IP Multicast is best known for its bandwidth conservation and lower resource utilization. The classical model of multicast makes it difficult to permit access only to authorized end users or paying customers. A scalable, distributed and secure architecture is needed where authorized end users can be authenticated before delivering any data or content. In (unsecure) multicast, an end user or host informs the multicast edge-router of its interest in receiving multicast traffic using the Internet Group Management Protocol (IGMP). To carry the end user authentication data, we have extended the IGMPv3 protocol, and called our new version the Internet Group Management Protocol with Access Control (IGMP-AC). New messages and reception states have been added to IGMPv3, and the AAA framework is used for end user authentication, authorization and accounting purposes. IGMP-AC is presented using state diagrams of the entities that are involved. The proposed protocol has been modeled in PROMELA,...
Salekul Islam, J. William Atwood