Push Quizzes : eina d'enviament de preguntes via push notifications

Push Quizzes és una eina que permet enviar preguntes a un conjunt de persones i rebre les respostes. L'eina està formada per tres components: Push Quizzes Server, una aplicació mòbil per Android i una per iOS. El servidor conté una aplicació web capaç d'enviar les preguntes via push notifications i una base de dades per emmagatzemar les preguntes i respostes. Les dues aplicacions mòbils són capaces de rebre les notificacions i contestar les preguntes mitjançant un camp de text.Push Quizzes is a tool that allows you to send questions to a group of people and receive their answers. The tool consists of three components: Server Push Quizzes, a mobile application for Android and iOS. The server contains a web app able to send questions via push notifications and a database to store both questions and answers. Both mobile applications can receive notifications and answer the questions via text field.Push Quizzes es una herramienta que permite enviar preguntas a un conjunto de personas y recibir las respuestas. La herramienta está formada por tres componentes: Push Quizzes Server, una aplicación móvil para Android y una para iOS. El servidor contiene una aplicación web capaz de enviar las preguntas vía push notifications y una base de datos para almacenar las preguntas y respuestas. Las dos aplicaciones móviles son capaces de recibir las notificaciones y contestar las preguntas mediante un campo de texto

Accesso da dispositivi mobili via rete wireless a banche eterogenee di dati geografici per la navigazione satellitare

Il lavoro in oggetto si propone di sviluppare l'integrazione tra alcune tecnologie emergenti (GPS, Wireless communications, Web) rivolte allo sviluppo di servizi (LBS, Satellite navigation)

Un nouveau modèle de correspondance pour un service de messagerie électronique avancée

The ease of use and efficiency of the email service contributed to its widespread adoption. It became an essential service and authorizing multiples and various uses (private, professional, administrative, governmental, military ...). However, all existing systems are technically reduced to the implementation of global policies, compiling in a static way a limited set of features. These approaches prevent differentiated adaptations of the system to the uses. The rigid and monolithic nature of these policies can moreover lead to unnecessary execution of expensive treatments or to the inability to simultaneously satisfy conflicting requirements. We address this problem of the evolution of e-mail in the general context of interpersonal communication of a sender to a receiver. We identify the sender's intention of communication, as a key parameter of any interpersonal communication, insofar as it allows to finely discriminate the successful communications, between all the ones that are understood. A second parameter which is orthogonal to the first, defined as the context of the sender, is important because it allows to determine the successful aspect of an interpersonal communication. The declination of these two parameters in the electronic mail led us to define the concept of electronic correspondence. This one is a generalization of the email the implementation of which provides a sufficient condition of qualification successful exchanges via this medium. A correspondence allows taking into account for each message, the intention of communication and context of its sender. Its implementation requires in certain points of the network, the enforcement of specific policies depending of an administrative domain and which take as argument the intention of communication and the current context of the sender. A second benefit provided by this concept concerns the level of customization of messaging reaching a maximum granularity, because it can be applied in a differentiated way, to each message instance. These works led to the description of a representative architecture and the definition of three extensions to existing standards (SUBMISSION, IMF and S/MIME). Our approach has been illustrated through two main use cases, compliant with recommended specifications for administration (RGS - Référentiel Général de Sécurité) and military (MMHS - Military Message Handling System) domains.Le service de courrier électronique en raison de sa simplicité d'utilisation combinée à son efficacité, a constitué l'un des principaux vecteurs de popularisation d'Internet. Il est devenu un service incontournable dont la richesse s'exprime au travers des usages variés et multiples qu'il autorise (privé, professionnel, administratif, officiel, militaire...). Cependant, toutes les réalisations existantes se réduisent techniquement à la mise en oeuvre de politiques globales, compilant de façon statique un ensemble limité de fonctionnalités. Ces approches ne permettent pas au système de s'adapter de façon différenciée aux usages. De plus, le caractère rigide et monolithique de ces politiques peut parfois conduire à l'exécution inutile de traitements coûteux ou à l'impossibilité de satisfaire simultanément des exigences contradictoires. Nous abordons cette problématique de l'évolution de la messagerie électronique dans le cadre général de la communication interpersonnelle d'un locuteur vers un interlocuteur. Nous identifions l'intention de communication du locuteur, comme un paramètre clé de toute communication interpersonnelle, dans la mesure où il permet de discriminer finement les communications réussies, parmi toutes celles qui sont comprises. Un second paramètre orthogonal au premier, défini comme le contexte du locuteur, s'avère déterminant lorsqu'il s'agit d'aborder la réalisation concrète des communications interpersonnelles réussies. La déclinaison de ces deux paramètres dans le cadre de la messagerie électronique nous conduit à concevoir la notion de correspondance. Cette dernière constitue une généralisation du courrier électronique dont la mise en oeuvre offre une condition suffisante de qualification des échanges réussis, via ce média. Une correspondance permet de prendre en compte pour chaque message, l'intention de communication et le contexte de son émetteur. Sa mise en oeuvre impose l'application en certains points du réseau, de politiques spécifiques au domaine administratif de référence, qui prennent en argument l'intention de communication et le contexte courant de l'émetteur. Un second bénéfice apporté par ce concept concerne le niveau de personnalisation du service de messagerie qui atteint une granularité de finesse maximale, du fait qu'il peut s'appliquer de façon différenciée, à chaque occurrence de message. Ces travaux ont abouti à la description d'une architecture représentative accompagnée de la définition de trois extensions de standards existants (SUBMISSION, IMF et S/MIME). Notre approche a été illustrée à travers deux cas d'usages importants, conformes à des spécifications recommandées pour les domaines administratif (RGS- référentiel général de sécurité) et militaire (MMHS - Military Message Handling System)

Securing Deployed Cryptographic Systems

In 2015 more than 150 million records and $400 billion were lost due to publicly-reported criminal and nation-state cyberattacks in the United States alone. The failure of our existing security infrastructure motivates the need for improved technologies, and cryptography provides a powerful tool for doing this. There is a misperception that the cryptography we use today is a "solved problem" and the real security weaknesses are in software or other areas of the system. This is, in fact, not true at all, and over the past several years we have seen a number of serious vulnerabilities in the cryptographic pieces of systems, some with large consequences. This thesis will discuss three aspects of securing deployed cryptographic systems. We will first explore the evaluation of systems in the wild, using the example of how to efficiently and effectively recover user passwords submitted over TLS encrypted with RC4, with applications to many methods of web authentication as well as the popular IMAP protocol for email. We will then address my work on developing tools to design and create cryptographic systems and bridge the often large gap between theory and practice by introducing AutoGroup+, a tool that automatically translates cryptographic schemes from the mathematical setting used in the literature to that typically used in practice, giving both a secure and optimal output. We will conclude with an exploration of how to actually build real world deployable systems by discussing my work on developing decentralized anonymous credentials in order to increase the security and deployability of existing anonymous credentials systems

Unterstützung von Prozessen der intersektoralen Vernetzung mit medizinischen Bildern unter Berücksichtigung der Qualitätssicherung

Im Gesundheitswesen wird der elektronische Austausch von Daten zwischen professionellen Anwendern wie Ärzten, Pflegekräften oder Medizinisch-technischen Assistenten/innen sowie zwischen Ärzten und Patienten immer wichtiger. Aber dennoch ist Kollaborationssoftware in diesem Bereich nach wie vor noch nicht großflächig im Einsatz, so dass sich folgende Fragen ergeben: Welche technischen Voraussetzungen müssen geschaffen werden, um den medizinischen Workflow zu unterstützen beziehungsweise zu verbessern? Und wie können Vernetzung, Qualitätssicherung, Daten- und damit auch Patientensicherheit miteinander vereint werden, um eine bessere Behandlung zu gewährleisten? In dieser Arbeit wurden unterschiedliche Methoden zur Unterstützung von Prozessen der intersektoralen Vernetzung vor allem mit medizinischen Bildern entwickelt und implementiert. Die vorgenommenen Realisierungen fanden dabei insbesondere mit Blick auf die Qualitätssicherung statt. Durch Weiterentwicklungen im Bereich von DICOM E-Mail wurden Verfahren zur einfachen Administration von Netzwerken und automatisierten Konstanzprüfung dem @GIT-Whitepaper ‚Empfehlung für ein standardisiertes Teleradiologie Übertragungsformat‘ hinzugefügt. Die Implementierung einer Multiknotenstatistik erlaubt die zeitunabhängige Nachverfolgung eines Transfers von radiologischen Bilddaten in heterogenen Netzwerken, auch über mehrere Empfangsknoten hinweg. Neben DICOM E-Mail kommen hier verschiedene Übertragungsprotokolle zum Einsatz. Die entwickelten Verfahren zur Verwaltung von DICOM E-Mail Netzwerken wurden durch die @GIT in ein IHE-Profil überführt, von welchem schlussendlich ein Teil in einem Change Proposal als Erweiterung eines bestehenden Profils der Domäne Radiologie angenommen wurde. Im Rahmen des INFOPAT-Projekts des Universitätsklinikums Heidelberg und im Bereich der intersektoralen Vernetzung wurden zahlreiche Erweiterungen und Performanceoptimierungen bei der Entwicklung eines IHE-Adapters für Altsysteme in einem Netzwerk vorgenommen, welche es ermöglichen, auch nicht-IHE-fähige Aktoren an eine persönliche elektronische Patientenakte anzuschließen. Weiterhin wurde ein XDS-fähiger mobiler Bildbetrachter für Patienten entwickelt, der es durch ein standardisiertes Single-Sign-On erlaubt, zwischen Patientenakte, radiologischem Viewer und mobilem Bildbetrachter nahtlos zu wechseln. Um eine einfachere Kommunikation zwischen Ärzten, medizinischen Dienstleistern und Patienten zu realisieren, wurde eine bestehende Teleradiologieakte durch die Entwicklung eines konfigurierbaren Workflowmanagements sowie verschiedene Freigabe- und Exportmodule erweitert. Abschließend wurde das Monitoring-System für teleradiolgische Netzwerke weiterentwickelt, um Probleme und Engstellen bei der Kommunikation frühzeitig und proaktiv erkennen und beheben zu können. Die im Rahmen dieser Arbeit beschriebenen Weiterentwicklungen unterschiedlicher Standards im Bereich der Qualitätssicherung und Teleradiologie sowie die Softwareentwicklungen im Bereich der Telemedizin und schlussendlich der intersektoralen Vernetzung unterstützen den Arbeitsablauf der medizinischen als auch administrativen Anwender. Mit Hilfe der etablierten Lösungen kann ein reibungsloser Ablauf und das Zusammenspiel verschiedener Komponenten in heterogenen Netzwerken auch unter dem Gesichtspunkt der Qualitätssicherung gewährleistet werden. Patienten erhalten dadurch einen einfachen Zugang zu ihren Daten. Die Ergebnisse der Arbeit zeigen, dass auch heute schon ein qualitätsgesicherter und komfortabler Austausch von Bilddaten im medizinischen Umfeld ad hoc über die Grenzen von dezentralen Einrichtungen des Gesundheitswesens hinaus möglich ist. Dadurch kann die intersektorale Behandlung beschleunigt, die Behandlungsqualität verbessert und Doppeluntersuchungen vermieden werden

Scaling up VoIP: Transport Protocols and Controlling Unwanted Communication Requests

Millions of people worldwide use voice over IP (VoIP) services not only as cost-effective alternatives to long distance and international calls but also as unified communication tools, such as video conferencing. Owing to the low cost of new user accounts, each person can easily obtain multiple accounts for various purposes. Rich VoIP functions combined with the low cost of new accounts and connections attract many people, resulting in a dramatic increase in the number of active user accounts. Internet telephony service providers (ITSPs), therefore, need to deploy VoIP systems to accommodate this growing demand for VoIP user accounts. Attracted people also include bad actors who make calls that are unwanted to callees. Once ITSPs openly connect with each other, unwanted bulk calls will be at least as serious a problem as email spam. This dissertation studies how we can reduce load both on ITSPs and end users to ensure continuing the success of VoIP services. From ITSPs' perspective, the scalability of VoIP servers is of importance and concern. Scalability depends on server implementation and the transport protocol for SIP, VoIP signaling. We conduct experiments to understand the impact of connection-oriented transport protocols, namely, TCP and SCTP, because of the additional costs of handling connections. Contradicting the negative perception of connection-oriented transport protocols, our experimental results demonstrate that the TCP implementation in Linux can maintain comparable capacity to UDP, which is a lightweight connection-less transport protocol. The use of SCTP, on the other hand, requires improving the Linux implementation since the not-well-tested implementation makes a server less scalable. We establish the maximum number of concurrent TCP or SCTP connections as baseline data and suggest better server configurations to minimize the negative impact of handling a large number of connections. Thus, our experimental analysis will also contribute to the design of other servers with a very large number of TCP or SCTP connections. From the perspective of end users, controlling unwanted calls is vital to preserving the VoIP service utility and value. Prior work on preventing unwanted email or calls has mainly focused on detecting unwanted communication requests, leaving many messages or calls unlabeled since false positives during filtering are unacceptable. Unlike prior work, we explore approaches to identifying a "good" call based on signaling messages rather than content. This is because content-based filtering cannot prevent call spam from disturbing callees since a ringing tone interrupts them before content is sent. Our first approach uses "cross-media relations.'' Calls are unlikely to be unwanted if two parties have been previously communicated with each other through other communication means. Specifically, we propose two mechanisms using cross-media relations. For the first mechanism, a potential caller offers her contact addresses which might be used in future calls to the callee. For the second mechanism, a callee provides a potential caller with weak secret for future use. When the caller makes a call, she conveys the information to be identified as someone the callee contacted before through other means. Our prototype illustrates how these mechanisms work in web-then-call and email-then-call scenarios. In addition, our user study of received email messages, calls, SMS messages demonstrates the potential effectiveness of this idea. Another approach uses caller's attributes, such as organizational affiliation, in the case where two parties have had no prior contact. We introduce a lightweight mechanism for validating user attributes with privacy-awareness and moderate security. Unlike existing mechanisms of asserting user attributes, we design to allow the caller to claim her attributes to callees without needing to prove her identity or her public key. To strike the proper balance between the ease of service deployment and security, our proposed mechanism relies on transitive trust, through an attribute validation server, established over transport layer security. This mechanism uses an attribute reference ID, which limits the lifetime and restricts relying parties. Our prototype demonstrates the simplicity of our concept and the possibility of practical use

Scaling up VoIP: Transport Protocols and Controlling Unwanted Communication Requests

Millions of people worldwide use voice over IP (VoIP) services not only as cost-effective alternatives to long distance and international calls but also as unified communication tools, such as video conferencing. Owing to the low cost of new user accounts, each person can easily obtain multiple accounts for various purposes. Rich VoIP functions combined with the low cost of new accounts and connections attract many people, resulting in a dramatic increase in the number of active user accounts. Internet telephony service providers (ITSPs), therefore, need to deploy VoIP systems to accommodate this growing demand for VoIP user accounts. Attracted people also include bad actors who make calls that are unwanted to callees. Once ITSPs openly connect with each other, unwanted bulk calls will be at least as serious a problem as email spam. This dissertation studies how we can reduce load both on ITSPs and end users to ensure continuing the success of VoIP services. From ITSPs' perspective, the scalability of VoIP servers is of importance and concern. Scalability depends on server implementation and the transport protocol for SIP, VoIP signaling. We conduct experiments to understand the impact of connection-oriented transport protocols, namely, TCP and SCTP, because of the additional costs of handling connections. Contradicting the negative perception of connection-oriented transport protocols, our experimental results demonstrate that the TCP implementation in Linux can maintain comparable capacity to UDP, which is a lightweight connection-less transport protocol. The use of SCTP, on the other hand, requires improving the Linux implementation since the not-well-tested implementation makes a server less scalable. We establish the maximum number of concurrent TCP or SCTP connections as baseline data and suggest better server configurations to minimize the negative impact of handling a large number of connections. Thus, our experimental analysis will also contribute to the design of other servers with a very large number of TCP or SCTP connections. From the perspective of end users, controlling unwanted calls is vital to preserving the VoIP service utility and value. Prior work on preventing unwanted email or calls has mainly focused on detecting unwanted communication requests, leaving many messages or calls unlabeled since false positives during filtering are unacceptable. Unlike prior work, we explore approaches to identifying a "good" call based on signaling messages rather than content. This is because content-based filtering cannot prevent call spam from disturbing callees since a ringing tone interrupts them before content is sent. Our first approach uses "cross-media relations.'' Calls are unlikely to be unwanted if two parties have been previously communicated with each other through other communication means. Specifically, we propose two mechanisms using cross-media relations. For the first mechanism, a potential caller offers her contact addresses which might be used in future calls to the callee. For the second mechanism, a callee provides a potential caller with weak secret for future use. When the caller makes a call, she conveys the information to be identified as someone the callee contacted before through other means. Our prototype illustrates how these mechanisms work in web-then-call and email-then-call scenarios. In addition, our user study of received email messages, calls, SMS messages demonstrates the potential effectiveness of this idea. Another approach uses caller's attributes, such as organizational affiliation, in the case where two parties have had no prior contact. We introduce a lightweight mechanism for validating user attributes with privacy-awareness and moderate security. Unlike existing mechanisms of asserting user attributes, we design to allow the caller to claim her attributes to callees without needing to prove her identity or her public key. To strike the proper balance between the ease of service deployment and security, our proposed mechanism relies on transitive trust, through an attribute validation server, established over transport layer security. This mechanism uses an attribute reference ID, which limits the lifetime and restricts relying parties. Our prototype demonstrates the simplicity of our concept and the possibility of practical use