Secure multicast communication: end user identification and accounting

One reason that multicast communication is not in widespread use is its anonymous host model: a host may join and leave a group at any time from anywhere. Lack of information about service users and access control in this model makes it vulnerable to different types of attacks and also creates problems for a service provider to generate enough revenue. An architecture is proposed in this paper to identify multicast end users and to control access to the multicast group communication. The AAA architecture of the IETF is incorporated in the solution. A group policy server is used to provide group management services and IGMP/MLD protocol messages are extended to exchange host and user identity information. The end user information in this system enables an ISP to control the distribution of the multicast traffic as well as to collect real time user accounting information. Part of the proposed solution has been formally modeled in PROMELA. Validation of the model has shown that the proposed architecture and protocols are invulnerable to many forms of attack