Delivering large amounts of data securely through the internet is not a simple task. The security measures required start from low protocol level to application defined access control. Scaling the content delivery network for high throughput and low latencies requires geographic routing and edge locations near the end user. Delivering a high quality augmented reality experience across a variety of devices confronts all these problems.
At Umbra we are dealing with large and complex 3D models - cities, blocks of apartments and high definition models like cars. The data is optimized and reorganized for different use cases. Our users can then experience high quality augmented reality on mobile devices and virtual reality in web browsers. To support high frame rates and create a visually stunning experience, the 3D data must be streamed fast and securely to the user’s device.
The internet is a good medium allowing everybody accessible data, but it is also a wild west. There are individuals and even companies with bad intentions; in order to keep your business viable and data safe all kinds of countermeasures need to be taken. Today, all communication between end user devices and servers should use end to end encryption, usually HTTPS. The protocol level security is a prerequisite for many other security measures.
Application defined access control means that the user or the application defines who can access what data. This is really important for SaaS services, for example what Umbra Composit is, that host data for multiple users or clients. The access control for physical data can be roughly split in four categories: no access control, verified access, full DRM and secure URLs.
No access control means that the data is hosted without any security measures denying access to the data. Example of data without restrictions is a picture hosted in a public blog with a simple URL like ‘https://myblog.com/favicon.png’ which shows a small icon in the browser. These URLs are not particularly safe and the data can be accessed by anyone. One could even guess the image URL without checking the source content of a web page.
Verified access means that every request of data is verified by the owner of the data. This is a really good approach when the volumes are small and the data must be kept safe. This is a common approach for extranet applications. The problem verifying all requests is that the server needs to do extra work, which becomes very expensive at big scale. Most available content delivery network (CDN) solutions don’t support this approach due to cost reasons. Verifying access only when requesting the data doesn’t remove the problem that once somebody has downloaded the data, it can be shared to anyone even without permission.
Digital rights management (DRM) mitigates the sharing problem. DRM is mostly used in video productions like TV-series and movies provided through digital channels. Protecting digital content requires complex tooling and the consuming devices need special hardware or many times proprietary software which makes it hard to implement. This is the reason why for example Netflix is only available for selected devices. And even DRM is not unbreakable. We’ve seen DRM protected Netflix content leaking in the internet. There is no copyright protection which doesn’t make the end user’s experience miserable that hasn’t been cracked.
Secure URLs are usually static URLs created with cryptographic random algorithms. Companies like Facebook, Flickr and Google use this approach for the user content. This is the most common approach for web content for few reasons. Secure URLs are static yet they cannot be accessed unless you crawl basically infinite space of different locations. This allows the data to be delivered safely by geographically distributed content delivery networks, reducing latency and also allowing to distribute high volumes of data with high throughput and reasonable cost.
There are many ways to implement secure URLs and companies have taken different approaches, some arguably better than the other. Take for example Facebook, which hosts massive amounts of image data from the users. Users can restrict the data access for the content they share. Facebook verifies access for the pages containing the links to the images and the images are served through secure URLs. If you know an URL for an image, you can view it even without an access to Facebook at all. This may sound like a security issue, but if you think it further, the secure URL is like a password which is a lot harder to guess than your own password.
Google uses pretty similar approach for its Photos service, although the secure URLs are only generated on demand. This means that no secure URLs are exposed unless the user explicitly starts to share the image. Flickr modifies the secure URL every time an image’s sharing options are changed. This means that if you had the old secure URL, it will no longer work. The problem with this approach is that if the image links are stored somewhere, they all break. But the access right change does more what the user expects.
Umbra handles confidential client data. Designs that are not yet published or are never intended to become public. To keep the client data safe, the above secure URLs do not meet the security requirements we want. If a valid link leaks to the internet, it’s accessible by anyone. To achieve the security requirements but still allowing us to deliver terabytes of 3D data to millions of users, we are adopting signed secure URLs with expiration time. The technology has the benefits of other secure URLs but also adds a layer of extra security by restricting the download period for a limited time. Changing access rights of the data becomes easy and if an URL gets in wrong hands, it cannot be downloaded anymore.
When hosting and delivering 3D data that can be confidential or contain unreleased products or designs, it is really important to understand how to provide a enjoyable user experience while still keeping all the data safe. No one can claim to have 100% unbreakable and safe data access. Even the web giants with huge resources cannot do that. But it is viable to understand what security measures are relevant for different use cases and adopt them properly.
If Umbra sounds like the perfect solution for your data needs, feel free to contact us so we can discuss how we can help!
For more information on 3D content check out this post.