The attractiveness of applications for multipoint communication increases with the expanding availability of conference partners in the Internet. Especially in the context of group communication for business applications the demand for security services becomes more and more important, because the information exchanged is usually much more sensitive than in private context. Therefore the demand for data and conference member authentication, privacy, and data integrity increases. It could be seen that, for different reasons, the new developments of multicasting techniques are mostly not considering security measures in an adequate way. This paper first summarizes the different kinds of applications which use multicasting or are expected to do so in future. They are classified by characteristics like group size, membership dynamic, and need for security services. Then a general survey of the most important proposals for providing security services and key management is given and the protocols are analyzed, focussing on the load for the group controller as the central key managing entity. The paper closes with a new proposal for protocol improvement for the general process of rekeying.
