Control Services for the HTTP Session Mobility Service Michael Adeyeye, Neco Ventura, *David Humphrey Communication Research Group, Department of Electrical Engineering University of Cape Town, South Africa {micadeyeye, neco}@crg.ee.uct.ac.za
*School of Computer Studies, Seneca College, Toronto, Canada
[email protected] Abstract-In our previous work, a hybrid architectural scheme was proposed to migrate web sessions between PCs. Only the client-side of the work was however achieved. The work included developing a Web browser extension and creating a new service, namely content sharing and session handoff. This further research explores the proxy-side of the architecture. It entails creating new services that prevent abuse of the services offered by the client. That is, the new services in the proxy control the interaction between the Web browsers. The services are provided to further improve the Webbrowsing experience and are derived from existing telecommunication services, such as call transfer and call blocking. Although the services – call transfer and call blocking - are peculiar to telecommunications, they are feasible in the Web-browsing context owing to identities in Web browsers, which could make them interact with one another like phones. Our approach uses the best of the Internet protocols (SIP, XML, HTTP) to provide a controllable HTTP session mobility service between two or more Web browsers.
I.
INTRODUCTION
The World Wide Web (WWW) is fast evolving. The reasons include increasing Web browsers capabilities and services, which are daily deployed on the Internet. On the other hand, the Internet, broadcasting and telecommunication system are converging. Convergence in broadcasting and the Internet is referred to as Internet Protocol Television (IPTV). In the past, Internet services were provided to end users over telecommunication lines using modems. The reverse is however possible today; that is, telecommunication services can be provided to end users over the Internet. The Next Generation Network (NGN) is an all-IP network. The network is a platform, which different Service Delivery Platforms (SDPs) and frameworks for service provision are placed atop. An example is the IP Multimedia Subsystem (IMS), which is currently being standardized by the 3GPP. On the Internet, the enormous Web applications and services make the WWW services, and there is a rich fermenting soup of technological possibilities and business models [1]. Like the telecommunications
vendors took the more traditional standardization path and created the IMS, other players used the potential of Internet technologies to create proprietary systems that have proved to be tremendously popular, such as Skype. Therefore, there is no “well-defined end-point” for these technologies [2]. One key feature, which is considered critical in meeting end-users requirements in the NGN services, is mobility. The reason is that the Next Generation Networks and Services are evolving from triple-play video, voice and data - to quad-play, where a mobility component is added. Mobility has been realized in various ways based on the SDP in use, and it can be classified into Session Mobility, Service Mobility, Terminal Mobility and Personal Mobility. Session Initiation Protocol (SIP), the signalling protocol for the IMS, offers two kinds of mobility, namely Session Handoff and Third Party Call Control. A number of services, such as Call Transfer [3] and splitting of multimedia sessions between terminals, have been developed from these two mobility types. Mobility on the Internet has also been widely explored by researchers and solution developers. In this research, emphasis is laid more on session mobility. Web session mobility solutions existing in the market today include Mozilla Weave [4] and
Figure 1. Overview of the Mozilla Weave Idea [Source: http://labs.mozilla.com/projects/weave]
Google Browser Sync [5]. The Mozilla Weave Project promises a profile mobility service for the end-users. Other services are expected to be developed by thirdparties using the users' meta data, such as history, bookmarks, passwords and their customizations. In our previous work, we integrated a SIP stack into a Web browser to achieve HTTP session mobility and voice-grade audio services between two Web browsers. The session mobility service was further classified into content-sharing and session handoff service. It showed a way of improving the Web-browsing experience, whereby a person could refer another to the same Web page and engage in a voice chat with each other without using a third party software, such as Yahoo Messenger or GTALK. In addition, a person could move his stateful HTTP connection between two or more PCs. This paper is arranged as follows. Section II presents the related work. Section III discusses our previous work; Section IV highlights the research problem. Section V presents the methodology and Section VI also highlights the current implementation and its challenges. Lastly, Section VII provides the conclusions to the paper. II. RELATED WORK Vijay Gurbani [7] and Jonathan Lennox [8], in their research works, explore converged services. Converged services, here, refer to applications that require SIP and another Internet protocol, most notably HTTP, to work. Gurbani’s work [7] is on crossover services originating on the Internet and the PSTN. It also includes smart spaces in the telecommunication domain. Jonathan Lennox, in his research titled “Services for Internet Telephony,” develops new ways of generating telephony services over the Internet. The new ways require a programming language called Call Processing Language (CPL) or a gateway interface called SIP-CGI [8]. Crossover services originating on the Internet include Call forwarding, Abbreviated Dialling and Call Name Delivery. Some examples of crossover services originating on the PSTN are Notification of Missed Calls via Instant Messaging (IM), Presence for a Principal Using a wireline PSTN Endpoint and Presence for a Principal Using a Cellular PSTN Endpoint. It is worth mentioning that crossover services originating on the Internet in Gurbani’s work are similar to services for Internet Telephony in Lennox’s work. However, services for Internet Telephony in Lennox’s work are further classified into User-Location Services, such as Call forward on busy/no answer and Intelligent user location with media knowledge; Non-User-Location Services, such as Call waiting and Customized ringing. Gurbani and Lennox’s works explored telephony services in the merging Internet and PSTN/Cellular worlds. These telephony services intrinsically use SIP.
Our previous research explored the use of SIP to migrate web sessions or share user data and provide multimedia services between two or more Web browsers without the need for a third-party tool. It has emerged as a result of convergence in the Internet and Telecommunication, in a bid to improve the Web browsing experience. It offered users the opportunity to migrate their web sessions, refer another person to the same URL currently being viewed and set-up multimedia sessions within a Web browser. This work makes it possible for users to transfer or share their data between PCs. Industry solutions similar to this work are the Mozilla Weave and the Google Browser Sync. Mozilla Weave offers users the opportunity to share their data among friends, family and third parties, while Google Browser Sync offers mobility in the Web-browsing context. Mozilla Weave also offers mobility, like Google Browser Sync, between two or more PCs. In another sense, the Mozilla Weave and the Apache Couch-db [9] Project are also similar projects. Apache CouchDb is a distributed documentoriented database system with bi-directional replication. It makes it simple to build collaborative applications. On the other hand, Mozilla Weave is a Mozilla Labs project to integrate web services into Mozilla Firefox Web browser. It allows users to securely share their data with other users and third parties. The similarity between the two projects is that they foster interaction or sharing of data between users. In addition, both projects use HTTP, though the Mozilla Weave is based on Web-based Distributed Authoring and Versioning (WEBDAV) [10]. WEBDAV is an extension of HTTP with support for new methods, such as LOCK, UNLOCK, MOVE and COPY methods. While the Mozilla Weave and the Apache CouchDB allows users to share their data, Gurbani and Lennox’s works explore how users can control or customize their telephony services. The Mozilla Weave and the Apache CouchDB intrinsically use HTTP while Gurbani and Lennox’s works intrinsically use SIP. All of these works are some of the services available on the Internet both in the telecommunication and the WWW environments. Our work requires SIP and HTTP to provide converged services. More specifically, Web browsers now have unique SIP addresses that can make them interact with one another. The services are derived from the telecommunication context, more specifically, features in phones and core of telecommunication networks. III. PREVIOUS WORK First, an extended Web browser architecture that integrates a SIP stack has been proposed and implemented [6]. Second, a new service, referred to as content sharing and session handoff between Web browsers, has been provided to improve the Web-
browsing experience [6]. When surfing the Web, the two prominent ways of sharing information or asking a friend to view the same webpage a referrer is viewing are using a third party software (Instant Messengers, such as GTALK and Yahoo Messenger) and sending the URL in an email. For the regular Internet users, there are times they wish they could transfer existing web sessions between two PCs; two use case scenarios were mentioned in [6, 14]. The act of referring another person to the same URL was called Content Sharing, while transferring existing web sessions between PCs was called Session Handoff. We have provided a fast and efficient way to accomplish both tasks within users’ web browsers. Web browsers are extended to have identities so that they could interact with one another. In addition, our solution offers voice-grade audio service between two users without the need for third party software or Instant Messaging (IM) service. The integration of a SIP stack into a Web browser offers the advantage of extending a Web browser to act as a SIP client. In this case, Web browsers can be used to set up multimedia session between two or more users. Most notably, Web browsers now have unique SIP addresses to interact with one another like PCs, which have unique Media Access Control (MAC) or IP addresses [6]. IV. THE RESEARCH PROBLEM We discovered that the ability to send URLs and setup multimedia sessions between two or more Web browsers would result in abuse of the system. That is, unsolicited or unwanted requests could be sent among the users. This anomaly would result into SPAM. SPAM [11, 12], which is used to describe unsolicited emails on the Internet, now exists in the IP Telephony world. In the IP Telephony world, it is known as Spam over IP Telephony (SPIT), and in IPTV, it is called Spam over IPTV (SPIV). To alleviate the problem in our work, a user should be able to manage requests; for example, a user should be able to set policies to block unwanted requests or redirect a request to another PC. Aside addressing SPAM in our work, a user could have more than one request at a time and would want to choose what request should be first fulfilled. A number of these cases already exist in the telecommunication world, and there are solutions. The former, SPAM, has been addressed in many ways [11, 12], and the latter, synonymous to Call Parking and Call Pickup, is a feature commonly used in Telecommunication systems of large enterprises or organizations. The ability to make Web browsers interact with one another like mobile phones makes it feasible for Web browsers to have similar services existing in the telecommunication world in the web domain. This paper presents our effort to prevent abuse of the system. In addition, it discusses our
approach to control interaction between Web browsers based on users’ policies. V. METHODOLODY Figure 2 shows the implementation framework. It is a hybrid-based architectural scheme. The interaction is between Web browsers running on PCs or smart devices and transverses a proxy, which co-ordinates the interaction. Although the services – call forwarding, call blocking and the likes - are peculiar to telecommunications, they are feasible in the Webbrowsing context owing to interactions between Web browsers. An example is the session handoff and content sharing service in the Web-browsing context, which was derived from Session Handoff and Third Party Call Control in SIP, respectively [14]. Figure 3 shows Web Session Mobility Parking and Pickup, which is a derivative of Call Parking and Call Pickup in the telecommunication context. Similarly, Figure 4 shows Web Session Mobility Screening and Blocking, which is a derivative of Call Screening and Call Blocking in the telecommunication context. These interactions between Web browsers will offer an improved Web-browsing experience for a user or between two or more users, based on the chosen service. However, these interactions or emergent behaviours between the Web browsers could also be achieved via other protocols, which offer interactions,
Figure 2. The Implementation Framework
such as Extensible Messaging and Presence Protocol (XMPP) [15]. SIP is however preferred to XMPP because it can be used to establish, modify and terminate multimedia sessions. This is an additional capability of SIP, aside its support for messaging and presence, which is also supported by XMPP. The framework shown in Figure 2 requires a SIP proxy server. The proxy, which is a converged SIP Application Server (SIP AS), is needed to run the control services, which prevent abuse of the system. Its
roles include blocking or forwarding requests between Web browsers (Call Blocking and Forwarding in Telephony) and keeping a session alive when a request is made at a time the destination UAC is not reachable (Call Parking and Pickup in Telephony). In Figure 3, the proxy server has an auto-store feature or a session management mechanism in order to provide Web Session Mobility Parking and Pickup, while in Figure 4, the SIP proxy server has a control mechanism to forward or block session transfers. A. Web Session Mobility Parking and Pickup Web session Mobility Parking and Pickup requires a session management mechanism that keeps a session handoff request for a long time without expiring when the destination SIP address cannot be reached. The proxy server, which has the session management mechanism, provides a session tracking feature, since there might be more than one pending session handoff request. This session tracking feature is a Graphical User Interface (GUI) front-end that provides HTTP access to the proxy server. The GUI is a web-based service administration interface that lists all pending session handoff requests as Web links. A user is required to click on one of the Web links to pickup a session. On clicking a Web link, session data stored on the proxy server are transferred via a SIP MESSAGE. In Figure 3, UAC 1 wants to transfer a session to UAC 2, but UAC 2 is off. For example, Bob owns UAC 1, and Alice owns UAC 2 and UAC 3. The session data will be stored in the proxy server because its destination, UAC 2, can not be reached. Alice, now using UAC 3, connects to the proxy server via its web interface and clicks on one of the URLs. The proxy server will then send the session data via a SIP MESSAGE to UAC 3, which then loads the web resource. B. Web Session Mobility Screening and Blocking Figure 4 shows three possible scenarios of web session mobility screening and blocking. Here also, Bob owns UAC 1 and Alice owns UAC 2 and UAC 3. In the first scenario, UAC 1, which is registered to domain “cput.ac.za,” wants to transfer a session to UAC 3. The proxy server contains a policy set by Alice that all requests from domain “cput.ac.za” should be sent to its intended destination (UAC 2 or UAC 3). In the second scenario, Alice set a policy that all requests from domain “uct.ac.za” should only go to UAC 2. Owing to this policy, a request from UAC 1 at domain “uct.ac.za” to UAC 3 would only be forwarded to UAC 2. In the third scenario, Alice set a policy that she would not want a session transfer from domain “uwc.ac.za.” Hence, a session transfer from UAC 1 at domain “uwc.ac.za” to UAC 3 could not be authorized or sent to its intended destination. By setting policies, a user could block unwanted session transfers or forward a session transfer to another PC.
Figure 3. Web Session Mobility Parking and Pickup
Figure 4. Web Session Mobility Screening and Blocking
VI. THE IMPLEMENTATION The policy setting could be achieved using Extensible Markup Language Configuration Access Protocol (XCAP), which stores the rules in an XML database server called XML Database Management Server (XDMS). The implementation would be a nonIMS based implementation, though it appears to use the same protocol or infrastructure existing in the IMS environment. The XDMS server will interact with the converged SIP AS, which is responsible for the SIP registration/deregistration and blocking/forwarding of session transfer requests, among other things.
While our previous work, the TRANSFERHTTP web browser extension [13, 14, 16] for the Mozilla Firefox Web browser, was tested in a Peer-to-Peer (P2P) environment, this current work would be deployed and tested in a client-server environment. The TRANSFERHTTP web browser extension project represents the client-side of the work, and it has been completed. The server side refers to the development of the converged SIP AS application. The converged SIP AS of choice is the Mobicents Open Source SLEE and SIP Server [17]. The Mobicents Communications Platform is an Open Platform that aims to drive Convergence. It brings to the industry the infrastructure required for a wide variety of intelligent web and multimedia applications. Converged applications can be built on the platform using JAIN Service Logic and Execution Environment (JSLEE) and SIP Servlets. We have implemented Web session mobility blocking and forwarding as a combined service [18]. The application, via the Mobicents Application Router, is executed when SIP - REGISTER, INVITE and MESSAGE – requests are sent from the Web browser extension. Figure 5 shows a Web session mobility blocking instance. A response “Forbidden (403)” is sent to the Web browser, as indicated in the status bar of the Web browser. Here, the Web browser address is “sip:
[email protected], and it has been hard-coded in the application that all request from the address should be blocked. The current implementation is based on the Mobicents SIP Servlets Programming Model, and the Web browsers’ identities that need to be blocked or forwarded are hard-coded into the application. When a Web session transfer request is made, it is sent to the application server. The application blocks or forwards the request based on its SIP address. Figure 6 shows the signalling at the SIP AS when a session transfer request is blocked.
We identified the integration of XCAP for setting of users’ policies as a tedious task. The integration of protocols, such as XCAP and XMPP, require the use of resource adaptors, which are only available in the Mobicents JSLEE implementation [19]. This task would require us changing the current implementation from the SIP Servlets Programming Model to the JAIN SLEE Programming Model. Although we could integrate XCAP into the application, its integration would add complexity to the architecture of this project and more application development time. Hence, we hard-coded the SIP addresses, whose web sessions need to be blocked or forwarded, into the application as a proof of concept. An alternative approach to implement users’ policies is to make users add their contacts and set the blocking or forwarding of requests in the proxy, which runs the converged application. The proxy will provide a Web interface for users through which all data are stored in the application database.
Figure 6. The Signalling at the SIP Application Server
VII.
CONCLUSIONS
A hybrid-based architectural scheme for Web session migration service has been discussed here. In addition, emerging converged services in the Webbrowsing context, such as Web Session Mobility Parking and Pickup and Web Session Mobility Screening and Blocking, have been identified and discussed. Industry efforts that provide users with the ability to collaborate, fully control and customize their online experience are also mentioned. Although most of the industry solutions are intrinsically HTTP-based, this research points at emerging converged services that require SIP and HTTP to make users also Figure 5. Web Session Mobility Blocking at the Statusbar
collaborate, fully control and customize their online experience. With the convergence between the Internet and Telecommunication, the Web and its applications are rapidly changing. Web browsers can now have two endpoints, namely HTTP and SIP endpoints. The SIP endpoints could be used to migrate or share web sessions. In addition, the SIP endpoints in Web browsers could be used to set-up multimedia services, without the need for third party software. These efforts are geared towards improving the web browsing experience. Although the goal of migrating or sharing web sessions has been achieved, there is a need to control the interaction between Web browsers. More features or services are currently being added to the application, and we do envisage that applications, in the near future, could reside at endpoints. One of the reasons is that communication privacy and data security do not rely on trust relationships with the network. In addition, applications in endpoints can interact with its user more easily. Although this project has the prospect of being extended to the IMS environment, it is currently not considered. Future work include implementing Web session mobility parking and pickup, setting up a testbed for intra-domain interaction, creating an example of a user-centric service that runs at an endpoint and reporting the experience and performance of the system. REFERENCES [1] Luin Dang, Cullen Jennings and David Kelly (2002), Practical VOIP using VOCAL, O’Reilly & Associates, USA, First Edition, pp. 265-272 [2] H. Schulzrinne and E. Wedlund, "Application-Layer mobility using SIP," ACM SIGMOBILE Mobile Computing and Communications Review, Volume 4 Issue 3, July 2000. [3] R. Shacham, H. Schulzrinne, S. Thakolsri and W. Kellerer, "Session Initiation Protocol (SIP) Session Mobility," InternetDraft: draft-shacham-sipping-session-mobility-05, ftp://ftp.rfc-editor.org/in-notes/internet-drafts/draft-shachamsipping-session-mobility05.txt, November 18, 2007. [4] A prototype of Mozilla Weave, http://labs.mozilla.com/2007/12/introducing-weave/, June 10, 2008. [5] Google Browser Sync, http://www.google.com/tools/firefox/browsersync/, June 10, 2008. [6] Michael Adeyeye (2008), A SIP Integrated Web Browser for HTTP Session Mobility and Multimedia Services, Unpublished Master’s thesis, University of Cape Town, South Africa. [7] Vijay Gurbani (2004), Service Oriented Computing: Enabling Cross-network services between the Internet and the Telecommunications network. Unpublished Ph.D thesis, Illinois Institute of Technology, Illinois, USA. [8] Jonathan Lennox (2004), Services for Internet Telephony, Unpublished Ph.D thesis, Columbia University, New York, USA. [9] The Apache Couch-db Project, http://couchdb.apache.org, Feb. 28, 2009. [10] Goland Y., Whitehead E., Faizi A., Carter S. and Jensen D., “HTTP Extensions for Distributed Authoring -- WEBDAV,” http://www.ietf.org/rfc/rfc2518.txt, Feb. 28, 2009. [11] Hayati Pedram and Potdar Vidyasagar, “Evaluation of Spam Detection and Prevention Framweorks for Email and Image
Spam – A State of Art,” in: Proceedings of the 10th International Conference on Information Integration and Web-based Applications and Services (iiWAS) 2008, November 24-26, 2008, pp. 520-527 [12] Postinini White Paper. The Shifting Tactics of Spammers: What you need to know about new email threats. http://www.spamwash.com/whitepapers/WP-10-010406_Postini_Connections.pdf, Feb 28, 2008 [13] The TransferHTTP Web browser Extension, http://transferhttp.mozdev.org, September 5, 2008. [14] Michael Adeyeye, Neco Ventura and David Humphrey (2009), “Mapping Third Party Call Control and Session Handoff in SIP Mobility to Content Sharing and Session Handoff in the Web-browsing Context,” in: Proceedings of IEEE Wireless Communications and Networking Conference (WCNC) 2009, Budapest, April 5-8, 2009. [15] P. Saint-Andre, Ed., “Extensible Messaging and Presence Protocol (XMPP): Core,” IETF RFC 3920, October 2004. [16] Michael Adeyeye, Neco Ventura and David Humphrey (2009), “A SIP-based Web Session Migration Service,” in: Proceedings of the 5th Web International Conference on Web Information Systems and Technologies, Lisbon, Portugal, March 23-26, 2009. [17] The Mobicents Open Source SLEE and SIP Server, http://www.mobicents.org/index.html, January 20, 2009. [18] The TransferHTTP Controller, http://transferhttp.berlios.de, July 8, 2009. [19] Jean Deruelle, “JSLEE and SIP-Servlets Interoperability with Mobicents Communication Platform,” in: Proceedings of the 2nd International Conference on Next Generation Mobile Applications, Services and Technologies, Cardiff, Wales, United Kingdom, September 16-19, 2008.
