The application prepares data as it would for non-secure transmission, then encrypts (and, using a MAC, possibly authenticates) the packets using the current Traffic Encryption Key (TEK), received from the Group Manager.

Receives the data from the Data Multicast Group and decrypts it according to the TEK given by the local Key Manager. Later steps in the application data processing will not notice any differences resulting from the encryption or authentication of data.

Any multicast, broadcast, or anycast channel delivering the secured packets from the sender(s) at least to the intended receivers. It will be used to transport the bulk of the application's data.

Receives, admits, and processes join and leave requests from participants and sends out the messages to have Key Managers perform the necessary key changes.

Is queried by the Group Manager to find out who is to be admitted. This function can also be delegated to a human, e.g. a chairperson.

Receives and decodes the rekeying requests from the Group Manager, passing the resulting TEK to the Receiver.

Join requests from new members are usually received through this unicast connection, or via another out-ofband mechanism. This channel is only needed to bootstrap a join request and to perform authentication between the new participant and the Group Manager. A single setup component might lead to implosion problems, it is thus proposed to replicate the setup component on multiple machines, and have them establish a permanent connection to the centralized access control component. In the distributed approach setup implosion is not an issue.

Any multicast or broadcast channel delivering the packets from the Group Manager to at least the intended receivers. Traffic consists of new keying material which needs to be distributed to the participants Key Managers. Transmissions over this channel have to be received by every participant, which can be achieved by (1) implementing components of any reliable multicast mechanism or (2) performing retransmits on a regular basis with a limited history of key changes, resulting in a soft state approach. If for any reason a receiver should be unable to receive a packet in reasonable time, the fallback solution is to contact the Group Manager again.