Reactive security for multimedia systems

Books, videos, music, still images and any other type of media information, share a number of features that enable their migration from traditional delivery technologies to an all-electronic delivery model. They can easily be digitized, stored, compressed and transferred on-line. Despite this fact, we have assisted in the recent years to a very reluctant endorsement of this model by market operators, especially content production companies. Actually, the facility of distributing and managing digital content is also responsible for the difficulties of making it available it on-line. In principle, digital information as it is, can be easily copied and transferred to an unlimited number of people an unlimited number of times without any reward to the content owner. How to solve that problem? The term "digitized information" has naturally suggested the approach used in information technology (IT) where copy protection is achieved by controlling the access with confidentiality, integrity and authentications methods. As a result, the IT habit to add more and more controls able to prevent a misuse of the system pushed the content owner/provider in two main directions: to close and secret multimedia systems avoiding content propagations (also the authorized one due to interoperability problems) to strengthen the controls on the user platform and restrictions of the user rights. Due to the intrinsic nature of many multimedia business models the concept of security and protection needs a more holistic and realistic approach. Security does not only mean prevention of illicit operations, but also detections and appropriate reactions to attacks. Moreover, there is an intrinsic difference between the robustness of a mathematical algorithm and its concrete implementation in hardware or software platform. In fact, the experience has shown that while cryptographic algorithms may be robust, their system implementations are fragile. Just because a protocol is logically secure does not mean it will stay secure when a designer starts defining message structures and exchanges information bits. On the other hand, a "perfectly" designed user interface with few (or many) unknown underline flaws (i.e. on the operating system) can make a hard-drive encryption program completely insecure. This thesis proposes a new paradigm having the goal of whole system survivability against solutions providing only individual components security. It introduces an adaptive framework where survivability can be effectively and efficiently provided to protect an entire system against intelligent malicious attacks and unpredictable misbehaviors. Such a new paradigm is necessary since over-reliance on single components protection solutions has actually contributed to the fragility of information systems when viewed as a whole. For instance, the use of authentication and encryption to protect networked systems may actually add more vulnerabilities and restrictions to the system as a whole than they eliminate. The result of this research is to show how an increase of the survivability of information systems to underlying failures can be achieved by focusing on reducing the system vulnerabilities, while simultaneously increasing its restoration and adaptation capabilities. The thesis demonstrates how the survivable paradigm can be the approach able to fill the gap between theoretically secure controls and unavoidable implementation flaws by means of an adequate reaction. This dissertation, analyzing the generic security problem in the formalism of the Kolmogorov Complexity Theory, points out the errors and some of the wrong directions and approaches taken in the multimedia application market and proposes a technology able to satisfy theoretical and security requirements for video, audio and text content distribution. Following a holistic approach, the effects on socials and economics fields is described.

Mlynek, Daniel
Lausanne, EPFL
Other identifiers:
urn: urn:nbn:ch:bel-epfl-thesis3005-0

Note: The status of this file is: EPFL only

 Record created 2005-03-16, last modified 2018-03-17

Texte intégral / Full text:
Download fulltext

Rate this document:

Rate this document:
(Not yet reviewed)