• IDE : Net Beans IDE 7.2
• Immediate rekeying
• Key Management
• Rekeying Overhead
• Key Distributor
• Session Information
• Authentication Process
• Certificate Authority
6.2 MODULES DESCRIPTION
6.2.1 IMMEDIATE REKEYING
Immediate rekeying (IR) strategy solves this problem by rekeying only the local area keys, however it gives huge rekeying overhead whenever members repeatedly handover. Rekeying is changing a lock so that a different key may operate it.
Rekeying is done when a lock owner may be concerned that unauthorized people have keys to the lock. The lock may be altered by a locksmith so that only new keys will work. Rekeying is the relatively simple process of changing the tumbler or wafer configuration of the lock so a new key will function while the old one will not. Rekeying is done without replacement of the entire lock.
Figure: 6.2.1 immediate rekeying
6.2.2 KEY MANAGEMENT
To solve the rekeying complexity as multicast services cumulate in a single network, the slot based multiple group key management (SMGKM) protocol. An efficient multi-service group key management scheme (SMGKM) suitable for high mobility users which perform frequent handoffs while participating seamlessly in multiple multicast services.
The users are expected to drop subscriptions after multiple cluster visits hence inducing huge key management overhead due to rekeying the previously visited cluster keys. The already proposed multi-service SMGKM system with completely decentralized authentication and key management functions is adopted to meet the demands for high mobility environment with the same level of security.
Figure: 6.2.2 Key Management
6.2.3 REKEYING OVERHEAD
In the rekeying overhead, during rekeying process, the key server delivers the new TEK to the existing group members to invalidate the old TEK. This restricts access to the future (prior) messages after member (join) leaves, to satisfy forward and backward secrecy.
Figure: 6.2.3 Rekeying Overhead
6.2.4 KEY DISTRIBUTOR
In the key distributor consists of three keys are,
(1) Domain Key Distributor
(2) Area Key Distributor
22.214.171.124 DOMAIN KEY DISTRIBUTOR
Domain Keys Identified Mail (DKIM) is an email validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain is authorized by that domain’s administrators and that the email (including attachments) has not been modified during transport. A digital signature included with the message can be validated by the recipient using the signer’s public key published in the DNS. In technical term, DKIM is a technique to authorize the domain name which is associated with a message through cryptographic authentication. DKIM is the result of merging Domain Keys and Identified Internet Mail.
126.96.36.199 AREA KEY DISTRIBUTOR:
In the Area Key Distributor, get the keys from domain keys distributor through mail from that create the user and file upload processing to be done. An area is defined in such ways that member movements within an area do not require any rekeying and join or leave is handled locally by an intra keying algorithm. When a member moves between the area an interkeying algorithm Provide the coordination for the transfer of security relationship.
188.8.131.52 USER: In the user using the keys and do the login process and download the files.
Figure: 6.2.4 Key Distributor
6.2.5 SESSION INFORMATION
SMSL controls peers taking part in a communication by a pair of Session Information elements, Local siL and Remote siR. A Session Information element consists of a 5-tuple, where hid is the Host Identifier; sid is the Session Index; f are control flags; and seqS and seqR are transmission checkpoints. A data structure measuring 41 bytes in length encapsulates the Session Information, as shown. A session uses this information as a control message for session re-establishment. During (re)opening, the peers perform a 4-way handshake in which they exchange their Local Session Information siL and authenticate mutually. The node saves and retrieves a received Session Information from the siR session element.
In the Session Information consists of
1. Server side web sessions
2. Client side web sessions
Server side web sessions
In the systems without mass-storage is to reserve a portion of RAM for storage of session data. This method is applicable for servers with a limited number of clients.
Client side web sessions
The client saves the cookie in memory or on disk. With each successive request, the client sends the cookie back to the server, and the server uses the data to “remember” the state of the application for that specific client and generate an appropriate response.
Figure: 6.2.5 Session Distribution
6.2.6 AUTHENTICATION PROCESS
In the authentication process , a session identifier, session ID or session token is a piece of data that is used in network communications (often over HTTP) to identify a session, a series of related message exchanges. Session identifiers become necessary in cases where the communications infrastructure uses a stateless protocol such as HTTP. A session ID is typically granted to a visitor on his first visit to a site. It is different from a user ID in that session.
A session token is a unique identifier, usually in the form of a hash generated by a hash function that is generated and sent from a server to a client to identify the current interaction session. The client usually stores and sends the token as an HTTP cookie and/or sends it as a parameter in GET or POST queries. The reason to use session tokens is that the client only has to handle the identifier all session data is stored on the server linked to that identifier.
In Valid Key
Figure: 6.2.6 Authentication Process
6.2.7 CERTIFICATE AUTHORITY
Certificate Authorities, or Certificate Authorities / CAs, issue Digital Certificates. Digital Certificates are verifiable small data files that contain identity credentials to help websites, people, and devices represent their authentic online identity (authentic because the CA has verified the identity). CAs play a critical role in how the Internet operates and how transparent, trusted transactions can take place online. CAs issue millions of Digital Certificates each year, and these certificates are used to protect information, encrypt billions of transactions, and enable secure communication.
An SSL Certificate is a popular type of Digital Certificate that binds the ownership details of a web server (and website) to cryptographic keys. These keys are used in the SSL/TLS protocol to activate a secure session between a browser and the web server hosting the SSL Certificate. In order for a browser to trust an SSL Certificate, and establish an SSL/TLS session without security warnings, the SSL Certificate must contain the domain name of website using it, be issued by a trusted CA, and not have expired.
6.3 UML DIAGRAMS
All the incoming raw data from different sources will be collected for further processing. All the content will be analyzed well using the prediction algorithm and classified according to the used defined rules in the rule set that has been already fed into the policy database.
As shown in use case diagram, client initially activates the server to listen to their requests. Later user shares information’s among themselves via text, image, audio etc. These contents will be processed in detail at server side with the help of back end server who controls the overall process of this network. Online manager analyze and filter the unwanted content as per user preference.
6.3.1 Use Case Diagram
A use case is a list of steps, typically defining interactions between a role (known in Unified Modeling Language (UML) as an “actor”) and a system, to achieve a goal. The actor can be a human, an external system, or time. In systems engineering, use cases are used at a higher level than within software engineering, often representing missions or stakeholder goals. The detailed requirements may then be captured in Systems Modeling Language (SysML) or as contractual statements.
Figure: 6.3.1 Use case diagram
6.3.2 SEQUENCE DIAGRAM:
A Sequence diagram is an interaction diagram that shows how processes operate with one another and in what order. It is a construct of a Message Sequence Chart. A sequence diagram shows object interactions arranged in time sequence.
Figure: 6.3.2 Sequence diagram
6.3.3 CLASS DIAGRAM
Figure: 6.3.3 Class diagram
6.4.1 STARTUP PAGE
Figure: 6.4.1 Startup diagram
6.4.2 DOMAIN KEY DISTRIBUTOR REGISTER
Figure: 6.4.2 Register diagram
6.4.3 AREA KEY DISTRIBUTOR REGISTER
Figure: 6.4.3 Area Key Distributor diagram
6.4.4 VIEW ADMIN
Figure: 6.4.4 View Admin diagram
6.4.5 UPLOADING FILE
Figure: 6.4.5 Uploading File diagram
6.4.6 DOWNLOAD FILE
Figure: 6.4.6 Download file diagram
6.4.7 VIEW DETECTION
Figure: 6.4.7 View Detection diagram
A new SMGKM scheme has been improve the key management performance in the presence of multi-moves participating in multi-group services. It considered providing backward confidentiality where mobile receivers dynamically perform handoff while seamlessly maintaining diverse subscriptions. In contrast to convectional schemes targeted for a single service, SMGKM used a new rekeying strategy based on lightweight KUS and SKDL for effectively performing key management and authentication phases respectively during handoff. SMGKM adopted independent TEK per cluster to localize rekeying and mitigate one-affect-n phenomenon. By offloading the key management and authentication phases to the intermediate AKDs massively reduced signaling load at the core network than in convectional schemes hence giving DKD scalability while preventing bottlenecks.
7.1 FUTURE ENHANCEMENT
Implement the separate Key Distributor, In the Key distributor, there is some separate Administrators login for some File, Audio, and Video processing. Functions of Session Layer are the network dialogue controller. It establishes maintains and synchronizes the interaction between communicating devices. For example, it might manage an audio stream and video stream that are being combined in a teleconferencing application. That file, audio and video capacity is 2GB. To uploading the files are choose and download
 T. T. Mapoka, S. Shepherd, R. Abd-Alhameed, andK. O. O. Anoh, “Novel Rekeying approach for multiple multicast groups over wireless mobile networks,” in 10th IEEE International Wireless Communications, Aug 2014.
 S. Yan, W. Trappe, and K. J. R. Liu, “An efficient key management scheme for secure wireless multicast,” in Communications, 2002. ICC 2002. IEEE International Conference on, 2002, pp. 1236-1240 vol.2.
 W. Chung Kei, M. Gouda, and S. S. Lam, “Secure group communications using key graphs, ”IEEE/ACM Trans. Netw., vol. 8, no. 1, pp. 16–30, Feb. 2000
 G.-H. Chiou and W.-T. Chen, “Secure broadcasting using the secure lock, ”IEEE Trans. Software Eng., vol. 15, pp. 929–934, Aug. 1989.
 T. T. Mapoka, “Group key management protocols for secure mobile multicast communication: A comprehensive survey,”Int. J. Comput. Appl., vol. 84, pp. 28–38, Dec. 2013.
 T. T. Mapoka, S. Shepherd, R. Abd-Alhameed, and K. Anoh, “Efficient authenticated multi-service group key management for secure wireless mobile multicast, “ inProc. 3rd. Future Generation Commun. Technol., 2014, pp. 66–71.
 Y. Challal and H. Seba, “Group key management protocols: A novel taxonomy,”Int. J. Inf. Technol., vol. 2, pp. 105–119, 2005.
 R. Mukherjee and J.W. Atwood. Proxy Encryptions for Secure Multicast Key Management. IEEE Local Computer Networks -LCN’03, October 2003.
 S. Gharout, A. Bouabdallah, M. Kellil, and Y. Challal, “Key management with host mobility in dynamic groups,” inProc. 3rd Security Inf. Netw., 2010, pp. 186–194.
 C. Zhang, B. DeCleene, J. Kurose, and D. Towsley, “Comparison of inter-area rekeying algorithms for secure wireless group communications,”Perform. Eval., vol. 49, pp. 1–20, Nov. 2002.
...(download the rest of the essay above)