research-article

Mirror Presence: Secure Web Identity Resolution and Call Control for WebRTC

Authors:

Zhihong QiuAuthors Info & Claims

IIWAS '13: Proceedings of International Conference on Information Integration and Web-based Applications & Services

Pages 523 - 531

https://doi.org/10.1145/2539150.2539165

Published: 02 December 2013 Publication History

Abstract

Identity resolution is a critical component in any real-time communication system, including WebRTC that relies on Web identities. The difficulty with Web identity resolution is that there is no uniform Web identity scheme and current Web identity schemes decouple Web identities and Web locations. To address this problem for WebRTC without introducing a central authority, we present a secure personal Web identity resolution framework, mirror presence, to dynamically map a user's Web identity to Web locations while the user can move between Web locations. The system is agnostic to Web identity schemes, and it consists of 3 layers of Web protocols and services: 1) bilateral authorization based on OAuth 2.0; 2) Web identity binding based on presence subscription and notification; 3) presence driven call routing and pickup protocols. Each layer of the system can be controlled by users based on security, privacy, and personal preferences. A prototype mirror presence system has been implemented, and experimental results indicated that the approach is feasible and the performance is satisfactory.

References

[1]

M. Handley et al (ed): SDP: Session Description Protocol, April 1998, http://tools.ietf.org/html/rfc2327 (last visit: October 2, 2013)

Digital Library

[2]

H. Schulzrinne et al (ed): RTP: A Transport Protocol for Real-Time Applications, July 2003, http://tools.ietf.org/html/rfc3550 (last visit: October 2, 2013)

Digital Library

[3]

J. Rosenberg (ed): Interactive Connectivity Establishment (ICE): A Protocol for Network Address Translator (NAT) Traversal for Offer/Answer Protocols, April 2010, http://tools.ietf.org/html/rfc5245 (last visit: October 2, 2013)

[4]

J. Rosenberg et al (ed): SIP: Session Initiation Protocol, June 2002, http://www.ietf.org/rfc/rfc3261.txt (last visit: October 2, 2013)

Digital Library

[5]

OpenID Foundation: http://openid.net/wg/ (last visit: October 2, 2013)

[6]

Henry Story (ed): WebID-TLS, WebID Authentication over TSL, W3C Editor's Draft, 08 July 2013, https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/tlsrespec.html (last visit: October 2, 2013)

[7]

Mozilla Persona: https://developer.mozilla.org/en-US/docs/Mozilla/Persona?redirectlocale=en-US&redirectslug=Persona (last visit: October 2, 2013)

[8]

http://www.w3.org/2011/04/Webrtc-charter.html (last visit: October 2, 2013)

[9]

D. Hardt (ed): The OAuth 2.0 Authorization Framework, October 2012, http://tools.ietf.org/html/rfc6749 (last visit: October 2, 2013)

[10]

R. Jesup et al (ed): RTCWeb Data Channels, February 25, 2013, http://tools.ietf.org/html/draft-ietf-rtcWeb-data-channel-04 (last visit: October 2, 2013)

[11]

E. Rescorla (ed): RTCWEB Security Architecture, January 22, 2013, http://tools.ietf.org/html/draft-ietf-rtcWeb-security-arch-06 (last visit: October 2, 2013)

[12]

Adam Bergkvist et al (ed): WebRTC 1.0: Real-time Communication Between Browsers, W3C Editor's Draft, 03 June 2013, http://dev.w3.org/2011/Webrtc/editor/Webrtc.html (last visit: October 2, 2013)

[13]

IETF RTCWeb Charter: http://tools.ietf.org/wg/rtcWeb/charters (last visit: October 2, 2013)

[14]

J. Rosenberg (ed): A Presence Event Package for the Session Initiation Protocol (SIP), August 2004, http://tools.ietf.org/html/rfc3856 (last visit: October 2, 2013)

[15]

A. Houri et al (ed): Presence Interdomain Scaling Analysis for SIP/SIMPLE, August 27, 2009, http://tools.ietf.org/html/draft-ietf-simple-interdomain-scaling-analysis-08 (last visit: October 2, 2013)

[16]

P. Saint-Andre (ed): Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence, October 2004, http://xmpp.org/rfcs/rfc3921.html (last visit: October 2, 2013)

[17]

P. Saint-Andre (ed): Interdomain Presence Scaling Analysis for the Extensible Messaging and Presence Protocol (XMPP), January 16, 2008, http://tools.ietf.org/html/draft-saintandre-xmpp-presence-analysis-03 (last visit: October 2, 2013)

[18]

http://en.wikipedia.org/wiki/Find Me/Follow Me (last visit: October 2, 2013)

[19]

Frédéric Firmi, The Evolved Packet Core, http://www.3gpp.org/The-Evolved-Packet-Core (last visit: October 2, 2013)

[20]

http://en.wikipedia.org/wiki/Web bug (last visit: October 2, 2013)

[21]

http://www.w3.org/2011/tracking-protection/ (last visit: October 2, 2013)

[22]

Ian Hickson (ed): The WebSocket API, W3C Candidate Recommendation, 20 September 2012, http://www.w3.org/TR/Websockets/ (last visit: October 2, 2013)

[23]

Apache Oltu: http://oltu.apache.org/ (last visit: October 2, 2013)

Cited By

Javed ICopeland RCrespi NEmmelmann MCorici ABouabdallah AZhang TEl Jaouhari SBeierle FGöndör SKüpper ACorre KCrom JOberle FFriese ICaldeira ADias GSantos NChaves RPereira R(2017)Cross-domain identity and discovery framework for web calling servicesAnnals of Telecommunications10.1007/s12243-017-0587-272:7-8(459-468)Online publication date: 24-Jun-2017
https://doi.org/10.1007/s12243-017-0587-2
Li LChou WQiu ZCai T(2014)Who Is Calling Which Page on the Web?IEEE Internet Computing10.1109/MIC.2014.10518:6(26-33)Online publication date: Nov-2014
https://doi.org/10.1109/MIC.2014.105

Index Terms

Mirror Presence: Secure Web Identity Resolution and Call Control for WebRTC
1. Human-centered computing
  1. Collaborative and social computing
    1. Collaborative and social computing systems and tools
2. Information systems
  1. World Wide Web

Recommendations

UnlimitID: Privacy-Preserving Federated Identity Management using Algebraic MACs
WPES '16: Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society

UnlimitID is a method for enhancing the privacy of commodity OAuth and applications such as OpenID Connect, using anonymous attribute-based credentials based on algebraic Message Authentication Codes (aMACs). OAuth is one of the most widely used ...
The Next Generation Web: Technologies and Services
Big Data Analytics
Abstract
Tim Berners-Lee, invented the World Wide Web (WWW) or Web in short in 1989. The Web became so popular that for many, it is synonymous with the Internet or simply the Net. There were many flavors of the original Web like Web 2.0, Web 3.0, etc. All ...
How to make web sites talk together: web service solution
WWW '05: Special interest tracks and posters of the 14th international conference on World Wide Web

Integrating web sites to provide more efficient services is a very promising way in the Internet. For example searching house for rent based on train system or preparing a holiday with several constrains such as hotel, air ticket, etc... From resource ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

IIWAS '13: Proceedings of International Conference on Information Integration and Web-based Applications & Services

December 2013

753 pages

ISBN:9781450321136

DOI:10.1145/2539150

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

@WAS: International Organization of Information Integration and Web-based Applications and Services

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 December 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

IIWAS '13

IIWAS '13: The 15th International Conference on Information Integration and Web-based Applications & Services

December 2 - 4, 2013

Vienna, Austria

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
165
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)0

Reflects downloads up to 10 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Javed ICopeland RCrespi NEmmelmann MCorici ABouabdallah AZhang TEl Jaouhari SBeierle FGöndör SKüpper ACorre KCrom JOberle FFriese ICaldeira ADias GSantos NChaves RPereira R(2017)Cross-domain identity and discovery framework for web calling servicesAnnals of Telecommunications10.1007/s12243-017-0587-272:7-8(459-468)Online publication date: 24-Jun-2017
https://doi.org/10.1007/s12243-017-0587-2
Li LChou WQiu ZCai T(2014)Who Is Calling Which Page on the Web?IEEE Internet Computing10.1109/MIC.2014.10518:6(26-33)Online publication date: Nov-2014
https://doi.org/10.1109/MIC.2014.105

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents