Differentially secure multicasting and its implementation methods

Though the areas of secure multicast group architecture, key distribution and sender authentication are under scrutiny, one topic that has not been explored is how to integrate these with multilevel security. Multilevel security is the ability to distinguish subjects according to classification levels, which determines to what degree they can access confidential objects. In the case of groups, this means that some members can exchange messages at a higher sensitivity level than others. The Bell-La Padula model outlines the rules of these multilevel accesses (see Bell, D. and La Padula, L., MITRE Report, M74-244, MTR 2547 v2, 1973). In multicast groups that employ multilevel security, some of these rules are not desirable, so a modified set of rules is developed and is termed differential security. Also, this paper proposes three methods to set up a differentially secure multicast group: (1) naive approach, (2) multiple tree differential security (DiffSec) approach, and (3) single DiffSec tree approach. Our simulation studies show that both single and multiple DiffSec tree approaches offer similar performance in terms of bandwidth consumption, which is significantly better than that of the naive approach. We also discuss the suitability of the schemes, taking into account scalability and implementation issues