Sender Access Control in IP Multicast

Multicasting has not been widely adopted until now, due to lack of access control over the group members. The authentication, authorization and accounting (AAA) protocols are being used successfully, in unicast communication scenarios, to control access to network resources. AAA protocols can be used for multicast applications in a similar way. However, without an effective sender access control, an adversary may exploit the existing IP multicast model, where a sender can send multicast data without prior authentication and authorization. Even a group key management protocol that efficiently distributes the encryption and the authentication keys to the receivers will not be able to prevent an adversary from spoofing the sender address and hence, flooding the data distribution tree. This can create an efficient Denial of Service attack. In previous work, we have proposed a framework for the use of AAA protocols to manage IP Multicast group membership. To prevent DoS attacks and other known attacks (e.g., replay attack), we propose in this paper an extension for sender access control. Our solution will authenticate and authorize each sender, and account for sender behavior by deploying AAA protocols. Moreover, a multicast packet will be forwarded to the distribution tree only if it is cryptographically authenticated at the entry point by the Access Router. The proposal we have presented provides a flexible authentication framework, supporting different authentication mechanisms, and is independent of the underlying routing protocol. Finally, we have extended our model to support inter-domain multicast groups.