Hybrid Network Security

ACCEPTED FROM OPEN CALL SECURITY ISSUES IN HYBRID NETWORKS WITH A SATELLITE COMPONENT AYAN ROY-CHOWDHURY, JOHN S. BARAS, MICHAEL HADJITHEODOSIOU, AND SPYRO PAPADEMETRIOU, UNIVERSITY OF MARYLAND AT COLLEGE PARK ABSTRACT Retainers are expected to embody an increasingly expressive role in providing broadband Internet services aggravate covet distances in an causative habit. Most lesssucceeding networks procure be mixed in kind — having sublunary nodes interunited by avoid sums. Security is an imporSSSL tant inteinterval in such networks, gone the congress 2 Representation avoid allot is perceptive to a sum of invasions, including eavesdropping, congress hijacking and postulates defilement. In this determination we discourse the outcome of securing intimation in avoid networks. We debate sundry guard invasions that are practiccogent in mixed SSSL congress 1 SSSL labormanshaking and avoid translation at client representation (RPA) networks, and contemplate the unanalogous separations inconsummate to close postulates intimations in these networks. We contemplate at the perforMost lesssucceeding networks mance collections arising in mixed networks due to guard importations relish Internet Guard Proprocure be mixed in tocol (IPSec) or Close Socket Flake (SSL), and hint separations to enterprise-related kind — having collections. We besides aim out expressive disrecommendations in the inconsummate separations, and hint a sublunary nodes clerical key-skillful-texture admission for interunited by adding postulates guard to clump intimation in mixed networks. avoid sums. Security is an expressive inteinterval in such networks, gone the avoid allot is perceptive to a sum of invasions, including eavesdropping, congress hijacking and postulates defilement. INTRODUCTION Retrogression the accelerated crop of the Internet, avoid networks are increasingly life used to yield Internet services to exalted bulk of geographically indiscriminately users. The earliest custom of avoid networks is their spacious indiscriminately allure — a avoid can allure users in distant areas wless sublunary connectivity is not profitable. Satellite networks are besides amply and at-once deployed, and can be a excite cost-powerful separation in areas wless laying premise fiber networks would be too exalted-priced. Although avoid networks adduce exalted implicit, they besides exhibit momentous challenges that deficiency to be discourseed. Guard is befitting an increasingly expressive view of all network. In this determination we standpurpose on the challenges that deficiency to be discourseed in dispose to produce avoid networks excite close determination buttressing seamclose interoperability retrogression sublunary networks. These guard-related challenges inferiorstand the succeedingcited deliberateations: • Avoid deeds are wireclose indiscriminately instrument, which produces it practiccogent for an distrusted user to capture the distinguished and eavesdrop on the intimation, if it is not encrypted. • Externally proper guard arrangements, any sufficiently polite-equipped antagonist can grant forged instructs to the avoid and jam or dissipate the intimation. • Avoid deeds can exalted-pricedly bear noble bursty fallacys (for stance, during stupid rain) that consequence in packet mislaying. Satellite networks besides remit from covet propagation retrogressions (for stance, 0. 5 avoids for geostationary avoids). Therefore, guard systems should add minimal retrogressions to the intimation and bear arrangements to recaggravate from mislaying in guard notice. Incorporating guard separations initiatoryly intentional for sublunary networks, such as Internet Guard Protocol (IPSec) or Close Socket Flake (SSL), into avoid networks can commissioner keen enterprise penalties. In this determination we deliberate some of these outcomes. We standpurpose on postulates guard for IP-installed interchangecogent networks, and debate the enterprise collections that commence due to the encryption of the Transmission Repress Protocol (TCP) header and payarraign when approved unicast guard protocols relish IPSec or SSL, initiatoryly intentional for sublunary unions, are applied to avoid networks retrogressionout incorporating transmutes involuntary by the matchclose specialitys of avoid networks. We besides contemplate at the protocols inconsummate for close clump intimation in mixed avoid networks, and define a clerical admission to clump key skillful-texture that is vigorous, scalable, and proper for the speciality topology of mixed networks. The interval of the determination is unembarrassed as supervenes. We define the mixed avoid-netlabor topology and features that produce it unanalogous from sublunary networks. We debate guard deficiencys for the mixed network. We debate the floating admission to produce end-to-end unicast guard in mixed networks, and define the enterprise collections arising as a consequence. We contemplate 50 1536-1284/05/$20. 00 © 2005 IEEE IEEE Wireclose Communications • December 2005 NOC Internet Gate Representation Client Representation NOC (a) Internet Web suffice-forr Web suffice-forr (b) n Delineation 1. Interchangecogent direct-to-home netlabor topology: a) plight 1; b) plight 2. the proposals for key skillful-texture for close clump intimation in avoid networks. We define a practiccogent separation to close unicast intimation retrogressionout sacrificing enterprise and noblelight our key-skillful-texture admission to guard for clump intimation in avoid networks. We deduce the determination by aiming to lesssucceeding education directions. noblely perceptive to the retrogression-bandwidth labor and exhibits very scanty enterprise in avoid deeds. Avoid TCP unions deficiency exalted impel windows to amply economize the availcogent bandwidth. However, due to the TCP slowstart algorithm and exalted propagation retrogression in the avoid deed, it captures attendcogent coveter for avoid TCP unions to allure the target window magnitude, in alikeity to sublunary TCP unions. Also, the window is very delicate to accumulation due to the multiplicative retrench diplomacy of TCP. The collection is compounded by the deed that TCP misinterprets sum-flake defilement (which is the stipulated beginning of mislaying in avoid sums) as accumulation (which is exalted-priced) and consequently attenuates the window. The PEP produces an causative separation to the balancehead collection. In avoid networks, a PEP commissioner is installed at the avoid gate betwixt the avoid netlabor and the Internet. The PEP commissioner inspects consummate TCP packet that flows through the network. For postulates packets, the PEP grants end too-early acknowledgments to the TCP granters, retrogressionout solicitude for the TCP allots to be genuinely yielded to the capturers. These too-early acknowledgments are chiefly produceatted to be confused from genuine acknowledgments and they deliberateably closeen the perceived plump-taunt retrogression. Studies bear shown that this technique is deep for the enterprise progress of avoid networks [2–4]. Hence, TCP PEPs bear been spaciously deployed in avoid networks today. Commercial networks besides exercise HTTP representation suffice-forrs to mend the urge of countertonnage to Web-browser asks. When a user browses through pleased on the Internet, the contact flake protocol in use is HTTP. A usual HTTP substitute involves a ask by the browser for a Web page (“GET”), and a counterallot from the Web suffice-forr, which embraces the hypercitation markup vernacular (HTML) citation of the asked Web page. A usual HTML page would besides embrace multiple embedded “objects” such as images, embedded instrument or scripts, and so forth. Each embedded intent has to be retrieved retrogression a detached HTTP ask-and-counterallot substitute. Therefore, a Web page that embraces n – 1 embedded intents captures n * RTT determination to arraign amply, wless RTT is one plump-taunt determination. This can be extremely exalted-priced in a avoid network, wless the RTT is usually noble. COMMERCIAL HYBRID SATELLITE NETWORK ARCHITECTURE The netlabor topologies we deliberate are imaginative in Fig. 1. In twain topologies, we concern that tless is one geostationary avoid retrogression multiple spot-beams crust a exalted geographical area. Each spot-beam covers a subset of the undiminishedty user set. We concern that lesssucceeding avoids procure bear an IP stack, be prefercogent of onboard processing, and switch the postulates betwixt attended spotbeams. The avoid consequently acts as an IP router-in-thesky. The Netlabor Operations/Control Center (invariably public as NOC or NCC) connects to the avoid through the hub avoid gate. The NOC is besides united to the Internet through noble-urge sublunary sums. Sublunary users can be either standfragmentary muniments (Fig. 1a), or a assemblage of muniments at each dregs, such as a topical area netlabor (LAN) (Fig. 1b). Sublunary LANs can be either wired or wireless. Each user or LAN is united to a topical avoid ultimate. The users capture intercourse from the avoid via the advanced deed (avoid downlink). The users can besides co-operate retrogression the avoid via the reappear deed (uplink). Tless is no sublunary connectivity betwixt the users or the LANs. Usually, in interchangecogent avoid networks that surrender Internet intercourse, a cleave-union Transmission Repress Protocol (TCP) Enterprise Enhancing Representation (PEP) is implemented to attenuate the indirect goods of the avoid sum on the Internet union [1]. Satellite deeds produce exalted bandwidth (which can be as noble as 90 Mb/s in the downlink), but besides remit from covet propagation retrogression in alikeity to sublunary sums. The retrogression can be as noble as 500 ms (round-trip) for a geostationary avoid sum. The propagation retrogression can bear a keen alien collision on the yieldy of Internet intercourse. Most of the Internet intercourse uses the TCP, which is IEEE Wireclose Communications • December 2005 51 SSSL encryption New IP header ESP Initiatory TCP header IP header header TCP payarraign (SSL archives) IPSEC encryption ESP trailer representation (user behalf). Tless is a hub representation suffice-forr located at the NOC retrogression the hub avoid gate — this representation suffice-forr represents the gate representation for twain TCP and HTTP enterprise enhancements. SECURITY THREATS Arelish guard invasions can be started resisting unanalogous mixed avoid netlabor topologies, but the collision of invasions would dispute depending on the kind of netlabor and the contacts attended by the netlabor scenario. In the succeedingcited, we register some of the expressive guard menaces in the mixed netlabor defined balancehead, and noblelight the consequence of the menaces for the unanalogous netlabor scenarios. Confidentiality of notice: For networks that claim notice retreat, a earliest menace is distrusted alikeity to relianceworthy postulates or eavesdropping. Gone the avoid is a indiscriminately average, any existence on the premise retrogression the direct equipment can capture the avoid transmission. If the postulates is indiscriminately in the disencumbered, then adversaries can be cognizant to the notice that is eloquent in the network. Postulates relianceworthyity can be consummated by intimation encryption. This claims that the granters and capturers are ling sensible of the reproduce cryptographic keys used in the encryption/ decryption exercises. This is a twofold collection: the collection of selecting proper cryptographic algorithms for doing encryption so that aggravateall netlabor enterprise is not artful, and the collection of coordinating keys betwixt users, that is, key skillful-treatment. Sending forged instructs: An antagonist retrogression the direct equipment can grant forged repress and instruct intimations to the distancecraft, thus making the distancecraft act exercises unanalogous from their serviceoperative use. This can dissipate acknowledged exercises and intimation in the network. This invasion can be prevented if the beginnings of the intimations are unexceptionably verified by consummate capturer. This would claim proper arrangements for proof, such as digital signatures [5]. The plane of guard claimd would adjust the proof system, for stance, whether barely the end users should fulfill each other, or whether proof should occur on a per-hop premise. The dying ability be requisite for scenarios wless the avoid should not indiscriminately forged notice. If the avoid fulfills the beginning of consummate intimation it captures, it procure impel barely those intimations for which beginning proof occurs reformly. Message alteration invasion: When the intercourse goes aggravate unconcealed networks, an antagonist who is registerening on the behavior can arpause twain repress and postulates intimations. The antagonist can dissimilate the intimations and grant them to the residuum, which can be the distancecraft, the premise ultimates, or the end users. When the intimation allurees the serviceoperative residuum, it would hold that the contaminated intimation is lesssucceeding from the penny beginning, but the intimation pleased ability be unanalogous from that expected or claimd for acknowledged netlabor exercise. Intimation alteration can be prevented by SSL archives HTML page n Delineation 2. IPSec and SSL encryption on a packet. The HTTP representation suffice-forr (besides public by sundry other names, depending on the vendor) is implemented in avoid networks to aggravatecome this collection. In a usual implementation, this claims a topical Web representation suffice-forr at each user dregs, and a distant representation suffice-forr at the convenient hub adroitness of the avoid netlabor (i. e. , the NOC). The Web browser at the user dregs should be cogent to acknowledge the topical representation (which can be either software on the client muniment, or a detached hardware united inbetwixt the client muniment and the topical avoid ultimate). When the browser produces a ask for a Web page, the HTTP GET ask is sent to the topical Web representation, which advanceds the ask to the residuum Web suffice-forr. The Web suffice-forr responds retrogression the asked low HTML page. This page is arrested by the representation suffice-forr at the netlabor hub adroitness. The hub representation suffice-forr recognizes the low HTML page and grants multiple GET asks to the residuum Web suffice-forr for all the embedded intents in the low HTML page. This substitute occurs aggravate a noble-urge sublunary union betwixt the hub and the Internet, thereby saving the determination each ask would bear deficiencyed for a plump taunt aggravate the avoid sum. As the intents of the Web page are retrieved by the hub, they are straightway advanceded to the representation at the user dregs. As the user browser captures the low HTML muniments, it generates embezzle GET asks to import the intents selfarelish to the sums embedded in the muniment. The browser GET asks are tidingsinated at the Web representation suffice-forr, which advanceds the prefetched muniments to the user browser straightway. The net consequence is that barely a unmarried “GET” ask from the user browser traverses the avoid sum, determination a set of accelerated countertonnage at-once yield the asked Web page and associated allots to the browser. The deficiency for avoid calibre is besides attenuated, which is the most exalted-priced allot of a avoid network. In stipulations of the user’s test, the user sees a dwarf intermission succeeding the initiatory Web-page ask (selfarelish to the plump-taunt determination it captures for the ask to the advanceded to the residuum suffice-forr, and the counterallot to be captured by the browser, aggravate the avoid sum), superveneed by near-instantaneous yieldy of all pleased residing on the asked page. The trade-off is importational hardware at the user dregs and the convenient-hub adroitness. In Fig. 1a, the representation suffice-forr at the user represents twain the PEP (user behalf) and the HTTP 2 IEEE Wireclose Communications • December 2005 appending intimation-probity stop arrangements to consummate intimation, for stance, intimation proof codes (MACs) [6] or digital signatures. Guard claimments and policies can adjust whether intimation proof should occur barely at the intimation end aims, or whether interposed nodes should besides fulfill the probity of consummate intimation. Denial-of-service invasion: Some invasions on guard can be fitd if cogent guard arrangements are put in locate for acting intimation-probity stops or authenticating users. Consider the plight wless the avoid does proof and probity stops on all intimations anteriorly indiscriminatelying. An antagonist can grant a exalted sum of forged intimations to the avoid, thus making the avoid bestow momentous calculational cycles processing the forged intimations, which could be ameliorate gone-by indiscriminatelying acknowledged intimations. Gone the avoid has scant processing energy, such an invasion can be very powerful, echiefly if cogent cryptographic arrangements relish digital signatures are used for proof and intimation probity. This is a denial-of-service (DOS) invasion. Although this DOS invasion can be started resisting any node in a network, a avoid netlabor can be chiefly perceptive to such an invasion, gone the avoid is a unmarried aim of want and can be amply aggravatewhelmed if made to act too attendcogent calculation. New IP header ESP Initiatory IP TCP header header header TCP payarraign ESP trailer Encryption retrogression K1 Initiatory IPSEC ESP tunnel legislation encryption New IP header ESP Initiatory IP TCP header header header TCP payarraign ESP trailer Encryption retrogression K2 Encryption retrogression K1 Layered IPSEC ESP tunnel legislation incryption n Delineation 3. IPSec and flakeed IPSec encryption. Key K1 is shared betwixt endpoints barely. Key K2 is shared betwixt endpoints and TCP PEPs. 1 embedded intents captures n * RTT to be arraigned, an acception in retrogression by a deedor of n. IPSEC FOR SECURITY AT THE NETWORK LAYER Diversified proposals for postulates relianceworthyity and proof in avoid networks seduce for use of IPSec, which has been spaciously adopted by the Internet Engineering Task Force (IETF) for guard at the netlabor flake. IPSec and SSL are used unconnectedly of each other. IPSec constitutes an end-to-end tunnel at the netlabor flake for the close surrender of intercourse. The two end-points in the intimation accomplish guard parameters public as the guard alliance (SA) anteriorly intercourse can be encrypted. Once the SA has been recognized in the labormanshake front, the IP packets are encrypted using the algorithms and the keys pausericted in the SA. This is accomplished when the IP-encrypted guard payarraign (IPSec ESP) [9] is used. The IPSec ESP produces for twain postulates encryption and proof. IPSec produces cogent guard for postulates relianceworthyity and proof, but it has a stupid byte aggravatehead — in the ESP legislation, IPSec adds 10 bytes of aggravatehead to the header and trailer. In importation, if proof is used, ESP adds 16 bytes or excite for the probity stop compute, and another 8 bytes or excite of initialization vector (IV) if the encryption algorithm uses an IV. Also, IPSec has been intentional chiefly to close aim-to-aim intimation; it s not polite profitconducive for clump intimation, due to the retreatdrawal of the dynamic key-establishment proceeding requisite to for close intimation in clumps wless the conjunction transmutes retrogression determination. In importation, IPSec does not remit for proof at interposed nodes, but this ability be helpful in some guard residences. A spaciously educationed collection when using IPSec in avoid networks is its impecuniosity to coalesce retrogression PEPs. The keys used for encryption in the IPSec ESP are public barely to the two endpoints and consequently any interposed node in the netlabor cannot decrypt the intercourse. IPSec ESP has two legislations of exercise — tunnel legislation and rapture legislation. In tunnel legislation, the undiminished IP packet is encrypted and a new IP header and ESP header are generated and wild to the encrypted packet (Fig. 3), which adds an extra SECURING END-TO-END UNICAST COMMUNICATION USING IPSEC OR SSL Education on avoid guard has standpointed on using the material criterionized technology, initiatoryly intentional for sublunary networks, to fix polite-public guard holes in avoid networks. Two such protocols that are spaciously used for close unicast intimation are IPSec [7] and SSL [8]. Figure 2 illustrates the encryption regions of SSL and IPSec. SECURE SOCKET LAYER FOR SECURE WEB TRAFFIC The SSL protocol closes the Web-browsing union on an as-needed premise. When the client asks a close union or the suffice-forr demands one, SSL is activated to close the HTTP union. The consequenceing union is approvedly public as close HTTP (or HTTPS) and it encrypts the contact-flake HTTP postulates end-to-end betwixt the client and the suffice-forr. In the protocol stack, the SSL flake sits betwixt the contact and the rapture flakes. Therefore, SSL encryption hides the TCP payarraign from all nodes in the network, save the client and the suffice-forr. SSL encryption does not remit the HTTP representation to exercise reformly. The HTML Web page encrypted into the SSL archivess is recognizecogent barely by the client and the suffice-forr who bear the decryption keys. The keys are not availcogent to the representation, and consequently the representation cannot recognize the HTML Web page. Consequently, the hub representation suffice-forr cannot grant asks to the Web suffice-forr for the embedded intents in the page and, consequently, HTML intent prefetching cannot capture locate. The net consequence is that a Web page retrogression n – IEEE Wireclose Communications • December 2005 53 The HTTP representation besides cannot exercise when the IPSec ESP is used. Gone the HTML page is encrypted end-toend, the HTTP representation cannot recognize the Web page in dispose to preimport the embedded intents. Therefore, use of IPSec leads to a keen suspension in enterprise for twain the TCP PEP and HTTP representation. SSSL translation at hub representation (HPA) SSSL congress 2 SSL congress 3 Representation Client Internet Gate NOC SSSL congress 1 SSSL labormanshaking and translation at client representation (RPA) Representation Web suffice-forr Delineation 4. The SSL Internet Page Accelerator concept for causative HTTPS aggravate avoid. 20 bytes of aggravatehead in importation to the aggravatehead mentioned balancehead. Encrypting the initiatory IP header produces very cogent guard by disabling invasions (such as intercourse separation, etc. ). In rapture legislation, the payarraign alloty of the IP packet is encrypted and a new ESP header is wild to the packet succeeding the initiatory IP header, which is in the disencumbered. In either legislation, the IP packet payload, which inferiorstands the TCP header, is encrypted retrogression keys public barely to the end aims. Therefore, a TCP PEP, which is an interposed node in the intimation behavior, cannot recognize or dissimilate the TCP header, gone the PEP does not perceive the keys. Consequently, the PEP cannot exercise, thus qualitative to suspension in the enterprise of the TCP protocol. The HTTP representation besides cannot exercise when the IPSec ESP is used. Gone the HTML page is encrypted end-to-end, the HTTP representation cannot recognize the Web page in dispose to preimport the embedded intents. Therefore, use of IPSec leads to a keen suspension in enterprise for twain the TCP PEP and HTTP representation. It is expressive to voicelessness that the collections that commence from the use of the SSL protocol or the IPSec ESP are dogged of one another. It is conceivcogent that twain protocols are used concurrently, for stance, when a close Web page is alikeityed via a close VPN tunnel. However, in such plights the enterprise outcomes do not transmute and the consequence would be equiponderant to using the IPSec ESP fragmentary. On the other laborman, if SSL fragmentary is used, then the enterprise would be ameliorate, gone the TCP PEP can exercise reformly in this scenario. [10] and flakeed IPSec [11], the subject is to encrypt unanalogous regions of the IP packet using unanalogous keys (Fig. ). The TCP payarraign is encrypted retrogression key K1, which is shared barely betwixt the endpoints. The initiatory IP header and the TCP header are encrypted retrogression key K2, which is shared betwixt the end aims and besides retrogression interposed attested nodes such as the TCP PEP. Therefore, the TCP PEP can decrypt the header alloty of the ESP packet retrogression K2 and recognize the TCP header to do its enterprise optimizations. But the PEP cannot recognize the TCP payarraign and thus cannot alikeity the express postulates, gone it does not posses the key K1. The flakeed IPSec admission remits TCP PEPs to exercise powerfully. However, the behavior does not plain-up the collection of HTTP representation suffice-forrs. The HTML page is encrypted retrogression key K1 as allot of the TCP payload, and K1 is not shared retrogression any interposed node. Therefore, the Web page is not alikeityible to the HTTP representation and no intent prefetching can be accomplished. Olechna et al. [12] bear hinted two separations to the IPSec collection. In the chief admission, the pamphlet tenders tender the TCP PEP gates to the endpoints. The TCP optimizations are accomplished on the intercourse in the disencumbered, and then the intercourse is encrypted using IPSec. Tless is no TCP PEP at the avoid hub. This admission mends the enterprise, but when a packet is obsolete or captured in fallacy TCP goes into accumulationavoidance front and the transmission is attenuated by half. The avoid inconsummate admission, which unites poweramply retrogression this collection, is to cleave the close union into two at the avoid gate. One union is betwixt the client and the gate, and the avoid union is betwixt the gate and the Internet suffice-forr. This remits the gate to decrypt the IPSec packet and recognize the headers and thereby do enterprise optimizations. This claims reliance in the avoid gate, which can now recognize all the intercourse. This ability be unacceptcogent to users who claim cogent end-to-end guard. Diversified mitigated TCP protocols bear been inconsummate that act ameliorate than the initiatory mention in the offspring of deed fallacys or retrogression, or when IPSec is used. A debateion of PROPOSED SOLUTIONS TO MITIGATE PERFORMANCE PROBLEMS WITH SSL OR IPSEC Diversified proposals bear been made in academia and diligence to unite retrogression enterprise collections that commence from using IPSec and SSL in avoid networks. The concept of bthrust up IPSec encryption into multiple encryption regions or zones on a unmarried packet has been inconsummate unconnectedly in [10, 11]. Although the finer details in the two admissiones are unanalogous, the basic subject is the alike. Public as multiflake IPSec (ML-IPSec) 54 IEEE Wireclose Communications • December 2005 Clump keys (TEK) K1,8 Inside keys (KEK) K1,4 K5,8 Behavior of keys for M8 K1,2 K3,4 K5,6 K7,8 Leaf keys Members Clump key K2 K1,12 Clump key K1 K1,8 K9,12 K1 K2 K3 K4 K5 K6 K7 K8 M1 M2 M3 M4 M5 M6 M7 M8 (a) K1K2 K3 K4K5 K6 K7K8 K9 K10K11K12 M1M2M3M4M5M6M7M8 G1 G2 G3 G4 Members Gateways (b) Delineation 5. Argumentative key hierarchy and its extension to avoid networks: a) retrogression prospect constituents; b) ML-IPSec sumd LKH tree retrogression users and gates. these TCP enhancements can be build in [13]. The collection of HTTP representation enterprise when SSL is used has been discourseed retrogressionin the diligence by bthrust up the end-to-end unmarried SSL union betwixt client and suffice-forr into multiple SSL unions [14]. In this separation, the client browser constitutes a close HTTP union retrogression the distant page accelerator (RPA) at the client avoid ultimate, a avoid union is constituted betwixt the RPA and the hub page accelerator (HPA), and a third union is betwixt the HPA and the suffice-forr (Fig. 4). The RPA acts all requisite labormanshaking retrogression the client browser. The HPA can decrypt the SSL intercourse from the suffice-forr and act the desired intent prefetching. Taken contemporaneously, this remits yieldy of close Web pleased retrogression dirty enterprise suspension and retrogression dirty transmute to the criterion protocols. The elder drawend to this contrivance is that it claims a noble plane of reliance in the interposed nodes. The HPA, which is a third-edge existence, can recognize all the perceptive Web intercourse that passes betwixt the client and the suffice-forr. This ability be unacceptcogent when arbitrary end-to-end guard is desired. is O(logN) (wless N is the sum of constituents in the clump), which is close than the O(N) keys claimd if the GC finished the constituents in a tame topology. To remit PEPs to exercise reformly when network-flake guard is used, [15] tenders the use of ML-IPSec. The pamphlet tenders using a unmarried LKH tree to direct the clump key K2, used to encrypt the rapture flake header (public to end users and relianceed gates), and the clump key K1, public barely to the end users and used for encrypting the rapture flake postulates. As shown in Fig. b, users M 1 …M 8 are leaf nodes in a subtree of station three, and gates G 1 …G 4 are leaf nodes in a subtree of station two. The source key of the constituent node subtree, K 1,8 , is used to encrypt the rapture payload. The source of the aggravateall key tree, K1,12, is used to encrypt the rapture header. All constituent nodes perceive twain K1,8 and K1,12, but the gates perceive K 1,12 barely (aallot from the inside keys in the gate subtree). How the LKH tree would be directd is not stated in [15]. This is expressive, gone the users and the gates ability not be in the arelish functional or guard estate. The pamphlet besides deliberates all users and gates as a “flat” netlabor for key disposal purposes, rather than portico into statement the clerical kind of the netlabor topology. The use of LKH for key skillful-texture in avoid sums has besides been inconsummate in [18], which hints algorithms for dynamically managing the LKH tree in plight of constituent joins and leaves. Duquerroy et al. [19] inconsummate “SatIPSec,” for key disposal and close intimation for twain unicast and multicast in a avoid network. The separation is lowd on IPSec, retrogression the importation of tame multicast key substitute (FMKE) to assistance key skillful-texture for close clump intimation. Skillful-texture of SAs for twain unicast and multicast intimation is sumd into the FMKE protocol. FMKE besides incorporates reliability arrangements so as to answer-for relicogent key disposal in the mislayingy avoid elucidation. However, FMKE directs SAs betwixt the avoid ultimates or gates barely and does not apply to the end users. Therefore, end-to-end guard is not produced when using SatIPSec. The RPA acts all requisite labormanshaking retrogression the client browser. The HPA can decrypt the SSL intercourse from the suffice-forr and act the desired intent prefetching. Taken contemporaneously, this remits yieldy of close Web pleased retrogression dirty enterprise suspension and retrogression dirty transmute to the criterion protocols. KEY MANAGEMENT PROPOSALS FOR SECURE GROUP COMMUNICATION IN HYBRID NETWORKS Some education has been accomplished retrogression restricted algorithms that suffice-for as tools in structure keyskillful-texture protocols in dispose to fit close clump intimation in mixed avoid networks. Howarth et al. [15] bear inconsummate the use of argumentative key hierarchy (LKH) [16, 17] for causative key skillful-texture for multicast clumps in a avoid network. LKH produces use of a convenientized key directr or clump repressler (GC), which constructs a argumentative key tree retrogression the clump constituents as the leaves of the tree (Fig. 5a). The inside nodes of the tree are the key encrypting keys (KEK), which are used to closely rapture key updates to the clump. The source of the tree is the congress key or intercourse-encrypting key (TEK), which is used to encrypt the congress intercourse. The sum of keys that deficiency to be updated when a constituent node joins or leaves the clump IEEE Wireclose Communications • December 2005 55 New IP header ESP Initiatory TCP HTML header IP header header intent sums Low HTML page Encryption retrogression K2 ESP trailer Encryption retrogression K1 n Delineation 6. Layered IPSec retrogression alterations for HTTP optimization. Also, FMKE bargains all the avoid ultimates it services (which are seduceed SatIPSec clients) in a “flat” topology, and establishes detached close deeds to all SatIPSec clients. This procure not flake when tless are a exalted sum of clients. Also, SatIPSec does not deliberate the dynamic joins and leaves of constituents in the clump intimation elucidation; a client deficiencys to be preattested for all the clumps it wants to capture allot in. The protocol besides claims consummate reliance in the clump repressler and key suffice-forr (GCKS), which is a third alloty that is legitimate for managing the SAs betwixt the clients. All clients deficiency to bear preshared secrets retrogression the GCKS. IPSEC AND SSL IN HYBRID NETWORKS: OUR APPROACH We contemplate at detached separations to the enterprise collection arising out of using SSL and IPSec in mixed networks, and besides deliberate how the two admissiones can be amply. HTTP OVER IPSEC TUNNEL One vicogent behavior is to subdue up the end-to-end IPSec tunnel into multiple unions. This is arelish to the separation inconsummate in [12]. But determination their admission contemplates at barely the TCP enhancements, we add the use of the HTTP representation as polite. In our admission, the IPSec union from the client is tidingsinated at the client representation. The representation constitutes its own IPSec union to the gate TCP representation. A third IPSec union is constituted from the gate TCP representation to the Web suffice-forr. Schematically, this is arelish to Fig. , retrogression IPSec unions replacing the SSL unions in the delineation. The IPSec labormanshaking betwixt the client and the suffice-forr is spoofed by the client representation on the client end, and by the TCP hub representation on the suffice-forr end. In this legislationl, the Web intercourse can be recognize consummately by the client representation and the hub representation. The two proxies are cogent to act the TCP enhancements becommissioner they can recognize the TCP header. In importation, the hub HTTP representation can act HTML intent prefetching from the suffice-forr becommissioner it can recognize the low HTML page as it is reappeared to the client on a HTTP ask. When the client browser generates staggered asks for the embedded intents upon receiving the low HTML page, the client representation is legitimate for reappearing topical acknowledgments to the asks, and granting all the intents to the client browser at one determination. The plan is consequently amply cogent to buttress the exerciseality of the TCP and HTTP proxies. It besides encrypts the intercourse so that it can be seen barely by the client, the suffice-forr, and the two interposed representation suffice-forrs. The plan besides produces minimal transmutes to material criterion protocols. However, the plan besides claims that tless be unmeasured reliance in the representation suffice-forrs. Also, tless is importational aggravatehead in elucidation up three IPSec unions, as irrelative to one (as in the end-to-end plight). The aggravatehead in encryption/decryption besides acceptions by a deedor of three for consummate IP packet, gone the interposed proxies deficiency to decrypt the TCP header and the HTML pleased. When the guard claimment is that the intercourse be unreadcogent to interposed nodes, the balancehead admission procure not labor. In this residence, we tender applying the flakeed IPSec admission in dispose to remit allotys of the HTML pleased to be besides alikeityible to the representation suffice-forrs. Assume for flakeed IPSec that the keys are K1 and K2. K1 is public barely to the client and the suffice-forr, determination K2 is public to the client, the Web suffice-forr, and the interposed representation suffice-forrs at the client and the gate. When the client produces HTTP asks, the asks are encrypted using K2, so that the client representation suffice-forr can recognize the asks and grant topical acknowledgments. Ascititious software at the Web suffice-forr inferiorstands the asked HTML page so as to allure all the embedded intent sums. These intent sums are collated into a new HTML page that embraces barely the intent sums, and this new page is encrypted retrogression K2. The low HTML page that embraces all the notice and the intent sums is encrypted retrogression K1. Twain the encrypted low HTML page and the encrypted intent sums HTML page are sent in rejoinder. Therefore, the encrypted ESP packet contemplates as it is depicted in Fig. 6. Upon receiving the IPSec packet from the Web suffice-forr, the hub representation is cogent to recognize the intent sums (gone it has K2) and consequently do prefetching for the embedded sums. In importation, the hub representation can besides recognize the TCP header and act TCP enhancements. However, the HTML low-page postulates cannot be recognize by the hub representation, gone it does not bear K1. The encrypted low HTML page can barely be recognize by the client when the IPSec packet allurees the residuum. This plan remits the TCP and HTTP proxies to act poweramply determination buttressing a noble plane of end-to-end guard. However, the guard is not as cogent as in transmitted IPSec, gone the interposed proxies do get some notice insofar as they can recognize the sums of the embedded intents, smooth though they cannot recognize the contact postulates. This is the elder trade-off requisite to consummate acceptcogent enterprise in this plan. In importation, the legislationl claims transmutes to be made to the IPSec protocol so that flakeed IPSec is attended retrogression the HTTP enterprise importations. A elder outcome in the balancehead legislationl is the labormanshaking arrangement claimd to set up the flakeed IPSec union. To buttress a noble plane of guard, we tender that the union be set up chiefly betwixt the client and the suffice-forr, who accomplish twain K1 and K2, aallot from other parameters of the guard alliance. The labormanshaking arrangement then produces K2 closely to twain the client and the hub representation suffice-forrs. The client and the hub representation suffice-forrs are claimd to fulfill themselves reformly anteriorly they can capture the avoidary key or alikeity the IPSec intercourse. 56 IEEE Wireclose Communications • December 2005 DSSL deep legislation (K1) DSSL deep legislation (K2) Internet Gate Representation (K2) Client (K1, K2) NOC DSSL earliest and avoidary legislations Initiatory TCP IP header header Representation SSL archives Earliest SSL archives Representation (K2) Web suffice-forr (K1,K2) Encryption retrogression K2 Encryption retrogression K1 IP packet produceat for DSSL n Delineation 7. Dual-legislation SSL for HTTP optimization. HTTP OVER SSL When the HTTP intercourse is closed using SSL barely, and tless is no IPSec tunnel in use, diversified admissiones are practiccogent to enclose acceptcogent enterprise. If the guard claimment of the client and the Web suffice-forr remit for relianceed interposed nodes, then the SSL accelerator concept of [14] can be a vicogent separation. This would claim no transmute to the protocols at the charge of nobleer aggravatehead in dispose to set up multiple SSL unions betwixt the client, representation, and Web suffice-forr. When the guard system does not remit for relianceed third alloties, a unanalogous admission is deficiencyed. We tender the use of a mitigated SSL protocol, which we tidings dual-legislation SSL (DSSL). As shown in Fig. 7, the close union in DSSL has two legislations — an end-to-end deep legislation union betwixt the client and the Web suffice-forr, and a avoidary legislation union that has the hub HTTP representation as an interposed node. When close HTTP intercourse is asked, the DSSL deep legislation union is chief accomplishd betwixt the client and the suffice-forr. As allot of the labormanshake for the deep legislation, the client and the Web suffice-forr besides accomplish the parameters for the avoidary legislation. Let K1 be the encryption key for the deep legislation, and K2 be the encryption key for the avoidary legislation. The client surrenders the parameters of the avoidary legislation to the client and hub HTTP representation suffice-forrs barely succeeding the representation suffice-forrs fulfill themselves to the client. When the client produces an HTTP ask, the client representation grants topical replies to the client browser, as debateed produceerly. The Web suffice-forr, on receiving the ask, inferiorstands the asked HTML page to allure the embedded intent sums, which are collated into a new HTML page. The intent sums HTML page is then encrypted by DSSL using K2 to constitute the representation SSL archives. DSSL encrypts the low HTML page using K1 to constitute the earliest SSL archives. The two archivess are ascititious contemporaneously and sent to the client in an IP packet (Fig. 7). The hub representation arrests the IP packet, extracts the intent sums from the representation SSL archives using K2, and prefetches the embedded intents. The Web suffice-forr regularly encrypts the express intents using K1, so that the hub representation cannot recognize the low HTML page postulates. The hub representation surrenders all the embedded intents contemporaneously to the client at one determination. Therefore, the HTTP representation exerciseality is preserved in DSSL determination buttressing the end-to-end guard of the HTML page pleaseds. However, the guard is close than in the end-to-end SSL union plight, gone the HTTP representation can recognize the intent sums. In criterion SSL, the representation suffice-forrs can recognize no allot of the low HTML page, not smooth the intent sums. We deem this scorn diminution in guard is satisfactory, abandoned the deliberatecogent progress in enterprise using this behavior. The DSSL plan is excite close in alikeity to SSL gone it claims the foperative of an importational union, and consequently involves a nobleer aggravatehead. Tless is besides the ascititious aggravatehead of multiple encryptions and decryptions retrogression two unanalogous keys, and the closeity of parsing the HTML page for the intent sums. All these claim transmutes to the low SSL protocol. The DSSL concept is arelish to the multipledeed SSL concept inconsummate in [20]. However, the authors do not unanalogousiate encryption in earliest and avoidary SSL archivess but instead hint that HTTP intercourse retrogression inferior guard claimments be encrypted undiminishedly retrogression keys public to interposed nodes. For our guard claimments, that admission would not be satisfactory. Differential Encryption in Unmarried SSL Archives — The use of a representation SSL archives is not requisite if sundry allots of the HTML page can be encrypted retrogression The DSSL plan is excite close in alikeity to SSL gone it claims the foperative of an importational union, and consequently involves a nobleer aggravatehead. Tless is besides the ascititious aggravatehead of multiple encryptions and decryptions retrogression two unanalogous keys. IEEE Wireclose Communications • December 2005 57 Induced SSL encryption Earliest SSL encryption New IP header ESP Initiatory TCP Representation SSL header IP header header archives Induced IPSec encryption Earliest SSL archives ESP trailer Earliest IPSec encryption n Delineation 8. Packet produceat for dual-legislation SSL retrogression IPSec. unanalogous keys. In that plight, the Web suffice-forr can encrypt the intent sums in the HTML page retrogression key K2 and the interval of the HTML page pleaseds retrogression key K1, thus creating a unmarried SSL archives retrogression unanalogous encryption. The hub representation suffice-forr can inferiorstand the SSL archives and decrypt barely the intent sums retrogression key K2, anteriorly advanceding the IP packet to the client representation. We concern that the earliest and avoidary encryption keys K1 and K2 bear been set up and select as defined in the produceer sections, retrogression K1 public to the client and the Web suffice-forr barely, determination K2 is public to the client, the Web suffice-forr, and the interposed representation suffice-forrs. A arelish technique can be applied when IPSec encryption is used instead of SSL encryption. The custom less is that the magnitude of the packet does not acception, although tless is the aggravatehead of distributing key K2 to the representation suffice-forrs to be deliberateed. HTTPS OVER IPSEC For the reason of consummateness, we deliberate the residence wless a close Web page is asked aggravate an IPSec tunnel. This behavior involves congeries of instrument, gone use of SSL when IPSec is life used does not produce any strongly ascititious guard. However, our admission can capture custody of the enterprise in this scenario as polite. In this residence, we tender integrating DSSL retrogression flakeed IPSec. Then the avoidary keys for twain the flakeed IPSec union and the DSSL union are shared retrogression the representation suffice-forrs. The avoidary key for flakeed IPSec is shared retrogression twain the TCP representation and the HTTP representation. When flakeed IPSec encrypts the packet, the avoidary key encryption applys up to the representation SSL archives. The TCP representation suffice-forrs can consequently decrypt the TCP header of the ESP packet, and the HTTP representation suffice-forr can decrypt the representation SSL archives. Consequently, enterprise optimizations for twain TCP and HTTP are remited retrogressionout letting the interposed suffice-forrs recognize the HTML page. A schematic of the IPSec packet in this elucidation is shown in Fig. 8. A HIERARCHICAL APPROACH TO KEY MANAGEMENT FOR DATA SECURITY IN HYBRID NETWORKS In [21], we bear inconsummate a key-skillful-texture framelabor for distributing cryptographic keys closely and in a scalcogent habit to users portico allot in clump intimation in a mixed avoid network. The intentive is to enclose postulates relianceworthyity, by encrypting the postulates intercourse retrogression clump keys public to all the clump constituents. The key-skillful-texture framelabor is built on top of the multicast routing structure. We bear deliberateed the mixed netlabor topology shown in Fig. 1b and intentional a multicast routing structure to remit users to co-operate seamlessly betwixt multiple sublunary LANs (besides referred to as subnetworks) [22]. Our routing plan produces restricted use of incontemporaneous surrender legislation (ATM) aim-to-multiaim routing [23] aggravate the avoid sums, and Protocol-Independent Multicast Sparse-Mode (PIM-SM) multicast routing [24] in sublunary LANs. We bear applyed PIM-SM to remit multiple centre aims (RPs) in each multicast clump. The avoid gate in each LAN acts as the topical RP for the LAN and constitutes the topical multicast trees for clump constituents retrogressionin the LAN. The topical multicast trees are united contemporaneously aggravate the avoid sums by using the ATM aim-to-multiaim implicit union, thereby creating one end-to-end multicast tree for each clump, encompassing all the LANs retrogression clump constituents in them. The multicast routing structure is thus serviceoperative closely to the clerical netlabor topology, and remits for structure causative multicast trees retrogression low repress and postulates aggravatehead. The plan of the key-skillful-texture protocol is dogged of the routing algorithm, although it is lowd on the arelish inferiorlying tenet, that is, a clerical subdueup of the netlabor lowd on the topology. We distribute the netlabor into two planes — the inferior plane, interposed of sublunary LANs wless the users are located, and a nobleer plane consisting of the avoid, the NOC, and the avoid gates or RPs in each LAN, which contemporaneously produce an aggravatelay (Fig. 9a) interconnecting sublunary LANs. The RPs act as the “bridge” betwixt the two planes. Key skillful-texture is accomplished detachedly in the two planes. In each LAN we produce-public a topical clump repressler (denominated the “subnetlabor key repressler” or SKC) to direct the keys for all clumps free in the LAN. The SKC is legitimate for alikeity repress of all constituents of all clumps that are free in its LAN, generating the clump keys for all topical clumps, and updating the keys on clump-constituent joins and leaves when a clump is free. The keys directd by an SKC are undiminishedly topical to its LAN, and do not concern the key skillful-texture in any other LAN in the network. The SKC uses the LKH algorithm to direct keys in its LAN, creating a argumentative key tree that we tidings the SN Tree. Each clump free in a LAN has its own SN Tree. The leaves of the SN Tree for a clump tally to the covettidings shared secrets betwixt the SKC and the topical users in the LAN who are free as beginnings and/or capturers in the clump. The source of the SN Tree tallys to the congress key that is used for encrypting the clump intercourse retrogressionin the LAN at any alloticular flash. On constituent joins and leaves, the congress key, and all the keys on the behavior from the source to the leaf node selfarelish to the constituent annexation/leaving, are updated, determination all other keys in the SN Tree redeep illegal. The aggravatelay has its own key skillful-treatment, 58 IEEE Wireclose Communications • December 2005 Coat RP tree source key Level-1 Avoid Coat netlabor NOC Gate Entrance Gate SN tree SKC RP (root) RP (leaf) SKC RP tree RP (leaf) Gate Level-0 SKC Subnet n Subnet 1 Subnet 2 (a) Subnet 3 Subnetlabor Subnetlabor (b) Subnetlabor n Delineation 9. A clerical admission to key skillful-texture in mixed networks: a) hierarchy in the mixed network; b) tiered tree key skillful-treatment. besides lowd on the LKH algorithm. At the aggravatelay plane, the key skillful-texture for a alloticular clump is repressled by the avoid gate/RP (public as the source RP for that clump) of the LAN that has clump beginnings free for the covetest true determination in the clump. The argumentative key tree for any clump thus produceed at the aggravatelay is tidingsed the RP Tree. The source RP is legitimate for generating keys for the RPs of the LANs who buttress to the alloticular clump, that is, bear beginnings and/or capturers free in the LAN. Each clump has its own RP Tree. The plan encloses that the NOC cannot capture/impel postulates to any free clump, unclose it explicitly buttresss to the clump as a constituent node. However, LANs annexation any alloticular clump initially register retrogression the NOC, which buttresss a clump conjunction tcogent for all free clumps, so that at all determinations the NOC is sensible of the LANs which are alloticipating in all free clumps. The NOC is besides legitimate for selecting the source RP of the RP Tree for each clump, which it does lowd on the earliest-to-join system. The source RP besides ability be unanalogous for unanalogous clumps, gone the LAN retrogression the covetest truely free beginnings ability be unanalogous for unanalogous clumps. Our algorithm has the preparation to remit the source RP for any clump to transmute — this occurs if the floatingly free source RP leaves the clump, when all beginnings/receivers retrogressionin its topical LAN desist to alloticipate in the clump. Our algorithm consequently builds a hierarchy of argumentative key trees that closely supervene the hierarchy in the netlabor topology, as shown in Fig. 9b. We tidings this framelabor Tiered Tree-installed Key Management. In this hierarchy of key trees, the gate RPs are legitimate for acting key translation on all the multicast clump intercourse as it impels the postulates from topical beginnings to capturers in distant LANs, or when it captures clump intercourse from distant beginnings for topical capturers. This translation is requisite gone the postulates intercourse is encrypted retrogression the RP Tree congress key in the aggravatelay, and retrogression the SN Tree congress ey retrogressionin the topical LAN, retrogression the two congress keys life dogged of one another. The constructive plan of Tiered Tree-installed Key Management, separation of its guard, and experimental goods can be build in [25]. The earliest intentive in our plan is to minimize the sumity of key-skillful-texture repress intercourse n Delineation 10. Tiered tree framework: undiminishedty key skillful-texture intercourse vs. RP tree intercourse for three clumps (Y-axis shows the intercourse in bytes per avoid; X-axis is the hypocrisy protraction in minutes). hat flows aggravate the avoid sums, due to the covet retrogression compromised as polite as sensitiveness to deed fallacys. We bear attempted to enclose that the guard of the postulates intercourse does not add any aggravatehead in stipulations of retrogression other than that arbitraryly necessary, and that the guard protocol does not assist to deadlocks in clump-postulates dissemination wless some clump constituents in incontrovertible LANs cannot recognize the postulates due to having crime keys. From the hypocrisy goods, Fig. 10 shows the diminution in key-repress intercourse aggravate the avoid sums using our tiered-tree admission. The graph compares the undiminishedty key-skillful-texture IEEE Wireclose Communications • December 2005 59 Our separation is a common separation aimed restrictedally at multicast key skillful-texture and does not unite retrogression an end-to-end guard separation for close intimation or surrender any implementation restricteds. notice sent in the netlabor for three concurrent clumps (i. e. , sent aggravate the RP trees, sent aggravate the avoid sums, and all SN trees scant to topical LANs), to the undiminishedty key notice sent on the RP trees (avoid sums) barely. As the graph shows, the rebeginning savings on the avoid sums is strong when the tiered-tree contrivance is used. Smooth though the clump dynamics are noble, the sumity of intimation substitutes are very few in the RP tree, that is, aggravate the avoid sums. If a tame key-skillful-texture hierarchy had been used instead, the undiminishedty key-skillful-texture intercourse would bear been sent aggravate the avoid sums, thus qualitative to acceptiond retrogression and increasing the possibility that the reproduce keys do not allure all the constituents at the arelish determination. Our separation is consequently very scalable. It besides acknowledges the deed that the clump constituents ability be located in unanalogous guard estates and, consequently, a unmarried network-spacious guard skillful-texture ability not be practicable. This is a excite genuineistic scenario, gone sublunary LANs ability be restricted union estates, determination the avoid aggravatelay infrastructure is usually owned by a detached existence that produces netlabor connectivity to the LANs, and is not legitimate for generating the netlabor intercourse. This framelabor discoursees the collection that all users ability not be manifest to a unmarried, convenientized guard example, and the dynamics of user joins or leaves in one LAN should not constitute an aggravatehead to users in other LANs. Also, in spaciousarea avoid networks we deliberate that the avoid deed stipulations at a abandoned aim in determination ability be unanalogous in unanalogous sections of the network. Tless ability be mislaying in notice due to bad deed stipulations in some netlabor allots; besides, this should not dissipate intimation in netlabor allots wless the deed stipulations are ameliorate. Solutions which bargain all users in a unmarried tree procure not be cogent to act as vigorously inferior such stipulations. Our separation is besides arelish to the ML-IPSec concept in that the avoid ultimates are barely allotially relianceed; they are remited to do allotial decryption/encryption of the IP packets for causative routing. However, it is a common separation aimed restrictedally at multicast key skillful-texture and does not unite retrogression an end-to-end guard separation for close intimation or surrender any implementation restricteds. admissiones for usual topologies and validating the inconsummate plans by hypocrisy. Lastly, we bear defined our clerical admission of key skillful-texture for providing postulates guard in mixed networks. We are constant our education in this area and examining plans to sum our keyskillful-texture protocol retrogression the unicast plight. A deliberatecogent sumity of labor deficiencys to be accomplished retrogression revere to close protocols for mixed networks, restrictedally for the plight wless users are inconstant. Less we bear deranged upon barely a diminutive subset of the collections. None of the inconsummate separations, including our own, discourse the inquiry of user proof or intimation probity for clump intimation. However, we deem the guard collections debateed less procure capture excite bargainment from the education homogeneity, and this labor procure be a helpful aid to the ground. ACKNOWLEDGMENT The authors would relish to felicitate the unauthenticated reviewers for their valucogent comments and hintions. The education reported less is attended by the National Aeronautics and Distance Administration (NASA) Marshall Distance Flight Center inferior decree no. NCC8-235. The views exposed in this determination are barely the commission of the authors and do not mirror the views or pose of NASA or any of its rudiments. REFERENCES [1] J. Bdispose et al. , “Performance Enhancing Proxies Serviceoperative to Mitigate Link-Related Degradations,” IETF RFC 3135, June 2001. [2] V. Arora et al. , “Effective Extensions of Internet in Mixed Satellite-Terrestrial Networks,” University of Maryland, College Park, Tech. Rep. CSHCN TR 96-2, 1996. [3] V. Bharadwaj, “Improving TCP Enterprise aggravate HighBandwidth Geostationary Avoid Links,” University of Maryland, College Park, Tech. Rep. ISR TR MS-99-12, 1999. [4] N. Ehsan, M. Liu, and R. Ragland, “Evaluation of Enterprise Enhancing Proxies in Internet aggravate Satellite,” Wiley Int’l. J. Commun. Sys. , vol. 16, Aug. 2003, pp. 513–34. [5] NIST, “Digital Sigkind Criterion (DSS),” May 19, 1994. [6] H. Krawczyk, M. Bellare, and R. Canetti, “HMAC: KeyedHashing for Intimation Authentication,” IETF RFC 2104, Feb. 1997. [7] R. Atkinson and S. Kent, “Security Structure for the Internet Protocol,” IETF RFC 2401, Nov. 1998. [8] IETF Rapture Flake Guard Launched Group, “The SSL Protocol Version 3. 0,” Nov. 1996, availcogent at http://wp. netscape. com/eng/ssl3/draft302. txt [9] R. Atkinson and S. Kent, “IP Encapsulating Guard Payarraign (ESP),” IETF RFC 2406, Nov. 998. [10] Y. Zhang, “A Multiflake IP Guard Protocol for TCP Enterprise Enhancement in Wireclose Networks,” IEEE JSAC, vol. 22, no. 4, 2004, pp. 767–76. [11] M. Karir and J. Baras, “LES: Layered Encryption Security,” Proc. ICN’04, Guadeloupe (French Caribbean), Mar. 2004. [12] E. Olechna, P. Feighery, and S. Hryckiewicz, “Virtual Private Netlabor Issues Using Avoid Installed Networks,” MILCOM 2001, vol. 2, 2001, pp. 785–89. [13] P. Chitre, M. Karir, and M. Hadjitheodosiou, “TCP in the IPSec Environment,” AIAA ICSSC 2004, Monterey, CA, May 2004. 14] SSL Accelerator, Spacenet Inc. , availcogent at http://www. distancenet. com/technology/advantages/ssl. ht ml [15] M. P. Howarth et al. , “Dynamics of Key Skillful-texture in Close Avoid Multicast,” IEEE JSAC, vol. 22, no. 2, 2004, pp. 308–19. [16] C. Wong, M. Gouda, and S. S. Lam, “Secure Clump Communications Using Key Graphs,” IEEE/ACM Trans. Net. , vol. 8, 2000, pp. 16–30. CONCLUSION Guard is a deep rudiment in mixed IPinstalled avoid networks. In this determination we bear standpointed on some of the challenges that lie afront. We bear debateed the matchclose specialitys of mixed avoid networks that produce the collection of ensuring close intimation unanalogous from that of purely sublunary networks. We bear exhibited a contemplate of the sundry guard separations that bear been incomplete, and debateed their customs and disadvantages. We bear inconsummate diversified admissiones to plain-up the enterprise collections of TCP and HTTP in avoid networks arising from close intimation. However, a lot of excite labor deficiencys to be accomplished to validate our admissiones, and we are in the process of developing restricted constructive guard 0 IEEE Wireclose Communications • December 2005 [17] D. Wallner, E. Harder, and R. Agee, “Key Skillful-texture for Multicast: Issues and Architectures,” IETF RFC 2627, June 1999, availcogent at http://www. apps. ietf. org/rfc/ rfc2627. html [18] G. Noubir and L. von Allmen, “Security Issues in Internet Protocols aggravate Avoid Links,” Proc. IEEE VTC ‘99, Amsterdam, The Netherlands, 1999. [19] L. Duquerroy et al. , “SatIPSec: An Optimized Separation for Securing Multicast and Unicast Avoid Transmissions,” 22nd AIAA Int’l. Commun. Sat. Sys. Conf. and Exhibit, Monterey, CA, May 2004. [20] Y. Song, V. Leung, and K. Beznosov, “Supporting Endto-End Guard athwart Proxies retrogression Multiple-Channel SSL,” Proc. 19th IFIP Info. Sec. Conf. , Toulouse, France, Aug. 2004, pp. 323–37. [21] A. Roy-Chowdhury and J. Baras, “Key Skillful-texture for Close Multicast in Mixed Avoid Networks,” 19th IFIP Info. Sec. Conf. , Toulouse, France, Aug. 2004. [22] A. Roy-Chowdhury and J. Baras, “Framelabor for IP Multicast in Avoid ATM Networks,” AIAA ICSSC 2004, Monterey, CA, May 2004. [23] G. Armitage, “Support for Multicast aggravate UNI 3. 0/3. 1 Installed ATM Networks,” Internet RFC 2022, Nov. 1996. [24] S. Deering et al. , “The PIM Structure for Wide-Area Multicast Routing,” IEEE/ACM Trans. Net. , vol. 4, no. 2, 1996, pp. 153–62. [25] A. Roy-Chowdhury, “IP Routing and Key Skillful-texture for Close Multicast in Avoid ATM Networks,” Master’s Nursing essay, University of Maryland, College Park, 2003, availcogent at http://techreports. isr. umd. edu/reports/2004/ MS2004-1. pdf Pamphlet Award, 2004 WiSe Conference. He holds three evidents. His education interests inferiorstand wireclose networks and MANET, wireclose netlabor guard and notice promise, integration of logic programming and nonlinear programming for trade-off separation, multicriteria optimization, noncooperative and cooperative dynamic games, vigorous repress of nonlinear systems and mixed automata, historical and statistical physics algorithms for repress and intimation systems, select incontemporaneous repress and intimation systems, intent-oriented legislationling of close engineering systems, avoid and mixed intimation networks, netlabor skillful-treatment, wild Internet services aggravate mixed wireclose networks, stochastic systems, planning and optimization, quick repress and education, biologically orthodox algorithms for distinguished processing, and sensor networks. MICHAEL HADJITHEODOSIOU [M] captured an M. A. (honours) in electrical and notice informations from the University of Cambridge, United Kingdom, in 1989, an M. S. in electrical and computer engineering from the University of California, Irvine in 1992, and a Ph. D. n engineering (specializing in avoid intimations) from the Centre for Avoid Engineering Education (CSER) at the University of Surrey, United Kingdom, in 1995. Among his decrees are a learning decree for studies at the University of Cambridge from the Cambridge Commonwealth Reliance (1984–1986); a Fulbdirect Learning for post-graduate labor in the United States (1989–1991); a Education Brotherhood from the U. K. Engineering and Physical Sciences Education Council (EPSRC) (1992); and the Canadian National Information and Engineering Education Council (NSERC) post-doctoral brotherhood decree (1995). He labored as a education match in the Intimation Systems clump of CSER (1991–1995) and gone-by a year as a visiting match at the Canadian Government Communications Education Center (CRC) (1995–1996). In November 1996 he joined the Center for Avoid and Mixed Intimation Networks (CSHCN) at the Institute for Systems Research, University of Maryland, College Park, wless he is floatingly an associate education learner. He is an speedy on distance intimations and avoid networks. His education interests inferiorstand enterprise optimization of wireclose and mixed networks, guard and protocol assistance outcomes for avoid systems, and plan optimization of next-generation broadband avoid networks and contacts. He is floatingly laboring on assistanceing the intimation deficiencys of NASA enterprises and the intimation structure enabling distance investigation. He is floatingly serving as secretary of the IEEE Avoid and Distance Communications Technical Committee. SPYRO PAPADEMETRIOU captured his B. S. in computer information from George Mason University, Fairfax, Virginia. Gone then he has been freely compromised in Internet education and crop retrogressionin twain diligence and academia. He was the foremost Internet educationer at Synectics Corp. , wless he exposed netlabor and postulateslow software. He labored as a educationer at the University of Maryland’s Institute for Systems Research, wless he intentional and exposed their chief netlaunched laboratory, which is allot of the CSHCN. At Inktomi Corp. he spearheaded client acceleration education and was a constituent the pleased-disposal netlabor plan team. These consequenceed in diversified evident filings, of which he holds one. The dying besides consequenceed in American Online’s Web client accelerator labor. Currently he is retrogression Orbital Postulates Corp. laboring on netlabor and contact optimization. His education interests inferiorstand netlabor optimization, contact optimization, avoid and sublunary wireclose networking, retrogression-tolerant networks, sensor networks, select systems, and netlabor software structure. We bear deranged upon barely a diminutive subset of the collections. None of the inconsummate separations, including our own, discourse the inquiry of user proof or intimation probity for clump intimation. BIOGRAPHIES AYAN ROY-CHOWDHURY ([email protected] umd. edu) captured his B. E. in electronics and telecommunications engineering in 1998 from Jadavapur University, India, and his M. S. in electrical engineering in 2003 from the University of Maryland, College Park, wless he is floatingly a Ph. D. student. Betwixt 1998 and 2000 he labored as a superior software engineer at Wipro Technologies, India. His education standpointes on the plan of protocols and frameworks for close intimation in mixed networks. He is laboring on close protocols for unicast and multicast routing in networks that bear wired and wireclose sublunary rudiments interunited by avoid sums. He is besides contemplateing into key skillful-texture techniques for close postulates transmission for these netlabor structures, and causative user-proof arrangements for the alike. As allot of these topics, he is besides investigating enterprise collections for netlabor intimation in avoid networks when guard is compromised. J OHN S. B ARAS [F] captured a B. S. in electrical engineering from National Technical University of Athens, Greece, in 1970, and M. S. and Ph. D. stations in applied mathematics from Harvard University in 1971 and 1973, respectively. He was structure controller of the Institute for Systems Education (one of the chief six NSF Engineering Education Centers) from 1985 to 1991. Since August 1973 he has been retrogression the Electrical and Computer Engineering Department and Applied Mathematics Faculty at the University of Maryland, College Park. In 1990 he was appointed to the Lockheed Martin Chair in Systems Engineering. Gone 1991 he has been controller of the Center for Mixed and Avoid Intimation Networks (a NASA Education Partnership Center). Among his decrees are the 1980 Outstanding Pamphlet A