Secure Content Management In Ambient Environments- how about security and meta-data-

In order to strengthen the research on security and ambient intelligence, as well as the relationship between the content management and security work at Philips Research and at Twente University, a joint research project is set up. The work will be carrie

Secure Content ManagementIn Ambient Environments

-how about security andmeta-data?-

A PhD researchco-operation

Willem Jonker, Pieter Hartel, Ling FengNovember 1, 2002, version 1.0

IntroductionIn order to strengthen the research on security and ambient intelligence, as well as therelationship between the content management and security work at Philips Research andatTwenteUniversity, a joint research project is set up. The work will be carried out bytwo PhD students that will be jointly supervised byProf.Dr.Willem Jonker(Philips/UT)andProf.Dr.Pieter Hartel(UT).This document gives a description of the work.Motivation and Scope of the PhD ResearchAmbient Intelligence is an important theme in today's industrial (e.g. Philips [Phi]) andpublic research (e.g. 6`sFramework [ECO1]). Key in Ambient Intelligence is a seamlessintegration of smart technology in the environment. For Philips, the home environmentwith its entertainment technology is an important focal point. Management of seamlessaccess to multi-media content such as audio and video is one of the main functionscarried out in such an ambient home infotainment environment.

When looking at content management in ambient applications, we see that adaptation andpersonalization of content plays a crucial role ([FieOO], [SmyOO]). Adaptation andpersonalization of content is based on meta-data. Meta-data is information about theactual content that gives a characterization of the underlying content.

When looking at seamless access to content, we see that there are also drawbacks:content can flow everywhere and can also be accessed by individuals that should not haveaccess to the content. As a result the need for secure content management is even moreurgent in ambient environments.

Security issues around content protection are currently widely studied and focal point of alot of research and industrial projects on copy protection and digital rights managementtechnology ([Len02]). Most of this work focuses on the content itself. Although peoplerealize that meta-data is a valuable asset; little attention so far is paid to the securityissues of meta-data.

In our visionmeta-datawill become the cornerstone in ambient content management, andas a result security issues aroundmeta-datamanagement will need to be addressed in

In order to strengthen the research on security and ambient intelligence, as well as the relationship between the content management and security work at Philips Research and at Twente University, a joint research project is set up. The work will be carrie

order to give people trust in ambient intelligence. For that reason, in this project weaddress the relationship between security and meta-data from two angles:1.How can meta-data be exploited for security purposes; especially for ambientaccess purposes?2.What if meta-data needs to be secured it self: especially how to handle securedmeta-data?

To address these two questions, two PhD research positions are defined.

Ambient Content AccessThis research will address the question of how to exploit meta-data for ambient accesspurposes. The focus will be on conditional access to audio and video content, based onthe associated meta-data. The access should be ambient, based on the context in whichthe content is accessed in combination with the user accessing the content. As anexample, consider the viewing of news items that contain shocking scenes. An adult mayaccess this content (i.e. watch it), however a child may not. Also one may not want anadult to watch it in a public environment, given that there may be children around. Theresearch will focus on content, context, and user profiling techniques that enable thedevelopment of ambient content access systems. The work should build on techniquesknown from data modeling for context and personalization, multi-media meta-datamodeling (especially audio and video meta-data), and theory around conditional accessand digital rights management systems.

Detailed research questions to answer include: Which audio and video experience scenarios could conceivably play a role inambient access patterns? What kind of meta-data is needed to support these scenarios? Which parts of the meta-data are sensitive and thus relevant for security andprivacy? What kind of language (e.g. LicenseScript?) would be appropriate to describeambient access patterns? What kind of language (e.g. MPEG-7?) would be appropriate to describe meta-data? What kind of languages would be appropriate to describe context information? How can access pattern descriptions be linked to meta-data descriptions?

The above research questions will have to be complemented by some more systemoriented research. This starts from a global picture described in Figure 1.

In order to strengthen the research on security and ambient intelligence, as well as the relationship between the content management and security work at Philips Research and at Twente University, a joint research project is set up. The work will be carrie

Fig. 1. A Controlled Content Access Architecture

The aim is to provide targeted audio/video content, based on matching meta-data againstuser profiles and the context, which include access permission descriptions. Specificquestions to be addressed are: How do meta-data processing and access control interact in this architecture? What security classification would make sense to describe meta-data and userprofiles from the viewpoints of the content provider and the user? Are theseviewpoints conflicting? How can the system be organized such that personalization information, althoughexploited by the access control is never leaked back to the service provider? Can the system be so flexible that the meta-data itself can be personalized? How can we implement and evaluate the architecture of the system?

Secure Meta-Data ProcessingThis research will address the question of how to handle secure meta-data. The focus willbe on techniques for manipulating secure meta-data. Meta-data is used for variouspurposes, such as search, indexing, personalization, etc. Since the meta-data is growing,the pressure to secure it will grow. Nevertheless securing the meta-data should not hinderits processing for various applications. Compare, for example, the problem of trick-playon encrypted video. The research should focus on finding meta-data security techniquesthat on the one hand satisfy the security requirements on meta-data, and at the same timeallow efficient operations on meta-data for the above purposes. Since most meta-data isrepresented using XML, XML modeling and security technology (XML encryption) willplay an important role.

As a starting point the process described in Figure 2 will be taken. Here a query isexecuted against a collection of encrypted XML documents that contain meta-data,profile, or context descriptions. In order to avoid decryption of the whole collection

In order to strengthen the research on security and ambient intelligence, as well as the relationship between the content management and security work at Philips Research and at Twente University, a joint research project is set up. The work will be carrie

before answering the query, a two step approach is chosen: first a rough filtering,followed by decryption and querying.

Fig.2.Query Execution over Encrypted Document Set

Detailed research questions to answer include: Which are suitable cryptographic and non-cryptographic protection techniques forencodingXML documents that contain meta-data, profiles, or contextinformation? Which of these techniques allow effective pre-filtering as described in Fig.2. What kind of pre-filtering methods can be used, and what is the selectivity ofthese pre-filtering methods? Should the techniques be conservative in the sense that filtering never yields toolittle information? Is there a trade-off possible between document decryption and query encryption? What attacks are possible on the process, can we model and predict those, andwhat measures are possible to defend against the attacks?

Again, the research will be complemented by more system oriented research focusing onthe realization of the above techniques in an ambient system environment. Questions are: How can the above techniques be implemented in a distributed environment? What kind of additional system security measures have to be taken in such anenviroment?

In order to strengthen the research on security and ambient intelligence, as well as the relationship between the content management and security work at Philips Research and at Twente University, a joint research project is set up. The work will be carrie

How can parts of the process be distributed of various system components,including low resource systems?

Work PlanAlthough each PhD student will have its own work plan, we envisage close co-operationbetween them in the areas of meta-data modeling, profile description, as well as contextdescription. In addition, we envisage close co-operation on the system-oriented research.Roughly the 4-year PhD research period will be divided as follows:In the phase an extensive literature study will take place to get a good overview on thestate-of-the-art in meta-data, cryptography, and secure system research. The second phasewill be devoted to development of methods, techniques, and algorithms to address theresearch question mentioned above. The third phase will be focused on system design,implementation, and validation. The final phase will consist of writing up the thesis.Relevant Techniques and Related Work

Meta-data for Audio/Video ContentMeta-data for Audio/Video content is a cornerstone technology for the project.Considerable research is currently done on meta-data for audio and video content. Thistakes places in various universities and standardization bodies (e.g. TV-Anytime,MPEG), where MPEG-7 [Mar02] is the most elaborated meta-data representation. Up tillnow the focus has been on exploitation of meta-data for querying and retrieval ([B1o01],[Pet01], [Pet02a], [Pet02b]) while little or no attention has been paid to exploitation forsecurity purposes [Nur02].

XML TechnologyThe fact that most meta-data representations use XML, makes XML technology veryrelevant for the project. Nowadays, XML has become the dominant standard indescribing and exchanging data over different systems and applications on the Internet.XML formats are increasingly used for organizing and describing multimedia metadataand as an interchanging language in protocols. These raise a wide spread of theoreticaland practical aspects of the security required for XML-based content management anddissemination, which range from specific security features, such as digital signatures,element-wise encryption and access control of XML data, to XML-based infrastructure,such as secure XML databases, encrypted query execution (XQuery) and performanceevaluation [W3C02a, W3C02b, Dam02, Dev01, Ber00].

Cryptographic TechnologyThere are many aspects of security that play a role in the project. We discuss the mostimportant ideas and some of their applications.

Hi stogrammingTo improve the privacy of data base queries, data can be mapped into categories,so that any searches on data reveal only whether a match with the category has

In order to strengthen the research on security and ambient intelligence, as well as the relationship between the content management and security work at Philips Research and at Twente University, a joint research project is set up. The work will be carrie

occurred.This could be used as a pre-filtering stage in a search operation[Hac01 ] . Key diversificationTo enable searching in encrypted data, each relevant search target may beencrypted with its own specific key [Son00]. Homomorphic encryptionThis is the ability to compute with encrypted data such that the computations arealso meaningful to the unencrypted data [Aba90]. It is difficult if not impossibleto find crypto systems that have specific properties. Further, more, homomorphicencryption can be misused easily to infer information about encrypted data, forexample is we can check that E(a)+E(b)=E(a+b), we have some information abouta and b. The technique is often used in voting systems. Blind signaturesThe ability to sign something that you don't know [Cha92] can be used to endorseinformation by a third party. The classical example is Alice who wants Bob tosign a document for her, so that Carol (who trusts Bob but not Alice) may acceptit. Content hashingA secure hash of some information gives an identifier for that information that isunique with high probability [Mer87]. This has been used in many peer to peersystems, e.g. Freenet [C1a02], and distributed file systems [Maz99].Hashing is very sensitive to small changes in the information being hashed, somulti media information requires special treatment. For example audioinformation should ideally be hashed such that only perceptibly different audioyields different hashes. Licensing of meta-dataDescribing security policies and models formetadata [Cho02]. Security policiesfor meta-data can in principle be described independently from the securitypolicies for data.

References[Aba90]

[Ber00]

[B1o01]

[Cha92]M. Abadi and J. Feigenbaum. Secure circuit evaluation: A protocol basedon hiding information from an oracle. Journal of Cryptology, 2(1):1--12,1990.E. Bertino, S. Castano, E. Ferrari and M. Mesiti. Specifying and EnforcingAccess Control Policies for XML Document Sources. Intl. Journal ofWorld Wide Web, 3(3), 2000.H. E.Blok,M.Windhouwer,R.Zwol,M. Petkovic, P. M. G. Apers, , W.Jonker,M.Kersten,"Flexible and Scalable Digital Library Search", 27thInternationalConference on Very Large Databases, Roma, Italy,September 2001.D.Chaum.Achieving electronic privacy.ScientificAmerican,267(2):96--101,Aug1992.

In order to strengthen the research on security and ambient intelligence, as well as the relationship between the content management and security work at Philips Research and at Twente University, a joint research project is set up. The work will be carrie

[Cho02b]

[C1a02]

[DamO2]

[Dev01]

[EC]

[Fie00]

[HacOl ]

[LenO2]

[Mar02]

[Maz99]

[Mer87]

[NurO2]

[PetO 1 ]

[PetO2a]C. N. Chong, Y. W. Law, S. Etalle, and nguage and framework for calculating licenses on information overHartelLicenseScript - aconstrained domains.TelematicaTechnical report TR-CTIT-02-37, Centre forNetherlands, Oct 2002.and InformationTechnology,Univ.ofTwente,TheI.Protecting free expression online with freenet. IEEE Internet Computing,Clarke,Th.W. Hong, S. G. Miller, O. Sandberg, and B. Wiley.6(1):40--49, 2002.E. Damiani, S. De CapitaniA Fine-Grained Access Control System for XML Documents. ACMDiVimercati, S. Paraboschi and P. Samarati.Transactions on Information and System Security, 5(2): 169-202, May2002.P.Stubblebine. Flexible Authentication of XML Documents. In ACM Intl.Devanbu,M. Gertz, A. Kwong, C.Martel,G.Nuckolls and S.Conference on Computer and Communication Security, Philadelphia,Nov.European Commission, Scenarios for Ambient Intelligence in 2010.2001.A. N. Field, P. H.personalised content delivery. In 10thHartel,and W. Mooij. Personal DJ, an architecture forH. Hacigumus, B. Iyer, C.1--8,Hongkong,May 2001. ACM press, New York.Int.World Wide Web Conf., pagesLi,Management of Data and Symposium on Principles of Database Systems,encrypted data in the database service provider model. Inand S. Mehrotra.Executing SQL overInt.Conf. onpages 216--227, Madison, Wisconsin, Jun 2002. ACM Press, New York.SecureS.A.F.A. van denContentManagement in Authorised Domains, P.J. Lenoir,September, 2002, Amsterdam.Heuvel,F.L.A.J.Kamperman, W.Jonker,IBC2002,J.M. Martinet. Overview of MPEG-7 Standard.2002.JulyD. Mazieres, D. Kaminsky, M.management from file system security. In 17th ACM Symposium onKaashoek,and E. Witchel. Separating keyOperating Systems Principles (SOSP), pages 124--139. ACM Press, NewYork,R. C. Merkle.Dec1999.function. In C. Pomerance, editor, Advances in Cryptology (CRYPTO),A digital signature based on a conventional encryptionN.U. Maulidevi. Conditional Access to Video Content Using Metadata.volume LNCS 293, pages 369--378.Springer-Verlag,Berlin,Aug1987.Master Thesis, University ofM. Petkovic,Twente,The Netherlands. 2002.Video Events",W.Track ofMultimedia Computing and Information ManagementJonker,"Content-Based Retrieval ofSpatin-Temporal

M. Petkovic, R.IRMAInternational Conference, Toronto, Canada, May 2001.Windhouwer,M.Kersten,Zwol,H. E."Content-based Video Indexing for the SupportBlok,W.Jonker,P.M. G. Apers, M.

In order to strengthen the research on security and ambient intelligence, as well as the relationship between the content management and security work at Philips Research and at Twente University, a joint research project is set up. The work will be carrie

[Pet02b]

[Phi]

[Smy00]

[Son00]

[W3C02a]

[W3C02b]of Digital Library Search", 18th IEEE International Conference on DataEngineering (ICDE), San Jose, USA, February 2002.M. Petkovic, V. Mihajlovic,W.Jonker,"Multi-Modal Extraction ofHighlights from TV Formula 1 Programs", IEEE Intl. Conference onMultimedia, Lausanne, Switzerland, 2002.B. Smyth and P. Cotter.A personalized television listings munications ACM, 43(8):107--111,Aug2000.D. X. Song, D.Wagner,and A. Perrig. Practical techniques for searcheson encrypted data. In IEEE Symp. on Security and Privacy (S\&P), pages44--55. IEEE Computer Society Press, Los Alamitos, California, 2000.W3C. XML Encryption Syntax and Processing.Aug2002.W3C. XML Key Management Specification (XKMS 2.0).

March 2002.

本文来源：https://www.bwwdw.com/article/j3ij.html