1 / 66

Media Distribution Management Platform and IPTV over Internet 2

Media Distribution Management Platform and IPTV over Internet 2. Tereza Cristina Melo de Brito Carvalho carvalho@larc.usp.br Regina Melo Silveira regina@larc.usp.br LARC- Laboratory of Computer Network Architecture EPUSP – Escola Politecnica University of Sao Paulo - Brazil.

paco
Download Presentation

Media Distribution Management Platform and IPTV over Internet 2

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Media Distribution Management Platform and IPTV overInternet 2 Tereza Cristina Melo de Brito Carvalho carvalho@larc.usp.br Regina Melo Silveira regina@larc.usp.br LARC- Laboratory of Computer Network Architecture EPUSP – Escola Politecnica University of Sao Paulo - Brazil

  2. IPTV over Internet 2 Tereza Cristina Melo de Brito Carvalho carvalho@larc.usp.br Regina Melo Silveira regina@larc.usp.br LARC – PCS/EP – University of São PauloEricsson Research Sweden

  3. Marcio Augusto Lima e Silva msilva@larc.usp.br Flávio Urschei furschei@larc.usp.br Daniel Pires dpires@larc.usp.br Christiane Marie Schweitzer christiane.schweitzer@ufabc.edu.br Diego Sanchez Gallo dsgallo@larc.usp.br Regina Melo Silveira regina@larc.usp.br Tereza Cristina Melo de Brito Carvalho carvalho@larc.usp.br Wilson Vicente Ruggiero wilson@larc.usp.br Ayodele Damola ayodele.damola@ericsson.com Team Fall 2006 Internet 2 Member Meeting

  4. Agenda • Introduction • Scenario • Requirements • IPTV Architecture • IPTV over Internet2 • Final Considerations • Acknowledgments Fall 2006 Internet 2 Member Meeting

  5. Introduction • What is IPTV? • TV Channels over the Internet ? • Video streams encapsulated in IP packets over a “service provider” network ? • Will Internet support a High Definition IPTV Service? “Internet no ready for its future roles” (Bill St. Arnaud) Fall 2006 Internet 2 Member Meeting

  6. Scenario • High Definition Streamings (HDTV) • Typically, 25 Mbps per TV Channel for MPEG2 encoding • Multiple different channels sent simultaneously to multiple different receivers at a same location • A home with three TV sets would require at least 3 x 25 Mbps. Fall 2006 Internet 2 Member Meeting

  7. Scenario • IPTV requires high levels of Quality of Service (QoS) and Quality of Experience (QoE) at least on par with analog or digital TV broadcast system • Access networks technologies like xDSL will not support high definition IPTV services • VDSL has bandwidth and distance limitations. It achieves 50Mbps at 300m. Fall 2006 Internet 2 Member Meeting

  8. Scenario • Currently, FTTH (Fiber-To-The-Home) services seems to be only alternative for the fulfillment of IPTV (HDTV) needs • PON (Passive Optical Network) presents itself as the most viable FTTH technology, both from economical and operational standpoint • WDM-PON can provide 100Mbps fiber connection far beyond 300m – around tens of kilometers) Fall 2006 Internet 2 Member Meeting

  9. Requirements • Security • Content protection: protection of the intellectual property of the content owner, while allowing fair use for the final user. • Service protection: authentication, confidentiality and access control Fall 2006 Internet 2 Member Meeting

  10. Requirements • Quality of Experience (simple and convenient handling) • Multi-channel • Zapping • Infrastructure • Availability (at least on par with analog or digital TV broadcast system) • Accessibility (diversity of devices – e.g. PCs, Set-Top-Boxes) • Network/Application scalability Fall 2006 Internet 2 Member Meeting

  11. IPTV Architecture Fall 2006 Internet 2 Member Meeting

  12. Architecture Entities • Head-End: provides IPTV services (Broadcast TV and VoD) • Transport Network: delivers video streams to customers • Customer Premises: broadband network termination Fall 2006 Internet 2 Member Meeting

  13. IPTV Architecture: Head-End • Broadcast TV Head-End system: • Receives an analog or digital signal via satellite or other mean, typically with multiple transport streams • Converts it to a series of single program streams • Encodes or transcodes the signals (e.g. to MPEG-4 format) • Encapsulates streams in IP packets for transmission • Sends streams to a specific IP multicast group Fall 2006 Internet 2 Member Meeting

  14. IPTV Architecture: Head-End • VoD (Video-On-Demand) Head-End System: • Encapsulates video streams in IP packets • Sends streams to users Fall 2006 Internet 2 Member Meeting

  15. IPTV Architecture: Transport Network • Core Network • High capacity optical network with technologies such as IP over DWDM and MPLS/GMPLS • Edge Network • Multicast enabled network that connects the core network to the access network • Access Network • It is a FTTH-PON (Fiber-To-The-Home Passive Optical Network) Fall 2006 Internet 2 Member Meeting

  16. IPTV Architecture: Customer Premise • Provides broadband network termination functionalities • It is the IPTV service client • The heterogeneous technologies existing in a home network devices lead to the need for a robust Home Gateway to connect it providing the necessary services Fall 2006 Internet 2 Member Meeting

  17. Multicast X Overlay • Overlay tries to provide multicast functionalities on application layer • It is still a immature solution to provide a reliable and QoE enabled service for High-definition content with scalability • Multicast is proven to be a more efficient distribution scheme with scalability • This work proposes an auto-contained, controlled private network • Internet does (still) not provide the required levels of availability, scalability, QoE and QoS Fall 2006 Internet 2 Member Meeting

  18. Final Considerations • IPTV over Internet2 • HDTV over Internet with stringent QoS and QoE requirements it is not possible in the current infrastructure. • Due to QoE requirements (e.g. zapping), a bandwidth of hundreds of Mbps per service user (per subscriber) is required. Fall 2006 Internet 2 Member Meeting

  19. A Platform for Media Distribution Management Regina Melo Silveira regina@larc.usp.br LARC- Laboratory of Computer Network Architecture EPUSP – Escola Politecnica University of Sao Paulo - Brazil

  20. Agenda • Introduction • Our Challenge • Related Work • Proposal • Conceptual Model • Physical Model • Main Functionalities • General View • Work in Progress • Final Considerations Fall 2006 Internet 2 Member Meeting

  21. Introduction • Huge number of multimedia applications (documentation, advertisement, entertainment …); • New multimedia services (broadcast, telecommunications, CATV); • Convergence - services integration with access network independence; • Progressive demand of storage, distribution and consume management allowing largely media utilization and re-use. Fall 2006 Internet 2 Member Meeting

  22. Introduction • Multimedia services management includes: (i) multimedia content storage, retrieval and search; (ii) users and groups of users access control and authentication; (iii) system distribution, adaptation, configuration and monitoring (server and clients) to multimedia content delivery and consumption; (iv) network elements management. Fall 2006 Internet 2 Member Meeting

  23. Our Challenge • To develop a Platform forMedia Distribution Management respecting the following requirements: • Use open standards (ISMA, MPEG-7, MPEG-21); • Define integrated interfaces for different multimedia services already implanted at RNP network; • Prototype development and tests at RNP network. • At the prototype uses two multimedia distribution services developed by LAVID/UFPB: • dvod - video on demand • dlive – live video Fall 2006 Internet 2 Member Meeting

  24. Related Work • MUFFINS - MUltimedia Framework For INteroperability in Secure – IST • PERSEO - Personalised Multichannel Services for Advanced Multimedia Stream Management – IST • CODAC - Modeling and Querying Content Description and Quality Adaptation Capabilities of Audio-Visual Data - Klagenfurt University – Austria • ADMITS - Adaptation in Distributed Multimedia IT Systems - Klagenfurt University – Austria • DANAE - Dynamic and distributed Adaptation of scalable multimedia coNtent in a context Aware Environment – IST • iTVP - Interactive TV Services over IP Networks - PSNC – PIONNER • Rich Content Infrastructure and Middleware for Media - IBM Fall 2006 Internet 2 Member Meeting

  25. Proposal • 4 (four) users types • Client, • Content Provider, • Administrator, • Manager. • 4 (four) sub-systems • Portal; • Access control, storage and retrieval, • Manager (Coordinator and Monitor), • Transmitter (Multimedia delivery service). • 3 (three) management levels • Service, • Server, • Network. Fall 2006 Internet 2 Member Meeting

  26. Proposal – Conceptual Model Fall 2006 Internet 2 Member Meeting

  27. Proposal – Physical Model Fall 2006 Internet 2 Member Meeting

  28. Main Functionalities • Video Upload and Indexation • Live events Transmission registration • Media search • Media catalogue (Personalized) • Media Visualization (Personalized) • Users, groups and projects management • Applications/services (sections) management • Servers management • Network elements management Fall 2006 Internet 2 Member Meeting

  29. Fall 2006 Internet 2 Member Meeting

  30. General View – Overlay Network Services Layer Server Layer Network Layer Fall 2006 Internet 2 Member Meeting

  31. Fall 2006 Internet 2 Member Meeting

  32. Fall 2006 Internet 2 Member Meeting

  33. Work in Progress • Testing prototype • New functionalities and optimization • Video replication • Access control and distributed metadata • Multicast Overlay proposal adoption (for example, Overlay Multicast Control Protocol from IETF); • Adoption of management data models based on XML from Global Grid Fórum • Use of components model for Manager dynamic configuration update • Integration with measurement infrastructure and new services. Fall 2006 Internet 2 Member Meeting

  34. Final Considerations • Our project proposed/implemented: • Common infrastructure for multimedia services; • Architecture based on open standards allow uniform interfaces for all the applications; • Web-based Management system; • Resources Optimization; • Flexibility and scalability. • Service will be personalized for different context: • schools, hospitals e community and educational TVs. Fall 2006 Internet 2 Member Meeting

  35. Acknowledgements • Financial Support • RNP (National Education and Research Network) • Collaboration • Prof. Guido Lemos de Souza Filho – LAVID/DI/UFPB • Prof. José Augusto Suruagy Monteiro – UNIFACS Fall 2006 Internet 2 Member Meeting

  36. Applying Security in IPTV Environment Tereza Cristina Melo de Brito Carvalho carvalho@larc.usp.brLARC – PCS/EP – University of São PauloEricsson Research Sweden

  37. Christiane Marie Schweitzer christiane.schweitzer@ufabc.edu.br Daniel Pires dpires@larc.usp.br Diego Sanchez Gallo dsgallo@larc.usp.br Flávio Urschei furschei@larc.usp.br Marcio Augusto Lima e Silva msilva@larc.usp.br Regina Melo Silveira regina@larc.usp.br Tereza Cristina Melo de Brito Carvalho carvalho@larc.usp.br Wilson Vicente Ruggiero wilson@larc.usp.br Ayodele Damola ayodele.damola@ericsson.com Team Fall 2006 Internet 2 Member Meeting

  38. Agenda • Security Context (Application Layer and Network Layer) • Threats (Service and Content) • IPTV Security • Countermeasures • IPTV Policies • Final Considerations Fall 2006 Internet 2 Member Meeting

  39. Security Context • Application Level Security • On STB (Set-Top Box) video client, video services and content store. • Refereed as digital rights management (DRM) systems, enclosing conditional access, copy protection, encryption and watermarking. Fall 2006 Internet 2 Member Meeting

  40. Security Context • Network Level Security • On the content delivery architecture  confidentiality, integrity and availability of the data flows • prevention, • detection and • reaction. Fall 2006 Internet 2 Member Meeting

  41. Security Threats in Multimedia Communications [ITU-T 2003] Fall 2006 Internet 2 Member Meeting

  42. Threats • Service • Illegal service usage • Disruption of service • Content • An insider stealing content from the service core • A subscriber stealing content from the service core • A subscriber stealing content from the STB Fall 2006 Internet 2 Member Meeting

  43. Threats: Illegal service usage • Rogue subscription: An attacker gains access to broadband video services without a subscription. • Escalation of subscription: An attacker gains access to video services that are beyond the parameters of his/her subscription. Fall 2006 Internet 2 Member Meeting

  44. Threats : Disruption of service • Attack against other subscribers • The attacker attempts to disrupt the service for a specific subscriber or group of subscribers by directly acting on equipment that resides on the victim’s home network. • Attack against the access and transport infrastructure • The attacker attempts to disrupt the service by degrading the performance of one or several components of the architecture (access node, Broadband Service Aggregators, Broadband Service Routers, etc). • Attack against the video service core • The attacker directly targets the components that render the video services, such as the VoD servers. Fall 2006 Internet 2 Member Meeting

  45. Threats: Content • An insider stealing content from the service core • The thief is an insider, i.e., a service provider’s employee, who has easy access to the stored content. • A subscriber stealing content from the service core • Weaknesses in the broadband TV architecture allow the attacker (from his/her home network) to compromise the servers that host the content. • A subscriber stealing content from the STB • The attacker is a subscriber who wants to use the content acquired beyond his/her fair right of usage. Fall 2006 Internet 2 Member Meeting

  46. IPTV Security • Privacy • Confidentiality • Integrity • Availability • Interoperability Fall 2006 Internet 2 Member Meeting

  47. IPTV Security: Privacy • The Service Provider must handle customer information, without any personal identifiable information • The Service Provider must manage CPEs (Customer Premise Equipments) and it must not know if it belong to a customer, or how many equipments this customer has at home. Fall 2006 Internet 2 Member Meeting

  48. IPTV Security: Confidentiality • Video Content • The video must be transported encrypted • The content must be recorded protected • Authentication and authorization guarantees Fall 2006 Internet 2 Member Meeting

  49. IPTV Security: Integrity • The content cannot be modified • Multicast and unicast security • Content source security • Billing system integrity • Just authorized person should have access to billing system Fall 2006 Internet 2 Member Meeting

  50. IPTV Security: Availability • Can someone disrupt your IPTV service? - To what scale? • Any of the IPTV device could be vulnerable to Denial-of-Service attack • Buffer overflow • Weak TCP/IP or protocol stack implementation • If other service is down (Voice and Data) would it take down IPTV too? • System dependencies Fall 2006 Internet 2 Member Meeting

More Related