Many modern computing environments involve dynamic peer groups. Distributed simulation, multi-user games, conferencing applications and replicated servers are just a few examples. Given the openness of today's networks, communication among peers (group members) must be secure and, at the same time, efficient. This paper studies the problem of authenticated key agreement in dynamic peer groups with the emphasis on efficient and provably secure key authentication, key confirmation and integrity. It begins by considering 2-party authenticated key agreement and extends the results to Group Diffie-Hellman key agreement. In the process, some new security properties (unique to groups) are encountered and discussed.

Many modern computing environments involve dynamic peer groups. Distributed simulation, multi-user games, conferencing and replicated servers are just a few examples. Given the openness of today's networks, communication among group members must be secure and, at the same time, efficient. This paper studies the problem of authenticated key agreement in dynamic peer groups with the emphasis on efficient and provably secure key authentication, key confirmation and integrity. It begins by considering 2-party authenticated key agreement and extends the results to Group Diffie-Hellman key agreement. In the process, some new security properties (unique to groups) are discussed. 1 Introduction This paper is concerned with security services in the context of dynamic peer groups (DPGs). Such groups are common in many network protocol layers and in many areas of modern computing and the solution to their security needs, in particular key management, are still open research challenges [19]. Exa...

Security represents one of the major obstacles today to the wider deployment of IP multicast. The current work identifies and discusses the various concepts and issues underlying multicast security. A classification of the current issues is provided, covering some core problems, infrastructure problems, and the complex applications that may be built atop a secure IP multicast. Three broad core problem-areas are defined, namely the problem of fast and efficient source-authentication for high data-rate applications, secure and scalable group-key management techniques and the need for methods to express and implement policies specific to multicast security. The infrastructure problem-areas cover the issues related to the security of multicast routing protocols and reliable multicast protocols. The topic of complex application covers more advanced issues, typically relating to secure group-communications at the application layer which may be built above an eventual secure multic...

A key issue in authorization services and computer security in general is the definition of security policies [1]. To help define security policies we have developed a new policy language for authorization systems (PLAS), and a framework in which to apply it. This paper describes the PLAS framework and shows how can it be used within current fields of research in IT security such as protection against downloadable code and in intrusion-detection systems.

This paper represents an exploratory study of concepts in middleware technology. The paper introduces a new term middard and a conceptual middard model. A middard is a standard, but not a product. Middleware is the implementation of a middard. Middardware is software developed in conformance with a middard standard. The conceptual middard model describes the relationship of elements constituting a distributed computing system. This paper presents the middard value-added chain to overview the existing middleware technology, and illustrates the trend of middard.