1. Field of the Invention
The present invention relates to mobile ad-hoc networks. Specifically, the present invention provides systems and methods to securely disseminate content in a tactical mobile ad-hoc network.
2. Background of the Invention
Information superiority in future network centric warfare in urban and other environments requires bandwidth efficient dissemination of relevant data to the right person at the right time enabling a common operational picture among all actors within the theater of operation. In the context of future force multi-tier tactical mobile ad hoc networks, the data to be continuously disseminated include command and control data, sensor data, common operational picture data and mission plan updates.
Many layers of security measures present a challenge to content based information dissemination, for instance, the data encryption/decryption at the IP layer. Since the information disseminating source does not know in advance the set of final destination nodes or “sinks”, it needs to encrypt the data in such a way that all potential destination nodes can decrypt them. Moreover, since intermediaries need to know something about the content, the source and/or the sink in order to make forwarding decisions, certain encoding (via encoding logic) of these data needs to be visible in the content packet header to the intermediaries.
Multicast is a common mechanism for a data source to send information to a dynamic set of data sinks (recipients) that have expressed interests in receiving the data. It requires a well known multicast address being allocated to each multicast group, a mechanism for data sinks to join a multicast group, probably with authorization; and a routing mechanism for forwarding data packets to all members of a multicast group. A general approach to the encryption/decryption problem in secure multicast is to let all members of each multicast group share a symmetric key. That is, there will be one key for each multicast group. It is also commonly assumed that each group is assigned a unique key in order to prevent non-members from accessing the group data.
The key management could become a complicated process, depending on whether multicast groups are pre-identified (static group) or created on the fly (dynamic group), and/or whether group membership is fixed (static group membership) or changing dynamically (dynamic group membership). In particular, since only a limited number of keys will be available for use with dissemination traffic in tactical environments, one needs to use the keys wisely to protect the most critical aspects of data privacy and integrity. Moreover, since dynamic key distribution is a complicated process, any key management approach must minimize re-keying without sacrificing the flexibility of forming many ad hoc (unplanned) dissemination groups during mission execution.
Furthermore, efficient utilization of limited radio resources has always been a major issue in information dissemination in mobile ad hoc networks. Most proposed techniques for efficient bandwidth utilization, such as information caching, aggregation and filtering, often require intermediate nodes to examine packet contents, which is problematic for security reasons in tactical networks due to end-to-end packet encryption at various protocol layers.
Another important aspect is the consideration of Red (plain text) and Black (cipher text) separation in tactical radios and the design of content based routing and information dissemination taking into account this separation. Although the concept of establishing dissemination paths on demand based on receiver subscriptions has been described in the context of sensor networks, the prior art has not addressed receiver subscriptions in the context of radio receivers, for instance within a tactical mobile ad-hoc network. Addressing to unplanned groups is also a challenge.
Thus, there exists a need for an efficient secure routing mechanism for data packets in a tactical mobile ad-hoc network.