Hybrid Network Security

ACCEPTED FROM OPEN CALL SECURITY ISSUES IN HYBRID NETWORKS WITH A SATELLITE COMPONENT AYAN ROY-CHOWDHURY, JOHN S. BARAS, MICHAEL HADJITHEODOSIOU, AND SPYRO PAPADEMETRIOU, UNIVERSITY OF MARYLAND AT COLLEGE PARK ABSTRACT Satellites are accepted to comedy an added important role in accouterment broadband Internet casework over continued distances in an able manner. Best approaching networks will be amalgam in attributes — accepting earthbound nodes commutual by accessory links. Security is an imporSSSL tant affair in such networks, aback the affair 2 Proxy accessory articulation is afflicted to a host of attacks, including eavesdropping, affair hijacking and abstracts corruption. In this commodity we abode the affair of accepting advice in accessory networks. We altercate assorted aegis attacks that are attainable in amalgam SSSL affair 1 SSSL handshaking and accessory adaptation at applicant proxy (RPA) networks, and assay the altered solutions proposed to defended abstracts communications in these networks. We attending at the perforMost approaching networks mance problems arising in amalgam networks due to aegis additions like Internet Aegis Prowill be amalgam in tocol (IPSec) or Defended Socket Band (SSL), and advance solutions to performance-related attributes — accepting problems. We additionally point out important drawbacks in the proposed solutions, and advance a earthbound nodes hierarchical key-management admission for commutual by abacus abstracts aegis to accumulation advice in amalgam networks. accessory links. Security is an important affair in such networks, aback the accessory articulation is afflicted to a host of attacks, including eavesdropping, affair hijacking and abstracts corruption. INTRODUCTION With the accelerated advance of the Internet, accessory networks are added actuality acclimated to bear Internet casework to ample numbers of geographically advertisement users. The primary advantage of accessory networks is their advanced advertisement ability — a accessory can ability users in alien areas breadth earthbound connectivity is not available. Satellite networks are additionally calmly and bound deployed, and can be a added cost-effective band-aid in areas breadth laying arena cilia networks would be too expensive. Although accessory networks action abundant potential, they additionally present cogent challenges that charge to be addressed. Aegis is adequate an added important aspect of all network. In this commodity we focus on the challenges that charge to be addressed in adjustment to accomplish accessory networks added defended while advancement seamless interoperability with earthbound networks. These security-related challenges accommodate the afterward considerations: • Accessory channels are wireless advertisement media, which makes it attainable for an crooked user to accept the arresting and eavesdrop on the communication, if it is not encrypted. • Afterwards able aegis mechanisms, any abundantly well-equipped antagonist can accelerate afflicted commands to the accessory and jam or agitate the communication. • Accessory channels can occasionally accept aerial bursty errors (for example, during abundant rain) that aftereffect in packet loss. Satellite networks additionally ache from continued advancement delays (for example, 0. 5 abnormal for geostationary satellites). Therefore, aegis systems should add basal delays to the advice and accept mechanisms to balance from accident in aegis information. Accumulation aegis solutions originally advised for earthbound networks, such as Internet Aegis Agreement (IPSec) or Defended Socket Band (SSL), into accessory networks can annual astringent achievement penalties. In this commodity we accede some of these issues. We focus on abstracts aegis for IP-based bartering networks, and altercate the achievement problems that appear due to the encryption of the Manual Ascendancy Agreement (TCP) advance and burden aback accepted unicast aegis protocols like IPSec or SSL, originally advised for earthbound connections, are activated to accessory networks afterwards accumulation changes apprenticed by the altered characteristics of accessory networks. We additionally attending at the protocols proposed for defended accumulation advice in amalgam accessory networks, and alarm a hierarchical admission to accumulation key administration that is robust, scalable, and adequate for the acclimatized cartography of amalgam networks. The blow of the commodity is organized as follows. We alarm the amalgam satellite-network cartography and appearance that accomplish it altered from earthbound networks. We altercate aegis needs for the amalgam network. We altercate the accepted admission to accommodate end-to-end unicast aegis in amalgam networks, and alarm the achievement problems arising as a result. We assay 50 1536-1284/05/$20. 00 © 2005 IEEE IEEE Wireless Communications • December 2005 NOC Internet Aperture Proxy Applicant Proxy NOC (a) Internet Web server Web server (b) n Bulk 1. Bartering direct-to-home arrangement topology: a) case 1; b) case 2. the proposals for key administration for defended accumulation advice in accessory networks. We alarm a attainable band-aid to defended unicast advice afterwards sacrificing achievement and highlight our key-management admission to aegis for accumulation advice in accessory networks. We accomplish the commodity by pointing to approaching assay directions. awful afflicted to the delay-bandwidth artefact and exhibits complete poor achievement in accessory channels. Accessory TCP admission charge ample abode windows to actually advance the attainable bandwidth. However, due to the TCP slowstart algorithm and ample advancement adjournment in the accessory channel, it takes abundant best for accessory TCP admission to ability the ambition window size, in allegory to earthbound TCP connections. Also, the window is complete attainable to bottleneck due to the multiplicative abatement action of TCP. The botheration is circuitous by the actuality that TCP misinterprets link-layer bribery (which is the accustomed antecedent of accident in accessory links) as bottleneck (which is rare) and appropriately reduces the window. The PEP provides an able band-aid to the aloft problem. In accessory networks, a PEP abettor is installed at the accessory aperture amid the accessory arrangement and the Internet. The PEP abettor inspects every TCP packet that flows through the network. For abstracts packets, the PEP sends aback abortive acknowledgments to the TCP senders, afterwards cat-and-mouse for the TCP segments to be actually delivered to the receivers. These abortive acknowledgments are distinctively formatted to be duplicate from complete acknowledgments and they appreciably abbreviate the perceived round-trip delay. Studies accept apparent that this abode is analytical for the achievement advance of accessory networks [2–4]. Hence, TCP PEPs accept been broadly deployed in accessory networks today. Commercial networks additionally apply HTTP proxy servers to advance the dispatch of responses to Web-browser requests. Aback a user browses through agreeable on the Internet, the appliance band agreement in use is HTTP. A archetypal HTTP barter involves a appeal by the browser for a Web folio (“GET”), and a acknowledgment from the Web server, which contains the hypertext markup accent (HTML) argument of the requested Web page. A archetypal HTML folio would additionally accommodate assorted anchored “objects” such as images, anchored media or scripts, and so forth. Each anchored commodity has to be retrieved with a abstracted HTTP request-and-response exchange. Therefore, a Web folio that contains n – 1 anchored altar takes n * RTT time to bulk fully, breadth RTT is one round-trip time. This can be acutely cher in a accessory network, breadth the RTT is usually high. COMMERCIAL HYBRID SATELLITE NETWORK ARCHITECTURE The arrangement topologies we accede are illustrated in Fig. 1. In both topologies, we accept that there is one geostationary accessory with assorted spot-beams accoutrement a ample bounded area. Anniversary spot-beam covers a subset of the complete user set. We accept that approaching satellites will accept an IP stack, be able of onboard processing, and about-face the abstracts amid accurate spotbeams. The accessory accordingly acts as an IP router-in-thesky. The Arrangement Operations/Control Center (commonly accepted as NOC or NCC) connects to the accessory through the hub accessory gateway. The NOC is additionally affiliated to the Internet through accelerated earthbound links. Earthbound users can be either standalone machines (Fig. 1a), or a array of machines at anniversary location, such as a bounded breadth arrangement (LAN) (Fig. 1b). Earthbound LANs can be either alive or wireless. Each user or LAN is affiliated to a bounded accessory terminal. The users accept cartage from the accessory via the advanced admission (satellite downlink). The users can additionally acquaint with the accessory via the acknowledgment admission (uplink). There is no earthbound connectivity amid the users or the LANs. Usually, in bartering accessory networks that alteration Internet traffic, a split-connection Manual Ascendancy Agreement (TCP) Achievement Enhancing Proxy (PEP) is implemented to abate the abrogating furnishings of the accessory articulation on the Internet affiliation [1]. Satellite channels accommodate ample bandwidth (which can be as aerial as 90 Mb/s in the downlink), but additionally ache from continued advancement adjournment in allegory to earthbound links. The adjournment can be as aerial as 500 ms (round-trip) for a geostationary accessory link. The advancement adjournment can accept a astringent adverse appulse on the commitment of Internet traffic. Best of the Internet cartage uses the TCP, which is IEEE Wireless Communications • December 2005 51 SSSL encryption New IP advance ESP Aboriginal TCP advance IP advance advance TCP burden (SSL record) IPSEC encryption ESP bivouac proxy (user side). There is a hub proxy server amid at the NOC with the hub accessory aperture — this proxy server represents the aperture proxy for both TCP and HTTP achievement enhancements. SECURITY THREATS Agnate aegis attacks can be launched adjoin altered amalgam accessory arrangement topologies, but the appulse of attacks would alter depending on the blazon of arrangement and the applications accurate by the arrangement scenario. In the following, we annual some of the important aegis threats in the amalgam arrangement declared above, and highlight the accent of the threats for the altered arrangement scenarios. Confidentiality of information: For networks that crave advice privacy, a primary blackmail is crooked admission to arcane abstracts or eavesdropping. Aback the accessory is a advertisement medium, any commodity on the arena with the acclimatized accessories can accept the accessory transmission. If the abstracts is advertisement in the clear, again adversaries can be buried to the advice that is abounding in the network. Abstracts acquaintance can be able by bulletin encryption. This requires that the senders and receivers are accordingly acquainted of the complete cryptographic keys acclimated in the encryption/ decryption operations. This is a bifold problem: the botheration of selecting adequate cryptographic algorithms for accomplishing encryption so that all-embracing arrangement achievement is not affected, and the botheration of analogous keys amid users, that is, key management. Sending afflicted commands: An antagonist with the acclimatized accessories can accelerate afflicted ascendancy and command letters to the spacecraft, appropriately authoritative the aircraft accomplish operations altered from their advised use. This can agitate accepted operations and advice in the network. This advance can be prevented if the sources of the letters are appropriately accurate by every receiver. This would crave adequate mechanisms for authentication, such as agenda signatures [5]. The akin of aegis acclimatized would behest the affidavit policy, for example, whether abandoned the end users should accredit anniversary other, or whether affidavit should appear on a per-hop basis. The closing ability be all-important for scenarios breadth the accessory should not advertisement afflicted information. If the accessory authenticates the antecedent of every bulletin it receives, it will abode abandoned those letters for which antecedent affidavit occurs correctly. Message modification attack: Aback the cartage goes over attainable networks, an antagonist who is alert on the aisle can ambush both ascendancy and abstracts messages. The antagonist can adapt the letters and accelerate them to the destination, which can be the spacecraft, the arena terminals, or the end users. Aback the bulletin alcove the advised destination, it would anticipate that the abject bulletin is advancing from the accurate source, but the bulletin agreeable ability be altered from that accepted or acclimatized for accustomed arrangement operation. Bulletin modification can be prevented by SSL almanac HTML folio n Bulk 2. IPSec and SSL encryption on a packet. The HTTP proxy server (also accepted by assorted alternative names, depending on the vendor) is implemented in accessory networks to affected this problem. In a archetypal implementation, this requires a bounded Web proxy server at anniversary user location, and a alien proxy server at the axial hub ability of the accessory arrangement (i. e. , the NOC). The Web browser at the user breadth should be able to admit the bounded proxy (which can be either software on the applicant machine, or a abstracted accouterments affiliated inbetween the applicant apparatus and the bounded accessory terminal). When the browser makes a appeal for a Web page, the HTTP GET appeal is beatific to the bounded Web proxy, which assiduously the appeal to the destination Web server. The Web server responds with the requested abject HTML page. This folio is intercepted by the proxy server at the arrangement hub facility. The hub proxy server reads the abject HTML folio and sends assorted GET requests to the destination Web server for all the anchored altar in the abject HTML page. This barter occurs over a accelerated earthbound affiliation amid the hub and the Internet, thereby extenuative the time anniversary appeal would accept bare for a annular cruise over the accessory link. As the altar of the Web folio are retrieved by the hub, they are anon forwarded to the proxy at the user location. As the user browser receives the abject HTML documents, it generates acclimatized GET requests to back the altar agnate to the links anchored in the document. The browser GET requests are concluded at the Web proxy server, which assiduously the prefetched abstracts to the user browser immediately. The net aftereffect is that abandoned a distinct “GET” appeal from the user browser traverses the accessory link, while a set of accelerated responses bound bear the requested Web folio and associated elements to the browser. The charge for accessory accommodation is additionally reduced, which is the best cher aspect of a accessory network. In agreement of the user’s experience, the user sees a abrupt abeyance afterwards the aboriginal Web-page appeal (corresponding to the round-trip time it takes for the appeal to the forwarded to the destination server, and the acknowledgment to be accustomed by the browser, over the accessory link), followed by near-instantaneous commitment of all agreeable residing on the requested page. The accommodation is added accouterments at the user breadth and the central-hub facility. In Fig. 1a, the proxy server at the user represents both the PEP (user side) and the HTTP 2 IEEE Wireless Communications • December 2005 appending message-integrity assay mechanisms to every message, for example, bulletin affidavit codes (MACs) [6] or agenda signatures. Aegis requirements and behavior can behest whether bulletin affidavit should appear abandoned at the advice end points, or whether average nodes should additionally verify the candor of every message. Denial-of-service attack: Some attacks on aegis can be facilitated if able aegis mechanisms are put in abode for assuming message-integrity checks or acceptance users. Consider the case breadth the accessory does affidavit and candor checks on all letters afore broadcasting. An antagonist can accelerate a ample cardinal of afflicted letters to the satellite, appropriately authoritative the accessory absorb cogent computational cycles processing the afflicted messages, which could be bigger spent broadcasting accepted messages. Aback the accessory has bound processing power, such an advance can be complete effective, abnormally if able cryptographic mechanisms like agenda signatures are acclimated for affidavit and bulletin integrity. This is a denial-of-service (DOS) attack. Although this DOS advance can be launched adjoin any bulge in a network, a accessory arrangement can be decidedly afflicted to such an attack, aback the accessory is a distinct point of abortion and can be calmly afflicted if fabricated to accomplish too abundant computation. New IP advance ESP Aboriginal IP TCP advance advance advance TCP burden ESP bivouac Encryption with K1 Aboriginal IPSEC ESP adit admission encryption New IP advance ESP Aboriginal IP TCP advance advance advance TCP burden ESP bivouac Encryption with K2 Encryption with K1 Layered IPSEC ESP adit admission incryption n Bulk 3. IPSec and layered IPSec encryption. Key K1 is aggregate amid endpoints only. Key K2 is aggregate amid endpoints and TCP PEPs. 1 anchored altar takes n * RTT to be loaded, an admission in adjournment by a agency of n. IPSEC FOR SECURITY AT THE NETWORK LAYER Several proposals for abstracts acquaintance and affidavit in accessory networks alarm for use of IPSec, which has been broadly adopted by the Internet Engineering Task Force (IETF) for aegis at the arrangement layer. IPSec and SSL are acclimated afar of anniversary other. IPSec creates an end-to-end adit at the arrangement band for the defended alteration of traffic. The two end-points in the advice accommodate aegis ambit accepted as the aegis affiliation (SA) afore cartage can be encrypted. Once the SA has been accustomed in the handshake phase, the IP packets are encrypted appliance the algorithms and the keys defined in the SA. This is done aback the IP-encrypted aegis burden (IPSec ESP) [9] is used. The IPSec ESP provides for both abstracts encryption and authentication. IPSec provides able aegis for abstracts acquaintance and authentication, but it has a abundant byte aerial — in the ESP mode, IPSec adds 10 bytes of aerial to the advance and trailer. In addition, if affidavit is used, ESP adds 16 bytes or added for the candor assay value, and accession 8 bytes or added of initialization agent (IV) if the encryption algorithm uses an IV. Also, IPSec has been advised primarily to defended point-to-point communication; it s not able-bodied ill-fitted for accumulation communication, due to the abridgement of the activating key-establishment action all-important to for defended advice in groups breadth the associates changes with time. In addition, IPSec does not acquiesce for affidavit at average nodes, but this ability be advantageous in some aegis situations. A broadly researched botheration aback appliance IPSec in accessory networks is its disability to coexist with PEPs. The keys acclimated for encryption in the IPSec ESP are accepted abandoned to the two endpoints and accordingly any average bulge in the arrangement cannot breach the traffic. IPSec ESP has two modes of operation — adit admission and carriage mode. In adit mode, the complete IP packet is encrypted and a new IP advance and ESP advance are generated and absorbed to the encrypted packet (Fig. 3), which adds an added SECURING END-TO-END UNICAST COMMUNICATION USING IPSEC OR SSL Assay on accessory aegis has focused on appliance the complete affiliated technology, originally advised for earthbound networks, to fix acclaimed aegis holes in accessory networks. Two such protocols that are broadly acclimated for defended unicast advice are IPSec [7] and SSL [8]. Figure 2 illustrates the encryption regions of SSL and IPSec. SECURE SOCKET LAYER FOR SECURE WEB TRAFFIC The SSL agreement secures the Web-browsing affiliation on an as-needed basis. Aback the applicant requests a defended affiliation or the server demands one, SSL is activated to defended the HTTP connection. The consistent affiliation is bargain accepted as defended HTTP (or HTTPS) and it encrypts the application-layer HTTP abstracts end-to-end amid the applicant and the server. In the agreement stack, the SSL band sits amid the appliance and the carriage layers. Therefore, SSL encryption hides the TCP burden from all nodes in the network, except the applicant and the server. SSL encryption does not acquiesce the HTTP proxy to action correctly. The HTML Web folio encrypted into the SSL annal is bright abandoned by the applicant and the server who accept the decryption keys. The keys are not attainable to the proxy, and accordingly the proxy cannot apprehend the HTML Web page. Consequently, the hub proxy server cannot accelerate requests to the Web server for the anchored altar in the folio and, therefore, HTML commodity prefetching cannot booty place. The net aftereffect is that a Web folio with n – IEEE Wireless Communications • December 2005 53 The HTTP proxy additionally cannot action aback the IPSec ESP is used. Aback the HTML folio is encrypted end-toend, the HTTP proxy cannot apprehend the Web folio in adjustment to prefetch the anchored objects. Therefore, use of IPSec leads to a astringent abasement in achievement for both the TCP PEP and HTTP proxy. SSSL adaptation at hub proxy (HPA) SSSL affair 2 SSL affair 3 Proxy Applicant Internet Aperture NOC SSSL affair 1 SSSL handshaking and adaptation at applicant proxy (RPA) Proxy Web server Bulk 4. The SSL Internet Folio Accelerator abstraction for able HTTPS over satellite. 20 bytes of aerial in accession to the aerial mentioned above. Encrypting the aboriginal IP advance provides complete able aegis by disabling attacks (such as cartage analysis, etc. ). In carriage mode, the burden allocation of the IP packet is encrypted and a new ESP advance is absorbed to the packet afterwards the aboriginal IP header, which is in the clear. In either mode, the IP packet payload, which includes the TCP header, is encrypted with keys accepted abandoned to the end points. Therefore, a TCP PEP, which is an average bulge in the advice path, cannot apprehend or adapt the TCP header, aback the PEP does not apperceive the keys. Consequently, the PEP cannot function, appropriately arch to abasement in the achievement of the TCP protocol. The HTTP proxy additionally cannot action aback the IPSec ESP is used. Aback the HTML folio is encrypted end-to-end, the HTTP proxy cannot apprehend the Web folio in adjustment to prefetch the anchored objects. Therefore, use of IPSec leads to a astringent abasement in achievement for both the TCP PEP and HTTP proxy. It is important to agenda that the problems that appear from the use of the SSL agreement or the IPSec ESP are complete of one another. It is believable that both protocols are acclimated simultaneously, for example, aback a defended Web folio is accessed via a defended VPN tunnel. However, in such cases the achievement issues do not change and the aftereffect would be agnate to appliance the IPSec ESP alone. On the alternative hand, if SSL abandoned is used, again the achievement would be better, aback the TCP PEP can action accurately in this scenario. [10] and layered IPSec [11], the abstraction is to encrypt altered regions of the IP packet appliance altered keys (Fig. ). The TCP burden is encrypted with key K1, which is aggregate abandoned amid the endpoints. The aboriginal IP advance and the TCP advance are encrypted with key K2, which is aggregate amid the end credibility and additionally with average accustomed nodes such as the TCP PEP. Therefore, the TCP PEP can breach the advance allocation of the ESP packet with K2 and apprehend the TCP advance to do its achievement optimizations. But the PEP cannot apprehend the TCP burden and appropriately cannot admission the complete data, aback it does not posses the key K1. The layered IPSec admission allows TCP PEPs to action effectively. However, the adjustment does not breach the botheration of HTTP proxy servers. The HTML folio is encrypted with key K1 as allotment of the TCP payload, and K1 is not aggregate with any average node. Therefore, the Web folio is not attainable to the HTTP proxy and no commodity prefetching can be accomplished. Olechna et al. [12] accept appropriate two solutions to the IPSec problem. In the aboriginal approach, the cardboard proposes affective the TCP PEP gateways to the endpoints. The TCP optimizations are done on the cartage in the clear, and again the cartage is encrypted appliance IPSec. There is no TCP PEP at the accessory hub. This admission improves the performance, but aback a packet is absent or accustomed in absurdity TCP goes into congestionavoidance appearance and the manual is bargain by half. The added proposed approach, which deals bigger with this problem, is to breach the defended affiliation into two at the accessory gateway. One affiliation is amid the applicant and the gateway, and the added affiliation is amid the aperture and the Internet server. This allows the aperture to breach the IPSec packet and apprehend the headers and thereby do achievement optimizations. This requires affirmation in the accessory gateway, which can now apprehend all the traffic. This ability be unacceptable to users who crave able end-to-end security. Several acclimatized TCP protocols accept been proposed that accomplish bigger than the aboriginal blueprint in the accident of admission errors or delay, or aback IPSec is used. A altercation of PROPOSED SOLUTIONS TO MITIGATE PERFORMANCE PROBLEMS WITH SSL OR IPSEC Several proposals accept been fabricated in academia and industry to accord with achievement problems that appear from appliance IPSec and SSL in accessory networks. The abstraction of breaking up IPSec encryption into assorted encryption regions or zones on a distinct packet has been proposed afar in [10, 11]. Although the bigger capacity in the two approaches are different, the basal abstraction is the same. Accepted as multilayer IPSec (ML-IPSec) 54 IEEE Wireless Communications • December 2005 Accumulation keys (TEK) K1,8 Centralized keys (KEK) K1,4 K5,8 Aisle of keys for M8 K1,2 K3,4 K5,6 K7,8 Blade keys Associates Accumulation key K2 K1,12 Accumulation key K1 K1,8 K9,12 K1 K2 K3 K4 K5 K6 K7 K8 M1 M2 M3 M4 M5 M6 M7 M8 (a) K1K2 K3 K4K5 K6 K7K8 K9 K10K11K12 M1M2M3M4M5M6M7M8 G1 G2 G3 G4 Associates Gateways (b) Bulk 5. Analytic key bureaucracy and its addendum to accessory networks: a) with eight members; b) ML-IPSec chip LKH timberline with users and gateways. these TCP enhancements can be begin in [13]. The botheration of HTTP proxy achievement aback SSL is acclimated has been addressed aural the industry by breaking up the end-to-end distinct SSL affiliation amid applicant and server into assorted SSL admission [14]. In this solution, the applicant browser creates a defended HTTP affiliation with the alien folio accelerator (RPA) at the applicant accessory terminal, a added affiliation is created amid the RPA and the hub folio accelerator (HPA), and a third affiliation is amid the HPA and the server (Fig. 4). The RPA performs all all-important handshaking with the applicant browser. The HPA can breach the SSL cartage from the server and accomplish the acclimatized commodity prefetching. Taken together, this allows commitment of defended Web agreeable with little achievement abasement and with little change to the accepted protocols. The aloft check to this arrangement is that it requires a aerial akin of affirmation in the average nodes. The HPA, which is a third-party entity, can apprehend all the acute Web cartage that passes amid the applicant and the server. This ability be unacceptable aback complete end-to-end aegis is desired. is O(logN) (where N is the cardinal of associates in the group), which is beneath than the O(N) keys acclimatized if the GC abiding the associates in a collapsed topology. To acquiesce PEPs to action accurately aback network-layer aegis is used, [15] proposes the use of ML-IPSec. The cardboard proposes appliance a distinct LKH timberline to administer the accumulation key K2, acclimated to encrypt the carriage band advance (known to end users and trusted gateways), and the accumulation key K1, accepted abandoned to the end users and acclimated for encrypting the carriage band data. As apparent in Fig. b, users M 1 …M 8 are blade nodes in a subtree of bulk three, and gateways G 1 …G 4 are blade nodes in a subtree of bulk two. The basis key of the affiliate bulge subtree, K 1,8 , is acclimated to encrypt the carriage payload. The basis of the all-embracing key tree, K1,12, is acclimated to encrypt the carriage header. All affiliate nodes apperceive both K1,8 and K1,12, but the gateways apperceive K 1,12 abandoned (apart from the centralized keys in the aperture subtree). How the LKH timberline would be managed is not declared in [15]. This is important, aback the users and the gateways ability not be in the aforementioned authoritative or aegis domain. The cardboard additionally considers all users and gateways as a “flat” arrangement for key administration purposes, rather than demography into annual the hierarchical attributes of the arrangement topology. The use of LKH for key administration in accessory links has additionally been proposed in [18], which suggests algorithms for dynamically managing the LKH timberline in case of affiliate joins and leaves. Duquerroy et al. [19] proposed “SatIPSec,” for key administration and defended advice for both unicast and multicast in a accessory network. The band-aid is based on IPSec, with the accession of collapsed multicast key barter (FMKE) to abutment key administration for defended accumulation communication. Administration of SAs for both unicast and multicast advice is chip into the FMKE protocol. FMKE additionally incorporates believability mechanisms so as to agreement reliable key administration in the lossy accessory setting. However, FMKE manages SAs amid the accessory terminals or gateways abandoned and does not extend to the end users. Therefore, end-to-end aegis is not provided aback appliance SatIPSec. The RPA performs all all-important handshaking with the applicant browser. The HPA can breach the SSL cartage from the server and accomplish the acclimatized commodity prefetching. Taken together, this allows commitment of defended Web agreeable with little achievement abasement and with little change to the accepted protocols. KEY MANAGEMENT PROPOSALS FOR SECURE GROUP COMMUNICATION IN HYBRID NETWORKS Some assay has been done with alone algorithms that serve as accoutrement in architectonics keymanagement protocols in adjustment to facilitate defended accumulation advice in amalgam accessory networks. Howarth et al. [15] accept proposed the use of analytic key bureaucracy (LKH) [16, 17] for able key administration for multicast groups in a accessory network. LKH makes use of a centralized key administrator or accumulation ambassador (GC), which constructs a analytic key timberline with the accumulation associates as the leaves of the timberline (Fig. 5a). The centralized nodes of the timberline are the key encrypting keys (KEK), which are acclimated to deeply carriage key updates to the group. The basis of the timberline is the affair key or traffic-encrypting key (TEK), which is acclimated to encrypt the affair traffic. The cardinal of keys that charge to be acclimatized aback a affiliate bulge joins or leaves the accumulation IEEE Wireless Communications • December 2005 55 New IP advance ESP Aboriginal TCP HTML advance IP advance advance commodity links Abject HTML folio Encryption with K2 ESP bivouac Encryption with K1 n Bulk 6. Layered IPSec with modifications for HTTP optimization. Also, FMKE treats all the accessory terminals it casework (which are alleged SatIPSec clients) in a “flat” topology, and establishes abstracted defended channels to all SatIPSec clients. This will not calibration aback there are a ample cardinal of clients. Also, SatIPSec does not accede the activating joins and leaves of associates in the accumulation advice setting; a applicant needs to be preauthorized for all the groups it wants to booty allotment in. The agreement additionally requires complete affirmation in the accumulation ambassador and key server (GCKS), which is a third affair that is amenable for managing the SAs amid the clients. All audience charge to accept preshared secrets with the GCKS. IPSEC AND SSL IN HYBRID NETWORKS: OUR APPROACH We attending at abstracted solutions to the achievement botheration arising out of appliance SSL and IPSec in amalgam networks, and additionally accede how the two approaches can be combined. HTTP OVER IPSEC TUNNEL One applicable adjustment is to breach up the end-to-end IPSec adit into assorted connections. This is agnate to the band-aid proposed in [12]. But while their admission looks at abandoned the TCP enhancements, we add the use of the HTTP proxy as well. In our approach, the IPSec affiliation from the applicant is concluded at the applicant proxy. The proxy creates its own IPSec affiliation to the aperture TCP proxy. A third IPSec affiliation is created from the aperture TCP proxy to the Web server. Schematically, this is agnate to Fig. , with IPSec admission replacing the SSL admission in the figure. The IPSec handshaking amid the applicant and the server is spoofed by the applicant proxy on the applicant end, and by the TCP hub proxy on the server end. In this model, the Web cartage can be apprehend actually by the applicant proxy and the hub proxy. The two proxies are able to accomplish the TCP enhancements because they can apprehend the TCP header. In addition, the hub HTTP proxy can accomplish HTML commodity prefetching from the server because it can apprehend the abject HTML folio as it is alternate to the applicant on a HTTP request. When the applicant browser generates staggered requests for the anchored altar aloft accepting the abject HTML page, the applicant proxy is amenable for abiding bounded acknowledgments to the requests, and sending all the altar to the applicant browser at one time. The architectonics is accordingly actually able to advance the functionality of the TCP and HTTP proxies. It additionally encrypts the cartage so that it can be apparent abandoned by the client, the server, and the two average proxy servers. The architectonics additionally makes basal changes to complete accepted protocols. However, the architectonics additionally requires that there be abounding affirmation in the proxy servers. Also, there is added aerial in ambience up three IPSec connections, as against to one (as in the end-to-end case). The aerial in encryption/decryption additionally increases by a agency of three for every IP packet, aback the average proxies charge to breach the TCP advance and the HTML content. Aback the aegis claim is that the cartage be cacographic to average nodes, the aloft admission will not work. In this situation, we adduce extending the layered IPSec admission in adjustment to acquiesce portions of the HTML agreeable to be additionally attainable to the proxy servers. Assume for layered IPSec that the keys are K1 and K2. K1 is accepted abandoned to the applicant and the server, while K2 is accepted to the client, the Web server, and the average proxy servers at the applicant and the gateway. Aback the applicant makes HTTP requests, the requests are encrypted appliance K2, so that the applicant proxy server can apprehend the requests and accelerate bounded acknowledgments. Added software at the Web server parses the requested HTML folio so as to admission all the anchored commodity links. These commodity links are aggregate into a new HTML folio that contains abandoned the commodity links, and this new folio is encrypted with K2. The abject HTML folio that contains all the advice and the commodity links is encrypted with K1. Both the encrypted abject HTML folio and the encrypted commodity links HTML folio are beatific in reply. Therefore, the encrypted ESP packet looks as it is depicted in Fig. 6. Aloft accepting the IPSec packet from the Web server, the hub proxy is able to apprehend the commodity links (since it has K2) and accordingly do prefetching for the anchored links. In addition, the hub proxy can additionally apprehend the TCP advance and accomplish TCP enhancements. However, the HTML base-page abstracts cannot be apprehend by the hub proxy, aback it does not accept K1. The encrypted abject HTML folio can abandoned be apprehend by the applicant aback the IPSec packet alcove the destination. This architectonics allows the TCP and HTTP proxies to accomplish bigger while advancement a aerial akin of end-to-end security. However, the aegis is not as able as in adequate IPSec, aback the average proxies do get some advice insofar as they can apprehend the links of the anchored objects, alike admitting they cannot apprehend the appliance data. This is the aloft accommodation all-important to accomplish adequate achievement in this design. In addition, the archetypal requires changes to be fabricated to the IPSec agreement so that layered IPSec is accurate with the HTTP achievement additions. A aloft affair in the aloft archetypal is the handshaking apparatus acclimatized to set up the layered IPSec connection. To advance a aerial akin of security, we adduce that the affiliation be set up primarily amid the applicant and the server, who accommodate both K1 and K2, afar from alternative ambit of the aegis association. The handshaking apparatus again provides K2 deeply to both the applicant and the hub proxy servers. The applicant and the hub proxy servers are acclimatized to accredit themselves accurately afore they can accept the accessory key or admission the IPSec traffic. 56 IEEE Wireless Communications • December 2005 DSSL capital admission (K1) DSSL capital admission (K2) Internet Aperture Proxy (K2) Applicant (K1, K2) NOC DSSL primary and accessory modes Aboriginal TCP IP advance advance Proxy SSL almanac Primary SSL almanac Proxy (K2) Web server (K1,K2) Encryption with K2 Encryption with K1 IP packet architectonics for DSSL n Bulk 7. Dual-mode SSL for HTTP optimization. HTTP OVER SSL Aback the HTTP cartage is anchored appliance SSL only, and there is no IPSec adit in use, several approaches are attainable to ensure adequate performance. If the aegis claim of the applicant and the Web server acquiesce for trusted average nodes, again the SSL accelerator abstraction of [14] can be a applicable solution. This would crave no change to the protocols at the bulk of college aerial in adjustment to set up assorted SSL admission amid the client, proxy, and Web server. When the aegis action does not acquiesce for trusted third parties, a altered admission is needed. We adduce the use of a acclimatized SSL protocol, which we appellation dual-mode SSL (DSSL). As apparent in Fig. 7, the defended affiliation in DSSL has two modes — an end-to-end capital admission affiliation amid the applicant and the Web server, and a accessory admission affiliation that has the hub HTTP proxy as an average node. Aback defended HTTP cartage is requested, the DSSL capital admission affiliation is aboriginal adjourned amid the applicant and the server. As allotment of the handshake for the capital mode, the applicant and the Web server additionally accommodate the ambit for the accessory mode. Let K1 be the encryption key for the capital mode, and K2 be the encryption key for the accessory mode. The applicant transfers the ambit of the accessory admission to the applicant and hub HTTP proxy servers abandoned afterwards the proxy servers accredit themselves to the client. Aback the applicant makes an HTTP request, the applicant proxy sends bounded replies to the applicant browser, as discussed previously. The Web server, on accepting the request, parses the requested HTML folio to admission the anchored commodity links, which are aggregate into a new HTML page. The commodity links HTML folio is again encrypted by DSSL appliance K2 to actualize the proxy SSL record. DSSL encrypts the abject HTML folio appliance K1 to actualize the primary SSL record. The two annal are added calm and beatific to the applicant in an IP packet (Fig. 7). The hub proxy intercepts the IP packet, extracts the commodity links from the proxy SSL almanac appliance K2, and prefetches the anchored objects. The Web server consistently encrypts the complete altar appliance K1, so that the hub proxy cannot apprehend the abject HTML folio data. The hub proxy transfers all the anchored altar calm to the applicant at one time. Therefore, the HTTP proxy functionality is preserved in DSSL while advancement the end-to-end aegis of the HTML folio contents. However, the aegis is beneath than in the end-to-end SSL affiliation case, aback the HTTP proxy can apprehend the commodity links. In accepted SSL, the proxy servers can apprehend no allotment of the abject HTML page, not alike the commodity links. We accept this slight abridgement in aegis is acceptable, accustomed the ample advance in achievement appliance this method. The DSSL architectonics is added circuitous in allegory to SSL aback it requires the conception of an added connection, and accordingly involves a college overhead. There is additionally the added aerial of assorted encryptions and decryptions with two altered keys, and the complication of parsing the HTML folio for the commodity links. All these crave changes to the abject SSL protocol. The DSSL abstraction is agnate to the multiplechannel SSL abstraction proposed in [20]. However, the authors do not differentiate encryption in primary and accessory SSL annal but instead advance that HTTP cartage with lower aegis requirements be encrypted actually with keys accepted to average nodes. For our aegis requirements, that admission would not be acceptable. Differential Encryption in Distinct SSL Almanac — The use of a proxy SSL almanac is not all-important if assorted genitalia of the HTML folio can be encrypted with The DSSL architectonics is added circuitous in allegory to SSL aback it requires the conception of an added connection, and accordingly involves a college overhead. There is additionally the added aerial of assorted encryptions and decryptions with two altered keys. IEEE Wireless Communications • December 2005 57 Accessory SSL encryption Primary SSL encryption New IP advance ESP Aboriginal TCP Proxy SSL advance IP advance advance almanac Accessory IPSec encryption Primary SSL almanac ESP bivouac Primary IPSec encryption n Bulk 8. Packet architectonics for dual-mode SSL with IPSec. altered keys. In that case, the Web server can encrypt the commodity links in the HTML folio with key K2 and the blow of the HTML folio capacity with key K1, appropriately creating a distinct SSL almanac with altered encryption. The hub proxy server can anatomize the SSL almanac and breach abandoned the commodity links with key K2, afore forwarding the IP packet to the applicant proxy. We accept that the primary and accessory encryption keys K1 and K2 accept been set up and broadcast as declared in the antecedent sections, with K1 accepted to the applicant and the Web server only, while K2 is accepted to the client, the Web server, and the average proxy servers. A agnate abode can be activated aback IPSec encryption is acclimated instead of SSL encryption. The advantage actuality is that the admeasurement of the packet does not increase, although there is the aerial of distributing key K2 to the proxy servers to be considered. HTTPS OVER IPSEC For the account of completeness, we accede the bearings breadth a defended Web folio is requested over an IPSec tunnel. This adjustment involves back-up of resources, aback use of SSL aback IPSec is actuality acclimated does not accommodate any essentially added security. However, our admission can booty affliction of the achievement in this book as well. In this situation, we adduce amalgam DSSL with layered IPSec. Then the accessory keys for both the layered IPSec affiliation and the DSSL affiliation are aggregate with the proxy servers. The accessory key for layered IPSec is aggregate with both the TCP proxy and the HTTP proxy. Aback layered IPSec encrypts the packet, the accessory key encryption extends up to the proxy SSL record. The TCP proxy servers can accordingly breach the TCP advance of the ESP packet, and the HTTP proxy server can breach the proxy SSL record. Consequently, achievement optimizations for both TCP and HTTP are accustomed afterwards absolution the average servers apprehend the HTML page. A schematic of the IPSec packet in this ambience is apparent in Fig. 8. A HIERARCHICAL APPROACH TO KEY MANAGEMENT FOR DATA SECURITY IN HYBRID NETWORKS In [21], we accept proposed a key-management framework for distributing cryptographic keys deeply and in a scalable abode to users demography allotment in accumulation advice in a amalgam accessory network. The cold is to ensure abstracts confidentiality, by encrypting the abstracts cartage with accumulation keys accepted to all the accumulation members. The key-management framework is congenital on top of the multicast acquisition architecture. We accept advised the amalgam arrangement cartography apparent in Fig. 1b and advised a multicast acquisition architectonics to acquiesce users to acquaint seamlessly amid assorted earthbound LANs (also referred to as subnetworks) [22]. Our acquisition architectonics makes specific use of asynchronous alteration admission (ATM) point-to-multipoint acquisition [23] over the accessory links, and Protocol-Independent Multicast Sparse-Mode (PIM-SM) multicast acquisition [24] in earthbound LANs. We accept continued PIM-SM to acquiesce assorted affair credibility (RPs) in anniversary multicast group. The accessory aperture in anniversary LAN acts as the bounded RP for the LAN and creates the bounded multicast copse for accumulation associates aural the LAN. The bounded multicast copse are affiliated calm over the accessory links by appliance the ATM point-to-multipoint basic connection, thereby creating one end-to-end multicast timberline for anniversary group, encompassing all the LANs with accumulation associates in them. The multicast acquisition architectonics is appropriately acclimatized carefully to the hierarchical arrangement topology, and allows for architectonics able multicast copse with low ascendancy and abstracts overhead. The architectonics of the key-management agreement is complete of the acquisition algorithm, although it is based on the aforementioned basal principle, that is, a hierarchical breakdown of the arrangement based on the topology. We bisect the arrangement into two levels — the lower level, comprised of earthbound LANs breadth the users are located, and a college akin consisting of the satellite, the NOC, and the accessory gateways or RPs in anniversary LAN, which calm anatomy an bury (Fig. 9a) abutting earthbound LANs. The RPs act as the “bridge” amid the two levels. Key administration is done alone in the two levels. In anniversary LAN we acquaint a bounded accumulation ambassador (called the “subnetwork key controller” or SKC) to administer the keys for all groups alive in the LAN. The SKC is amenable for admission ascendancy of all associates of all groups that are alive in its LAN, breeding the accumulation keys for all bounded groups, and afterlight the keys on group-member joins and leaves aback a accumulation is active. The keys managed by an SKC are actually bounded to its LAN, and do not affect the key administration in any alternative LAN in the network. The SKC uses the LKH algorithm to administer keys in its LAN, creating a analytic key timberline that we appellation the SN Tree. Anniversary accumulation alive in a LAN has its own SN Tree. The leaves of the SN Timberline for a accumulation accord to the longterm aggregate secrets amid the SKC and the bounded users in the LAN who are alive as sources and/or receivers in the group. The basis of the SN Timberline corresponds to the affair key that is acclimated for encrypting the accumulation cartage aural the LAN at any accurate instant. On affiliate joins and leaves, the affair key, and all the keys on the aisle from the basis to the blade bulge agnate to the affiliate joining/leaving, are updated, while all alternative keys in the SN Timberline abide unchanged. The bury has its own key management, 58 IEEE Wireless Communications • December 2005 Bury RP timberline basis key Level-1 Accessory Bury arrangement NOC Aperture Aperture Aperture SN timberline SKC RP (root) RP (leaf) SKC RP timberline RP (leaf) Aperture Level-0 SKC Subnet n Subnet 1 Subnet 2 (a) Subnet 3 Subnetwork Subnetwork (b) Subnetwork n Bulk 9. A hierarchical admission to key administration in amalgam networks: a) bureaucracy in the amalgam network; b) tiered timberline key management. additionally based on the LKH algorithm. At the bury level, the key administration for a accurate accumulation is controlled by the accessory gateway/RP (known as the basis RP for that group) of the LAN that has accumulation sources alive for the longest connected aeon in the group. The analytic key timberline for any accumulation appropriately formed at the bury is termed the RP Tree. The basis RP is amenable for breeding keys for the RPs of the LANs who subscribe to the accurate group, that is, accept sources and/or receivers alive in the LAN. Anniversary accumulation has its own RP Tree. The architectonics ensures that the NOC cannot receive/transmit abstracts to any alive group, unless it actually subscribes to the accumulation as a affiliate node. However, LANs abutting any accurate accumulation initially annals with the NOC, which maintains a accumulation associates table for all alive groups, so that at all times the NOC is acquainted of the LANs which are accommodating in all alive groups. The NOC is additionally amenable for selecting the basis RP of the RP Timberline for anniversary group, which it does based on the earliest-to-join policy. The basis RP additionally ability be altered for altered groups, aback the LAN with the longest continuously alive sources ability be altered for altered groups. Our algorithm has the accouterment to acquiesce the basis RP for any accumulation to change — this happens if the currently alive basis RP leaves the group, aback all sources/receivers aural its bounded LAN cease to participate in the group. Our algorithm accordingly builds a bureaucracy of analytic key copse that carefully chase the bureaucracy in the arrangement topology, as apparent in Fig. 9b. We appellation this framework Tiered Tree-based Key Management. In this bureaucracy of key trees, the aperture RPs are amenable for assuming key adaptation on all the multicast accumulation cartage as it transmits the abstracts from bounded sources to receivers in alien LANs, or aback it receives accumulation cartage from alien sources for bounded receivers. This adaptation is all-important aback the abstracts cartage is encrypted with the RP Timberline affair key in the overlay, and with the SN Timberline affair ey aural the bounded LAN, with the two affair keys actuality complete of one another. The abundant architectonics of Tiered Tree-based Key Management, assay of its security, and beginning after-effects can be begin in [25]. The primary cold in our architectonics is to abbreviate the bulk of key-management ascendancy cartage n Bulk 10. Tiered timberline framework: complete key administration cartage vs. RP timberline cartage for three groups (Y-axis shows the cartage in bytes per second; X-axis is the simulation continuance in minutes). hat flows over the accessory links, due to the continued adjournment circuitous as able-bodied as susceptibility to admission errors. We accept attempted to ensure that the aegis of the abstracts cartage does not add any aerial in agreement of adjournment alternative than that actually unavoidable, and that the aegis agreement does not accord to deadlocks in group-data broadcasting breadth some accumulation associates in assertive LANs cannot apprehend the abstracts due to accepting amiss keys. From the simulation results, Fig. 10 shows the abridgement in key-control cartage over the accessory links appliance our tiered-tree approach. The blueprint compares the complete key-management IEEE Wireless Communications • December 2005 59 Our band-aid is a all-encompassing band-aid aimed accurately at multicast key administration and does not accord with an end-to-end aegis band-aid for defended advice or accord any accomplishing specifics. advice beatific in the arrangement for three accompanying groups (i. e. , beatific over the RP trees, beatific over the accessory links, and all SN copse bound to bounded LANs), to the complete key advice beatific on the RP copse (satellite links) only. As the blueprint shows, the ability accumulation on the accessory links is abundant aback the tiered-tree arrangement is used. Alike admitting the accumulation dynamics are high, the bulk of bulletin exchanges are complete few in the RP tree, that is, over the accessory links. If a collapsed key-management bureaucracy had been acclimated instead, the complete key-management cartage would accept been beatific over the accessory links, appropriately arch to added adjournment and accretion the achievability that the complete keys do not ability all the associates at the aforementioned time. Our band-aid is accordingly complete scalable. It additionally acknowledges the actuality that the accumulation associates ability be amid in altered aegis domains and, therefore, a distinct network-wide aegis administration ability not be possible. This is a added astute scenario, aback earthbound LANs ability be alone aggregation domains, while the accessory bury basement is usually endemic by a abstracted commodity that provides arrangement connectivity to the LANs, and is not amenable for breeding the arrangement traffic. This framework addresses the botheration that all users ability not be arresting to a single, centralized aegis authority, and the dynamics of user joins or leaves in one LAN should not actualize an aerial to users in alternative LANs. Also, in widearea accessory networks we accede that the accessory admission altitude at a accustomed point in time ability be altered in altered sections of the network. There ability be accident in advice due to bad admission altitude in some arrangement segments; however, this should not agitate advice in arrangement segments breadth the admission altitude are better. Solutions which amusement all users in a distinct timberline will not be able to accomplish as robustly beneath such conditions. Our band-aid is additionally agnate to the ML-IPSec abstraction in that the accessory terminals are abandoned partially trusted; they are accustomed to do fractional decryption/encryption of the IP packets for able routing. However, it is a all-encompassing band-aid aimed accurately at multicast key administration and does not accord with an end-to-end aegis band-aid for defended advice or accord any accomplishing specifics. approaches for archetypal topologies and acceptance the proposed designs by simulation. Lastly, we accept declared our hierarchical admission of key administration for accouterment abstracts aegis in amalgam networks. We are continuing our assay in this breadth and analytical designs to accommodate our keymanagement agreement with the unicast case. A ample bulk of assignment needs to be done with attention to defended protocols for amalgam networks, accurately for the case breadth users are mobile. Actuality we accept affected aloft abandoned a baby subset of the problems. None of the proposed solutions, including our own, abode the catechism of user affidavit or bulletin candor for accumulation communication. However, we accept the aegis problems discussed actuality will accept added assay from the assay community, and this assignment will be a advantageous addition to the field. ACKNOWLEDGMENT The authors would like to acknowledge the bearding reviewers for their admired comments and suggestions. The assay appear actuality is accurate by the National Aeronautics and Amplitude Administration (NASA) Marshall Amplitude Flight Center beneath accolade no. NCC8-235. The angle bidding in this commodity are alone the albatross of the authors and do not reflect the angle or position of NASA or any of its components. REFERENCES [1] J. Border et al. , “Performance Enhancing Proxies Advised to Mitigate Link-Related Degradations,” IETF RFC 3135, June 2001. [2] V. Arora et al. , “Effective Extensions of Internet in Amalgam Satellite-Terrestrial Networks,” University of Maryland, College Park, Tech. Rep. CSHCN TR 96-2, 1996. [3] V. Bharadwaj, “Improving TCP Achievement over HighBandwidth Geostationary Accessory Links,” University of Maryland, College Park, Tech. Rep. ISR TR MS-99-12, 1999. [4] N. Ehsan, M. Liu, and R. Ragland, “Evaluation of Achievement Enhancing Proxies in Internet over Satellite,” Wiley Int’l. J. Commun. Sys. , vol. 16, Aug. 2003, pp. 513–34. [5] NIST, “Digital Signature Accepted (DSS),” May 19, 1994. [6] H. Krawczyk, M. Bellare, and R. Canetti, “HMAC: KeyedHashing for Bulletin Authentication,” IETF RFC 2104, Feb. 1997. [7] R. Atkinson and S. Kent, “Security Architectonics for the Internet Protocol,” IETF RFC 2401, Nov. 1998. [8] IETF Carriage Band Aegis Alive Group, “The SSL Agreement Version 3. 0,” Nov. 1996, attainable at http://wp. netscape. com/eng/ssl3/draft302. txt [9] R. Atkinson and S. Kent, “IP Encapsulating Aegis Burden (ESP),” IETF RFC 2406, Nov. 998. [10] Y. Zhang, “A Multilayer IP Aegis Agreement for TCP Achievement Enhancement in Wireless Networks,” IEEE JSAC, vol. 22, no. 4, 2004, pp. 767–76. [11] M. Karir and J. Baras, “LES: Layered Encryption Security,” Proc. ICN’04, Guadeloupe (French Caribbean), Mar. 2004. [12] E. Olechna, P. Feighery, and S. Hryckiewicz, “Virtual Private Arrangement Issues Appliance Accessory Based Networks,” MILCOM 2001, vol. 2, 2001, pp. 785–89. [13] P. Chitre, M. Karir, and M. Hadjitheodosiou, “TCP in the IPSec Environment,” AIAA ICSSC 2004, Monterey, CA, May 2004. 14] SSL Accelerator, Spacenet Inc. , attainable at http://www. spacenet. com/technology/advantages/ssl. ht ml [15] M. P. Howarth et al. , “Dynamics of Key Administration in Defended Accessory Multicast,” IEEE JSAC, vol. 22, no. 2, 2004, pp. 308–19. [16] C. Wong, M. Gouda, and S. S. Lam, “Secure Accumulation Communications Appliance Key Graphs,” IEEE/ACM Trans. Net. , vol. 8, 2000, pp. 16–30. CONCLUSION Aegis is a analytical basic in amalgam IPbased accessory networks. In this commodity we accept focused on some of the challenges that lie ahead. We accept discussed the altered characteristics of amalgam accessory networks that accomplish the botheration of ensuring defended advice altered from that of absolutely earthbound networks. We accept presented a assay of the assorted aegis solutions that accept been proposed, and discussed their advantages and disadvantages. We accept proposed several approaches to breach the achievement problems of TCP and HTTP in accessory networks arising from defended communication. However, a lot of added assignment needs to be done to validate our approaches, and we are in the action of developing specific abundant aegis 0 IEEE Wireless Communications • December 2005 [17] D. Wallner, E. Harder, and R. Agee, “Key Administration for Multicast: Issues and Architectures,” IETF RFC 2627, June 1999, attainable at http://www. apps. ietf. org/rfc/ rfc2627. html [18] G. Noubir and L. von Allmen, “Security Issues in Internet Protocols over Accessory Links,” Proc. IEEE VTC ‘99, Amsterdam, The Netherlands, 1999. [19] L. Duquerroy et al. , “SatIPSec: An Optimized Band-aid for Accepting Multicast and Unicast Accessory Transmissions,” 22nd AIAA Int’l. Commun. Sat. Sys. Conf. and Exhibit, Monterey, CA, May 2004. [20] Y. Song, V. Leung, and K. Beznosov, “Supporting Endto-End Aegis beyond Proxies with Multiple-Channel SSL,” Proc. 19th IFIP Info. Sec. Conf. , Toulouse, France, Aug. 2004, pp. 323–37. [21] A. Roy-Chowdhury and J. Baras, “Key Administration for Defended Multicast in Amalgam Accessory Networks,” 19th IFIP Info. Sec. Conf. , Toulouse, France, Aug. 2004. [22] A. Roy-Chowdhury and J. Baras, “Framework for IP Multicast in Accessory ATM Networks,” AIAA ICSSC 2004, Monterey, CA, May 2004. [23] G. Armitage, “Support for Multicast over UNI 3. 0/3. 1 Based ATM Networks,” Internet RFC 2022, Nov. 1996. [24] S. Deering et al. , “The PIM Architectonics for Wide-Area Multicast Routing,” IEEE/ACM Trans. Net. , vol. 4, no. 2, 1996, pp. 153–62. [25] A. Roy-Chowdhury, “IP Acquisition and Key Administration for Defended Multicast in Accessory ATM Networks,” Master’s thesis, University of Maryland, College Park, 2003, attainable at http://techreports. isr. umd. edu/reports/2004/ MS2004-1. pdf Cardboard Award, 2004 WiSe Conference. He holds three patents. His assay interests accommodate wireless networks and MANET, wireless arrangement aegis and advice assurance, affiliation of argumentation programming and nonlinear programming for accommodation analysis, multicriteria optimization, noncooperative and accommodating activating games, able-bodied ascendancy of nonlinear systems and amalgam automata, algebraic and statistical physics algorithms for ascendancy and advice systems, broadcast asynchronous ascendancy and advice systems, acquisitive clay of circuitous engineering systems, accessory and amalgam advice networks, arrangement management, fast Internet casework over amalgam wireless networks, academic systems, planning and optimization, able ascendancy and learning, biologically aggressive algorithms for arresting processing, and sensor networks. MICHAEL HADJITHEODOSIOU [M] accustomed an M. A. (honours) in electrical and advice sciences from the University of Cambridge, United Kingdom, in 1989, an M. S. in electrical and computer engineering from the University of California, Irvine in 1992, and a Ph. D. n engineering (specializing in accessory communications) from the Centre for Accessory Engineering Assay (CSER) at the University of Surrey, United Kingdom, in 1995. Among his awards are a scholarship accolade for studies at the University of Cambridge from the Cambridge Commonwealth Affirmation (1984–1986); a Fulbright Scholarship for post-graduate assignment in the United States (1989–1991); a Assay Acquaintance from the U. K. Engineering and Physical Sciences Assay Council (EPSRC) (1992); and the Canadian National Science and Engineering Assay Council (NSERC) post-doctoral acquaintance accolade (1995). He formed as a assay adolescent in the Advice Systems accumulation of CSER (1991–1995) and spent a year as a visiting adolescent at the Canadian Government Communications Assay Center (CRC) (1995–1996). In November 1996 he abutting the Center for Accessory and Amalgam Advice Networks (CSHCN) at the Institute for Systems Research, University of Maryland, College Park, breadth he is currently an abettor assay scientist. He is an able on amplitude communications and accessory networks. His assay interests accommodate achievement admission of wireless and amalgam networks, aegis and agreement abutment issues for accessory systems, and architectonics admission of next-generation broadband accessory networks and applications. He is currently alive on acknowledging the advice needs of NASA enterprises and the advice architectonics enabling amplitude exploration. He is currently confined as secretary of the IEEE Accessory and Amplitude Communications Technical Committee. SPYRO PAPADEMETRIOU accustomed his B. S. in computer science from George Mason University, Fairfax, Virginia. Aback again he has been actively circuitous in Internet assay and development aural both industry and academia. He was the arch Internet researcher at Synectics Corp. , breadth he developed arrangement and database software. He formed as a researcher at the University of Maryland’s Institute for Systems Research, breadth he advised and developed their aboriginal networking laboratory, which is allotment of the CSHCN. At Inktomi Corp. he spearheaded applicant dispatch assay and was a affiliate the content-distribution arrangement architectonics team. These resulted in several apparent filings, of which he holds one. The closing additionally resulted in American Online’s Web applicant accelerator product. Currently he is with Orbital Abstracts Corp. alive on arrangement and appliance optimization. His assay interests accommodate arrangement optimization, appliance optimization, accessory and earthbound wireless networking, delay-tolerant networks, sensor networks, broadcast systems, and arrangement software architecture. We accept affected aloft abandoned a baby subset of the problems. None of the proposed solutions, including our own, abode the catechism of user affidavit or bulletin candor for accumulation communication. BIOGRAPHIES AYAN ROY-CHOWDHURY ([email protected] umd. edu) accustomed his B. E. in electronics and telecommunications engineering in 1998 from Jadavapur University, India, and his M. S. in electrical engineering in 2003 from the University of Maryland, College Park, breadth he is currently a Ph. D. student. Amid 1998 and 2000 he formed as a chief software architect at Wipro Technologies, India. His assay focuses on the architectonics of protocols and frameworks for defended advice in amalgam networks. He is alive on defended protocols for unicast and multicast acquisition in networks that accept alive and wireless earthbound apparatus commutual by accessory links. He is additionally attractive into key administration techniques for defended abstracts manual for these arrangement architectures, and able user-authentication mechanisms for the same. As allotment of these topics, he is additionally investigating achievement problems for arrangement advice in accessory networks aback aegis is involved. J OHN S. B ARAS [F] accustomed a B. S. in electrical engineering from National Technical University of Athens, Greece, in 1970, and M. S. and Ph. D. degrees in activated mathematics from Harvard University in 1971 and 1973, respectively. He was founding administrator of the Institute for Systems Assay (one of the aboriginal six NSF Engineering Assay Centers) from 1985 to 1991. Since August 1973 he has been with the Electrical and Computer Engineering Department and Activated Mathematics Faculty at the University of Maryland, College Park. In 1990 he was appointed to the Lockheed Martin Chair in Systems Engineering. Aback 1991 he has been administrator of the Center for Amalgam and Accessory Advice Networks (a NASA Assay Partnership Center). Among his awards are the 1980 Outstanding Cardboard A

Order a unique copy of this paper

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
Top Academic Writers Ready to Help
with Your Research Proposal
Live Chat+1(978) 822-0999EmailWhatsApp

Order your essay today and save 20% with the discount code COURSEGUY