Presentation on theme: "Tyler Johnson - 2004 INLS184 Architectures and Issues in Real Time Conferencing Protocols Tyler Miller-Johnson University of North Carolina at Chapel Hill."— Presentation transcript:
Tyler Johnson - 2004 INLS184 Architectures and Issues in Real Time Conferencing Protocols Tyler Miller-Johnson University of North Carolina at Chapel Hill April 6, 2004
Tyler Johnson - 2004 Exercise – Exploring Standards What is a standard ? What is the purpose of a standard ? Name 3 standards. What characteristics are desirable in a standards body ?
Tyler Johnson - 2004 Exercise: What is a standard ? De facto De jour Proprietary Agreed upon set of rules, set by authoritative body Set of rules to maintain consistency across an industry Accepted common system of procedures to provide a uniform method of design and/or operation
Tyler Johnson - 2004 Exercise: What is the purpose of a standard ? Avoid inefficiency Ensure interoperability Guide and ensure development Quality
Tyler Johnson - 2004 Exercise: Examples of standards Traffic signs Electricity Food labels IEEE 802.11b/g Address an envelope Phone conversation RJ-45 TCP/IP Metric system IEEE 1394 ISO 9600 MARC for cataloging
Tyler Johnson - 2004 Exercise: What characteristics are desirable in a standards body ? Open Non partial Non proprietary Simple Respected Rational Knowledgeable Uniform Quick Thorough Multiple manufactures Represent users of the system Widely accessible
Tyler Johnson - 2004 Case Study: Standardized Addressing Modes URL Based Dialing –Uses DNS to resolve address of call server –Uses endpoint registration to resolve endpoint address –Example h323:email@example.com ENUM –Uses DNS to translate a phone number into an URL –Phone numbers under municipal control –Example +1.(919) 843-7004 becomes: 184.108.40.206.220.127.116.11.1.9.1.e164.arpa What are the social, GUI, market and technical consequences of this choice?
Tyler Johnson - 2004 Comparing Standards Bodies ITU / IETF International Telecommunications Union –Inter-governmental organization under the umbrella of the United Nations (www.itu.int)www.itu.int –Covers multiple topic and networks –US Representation through US State Department –Annual Cost Associate: $7000 Sector: $40,000 Internet Engineering Task Force –International community of network designers, operators, vendors, and researchers chartered under ISOC (the Internet Society) –Focused on Internet –No governmental oversight –Annual Cost Individual: $0 ISOC Corporate: variable with graduated benefits
Tyler Johnson - 2004 What Are Real Time Communications? Applications –Voice Over IP IP Telephony Interactive Audio Conferencing Modem Over IP Fax Over IP –Video Conferencing –Instant Messaging –Presence Standards –H.323 Voice Video –SIP Voice Presence Instant Messaging Video –XMPP Instant Messaging
Tyler Johnson - 2004 Security Elements Authentication –Proving someone’s identity Authorization –What are they allowed to do? Privacy –Encryption of media –Encryption of call signaling
Tyler Johnson - 2004 Regulatory Issues HIPPA requires privacy. CALEA requires wiretapping. Service provider has no access to media Media and call signaling may be encrypted Service providers may become ubiquitous Service providers may not fall under regulations (i.e. in another country) “Help, I’ve fallen and I can’t get up !” – 911 How do we tax? Call ServerGatewayMCU
Tyler Johnson - 2004 Our Thinking Is All Wrong ! Old –End users need access to central resources –End users are ‘clients’ –IT must protect itself against end user abuse –Home domain is the world New –End users need access to each other –End users are servers and service providers –End users need to authenticate each other –The world is a large and complex place, but we want to live there!
Tyler Johnson - 2004 E2M Security (user ID / password) Pros –Ensures nobody steals service provider’s resources –Ensures you pay your bill Cons –Doesn’t allow you to access resources in other realms –Doesn’t provide caller ID –Doesn’t recognize true people to people nature of application Call Server
Tyler Johnson - 2004 E2E Security (X.509 certificates - PKI) Pros –Confirms your identity to the called party –Works across realms Cons –Requires common authentication across reams –Other applications don’t use this approach –Administrative cost to identity verification Incoming Call From: Dr. Thomas Gray Radiology Duke University Internet2 Call Server
Tyler Johnson - 2004 How Does Federation Help ? E2E security features Still implement your own authentication methods Recognizes the world is a messy place Call Server Incoming Call From: Dr. Thomas Gray Radiology Duke University Internet2 DukeUNC Internet2 Federation Provider AProvider B FCC Federation
Tyler Johnson - 2004 This Changes Everything Access to many service providers Not necessarily required to pre-establish accounts Call signaling and networks can be un-secured Incoming Call From: Sarah McAllister VISA 123456 Provider A FCC Duke Hospital UNC Hospital Federation Provider AProvider B FCC Federation MCU Provider VoIP Provider VoIP Provider PTA Fundraiser