow’sInternet. http://www.savetz.com/mbone/, Printed copy availablefrom John Wiley & Sons Inc.
Setia, S., Koussih, S., Jajodia, S., and Harder, E. (2000). Kronos: A scalablegroup re-keying approach for secure multicast. In Proceedings of IEEESymposium on Security and Privacy, pages 215–228. IEEE ComputerSociety.
Setia, S., Zhu, S., and Jajodia, S. (2002). A scalable and reliable keydistribution protocol for multicast group rekeying. Technical report,Center for Secure Information Systems, George Mason University.http://citeseer.ist.psu.edu/setia02scalable.html.
SMuG (2007). Secure Multicast Research Group (SMuG) of Internet ResearchTask Force (IRTF). http://www.irtf.org/old-groups.
Stallings, W. (1999). Cryptography and Network Security: Principles andPractice. Prentice Hall.
Steiner, M., Tsudik, G., and Waidner, M. (1998). CLIQUES: A new approachto group key agreement. In Proceedings of the 18th InternationalConference on Distributed Computing Systems (ICDCS’98), pages 380–387, Amsterdam. IEEE Computer Society Press.
TechNews (2007). UK Survey: 7 million keen to buy iPhone.http://www.tech.co.uk/gadgets/phones/mobile-phones/news/uksurvey-7-million-keen-to-buy-iphone?articleid=540737775.197
Vines, R. D. (2002).Wireless Security Essentials: Defending Mobile Systemsfrom Data Piracy. Wiley.
Vodafone (2007). About Vodafone UK. http://online.vodafone.co.uk.
Wadaa, A., Olariu, S., Wilson, L., and Eltoweissy, M. (2004). Scalable cryptographickey management in wireless sensor networks. In ICDCSW ’04:Proceedings of the 24th International Conference on Distributed ComputingSystems Workshops - W7: EC (ICDCSW’04), pages 796–802. IEEEComputer Society Press.
Waldvogel, M., Caronni, G., Sun, D., Weiler, N., and Plattner, B. (1999).The versakey framework: Versatile group key management. IEEE Journalon Selected Areas in Communications, 17(8).
Wallner, D., Harder, E., and Agee, R. (1999). Key Management for Multicast:Issues and Architectures. RFC 2627.
Williamson, B. (2000). Developing IP Multicast Networks. Cisco Press.Chapter 43.
Wittmann, R. and Zitterbart, M. (2001). Multicast Communication: Protocolsand Applications. Morgan Kaufmann.
Wong, C. K., Gouda, M. G., and Lam, S. S. (1998). Secure groupcommunications using key graphs. In Proceedings of the ACM SIGCOMM’98 conference on Applications, technologies, architectures,and protocols for computer communication, pages 68–79. ACM Press.http://citeseer.ist.psu.edu/article/wong98secure.html.
Zhang, C., Decleene, B., Kurose, J., and Towsley, D. (2002). Comparison ofinter-area rekeying algorithms for secure wireless group communications.An International Journal Performance Evaluation, 49:1–20.
Zou, X. and Thukral, A. (2006). Key management. In Handbook of InformationSecurity: Information Warfare; Social, Legal, and InternationalIssues; and Security Foundations, Volume 2 Editor-in-chief H. Bidgoli.John Wiley & Sons, Inc.