Open Access to Resource Management in Multimedia Networks

The paper is dedicated to mechanisms for open access to resource management in the Internet Protocol (IP) multimedia networks. First we present the concept of IP Multimedia Subsystem (IMS) and explain the IMS functional architecture, principles of quality of service management and service control in IMS. Then we describe the idea behind the opening of network interfaces for third parties so that others besides the network operator can create and deploy services. Open Service Access (OSA) and Parlay appear to be the technologies for value-added service delivery in multimedia networks. In the paper we take a closer look to the Parlay/OSA interfaces that allow third party applications to access the resource management functions in IMS. OSA "Connectivity Manager" interfaces and OSA "Policy Management" interfaces are considered. Parlay X Web Services interfaces provide a higher level of abstraction than Parlay/OSA interfaces and gain an amazing amount of support among service developers. We address "Applicationdriven Quality of Service" Parlay X Web Service and "Policy" Parlay X Web Service also

SFTSDH: Applying Spring Security Framework with TSD-Based OAuth2 to Protect Microservice Architecture APIs

The Internet of Medical Things (IoMT) combines medical devices and applications that use network technologies to connect healthcare information systems (HIS). IoMT is reforming the medical industry by adopting information and communication technologies (ICTs). Identity verification, secure collection, and exchange of medical data are essential in health applications. In this study, we implemented a hybrid security solution to secure the collection and management of personal health data using Spring Framework (SF), Services for Sensitive Data (TSD) as a service platform, and Hyper-Text-Transfer-Protocol (HTTP (H)) security methods. The adopted solution (SFTSDH = SF + TSD + H) instigated the following security features: identity brokering, OAuth2, multifactor authentication, and access control to protect the Microservices Architecture Application Programming Interfaces (APIs), following the General Data Protection Regulation (GDPR). Moreover, we extended the adopted security solution to develop a digital infrastructure to facilitate the research and innovation work in the electronic health (eHealth) section, focusing on solution validation with theoretical evaluation and experimental testing. We used a web engineering security methodology to achieve and explain the adopted security solution. As a case study, we designed and implemented electronic coaching (eCoaching) prototype system and deployed the same in the developed infrastructure to securely record and share personal health data. Furthermore, we compared the test results with related studies qualitatively for the efficient evaluation of the implemented security solution. The SFTSDH implementation and configuration in the prototype system have effectively secured the eCoach APIs from an attack in all the considered scenarios. The eCoach prototype with the SFTSDH solution effectively sustained a load of (≈) 1000 concurrent users in the developed digital health infrastructure. In addition, we performed a qualitative comparison among the following security solutions: SF security, third-party security, and SFTSDH, where SFTSDH showed a promising outcome.publishedVersio

Study, Analysis and Modeling of IP Multimedia systems on next generation networks providing mobile and fixed multimedia services

Not availabl

Esquema de Seguridad en SOAP Basado en OpenSAML

SOAP es un protocolo de comunicación basado en XML para el intercambio de información entre aplicaciones en un entorno distribuido. SOAP no cuenta con mecanismos propios de seguridad para la transmisión segura de sus mensajes. De manera que no cifra la información y está viaja en claro por la red. Para suplir esta carencia, SOAP hace uso del estándar WS-Security implementando el XMLSignature y XMLEncryptation para garantizar la confiabilidad (cifrado) e integridad (firma) de los mensajes en los servicios Web. En este artículo se presenta un esquema de seguridad para servicios Web basado en OpenSAML que garantiza la transmisión segura de los mensajes SOAP.SOAP es un protocolo de comunicación basado en XML para el intercambio de información entre aplicaciones en un entorno distribuido. SOAP no cuenta con mecanismos propios de seguridad para la transmisión segura de sus mensajes. De manera que no cifra la información y está viaja en claro por la red. Para suplir esta carencia, SOAP hace uso del estándar WS-Security implementando el XMLSignature y XMLEncryptation para garantizar la confiabilidad (cifrado) e integridad (firma) de los mensajes en los servicios Web. En este artículo se presenta un esquema de seguridad para servicios Web basado en OpenSAML que garantiza la transmisión segura de los mensajes SOAP

Authentication and privacy in mobile web services

This thesis looks at the issue of authentication and privacy in mobile Web services. The work in this thesis builds on GSM and UMTS security framework to develop security protocols for mobile Web services environment. The thesis initially highlights some core principles of designing security protocols in such environment. The next two chapters look at the core technologies and building blocks in Web services systems and the core security features in mobile networks mainly GSM and UMTS. Registration and authentication were identified as security issues in federated systems. Proposed solutions were developed utilizing XML security mechanisms with SIM card security in GSM environment to address these issues. Also a novel system was proposed in which it is possible for a mobile user to securely authenticate and have full anonymity as far as the service providers are concerned; however it is possible for a trusted authority to reveal the identity of the user if he or she is suspected of illegal activities. The next section analyze in detail the Generic Authentication Architecture from 3GPP. Combining SAML with the Generic Authentication Architecture, we propose a novel "generic mobile Web service platform" for M-Commerce. Various solutions have been proposed to address privacy concern in distributed networks; the Platform for Privacy Preferences is one of the popular proposal, though it has many desirable features, it is not easy to enforce it. We argue that this limitation can be managed in federated system such as the Liberty Alliance framework. In the final chapter we make the case for using timestamp based authentication protocol in mobile Web service on the ground of efficiency gain

WS-GUARD: enhancing UDDI Registries with on-line testing capabilities

Abstract This thesis investigates the Service Oriented Architecture and in particular the runtime discovery of Web services through the development of an empowered UDDI registry called WS-GUARD (Guaranteeing Uddi Audition at Registration and Discovery). We start by presenting the Audition framework, a specially conceived framework that applies the idea of testing during the Web service registration in the UDDI registry and then we study the practical implications of its implementation focusing on the most advanced Web service technologies. This thesis aims at modifying and extending the registration protocol of Web services into UDDI registries in order to introduce a testing phase before actual service publishing: only those services that pass the audition are admitted in the registry and become publicly available at runtime. A complete prototype implementation of WS-GUARD is described and analysed. Riassunto analitico La tesi ha investigato l'ambito Service Oriented Architecture e in particolare il run-time discovery di Web service attraverso la realizzazione di un registro UDDI potenziato, denominato WS-GUARD (Guaranteeing Uddi Audition at Registration and Discovery). Principale obiettivo del lavoro è stato la modifica dei protocolli di registrazione del registro UDDI. Tale modifica è stata rivolta all'introduzione di una fase di testing preventiva alla tradizionale fase di registrazione. Ammettendo alla registrazione soltanto quei servizi che superino la fase di verifica si intende fornire maggiori garanzie sulla qualità dei servizi che saranno resi dinamicamente reperibili (discovered) a tempo di esecuzione. La tesi discute le modifiche proposte e ne fornisce un'implementazione reale

Evaluation of frameworks for creating end-to-end mobile services with OMA MMS as a use case

Masteroppgave i informasjons- og kommunikasjonsteknologi 2005 - Høgskolen i Agder, GrimstadSeveral frameworks are available in 3GPP networks to create mobile services, such as the Open Service Access (OSA) Application Programming Interface (API) and the native Session Initiation Protocol (SIP). Each of these frameworks has their own advantages and disadvantages. Therefore it is important for a service to use a framework which suits its own requirements as best as possible. In this thesis we have defined a use case, TMMS Service. This use case has been designed for four frameworks selected, which are: GPRS, IMS, OSA API and OSA Parlay X Web Services. We have then evaluated the design of these services against a set of evaluation criteria. The evaluation criteria cover security, usability, modifiability, reliability, interoperability and billability. Our evaluation has proved that none of the frameworks are superior in all areas. The best framework overall is IMS which provides a lot of end-to-end features and is also very extensible. One of the biggest disadvantages with IMS is the current lack of a specific set of documentation for application developers

A service-oriented Grid environment with on-demand QoS support

Grid Computing entstand aus der Vision für eine neuartige Recheninfrastruktur, welche darauf abzielt, Rechenkapazität so einfach wie Elektrizität im Stromnetz (power grid) verfügbar zu machen. Der entsprechende Zugriff auf global verteilte Rechenressourcen versetzt Forscher rund um den Globus in die Lage, neuartige Herausforderungen aus Wissenschaft und Technik in beispiellosem Ausmaß in Angriff zu nehmen. Die rasanten Entwicklungen im Grid Computing begünstigten auch Standardisierungsprozesse in Richtung Harmonisierung durch Service-orientierte Architekturen und die Anwendung kommerzieller Web Services Technologien. In diesem Kontext ist auch die Sicherung von Qualität bzw. entsprechende Vereinbarungen über die Qualität eines Services (QoS) wichtig, da diese vor allem für komplexe Anwendungen aus sensitiven Bereichen, wie der Medizin, unumgänglich sind. Diese Dissertation versucht zur Entwicklung im Grid Computing beizutragen, indem eine Grid Umgebung mit Unterstützung für QoS vorgestellt wird. Die vorgeschlagene Grid Umgebung beinhaltet eine sichere Service-orientierte Infrastruktur, welche auf Web Services Technologien basiert, sowie bedarfsorientiert und automatisiert HPC Anwendungen als Grid Services bereitstellen kann. Die Grid Umgebung zielt auf eine kommerzielle Nutzung ab und unterstützt ein durch den Benutzer initiiertes, fallweises und dynamisches Verhandeln von Serviceverträgen (SLAs). Das Design der QoS Unterstützung ist generisch, jedoch berücksichtigt die Implementierung besonders die Anforderungen von rechenintensiven und zeitkritischen parallelen Anwendungen, bzw. Garantien f¨ur deren Ausführungszeit und Preis. Daher ist die QoS Unterstützung auf Reservierung, anwendungsspezifische Abschätzung und Preisfestsetzung von Ressourcen angewiesen. Eine entsprechende Evaluation demonstriert die Möglichkeiten und das rationale Verhalten der QoS Infrastruktur. Die Grid Infrastruktur und insbesondere die QoS Unterstützung wurde in Forschungs- und Entwicklungsprojekten der EU eingesetzt, welche verschiedene Anwendungen aus dem medizinischen und bio-medizinischen Bereich als Services zur Verfügung stellen. Die EU Projekte GEMSS und Aneurist befassen sich mit fortschrittlichen HPC Anwendungen und global verteilten Daten aus dem Gesundheitsbereich, welche durch Virtualisierungstechniken als Services angeboten werden. Die Benutzung von Gridtechnologie als Basistechnologie im Gesundheitswesen ermöglicht Forschern und Ärzten die Nutzung von Grid Services in deren Arbeitsumfeld, welche letzten Endes zu einer Verbesserung der medizinischen Versorgung führt.Grid computing emerged as a vision for a new computing infrastructure that aims to make computing resources available as easily as electric power through the power grid. Enabling seamless access to globally distributed IT resources allows dispersed users to tackle large-scale problems in science and engineering in unprecedented ways. The rapid development of Grid computing also encouraged standardization, which led to the adoption of a service-oriented paradigm and an increasing use of commercial Web services technologies. Along these lines, service-level agreements and Quality of Service are essential characteristics of the Grid and specifically mandatory for Grid-enabling complex applications from certain domains such as the health sector. This PhD thesis aims to contribute to the development of Grid technologies by proposing a Grid environment with support for Quality of Service. The proposed environment comprises a secure service-oriented Grid infrastructure based on standard Web services technologies which enables the on-demand provision of native HPC applications as Grid services in an automated way and subject to user-defined QoS constraints. The Grid environment adopts a business-oriented approach and supports a client-driven dynamic negotiation of service-level agreements on a case-by-case basis. Although the design of the QoS support is generic, the implementation emphasizes the specific requirements of compute-intensive and time-critical parallel applications, which necessitate on-demand QoS guarantees such as execution time limits and price constraints. Therefore, the QoS infrastructure relies on advance resource reservation, application-specific resource capacity estimation, and resource pricing. An experimental evaluation demonstrates the capabilities and rational behavior of the QoS infrastructure. The presented Grid infrastructure and in particular the QoS support has been successfully applied and demonstrated in EU projects for various applications from the medical and bio-medical domains. The EU projects GEMSS and Aneurist are concerned with advanced e-health applications and globally distributed data sources, which are virtualized by Grid services. Using Grid technology as enabling technology in the health domain allows medical practitioners and researchers to utilize Grid services in their clinical environment which ultimately results in improved healthcare

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

A message-level security approach for RESTful services

In the past ten years Web Services have positioned themselves to be one of the leading distributed technologies. The technology, supported by major IT companies, offers specifications to many challenges in a distributed environment like strong interface and message contacts, service discovery, reliable message exchange and advanced security mechanisms. On the other hand, all these specifications have made Web Services very complex and the industry is struggling to implement those in a standardized manner. REST based services, also known as RESTful services, are based on pure HTTP and have risen as competitors to Web Services, mainly because of their simplicity. Now they are being adopted by the majority of the big industry corporations including Microsoft, Yahoo and Google, who have deprecated or passed on Web Services in favor of RESTful services. However, RESTful services have been criticized for lacking functionality offered by Web Services, especially message-level security. Since security is an important functionality which may tip the scale in a negative direction for REST based services, this thesis proposes a prototype solution for message-level security for RESTful services. The solution is for the most part technical and utilizes well-known, cross-platform mechanisms which are composed together while a smaller part of the solution discusses a non-technical approach regarding the token distribution. During the development of the prototype, much of the focus was to adapt the solution according to the REST principals and guidelines, such are multi-format support (XML or JSON) and light-weight, human readable messages