An Approach to the Charging of Secure IP Multicast Services
The massive deployment of IP multicast-based services raises important issues, as far as the security is concerned. In particular, there is a growing need for ISPs to be able to provide some guarantees with respect to the identification and authentication of sources and receivers, not to mention the preservation of the confidentiality of the traffic that will be forwarded along the dynamically computed distribution trees. In this paper, we propose a generic scheme where service providers will play a key role for the provisioning of secure IP multicast services, based on the ongoing standardisation effort being conducted within the msec working group of the IETF. A first part relates to cryptographic services, e.g. data authentication and encryption, and highlights the role a telecom operator could play in securing group communications. In particular, various opportunities for providing GCKS (Group Controller and Key Server) services and cryptographic treatment services, are discussed depending on the targeted market and the use made of the deployed IP multicast network. A second part emphasizes the opportunities offered by multicast content security and the associated key management, to perform accounting. The way a telecom operator could take advantage of such possibilities in order to offer value-added services is discussed. Various accounting and billing models, made possible by the msec facilities, are demonstrated.
Unable to display preview. Download preview PDF.
- 1.Diot, C., Levine, B.N., Lyles, B., Kassan, H., Balsiefien, D.: Deployment issues for the IP multicast service and architecture. IEEE Network, Special issue on multicasting (January/February 2000)Google Scholar
- 2.Perrig, R., Canetti, J.D., Tygar, D., Song, X.: Efficient authentication and signing of multicast streams over lossy channels. In: Proceedings of IEEE Symposium on Security and Privacy, Oakland, CA, May 2000, pp. 56–73 (2000)Google Scholar
- 3.Canetti, R., Garay, J., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Multicast security: A taxonomy and efficient constructions. In: Proceedings of IEEE INFOCOM, New York (March 1999)Google Scholar
- 4.Baugher, M., Hardjono, T., Harney, H., Weis, B.: The Group Domain of Interpretation, draft-ietf-msec-gdoi-08.txt (May 2003) (work in progress)Google Scholar
- 5.Harney, H., Baugher, M., Hardjono, T.: GKM Building Block: Group Security Association (GSA) Definition, draftirtf- smug-gkmbb-gsadef-01.txt (September 2000) (expired)Google Scholar
- 6.Harney, H., Colegrove, A., Harder, E., Meth, U., Fleischer, R.: Group Secure Association Key Management Protocol, draft-ietf-msec-gsakmp-sec-01.txt (February 2003) (work in progress)Google Scholar
- 7.Hardjono, T., Canetti, R., Baugher, M., Dinsmore, P.: Secure IP Multicast: Problem areas, Framework, and Building Blocks, draft-irtf-smug-framework-01.txt (September 2001) (expired)Google Scholar
- 8.Deering, S.: Host Extensions for IP Multicasting (August 1989) Google Scholar
- 9.Kent, A.: Security Architecture for the Internet Protocol (November 1998) Google Scholar
- 10.Kent, A.: IP Encapsulating Security Payload (ESP) (November 1998) Google Scholar
- 11.Wallner, D., Harder, E., Agee, R.: Key Management for Multicast: Issues and Architectures (June 1999)Google Scholar