大型动态组播系统网络安全服务的若干问题研究
|
摘要
IP组播技术提出至今已经有10多年的历史了,在此期间,学术界和工程界对其进行了大量的研究,这些研究主要集中在IP组播路由、可靠IP组播和拥塞控制等方面。近年来随着人们对开放网络安全的日益重视,人们的注意力开始转向IP组播的网络安全问题,到目前为止,已经涌现出大量优秀的研究成果。但是,IP组播安全领域仍然存在很多亟待解决的问题,和成熟的IP单播安全技术相比,IP组播的安全技术问题更为复杂和困难,许多问题不可能通过直接扩展IP单播的安全技术来解决,在IP组播安全领域,我们还有很长的路要走。
本论文着眼于为上层的IP组播应用系统提供端到端的通用网络安全服务。主要创新成果包括:
* 在构建由GSC(Group Security Controller)和多个SGSC(Sub-Group Security Controller)组成的覆盖网络的基础上提出了适用于大型动态组播群组的密钥管理方案MKEM(Multicast KEy Management)。MKEM改进并解决了Iolus和WGL方案中存在的诸多问题,系统具有很高的可伸缩性。提出了鲁棒及容错的密钥管理协议簇RMKEM来解决MKEM存在的SPOF(Single Point Of Failure)问题。由于顶层的各GSC之间是通过密钥协商算法产生组密钥的,倘若某个GSC出错,其它GSC控制下的子组也不受影响,因此提高了系统的容错性和鲁棒性。提出了RMKEM(或MKEM)+FEC+重新同步机制的方案使MKEM和RMKEM基于UDP/IP组播方式发送的密钥更新消息能够被组成员可靠接收。该方案可在大型动态组播组中实现可伸缩、鲁棒、容错和可靠的密钥管理。现存的组播密钥管理方案中,同时达到可伸缩、鲁棒、容错和可靠四个目标的方案相当少。
* 基于SPKI技术提出了组播分布式访问控制系统MDAC,并提出了基于二叉授权委托树的委托证书路径(DCP)查找算法。通过和其它方案如Gothic[Judge02]、文[Hardjono00]、文[Ballardie95]、文[HeDraft01]进行仿真对比,证明了MDAC不仅具有优越的性能,而且具备其它方案所不具有的分布式、支持各种组播模式、授权委托和隐私保护等特性。目前,在学术界和工程界,针对大型组播系统的安全访问控制问题的研究结果相当少。
提出了基于移动Agent安全方案MABCM[周冲02]的组播接收方不可抵赖服务MNORS。在MABCM构造的移动Agent黑箱的保护下, NRR移动Agent程序完全可以在不可信的接收方计算环境中产生可信的NRR不可抵赖证据。MNORS用纯软件来实现兼具高度的安全性和可伸缩性。国际上,该领域内
* 目前仅有的一个研究结果Nark[Briscoe99]是基于智能卡实现的,且其伪随机密钥的产生方法的安全性并没有经过严格的分析和证明。
* 提出了可定位的组播数字指纹系统MFinger。MFinger利用覆盖网络技术、分布式数字水印算法和基于加密技术的数字指纹算法实现了组播流媒体的叛逆者跟踪和版权保护。系统具有良好的可伸缩性。对基于加密技术的数字水印算法进行了严格的合谋攻击分析,并指出目前WHIM方案[Judge00]仅具有理论价值,在实现上是不可行的。仿真实验结果显示MFinger系统优于文[Chu99]和文[Brown99]的方案。
* 鉴于现存的方案没有为大型动态组播群组实现全面而灵活的网络安全服务框架,提出了基于Antigone的大型动态组播群组的安全服务框架Muflex。除了Antigone自身支持的基本组播安全机制外(包括密钥管理、分组数据源鉴别、发送方不可抵赖等),Antigone还支持用户自己开发的组播安全机制。前面提出的组播网络安全机制:MKEM、RMKEM、MDAC、MNORS、MFinger等已经集成到Muflex中。上层应用可以根据自身需求,通过定制组播安全策略来选择使用相应的组播安全机制。Muflex具有可移植性、可伸缩性、支持多种网络协议、动态加载安全机制、强大而全面的组播安全服务支撑以及Antigone本身所具有的灵活定制和执行组播安全策略等各项特性。
此外,针对组播分组数据源鉴别问题,本文虽然没有提出自己的解决方案,但是作出了如下一些贡献:对组播分组数据源鉴别领域的现有研究成果进行了系统的分类和总结,指出了它们各自存在的优缺点;提出了一个公开问题——分组Hash有向图鉴别问题;具体阐述了几种典型技术;指出了该领域的一些可能发展方向。论文还深入探讨了组安全策略系统的内部机制,详细介绍了组安全策略管理系统Antigone [McDaniel99],指出了其存在的不足并提出了相应的改进措施。论文实际上也是对当前组播安全领域国际研究成果的一个全面而系统的综述。
It has been more than ten years since IP multicast technology was introduced. During these years, IP multicast related technologies have been intensively researched by the academic and engineering circles. Most researches are focused on IP multicast routing, reliable IP multicast and congestion control and so on. In recent years, as the security problems of open networks gain more and more regards, people begin to give more attentions to the security problems of IP multicast. Up to now, a plenty of research results have been obtained. But there still remain many pressing problem areas on IP multicast security to be solved. Contrasted to mature technology of IP unicast security, the technical problems of IP multicast security are more complex and difficult. Many problems cannot be solved simply through extending techniques of IP unicast security to IP multicast in a straightforward way. In the field of IP multicast security, we still have a long way to go.
This dissertation is focused on providing the end-to-end security services for upper-layer IP multicast applications. The main original contributions of this dissertation include:
* Constructing an Overlay Network consisting of GSC (Group Security Controller) and multiple SGSCs (SubGroup Security Controller) and proposing a key management scheme named MKEM (Multicast KEy Management), which is applicable for large dynamic multicast groups. MKEM improved and solved some problems in Iolus and WGL scheme. It is more scalable. Proposing a robust and fault-Tolerant key management protocol suit named RMKEM to solve the problem of SPOF (Single Point Of Failure) remaining in MKEM. Because the group session key is generated through the execution of key agreement algorithm by the GSCs in upper layer, once any GSC is compromised , subgroups controlled by other GSCs will not be influenced. So the robustness and fault-tolerance of system are achieved.
Proposing a scheme of RMKEM (or MKEM) +FEC+Re-Synchronization Mechanism to guarantee the reliably receiving of the rekey messages transmitted on the UDP/IP multicast in MKEM and RMKEM. The scheme can realize the scalable, robust, fault-tolerant and reliable key management in large dynamic multicast groups. Up to the present, there are few key
* management solutions capable of achieving the above four properties.
* Based on SPKI technology, proposing multicast distributed access control system: MDAC, as wall as, proposing a delegation certificate path(DCP) searching algorithm based on binary tree. Through the emulational comparison with other schemes including Gothic [Judge02], schemes presented by papers: [Hardjono00], [Ballardie95] and [HeDraft01], we show that MDAC possesses not only superior performance, but also distribution, support for all kinds of multicast modes, authorization delegation and privacy protection which are properties lacked by the other schemes. So far, in the field of multicast security, there are few solutions for secure access control of large dynamic multicast groups.
* Proposing the multicast NRR service: MNORS based on the mobile agent security scheme: MABCM [Zhou 02]. Under the protection of mobile agent blackbox, NRR mobile agent can generate trusted NRR evidence in untrusted computing environment of receivers. MNORS can be implemented by pure software and has high-level security and scalability. As to the problem of multicast NRR, there is only one result: Nark [Briscoe99], whose implementation must be based on smart card. And the security of the method of generating pseudo-random key in Nark has not been strictly analyzed and proved.
* Proposing a positioning-enable multicast digital fingerprinting system: MFinger. Utilizing the Overlay Networks, distributed watermarking algorithm and digital fingerprinting algorithm based on encryption, MFinger realized the traitor-tracing and copyright protection for multicast media steams; MFinger has excellent scalability; Making a strict analysis of collision attack to the digital fingerprinting algorithm based on encryption and pointing out
本论文着眼于为上层的IP组播应用系统提供端到端的通用网络安全服务。主要创新成果包括:
* 在构建由GSC(Group Security Controller)和多个SGSC(Sub-Group Security Controller)组成的覆盖网络的基础上提出了适用于大型动态组播群组的密钥管理方案MKEM(Multicast KEy Management)。MKEM改进并解决了Iolus和WGL方案中存在的诸多问题,系统具有很高的可伸缩性。提出了鲁棒及容错的密钥管理协议簇RMKEM来解决MKEM存在的SPOF(Single Point Of Failure)问题。由于顶层的各GSC之间是通过密钥协商算法产生组密钥的,倘若某个GSC出错,其它GSC控制下的子组也不受影响,因此提高了系统的容错性和鲁棒性。提出了RMKEM(或MKEM)+FEC+重新同步机制的方案使MKEM和RMKEM基于UDP/IP组播方式发送的密钥更新消息能够被组成员可靠接收。该方案可在大型动态组播组中实现可伸缩、鲁棒、容错和可靠的密钥管理。现存的组播密钥管理方案中,同时达到可伸缩、鲁棒、容错和可靠四个目标的方案相当少。
* 基于SPKI技术提出了组播分布式访问控制系统MDAC,并提出了基于二叉授权委托树的委托证书路径(DCP)查找算法。通过和其它方案如Gothic[Judge02]、文[Hardjono00]、文[Ballardie95]、文[HeDraft01]进行仿真对比,证明了MDAC不仅具有优越的性能,而且具备其它方案所不具有的分布式、支持各种组播模式、授权委托和隐私保护等特性。目前,在学术界和工程界,针对大型组播系统的安全访问控制问题的研究结果相当少。
提出了基于移动Agent安全方案MABCM[周冲02]的组播接收方不可抵赖服务MNORS。在MABCM构造的移动Agent黑箱的保护下, NRR移动Agent程序完全可以在不可信的接收方计算环境中产生可信的NRR不可抵赖证据。MNORS用纯软件来实现兼具高度的安全性和可伸缩性。国际上,该领域内
* 目前仅有的一个研究结果Nark[Briscoe99]是基于智能卡实现的,且其伪随机密钥的产生方法的安全性并没有经过严格的分析和证明。
* 提出了可定位的组播数字指纹系统MFinger。MFinger利用覆盖网络技术、分布式数字水印算法和基于加密技术的数字指纹算法实现了组播流媒体的叛逆者跟踪和版权保护。系统具有良好的可伸缩性。对基于加密技术的数字水印算法进行了严格的合谋攻击分析,并指出目前WHIM方案[Judge00]仅具有理论价值,在实现上是不可行的。仿真实验结果显示MFinger系统优于文[Chu99]和文[Brown99]的方案。
* 鉴于现存的方案没有为大型动态组播群组实现全面而灵活的网络安全服务框架,提出了基于Antigone的大型动态组播群组的安全服务框架Muflex。除了Antigone自身支持的基本组播安全机制外(包括密钥管理、分组数据源鉴别、发送方不可抵赖等),Antigone还支持用户自己开发的组播安全机制。前面提出的组播网络安全机制:MKEM、RMKEM、MDAC、MNORS、MFinger等已经集成到Muflex中。上层应用可以根据自身需求,通过定制组播安全策略来选择使用相应的组播安全机制。Muflex具有可移植性、可伸缩性、支持多种网络协议、动态加载安全机制、强大而全面的组播安全服务支撑以及Antigone本身所具有的灵活定制和执行组播安全策略等各项特性。
此外,针对组播分组数据源鉴别问题,本文虽然没有提出自己的解决方案,但是作出了如下一些贡献:对组播分组数据源鉴别领域的现有研究成果进行了系统的分类和总结,指出了它们各自存在的优缺点;提出了一个公开问题——分组Hash有向图鉴别问题;具体阐述了几种典型技术;指出了该领域的一些可能发展方向。论文还深入探讨了组安全策略系统的内部机制,详细介绍了组安全策略管理系统Antigone [McDaniel99],指出了其存在的不足并提出了相应的改进措施。论文实际上也是对当前组播安全领域国际研究成果的一个全面而系统的综述。
It has been more than ten years since IP multicast technology was introduced. During these years, IP multicast related technologies have been intensively researched by the academic and engineering circles. Most researches are focused on IP multicast routing, reliable IP multicast and congestion control and so on. In recent years, as the security problems of open networks gain more and more regards, people begin to give more attentions to the security problems of IP multicast. Up to now, a plenty of research results have been obtained. But there still remain many pressing problem areas on IP multicast security to be solved. Contrasted to mature technology of IP unicast security, the technical problems of IP multicast security are more complex and difficult. Many problems cannot be solved simply through extending techniques of IP unicast security to IP multicast in a straightforward way. In the field of IP multicast security, we still have a long way to go.
This dissertation is focused on providing the end-to-end security services for upper-layer IP multicast applications. The main original contributions of this dissertation include:
* Constructing an Overlay Network consisting of GSC (Group Security Controller) and multiple SGSCs (SubGroup Security Controller) and proposing a key management scheme named MKEM (Multicast KEy Management), which is applicable for large dynamic multicast groups. MKEM improved and solved some problems in Iolus and WGL scheme. It is more scalable. Proposing a robust and fault-Tolerant key management protocol suit named RMKEM to solve the problem of SPOF (Single Point Of Failure) remaining in MKEM. Because the group session key is generated through the execution of key agreement algorithm by the GSCs in upper layer, once any GSC is compromised , subgroups controlled by other GSCs will not be influenced. So the robustness and fault-tolerance of system are achieved.
Proposing a scheme of RMKEM (or MKEM) +FEC+Re-Synchronization Mechanism to guarantee the reliably receiving of the rekey messages transmitted on the UDP/IP multicast in MKEM and RMKEM. The scheme can realize the scalable, robust, fault-tolerant and reliable key management in large dynamic multicast groups. Up to the present, there are few key
* management solutions capable of achieving the above four properties.
* Based on SPKI technology, proposing multicast distributed access control system: MDAC, as wall as, proposing a delegation certificate path(DCP) searching algorithm based on binary tree. Through the emulational comparison with other schemes including Gothic [Judge02], schemes presented by papers: [Hardjono00], [Ballardie95] and [HeDraft01], we show that MDAC possesses not only superior performance, but also distribution, support for all kinds of multicast modes, authorization delegation and privacy protection which are properties lacked by the other schemes. So far, in the field of multicast security, there are few solutions for secure access control of large dynamic multicast groups.
* Proposing the multicast NRR service: MNORS based on the mobile agent security scheme: MABCM [Zhou 02]. Under the protection of mobile agent blackbox, NRR mobile agent can generate trusted NRR evidence in untrusted computing environment of receivers. MNORS can be implemented by pure software and has high-level security and scalability. As to the problem of multicast NRR, there is only one result: Nark [Briscoe99], whose implementation must be based on smart card. And the security of the method of generating pseudo-random key in Nark has not been strictly analyzed and proved.
* Proposing a positioning-enable multicast digital fingerprinting system: MFinger. Utilizing the Overlay Networks, distributed watermarking algorithm and digital fingerprinting algorithm based on encryption, MFinger realized the traitor-tracing and copyright protection for multicast media steams; MFinger has excellent scalability; Making a strict analysis of collision attack to the digital fingerprinting algorithm based on encryption and pointing out
引文
[Agarwal01] D.A.Agarwal,O.Chevassut,M.R.Tompson,G.Tsudik. An Integrated Solution for Secure Group Communication in Wide-Area Networks.In IEEE Symposium on Computers and Communications, 2001
[Almeroth00] K. C. Almeroth. The Evolution of Multicast: From the MBone to Inter-Domain Multicast to Internet2 Deployment. IEEE Network Magazine, Special Issue on Multicasting, January/February 2000.
[Amir00] Y. Amir, C. Danilov, and J. Stanton. A low latency, loss tolerant architecture and protocol for wide area group communication. In 30th IEEE FTCS, June 2000.
[Amir01] Y. Amir, C. N. Rotaru and J. R. Stanton, Framework for Authentication and Access Control of Client-Server Group Communication Systems. In the Proceedings of the Third International Workshop on Networked Group Communication (NGC 2001), London, UK, November 7-9 2001
[Amir98] Y. Amir and J. Stanton, The spread wide area group communication system, Tech. Rep. 98-4, Johns Hopkins University Department of Computer Science, 1998. 注:Spread工具包是公开的。
[Ateniese00] G. Ateniese, M. Steiner and G. Tsudik. New Multi-Party Authentication Services and Key Agreement Protocols. IEEE Journal of Selected Areas in Communication, 18, March 2000.
[Ateniese98] G. Ateniese, M. Steiner, and G. Tsudik. Authenticated Group Key Agreement and Friends. In Proceedings of the 5th (ACM) Conference on Computer and Communications Security ((CCS)-98), pages 17-26, New York, 1998. ACM Press.
[Ateniese99] G. Ateniese, D. Hasse, Y. Kim, and G. Tsudik. The Design of a Group Key Agreement API. Technical Report RZ3170(#93216), IBM Researh Division, June 1999.
[Baek98] J.Baek. A design of a protocol for detecting a mobile agent clone and its correctness proof using Coloured Petri Nets. Technical Report TR-DIC-CSL-1998-002, Info.&Comm., K-JIST, 1998. http://atom.kjist.ac.kr/~jsbaek/pub/tr-dic-1998-02.ps
[Balenson00]D. Balenson, D. McGrew, and A. Sherman. Key Management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization. IETF Internet draft (work in progress), August 2000.
[Balenson98] Balenson, D. McGrew, A. Sherman “Key Management for Large Dynamic Groups: One-Way Function Trees andAmortized Initialization”Internet Draft
[Balenson99]Balenson, D. McGrew, A. Sherman. Key Management for Large Dynamic Groups: One-Way Function Trees andAmortized Initialization. Internet Draft. http://www.ipmulticast.com/techcent.htm
[Ballardie96] Ballardie A., "Scalable Multicast Key Distribution", RFC 1949, May 1996.
[Ballardie97] A. Ballardie. Core Based Trees (CBT version 2) Multicasting Routing-Protocol Specification. RFC 2189, September 1997.
[Bates98] T. Bates, R. Chandra, D. Katz and Y. Rekhter. Multiprotocol Extensions for BGP-4, February 1998. RFC 2283.
[Baugher01] Baugher, M., Hardjono, T., Harney, H., and Weis, B., "The Group Domain of Interpretation", draft-ietf-msec-gdoi-01.txt, July 2001, Work in Progress.
[Becker98] C. Becker and U. Wille. Communication Complexity of Group Key Distribution. In 5th ACM Conference on Computer and Communications Security, San Francisco, California, November 1998. ACM Press.
[Bellare93] Mihir Bellare and Phillip Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In Victoria Ashby, editor, 1st ACM Conference on Computer and Communications Security, pages 62-73, Fairfax, Virginia, November 1993. ACM Press.
[Berket01] K. Berket, D. A. Agarwal, P. M. Melliar-Smith, and L. E. Moser. Overview of the InterGroup Protocols. In International Conference on Computational Science,May 2001.
[Bernstein96] Philip A. Bernstein. Middleware: A Model for Distributed System Services. Communications of the ACM, 39(2):86-98, February 1996.
[Bhattacharyya99] S. Bhattacharyya, D. Towsley and J. Kurose. The loss path multiplicity problem in multicast. In IEEE INFOCOMM'99, March 1999.
[Bhatti98] Nina T. Bhatti, Matti A. Hiltunen, Richard D. Schlichting, and Wanda Chiu. Coyote: A System for Constructing Fine-Grain Configurable Communication Services. ACM Transactions on Computer Systems, 16(4):321-366, 1998.
[Blaze96] M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized Trust Management. In Proceedings of the 1996 IEEE Symposium on Security and Privacy, pages 164-173. Nov. 1996. Los Alamitos.
[Blaze99] M. Blaze, J. Feignbaum, J. Ioannidis, and A. Keromytis. The KeyNote Trust Management System -Version 2. Internet Engineering Task Force, Sep. 1999. RFC 2704.
[Boneh01] D. Boneh, G. Durfee and M. Franklin. Lower Bounds for Multicast Message Authentication. Proceedings of Eurocrypt 2001.
[Borella98] M. Borella, D. Swider, S. Uludag and G. Brewster. Internet Packet Loss: Measurement and Implications for End-to-End QoS. In Proceedings, International Conference on Parallel Processing, August 1998.
[Boyd97] C. Boyd. On Key Agreement and Conference Key Agreement. In ACISP: Information Security and Privacy: Australasian Conference, pages 294-302. Springer-Verlag, 1997.
[Briscoe99a] B. Briscoe and I. Fairman. Nark: Receiver-based multicast nonrepudiation and key management. In ACM Conference on Electronic Commerce, 1999.
[Briscoe99b] B. Briscoe. MARKS: Zero Side-Effect Multicast Key Management Using Arbitrarily Revealed Key Sequences. In Proceedings of First International Workshop on Network Group
Communication. November 1999.
[Brown99] Ian Brown, Colin Perkins, and Jon Crowcroft. Watercasting: Distributed watermarking of multicast multimedia. In First International Workshop on Networked Group Communication (NGC99), 1999.
[Byers98] J. Byers, M. Luby, M. Mitzenmacher and A. Rege. A digital fountain approach to reliable distribution of bulk data. In proceedings of ACM SIGCOMM'98, September 1998.
[Cain01] Cain, B., Deering, S., Fenner, W., Kouvelas, I., Thyagarajan, A., "Internet Group Management Protocol, Version 3", Internet-Draft, January 2001.
[Calver98] K. L. Calver, S. Bhattacharjee, E. Zegura, and J. Sterbenz, "Directions in active networks", IEEE Communications Magazine, vol.36, pp. 72-78,Oct. 1998.
[Canetti00] R. Canetti, P. C. Cheng, F. Giraud and et al. An IPSec-based Host Architecture for Secure Internet Multicast. In the Proceedings of the Network and Distributed Systems Security Symposium, San Diego, California, February 2000
[Canetti99] R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor and B. Pinkas. Multicast Security: A Taxonomy and Some Efficient Constructions. In IEEE Infocom, 2(March 1999), pp 708-716.
[Canetti99a] R. Canetti, J. Garay and et al. Multicast Security: A Taxonomy and Some Efficient Constructions. In Proc. of INFOCOM 99, 1999.
[Canetti99b] R. Canetti, T. Malkin, and K. Nissim. Efficient Communication-Storage Tradeoffs for Multicast Encryption. In Eurocrypt, 1999.
[Caronni94] G. Caronni. XWedge: technical documentation of GenIO. CIO WP 4.2, http://www.tik.ee.ethz.ch/ ?mwa/ Security/xwedge-genio.ps, 1994.
[Caronni98] G. Caronni, M. Waldvogel, D. Sunand, and B. Plattner. Efficient Security for Large and Dynamic Multicast Groups. In Workshop on Enabling Technologies, (WETICE 98). IEEE Comp Society Press, 1998.
[CDSA97] Common Data Security Architecture Specification, Intel Architecture Labs, 1997.
[Chang99] I. Chang, R. Engel, D. Kandlur, D. Pendarakis, and D. Saha. Key Management for Secure Internet Multicast using Boolean Function Minimization Techniques. In IEEE INFOCOM, March 1999.
[Chankhunthod96] A. Chankhunthod, P. Danzig, C. Neerdaels, M. F. Schwartz, and K. J. Worrell, "A hierarchical internet object cache", in USENIX 1996 Annual Technical Conference, (San Diego, California), Jan. 1996
[Chawathe00]Yatin Chawathe, Steven McCanne, and Eric Brewer. RMX: Reliable multicast for heterogeneous networks. In Proc. IEEE Infocom, pages 795-804, March 2000.
[Chiou89] G. H. Chiou and W. T. Chen. Secure Broadcast Using the Secure Lock. IEEE Transactions on Software Engineering, 15(8):929-934, August 1989.
[Cholvy97] L. Cholvy and F. Cuppens. Analyzing Consistancy of Security Policies. In 1997 IEEE Symposium on Security and Privacy, pages 103-112. IEEE, May 1997. Oakland, CA.
[chor94] B. Chor, A. Fiat, and M. Naor. Tracing Traitors. In Advances in Cryptology---CRYPTO '94, volume 839 of Lecture Notes in Computer Science, pages 257--270. Springer-Verlag, 1994.
[Chu99] H. hua Chu, L. Qiao, and K. Nahrstedt, " A secure multicast protocol with copyright protection", in Proceedings of IS&T/SPIE's Symposium on Electronic Imaging: Science and Technology, Jan. 1999.
[Daemen00]J. Daemen and V. Rijmen. The Rijndael Block Cipher. In AES Proposal, NIST, 2000.
[Dai00] W. Dai. "Crypto++", http://www.eskimo.com/~weidai/benchmark.html. June. 2000
[David01] David G. Andersen, Hari Balakrishnan, M. Frans Kaashoek, and Robert Morris. Resilient overlay networks. In Proc. of the 18th ACM Symposium on Operating Systems Principles (SOSP), pages 131-145, October 2001.
[David99] David C. Blight and Takeo Hamada. Policy-Based Networking Architecture for QoS Interworking in IP Management. In Proceedings of Integrated network management VI, Distributed Management for the Networked Millennium, pages 811-826. IEEE, 1999.
[Deering89] Deering, S., "Host Extension for IP Multicasting", RFC 1112, August 1989.
[Deering91] Deering, S., "Multicast Routing in a Datagram Network", PhD Thesis, Stanford University, Palo Alto, California, Dec. 1991.
[Dierks99] T. Dierks and C. Allen. The TLS protocol, 1999. IETF RFC2246.
[Diffie76] W. Diffie and M. E. Hellman, "New directions in cryptography", IEEE Transactions on Information Theory, vol. IT-22, no. 6, pp. 644-654, 1976.
[Dinsmore00] P. Dinsmore, D. Balenson, M. Heyman, P. Kruus, C Scace, and A. Sherman. Policy-Based Security Management for Large Dynamic Groups: A Overview of the DCCM Project. In Proceedings of DARPA Information Survivability Conference and Exposition (DISCEX '00), pages 64-73. DARPA, January 2000. Hilton Head, S.C.
[Dondeti99] L. Dondeti, S. Mukherjee, and A. Samal. A Distributed Group Key Management Scheme for Secure Many-to-many Communication. Technical Report PINTL-TR-207-99, Department of Computer Science, University of Maryland, 1999.
[Dunigan97] T. Dunigan and C. Cao. Group Key Management. Experimental, July 1997.
[EllisonRFC2962] C. Ellison, SPKI Requirements, RFC2962[S], 1999
[EllisonRFC2963] C. Ellison, et al. SPKI Certificate Theory, RFC2963[S], 1999
[Estrin97a] D. Estrin, D. Farinacci, A. Helmy, V. Jacobson and L. Wei. Protocol Independent Multicast Version 2, Dense Mode Specification, May 1997. Work in Progress:draft-ietf-idmr-pim-dm-spec-05.txt.
[Estrin97b] D. Estrin, V. Jacobson, D. Farinacci, et al. Protocol Independent Multicast-Sparse Mode(PIM-SM): Protocol Specification. Internet Draft draft-ieft-idmr-pim-sm-spec-10.txt, 15 March 1997.
[Estrin98] Estrin, D., Farinacci, D., Helmy, A., Thaler, D., Deering, S., Handley, M., Jacobson, V., Liu, C., Sharma, P., and Wei, L., "Protocol Independent Multicast-Sparse Mode (PIM-SM),
Protocol Specification", RFC 2362, June 1998.
[Fan98] L. Fan, P. Cao, J. Almeida, and A. Broder, "Summary cache: A scalable wide-area web cache sharing protocol", in ACM SIGCOMM, vol. 28, pp. 254-265, Sept. 1998
[Fancis00] Paul Francis. Yoid: Your Own Internet Distribution, April 2000. http://www.aciri.org/yoid.
[Farinacci00] D. Farinacci, Y. Rekhter, D. Meyer and et al. Multicast Source Discovery Protocol(MSDP), July 2000. Internet-draft: draft-ietf-msdp-spec-06.txt.
[Farmer96a] W.M.Farmer,J.D.Guttman,etc. Security for mobile agents: Issues and requirements. In Proceedings of the 19th National Information Systems Security Conference, pages 591-597, Baltimore, Md., October 1996. http://csrc.nist.gov/nissc/1996/papers/NISSC96/paper033/SWARUP96.PDF
[Farmer96b] W.Farmer,J.Guttman,etc. Security for Mobile Agents: Authentification and State Appraisal. Fourth European Symposium on Research in Computer Security (ESORICS 96), (Pages 118-130). http://imps.mcmaster.ca/doc/esorics96.ps
[Feige87] Uriel Feige, Amos Fiat, and Adi Shamir. Zero Knowledge Proofs of Identity. In Proc. Of the 19th Annual ACM Symposium on Theory of Computing, 1987.
[Feigenbaum91] J.Feigenbaum,M.Merritt. Open questions, talk abstracts, and summary of discussions. DIMACS Series in Discrete Mathematics and Theoretical Computer Science, 2:1--45, 1991.
[Fenner01] Fenner, B., Handley, M., Holbrook, H., and Kouvelas, I., "Protocol Independent Multicast - Sparse Mode (PIM-SM): Protocol pecification (Revised)", draft-ietf-pim-sm-v2-new-03.txt, July 2001.
[Fenner97] Fenner, W., "Internet Group Management Protocol, Version2", RFC 2236, November 1997.
[Fiat87] Amos Fiat and Adi Shamir. How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In Advances in Cryptology-CRYPTO'86, pages 186-194, 1987.
[Floyd95] S. Floyd, V. Jacobson, S. McCanne and et al. A reliable multicast framework for light-weight sessions and application level framing. In IEEE SIGCOMM'95, 1995.
[Floyd97] S. Floyd, V. Jacobson, C. Liu, S. McCanne and L. Zhang. A Reliable Multicast Framework for Light-weight Sessions and Application Level Framing. IEEE/ACM Transactions on Networking, pages 784-803, December 1997.
[Foster98] I. Foster, C. Kesselman, G. Tsudik and S. Tuecke. A Security Architecture for Computational Grids. In Proceedings of the 5th ACM Conference on Computer and Communications Security, pages 83-92. ACM, 1998.
[Francis99] P. Francis, "Yallcast: Extending the Internet multicast architecture", unrefereed report, NTT Information Sharing Platform Laboratories, September 1999.
[Funfrocken99] S.Funfrocken. Protecting Mobile Web-Commerce Agents with Smartcards. In: Proceedings of the First International Symposium on Agent Systems and Applications / Third
International Symposium on Mobile Agents (ASA/MA'99), IEEE Computer Society, pp.90-102, 1999. http://www.informatik.th-darmstadt.de/VS/Publikationen/papers/ma99/secure-webagents.pdf
[Gennaro97] Rosario Gennaro and Pankaj Rohatgi. How to Sign Digital Streams. Technical Report, IBM T.J. Watson Research Center, 1997.
[Golle01] P. Golle and N. Modadugu. Authenticating Streamed Data in the Presence of Random Packet Loss. ISOC Network and Distributed System Security Symposium (2001), pp 13-22.
[Gong94] L. Gong and X. Qian. The Complexity and Composability of Secure Interoperation. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 190-200. IEEE, Oakland, California, May 1994.
[Group00] T. O. Group. OpenSSL, May 2000. http://www.openssl.org.
[Guan00] Xudong Guan, Yiling Yang,etc. POM - A Mobile Agent Security Model Against Malicious Hosts. In Proc. HPC-Asia 2000, pp.1165-1166, Beijing, China, May. 15-18, 2000.http://202.120.7.27/member/~gxd/pom(hpcasia2000_2_pages).zip
[Handley00] M. Handley, B. Whetten and et al. The Reliable Multcicast Design Space for Bulk Data Transfer, March 2000. Work in Progress, draft-ietf-rmt-design-space-01.txt.
[Hardjono00] Hardjono, T. and Cain, B., "Key Establishment for IGMP Authentication in IP Multicast", IEEE European Conference on Universal Multiservice Networks (ECUMN), CERF, Colmar, France, September 2000.
[Hardjono00a] T. Harjono, B. Cain and N. Doraswamy. A Framework for Group Key Management for Multicast Security. IETF Internet draft(work in progress), August 2000.
[Hardjono00b] T. Hardjono, B. Cain, and I. Monga. Intra-Domain Group Key Management Protocol. IETF Internet draft (work in progress), September 2000.
[Hardjono00c] T. Hardjono, R. Canetti, M. Baugher, and P. Dinsmore. Secure IP Multicast: Problem areas, Framework, and Building Blocks. IRTF Internet draft (work in progress), September 2000.
[Hardjono01] Hardjono, T., Cain, B., and Monga, I., "Intra-Domain Group Key Management Protocol", draft-ietf-ipsec-intragkm-01.txt, March 2000.
[Hardjono98a] Hardjono T., Cain B., Doraswamy N., "A Framework for Group Key Management for Multicast Security", internet draft draft-ietf-ipsec-gkmframework-00.txt, July 1998.
[Hardjono98b] Hardjono T., Cain B., Monga I., "Intra-Domain Group Key Management Protocol", internet draft,draft-ietf-ipsec-intragkm-00.txt,November 1998.
[Hardjono99a] T. Hardjono and B. Cain, "Simple Key Management Protocol for PIM", draft-ietf-pim-simplekmp-00.txt, March 1999.
[Hardjono99b] T. Hardjono and G. Tsudik. IP Multicast Security: Issues and Directions. Technical Report unkown, University of Southern California, September 1999.
[HardjonoDraft] Hardjono, T., Canetti, R., Baugher, M., Dinsmore, P., "Secure IP Multicast: Problem Areas, Framework and Building Blocks", draft-irtf-smug-framework-01.txt, September
2000, Work in Progress.
[Harkins98] Harkins D., N. Doraswamy. A Secure, Scalable Multicast Key Management Protocol (MKMP). IETF Internet draft(work in progress), Mar.1998. http://www.ipmulticast.com/techcent.htm
[Harney00] H. Harney, A Colegrove, E. Harder, U. Meth, and R. Fleischer. Group Secure Association Key Management Protocol (Draft). Internet Engineering Task Force, June 2000. draft-harney-spartagsakmp-sec-02.txt.
[Harney01] Harney, H., Colegrove, A., Harder, E., Meth, U., and Fleischer, R., "Group Secure Association Key Management Protocol", draft-ietf-msec-gsakmp-sec-00.txt, March 2001.
[Harney97a] Harney, H., C. Muckenhirn, "Group Key Management Protocol (GKMP) Architecture", RFC 2094, July 1997.
[Harney97b] H. Harney and C. Muckenhirn. Group Key Management Protocol(GKMP) Specification. Internet Engineering Task Force., July 1997. RFC 2093.
[HarneyRFC2094] Harney, H. and Muckenhim, C., "Group Key Management Protocol (GKMP) Architecture", RFC 2094.
[HeDraft01] He, H., Hardjono, T., and Cain, B. "Simple Multicast Receiver Access Control", Internet-Draft, November, 2001
[HeDraft02] He, H., Cain, B., and Hardjono, T., "Upload Authentication Information Using IGMPv3", Internet-Draft, Work in Progress, May, 2002
[Hedrick88] Hedrick, C., "Routing Information Protocol", RFC 1058, Rutgers University, June 1988.
[Hiltunen98a] M. Hiltunen and R. Schlichting. A Configurable Membership Service. IEEE Transactions on Computers, 47(5):573-586, May 1998.
[Hiltunen98b] M. Hiltunen. Configuration Management for Highly-Customizable Software. IEE Proceedings: Software, 145(5):180-188, 1998.
[Hohl98] F.Hohl. Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts, in: Giovanni Vigna (Ed.): Mobile Agents and Security. pp 92-113. Springer-Verlag, 1998. http://www.informatik.uni-stuttgart.de/ipvr/vs/projekte/mole/vignabuch.ps.gz
[Hohl99] F.Hohl. A Protocol to Detect Malicious Hosts Attacks by Using Reference States. Universitat Stuttgart, Fakultat Informatik, Bericht Nr. 1999. ftp://ftp.informatik.uni-stuttgart.de/pub/library/ncstrl.ustuttgart_fi/TR-1999-09/TR-1999-09.ps.gz
[Holbrook01] Holbrook, H., and Cain, B., "Using IGMPv3 For Source-Specific Multicast", draft-holbrook-idmr-igmpv3-ssm-01.txt, March 2001.
[Holbrook95] H. W. Holbrook, S. K. Singhal and D. R. Cheriton. Log-Based Receiver-Reliable Multicast for Distributed Interactive Simulation. In Proceedings of ACM SIGCOMM'95, 1995.
[HolbrookDraft] Holbrook, H., and Cain, B., "Source-Specific Multicast for IP", Internet-Draft, work in Progress.
[Holliman98] M. J. Holliman, N. D. Memon, B.-L. Yeo, and M. M. Yeung, "Adaptive pulic
watermarking of dct-based compressed image",in Storage and Retrieval for Image and Video Databases (SPIE), pp. 284-295, 1998.
[Huitema96] C. Huitema. The case for packet level FEC. In Protocols for High Speed Networks (PfHSN'96), October 1996.
[Hutchinson94] N.C. Hutchinson and L.L. Peterson. The x-Kernel: An Architecture for Implementing Network Protocols. IEEE Transactions on Software Engineering, 17(1):64-76, January 1994.
[Ishikawa98] Ishikawa, N., Yamanouchi, N., and Takahashi, O., "IGMP Extension for Authentication of IP Multicast Senders and Receivers", draft-ishikawa-igmp-auth-01.txt, August 1998, Work in Progress.
[ISO13888-1] ISO/IEC 13888-1: Information technology - Security techniques - non-repudiation - Part 1: General. International Organization for Standardization, 1997.
[ISO13888-2] ISO/IEC 13888-2: Information technology - Security techniques - non-repudiation - Part 2: Mechanisms using symmetrical techniques. International Organization for Standardization, 1998.
[ISO13888-3] ISO/IEC 13888-3: Information technology - Security techniques - non-repudiation - Part 3: Mechanisms using asymmetrical techniques. International Organization for Standardization, 1997.
[ISO7489] ISO7498-2: Information processing systems -- Part2:Security Architecture [S]. International Organization for Standardization, 1989.
[ISO7498-2] ISO 7498-2: Information processing systems -- Part2:Security Architecture. International Organization for Standardization, 1989.
[Jannotti00] John Jannotti, David K. Gifford, Kirk L. Johnson, M. Frans Kaashoek, and JamesW. O'Toole, Jr. Overcast: Reliable multicasting with an overlay network. In Proc. 4th Symposium on Operating Systems Design and Implementation (OSDI '00), pages 197-212, October 2000.
[Judge00] P. Judge, M. Ammar, "WHIM: Watermarking Multicast Video with a Hierarchy of Intermediaries", Proceedings of NOSSDAV 2000, Chapel Hill, NC, June 2000.
[Judge02] P. Judge, M. Ammar, "Gothic:A Group Access Control Architecture for Secure Multicast and Anycast", IEEE,Infocom 2002
[Karger97] D. Karger, E. Lehman, T. Leightion, M. Levine, D. Lewin, and R. Panigrahy, "Consistent hashing and random trees: Distributed caching protocols for relieving hto spots on the World Wide Web", in Proceedings. Of the Twenty-Ninth Annual ACM Symposium on Theory of Computing, (El Pso, Texas), pp. 654-663, 4-6 May 1997.
[Kent97] S. Kent and R. Atkinson. Security Architecture for the Internet Protocol. Internet Engineering Task Force, November 1998. RFC 2401. ACM, April 1997.
[Kihlstrom99] K. P. Kihlstrom. Survivable Distributed System: Design and Implementation. PHD. Thesis. University of California, Santa Barbara. August 1999.
[Kim00] Y. Kim, A. Perrig, and G. Tsudik. Simple and Fault-Tolerant Key Agreement for
Dynamic Collaborative Groups. In Sushil jajodia and Pierangela Samarati, editors, 7th ACM Conference in Computer and Communication Security 2000, pages 235-241, November 2000.
[Koch95] E. Koch and J. Zhao, " Towards robust and hidden image copyright labeling", in IEEE Workshop on Nonlinear Signal and Image Processing, 1995.
[Krawczylk97] H. Krawczyk, M. Bellare, and R. Canetti. HMAC: Keyed- Hashing for Message Authentication. RFC 2104, Feb 1997.
[Lipton97] R.Lipton,T.Sander. An additively homomorphic encryption scheme or how to introduce a partial trapdoor in the discrete log, November 1997. Submitted for publication.
[Liu99] X. Liu, C. Kreitz, R. van Renesse, J. Hickey, M. Hayden, K. Birman and R. Constable. Building Reliabel High-Performance Communication Systems from Components. In Proceedings of 17th ACM Symposium on Operating Systems Principles (SOSP'99), volume 33, pages 80-92. ACM, 1999.
[Liu02a]Liu Jing, Zhou Mingtian.Key Management and Access Control for Large Dynamic Multicast Group. Proceeding of Fouth IEEE International Workshop on Advanced Issues of E-Commerce and Web-Based Information Systems (WECWIS2002), Newport Beach, California, USA, June 2002(已被ISTP收录)
[Liu03] Liu Jing, Zhou Mingtian. Secure Group Communications for Large Dynamic Multicast Group. Journal of Electronics(China).(To appear)
[Loureiro99] S.Loureiro,R.Molva. Function Hiding Based on Error Correcting Codes. In Manuel Blum and C. H. Lee (Eds.): Cryptographic Techniques and E-Commerce. Proceedings of the 1999 International Workshop on Cryptographic Techniques and E-Commerce(CrypTEC '99), City University of Hong Kong Press, 1999. ftp://ftp.eurecom.fr/pub/loureiro/cryptec99.ps.gz
[Luby00a] M. Luby, J. Gemmell, L. Vicisano and et al. Reliable multicast transport building block: Forward Error Correction codes, March 2000. Work in Progress: draft-ietf-rmt-bb-fec-00.txt.
[Luby00b] M. Luby, J. Gemmell, L. Vicisano and et al. Asynchronous Layered Coding (ALC): a scalable reliable multicast protocol, March 2000. Work in Progress: draft-ietf-rmt-pi-alc-00.txt.
[Luby97] M. Luby, M. Mitzenmacher and et al. Practical loss-resilient codes. In ACM Symposium on Theory of Computing, pages 150-159,1997.
[Lucia97] D. De Lucia and K. Obraczka. Congestion Control Mechanism for Reliable Multicast, September 1997. presentation during Reliable Multicast(RM) meeting.
[Maffeis95] S. Maffeis, Adding Group Communication and Fault-Tolerance to CORBA. In Proceedings of USENIX 1995 Conference on Object-Oriented Technologies,June,1995
[Matheson98] L. R. Matheson, S. G. Mitchell, T. G. Shamoon, R. E. Tarjan, F. Zane, "Robustness and Security of Digital Watermarks", In H. Imai and Y. Zheng, Financial Cryptography-FC '98, volume 1465 of Lecture Notes in Computer Science, pages 227-240. Springer, February 1998.
[McAuley90] A. J. McAuley. Reliable broadband communications using a burst erasure correcting code. In ACM SIGCOMM'90, September 1990.
[McDaniel00] P. McDaniel and A. Prakash. Ismene: Provisioning and Policy Reconciliation in
Secure Group Communication. Technical Report CSE-TR-438-00, Electrical Engineering and Computer Science, University of Michigan, December 2000
[McDaniel00a] P. McDaniel, H. Harney, P. Dinsmore, and A. Prakash. Multicast Security Policy(Draft). Internet Research Task Force, Secure Multicast Research Group (SmuG), June 2000. draft-irtf-smug-mcast-policy-00.txt
[McDaniel00b] P. McDaniel, H. Harney, A. Colegrove, A. Prakash and P. Dinsmore. Multicast Security Policy Requirements and Building Blocks(Draft). Internet Research Task Force, Secure Multicast Research Group(Smug), November 2000. draft-irtf-smug-polreq-00.txt.
[McDaniel00c] P. McDaniel and A. Prakash. Lightweight Failure Detection in Secure Group Communication. Technical Report CSE-TR-428-00, Electrical Engineering and Computer Science, University of Michigan, June 2000.
[McDaniel99] P. McDaniel, A. Prakash and P. Honeyman. Antigone: A Flexible Framework for Secure Group Communication. In Proceedings of the 8th USENIX Security Symposium, pages 99-114. August 1999
[McGrew98]McGrew D. A., and Sherman A. T., "Key Establishment in Large Dynamic Groups using One-way Function Trees", submitted to IEEE Trans. on Software Engineering. 1998.
[Merkle87] Merkle, R. C. A Digial Signature Based on a Conventional Encryption Funcition, Advances in Cryptology -CRYPTO'87, Pomerance (ed), Lecture Notes in Computer Science, Vol. 293, Springer-Verlag, 1987, pp. 369-378.
[Merkle90] R. Merkle. A Certified Digital Signature. In Advances in Cryptology - CRYPTO '89, Lecture Notes in Computer Science 293 (1990), pp 218-238.
[Meyer98] D. Meyer. Administratively Scoped IP Multicast. RFC 2365, July 1998.
[Miner01] S. Miner and J. Staddon. Graph-Based Authentication of Digital Streams. In IEEE Symposium on Research in Security and Privacy, pages 232-246, May 2001
[Minsky96] Y.Minsky, R.van Renesse,etc. Cryptographic Support for Fault-Tolerant Distributed Computing. In Proceedings of the Seventh ACM SIGOPS European Workshop, pages 109-114, Connemara, Ireland, September 1996. http://www.tacoma.cs.uit.no/papers/SIGOPS.ft-agents.ps
[Mishra01] S. Mishra, Lan Fei, Xiao Lin, and Guming Xing. On Group Communication Support in CORBA. IEEE Transactions on Parallel and Distributed Systems, Vol. 12, No. 2, Feb. 2001.
[Mittra97] Mittra S. Iolus: A Framework for Scalable Secure Multicast.ACM Computer Communication,1997,27(3):277-288
[Mitzenmacher02] M. Mitzenmacher and A. Perrig. Bounds and Improvements for BiBa Signature Schemes. Technical Report, Feb. 2002
[Montgomery97] A loss tolerant rate Controller for reliable multicast. Technical Report IVV-97-011, NASA, August 1997.
[Moser96] L. Moser, P. Melliar-Smith, D. Agarwal, R. Budhia, and C. Lingley-Papadopoulos. Totem: A fault-tolerant multicast group communication system. Communications of the ACM, April 1996.
[Moy98] Moy, J., "Anatomy of an Internet Routing Protocol", Addison-Wesley, 1998.
[Moyer98] M. J. Moyer,.J. R. Rao and P. Rohatgi "Maintaining Balanced Key Trees for Secure Multicast" Internet Draft,1998
[Moyer99] M. J. Moyer, J. R. Rao and P. Rohatgi "A Survey fo Security Issues in Multicast Communications" IEEE Network. November/December 1999
[MPEG93] MPEG Group. ISO/IEC International Standard 11172; coding of moving pictures and associated audio for digital storage media up to about 1,5 mbit/s, 1993.
[Narasimhan99] P. Narasimhan, K. P. Kihlstrom, L. E. Moser and P. M. Melliar-Smith. Providing Support for Survivable CORBA Applications with the Immune System. In Proceedings of International Conference on Distributed Computing Systems,1999
[Neuman94] B. C. Neuman and T. Ts'o. Kerberos: An Authentication Service for Computer Networks. IEEE Communications, pages 33-38, Sep. 1994
[Ng.00] S.K.Ng. Protecting Mobile Agents against Malicious Hosts. Master Thesis. Division of Information Engineering, The Chinese University of Hong Kong, June 2000. http://mole.informatik.uni-stuttgart.de/security/ngthesis.pdf
[Nikander98] P. Nikander and Arto Karila. A Java Beans Component Architecture for Cryptographic Protocols. In Proceedings of 7th USENIX UNIX Security Symposium, pages 107-121. USENIX Association, January 1998. San Antonio, Texas.
[Nonnenmacher98] J. Nonnenmacher, E. Biersack and D. Towsley. Parity-based loss recovery for reliable multicast transmissions. In ACM SIGCOMM'97, September 1997. also in IEEE Transactions on Networking, 1998.
[OMG01] OMG, CORBA SECURITY SERVICE SPECIFICATION, Version 1.7, Mar. 2001
[OMG97] Object Management Group (OMG), CORBA Component Model, http://www.omg.org/cgi-bin/doc?orbos/97-06-12, 1997
[Orman94] H. Orman, S. O'Malley, R. Schroeppel, and D. Schwartz. Paving the Road to Network Security or the Value of Small Cobblestones. In Proceedings of the 1994 Internet Society Symposium on Network and Distributed System Security, February 1994.
[Pannetrat01] A. Pannetrat, R. Molva. Authenticating Real Time Packet Streams and Multicasts. Technical Report, Institute Eurecom, France, December 2001.
[Partridge93] C. Partridge, T. Mendez, and W. Milliken, "Host anycasting service", RFC 1546, IETF, Nov. 1993
[Paul97] S. Paul, K. K. Sabnani and et al. Reliable Multicast Transport Protocol(RMTP). IEEE Journal on Selected Areas in Communications, 15(3), April 1997.
[Paul98] S. Paul. Multicasting on the Internet and its Applications. Kluwer Academic Publishes, 1998.
[Paxson99] V. Paxson. End-to-end internet packet dynamics.IEEE/ACM Transactions on Networking, 7(3):277-292, June 1999.
[Perrig00] A. Perrig, R. Canetti, J.D. Tygar and D. Song. Efficient Authentication and Signing of
Multicast Streams over Lossy Channels. IEEE Symposium on Security and Privacy (2000), pp 56-73.
[Perrig01a] A. Perrig. The BiBa one-time signature and broadcast authentication protocol. In Proceedings of the Eighth ACM Conference on Computer and Communications Security (CCS-8), Philadelphia PA, USA, Nov. 2001.
[Perrig01b] A. Perrig, R. Canetti, D. Song and J. D. Tygar. Efficient and Secure Source Authentication for Multicast. ISOC Network and Distributed System Security Symposium (2001), pp 35-46.
[Perrig99] A. Perrig. Efficient Collaborative Key Management Protocols for Secure Autonomous Group Communication. In International Workshop on Cryptographic Techniques and Ecommerce (CrypTEC'99), pages 192-202, 1999.
[Poovendran98] R. Poovendran, S. Ahmed, S. Corson, and J. Baras. A Scalable Extension of Group Key Management Protocol. Technical Report TR 98-14, Institute for Systems Research, 1998.
[Qiao98] L. Qiao and K. Nahrstedt, "Watermarking method for mpeg encode video: Towards resolving rightful ownership", in IEEE Multimedia Computing and Systems, June 1998
[Quinn98] Bob Quinn, "IP Multicast Applications: Challenges and Solutions", draft-quinn-multicast-apps-00.txt, Nov 1998.
[Rabin78] Rabin, M. O. Digital Signatures, in Foundations of Secure Computation, R. A. DeMillo, et.al. (eds). Academic Press, 1978, pp. 155-168.
[Rabin90] M. O. Rabin. The information dispersal algorithm and its applications, 1990.
[Rafaeli00] S. Rafaeli, A Decentralized Architecture for Group Key Management, Technical Report, Computing Department, Lancaster University, Sep. 2000
[Reiter94] M. Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of 2nd ACM Conference on Computer and Communications Security, pages 68-80. ACM, November 1994.
[Reiter98] M. K. Reiter and A. D. Rubin. Crowds: Anonymity for Web Transactions. ACM Transactions on Information and System Security, 1(1):66-92, 1998.
[Rekhter95] Y. Rekhter and T. Li. A Border Gateway Protocol 4 (BGP-4). Internet Engineering Task Force, RFC 1771, March 1995.
[Renesse96] R. Van Renesse, K. Birman, and S. Maffeis. Horus: A Flexible Group Communication System. Communications of the ACM, 39(4):76-83, April 1996.
[Reyzin02] L. Reyzin and N. Reyzin. Better than BiBa: Short One-time Signatures with Fast Signing and Verifying. In the Proceedings of the 7th Australasian Conference on Information Security and Privacy(ACISP 2002),3 - 5 July 2002
[Rezende96] J. F. Rezende, A. Mauthe, S. Fdida and D. Hutchison. Fully reliable multicast in hererogeneous environments. In Protocols for High Speed Networks -PfHSN'96, 1996.
[Richard99] Richard D. Brown. Digital Signatures for XML [EB/OL]. Proposed Internet Standard,
January 1999, http://www.ietf.org/internet-drafts/draft-brown-xml-dsig- 00.txt, 42 pages
[Rigney97] C. Rigney, A. Rubens, W. Simpson, S. Willens, "Remote Authentication Dial In User Service (RADIUS)", RFC 2138, April 1997.
[Rizzo97] L. Rizzo and L. Vicisano. Effective erasure codes for reliable computer communication protocols. ACM Computer Communication. Review, 27(2), April 1997.
[Rodeh99] O. Rodeh, K. Birman, and D. Dolev. Optimized Group Rekey for Group Communication Systems. Technical Report, Hebrew University, 1999.
[Rohatgi99] P. Rohatgi. A compact and Fast Hybrid Signature Scheme for Multicast Packet Authenticast. 6th ACM Conference on Computer and Communications Security (1999), pp 93-100.
[Rotaru00] C. N. Rotaru. The Cost of Adding Security Services to Group Communication Systems. Technical Report CNDS-2000-3.
[Rowley98] A. Rowley. A Security Architecture for Distributed Groupware. PHD thesis. Queen Mary and Westfield College, University of London. Sep. 1998
[Ryutov00] T. Ryutov and C. Neuman. Representation and Evaluation of Security Policies for Distributed System Services. In Proceedings of DARPA Information Survuvability Conference and Exposition, pages 172-183, Hilton Head, South Carolina, January 2000. DARPA.
[Ryutov00] T. Ryutov and C. Neuman. Representation and Evaluation of Security Policies for Distributed System Services. In Proceedings of DARPA Information Survivability Conference and Exposition, pages 172-183. DARPA, Hilton Head, South Carolina, Jan. 2000.
[SAML02a] OASIS, Bindings and Profiles for the OASIS Security Assertion Markup Language (SAML), Committee Specification 01, 31 May 2002. http://www.oasis-open.org/committees/security/docs/cs-sstc-bindings-01
[SAML02b] OASIS, Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) 01,31,May 2002. http://www.oasis-open.org/committees/security/docs/cs-sstc-core-01.pdf
[Sander98a]T.Sander,C.F.Tschudin. Protecting Mobile Agents Against Malicious Hosts, in: Giovanni Vigna (Ed.): Mobile Agents and Security. pp 44-60. Springer-Verlag, 1998.
[Sander98b] T.Sander, C.Tschudin. Towards Mobile Cryptography, IEEE Symposium on Security and Privacy, pages 215-224, May 1998. ftp://ftp.icsi.berkeley.edu/pub/techreports/1997/tr-97-049.ps.gz
[Sano98] T. Sano, N. Yamanouchi, and et al. Flow and congestion control for bulk reliable multicast. In IEEE INFOCOM'98, February 1998.
[Santis98] A. D. Santis, G. D. Grescenzo and G. Persiano. Communication-Efficient Anonymous Group Identification. In Proceedings of 5th ACMConference on Computer and Communications Security, pages 73-82. 1998.
[Savage99] Stefan Savage, Tom Anderson, Amit Aggarwal and et al. Detour: A case for informed Internet routing and transport. IEEE Micro, 19(1):50-59, Jan. 1999.
[Schulzrinne96] H. Schulzrinne, S. Casner, R. Frederick, and V. Jacobson. RFC 1889: RTP:A transport protocol for real-time applications, IETF Audio-Video Transport Working Group January 1996.
[Sen99] S. Sen, J. Rexford, and D. Towsley, "Proxy prefix caching for multimedia streams", in IEEE Infocom, (New York), Mar. 1999.
[Setia00] S. Setia, S. Koussih, S. Jajodia and E. Harder. Kronos: A Scalable Group Re-keying Approach for Secure Multicast. In 2000 IEEE Symposium on Security and Privacy, pages 215-218. IEEE, May 2000. Oakland, CA.
[Shields99] C. Shields and J. J. Garcia-Luna-Aceves, "KHIP-A Scalable Protocol for Secure Multicasting Routing”, In Proceedings of SIGCOMM'99.
[Song01] D. Song, D. Zuckerman and J. D. Tygar. Expander Graphs for Digital Stream Authentication and Robust Overlay Networks. In 2002 IEEE Symposium on Research in Security and Privacy.
[ssm01] S.-S. M. (ssm) Working Group. Source-Specific Multicast(ssm) Charter, March 2001. Internet Engineering Task Force. http://www.ieft.org/charters.html/ssm-charter.html.
[Stallings01] William Stallings 著,杨明、胥光辉、齐望东等译,密码编码学与网络安全:原理与实践(第二版)。电子工业出版社,2001年4月第1版。
[Steer98] D. Steer, L. Strawczynaki, W. Diffie and M. Wiener. A Secure Audio Teleconference System. In Proceedings of CRYPTO'88 , pages 520-528. 1998.
[Steiner00] M. Steiner, G. Tsudik, and M. Waidner. Key Agreement in Dynamic Peer Groups. IEEE Transactions on Parallel and Distributed Systems, March 2000.
[Steiner96] M. Steiner, G. Tsudik and M. Waidner. Diffie-Hellman Key Distribution Extended to Group Communication. In SIGSAC: 3rd ACM Conference on Computer and Communications Security, pages 31-37. ACM SIGSAC, 1996.
[Steiner97] M. Steiner, G. Tsudik and M. Waidner. Cliques: A new approach to group key agreement. Technical Report RZ 2984, IBM Research, December 1997.
[Steiner98] M.Steiner,G.Tsudik,and M.Waidner.Cliques:A new approach to group key agreement.In IEEE Conference on Distributed Computing Systems,May 1998.
[Stevens99] M. Stevens, W. Weiss, H. Mahon, B. Moore, J. Strassner, G. Waters, A. Westerinen and J. Wheeler. Policy Framework (Draft). Internet Engineering Task Force, September 1999. draft-ietf-policy-framework-00.txt.
[Tennenhouse97] D. L. Tennenhouse, J. M. Smith and et al. A survey of active network research. IEEE Communications Magazine, 35(1):80-86, Jan. 1997.
[Thomas98] Thomas Aura, Fast Access Control Decisions from Delegation Certificate Databases, In Proc. 3rd Australasian Conference on Information Security and Privacy ACISP'98, Volume 1438 of LNCS, July 1998, pages 284-295.
[Thompson99] M. Thompson, W. Johnson, S. Mudumbai, G. Hoo, K. Jackson and A. Essiari. Certificated-based Access Control for Widely Distributed Resources. In Proceedings of 8th
USENIX UNIX Security Symposium, pages 215-227. USENIX Association, August 1999. Washington D. C.
[Touch97] J. Touch and S. Hotz. The X-bone (white paper), May 1997. http://www.isi.edu/x-bone.
[Touch98] J. Touch and S. Hotz, "The X-bone", in Third Global Internet Mini-Conference in conjunction with Globecom, (Sydney, Australia), Nov 1998.
[Tschudin98] C.Tschudin. Environmental Security: Apoptotic Functions and a Way to Protect Them. 4th WORKSHOP ON MOBILE OBJECT SYSTEMS: Secure Internet Mobile Computations.In association with the 12th European Conference on Object-Oriented Programming (ECOOP'98), 21 July 1998, Brussels, Belgium. 1998. http://cuiwww.unige.ch/~ecoopws/ws98/slides/tschudin.ps
[Turletti98] T. Turletti, S. F. Parisis, and J. Bolot. Experiments with a layered transmission scheme over the Internet. In IEEE INFOCOMM'98, February 1998.
[Vicisano98] L. Vicisano, L. Rizzo and J. Crowcroft. Tcp-like congestion control for layered multicast data transfer. In IEEE INFOCOMM'98, February 1998.
[Vigna97] G.Vigna. Protecting Mobile Agents through Tracing. Mobile Object Systems ECOOP Workshop'97. http://arthur.cs.ucdavis.edu/~barnes/seminar/papers/vigna97.ps
[Waitzman88] D. Waitzman,C. Partidge and S. Deering, Distance Vector Multicast Routing Protocol-DVMRP. RFC 1075, November 1988.
[Waldvogel99] M.Waldvogel, G. Caronni, D. Sun, N.Weiler, and B. Plattner. The VersaKey Framework: Versatile Group Key Management. IEEE Journal on Selected Areas in Communications (Special Issue on Middleware), 17(8):1614-1631, August 1999.
[Wallner98] D. M. Wallner, E. J. Harder and R. C. Agee. Key Management for Multicast: Issues and Architectures (Draft). Internet Engineering Task Force, September 1998. draft-wallner-key-arch-01.txt.
[Wallner99] D. Wallner, E. Harder and R. Agee. Key Management for Multicast: Issues and Architectures. RFC 2627, June 1999.
[Wang98] H. Wang and M. Schwartz. Achieving bounded fairness for multicast and tcp traffic in the Internet. In ACM SIGCOMM'98, September 1998.
[Wang99] X. Wang, X. Yi, K. Lam, C. Zhang and E. Okamoto. Secure Agent-Mediated Auctionlike Negotiation Protocol for Internet Retail Commerce. In LNCS, editor, In Proceedings of the 3rd International Workshop on Cooperative Information Agents(CIA'99), vol 1652 pages 291-302. Springer, Stockholm, Sweden, July 1999.
[WB] WhiteBoard, WB: The most popular whiteboard tool on Mbone. Available at URL: http://www-nrg.ee.lbl.gov/wb.
[Wegener87] I.Wegener. The Complexity of Boolean Functions. JohnWiley and Sons, July 1987. ISBN: 0-471-91555-6.
[Wei98] L. Wei, "Authenticating PIM version 2 messages", November 1998.
daft-ietf-pim-v2-auth-00.txt.
[WeiDraft] Wei, L., "Authenticate PIM Version 2 Messages", Internet-Draft, Work in progress.
[Westerinen00] A. Westerinen, J. Schnizlein, J. Strassner, Mark Scherling, Bob Quinn, Jay Perry, Shai Herzog, An-Ni Huynh, and Mark Carlson. Policy Terminology (Draft). Internet Engineering Task Force, July 2000. draft-ietf-policy-terminology-00.txt.
[Westhoff99] D.Westhoff,M.Schneider,etc. Protecting a Mobile Agent's Route against Collusions. Proceedings of SAC'99, Springer LNCS 1758, 1999 http://www.informatik.fernuni-hagen.de/import/pi2/agents/Papers/ontario99-env.ps
[White94] J.E.White. Telescript Technology: The Foundation for the Electronic Marketplace. General Magic.White Paper,1994.
[Wilhelm99] U.G.Wilhelm. A Technical Approach to Privacy based on Mobile Agents Protected by Tamper-resistant Hardware. PH.D.dissertation. 1999. http://lsewww.epfl.ch/~wilhelm/Papers/thesis.pdf
[Wong00] C. K. Wong and S. S. Lam. Keystone: A Group Key Management Service. In Proceedings International Conference on Telecommunications, Acapulco, Mexico, May 2000.
[Wong02] W. Wong. A Survey of Application-Layer Multicast: Multicast Tree Formation and Performance Metrics. Presentation, May 15, 2002
[Wong97] Wong C. K., Gouda M., Lam S. S. Secure Group Communication using Key Graphs. University of Texas at Austin, Computer Science Technical report TR 97-23.
[Wong98] C. K. Wong, M. Gouda and S. S. Lam. Secure Group Communication Using Key Graphs. In Proceedings of ACM SIGCOMM'98 , pages 68-79. ACM, September 1998.
[Wong99] C. K. Wong and S. Lam. Digital Signatures for Flows and Multicasts. In IEEE/ACM Transactions on Networking 7 (1999), pp 502-513.
[woo98] T. Woo and S. Lam. Designing a Distributed Authorization Service. In Proceedings INFOCOM '98, San Francisco, March 1998. IEEE.
[Wu] T. Wu and S. Wu, "Selective encryption and wartermarking of mpeg video", tech. Rep. , North Carolina State University.
[XACML02] OASIS, Extensible Access Control Markup Language(XACML). http://www.oasis-open.org
[Yajnik96] M. Yajnik, J. Kurose and D. Towsley. Packet Loss Correlation in the MBone Multicast Network. In IEEE Global Internet Conference, 1996.
[Yajnik99] M. Yajnik, S. Moon, J. Kurose, and D. Towsley. Measurement and modelling of the temporal dependence in packet loss. In IEEE INFOCOM '99, New York, NY, March 1999.
[Yee97] B.S.Yee. A Sanctuary for Mobile Agents. DARPA Workshop on Foundations for Secure Mobile Code, February 1997. http://www.cs.ucsd.edu/~bsy/pub/sanctuary.ps
[Zao00] J. Zao, L. Sanchez, M. Condell, C. Lynn, M. Fredette, P. Helinek, P. Krishnan, A. Jackson, D. Mankins, M. Shepard, and S. Kent. Domain Based Internet Security Policy Management. In Proceedings of DARPA Information Survuvability Conference and Exposition,
pages 41-53, Hilton Head, South Carolina, January 2000. DARPA.
[周冲02] 周冲.移动代理恶意主机问题研究.博士论文.上海交大,2002.
[刘璟01] 刘璟,周明天.大型动态群组的多播安全机制.计算机科学,2001,28(1):84-88.
[刘璟03] 刘璟,周明天.鲁棒且容错的大型动态组播系统的密钥管理.计算机科学.已录用
[刘璟02a]刘璟,周明天.大型动态多播群组的密钥管理和访问控制.软件学报,2002,13(2):291-297.(已被EI收录)
[刘璟02b] 刘璟,周明天,杨春. 一个公平防抵赖协议及其形式化分析. 电子学报.已录用.
[刘璟02c] 刘璟,周明天.SCML及其解析器SCML4J的设计及实现.计算机应用.2002,22(7):8-11
[刘璟02d] 刘璟,刘锦德.基于公平不可抵赖协议的CORBA不可抵赖服务,计算机应用,2002,22(增刊):145-148
[刘璟02e] 刘璟,周明天.基于SPKI证书的CORBA分布式授权服务.《2002通信技术新进展——第八届全国青年通信学术会议论文集》:479-487,2002年11月1日-4日,绵阳,中国.
[Almeroth00] K. C. Almeroth. The Evolution of Multicast: From the MBone to Inter-Domain Multicast to Internet2 Deployment. IEEE Network Magazine, Special Issue on Multicasting, January/February 2000.
[Amir00] Y. Amir, C. Danilov, and J. Stanton. A low latency, loss tolerant architecture and protocol for wide area group communication. In 30th IEEE FTCS, June 2000.
[Amir01] Y. Amir, C. N. Rotaru and J. R. Stanton, Framework for Authentication and Access Control of Client-Server Group Communication Systems. In the Proceedings of the Third International Workshop on Networked Group Communication (NGC 2001), London, UK, November 7-9 2001
[Amir98] Y. Amir and J. Stanton, The spread wide area group communication system, Tech. Rep. 98-4, Johns Hopkins University Department of Computer Science, 1998. 注:Spread工具包是公开的。
[Ateniese00] G. Ateniese, M. Steiner and G. Tsudik. New Multi-Party Authentication Services and Key Agreement Protocols. IEEE Journal of Selected Areas in Communication, 18, March 2000.
[Ateniese98] G. Ateniese, M. Steiner, and G. Tsudik. Authenticated Group Key Agreement and Friends. In Proceedings of the 5th (ACM) Conference on Computer and Communications Security ((CCS)-98), pages 17-26, New York, 1998. ACM Press.
[Ateniese99] G. Ateniese, D. Hasse, Y. Kim, and G. Tsudik. The Design of a Group Key Agreement API. Technical Report RZ3170(#93216), IBM Researh Division, June 1999.
[Baek98] J.Baek. A design of a protocol for detecting a mobile agent clone and its correctness proof using Coloured Petri Nets. Technical Report TR-DIC-CSL-1998-002, Info.&Comm., K-JIST, 1998. http://atom.kjist.ac.kr/~jsbaek/pub/tr-dic-1998-02.ps
[Balenson00]D. Balenson, D. McGrew, and A. Sherman. Key Management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization. IETF Internet draft (work in progress), August 2000.
[Balenson98] Balenson, D. McGrew, A. Sherman “Key Management for Large Dynamic Groups: One-Way Function Trees andAmortized Initialization”Internet Draft
[Balenson99]Balenson, D. McGrew, A. Sherman. Key Management for Large Dynamic Groups: One-Way Function Trees andAmortized Initialization. Internet Draft. http://www.ipmulticast.com/techcent.htm
[Ballardie96] Ballardie A., "Scalable Multicast Key Distribution", RFC 1949, May 1996.
[Ballardie97] A. Ballardie. Core Based Trees (CBT version 2) Multicasting Routing-Protocol Specification. RFC 2189, September 1997.
[Bates98] T. Bates, R. Chandra, D. Katz and Y. Rekhter. Multiprotocol Extensions for BGP-4, February 1998. RFC 2283.
[Baugher01] Baugher, M., Hardjono, T., Harney, H., and Weis, B., "The Group Domain of Interpretation", draft-ietf-msec-gdoi-01.txt, July 2001, Work in Progress.
[Becker98] C. Becker and U. Wille. Communication Complexity of Group Key Distribution. In 5th ACM Conference on Computer and Communications Security, San Francisco, California, November 1998. ACM Press.
[Bellare93] Mihir Bellare and Phillip Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In Victoria Ashby, editor, 1st ACM Conference on Computer and Communications Security, pages 62-73, Fairfax, Virginia, November 1993. ACM Press.
[Berket01] K. Berket, D. A. Agarwal, P. M. Melliar-Smith, and L. E. Moser. Overview of the InterGroup Protocols. In International Conference on Computational Science,May 2001.
[Bernstein96] Philip A. Bernstein. Middleware: A Model for Distributed System Services. Communications of the ACM, 39(2):86-98, February 1996.
[Bhattacharyya99] S. Bhattacharyya, D. Towsley and J. Kurose. The loss path multiplicity problem in multicast. In IEEE INFOCOMM'99, March 1999.
[Bhatti98] Nina T. Bhatti, Matti A. Hiltunen, Richard D. Schlichting, and Wanda Chiu. Coyote: A System for Constructing Fine-Grain Configurable Communication Services. ACM Transactions on Computer Systems, 16(4):321-366, 1998.
[Blaze96] M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized Trust Management. In Proceedings of the 1996 IEEE Symposium on Security and Privacy, pages 164-173. Nov. 1996. Los Alamitos.
[Blaze99] M. Blaze, J. Feignbaum, J. Ioannidis, and A. Keromytis. The KeyNote Trust Management System -Version 2. Internet Engineering Task Force, Sep. 1999. RFC 2704.
[Boneh01] D. Boneh, G. Durfee and M. Franklin. Lower Bounds for Multicast Message Authentication. Proceedings of Eurocrypt 2001.
[Borella98] M. Borella, D. Swider, S. Uludag and G. Brewster. Internet Packet Loss: Measurement and Implications for End-to-End QoS. In Proceedings, International Conference on Parallel Processing, August 1998.
[Boyd97] C. Boyd. On Key Agreement and Conference Key Agreement. In ACISP: Information Security and Privacy: Australasian Conference, pages 294-302. Springer-Verlag, 1997.
[Briscoe99a] B. Briscoe and I. Fairman. Nark: Receiver-based multicast nonrepudiation and key management. In ACM Conference on Electronic Commerce, 1999.
[Briscoe99b] B. Briscoe. MARKS: Zero Side-Effect Multicast Key Management Using Arbitrarily Revealed Key Sequences. In Proceedings of First International Workshop on Network Group
Communication. November 1999.
[Brown99] Ian Brown, Colin Perkins, and Jon Crowcroft. Watercasting: Distributed watermarking of multicast multimedia. In First International Workshop on Networked Group Communication (NGC99), 1999.
[Byers98] J. Byers, M. Luby, M. Mitzenmacher and A. Rege. A digital fountain approach to reliable distribution of bulk data. In proceedings of ACM SIGCOMM'98, September 1998.
[Cain01] Cain, B., Deering, S., Fenner, W., Kouvelas, I., Thyagarajan, A., "Internet Group Management Protocol, Version 3", Internet-Draft, January 2001.
[Calver98] K. L. Calver, S. Bhattacharjee, E. Zegura, and J. Sterbenz, "Directions in active networks", IEEE Communications Magazine, vol.36, pp. 72-78,Oct. 1998.
[Canetti00] R. Canetti, P. C. Cheng, F. Giraud and et al. An IPSec-based Host Architecture for Secure Internet Multicast. In the Proceedings of the Network and Distributed Systems Security Symposium, San Diego, California, February 2000
[Canetti99] R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor and B. Pinkas. Multicast Security: A Taxonomy and Some Efficient Constructions. In IEEE Infocom, 2(March 1999), pp 708-716.
[Canetti99a] R. Canetti, J. Garay and et al. Multicast Security: A Taxonomy and Some Efficient Constructions. In Proc. of INFOCOM 99, 1999.
[Canetti99b] R. Canetti, T. Malkin, and K. Nissim. Efficient Communication-Storage Tradeoffs for Multicast Encryption. In Eurocrypt, 1999.
[Caronni94] G. Caronni. XWedge: technical documentation of GenIO. CIO WP 4.2, http://www.tik.ee.ethz.ch/ ?mwa/ Security/xwedge-genio.ps, 1994.
[Caronni98] G. Caronni, M. Waldvogel, D. Sunand, and B. Plattner. Efficient Security for Large and Dynamic Multicast Groups. In Workshop on Enabling Technologies, (WETICE 98). IEEE Comp Society Press, 1998.
[CDSA97] Common Data Security Architecture Specification, Intel Architecture Labs, 1997.
[Chang99] I. Chang, R. Engel, D. Kandlur, D. Pendarakis, and D. Saha. Key Management for Secure Internet Multicast using Boolean Function Minimization Techniques. In IEEE INFOCOM, March 1999.
[Chankhunthod96] A. Chankhunthod, P. Danzig, C. Neerdaels, M. F. Schwartz, and K. J. Worrell, "A hierarchical internet object cache", in USENIX 1996 Annual Technical Conference, (San Diego, California), Jan. 1996
[Chawathe00]Yatin Chawathe, Steven McCanne, and Eric Brewer. RMX: Reliable multicast for heterogeneous networks. In Proc. IEEE Infocom, pages 795-804, March 2000.
[Chiou89] G. H. Chiou and W. T. Chen. Secure Broadcast Using the Secure Lock. IEEE Transactions on Software Engineering, 15(8):929-934, August 1989.
[Cholvy97] L. Cholvy and F. Cuppens. Analyzing Consistancy of Security Policies. In 1997 IEEE Symposium on Security and Privacy, pages 103-112. IEEE, May 1997. Oakland, CA.
[chor94] B. Chor, A. Fiat, and M. Naor. Tracing Traitors. In Advances in Cryptology---CRYPTO '94, volume 839 of Lecture Notes in Computer Science, pages 257--270. Springer-Verlag, 1994.
[Chu99] H. hua Chu, L. Qiao, and K. Nahrstedt, " A secure multicast protocol with copyright protection", in Proceedings of IS&T/SPIE's Symposium on Electronic Imaging: Science and Technology, Jan. 1999.
[Daemen00]J. Daemen and V. Rijmen. The Rijndael Block Cipher. In AES Proposal, NIST, 2000.
[Dai00] W. Dai. "Crypto++", http://www.eskimo.com/~weidai/benchmark.html. June. 2000
[David01] David G. Andersen, Hari Balakrishnan, M. Frans Kaashoek, and Robert Morris. Resilient overlay networks. In Proc. of the 18th ACM Symposium on Operating Systems Principles (SOSP), pages 131-145, October 2001.
[David99] David C. Blight and Takeo Hamada. Policy-Based Networking Architecture for QoS Interworking in IP Management. In Proceedings of Integrated network management VI, Distributed Management for the Networked Millennium, pages 811-826. IEEE, 1999.
[Deering89] Deering, S., "Host Extension for IP Multicasting", RFC 1112, August 1989.
[Deering91] Deering, S., "Multicast Routing in a Datagram Network", PhD Thesis, Stanford University, Palo Alto, California, Dec. 1991.
[Dierks99] T. Dierks and C. Allen. The TLS protocol, 1999. IETF RFC2246.
[Diffie76] W. Diffie and M. E. Hellman, "New directions in cryptography", IEEE Transactions on Information Theory, vol. IT-22, no. 6, pp. 644-654, 1976.
[Dinsmore00] P. Dinsmore, D. Balenson, M. Heyman, P. Kruus, C Scace, and A. Sherman. Policy-Based Security Management for Large Dynamic Groups: A Overview of the DCCM Project. In Proceedings of DARPA Information Survivability Conference and Exposition (DISCEX '00), pages 64-73. DARPA, January 2000. Hilton Head, S.C.
[Dondeti99] L. Dondeti, S. Mukherjee, and A. Samal. A Distributed Group Key Management Scheme for Secure Many-to-many Communication. Technical Report PINTL-TR-207-99, Department of Computer Science, University of Maryland, 1999.
[Dunigan97] T. Dunigan and C. Cao. Group Key Management. Experimental, July 1997.
[EllisonRFC2962] C. Ellison, SPKI Requirements, RFC2962[S], 1999
[EllisonRFC2963] C. Ellison, et al. SPKI Certificate Theory, RFC2963[S], 1999
[Estrin97a] D. Estrin, D. Farinacci, A. Helmy, V. Jacobson and L. Wei. Protocol Independent Multicast Version 2, Dense Mode Specification, May 1997. Work in Progress:draft-ietf-idmr-pim-dm-spec-05.txt.
[Estrin97b] D. Estrin, V. Jacobson, D. Farinacci, et al. Protocol Independent Multicast-Sparse Mode(PIM-SM): Protocol Specification. Internet Draft draft-ieft-idmr-pim-sm-spec-10.txt, 15 March 1997.
[Estrin98] Estrin, D., Farinacci, D., Helmy, A., Thaler, D., Deering, S., Handley, M., Jacobson, V., Liu, C., Sharma, P., and Wei, L., "Protocol Independent Multicast-Sparse Mode (PIM-SM),
Protocol Specification", RFC 2362, June 1998.
[Fan98] L. Fan, P. Cao, J. Almeida, and A. Broder, "Summary cache: A scalable wide-area web cache sharing protocol", in ACM SIGCOMM, vol. 28, pp. 254-265, Sept. 1998
[Fancis00] Paul Francis. Yoid: Your Own Internet Distribution, April 2000. http://www.aciri.org/yoid.
[Farinacci00] D. Farinacci, Y. Rekhter, D. Meyer and et al. Multicast Source Discovery Protocol(MSDP), July 2000. Internet-draft: draft-ietf-msdp-spec-06.txt.
[Farmer96a] W.M.Farmer,J.D.Guttman,etc. Security for mobile agents: Issues and requirements. In Proceedings of the 19th National Information Systems Security Conference, pages 591-597, Baltimore, Md., October 1996. http://csrc.nist.gov/nissc/1996/papers/NISSC96/paper033/SWARUP96.PDF
[Farmer96b] W.Farmer,J.Guttman,etc. Security for Mobile Agents: Authentification and State Appraisal. Fourth European Symposium on Research in Computer Security (ESORICS 96), (Pages 118-130). http://imps.mcmaster.ca/doc/esorics96.ps
[Feige87] Uriel Feige, Amos Fiat, and Adi Shamir. Zero Knowledge Proofs of Identity. In Proc. Of the 19th Annual ACM Symposium on Theory of Computing, 1987.
[Feigenbaum91] J.Feigenbaum,M.Merritt. Open questions, talk abstracts, and summary of discussions. DIMACS Series in Discrete Mathematics and Theoretical Computer Science, 2:1--45, 1991.
[Fenner01] Fenner, B., Handley, M., Holbrook, H., and Kouvelas, I., "Protocol Independent Multicast - Sparse Mode (PIM-SM): Protocol pecification (Revised)", draft-ietf-pim-sm-v2-new-03.txt, July 2001.
[Fenner97] Fenner, W., "Internet Group Management Protocol, Version2", RFC 2236, November 1997.
[Fiat87] Amos Fiat and Adi Shamir. How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In Advances in Cryptology-CRYPTO'86, pages 186-194, 1987.
[Floyd95] S. Floyd, V. Jacobson, S. McCanne and et al. A reliable multicast framework for light-weight sessions and application level framing. In IEEE SIGCOMM'95, 1995.
[Floyd97] S. Floyd, V. Jacobson, C. Liu, S. McCanne and L. Zhang. A Reliable Multicast Framework for Light-weight Sessions and Application Level Framing. IEEE/ACM Transactions on Networking, pages 784-803, December 1997.
[Foster98] I. Foster, C. Kesselman, G. Tsudik and S. Tuecke. A Security Architecture for Computational Grids. In Proceedings of the 5th ACM Conference on Computer and Communications Security, pages 83-92. ACM, 1998.
[Francis99] P. Francis, "Yallcast: Extending the Internet multicast architecture", unrefereed report, NTT Information Sharing Platform Laboratories, September 1999.
[Funfrocken99] S.Funfrocken. Protecting Mobile Web-Commerce Agents with Smartcards. In: Proceedings of the First International Symposium on Agent Systems and Applications / Third
International Symposium on Mobile Agents (ASA/MA'99), IEEE Computer Society, pp.90-102, 1999. http://www.informatik.th-darmstadt.de/VS/Publikationen/papers/ma99/secure-webagents.pdf
[Gennaro97] Rosario Gennaro and Pankaj Rohatgi. How to Sign Digital Streams. Technical Report, IBM T.J. Watson Research Center, 1997.
[Golle01] P. Golle and N. Modadugu. Authenticating Streamed Data in the Presence of Random Packet Loss. ISOC Network and Distributed System Security Symposium (2001), pp 13-22.
[Gong94] L. Gong and X. Qian. The Complexity and Composability of Secure Interoperation. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 190-200. IEEE, Oakland, California, May 1994.
[Group00] T. O. Group. OpenSSL, May 2000. http://www.openssl.org.
[Guan00] Xudong Guan, Yiling Yang,etc. POM - A Mobile Agent Security Model Against Malicious Hosts. In Proc. HPC-Asia 2000, pp.1165-1166, Beijing, China, May. 15-18, 2000.http://202.120.7.27/member/~gxd/pom(hpcasia2000_2_pages).zip
[Handley00] M. Handley, B. Whetten and et al. The Reliable Multcicast Design Space for Bulk Data Transfer, March 2000. Work in Progress, draft-ietf-rmt-design-space-01.txt.
[Hardjono00] Hardjono, T. and Cain, B., "Key Establishment for IGMP Authentication in IP Multicast", IEEE European Conference on Universal Multiservice Networks (ECUMN), CERF, Colmar, France, September 2000.
[Hardjono00a] T. Harjono, B. Cain and N. Doraswamy. A Framework for Group Key Management for Multicast Security. IETF Internet draft(work in progress), August 2000.
[Hardjono00b] T. Hardjono, B. Cain, and I. Monga. Intra-Domain Group Key Management Protocol. IETF Internet draft (work in progress), September 2000.
[Hardjono00c] T. Hardjono, R. Canetti, M. Baugher, and P. Dinsmore. Secure IP Multicast: Problem areas, Framework, and Building Blocks. IRTF Internet draft (work in progress), September 2000.
[Hardjono01] Hardjono, T., Cain, B., and Monga, I., "Intra-Domain Group Key Management Protocol", draft-ietf-ipsec-intragkm-01.txt, March 2000.
[Hardjono98a] Hardjono T., Cain B., Doraswamy N., "A Framework for Group Key Management for Multicast Security", internet draft draft-ietf-ipsec-gkmframework-00.txt, July 1998.
[Hardjono98b] Hardjono T., Cain B., Monga I., "Intra-Domain Group Key Management Protocol", internet draft,draft-ietf-ipsec-intragkm-00.txt,November 1998.
[Hardjono99a] T. Hardjono and B. Cain, "Simple Key Management Protocol for PIM", draft-ietf-pim-simplekmp-00.txt, March 1999.
[Hardjono99b] T. Hardjono and G. Tsudik. IP Multicast Security: Issues and Directions. Technical Report unkown, University of Southern California, September 1999.
[HardjonoDraft] Hardjono, T., Canetti, R., Baugher, M., Dinsmore, P., "Secure IP Multicast: Problem Areas, Framework and Building Blocks", draft-irtf-smug-framework-01.txt, September
2000, Work in Progress.
[Harkins98] Harkins D., N. Doraswamy. A Secure, Scalable Multicast Key Management Protocol (MKMP). IETF Internet draft(work in progress), Mar.1998. http://www.ipmulticast.com/techcent.htm
[Harney00] H. Harney, A Colegrove, E. Harder, U. Meth, and R. Fleischer. Group Secure Association Key Management Protocol (Draft). Internet Engineering Task Force, June 2000. draft-harney-spartagsakmp-sec-02.txt.
[Harney01] Harney, H., Colegrove, A., Harder, E., Meth, U., and Fleischer, R., "Group Secure Association Key Management Protocol", draft-ietf-msec-gsakmp-sec-00.txt, March 2001.
[Harney97a] Harney, H., C. Muckenhirn, "Group Key Management Protocol (GKMP) Architecture", RFC 2094, July 1997.
[Harney97b] H. Harney and C. Muckenhirn. Group Key Management Protocol(GKMP) Specification. Internet Engineering Task Force., July 1997. RFC 2093.
[HarneyRFC2094] Harney, H. and Muckenhim, C., "Group Key Management Protocol (GKMP) Architecture", RFC 2094.
[HeDraft01] He, H., Hardjono, T., and Cain, B. "Simple Multicast Receiver Access Control", Internet-Draft, November, 2001
[HeDraft02] He, H., Cain, B., and Hardjono, T., "Upload Authentication Information Using IGMPv3", Internet-Draft, Work in Progress, May, 2002
[Hedrick88] Hedrick, C., "Routing Information Protocol", RFC 1058, Rutgers University, June 1988.
[Hiltunen98a] M. Hiltunen and R. Schlichting. A Configurable Membership Service. IEEE Transactions on Computers, 47(5):573-586, May 1998.
[Hiltunen98b] M. Hiltunen. Configuration Management for Highly-Customizable Software. IEE Proceedings: Software, 145(5):180-188, 1998.
[Hohl98] F.Hohl. Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts, in: Giovanni Vigna (Ed.): Mobile Agents and Security. pp 92-113. Springer-Verlag, 1998. http://www.informatik.uni-stuttgart.de/ipvr/vs/projekte/mole/vignabuch.ps.gz
[Hohl99] F.Hohl. A Protocol to Detect Malicious Hosts Attacks by Using Reference States. Universitat Stuttgart, Fakultat Informatik, Bericht Nr. 1999. ftp://ftp.informatik.uni-stuttgart.de/pub/library/ncstrl.ustuttgart_fi/TR-1999-09/TR-1999-09.ps.gz
[Holbrook01] Holbrook, H., and Cain, B., "Using IGMPv3 For Source-Specific Multicast", draft-holbrook-idmr-igmpv3-ssm-01.txt, March 2001.
[Holbrook95] H. W. Holbrook, S. K. Singhal and D. R. Cheriton. Log-Based Receiver-Reliable Multicast for Distributed Interactive Simulation. In Proceedings of ACM SIGCOMM'95, 1995.
[HolbrookDraft] Holbrook, H., and Cain, B., "Source-Specific Multicast for IP", Internet-Draft, work in Progress.
[Holliman98] M. J. Holliman, N. D. Memon, B.-L. Yeo, and M. M. Yeung, "Adaptive pulic
watermarking of dct-based compressed image",in Storage and Retrieval for Image and Video Databases (SPIE), pp. 284-295, 1998.
[Huitema96] C. Huitema. The case for packet level FEC. In Protocols for High Speed Networks (PfHSN'96), October 1996.
[Hutchinson94] N.C. Hutchinson and L.L. Peterson. The x-Kernel: An Architecture for Implementing Network Protocols. IEEE Transactions on Software Engineering, 17(1):64-76, January 1994.
[Ishikawa98] Ishikawa, N., Yamanouchi, N., and Takahashi, O., "IGMP Extension for Authentication of IP Multicast Senders and Receivers", draft-ishikawa-igmp-auth-01.txt, August 1998, Work in Progress.
[ISO13888-1] ISO/IEC 13888-1: Information technology - Security techniques - non-repudiation - Part 1: General. International Organization for Standardization, 1997.
[ISO13888-2] ISO/IEC 13888-2: Information technology - Security techniques - non-repudiation - Part 2: Mechanisms using symmetrical techniques. International Organization for Standardization, 1998.
[ISO13888-3] ISO/IEC 13888-3: Information technology - Security techniques - non-repudiation - Part 3: Mechanisms using asymmetrical techniques. International Organization for Standardization, 1997.
[ISO7489] ISO7498-2: Information processing systems -- Part2:Security Architecture [S]. International Organization for Standardization, 1989.
[ISO7498-2] ISO 7498-2: Information processing systems -- Part2:Security Architecture. International Organization for Standardization, 1989.
[Jannotti00] John Jannotti, David K. Gifford, Kirk L. Johnson, M. Frans Kaashoek, and JamesW. O'Toole, Jr. Overcast: Reliable multicasting with an overlay network. In Proc. 4th Symposium on Operating Systems Design and Implementation (OSDI '00), pages 197-212, October 2000.
[Judge00] P. Judge, M. Ammar, "WHIM: Watermarking Multicast Video with a Hierarchy of Intermediaries", Proceedings of NOSSDAV 2000, Chapel Hill, NC, June 2000.
[Judge02] P. Judge, M. Ammar, "Gothic:A Group Access Control Architecture for Secure Multicast and Anycast", IEEE,Infocom 2002
[Karger97] D. Karger, E. Lehman, T. Leightion, M. Levine, D. Lewin, and R. Panigrahy, "Consistent hashing and random trees: Distributed caching protocols for relieving hto spots on the World Wide Web", in Proceedings. Of the Twenty-Ninth Annual ACM Symposium on Theory of Computing, (El Pso, Texas), pp. 654-663, 4-6 May 1997.
[Kent97] S. Kent and R. Atkinson. Security Architecture for the Internet Protocol. Internet Engineering Task Force, November 1998. RFC 2401. ACM, April 1997.
[Kihlstrom99] K. P. Kihlstrom. Survivable Distributed System: Design and Implementation. PHD. Thesis. University of California, Santa Barbara. August 1999.
[Kim00] Y. Kim, A. Perrig, and G. Tsudik. Simple and Fault-Tolerant Key Agreement for
Dynamic Collaborative Groups. In Sushil jajodia and Pierangela Samarati, editors, 7th ACM Conference in Computer and Communication Security 2000, pages 235-241, November 2000.
[Koch95] E. Koch and J. Zhao, " Towards robust and hidden image copyright labeling", in IEEE Workshop on Nonlinear Signal and Image Processing, 1995.
[Krawczylk97] H. Krawczyk, M. Bellare, and R. Canetti. HMAC: Keyed- Hashing for Message Authentication. RFC 2104, Feb 1997.
[Lipton97] R.Lipton,T.Sander. An additively homomorphic encryption scheme or how to introduce a partial trapdoor in the discrete log, November 1997. Submitted for publication.
[Liu99] X. Liu, C. Kreitz, R. van Renesse, J. Hickey, M. Hayden, K. Birman and R. Constable. Building Reliabel High-Performance Communication Systems from Components. In Proceedings of 17th ACM Symposium on Operating Systems Principles (SOSP'99), volume 33, pages 80-92. ACM, 1999.
[Liu02a]Liu Jing, Zhou Mingtian.Key Management and Access Control for Large Dynamic Multicast Group. Proceeding of Fouth IEEE International Workshop on Advanced Issues of E-Commerce and Web-Based Information Systems (WECWIS2002), Newport Beach, California, USA, June 2002(已被ISTP收录)
[Liu03] Liu Jing, Zhou Mingtian. Secure Group Communications for Large Dynamic Multicast Group. Journal of Electronics(China).(To appear)
[Loureiro99] S.Loureiro,R.Molva. Function Hiding Based on Error Correcting Codes. In Manuel Blum and C. H. Lee (Eds.): Cryptographic Techniques and E-Commerce. Proceedings of the 1999 International Workshop on Cryptographic Techniques and E-Commerce(CrypTEC '99), City University of Hong Kong Press, 1999. ftp://ftp.eurecom.fr/pub/loureiro/cryptec99.ps.gz
[Luby00a] M. Luby, J. Gemmell, L. Vicisano and et al. Reliable multicast transport building block: Forward Error Correction codes, March 2000. Work in Progress: draft-ietf-rmt-bb-fec-00.txt.
[Luby00b] M. Luby, J. Gemmell, L. Vicisano and et al. Asynchronous Layered Coding (ALC): a scalable reliable multicast protocol, March 2000. Work in Progress: draft-ietf-rmt-pi-alc-00.txt.
[Luby97] M. Luby, M. Mitzenmacher and et al. Practical loss-resilient codes. In ACM Symposium on Theory of Computing, pages 150-159,1997.
[Lucia97] D. De Lucia and K. Obraczka. Congestion Control Mechanism for Reliable Multicast, September 1997. presentation during Reliable Multicast(RM) meeting.
[Maffeis95] S. Maffeis, Adding Group Communication and Fault-Tolerance to CORBA. In Proceedings of USENIX 1995 Conference on Object-Oriented Technologies,June,1995
[Matheson98] L. R. Matheson, S. G. Mitchell, T. G. Shamoon, R. E. Tarjan, F. Zane, "Robustness and Security of Digital Watermarks", In H. Imai and Y. Zheng, Financial Cryptography-FC '98, volume 1465 of Lecture Notes in Computer Science, pages 227-240. Springer, February 1998.
[McAuley90] A. J. McAuley. Reliable broadband communications using a burst erasure correcting code. In ACM SIGCOMM'90, September 1990.
[McDaniel00] P. McDaniel and A. Prakash. Ismene: Provisioning and Policy Reconciliation in
Secure Group Communication. Technical Report CSE-TR-438-00, Electrical Engineering and Computer Science, University of Michigan, December 2000
[McDaniel00a] P. McDaniel, H. Harney, P. Dinsmore, and A. Prakash. Multicast Security Policy(Draft). Internet Research Task Force, Secure Multicast Research Group (SmuG), June 2000. draft-irtf-smug-mcast-policy-00.txt
[McDaniel00b] P. McDaniel, H. Harney, A. Colegrove, A. Prakash and P. Dinsmore. Multicast Security Policy Requirements and Building Blocks(Draft). Internet Research Task Force, Secure Multicast Research Group(Smug), November 2000. draft-irtf-smug-polreq-00.txt.
[McDaniel00c] P. McDaniel and A. Prakash. Lightweight Failure Detection in Secure Group Communication. Technical Report CSE-TR-428-00, Electrical Engineering and Computer Science, University of Michigan, June 2000.
[McDaniel99] P. McDaniel, A. Prakash and P. Honeyman. Antigone: A Flexible Framework for Secure Group Communication. In Proceedings of the 8th USENIX Security Symposium, pages 99-114. August 1999
[McGrew98]McGrew D. A., and Sherman A. T., "Key Establishment in Large Dynamic Groups using One-way Function Trees", submitted to IEEE Trans. on Software Engineering. 1998.
[Merkle87] Merkle, R. C. A Digial Signature Based on a Conventional Encryption Funcition, Advances in Cryptology -CRYPTO'87, Pomerance (ed), Lecture Notes in Computer Science, Vol. 293, Springer-Verlag, 1987, pp. 369-378.
[Merkle90] R. Merkle. A Certified Digital Signature. In Advances in Cryptology - CRYPTO '89, Lecture Notes in Computer Science 293 (1990), pp 218-238.
[Meyer98] D. Meyer. Administratively Scoped IP Multicast. RFC 2365, July 1998.
[Miner01] S. Miner and J. Staddon. Graph-Based Authentication of Digital Streams. In IEEE Symposium on Research in Security and Privacy, pages 232-246, May 2001
[Minsky96] Y.Minsky, R.van Renesse,etc. Cryptographic Support for Fault-Tolerant Distributed Computing. In Proceedings of the Seventh ACM SIGOPS European Workshop, pages 109-114, Connemara, Ireland, September 1996. http://www.tacoma.cs.uit.no/papers/SIGOPS.ft-agents.ps
[Mishra01] S. Mishra, Lan Fei, Xiao Lin, and Guming Xing. On Group Communication Support in CORBA. IEEE Transactions on Parallel and Distributed Systems, Vol. 12, No. 2, Feb. 2001.
[Mittra97] Mittra S. Iolus: A Framework for Scalable Secure Multicast.ACM Computer Communication,1997,27(3):277-288
[Mitzenmacher02] M. Mitzenmacher and A. Perrig. Bounds and Improvements for BiBa Signature Schemes. Technical Report, Feb. 2002
[Montgomery97] A loss tolerant rate Controller for reliable multicast. Technical Report IVV-97-011, NASA, August 1997.
[Moser96] L. Moser, P. Melliar-Smith, D. Agarwal, R. Budhia, and C. Lingley-Papadopoulos. Totem: A fault-tolerant multicast group communication system. Communications of the ACM, April 1996.
[Moy98] Moy, J., "Anatomy of an Internet Routing Protocol", Addison-Wesley, 1998.
[Moyer98] M. J. Moyer,.J. R. Rao and P. Rohatgi "Maintaining Balanced Key Trees for Secure Multicast" Internet Draft,1998
[Moyer99] M. J. Moyer, J. R. Rao and P. Rohatgi "A Survey fo Security Issues in Multicast Communications" IEEE Network. November/December 1999
[MPEG93] MPEG Group. ISO/IEC International Standard 11172; coding of moving pictures and associated audio for digital storage media up to about 1,5 mbit/s, 1993.
[Narasimhan99] P. Narasimhan, K. P. Kihlstrom, L. E. Moser and P. M. Melliar-Smith. Providing Support for Survivable CORBA Applications with the Immune System. In Proceedings of International Conference on Distributed Computing Systems,1999
[Neuman94] B. C. Neuman and T. Ts'o. Kerberos: An Authentication Service for Computer Networks. IEEE Communications, pages 33-38, Sep. 1994
[Ng.00] S.K.Ng. Protecting Mobile Agents against Malicious Hosts. Master Thesis. Division of Information Engineering, The Chinese University of Hong Kong, June 2000. http://mole.informatik.uni-stuttgart.de/security/ngthesis.pdf
[Nikander98] P. Nikander and Arto Karila. A Java Beans Component Architecture for Cryptographic Protocols. In Proceedings of 7th USENIX UNIX Security Symposium, pages 107-121. USENIX Association, January 1998. San Antonio, Texas.
[Nonnenmacher98] J. Nonnenmacher, E. Biersack and D. Towsley. Parity-based loss recovery for reliable multicast transmissions. In ACM SIGCOMM'97, September 1997. also in IEEE Transactions on Networking, 1998.
[OMG01] OMG, CORBA SECURITY SERVICE SPECIFICATION, Version 1.7, Mar. 2001
[OMG97] Object Management Group (OMG), CORBA Component Model, http://www.omg.org/cgi-bin/doc?orbos/97-06-12, 1997
[Orman94] H. Orman, S. O'Malley, R. Schroeppel, and D. Schwartz. Paving the Road to Network Security or the Value of Small Cobblestones. In Proceedings of the 1994 Internet Society Symposium on Network and Distributed System Security, February 1994.
[Pannetrat01] A. Pannetrat, R. Molva. Authenticating Real Time Packet Streams and Multicasts. Technical Report, Institute Eurecom, France, December 2001.
[Partridge93] C. Partridge, T. Mendez, and W. Milliken, "Host anycasting service", RFC 1546, IETF, Nov. 1993
[Paul97] S. Paul, K. K. Sabnani and et al. Reliable Multicast Transport Protocol(RMTP). IEEE Journal on Selected Areas in Communications, 15(3), April 1997.
[Paul98] S. Paul. Multicasting on the Internet and its Applications. Kluwer Academic Publishes, 1998.
[Paxson99] V. Paxson. End-to-end internet packet dynamics.IEEE/ACM Transactions on Networking, 7(3):277-292, June 1999.
[Perrig00] A. Perrig, R. Canetti, J.D. Tygar and D. Song. Efficient Authentication and Signing of
Multicast Streams over Lossy Channels. IEEE Symposium on Security and Privacy (2000), pp 56-73.
[Perrig01a] A. Perrig. The BiBa one-time signature and broadcast authentication protocol. In Proceedings of the Eighth ACM Conference on Computer and Communications Security (CCS-8), Philadelphia PA, USA, Nov. 2001.
[Perrig01b] A. Perrig, R. Canetti, D. Song and J. D. Tygar. Efficient and Secure Source Authentication for Multicast. ISOC Network and Distributed System Security Symposium (2001), pp 35-46.
[Perrig99] A. Perrig. Efficient Collaborative Key Management Protocols for Secure Autonomous Group Communication. In International Workshop on Cryptographic Techniques and Ecommerce (CrypTEC'99), pages 192-202, 1999.
[Poovendran98] R. Poovendran, S. Ahmed, S. Corson, and J. Baras. A Scalable Extension of Group Key Management Protocol. Technical Report TR 98-14, Institute for Systems Research, 1998.
[Qiao98] L. Qiao and K. Nahrstedt, "Watermarking method for mpeg encode video: Towards resolving rightful ownership", in IEEE Multimedia Computing and Systems, June 1998
[Quinn98] Bob Quinn, "IP Multicast Applications: Challenges and Solutions", draft-quinn-multicast-apps-00.txt, Nov 1998.
[Rabin78] Rabin, M. O. Digital Signatures, in Foundations of Secure Computation, R. A. DeMillo, et.al. (eds). Academic Press, 1978, pp. 155-168.
[Rabin90] M. O. Rabin. The information dispersal algorithm and its applications, 1990.
[Rafaeli00] S. Rafaeli, A Decentralized Architecture for Group Key Management, Technical Report, Computing Department, Lancaster University, Sep. 2000
[Reiter94] M. Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of 2nd ACM Conference on Computer and Communications Security, pages 68-80. ACM, November 1994.
[Reiter98] M. K. Reiter and A. D. Rubin. Crowds: Anonymity for Web Transactions. ACM Transactions on Information and System Security, 1(1):66-92, 1998.
[Rekhter95] Y. Rekhter and T. Li. A Border Gateway Protocol 4 (BGP-4). Internet Engineering Task Force, RFC 1771, March 1995.
[Renesse96] R. Van Renesse, K. Birman, and S. Maffeis. Horus: A Flexible Group Communication System. Communications of the ACM, 39(4):76-83, April 1996.
[Reyzin02] L. Reyzin and N. Reyzin. Better than BiBa: Short One-time Signatures with Fast Signing and Verifying. In the Proceedings of the 7th Australasian Conference on Information Security and Privacy(ACISP 2002),3 - 5 July 2002
[Rezende96] J. F. Rezende, A. Mauthe, S. Fdida and D. Hutchison. Fully reliable multicast in hererogeneous environments. In Protocols for High Speed Networks -PfHSN'96, 1996.
[Richard99] Richard D. Brown. Digital Signatures for XML [EB/OL]. Proposed Internet Standard,
January 1999, http://www.ietf.org/internet-drafts/draft-brown-xml-dsig- 00.txt, 42 pages
[Rigney97] C. Rigney, A. Rubens, W. Simpson, S. Willens, "Remote Authentication Dial In User Service (RADIUS)", RFC 2138, April 1997.
[Rizzo97] L. Rizzo and L. Vicisano. Effective erasure codes for reliable computer communication protocols. ACM Computer Communication. Review, 27(2), April 1997.
[Rodeh99] O. Rodeh, K. Birman, and D. Dolev. Optimized Group Rekey for Group Communication Systems. Technical Report, Hebrew University, 1999.
[Rohatgi99] P. Rohatgi. A compact and Fast Hybrid Signature Scheme for Multicast Packet Authenticast. 6th ACM Conference on Computer and Communications Security (1999), pp 93-100.
[Rotaru00] C. N. Rotaru. The Cost of Adding Security Services to Group Communication Systems. Technical Report CNDS-2000-3.
[Rowley98] A. Rowley. A Security Architecture for Distributed Groupware. PHD thesis. Queen Mary and Westfield College, University of London. Sep. 1998
[Ryutov00] T. Ryutov and C. Neuman. Representation and Evaluation of Security Policies for Distributed System Services. In Proceedings of DARPA Information Survuvability Conference and Exposition, pages 172-183, Hilton Head, South Carolina, January 2000. DARPA.
[Ryutov00] T. Ryutov and C. Neuman. Representation and Evaluation of Security Policies for Distributed System Services. In Proceedings of DARPA Information Survivability Conference and Exposition, pages 172-183. DARPA, Hilton Head, South Carolina, Jan. 2000.
[SAML02a] OASIS, Bindings and Profiles for the OASIS Security Assertion Markup Language (SAML), Committee Specification 01, 31 May 2002. http://www.oasis-open.org/committees/security/docs/cs-sstc-bindings-01
[SAML02b] OASIS, Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) 01,31,May 2002. http://www.oasis-open.org/committees/security/docs/cs-sstc-core-01.pdf
[Sander98a]T.Sander,C.F.Tschudin. Protecting Mobile Agents Against Malicious Hosts, in: Giovanni Vigna (Ed.): Mobile Agents and Security. pp 44-60. Springer-Verlag, 1998.
[Sander98b] T.Sander, C.Tschudin. Towards Mobile Cryptography, IEEE Symposium on Security and Privacy, pages 215-224, May 1998. ftp://ftp.icsi.berkeley.edu/pub/techreports/1997/tr-97-049.ps.gz
[Sano98] T. Sano, N. Yamanouchi, and et al. Flow and congestion control for bulk reliable multicast. In IEEE INFOCOM'98, February 1998.
[Santis98] A. D. Santis, G. D. Grescenzo and G. Persiano. Communication-Efficient Anonymous Group Identification. In Proceedings of 5th ACMConference on Computer and Communications Security, pages 73-82. 1998.
[Savage99] Stefan Savage, Tom Anderson, Amit Aggarwal and et al. Detour: A case for informed Internet routing and transport. IEEE Micro, 19(1):50-59, Jan. 1999.
[Schulzrinne96] H. Schulzrinne, S. Casner, R. Frederick, and V. Jacobson. RFC 1889: RTP:A transport protocol for real-time applications, IETF Audio-Video Transport Working Group January 1996.
[Sen99] S. Sen, J. Rexford, and D. Towsley, "Proxy prefix caching for multimedia streams", in IEEE Infocom, (New York), Mar. 1999.
[Setia00] S. Setia, S. Koussih, S. Jajodia and E. Harder. Kronos: A Scalable Group Re-keying Approach for Secure Multicast. In 2000 IEEE Symposium on Security and Privacy, pages 215-218. IEEE, May 2000. Oakland, CA.
[Shields99] C. Shields and J. J. Garcia-Luna-Aceves, "KHIP-A Scalable Protocol for Secure Multicasting Routing”, In Proceedings of SIGCOMM'99.
[Song01] D. Song, D. Zuckerman and J. D. Tygar. Expander Graphs for Digital Stream Authentication and Robust Overlay Networks. In 2002 IEEE Symposium on Research in Security and Privacy.
[ssm01] S.-S. M. (ssm) Working Group. Source-Specific Multicast(ssm) Charter, March 2001. Internet Engineering Task Force. http://www.ieft.org/charters.html/ssm-charter.html.
[Stallings01] William Stallings 著,杨明、胥光辉、齐望东等译,密码编码学与网络安全:原理与实践(第二版)。电子工业出版社,2001年4月第1版。
[Steer98] D. Steer, L. Strawczynaki, W. Diffie and M. Wiener. A Secure Audio Teleconference System. In Proceedings of CRYPTO'88 , pages 520-528. 1998.
[Steiner00] M. Steiner, G. Tsudik, and M. Waidner. Key Agreement in Dynamic Peer Groups. IEEE Transactions on Parallel and Distributed Systems, March 2000.
[Steiner96] M. Steiner, G. Tsudik and M. Waidner. Diffie-Hellman Key Distribution Extended to Group Communication. In SIGSAC: 3rd ACM Conference on Computer and Communications Security, pages 31-37. ACM SIGSAC, 1996.
[Steiner97] M. Steiner, G. Tsudik and M. Waidner. Cliques: A new approach to group key agreement. Technical Report RZ 2984, IBM Research, December 1997.
[Steiner98] M.Steiner,G.Tsudik,and M.Waidner.Cliques:A new approach to group key agreement.In IEEE Conference on Distributed Computing Systems,May 1998.
[Stevens99] M. Stevens, W. Weiss, H. Mahon, B. Moore, J. Strassner, G. Waters, A. Westerinen and J. Wheeler. Policy Framework (Draft). Internet Engineering Task Force, September 1999. draft-ietf-policy-framework-00.txt.
[Tennenhouse97] D. L. Tennenhouse, J. M. Smith and et al. A survey of active network research. IEEE Communications Magazine, 35(1):80-86, Jan. 1997.
[Thomas98] Thomas Aura, Fast Access Control Decisions from Delegation Certificate Databases, In Proc. 3rd Australasian Conference on Information Security and Privacy ACISP'98, Volume 1438 of LNCS, July 1998, pages 284-295.
[Thompson99] M. Thompson, W. Johnson, S. Mudumbai, G. Hoo, K. Jackson and A. Essiari. Certificated-based Access Control for Widely Distributed Resources. In Proceedings of 8th
USENIX UNIX Security Symposium, pages 215-227. USENIX Association, August 1999. Washington D. C.
[Touch97] J. Touch and S. Hotz. The X-bone (white paper), May 1997. http://www.isi.edu/x-bone.
[Touch98] J. Touch and S. Hotz, "The X-bone", in Third Global Internet Mini-Conference in conjunction with Globecom, (Sydney, Australia), Nov 1998.
[Tschudin98] C.Tschudin. Environmental Security: Apoptotic Functions and a Way to Protect Them. 4th WORKSHOP ON MOBILE OBJECT SYSTEMS: Secure Internet Mobile Computations.In association with the 12th European Conference on Object-Oriented Programming (ECOOP'98), 21 July 1998, Brussels, Belgium. 1998. http://cuiwww.unige.ch/~ecoopws/ws98/slides/tschudin.ps
[Turletti98] T. Turletti, S. F. Parisis, and J. Bolot. Experiments with a layered transmission scheme over the Internet. In IEEE INFOCOMM'98, February 1998.
[Vicisano98] L. Vicisano, L. Rizzo and J. Crowcroft. Tcp-like congestion control for layered multicast data transfer. In IEEE INFOCOMM'98, February 1998.
[Vigna97] G.Vigna. Protecting Mobile Agents through Tracing. Mobile Object Systems ECOOP Workshop'97. http://arthur.cs.ucdavis.edu/~barnes/seminar/papers/vigna97.ps
[Waitzman88] D. Waitzman,C. Partidge and S. Deering, Distance Vector Multicast Routing Protocol-DVMRP. RFC 1075, November 1988.
[Waldvogel99] M.Waldvogel, G. Caronni, D. Sun, N.Weiler, and B. Plattner. The VersaKey Framework: Versatile Group Key Management. IEEE Journal on Selected Areas in Communications (Special Issue on Middleware), 17(8):1614-1631, August 1999.
[Wallner98] D. M. Wallner, E. J. Harder and R. C. Agee. Key Management for Multicast: Issues and Architectures (Draft). Internet Engineering Task Force, September 1998. draft-wallner-key-arch-01.txt.
[Wallner99] D. Wallner, E. Harder and R. Agee. Key Management for Multicast: Issues and Architectures. RFC 2627, June 1999.
[Wang98] H. Wang and M. Schwartz. Achieving bounded fairness for multicast and tcp traffic in the Internet. In ACM SIGCOMM'98, September 1998.
[Wang99] X. Wang, X. Yi, K. Lam, C. Zhang and E. Okamoto. Secure Agent-Mediated Auctionlike Negotiation Protocol for Internet Retail Commerce. In LNCS, editor, In Proceedings of the 3rd International Workshop on Cooperative Information Agents(CIA'99), vol 1652 pages 291-302. Springer, Stockholm, Sweden, July 1999.
[WB] WhiteBoard, WB: The most popular whiteboard tool on Mbone. Available at URL: http://www-nrg.ee.lbl.gov/wb.
[Wegener87] I.Wegener. The Complexity of Boolean Functions. JohnWiley and Sons, July 1987. ISBN: 0-471-91555-6.
[Wei98] L. Wei, "Authenticating PIM version 2 messages", November 1998.
daft-ietf-pim-v2-auth-00.txt.
[WeiDraft] Wei, L., "Authenticate PIM Version 2 Messages", Internet-Draft, Work in progress.
[Westerinen00] A. Westerinen, J. Schnizlein, J. Strassner, Mark Scherling, Bob Quinn, Jay Perry, Shai Herzog, An-Ni Huynh, and Mark Carlson. Policy Terminology (Draft). Internet Engineering Task Force, July 2000. draft-ietf-policy-terminology-00.txt.
[Westhoff99] D.Westhoff,M.Schneider,etc. Protecting a Mobile Agent's Route against Collusions. Proceedings of SAC'99, Springer LNCS 1758, 1999 http://www.informatik.fernuni-hagen.de/import/pi2/agents/Papers/ontario99-env.ps
[White94] J.E.White. Telescript Technology: The Foundation for the Electronic Marketplace. General Magic.White Paper,1994.
[Wilhelm99] U.G.Wilhelm. A Technical Approach to Privacy based on Mobile Agents Protected by Tamper-resistant Hardware. PH.D.dissertation. 1999. http://lsewww.epfl.ch/~wilhelm/Papers/thesis.pdf
[Wong00] C. K. Wong and S. S. Lam. Keystone: A Group Key Management Service. In Proceedings International Conference on Telecommunications, Acapulco, Mexico, May 2000.
[Wong02] W. Wong. A Survey of Application-Layer Multicast: Multicast Tree Formation and Performance Metrics. Presentation, May 15, 2002
[Wong97] Wong C. K., Gouda M., Lam S. S. Secure Group Communication using Key Graphs. University of Texas at Austin, Computer Science Technical report TR 97-23.
[Wong98] C. K. Wong, M. Gouda and S. S. Lam. Secure Group Communication Using Key Graphs. In Proceedings of ACM SIGCOMM'98 , pages 68-79. ACM, September 1998.
[Wong99] C. K. Wong and S. Lam. Digital Signatures for Flows and Multicasts. In IEEE/ACM Transactions on Networking 7 (1999), pp 502-513.
[woo98] T. Woo and S. Lam. Designing a Distributed Authorization Service. In Proceedings INFOCOM '98, San Francisco, March 1998. IEEE.
[Wu] T. Wu and S. Wu, "Selective encryption and wartermarking of mpeg video", tech. Rep. , North Carolina State University.
[XACML02] OASIS, Extensible Access Control Markup Language(XACML). http://www.oasis-open.org
[Yajnik96] M. Yajnik, J. Kurose and D. Towsley. Packet Loss Correlation in the MBone Multicast Network. In IEEE Global Internet Conference, 1996.
[Yajnik99] M. Yajnik, S. Moon, J. Kurose, and D. Towsley. Measurement and modelling of the temporal dependence in packet loss. In IEEE INFOCOM '99, New York, NY, March 1999.
[Yee97] B.S.Yee. A Sanctuary for Mobile Agents. DARPA Workshop on Foundations for Secure Mobile Code, February 1997. http://www.cs.ucsd.edu/~bsy/pub/sanctuary.ps
[Zao00] J. Zao, L. Sanchez, M. Condell, C. Lynn, M. Fredette, P. Helinek, P. Krishnan, A. Jackson, D. Mankins, M. Shepard, and S. Kent. Domain Based Internet Security Policy Management. In Proceedings of DARPA Information Survuvability Conference and Exposition,
pages 41-53, Hilton Head, South Carolina, January 2000. DARPA.
[周冲02] 周冲.移动代理恶意主机问题研究.博士论文.上海交大,2002.
[刘璟01] 刘璟,周明天.大型动态群组的多播安全机制.计算机科学,2001,28(1):84-88.
[刘璟03] 刘璟,周明天.鲁棒且容错的大型动态组播系统的密钥管理.计算机科学.已录用
[刘璟02a]刘璟,周明天.大型动态多播群组的密钥管理和访问控制.软件学报,2002,13(2):291-297.(已被EI收录)
[刘璟02b] 刘璟,周明天,杨春. 一个公平防抵赖协议及其形式化分析. 电子学报.已录用.
[刘璟02c] 刘璟,周明天.SCML及其解析器SCML4J的设计及实现.计算机应用.2002,22(7):8-11
[刘璟02d] 刘璟,刘锦德.基于公平不可抵赖协议的CORBA不可抵赖服务,计算机应用,2002,22(增刊):145-148
[刘璟02e] 刘璟,周明天.基于SPKI证书的CORBA分布式授权服务.《2002通信技术新进展——第八届全国青年通信学术会议论文集》:479-487,2002年11月1日-4日,绵阳,中国.