• The Journal of Korean Association of Computer Education
• /
• v.7 no.1
• /
• pp.55-66
• /
• 2004

The Internet today provides group communication model, multicast service. It is important to keep security for multicast communication. Member leaving is associated with scalability problem for group key management. If one member of the group is removed, new group key has to be changed and communicated to all remaining members of group. Modification and distribution of new group keys for rekeying is an expensive operation. Minimizing the number of messages and operation cost for generation of the composite keys are important evaluating criteria of multicast key management scheme. Periodic rekey helps reducing these important parameters rather than removing members sequentially in fashion one after another. In this paper, Hamming distance is calculated between every members to be removed. The members with Hamming distance less than threshold are selected for rekeying procedure. With running the round assignment algorithm, our model has advantages of reducing the number of message and operation cost for generation of the composite keys for rekeying.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.7
• /
• pp.2325-2349
• /
• 2014

Network virtualization technology plays a key role in cloud computing, which serves as an effective approach for provisioning a flexible and highly adaptable shared substrate network to satisfy the demands of various applications or services. Recently, the problem of mapping a virtual network (VN) onto a substrate network has been addressed by various algorithms. However, these algorithms are typically efficient for unicast service-oriented virtual networks, and generally not applicable to multicast service-oriented virtual networks (MVNs). Furthermore, the survivable MVN mapping (SMVNM) problem that considers the survivability of MVN has not been studied and is also the focus of this work. In this research, we discuss SMVNM problem under regional failures in the substrate network and propose an efficient algorithm for solving this problem. We first propose a framework and formulate the SMVNM problem with the objective of minimizing mapping cost by using mixed integer linear programming. Then we design an efficient heuristic to solve this problem and introduce several optimizations to achieve the better mapping solutions. We validate and evaluate our framework and algorithms by conducting extensive simulations on different realistic networks under various scenarios, and by comparing with existing approaches. Our simulation experiments and results show that our approach outperforms existing solutions.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.573-586
• /
• 2008

The improved performance and miniaturization of computer and the improvement of wireless communication technology have enabled the emergence of many high quality services. Among them multicast services are receiving much attention and their usage is increasing due to the increase of Internet multimedia services such as video conference, multimedia stream, internet TV, etc. Security plays an important role in mobile multicast services. In this paper, we proposed a secure multicast protocol for a hierarchical micro-mobility environment. The proposed secure multicast protocol provides security services such as authentication, access control, confidentiality and integrity using mechanisms including symmetric/asymmetric key crypto-algorithms and capabilities. To provide forward/backward secrecy and scalability, we used sub-group keys based on the hierarchical micro-mobility environment. With this security services, it is possible to guard against all kinds of security attacks performed by illegal mobile nodes. Attacks executed by internal nodes can be thwarted except those attacks which delete packet or cause network resources to be wasted. We used simulator to measure the performance of proposed protocol. As a result, the simulation showed that effect of these security mechanisms on the multicast protocol was not too high.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.2
• /
• pp.31-42
• /
• 2000

특성 사용자 그룹에게만 음성과 영상 데이터를 전송할 수 있는 통신 메커니즘을 가진 멀티캐스트는 유니캐스트와 비교해서 통신 링크의 수가 상당히 많으므로 부당한 공격자로부터 신분위장 서비스 부인 공격과 재전송 공격 부인, 트래픽 관찰 공격을 받기가 쉽다. 그러므로 본논문에서는 현재 멀티캐스트 통신을 위해서 제안 및 사용되고 있는 여러 가지 멀티캐스트 라우팅 프로토콜 중에서 보다 효율적인 보안 체계를 구성할 수 있는 공유 트리를 기반으로 하는 코어 기반 트리(CBT: Core Based Tree)를 이용하여 3개로 구성된 그룹키 KEK TEK을 획득함으로서 안전한 멀티캐스트 통신이 가능한 키 분배 프로토콜을 설계하였다 그리고 패트리넷을 이용하여 안전성을 검증하였다.

• Journal of the Korea Society of Computer and Information
• /
• v.21 no.10
• /
• pp.77-83
• /
• 2016

To verify the trustworthiness of messages, public key certificates and certificate revocation list(CRL) has been standardized for vehicular networks. However, timely distribution of large CRLs to vehicles should be more elaborated with low bandwidth utilization from a practical point of view. To address this concern, we propose a CRL distribution scheme using long term evolution(LTE) point-to-multicast transmission, namely the enhanced multimedia broadcast multicast service(eMBMS). The schem is much more resource efficient than the existing unicast CRL distribution schemes for vehicular networks and it allows realizing the regional CRL distribution schemes efficiently in LTE network. By means of ns-3 simulation, we analyze the performance, latency, and execution time of the scheme in terms of varying coverage of the multimedia broadcast multicast service over single frequency network (MBFSN).

• Journal of Communications and Networks
• /
• v.4 no.3
• /
• pp.246-255
• /
• 2002

Constrained minimum Steiner tree (CMST) problem is a key issue in multicast routing with quality of service (QoS) support. Bounded shortest path algorithm (BSMA) has been recognized as one of the best algorithms for the CMST problem due to its excellent cost performance. This algorithm starts with a minimumdelay tree, and then iteratively uses a
-shortest-path (KSP) algorithm to search for a better path to replace a “superedge” in the existing tree, and consequently reduces the cost of the tree. The major drawback of BSMA is its high time complexity because of the use of the KSP algorithm. For this reason, we investigate in this paper the possibility of more efficient implementations of BSMA by using different methods to locate the target path for replacing a superedge. Our experimental results indicate that our methods can significantly reduce the time complexity of BSMA without deteriorating the cost performance.

• The Journal of the Korea Contents Association
• /
• v.2 no.3
• /
• pp.119-126
• /
• 2002

The QoS(Quality of Service) guarantee mechanism is one of critical issues in the wireless network. Real-time applications like VoIP(Voice over IP) in All-IP networks need smooth handoffs in order to minimize or eliminate packet loss as a Mobile Host(MH) transitions between network links. In this paper, we design a new multicasting algorithm using DB(Dynamic Buffering) mechanism for Mobile-IPv6. A key feature of the new protocol is the concepts of the DB and MRA(Multicast Routing Agent) to reduce delivery path length of the multicast datagram. Particularly, the number of tunneling and average routing length of datagram are reduced relatively, the multicast traffic load is also decreased.

• Journal of KIISE:Information Networking
• /
• v.36 no.4
• /
• pp.263-274
• /
• 2009

Decentralized group key management mechanisms offer beneficial solutions to enhance the scalability and reliability of a secure multicast framework by confining the impact of a membership change in a local area. However, many of the previous decentralized solutions reveal the plaintext to the intermediate relaying proxies, or require the key distribution center to coordinate secure group communications between subgroups. In this study, we propose a decentralized group key management scheme that features a mechanism allowing a service provider to deliver the group key to valid members in a distributed manner using the proxy cryptography. In the proposed scheme, the key distribution center is eliminated while data confidentiality of the transmitted message is provided during the message delivery process. The proposed scheme can support a secure group communication in dynamic network environments where there is no trusted central controller for the whole network and the network topology changes frequently.

• The KIPS Transactions:PartB
• /
• v.9B no.5
• /
• pp.587-598
• /
• 2002

In multicast environment, the main objective of group key management is to provide security services to group communications by sharing a single group key among all the members of the group and subsequently encrypting and decrypting all the communication messages exchanged among the members of the group. Up to now, there has been no effort to develop group key management mechanism that considers the rate of users' join/leave operations. Hence, in this research, we propose group key management mechanisms that consider the rate of user's join/leave operations. We also define a new tree structure called variable tree which is much more flexible than full regular trees and show that variable trees are more efficient than full regular trees for group key management. Especially, we propose an algorithm that minimizes the necessary number of rekey messages according to the rate of join and leave operations. We also shows that if the rate of leave operation is greater than 50%, then the tree structure with degrees 2 or 3 are the optimal structures.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.2
• /
• pp.53-61
• /
• 2018

In this paper, the author proposes an efficient group key agreement scheme in a mobile environment where group members frequently join and leave. This protocol consists of basic protocols and general ones and is expected to be suitable for communications between a mobile device with limited computing capability and a key distributing center (or base station) with sufficient computing capability. Compared with other schemes, the performance of the proposed protocol is a bit more efficient in the aspects of the overall cost for both communication and computation where the computational efficiency of the scheme is achieved by using exclusive or operations and a one-way hash function. Also, in the aspect of security, it guarantees both forward and backward secrecy based on the computational Diffie-Hellman (CDH) assumption so that secure group communication can be made possible. Furthermore, the author proves its security against a passive adversary in the random oracle model.