Fixible Sender Access Control for Bi-directional Multicast Routing
Bi-directional shared tree is an efficient routing scheme for interactive multicast applications with multiple sources. Given the open-group IP multicast service model, it is important to support sender access control in order to prevent group members from receiving irrelevant data, and also to protect the multicast tree from denial-of-service (DoS) attacks. Compared with source specific and uni-directional shared trees, where information sources can be authorized or authenticated at the single root or rendezvous point (RP), in bi-directional trees this problem is more pronounced since hosts can send data to the shared tree from any point in the network. In this paper we propose a scalable sender access control policy mechanism for bi-directional shared trees so that irrelevant data is policed and discarded once it arrives at an on-tree router. We consider both intra- and inter-domain routing, so that the mechanism can cope with large-scale multicast applications or many concurrent multicast sessions across multiple administrative domains.
multicast security Denial of service Bi-directional tree
LIN Shiwei LI Xiaohong ZHU Jianjun
Dept. of Automation ,Jilin Institute of Chemical Technology,Jilin City,China 132022
国际会议
北京
英文
2007-08-05(万方平台首次上网日期,不代表论文的发表时间)