The Identity-embedded Technology in the Application of the IPTV Regulatory Platform

Similar documents
The Analysis of the Loss Rate of Information Packet of Double Queue Single Server in Bi-directional Cable TV Network

Research on WSN Secure Communication Method Based on Digital Watermark for the Monitoring of Electric Transmission Lines

Study on data encryption technology in network information security. Jianliang Meng, Tao Wu a

Application of Redundant Backup Technology in Network Security

2017 2nd International Conference on Communications, Information Management and Network Security (CIMNS 2017) ISBN:

The Mobile Terminal Security Access System Based on IPSec VPN Di Zhao1,a, Xin He2,b and Yunjun Li1,c*

A New Method Of VPN Based On LSP Technology

Networking interview questions

An Solution of Network Service Oriented Operator Network Intrusion Prevention

Chongqing, China. *Corresponding author. Keywords: Wireless body area network, Privacy protection, Data aggregation.

Remote Monitoring System of Ship Running State under Wireless Network

Research on Heterogeneous Network Integration in Distribution Communication Network

UNIT - IV Cryptographic Hash Function 31.1

Embedded Smart Home System Based on ZigBee Song Chi

Proposal for tutorial: Resilience in carrier Ethernet transport

The Application Analysis and Network Design of wireless VPN for power grid. Wang Yirong,Tong Dali,Deng Wei

A Compatible Public Service Platform for Multi-Electronic Certification Authority

Reliable Broadcast Message Authentication in Wireless Sensor Networks

Cryptographic Concepts

Use of Symmetric And Asymmetric Cryptography in False Report Filtering in Sensor Networks

Model the P2P Attack in Computer Networks

Network protocol for Internet of Things based on 6LoWPAN

Intelligent Computer Room Management Platform Based on RF Card

Design and Implementation of Dual-Mode Wireless Video Monitoring System

Overview. SSL Cryptography Overview CHAPTER 1

Research and Design of Crypto Card Virtualization Framework Lei SUN, Ze-wu WANG and Rui-chen SUN

Research on Approach of Equipment Status and Operation Information Acquisition Based on Equipment Control Bus

An intelligent LED landscape lighting system

A Method and System for Thunder Traffic Online Identification

Framework Research on Privacy Protection of PHR Owners in Medical Cloud System Based on Aggregation Key Encryption Algorithm

Analysis Range-Free Node Location Algorithm in WSN

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

Exploration of Fault Diagnosis Technology for Air Compressor Based on Internet of Things

A NEW WATERMARKING TECHNIQUE FOR SECURE DATABASE

IJSER. Virtualization Intrusion Detection System in Cloud Environment Ku.Rupali D. Wankhade. Department of Computer Science and Technology

Introduction and Overview. Why CSCI 454/554?

A METHOD FOR DETECTING FALSE POSITIVE AND FALSE NEGATIVE ATTACKS USING SIMULATION MODELS IN STATISTICAL EN- ROUTE FILTERING BASED WSNS

Secure Communication in Digital TV Broadcasting

Intelligent Terminal System Based on Trusted Platform Module

ETSI TS V6.1.0 ( )

Ethernet Network Redundancy in SCADA and real-time Automation Platforms.

The Key Technology of Online Service System Based on MQTT. Da-mei CHEN and Ze-hua GAO

International Journal of Advance Engineering and Research Development

Authenticating on a Ham Internet

S. Erfani, ECE Dept., University of Windsor Network Security

TOWARD PRIVACY PRESERVING AND COLLUSION RESISTANCE IN A LOCATION PROOF UPDATING SYSTEM

A Novel Intrusion Detection Method for WSN Sijia Wang a, Qi Li and Yanhui Guo

Design of Campus one-finger Service System Based on Fingerprint Identification

Information Security in Corporation

Comprehensive analysis and evaluation of big data for main transformer equipment based on PCA and Apriority

The Establishment of Large Data Mining Platform Based on Cloud Computing. Wei CAI

Shared-network scheme of SMV and GOOSE in smart substation

Watermarking for Security in Database

Serial Communication Based on LabVIEW for the Development of an ECG Monitor

Available online at ScienceDirect. IERI Procedia 4 (2013 ) 2 7

The Analysis and Research of IPTV Set-top Box System. Fangyan Bai 1, Qi Sun 2

Improvement of Buffer Scheme for Delay Tolerant Networks

Before the FEDERAL COMMUNICATIONS COMMISSION Washington, D.C

The Design of Water Quality Monitoring Cloud Platform Based on. BS Architecture

UNDERSTANDING SENETAS LAYER 2 ENCRYPTION TECHNICAL-PAPER

The power quality intelligent monitoring system based on cloud computing Jie Bai 1a, Changpo Song 2b

Message authentication. Why message authentication. Authentication primitives. and secure hashing. To prevent against:

P2_L8 - Hashes Page 1

The Key Technology and Algorithm Design for the Development of Intelligent Examination System

A Defense System for DDoS Application Layer Attack Based on User Rating

SENETAS ENCRYPTION KEY MANAGEMENT STATE-OF-THE-ART KEY MANAGEMENT FOR ROBUST NETWORK SECURITY

The Research of Delay Characteristics in CAN Bus Networked Control System

Electronic Network Acceptable Use Policy

Security & Privacy. Web Architecture and Information Management [./] Spring 2009 INFO (CCN 42509) Contents. Erik Wilde, UC Berkeley School of

The role of ICT in managing the complex Smart Grid Infrastructure. Nampuraja Enose Infosys Labs

Present Situation of Cyber Terrorism in China and Its Legal Countermeasures

Certified Information Systems Auditor (CISA)

The Research and Application of the Fingerprint Key based USB-Key Pin Number Protection System Yu Lu 1, a, Zhong Liang 2, b, Chen Yue 3, c

Network Camera Security Guide

Computer Networks. Wenzhong Li. Nanjing University

Routing Protocols Simulation of Wireless Self-organized Network Based. on NS-2. Qian CAI

SOLUTION ARCHITECTURE AND TECHNICAL OVERVIEW. Decentralized platform for coordination and administration of healthcare and benefits

Data Hiding on Text Using Big-5 Code

Construction and Application of Cloud Data Center in University

GA Translated English of Chinese Standard: GA

A Scheme of Multi-path Adaptive Load Balancing in MANETs

Efficient Authentication and Congestion Control for Vehicular Ad Hoc Network

M out of N Safety Computing System Based on General-Purpose Computers

Saint Petersburg Electrotechnical University "LETI" (ETU "LETI") , Saint Petersburg, Russian FederationProfessoraPopova str.

IPv6 Traffic Hijack Test System and Defense Tools Using DNSSEC

Generating A Digital Signature Based On New Cryptographic Scheme For User Authentication And Security

Digital Authentication Strategies for the Automated Identification System

Intelligent Control of Micro Grid: A Big Data-Based Control Center

IoT Standardization Process and Smart IoT

Remote User Authentication Scheme in Multi-server Environment using Smart Card

Network Security and Cryptography. 2 September Marking Scheme

A Data Classification Algorithm of Internet of Things Based on Neural Network

An Improved DFSA Anti-collision Algorithm Based on the RFID-based Internet of Vehicles

A Secure Routing Protocol for Wireless Adhoc Network Creation

Investigation of Algorithms for VoIP Signaling

Awareness Technologies Systems Security. PHONE: (888)

1. INTRODUCTION 2. PROPOSED SYSTEM. Parashar Sangle, IJECS Volume 05 Issue 12 Dec., 2016 Page No Page 19489

Social-Aware Routing in Delay Tolerant Networks

Design of Coal Mine Power Supply Monitoring System

The technology of variable message format simulation in software testing Fei.Gao 1, a, Xuejun. Bi 1, a and Xiaozhen. Wang 1, a

Transcription:

3rd International Conference on Science and Social Research (ICSSR 2014) The Identity-embedded Technology in the Application of the IPTV Regulatory Platform Xu Lu 1,a,Hongwei Ding 2,b,Xiang Li 3,c,Yong Wang 4,d,Jia Guo 5,e,Haiying Deng 6,f 1 School of information Yunnan University Kunming, China 2 School of information Yunnan University Kunming, China 3 School of information Yunnan University Kunming, China 4 Science and Technology Department Radio of Yunnan province Kunming, China 5 Science and Technology Department Radio of Yunnan province Kunming, China 6 School of information Yunnan University Kunming, China a 695683175@qq.com, b Dhw1964@163.com, c 66704215@qq.com, d wangyong@126.com, e Gy@126. com, f Dhy@126.com Keywords: IPTV regulatory platform; identity embedded technology; monitor Abstract. The identity embedded technology is a method for monitoring the active network information. Other content would be prevented from tampering with any content from the source. This paper analyses the identity embedded technology in the application of the IPTV regulatory platform of Yunnan province. Introduction Safety supervision system of the IPTV can be achieved on the program source of legitimacy to identify, prevent the program source tampering and illegal insert and realize the traceability function. This paper introduced the identification (Content Monitoring Indicator, CMI) concept, is a method for monitoring the active network information content monitoring technique requires Publisher content that has been published with the data tags. According to the markings on the record about the information, information gateway determines the information content, then examination, judgment and filtering operation. This technology can avoid the information recognition and extraction of complex operations. 1 Embedded and inspection technology Logo design take into account both the video content providers copyright protection requirements, but also take into account the content of the video SARFT effective monitoring. Identifies at least contain video content copyright information (owners, producers, etc.), as well as the issue of the video content publisher's unique identification number (when the video has security issues, Soft could trace the responsible units or responsible person) engaged IPTV service license. In order to facilitate future content management, logo also added content title, summary, content rating and other information. IPTV-based content regulation of the three major demands: source control, tamper-proof, source authentication, content regulation logo should have the following characteristics: (1)Carry operator information and content information. This allows you to identify the test equipment to extract real-time information, when detected illegal content, facilitate the extraction of operators and content information tracking illegal sources, so as to realize the source of supervision. (2)Carry content hash value. Hash operation after the content, when the attacker to tamper with the contents, because the hash function calculation is indirection, weak collision free, strong collision free etc, so as to the content of the modified to hash operation after will get different hash value, so you can find the attacker to tamper with the content, so as to realize tamper-proof. (3)Using cryptographic techniques to protect the identity of the content regulation. By the underlying security infrastructure support, users can identify the operator information, certification, making an attacker can-not masquerade as legitimate operators, in order to achieve the source certification. In IPTV monitoring system, identify the inspection system, there are three treatment options: 2014. The authors - Published by Atlantis Press 29

(1)In the general set-top boxes based on embedded ASIC embedded into the user's set-top box, a direct detection of illegal content filtering. But the need to transform the set-top box, workload is too big. (2)Put into the transmission distribution networks, specifically placed in the third to fifth grade regulatory front end, detected by the gateway filtering illegal content. (3)Add to the client carry out sampling tests, the program will form suspected violation alarm information sent to the monitoring center, regulators after the second artificial audit program will be recognized as illegal broadcast control platform by integrating offline. In actual construction, the second and third programs are equipped with better feasibility, can be used in combination. 2 Embedded and inspection technology design In order to realize the IPTV content of the regulatory requirements, reference broadcast technology, embedded in a content monitoring identifies the CMI content in IPTV stream, the label contains content feature information(content hash value, operator information, content information), and to protect the password technology. When the user receives the IPTV content filtering through the identification, review inspection equipment, no program content identification or identification errors will be filtered, guarantee the received user is the legitimate content. Used to provide a mass of IPTV service can operate IPTV architecture is more complex, often have different ways of realization of each operator. But most of the IPTV architecture usually adopt reference model as shown below: Content providers for each channel by streaming content sources, the use of real-time transport protocol RTP transmission to the IPTV service provider's streaming media server. User terminal server access via service access business, streaming media server content transmitted via the RTP protocol to the user terminal. Figure 1 IPTV reference model The introduction of IPTV content regulation reference model: In the above reference model introduced content regulation, the reference model increases the logo embedded modules and identifies test module two functional modules. In every way the content provider via streaming content sources, first by identifying logo embedded module embedded content regulation, and then transmitted to the streaming media server. User terminal access service, the first test module by identifying regulatory identification test the legality of the content, and then play. Figure 2 The introduction of IPTV content reference model identifies 30

3 Embedded and inspection technology process Embedded in network television content stream CMI needs and content tightly bound, the attacker can-not replace the lawful content or illegal content disguised as legitimate content to spread illegal content; CMI requires tamper resistance, when the content is illegal tampering, by examining the CMI can effectively detect and alarm. Embedding process is as follows: (1)Group: the CMI embedded module receives the RTP packet to packet, according to the Package Number value, divided into a number of RTP packages. (2)Hash Algorithm: MD5 algorithm for each packet in RTP packet content hash operations, resulting in a 128 bit hash code MD1. According to the strong collision free nature of the MD5 algorithm, if the attackers tampering with the packet content, will produce a hash code for different values of the test module, which can detect attacks and corresponding treatment. But if the attacker packet content hash codes in tamper to calculate a new packet content and replace the original hash code value, test module will not be able to identify, so we need to improve the security of digital signature. (3)Signature Process: the sender use private key of RSA algorithm to make the digital signature, MD1 receiver test using send the public key digital signature, thus to distinguish whether the hash code from the sender, so as to ensure the safe transport of the CMI. According to the previous analysis of the RSA algorithm, the encryption algorithm computation complex and long key length. So general choice for all packages of hash code all digital signatures, the result got a 1024 bits of the digital signature. Scatter hash code and digital signature to packages extension header, but due to the IPTV network conditions such as delay, packet loss phenomenon, cause the receiver cannot recover the data in the CMI. So still need to adopt fault-tolerant mechanism (FEC) in order to ensure reliable transmission of CMI. (4)Error control on RTP. Increasing the coding redundancy,increase the minimum Hamming distance of the code to error detection and correction. Figure3 The embedded process of CMI After embedding, the RTP packet is transmitted to the receiver. The legitimacy of the user terminal via the CMI inspection module of CMI. The inspection process is as follows: (1)Obtained from the receiving end of a smart card public key to verify the digital signature, if illegal the rule description grouped under attack, discard the packet. (2)Get hash code MD1 and digital signatures, using FEC restore FEC Redundancy in the fields of all the hash code and digital signature. (3)Get MD2: when the receiver to receive after RTP packets, use hash algorithm, MD5 algorithm to the package content do get hash code MD2. (4)Compare MD1 and MD2 value due to a weak hash function collisions freedom, if the results are not equal, that the packet contents have been tampered with, discard the RTP. 31

(5)If digital signatures are equal in legal and MD1 and MD2 results, prove legal content, in the process of the transmission was not tampered with, the RTP packets sent to the user terminal playing module. Embedded and inspection technology Process chart is as follows. Figure4 The test process of CMI Summary As a network television hosted network IP network has the characteristics of openness, sharing, security problems inevitably. For IPTV may suffer from attack types using this method and the corresponding prevention attack capability analysis is as follows: (1)Completely replace attack or replace packet payload attack The attacker in the network television transmission process through completely replace the original RTP stream, or replace a packet payload way, trying to be legitimate content replacement for illegal content. In the user terminal through the test with or without CMI, the CMI hash codes and the calculated hash code, can find such attacks and alarm. (2)Replace the package load, calculation and replace hash code, forge a digital signature. Attacker by replacing the package load, according to the new package load calculation and replace the original hash code, according to a new hash code forged a digital signature or don't change the way a digital signature, trying to push the legal content is replaced with illegal content. Although the attacker recalculate and replace the hash code, but the attacker can-not obtain a content sender's private key for digital signature, enough key length makes it hard for attackers to forge the sender's digital signature content, the user terminal can recognize the illegal digital signature. Thus also makes replacement packet payload, and replace the hash code computing efforts become futile. (3)Reverse operation, piecing together and replace packet payload attack. Attackers don't change the hash code and digital signature, based on the hash code for reverse operation, piecing together and replace package loading way, trying to legal content is replaced with illegal content. The MD5 algorithm has the characteristics of indirection, the known hash code, package load is very difficult to solve, make the attacker attempts to not change the original hash code, solving out new, replace the contents of the attack is technically impossible. Corresponding author Hongwei Ding (1964-), male, Professor of Yunnan University, PhD Degree. Mainly engaged in the research of random multiple access communication system, polling system, network communication engineering. 32

Acknowledgements This work was supported by the National Natural Science Foundation of China (61072079); Natural Science Foundation of Yunnan Province (2010CD023); Graduate Scientific Research Fund of Yunnan University (ynuy201047) financial support of Yunnan University(No.XT412004). This work was also supported by radio and Television Bureau of Yunnan province innovation platform project. References [1] Miyoung H, Shingak K. Mechanism for IPTV service discovery using SIP protocol[a]. The 9th International Symposium on Communications and Information Technology[C]. 2009. pp564-567. [2] Froedroch O, Arbanowski S. Enhanced IPTV service control media delivery in next generation networks[a]. Conference on Internet Multimedia Services Architecture and Applications[C].2009.pp1-5. [3] Wai L Y, Anh T H, Chen K T. On average packet delay bounds loss rates of network-coded multicasts over wireless downlinks[a].ieee International Conference on Communications[C]. 2009.pp11-16. [4] Sohrabi K,GaK J, Ailawadhi V, Pottle G J. Protocols for self-organization of a wireless sensor network. IEEE Personal Communications[J]. 2000, 7(5):16-27. [5] Arisha K A, Youssef M A, Younis M F. Energy-aware TDMA based MAC for sensor networks. In:Proceedings of IEEE Workshop on Integrated Management of Power AwareCommunications, Computing and Networking[C]. New York, USA: IEEE, 2002. 189-201. [6] Wei,Heidemann J,Estrin D. An energy-eficient MAC protocol for wireless sensor networks. In: Proceedings of the 21st Annual Joint Conference of the IEEE Computer and Communications Societies[C]. New York, USA: IEEE, 2002. 1567-1576. [7] Yang Zhijun, Zhao Dongfeng. QoS support polling scheme for multimediatraffic in wireless LAN MAC protocol. Tsinghua Science and Technology, 2008, 13(6):754-758. [8] Liu Qianlin, Zhao Dongfeng, Zhao Yifan. An efficient priority service model with two-level-polling scheme[j]. High Technology Letters, 2011, 17(3):245-251. [9] Qianlin Liu, Dongfeng Zhao, Dongming Zhou. An analytic model for enhancing IEEE 802.11 coordination function media access control protocol[j]. European Transactions on Telecommunications, 2011, 22(6):332-338. [10] R Eckhom, H J Reitboeck, M Amdt Feature linking via stimulus-evoked oscillation: experimental results from cat visual cortex and functional implications from a network model[j]. Neural Networks, 1989, 1:723-730. 33

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback