This document discusses participant access control in IP multicasting. It begins with an overview of existing IP multicast protocols like IGMP and PIM-SM. It then discusses the need for access control to prevent attacks from unauthorized senders and receivers. The remainder of the document proposes an access control architecture that uses AAA protocols to authenticate participants and control their access through extensions to IGMP and the use of protocols like PANA and IKEv2.
KRACK attack is one of the most famous one in WiFi security and privacy. In this presentation a detailed description of the attack is considered and countermeasures are offered.
Exploring LTE security and protocol exploits with open source software and lo...EC-Council
The security flaws of legacy GSM networks, which lack of mutual authentication and implement an outdated encryption algorithm, are well understood among the technology community and have been extensively discussed for years. However, my smartphone’s settings do not provide the means to shut down the GSM radio to prevent my phone from connecting to a potentially insecure GSM access point. Instead, I have the option to turn off LTE, the fastest mobile network.
This is not the only confusing aspect of mobile network security. Given LTE’s mutual authentication and strong encryption scheme result, there is a general assumption that LTE rogue base stations are not possible. However, before the connection authentication step, any mobile device implicitly trusts (and exchanges a substantial amount of messages with) any LTE base station, legitimate or not, that advertises itself with the right parameters. Such implicit trust and unprotected messages can be exploited to block mobile devices and track their location.
Finally, it is generally assumed that Stingrays and IMSI catchers are expensive equipment that require downgrading the connection of mobile devices to GSM. However, a basic fully-LTE IMSI catcher can be implemented by means of low-cost software radio and slight modification of a well known open-source implementation of the LTE stack.
This talk will present an exploration of the security of LTE networks, as well as experimentation results of passive eavesdropping threats, LTE protocol exploits to block mobile devices and a location leak that allows tracking mobile devices as the connection is handed off from tower to tower.
Blue and Red teams are missing the low hanging vulnerabilities that exist in many enterprise networks today. This session will show in detail how the red team can quickly identify and exploit numerous network protocol vulnerabilities that the previous security test team probably missed. Methods for securing routing and switching protocols will be covered. Detailed PCAP examples will be covered. Recommendations for adding visualization and instrumentation to the network to detect network exploits will be covered.
Network Security and Visibility through NetFlowLancope, Inc.
With the rise of disruptive forces such as cloud computing and mobile technology, the enterprise network has become larger and more complex than ever before. Meanwhile, sophisticated cyber-attackers are taking advantage of the expanded attack surface to gain access to internal networks and steal sensitive data.
Perimeter security is no longer enough to keep threat actors out, and organizations need to be able to detect and mitigate threats operating inside the network. NetFlow, a context-rich and common source of network traffic metadata, can be utilized for heightened visibility to identify attackers and accelerate incident response.
Join Richard Laval to discuss the security applications of NetFlow using StealthWatch. This session will cover:
- An overview of NetFlow, what it is, how it works, and how it benefits security
- Design, deployment, and operational best practices for NetFlow security monitoring
- How to best utilize NetFlow and identity services for security telemetry
- How to investigate and identify threats using statistical analysis of NetFlow telemetry
KRACK attack is one of the most famous one in WiFi security and privacy. In this presentation a detailed description of the attack is considered and countermeasures are offered.
Exploring LTE security and protocol exploits with open source software and lo...EC-Council
The security flaws of legacy GSM networks, which lack of mutual authentication and implement an outdated encryption algorithm, are well understood among the technology community and have been extensively discussed for years. However, my smartphone’s settings do not provide the means to shut down the GSM radio to prevent my phone from connecting to a potentially insecure GSM access point. Instead, I have the option to turn off LTE, the fastest mobile network.
This is not the only confusing aspect of mobile network security. Given LTE’s mutual authentication and strong encryption scheme result, there is a general assumption that LTE rogue base stations are not possible. However, before the connection authentication step, any mobile device implicitly trusts (and exchanges a substantial amount of messages with) any LTE base station, legitimate or not, that advertises itself with the right parameters. Such implicit trust and unprotected messages can be exploited to block mobile devices and track their location.
Finally, it is generally assumed that Stingrays and IMSI catchers are expensive equipment that require downgrading the connection of mobile devices to GSM. However, a basic fully-LTE IMSI catcher can be implemented by means of low-cost software radio and slight modification of a well known open-source implementation of the LTE stack.
This talk will present an exploration of the security of LTE networks, as well as experimentation results of passive eavesdropping threats, LTE protocol exploits to block mobile devices and a location leak that allows tracking mobile devices as the connection is handed off from tower to tower.
Blue and Red teams are missing the low hanging vulnerabilities that exist in many enterprise networks today. This session will show in detail how the red team can quickly identify and exploit numerous network protocol vulnerabilities that the previous security test team probably missed. Methods for securing routing and switching protocols will be covered. Detailed PCAP examples will be covered. Recommendations for adding visualization and instrumentation to the network to detect network exploits will be covered.
Network Security and Visibility through NetFlowLancope, Inc.
With the rise of disruptive forces such as cloud computing and mobile technology, the enterprise network has become larger and more complex than ever before. Meanwhile, sophisticated cyber-attackers are taking advantage of the expanded attack surface to gain access to internal networks and steal sensitive data.
Perimeter security is no longer enough to keep threat actors out, and organizations need to be able to detect and mitigate threats operating inside the network. NetFlow, a context-rich and common source of network traffic metadata, can be utilized for heightened visibility to identify attackers and accelerate incident response.
Join Richard Laval to discuss the security applications of NetFlow using StealthWatch. This session will cover:
- An overview of NetFlow, what it is, how it works, and how it benefits security
- Design, deployment, and operational best practices for NetFlow security monitoring
- How to best utilize NetFlow and identity services for security telemetry
- How to investigate and identify threats using statistical analysis of NetFlow telemetry
Squire Technologies: Class 4 Softswitch Presentation.
The SVI_C4 Softswitch provides to both Carrier and Enterprise markets a high performance, scalable Class 4 SoftSwitch enabling the delivery of secure, reliable VoIP traffic and services over multiple IP networks.
The core of the SVI_C4 Class 4 SoftSwitch is a powerful, robust signalling engine with a number of optional “add-ons”, allowing clients to deliver Carrier grade VoIP services.
Presentation from the Virtual IoT User Group.
MQTT has been established amongst the most popular IoT protocols for Device-To-Cloud-Communication.
The new MQTT 5 standard, which has been released in early 2018, comes with a number of new features and improvements, making the lightweight protocol more versatile than ever. The technical committee at OASIS worked hard to develop new functionality and improvements for the protocol that were in high demand, without changing MQTT in its fundamental core.
How can those features be applied in real projects? And how backward compatible is the new version? Is it time to upgrade yet? We’ll discuss all these questions and Open Source implementations in this session.
The video of the presentation is available on Youtube: https://youtu.be/czne5-8El-k
Diameter protocol has been introduced to replace in many aspects SS7/SIGTRAN in the LTE and VoLTE networks, and such as these 2G/3G networks, Diameter also has its dedicated global roaming network named IPX (IP eXchange) that allows international roaming for LTE users..
Back in the days Diameter was already used by the PCRF in 2G/3G networks for charging purposes, but its usage has been extended to completely replace the signalization role of SS7/SIGTRAN in LTE networks. SS7/SIGTRAN security flows are now public after several publications, but what about Diameter security ? By replacing old and insecure protocols, does Diameter come with built-in security?
During the presentation, we will study how the IPX infrastructure operates and how security is taken into account nowadays regarding the newest 4G telecom technologies. Getting into different point of view allowed us to find major Diameter vulnerabilities via the IPX, which affect almost all the network elements HSS, MME, GMLC, PCRF, PDN GW, including DNS serving telecom TLDs. Understanding the mistakes that led to a former generation of telecom networks we came out with insecure protocols will maybe help us to push security by design in the future.
Nevertheless, as a telecom provider we will provide recommendations to secure LTE infrastructures and share technical countermeasures we have implemented against different Diameter attacks and fraud scenarios to protect our network and customers. Along with recommendations, we will present some ways on how to self audit and do self monitoring of your network, as we consider that telecom providers need to take back the control of their networks!
Troopers website link: https://www.troopers.de/events/troopers16/653_assaulting_ipx_diameter_roaming_network/
Demonstration of the use of strong authentication between embedded systems and traditional endpoints on a network using Trusted Computing Group standards and technology. Presented by Stacy Cannady at Security of Things Forum, Sept. 10 2015.
A quick look at 5G System architecture in Reference point representation and in Service Based representation and also look at the different Network Functions (NFs) within the 5G System.
Squire Technologies: Class 4 Softswitch Presentation.
The SVI_C4 Softswitch provides to both Carrier and Enterprise markets a high performance, scalable Class 4 SoftSwitch enabling the delivery of secure, reliable VoIP traffic and services over multiple IP networks.
The core of the SVI_C4 Class 4 SoftSwitch is a powerful, robust signalling engine with a number of optional “add-ons”, allowing clients to deliver Carrier grade VoIP services.
Presentation from the Virtual IoT User Group.
MQTT has been established amongst the most popular IoT protocols for Device-To-Cloud-Communication.
The new MQTT 5 standard, which has been released in early 2018, comes with a number of new features and improvements, making the lightweight protocol more versatile than ever. The technical committee at OASIS worked hard to develop new functionality and improvements for the protocol that were in high demand, without changing MQTT in its fundamental core.
How can those features be applied in real projects? And how backward compatible is the new version? Is it time to upgrade yet? We’ll discuss all these questions and Open Source implementations in this session.
The video of the presentation is available on Youtube: https://youtu.be/czne5-8El-k
Diameter protocol has been introduced to replace in many aspects SS7/SIGTRAN in the LTE and VoLTE networks, and such as these 2G/3G networks, Diameter also has its dedicated global roaming network named IPX (IP eXchange) that allows international roaming for LTE users..
Back in the days Diameter was already used by the PCRF in 2G/3G networks for charging purposes, but its usage has been extended to completely replace the signalization role of SS7/SIGTRAN in LTE networks. SS7/SIGTRAN security flows are now public after several publications, but what about Diameter security ? By replacing old and insecure protocols, does Diameter come with built-in security?
During the presentation, we will study how the IPX infrastructure operates and how security is taken into account nowadays regarding the newest 4G telecom technologies. Getting into different point of view allowed us to find major Diameter vulnerabilities via the IPX, which affect almost all the network elements HSS, MME, GMLC, PCRF, PDN GW, including DNS serving telecom TLDs. Understanding the mistakes that led to a former generation of telecom networks we came out with insecure protocols will maybe help us to push security by design in the future.
Nevertheless, as a telecom provider we will provide recommendations to secure LTE infrastructures and share technical countermeasures we have implemented against different Diameter attacks and fraud scenarios to protect our network and customers. Along with recommendations, we will present some ways on how to self audit and do self monitoring of your network, as we consider that telecom providers need to take back the control of their networks!
Troopers website link: https://www.troopers.de/events/troopers16/653_assaulting_ipx_diameter_roaming_network/
Demonstration of the use of strong authentication between embedded systems and traditional endpoints on a network using Trusted Computing Group standards and technology. Presented by Stacy Cannady at Security of Things Forum, Sept. 10 2015.
A quick look at 5G System architecture in Reference point representation and in Service Based representation and also look at the different Network Functions (NFs) within the 5G System.
New world IP traffic, new dimensions for Diameter managementInnovation Assured
Our signaling expert, Ilia Abramov, Product Director of Core Networks & Security,explores how operators can better manage their IP networks to gain optimal performance and flexibility through intelligent, secure, solid Diameter Signalling, removing the headache and barriers known with services today.
New world IP traffic, new dimensions for Diameter managementInnovation Assured
Our signaling expert, Ilia Abramov, Product Director of Core Networks & Security, explores how operators can better manage their IP networks to gain optimal performance and flexibility through intelligent, secure, solid Diameter Signalling, removing the headache and barriers known with services today.
Edge Device Multi-unicasting for Video StreamingTal Lavian Ph.D.
Multicast data stream from a server to multiple clients at the application level.
Overlay network structure must be constructed at the application layer to connect participating end systems
Mechanisms for adapting the overlay structure are necessary to provide and maintain adequate level of QoS of the application
Yoid – generic structure for overaly networks for content distribution
Overcast – single-source multicast
End System Multicast – small-scale multicast for teleconference
ALMI – an ALM infrastructure for multi-sender multicast that scales to a large number of groups with small number of members
Edge devices form overlay structure
Edge devices can replicate and multi-unicast to multiple clients
Overcome bottleneck problem over access link
ICC's Access Control System is a unified wired/wireless system to allow SMB and small enterprise leverage software to control IP data networking centrally or distributed throughout their networks.
ICC's Access Control System is a unified wired/wireless system to allow SMB and small enterprise leverage software to control IP data networking centrally or distributed throughout their networks.
Using ICN to simplify data delivery, mobility management and secure transmissionITU
ICN provides a unified network and transport layer addressing content by name rather than by location. By disrupting traditional connection-oriented communication model, ICN simplifies data delivery, mobility management and secure transmission over an heterogeneous network access. In the demo, we select DASH video delivery as use case and show the benefits of ICN mobility management, in-network control (rate/loss) and network-assisted bitrate adaptation for a multi-homed user device.
We also illustrate how ICN can effectively reduce transport cost via native edge caching and multi-point/multi-source communications over the backhaul. To that aim, we orchestrate an ICN-enhanced virtualized network backhaul and shows its utilization over time.
Author : Giovanna Carofiglio, Cisco Systems
Presented at ITU-T Focus Group IMT-2020 Workshop and Demo Day, 7 December 2016.
More details on the event : http://www.itu.int/en/ITU-T/Workshops-and-Seminars/201612/Pages/Programme.aspx
Squire Technologies: Signal Transfer Point Presentation.
The SVI_STP provides a comprehensive future proof STP supporting legacy SS7 TDM, Next Generation IP SIGTRAN and IMS / LTE / 4G support. A mature, proven, carrier grade technology packed with feature rich capabilities derived from a decade of global deployments.
LTE network: How it all comes together architecture technical posterDavid Swift
Mobile network operators that want to deploy LTE now want to do so on their own terms. They want to roll out ultrafast mobile broadband safe in the knowledge that one vendor’s solution will work efficiently with another, while delivering the high level of service that subscribers expect. A standards-based network will ensure the goal is met and help drive down cost for operators, but understanding how to pull it all together can be a challenge. So how does it all come together?
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
ER(Entity Relationship) Diagram for online shopping - TAEHimani415946
https://bit.ly/3KACoyV
The ER diagram for the project is the foundation for the building of the database of the project. The properties, datatypes, and attributes are defined by the ER diagram.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
This 7-second Brain Wave Ritual Attracts Money To You.!
Participant Access Control in IP Multicasting
1. Participant Access Control
in IP Multicasting
Salekul Islam (salekul@cse.uiu.ac.bd)
United International University (UIU)
Dhaka, Bangladesh
2. Outline of the presentation
24-May-14 Participant Access Control in IP Multicasting 2
Sender Access Control
PANA, IKEv2 and IPsec SA
Receiver Access Control
IGMP with Access Control (IGMP-AC)
PIM-SM
Routers build the data distribution tree
IGMP
End hosts join/leave a multicast group
IP Multicast
Secure Multicast:
Protects multicast data and control
messages. Why it fails to provide
access control?
Access Control Architecture
Access Control:
Authentication,
Authorization &
Accounting
Participant:
Receivers &
Sender(s)
3. Protocols Involved in IP Multicast
• Internet Group Management Protocol (IGMP)
o IGMPv3 has been standardized by the IETF
o End hosts inform the neighboring router(s) about the
multicast group memberships using IGMP
o Two types of messages: Query and Report
• Protocol Independent Multicast - Sparse Mode
(PIM-SM)
o Depends on underlying unicast routing information base
o Builds unidirectional shared trees
o Optionally creates shortest-path trees per source.
24-May-14 Participant Access Control in IP Multicasting 3
4. IGMP Query Message
24-May-14 Participant Access Control in IP Multicasting 4
Querier
Query Message
Directly connected
Access Router (AR)
AR AR
CR
5. IGMP Report Message
24-May-14 Participant Access Control in IP Multicasting 5
Querier
Directly connected
Access Router (AR)
AR AR
CR
Receiver 1 Receiver 2
Report Messages
6. IP Multicast Service Model
24-May-14 Participant Access Control in IP Multicasting 6
AR1
AR2
AR3CR3
Sender
Receivers
End Users
Routing Protocol (PIM-SM)
Builds DDT
IGMP Messages
User Joins/Leaves
Sends
multicast data
Data forwarding
using DDT
CR1
CR2
CR3
DDT: Data Distribution Tree
7. Multicast-based Applications
24-May-14 Participant Access Control in IP Multicasting 7
Number of
Participants
Applications
One-to-many
(single sender
multiple receivers)
• Scheduled audio/video distribution
• Push media: news headlines, weather updates
• File distribution and caching
• Announcements: multicast session, key updates
• Monitoring: stock prices, sensor equipment
Many-to-many
(multiple senders
multiple receivers)
• Multimedia conferencing
• Synchronized resources
• Distance learning with input from receivers
• Multi-player games
Many-to-one
(multiple senders
single receivers)
• Resource discovery
• Auctions
• Polling
8. Multicast Service Model: Vulnerabilities
24-May-14 Participant Access Control in IP Multicasting 8
AR1
AR2
AR3CR3
Sender
Receivers
End Users
CR1
CR2
CR3
AR4
AR1
IGMP Join
Routing
Protocol Join
Adversary
Receiver
Forged
data
Adversary
Sender
IP multicast model:
• Multicast groups are open
• Any one can join any one can send
9. Motivation: Revenue Generation Architecture
• Secure Multicasting is composed of
o Protecting control messages—routing protocol
specific (secured IGMP and PIM-SM)
o Protecting multicast data—encryption and
authentication (IETF standardized TESLA )
• Significant progress of securing multicasting fails to
happen in large scale commercial deployment
• A revenue generation architecture considers
o Participant access control—AAA for sender(s) and
receivers
o Policy enforcement
o E-commerce communications
24-May-14 Participant Access Control in IP Multicasting 9
10. Why Access Control?
• Effects of forged IGMP messages
o Join message pulls distribution tree, may create DoS
o Leave message prunes distribution tree, prevents
legitimate users from receiving
o IGMP security—only authenticates IGMP messages
• Attacks by a forged sender
o Replay attack
o Sender address spoofing attack
o May create DoS
• Secure Multicast (Group Key Management) fails to
prevent these attacks
24-May-14 Participant Access Control in IP Multicasting 10
11. How to deploy access control?
• Receiver access control for a secured group
o While joining/leaving
o Changing reception state at ARs
• Sender access control for a secured group
o Sending data
24-May-14 Participant Access Control in IP Multicasting 11
Coupling access
control with IGMP
Per-packet cryptographic
protection at AR
12. Sender Access Control
• AAA for sender(s)
• Per-packet protection
Data Distribution Control
• Protects distribution tree from
forged sender
• Not routing protocol security
Receiver Access Control
• AAA for receivers/EUs
Overview of Access Control Architecture
24-May-14 Participant Access Control in IP Multicasting 12
AR1
AR2
AR3CR3
CR1
CR2
Sender
Receivers
EUs
13. Unicast Access Control and Authentication
• Access Control is achieved by AAA framework
o RADIUS—older version, with limited functionalities
o Diameter—next generation AAA protocol
• Extensible
• Large AVP
• Agent support
• For authentication IETF has designed
o Extensible Authentication Protocol (EAP)
o Protocol for carrying Authentication for Network Access
(PANA)—EAP lower layer
24-May-14 Participant Access Control in IP Multicasting 13
14. Authentication, Authorization and
Accounting (AAA) Framework
24-May-14 Participant Access Control in IP Multicasting 14
AAA protocol
AAA Server
Authentication
Authorization
Accounting
NAS
AAA Client
End User
Network
End User
Database
Requesting
access to network
EU credentials
Accept
Access
is granted
NAS: Network Access Server
15. Extensible Authentication Protocol (EAP)
24-May-14 Participant Access Control in IP Multicasting 15
EAP Request1
EAP Response1
EAP Request2
EAP ResponseN
Diameter (EAP ResponseN)
Diameter (EAP Success)
EAP Success
NAS/ EAP
Authenticator
AAA Server
EAP Server
EAP Diameter
(EAP)
End User
EAP Peer
§ EAP summary
- Authentication framework
- Multiple authentication
- EAP methods
- Four EAP messages
Request, Response
Success, Failure
(Initiate EAP)
By peer or
authenticator
Authenticator
to peer
Peer to
authenticator
Diameter (EAP Response1)
Diameter (EAP Request2)
Encapsulated
over Diameter
16. Key Challenges for Access Control
• The most generic architecture
o Deployable for multi-domain distributed groups
o Supports wide range of authentication
o Independent of routing protocol
o Supports both ASM and SSM
• A scalable solution
o Minimum workload for on-tree routers and end hosts
o A distributed solution (e.g., using AAA)
• Reuse standard frameworks/protocols
o Fits easily in the existing Internet service model
o Will reduce the work of service providers
24-May-14 Participant Access Control in IP Multicasting 16
17. Out of the scope
NAS
NAS
Access Control Architecture
24-May-14 Participant Access Control in IP Multicasting 17
AR1
AR2
AR3CR3
CR1
CR2
Sender
End
Users
AAAS
Participants
Database &
Policy Server
Updates Registration
GO/MR
FI
Diameter
IGMP Carrying
EU auth. info
18. NAS
Receiver Access Control using IGMP-AC
24-May-14 Participant Access Control in IP Multicasting 18
AR1
AR2
AR3
CR1
CR2
CR3
End
Users
Sender
IGMP-AC (EAP)
IGMP with Access Control (IGMP-AC)
• Extended version of IGMPv3
• Encapsulates EAP packets
• Verification using SPIN
• Validation using AVISPA
AAA ServerParticipants
Database
Diameter (EAP)
19. EAP
auth
End User Authentication using Extensible
Authentication Protocol (EAP)
24-May-14 Participant Access Control in IP Multicasting 19
EAP method
EAP peer
EAP layer
IGMP-AC
Lower layers
EAP
peer
IGMP-AC
EAP
layer
Lower layers
EAP auth
EAP layer
AAA/IP
EAP method
EAP auth
EAP layer
AAA/IP
EU/ Peer
AR/Authenticator/NAS
AAA Server
EAP Encapsulation over IGMP-AC
20. Protocol for carrying Authentication for
Network Access (PANA)
24-May-14 Participant Access Control in IP Multicasting 20
PaC
(EU)
PAA
(NAS/AR)
AS
(AAAS)
EP
(AR)
SNMP/
API
PANA
RADIUS/
Diameter
IKE
PaC : PANA Client AS : Authentication Server
EP : Enforcement Point PAA : PANA Authentication Agent
§ PANA summary
- Network access protocol
- Works as EAP lower layer
- Four entities: PaC, PAA, AS, EP
21. Sender Access Control
24-May-14 Participant Access Control in IP Multicasting 21
AR1
AR2
AR3
CR1
CR2
CR3
PANA (EAP)
AAA Server
End
User
Sender
IKEv2
IPsec SA
NAS
IKE-pre-
shared-Key
1. Anti-replay
2. Prevents source
address spoofing
3. Minimizes DoS
AAA-Key
PaC-EP-
Master-Key
IKE-pre-
Shared-Key
22. More about access control in multicast
• This is a brief description of our work in this area
• What else we have done?
o Policy framework
o Inter-domain access control architecture based on Diameter
agents
o Data distribution control using multicast SA
o Mobile multicast: receiver access control & secured handoff
24-May-14 Participant Access Control in IP Multicasting 22
23. Conclusion: Present status
• A set of Internet Drafts have been written and
presented to bring our ideas at the IETF
o J. William Atwood, Salekul Islam and Bing Li “Requirements
for IP Multicast Receiver Access Control”, IETF Internet
Draft, draft-atwood-mboned-mrac-req-00, 2014.
o J. William Atwood, Bing Li and Salekul Islam “Architecture
for IP Multicast Receiver Access Control”, IETF Internet
Draft, draft-atwood-mboned-mrac-arch-00, 2014.
24-May-14 Participant Access Control in IP Multicasting 23
24. Other Publications
1. Salekul Islam and J. William Atwood, "Sender Access and Data Distribution Control for
Inter-domain Multicast Groups", Computer Networks, Vol. 54, No. 10, 2010, pp. 1646-1671.
2. Salekul Islam and J. William Atwood, "Multicast Receiver Access Control by IGMP-AC",
Computer Networks, Vol. 53, No. 7, 2009, pp. 989-1013.
3. Salekul Islam and J. William Atwood, "Multicast Security", in Horizons in Computer Science
Research Vol. 2. Thomas S. Clay (ed.), Nova Publishers. 2011, pp. 127-149.
4. Salekul Islam, "Participant Access Control in IP Multicasting", VDM Verlag, Nov. 2009.
5. S. Islam and J.W. Atwood, "Receiver Access Control and Secured Handoff in Mobile
Multicast using IGMP-AC", submitted to 33rd IEEE Conference on Local Computer
Networks.
6. S. Islam and J.W. Atwood, "Sender Access Control in IP Multicast", in 32nd IEEE
Conference on Local Computer Networks, Dublin, Ireland, 2007 October 15-18, pp. 79-86.
7. S. Islam and J.W. Atwood, "A Policy Framework for Multicast Group Control", in IEEE
CCNC--Workshop on Peer-to-Peer Multicasting, Las Vegas, NV, 2007 January 11, pp.
1103-1107.
8. S. Islam and J.W. Atwood, "The Internet Group Management Protocol with Access Control
(IGMP-AC) ", in 31st IEEE Conference on Local Computer Networks, Tampa, Florida,
U.S.A., 2006 November 14-16, pp. 475-482.
9. S. Islam and J.W. Atwood, "A Framework to Add AAA Functionalities in IP Multicast'', in
Advanced International Conference on Telecommunications (AICT'06), Guadeloupe,
French Caribbean, 2006 February 19-22.
24-May-14 Participant Access Control in IP Multicasting 24
25. Project Funding
• FQRNT (Quebec Provincial Govt’s fund)
o Doctoral Research Scholarship
• NSERC (Canada Govt’s fund)
o Discovery Grant
• Concordia University
24-May-14 Participant Access Control in IP Multicasting 25
26. Contact
• Dr. Salekul Islam
UIU, Bangladesh
Email: salekul@cse.uiu.ac.bd
• Dr. J. William Atwood
Concordia University, Canada
Email: william.atwood@concordia.ca
24-May-14 Participant Access Control in IP Multicasting 26