Скачать презентацию Ph D Thesis Defence Participant Access Control in Скачать презентацию Ph D Thesis Defence Participant Access Control in

2c6fa0d7b0beab57a1d769ab6aa32136.ppt

  • Количество слайдов: 53

Ph. D Thesis Defence Participant Access Control in IP Multicasting Salekul Islam Supervisor: Dr. Ph. D Thesis Defence Participant Access Control in IP Multicasting Salekul Islam Supervisor: Dr. J. William Atwood Computer Science and Software Engineering Concordia University

Project Highlights Participant: Receivers & Sender(s) Access Control: Authentication, Authorization & Accounting Access Control Project Highlights Participant: Receivers & Sender(s) Access Control: Authentication, Authorization & Accounting Access Control Architecture Policy Framework Inter-domain Access Control Architecture Diameter Agents Data Distribution Control Receiver Access Control IGMP with Access Control (IGMP-AC) Verification by PROMELA/SPIN Validation by AVISPA Sender Access Control PANA, IKEv 2 and IPsec SA Multicast SA 16/06/2008 Mobile Multicast: Receiver Access Control & Secured Handoff Participant Access Control in IP Multicasting 2

Existing Multicast Model DDT: Data Distribution Tree Service Routing Protocol Builds DDT Sends multicast Existing Multicast Model DDT: Data Distribution Tree Service Routing Protocol Builds DDT Sends multicast data AR 3 CR 3 AR 1 Receivers EUs CR 1 Sender CR 2 Data forwarding using DDT 16/06/2008 AR 2 IGMP Messages EUs Join/Leave Participant Access Control in IP Multicasting 3

Existing Multicast Service Model : Vulnerabilities Adversary Sender AR 1 Forged data AR 3 Existing Multicast Service Model : Vulnerabilities Adversary Sender AR 1 Forged data AR 3 CR 3 Receivers EUs CR 1 Sender CR 2 AR 2 Routing Protocol Join AR 4 IGMP Join Adversary Receiver 16/06/2008 Participant Access Control in IP Multicasting 4

Multicast-based Applications Number of Participants Applications • One-to-many • • (single sender multiple receivers) Multicast-based Applications Number of Participants Applications • One-to-many • • (single sender multiple receivers) • • Scheduled audio/video distribution Push media: news headlines, weather updates File distribution and caching Announcements: multicast session, key updates Monitoring: stock prices, sensor equipment • Multimedia conferencing Many-to-many • Synchronized resources (multiple senders multiple receivers) Many-to-one (multiple senders single receivers) 16/06/2008 • Distance learning with input from receivers • Multi-player games • Resource discovery • Auctions • Polling Participant Access Control in IP Multicasting 5

Motivation: Revenue Generation Architecture q Secure Multicasting § Protecting control messages—routing protocol specific § Motivation: Revenue Generation Architecture q Secure Multicasting § Protecting control messages—routing protocol specific § Protecting multicast data—encryption and authentication q q Securing multicasting only fails to happen in large scale commercial deployment A revenue generation architecture considers § Participant access control—AAA for sender(s) and receivers § Policy enforcement § E-commerce communications 16/06/2008 Participant Access Control in IP Multicasting 6

Why Access Control? q Effects of forged IGMP messages § Join message pulls distribution Why Access Control? q Effects of forged IGMP messages § Join message pulls distribution tree, may create Do. S § Leave message prunes distribution tree, prevents legitimate users from receiving § IGMP security—only authenticates IGMP messages q Attacks by a forged sender § Replay attack § Sender address spoofing attack § May create Do. S q GKM fails to prevent these attacks 16/06/2008 Participant Access Control in IP Multicasting 7

How to deploy access control? q Receiver access control for a secured group § How to deploy access control? q Receiver access control for a secured group § While joining/leaving § Changing reception state at ARs q Coupling access control with IGMP Sender access control for a secured group § Sending data 16/06/2008 Per-packet cryptographic protection at AR Participant Access Control in IP Multicasting 8

Overview of Our Access Control Architecture CR 3 AR 1 AR 3 Receivers EUs Overview of Our Access Control Architecture CR 3 AR 1 AR 3 Receivers EUs CR 1 Sender CR 2 AR 2 Sender Access Control Data Distribution Control Receiver Access Control • AAA for sender(s) • Per-packet protection • Protects distribution tree from forged sender • Not routing protocol security • AAA for receivers/EUs 16/06/2008 Participant Access Control in IP Multicasting 9

Access Control and Authentication in Unicast q Access Control is achieved by AAA framework Access Control and Authentication in Unicast q Access Control is achieved by AAA framework § RADIUS—with limited functionalities § Diameter—next generation AAA protocol • Extensible • Large AVP • Agent support q For authentication IETF has designed § Extensible Authentication Protocol (EAP) § Protocol for carrying Authentication for Network Access (PANA)—EAP lower layer 16/06/2008 Participant Access Control in IP Multicasting 10

Authentication, Authorization and Accounting (AAA) Framework NAS: Network Access Server End User Database AAA Authentication, Authorization and Accounting (AAA) Framework NAS: Network Access Server End User Database AAA Server Network Access is granted Authentication Authorization NAS AAA Client Accept Accounting AAA protocol EU credentials End User 16/06/2008 Requesting access to network Participant Access Control in IP Multicasting 11

Extensible Authentication By peer or Protocol (EAP) authenticator Peer to authenticator End User EAP Extensible Authentication By peer or Protocol (EAP) authenticator Peer to authenticator End User EAP Peer EAP NAS/ EAP Authenticator (Initiate EAP) § EAP summary - Authentication framework - Multiple authentication - EAP methods - Four EAP messages EAP Request 1 EAP Response 1 EAP Request 2 Diameter (EAP) Authenticator to peer AAA Server EAP Server Encapsulated over Diameter (EAP Response 1) Diameter (EAP Request 2) Request, Response Success, Failure EAP Response. N EAP Success 16/06/2008 Diameter (EAP Response. N) Diameter (EAP Success) Participant Access Control in IP Multicasting 12

Protocol for carrying Authentication for Network Access (PANA) Pa. C : PANA Client EP Protocol for carrying Authentication for Network Access (PANA) Pa. C : PANA Client EP : Enforcement Point AS : Authentication Server PAA : PANA Authentication Agent Pa. C PANA IKE EP PAA AS SNMP/API § PANA summary - Network access protocol - Works as EAP lower layer - Four entities: Pa. C, PAA, AS, EP 16/06/2008 Participant Access Control in IP Multicasting 13

Key Challenges for Access Control Architecture q The most generic architecture § § q Key Challenges for Access Control Architecture q The most generic architecture § § q Deployable for multi-domain distributed groups Supports wide range of authentication Independent of routing protocol Supports both ASM and SSM A scalable solution § Minimum workload for on-tree routers and end hosts § A distributed solution (e. g. , using AAA) q Reuse standard frameworks/protocols § Fits easily in the existing Internet service model § Will reduce the work of service providers 16/06/2008 Participant Access Control in IP Multicasting 14

Proposed Architecture GO/MR Out of the scope of thesis Updates Participants Database & Policy Proposed Architecture GO/MR Out of the scope of thesis Updates Participants Database & Policy Server FI Registration AAAS Diameter CR 3 CR 2 AR 1 Sender AR 3 AR 2 CR 1 NAS 16/06/2008 IGMP Carrying EU auth. info Participant Access Control in IP Multicasting EUs 15

Receiver Access Control: Related Work Based on IGMPv 2 Method Specific No authorization authentication Receiver Access Control: Related Work Based on IGMPv 2 Method Specific No authorization authentication & accounting IGMP Authen Author Accou version tication ization nting Suffer from common attacks Remarks IGMPv 3 Flexible Yes Initial work at HSPL, Concordia. Does not support EAP-like framework IGMPv 2 Passwd CHAP Yes Plain text password Extends IGMPv 3 No specific No No Not suitable for multiple round-tripbased authentication IGMPv 3 access control IGMPv 3 Using IP address Source filtering No Address spoofing attack, no advanced authentication scheme RADIUS based IGMPv 2 CHAP No No Sender access control also, replay attack. IGMP key based IGMPv 2 Token digital sign No No Needs GKM protocol, high overhead. Shared secret IGMPv 3 No No No AR needs shared secret to authenticate, overload for AR. EUIA IGAP 16/06/2008 Participant Access Control in IP Multicasting 16

IGMP Extension: Requirements q q q q q A generic client-server authentication An authentication IGMP Extension: Requirements q q q q q A generic client-server authentication An authentication framework (e. g. , EAP) should be deployable Must be based on IGMPv 3 and support “source filtering” Works in in parallel with IGMPv 3 and Open multicast group Only authenticated/authorized EUs are allowed to modify IGMP reception states Performs EU authentication as few times as possible Not inclined to a particular business model or to a specific relation between NSP and CP Not restricted to single domain Reuses standard protocols and framework 16/06/2008 Participant Access Control in IP Multicasting 17

Receiver Access Control using IGMP-AC Participants Database AAA Server Diameter (EAP) CR 3 AR Receiver Access Control using IGMP-AC Participants Database AAA Server Diameter (EAP) CR 3 AR 3 IGMP-AC (EAP) AR 1 CR 1 Sender CR 2 AR 2 NAS EUs IGMP with Access Control (IGMP-AC) • Extended version of IGMPv 3 • Verification using SPIN • Encapsulates EAP packets • Validation using AVISPA 16/06/2008 Participant Access Control in IP Multicasting 18

IGMP-AC Protocol q q State Diagrams for Host, AR and AAAS Additional messages § IGMP-AC Protocol q q State Diagrams for Host, AR and AAAS Additional messages § Authentication Unicast Query (auquery) § Authentication Report(areport) § Authentication Result(aresult) q Required reception states § Host: (G, S, EU id, authentication info, filter mode) § AR: (G, S, EU id, authorization and accounting info, filter mode) 16/06/2008 Participant Access Control in IP Multicasting 19

IGMP-AC Verification by PROMELA/SPIN 16/06/2008 Participant Access Control in IP Multicasting 20 IGMP-AC Verification by PROMELA/SPIN 16/06/2008 Participant Access Control in IP Multicasting 20

Verification Results q q q q q PROMELA model from the state diagrams Simple Verification Results q q q q q PROMELA model from the state diagrams Simple model, but satisfies all states/transition of state diagrams First, random simulation runs and no error reported Simulator generates Message Sequence Chart (MSC) Next, SPIN produces the Verifier (C program) from PROMELA model Different search techniques: Exhaustive, Depth-first, Breadthfirst, Bit-state storage and Hash compact. Search for errors: Assert violation, Invalid end-state, Nonprogress cycle, Never claim and Unreachable state Reaches depth up to > 800 Output confirms free from error, no unreachable state 16/06/2008 Participant Access Control in IP Multicasting 21

End User Authentication using Extensible Authentication Protocol (EAP) EAP Encapsulation over IGMP-AC EU/ Peer End User Authentication using Extensible Authentication Protocol (EAP) EAP Encapsulation over IGMP-AC EU/ Peer EAP method EAP peer AAA Server AR/Authenticator/NAS EAP method EAP layer EAP peer EAP auth IGMP-AC EAP layer AAA/IP Lower layers 16/06/2008 Lower layers Participant Access Control in IP Multicasting 22

EAP Method Example Standard EAP messages EAP Internet Key Exchange (EAP-IKEv 2) Method 1. EAP Method Example Standard EAP messages EAP Internet Key Exchange (EAP-IKEv 2) Method 1. P <- S: EAP-Request/Identity D-H exchange 2. P -> S: EAP-Response/Identity(Id) 3. P <- S: EAP-Req (HDR, SAs, KEs, Ns) Mutual auth. by AUTH 4. P -> S: EAP-Res (HDR, SAp, KEp, Np, [SK{IDp}]) 5. P <- S: EAP-Req (HDR, SK{IDs, AUTH}) 6. P -> S: EAP-Res (HDR, SK{IDp, AUTH}) 7. P <- S: EAP-Success P : Peer/EU N : Nonce HDR : Header S : Server/AAAS ID : Identity SA : Cryptographic Algorithm KE : Deffie-Hellman component AUTH : Authentication payload SK{x} : x is encrypted and authenticated 16/06/2008 Participant Access Control in IP Multicasting 23

Security Properties Validation of EAP-IKEv 2 Simplified AVISPA Model of EAP-IKEv 2 1. P Security Properties Validation of EAP-IKEv 2 Simplified AVISPA Model of EAP-IKEv 2 1. P <- S: request_id 2. P -> S: respond_id. P 3. P <- S: SA. KEs. Ns 4. P -> S: SA. KEp. Np. [{IDp}_SKp] Security Goals 1. 2. 3. 4. Mutual authentication Key establishment Confidentiality Replay protection 5. P <- S: {S. {AUTHs}_inv(Ks)}_SKs 6. P -> S: {P. {AUTHp}_inv(Kp)}_SKp 7. P <- S: success KEp SKs : : 16/06/2008 exp(G, DHs) AUTHs : SA. KEs. Np exp(G, DHp) AUTHp : SA. KEp. Ns hash(Ns. Np. exp(G, DHs), DHp) hash(Ns. Np. exp(G, DHp), DHs) Participant Access Control in IP Multicasting 24

Mit. M Attack on P 2 P Model Peer ATTACK TRACE (s, 10) -> Mit. M Attack on P 2 P Model Peer ATTACK TRACE (s, 10) -> i: i -> (p, 3) : (p, 3) -> i : i -> (s, 10): (s, 10) -> i: Intruder Server Replaces “p” with “i” request_id Intruder convinced request_id P he was talking respond_id. p with S! respond_id. i SA(3). exp(g, DHs(3)). Ns(3) SA(3). exp(g, DHp(4)). Np(4) {s. {SA(3). exp(g, DHs(3)). Ns(3). Np(4)}_inv(ks)} _(f(Ns(3). Np(4). exp(g, DHp(4)), DHs(3)))) i -> (p, 3) : {s. {SA(3). exp(g, DHs(3)). Ns(3). Np(4)}_inv(ks)} _(f(Ns(3). Np(4). exp(g, DHs(3)), DHp(4)))) 16/06/2008 Participant Access Control in IP Multicasting 25

Fixing the Attacks q First modification Newly added 5. P <- S: hash{MID. SKs}. Fixing the Attacks q First modification Newly added 5. P <- S: hash{MID. SKs}. {S. {AUTHs}_inv(Ks)}_SKs Specified as 6. P -> S: q Still AVISPA could find the attacks mandatory hash{MID. SKp}. {P. {AUTHp}_inv(Kp)}_SKp q Second modification fixed the attacks Developed from the P 2 P model by adding authenticator 4. P -> S: SA. KEp. Np. {IDp}_SKp % for symmetric key authentication between peer and server 4. P -> S: SA. KEp. Np. {P}_SKp % for asymmetric key/password % authentication q AVISPA reported the pass-through model attack free 16/06/2008 Participant Access Control in IP Multicasting 26

Sender Access Control: Related Work Lack of accounting Specific authentication Suffer from common attacks Sender Access Control: Related Work Lack of accounting Specific authentication Suffer from common attacks Attacks Overhead Routing Protocol Intra or Inter domain High CBT Both Method AAA functions Authen. Stamp Authentication Digital Authorization signature Do. S CHAP Authentication using Authorization password Dictionary, source address Low spoof Any protocol Intra domain KHIP Digital Authentication signature + Authorization encryption Do. S Medium CBT, OCBT Both SACL Authorization Replay, source address spoof Medium Any bidirectional Both 16/06/2008 Authentic ation Dependent on specific protocol No explicit method Participant Access Control in IP Multicasting 27

Sender Access Control AAA-Key Pa. C-EPMaster-Key IKE-pre. Shared-Key AAA Server y e IKE-pre-K shared-Key Sender Access Control AAA-Key Pa. C-EPMaster-Key IKE-pre. Shared-Key AAA Server y e IKE-pre-K shared-Key AAA E AR 1 PANA (EAP) r( e et m a Di Sender CR 3 16/06/2008 AR 3 CR 2 AR 2 CR 1 IKEv 2 1. Anti-replay 2. Prevents source address spoofing 3. Minimizes Do. S P) A IPsec SA NAS Participant Access Control in IP Multicasting EUs 28

Benefits of Sender Access Control q q q Provides AAA functionalities Per-packet cryptographic protection Benefits of Sender Access Control q q q Provides AAA functionalities Per-packet cryptographic protection Minimum overhead and fast packet processing Independent of routing protocol Serves both ASM and SSM groups Security services by IPsec SA § Anti-replay § Prevents source address spoofing § Minimizes Do. S 16/06/2008 Participant Access Control in IP Multicasting 29

Policy Framework: Requirements q q q Extends the proposed access control architecture Entities of Policy Framework: Requirements q q q Extends the proposed access control architecture Entities of MSEC FW will be present Based on IETF Policy FW, should have § PDP: Policy Decision Point § PEP: Policy Enforcement Point § Policy repository q q Divides policy into Data Control Policy and Access Control Policy Independent of policy specification language and transport protocol 16/06/2008 Participant Access Control in IP Multicasting 30

Policy Framework PDP: Policy Decision Point PEP: Policy Enforcement Point Group Owner Policy Repository Policy Framework PDP: Policy Decision Point PEP: Policy Enforcement Point Group Owner Policy Repository (XACML) Policy Management Tool Sender NAS/PEP GC/KS PDP AR 1 NAS/PEP Policy Protocol (SAML) AAA Server NAS/PEP AR 2 AR 4 NAS/PEP Receivers 16/06/2008 AR 3 Participant Access Control in IP Multicasting 31

Inter-domain Communication: Diameter Agents NAS: Network Access Server DRL: Diameter Re. Lay Agent DRD: Inter-domain Communication: Diameter Agents NAS: Network Access Server DRL: Diameter Re. Lay Agent DRD: Diameter Re. Direct Agent HMS: Ho. Me AAA Server DRD Network Access Identifier (NAI) (e. g. , bob@example. com) 2. No route for HMS NAS 1. Request 6. Answer example. net Request 3. Redirect Notification DRL Contains route to reach example. com 4. Request 5. Answer example. net HMS example. com Performs route lookup in Realm Routing Table 16/06/2008 Participant Access Control in IP Multicasting 32

Inter-domain Receiver Access Control Participants’ Database Group Owner AAA (EAP) NW 3 Home AAAS Inter-domain Receiver Access Control Participants’ Database Group Owner AAA (EAP) NW 3 Home AAAS AAA Redirect NW 1 Sender AR 1 NW 2 BR 1 MBGP BR 2 Sends AAA (EAP) NAI of EU Relay AR 1 IGMP-AC (EAP) EUs 16/06/2008 Participant Access Control in IP Multicasting 33

Inter-domain Sender Access Control Participants’ Database Group Owner AAA (EAP) NW 3 Checkpoint at Inter-domain Sender Access Control Participants’ Database Group Owner AAA (EAP) NW 3 Checkpoint at entrance of NW 1 AAA (EAP) Home AAAS AAA Relay Redirect Sender PANA (EAP) IKEv 2 AR 1 NW 1 CR BR 1 MBGP NW 2 EUs IPsec SA 16/06/2008 AR 1 BR 2 Participant Access Control in IP Multicasting 34

Data Distribution Control Data Distribution Multicast SA (MSA) NW 2 AR 2 BR 2 Data Distribution Control Data Distribution Multicast SA (MSA) NW 2 AR 2 BR 2 EUs NW 1 Sender AR 1 BR 1 MBGP DR NW 3 BR 3 AR 3 EUs Checkpoints 16/06/2008 Participant Access Control in IP Multicasting 35

Multicast Security Association (MSA) MSA S Get MSA parameters GCKS Constructs MSA Transports data Multicast Security Association (MSA) MSA S Get MSA parameters GCKS Constructs MSA Transports data R 1 R 2 Rn MSA provides: • Multicast data integrity • Anti-replay • Prevention of source address spoofing 16/06/2008 Participant Access Control in IP Multicasting 36

Data Distribution Control Centralized MSA NW 2 AR 2 BR 2 EUs NW 1 Data Distribution Control Centralized MSA NW 2 AR 2 BR 2 EUs NW 1 Sender AR 1 BR 1 MBGP DR NW 3 BR 3 AR 3 EUs Sender 16/06/2008 Receivers Participant Access Control in IP Multicasting 37

Data Distribution Control Distributed MSA Only BRs and ARs are member of MSA Receiver Data Distribution Control Distributed MSA Only BRs and ARs are member of MSA Receiver of MSA 1 Sender of MSA 2 NW 2 MSA 1 DR Sender AR 1 AR 2 BR 2 EUs NW 1 BR 1 MBGP NW 3 Sender Receivers BR 3 MSA 3 16/06/2008 Participant Access Control in IP Multicasting AR 3 EUs 38

Establishing the MSA: Extended PIM (S, G) Join Centralized MSA S MSA DR Distributed Establishing the MSA: Extended PIM (S, G) Join Centralized MSA S MSA DR Distributed MSA S MSA 1 DR PIM (S, G) Join BR 12 BR 11 AR 22 AR 23 Cost for a d-ary height h tree: 16/06/2008 AR 24 MSA 2 BR 11 AR 22 BR 12 MSA 3 AR 24 Cost for a d-ary height h tree: Participant Access Control in IP Multicasting 39

Comparison of Performance Number of edges traversed x 103 12 10 8 6 Distributed Comparison of Performance Number of edges traversed x 103 12 10 8 6 Distributed Centralized 4 2 0 1 2 3 4 5 6 7 8 9 10 Height, h 16/06/2008 Participant Access Control in IP Multicasting 40

Summary of Two Methods Low for distributed Features Centralized MSA Low for Establishcentralized ment Summary of Two Methods Low for distributed Features Centralized MSA Low for Establishcentralized ment cost High, in worst-case best-case. Distributed MSAs , in Scalable & Maintenance All members maintain a single MSA. flexible for distributed Less scalable and flexible. Low for Updating Updates all members if centralized needed. Flexible for Delivery time distributed Security features 16/06/2008 Low. BRs need not create IPsec encapsulated packet. Low, in best-case worst-case. , in Only the root and the leaves maintain a single MSA. Internal nodes maintain two MSAs. Scalable and flexible. A small MSA might be updated independently. High. BRs have to create IPsec encapsulated packet. Less flexible. All routers use Flexible. Individual MSA deploys same authentication and keys. different authentication and keys. Participant Access Control in IP Multicasting 41

Receiver Mobility and Secured Handoff: Related Work q q q Aggregating many multiple IGMP Receiver Mobility and Secured Handoff: Related Work q q q Aggregating many multiple IGMP messages Advanced joining the DDT Deploying Handoff Agent—proxy for MN and replies IGMP query Allowing MN to go into sleep mode Sending unsolicited join without IGMP query Tuning IGMP query timer Researchers have concentrated in two issues: 1. Reducing handoff time 2. Optimizing communication between mobile host and IGMP router Receiver access control and secured handoff are absent! 16/06/2008 Participant Access Control in IP Multicasting 42

Mobile Receiver Access Control and Secured Handoff Source MR: Multicast Router MN: Mobile Node Mobile Receiver Access Control and Secured Handoff Source MR: Multicast Router MN: Mobile Node LAAAS: Local AAAS HAAAS: Home AAAS Routing Protocol Join MR HAAAS DR CR 1 Multicast DDT MR NAS CR 2 e ipl AAA (EAP) lt Mu NAS LAAAS IGMP-AC (EAP) ps -tri nd rou Domain 1 AAA (EAP) MR NAS Domain 3 MN (EU) 16/06/2008 Handoff Domain 2 MN (EU) Participant Access Control in IP Multicasting 43

EAP Re-authentication (ERP) MN/EU Peer Optional message MR/AR Local AAAS ER Authenticator Local ER EAP Re-authentication (ERP) MN/EU Peer Optional message MR/AR Local AAAS ER Authenticator Local ER Server EAP-Initiate/ Re-auth-Start EAP-Initiate / Re-auth EAP-Finish / Re-auth) AAA(EAP-Initiate / Re-auth) AAA(r. MSK, EAPFinish / Re-auth) Single Round-trip from Peer to Local ER Server 16/06/2008 Participant Access Control in IP Multicasting 44

ERP Key Hierarchy Established at the end of EAP session Peer/EU MSK EMSK Authenticator ERP Key Hierarchy Established at the end of EAP session Peer/EU MSK EMSK Authenticator MR/NAS DSRK Mutual authentication DS-r. RK r. MSK DS-r. IK MSK : EMSK : DSRK : DS-r. RK: r. MSK : DS-r. IK : 16/06/2008 Local ER Server EAP Server MSK DSRK EMSK DSRK DS-r. RK r. MSK DS-r. IK Master Session Key Extended Master Session Key Domain Specific Root Key Domain Specific re-authentication Root Key re-authentication Master Session Key Domain Specific root Integrity Key Participant Access Control in IP Multicasting 45

Mobile Receiver Access Control in Wireless Networks ER : EAP Re-authentication ERP: EAP Re-authentication Mobile Receiver Access Control in Wireless Networks ER : EAP Re-authentication ERP: EAP Re-authentication Protocol Home EAP Server Home Domain P) A A DS A (E RK 2 A 1 K SR D Domain 1 P) EA A( AA NAS 1 16/06/2008 NAS 3 NAS 2 IGMP-AC (ERP) Micro Mobility Peer Macro Mobility Local ER Server 2 P) (ER A AA AAA (ERP) IGMP-AC (EAP) Peer Domain 2 Local ER Server 1 AAA (ERP) NAS 4 IGMP-AC (ERP) Peer Participant Access Control in IP Multicasting Peer 46

Conclusion: Major Contributions q Developing a participant access control architecture § A complete access Conclusion: Major Contributions q Developing a participant access control architecture § A complete access control architecture § Provides policy enforcement and acknowledges e-commerce § Supports inter-domain multicast groups for the first time q Receiver access control using IGMP-AC § Verification using PROMELA/SPIN § Validation of EAP-IKEv 2 by AVISPA, fixing Mit. M attack § Successfully overcome limitations of previous IGMP extensions q Sender access control § Per-packet cryptographic protection § Prevents anti-replay, sender address spoofing, minimizes Do. S 16/06/2008 Participant Access Control in IP Multicasting 47

Conclusion: Major Contributions q Developing access control policy framework § Unique FW—both fits with Conclusion: Major Contributions q Developing access control policy framework § Unique FW—both fits with MSEC FW and follows IETF Policy FW q A novel inter-domain data distribution control § Two alternate ways to deploy MSAs: Centralized and Distributed § MSA construction methods—explained in depth § Compared the two methods q Mobile Multicast § Receiver access control by IGMP-AC § Secured handoff with low latency 16/06/2008 Participant Access Control in IP Multicasting 48

Conclusion: Impacts of Our Research q Access control is acknowledged as key component to Conclusion: Impacts of Our Research q Access control is acknowledged as key component to be solved by § IETF MBONED Working Group § ITU-T IPTV Focus Group q We have projected § Missing components in MBONED framework § The additional problems to be addressed q q Mobile multicast architecture will open new horizon of wireless networks for IP multicast Will facilitate the e-commerce researchers with an extendible framework 16/06/2008 Participant Access Control in IP Multicasting 49

Conclusion: Future Work q Complete the development of the protocols § Define the packet Conclusion: Future Work q Complete the development of the protocols § Define the packet format § Specify timers’ values q q Presented our architecture in MBONED Meeting during 69 th IETF Meeting, 2007 Actively working on writing Internet Drafts § Explaining the IGMP-AC protocol § Describing the EAP/ERP encapsulation over IGMP-AC for mobile multicast q q Moreover, inter-domain DDT control for ASM groups Extend mobile multicast architecture for source mobility 16/06/2008 Participant Access Control in IP Multicasting 50

Publications Journal/Magazine Papers 1. 2. 3. S. Islam and J. W. Atwood, “Multicast Receiver Publications Journal/Magazine Papers 1. 2. 3. S. Islam and J. W. Atwood, “Multicast Receiver Access Control by IGMP-AC”, Submitted to Computer Networks. S. Islam and J. W. Atwood, “Sender Access and Data Distribution Control for Inter-domain Multicast Groups”, will be submitted to Computer Networks. S. Islam and J. W. Atwood, “A Novel Inter-domain Access Control Architecture for IP Multicasting”, in preparation. Conference Papers 4. 5. 6. 7. 8. S. Islam and J. W. Atwood, "Receiver Access Control and Secured Handoff in Mobile Multicast using IGMP-AC", submitted to 33 rd IEEE Conference on Local Computer Networks. S. Islam and J. W. Atwood, "Sender Access Control in IP Multicast", in 32 nd IEEE Conference on Local Computer Networks, Dublin, Ireland, 2007 October 15 -18, pp. 79 -86. S. Islam and J. W. Atwood, "A Policy Framework for Multicast Group Control", in IEEE CCNC--Workshop on Peer-to -Peer Multicasting, Las Vegas, NV, 2007 January 11, pp. 1103 -1107. S. Islam and J. W. Atwood, "The Internet Group Management Protocol with Access Control (IGMP-AC) ", in 31 st IEEE Conference on Local Computer Networks, Tampa, Florida, U. S. A. , 2006 November 14 -16, pp. 475 -482. S. Islam and J. W. Atwood, "A Framework to Add AAA Functionalities in IP Multicast'', in Advanced International Conference on Telecommunications (AICT'06), Guadeloupe, French Caribbean, 2006 February 19 -22. Internet Drafts 9. “Internet Group Management Protocol with Access Control (IGMP-AC)”, in preparation. 10. “Receiver Access Control and Secured Handoff in Mobile Multicast using IGMP-AC”, in preparation. 16/06/2008 Participant Access Control in IP Multicasting 51

Project Funding q FQRNT § Doctoral Research Scholarship q NSERC § Discovery Grant (received Project Funding q FQRNT § Doctoral Research Scholarship q NSERC § Discovery Grant (received by Dr. Atwood) q Concordia University § § 16/06/2008 Concordia University Graduate Fellowship Concordia University Graduate Entrance Fellowship Campaign for Concordia Graduate Award Concordia University External Award Holder Doctoral Scholarships Participant Access Control in IP Multicasting 52

Thank You! Questions? 16/06/2008 Participant Access Control in IP Multicasting 53 Thank You! Questions? 16/06/2008 Participant Access Control in IP Multicasting 53