Secure Proximity-Based Identity Pairing using an Untrusted Signalling Service

New protocols such as WebRTC promise seamless in-browser peer-to-peer communications that in theory remove the need for third-party services. In practice, widespread use of Firewalls, NATS and dynamic IP addresses mean that overlay addressing or use of some fixed rendezvous point is still needed. In this paper we describe a proximity-based pairing scheme that uses a signalling service to minimise the trust requirements on the third party, achieving anonymity and avoiding the need for PKI, while still requiring only a simple asymmetric pairing protocol

How far are we from WebRTC-1.0? An update on standards and a look at what's next

Real-time communication between browsers has represented an unprecedented standardization effort involving both the IETF and the W3C. These activities have involved both the real-time protocol suite and the application-level JavaScript APIs to be offered to developers in order to allow them to easily implement interoperable real-time multimedia applications in the web. This article sheds light on the current status of standardization, with special focus on the upcoming final release of the so-called WebRTC-1.0 standard ecosystem. It takes stock of the situation with respect to hot topics such as codecs, session description and stream multiplexing. It also briefly discusses how standard bodies are dealing with seamless integration of the initially competing effort known as “Object Real Time Communications.

Analisi delle problematiche di sicurezza per lo sviluppo di applicazioni basate su WebRTC

WebRTC è una tecnologia open-source che permette lo scambio di dati multimediali in tempo reale direttamente all'interno del browser utilizzando canali peer-to-peer. Al momento è in fase di standardizzazione presso il W3C e l'IETF. Si tratta di un framework costruito per essere affidabile, flessibile, semplice e soprattutto, rispetto ai concorrenti, sicuro. Questa tesi analizza a tutti i livelli il funzionamento di WebRTC entrando nel dettaglio di come sia implementata la sicurezza. In particolare vengono studiati i protocolli utilizzati e il perchè sono stati scelti dal working group, come vengono implementate le diverse funzionalità nel browser tramite API sviluppate in Javascript, quali sono i suoi punti di forza e i suoi punti sensibili ad un attacco informatico di cui uno sviluppatore deve tenere conto quando decide di creare un'applicazione WebRTC e quali sono i possibili rischi a cui va incontro l'utente che utilizza un servizio di questo tipo, soprattutto dal punto di vista della privacy. Al termine della discussione WebRTC risulta sicuramente migliore rispetto alle possibilità che sono state utilizzate finora, candidandosi come uno standard destinato a durare a lungo nel mondo del Web

The PACE system: A P2P architecture for cloud based EHealth systems

Many healthcare facilities are currently investigating the possibility of utilising cloud computing platforms to store and share confidential patient records. However, before such a cloud-based system can be realised, there are still concerns over the safety of a patient’s identity while their medical information is stored with a third party. Thus, the challenge is to provide a highly accessible system as provided by the cloud with security for patient data as required by legislation. In this dissertation, we propose a novel approach to protecting a patient’s confidential information while still exploiting the benefits of the cloud platform. By extracting the identifying values from a patient’s records and storing them on the machines of the healthcare professionals, the remainder of the anonymised record can be stored on the cloud. These two subsets of data can then be recombined into the original medical record when required by a user. This dissertation presents the PACE system architecture which combines modern cloud and peer-to-peer technologies to manage healthcare records on the cloud and enable the sharing of confidential information between users. The anonymised data kept on the cloud is available to all users while the sensitive local data which can identify the records are stored and shared across a decentralised hybrid P2P network formed by the clinicians

Real-time neural network based video super-resolution as a service: design and implementation of a real-time video super-resolution service using public cloud services

Despite the advancements in video streaming, we still find limitations when there is the necessity to stream real-time video in a higher resolution (e.g., in super- resolution) through mobile devices with limited resources. This thesis work aims to give an option to address this challenge through a cloud service. There were two main code components to create this service. The first component was aiortc (e.g., the WebRTC python version), the streaming protocol. The second component was the Efficient Sub-Pixel Convolutional Neural Network (ESPCN)-model, one of the outstanding methods to upscale video at the present time. These two code components were implemented in a virtual machine in the Microsoft Azure cloud environment with a customized configuration. Qualitative as well as quantitative results of this work were obtained and analyzed. To obtain the qualitative results two versions of the ESPCN-model were developed and for the quantitative outcomes three different configurations of HW/SW codecs and CPU/GPU utilization were produced and analyzed. Besides finding and defining the code components mentioned before as optimal to create an efficient real-time video super-resolution service based on the cloud, an- other conclusion of this project is that sending or receiving information (frames) from the CPU to the GPU and vice-versa has a very big negative impact in the efficiency of the whole service. Hence, to limit this CPU-GPU interaction or to only use GPU (e.g., with the NVIDIA Virtual Processing Framework [VPF]) is critical for an efficient service. This issue can be avoided, as the quantitative results show, if a codec that only makes use of the GPU (e.g., a NVIDIA HW codec) is employed. Furthermore, the Azure cloud environment component, enables an efficient execution of the service in diverse mobile devices. In future, the quality measure of the video super-resolution done by the ESPCN- model is suggested as a next step to do

Анонімні аудіо-конференції на основі протоколу WebRTC

Технологія передачі голосу VoIP є актуальною на сьогодні, оскільки все більше і більше людей користуються перевагами швидкого інтернету. Комунікація з колегами, друзями, рідними відбувається методом створення аудіо- та відеоконференцій у відомих застосунках: Google Meets, Zoom, Discord, Telegram тощо. Водночас, при використанні зазначених технологій виникає проблема анонімності, що розглядається в даній роботі. Зокрема, в роботі розроблено систему та алгоритм дій для анонімізації користувачів у аудіоконференціях на основі технології WebRTC з перспективою подальшого розвитку системи. Для запропонованого алгоритму анонімізації, практично підтверджено його працездатність.VoIP voice technology is relevant today as more and more people enjoy the benefits of high speed Internet. Communication with colleagues, friends, family is done by creating audio and video conferencing in well known applications: Google Meets, Zoom, Discord, Telegram etc. At the same time anonymity problems may occur in case of using the mentioned technologies. Thus, the system and the algorithm for anonymizing users in audio conferences based on WebRTC technology with the prospect of further development of the system were developed in this work. The proper operation of the suggested approaches were confirmed in practice

Kires: a data-centric telerehabilitation system based on kinect

185 p.It is widely accepted that the worldwide demand for rehabilitation services. To meet these needs, there will have to be developed systems of telerehabilitation that will bring services to even the most remote locations, through Internet and related technologies.This thesis is addressing the area of remote health care delivery, in particular telerehabilitation. We present KiReS; a Kinect based telerehabilitation system which covers the needs of physiotherapists in the process of designing, managing and evaluating physiotherapy protocols and sessions and also covers the needs of the users providing them an intuitive and encouraging interface and giving useful feedback to enhance the rehabilitation process. As required for multi-disciplinary projects, physiotherapists were consulted and feedback from patients was incorporated at different development stages.KiReS aims to outcome limitations of other telerehabilitation systems and bring some novel features: 1) A friendly and helpful interaction with the system using Kinect and motivational interfaces based on avatars. 2) Provision of smart data that supports physiotherapists in the therapy design process by: assuring the maintenance of appropriate constraints and selecting for them a set of exercises that are recommended for the user. 3) Monitoring of rehabilitation sessions through an algorithm that evaluates online performed exercises and sets if they have been properly executed. 4) Extensibility, KiReS is designed to be loaded with a broad spectrum of exercises and protocols

A study of EU data protection regulation and appropriate security for digital services and platforms

A law often has more than one purpose, more than one intention, and more than one interpretation. A meticulously formulated and context agnostic law text will still, when faced with a field propelled by intense innovation, eventually become obsolete. The European Data Protection Directive is a good example of such legislation. It may be argued that the technological modifications brought on by the EU General Data Protection Regulation (GDPR) are nominal in comparison to the previous Directive, but from a business perspective the changes are significant and important. The Directive’s lack of direct economic incentive for companies to protect personal data has changed with the Regulation, as companies may now have to pay severe fines for violating the legislation. The objective of the thesis is to establish the notion of trust as a key design goal for information systems handling personal data. This includes interpreting the EU legislation on data protection and using the interpretation as a foundation for further investigation. This interpretation is connected to the areas of analytics, security, and privacy concerns for intelligent service development. Finally, the centralised platform business model and its challenges is examined, and three main resolution themes for regulating platform privacy are proposed. The aims of the proposed resolutions are to create a more trustful relationship between providers and data subjects, while also improving the conditions for competition and thus providing data subjects with service alternatives. The thesis contributes new insights into the evolving privacy practices in the digital society at an important time of transition from the service driven business models to the platform business models. Firstly, privacy-related regulation and state of the art analytics development are examined to understand their implications for intelligent services that are based on automated processing and profiling. The ability to choose between providers of intelligent services is identified as the core challenge. Secondly, the thesis examines what is meant by appropriate security for systems that handle personal data, something the GDPR requires that organisations use without however specifying what can be considered appropriate. We propose a method for active network security in web software that is developed through the use of analytics for detection and by inserting data generators into a software installation. The active network security method is proposed as a framework for achieving compliance with the GDPR requirements for services and platforms to use appropriate security. Thirdly, the platform business model is considered from the privacy point of view and the implication of “processing silos” for intelligent services. The centralised platform model is considered problematic from both the data subject and from the competition standpoint. A resolution is offered for enabling user-initiated open data flow to counter the centralised “processing silos”, and thereby to facilitate the introduction of decentralised platforms. The thesis provides an interdisciplinary analysis considering the legal study (lex lata) and additionally the resolution (lex ferenda) is defined through argumentativist legal dogmatics and (de lege ferenda) of how the legal framework ought to be adapted to fit the described environment. User-friendly Legal Science is applied as a theory framework to provide a holistic approach to answering the research questions. The User-friendly Legal Science theory has its roots in design science and offers a way towards achieving interdisciplinary research in the fields of information systems and legal science

A Pattern Language for Designing Application-Level Communication Protocols and the Improvement of Computer Science Education through Cloud Computing

Networking protocols have been developed throughout time following layered architectures such as the Open Systems Interconnection model and the Internet model. These protocols are grouped in the Internet protocol suite. Most developers do not deal with low-level protocols, instead they design application-level protocols on top of the low-level protocol. Although each application-level protocol is different, there is commonality among them and developers can apply lessons learned from one protocol to the design of new ones. Design patterns can help by gathering and sharing proven and reusable solution to common, reoccurring design problems. The Application-level Communication Protocols Design Patterns language captures this knowledge about application-level protocol design, so developers can create better, more fitting protocols base on these common and well proven solutions. Another aspect of contemporary development technics is the need of distribution of software artifacts. Most of the development companies have started using Cloud Computing services to overcome this need; either public or private clouds are widely used. Future developers need to manage this technology infrastructure, software, and platform as services. These two aspects, communication protocols design and cloud computing represent an opportunity to contribute to the software development community and to the software engineering education curriculum. The Application-level Communication Protocols Design Patterns language aims to help solve communication software design. The use of cloud computing in programming assignments targets on a positive influence on improving the Analysis to Reuse skills of students of computer science careers