Académique Documents
Professionnel Documents
Culture Documents
Presented By
POOJA SINGH
MNW-137-2K10
CONTENTS
Introduction to Multicast
Why multicast? When sending same data to multiple receivers Better bandwidth utilization Lesser host/router processing Receivers addresses unknown
Applications Video/audio conferencing Resource discovery/service advertisement Stock distribution Radio stations Multi-user games
Internet Protocol (IP) is the primary protocol in the Internet Protocol suite Responsible for data exchange between two devices Each multicast group identified by a class-D IP address Members of the group could be present anywhere in the Internet Members join and leave the group and indicate this to the routers Senders and receivers are distinct: i.e., a sender need not be a member Routers listen to all multicast addresses and use multicast routing
IP multicast architecture
What Is IGMP
The Internet Group Management Protocol (IGMP) is a communications protocol used by hosts and adjacent routers on IP networks to establish multicast group memberships.
Join message. Leave message. A router periodically checks which multicast groups are of interest to the hosts that are directly connected to that router.
No mechanism to control user access to multicast traffic. Any user can join any multicast group No mechanism to collect user usage information. Multicast content security is being developed. Can protect revenue source but , require a new key management infrastructure. Cannot identify dynamically changing group membership. Non-shared broadband access networks are widely deployed. Access control is all that is required to protect revenue
AAA functionality
AAA Framework
1.
AAAS(AAAServer): Attach to the n/w,act as a central respository. Maintain the database of users profile.
NAS(Network Access Server). Act as a client & communicate with the AAAS using AAA protocol. It contain AAA client information.
2.
Essential properties
The end user authentication process should support all sorts of authentication The IGMP-AC will not disrupt the usual function of the IGMPv3 least functionality and minimal workload to the ARs & Hosts.
Assumptions
1. 2.
We have assumed two types of multicast groups: Open Group Secured Group
Authentication protoco(EAP)
we present an authentication framework, the Extensible Authentication Protocol that can be deployed with the IGMPAC protocol to facilitate the authentication process by adding flexibility. For Authentication we use EAP(Extensible Authentication Protocol) It support Authentication mechanism. Used b/w Host & Router. Run b/w EUs & the NAS. AAAS used as a backend server. The sequence of different messages between the NAS and the end user, and between the NAS and the AAAS is shown in Figure.
The only issue we have to solve is in the IGMP-AC, a host communicates with the AR (NAS) using the IGMP-AC protocol, whereas in the EAP framework, a host communicates with the NAS using the EAP protocol. One possible solution is to send the EAP packets inside the IGMP-AC messages The sequence of the messages is shown in following figure:
An EAP Request is encapsulated inside an auquery message, An EAP Response is encapsulated inside an areport message. An EAP Success or Failure is encapsulated inside an aresult message. For N round-trips of the EAP messages, N pairs of (auquery, areport) messages will be exchanged.
Only an authenticated and authorized EU will be allowed to modify the reception states of a secured group. Accounting will be accomplished for every EU, who participates in the activity of a secured group. It is worthwhile to mention that access control
Conclusion
We are not very far from the deployment of IP multicast to deliver content to the end users on a commercial basis. It will add minimum workload to the ARs without interfering the usual operation of the IGMPv3. EAP is used to provide a flexible authentication framework.
Future work
In future, we have to develop the incorporation of the EAP protocol with the IGMP-AC protocol. Moreover, a policy framework of the AAAS for the IGMP-AC architecture must be developed.
References
[1] Local and Metropolitan Area Networks: Overview and Architecture. Institute of Electrical and Electronics Engineers, IEEE Standard 802, 1990. B. Aboba, et al. Extensible Authentication Protocol (EAP). . [2] T. Hayashi, et al. Internet Group membership Authentication Protocol (IGAP). Internet Draft, work in progress. [3 ] B. Hilt and J. Pansiot. Using IGMPv3 to manage multicast access. 4th Conference on Security and Network Architectures, Batz sur Mer, France, June 2005.. [4] C. Metz. AAA Protocols: Authentication, Authorization, and Accounting for the Internet. IEEE Internet Computing, 3(6):7579, December 1999.
Thank You !