Props
Assuming there will be more than 8 and up to 30 humans on shooting day, we probably need the following list of kit. All performers should wear long black trousers if possible. Yellow shirts (10 short sleeve - mixed sizes) YellAway Travel Channel - Tx packets are yellow Green shirts (10 short sleeve - mixed sizes) GreenThumb Gardening Channel - Tx packets are green White shirts (10 short sleeve - mixed sizes) WhiteWash Political News - Tx packets are white Red shirts (4 short sleeve - mixed sizes) Malicious packets are Red Black shirts (5 long sleeve - TB, Tom & others) TB, Narratore & Output entities wear black long sleeves Pink shirts (3 long sleeve) PinkDiva Services - TB's minders & packets Baseball caps Blue (15) Blue Broadcasting Company - BBC Cyan (15) Cynanara Streaming - CS Pink (3) PinkDiva Services - PD Red (4) Malicious Packets Face Masks Blue (15) Blue Broadcasting Company - BBC Cyan (15) Cynanara Streaming - CS Pink (3) PinkDiva Services - PD Red (4) Malicious Packets Cars Two different cars are required for the public internet shot. They should be different colors and different models.
Set
Three locations are required:
NARRATOR
Speaking to camera with teleprompter (Bruce to bring) to take place in studio.
Dance of the Packets
In the canteen. Cameras & Diffuse key lighting on stage. Low level lighting under tables. A channel for the packet actors to be created between two rows of tables. Each row should have 2 black tables, 1 white table, a 700mm gap and then a final black table in the direction the actors will walk. The corridor should be about 700mm wide. The white tables represent the Trust Boundary. TB will stand in the gap between the white/black tables and inspect packets as they waddle in the corridor. Two PinkDiva minders will flank the corridor supporting TB.
TB meeting room
Board room whiteboard long shot. The actual diagram will be overlayed in post.
Opening
INT. STUDIO SHOT, NARRATOR TO CAMERA
BRUCE
Getting live content to the consumer
needs high bandwidth networking. To
make it secure we need to understand
the chain of trust
PinkDiva network
INT. STUDIO SHOT, NARRATOR TO CAMERA
In this explainer scene, Bruce may add background graphics of fire hoses indicating incredible bandwidth that TB is trying to manage and control
NARRATOR
Imagine that you're making a big live internet stream. It might be a sports broadcast, it might be the entire TV output of the BBC. This fire hose of content arrives at a service provider to be routed to various broadcast channels, satellite channels, cable channels and streaming services.
(pause)
At the service provider, there are many of these fire-hose Internet Protocol or IP streams coming from many providers and we need a little cooperation at that point to ensure it all works and that if one provider reconfigures their stream then it doesn't impact anyone else.
(pause)
The inter-entity trust boundary describes the functions of an imaginary service gatekeeper who keeps things running securely & smoothly. Small, yet powerful, let's give it a more friendly name - meet TB (tibby), our Trust Boundary
[Close Up] Superhero badge with text: Hi, My name's Tibby. Do what I say - or else!
CUT TO:
LINE UP OF ENTITIES
Line up: one each of Yellow, Green, White, packets & Blue, Cyan destinations. They take step forward & wave as their names are read by the Narrator.
NARRATOR
To show how TB works, let's imagine that we have some packets from our content providers...
NARRATOR
YellAway Travel , GreenThumb Gardening & WhiteWash Political News. All these packets are trying to get to consumers
NARRATOR
We also have BBC - Blue Broadcasting Corp and CBS - Cyanara Broadband Streaming who receive streams of content from our providers.
CUT TO:
INT. NETWORK CORRIDOR
STREAM OF YELLOW PACKETS WITH BLUE HATS GOING TO BBC
Packets penguin walk along the corridor, ignore the white table and as they leave the last black table, the BBC marshal turns the packets slightly left. Once out of shot the packets trot back to the input queue out of shot.
NARRATOR
In the simple case our IP packets have a Yellow source IP addresses and the network is told to get all the packets with Blue hats to the Blue destination IP address. Simple, Right?
CUT TO:
STREAM OF YELLOW PACKETS WITH BLUE/CYAN HATS GOING TO BBC & CBS VIA PINKDIVA
Packets penguin walk along the corridor, pass by two Pink Minders standing by the white table and as they leave the last black table, the BBC marshal turns the packets slightly left and the CBS marshal turns the packets slightly right. Once out of shot the packets trot back to the input queue out of shot.
NARRATOR
In practise, the Blue & Cyan receivers will be serviced by an intermediate Pink entity, whose job is to manage the streams and keep the services going 24/7. We need to manage IP addresses carefully. The hat color shows the destination address after they get into Pink's facility. Everything seems to work just fine
CUT TO:
STREAM OF YELLOW & GREEN & WHITE PACKETS + MIX OF BLUE/CYAN HATS GOING TO BBC & CBS VIA PINKDIVA
Packets pass by two Pink Minders. TB stands between a minder and the packets, facing the camera, by the white table.
NARRATOR
Pink offers a great service gets more clients, but now we have to be careful that we don't mix up the packets from customers Yellow, Green & White. We don't want to send the packets to the wrong output.
ZOOM OUT TO:
Post production insert of a Graphic of IP terms with video zoomed top left or top right
NARRATOR
In internet terms, this involves some complex address manipulation including Network Address Translation, Multicast netowrk joining and Virtual Network tagging.
ZOOM IN TO:
TB FOCUS SHOT STANDING AT THE WHITE DESK BOUNDARY
NARRATOR
This is where the trust boundary comes in. Hi Tibby!
TIBBY
(waves to camera)
Hi There!
(TB continues to inspect packets)
NARRATOR
Tibby has some specific jobs.
Tibby must remove all unrecognised packets from external networks
Tibby removes a red shirt packet. Red shirt glares at the camera and does a moody penguin walk away from the camera.
NARRATOR
Sometimes the packets might have strange headers that hide their intent.
(pause)
Bad Packets.
TB removes blue hat / red mask to reveal a red hat / red mask
NARRATOR
Tibby is able to inspect the contents of packets to check all address types and also the content and type of the video and audio to prevent unwanted or malicious packets
TB removes a packet with a blue hat & red shirt, red hat/white shirt etc.
NARRATOR
Tibby only looks at the packets as they come in and works at the maximum wire speeds of 10Gbit/s and beyond
Tibby sorting packets - video sped up to 5x comedy speed
NARRATOR
Tibby is not actually a single piece of software or a product, but more a set of rules that define the best practise for the boundary between entities.
CUT TO:
BORADRROM WITH 5X TBS CHATTING WHILE LOOKING AT A WHITEBOARD WITH A NETWORK DIAGRAM
NARRATOR
With multiple entities joining multiple netowrks, each of which are independently managed, Tibby's job is to ensure that Trust is maximized inside every entity and that the output from an entity can be trusted at the handover to the next one in the chain.
CUT TO:
INT. NEW TOPOLOGY YELLOW/GREEN/WHITE -> PINK -> CYAN -> BLUE + 3 TBS
Rearrange the desks slightly so that instead of the Blue/Cyan sorting taking place in one go, we have an extra white desk where TB2 grabs blue hats and drags the packets away from the camera. Further along the coridor - another white desk and TB3 does the same. An occasioanly pink packet continues straight through.
NARRATOR
In theory we might arrange our topology in series rather than a triangle. Although the packet flow is different and there are more Tibbys.
All Tibbys turn and wave to camera before returning to their sorting work
NARRATOR
The basic rules remain the same. The extra Tibbys use extra security rules to improve and observe the integrity of each output feed. See how the occasional Pink packet for network monitoring can traverse the system.
Three blue packets need to leave the stream together....
PEEK TO:
EXT. LOBBY:
3 Blue Packets (one yellow, one white, one green) getting checked by TB before getting into a car from the lobby and driving away at comic speed
NARRATOR
In theory the topology of the network should not matter. You might route some packets over a fast, but public internet. The TB job is still the same - control and observe the trust of the packets going into the public network.
CUT TO:
EXT. LOBBY:
3 Packets getting out of a different car - 2 packets are the same. Green packet has the same exterior shirt & cap & mask, but is obviously a different packet (e.g. was small female getting into car, but is now obviously a huge male). The lobby Tibby lets the packets back into the system.
NARRATOR
Tibby at the receiving end still has to check all the packets. The first TB in the systme might be a simple boundary that filters traffic into a secure area.
CUT TO:
INT. NETWORK CORRIDOR
3 packets from outside waddle into the inspection corridor
NARRATOR
At some point a Tibby performing deep packet inspection decides to accept or reject the packates according to the rules and raising alams accordingly
TB lets white & yellow go through. TB lifts the green shirt, spots a red shirt underneath. Red light flashes Klaxon added in post.
Closing
CUT TO:
INT. BRUCE IN STUDIO
BRUCE
The Inter Entity Trust Boudary, TB, is a recommended practise: SMPTE RP 2129 and you can get a free copy during its trial phase in 2022 by going to the SMPTE website and looking for Public Committee Drafts. Checkout the Mr MXF website for more links
NARRATOR Tibby - more than just a firewall