Skip to main content
Log in

Preemptive Resource Provisioning for Container-Based Audio/Video Encrypted Collaboration Applications

Journal of Network and Systems Management Aims and scope Submit manuscript

Abstract

The massive industrial adoption of cloud technology has led to research into cloud-enabling traditional applications. The EMD research project proposes an elastic, reliable, and secure cloud-enabled Audio and Video (A/V) collaboration platform in replacement of a reliable hardware appliance based which had fixed constraints in terms of scalability. In this context, this article introduces heuristics and architectures that efficiently and preemptively allocate EMD’s A/V encrypted and container-based software components in the cloud. A software solution based on Kubernetes, a production-grade container orchestration platform, is compared with another solution focused on dedicated VMs. Both implement resource allocation heuristics that take into account the project’s requirements and location-aware encryption enforcement necessities: encryption is enforced for more sensitive data. A company training scenario with dynamically distributed instructors is modelled using existing A/V stream concepts, and component prototypes are extended to support encryption and containerisation, whose prototype performance evaluation drives the investigation of heuristics and architectures and feeds their larger-scale simulation-based assessment. Results show that container orchestration costs are at least 52% lower than dedicated VMs for this scenario, but rely on relaxing a project requirement: the time taken to establish a new streaming session was to be kept below 2 s. The switch to orchestrated containers raised this up to a maximum of 2.5 s.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20

Similar content being viewed by others

References

  1. Xavier, R., Granville, L.Z., Volckaert, B., De Turck, F.: Elastic resource allocation algorithms for collaboration applications. J. Netw. Syst. Manag. 25(4), 699–734 (2017). https://doi.org/10.1007/s10922-017-9431-2

    Article  Google Scholar 

  2. Hightower, K., Burns, B., Beda, J.: Kubernetes: Up and Running: Dive into the Future of Infrastructure. O’Reilly Media Inc, Newton (2017)

    Google Scholar 

  3. Nickoloff, J.: Docker in Action. Manning Publications Co, Shelter Island (2016)

    Google Scholar 

  4. Vermeulen, B., Van de Meerssche, W., Walcarius, T.: JFED toolkit, fed4fire, federation. In: GENI engineering conference 19 (2014)

  5. Szewczyk, P., Macdonald, R.: Broadband router security: history, challenges and future implications. J. Dig. For. Secur. Law 12(4), 6 (2017)

    Google Scholar 

  6. Sermpezis, P., Kotronis, V., Dainotti, A., Dimitropoulos, X.: A survey among network operators on bgp prefix hijacking. ACM SIGCOMM Comput. Commun. Rev. 48(1), 64–69 (2018)

    Article  Google Scholar 

  7. Cheng, N., Wang, X.O., Cheng, W., Mohapatra, P., Seneviratne, A. Characterizing privacy leakage of public wifi networks for users on travel. In: INFOCOM, 2013 proceedings IEEE. pp. 2769–2777 IEEE, New York (2013)

  8. Dilkash, N., Gupta, A., Jain, A.: Real time video encryption for secure multimedia transfer: a novel approach. Int. J. Eng. Sci. Comput. 8(4), 17077–17080 (2018)

    Google Scholar 

  9. Sombatruang, N., Kadobayashi, Y., Sasse, M.A., Baddeley, M., Miyamoto, D.: The continued risks of unsecured public wi-fi and why users keep using it: Evidence from japan. In: 2018 16th annual conference on Privacy, Security and Trust (PST), pp. 1–11. IEEE, New York (2018)

  10. Abolghasemi, M.S., Sefidab, M.M., Atani, R.E.: Using location based encryption to improve the security of data access in cloud computing. In: 2013 international conference on advances in computing, communications and informatics (ICACCI), pp. 261–265. IEEE, New York (2013)

  11. Bhatti, R., Damiani, M.L., Bettis, D.W., Bertino, E.: Policy mapper: administering location-based access-control policies. IEEE Intern. Comput. 12(2), 38–45 (2008)

    Article  Google Scholar 

  12. Karimi, R., Kalantari, M.: Enhancing security and confidentiality on mobile devices by location-based data encryption. In: 2011 17th IEEE international conference on networks, pp. 241–245. IEEE, New York (2011)

  13. Bergkvist A, Burnett DC, Jennings C, Narayanan A, Aboba B (2012) Webrtc 1.0: real-time communication between browsers. Working draft, W3C 91

  14. Sivakorn, S., Keromytis, A.D., Polakis, J.: That’s the way the cookie crumbles: evaluating https enforcing mechanisms. In: Proceedings of the 2016 ACM on workshop on privacy in the electronic society, pp 71–81. ACM, New York (2016)

  15. Al Fardan, N.J., Paterson, K.G.: Lucky thirteen: breaking the tls and dtls record protocols. In: 2013 IEEE symposium on security and privacy, pp 526–540. IEEE, New York (2013)

  16. Jennings, B., Stadler, R.: Resource management in clouds: survey and research challenges. J. Netw. Syst. Manag. 23(3), 567–619 (2015)

    Article  Google Scholar 

  17. Koslovski, G., Soudan, S., Goncalves, P., Vicat-Blanc, P.: Locating virtual infrastructures: users and InP perspectives. In: 2011 IFIP/IEEE international symposium on integrated network management (IM), pp. 153–160 (2011)

  18. Alicherry, M., Lakshman, T.: Network aware resource allocation in distributed clouds. In: IEEE INFOCOM, pp. 963–971 (2012)

  19. Steiner, M., Gaglianello, B.G., Gurbani, V., Hilt, V., Roome, W., Scharf, M., Voith, T.: Network-aware service placement in a distributed cloud environment. SIGCOMM Comput. Commun. Rev. 42(4), 73–74 (2012)

    Article  Google Scholar 

  20. Zhu, Y., Liang, Y., Zhang, Q., Wang, X., Palacharla, P., Sekiya, M.: Reliable resource allocation for optically interconnected distributed clouds. In: 2014 IEEE international conference on communications (ICC), pp. 3301–3306 (2014)

  21. ETSI Industry Group: Network function virtualisation NFV. http://www.etsi.org/technologies-clusters/technologies/nfv (2013). Accessed 14 Jan 2020

  22. Clayman, S., Maini, E., Galis, A., Manzalini, A., Mazzocca, N.: The dynamic placement of virtual network functions. In: 2014 IEEE network operations and management symposium (NOMS), pp 1–9. IEEE, New York (2014)

  23. Moens, H., De Turck, F.: VNF-P : model for efficient placement of virtualized network functions. In: 10th international conference on network and service management (CNSM 2014), pp. 418–423 (2014)

  24. The Kubernetes Authors: Managing compute resources for containers. https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/. Accessed 3 Apr 2019

  25. Man Jr, E.C., Garey, M., Johnson, D.: Approximation algorithms for bin packing: a survey. Approximation algorithms for NP-hard problems, pp. 46–93 (1996)

  26. Soltanian, A., Naboulsi, D., Salahuddin, M.A., Glitho, R., Elbiaze, H., Wette, C.: Ads: adaptive and dynamic scaling mechanism for multimedia conferencing services in the cloud. In: 2018 15th IEEE annual consumer communications & networking conference (CCNC), pp. 1–6 (2018)

  27. Chunlin, L., Chuanli, M., Yi, C., Youlong, L.: Optimal media service selection scheme for mobile users in mobile cloud. Wire. Netw. 25, 1–14 (2018)

    Google Scholar 

  28. Xavier, R., Moens, H., Volckaert, B., De Turck, F.: Design and evaluation of elastic media resource allocation algorithms using CloudSim extensions. In: 2015 11th international conference on network and service management (CNSM), pp. 318–326 (2015)

  29. Xavier, R., Moens, H., Volckaert, B., De Turck, F.: Adaptive virtual machine allocation algorithms for cloud-hosted elastic media services. In: 2016 IEEE/IFIP network operations and management symposium (NOMS), pp 564–570. IEEE, New York (2016a)

  30. Xavier, R., Moens, H., Volckaert, B., De Turck, F.: Resource allocation algorithms for multicast streaming in elastic cloud-based media collaboration services. In: 2016 IEEE 9th international conference on cloud computing (CLOUD), pp. 947–950. IEEE, New York (2016b)

  31. Xavier, R., Moens, H., Slowack, J., Sandra, W., Delputte, S., Volckaert, B., De Turck, F.: Cloud resource allocation algorithms for elastic media collaboration flows. In: 2016 IEEE International Conference on cloud computing technology and science (CloudCom), pp. 440–447. IEEE, New York (2016c)

  32. Internet Engineering Task Force (IETF): Options for securing RTP sessions. https://tools.ietf.org/html/rfc7201. Accessed 10 Apr 2018

  33. Ng, K.F., Ching, M.Y., Liu, Y., Cai, T., Li, L., Chou, W.: A p2p-mcu approach to multi-party video conference with webrtc. Int. J. Fut. Comput. Commun. 3(5), 319 (2014)

    Article  Google Scholar 

  34. Mao, M., Humphrey, M.: A performance study on the vm startup time in the cloud. In: 2012 IEEE 5th international conference on cloud computing (CLOUD). IEEE, New York. pp. 423–430 (2012)

  35. ISO I, Std I: Iso 27005: 2011. Information technology–security techniques–information security risk management ISO (2011)

  36. Imec Research Institute. jFed Framework. https://jfed.ilabt.imec.be. Accessed 10 Apr 2018

  37. Elliott, C., Falk, A.: An update on the geni project. ACM SIGCOMM Comput. Commun. Rev. 39(3), 28–34 (2009)

    Article  Google Scholar 

  38. Rafael Xavier: Prototyped streaming components. https://github.ugent.be/jxavierd/GstreamerComponentsAndDataSet. Accessed 12 May 2020

  39. Big Buck Bunny: Big Buck Bunny Video Sample. https://peach.blender.org/about/. Accessed 14 Jan 2020

  40. Creative Commons: Creative commons attribution 3.0. https://creativecommons.org/licenses/by/3.0/. Accessed 14 Jan 2020

  41. libav. Libav. https://libav.org/about/. Accessed 14 Jan 2020

  42. Van Rossum, G., Drake, F.L.: The python language reference manual. Network Theory Ltd (2011)

  43. Strauss, F., Wellnitz, O. Procps monitoring tools (1998)

  44. GStreamer: GStreamer: open source multimedia framework. https://gstreamer.freedesktop.org. Accessed 10 Apr 2018

  45. Amazon Inc. Amazon elastic compute cloud (EC2) images. http://aws.amazon.com/pt/ec2/instance-types/ (2017). Accessed 14 Jan 2020

  46. Amazon Inc: AWS CPU credits and baseline performance. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/t2-credits-baseline-concepts.html. Accessed 10 Apr 2018

Download references

Acknowledgements

The research described in this article is partially funded by the imec (EMD) ICON research project and the FWO projects G025615N “Optimized source coding for multiple terminals in self-organizing networks” and G059615N “Service-oriented management of a vitalized future internet”.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Rafael Xavier.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Xavier, R., Granville, L.Z., De Turck, F. et al. Preemptive Resource Provisioning for Container-Based Audio/Video Encrypted Collaboration Applications. J Netw Syst Manage 28, 1391–1426 (2020). https://doi.org/10.1007/s10922-020-09543-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10922-020-09543-y

Keywords

Navigation