| 摘要: | 網路虛擬環境 (networked virtual environment, NVE) 允許使用者操控代表自己的化身 (avatar),與其他使用者的化身透過網路連線在虛擬世界中互動。具有 3D 場景的網路虛擬環境有廣泛的應用,例如模擬、訓練、教學、線上遊戲等,這些應用近年來受到熱烈歡迎,吸引成千上萬的使用者同時使用進行互動。為了讓使用者在有限的頻寬之下能有身歷其境的體驗,網路虛擬環境使用大量 3D 串流 (3D streaming) 資料。 3D 串流技術能由頻寬決定所傳送 3D 圖形的細緻程度,讓使用者以漸進的方式下載化身視野範圍 (area of interest, AOI) 內的 3D 資料。另一方面,同儕網路 (peer-to-peer, P2P) 架構相較於傳統的以伺服器為基礎的架構具有較佳的可擴充性,能以低成本管理網路虛擬環境的化身狀態或傳輸龐大的 3D 資料;即便使用者人數增加時,還能維持可接受的效能,這因而引出許多同儕網路虛擬環境的研究。然而,由於同儕網路中,使用者所需要的化身互動訊息及 3D 資料通常經由未受信任的同儕設備下載,因此安全性議題是同儕網路虛擬環境中最重要的研究項目之一。本論文聚焦於同儕網路虛擬環境安全性議題,提出以下三種常見的安全方法:
防作弊方法: 在同儕巨量多人線上遊戲 (peer-to-peer massively multiplayer online game, P2P MMOG) 中,為了防止遊戲中的投機者從同儕網路線上遊戲中獲取不當的利益,已有學者以數位簽章技術設計出防作弊方法。然而,此技術通常會耗用大量的計算資源,使得線上遊戲之類的應用失去其互動的即時性。因此我們利用赫序鍊金鑰 (hash-chain keys) 的一次性簽章 (one-time signature),來設計有效率且安全的防作弊簽章方法,對於大部份的訊息,只須使用兩次赫序函數計算,即可達到不可否認性 (non-repudiation) 及訊息承諾 (message commitment)。因此我們所提的方法能有效率的達成防作弊機制降低執行運算量的目標。我們也提出不必事先產生赫序鍊金鑰的版本,來減少初始化的時間及降低記憶空間使用量。經過分析及實驗之後, EASES 能減少計算量、記憶空間及頻寬的使用量,以適用於同儕巨量多人線上遊戲的環境。
安全 3D 串流資料傳輸方法: 對於資料提供者而言,傳送巨量互動 3D 串流資料給數以百萬計的使用者是艱難的任務。雖然同儕網路可以降低成本、而且提高擴充性,但是利用同儕網路傳遞資料對於商業資料供應商而言卻增加了安全上的疑慮。本論文從訂閱者服務的觀點,討論以同儕網路為基礎的非線性 3D 串流互動資料的系統模型,同時也提出資料確認的解決方案,讓使用者可以確認由其他使用者之處所下載得到的資料是正確的。
群體 3D 串流資料傳輸方法: 我們提出以群體為基礎的同儕網路 3D 串流資料安全確認方法,對於有相同興趣的群體,先選出一位可被信任的首領,此首領下載 3D 資料後,檢查其來源及完整性,再經由安全管道向其餘群體成員發送 3D 資料的檢查碼 (checksum),所有的成員即可確認從任何來源下載的 3D 資料的正確性。由於檢查碼的計算及安全通道的加解密過程的計算量遠低於驗證數位簽章,因此能節省大量計算資源。我們評估了使用赫序鍊簽章來驗證漸近式網格 (progressive meshes) 的計算量節省情形,以及評估簽章資料嵌入於 3D 網格座標的最低有效位元 (least significant bits, LSBs) 之後,影像呈現的品質幾乎無法察覺。
A networked virtual environment (NVE) allows a user to control an avatar interacting with other users' avatars through network connections in a virtual synthetic world. NVEs with realistic 3D scenes have wide applications, such as simulator, training, academia, online games, and so forth. These applications are becoming more and more popular, and attracting thousands of users to interact with each other simultaneously. 3D streaming schemes are utilized to provide good user experiences with limited network bandwidth. 3D streaming for the NVE is a technique to deliver 3D contents in different level of details according to available bandwidth, so that 3D contents in the avatar's area of interest (AOI) can be downloaded progressively. Additionally, relative to traditional client-server architectures, the peer-to-peer (P2P) network is highly scalable for distributed computing and content sharing. Some research studies thus proposed P2P-based NVEs, instead of server-based NVEs, to manage a large number of users and to deliver a large amount of 3D contents to users. However, users' status and 3D contents are usually retrieved from untrusted users. Therefore, to ensure security is essential in P2P NVEs. This dissertation discusses the designs of the following three P2P NVE secure schemes:
Cheat-proof. In order to prevent cheaters to gain unfair advantages in P2P NVEs, several cheat-proof schemes have been proposed by using digital signatures. However, digital signatures generally require a large amount of computations and thus may not be practical for NVEs. Based on the concept of one-time signature, we propose an efficient and secured event signature (EASES) scheme to efficiently sign discrete event messages with hash-chain keys. As most messages need only two hash operations to achieve non-repudiation and event commitment, the amount of computation is greatly reduced. We also describe a dynamic version of EASES that does not require the pre-production of hash-chain keys to reduce key preparation time and memory usage at the expense of a slight delay of message commitment. As shown by both analysis and experiments, the computation, memory, and bandwidth footprints of EASES are low, making it readily applicable to P2P NVEs.
Secured 3D streaming. Delivering massive amounts of interactive 3D contents to millions of potential users brings enormous challenges to content providers. P2P networks have thus been proposed to increase the system scalability in affordable ways. Building content delivery systems based on P2P approaches nevertheless causes security problems for commercial vendors. This dissertation presents a generic system model for subscription-based service providers to use P2P-based, non-linear streaming for interactive contents. We also propose solutions to the issue of content authentication, such that a user can be sure of the authenticity of contents retrieved from other users.
Group 3D streaming. A secure scheme for P2P 3D streaming with secure group communication is proposed to reduce computation overheads of authentication. Users of the same interest first form a group, and one of the users is then elected to be the trusted leader, who is to download 3D contents, to verify their authenticity and integrity, and to send group members a checksum value for each 3D content piece via group secure channels. By the encrypted checksum values, all group members can authenticate 3D contents originated from any source. Since checksum is cheap to compute and transmit, much computation is saved. We have evaluated the computation saving of the proposed scheme for the case of progressive meshes based on the hash chain signature 3D streaming authentication scheme. We have also evaluated the rendering quality when embedding hash chain signatures into the least significant bits (LSBs) of the mesh data to make the signatures imperceptible. |
