A computer network is sometimes used to deliver streams of data to one or more computers on a network. Multicasting is a known technique for transmitting such data. Multicast technology supports an architecture that allows one stream of data to be read by multiple users. This type of technology saves bandwidth and provides a way to disseminate data to a wide array of users. For example, Internet radio stations, TV stations, and other such information channels may use multicasting to transmit any type of data that many users wish to view. Often the party transmitting the multicast wants to restrict access to the multicast or charge a dollar amount for the multicast data. However, currently deployed multicasting techniques do not have an authentication and payment infrastructure. Modern Secure Authentication schemes often require something you have (e.g., a smart card) and something you know (e.g., a password). One of the problems with deploying smart cards is that they require smart card readers, which add costs and if the reader does not have an integral keypad for pin entry they are still vulnerable to data keyboard sniffing.
Multicasting:
Multicasting is a technique for transmitting data from one computer to many different computers or from many computers to many other computers. Transmitting a corporate message to a group of employees or sending an audio feed to numerous computer users are examples of multicasting. Multicasting is widely used to propagate data to multiple network nodes (e.g. computers).
In a multicast environment, a properly configured computational device can perform one operation to transmit data to multiple destination devices. For example, using multicasting a person can transmit video data to many different computers by initiating a single multicasting session. Under the multicast model only network nodes that are actively interested in receiving a particular multicast have such data routed to them. On some networks, certain network nodes automatically ignore multicast data. For example, some network routers are configured to prevent multicast data from entering a subnet. Computational devices designed to implement firewalls or other such filtering mechanisms may also be configured to ignore multicast data.
Multicasting is typically utilized to disseminate data to a plurality of network nodes in a single transmission. To support multicasting the network infrastructure as well as the sending and receiving node(s) are multicast enabled. This includes any intermediate routers that may be involved in transmitting data between networks. The computational device responsible for performing the multicasting is not required to maintain a list of recipients. Instead, the device transmits a single copy of the multicast message to all the members of a host group. Copies of the message are made when a router determines divergent paths are necessary to deliver the message to host group members.
A problem with multicasting is that multicast enabled networks are not designed to provide an easy system for authenticating and obtaining payment from users who wish to access the multicast data. For example, the prior art does not provide users with a way to utilize a smart card to pay for access to a particular multicast.
Multicasting Components:
Referring now to FIG. 1 an illustration of a network topology configured to support multicasting is shown. Sending node 100 and receiving nodes 101 are connected to network 125. Network 125 is a Local Area Network (LAN). The remaining nodes 102-104 attached to network 125 are not configured to accept multicast data. Sending node 100 and receiving node 101, however, are configured to accept multicast data. This is accomplished by 1) installing the appropriate network hardware and 2) configuring the two nodes to accept and transmit the necessary protocols (e.g. TCP, IGMP). Additionally, a software application capable of sending and/or receiving multicast data is necessary. When sending nodes 100 and receiving nodes 101 are properly configured data can be multicast from sending node 100 to receiving node 101 along path 122. Data that is multicast may also be sent to multiple nodes. For example, it is possible to configure remaining nodes 102-104 to accept and/or perform multicasting.
Transmitting data to other networks, however, requires additional configuration and/or equipment. For example, for network 150 to begin receiving multicast data a multicast router 130 is required. Multicast router 130 distributes and replicates the multicast data stream as is necessary to provide requesting network nodes with data. To have the ability to transmit multicast data between networks requires that all routers present on the path from network 125 to network 150 be multicast capable. For example, if data is transmitted from network 125 to network 150 using path 144 then networks 175-177 are multicast capable. However, if networks 175-177 do not contain routers that support multicasting, tunneling may be used to send multicast data through network 140 using networks 178-180. Tunneling is used to connect islands of multicast routers separated by links that do not support multicasting (e.g. networks 178-180). When this approach is used multicast datagrams are encapsulated into standard unicast datagrams and sent through network 140. Tunneling may be used to send multicast data across the Internet (e.g. MBONE) or any other type of viable communication network.
Network 125 and network 150 both contain a firewall 199. Firewalls 199 prevent unauthorized data from entering a network. When a firewall 199 is present on a network, such as network 125, network 150, or network 140, the firewall may need to be reconfigured to permit multicast traffic. Network 125 and network 150 may also contain multicast filtering switches. A multicast filtering switch provides a way to localize the amount of data traffic disseminated on a LAN. If, for example, a filtering switch is installed on network 125, data will only be sent to participating nodes rather than to all segments on the LAN. A filtering switch allows receiving node 101 to receive multicast data from sending node 100 without interfering with remaining nodes 102-104.
If all participating networks are properly configured to accept multicast data sending node 100 may send an identical copy of data 133 to all the nodes that request it. For example, data may be sent using path 144 from sending node 100 to receiving nodes 101, 152, 153, and 154.
Sending and Receiving Multicast Data
IP multicasting is a form of multicasting data across the Internet. IP multicasts adhere to an addressing standard defined by the Internet Assigned Numbers Authority (IANA). To send data, the sender specifies a destination address which is representative of a host group and uses the “Send IP” operation to transmit the data. The “Send IP” operation is the same operation used to transmit unicast data. To receive multicast data a user's host application requests membership in the multicast host group associated with a particular multicast. For example, if the user wants to view a multicast of events taking place on the Space Shuttle, the user may request to view that event by issuing a membership request. The user's membership request is then communicated to the network hardware which disseminates the request. In some instances the request is communicated to the LAN router. If data is to be sent off the LAN the request is communicated to intermediate routers between the location of the sender and the receiver. The user's membership request also causes the receiving computer to start filtering for addresses associated with the multicast address identified in the initial request. The receiving computer's network interface card, for example, starts filtering for the specific data link layer addresses associated with the multicast. If the multicast is initiated outside the LAN the WAN router delivers the requested multicast data to the LAN router. The LAN router builds the message and forwards it to the receiving computer. The receiving computer listens for expected multicast data and passes received data to the TCP/IP protocol stack, which makes the data available as input to the user's application (e.g. a video viewing application).
A problem with IP multicasting is that multicast enabled networks are not designed to provide an easy system for authenticating and obtaining payment from users who wish to access the multicast data. For example, the prior art does not provide users with a way to utilize a smart card to pay for access to a particular multicast.