IPTV Service Framework Based on Secure Authentication and Lightweight Content Encryption for Screen-Migration in Cloud Computing

These days, the advancing of smart devices (e.g. smart phones, tablets, PC, etc.) capabilities and the increase of internet bandwidth enables IPTV service provider to extend their services to smart mobile devices. User can just receive their IPTV service using any smart devices by accessing the internet via wireless network from anywhere anytime in the world which is convenience for users. However, wireless network communication has well a known critical security threats and vulnerabilities to user smart devices and IPTV service such as user identity theft, reply attack, MIM attack, and so forth. A secure authentication for user devices and multimedia protection mechanism is necessary to protect both user devices and IPTV services. As result, we proposed framework of IPTV service based on secure authentication mechanism and lightweight content encryption method for screen-migration in Cloud computing. We used cryptographic nonce combined with user ID and password to authenticate user device in any mobile terminal they passes by. In addition we used Lightweight content encryption to protect and reduce the content decode overload at mobile terminals. Our proposed authentication mechanism reduces the computational processing by 30% comparing to other authentication mechanism and our lightweight content encryption reduces encryption delay to 0.259 second

A cooperative cellular and broadcast conditional access system for Pay-TV systems

This is the author's accepted manuscript. The final published article is available from the link below. Copyright @ 2009 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.The lack of interoperability between Pay-TV service providers and a horizontally integrated business transaction model have compromised the competition in the Pay-TV market. In addition, the lack of interactivity with customers has resulted in high churn rate and improper security measures have contributed into considerable business loss. These issues are the main cause of high operational costs and subscription fees in the Pay-TV systems. As a result, this paper presents the Mobile Conditional Access System (MICAS) as an end-to-end access control solution for Pay-TV systems. It incorporates the mobile and broadcasting systems and provides a platform whereby service providers can effectively interact with their customers, personalize their services and adopt appropriate security measurements. This would result in the decrease of operating expenses and increase of customers' satisfaction in the system. The paper provides an overview of state-of-the-art conditional access solutions followed by detailed description of design, reference model implementation and analysis of possible MICAS security architectures.Strategy & Technology (S&T) Lt

Cooperating broadcast and cellular conditional access system for digital television

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.The lack of interoperability between Pay‐TV service providers and a horizontally integrated business transaction model have compromised the competition in the Pay‐TV market. In addition, the lack of interactivity with customers has resulted in high churn rate and improper security measures have contributed into considerable business loss. These issues are the main cause of high operational costs and subscription fees in the Pay‐TV systems. This paper presents a novel end‐to‐end system architecture for Pay‐TV systems cooperating mobile and broadcasting technologies. It provides a cost‐effective, scalable, dynamic and secure access control mechanism supporting converged services and new business opportunities in Pay‐TV systems. It enhances interactivity, security and potentially reduces customer attrition and operational cost. In this platform, service providers can effectively interact with their customers, personalise their services and adopt appropriate security measures. It breaks up the rigid relationship between a viewer and set‐top box as imposed by traditional conditional access systems, thus, a viewer can fully enjoy his entitlements via an arbitrary set‐top box. Having thoroughly considered state‐of‐the‐art technologies currently being used across the world, the thesis highlights novel use cases and presents the full design and implementation aspects of the system. The design section is enriched by providing possible security structures supported thereby. A business collaboration structure is proposed, followed by a reference model for implementing the system. Finally, the security architectures are analysed to propose the best architecture on the basis of security, complexity and set‐top box production cost criteria

HUC-HISF: A Hybrid Intelligent Security Framework for Human-centric Ubiquitous Computing

制度:新 ; 報告番号:乙2336号 ; 学位の種類:博士(人間科学) ; 授与年月日:2012/1/18 ; 早大学位記番号:新584

Individualisation avancée des services IPTV

Le monde de la TV est en cours de transformation de la télévision analogique à la télévision numérique, qui est capable de diffuser du contenu de haute qualité, offrir aux consommateurs davantage de choix, et rendre l'expérience de visualisation plus interactive. IPTV (Internet Protocol TV) présente une révolution dans la télévision numérique dans lequel les services de télévision numérique sont fournis aux utilisateurs en utilisant le protocole Internet (IP) au dessus d une connexion haut débit. Les progrès de la technologie IPTV permettra donc un nouveau modèle de fourniture de services. Les fonctions offertes aux utilisateurs leur permettent de plus en plus d autonomie et de plus en plus de choix. Il en est notamment ainsi de services de type nTS (pour network Time Shifting en anglais) qui permettent à un utilisateur de visionner un programme de télévision en décalage par rapport à sa programmation de diffusion, ou encore des services de type nPVR (pour network Personal Video Recorder en anglais) qui permettent d enregistrer au niveau du réseau un contenu numérique pour un utilisateur. D'autre part, l'architecture IMS proposée dans NGN fournit une architecture commune pour les services IPTV. Malgré les progrès rapides de la technologie de télévision interactive (comprenant notamment les technologies IPTV et NGN), la personnalisation de services IPTV en est encore à ses débuts. De nos jours, la personnalisation des services IPTV se limite principalement à la recommandation de contenus et à la publicité ciblée. Ces services ne sont donc pas complètement centrés sur l utilisateur, alors que choisir manuellement les canaux de diffusion et les publicités désirées peut représenter une gêne pour l utilisateur. L adaptation des contenus numériques en fonction de la capacité des réseaux et des dispositifs utilisés n est pas encore prise en compte dans les implémentations actuelles. Avec le développement des technologies numériques, les utilisateurs sont amenés à regarder la télévision non seulement sur des postes de télévision, mais également sur des smart phones, des tablettes digitales, ou encore des PCs. En conséquence, personnaliser les contenus IPTV en fonction de l appareil utilisé pour regarder la télévision, en fonction des capacités du réseau et du contexte de l utilisateur représente un défi important. Cette thèse présente des solutions visant à améliorer la personnalisation de services IPTV à partir de trois aspects: 1) Nouvelle identification et authentification pour services IPTV. 2) Nouvelle architecture IPTV intégrée et comportant un système de sensibilité au contexte pour le service de personnalisation. 3) Nouveau service de recommandation de contenu en fonction des préférences de l utilisateur et aussi des informations contextesInternet Protocol TV (IPTV) delivers television content to users over IP-based network. Different from the traditional TV services, IPTV platforms provide users with large amount of multimedia contents with interactive and personalized services, including the targeted advertisement, on-demand content, personal video recorder, and so on. IPTV is promising since it allows to satisfy users experience and presents advanced entertainment services. On the other hand, the Next Generation Network (NGN) approach in allowing services convergence (through for instance coupling IPTV with the IP Multimedia Subsystem (IMS) architecture or NGN Non-IMS architecture) enhances users experience and allows for more services personalization. Although the rapid advancement in interactive TV technology (including IPTV and NGN technologies), services personalization is still in its infancy, lacking the real distinguish of each user in a unique manner, the consideration of the context of the user (who is this user, what is his preferences, his regional area, location, ..) and his environment (characteristics of the users devices screen types, size, supported resolution, and networks available network types to be used by the user, available bandwidth, .. ) as well as the context of the service itself (content type and description, available format HD/SD , available language, ..) in order to provide the adequate personalized content for each user. This advanced IPTV services allows services providers to promote new services and open new business opportunities and allows network operators to make better utilization of network resources through adapting the delivered content according to the available bandwidth and to better meet the QoE (Quality of Experience) of clients. This thesis focuses on enhanced personalization for IPTV services following a user-centric context-aware approach through providing solutions for: i) Users identification during IPTV service access through a unique and fine-grained manner (different from the identification of the subscription which is the usual current case) based on employing a personal identifier for each user which is a part of the user context information. ii) Context-Aware IPTV service through proposing a context-aware system on top of the IPTV architecture for gathering in a dynamic and real-time manner the different context information related to the user, devices, network and service. The context information is gathered throughout the whole IPTV delivery chain considering the user domain, network provider domain, and service/content provider domain. The proposed context-aware system allows monitoring user s environment (devices and networks status), interpreting user s requirements and making the user s interaction with the TV system dynamic and transparent. iii) Personalized recommendation and selection of IPTV content based on the different context information gathered and the personalization decision taken by the context-aware system (different from the current recommendation approach mainly based on matching content to users preferences) which in turn highly improves the users Quality of Experience (QoE) and enriching the offers of IPTV servicesEVRY-INT (912282302) / SudocSudocFranceF

MS IPTV audit collection services

Tese de mestrado em Segurança Informática, apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2011Microsoft Mediaroom Internet Protocol Television (MS IPTV), uma plataforma de televisão digital, levou o conceito de televisão a uma dimensão totalmente nova. MS IPTV é um sistema onde o serviço de televisão digital é entregue aos clientes usando Internet Protocol (IP), através de uma conexão de banda larga. Com o advento do IPTV começaram a aparecer novas situações relacionadas com a segurança da televisão, uma vez que, a infra-estrutura começou a ganhar complexidade e exposição a uma série de novos riscos. Por esta razão, a segurança numa infra-estrutura de MS IPTV não é apenas mais uma funcionalidade, mas sim uma necessidade. Podemos mesmo dizer que hoje em dia é obrigatório aguçar o engenho para estar um passo à frente dos atacantes, uma vez que estes estão sempre à espera de uma brecha, para comprometer os sistemas. Uma infra-estrutura como o MS IPTV armazena por omissão dados relativos ao comportamento dos utilizadores ao nível dos logs, no entanto esta informação só se torna relevante se puder ser consultada e analisada com o objetivo de proporcionar uma compreensão a alto nível sobre os diferentes padrões que estão a ocorrer nos servidores ou no comportamento dos utilizadores, uma tarefa que envolve poderosas técnicas de data parsing. A tese apresenta uma abordagem que combina técnicas de data parsing, a fim de analisar os logs relevantes da infra-estrutura de MS IPTV, com o objetivo principal de aumentar a segurança através da investigação dos tipos de informações adicionais que pode ser extraída. Tentámos assim entender se é possível determinar que tipos de ataques estão a ser perpetrados contra a infra-estrutura MS IPTV, com base na análise dos logs. Como o foco central desta tese está no diagnóstico, propomos uma abordagem para descobrir ataques, onde os logs são verificados para identificar grupos coerentes de ocorrências susceptíveis de constituir ataques que apelidámos de padrões. Nos testes, verificámos que a nossa abordagem consegue bons resultados na descoberta de ataques. Os resultados obtidos têm a vantagem adicional de poderem ser integrados na ferramenta de monitorização utilizada pelas equipas de operação dos sistemas da Portugal Telecom, o System Center Operations Manager (SCOM).Microsoft Mediaroom Internet Protocol TeleVision (MS IPTV), one of the platforms for digital TV, took television to an all new dimension level. MS IPTV is described as a system where a digital television service is delivered to consumers using the Internet Protocol over a broadband connection. Since the infrastructure started to gain complexity and exposure to a number of new risks, never envisaged situations related to television security started to appear. For this reason, MS IPTV security is not only a great asset, but also a necessity. Nowadays it is mandatory to sharpen the wit to get ahead of attackers, who are always waiting for a breach to compromise our systems. MS IPTV log servers collect information about user and system behavior. However, this information only becomes relevant if it can be queried and analyzed with the purpose of providing high-level understanding about the different patterns. This task must comprise powerful data parsing techniques, since MS IPTV is able to generate close to one terabyte of logs per day. This thesis presents an approach that combines data parsing techniques in order to analyze relevant MS IPTV logs, with the main objective to increase security through the investigation of what type of additional information can be extracted from the server log files of a MS IPTV platform. The thesis focus is on diagnosis, trying to understand if it is possible to determine what type of attacks are being perpetrated against the MS IPTV infrastructure. We propose an approach for discovering attacks, where the application logs are scanned to identify coherent groups of occurrences that we call patterns, which are likely to constitute attacks. Our results showed that our approach achieves good results in discovering potential attacks. Our output results can be integrated into the MS IPTV monitoring system tool SCOM (System Center Operations Manager), which is an additional advantage over the other monitoring and log management systems

Open educational resources for all? Comparing user motivations and characteristics across The Open University’s iTunes U channel and OpenLearn platform.

With the rise in access to mobile multimedia devices, educational institutions have exploited the iTunes U platform as an additional channel to provide free educational resources with the aim of profile-raising and breaking down barriers to education. For those prepared to invest in content preparation, it is possible to produce interactive, portable material that can be made available globally. Commentators have questioned both the financial implications for platform-specific content production, and the availability of devices for learners to access it (Osborne, 2012). The Open University (OU) makes its free educational resources available on iTunes U and via its web-based open educational resources (OER) platform, OpenLearn. The OU’s OER on iTunes U reached the 60 million download mark in 2013; its OpenLearn platform boasts 27 million unique visitors since 2006. This paper reports the results of a large-scale study of users of the OU’s iTunes U channel and OpenLearn platform. A survey of several thousand users revealed key differences in demographics between those accessing OER via the web and via iTunes U. In addition, the data allowed comparison between three groups: formal learners, informal learners and educators. The study raises questions about whether university-provided OER meet the needs of users and makes recommendations for how content can be modified to suit their needs. As the publishing of OER becomes core to business, we reflect on reasons why understanding users’ motivations and demographics is vital, allowing for needs-led resource provision and content that is adapted to best achieve learner satisfaction, and to deliver institutions’ social mission

Developing sustainable business models for institutions’ provision of open educational resources: Learning from OpenLearn users’ motivations and experiences

Universities across the globe have, for some time, been exploring the possibilities for achieving public benefit and generating business and visibility through releasing and sharing open educational resources (OER). Many have written about the need to develop sustainable and profitable business models around the production and release of OER. Downes (2006), for example, has questioned the financial sustainability of OER production at scale. Many of the proposed business models focus on OER’s value in generating revenue and detractors of OER have questioned whether they are in competition with formal education. This paper reports on a study intended to broaden the conversation about OER business models to consider the motivations and experiences of OER users as the basis for making a better informed decision about whether OER and formal learning are competitive or complementary with each other. The study focused on OpenLearn - the Open University’s (OU) web-based platform for OER, which hosts hundreds of online courses and videos and is accessed by over 3,000,000 users a year. A large scale survey and follow-up interviews with OpenLearn users worldwide revealed that university provided OER can offer learners a bridge to formal education, allowing them to try out a subject before registering on a formal course and to build confidence in their abilities as learners. In addition, it was found that using OER during formal paid-for study can improve learners’ performance and self-reliance, leading to increased retention and satisfaction with the learning experience

A practical key management and distribution system for IPTV conditional access

Conditional Access (CA) is widely used by pay-television operators to restrict access to content to authorised subscribers. Commercial CA solutions are available for structured broadcast and Internet Protocol Television (IPTV) environments, as well as Internet-based video-on-demand services, however these solutions are mostly proprietary, often inefficient for use on IP networks, and frequently depend on smartcards for maintaining security. An efficient, exible, and open conditional access system that can be implemented practically by operators with large numbers of subscribers would be beneficial to those operators and Set-Top-Box manufacturers in terms of cost savings for royalties and production costs. Furthermore, organisations such as the South African Broadcasting Corporation that are transitioning to Digital-Terrestrial-Television could use an open Conditional Access System (CAS) to restrict content to viewing within national borders and to ensure that only valid TV licence holders are able to access content. To this end, a system was developed that draws from the area of group key management. Users are grouped according to their subscription selections and these groups are authorised for each selection's constituent services. Group keys are updated with a key-tree based approach that includes a novel method for growing full trees that outperforms the standard method. The relations that are created between key trees are used to establish a hierarchy of keys which allows exible selection of services whilst maintaining their cryptographic protection. Conditions for security without dependence on smartcards are defined, and the system is expandable to multi-home viewing scenarios. A prototype implementation was used to assess the proposed system. Total memory consumption of the key-server, bandwidth usage for transmission of key updates, and client processing and storage of keys were all demonstrated to be highly scalable with number of subscribers and number of services

Quality of service technologies for multimedia applications in next generation networks

Next Generation Networks are constantly evolving towards solutions that allow the operator to provide advanced multimedia applications with QoS guarantees in heterogeneous, multi-domain and multi-services networks. Other than the unquestionable advantages inherent the ability to simultaneously handle traffic flows at different QoS levels, these architectures require management systems to efficiently perform quality guarantees and network resource utilization. These issues have been addressed in this thesis. DiffServ-aware Traffic Engineering (DS-TE) has been considered as reference architecture for the deployment of the quality management systems. It represents the most advanced technology to accomplish either network scalability and service granularity goals. On the basis of DS-TE features, a methodology for traffic and network resource management has been defined. It provides some rules for QoS service characterization and allows to implement Traffic Engineering policies with a class-based approach. A set of basic parameters for quality evaluation has been defined, that are the Key Performance Indicators; some mathematical model to derive the statistical nature of traffic have been analyzed and an algorithm to improve the fulfillment of quality of service targets and to optimize network resource utilization. It is aimed at reducing the complexity inherent the setting of some of the key parameters in the NGN architectures. Multidomain scenarios with technologies different from DS-TE have been also evaluated, defining some methodologies for network interoperability. Simulations with Opnet Modeler confirmed the efficacy of the proposed system in computing network configurations with QoS targets. With regard to QoS performance at the application level, video streaming applications in wireless domains have been particularly addressed. A rate control algorithm to adjust the rate on a per-window basis has been defined, making use of a short-term prediction of the network delay to keep the probability of playback buffer starvation lower than a desired threshold during each window. Finally, a framework for mutual authentication in web applications has been proposed and evaluated. It integrates an IBA password technique with a challenge-response scheme based on a shared secret key for image scrambling. The wireless environment is mainly addressed by the proposed system, which tries to overcome the severe constraints on security, data transmission capability and user friendliness imposed by such environment