Implementation and Evaluation of a SIP-based HTTP Session Mobility Service

1. Implementation and Evaluation of a SIP-based HTTP Session Mobility Service Michael Adeyeye Neco Ventura

2. Presentation Outline • Introduction • Statement of Problem • Aim and Objectives • The Hybrid-based Architectural Scheme • Screenshots of the Implementation • Evaluation of the Project • HTTP Session Mobility Performance • Possible Deployment and Commercialization • Conclusions and Future Work • Publications

3. Introduction • Initially, web browsers were single-principal platform software for viewing a single website at a time. • Built-in features added to improve the web browsing experience include tabbed browsing, pop-up blocking, spell-check, page zooming and bookmarking. • Features added by third parties include FTP and IRC Protocol extensions, to mention a few. • An example of converging services is the ability to access multiple social networking services or multiple instant messaging accounts via a single website. – MEEBO and ILOVEIM.

4. Statement of Problem • Users’ PCs, today, have installed on them enormous software that has similar functionalities. • Common problems encountered by the Internet Users when browsing the web:

5. Statement of Problem – cont’d

6. Aim and Objectives Aim • To develop an Adaptive User Agent Client that provides HTTP Session Mobility and Multimedia Services. Objectives • To integrate a SIP stack into a web browser. • To achieve session hand-off and content sharing between the web users. • To provide multimedia services within a web browser.

7. The Hybrid-based Architectural Scheme

8. Screenshots of the Implementation • Session Hand-off between web browsers Process 1 of 5: Here, the Preferences of UAC is set. Configuration data include port number, SIP address, SIP Proxy address and many more.

9. Screenshots of the Implementation – cont’d Process 2 of 5: The diagram below shows both UACs 1 and 2 registering to a SIP Proxy Server.

10. Screenshots of the Implementation – cont’d Process 3 of 5: Session data are encrypted and transferred from UAC 1 to UAC 2 at sip:micadeyeye-desktop@137.158.125.246. In addition, UAC 1 loses stateful connection to the web server and its tab is closed.

11. Screenshots of the Implementation – cont’d Process 4 of 5: A notification appears in the status bar of UAC 2. The user chooses “Accept Session,” a confirmation with the details of the web session pops up.

12. Screenshots of the Implementation – cont’d Process 5 of 5: On clicking the OK button at UAC 2, a new HTTP channel is opened, HTTP header is set and the resource is pulled from the web. In this case, the email account is automatically opened without logging in. The reason is that all session data are moved from UAC 1 to UAC 2.

13. Screenshots of the Implementation – cont’d • Content Sharing between two web browsers Process 1 of 2: It is assumed that the UACs have successfully registered to a SIP Proxy Server. In the diagram below, content sharing process is chosen in UAC 1 and the session data, URL only, is sent to UAC 2 at sip:micadeyeye-desktop@137.158.125.246.

14. Screenshots of the Implementation – cont’d Process 2 of 2: A notification appears in the status bar of UAC 2; on choosing “Accept Session,” a confirmation with the details of the web session pops up. When the OK button is clicked, a new HTTP channel is opened, HTTP header is set and the resource is pulled from the web. Here, only the URL is transferred between UACs.

15. Screenshots of the Implementation – cont’d • Multimedia Services The diagram below shows how the extension can be used to make a voice call to another UAC at sip: micadeyeye@137.158.125.246:5063.

16. Evaluation of the Project

17. HTTP Session Mobility Performance • Session hand-off was successfully tested on large number of websites, SSL–based websites inclusive. • Session hand-off on some websites, however, was partially successful or not successful. • Examples were Meebo (AJAX-based) and 3dgeomaps (Mash-up) websites. • This failure can be attributed to their ability to update contents of a web page without changing its URL during an HTTP POST or GET request. • Other websites that achieved partially successful session hand-off were those made up of FRAME or IFRAME HTML tags. • Example was NGPORTAL that had a frame linked to ACTUALTESTS.

18. Possible Deployment and Commercialization The SIP Message Body in an XML Format

19. Possible Deployment and Commercialization • To provide data integrity and confidentiality, it is advisable that the SIP server should implement TLS in order to provide HTTP Digest Authentication and encryption of data during UACs interaction. • An alternative is the use of UACs that support Secure Multi-purpose Internet Mail Extension (S/MIME). • S/MIME offers end-to-end data encryption while TLS-supported proxy servers offer a hop-by-hop data encryption. When deploying this service over a large network, S/MIME is preferable to TLS.

20. Possible Deployment and Commercialization Session Data Size (Cookies and Hidden Input Elements) on prevalent Websites

21. Possible Deployment and Commercialization • The session data size depends on the number of characters in the URL, cookies and HTML Form elements in a webpage. • Hence, a charging function could be integrated into the SIP server and a web interface could be provided for users to monitor their usage. • Regarding possible service commercialization, should there be a need to deploy this service in a client-server environment, a flat rate could be charged periodically regardless of the varying session data sizes. • On the other hand, it could be rendered as a Value Added Service (VAS) to customers.

22. Conclusions and Future Work • In summary, a new service namely, content sharing and session hand-off has been provided. • This implementation helps improve collaboration, mobility among the web users and encourages adaptive UACs. In this case, a web browser can also be used as a SIP client to make voice calls and be extended to perform other functionalities. • In addition, integrating the SIP stack into a web browser could modify or extend how click-to-dial applications work.

23. Conclusions and Future Work – cont’d • Other areas that could be explored include implementing a policy control mechanism to block unwanted web session transfer request. Such restrictions could be based on a domain name or a SIP address. • A session management mechanism could also be integrated so that a web session transfer request can be held for a long time without expiring when the destination SIP address cannot be reached or a web server uses a session-based cookie that expires in a short time.

24. Publications • Michael Adeyeye and Neco Ventura (2008), “Achieving Web Session Hand-off using SIP,” in: Proceedings of 12th Annual IEEE International Symposium on Consumer Electronics, Algarve, Portugal. • Adeyeye O. Michael and Neco Ventura (2007), “Extending Web Browsers Architectures to support HTTP Session Mobility,” in: Proceedings of 3rd CoNEXT Conference, New York. ACM 978-1-59593-770-41 07/ 0012 • Michael Adeyeye and Neco Ventura (2008), “Implementing Content Sharing and Session Hand-off between Web Browsers,” in: Proceedings of 4th Web Information Systems and Technologies (WEBIST) Conference, Funchal-Madeira, Portugal. ISBN: 978-989-8111-26-5 • Michael Adeyeye and Neco Ventura (2008), “Performance and Possible Deployment of HTTP Session Mobility Service using SIP,” in: Proceedings of 11th South African Telecommunication Networks and Applications Conference (SATNAC), Durban.

25. Thank You!!!