Protecting Multimedia Data in Storage: A Survey

of Techniques
Emph
asizing Encryption

ABSTRACT

In the present world, there are number of data types that can be
characterized as multimedia data types. These are typically the elements for the
building blocks of ore generalized multimedia environments, platforms, or
integrating tools. The basic types can be Text, Images, Audio, Video and Graphic
Objects. While digital storage and transmission of multimedia data has many
advantages in terms of quality, functionality and costs, it also eases the production
of digital copies in perfect quality. Where copies are unauthorized, these result in
copyright infringements and financial losses. Content protection technologies have
been developed to prevent unauthorized copying. Whether preventing unauthorized
access to digital photographs, ensuring compliance with copyright regulations, or
guaranteeing the integrity of a video teleconference, all multimedia applications
requires increased security in the presence of talented intruders. Specifically, as
more and more files are preserved on disk, the requirement to provide secure
storage has become more important.

This paper presents a survey of techniques for storing multimedia data

securely, which include theoretical approaches, prototype systems, and existing
systems. Initially, the paper establishes a set of criteria for evaluating a storage
solution based on confidentiality, integrity, availability, and performance. Then,
using these criteria, the paper explains the relevant characteristics of select storage
systems providing a comparison of the major differences. Finally, the paper
examines Specific applications of storage devices in the multimedia environment.

1. INTRODUCTION

With the rapid growth in number of stored data in all environments,

organizations face an increasing requirement to both temporarily and permanently
hold back information. The protective container for keeping this information
becomes main source for attack by a malicious intruder. If an outsider can
successfully penetrate the data storage, the intruder can actually gain information
that violates privacy, reveals valuable secrets, or prevents the access of authorized
users. If the organization takes no storage security measures, the data store
becomes a profitable single point-of-attack for an intruder. In order to choose the
best security scheme, users must have proper knowledge about of the primary
security features available in the storage security community and then be able to
quantifiably compare the systems. A single organization may even benefit by
employing different storage techniques for differing forms of multimedia data.
Certain types of information imply stricter control of privacy, whereas others are
deadline driven and cannot afford the additional performance cost of added
security. Streaming video, for instance, cannot suffer a significant performance
penalty without severely affecting the viewing condition.

Initially, the paper sets up a set of criteria for determining a storage solution
based on confidentiality, integrity, availability, and performance. Then, using these
criteria, the paper compares the relevant characteristics of selected storage
systems. Finally, the paper Considers in detail Specific applications of storage
devices in the multimedia environment.

2. GOAL AND PROBLEM STATEMENTS

2.1 GOAL STATEMENT

The extreme goal of this work is How to effectively select the best security scheme
for stored data under different environments? Due to large number of potential
solutions available, it is not easy for a prospective customer to identify the best
suitable approach for his/her multimedia requirements. This paper gives an
overview of the prominent characteristics of several systems to provide a
foundation for selecting the most appropriate solution.

2.2 PROBLEM STATEMENT

For protecting Multimedia Data in Storage, Many potential schemes are developed
for ensuring information confidentiality, integrity, and availability without
substantially degrading performance. In order to choose the best security scheme,
users must have proper knowledge about of the primary security features available
in the storage security community and then be able to quantifiably compare the
systems. So, How to classify various storage schemes and to compare their
performance?
In attacking this problem, we are confronted with the following challenges that
should be addressed.

• How to properly weigh the costs and benefits associated with these security
measures?
• How to compare the methods based on confidentiality, integrity, availability
and performance?
• What are the major differences between all the methods?
• What are the Specific applications of storage devices in the multimedia
environment?

1. BACK GROUND AND RELATED WORK

This section briefly explains about common set of criteria for evaluating a storage
security system i.e. confidentiality, integrity, availability, and performance.
Confidentiality, integrity, and availability are commonly referred to in the computer
security arena, and performance was added to ensure systems achieve an
appropriate balance between security and processing ability.

Confidentiality

Ensuring confidentiality means that no one has access to data unless

specifically authorized. The first step in authorizing access to information is to
properly identify users via authentication. The storage system must define the
means for a user to be properly identified prior to gaining access, and then having
appropriately identified a user, the system must allow access to only specified data
associated with that user. The system must encrypt data and, therefore, requires
either users or servers to apply cryptographic keys. Determining how the keys are
managed has had a significant impact on the overall design. And also once the
system determines to revoke a particular user’s access, the user’s keys must no
longer work within the system, or at a minimum not allow access to future versions
of the files.

Integrity

Integrity refers to maintaining data consistency in the face of both accidental

and malicious attacks on data. The ultimate requirement is that when a user
accesses stored information, no data should be subjected to unauthorized
modification. Integrity enforcement procedures are classified into two categories:
data modification prevention and data modification detection. Detection schemes
generally assume that attacks are unavoidable and that there must be suitable
ways to assess any damage done, recover from the damage, and apply lessons
learned to future prevention mechanisms.

Availability

For Stored data systems, availability is considered in terms of time, space,

and representation. Information needs to be available to an authorized user within
an acceptable time period, and in an understandable representation. A system
cannot allow an adversary to prevent authorized access to information via a Denial-
of-service attack. Availability conflict to a degree with those of confidentiality,
because ensuring confidentiality often requires increased time to access data or
offering access only within a limited environment.

Performance

The level of security and the system performance conflict each other. In order
to provide the necessary layers of security to avoid harmful attacks, the system
performance suffers. Each additional security measure requires computationally
expensive processing that detracts from the system’s ability to perform other
operations; all security measures are overhead for the system. The most dominant
performance cost is associated with encryption due to its computationally
expensive nature.
 3.1 NASD – Network Attached Secure Disks

NASD’s primary goal is to relieve the server bottleneck by interacting with a

user one time providing a “capability key.” With the capability key the user can
access the appropriate disk directly without any further server interaction. The disks
themselves must be “Intelligent” and handle file access requests directly. In the
NASD design, one server provides authentication and another is the actual file
server. NASD does not specify the authentication scheme and recommends using
any existing third party method similar to Kerberos. Upon receipt of authentication,
a user sends a request to the file server. The server verifies the authenticity of the
request and then provides the user with a capability key that corresponds to the
user’s rights for file access. After obtaining the capability key, a user can
communicate directly with the data disk for all future access requests during a
given session. The “Intelligent” disks interpret the capabilities of objects, encrypt
data, and transmit results to clients.

3.2 Self Securing Storage (S4)

S4 is a self-securing storage medium where the disks do not trust even the
host machine operating system. S4 treats all requests as suspect. The driving
security motivation for the system has been to negate the effects of a clever
intruder who is able to successfully penetrate the operating system and disguise
any adversarial efforts. The disks themselves in S4 require a small set of
fundamental operations for managing a file system and therefore have an
embedded instruction set for internally versioning and auditing all data and
metadata. S4 does not provide any method for authentication, but rather assumes
that the self-securing disks will be used in conjunction with a file server that uses
one of many standard authentication protocols

3.3 SFS-RO – Secure File System – Read Only

SFS-RO relies on self-certifying path names to provide high availability to

read only data in a distributed environment. SFS-RO uses some of the concepts
from its SFS predecessor, but strives for better performance by providing read-only
data that does not require any server-based cryptographic operations. The creator
of the file has the ability to assign the key, offering a wide range of cryptographic
options. To properly encrypt files, an administrator bundles the contents of the file
system into a database that is signed with a digital signature containing the private
portion of an asymmetric key. Once signed, the database can be replicated and
distributed to many untrusted machines without the threat of compromise. In order
to access the files, a user must provide the location of the storage server (either a
DNS hostname or IP address) and a HostID. The HostID is a cryptographic hash of
the server location and the public portion of the asymmetric key with which the file
creator encrypted the database. The database creator must provide the public key
to all potential users separate from the SFS-RO system. Once granted permission to
the files via the mutual authentication, the users can then access files by providing
the appropriate handle, comprised of a cryptographic hash of the file’s blocks.
Groups of handles are recursively hashed and stored in hash trees such that the
handle to the root inode provides the ability to verify the content of individual file
 blocks, reducing the number of handles required throughout the system. Knowing
the handle of the root inode provides a client with the ability to verify the contents
of a given file by recursively checking the hashes.

3.4 PLUTUS

PLUTUS is a lockbox scheme that provides highly scalable key management

while providing file owners with direct control over authorizing access to their files.
All data is encrypted on the disk with the cryptographic and key management
operations performed by the clients to alleviate server cryptographic overhead.
Users can customize security policies and authentication mechanisms for their own
files using the client-based key distribution scheme. This places the responsibility
for key management on the user, forcing the file owner to ensure proper secure
distribution of keys to those they wish to authorize access. A prospective user must
contact the owner in order to get the appropriate key.

3.5 SiRiUS – Securing Remote Untrusted Storage

SiRiUS is designed to provide its own cryptographic read-write file access on

top of any existing untrusted networked file system (NFS, CIFS, Yahoo, etc.). Via a
software daemon, the system intercepts all file access system calls and converts
them accordingly. The concept is to be able to establish a secure file sharing
environment without significantly modifying the performance of an existing network
storage medium. SiRiUS can provide security to an existing system without
requiring any hardware modifications; the developers view the system as a “stop-
gap” measure to provide additional security to existing systems. Often times,
organizations cannot afford to upgrade their current systems and must continue to
operate with limited security until which time the option to upgrade security
measures becomes available.
1.6 COMPARISION AND CLASSIFICATION
Storag Encryp Trust Key Confidentialit Integrity Availabili Estimated
e t Serve y ty
r Revocation Policy Performanc
System Locatio Measures Policy e
n Policy
Overhead

NASD Wire Yes Aggressive Capability keys, Hash MAC Scalable 20%
to increase
by using time separate checksums to
stamps, key send data, not Many over system
authentication secure on disk users, with
issued one
time server subject to no security
DOS

S4 Wire No N/A N/A Detection Intrusion Comparable

to
scheme detection
Comprehensiv and NFS
e versioning
 diagnosis
to

provide

“recent”

version

SFS-RO Disk No Revocation list Self-certifying Self- Multiple 2 times

slower
pathnames certifying distribute
d than NFS for
pathnames,
copies of small files,
timestamps RO
comparable
files for

files > 40 MB

PLUTU Disk No Lazy Lockbox with Stored Uses 1.4 times

S revocation, user control
over key encrypted, but File decrease
revoked user requires groups, from
Dissemination but
retains same augmentation SFS for
file Users must requires single
secure to ensure file
permissions as file access
distribution integrity owner to
at time of
themselves distribute
revocation keys

SiRiUS Disk No Aggressive Combination of Freshness Scalable 20times

to slower
Revocation Master guarantee
Encryption Internet, than NFS for
timestamp but
Key and File small files, 2-
requires 6
Encryption file
Keys times slower
owner to for

distribute 1MB files

FEK

Security Measure Confidentiali Integrity Availability Performance Total

ty

Encrypt-on-disk 2 2 0 0 4

Encrypt-on-wire 1 1 0 0 2
Threshold scheme 1 1 2 2 6

Timestamps 0 2 0 2 4

Digital signatures 0 2 0 0 2

Checksums 0 1 0 1 2

Lazy revocation 1 0 2 2 5

Aggressive revocation 2 1 1 0 4

Key distribution server 1 0 1 1 3

Manual key distribution 2 0 0 0 2

Lockbox key mechanism 2 0 1 1,2* 4,5*

Self-Certifying 1 0 2 1 4
pathnames

File groups 0 0 1 1 2

Comprehensive 0 2 2 2 6
versioning

3.7 APPLICATION TO SYSTEM MAPPING

Application Modifiable Deadline Recommended

Dependent System

Streaming NO YES SFS-RO

video/audio

Downloaded NO NO SFS-RO
video/audio

Images NO NO SFS-RO

Graphics YES NO PLUTUS

Interactive YES YES NASD

features

Slide YES NO PLUTUS

shows/presentati
ons

2. CONCLUSION
 All of the systems have the same goal: to protect stored data from the
effects of a malicious adversary but, design approaches may be different. Some
systems aim to provide perfect security to data, while others try to limit the amount
of damage an intruder can cause. Some systems separate data onto multiple
storage servers to eliminate a single point of attack, and others rely on centralized
trusted servers to effectively manage cryptographic keys. Some systems store
encrypted data and others require encryption prior to transmitting messages on the
wire. All of these examples present large fundamental differences that provide
options to potential users of a storage security medium. It is very difficult to make
direct comparisons between the systems because of the varied approaches, but
potential users can select the most applicable solution to their specific problems.
The most secure solution will likely be a combination of the systems described.

REFERENCES

1. File systems for Network-Attached Secure Disks by Garth A. Gibson, David F.

Nagle, Khalil Amiri, Fay W. Chang, Howard Gobioff, Erik Riedel, David
Rochberg, and Jim Zelenka.
2. Fast and Secure distributed read only file system by Kevin Fu, M. Frans
kaashoek and David Maziers.
3. NCryptfs: A Secure and Convenient Cryptographic File System by C. Wright,
M. Martino, and E Zadok.
4. Protecting Multimedia Data in Storage: A Survey of Techniques Emphasizing
Encryption by
Paul Stanton, William Yurcik and Larry Brumbaugh