The technologies for real-time multimedia transmission and immersive 3D gaming applications are rapidly emerging, posing challenges in terms of performance, security, authentication, data privacy, and encoding. The communication channel for these multimedia applications must be secure and reliable from network attack vectors and data-contents must employ strong encryption to preserve privacy and confidentiality. Towards delivering secure multimedia application environment for 5G networks, we propose an SDN/NFV (Software-Defined-Networking/Network-Function-Virtualization) framework called STREK , which attempts to deliver highly adaptable Quality-of-Experience (QoE), Security, and Authentication functions for multi-domain Cloud to Edge networks. The STREK architecture consists of a holistic SDNFV dataplane, NFV service-chaining and network slicing, a lightweight adaptable hybrid cipher scheme called TREK, and an open RESTful API for applications to deploy custom policies at runtime for multimedia services. For multi-domain/small-cell deployments, the key-generation scheme is dynamic at flow/session-level, and the handover authentication scheme uses a novel method to exchange security credentials with the Access Points (APs) of neighborhood cells. This scheme is designed to improve authentication function during handover with low overhead, delivering the 5G ultra-low latency requirements. We present the experiments with both software and hardware-based implementations and compare our solution with popular lightweight cryptographic solutions, standard open source software, and SDN-based research proposals for 5G multimedia. In the microbenchmarks, STREK achieves smaller hardware, low overhead, low computation, higher attack resistance, and offers better network performance for multimedia streaming applications. In real-time multimedia use-cases, STREK shows greater level of quality distortion for multimedia contents with minimal encryption bitrate overhead to deliver data confidentiality, immunity to common cryptanalysis, and significant resistance to communication channel attacks, in the context of low-latency 5G networks.
Read full abstract