Show results for

SHINE (Secure Hybrid In Network caching Environment) Security and content rights management in satellite assisted in network caching systems

ARTES Programme


Activity Code

Last updated

System/ Network/ Protocols, Core Competitiveness, Advanced Technology



08 March 2017


SHINE is focused around the design and implementation of an end-to-end secure infrastructure for the delivery of multimedia content over integrated satellite-terrestrial networks. The project makes use of a combination of both unicast and network-coded multicast. A number of reference scenarios are envisaged, all relying on in-network caching. The overall security architecture of the SHINE project is comprised of two main building blocks: (i) a satellite-enabled broadcast distribution backbone leveraging network coding in order to improve both performance and security of the transmissions; (ii) a MPEG-DASH/WebRTC-enabled edge distribution network. In-between such building blocks lies a middle layer associated with the secure storage of cached multimedia content chunks. 


  • Define an end-to-end security architecture for hybrid satellite-terrestrial networks allowing for the effective transmission of multimedia content;
  • Study the applicability of Network Coding techniques to real-world application scenarios;
  • Evaluate the effectiveness of the upcoming WebRTC (Web Real Time Communications) standard when applied to the streaming of multimedia content;
  • Perform a comparative analysis between MPEG-DASH and WebRTC, taking into account both performance and security features.


The project SHINE not only extends to satellite-enabled scenarios the outstanding solutions available for terrestrial communication networks, but also designs innovative mechanisms for the protection from unauthorized access to content-related data, as well as for the secure distribution of real-time multimedia information across hybrid channels leveraging both the unicast and the multicast communication paradigm. With respect to this last point, we propose a novel “combined coding” technique targeting the optimization of multicast-enabled transmissions in the presence of caching. More precisely, we leverage cutting-edge solutions for decentralized random caching which, combined with an original content distribution technique based on coded multicast, allows us to attain “order-optimal” performance. Bearing in mind the articulated structure of the overall content distribution network, which comprises both the satellite-enabled broadcasting trunks (allowing to properly populate edge caches) and the last-mile access networks, we also look after secure, privacy-enhanced, adaptive delivery to the end-users of the contents stored inside edge caches. For this last part we leverage (and improve) state-of-the art solutions coming from the most prominent standardization communities in the field of real-time communications in the Internet. 


SHINE has two main distinctive features, associated with, respectively, the broadcast-enabled satellite core and the edge distribution networks. Within the former part of the network, we rely on network coding in order to define a coded multicast technique allowing us to improve both performance and security of communications. At the edges of the distribution network, which also act as in-network caches, we instead leverage cutting-edge streaming technologies (namely, MPEG-DASH and/or WebRTC) in order to optimize content distribution towards the end users of the network. Also in this case, we look after both performance and security, with special reference to the capability of effectively managing digital rights.

System Architecture

A high-level view of the SHINE architecture is reported in the picture below.

The picture highlights the main logical components of the architecture, in terms of macro-blocks and related functionality. Namely, we identify the following elements: 

  1. a source encoder block, taking on the responsibility of properly encoding the original content in order to allow fro the subsequent coded multicast transmission over the satellite network;
  2. the core satellite-enabled communication infrastructure, looking after DVB-enabled transmission of coded multicast frames from the content provider to the edge caches, both during the cache population phase and during the steady-state operation of the CDN;
  3. two different “flavours” of edge access networks:
    1. a WebRTC-enabled access network, included in the architecture in order to demonstrate SHINE’s operation in the presence of this novel real-time communication infrastructure at the edges of the overall content delivery architecture;
    2. an MPEG-DASH enabled access network, included in the architecture in order to demonstrate SHINE’s capability of leveraging such a well-assessed web-based distribution approach, as well as to practically disclose its potential for interoperability with companion initiatives fostered by ESA like, e.g., SCORSESE ( ).


The project starts by identifying the main usage scenarios, while performing a critical review of both security and satellite technologies. We then move to the specification of the overall architecture for the secure delivery of multimedia content in a hybrid satellite-terrestrial network environment. Work is conducted by embracing an engineering approach, which brings to the definition of a testbed for the practical demonstration of satellite-assisted in-network caching scenarios.

Current status

The project has just started (February 1st 2017). Preliminary activities have already been conducted and work is currently in full swing for the completion of the tasks associated with the identification of usage scenarios, as well as with the critical review of state-of-the art security and satellite technologies.


Prof. Simon Pietro Romano

CINI, University of Napoli - Department of Electrical Engineering and Information Technology (DIETI), University of Napoli Federico II, Via Claudio 21

ESA Contacts

Maria Guta

ESA/ESTEC, Keplerlaan 1 P.O. Box 299
Noordwijk ZH
The Netherlands
2200 AG

Status date

Wednesday, March 8, 2017 - 12:18