HTTP Session Mobility Service using SIP

1
HTTP Session Mobility Service using SIP
UCT CoE Seminar Date 27-07-2007
Department of Electrical Engineering
Student Adeyeye Michael
micadeyeye_at_crg.ee.uct.ac.za

• Supervisor Neco Ventura

2
Table of Contents

• Introduction
• HTTP and SIP
• SIP Mobility (Personal, Service and Terminal)
• Session Mobility
• Aim and Objectives
• Motivation
• Background
• Related Work
• The Implementation Framework
• User Agent Client Architecture
• Web Browser Extension (Mozilla Firefox)
• The Process Flow
• Conclusion
• References

3
Introduction

• HTTP and SIP
• Hypertext Transfer Protocol (HTTP) is an
  application-level protocol for distributed,
  collaborative and hypermedia information systems
  1.
• It is a generic and stateless protocol which can
  be used for many tasks beyond its use of
  hypertext, such as distributed object management
  systems, through extension of its request
  methods, error codes and headers 1.
• Session Initiation Protocol (SIP) is an
  application-layer control protocol that can
  establish, modify and terminate multimedia
  sessions or calls 2.
• SIP Media sessions include multimedia
  conferences, distance learning, Internet
  telephony and other similar applications 2.

4
Introduction

• Mobility is as an act of changing location with
  ease.
• Mobility could be Service, Personal, Terminal or
  Session Mobility.
• Session Mobility
• Allows a user to maintain a media session when
  changing terminals 3.
• All other mobility types require session mobility
  to maintain access to same information.
• Reasons for session transfer/mobility include
  4
• - Cheapest access cost
• - Better user experience
• - Physical user mobility

5
Table of Contents

• Introduction
• HTTP and SIP
• SIP Mobility (Personal, Service and Terminal)
• Session Mobility
• Aim and Objectives
• Motivation
• Background
• Related Work
• The Implementation Framework
• User Agent Client Architecture
• Web Browser Extension (Mozilla Firefox)
• The Process Flow
• Conclusion
• References

6
Aim and Objectives

• Aim To achieve HTTP session mobility using SIP.
• Objectives
• 1. To extend the capabilities of existing web
  browser(s) as a user agent client.
• 2. To implement an application server which
  provides HTTP session transfer/content sharing
  without violating HTTP/1.1 security.

7
Table of Contents

• Introduction
• HTTP and SIP
• SIP Mobility (Personal, Service and Terminal)
• Session Mobility
• Aim and Objectives
• Motivation
• Background
• Related Work
• The Implementation Framework
• User Agent Client Architecture
• Web Browser Extension (Mozilla Firefox)
• The Process Flow
• Conclusion
• References

8
Motivation

• The lack of standard authentication and
  hand-off/transfer mechanisms in the present HTTP
  Session mobility approaches.
• SIP with its Session Mobility (RFC 2543) has
  well-defined ways of achieving session mobility
  and extensible for various applications.
• Proposed integration of HTTP Proxy, RSTP Proxy
  and Application Policy Function in the IMS Core
  Network in order to harmonize SIP, HTTP and RTSP
  service delivery.
• Emergence of adaptive user agents in converged
  applications where same user agent can perform
  voice, video and data communication.

9
Motivation

• The lack of standard authentication and
  hand-off/transfer mechanisms in the present HTTP
  Session mobility approaches.
• SIP with its Session Mobility (RFC 2543) has
  well-defined ways of achieving session mobility
  and extensible for various applications.
• Proposed integration of HTTP Proxy, RSTP Proxy
  and Application Policy Function in the IMS Core
  Network in order to harmonize SIP, HTTP and RTSP
  service delivery.
• Emergence of adaptive user agents in converged
  applications where same user agent can perform
  voice, video and data communication.

• Session Mobility Types
• Third Party Call Control
• Session Hand-off

10
Motivation

• The lack of standard authentication and
  hand-off/transfer mechanisms in the present HTTP
  Session mobility approaches.
• SIP with its Session Mobility (RFC 2543) has
  well-defined ways of achieving session mobility
  and extensible for various applications.
• Proposed integration of HTTP Proxy, RSTP Proxy
  and Application Policy Function in the IMS Core
  Network in order to harmonize SIP, HTTP and RTSP
  service delivery.
• Emergence of adaptive user agents in converged
  applications where same user agent can perform
  voice, video and data communication.

11
Motivation

• The lack of standard authentication and
  hand-off/transfer mechanisms in the present HTTP
  Session mobility approaches.
• SIP with its Session Mobility (RFC 2543) has
  well-defined ways of achieving session mobility
  and extensible for various applications.
• Proposed integration of HTTP Proxy, RSTP Proxy
  and Application Policy Function in the IMS Core
  Network in order to harmonize SIP, HTTP and RTSP
  service delivery.
• Emergence of adaptive user agents in converged
  applications where same user agent can perform
  voice, video and data communication.

12
Motivation

• The lack of standard authentication and
  hand-off/transfer mechanisms in the present HTTP
  Session mobility approaches.
• SIP with its Session Mobility (RFC 2543) has
  well-defined ways of achieving session mobility
  and extensible for various applications.
• Proposed integration of HTTP Proxy, RSTP Proxy
  and Application Policy Function in the IMS Core
  Network in order to harmonize SIP, HTTP and RTSP
  service delivery.
• Emergence of adaptive user agents in converged
  applications where same user agent can perform
  voice, video and data communication.

13
Motivation

• The lack of standard authentication and
  hand-off/transfer mechanisms in the present HTTP
  Session mobility approaches.
• SIP with its Session Mobility (RFC 2543) has
  well-defined ways of achieving session mobility
  and extensible for various applications.
• Proposed integration of HTTP Proxy, RSTP Proxy
  and Application Policy Function in the IMS Core
  Network in order to harmonize SIP, HTTP and RTSP
  service delivery.
• Emergence of adaptive/unified user agents in
  converged applications where same user agent can
  perform voice, video and data communication.

14
Table of Contents

• Introduction
• HTTP and SIP
• SIP Mobility (Personal, Service and Terminal)
• Session Mobility
• Aim and Objectives
• Motivation
• Background
• Related Work
• The Implementation Framework
• User Agent Client Architecture
• Web Browser Extension (Mozilla Firefox)
• The Process Flow
• Conclusion
• References

15
Background

• Comparison of HTTP and SIP
• - Both are request-response protocols
• - Both are text-based application-layer
  protocols.
• - SIP supports most of the security measures
  attributed to HTTP like SSL/TLS, S- MIME,
  HTTP-Authentication 7
• Contrast between HTTP and SIP
• - While HTTP is originally stateless, SIP can be
  stateful or stateless.
• Note SIP is a session-layer protocol but
  referred to as Application Layer due to absence
  of session layer in TCP/IP Model 8

16
Background
Session Mobility in SIP - Classified in two
main groups (Third-Party Call Control and Session
Hand-Off) 4 Third Party Call Control
- The transferer of a call remains in the call
session after the transfer. - The Service
Description Protocol (SDP) information of the 3rd
party replaces the controllers SDP in the
transfer process. Session Hand-off - The
transferer of a call doesnt remain in the call
session after the transfer. - SIP REFER
method is used in the call-transfer
17
Background
SIP Session Mobility Types
Third Party Call Control
Session Hand-off
18
Table of Contents

• Introduction
• HTTP and SIP
• SIP Mobility (Personal, Service and Terminal)
• Session Mobility
• Aim and Objectives
• Motivation
• Background
• Related Work
• The Implementation Framework
• User Agent Client Architecture
• Web Browser Extension (Mozilla Firefox)
• The Process Flow
• Conclusion
• References

19
Related Work

• Session Mobility in HTTP
• Classified into Client, Server and Proxy
  architectural schemes
• Client-based Architectural Scheme E.g. Browser
  Session Preservation and Migration 8, 9, 10
• - Requires modifying the User Agent Client
  (Browser) Plug-in/Add-on
• - User-Client interaction is transferable

Server-based Architectural Scheme - Requires
extending the capabilities of the Server -
Handles Client-Server interaction
SHOC-Session Hand-off Component
Proxy-based Architectural Scheme e.g.
Interactive Mobile Application Session Handoff
11 - Requires putting a proxy server (acting
as a Dummy User Agent) in between the Client
and the Server - Handles Client-Server
interaction
20
Related Work

• Deductions from the three approaches
• While 8 was truly proxy-based, 9 was an
  hybrid i.e. both Client plug-in and Proxy were
  required.
• Both 8,9 stated that the HTTP/1.1 Security or
  rules 1 were broken during implementation.
• The identification/authentication mechanism for
  users was not clearly explained in both 8,9.

21
Table of Contents

• Introduction
• HTTP and SIP
• SIP Mobility (Personal, Service and Terminal)
• Session Mobility
• Aim and Objectives
• Motivation
• Background
• Related Work
• The Implementation Framework
• User Agent Client Architecture
• Web Browser Extension (Mozilla Firefox)
• The Process Flow
• Conclusion
• References

22
The Implementation Framework

• (Hybrid-based Architectural Scheme of HTTP
  session mobility)

23
Table of Contents

• Introduction
• HTTP and SIP
• SIP Mobility (Personal, Service and Terminal)
• Session Mobility
• Aim and Objectives
• Motivation
• Background
• Related Work
• The Implementation Framework
• User Agent Client Architecture
• Web Browser Extension (Mozilla Firefox)
• The Process Flow
• Conclusion
• References

24
(No Transcript)
25
Table of Contents

• Introduction
• HTTP and SIP
• SIP Mobility (Personal, Service and Terminal)
• Session Mobility
• Aim and Objectives
• Motivation
• Background
• Related Work
• The Implementation Framework
• User Agent Client Architecture
• Web Browser Extension (Mozilla Firefox)
• The Process Flow
• Conclusion
• References

26
Web Browser Extension (Mozilla Firefox)
27
Table of Contents

• Introduction
• HTTP and SIP
• SIP Mobility (Personal, Service and Terminal)
• Session Mobility
• Aim and Objectives
• Motivation
• Background
• Related Work
• The Implementation Framework
• User Agent Client Architecture
• Web Browser Extension (Mozilla Firefox)
• The Process Flow
• Conclusion
• References

28
The Process Flow

• Making HTTP Stateful
• URL rewriting
• Cookies
• Hidden elements

SIP AS SIP Application Server
29
Table of Contents

• Introduction
• HTTP and SIP
• SIP Mobility (Personal, Service and Terminal)
• Session Mobility
• Aim and Objectives
• Motivation
• Background
• Related Work
• The Implementation Framework
• User Agent Client Architecture
• Web Browser Extension (Mozilla Firefox)
• The Process Flow
• Conclusion
• References

30
Conclusion

• Service Features
• Content Sharing
• Session Hand-off
• Saved Web form (User-Client Interaction)

• Security Concerns
• Though the application server (SIP AS) acts as
  the brain box, it could as well be
• vulnerable to SIP related attacks.
• Necessary security measures will be considered
  (HTTP Digest Authentication
• for the client and Proxy Authentication with
  Message encryption for the server).

• To-Do list
• Server Architecture
• Analytical flowchart Performance Metrics
• Implementation and Results

31
References

• R. Fielding et al, Hypertext Transfer Protocol
  HTTP/1.1, RFC 2616
• M. Handley et al, SIP Session Initiation
  Protocol RFC 2543
• Henning Schulzrinne and Elin Wedlund,
  Application-Layer Mobility Using SIP
• R. Shacham and H. Schulzrinne, SIP Session
  Mobility-Internet Draft
• D. Kristol el al, HTTP State Management Mechanism
  RFC 2109
• B. Campbell et al, Session Initiation Protocol
  (SIP) Extension for Instant Messaging RFC 3428
• Sohel Q. Khan and Sprint-Nextel, Experiences with
  Blending HTTP, RTSP and IMS IEEE Comm. Mag.
• G. Canfora et al, Proxy-based Hand-off of Web
  Sessions for User Mobility IEEE Computer
  Society
• Ming-Deng Hsieh et al, Stateful session handoff
  for mobile WWW ELSEVIER
• H. Song Browser Session Preservation and
  Migration WWW2002
• R. Bagrodia et al, iMASH Interactive Mobile
  Application Session Handoff ACM Proc.

32
Questions and Answers