Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Multicast and Group Security", Thomas Hardjono/Lakshminath R. Dondeti

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKMCGPSC.RVW 20030915 Multicast and Group Security , Thomas Hardjono/Lakshminath R. Dondeti, 2003, 1-58053-342-6, U$89.00/C$137.95 %A Thomas Hardjono %A
    Message 1 of 1 , Nov 13, 2003
    • 0 Attachment
      BKMCGPSC.RVW 20030915

      "Multicast and Group Security", Thomas Hardjono/Lakshminath R.
      Dondeti, 2003, 1-58053-342-6, U$89.00/C$137.95
      %A Thomas Hardjono
      %A Lakshminath R. Dondeti
      %C 685 Canton St., Norwood, MA 02062
      %D 2003
      %G 1-58053-342-6
      %I Artech House/Horizon
      %O U$89.00/C$137.95 617-769-9750 artech@...
      %O http://www.amazon.com/exec/obidos/ASIN/1580533426/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/1580533426/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/1580533426/robsladesin03-20
      %P 307 p.
      %T "Multicast and Group Security"

      Multicast security may involve a problem of confidentiality in a
      situation where confidential information is distributed to a number of
      parties simultaneously, and also where you may wish to authenticate
      the user, while simultaneously preserving his (or her) privacy. This
      is a very interesting problem in another area of security, that of
      emergency preparedness and communication. Technically, the problem
      has solutions. Practically, it may not: can you completely trust the
      recipients not to redistribute the confidential information that you
      sent? The other obvious application lies in the realm of the ultimate
      promiscuous network: wireless.

      Chapter one seeks to point out the motivation and need for multicast
      security, but it does not do a convincing job due to a lack of detail
      about the multicast process. This deficiency is partially made up in
      chapter two, but it does mean that much of the text in the second
      chapter echoes that already presented in the first. Authentication is
      addressed in chapter three with regard to the need to verify that a
      given message came from either any member of the group or a specific
      member, and that an individual cannot deny having sent a
      communication. Having overexplained the basic cases, when the authors
      move into the details of specific (and sometimes very complicated)
      signing operations, they frequently fail to make clear the reasons for
      the use of these systems.

      Although there is no formal division in the book, chapter four is the
      first of three chapters dealing with key management for groups. The
      difficulties of such a practice have already been raised in the
      introductory material, and this chapter provides very little more,
      primarily making analogies with the security associations (SAs) of
      IPSec (Internet Protocol Security). Chapter five presents various key
      management architectures and protocols. The details of operation are
      clear enough, but the intent of the different procedures is not always
      made clear, so that it is difficult to understand when a new process
      is said to be an improvement. Key management algorithms, in chapter
      six, are primarily concerned with reissuance of group keys after a
      member has left the group.

      Chapter seven's discussion of group security policy is limited to
      procedures and standards, and thus generally repeats much that has
      gone before. Even if privacy of transmission is assumed, security
      concerns can still posit denial of service situations where false
      control messages are sent to join, leave, or submit to groups, and so
      routing, in chapter eight, is vital. Reliable transport, or
      guaranteed delivery, also needs to be considered separately, as is
      done in chapter nine. Cases and specific applications are reviewed in
      chapter ten. Chapter eleven looks at future directions and research.

      The writing is unnecessarily verbose and repetitive. Background
      information is provided in support of the concepts covered, but in a
      disorderly manner. The structure and organization of material could
      be improved with little effort, and would result not only in text that
      was easier to read, but also in a simpler logical flow. In addition,
      the "alphabet soup" of acronyms is particularly thick in this work,
      and the authors are not careful about defining an abbreviation before
      they use it: some acronyms are never defined.

      This book does provide an introduction to multicast security, but
      you'll have to work for it.

      copyright Robert M. Slade, 2003 BKMCGPSC.RVW 20030915


      ======================
      rslade@... slade@... rslade@...
      Computer Security Day, November 30 http://www.computersecurityday.com/
      victoria.tc.ca/techrev/mnbksc.htm sun.soci.niu.edu/~rslade/secgloss.htm
    Your message has been successfully submitted and would be delivered to recipients shortly.