Quality of Protection (QoP) Research

Overview

The goal of this research is to explore the means and effects of including security parameters within Quality of Service (QoS).

This involves:

  1. Developement of a component-based security architecture
  2. Development of Quality of Protection.
  3. Integration with QoSTalk.
  4. Integration with current adaptation based and reconfigurable QoS aware middleware 2KQ.

Description

QoS has become an important aspect of real-time multimedia applications that require certain level of predictability and control beyond the current IP “best-effort” services. Traditional QoS parameters are jitters, deadline and latency. Security is usually handled indirectly or left as a task to the operating system. The goal is study how Security can be managed as a QoS attribute and to understand the costs of doing so.

The first step is to develop a component-based security architecture. The idea is to build separate components of authentication and encryption engines. In addition, components for encryption key management and authentication certificate management must also be developed for a complete security architecture.

Quality of Protection (QoP) defines a range of permissible behavior where each higher level of QoP is more secure than its previous level. The metric for level of security will be based on values such as encryption key length and the type of cryptographic algorithm. In addition, to further provide the capability for reconfigurability in order to achieve optimal performance, the set of QoP values must be mapped to user security requirements and resource availability. Hence, each level of QoP must also consider domain and application specific security requirements. For example if QoP were defined to be levels of low, medium and high security. A low security configuration for a video on demand system over the Internet may require complex public key exchange authentication. On the other hand, a low security configuration for the same application on a local area network may only require password based login.

Finally, a component based architecture provides easy integration with our existing QoSTalk tool. Using QoSTalk, application developers can easily specify the desired level of QoP to include security as a QoS attribute when building QoS-aware applications. Since QoSTalk was developed to provide re-configurable applications for 2KQ, now, via integration with QoSTalk, we can seamlessly integrate Quality of Protection Service with our middleware architecture.

Development Updates

We have developed generalized QoP framework for understanding and discussing quality of protection. The characterization of QoP with security-specific parameters provides proper construct for expressing security constraints and attributes for different application systems. Additionally, our QoS-aware security architecture achieves a good balance between security and performance requirements through differentiated security services. Our QoP framework is also highly flexible and upgradable to support the latest cryptographic standards in heterogeneous environments.

These are the links

  1. A detailed presentation of the QoP system (powerpoint format).
  2. A video presentation of the QoP metadata editor. [high quality] [low quality] (wmf format)
  3. A video presentation of a QoP-enabled multimedia player. [high quality] [low quality] (wmf format)
  4. Master’s thesis. [Quality of Protection for Multimedia Applications in Ubiquitous Environments] (pdf format)