Multicasting is a well-known method of transmitting information to selected groups of users across a network, such as the Internet. For example, the transmission of an E-mail message to a group of users, each user being listed on a mailing list, uses multicasting principles. Video conferencing and teleconferencing also use multicasting principles and, accordingly, are often referred to as “multiconferencing.”
Due to increased demand for uses utilizing multicasting principles, protocols such as the Internet Group Multicast Protocol (“IGMP”) have been developed and refined to support multicasting over a Transmission Control Protocol/Internet Protocol (“TCP/IP”) network, such as the Internet. The new protocols, such as IGMP, allow users to easily create and join multicasting sessions (“multicasts”). However, multicasts often transmit confidential information between multicast users (“members”) during the multicast. Thus, a need exists for securing multicast transmissions.
However, because multicasting involves groups of users, securing multicast transmissions raises the issue of scalability. In response to this issue, it is recognized that it would be more scalable to allow the use of multiple, independently group security associations. In one such scheme, each packet is decrypted, and then re-encrypted, subgroup to subgroup, until the packet reaches the destination member. However, as a result of the decryption and re-encryption from subgroup to subgroup, the multicast transmission incurs latency. In addition, a problem arises when a multicast transmission is sent from a data originator that only allows an authorized agent or broker to translate the multicast transmission.
In another scheme, a multicast network is partitioned into hierarchical multiple security domains. In this scheme, however, a multicast transmission cannot be translated across horizontal domains.