8/3/2019 Igmp-Ac by Pooja
1/21
Introduction to IGMP-AC Protocol
Presented By
POOJA SINGH MNW-137-2K10
DEPARTMENT OF COMPUTER SCIENCEYMCA UNIVERSITY OF SCIENCE & TECHNOLOGY, FARIDABAD
8/3/2019 Igmp-Ac by Pooja
2/21
CONTENTS
8/3/2019 Igmp-Ac by Pooja
3/21
Introduction to Multicast
Why multicast?
When sending same data to multiple receivers
Better bandwidth utilization
Lesser host/router processing
Receivers addresses unknown
Applications
Video/audio conferencing
Resource discovery/service advertisement
Stock distribution
Radio stations
Multi-user games
8/3/2019 Igmp-Ac by Pooja
4/21
IP Multicast Service Model
Internet Protocol (IP) is the primary protocol in the InternetProtocol suite
Responsible for data exchange between two devices
Each multicast group identifiedby a class-D IP address
Members of the group could be present anywhere in theInternet
Members join and leave the groupand indicate this to the routers
Senders and receivers are distinct:i.e., a sender need not be a member
Routers listen to all multicast addressesand use multicast routing
8/3/2019 Igmp-Ac by Pooja
5/21
IP multicast architecture
8/3/2019 Igmp-Ac by Pooja
6/21
What Is IGMP
The Internet Group Management Protocol (IGMP) is acommunications protocol used by hosts and adjacent routers on IPnetworks to establish multicast group memberships.
IGMP performs three main operations
1. Join message.
2. Leave message.
3. A router periodically checks which multicast groups are of
interest to the hosts that are directly connected to thatrouter.
http://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/Host_(network)http://en.wikipedia.org/wiki/Routershttp://en.wikipedia.org/wiki/IP_networkshttp://en.wikipedia.org/wiki/IP_networkshttp://en.wikipedia.org/wiki/IP_networkshttp://en.wikipedia.org/wiki/IP_networkshttp://en.wikipedia.org/wiki/Routershttp://en.wikipedia.org/wiki/Host_(network)http://en.wikipedia.org/wiki/Communications_protocol8/3/2019 Igmp-Ac by Pooja
7/21
Current Situation in IGMP
No mechanism to control user access to multicast traffic.
Any user can join any multicast group
No mechanism to collect user usage information.
Multicast content security is being developed.
Can protect revenue source but , require a new key managementinfrastructure.
Cannot identify dynamically changing group membership.
Non-shared broadband access networks are widely deployed.
Access control is all that is required to protect revenue
8/3/2019 Igmp-Ac by Pooja
8/21
IGMP with Access Control
It has been designed for incorporating AAA functionality inthe existing IP multicast model.
It performs access control of the EUs.
Access control is used to provide Authentication,
Authorization and Accounting (AAA) functionalities for bothsender(s) and receivers of a multicast group.
http://en.wikipedia.org/wiki/AAA_protocolhttp://en.wikipedia.org/wiki/IP_multicasthttp://en.wikipedia.org/wiki/IP_multicasthttp://en.wikipedia.org/wiki/AAA_protocol8/3/2019 Igmp-Ac by Pooja
9/21
AAA Framework
1. AAAS(AAAServer): Attach to the n/w,act as a central respository.
Maintain the database of users profile.
2. NAS(Network Access Server).
Act as a client & communicate with the AAAS using AAAprotocol.
It contain AAA client information.
AAA functionality
AAAcommonly stands for authentication, authorization
and accounting.
It has two component:
http://en.wikipedia.org/wiki/AAA_protocolhttp://en.wikipedia.org/wiki/AAA_protocol8/3/2019 Igmp-Ac by Pooja
10/21
The IGMP-AC protocol architecture
8/3/2019 Igmp-Ac by Pooja
11/21
Essential properties
The end user authentication process should support all sorts ofauthentication
The IGMP-AC will not disrupt the usual function of the IGMPv3
least functionality and minimal workload to the ARs & Hosts.
Assumptions
We have assumed two types of multicast groups:
1. Open Group2. Secured Group
8/3/2019 Igmp-Ac by Pooja
12/21
Authentication protoco(EAP)
we present an authentication framework, the ExtensibleAuthentication Protocol that can be deployed with the IGMP-AC protocol to facilitate the authentication process by addingflexibility.
For Authentication we use EAP(Extensible Authentication
Protocol)
It support Authentication mechanism.
Used b/w Host & Router.
Run b/w EUs & the NAS.
AAAS used as a backend server. The sequence of different messages between the NAS and
the end user, and between the NAS and the AAAS is shownin Figure.
8/3/2019 Igmp-Ac by Pooja
13/21
Extensible Authentication Protocol
Figure:- EAP and Diameter message
8/3/2019 Igmp-Ac by Pooja
14/21
Use of EAP in IGMP-AC
The only issue we have to solve is in the IGMP-AC, a hostcommunicates with the AR (NAS) using the IGMP-AC protocol,whereas in the EAP framework, a host communicates with theNAS using the EAP protocol.
One possible solution is to send the EAP packets inside theIGMP-AC messages
The sequence of the messages is shown in following figure:
8/3/2019 Igmp-Ac by Pooja
15/21
Use of EAP in IGMP -AC
Figure:- EAP Inside IGMP-AC Protocol
8/3/2019 Igmp-Ac by Pooja
16/21
EAP inside IGMP-AC Protocol
An EAP Request is encapsulated inside an auquery message,
An EAP Response is encapsulated inside an areport message.
An EAP Success or Failure is encapsulated inside an aresultmessage.
For N round-trips of the EAP messages, N pairs of (auquery, areport)messages will be exchanged.
8/3/2019 Igmp-Ac by Pooja
17/21
Goals of access control in IGMP
Only an authenticated and authorized EU will be allowed to modifythe reception states of a secured group.
Accounting will be accomplished for every EU, who participates inthe activity of a secured group. It is worthwhile to mention that
access control
8/3/2019 Igmp-Ac by Pooja
18/21
Conclusion
We are not very far from the deployment of IP multicast to delivercontent to the end users on a commercial basis.
It will add minimum workload to the ARs without interfering the
usual operation of the IGMPv3.
EAP is used to provide a flexible authentication framework.
8/3/2019 Igmp-Ac by Pooja
19/21
Future work
In future, we have to develop the incorporation of the EAP protocolwith the IGMP-AC protocol.
Moreover, a policy framework of the AAAS for the IGMP-ACarchitecture must be developed.
8/3/2019 Igmp-Ac by Pooja
20/21
References
[1] Local and Metropolitan Area Networks: Overview and Architecture.Institute of Electrical and Electronics Engineers, IEEE Standard802, 1990. B. Aboba, et al. Extensible Authentication Protocol(EAP).
.[2] T. Hayashi, et al. Internet Group membership Authentication
Protocol (IGAP). Internet Draft, work in progress.
[3 ] B. Hilt and J. Pansiot. Using IGMPv3 to manage multicast access.4th Conference on Security and Network Architectures, Batz surMer, France, June 2005..
[4] C. Metz. AAA Protocols: Authentication, Authorization, andAccounting for the Internet. IEEE Internet Computing, 3(6):7579,December 1999.
8/3/2019 Igmp-Ac by Pooja
21/21
Thank You !