Simon S. Lam scite author profile

Many emerging applications (e.g., teleconference, real-time information services, pay per view, distributed interactive simulation, and collaborative w ork) are based upon a group communications model, i.e., they require packet delivery from one or more authorized senders to a very large number of authorized receivers. As a result, securing group communications (i.e., providing con dentiality, integrity, and authenticity of messages delivered between group members) will become a critical networking issue.In this paper, we present a novel solution to the scalability problem of group/multicast key management. We formalize the notion of a secure group as a triple (U K R) where U denotes a set of users, K a set of keys held by the users, and R a user-key relation. We then introduce key graphs to specify secure groups. For a special class of key graphs, we present three strategies for securely distributing rekey messages after a join/leave, and specify protocols for joining and leaving a secure group. The rekeying strategies and join/leave protocols are implemented in a prototype group key server we have built. We present measurement results from experiments and discuss performance comparisons. We s h o w that our group key management service, using any of the three rekeying strategies, is scalable to large groups with frequent joins and leaves. In particular, the average measured processing time per join/leave increases linearly with the logarithm of group size.1 Introduction Most network applications are based upon the client-server paradigm and make use of unicast (or point-to-point) packet delivery. Many emerging applications (e.g., teleconference, real-time information services, pay per view, distributed interactive s i m ulation, and collaborative w ork), on the other hand, are based upon a group communications model. That is, they require packet delivery from one or more authorized sender(s) to a large number of authorized receivers. In the Internet, multicast has been used successfully to provide an

show abstract

Secure group communications using key graphs

Wong

1998

View full text Add to dashboard Cite

show abstract

General AIMD congestion control

View full text Add to dashboard Cite

Instead of the increuse-by-one decrease-to-half strategy used in TCP for congestion window adjustment, we consider the general case such that the increase value and decrease ratio are parameters. That is, in the congestion avoidance state, the window size is increased by a per window of packets acknowledged and it is decreased to p of the current value when there is congestion indication. We refer to this window adjustment strategy as general additive increase multiplicative decrease (GAIMD). We present the (mean) sending rate of a GAIMD flow as a function of a, p, loss rate, mean round-trip time, mean timeout value, and the number ofpackets acknowledged by each ACK. We conducted extensive experiments to validate this sending rate formula. We found the formula to be quite accurate for a loss rate of up to 20%. We also present in this paper a simple relationship between a and p f o r a GAIMD flow to be TCP-friendly, that is, for the GAIMD flow to have approximately the same sending rate as a TCPflow under the same path conditions. We present results from simulations in which TCP-friend111 GAIMDflows (a = 0.31, p = 718) compete for bandwidth with TCP RenoJlows and with TCP SACKflows, on a DropTail link as well as on a RED link. We found that the GAIMDflows were highly TCP-friendly. Furthermore, with / 3 at 7/8 instead of 1/2, these GAIMD flows have reduced rate fluctuations compared to TCP flows.

show abstract

Batch rekeying for secure group communications

et al. 2001

View full text Add to dashboard Cite

Many emerging web and Internet applications are based on a group communications model. Thus, securing group communications is an important Internet design issue. The key graph approach has been proposed for group key management. Key tree and key star are two important types of key graphs. Previous work has been focused on individual rekeying, i.e., rekeying after each join or leave request. In this paper, we first identify two problems with individual rekeying: inefficiency and an out-of-sync problem between keys and data. We then propose the use of periodic batch rekeying which can improve efficiency and alleviate the out-of-sync problem. We devise a marking algorithm to process a batch of join and leave requests. We then analyze the key server's processing cost for batch rekeying. Our results show that batch rekeying, compared to individual rekeying, saves server cost substantially. We also show that when the number of requests in a batch is not large, the best key tree degree is four; otherwise, key star (a special key tree with root degree equal to group size) outperforms small-degree key trees.

show abstract

Packet Switching in a Multiaccess Broadcast Channel: Performance Evaluation

Kleinrock

Lam

1975

IEEE Trans. Commun.

506

152

View full text Add to dashboard Cite

Program in Information Systems, a program designed to increase for Communication Theory of the IEEE TRANSACTIONS ON COMinteraction between industry and the university.Abstract-In this paper, the rationale and some advantages for multiaccess broadcast packet communication using satellite and ground radio channels are discussed. A mathematical model is formulated for a "slotted ALOHA" random access system. Using this model, a theory is put forth which gives a coherent qualitative interpretation of the system stability behavior which leads to the definition of a stability measure. Quantitative estimates for the relative instability of unstable channels are obtained. Numerical results are shown illustrating the trading relations among channel stability, throughput, and delay. These results provide tools for the performance evaluation and design of an uncontrolled slotted ALOHA system. Adaptive channel control schemes are studied in a companion paper.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Simon S. Lam

Secure group communications using key graphs

Secure group communications using key graphs

General AIMD congestion control

Batch rekeying for secure group communications

Packet Switching in a Multiaccess Broadcast Channel: Performance Evaluation

Contact Info

Product

Resources

About