System and method for secure group communications via multicast or broadcast
First Claim
1. A system for implementing a secure multicast group in a scalable manner, said system including:
- a group security controller which encrypts data with a first group key and causes the encrypted data to be multicast to a first sub-group; and
a number of trusted intermediary servers, wherein each of the trusted intermediary servers can encrypt data with a different group key and cause the differently encrypted data to be multicast to a different sub-group, wherein each said different group key is different from the first group key and each said different sub-group is different from the first subgroup, and wherein the group security controller and each of the trusted intermediary servers form a logical hierarchy of sub-groups which determine said secure multicast group, with the first sub-group at a top level of said hierarchy and each of the sub-groups associated with a different one of the group security controller and the trusted intermediary servers.
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method for secure group communication via multicast or broadcast transmission. In preferred embodiments, the system of the invention implements a secure multicast group consisting of senders, receivers, a group security controller (GSC), and at least one trusted intermediary (TI) server. The GSC and each TI server are responsible for maintaining the security of the group by authenticating and authorizing all other members of the multicast as well as managing the group key(s) (Kgrp(s)) that are used to encrypt the messages multicast to the group. Any member of the group may have more than one role at a time. For example, senders may also be receivers, and the GSC may be combined with one of the senders. Each TI server is a trusted intermediary, which is a special type of sender and receiver. The TI servers create a (logical) hierarchy of secure multicast networks (a secure distribution tree) that makes the system of the invention scalable (able to practically implement a group of any number of members). Some embodiments of the system implement a security protocol supporting data confidentiality, source authentication, data integrity, and sender non-repudiation. Implementation of the system does not require use of any specific security technology (i.e. cryptographic and authentication tools). The decision to use one technology over another is left to the implementor.
-
Citations
43 Claims
-
1. A system for implementing a secure multicast group in a scalable manner, said system including:
-
a group security controller which encrypts data with a first group key and causes the encrypted data to be multicast to a first sub-group; and a number of trusted intermediary servers, wherein each of the trusted intermediary servers can encrypt data with a different group key and cause the differently encrypted data to be multicast to a different sub-group, wherein each said different group key is different from the first group key and each said different sub-group is different from the first subgroup, and wherein the group security controller and each of the trusted intermediary servers form a logical hierarchy of sub-groups which determine said secure multicast group, with the first sub-group at a top level of said hierarchy and each of the sub-groups associated with a different one of the group security controller and the trusted intermediary servers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 43)
-
-
20. A system for implementing a secure multicast group in a scalable manner, said system including:
-
a group security controller which encrypts data with a first group key and causes the encrypted data to be multicast to a first sub-group; and a number of trusted intermediary servers, wherein each of the trusted intermediary servers can encrypt data with a different group key and cause the differently encrypted data to be multicast to a different sub-group, wherein each said different group key can be different from the first group key and each said different sub-group is different from the first sub-group, and wherein the group security controller and each of the trusted intermediary servers form a logical hierarchy of sub-groups which determine said secure multicast group, with the first sub-group at a top level of said hierarchy and each of the sub-groups associated with a different one of the group security controller and the trusted intermediary servers.
-
-
21. A system for implementing a secure multicast group in a scalable manner, said system including:
-
a security controller which controls access to the secure multicast group; and a sender which communicates with the security controller, and wherein the security controller is programmed with verification software for responding to a message received from the sender by verifying that the sender has permission to send said message to the secure multicast group, wherein upon determining that the sender has said permission, the security controller generates a digital signature and multicasts the message with said digital signature to at least a sub-group of the group. - View Dependent Claims (22, 23, 24)
-
-
25. A system for implementing a secure multicast group in a scalable manner, said system including:
-
a sender; a security controller which controls access to the secure multicast group and communicates with the sender over a secure channel, wherein the security controller is programmed with software for verifying that the sender has permission to send data to the secure multicast group and upon determining that the sender has said permission, for causing the security controller to generate a digitally signed certificate and send said digitally signed certificate to the sender, wherein upon receiving the digitally signed certificate, the sender multicasts data to at least a sub-group of the group with said digitally signed certificate. - View Dependent Claims (26, 27, 28)
-
-
29. A system for implementing a secure multicast group in a scalable manner, said system including:
-
a group security controller; a trusted intermediary server which communicates with the group security controller over a multicast network; and at least a first receiver which communicates with the trusted intermediary server over a second multicast network, wherein the trusted intermediary server is programmed with software for responding to a request from a prospective group member to join the secure multicast group by performing an authorization operation, and upon successful completion of the authorization operation determining a new group key and sending the new group key to the prospective group member and to the first receiver over the second multicast network. - View Dependent Claims (30, 31)
-
-
32. A system for implementing a secure multicast group in a scalable manner, said system including:
-
a group security controller; a first trusted intermediary server which communicates with the group security controller over a first multicast network; a second trusted intermediary server which communicates with the first trusted intermediary server over a second multicast network; and at least a first receiver which communicates with the second trusted intermediary server over a third multicast network, wherein the second trusted intermediary server is programmed with software for responding to a request from a prospective group member to join the secure multicast group by performing an authorization operation, and upon successful completion of the authorization operation determining a new group key and sending the new group key to the prospective group member over a secure channel and to the first receiver over the third multicast network. - View Dependent Claims (33, 34)
-
-
35. A method for implementing a secure multicast group in a scalable manner, said method including the steps of:
-
in response to a request from a prospective group member to join the secure multicast group, operating a first device to perform an authorization operation; upon successful completion of the authorization operation, operating the first device to determine a new group key, and causing the new group key to be sent from the first device to the prospective group member over a unicast communication line and to current members of at least a sub-group of the group over a multicast network; and in response to a request to cause a first current member of the sub-group to leave said sub-group, operating the first device to determine a second new group key, and causing the second new group key to be sent to current members of the sub-group, other than said first current member, over said multicast network. - View Dependent Claims (36)
-
-
37. A method for implementing a secure multicast group in a scalable manner using a system including a group security controller, a first trusted intermediary server which communicates with the group security controller over a first multicast network, a second trusted intermediary server which communicates with the first trusted intermediary server over a second multicast network, and at least a first member which communicates with the second trusted intermediary server over a third multicast network, said method including the steps of:
-
(a) responding to a request from a prospective group member to join the secure multicast group by operating the second trusted intermediary server to perform an authorization operation; and (b) upon successful completion of the authorization operation, determining a new group key and sending the new group key to the prospective group member over a unicast communication line and to the first member over the third multicast network. - View Dependent Claims (38, 39, 40)
-
-
41. A method for adding a new receiver to an existing group of receivers, the group currently receiving data over a multicast network, said data being encrypted with one of a first group key or a third key encrypted with said first group key, and said data being distributed via at least one of a group security controller and a sender, said method comprising the steps of:
-
transmitting a request to join the existing group of receivers by the new receiver to the group security controller; performing an authorization procedure which includes supplying a second group key to the new receiver from the group security controller, said authorization procedure being carried out over a unicast communication line; transmitting the second group key encrypted with the first group key to the existing group of receivers over the multicast network; and transmitting data over the multicast network encrypted with one of the second group key or a fourth key encrypted with said second group key.
-
-
42. A network protocol method for dropping a receiver from a group of receivers, the group currently receiving data over a multicast network encrypted with a first group key, said data being distributed via at least one of a group security controller and a sender, said method comprising the steps of:
-
generating, at the group security controller, a second group key; distributing the second group key to each of the receivers remaining in the group; and transmitting data over the multicast network encrypted with the second group key.
-
Specification