The objective of the this activity is to define a secure multicast group framework and specify and validate the required adaptation in existing technologies to enable seamless multicast delivery of multimedia applications with specific security requirements over large multi-spot beam satellite systems.
In order to meet the objectives an end-to-end simulation/emulation environment representative of the reference satellite system and the secure multicast architecture is designed and developed with the following two-fold objective:
- Validation of the technical solutions proposed to overcome the issues and technology gaps identified during the project.
- End-to-end performance assessment and demonstration of the secure multicast group framework deployment in a multi-spot beam satellite system for a selected group of multimedia applications.
In order to promote the development of the solutions, a set of recommendations and guidelines for seamless deployment of multimedia applications involving large secure multicast groups of users and multi-spot beam satellite systems are produced, including adaptation and/or evolution of current proposals for standardization, standards and multi-spot beam satellite system architectures.
Dynamic multicast network protocols are essential in enabling the delivery of multimedia applications to a large group of users and VPN techniques and protocols provide the necessary security services that are needed to fulfil the CIA (Confidentiality, Integrity and Availability) communication security requirements.
It is necessary to consider the inherent characteristics of the satellite system (channel fading, latency, bandwidth delay product, etc.) together with the fact that the architectures have to be scalable up to a large number of users in different spot-beams within the coverage area. Creation and management of the Group Secure Associations and efficient Secure Key Management represent also challenges on the multicast context.
In addition, other critical aspects are multicast routing, service mobility and the identification of the best suited layer to apply the security encryption mechanisms considering the specific application security requirements.
The end to end simulator test bed developed in the project enables validation and performance assessments of the end-to-end secure multicast framework on top of satellite network. However, the test bed may also function as a general platform for SatCom industry to be used within different use cases in both real-time emulative and simulative mode. The test bed is built in a modular way enabling potential modifications and/or additions for different concrete use cases. Guidelines and recommendation describing the solutions identified, including standards adaptation and evolution helps the SatCom industry to overcome the issues in an efficient way.
The end-to-end simulator test bed is based on Network Simulator 3 (ns-3) and its satellite network enhancements (Satellite Network Simulator 3, SNS3). Ns-3 is capable of being run in both real-time emulation mode and non-real time simulation mode. Real application performance may be demonstrated in the real-time emulation mode, while the performance with larger scenarios (hundreds of group members) may be studied in a fully simulative mode.
Figure 1 illustrates the satellite network coverage provided by the Satellite Network Simulator 3.
A photo of the end-to-end simulator test bed is presented in Figure 2. The main features of the simulator test bed include:
- Simulation of multi-spot beam satellite network by means of Satellite Network Simulator 3 (SNS3).
- IP security protocols with multicast extensions.
- Group Domain of Interpretation (GDOI) group key management.
- Hierarchical key management: Logical Key Hierarchy (LKH).
- Application component by means of VLC.
- Multiple performance enhancements identified for seamless delivery of multicast applications over satellite network.
- Graphical Simulator Control Unit for setup, control and performance analysis functions.
The project is divided in five main tasks.
Task 1 defines the secure multicast satellite system requirements specifications defining a secure multicast group framework and the system functional architecture.
Task 2 specifies and designs selected use case scenarios based on the functional architecture.
Task 3 specifies the requirements and performs the detailed design of the demonstrator.
In Task 4 the demonstrator is developed followed by extensive testing to validate the proposed technical solutions including comparisons with the expected performance.
Task 5 defines guidelines and recommendations based on the work in project in the form of a white paper.
Duration of the project is 13 calendar months.