1 / 28

Simultaneous Distribution Control and Privacy Protection for Proxy based Media Distribution

Simultaneous Distribution Control and Privacy Protection for Proxy based Media Distribution. Songqing Chen ( George Mason University ) Shiping Chen ( George Mason University ) Huiping Guo ( California State University ) Bo Shen ( Hewlett-Packard Labs )

chenoa
Télécharger la présentation

Simultaneous Distribution Control and Privacy Protection for Proxy based Media Distribution

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Simultaneous Distribution Control and Privacy Protection for Proxy based Media Distribution Songqing Chen (George Mason University) Shiping Chen (George Mason University) Huiping Guo (California State University) Bo Shen (Hewlett-Packard Labs) Sushil Jajodia (George Mason University)

  2. Background • Compared to Web content delivery, Internet media distribution is challenging: • Large object size • Continuous demand of network, disk bandwidth • Lots of proxy-based solutions: • Silo, partial sequence caching, layered caching, scabale proxy caching, QBIX, prefix, segment caching, video staging…… good performance Any of these ideas is practically/widely deployed?

  3. Lack Distribution Control I cannot get pay for these accesses! Server Proxy Client

  4. Existing Solutions – for distribution control • Common practice (Does not work with proxy caching) • Pay-per-view/membership • DRM (Digital Right Management) • Proxy-based solutions • Hardware-assisted encryption/decryption (special device requirement) • RSA-based multi-key (vulnerable to client collusion)

  5. Lack Sufficient Privacy Protection • Current practice could endanger your private information • WWW (when & what & where) • Your preferences, payment methods • e.g., what kinds of movies you are always interested in? • …… • May be used for uninvitedads or investigation Little is considered in existing media distribution solutions

  6. Conflicting Interests • Privacy Protection (end-user’s interests) • Proxy has good potential for privacy protection • Distribution control (content provider’s interests) • Only legitimate users could be granted access • Normally requires user’s identity Conflicting Can we simultaneously achieve both goals for two parties while proxy caching can be leveraged?

  7. Our Contributions • Provide a framework to achieve simultaneous distribution control and privacy protection • El Gamal based scheme for distribution control • Shamir-Omura based scheme for privacy protection • Propose and evaluate the algorithm in cooperative proxy environments • Considering traffic amortization and proactive replacement

  8. Outline • Simultaneous Distribution Control and Privacy Protection • Distribution Control Principle • Privacy Protection Principle • Algorithm Design and Evaluation • Conclusions

  9. Key Division Cipher • M = D(E(M, Ke) , Kd) • Kd = Kd1 Kd2 • M = D(D(E(M, Ke), Kd1), Kd2) • El Gamal is a key division cipher system on “+”.

  10. C2 (C1, XB1) (C1, XB2) M2 Distribution Control Client Proxy Server XB < q YB = αXB mod q Random k <q K = (YB)k (mod q) C1= αk (mod q) C2= KM (mod q) XB = XB1+XB2 K1 = (C1)XB1 mod q M2 = C2 / K1 mod q K2 = (C1)XB2 mod q M = M2 / K2 mod q

  11. Commutative Cipher • For any two keys: Ke1 and Ke2 • E(E(M, Ke1), Ke2) = E(E(M, Ke2), Ke1) • Shamir-Omura has commutative property.

  12. IDS IDC (IDC)S IDS Privacy Protection Client Proxy Server (KE, KD) IDS= E(ID, KE) (Ke, Kd) IDC= E(ID, Ke) (IDS, Movie) E(IDC , KE) = E(E(ID, Ke), KE) = (IDC)S D((IDC)S, Kd) = D(E(E(ID, Ke), KE), Kd) = E(ID, KE) = IDS

  13. Our Unified SchemeAssumptions • k anonymity • The server only knows a client is accessing one of k objects • Objects are classified into n classes (e.g., price), each with more than k objects • Privacy protection (Shamir-Omura) • Each object can only be identified via its encrypted ID on the proxy • Encryption key KE for IDs is same for objects in the same class • Distribution control (El Gamal) • Each object is encrypted with a different key • Encryption key is divided into two parts, e.g., E(M, SC+Si) • SC is common for the class • Si is different for each object • Si is encrypted with KE • ID and E(Si, KE) are available for client access

  14. E(E(ID, Ke), KE) || E(Si, Ke) || SC2 SC1 IDS D(E(M, SC+Si), SC1) (ID, E(Si,KE)) list (E(ID, KE), E(M, SC+Si)) Want to access some movie: ID E(ID, Ke) || E(E(Si, KE), Ke) client proxy server 1. Get payment; 2. E(E(ID, Ke), KE); 3. D(E(E(Si, KE), Ke), KD) =E(Si, Ke); 4.SC = SC1+SC2 1. D(E(Si, Ke), Kd) = Si 2. D(E(E(ID, Ke), KE), Kd) =E(ID, KE) = IDS Objects are pre-cached in the proxy! D(E(M, SC+Si), SC1) D(D(E(M, SC+Si), SC1), SC2+Si)

  15. Brief Analysis • Proxy and clients do not collude – enable distribution control • Proxy and servers do not collude – provide privacy protection • For each access to the server, instead of fetching 1 object, (k-1) additional objects must be fetched for privacy protection – additional traffic – can we utilize?

  16. Outline • Simultaneous Distribution Control and Privacy Protection • Algorithm Design and Evaluation • Conclusions

  17. Design Space • Work independently or cooperatively? • Cost-Amortized Request Admission • Which (K-1) objects to fetch? • Aggressive Object Selection • Which objects to replace? • Proactive Replacement

  18. Cost-amortized Request Admission • Requested object is not in local or peer cache • Counting how many (r) requests from how many (p) proxies to access server at this time • Each proxy fetches additional objects

  19. Aggressive Object Selection • After determining the number of additional objects to fetch: • In the first phase, select objects according to the object popularity • In the second phase, select objects according to the object size

  20. Proactive Replacement • Always use popularity based replacement to make room for the requested object • For additionally fetched objects: • In the first phase, using popularity based replacement to cache the additionally fetched objects • In the second phase, the additionally fetched objects are discarded

  21. Evaluation • Trace driven simulation • using a synthetic workload based on a server log through duplication • Total unique objects: 934 • Total unique object size: 67 GB • Total number of requests: 64227 • Object size: 288 KB to 638 MB • Average traffic per request: 222 MB • Number of cooperative proxies: 4 • Number of object classes: 5 • Privacy level k: 4

  22. Evaluated Strategies

  23. Cache Size-- Additional Traffic 1% of the total client accessed traffic

  24. Cache Size-- Local Hit Ratio & Peer Hit Ratio

  25. Cache Size-- Local Byte Hit Ratio & Peer Byte Hit Ratio

  26. Outline • Simultaneous Distribution Control and Privacy Protection • Algorithm Design and Evaluation • Conclusions

  27. Conclusion • Extended ElGamal for distribution control and Shamir-Omura for privacy protection • Proposed a unified algorithm to achieve them simultaneously • Proposed an algorithm and evaluated in a cooperative proxy environment

  28. Thanks to anonymous reviewers, Bill Bynum (William and Mary), Xiaodong Zhang (Ohio State University). Questions?

More Related