1 Simultaneous Distribution Control and Privacy Protection for Proxy based Media Distribution George Mason University Songqing Chen (George Mason University)
Published byModified over 4 years ago
Presentation on theme: "1 Simultaneous Distribution Control and Privacy Protection for Proxy based Media Distribution George Mason University Songqing Chen (George Mason University)"— Presentation transcript:
1 Simultaneous Distribution Control and Privacy Protection for Proxy based Media Distribution George Mason University Songqing Chen (George Mason University) George Mason University Shiping Chen (George Mason University) California State University Huiping Guo (California State University) Hewlett-Packard Labs Bo Shen (Hewlett-Packard Labs) George Mason University Sushil Jajodia (George Mason University)
2 Background Compared to Web content delivery, Internet media distribution is challenging: –Large object size –Continuous demand of network, disk bandwidth Lots of proxy-based solutions: –Silo, partial sequence caching, layered caching, scabale proxy caching, QBIX, prefix, segment caching, video staging…… good performance Any of these ideas is practically/widely deployed?
3 Lack Distribution Control Server Proxy Client I cannot get pay for these accesses!
4 Existing Solutions – for distribution control Common practice (Does not work with proxy caching) –Pay-per-view/membership –DRM (Digital Right Management) Proxy-based solutions –Hardware-assisted encryption/decryption (special device requirement) –RSA-based multi-key (vulnerable to client collusion)
5 Lack Sufficient Privacy Protection Current practice could endanger your private information –WWW (when & what & where) –Your preferences, payment methods e.g., what kinds of movies you are always interested in? –…… –May be used for uninvited ads or investigation Little is considered in existing media distribution solutions
6 Conflicting Interests Privacy Protection (end-user’s interests) –Proxy has good potential for privacy protection Distribution control (content provider’s interests) –Only legitimate users could be granted access –Normally requires user’s identity Can we simultaneously achieve both goals for two parties while proxy caching can be leveraged? Conflicting
7 Our Contributions Provide a framework to achieve simultaneous distribution control and privacy protection –El Gamal based scheme for distribution control –Shamir-Omura based scheme for privacy protection Propose and evaluate the algorithm in cooperative proxy environments –Considering traffic amortization and proactive replacement
8 Outline Simultaneous Distribution Control and Privacy Protection –Distribution Control Principle –Privacy Protection Principle Algorithm Design and Evaluation Conclusions
9 Key Division Cipher M = D(E(M, K e ), K d ) K d = K d1 K d2 M = D(D(E(M, K e ), K d1 ), K d2 ) El Gamal is a key division cipher system on “+”.
10 Distribution Control Client Proxy Server X B = X B1 +X B2 X B < q Y B = α X B mod q Random k <q K = (Y B ) k (mod q) C 1 = α k (mod q) C 2 = KM (mod q) K 1 = (C 1 ) X B1 mod q M 2 = C 2 / K 1 mod q C2C2 K 2 = (C 1 ) X B2 mod q M = M 2 / K 2 mod q M2M2 (C 1, X B1 ) (C 1, X B2 )
11 Commutative Cipher For any two keys: K e1 and K e2 E(E(M, K e1 ), K e2 ) = E(E(M, K e2 ), K e1 ) Shamir-Omura has commutative property.
12 Privacy Protection Client Proxy Server (K E, K D ) ID S = E(ID, K E ) (ID S, Movie) (K e, K d ) ID C = E(ID, K e ) E(ID C, K E ) = E(E(ID, K e ), K E ) = (ID C ) S D((ID C ) S, K d ) = D(E(E(ID, K e), K E), K d ) = E(ID, K E ) = ID S ID S ID C (ID C ) S ID S
13 Our Unified Scheme Assumptions k anonymity –The server only knows a client is accessing one of k objects Objects are classified into n classes (e.g., price), each with more than k objects Privacy protection (Shamir-Omura) –Each object can only be identified via its encrypted ID on the proxy –Encryption key K E for IDs is same for objects in the same class Distribution control (El Gamal) –Each object is encrypted with a different key –Encryption key is divided into two parts, e.g., E(M, S C +S i ) S C is common for the class S i is different for each object –S i is encrypted with K E –ID and E(S i, K E ) are available for client access
14 client proxy server (ID, E(S i, K E )) list Want to access some movie: ID (E(ID, K E ), E(M, S C +S i )) E(ID, K e ) || E(E(S i, K E ), K e ) 1. Get payment; 2. E(E(ID, K e ), K E ); 3. D(E(E(S i, K E ), K e ), K D ) =E(S i, K e ); 4.S C = S C1 +S C2 E(E(ID, K e ), K E ) || E(S i, K e ) || S C2 S C1 1. D(E(S i, K e ), K d ) = S i 2. D(E(E(ID, K e ), K E ), K d ) =E(ID, K E ) = ID S ID S D(E(M, S C +S i ), S C1 ) D(D(E(M, S C +S i ), S C1 ), S C2 +S i ) Objects are pre-cached in the proxy!
15 Brief Analysis Proxy and clients do not collude – enable distribution control Proxy and servers do not collude – provide privacy protection For each access to the server, instead of fetching 1 object, (k-1) additional objects must be fetched for privacy protection – additional traffic – can we utilize?
16 Outline Simultaneous Distribution Control and Privacy Protection Algorithm Design and Evaluation Conclusions
17 Design Space Work independently or cooperatively? –Cost-Amortized Request Admission Which (K-1) objects to fetch? –Aggressive Object Selection Which objects to replace? –Proactive Replacement
18 Cost-amortized Request Admission Requested object is not in local or peer cache –Counting how many (r) requests from how many (p) proxies to access server at this time –Each proxy fetches additional objects
19 Aggressive Object Selection After determining the number of additional objects to fetch: –In the first phase, select objects according to the object popularity –In the second phase, select objects according to the object size
20 Proactive Replacement Always use popularity based replacement to make room for the requested object For additionally fetched objects: –In the first phase, using popularity based replacement to cache the additionally fetched objects –In the second phase, the additionally fetched objects are discarded
21 Evaluation Trace driven simulation –using a synthetic workload based on a server log through duplication –Total unique objects: 934 –Total unique object size: 67 GB –Total number of requests: 64227 –Object size: 288 KB to 638 MB –Average traffic per request: 222 MB –Number of cooperative proxies: 4 –Number of object classes: 5 –Privacy level k: 4
23 Cache Size -- Additional Traffic 1% of the total client accessed traffic
24 Cache Size -- Local Hit Ratio & Peer Hit Ratio
25 Cache Size -- Local Byte Hit Ratio & Peer Byte Hit Ratio
26 Outline Simultaneous Distribution Control and Privacy Protection Algorithm Design and Evaluation Conclusions
27 Conclusion Extended El Gamal for distribution control and Shamir-Omura for privacy protection Proposed a unified algorithm to achieve them simultaneously Proposed an algorithm and evaluated in a cooperative proxy environment
28 Questions? Thanks to anonymous reviewers, Bill Bynum (William and Mary), Xiaodong Zhang (Ohio State University).