【正文】 old munication? ? Forward access control: should members that have left have access to new munication? ? Rekeying period: should the group key be changed? How often? The big problem ? One affects many: Mittra observed that group munication security has the property of all members being affected by the leaving, revocation, or joining of one member. Scalability is critical for large groups. Note that encryption/decryption has performance overhead. Existing approaches ? Group Key Management Protocol (GKMP) ? Scalable Multicast Key Distribution (SMKD) ? Group Secure Association Key Management Protocol (GSAKMP) ? Iolus ? Key hierarchy schemes: Key graphs, Binary key trees, Boolean key tree ? Set difference Group Key Management Protocol (GKMP) ? Initially developed for military use with unicast munication ? Commander chooses group key manager ? Untrusted leaves, create new group ? Keys have lifetime ? Later modified for multicast: group key manager selected by voting ? Group key manager generates group key encryption packets ? Others generate group traffic encrypted packets Scalable Multicast Key Distribution (SMKD) ? Network layer secure multicast key management ? Key management integrated in the Core Based Tree (CBT) multicast protocol ? Each core node a