Admission and Access Control in Secure Group Communication - PowerPoint PPT Presentation

1 / 33
About This Presentation
Title:

Admission and Access Control in Secure Group Communication

Description:

Group applications and services are very common in today's computing. ... (P2P) networks such as Napster, Gnutella, KaZaA, Chord, Pastry, Tapestry, CAN, ... – PowerPoint PPT presentation

Number of Views:33
Avg rating:3.0/5.0
Slides: 34
Provided by: pratyush
Category:

less

Transcript and Presenter's Notes

Title: Admission and Access Control in Secure Group Communication


1
Admission and Access Control in Secure
GroupCommunication
  • Mini Project Presentation By
  • Pratyush Chandra
  • 03D05003
  • Under Guidance of
  • Prof. Bernard Menezes
  • Nov. 20,2006

2
Overview of Talk
  • Introduction to Secure Group Communication (SGC)
  • Components of SGC
  • Admission Control
  • Group Key Management
  • Authentication
  • Access Control
  • SGC based on hierarchical access control scheme
  • Thought Scenario
  • Framework
  • Implementation
  • Conclusion

3
Introduction
  • Group applications and services are very common
    in today's computing.
  • Examples of group application are multi-chat,
    video conferencing, multiplayer gaming,
    cooperative mirroring of information etc.
  • Lot of popular Peer-to-Peer (P2P) networks such
    as Napster, Gnutella, KaZaA, Chord, Pastry,
    Tapestry, CAN, Tulip etc. have emerged.
  • The popularity of the P2P group application
    prompts the need for specialized security
    services which makes P2P group security an
    important topic.

4
Components of SGC
  • Admission Control
  • How a new peer becomes a member of a secure
    group.
  • Key Management
  • Protocol used by group members to generate and
    distribute group keys.
  • Authentication
  • The authentication module verifies that a peer
    group member is who it claims to be.
  • Access Control
  • Only peers with appropriate attributes must be
    able to access different group services.

5
Group Key Management Protocols
  • Protocols used for maintaining and distributing
    group keys are termed as Group Key Management
    Protocols (GKMP).
  • Group keys can be used for making the
    communication secure among group members.
  • The main concern is distribution of these
    cryptographic keys.

6
Categories of GKMP
  • Centralized group key management protocols
  • A single entity is employed for controlling the
    whole group.
  • Decentralized group key management protocols
  • The management of a large group is divided among
    subgroup managers, trying to minimize the problem
    of concentrating the work in a single place.
  • Distributed group key management protocols
  • There is no explicit Key Distribution Center
    (KDC), and the members themselves do the key
    generation. It is done by partial contribution of
    each members.

7
Requirements of GKMP
  • Forward Secrecy
  • Leaving member should not be able to access any
    future key and hence unable to decrypt any
    communication.
  • Backward Secrecy
  • Any new joining member should not have access to
    any previous keys.
  • Collusion Freedom
  • Current session key should not be deducible by
    any outsider.
  • Key Independence
  • Disclosure of a key should not compromise other
    keys.
  • Minimal Delay
  • Group key should be computed in minimal amount of
    time.

8
STR Protocol (Distributed GKMP)
  • Why we have chosen ?
  • It totally decentralized and based on equal
    contributions from all the members.
  • It provides basic requirements like forward
    secrecy, backward secrecy and key independence.
  • It also requires smaller number of unicasts and
    multicasts to compute a new group key after a
    member leave or join. Hence it is quite efficient
    for our thought scenario.

9
STR Protocol
  • Unbalanced tree of height n-1 where n is current
    group size.
  • Final group key
  • Important Recurrence
  • All bris and bkis are known to
  • all members.

10
STR Protocol (Cont.)
  • Initialization
  • M1 computes
  • M1 broadcasts all bkis to members
  • Each member then computes the
  • group key from bkis.
  • For ex
  • M3 computes

11
STR Protocol (Cont.)
  • Join
  • M5 broadcasts br5 to all members.
  • Each member then computes
  • new key.
  • M4 sends all previous bris and bkis
  • to M5 who then computes
  • new key k5.

12
STR Protocol (Cont.)
  • Leave
  • If Mn leaves then Mn-1 takes
  • responsibility to create new key.
  • Everybody renumbers the node.
  • Mn-1 selects new random key
  • rn-1. Computes all bkis and
  • broadcasts it to all members.

13
Thought Scenario
  • Consider a scenario of multi chat application
    used in a university.
  • A secure group is formed for this application.
  • User may join this group based on their identity
    say Student, Professor and Director.
  • Admission control requirements are as follows
  • Identity of joining member should be verified.
  • Majority of the current group members should
    agree on new members join request.
  • A high hierarchy member may wish to join group at
    low hierarchical level. This should be
    acceptable.
  • Access control requirements are as follows
  • If a high profile user wants to join the group
    then he should be directly allowed.
  • Conversations between one hierarchy members
    should not be understandable by other hierarchy.

14
Identity Verification
  • There is a central server which maintains a list
    of all the Students, Professors and Directors.
  • This server also keeps the public key of all the
    university people.
  • People inside university can contact this server
    and verify anybodies identity as well as get
    public keys.

15
Joining and Admission Control
  • N wishes to join the group and communicates with
    an existing member M.
  • M firstly verifies the identity of N.
  • Next it checks if the N's hierarchy level is
    higher than any of the existing members.
  • If it is true then voting is not considered.
  • Otherwise M initiates polling and collects votes
    from all the current group members.
  • N is allowed to join only if total positive votes
    received are greater than a specified threshold T
    (say 50)
  • Next a certificate credential is sent to the
    requester by group administrator G.

16
Access Control
  • Achieved by maintaining different keys (Kl) for
    different hierarchical level.
  • All the members from level Hl communicate among
    themselves by encrypting messages with Kl.
  • When N joins group rekeying is done for N's
    hierarchical level (Hl).
  • Used STR distributed key management protocol.
  • When N joins/leaves the group, controller
    corresponding to level Hl manages the rekeying
    operation.

17
Implementation
  • We implemented these admission and access control
    policies using Java programming language.
  • Our application is developed on top of JXTA
    technology.
  • JXTA provides base level framework for forming
    virtual P2P groups, advertising and receiving
    events.

18
Implementation
  • Group Initialization
  • Group administrator G initializes a new secure
    group and regularly publishes the group
    advertisement into the network. The group
    advertisement contains description and membership
    policy of that group.
  • We defined a new membership policy based on X509
    certificate verification.
  • Since an X509 certificate is issued as credential
    by group administrator G, the admission control
    is controlled by this new membership policy.
  • Also the X509 certificate is sent in a secure
    manner by encrypting it with RSA public key of
    requester N. This RSA public key is retrieved
    from the central server.

19
Implementation
  • Searching Group Advertisements
  • Each member in the secure group broadcasts the
    group advertisement as well as personal
    advertisements.
  • Personal advertisement contains the contact
    information of that peer.
  • So if a new member N finds a personal
    advertisement from a existing member M of group
    then N can directly send a join request to M.

20
Implementation
  • Processing Join Request (Phase I)
  • On receiving join request, M communicates with
    central server for identity verification. Based
    on static admission policy either N is directly
    allowed or voting is carried out.
  • Both the processes, contacting central server and
    voting is carried out in a secure manner by
    encrypting communication with receivers RSA
    public key. If N is allowed then G issues a X509
    certificate to N.
  • N plugs this X509 certificate into the membership
    service of group. The membership service verifies
    whether this certificate is issued by G only. On
    successful verification N can listen and send
    messages within the new group joined.

21
Implementation
  • Processing Join Request (Phase II)
  • Issuing X509 certificate is only one half the
    portion of member join.
  • On a successful member join using X509
    credential, group rekey at level Hl is performed
    by a series of unicasts and multicasts.
  • Finally member communicate using DES encryption
    with key Kl corresponding to their level. This
    completes the join process.

22
Implementation Results
23
Conclusion from Implementation
  • Unicasting is made very efficient in JXTA.
  • Multicasting is not very reliable.
  • Many a time multicasts is not received by group
    members. This makes the rekeying algorithm as
    well as communication messages slow and error
    prone.
  • Refresh rate also effects the rekey protocol.

24
Conclusion
  • We have attempted to make the framework as
    decentralized as possible, which avoids single
    point of failure and enforce equal trust among
    group members.
  • Notion of subgroups for different hierarchies is
    achieved by maintaining separate keys at each
    level.
  • This saves the time against forming a new group
    altogether for accessing new restricted group
    services.

25
Future Work
  • We would try to incorporate dynamic admission and
    access control policies into our existing
    framework.
  • Currently rekeying is done at particular
    hierarchy level Hl of joining/leaving level. This
    can be modified to series of rekeying for all the
    levels Hi lt Hl. This will enable all the low
    hierarchy level group services accessible by
    group members.
  • We also intend to minimize the number of rekeying
    operations in a join process. Instead of rekeying
    on each join, a batch rekeying concept can be
    introduced.

26
Bibliography
  • 1 Y.Kim,A. Perrig, and G. Tsudik,Communication
    -Efficient group Key Agreement," IFIP SEC, June
    2001.
  • 2 Yu Zhang, Xianxian Li, Jinpeng Huai and
    Yunhao Liu, Access Control in Peer-to-Peer
    Collaborative Systems," 25th IEEE International
    Conference on Distributed Computing Systems
    Workshops, 2005.
  • 3 Michael Steiner, Gene Tsudik and Michael
    Waidner,Die-Hellman Key Distribution Extended to
    Group Communication," ACM Conference on Computer
    and Communications Security, 1996.
  • 4 Yacine Challal and Hamida Seba, Group Key
    Management Protocols A Novel Taxonomy".
  • 5 Nitesh Saxena, Gene Tsudik and Jeong Hyun
    Yi, Admission Control in Peer-to-Peer Design
    and Performance Evaluation," Proceedings of the
    1st ACM workshop on Security of ad hoc and sensor
    networks,2003
  • 6 Li Gong, Project JXTA A Technology
    Overview, http//www.jxta.org/project/www/docs/Te
    chOverview.pdf, 2002.
  • 7 Sun Microsystems Project JXTA v2.3.xJava
    Programmer's Guide," http//www.jxta.org/, 2005

27
Screen Shots
28
Screen Shots
29
Screen Shots
30
Screen Shots
31
Screen Shots
32
Screen Shots
33
Screen Shots
Write a Comment
User Comments (0)
About PowerShow.com