This work introduces ABE-VVS, a framework that performs attribute based selective coordinate encryption for point cloud based volumetric video streaming, enabling lightweight yet effective digital rights management (DRM). Rather than encrypting entire point cloud frames, our approach encrypts only selected subsets of coordinates ($X, Y, Z$, or combinations), lowering computational overhead and latency while still producing strong visual distortion that prevents meaningful unauthorized viewing. Our experiments show that encrypting only the $X$ coordinates achieves effective obfuscation while reducing encryption and decryption times by up to 50% and 80%, respectively, compared to full-frame encryption. To our knowledge, this is the first work to provide a novel end-to-end evaluation of a DRM-enabled secure point cloud streaming system. We deployed a point cloud video streaming setup on the CloudLab testbed and evaluated three HTTP-based Attribute-Based Encryption (ABE) granularities - ABE-XYZ (encrypting all $X,Y,Z$ coordinates), ABE-XY, and ABE-X against conventional HTTPS/TLS secure streaming as well as an HTTP-only baseline without any security. Our streaming evaluation demonstrates that ABE-based schemes reduce server-side CPU load by up to 80% and cache CPU load by up to 63%, comparable to HTTP-only, while maintaining similar cache hit rates. Moreover, ABE-XYZ and ABE-XY exhibit lower client-side rebuffering than HTTPS, and ABE-X achieves zero rebuffering comparable to HTTP-only. Although ABE-VVS increases client-side CPU usage, the overhead is not large enough to affect streaming quality and is offset by its broader benefits, including simplified key revocation, elimination of per-client encryption, and reduced server and cache load.
翻译:本研究提出了ABE-VVS框架,该框架为基于点云的体视频流传输执行基于属性的选择性坐标加密,实现了轻量级且有效的数字版权管理(DRM)。我们的方法并非加密整个点云帧,而是仅加密选定的坐标子集($X$、$Y$、$Z$或其组合),从而降低了计算开销和延迟,同时仍能产生强烈的视觉失真,防止有意义的未授权观看。实验表明,与全帧加密相比,仅加密$X$坐标即可实现有效的混淆,同时将加密和解密时间分别减少高达50%和80%。据我们所知,这是首个对支持DRM的安全点云流传输系统进行端到端新颖评估的工作。我们在CloudLab测试平台上部署了点云视频流传输设置,并评估了三种基于HTTP的基于属性的加密(ABE)粒度——ABE-XYZ(加密所有$X,Y,Z$坐标)、ABE-XY和ABE-X,同时以传统的HTTPS/TLS安全流传输以及没有任何安全措施的纯HTTP基线作为对照。流传输评估表明,基于ABE的方案将服务器端CPU负载降低高达80%,缓存CPU负载降低高达63%,与纯HTTP方案相当,同时保持了相似的缓存命中率。此外,ABE-XYZ和ABE-XY表现出比HTTPS更低的客户端卡顿,而ABE-X实现了与纯HTTP方案相当的零卡顿。尽管ABE-VVS增加了客户端CPU使用率,但其开销尚不足以影响流传输质量,且被其更广泛的优势所抵消,包括简化的密钥撤销、无需逐客户端加密以及降低的服务器和缓存负载。