Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Arab Emirates
I.
INTRODUCTION
To
ensure
efficient
multicast
forwarding
via
Geosynchronous Earth Orbit (GEO) satellite, we firstly
propose in this paper an Enhanced Unidirectional Lightweight
Encapsulation (EULE) derived from ULE method. It relies on
label-switching approach [6] for the switching of MPEG-2
segments based on a switching table. Secondly, for solving the
frequently rekeying problem, we also propose the usage of two
independent LKH key distribution layered architecture [7]: a
satellite-layer and a terrestrial layer. In both levels, and for
more security, the keys are generated by chaotic sequences and
are transmitted in particular packets defined for this purpose.
Data and keys encryption is also provided by chaotic
algorithms.
97
A. System Architecture
As shown in Fig. 1, two main entities provide the transfer
of data and the connection with the GEO satellite DVB-S: the
Network Control Center (NCC) and the Return Channel via
Satellite Terminal (RCST). The NCC is the core of the satellite
network. It controls all the RCSTs in the network. The RCST is
the terrestrial terminal that provides a bidirectional link with
GEO satellite with a return channel via satellite (DVB-RCS).
GEO satellite
Spot beam 1
IP
IP Packet
ISP/
Internet
RCST
Sender
NCC
RCST
Spot beam 2
RCST
RCST
Receiver
RCST
C. Security requirements
The multicast transmission over satellite DVB is vulnerable
to various attacks listed in [10]. The security services that have
been derived to counteract these attacks are:
Member
98
GKC
GK (Group key)
H
1
100
101
110
10000
10001
10010
10100
10101
10110
11000
11001
11010
10 11 12
13 14 15 16 17 18
19 20 21
22 23 24 25 26 27
III.
99
D. Key PDU
A new type of packet KPDU is proposed to transport the
new generated keys and to choose the algorithms that will be
used for key deriving, encryption and authentication. The
structure of the KPDU depicted in Fig. 5, is similar to the
structure of a normal network PDU. It consists of a header that
will carry information about the current security association,
and a payload that will carry the new keys. The transported
keys KEKe and/or GKe are encrypted with one of the keys of
the lower level of the tree.
NK HF EA AA KV HCS Key ID (1) ---- Key ID (NK)KEKe (1) --- GKe (NK)
Header
Payload
SIMULATION RESULTS
100
Where:
TNK, Total Number of Keys: is the number of
transmitted keys (which is equal to the number of
transmissions performed within LKH).
12
10
Flat System
LKH
2-tiered LKH, m= /10
2-tiered LKH, m= /50
2-tiered LKH, m= /100
10
10
(2)
10
10
10
10
0.1
0.5
1.5
2.5
3.5
4.5
dynamicity ()
V.
1200
(k-1) +
k+
logk N -1
2
logk N -1
2
3
1000
10
900
800
700
600
500
400
300
200
(Leave)
174
4
10
(1)
2.5*104
10
2.5*105
10
3*106
(Join)
101
REFERENCES
[1]
EHO=100.EH / l(EULE)
(3)
[2]
[3]
[4]
16
[5]
14
Data Overhead
12
10
[6]
[7]
0
0
200
400
600
800
1000
1200
1400
1600
1800
[8]
[10]
CONCLUSION
[11]
[12]
[13]
[14]
[15]
[16]
[17]
[18]
102