Multi-User Security: A Signal Processing and Networking Perspective
Multi-User Security: A Signal Processing and Networking Perspective
Loading...
Files
Publication or External Link
Date
2002
Authors
Trappe, Wade
Advisor
Liu, K.J. Ray
Citation
DRUM DOI
Abstract
The advancements in communication and multimedia technologies have paved
the way for a new suite of multi-user applications that will allow users to interact.
Although the new communication infrastructure makes it easier to reach the
end user, it also makes it easier for adversaries to mount attacks against security
measures intended to protect data. Thus, there must be mechanisms in place
that guarantee the confidentiality and rights of both the customer and the service
provider during the delivery of content across future communication networks.
This thesis examines security issues related to communications involving more
than two participants or adversaries. We approach the problem of multi-user security
by developing security measures at different stages of the content distribution process, ranging from the establishment of initial keying information before transmission,
to key management while delivering through networks, and finally to
content protection and collusion prevention/tracing after delivery.
We address the issue of establishing a group key prior to content delivery by
introducing the butterfly scheme and a conference keying scheme that addresses
user heterogeneity. These schemes employ the two-party Diffie-Hellman scheme
in conjunction with an underlying algorithmic tree called the conference tree. In
order to address client heterogeneity, we design the conference tree using source
coding techniques to account for the different user cost and budget profiles. We
also introduce the PESKY performance measure, which quantifies the likelihood
that a conference key can be established in a heterogeneous environment.
We then consider the problem of managing keys during content delivery by
proposing a multicast key management system that uses a composite message
format with member join and departure operations. Compared with the traditional
format of the rekeying messages used in tree-based multicast key management,
our composite message format reduces the amount of header information, while
maintaining the same payload size.
Finally, we address the issue of protecting the digital rights of multimedia
content after it has left the protected or encrypted domain. Since traditional
multimedia fingerprints are susceptible to collusion attacks made by a coalition
of adversaries, we develop fingerprints for multimedia that are based upon code
modulation and able to identify groups of colluders.