Multimedia session continuity in the IP multimedia subsystem : investigation and testbed implementation

Includes bibliographical references (leaves 91-94).The advent of Internet Protocol (IP) based rich multimedia services and applications has seen rapid growth and adoption in recent years, with an equally increasing user base. Voice over IP (VoIP) and IP Television (IPTV) are key examples of services that are blurring the lines between traditional stove-pipe approach network infrastructures. In these, each service required a different network technology to be provisioned, and could only be accessed through a specific end user equipment (UE) technology. The move towards an all-IP core network infrastructure and the proliferation of multi-capability multi-interface user devices has spurred a convergence trend characterized by access to services and applications through any network, any device and anywhere

Integrating Context-Awareness in the IP Multimedia Subsystem for Enhanced Session Control and Service Provisioning Capabilities

The 3GPP-defined IP Multimedia Subsystem (IMS) is becoming the de-facto standard for IP-based multimedia communication services. It consists of an overlay control and service layer that is deployed on top of IP-based mobile and fixed networks. This layer encompasses a set of common functions (e.g. session control functions allowing the initiation/modification/termination of sessions) and service logics that are needed for the seamless provisioning of IP multimedia services to users, via different access technologies. As it continues to evolve, the IMS still faces several challenges including: the enabling of innovative and personalized services that would appeal to users and increase network operators' revenues; its interaction with other types of networks (e.g. wireless sensor networks) as means to enhance its capabilities; and the support of advanced QoS schemes that would manage the network resources in an efficient and adaptive manner. The context-awareness concept, which comes from the pervasive computing field, signifies the ability to use situational information (or context) in support to operations and decision making and for the provision of relevant services to the user. Context-awareness is considered to enhance users' experience and is seen as an enabler to adaptability and service personalization - two capabilities that could play important roles in telecommunication environments. This thesis focuses on the introduction of the context-awareness technology in the IMS, as means to enhance its session control and service provisioning capabilities. It starts by presenting the necessary background information, followed by a derivation of requirements and a review of the related work. To ensure the availability of contextual information within the network, we then propose an architecture for context information acquisition and management in the IMS. This architecture leverages and extends the 3GPP presence framework. Building on the capabilities of this architecture, we demonstrate how the managed information could be integrated in IMS operations, at the control and service levels. Showcasing control level integration, we propose a novel context-aware call differentiation framework as means to offer enhanced QoS support (for sessions/calls) in IMS-based networks. This framework enables the differentiation between different categories of calls at the IMS session control level, via dynamic and adaptive resource allocation, in addition to supporting a specialized charging model. Furthermore, we also propose a framework for enhanced IMS emergency communication services. This framework addresses the limitations of existing IP-based emergency solutions, by offering three main improvements: a QoS-enhanced emergency service; a context-aware personalized emergency service; and a conferencing-enhanced emergency service. We demonstrate the use of context awareness at the IMS service level using two new context-aware IMS applications. Finally, to validate our solutions and evaluate their performance, we build various proof-of-concept prototypes and OPNET simulation model

Selecting and augmenting a FOSS development and deployment environment for personalized video-oriented services in a Telco context

The great demand for video services on the Internet is one contributing factor that led telecom companies to search for solutions to deliver innovative video services, using the different access technologies managed by them and leveraging the capacity of enforcing Quality of Service (QoS). One part of the solution was an infrastructure that guarantees QoS for these services, in the form of the IP Multimedia Subsystem (IMS) framework. The IMS framework was developed for delivering innovative multimedia services, but IMS alone does not provide the required services. This has led to further work in the area of multimedia service architectures. One noteworthy architecture is IPTV. IPTV is more than what its name implies, as it allows the development of various innovative video-oriented services and not just tv. When IPTV was introduced, many thought that it would bring back the revenue loss that telecom companies experienced to over-the-top (OTT) service providers. However, despite all its promises, the IPTV implementation has not shown as wide an uptake as one would expect. Although there could be various reasons for the slow penetration of IPTV, one reason could be the technical challenge that IPTV poses to service developers. One of the main reasons for the embarking of the research reported in this thesis was to identify and select free and open source software (FOSS) based platforms and augment them for easy development and deployment of video-oriented services. The thesis motivated how the IPTV architecture, with some modification, can be a good architecture to develop innovative video-oriented services. For a better understanding and investigate the issues of video-oriented service development on different platforms, we followed an incremental and iterative prototyping method. As a result, various video-oriented services were first developed and implementation-related issues were analyzed. This has helped us to identify problems that service developers face, including the requirement to utilize a number of protocols to develop an IPTV-based video-oriented service and the lack of a platform that provides a consistent programming interface to implement them all. The process also helped us to identify new uses cases through the process. As part of our selection process, we found that the Mobicents service development platform can be used as the basis for a good service development and deployment environment for video-oriented services. Mobicents is a Java-based service delivery platform for quick development, deployment and management of next generation network applications. Mobicents is a good choice because it provides a consistent programming interface and supports the various protocols needed in a consistent manner or an easy way to include the support for them. We used Mobicents to compose the environment that developers can use to build video-oriented services. Specifically we developed components and service building blocks that service developer can use to develop various innovative video-oriented services. During our research, we also identified various issues with regard to support from streaming servers in general and open source streaming servers in particular and also with the protocol they use. Specifically, we identified issues with Real Time Streaming Protocol (RTSP), a protocol specified as the media control protocol in the IPTV specification, and made proposals for solving them. We developed an RSTP proxy to augment the features lacking in the current streaming servers and implemented some of the features we proposed in it

A Comprehensive Survey of Voice over IP Security Research

We present a comprehensive survey of Voice over IP security academic research, using a set of 245 publications forming a closed cross-citation set. We classify these papers according to an extended version of the VoIP Security Alliance (VoIPSA) Threat Taxonomy. Our goal is to provide a roadmap for researchers seeking to understand existing capabilities and to identify gaps in addressing the numerous threats and vulnerabilities present in VoIP systems. We discuss the implications of our findings with respect to vulnerabilities reported in a variety of VoIP products. We identify two specific problem areas (denial of service, and service abuse) as requiring significant more attention from the research community. We also find that the overwhelming majority of the surveyed work takes a black box view of VoIP systems that avoids examining their internal structure and implementation. Such an approach may miss the mark in terms of addressing the main sources of vulnerabilities, i.e., implementation bugs and misconfigurations. Finally, we argue for further work on understanding cross-protocol and cross-mechanism vulnerabilities (emergent properties), which are the byproduct of a highly complex system-of-systems and an indication of the issues in future large-scale systems

A Unified Mobility Management Architecture for Interworked Heterogeneous Mobile Networks

The buzzword of this decade has been convergence: the convergence of telecommunications, Internet, entertainment, and information technologies for the seamless provisioning of multimedia services across different network types. Thus the future Next Generation Mobile Network (NGMN) can be envisioned as a group of co-existing heterogeneous mobile data networking technologies sharing a common Internet Protocol (IP) based backbone. In such all-IP based heterogeneous networking environments, ongoing sessions from roaming users are subjected to frequent vertical handoffs across network boundaries. Therefore, ensuring uninterrupted service continuity during session handoffs requires successful mobility and session management mechanisms to be implemented in these participating access networks. Therefore, it is essential for a common interworking framework to be in place for ensuring seamless service continuity over dissimilar networks to enable a potential user to freely roam from one network to another. For the best of our knowledge, the need for a suitable unified mobility and session management framework for the NGMN has not been successfully addressed as yet. This can be seen as the primary motivation of this research. Therefore, the key objectives of this thesis can be stated as: To propose a mobility-aware novel architecture for interworking between heterogeneous mobile data networks To propose a framework for facilitating unified real-time session management (inclusive of session establishment and seamless session handoff) across these different networks. In order to achieve the above goals, an interworking architecture is designed by incorporating the IP Multimedia Subsystem (IMS) as the coupling mediator between dissipate mobile data networking technologies. Subsequently, two different mobility management frameworks are proposed and implemented over the initial interworking architectural design. The first mobility management framework is fully handled by the IMS at the Application Layer. This framework is primarily dependant on the IMS’s default session management protocol, which is the Session Initiation Protocol (SIP). The second framework is a combined method based on SIP and the Mobile IP (MIP) protocols, which is essentially operated at the Network Layer. An analytical model is derived for evaluating the proposed scheme for analyzing the network Quality of Service (QoS) metrics and measures involved in session mobility management for the proposed mobility management frameworks. More precisely, these analyzed QoS metrics include vertical handoff delay, transient packet loss, jitter, and signaling overhead/cost. The results of the QoS analysis indicates that a MIP-SIP based mobility management framework performs better than its predecessor, the Pure-SIP based mobility management method. Also, the analysis results indicate that the QoS performances for the investigated parameters are within acceptable levels for real-time VoIP conversations. An OPNET based simulation platform is also used for modeling the proposed mobility management frameworks. All simulated scenarios prove to be capable of performing successful VoIP session handoffs between dissimilar networks whilst maintaining acceptable QoS levels. Lastly, based on the findings, the contributions made by this thesis can be summarized as: The development of a novel framework for interworked heterogeneous mobile data networks in a NGMN environment. The final design conveniently enables 3G cellular technologies (such as the Universal Mobile Telecommunications Systems (UMTS) or Code Division Multiple Access 2000 (CDMA2000) type systems), Wireless Local Area Networking (WLAN) technologies, and Wireless Metropolitan Area Networking (WMAN) technologies (e.g., Broadband Wireless Access (BWA) systems such as WiMAX) to interwork under a common signaling platform. The introduction of a novel unified/centralized mobility and session management platform by exploiting the IMS as a universal coupling mediator for real-time session negotiation and management. This enables a roaming user to seamlessly handoff sessions between different heterogeneous networks. As secondary outcomes of this thesis, an analytical framework and an OPNET simulation framework are developed for analyzing vertical handoff performance. This OPNET simulation platform is suitable for commercial use

On the development of Voice over IP

This record of study documents the experience acquired during my internship at Sonus Networks, Inc. for the Doctor of Engineering Program. In this record of study, I have surveyed and analyzed the current standardization status of Voice over Internet Protocol (VoIP) security and proposed an Internet draft on secure retargeting and response identity. The draft provides a simple and comprehensive solution to the response identity, call recipient identity and intermediate server retargeting problems in the Session Initiation Protocol (SIP) call setup process. To support product line development and enable product evolution in the quickly growing VoIP market, I have proposed a generic development framework for SIP application servers. The common and open architecture of the framework supports multiple products development and facilitates integration of new service modules. The systematical reuse of proven software design and implementation enables companies to reduce the development cost and shorten the time-to-market. As the development and diffusion of VoIP can never be isolated from the social sphere, I have investigated the current status, influence and interaction of three most important factors: standardization, market forces and government regulation on the development and diffusion of VoIP. The worldwide deregulation and market privatization have caused the transition of the standards development model. This transition in turn influences the market diffusion. Other than standardization, market forces including customer needs, the revenue pressure on carriers and vendors, competitive and economic environment, social culture and regulation uncertainties create both threats and opportunities. I have examined market drivers and obstacles in the current VoIP adoption stage, analyzed current VoIP market players and their strategies, and predicted the direction of VoIP business. The regulation creates the macro environment in which VoIP develops and diffuses. I have explored modern telecommunications regulation principles based on which government makes decisions on most current issues, including 911 support, mergers and acquisitions, interconnection obligation and leasing rights, rate structure and universal service fees

Contributions to the privacy provisioning for federated identity management platforms

Identity information, personal data and user’s profiles are key assets for organizations and companies by becoming the use of identity management (IdM) infrastructures a prerequisite for most companies, since IdM systems allow them to perform their business transactions by sharing information and customizing services for several purposes in more efficient and effective ways. Due to the importance of the identity management paradigm, a lot of work has been done so far resulting in a set of standards and specifications. According to them, under the umbrella of the IdM paradigm a person’s digital identity can be shared, linked and reused across different domains by allowing users simple session management, etc. In this way, users’ information is widely collected and distributed to offer new added value services and to enhance availability. Whereas these new services have a positive impact on users’ life, they also bring privacy problems. To manage users’ personal data, while protecting their privacy, IdM systems are the ideal target where to deploy privacy solutions, since they handle users’ attribute exchange. Nevertheless, current IdM models and specifications do not sufficiently address comprehensive privacy mechanisms or guidelines, which enable users to better control over the use, divulging and revocation of their online identities. These are essential aspects, specially in sensitive environments where incorrect and unsecured management of user’s data may lead to attacks, privacy breaches, identity misuse or frauds. Nowadays there are several approaches to IdM that have benefits and shortcomings, from the privacy perspective. In this thesis, the main goal is contributing to the privacy provisioning for federated identity management platforms. And for this purpose, we propose a generic architecture that extends current federation IdM systems. We have mainly focused our contributions on health care environments, given their particularly sensitive nature. The two main pillars of the proposed architecture, are the introduction of a selective privacy-enhanced user profile management model and flexibility in revocation consent by incorporating an event-based hybrid IdM approach, which enables to replace time constraints and explicit revocation by activating and deactivating authorization rights according to events. The combination of both models enables to deal with both online and offline scenarios, as well as to empower the user role, by letting her to bring together identity information from different sources. Regarding user’s consent revocation, we propose an implicit revocation consent mechanism based on events, that empowers a new concept, the sleepyhead credentials, which is issued only once and would be used any time. Moreover, we integrate this concept in IdM systems supporting a delegation protocol and we contribute with the definition of mathematical model to determine event arrivals to the IdM system and how they are managed to the corresponding entities, as well as its integration with the most widely deployed specification, i.e., Security Assertion Markup Language (SAML). In regard to user profile management, we define a privacy-awareness user profile management model to provide efficient selective information disclosure. With this contribution a service provider would be able to accesses the specific personal information without being able to inspect any other details and keeping user control of her data by controlling who can access. The structure that we consider for the user profile storage is based on extensions of Merkle trees allowing for hash combining that would minimize the need of individual verification of elements along a path. An algorithm for sorting the tree as we envision frequently accessed attributes to be closer to the root (minimizing the access’ time) is also provided. Formal validation of the above mentioned ideas has been carried out through simulations and the development of prototypes. Besides, dissemination activities were performed in projects, journals and conferences.Programa Oficial de Doctorado en Ingeniería TelemáticaPresidente: María Celeste Campo Vázquez.- Secretario: María Francisca Hinarejos Campos.- Vocal: Óscar Esparza Martí

QoS provisioning and mobility management for IP-based wireless LAN

Today two major technological forces drive the telecommunication era: the wireless cellular systems and the Internet. As these forces converge, the demand for new services, increasing bandwidth and ubiquitous connectivity continuously grows. The next-generation mobile systems will be based solely or in a large extent, on the Internet Protocol (IP). This thesis begins by addressing the problems and challenges faced in a multimedia, IP-based Wireless LAN environment. The ETSI HiperLAN/2 system has been mainly selected as the test wireless network for our theoretical and simulation experiments. Apart from the simulations, measurements have been taken from real life test scenarios, where the IEEE 802.11 system was used (UniS Test-bed). Furthermore, a brief overview of the All-IP network infrastructure is presented. An extension to the conventional wireless (cellular) architecture, which takes advantage of the IP network characteristics, is considered. Some of the trends driving the 3G and WLANs developments are explored, while the provision of quality of service on the latter for real-time and non-real-time multimedia services is investigated, simulated and evaluated. Finally, an efficient and catholic Q0S framework is proposed. At the same time, the multimedia services should be offered in a seamless and uninterrupted manner to users who access the all-IP infrastructure via a WLAN, meeting the demands of both enterprise and public environments anywhere and anytime. Thus providing support for mobile communications not only in terms of terminal mobility, as is currently the case, but also for session, service and personal mobility. Furthermore, this mobility should be available over heterogeneous networks, such as WLANs, IJMTS, as well as fixed networks. Therefore, this work investigates issues such as, multilayer and multi-protocol (SIP-Mobile IP-Cellular IP) mobility management in wireless LAN and 3G domains. Several local and global mobility protocols and architectures have been tested and evaluated and a complete mobility management framework is proposed. Moreover, integration of simple yet efficient authentication, accounting and authorisation mechanisms with the multimedia service architecture is an important issue of IP-based WLANs. Without such integration providers will not have the necessary means to control their provided services and make revenue from the users. The proposed AAA architecture should support a robust AAA infrastructure providing secure, fast and seamless access granting to multimedia services. On the other hand, a user wishing a service from the All-IP WLAN infrastructure needs to be authenticated twice, once to get access to the network and the other one should be granted for the required service. Hence, we provide insights into these issues by simulating and evaluating pre-authentication techniques and other network authentication scenarios based on the wellknown IEEE 802.lx protocol for multimedia IP-based WLANs.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Local Coordination for Interpersonal Communication Systems

The decomposition of complex applications into modular units is anacknowledged design principle for creating robust systems and forenabling the flexible re-use of modules in new applicationcontexts. Typically, component frameworks provide mechanisms and rulesfor developing software modules in the scope of a certain programmingparadigm or programming language and a certain computing platform. Forexample, the JavaBeans framework is a component framework for thedevelopment of component-based systems -- in the Java environment.In this thesis, we present a light-weight, platform-independentapproach that views a component-based application as a set of ratherloosely coupled parallel processes that can be distributed on multiplehosts and are coordinated through a protocol. The core of ourframework is the Message Bus (Mbus): an asynchronous, message-orientedcoordination protocol that is based on Internet technologies andprovides group communication between application components.Based on this framework, we have developed a local coordinationarchitecture for decomposed multimedia conferencing applications thatis designed for endpoint and gateway applications. One element of thisarchitecture is an Mbus-based protocol for the coordination of callcontrol components in conferencing applications