Resource Sharing via Capability-Based Multiparty Session Types

Multiparty Session Types (MPST) are a type formalism used to model communication protocols among components in distributed systems, by specifying type and direction of data transmitted. It is standard for multiparty session type systems to use access control based on linear or affine types. While useful in offering strong guarantees of communication safety and session fidelity, linearity and affinity run into the well-known problem of inflexible programming, excluding scenarios that make use of shared channels or need to store channels in shared data structures. In this paper, we develop capability-based resource sharing for multiparty session types. In this setting, channels are split into two entities, the channel itself and the capability of using it. This gives rise to a more flexible session type system, which allows channel references to be shared and stored in persistent data structures. We illustrate our type system through a producer-consumer case study. Finally, we prove that the resulting language satisfies type safety

Signaling For Multimedia Conferencing in Stand-Alone Mobile Ad Hoc Networks

Mobile ad hoc networks (MANETs) are infrastructure-less and can be set up anywhere, anytime. They can host a wide range of applications in rescue operations, military, private, and commercial settings. Multimedia conferencing is the basis of a wealth of “killer†applications that can be deployed in MANETs. Some examples are audio/video conferencing, multiplayer games, and online public debating. Signaling is the nerve center of multimedia conferences—it establishes, modifies, and tears down conferences. This paper focuses on signaling for multimedia conferences in MANETs. We review the state of the art and propose a novel architecture based on application-level clusters. Our validation employed SIP as the implementation technology and OPNET as our simulation tool. Our clusters are constructed dynamically and the nodes that act as cluster heads are elected based on their capabilities. The capabilities are published and discovered using a simple application-level protocol. The architectural principles and the clustering operations are discussed. Our SIP-based implementation is also presented along with the performance evaluation. Keywords: MANET, SIP-technology, OPNET-simulation tool, cluste

Programming languages and tools with multiparty session

Distributed software systems are used in a wide variety of applications, including health care, telecommunications, finance, and entertainment. These systems typically consist of multiple software components, each with its own local memory, that are deployed across networks of hosts and communicate by passing messages in order to achieve a common goal. Distributed systems offer several benefits, including scalability — since computation happens independently on each component, it is easy and generally inexpensive to add additional components and functionality as necessary; reliability—since systems can be made up of hundreds of components working together, there is little disruption if a single component fails; performance—since work loads can be broken up and sent to multiple components, distributed systems tend to be very efficient. However, they can also be difficult to implement and analyze due to the need for heterogeneous software components to communicate and synchronize correctly and the potential for hardware or software failures. Distributed and concurrent programming is challenging due to the complexity of coordinating the communication and interactions between the various components of a system that may be running on different machines or different threads. Behavioural types can help to address some of these difficulties by providing a way to formally specify the communication between components of a distributed system. This specification can then be used to verify the correctness of the communication between these components using static typechecking, dynamic monitoring, or a combination of the two. Perhaps the most well-known form of behavioural types are session types. They define the sequences of messages that are exchanged between two or more parties in a communication protocol, as well as the order in which these messages are exchanged. More generally, behavioural types include typestate systems, which specify the state-dependent availability of operations, choreographies, which specify collective communication behaviour, and behavioural contracts that specify the expected behaviour of a system. By using behavioural types, it is possible to ensure that the communication between components of a distributed system is well-defined and follows a set of predefined rules, which can help to prevent errors and ensure that the system behaves correctly. The focus of this thesis is on using session type systems to provide static guarantees about the runtime behaviour of concurrent programs. We investigate two strands of work in this context. The first strand focuses on the relationship between session types and linearity. Linearity is a property of certain resources, in this case communication channels, that can only be used once. For instance a linear variable can only be assigned once, after which it cannot be changed. This property is useful for session types because it helps to prevent race conditions and guarantees that no messages are lost or duplicated. We look at relaxing the standard access control in multiparty session types systems. This is typically based on linear or affine types, that offer strong guarantees of communication safety and session. However, these exclude many naturally occurring scenarios that make use of shared channels or need to store channels in shared data structures. We introduce a new and more flexible session type system, which allows channel references to be shared and stored in persistent data structures. We prove that the resulting language satisfies type safety, and we illustrate our type system through examples. The second strand of research in this thesis looks at the expressive power of session types, and their connection to typestate for safe distributed programming in the Java language. Typestates are a way of annotating objects with a set of operations that are valid to perform on them at a given state. We expand the expressive power of two existing tools, use them to represent real-world case studies, and end by considering language usability and human factors

ARPA Whitepaper

We propose a secure computation solution for blockchain networks. The correctness of computation is verifiable even under malicious majority condition using information-theoretic Message Authentication Code (MAC), and the privacy is preserved using Secret-Sharing. With state-of-the-art multiparty computation protocol and a layer2 solution, our privacy-preserving computation guarantees data security on blockchain, cryptographically, while reducing the heavy-lifting computation job to a few nodes. This breakthrough has several implications on the future of decentralized networks. First, secure computation can be used to support Private Smart Contracts, where consensus is reached without exposing the information in the public contract. Second, it enables data to be shared and used in trustless network, without disclosing the raw data during data-at-use, where data ownership and data usage is safely separated. Last but not least, computation and verification processes are separated, which can be perceived as computational sharding, this effectively makes the transaction processing speed linear to the number of participating nodes. Our objective is to deploy our secure computation network as an layer2 solution to any blockchain system. Smart Contracts\cite{smartcontract} will be used as bridge to link the blockchain and computation networks. Additionally, they will be used as verifier to ensure that outsourced computation is completed correctly. In order to achieve this, we first develop a general MPC network with advanced features, such as: 1) Secure Computation, 2) Off-chain Computation, 3) Verifiable Computation, and 4)Support dApps' needs like privacy-preserving data exchange

Implementation of Internet Protocol Network Architecture for Effective bandwidth Allocation in a Multiparty, Multimedia Conferencing

Advances in multimedia technologies and development of overlay networks foster the opportunity for creating new value-added services over the current Internet. In this paper, a new service network architecture that supports multiparty multimedia conferencing applications, characteristics of which include multi-channel, high bandwidth and low delay tolerance has been proposed. The new service network architecture is built on an array of service nodes called Multiparty Processing Centers (MPCs) which constitute a service overlay network, serving as the infrastructure for multiparty conferencing, and are responsible for conferencing setup, media delivery and the provision of Quality of Service. In this paper, the main focus is on the bandwidth allocation management over the proposed service network. The analysis will determine the bandwidth demand for virtual links among the MPCs. Multimedia traffic is modeled as M/G/∞ input processes and divided into several classes, with the constraint that the aggregate effective bandwidth is within the link capacity times a prescribed utilization threshold

Combining circuit and packet based services in converging networks

Tämän diplomityön tavoitteena on tutkia sekä 3GPP:n standardoiman CSICS palvelun ensimmäisen vaiheen toiminnallisuutta että standardointiprosessin tilaa. Diplomityössä arvioidaan miten konferenssipalvelu voitaisiin toteuttaa käyttäen ensimmäisen vaiheen CSICS palvelua hyväksi. Työn alussa esitellään 3GPP:n standardointi prosessi, matkaviestinverkon kehitys sekä matkaviestinverkon kannalta tärkeitä standardointi organisaatioita. Tämän jälkeen esitellään ne lisäpalvelut, jotka vaikuttavat CSICS:n toimintaan sekä IMS-palveluympäristö. Seuraavaksi käydään läpi julkaistujen 3GPP:n standardien mukainen ensimmäisen vaiheen CSICS-toiminnallisuus. Lopuksi esitellään tunnistetut vaihtoehdot CSICS:ää hyödyntävän konferenssipalvelun toteutukseksi sekä vertaillaan esitettyjä vaihtoehtoja toisiinsa. Arviointi on suoritettu kirjallisuustutkimuksena. Tämän diplomityön tuloksena on kuvaus ensimmäisen vaiheen CSICS palvelun toiminnasta sekä arvio 3GPP CSICS:n standardoinnin tämänhetkisestä tilasta. Myös ensimmäisen vaiheen CSICS palvelua hyödyntävän konferenssipalvelun toteuttaminen on päätelty mahdolliseksi ja tunnistetuista toteutusvaihtoehdoista on valittu toteutettavaksi soveltuvimmat.The aim of this thesis is to study the functionality and the current status of the 3GPP CSICS phase 1 specifications. This thesis also evaluates how the conferencing service could be implemented with the CSICS phase 1 functionality. First the standardization procedure of the 3GPP, the development of the mobile network and some important bodies involved in the standardization of the mobile network are introduced. Thereafter the supplementary services that have an effect on the CSICS functionality and the IMS are presented. Next the current specifications of 3GPP regarding the CSICS are studied. Last the different approaches of implementing a conference service based on these specifications are evaluated. The evaluation is based on a literature study. As a result, the functionality described in the CSICS phase 1 specifications and evaluation of the state of the the standardization of the CSICS phase 1 are presented. Also the conference service is determined to be feasible to implement utilising the CSICS phase 1 functionality. From the recognised approaches the most suitable ones for implementation are chosen

Inter-domain interoperability framework based on WebRTC

Nowadays, the communications paradigm is changing with the convergence of communication services to a model based on IP networks. Applications such as messaging or voice over IP are increasing its popularity and Communication Service Providers are focusing on offering this kind of services. Moreover, Web Real Time Communication (WebRTC) has emerged as a technology that eases the creation of web applications featuring Real-Time Communications over IP networks without the need to develop and install any plug-in. It lacks of specifications in the control plane, leaving the possibility to use WebRTC over tailored web signalling solutions or legacy networks such as IP Multimedia Subsystem (IMS). This technology brings a wide range of possibilities for web developers, but Communication Service Providers are adviced to develop solutions based on the WebRTC technology as described in the Eurescom Study P2252. The lack of WebRTC specifications on the signalling platform together with the threats and opportunities that this technology represents for Communication Service Providers, makes evident the need of research on interoperability solutions for the different kind of signalling implementations and experimentation on the best way for Communication Service Providers to obtain the maximum benefit from WebRTC technology. The main goal of this thesis is precisely to develop a WebRTC interoperability framework and perform experiments on whether the Communication Service Providers should use their existing IMS solutions or develop tailored web signalling platforms for WebRTC deployments. In particular, the work developed in this thesis was completed under the framework of the Webrtc interOperability tested in coNtradictive DEployment scenaRios (WONDER) experimentation for the OpenLab project. OpenLab is a Large-scale integrating project (IP) and is part of the European Union Framework Programme 7 for Research and Development (FP7) addressing the work programme topic Future Internet Research and Experimentation.Actualmente, el paradigma de comunicaciones está cambiando gracias a la convergencia de los servicios de comunicaciones hacia un modelo basado en redes IP. Aplicaciones tales como la mensajería y la voz sobre IP están creciendo en popularidad mientras los proveedores de servicios de comunicaciones se centran en ofrecer este tipo de servicios basados en redes IP. Por otra parte, la tecnología WebRTC ha surgido para facilitar la creación de aplicaciones web que incluyan comunicaciones en tiempo real sobre redes IP sin la necesidad de desarrollar o instalar ningún complemento. Esta tecnología no especifica los protocolos o sistemas a utilizar en el plano de control, dejando a los desarrolladores la posibilidad de usar WebRTC sobre soluciones de señalizaci on web específicas o utilizar las redes de señalización existentes, tales como IMS. WebRTC abre un gran abanico de posibilidades a los desarrolladores web, aunque también se recomienda a los proveedores de servicios de comunicaciones que desarrollen soluciones basadas en WebRTC como se describe en el estudio P2252 de Eurescom. La falta de especificaciones en el plano de señalización junto a las oportunidades y amenazas que WebRTC representa para los proveedores de servicios de comunicaciones, hacen evidente la necesidad de investigar soluciones de interoperabilidad para las distintas implementaciones de las plataformas de señalización y de experimentar c omo los proveedores de servicios de comunicaciones pueden obtener el máximo provecho de la tecnología WebRTC. El objetivo principal de este Proyecto Fin de Carrera es desarrollar un marco de interoperabilidad para WebRTC y realizar experimentos que permitan determinar bajo que condiciones los proveedores de servicios de comunicaciones deben utilizar las plataformas de se~nalizaci on existentes (en este caso IMS) o desarrollar plataformas de señalización a medida basadas en tecnologías web para sus despliegues de WebRTC. En particular, el trabajo realizado en este Proyecto Fin de Carrera se llevó a cabo bajo el marco del proyecto WONDER para el programa OpenLab. OpenLab es un proyecto de integración a gran escala en el cual se desarrollan investigaciones y experimentos en el ámbito del futuro Internet y que forma parte del programa FP7 de la Unión Europea.Ingeniería de Telecomunicació

An architecture for secure data management in medical research and aided diagnosis

Programa Oficial de Doutoramento en Tecnoloxías da Información e as Comunicacións. 5032V01[Resumo] O Regulamento Xeral de Proteccion de Datos (GDPR) implantouse o 25 de maio de 2018 e considerase o desenvolvemento mais importante na regulacion da privacidade de datos dos ultimos 20 anos. As multas fortes definense por violar esas regras e non e algo que os centros sanitarios poidan permitirse ignorar. O obxectivo principal desta tese e estudar e proponer unha capa segura/integracion para os curadores de datos sanitarios, onde: a conectividade entre sistemas illados (localizacions), a unificacion de rexistros nunha vision centrada no paciente e a comparticion de datos coa aprobacion do consentimento sexan as pedras angulares de a arquitectura controlar a sua identidade, os perfis de privacidade e as subvencions de acceso. Ten como obxectivo minimizar o medo a responsabilidade legal ao compartir os rexistros medicos mediante o uso da anonimizacion e facendo que os pacientes sexan responsables de protexer os seus propios rexistros medicos, pero preservando a calidade do tratamento do paciente. A nosa hipotese principal e: os conceptos Distributed Ledger e Self-Sovereign Identity son unha simbiose natural para resolver os retos do GDPR no contexto da saude? Requirense solucions para que os medicos e investigadores poidan manter os seus fluxos de traballo de colaboracion sen comprometer as regulacions. A arquitectura proposta logra eses obxectivos nun ambiente descentralizado adoptando perfis de privacidade de datos illados.[Resumen] El Reglamento General de Proteccion de Datos (GDPR) se implemento el 25 de mayo de 2018 y se considera el desarrollo mas importante en la regulacion de privacidad de datos en los ultimos 20 anos. Las fuertes multas estan definidas por violar esas reglas y no es algo que los centros de salud puedan darse el lujo de ignorar. El objetivo principal de esta tesis es estudiar y proponer una capa segura/de integración para curadores de datos de atencion medica, donde: la conectividad entre sistemas aislados (ubicaciones), la unificacion de registros en una vista centrada en el paciente y el intercambio de datos con la aprobacion del consentimiento son los pilares de la arquitectura propuesta. Esta propuesta otorga al titular de los datos un rol central, que le permite controlar su identidad, perfiles de privacidad y permisos de acceso. Su objetivo es minimizar el temor a la responsabilidad legal al compartir registros medicos utilizando el anonimato y haciendo que los pacientes sean responsables de proteger sus propios registros medicos, preservando al mismo tiempo la calidad del tratamiento del paciente. Nuestra hipotesis principal es: .son los conceptos de libro mayor distribuido e identidad autosuficiente una simbiosis natural para resolver los desafios del RGPD en el contexto de la atencion medica? Se requieren soluciones para que los medicos y los investigadores puedan mantener sus flujos de trabajo de colaboracion sin comprometer las regulaciones. La arquitectura propuesta logra esos objetivos en un entorno descentralizado mediante la adopcion de perfiles de privacidad de datos aislados.[Abstract] The General Data Protection Regulation (GDPR) was implemented on 25 May 2018 and is considered the most important development in data privacy regulation in the last 20 years. Heavy fines are defined for violating those rules and is not something that healthcare centers can afford to ignore. The main goal of this thesis is to study and propose a secure/integration layer for healthcare data curators, where: connectivity between isolated systems (locations), unification of records in a patientcentric view and data sharing with consent approval are the cornerstones of the proposed architecture. This proposal empowers the data subject with a central role, which allows to control their identity, privacy profiles and access grants. It aims to minimize the fear of legal liability when sharing medical records by using anonymisation and making patients responsible for securing their own medical records, yet preserving the patient’s quality of treatment. Our main hypothesis is: are the Distributed Ledger and Self-Sovereign Identity concepts a natural symbiosis to solve the GDPR challenges in the context of healthcare? Solutions are required so that clinicians and researchers can maintain their collaboration workflows without compromising regulations. The proposed architecture accomplishes those objectives in a decentralized environment by adopting isolated data privacy profiles

Session types in practical programming

Programs are more distributed and concurrent today than ever before, and structural communications are at the core. Constructing and debugging such programs are hard due to the lack of formal specifications and verifications of concurrency. Recent advances in type systems allow us to specify the structures of communications as session types, thus enabling static type checking of the usages of communication channels against protocols. The soundness of session type systems implies communication fidelity and absence of deadlock. This work proposes to formalize multiparty dependent session types as an expressive and practical type discipline for enforcing communication protocols. The type system is formulated in the setting of multi-threaded λ-calculus with inspirations from multirole logic. It is sound, and it provides linearity and coherence guarantees entirely statically. The type system supports recursion and polymorphism. The formulation is particularly suitable for practical implementation, and this work provides such a runtime implementation