Protecting multimedia data from
computer attackers continues to grow in importance. Due to tremendous evolution
in Internet technologies and multimedia, content copying has become quite
effortless. In the case of preventing unauthorized access to digital photos,
ensuring compliance with copyright regulations, or guaranteeing the integrity
of a video teleconference, all multimedia applications require expanded security
in the presence of skilled intruders. Specifically, as more and more files are
preserved on disk the requirement to provide secure storage has become more
important. This paper provides a survey on multimedia database content security
based on confidentiality, integrity, availability, and performance.
Keywords: multimedia data;
confidentiality; integrity; availability; performance.
In the recent world
everyone is dealing with multimedia. Everywhere there is multimedia around us.
Due to the evolution of information technology the importance of multimedia has
enhanced. So, this is the reason that we have to structure the multimedia
information in a structured order so that we may have information access
whenever we require.
The multimedia data is not protected from unauthorized
access. So, to cater for these security issues possible measures should been
taken e.g. Data Analysis, Storage Management and Data Integrity should be
checked to see how much the data in multimedia database is secure. While doing Data Analysis, Meta data
management has to be done in order to do style matching. For Storage
Management, the issues to be handled are access criteria for multimedia data
types, and special index development. Data integrity checking includes
maintenance of data by keeping data quality, controlling concurrency, and
multimedia updates recovery. To keep multimedia databases secure and safe; is a
difficult process e.g. command and control applications. In order to have a
system secure completely and end to end security is needed. There should be
100% secure multimedia database management system, safe networks, secure middle
wares and safe applications 1.
Everyone deals with multimedia at every walk of lives. We
work with multimedia and are encircled by multimedia. Due to the headway of
modern computer and information technology, multimedia systems play more and
more impact on our lives. Therefore, it
is more challenging fact how to organize and structure these huge multimedia
information so that we can get information easily at any point of time. To do
so, multimedia database is a tool desired to manage and maintain huge
multimedia objects, which consist of texts, graphics, animations, video,
sounds, music etc. Multimedia applications often address file management
interfaces at different levels of abstraction such as hypertext application,
audio editor, audio-video apportionment service count on the real strength of
multimedia database and its structure 2.
Due to the recent developments in computer networking
technology, distribution of digital multimedia content through the internet is
enormous. However, the increased number of digital documents, multimedia
processing tools, and the worldwide availability of Internet access has created
a very suitable medium for copyright fraud and uncontrollable distribution of
multimedia content. A major requirement now is to protect the intellectual property
of multimedia content in multimedia networks. There are number of data types
that can be characterized as multimedia data types. These are typically the
elements for the building blocks of generalized multimedia environments,
platforms, or integrating tools. The basic types can be described as text, images,
audio, video and Graphic objects 3.
1.1. Multimedia Data:
The objects of Multimedia data include texts, images,
graphics, animations, video, sound recordings, music, and so on which are
converted from different formats into digital media.
1.2. Database and Multimedia
Database composes a controlled collection of data related to
a given entity, and a Multimedia database is a controlled collection of
multimedia data. Therefore multimedia can be defined as a technique that
combines a variety of media items to make the information more attractive and
enables it to communicate in variety of ways. They deal with such a huge amount
of data which a simple DBMS is inadequate to deal with 4.
1.3. Security of multimedia
For altering and browsing the multimedia databases has a great
security issue. While a person is editing or browsing a link; he ought to be
properly checked that if he is authorized to do it or not, for instance films
are altered and a few segments of movies are erased, so, it ought to be taken
into consideration properly to cater for security issues in this sense.
So also, multimedia transaction is another issue; in which
the information from different locations is conveyed and is combined or updated
or edited at the same time. Inference problem is also one of the major issues
in MMDBMS that suggested in this paper in which the user can see even those
objects to which he is not authorized 1 4.
2. related work:
(Yu C. and Brandenburg T., 2011)5 discusses recent
multimedia database applications and some issues in teaching and learning like
data availability, file format and size, data storage and retrieval, search
engines and skills of teachers that educators may have into their classrooms
during usage of multimedia data.
(W. Madiha, et al., 2012) 1 studied some typical important
security issues. An experiential analysis has been done for measuring the
frequency, percentage and criticality of the issues such as Security and
Privacy issues related to MMDBMS. The access control, security policies,
security architecture and privacy problems which are being emerged from
Multimedia Data mining and paper (Roslina, etal, 2015) 6 talk about the
security of multimedia systems using access control policies. An access control
space represents the permission assignment state of a subject or role.
(Thuraisingham B., 2007) 7 Explain the problems associated with querying a high
level of multimedia data types.
Problems were identified by examining multimedia data objects
by applying certain conditions to those data. The author provided a model based
on conceptual inquiry, where there was no criterion for Search in search
engines. The author also suggested some of the main factors and challenges
faced by the multimedia frameworks as follows:
– Knowledge representation
– Mysterious accession
– Storage and
(Kosch H., Döller M., 2009) 8 Shows the evolution of
Multimedia Database Systems and derives a list of issues such as Multimedia
Indexing, Querying and Presentation.
(Er.Shilpi Harnal, et al., 2016) 9 Explained about
multimedia supported cloud environment, necessity and challenges in such an
environment for rich multimedia communication and computation. They did a
survey of different multimedia cloud computing architectures, security and
other issues and possible solutions proposed by various authors.
(Chun-Ting Huang, 2011) 10 Conducted a detailed survey on recent
multimedia storage security research activities in association with cloud
computing. They concentrated on four hot research areas which are data
integrity, data confidentiality, access control, and data manipulation in the
( Swapnali More, et al., 2016) 11 Proposed a secure and
efficient privacy preserving public auditing scheme. This auditing scheme makes
use of Advanced Encryption Standard (AES) algorithm for encryption, Secure Hash
Algorithm-2 (SHA-2) for integrity check and RSA signature for digital signature
(Prassanna J, et al., 2015)12 Analyzed an innovative mechanism that
technically and systematically logging any data access stored in the cloud
along with well supported auditing mechanism using Cloud Information
Accountability (CIA) framework. It utilized the homomorphic linear
authenticator (HLA) and stochastic masking to promise that the third party
audit would not be able to discover any information about the user’s precious
data or informational content stored on the cloud data storage.
To focus exclusively on protect multimedia data part. Data of
various types over the cloud, from the point of academic world and business.
Number of studies showing the need of security in cloud computing especially
for the multimedia content storage and the various proposed techniques to
3. Multimedia database
There are several of data types in use today that can be described
as multimedia data types. These are the components utilized for building other
generalized multimedia environments, platforms, or integrating tools.
Multimedia Database generally holds the following multimedia
Text, graphics, animation, sounds, video etc 13.
In multimedia applications, text is being utilized. Reason
is that a longer text reading is difficult by the smaller screen resolution. At
the same moment, when a piece of information fails to communicate to others
using other multimedia elements, text is obligatory. Text should be used only
such cases where it able to eliminate possible information ambiguity.
It is a very powerful multimedia component. The real
strength of graphics is to maintain context. Graphics are discrete concepts.
The user himself determines viewing moments and period. In this way, graphics
are very appropriate for individual studying and analyzing of connections. The
combination with text is ideal because each is discrete representations.
Graphics approve greater interpretation than the image and can be used better
for the aid of mental model.
The image is very much related by its photorealistic
representation to the concrete contents.
User’s mood may be motivated by using images. For this situation, the
mix of picture with sound will be especially effective. 13.
Animation is likewise an element in multimedia database.
It can be defined as the change in the characteristics of an object over a
period of time. Animation files need more storage space than graphic files
involving single image.
Sound as music or speech has astrength to invoke emotions.
Music can stimulate moods positively in reviving or relaxation of mind and
body; while sound as noise facilitates to irritate people. The combination of
sound with animation will really have a realistic impact on users.
Video is the most capable of all the multimedia
components. It depicts the real world events. It’s going to also help to grasp
the more delicate and complicated situation/ thoughts into minds Ibid.
4. Techniques to enhance
the security of multimedia data:
Information security has traditionally been ensured with
Encryption techniques. Generally encryption techniques,
Such as the Data Encryption Standard (DES), the Advanced
Encryption Standard (AES), the Rivest, Shamir and Adelman (RSA)
algorithm, the Triple DES (3DES), and the
International Data Encryption Algorithm (IDEA) and
Scalable encryption algorithm (SEA) 13, work on bit
stream of data input without regard to their nature of application. In other
Words, the encryption proceeds without distinguishing the input data as either:
audio, video, text, or graphics.
TABLE1. CLASSIFICATION OF STANDARD ENCRYPTION METHODS, ADAPTED FROM 14 15
Suitable for High
speed and low cost
But Small 56 bit key
size makes it
Comprises 3 DES
susceptible to chosen
memory and time
Sub bytes, Shift
rows, Mix column
add round key.
XOR, Addition and
Security level is high
when compared to
Function, Co prime
It is Public key
System. Secured but
speed is lower, when
but can be used only
Resources are limited.
When the Multimedia data is not a real time
data, it can be treated as a regular binary stream and above mentioned
conventional techniques can be applied. When varieties of constraints are
present, it is difficult to accomplish security for multimedia data.
5. Criteria for
By using security techniques of multimedia data many
goals can be achieved, these goals can be either all achieved at the same time
in one application, or only one of them.
From a security point of view, guaranteeing
secrecy suggests that nobody approaches information unless particularly
approved. Distinctive frameworks control this approval procedure in different
ways. The initial phase in approving access to data is to appropriately
recognize clients by means of verification. The capacity framework must
characterize the methods for a client to be legitimately distinguished before
obtaining entrance, and afterward having properly recognized a client, the
framework must enable access to just indicate information related with that
client. Appropriate approval to get to the capacity framework does not infer
access to the whole framework; indeed, the differentiating rule of minimum
benefit is for the most part connected. Information proprietors must, be that
as it may, have a technique for enabling others to get to data when proper
through an assignment of approval conspire 16.
To avoid unapproved access to data,
confidentiality also implies that the system must encrypt data and, hence,
requires either clients or servers to apply cryptographic keys. Deciding how
the keys are overseen has significantly affected the overall design – whether
conveyed by a concentrated gathering server or by singular document
proprietors, the impacts of key administration on execution and client comfort
must be examined. Cryptographic operations are regularly the most
computationally costly part of getting to safely put away information so
choosing where and how the cryptographic keys are connected is essential 17.
An additional critical discussion
concerning key management involves how keys are revoked. Once the system
determines to revoke a particular user’s access, the user’s keys must no longer
work within the system, or at a minimum not allow access to future versions of
the files. The cost associated with revoking a user manifests itself in the re encryption
effort required to secure confidentiality. It is not possible to physically
revoke a user’s keys to prevent that user’s ability to perform operations since
copies could have been produced, so the system must render all keys of a
revoked user obsolete and re-encrypt all of the data with a new key. A
resulting argument then turns, once again, to a tradeoff between security and
performance. There are two primary methods for securing the data after key revocation:
Lazy revocation and aggressive revocation.
When using lazy revocation the system does not re-encrypt the data that the
revoked user previously had authorization to access until the next valid user
attempts to access the file. This essentially defrays the cost over time, but
it leaves data vulnerable to the revoked user for an unspecified period of
contrast, aggressive revocation immediately re-encrypts all files that the
revoked user could potentially access. Once re encrypted, new keys must be
distributed to all personnel who are affected by the changed encryption (adding
additional weight to the key distribution scheme); clearly this option requires
time. Lazy re-encryption sacrifices a measure of security to save time while
aggressive revocation sacrifices time to improve security 18.
Availability considers in terms of time, space, and
representation. Information needs to be available to an authorized user within
an acceptable time period, without monopolizing the available storage space,
and in an understandable representation. A system cannot allow an adversary to
prevent authorized access to information via a denial-of-service attack. It is
important to note that the goals of availability conflict to a degree with those
of confidentiality, because ensuring confidentiality often requires increased
time to access data or offering access only within a limited environment 16.
Integrity is a broadly based topic that includes
maintaining data consistency in the face of both accidental and malicious
attacks on data. The resulting expectation is that when a user accesses stored
information, no data has been subjected to unauthorized modification. Many
systems enforce integrity by ensuring that data comes from the expected source.
For stored data, the discussion of integrity implies that files have not been
changed on the disk 19.
Integrity enforcement procedures fall into two categories:
data modification prevention and data modification detection.
Similar to confidentiality, modification prevention
requires users to receive authorization prior to changing files and requires
that files are only changed in an approved manner. Integrity differs from
confidentiality in that confidentiality is only worried about whether or not
data has been compromised, whereas integrity includes ensuring the correctness
of the data. Detection schemes generally assume that attacks are inevitable and
that there must be suitable ways to assess any damage done, recover from the
damage, and apply lessons learned to future prevention mechanisms 20.
The level of security and the system performance often
conflict. In order to provide the requisite layers of security to avoid harmful
attacks, the system performance suffers. The two objectives of an efficient
system and a secure environment intrinsically conflict. Each extra safety
effort requires computationally costly preparing that takes away from the
framework’s capacity to perform different operations; all safety efforts are
overhead .for the system. Each of the assessed stockpiling technique attempts
to minimize the performance cost associated with the particular measures of the
system. The most prevailing performance cost is associated with encryption due
to its computationally expensive nature 21.
Because of the exponential development of online
information and transformation in multimedia technology, multimedia data
copying has become quite easy. So provision of security and protection to the
data stored in the cloud has become inevitable. In this paper, conducted a
survey of various aspects involved in multimedia data security and content
protection techniques. By analyzing the related work, we can identify the gaps
that need to be addressed in order to achieve more protection to the content.
Some of the previous works focus on providing protection to only one type of
multimedia data. Many methods use image processing and signal processing
techniques which are computationally intensive, time consuming and involve high
complexity. There is a need for a simple, single practical solution for
multimedia content protection for various types such as audio, video and images
based on copy detection which will be quite fast, storage efficient, involving
less complexity, with low communication and computational costs yet scalable to
large scale databases.
I would like to thank GOD and my husband and my beautiful
daughter and my family for their constant support during this work. I would
also like to thank my Guide Dr.Nizar for his support and encouragement to
complete my work.