IP Routing and Key Management for Secure Multicast in Satellite ATM Networks

his thesis proposes a design for secure IP multicast in hybrid satellite networks. The emergence of IP multicast for Internet group communication has placed focus on communication satellites as an efficient way to extend IP multicast services for groups with distributed membership in wide-area networks. This poses interesting challenges for routing and security. Satellite networks can have both wired and wireless links and also different link-layer technologies like Ethernet and ATM. No proposed IP multicast routing protocol for wired networks offers an integrated solution for such networks. From the security viewpoint, in order to be commercially viable, the multicast traffic should be accessible only to legitimate receivers. Access control can be achieved by data encryption, with the correct decryption keys provided to authorized members. This requires secure and efficient methods to generate, distribute and update the keys. Most current key management protocols do not scale well when applied to large dynamic groups operating in wide-area networks. This thesis attempts to solve the above problems and proposes a design for secure multicast in wide-area networks that have terrestrial Ethernet LANs interconnected by ATM-based satellite channels. The thesis reviews the multicast services offered by IP and ATM, and proposes a multicast routing framework for the hybrid satellite network. The thesis also looks at current group key management protocols, and designs a scheme for secure and scalable key management for the proposed multicast routing architecture. The frameworks are presented in detail, followed by analysis and simulation results.