Performance Analysis of Multicast Security in LTE

International Journal of Emerging Trends & Technology in Computer Science (IJETTCS)
Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 2, Issue 5, September October 2013 ISSN 2278-6856
Performance analysis of multicast security in LTE

Mohsen M. Tantawy 1, Adly S. Tag ELdien 2 and Esraa Mosleh Eid 3
2,3
Network planning Dept, National Telecommunication Institute, Cairo, Egypt Elec. Eng. Dept. faculty of engineering, Benha University, Shoubra, Cairo, Egypt The evolved MBMS (e-MBMS) architecture is shown in Figure 1. Some of the entities functions are described below. The e-BM-SC (Broadcast Multicast Service Center) is the entity that is responsible for providing authorization for terminals requesting to activate an MBMS service, also scheduling of broadcast and multicast sessions [5]-[7], Integrity and confidentiality protection of MBMS data and finally MBMS session announcement.
Abstract: The Multimedia Broadcast Multicast Service

(MBMS) has been included in the 3GGP architecture to provide broadcast/multicast services. The main goal of this paper is to assess the performance of the Secure Multicast Overlay (SMO) and the Group Security Association (GSA). We compare GSA with SMO, in terms of Keys management procedures and look up policies showing that GSA solution is appropriate in certain circumstances and SMO solution is appropriate in others. The comparison will be for different parameters and different services.
Keywords- Multimedia Broadcast Multicast Services, GSA, SMO, Security Associations.
1. INTRODUCTION
In group-oriented applications like conferencing, chat groups and interactive gaming data are sent from one or more sources to multiple users. Multicasting is the optimum technique for such group oriented applications with effective network resource utilization. But maintaining security is a critical issue with frequent membership changes. Confidentiality can be achieved through changing the key material, known as rekeying every time a new member joins the group or existing member leaves the group. The 3GPP has introduced the Multimedia Broadcast Multicast Service as a mean to broadcast and multicast information to 3G users. MBMS provides much more flexibility than other distribution systems like Digital Video Broadcasting (DVB) [1], [2]. In MBMS multiple subscribers can get the chance to receive the same data, sent only once on each downlink. MBMS provides two different services Broadcast and Multicast. The Broadcast service can be received by any subscriber located in the area in which the service is offered and multicast services can only be received by users having subscribed to the service and having joined the multicast group associated with the service. Both these services can be highly applied to broadcast text, audio, picture, video, emergency alerts [3], [4] from Broadcast Multicast Service Centre to any user located in the service area. For such a service, only the broadcast service providers can be charged based on the amount of data broadcasted, size of service area or broadcast service duration. In Multicast, the end-user is required to join the group in order to receive the service.
Figure 1. MBMS architecture for LTE The MBMS GW is the root of the distribution tree for the multimedia content that is used to broadcast/multicast the information towards 3G users through the e-UTRAN (UMTS Terrestrial Radio Access Network). The MBMS GW performs MBMS Session Control Signaling (session start/stop) toward the E-UTRAN via Mobile Management Entity (MME) [8]-[11]. The e-MBMS GW is logically split into two parts, one related to control plane and the other is related to user plane. Likewise, two distinct interfaces have been defined between e-MBMS GW and e-UTRAN, M1 for user plane and M3 for control plane. The control plane interface (M2) is between the MCE and the e-NB. The e-NB is the collector of the information that has to be distributed to users on the air-interface. The MCE (Multi-cell/multicast Coordination Entity) is the key element for MBMS in LTE [12]. It is a new entity needed to coordinate the transmission of synchronized signals from different cells (e-NB). The architecture represented in figure1 represents one possible solution for locating the MCE; another solution is to have the MCE inside the e-NB [13]. In this paper, we introduce two different solutions for MBMS, GSA and SMO. A comparison is done between the two solutions in terms of Keys management procedures and look up policies. Page 232
Volume 2, Issue 5 September October 2013

1.1 Keys Management Procedures For GSA, when creating a new multicast group, a new multicast channel has to be distributed to a set of receiver e-NBs. The keying and rekeying procedures are also a problem in GSA. Group creation is creating an environment in which the authorized users can communicate with other users in that particular group or domain. In order to establish a group communication a common group key is to be distributed to all the members of the group. The group key is to be changed when a member leaves or joins in the group. When group members are changing, new key information is transmitted to all users through re-keying messages. These re-keying messages must be delivered reliability and in a timely manner [14]. In e-MBMS and during the set up of a multicast group, due to the specific service provisioning scenarios (i.e. multicast of TV channels), all the eNBs involved in the group set-up have to obtain the GSA key materials almost in the same time. According to the specification of GSA [15]-[17], this can be done by establishing a point to point Security Association (SA) with the Group Controller and Key Server (GCKS) and using this SA to exchange the key material of one multicast group. This solution may prove impractical if all the receivers join the group almost in the same time. In our performance analysis we are going to evaluate the group setup rate(GSR) which is the rate of creation of new multicast groups that require a keying procedure and the key request rate ( KRR), which takes into account that for each GSA multicast group, all receivers have to require the key. When a security association has been setup, we need a periodic rekeying procedure. For the GSA solution, we let rekeying frequency represent the refresh frequency of the cryptographic keys for each group SA (for each multicast flow). Hence we will evaluate the rekeying rate (REKR), which is the overall rate of refresh procedures originated by the GCKS for all GSA groups. For SMO, we assume that the security associations that compose the Overlay are static or changing very slowly with time. Therefore the keying frequency can be assimilated to 0. In particular, for SMO solution we let SMO rekeying frequency represents the refresh frequency of the cryptographic keys (the rekeying frequency for each point-to-point SA). We will evaluate the total rekeying rate (REKR) at the e-MBMS gateway. 1.2 Performance of SA look up To protect a packet during the transmission between two entities, we need to check a set of to apply the proper protection mechanisms. The increase in the number of SAs indicates that a larger set of rules have to be matched in order to proper classify and protect the packet. For GSA, the number of SAs depends on the number of multicast groups. For SMO, the number of simultaneous SAs nodes (either eNBs or the MBMS-GW) depends only Volume 2, Issue 5 September October 2013 on the specific overlay topology deployed, and in particular it is equal to the number of overlay links departing from the considered node. The rest of the paper is organized as follows: The traffic model with the definition of overlay topology for SMO and mapping of GSA and SMO onto the network topology is described in section II. The assumptions for the analysis of LTE multicast services and the key performance indexes is proposed in section III and section IV, respectively. Section V shows the result and result analysis. Finally, we conclude this paper in section VI
2. TRAFFIC MODEL
The e-MBMS network is constituted by a backbone network, which includes the backbone routers and by a set of access networks, which connects the e-NBs and their access routers to the backbone routers. The e-MBMS is assumed to be connected to one backbone router. For simplicity, assume a single layer routing star topology. A total of level1 (R1) routers are directly connected to the GW and a total of K e-NBs are connected to the level1 routers. The eNBs are organized in cluster of size CR which is the number of eNBs served by level one router. (1) In principle, different overlay topology can be defined for the SMO solution. In this analysis the proposed is a hierarchical overlay topology with one level of hierarchy, called Level1 hierarchical overlay topology (L1HO). One e-NB in the cluster is the master and the others are the slaves. Either master and slaves eNBs receive packets from router, but while master e-NBs establish SAs with the eMBMS GW, the slaves establish SAs with the master. In this topology the eMBMS GW manages only the cryptographic procedures relative to the master eNBs, while the cryptographic procedures relative to the slave eNBs are managed by the master eNBs as in [18]. Figure 2 represents the architecture of GSA solution and the e-MBMS architecture for the SMO L1HO solution is shown in Figure 3.
Figure 2. -MBMS architecture for the GSA solution Page 233

GWMSA (GSA) = GWMSA (SMO) = (2) (3)
Group Setup Rate (GSR), it is the rate of creation of new multicast groups that require a keying procedure. GSR (GSA) = Figure 3. MBMS architecture for the SMO L1HO solution (4)
3. ASSUMPTIONS
There are many multicast services in LTE. Here we choose three services and apply our analysis on them TV service, Twitter service and Facebook service (see Table 1). Some of these assumptions are taken from [17] and [19]. Table1.Model assumptions for multicast applications in LTE
Parameter / Service Population of users (U) Activity factors (x) Total number of eNBs managed by the GW (K) average rate of service (B) number of e-NBs served by level one router (CR) Refresh frequency of the cryptographic keys (fGSA) Refresh frequency of the cryptographic keys (fSMO) Fraction of active users that are receiving a flow (w) Span fraction of video traffic flows (s) Number of traffic flows (N) Average duration of video flows (T) multicast flow size (A) TV channel service 104 , 107 5% 500 :104 0.5 : 8 Mbps 10 : 100 Twitter 104 , 107 5% 500: 104 50 kbps 10 : 100 Social network (Facebook) 104 , 107 5% 500: 104 1 : 2 Mbps 10 : 100
GSR (SMO) = 0 (5) Rekeying Rate (REKR), it is the overall rate of refresh procedures originated by the GCKS for all GSA groups (GSA). Or the overall rate of refresh procedures for each point-to-point SA at the e-MBMS gateway (SMO). REKR (GSA)(TV)= REKR (GSA) (Twitter, REKR (SMO) = (6) Facebook) (8)
= (7)
Key Request Rate, For each GSA multicast group, all receivers have to require the key. KRR (GSA) (TV) = KRR (GSA) (Twitter, Facebook) = KRR (SMO) = 0 (9) (10) (11)
5. RESULTS ANALYSIS
5.1 Changing number of traffic flows (N): Figure 4 shows the number of gateway managed SA's versus total number of eNBs. The figure shows that for TV service number of gateway managed SA's are small for eNBs less than 2500 and this is for SMO solution which is the best solution in this case. While when total number of eNBs is greater than 2500 and for the same service the best solution differs according to the number of traffic flows (N). For Twitter and Facebook services number of gateway managed SA's are small for eNBs less than 2000 and this is for SMO solution which is the best solution in this case. While when total number of eNBs is greater than 2000 and for the same service the best solution differs according to the number of traffic flows (N).
TV GSA N=25 , (U=104 , A=6) , (U=107 , A=6000) TV GSA N=100 , (U=104 , A=1) , (U=107 , A=1500) Twitter & Facebook GSA N=20 , (U=10 4 , A=5),(U=107 , A=5000) Twitter & Facebook GSA N=2000 , (U=107 , A=50) TV & Twitter & Facebook SMO (for all values of U , A and N)
1 / hour
1 / hour
1 / hour
1 / hour
1 / hour
1 / hour
30%
20%
20%
1 25, 100 1 hour 1, 6, 1500 , 6000 20 , 2000 20 minutes 5 , 50, 5000 20 , 2000 20 minutes 5 , 50, 5000
Gateway Managed SAs (num)
10
10
10
4. KEY PERFORMANCE INDEXES

The following parameters will be measured using a computer algorithm. Gateway Managed SAs (GWMSA), it is the number of SAs connections that a MBMS-GW needs to manage with different eNBs at the same time. Volume 2, Issue 5 September October 2013
10
1000
2000
3000
4000
5000
6000
7000
8000
9000
10000
11000
Number of e-NBs
Figure 4. Gateway Managed SAs Figure 5 shows the group setup rate versus total number of eNBs. The figure shows that for TV, Twitter and Page 234

Facebook services, SMO solution is the best solution regardless different values for number of traffic flows (N).
TV GSA N=25 , (U=104 , A=6) , (U=107 , A=6000) TV GSA N=100 , (U=104 , A=1) , (U=107 , A=1500) Twitter & Facebook GSA N=20 , (U=104 , A=5),(U=107 , A=5000) Twitter & Facebook GSA N=2000 , (U=107 , A=50) TV & Twitter & Facebook SMO (for all values of U , A and N)
cluster size (CR) equal to 100. This is for SMO solution which is the best solution in this case. While when total number of eNBs is greater than 2000 GSA is the best solution regardless the value of cluster size (CR).
10
4
10
Group Setup Rate (1/s)
10
Gateway Managed SAs (num)
TV GSA (CR=10,CR=100) Twitter & Facebook GSA (CR=10, CR=100) TV & Twitter & Facebook SMO (CR=10) TV & Twitter & Facebook SMO (CR=100)
10
10
-1
10
10
-2
10
1000
2000
3000
4000
5000
6000
7000
8000
9000
10000
11000
1000
2000
3000
4000
5000
6000
7000
8000
9000
10000
11000
Number of e-NBs
Number of e-NBs
Figure 5. Group Setup Rate Figure 6 shows the rekeying rate versus total number of eNBs. The figure shows that for TV, Twitter and Facebook services, rekeying rate has small values for SMO solution for all values of eNBs and different values for number of traffic flows (N).
TV GSA N=25 , (U=10 4 , A=6) , (U=107 , A=6000) 10
6
Figure 8. Gateway Managed SAs Figure 9 shows the group setup rate versus total number of eNBs. The figure shows that for TV, Twitter and Facebook services, SMO solution is the best solution regardless different values of cluster size (CR).
10
1
TV GSA(CR=10,CR=100) Twitter & Facebook GSA(CR=10, CR=100) TV & Twitter & Facebook SMO(CR=10, CR=100)
Rekeying Rate (1/s)
10
TV GSA N=100 , (U=104 , A=1) , (U=107 , A=1500) Twitter & Facebook GSA N=20 , (U=10 4 , A=5),(U=10 7 , A=5000) Twitter & Facebook GSA N=2000 , (U=107 , A=50) TV & Twitter & Facebook SMO (for all values of U , A and N)
Group Setup Rate (1/s)
10
10
-1
10
2
-2
10
1000
0
2000
3000
4000
5000
6000
7000
8000
9000
10000
11000
Number of e-NBs
10
Figure 9. Group Setup Rate

1000 2000 3000 4000 5000 6000 7000 8000 9000 10000 11000
10
-2
Number of e-NBs
Figure 6. Rekeying Rate Figure 7 shows the key request rate versus total number of eNBs. The figure shows that for TV, Twitter and Facebook services, SMO solution is the best solution regardless different values for number of traffic flows (N).
10
6
Figure 10 shows the rekeying rate versus total number of eNBs. The figure shows that for TV, Twitter and Facebook services, rekeying rate has small values for SMO solution (the best solution in this case) for all values of eNBs and for different values of cluster size (CR).
10
6
TV GSA(CR=10, CR=100) Twitter & Facebook GSA(CR=10 , CR=100) TV & Twitter & Facebook SMO(CR=10) TV & Twitter & Facebook SMO(CR=100)
Rekeying Rate (1/s)
TV GSA N=25 , (U=104 , A=6) , (U=107 , A=6000) TV GSA N=100 , (U=104 , A=1) , (U=107 , A=1500) Twitter & Facebook GSA N=20 , (U=104 , A=5),(U=107 , A=5000) Twitter & Facebook GSA N=2000 , (U=107 , A=50) TV & Twitter & Facebook SMO (for all values of U , A and N)
10
Key Request Rate (1/s)
10
10
10
10
10
-2
1000
2000
3000
4000
5000
6000
7000
8000
9000
10000
11000
10
Number of e-NBs
Figure10. Rekeying Rate

1000 2000 3000 4000 5000 6000 7000 8000 9000 10000 11000
Number of e-NBs
Figure 7. Key Request Rate 5.2 Changing cluster size (CR): Figure 8 shows the number of gateway managed SA's versus total number of eNBs. The figure shows that for TV service number of gateway managed SA's are small for eNBs less than 2500 with cluster size (CR) equal to 100 ,this is for SMO solution which is the best solution in this case. When total number of eNBs is greater than 2500, GSA will be the best solution regardless the value of cluster size (CR). For Twitter and Facebook services number of gateway managed SA's are small for eNBs less than 2000 with Volume 2, Issue 5 September October 2013
Figure 11 shows the key request rate versus total number of eNBs. The figure shows that for TV, Twitter and Facebook services, SMO solution is the best solution regardless different values of cluster size (CR).
10
6
TV GSA(CR=10, CR=100) Twitter & Facebook GSA(CR=10, CR=100) TV & Twitter & Facebook SMO(CR=10, CR=100)
Key Request Rate (1/s)
10
10
10
1000
2000
3000
4000
5000
6000
7000
8000
9000
10000
11000
Number of e-NBs
Figure11. Key Request Rate Page 235

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 2, Issue 5, September October 2013 ISSN 2278-6856 6. CONCLUSION
The aim of this paper was the performance assessment of the Secure Multicast Overlay (SMO) and the Group Security Association (GSA). From the point of view of the number of Gateway Managed SAs (GWMSAs), and for the three services SMO solution has the best performance when total number of eNBs is small. For large numbers of eNBs the performance of the two solutions will differ according to the values of number of video traffic (N) flows and the cluster size (CR). In terms of Group Setup Rate (GSR), Key Request Rate (KRR), and Rekeying Rate (REKR) and for the three services, SMO solution is the best solution for all numbers of eNBs and for different values for traffic flows and cluster size. To increase the performance of SMO solution use large values for CR as all the results is better when using CR =100 rather than using CR =10 here in our analysis. [9] Antonios Alexiou, Christos Bouras, Vasileios Kokkinos, Andreas Papazois and Georgia Tseliou, Forward Error Correction for Reliable e-MBMS Transmissions in LTE Networks. [Online] [Available:http://cdn.intechopen.com/pdfs/14763/InT echForward_error_correction_for_reliable_e_mbms_tran smissions_in_lte_networks.pdf . [Accessed: April, 17, 2011]. [10] Dr. Agassi Melikov , Cellular Networks Positioning, Performance Analysis, Reliability.[Online] Available: http://www.intechopen.com/books/cellular-networkspositioning-performance-analysisreliability.[Accessed: Apirl, 17, 2011]. [11] Antonios Alexiou, Christos Bouras, Vasileios Kokkinos, Andreas Papazois, George Tsichritzis, Multimedia Broadcasting in LTE Networks. [Online]. Available: http://ru6.cti.gr/ru6/publications/9526Bouras_IGIGlobal_chapter_v10.pdf. [Accessed: Octobr,2, 2013]. [12] M. Kottkamp et al, An introduction to the technology behind LTE Release 9. [Online] Available: http://www.eetimes.com/design/test-andmeasurement/4234458/An-introduction-to-thetechnologybehind-LTE-Release-9. [Accessed: Novmber, 13, 2012]. [13] 4gwirelessjobs, Broadcast and Multicast Service for LTE and advanced. [Online]. Available: http://4gwirelessjobs.com/userfiles/file/ MBMS for LTE.pdf. [Accessed: April, 7,2008]. [14] D.Nattiya and T.K.Thivakaranm, Adoptable Key Management Technique for Multicast and Broadcast Services, International Journal of Engineering Research & Technology (IJERT), Vol. 1 Issue 3, pp.1-6, May 2012. [15] T. Hardjono, B. Weis, The Multicast Group Security Architecture, IETF Request for Comment 3740, March 2004. [16] B. Weis, G. Gross, D. Ignjatic, Multicast Extensions to the Security Architecture for the Internet Protocol, IETF Internet-Draft, February 2008. [17] M. Baugher, R. Canetti, L. Doneti, F. Lindholm, Multicast security (MSEC) group key management architecture, IETF Request for Comment 4046, April 2005 [18] Cristina Basile, Stefano Salsano, Simone Teofili, Michele Di Mascolo, Giuseppe Bianchi, Performance analysis of security solutions for eMBMS, April 2008. [19] Motorola, TD-LTE: Enabling New Possibilities and Revenues for Operators Maximizing adaptable DL: UL ratio and lower spectrum costs. [Online]. Available: http://www.motorolasolutions.com/web/Business/Sol utions/Industry%20Solutions/Service%20Providers/N etwork%20Operators/LTE/_Document/Static%20File Page 236
REFERENCES
[1] ETSI EN 302 304 V1.1.1 Digital Video Broadcasting (DVB); Transmission System for Handheld Terminals DVB-H), November 2004. [2] Simone Teofili, Michele Di Mascolo, Giuseppe Bianchi, Stefano Salsano Dip. Ing. Elettronica, User plane security alternatives in the 3G evolved Multimedia Broadcast Multicast Service (e-MBMS) , University of Roma Tor Vergata, Rome, Italy, November 2008. [3] RCR Wireless, LTE MBMS, Delivering Broadcast and Multicast Services at LTE Speed. [Online] Available: http://www.rcrwireless .com /lte/ltembms.htm, [Accessed: Sept. 22, 2013]. [4] Ericsson, Ericsson demonstrates Broadcast Video/TV over LTE. [Online] Available:http://www.ericsson.com/news/15890 80. [Accessed: February, 13 2012]. [5] David Lecompte, Frdric Gabin,, Evolved Multimedia Broadcast/Multicast Service (eMBMS) in LTE-Advanced: Overview and Rel-11 Enhancements, IEEE Communications Magazine, pp.68-74, November 2012. [6] Yong Sun , Yu Dong , Zhenmin Zhao, Xiangming Wen , Wei Zheng, Enhanced Multimedia Services Based on Integrated IMS-MBMS Architecture in LTE Networks ,Wireless Communications Networking and Mobile Computing (WiCOM), IEEE 6th International Conference, pp.1-5, 2010. [7] David Lecompte, Frdric Gabin, Evolved Multimedia Broadcast/Multicast Service (eMBMS) in LTE-Advanced: Overview and Rel-11 Enhancements, Communications Magazine, IEEE, Volume 50, Issue 11, pp.68-74, November 2012. [8] Tara Ali-Yahiya, Understanding LTE and its Performance, Springer New York, 1st Edition, 2011.

s/TD-LTE%20Apps%20Solution%20Paper%20%20FINAL.pdf [Accessed: Dec. 5, 2010].
AUTHOR
Mohsen M. Tantawy received the M.Sc. degree from Cairo University,Egypt in 1998 and the Ph.D. from Ain Shams niversity, Egypt in 2003. He is currently an associate professor in network planning department in National Telecom. Institute (NTI), affiliate of the Ministry of ommunication and Information Technology. Adly S. Tag Eldien received the B.S. degree in Electronics and communication, Benha University in 1984 and the M.Sc. in computer based speed control of single phase induction motor using three level PWM with harmonic elimination, Benha University, in 1989. The Ph.D. in optimal robot path control, Benha University, in 1993. He is currently an Association prof. in shoubra faculty of engineering and Manager of Benha university network and information center. and his research interests include, Robotics, Networks, Communication. Esraa Mosleh Eid received the B.S. degree in Electrical Engineering, Communication from Benha University, in 2008. Now she is a Student of M.Sc.degree in Communication engineering in Benha University, Her research interests include, Mobile communication.
Page 237

Performance Analysis of Multicast Security in LTE

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Performance Analysis of Multicast Security in LTE

Загружено:

Авторское право:

Доступные форматы

International Journal of Emerging Trends & Technology in Computer Science (IJETTCS)