The technologies for real-time multimedia transmission and immersive 3D gaming applications are rapidly emerging, posing challenges in terms of performance, security, authentication, data privacy, and encoding. The communication channel for these multimedia applications must be secure and reliable from network attack vectors and data-contents must employ strong encryption to preserve privacy and confidentiality. Towards delivering secure multimedia application environment for 5G networks, we propose an SDN/NFV (Software-Defined-Networking/Network-Function-Virtualization) framework called STREK , which attempts to deliver highly adaptable Quality-of-Experience (QoE), Security, and Authentication functions for multi-domain Cloud to Edge networks. The STREK architecture consists of a holistic SDNFV dataplane, NFV service-chaining and network slicing, a lightweight adaptable hybrid cipher scheme called TREK, and an open RESTful API for applications to deploy custom policies at runtime for multimedia services. For multi-domain/small-cell deployments, the key-generation scheme is dynamic at flow/session-level, and the handover authentication scheme uses a novel method to exchange security credentials with the Access Points (APs) of neighborhood cells. This scheme is designed to improve authentication function during handover with low overhead, delivering the 5G ultra-low latency requirements. We present the experiments with both software and hardware-based implementations and compare our solution with popular lightweight cryptographic solutions, standard open source software, and SDN-based research proposals for 5G multimedia. In the microbenchmarks, STREK achieves smaller hardware, low overhead, low computation, higher attack resistance, and offers better network performance for multimedia streaming applications. In real-time multimedia use-cases, STREK shows greater level of quality distortion for multimedia contents with minimal encryption bitrate overhead to deliver data confidentiality, immunity to common cryptanalysis, and significant resistance to communication channel attacks, in the context of low-latency 5G networks.

中文翻译：

---

面向 5G 网络中多媒体应用的 SDN 支持的 QoE 和安全框架

实时多媒体传输和沉浸式 3D 游戏应用技术正在迅速兴起，在性能、安全性、身份验证、数据隐私和编码方面提出了挑战。这些多媒体应用程序的通信通道必须安全可靠，不受网络攻击向量的影响，并且数据内容必须采用强加密来保护隐私和机密性。为了为 5G 网络提供安全的多媒体应用环境，我们提出了一个 SDN/NFV（软件定义网络/网络功能虚拟化）框架，称为STREK，它试图提供高度适应性体验质量(QoE)、安全和多域云到边缘网络的身份验证功能。这STREK架构由一个整体的 SDNFV 数据平面、NFV 服务链和网络切片、一种轻量级的自适应混合密码方案组成，称为跋涉，以及一个开放的 RESTful API，供应用程序在运行时为多媒体服务部署自定义策略。对于多域/小小区部署，密钥生成方案在流/会话级别是动态的，并且切换认证方案使用一种新颖的方法与邻域小区的接入点 (AP) 交换安全凭证。该方案旨在以低开销改善切换期间的认证功能，满足 5G 超低延迟要求。我们展示了基于软件和基于硬件的实现的实验，并将我们的解决方案与流行的轻量级加密解决方案、标准开源软件和基于 SDN 的 5G 多媒体研究提案进行了比较。在微基准测试中，STREK实现了更小的硬件、低开销、低计算量、更高的抗攻击性，并为多媒体流应用提供了更好的网络性能。在实时多媒体用例中，STREK在低延迟 5G 网络的情况下，多媒体内容的质量失真程度更高，加密比特率开销最小，可提供数据机密性、对常见密码分析的免疫力以及对通信信道攻击的显着抵抗力。