idnits 2.17.1 draft-park-mls-multiple-groups-requirement-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a Security Considerations section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (November 20, 2018) is 1982 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 2 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group M. Park 3 Internet-Draft Soongsil University 4 Intended status: Informational November 20, 2018 5 Expires: May 24, 2019 7 Multiple group membership 8 draft-park-mls-multiple-groups-requirement-00 10 Abstract 12 This document proposes a functional requirement of Message Level 13 Security (MLS) which provide an efficient management for multiple 14 groups. Although MLS defines an architecture and an abstract 15 protocol for a secure group communication, it overlooks the need of 16 multiple groups. This document describes a usecase of the multiple 17 groups, and the need for an efficient multiple group membership 18 management. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at https://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on May 24, 2019. 37 Copyright Notice 39 Copyright (c) 2018 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (https://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2 56 3. Re-keying for membership change . . . . . . . . . . . . . . . 2 57 4. Multiple groups scenario . . . . . . . . . . . . . . . . . . 3 58 5. Multiple group membership . . . . . . . . . . . . . . . . . . 4 59 6. Informative References . . . . . . . . . . . . . . . . . . . 4 60 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 5 61 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 5 63 1. Introduction 65 With the emergence of diverse group-based applications, e.g. a 66 channel-based charged TV or telematics services, multiple group 67 applications are likely to coexist, and users may have multiple 68 memberships. Of course, although the functional requirements defined 69 in the mls architecture draft can satisfy the multiple membership 70 management, we need to consider the efficient management of multiple 71 membership. This document mentions the inefficiency which may occur 72 in the multiple membership management and the motivation of the 73 functional requirement, multiple group membership. 75 2. Terminology 77 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 78 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 79 document are to be interpreted as described in [RFC2119]. 81 3. Re-keying for membership change 83 Let us consider a situation where a member is about to leave a group. 84 Before this member leaves, all the members have shared a group key to 85 encrypt/decrypt messages among themselves. After the member leaves, 86 the old group key must be revoked and updated with a new group key. 87 This rekeying process may cause a lot of key management overhead. 88 Since the existing members do not have any shared secret keys except 89 for the old group key, a new group key should be distributed to these 90 members in a secure manner. As a result, it is obvious that the more 91 the number of users in a group service, the larger the rekeying 92 overhead would be. 94 4. Multiple groups scenario 96 There can be various group messaging services. Generally, the group 97 messaging services can be considered as the commercial services such 98 as a charged TV streaming service, a telematics service, and an 99 information service (Sports or stock). Let us assume these three 100 services are Delivery Services (DS) as shown in Figure 1. In this 101 case, there will be at least three groups for the three services, 102 each of which should be managed according to the membership records 103 of the DSs. Moreover, if the subscription to a DS is charged for 104 either each channel (Ch1, Ch2, and Ch3) or content (sports and 105 stock), the service provider should manage the additional user groups 106 (e.g., channel-based or content-based groups) for accurate accounting 107 like Figure 2. As a result, the management overhead stemming from 108 membership management including rekeying can significantly increase 109 due to the number of such groups. 111 ---------------- -------------- ----------------- 112 | A Charged TV | | Telematics | | Information | 113 | | | Service | | Service | 114 | | | | | | 115 ---------------- -------------- ----------------- 116 \ / \________________ / | 117 \ / _____\_________/ | 118 \ / / \ | 119 ------- ------ ------- ------- 120 | User0 | | User1 | | User2 | | User3 | 121 ------- ------ ------- ------- 123 Figure 1: Multiple groups scenario 125 Ch1 group Ch2 group Ch3 group 126 **************** **************** **************** 127 * ------- * * ------- * * ------- * 128 *| User0 | ...* *| User1 | ... * *| User2 | ... * 129 * ------- * * ------- * * ------- * 130 **************** **************** **************** 132 Telematics group Sports group Stock group 133 **************** **************** **************** 134 * ------- * * ------- * * ------- * 135 *| User2 | ...* *| User1 | ... * *| User3 | ... * 136 * ------- * * ------- * * ------- * 137 **************** **************** **************** 139 Figure 2: Six delivery service groups 141 5. Multiple group membership 143 The multiple group scenario in the previous section can be 144 implemented with multiple independent groups, where each service 145 group has an independent AS. However, a single service provider may 146 manage multiple groups, e.g., multiple channel groups in a channel- 147 based charged service. In this case, the service provider should 148 have multiple independent groups corresponding to each channel, which 149 may increase the management cost such as many Ass as the number of 150 groups and re-keying. Therefore, the protocol should be able to 151 allow a single Authentication Service to manage multiple group 152 memberships in order to support more than two Delivery Services as 153 shown in Figure 3. 155 ---------------- -------------- -------------- 156 | Authentication | | Delivery | | Delivery | 157 | Service (AS) | | Service(DS1) | | Service(DS2) | 158 ---------------- -------------- -------------- 159 Multiple memberships / \ / | 160 ********************************************************* 161 * / ________\___/ | * 162 * / / \ | * 163 * ---------- ---------- ---------- * 164 * | Client 0 | | Client 1 | | Client N | * 165 * ---------- ---------- ---------- * 166 * ............................ ........... * 167 * Member 0 Member 1 * 168 * * 169 ********************************************************* 171 Figure 3: Multiple membership 173 6. Informative References 175 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 176 Requirement Levels", RFC 2119, March 1997. 178 Appendix A. Acknowledgements 180 This work was supported by Institute for Information & communications 181 Technology Promotion(IITP) grant funded by the Korea government(MSIT) 182 (No.2018-0-00254, SDN security technology development). 184 Author's Address 186 Minho Park 187 School of Electronic Engineering 188 Soongsil University 189 369, Sangdo-ro, Dongjak-gu 190 Seoul, Seoul 06978 191 Republic of Korea 193 Phone: +82 2 828 7176 194 EMail: mhp@ssu.ac.kr