Date post: | 29-Dec-2015 |
Category: |
Documents |
Upload: | kelley-sharp |
View: | 221 times |
Download: | 1 times |
Hierarchical agent-based secure and reliable multicast in wireless mesh
networks
Yinan LI, Ing-Ray Chen
Robert Weikel, Virginia Sistrunk, Hung-Yuan Chung
Introduction to Wireless Mesh Networks
● Wireless Mesh Networks (WMN) is a cost effective “last mile” tech generally consisting ofo wireless mesh routers (MR), these form the
backbone of the networko mesh clients (MC)o gateways for Internet connectivity
Intro (cont)
Group communication in WMNs have a problem of supporting secure and reliable mobile multicast The paper proposes an efficient algorithm called hierarchical agent-based secure and reliable multicast (HASRM) in order to mitigate this
HASRM requirements
● Only authenticated users interface with the multicast group
● Provide forward and backward secrecy● Must guarantee delivery of packets● Must support mobile multicast even
when they move and change locations / different (MR) areas
Integrated mobility, and multicast service management
● The system was designed because:o User mobility can have a significant impact on
multicast service managemento Performance optimization around egocentric
multicast service management may lead to excessive overhead when users are mobile.
o Minimizing network cost has significant fringe benefits in regards to the rest of the system
HASRM Organization
● Multicast Agents (MA) o an MA is also mesh routers (MR) o responsible for rekeying and group
membership managemento registers integrated mobility and multicast
server management capabilities across other MAs
o dynamically determines optimal regional service size in order to reduce over network cost
SPN modeling
● SPN is used here to analyze performanceo Focuses on the key parameters in HASRMo Under optimal settings outperforms traditional
shortest-path multicast algorithmso Also used to model previous work in order to
compare results Including SeGrOM (Secure Group Overlay
Multicast), and the paper which this work is extended from
Assumptions and design goals
● A multicast group member may join or leave a group at arbitrary times.
● Group members join and leave events can be modeled by a Poisson process with rates of and , respectively.𝝀 𝞵
● There is a p probability of packet loss o It assures packet transmission through a NAK-
based retransmission scheme
HASRM structure● Two-levels
o Upper level is a backbone multicast tree connecting mesh routers that serve as agents
Tree is updated whenever there is a leave or join event Tree maintains a list of all routers serving as agents An agent services a particular multicast group
o The lower level / local multicast group and its associated MA A single MA may contain several MRs The regional service size is a key parameter with a tradeoff of packet
delivery cost and managerial cost The optimal regional service can be modeled with the optimal threshold
of the number of hops a member can be away from its MA● Referenced Hoptimal● Non-optimal threshold is referenced by H
Secure Key Management
● Members and MAs share a secret key Kuo Established through Diffie-Hellmano Changed when transitioning to a new MA
MA Join
● Steps when a MA joins the backboneo Old group key, Kg is discardo New key, K’g is generated by hashing the
original key. (i.e.) K’g = h(Kg)o Source sends K’g to the newly joined using
public key encryption
MA Leave
● Steps when an MA leaves the backboneo Kg needs to be updated by using the key tree
approach o Distributes key through PKI to all MAs
excluding the one leaving via rekey messages
Reliable multicast data delivery
● Straight Forward Procedureo source encrypts the packet using Kgo disseminates the encrypted packet to the
subgroups MA through the treeo Each MA decrypts the packet using KGo MA re-encrypts packet with Ku, sends to each
group membero Member decrypts using Ku
Packet Loss● When loss is detected from a
membero negative acknowledgement
(NAK) is sent to MAo MA sends the missing packet to
member o After a period of time MA
discards packets● When loss is detected from
backbone (via seq num) two options are availableo Source multicasts the packet to
all MAso Source sends packet to all MAs
who exhibit the loss
Packet Loss (cont)
● Local (Lower) layer uses unicast becauseo Using multicast in a wireless environment can
be very costly in a multicast scenarioo Eliminates the need for multicast tree
maintenance at lower levelso In contrast to using multicast, error correction
requires significantly less overhead when dealing with many members
Dynamic group membership management(3/5)
Member Leave
MA:● forwards the leave to the source● removes itself from the backbone if no other client is
servicedThe source: ● updates the backbone multicast tree ● sends MA the acknowledgement
Leave Request
Leave Acknowledgement
Dynamic group membership management(5/5)
Mobility ManagementNEW MR not MA, ● but member of the OLD MA region
=>member reports a location update● not member of the OLD MA serving region=> NEW MR sends join
request to backbone multicast tree => become an MAIF NEW MR is MA =>member switches & starts receiving multicast packages
● MC executes DH protocol and generates a new Ku
Performance Model(1/3)
Mobility Rate (σ) 2dim n x n wireless mesh w/wrap aroundThe average unicast path length Markov Chain Model M/M/∞/M(1) P0- probability of not servicing any member
P1- probability that MR services one member
Performance Model (2/3)
H is the distance thresholdavg #MRs covered = 2H2 -2H+12: For any MR and MA
3: 0Probability MA services exactly one member4: K multicast scaling factor5: Leaves on the multicast tree (MAs)
Performance Model (3/3)6: #MRs on the tree7: Probability that a multicast data packet is delivered to a member H hops away8: Expected number of retransmissions to a member H hops away9: Expected hop distance (average length of paths from south to MA)10: Probability that a multicast packet is successfully transmitted from source to an MA L hops away11: Expected number of retransmissions to disseminate a packet to an MA
SPN Model for HASRM
● SPN for describing a single group membero Token = a location changeo Move = the event of member movemento if NEW MR is: MA => transition probability P1 =1-PMA
just MR => 1.transition probability P2 = PMA
2.the member reports its new location to its MA(trans. MC2MA)
3. MR becomes MA => Reseto After each MC2MA, a token is placed into Hopso When mark(Hops)=H => transition Join is fried. Firing
“Join” resets hops from MA to zero
Costs● Cost := total #hops● Cs = CS
1 + CS2
CS1 : initial multicast and retransmissions to
all MAsCS
2 : Weighted cost for retransmissions from MA to a group memberCm : Cost of mobility management(15) Cost for security management when leaving or joining a tree(16) Cost for a member to create a new key(17): Cost per leave event(18): Total cost of all operations
Service to Mobility Ratio
● SMR = λp / σ● The average number of the multicast
data packets transmitted from the source to a group member during the interval between two serving MR changes of the group number.
● It captures the service and mobility characteristics of group members.
Comparison: HARSM vs. SPT
● Comparison of HASRM and traditional multicast algorithms based on shortest-path tree (SPT)● the moderate γ● The total communication cost is per member per time unit metric
Comparison: HASRM vs. SeGrOM
● Secure Group Overlay Multicast ● hierarchical decentralized multicast
Algorithm● SeGrOM Selects a coordinator for each
subgroup of group members connected to the same MR.
● Coordinators are similar to MAs.● The service area of a coordinator is
exactly the coverage area of an MR.
HASRM vs. SeGrOM (cont.)
● When SMR is small(i.e., the mobility rate is high),the figure shows that HASRM copes well with high group membermobility.