Annals of Telecommunications

, Volume 72, Issue 7–8, pp 459–468 | Cite as

Cross-domain identity and discovery framework for web calling services

  • Ibrahim Tariq Javed
  • Rebecca Copeland
  • Noel Crespi
  • Marc Emmelmann
  • Ancuta Corici
  • Ahmed Bouabdallah
  • Tuo Zhang
  • Saad El Jaouhari
  • Felix Beierle
  • Sebastian Göndör
  • Axel Küpper
  • Kevin Corre
  • Jean-Michel Crom
  • Frank Oberle
  • Ingo Friese
  • Ana Caldeira
  • Gil Dias
  • Nuno Santos
  • Ricardo Chaves
  • Ricardo Lopes Pereira
Article

Abstract

Cross-domain identity management remains a major challenge for potential WebRTC adopters. In order to provide a global web-based communication system, it is critical to locate the destination called party, map the identity to the user device, and provide mutual authentication for both caller and called party. In this paper, we present a novel identity management and user discovery framework that enables callers to search and locate users across service domains. The identity management is decoupled from the used calling service, allowing users to manage their profiles and credentials independently of the applications. The framework is designed to preserve privacy and exploit web technology to gain trust and contact list management.

Keywords

WebRTC Identity management Trust Real-time communication P2P Directory Social graph Registry 

Notes

Acknowledgements

This work has received funding from the European Union’s Horizon 2020 research and innovation program under grant agreement no. 645342, project reTHINK.

References

  1. 1.
    A Bergkvist, Burnett DC, Jennings C (2015) WebRTC 1.0: real-time communication between browsers, W3C Working Draft, 10 FebruaryGoogle Scholar
  2. 2.
    Barnes R, Thomson M (2014) Browser-to-browser security assurances for WebRTC. IEEE Internet Comput 18(6):11–17CrossRefGoogle Scholar
  3. 3.
    E Bertin, S Cubaud, S Tuffin, N Crespi, V Beltran (2013) WebRTC, the day after: what’s next for conversational services? International Conference on Intelligence in Next Generation Networks (ICIN 2013)Google Scholar
  4. 4.
    I Javed et al. (2016) Global identity and reachability framework for interoperable P2P communication services, 19th Conference on Innovations in Clouds, Internet and Networks (ICIN 2016)Google Scholar
  5. 5.
    S Becot, E Bertin, J Crom, V Frey, S Tuffin (2015) Communication services in the Web era: how can Telco join the OTT hangout?, International Conference on Intelligence in Next Generation Networks (ICIN 2015)Google Scholar
  6. 6.
    Lampropoulos K, Sanchez D, Almenares F, Weik P, Denazis S (2010) Introducing a cross federation identity solution for converged network environments, principles, systems and applications of IP Telecommunications (IPTComm ‘10). ACM, New York, pp 1–11Google Scholar
  7. 7.
    Beltran V (2016) Characterization of web single sign-on protocols. IEEE Commun Mag 54(7):24–30CrossRefGoogle Scholar
  8. 8.
    M Jones and D Hardt (2012) The OAuth 2.0 authorization framework: bearer token usage, IETF RFC6750Google Scholar
  9. 9.
    N Sakimura, J Bradley, M Jones, B Medeiros, C Mortimore (2014) OpenID connect Core 1.0, The OpenID FoundationGoogle Scholar
  10. 10.
    E Rescorla (2016) WebRTC security architecture, IETF internet draft, standards trackGoogle Scholar
  11. 11.
    Beltran V, Bertin E, Crespi N (2014) User identity for WebRTC services: a matter of trust. IEEE Internet Comput 18(6):18–25CrossRefGoogle Scholar
  12. 12.
    R Copeland (2009) Converging NGN wireline and mobile 3G networks with IMS. CRC Press, Talor & Francis Group, Boca RatonGoogle Scholar
  13. 13.
    L Li, W Chou, T Cai, Z Wang, Z Qiu Mirror presence: secure web identity resolution and call control for WebRTC, Proceedings of International Conference on Information Integration and Web-based Applications & Services (IIWAS 2013) ACM, New York, pp 523–532Google Scholar
  14. 14.
    S Göndör, H Hebbo (2014) SONIC: Towards seamless interaction in heterogeneous distributed OSN ecosystems, IEEE 10th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), LarnacaGoogle Scholar
  15. 15.
    Cutillo L, Molva R, Strufe T (2009) Safebook: a privacy-preserving online social network leveraging on real-life trust. IEEE Commun Mag 47(12):94–101CrossRefGoogle Scholar
  16. 16.
    A Bouabdallah Data models and interface specification of the framework, reTHINK project Deliverable. http://dx.doi.org/10.18153/RTH-645342-D2_2.
  17. 17.
    M Jones, J Bradley, N Sakimura (2015) JSON Web Token (JWT), IETF StandardGoogle Scholar
  18. 18.
    J-M Crom (2015) Management and security features specifications, reTHINK project Deliverable http://dx.doi.org/10.18153/RTH-645342-D4_1
  19. 19.
    I Javed, K Toumi, N Crespi, A Mohammadinejad Br2Br: a vector-based trust framework for WebRTC calling services. IEEE IEEE International Conference on High Performance Computing and Communications (HPCC 2016), 12–14 December, Sydney, AustraliaGoogle Scholar
  20. 20.
    J-M Crom Implementation of governance and identity management components, reTHINK Project DeliverableGoogle Scholar
  21. 21.
    I Friese, R Copeland, S Göndör, F Beierle, A Küpper, R Pereir and J-M Crom (2017) Cross-domain discovery of communication peers. Identity mapping and discovery services (IMaDS), IEEE European Conference on Networks and Communications (EuCNC)Google Scholar
  22. 22.
    S Göndör, F Beierle, S Sharhan, A Küpper (2016) Distributed and domain-independent identity management for user profiles in the SONIC Online Social Network Federation, International Conference on Computational Social Networks, SpringerGoogle Scholar
  23. 23.
    S Göndör, F Beierle, E Küçükbayraktar, H Hebbo, S Sherhan, A Küpper (2015) Towards migration of user profiles in the SONIC Online Social Network Federation, International Multi-Conference on Computing in the Global Information Technology (ICCGI)Google Scholar
  24. 24.
    Alliance, Open Mobile (2013) Lightweight machine to machine technical specification. Technical Specification OMA-TS-LightweightM2M-V1Google Scholar
  25. 25.
    Z Shelby (2012) Constrained RESTful environments (CoRE) link format, IETF standardGoogle Scholar
  26. 26.
    R Copeland, K Corre, I Friese, S El Jaouhari (2016) Requirements for trust and privacy in WebRTC peer-to-peer Authentication IETF internet draftGoogle Scholar
  27. 27.
    A Cooper et al. (2013) Privacy considerations for Internet protocols, IETF RFC 6973Google Scholar
  28. 28.
    R Yavatkar, D Pendarakis, R Guerin (1999) A framework for policy-based admission control, IETF RFC 2753Google Scholar
  29. 29.
    Damianou N, Dulay N, Lupu E, Sloman M (2001) The ponder policy specification language, policies for distributed systems and networks. Springer, Berlin, pp 18–38CrossRefGoogle Scholar
  30. 30.
    D Crockford (2006) JSON: the fat-free alternative to XML, XML 2006 Conference, BostonGoogle Scholar
  31. 31.
    F Beierle, S Göndör, A Küpper (2015) Towards a three-tiered social graph in decentralized online social networks, Workshop on Hot Topics in Planet-scale mobile computing and online Social networking (HotPOST ‘15), ACMGoogle Scholar
  32. 32.
    Alaggan M, Gambs S, Kermarrec A (2012) BLIP: non-interactive differentially-private similarity computation on bloom filters, symposium on self-stabilizing systems. Springer, BerlinGoogle Scholar

Copyright information

© Institut Mines-Télécom and Springer-Verlag France SAS 2017

Authors and Affiliations

  • Ibrahim Tariq Javed
    • 1
  • Rebecca Copeland
    • 1
  • Noel Crespi
    • 1
  • Marc Emmelmann
    • 2
  • Ancuta Corici
    • 2
  • Ahmed Bouabdallah
    • 3
  • Tuo Zhang
    • 3
  • Saad El Jaouhari
    • 3
  • Felix Beierle
    • 4
  • Sebastian Göndör
    • 4
  • Axel Küpper
    • 4
  • Kevin Corre
    • 5
  • Jean-Michel Crom
    • 5
  • Frank Oberle
    • 6
  • Ingo Friese
    • 6
  • Ana Caldeira
    • 7
  • Gil Dias
    • 7
  • Nuno Santos
    • 7
  • Ricardo Chaves
    • 7
  • Ricardo Lopes Pereira
    • 7
  1. 1.Institut Mines-TelecomTelecom Sud-ParisParisFrance
  2. 2.NGNI, Fraunhofer FOKUSBerlinGermany
  3. 3.Department SRCDIMT AtlantiqueCesson-SévignéFrance
  4. 4.Technische Universität Berlin, Telekom Innovation LaboratoriesBerlinGermany
  5. 5.Orange Labs Products & ServicesCesson-SévignéFrance
  6. 6.Telekom Innovation LaboratoriesBerlinGermany
  7. 7.INESC-ID, IST, Universidade de LisboaLisbonPortugal

Personalised recommendations