Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

Chapter 1

INTRODUCTION
Computer paradigms evolved from the mainframe to grid computing, bringing new paradigms that changed our way to use and understand computers. Personal devices and consumer electronics have been influenced by those changes. Cloud computing is a new paradigm that offers scalability, reliability, availability when accessing resources across Internet. Moreover cloud computing is expected to abstract the details of the underlying infrastructure even when they are complex. The term "cloud" is a metaphor for the Internet, the networ over which different organi!ations "oin to dynamically offer scalable resources #$%. Media management is among the most outstanding aspects of cloud computing, since the cloud ma es possible to retain and share large amounts of digital media. Current state&of&the&art devices can produce, store and deliver high 'uality media that can be finally distributed towards social networ s and communities where constituent members might be family or friends. (owever, there is no infrastructure to eep data under control or even find a concrete media in the home environment or outside it. Media cloud has been designed to cope with this problem letting users constitute a cloud with )riends, family or with people with the same interests with the sole ob"ective of managing media transparently even if media is located outside their domains. *niversal Plug and Play +*PnP, #-% and .igital /iving 0lliance +./10, alleviate the problems of sharing contents among devices in the home networ but they lac a mechanism for searching across multiple repositories in parallel The solution describes a middleware that can be instantiated in 2et&top boxes +2T3, or home gateways, called Media Cloud, for classifying, searching, and sharing media across the home domain and the cloud. Media Cloud uses a plug&in system to support several content management technologies and it can be extended to future technologies.

Department of CS ! "#1$%"#1& 1

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

Chapter "

'IT RATUR SUR( )

"*1 Cloud Computing
Cloud computing is the use of computing resources +hardware and software, that are delivered as a service over a networ +typically the Internet,. The name comes from the use of a cloud&shaped symbol as an abstraction for the complex infrastructure it contains in system diagrams. Cloud computing entrusts remote services with a user4s data, software and computation.

+ig "*1 Cloud Computing

"*" Content Management

Content management, or CM, is the set of processes and technologies that support the collection, managing, and publishing of information in any form or medium. In recent times this information is typically referred to as content or, to be precise, digital content. .igital content may ta e the form of text +such as electronic documents,, multimedia files +such as audio or video files,, or any other file type that follows a content lifecycle

Department of CS ! "#1$%"#1& "

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

re'uiring management. Content management practices and goals vary by mission and by organi!ational governance structure. 1ews organi!ations, e commerce websites, and educational institutions all use content management, but in different ways. This leads to differences in terminology and in the names and number of steps in the process.

-.5 Content Di,tri-ution

Digital di,tri-ution +also called content deli.er/, online di,tri-ution, or electronic ,oftware di,tri-ution + SD,, among others, describes the delivery of media content such as audio, video ,software and video games, without the use of physical media usually over online delivery mediums, such as the Internet. .igital distribution bypasses conventional physical distribution methods, such as paper or .6.s. The term online distribution is typically applied to freestanding products7 downloadable add&ons for other products are more commonly nown as downloadable content. 8ith the advancement of networ bandwidth capabilities, digital distribution become prominent in the -999s. Content distributed online may be streamed or downloaded. 2treaming involves downloading and using content "on& demand" as it is needed. Meanwhile, fully downloading the content to a hard drive or other form of storage media allows for 'uic access in the future.

+ig "*$ Content Di,tri-ution

Department of CS ! "#1$%"#1& $

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

Chapter $

IM0' M NTATION
8e have developed Media Cloud including an *PnP service for metadata exchange that can be easily instantiated in small devices. 8e have chosen an open source *PnP library for developing the *PnP:./10 plug&ins of the (ome .omain Manager and for the metadata exchange service. The development process of Media Cloud comprises three stages. In the first stage, we developed a proof of concept using commodity hardware as Personal Computers +PCs,. In this stage, Media Cloud was successfully instantiated and tested in several ;-<< containers. Concerning the hardware, we tested Media Cloud in a small form factor PC with $=b of >0M. The (ome Media Indexes database was developed using the 0pache /ucene open source pro"ect. To ma e the index searchable across the cloud, we implemented a custom Content 2erver with a distributed search library from the ?atta pro"ect. @ur custom Content 2erver handles the master node election during the initiali!ation and upon master failure. The security layer in this stage used an open source A0CM/ implementation for policy enforcement and an open source security framewor for user management, authentication, authori!ation, and policy enforcement. The information cards authentication was implemented as a custom authentication module for the security framewor . In the second stage, we faced the challenge of ma ing a stable implementation with a low memory footprint to be instantiated in a state&of&the&art 2T3 with a >educed Instruction 2et Computing +>I2C, processor, -BCMb of >0M,and a =igabit <thernet networ interface running /inux operating system. 8e tested our implementation with a 2T3 for both modes of operation. The scenario was a cloud with B9 participants ma ing one re'uest at the same time to the Media Cloud node instantiated in the 2T3. 8e repeated the process B9 times. The Media Cloud 2T3 used an index derived from $9 thousand media files. The memory consumption and the test time are shown in )ig. B for the relaxed mode and in )ig. C for the loaded mode

Department of CS ! "#1$%"#1& &

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

+ig*1*1 Te2t re,ult, for rela2ed mode u,ing 3M- of RAM

+ig* 1*" Te2t re,ult, for loaded mode u,ing 14M- of RAM The test for the relaxed mode lasted $$9- seconds. The Content 2erver used BDE seconds of that time to process the -B99 re'uests. The rest of the CP* time was used to parse the re'uest, chec the security policy, generate the response, and send it. The average used heap was about B.C Mb. The test for the loaded mode lasted FB9 seconds. The Content 2erver used BD$ seconds of that time to process the -B99 re'uests, which is reasonably similar to the time the
Department of CS ! "#1$%"#1& 5

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

Content 2erver used in the relaxed mode tests, showing that the search operation time is, in practice, constant. 3esides the average used heap was also around B.C Mb, the bigger heap allows Media Cloud to accommodate more re'uests without needing to free part of the heap ma ing this mode a $BG faster.

Department of CS ! "#1$%"#1& 4

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

Chapter &

CONC'USION
Media Cloud provides an easy to manage, cost&effective solution for bringing cloud computing paradigm to content sharing among federated home networ s. The solution is easy to manage since it supports different devices by performing content adaptation. Media Cloud considers transparency as a main goalH it allows devices from different home networ s to communicate as if they were in the same local networ . It uses well nown protocols as ./10 and *PnP for interfacing the home networ whereas uses (TTP and >TP over a secure channel for communications across Internet. Moreover, the solution is open since new protocols can be supported using the plug&in system. The cost effectiveness is achieved by sharing resources that could be underused in other cases. Media Cloud encourages cooperation among home networ s facilitating media classification, management and sharing. .istributed search and content delivery over the cloud are among the most important features of Media Cloud. *nli e other cloud computing solutions, Media Cloud, due to its private character, mitigates privacy problems. It relies on digital identity to perform per user authentication and personali!ation, and uses @0uth to ens for filtering search results and perform access control.

Department of CS ! "#1$%"#1& 1

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

R + R NC
#$% #-% #5% #D% #B% #C% #E% 0. 8eiss, "Computing in the clouds," net8or er, vol. $$, no. D, pp. $C& -B, .ec., -99E. 0. Presser et al., "*PnP .evice 0rchitecture 6ersion $.$," *PnP )orum Tech. >ep. 6$.$, @ctober -99I (. <rdogmus, "Cloud ComputingH does nirvana hide behind the nebulaJ," I<<< 2oftware, 6ol. -C, no. -, pp. D&B, Mar., -99F. ;. 6oas and ;. Khang, "Cloud ComputingH new wine or "ust a new bottleJ," IT Prof., 6ol. $$, no. -, pp. $B&$E, Mar., -99F. *. =asser and ;. Palfrey, 3orn .igitalH *nderstanding the )irst =eneration of .igital 1atives, 3asic 3oo s, 1L, 2eptember -99I. ?. 3reitman, M. <ndler, >. Pereira, and M. 0!ambu"a, "8hen T6 .ies, 8ill It =o to the CloudJ," I<<< Computer, 6ol. D5, no. D, 0pril -9$9. ;.2. <ric son, 2. 2pence, M. >hodes, .. 3an s, ;. >utherford, <. 2impson, =. 3elrose, >. Perry, "Content&Centered collaboration spaces in the cloud," I<<< Internet Computing, 6ol. $5, no. B, pp. 5D&D-, 2ep., -99F. #I% .. .ia!&2anche!, 0. Marin, ). 0lmenare!, 0. Cortes, "2ocial applications in the home networ I<<< Trans. Consumer <lectron., vol. BC, no. $, pp. --9&--F, )eb. -9$9. #F% #$9% M. 3handar ar, "Map>educe programming with apache (adoop", in Proc. of I<<< International 2ymposium on Parallel M .istributed Processing, May -9$9. <. (ammer&/ahav, "The @0uth $.9 Protocol", Internet <ngineering Tas +I<T),, >)C BIDF, 0pr. -9$9. )orce

Department of CS ! "#1$%"#1& 3

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

Chapter $

M DIA C'OUD O67 CTI( S

Media Cloud is a middleware for enabling media&centered cooperation among home networ s. Media Cloud is the bridge to an open architecture that allows users to "oin their home e'uipments to constitute a cloud. Media Cloud abstracts the underlying complexity to provide a new content distribution model that simplifies classifying, searching and accessing user&generated and commercial content within the home networ s. Media Cloud pursues fulfilling three goals. The first goal is content classification. 0n average user generates contents very 'uic ly and stores them away in several devices. In fact, usersN media library stops growing only since they reach their storage capacity until they buy an additional hard drive or computer7 or they "ust upgrade their hard drive e'uipped 2T3. Thus, it is usual for a user to expend big time trying to find contents that were previously stored in his:her own devices, organi!e them into collections, and manipulate them to produce new formats or presentations. Media Cloud alleviates the problem providing an indexing service for searching, a set of functions over common protocols to add or annotate contents and a user interface to manage them +move, copy, delete,. The second goal is to solve the problem of sharing large amounts of media with family and friends. 0s it has been shown during the web -.9 advent, the web has dived in the social plane very 'uic ly. 1owadays, applications are commonly lin ed to social networ s and that principle extends to media sharing applications. (owever, several privacy problems restrain users to upload personal pictures or videos to social networ s. )or instance, the 2ecurity >esearch Computer /aboratory at the *niversity of Cambridge revealed in their blog entry "The attac of the Kombie Photos" that many social networ s fail to delete personal pictures when instructed to do so by the owners. Moreover, in some cases it is possible to obtain unauthori!ed access to photos.

Department of CS ! "#1$%"#1& 8

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

8hen it comes to commercial content, the goal of Media Cloud is to act as discovery service and license proxy. It "ust finds contents, exchange licenses and provides a tunnel for communicating protected devices. Thus, a constituent member of the cloud can access commercial content retained by other home networ , whenever he:she holds the appropriate license. This article intends to present Media Cloud architecture, its distributed search engine and the content adaptation modules.

Department of CS ! "#1$%"#1& 1#

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

Chapter 1

CONC'USION
Media Cloud provides an easy to manage, cost&effective solution for bringing cloud computing paradigm to content sharing among federated home networ s. The solution is easy to manage since it supports different devices by performing content adaptation. Media Cloud considers transparency as a main goalH it allows devices from different home networ s to communicate as if they were in the same local networ . It uses well nown protocols as ./10 and *PnP for interfacing the home networ whereas uses (TTP and >TP over a secure channel for communications across Internet. Moreover, the solution is open since new protocols can be supported using the plug&in system. The cost effectiveness is achieved by sharing resources that could be underused in other cases. Media Cloud encourages cooperation among home networ s facilitating media classification, management and sharing. .istributed search and content delivery over the cloud are among the most important features of Media Cloud. *nli e other cloud computing solutions, Media Cloud, due to its private character, mitigates privacy problems. It relies on digital identity to perform per user authentication and personali!ation, and uses @0uth to ens for filtering search results and perform access control.

Department of CS ! "#1$%"#1& 11

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

R + R NC
#$$% #$-% #$5% #$D% #$B% #$C% #$E% 0. 8eiss, "Computing in the clouds," net8or er, vol. $$, no. D, pp. $C& -B, .ec., -99E. 0. Presser et al., "*PnP .evice 0rchitecture 6ersion $.$," *PnP )orum Tech. >ep. 6$.$, @ctober -99I (. <rdogmus, "Cloud ComputingH does nirvana hide behind the nebulaJ," I<<< 2oftware, 6ol. -C, no. -, pp. D&B, Mar., -99F. ;. 6oas and ;. Khang, "Cloud ComputingH new wine or "ust a new bottleJ," IT Prof., 6ol. $$, no. -, pp. $B&$E, Mar., -99F. *. =asser and ;. Palfrey, 3orn .igitalH *nderstanding the )irst =eneration of .igital 1atives, 3asic 3oo s, 1L, 2eptember -99I. ?. 3reitman, M. <ndler, >. Pereira, and M. 0!ambu"a, "8hen T6 .ies, 8ill It =o to the CloudJ," I<<< Computer, 6ol. D5, no. D, 0pril -9$9. ;.2. <ric son, 2. 2pence, M. >hodes, .. 3an s, ;. >utherford, <. 2impson, =. 3elrose, >. Perry, "Content&Centered collaboration spaces in the cloud," I<<< Internet Computing, 6ol. $5, no. B, pp. 5D&D-, 2ep., -99F. #$I% .. .ia!&2anche!, 0. Marin, ). 0lmenare!, 0. Cortes, "2ocial applications in the home networ I<<< Trans. Consumer <lectron., vol. BC, no. $, pp. --9&--F, )eb. -9$9. #$F% #-9% M. 3handar ar, "Map>educe programming with apache (adoop", in Proc. of I<<< International 2ymposium on Parallel M .istributed Processing, May -9$9. <. (ammer&/ahav, "The @0uth $.9 Protocol", Internet <ngineering Tas +I<T),, >)C BIDF, 0pr. -9$9. )orce

Department of CS ! "#1$%"#1& 1"

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

Chapter &

M DIA C'OUD ARC9IT CTUR

Media Cloud middleware provides services to the devices located inside the home networ and to other Media Cloud instances located outside whenever they belong to the same cloud. )or that reason, Media Cloud is located between the home networ and Internet. 0n appropriate place to instantiate Media Cloud is an 2T3 with access to the home networ and to the Internet. Thus, it can communicate with devices located in the home environment and provide search services, content delivery, and filtering to friends and family outside home domain. )ig. $ s etches out the architecture of Media Cloud. Two different modules compose Media CloudH the Media Indexer and the )oreign Content 0ggregator. 0side those modules there is a security layer which enforces security policies and filter contents

+ig 5*1 Media Cloud Architecture The Media Indexer manages communications with devices inside the home domain. It discovers devices, obtains metadata from the media files offered by those devices, builds search indexes, and adapts incoming and outgoing streams appropriately for every device. The most important tas of the Media Indexer is the creation of the search index +content cataloging,. The index contains metadata, information about the devices, access control information, and any other optional attribute. The )oreign Content 0ggregator attains the goal of ma ing the home networ part of a cloud. It extends ?atta, an open source distributed application that enables search operations in a similar way as (adoop Map >educe #$9% does. The )oreign Content
Department of CS ! "#1$%"#1& 1$

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

0ggregator straighten out the problem of searching across multiple repositories in parallel +one per constituent home networ , and also handles incoming or outgoing content streams. The Media Cloud middleware +instantiated in an 2T3, collects metadata, provides searching services, and acts as a proxy adapting re'uests to protocols supported by media endpoints. Thus, it "ust disguises the complexity of the Internet to the home domain devices and, obviously, to their *sers.

&*1 Media Inde2er

The Media Indexer discovers devices located in the home domain and interrogates them to gather information about the contents they retain. It uses content information to produce an index that will be used by the )oreign Content 0ggregator to facilitate search operations. The Media Indexer has two functional bloc sH the Content Indexer and the (ome .omain Manager. The Content Indexer collects information about the content as media type, creation date, metadata, and user4s annotations. It also registers access information as the hardware identifier or the networ address of the device holding that content, protocols that can be used to access the content and re'uired license +in the case of commercial content,. 8ith that information, it builds an index and stores it in the (ome Media Indexes +(MI, database. 8hen the Content Indexer processes a media file, as a photo or video, it needs cooperation from the device, for instance, to provide information about the media file. This procedure re'uires the device to implement a metadata extraction service accessible by, for instance, ./10 or *PnP. <ven though that is the preferred way, the Content Indexer can fetch the media file from the device or part of it, since the beginning usually contains the metadata, to process it.

Department of CS ! "#1$%"#1& 1&

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

&*1*1 The Content Inde2er

The Content Indexer +CI, is in charge of building an index for contents using content metadata, social networ feeds and Internet related content +see )ig. -,. This module uses /ucene, an open source scalable high&performance indexer that enables searching over the index using ran ed or fielded searches. It is possible to use many different 'ueries as phrase, wildcard, proximity, or range 'ueries. 0 /ucene index is a directory. <very index entry corresponds to a document inside the directory. The CI creates a document for every media file analy!ed and adds it to the index. 0 document is a collection of field&value pairs. The number and nature of fields depends on the media file since the information extracted from metadata, Internet or social networ s might be different.

+ig 5*" Content Inde2er )ields in /ucene can be stored, to eni!ed, indexed, and vectored. 2tored fields contain the value as it was provided to /ucene. In to eni!ed fields, the value is analy!ed and to ens emitted are indexed. The value in indexed fields is made searchable. )inally, vectored
Department of CS ! "#1$%"#1& 15

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

fields contain the term fre'uency per document. The fields of the document generated by CI for every media file can be classified in three categories. The content description category contains a field per metadata entry in the file. 2ince the field name must be uni'ue within a document, the CI uses a namespace name as a prefix for every metadata entry, for instance, "id5.title" or "ipct.author". The fields belonging to this category are indexed and stored in the document, so it is possible to search across them.

&*1*" 9ome Domain Manager

The (ome .omain Manager +(.M, deals with the different networ ed devices present in the home networ . It relies on a plug&in system for supporting different devices and protocols, and it can be extended to support upcoming technologies. 8hen contents are re'uested from the home networ or from the cloud the (.M retrieves the access information fields from the index and instantiates the appropriate plug&in.

+ig 5*$ 9ome Domain Manager

This plug&in system deals with the plethora of technologies available for content distribution within a home domain. *PnP and ./10 are supported by the (.M, but it can be extended to other protocols. ./10 and *PnP deal with networ ed consumer electronics permitting user generated contents to be shared among household devices.

Department of CS ! "#1$%"#1& 14

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

These specifications define three functional componentsH Media 2erver +M2,, Media >enderer +M>,, and Control Point +CP,. 0 device can implement several functional components +media players combine CP and M>,. Control Points discover and control other devices on the networ and coordinate operations among devices that yield to the desired result. .evices in ./10 expose services that provide actions. 2ervices can be controlled via state variables or events. *PnP 06 facilitates the discovery and configuration but it does not define how contents are transferred. ./10 goes beyond *PnP defining mandatory Media )ormats and Media Transport protocols as (TTP or >eal&time Transport Protocol +>TP,. (owever, distributed search operations in *PnP and ./10 are not straightforward. *PnP behaves in a Peer&to&Peer +P-P, fashion, for instance, a CP controls a M2 to render contents in a M>, so *PnP does not allow to search in parallel in several repositories. The Content Indexer and the )oreign Content 0ggregator handle the searching operations. The (.M acts as a bro er. The module gets the content stream from the source device using the appropriate plug&in.

&*" +oreign Content Aggregator

The )oreign Content 0ggregator handles cloud communications. It ma es content stored in devices at the home networ available to other Media Cloud instances through Internet. The module is composed by a Content 2erver and a Content .elivery module. The Content 2erver facilitates foreign clients to search within the (MI database. The Content .elivery module sends content to other Media Cloud instances located outside the home domain. The authentication is handled by the 2ecurity /ayer that issues a security to en after a foreign client is successfully authenticated and authori!ed. The 0ccess Control 2ystem of the security layer uses the security to en to filter (MI database contents preventing unauthori!ed access and respecting privacy. The authentication is handled by the 2ecurity /ayer that issues a security to en after a foreign client is successfully authenticated and authori!ed. The 0ccess Control 2ystem of the security layer uses the security to en to filter (MI database contents preventing unauthori!ed access and respecting privacy.
Department of CS ! "#1$%"#1& 11

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

&*"*1 Content Ser.er

*PnP and ./10, as many other protocols used to share contents within a home domain were designed to operate in local networ s. )or that reason, users rely fre'uently on third party services, typically web&based, to share contents beyond the boundaries of a home domain. These inds of wor arounds are orthogonal to cloud computing concepts since contents are not accessed transparently. )ortunately, many initiatives allow clients to perform distributed search operations by connecting to all nodes and merging results into a unified result list. Those initiatives employ "map and reduce" functions #$5% commonly used in functional programming. The )oreign Content 0ggregator is based on ?atta, a distributed application that runs on commodity hardware. ?atta re'uires a master server to manage the rest of the nodes

Department of CS ! "#1$%"#1& 13

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

of Media Cloud. 1odes are participants of the Media Cloud that serve index "shards"

+ig 5*& content ,er.er ?atta uses Koo eeper, a centrali!ed service +where the central node is the master, for maintaining configuration information, naming, providing distributed synchroni!ation, and providing group services. Koo eeper eeps trac of the live nodes and updates the node list in every Media Cloud instance when a node fails or a new node "oins the cloud. 8hen a search operation is performed, ?atta gets the document fre'uencies, i.e. number of times the word+s, of the 'uery is +are, contained in a document, for a 'uery individually from all the nodes. That gives the document fre'uencies per node, but not a global score +or fre'uency,. Then, it passes the value +document fre'uency, and the search 'uery to all nodes so they can ad"ust their scoring in order to derive the document fre'uency,
Department of CS ! "#1$%"#1& 18

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

or scoring, with a global scope. In this way, it is possible to obtain a distributed scoring system to find the contents that better match the search 'uery.

&*"*" Content Deli.er/ Module

The Content .elivery Module +C.M, handles communications with foreign devices. This module delivers content outside the home networ by means of streaming, http or any proprietary protocol using a general&purpose secure tunnel. The module selects the most appropriate protocol to send contents across Internet. The device retaining the selected content streams it to the (ome .omain Manager. The C.M at the source home networ provides an appropriate transport to the content over a secure tunnel. The C.M at the destination receives the content and redirects it to its (ome .omain Manager. )inally, the (ome .omain Manager at destination Media Cloud instance, would select the appropriate plug&in to deliver the content to the device that re'uested it. The C.M uses a plug&in system that can be extended to support new protocols. 3y default, the C.M supports >TP and >eal Time 2treaming Protocol +>T2P, protocols for streaming. It also supports (TTP and (TTP over secure channel +(TTP2, protocols for transmitting content that cannot be streamed as images or documents. If the protocol for communicating two devices in different home networ s through the cloud is proprietary, the C.M provides a general purpose secure tunnel that acts as secure pipe. .evices located at the home networ can access transparently to contents stored in the cloud as if they were part of the home networ . The (ome .omain Manager and the Content .elivery Module perform content streaming and adaptation. The Content .elivery Module sends or receives contents from other Media Cloud instances and the (ome .omain Manager adapts the streams to fit devices capabilities. Media Cloud abstracts the underlying complexity so the devices interact as if they were located in the same home networ .

Department of CS ! "#1$%"#1& "#

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

Department of CS ! "#1$%"#1& "1

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

Chapter 5

S CURIT)
The security layer is among the most important pieces of Media Cloud. There are several concerns about security in cloud computing especially when user&generated content can be delivered, stored and processed in nodes outside the administrative boundaries of the user domain. In #$D% and #$B% could computing security is analy!ed unveiling that the most important problem is trust. Those articles reason about public Cloud Computing systems that offer services to end users or other companies. In general, trust is a trade off against many benefits as scalability, performance and ease of management. 3ut when it comes to user generated content, which can comprise sensitive content, trust is absolutely necessary. The problem of trust in Media Cloud is alleviated since the cloud could be considered private. Media Cloud is managed by a community where constituent members might be family, friends or anyone explicitly invited to be part of it. The security in Media Cloud is based on digital identity. 0 Media Cloud instance provides services to devices located in the home networ . Those devices can be operated by any family member. Thus, the authentication, authori!ation and policy enforcement should be managed using user&centric digital identity technology. Modern user&centric digital identity can be defined as "what I say about me, and what others say about me" #$C%, since users coalesce attributes from different places ad&hoc for each interaction, eeping entire control over their data. 2ome user&centric digital identity paradigms, as Information Cards #$E%, permit to build personali!ed cards, metaphors of real I. cards. The idea is not only to authenticate and authori!e Media Cloud users but also to personali!e the service, for instance, filtering contents or enforcing parental control. Media Cloud relies on Information Cards to perform authentication and authori!ation. 8hen a user starts using Media Cloud, he re'uests his Media Cloud 2T3 to generate an Information Card and to send it to the members of the cloud or to those offering the services re'uested by the user. *pon reception, Media Cloud nodes perform authentication and authori!ation on the Information Card. If the authentication was successfully and the
Department of CS ! "#1$%"#1& ""

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

re'uested services fit on the authori!ation policy, each node issues an @0uth #$I% to en that will be used for further interaction. @0uth allows Media Cloud nodes to delegate resources to other node or device without re'uiring to hand out credentials at the beginning of every interaction. In such a way, every Media Cloud node delegates part of their functionality to the to en holder.

Department of CS ! "#1$%"#1& "$

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

Department of CS ! "#1$%"#1& "&

Media Cloud: An Open Cloud Computing Middleware for Content Management

Introduction

Department of CS ! "#1$%"#1& "5