Abstract
The massive industrial adoption of cloud technology has led to research into cloud-enabling traditional applications. The EMD research project proposes an elastic, reliable, and secure cloud-enabled Audio and Video (A/V) collaboration platform in replacement of a reliable hardware appliance based which had fixed constraints in terms of scalability. In this context, this article introduces heuristics and architectures that efficiently and preemptively allocate EMD’s A/V encrypted and container-based software components in the cloud. A software solution based on Kubernetes, a production-grade container orchestration platform, is compared with another solution focused on dedicated VMs. Both implement resource allocation heuristics that take into account the project’s requirements and location-aware encryption enforcement necessities: encryption is enforced for more sensitive data. A company training scenario with dynamically distributed instructors is modelled using existing A/V stream concepts, and component prototypes are extended to support encryption and containerisation, whose prototype performance evaluation drives the investigation of heuristics and architectures and feeds their larger-scale simulation-based assessment. Results show that container orchestration costs are at least 52% lower than dedicated VMs for this scenario, but rely on relaxing a project requirement: the time taken to establish a new streaming session was to be kept below 2 s. The switch to orchestrated containers raised this up to a maximum of 2.5 s.
Similar content being viewed by others
References
Xavier, R., Granville, L.Z., Volckaert, B., De Turck, F.: Elastic resource allocation algorithms for collaboration applications. J. Netw. Syst. Manag. 25(4), 699–734 (2017). https://doi.org/10.1007/s10922-017-9431-2
Hightower, K., Burns, B., Beda, J.: Kubernetes: Up and Running: Dive into the Future of Infrastructure. O’Reilly Media Inc, Newton (2017)
Nickoloff, J.: Docker in Action. Manning Publications Co, Shelter Island (2016)
Vermeulen, B., Van de Meerssche, W., Walcarius, T.: JFED toolkit, fed4fire, federation. In: GENI engineering conference 19 (2014)
Szewczyk, P., Macdonald, R.: Broadband router security: history, challenges and future implications. J. Dig. For. Secur. Law 12(4), 6 (2017)
Sermpezis, P., Kotronis, V., Dainotti, A., Dimitropoulos, X.: A survey among network operators on bgp prefix hijacking. ACM SIGCOMM Comput. Commun. Rev. 48(1), 64–69 (2018)
Cheng, N., Wang, X.O., Cheng, W., Mohapatra, P., Seneviratne, A. Characterizing privacy leakage of public wifi networks for users on travel. In: INFOCOM, 2013 proceedings IEEE. pp. 2769–2777 IEEE, New York (2013)
Dilkash, N., Gupta, A., Jain, A.: Real time video encryption for secure multimedia transfer: a novel approach. Int. J. Eng. Sci. Comput. 8(4), 17077–17080 (2018)
Sombatruang, N., Kadobayashi, Y., Sasse, M.A., Baddeley, M., Miyamoto, D.: The continued risks of unsecured public wi-fi and why users keep using it: Evidence from japan. In: 2018 16th annual conference on Privacy, Security and Trust (PST), pp. 1–11. IEEE, New York (2018)
Abolghasemi, M.S., Sefidab, M.M., Atani, R.E.: Using location based encryption to improve the security of data access in cloud computing. In: 2013 international conference on advances in computing, communications and informatics (ICACCI), pp. 261–265. IEEE, New York (2013)
Bhatti, R., Damiani, M.L., Bettis, D.W., Bertino, E.: Policy mapper: administering location-based access-control policies. IEEE Intern. Comput. 12(2), 38–45 (2008)
Karimi, R., Kalantari, M.: Enhancing security and confidentiality on mobile devices by location-based data encryption. In: 2011 17th IEEE international conference on networks, pp. 241–245. IEEE, New York (2011)
Bergkvist A, Burnett DC, Jennings C, Narayanan A, Aboba B (2012) Webrtc 1.0: real-time communication between browsers. Working draft, W3C 91
Sivakorn, S., Keromytis, A.D., Polakis, J.: That’s the way the cookie crumbles: evaluating https enforcing mechanisms. In: Proceedings of the 2016 ACM on workshop on privacy in the electronic society, pp 71–81. ACM, New York (2016)
Al Fardan, N.J., Paterson, K.G.: Lucky thirteen: breaking the tls and dtls record protocols. In: 2013 IEEE symposium on security and privacy, pp 526–540. IEEE, New York (2013)
Jennings, B., Stadler, R.: Resource management in clouds: survey and research challenges. J. Netw. Syst. Manag. 23(3), 567–619 (2015)
Koslovski, G., Soudan, S., Goncalves, P., Vicat-Blanc, P.: Locating virtual infrastructures: users and InP perspectives. In: 2011 IFIP/IEEE international symposium on integrated network management (IM), pp. 153–160 (2011)
Alicherry, M., Lakshman, T.: Network aware resource allocation in distributed clouds. In: IEEE INFOCOM, pp. 963–971 (2012)
Steiner, M., Gaglianello, B.G., Gurbani, V., Hilt, V., Roome, W., Scharf, M., Voith, T.: Network-aware service placement in a distributed cloud environment. SIGCOMM Comput. Commun. Rev. 42(4), 73–74 (2012)
Zhu, Y., Liang, Y., Zhang, Q., Wang, X., Palacharla, P., Sekiya, M.: Reliable resource allocation for optically interconnected distributed clouds. In: 2014 IEEE international conference on communications (ICC), pp. 3301–3306 (2014)
ETSI Industry Group: Network function virtualisation NFV. http://www.etsi.org/technologies-clusters/technologies/nfv (2013). Accessed 14 Jan 2020
Clayman, S., Maini, E., Galis, A., Manzalini, A., Mazzocca, N.: The dynamic placement of virtual network functions. In: 2014 IEEE network operations and management symposium (NOMS), pp 1–9. IEEE, New York (2014)
Moens, H., De Turck, F.: VNF-P : model for efficient placement of virtualized network functions. In: 10th international conference on network and service management (CNSM 2014), pp. 418–423 (2014)
The Kubernetes Authors: Managing compute resources for containers. https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/. Accessed 3 Apr 2019
Man Jr, E.C., Garey, M., Johnson, D.: Approximation algorithms for bin packing: a survey. Approximation algorithms for NP-hard problems, pp. 46–93 (1996)
Soltanian, A., Naboulsi, D., Salahuddin, M.A., Glitho, R., Elbiaze, H., Wette, C.: Ads: adaptive and dynamic scaling mechanism for multimedia conferencing services in the cloud. In: 2018 15th IEEE annual consumer communications & networking conference (CCNC), pp. 1–6 (2018)
Chunlin, L., Chuanli, M., Yi, C., Youlong, L.: Optimal media service selection scheme for mobile users in mobile cloud. Wire. Netw. 25, 1–14 (2018)
Xavier, R., Moens, H., Volckaert, B., De Turck, F.: Design and evaluation of elastic media resource allocation algorithms using CloudSim extensions. In: 2015 11th international conference on network and service management (CNSM), pp. 318–326 (2015)
Xavier, R., Moens, H., Volckaert, B., De Turck, F.: Adaptive virtual machine allocation algorithms for cloud-hosted elastic media services. In: 2016 IEEE/IFIP network operations and management symposium (NOMS), pp 564–570. IEEE, New York (2016a)
Xavier, R., Moens, H., Volckaert, B., De Turck, F.: Resource allocation algorithms for multicast streaming in elastic cloud-based media collaboration services. In: 2016 IEEE 9th international conference on cloud computing (CLOUD), pp. 947–950. IEEE, New York (2016b)
Xavier, R., Moens, H., Slowack, J., Sandra, W., Delputte, S., Volckaert, B., De Turck, F.: Cloud resource allocation algorithms for elastic media collaboration flows. In: 2016 IEEE International Conference on cloud computing technology and science (CloudCom), pp. 440–447. IEEE, New York (2016c)
Internet Engineering Task Force (IETF): Options for securing RTP sessions. https://tools.ietf.org/html/rfc7201. Accessed 10 Apr 2018
Ng, K.F., Ching, M.Y., Liu, Y., Cai, T., Li, L., Chou, W.: A p2p-mcu approach to multi-party video conference with webrtc. Int. J. Fut. Comput. Commun. 3(5), 319 (2014)
Mao, M., Humphrey, M.: A performance study on the vm startup time in the cloud. In: 2012 IEEE 5th international conference on cloud computing (CLOUD). IEEE, New York. pp. 423–430 (2012)
ISO I, Std I: Iso 27005: 2011. Information technology–security techniques–information security risk management ISO (2011)
Imec Research Institute. jFed Framework. https://jfed.ilabt.imec.be. Accessed 10 Apr 2018
Elliott, C., Falk, A.: An update on the geni project. ACM SIGCOMM Comput. Commun. Rev. 39(3), 28–34 (2009)
Rafael Xavier: Prototyped streaming components. https://github.ugent.be/jxavierd/GstreamerComponentsAndDataSet. Accessed 12 May 2020
Big Buck Bunny: Big Buck Bunny Video Sample. https://peach.blender.org/about/. Accessed 14 Jan 2020
Creative Commons: Creative commons attribution 3.0. https://creativecommons.org/licenses/by/3.0/. Accessed 14 Jan 2020
libav. Libav. https://libav.org/about/. Accessed 14 Jan 2020
Van Rossum, G., Drake, F.L.: The python language reference manual. Network Theory Ltd (2011)
Strauss, F., Wellnitz, O. Procps monitoring tools (1998)
GStreamer: GStreamer: open source multimedia framework. https://gstreamer.freedesktop.org. Accessed 10 Apr 2018
Amazon Inc. Amazon elastic compute cloud (EC2) images. http://aws.amazon.com/pt/ec2/instance-types/ (2017). Accessed 14 Jan 2020
Amazon Inc: AWS CPU credits and baseline performance. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/t2-credits-baseline-concepts.html. Accessed 10 Apr 2018
Acknowledgements
The research described in this article is partially funded by the imec (EMD) ICON research project and the FWO projects G025615N “Optimized source coding for multiple terminals in self-organizing networks” and G059615N “Service-oriented management of a vitalized future internet”.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Xavier, R., Granville, L.Z., De Turck, F. et al. Preemptive Resource Provisioning for Container-Based Audio/Video Encrypted Collaboration Applications. J Netw Syst Manage 28, 1391–1426 (2020). https://doi.org/10.1007/s10922-020-09543-y
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10922-020-09543-y