Résumé: With the rise of Internet-of-Thing/Everything(IoT/E) and as mobile networks are migrating to 5G, cybersecurity is a daunting problem. The technologies for real-time multimedia transmission and immersive 3D gaming applications are rapidly emerging, posing challenges in terms of performance, security, authentication, data privacyand encoding.The communication channel for these multimedia applications must be secure and reliable from network attack vectors and data contents must employ strong encoding to preserve privacy and confidentiality.Towards delivering secure multimedia application environment in the context of modern networks, the proposed Softwarized SDNFV framework (STREK) attemptsto delivera highly adaptable Quality-of-Experience(QoE) and Security/Authentication management solution for 5G multi-domain Cloud to Edge networks. A holistic SDN control plane and distributed smart dataplane across the 5G multimedia transmission is introduced. The open RESTful API offered by the SDN framework makes it convenient to develop and deploy new security/QoE policies at run-time and network slicing for multimedia streaming services. We utilized a novel Lightweight Adaptable symmetric block cipher called TREK, specifically designed for highly resource-constrained devices in IoT and 5G mobile networks. The security scheme employs robust dynamic key generation method at flow and session-level, offloading-method for the IoT/5G low-powerUser Equipment(UEs) to outsource the expensive security enforcement workloadtomore powerful trusted devices upstream network (i.e. Edge Nodes or Gateway routers). In multi-domain/small-cell deployments, our fast group authentication scheme uses affinity-based multicast method to install/update the keys on the Access Points (APs) of neighborhood cells, improving authentication efficiency during handover and meeting 5G latency requirements. The network slicing and adaptable NFV service-chaining system fulfills the personalized QoE application requirements for any kind of real-time multimedia application demands. We have developed a prototype of the TREK security scheme in SDN multi-controller environment with both software and hardware NetFPGA switch, for performance comparison with general-purpose cryptographic libraries, popular lightweight ciphers. In the microbenchmarks with Verilog/ModelSim/Xilinx platform, TREK achieves smaller hardware, low overhead, low computation, higher attack resistance and offers better network performance with multimedia HTTP(S) streaming applications. The STREK security framework provides a greater level of quality distortion for multimedia contents without any encryption bitrate overhead, immune to static cryptanalysis, resistant to communication channel MITM, Jamming, Replay attacks and a platform for the real-time applications for future networks.

Langue: Anglais