Abstract
Utilizing cloud services in running large-scale video surveillance systems is not uncommon. However, special attention should be given to data security and privacy because, typically, data travels over insecure public networks. In this work, we propose an end-to-end security framework for a cloud-based video surveillance system that supports a large number of cameras. Our framework provides mutual authentication, session key management, data confidentiality, and data integrity. Consequently, encrypted video frames can only be sourced from authenticated cameras and only destined to authenticated cloud devices where the integrity of such frames can also be verified against potential change. As video streaming is a very delay-sensitive application, we study different variations of the proposed framework to find security options that achieve the best trade-off between the added delay and the security of the system.
Similar content being viewed by others
References
Abd-Elrahman E, Abid M, Afifi H (2010) Video streaming security: window-based hash chain signature combines with redundancy code - youtube scenario as an internet case study. In: 2010 IEEE International symposium on multimedia (ISM), pp 33–40. doi:10.1109/ISM.2010.15
Alamri A, Hossain MS, Almogren A, Hassan MM, Alnafjan K, Zakariah M, Seyam L, Alghamdi A (2016) Qos-adaptive service configuration framework for cloud-assisted video surveillance systems. Multimed Tools Appl 75(21):13,333–13,348. doi:10.1007/s11042-015-3074-7
Alsmirat M, Sarhan N (2012) Cross-layer optimization and effective airtime estimation for wireless video streaming. In: 2012 21st International conference on computer communications and networks (ICCCN), pp 1–7. doi:10.1109/ICCCN.2012.6289275
Alsmirat MA, Jararweh Y, Obaidat I, Gupta BB (2016) Automated wireless video surveillance: an evaluation framework. J Real-Time Image Process:1–20. doi:10.1007/s11554-016-0631-x
Alsmirat MA, Jararweh Y, Obaidat I, Gupta BB (2016) Internet of surveillance: a cloud supported large-scale wireless surveillance system. J Supercomput:1–20. doi:10.1007/s11227-016-1857-x
Baugher M, McGrew D, Naslund M, Carrara E, Norrman K (2004) Rfc 3711: The secure real-time transport protocol (srtp). Request for Comments, IETF
Chang YT, Lin YC (2016) Dynamic reconfigurable encryption and decryption with chaos/m-sequence mapping algorithm for secure h.264/avc video streaming over ocdma passive optical network. Multimed Tools Appl 75(16):9837–9859. doi:10.1007/s11042-015-2784-1
Cmu/mit image set. http://vasc.ri.cmu.edu/idb/html/face/frontal_images/ [Online; accessed Nov-2015]
Daemen J, Rijmen V (1999) Aes proposal: Rijndael
Delp EJ, Lin ET (2005) Watermarking streaming video: the temporal synchronization problem. Springer New York, New York, pp 135–153
Eisenbarth T, Kumar S, Paar C, Poschmann A, Uhsadel L (2007) A survey of lightweight-cryptography implementations. IEEE Des Test Comput 24(6):522–533. doi:10.1109/MDT.2007.178
Fehér G, Oláh I (2008) Enhancing wireless video streaming using lightweight approximate authentication. Multimed Syst 14(3):167–177. doi:10.1007/s00530-008-0122-4
Forouzan BA (2008) Cryptography & network security, 1st edn. McGraw-Hill, Inc., New York
Gupta BB, Badve OP (2016) Taxonomy of dos and ddos attacks and desirable defense mechanism in a cloud computing environment. Neural Comput Appl:1–28. doi:10.1007/s00521-016-2317-5
Gupta B, Agrawal DP, Yamaguchi S (2016) Handbook of research on modern cryptographic solutions for computer and cyber security, 1st edn. IGI Global, Hershey
Hyncica O, Kucera P, Honzik P, Fiedler P (2011) Performance evaluation of symmetric cryptography in embedded systems. In: Proceedings of the 6th IEEE international conference on intelligent data acquisition and advanced computing systems, vol 1, pp 277–282. doi:10.1109/IDAACS.2011.6072756
Ke CH, Shieh CK, Hwang WS, Ziviani A et al (2008) An evaluation framework for more realistic simulations of mpeg video transmission. J Inf Sci Eng 24(2):425–440
Lee H, Lee K, Shin Y (2009) Aes implementation and performance evaluation on 8-bit microcontrollers. Int J Comput Sci Inf Secur 6(1):
Li J, Li YK, Chen X, Lee PPC, Lou W (2015) A hybrid cloud approach for secure authorized deduplication. IEEE Trans Parallel Distrib Syst 26(5):1206–1216. doi:10.1109/TPDS.2014.2318320
Li J, Li J, Chen X, Jia C, Lou W (2015) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437. doi:10.1109/TC.2013.208
Li J, Liu Z, Chen X, Xhafa F, Tan X, Wong DS (2015) L-encdb: a lightweight framework for privacy-preserving data queries in cloud computing. Knowl-Based Syst 79:18–26. doi:10.1016/j.knosys.2014.04.010. http://www.sciencedirect.com/science/article/pii/S0950705114001324
Lin YN, Huang KT (2014) The improvement of video streaming security in communication with multiple modes ciphering for handheld devices. Springer International Publishing, Cham, pp 355–364. doi:10.1007/978-3-319-05503-9_35
Obaidat I, Alsmirat MA, Jararweh Y (2016) Completing ieee 802.11e implementation in ns-3. In: 2016 7th International conference on information and communication systems (ICICS), pp 190–195. doi:10.1109/IACS.2016.7476109
Rajan MA, Varghese A, Narendra N, Singh M, Shivraj VL, Chandra GPB (2016) Security and privacy for real time video streaming using hierarchical inner product encryption based publish-subscribe architecture. In: 30th International conference on advanced information networking and applications workshops (WAINA), pp 373–380. doi:10.1109/WAINA.2016.101
Recommendation 500-10. Methodology for the subjective assessment of the quality of television pictures. ITU-R Recommendation BT.500–10 (2000)
Reza TA, Barbeau M (2013) QoS aware adaptive security scheme for video streaming in MANETs. Springer Berlin Heidelberg, Berlin, Heidelberg, pp 324–340. doi:10.1007/978-3-642-37119-6_21
Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126. doi:10.1145/359340.359342
Schulzrinne H, Casner S, Frederick R, Jacobson V (2003) Rtp: a transport protocol for real-time applications. Tech. rep
Seedorf J (2009) Security issues for P2P-based voice- and video-streaming applications. Springer Berlin Heidelberg, Berlin, Heidelberg, pp 95–110. doi:10.1007/978-3-642-05437-2_10
Shirani S, Kossentini F, Kallel S, Ward R (1997) Reconstruction of jpeg coded images in lossy packet networks. Submit-ted to IEEE Transactions on Communications
Stergiou C, Psannis KE, Kim BG, Gupta B (2016) Secure integration of iot and cloud computing. Fut Gen Comput Syst. doi:10.1016/j.future.2016.11.031. http://www.sciencedirect.com/science/article/pii/S0167739X1630694X
Sun Z, Zhang Q, Li YA, Tan Y (2016) Dppdl: a dynamic partial-parallel data layout for green video surveillance storage. IEEE Transa Circ Syst Vid Technol 99:1–1. doi:10.1109/TCSVT.2016.2605045
Tawalbeh L, Jararweh Y, Mohammad A (2013) An integrated radix-4 modular divider/multiplier hardware architecture for cryptographic applications. Int Arab J Inf Technol 9(3):284–290
The network simulator ns-3. http://www.nsnam.org/
Turner S, Chen L (2011) Updated security considerations for the md5 message-digest and the hmac-md5 algorithms
Venugopalan R, Ganesan P, Peddabachagari P, Dean A, Mueller F, Sichitiu M (2003) Encryption overhead in embedded systems and sensor network nodes: modeling and analysis Proceedings of the 2003 international conference on compilers, architecture and synthesis for embedded systems, CASES ’0. ACM, New York, pp 188–197, doi:10.1145/951710.951737
Wang CH, Liu HS, Hsieh CC (2014) Rate-sensitive leverage of qos and qop for ubiquitous video streaming via buffer-aware feedback control. Multimed Tools Appl 73(2):737–761. doi:10.1007/s11042-012-1186-x
Wei X, Li WX, Ran C, Pi CC, Ma YJ, Sheng YX (2015) Architecture and scheduling method of cloud video surveillance system based on IoT. Springer International Publishing, Cham, pp 551–560. doi:10.1007/978-3-319-27161-3_50
Xu Z, Mei L, Liu Y, Hu C, Chen L (2016) Semantic enhanced cloud environment for surveillance data management using video structural description. Computing 98(1):35–54. doi:10.1007/s00607-014-0408-7
Yang X, Zhang H, Ma H, Li W, Fu G, Tang Y (2016) Multi-resource allocation for virtual machine placement in video surveillance cloud. Springer International Publishing, Cham, pp 544–555. doi:10.1007/978-3-319-31854-7_49
Yi S, Jing X, Zhu J, Zhu J, Cheng H (2012) The model of face recognition in video surveillance based on cloud computing. Springer Berlin Heidelberg, Berlin, Heidelberg, pp 105–111. doi:10.1007/978-3-642-30126-1_18
Acknowledgments
This work was funded in parts by the Jordan University of Science and Technology Deanship of Scientific Research grant number 20150348.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Alsmirat, M.A., Obaidat, I., Jararweh, Y. et al. A security framework for cloud-based video surveillance system. Multimed Tools Appl 76, 22787–22802 (2017). https://doi.org/10.1007/s11042-017-4488-1
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-017-4488-1