Advanced secure multimedia services for digital homes
- 226 Downloads
Our society is becoming increasingly more IT-oriented, and the images and sounds that reflect our daily life are being stored mainly in a digital form. This digital personal life can be part of the home multimedia contents, and users demand access and possibly share these contents (such as photographs, videos, and music) in an ubiquitous way: from any location and with any device. The purpose of this article is twofold. First, we introduce the Feel@Home system, whose main objective is to enable the previously mentioned vision of an ubiquitous digital personal life. Second, we describe the security architecture of Feel@Home, analyzing the security and privacy requirements that identify which threats and vulnerabilities must be considered, and deriving the security building blocks that can be used to protect both IMS-based and VPN-based solutions.
KeywordsDigital home Content sharing Multimedia Security Privacy
This work has been partially supported by the Feel@Home project. The authors would like to thank all members of the Feel@Home consortium for their much appreciated help on this paper, with special thanks to Benoit Michau for his insight on IMS security.
- Bechler, M., Hof, H. J., Kraft, D., Rahlke, F., & Wolf, L. (2004). A cluster-based security architecture for ad hoc networks. In Annual joint conference of the IEEE computer and communications societies (INFOCOM’04) (pp. 2393–2403).Google Scholar
- Benjumea V., Choi, S., Lopez, J., & Yung, M. (2007). Anonymity 2.0—X.509 extensions supporting privacy-friendly authentication. In Cryptology and network security conference (CANS’07) (pp. 265–281).Google Scholar
- Bhargav-Spantzel, A., Camenisch, J., Gross, T., & Sommer, D. (2007). User centricity: A taxonomy and open issues. Journal of Computer Security, 15(5), 493–527.Google Scholar
- Camenisch, J., & Lysyanskaya, A. (2001). Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In International conference on advances in cryptology (EUROCRYPT’01) (pp. 93–118).Google Scholar
- Chintada, S., Sethuramalingam, P., & Goffin, G. (2008). Converged services for home using a SIP/UPnP software bridge solution. In 5th IEEE consumer communications and networking conference (CCNC’08) (pp. 790–794).Google Scholar
- Credentica (2007). U-prove SDK overview. White Paper.Google Scholar
- DCSSI-France (2004). EBIOS—Expression of needs and identification of security objectives.Google Scholar
- ETSI TISPAN WG5 (2010). LS to 3GPP regarding remote access to CPNs. Retrieved from http://www.3gpp.org/ftp/tsg_sa/WG3_Security/TSGS3_59_Lisbon/Docs/S3-100582.zip.
- HGI, Home Gateway Initiative (2008). Home Gateway requirements: Residential profile.Google Scholar
- IBM (2010). Idemix (Identity Mixer): Pseudonymity for e-transactions. Retrieved from http://www.zurich.ibm.com/security/idemix/.
- IEEE Computer Society (1998). IEEE std 830-1998, IEEE recommended practice for software requirements specifications. ISBN 0-7381-0332-2.Google Scholar
- IETF PKIX Working Group (2010). Retrieved from http://www.ietf.org/html.charters/pkix-charter.html.
- ISO/IEC (2005). ISO/IEC 15408-1:2005. Information technology— Security techniques—Evaluation criteria for IT security.Google Scholar
- IST PRIME Project (2005). Privacy and identity management for Europe. White Paper.Google Scholar
- Jaatun, M., & Tøndel, I. (2008). Covering your assets in software engineering. In 3rd international conference on availability, reliability and security (ARES’08) (pp. 1172–1179).Google Scholar
- Kiayias, A., Tsiounis, Y., & Yung, M. (2004). Traceable signatures. In Conference on advances in cryptology (EUROCRYPT’04) (pp. 571–589).Google Scholar
- Lacoste, M. (2009). Architecting adaptable security infrastructures for pervasive networks through components. In International conference on future generation communication and networking (FGCN’09) (pp. 275–292).Google Scholar
- Mannan, M., & van Oorschot, P. (2008). Privacy-enhanced sharing of personal content on the Web. In International World Wide Web conference (WWW’08) (pp. 487–496).Google Scholar
- Netfilter/iptables Project (2010). Retrieved from http://www.netfilter.org/.
- OECD (1980). Guidelines on the protection of privacy and transborder flows of personal data.Google Scholar
- The CELTIC Feel@Home Project (2010). Retrieved from https://rd-projet-feelathome.rd.francetelecom.com/.
- van Hartskamp, M., et al. (2008). PnP QoS architecture. UPnP forum.Google Scholar
- Zheleva, E., & Getoor, L. (2009). To join or not to join: The illusion of privacy in social networks with mixed public and private user profiles. In International World Wide Web conference (WWW’09) (pp. 531–540).Google Scholar