Enforcing End-to-end Security for Remote Conference Applications

Remote conference applications are increasingly widely used, but currently, their improper data encryption methods, proprietary implementations, and dial-in access cause concerns about privacy breaches. As such, there is a need for trustworthy and secure solutions for these production tools. In this...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	Liu, Yuelin, Chen, Huangxun, Yang, Zhice
Format:	Tagungsbericht
Sprache:	eng
Schlagworte:	E2EE Oral communication Privacy Privacy breach Production Remote Conference Sensors Software Streaming media Video surveillance
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	2647
container_issue
container_start_page	2630
container_title
container_volume
creator	Liu, Yuelin Chen, Huangxun Yang, Zhice
description	Remote conference applications are increasingly widely used, but currently, their improper data encryption methods, proprietary implementations, and dial-in access cause concerns about privacy breaches. As such, there is a need for trustworthy and secure solutions for these production tools. In this paper, we present mTunnel, a transparent software layer in the host system for securing conference applications without sacrificing the key functionalities and convenience. The basic idea of mTunnel is to encrypt sensitive data, such as audio, video, text, etc., before it is obtained by untrusted application clients. mTunnel leverages the audio and video streaming capabilities of the conference applications to tunnel the encrypted content to the remote end. mTunnel involves a software framework to accommodate the media interception and representation through I/O virtualization based on virtual drivers. Moreover, mTunnel supports complete E2EE group conversations even in a mixed IP and public switched telephone network (PSTN). We implement mTunnel and evaluate it with several commercial products. Results show its feasibility and overhead.
doi_str_mv	10.1109/SP54263.2024.00236
format	Conference Proceeding
fullrecord	<record><control><sourceid>ieee_RIE</sourceid><recordid>TN_cdi_ieee_primary_10646740</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10646740</ieee_id><sourcerecordid>10646740</sourcerecordid><originalsourceid>FETCH-LOGICAL-i106t-d23fc2cf5902fdc3c771b67a40a8bc25873adaf54a42a0c30b9331de60a04e713</originalsourceid><addsrcrecordid>eNotjs1Kw0AURkdBsNa-gLjIC6TemTs_mZ0lxCoUFKvrMpm5IyPtJCRx0bc3oKtvcQ6Hj7E7DmvOwT7s35QUGtcChFwDCNQXbGWNrVABIkfgl2wh0KiSCzDX7GYcv2cN0MoFe2xy7Aaf8lfR5FBOXUk5FHvyP0OazsXMinc6dRMVdZcjDZQ9FZu-PybvptTl8ZZdRXccafW_S_b51HzUz-XudftSb3Zl4qCnMgiMXvioLIgYPHpjeKuNk-Cq1gtVGXTBRSWdFA48Qmvn74E0OJBkOC7Z_V83EdGhH9LJDefD3JbaSMBfEDNJnw</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Enforcing End-to-end Security for Remote Conference Applications</title><source>IEEE Electronic Library (IEL)</source><creator>Liu, Yuelin ; Chen, Huangxun ; Yang, Zhice</creator><creatorcontrib>Liu, Yuelin ; Chen, Huangxun ; Yang, Zhice</creatorcontrib><description>Remote conference applications are increasingly widely used, but currently, their improper data encryption methods, proprietary implementations, and dial-in access cause concerns about privacy breaches. As such, there is a need for trustworthy and secure solutions for these production tools. In this paper, we present mTunnel, a transparent software layer in the host system for securing conference applications without sacrificing the key functionalities and convenience. The basic idea of mTunnel is to encrypt sensitive data, such as audio, video, text, etc., before it is obtained by untrusted application clients. mTunnel leverages the audio and video streaming capabilities of the conference applications to tunnel the encrypted content to the remote end. mTunnel involves a software framework to accommodate the media interception and representation through I/O virtualization based on virtual drivers. Moreover, mTunnel supports complete E2EE group conversations even in a mixed IP and public switched telephone network (PSTN). We implement mTunnel and evaluate it with several commercial products. Results show its feasibility and overhead.</description><identifier>EISSN: 2375-1207</identifier><identifier>EISBN: 9798350331301</identifier><identifier>DOI: 10.1109/SP54263.2024.00236</identifier><identifier>CODEN: IEEPAD</identifier><language>eng</language><publisher>IEEE</publisher><subject>E2EE ; Oral communication ; Privacy ; Privacy breach ; Production ; Remote Conference ; Sensors ; Software ; Streaming media ; Video surveillance</subject><ispartof>2024 IEEE Symposium on Security and Privacy (SP), 2024, p.2630-2647</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10646740$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,796,27924,54757</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10646740$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Liu, Yuelin</creatorcontrib><creatorcontrib>Chen, Huangxun</creatorcontrib><creatorcontrib>Yang, Zhice</creatorcontrib><title>Enforcing End-to-end Security for Remote Conference Applications</title><title>2024 IEEE Symposium on Security and Privacy (SP)</title><addtitle>SP</addtitle><description>Remote conference applications are increasingly widely used, but currently, their improper data encryption methods, proprietary implementations, and dial-in access cause concerns about privacy breaches. As such, there is a need for trustworthy and secure solutions for these production tools. In this paper, we present mTunnel, a transparent software layer in the host system for securing conference applications without sacrificing the key functionalities and convenience. The basic idea of mTunnel is to encrypt sensitive data, such as audio, video, text, etc., before it is obtained by untrusted application clients. mTunnel leverages the audio and video streaming capabilities of the conference applications to tunnel the encrypted content to the remote end. mTunnel involves a software framework to accommodate the media interception and representation through I/O virtualization based on virtual drivers. Moreover, mTunnel supports complete E2EE group conversations even in a mixed IP and public switched telephone network (PSTN). We implement mTunnel and evaluate it with several commercial products. Results show its feasibility and overhead.</description><subject>E2EE</subject><subject>Oral communication</subject><subject>Privacy</subject><subject>Privacy breach</subject><subject>Production</subject><subject>Remote Conference</subject><subject>Sensors</subject><subject>Software</subject><subject>Streaming media</subject><subject>Video surveillance</subject><issn>2375-1207</issn><isbn>9798350331301</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2024</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotjs1Kw0AURkdBsNa-gLjIC6TemTs_mZ0lxCoUFKvrMpm5IyPtJCRx0bc3oKtvcQ6Hj7E7DmvOwT7s35QUGtcChFwDCNQXbGWNrVABIkfgl2wh0KiSCzDX7GYcv2cN0MoFe2xy7Aaf8lfR5FBOXUk5FHvyP0OazsXMinc6dRMVdZcjDZQ9FZu-PybvptTl8ZZdRXccafW_S_b51HzUz-XudftSb3Zl4qCnMgiMXvioLIgYPHpjeKuNk-Cq1gtVGXTBRSWdFA48Qmvn74E0OJBkOC7Z_V83EdGhH9LJDefD3JbaSMBfEDNJnw</recordid><startdate>20240519</startdate><enddate>20240519</enddate><creator>Liu, Yuelin</creator><creator>Chen, Huangxun</creator><creator>Yang, Zhice</creator><general>IEEE</general><scope>6IE</scope><scope>6IH</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIO</scope></search><sort><creationdate>20240519</creationdate><title>Enforcing End-to-end Security for Remote Conference Applications</title><author>Liu, Yuelin ; Chen, Huangxun ; Yang, Zhice</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i106t-d23fc2cf5902fdc3c771b67a40a8bc25873adaf54a42a0c30b9331de60a04e713</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2024</creationdate><topic>E2EE</topic><topic>Oral communication</topic><topic>Privacy</topic><topic>Privacy breach</topic><topic>Production</topic><topic>Remote Conference</topic><topic>Sensors</topic><topic>Software</topic><topic>Streaming media</topic><topic>Video surveillance</topic><toplevel>online_resources</toplevel><creatorcontrib>Liu, Yuelin</creatorcontrib><creatorcontrib>Chen, Huangxun</creatorcontrib><creatorcontrib>Yang, Zhice</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan (POP) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP) 1998-present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Liu, Yuelin</au><au>Chen, Huangxun</au><au>Yang, Zhice</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Enforcing End-to-end Security for Remote Conference Applications</atitle><btitle>2024 IEEE Symposium on Security and Privacy (SP)</btitle><stitle>SP</stitle><date>2024-05-19</date><risdate>2024</risdate><spage>2630</spage><epage>2647</epage><pages>2630-2647</pages><eissn>2375-1207</eissn><eisbn>9798350331301</eisbn><coden>IEEPAD</coden><abstract>Remote conference applications are increasingly widely used, but currently, their improper data encryption methods, proprietary implementations, and dial-in access cause concerns about privacy breaches. As such, there is a need for trustworthy and secure solutions for these production tools. In this paper, we present mTunnel, a transparent software layer in the host system for securing conference applications without sacrificing the key functionalities and convenience. The basic idea of mTunnel is to encrypt sensitive data, such as audio, video, text, etc., before it is obtained by untrusted application clients. mTunnel leverages the audio and video streaming capabilities of the conference applications to tunnel the encrypted content to the remote end. mTunnel involves a software framework to accommodate the media interception and representation through I/O virtualization based on virtual drivers. Moreover, mTunnel supports complete E2EE group conversations even in a mixed IP and public switched telephone network (PSTN). We implement mTunnel and evaluate it with several commercial products. Results show its feasibility and overhead.</abstract><pub>IEEE</pub><doi>10.1109/SP54263.2024.00236</doi><tpages>18</tpages></addata></record>
fulltext	fulltext_linktorsrc
identifier	EISSN: 2375-1207
ispartof	2024 IEEE Symposium on Security and Privacy (SP), 2024, p.2630-2647
issn	2375-1207
language	eng
recordid	cdi_ieee_primary_10646740
source	IEEE Electronic Library (IEL)
subjects	E2EE Oral communication Privacy Privacy breach Production Remote Conference Sensors Software Streaming media Video surveillance
title	Enforcing End-to-end Security for Remote Conference Applications
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-11T09%3A45%3A10IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Enforcing%20End-to-end%20Security%20for%20Remote%20Conference%20Applications&rft.btitle=2024%20IEEE%20Symposium%20on%20Security%20and%20Privacy%20(SP)&rft.au=Liu,%20Yuelin&rft.date=2024-05-19&rft.spage=2630&rft.epage=2647&rft.pages=2630-2647&rft.eissn=2375-1207&rft.coden=IEEPAD&rft_id=info:doi/10.1109/SP54263.2024.00236&rft_dat=%3Cieee_RIE%3E10646740%3C/ieee_RIE%3E%3Curl%3E%3C/url%3E&rft.eisbn=9798350331301&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=10646740&rfr_iscdi=true