A Hierarchical Encryption and Key Management Scheme for Layered Access Control on H.264/SVC Bitstream in the Internet of Things

Publication Type:
Journal Article
IEEE Internet of Things Journal, 2020, 7, (9), pp. 8932-8942
Issue Date:
Filename Description Size
09099833.pdfPublished version1.8 MB
Adobe PDF
Full metadata record
Terminals with diverse technological specifications, heterogeneous network environment, and personalized user requirements raise new challenges to streaming media services. Solutions such as the newly standardized H.264/SVC (scalable video coding; designed to compress original video bitstream into a multilayer video stream according to requirements) have been proposed. With the pervasive application of SVC in applications, such as video on demand, video conferencing, and video surveillance in the Internet of Things (IoT), there has been increased scrutiny on security of H.264/SVC. In this article, we propose a bitstream-oriented layered encryption scheme for SVC bitstream. According to the multilayer bit code structure of SVC, the bitstream is separated and encrypted, respectively, by rearranging the network abstraction layer (NAL) unit of SVC bitstream. This provides hierarchical protection for the multilayer characteristic of SVC. In order to provide sufficient security, as well as achieving improved computational efficiency, we use different cryptographic algorithms for the base layer and enhancement layers according to its requirements. The base layer adopts off-the-shelf high-security encryption algorithms, such as block cipher, to ensure security. Each enhancement layer is encrypted with a different key through the stream cipher with low computational complexity, providing layered control of the video. Furthermore, we propose a hierarchical key management scheme to implement layered access control according to the principle of hierarchical deterministic wallet (H-D wallet). Our scheme can be applied to the user-level distinction in video on demand and video surveillance systems in IoT. The analysis and experiments indicate that the proposed scheme achieves a high-security level, yet incurs reasonably low compression cost and computational complexity.
Please use this identifier to cite or link to this item: