Skip to main content
SpringerLink
Log in

PIMac: Multicast Access Control Implementation in PIM-SM

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

In this paper, we present an access control scheme for PIM-SM multicast domain. In order to avoid the overhead of digital signature algorithm, the proposed solution makes use of the Rendezvous Point to collect keys and implement a distributed shared-key based multicast access control system. As it supplies efficient host access control in PIM-SM domain, we name this scheme PIMac. Compared with the existing multicast admission control solutions, PIMac has following advantages: (1) support both receiver and sender access control; (2) realize host exclusion based on expire time; (3) compatibility with current PIM-SM protocol; (4) lower join latency; (5) anti-replay and DoS robustness; last but not least, (6) PIMac architecture is divided into two separated domains: AAA domain and multicast routing domain, entities in each domain do not rely on PKI interoperability or common secret to authenticate each other. The experimental results show that PIMac achieves flexible manageability and improves the performance of multicast access control systems effectively.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Aura, T. (2003). Cryptographically generated addresses (CGA), Internet Engineering Task Force (IETF), REC 3972, March 2005

  2. Almeroth K., Ammar M. (1996) Collecting and modelling the join/leave behaviour of multicast group members in the MBone, IEEE HPDC 96. IEEE Press, Syracuse, pp 209–216

    Google Scholar 

  3. Ballardie, T., & Crowcroft, J. (1995). Multicast-specific security threats and counter-measures. IEEE Symposium on Network and Distributed System Security.

  4. Cain, B., Deering, S., Kouvelas, I., Fenner, B., & Thyagarajan, A. (2002). Internet group management protocol, version 3, RFC 3376.

  5. Castelluccia, C., & Montenegro, G. (2003). Securing group management in IPv6 with cryptographically based addresses. In Proc. 8th IEEE int’l. symp. comp. and commun., Turkey (pp. 588–593), July 2003.

  6. Fenner, B., et al. (2004). Protocol independent multicast-sparse mode (PIM-SM): Protocol specification (Revised), Internet draft, draft-ietf-pim-sm-v2-new-11.txt.

  7. Hardjono, T. (2000). Router-assistance for receiver access control in PIM-SM. In Proc. IEEE int’l. symp. comp. commun. (ISCC), Antibes, France (pp.687–692), July 2000.

  8. Islam, S., & William Atwood, J. (2006). A framework to add AAA functionalities in IP multicast. In Advanced international conference on telecommunications, Guadeloupe, French Caribbean, February 2006.

  9. Islam, S., & William Atwood, J. (2006). The internet group management protocol with access control (IGMP-AC). In The 31st IEEE conference on local computer networks, Tampa, FL, November 2006.

  10. Ishikawa, N., Yamanouchi, N., & Takahashi, O. (1999). An architecture for user authentication of IP multicast and its implementation, IEEE Internet Workshop 18–20 February 1999.

  11. Judge P., Ammar M. (2002) Gothic: A group access control architecture for secure multicast and anycast. IEEE INFOCOM, New York, pp 1547–1556

    Google Scholar 

  12. Judge, P., & Ammar, M. (2003). Security issues and solutions in multicast content distribution: A survey. IEEE Network, 2003, pp. 30–36.

  13. Kellil M. et al (2005) Multicast receiver and sender access control and its applicability to mobile IP environments: A survey. IEEE Communications Surveys and Tutorials Second Quarter 7(2): 46–70

    Article  Google Scholar 

  14. Mukherjee, R., & William Atwood, J. (2005). Multicast group authentication, IFIP and IEEE conference on network control and engineering for QoS, security and mobility, Lannion, France, November 2005.

  15. Rajvaidya P., Ramachandran K. N., Almeroth K. C. (2002) Managin and securing the global multicast infrastructure. Journal of Network and Systems Management 12(3): 1–25

    Google Scholar 

  16. Rigney, C., Rubens, A., Simpson, W., Willens, S. (2000). Remote authentication dial in user service. Request for comments, IETF, June 2000.

  17. Simson, W. (1996). PPP challenge handshake authentication protocol (CHAP), RFC 1994.

  18. Shields, C., & Garcia-Luna-Aceves, J. J. (1999). KHIP-A scalable, efficient protocol for secure multicast routing. In Proc. of ACM Sigcomm 99. September 1999.

  19. Wang N., Pavlou G. (2003) Scalable sender access control for bidirectional multicast routing. Computer Networks 43(5): 539–555

    Article  MATH  Google Scholar 

  20. Wei, L. (1998). Authenticating PIM version 2 messages, November 1998. draft-ietf -pim-v2-auth-00.txt.

  21. William Atwood, J. (2007). An architecture for secure and accountable multicasting. In The 32nd IEEE conference on local computer networks, Dublin, Ireland, October 2007.

Download references

Author information

Authors and Affiliations

  1. National Engineering Laboratory for Next Generation Internet Interconnection Devices, Beijing Jiaotong University, Beijing, People’s Republic of China

    Xin Li & Hongke Zhang

  2. Department of Computer Science & Information Engineering, National Dong Hwa University, Hualien, Taiwan

    Jian-Ming Chang & Jiann-Liang Chen

  3. Department of Electrical Engineering, National Taiwan University of Science & Technology, Taipei, Taiwan

    Jiann-Liang Chen

  4. Department of Electronic Engineering, Institute of Computer Science & Information Engineering, National Ilan University, I-Lan, Taiwan

    Han-Chieh Chao

  5. Department of Electrical Engineering, National Dong Hwa University, Hualien, Taiwan

    Han-Chieh Chao

  6. School of Electronics and Information Engineering, Beijing Jiaotong University, 602 Room, South of No. 9 Teach Building, 100044, Beijing, People’s Republic of China

    Xin Li

Authors
  1. Xin Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hongke Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jian-Ming Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jiann-Liang Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Han-Chieh Chao
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xin Li.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Li, X., Zhang, H., Chang, JM. et al. PIMac: Multicast Access Control Implementation in PIM-SM. Wireless Pers Commun 55, 35–49 (2010). https://doi.org/10.1007/s11277-009-9784-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-009-9784-2

Keywords

Search

Navigation