Abstract
Our society is becoming increasingly more IT-oriented, and the images and sounds that reflect our daily life are being stored mainly in a digital form. This digital personal life can be part of the home multimedia contents, and users demand access and possibly share these contents (such as photographs, videos, and music) in an ubiquitous way: from any location and with any device. The purpose of this article is twofold. First, we introduce the Feel@Home system, whose main objective is to enable the previously mentioned vision of an ubiquitous digital personal life. Second, we describe the security architecture of Feel@Home, analyzing the security and privacy requirements that identify which threats and vulnerabilities must be considered, and deriving the security building blocks that can be used to protect both IMS-based and VPN-based solutions.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
Note that such trusted network operators might use Feel@Home as a new source of user data, thus this situation should be carefully considered.
References
Bechler, M., Hof, H. J., Kraft, D., Rahlke, F., & Wolf, L. (2004). A cluster-based security architecture for ad hoc networks. In Annual joint conference of the IEEE computer and communications societies (INFOCOM’04) (pp. 2393–2403).
Benjumea V., Choi, S., Lopez, J., & Yung, M. (2007). Anonymity 2.0—X.509 extensions supporting privacy-friendly authentication. In Cryptology and network security conference (CANS’07) (pp. 265–281).
Benjumea, V., Lopez, J., & Troya, J. (2006). Anonymous attribute certificates based on traceable signatures. Internet Research, 16(2), 120–139.
Bhargav-Spantzel, A., Camenisch, J., Gross, T., & Sommer, D. (2007). User centricity: A taxonomy and open issues. Journal of Computer Security, 15(5), 493–527.
Camenisch, J., & Lysyanskaya, A. (2001). Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In International conference on advances in cryptology (EUROCRYPT’01) (pp. 93–118).
Chintada, S., Sethuramalingam, P., & Goffin, G. (2008). Converged services for home using a SIP/UPnP software bridge solution. In 5th IEEE consumer communications and networking conference (CCNC’08) (pp. 790–794).
Credentica (2007). U-prove SDK overview. White Paper.
DCSSI-France (2004). EBIOS—Expression of needs and identification of security objectives.
ETSI TISPAN WG5 (2010). LS to 3GPP regarding remote access to CPNs. Retrieved from http://www.3gpp.org/ftp/tsg_sa/WG3_Security/TSGS3_59_Lisbon/Docs/S3-100582.zip.
HGI, Home Gateway Initiative (2008). Home Gateway requirements: Residential profile.
IBM (2010). Idemix (Identity Mixer): Pseudonymity for e-transactions. Retrieved from http://www.zurich.ibm.com/security/idemix/.
IEEE Computer Society (1998). IEEE std 830-1998, IEEE recommended practice for software requirements specifications. ISBN 0-7381-0332-2.
IETF PKIX Working Group (2010). Retrieved from http://www.ietf.org/html.charters/pkix-charter.html.
ISO/IEC (2005). ISO/IEC 15408-1:2005. Information technology— Security techniques—Evaluation criteria for IT security.
IST PRIME Project (2005). Privacy and identity management for Europe. White Paper.
Jaatun, M., & Tøndel, I. (2008). Covering your assets in software engineering. In 3rd international conference on availability, reliability and security (ARES’08) (pp. 1172–1179).
Kiayias, A., Tsiounis, Y., & Yung, M. (2004). Traceable signatures. In Conference on advances in cryptology (EUROCRYPT’04) (pp. 571–589).
Lacoste, M. (2009). Architecting adaptable security infrastructures for pervasive networks through components. In International conference on future generation communication and networking (FGCN’09) (pp. 275–292).
Mannan, M., & van Oorschot, P. (2008). Privacy-enhanced sharing of personal content on the Web. In International World Wide Web conference (WWW’08) (pp. 487–496).
Mas, I., Berggren, V., Jana, R., Murray, J., & Rice, C. (2008). An IMS-based architecture for interactive, personalized IPTV. IEEE Communications Magazine, 46(11), 156–163.
Netfilter/iptables Project (2010). Retrieved from http://www.netfilter.org/.
OECD (1980). Guidelines on the protection of privacy and transborder flows of personal data.
The CELTIC Feel@Home Project (2010). Retrieved from https://rd-projet-feelathome.rd.francetelecom.com/.
Tøndel, I., Jaatun, M., & Meland, P. (2008). Security requirements for the rest of us: A survey. IEEE Software, 25(1), 20–27.
van Hartskamp, M., et al. (2008). PnP QoS architecture. UPnP forum.
Zheleva, E., & Getoor, L. (2009). To join or not to join: The illusion of privacy in social networks with mixed public and private user profiles. In International World Wide Web conference (WWW’09) (pp. 531–540).
Zhou, L., & Haas, Z. (1999). Securing ad hoc networks. IEEE Network, 13(6), 24–30.
Acknowledgements
This work has been partially supported by the Feel@Home project. The authors would like to thank all members of the Feel@Home consortium for their much appreciated help on this paper, with special thanks to Benoit Michau for his insight on IMS security.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Roman, R., Lopez, J., Dugeon, O. et al. Advanced secure multimedia services for digital homes. Inf Syst Front 14, 527–540 (2012). https://doi.org/10.1007/s10796-010-9258-9
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10796-010-9258-9