Policy enforcement and filtering for geospatial information

Slides:



Advertisements
Similar presentations
SIP, Presence and Instant Messaging
Advertisements

SIP and Instant Messaging. SIP Summit SIP and Instant Messaging What Does Presence Have to Do With SIP? How to Deliver.
Fall IM 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.
SIMPLE Open Issues Jonathan Rosenberg dynamicsoft IETF 52.
IM May 24, 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.
VON Europe /19/00 SIP and the Future of VON Protocols SIP and the Future of VON Protocols: Presence and IM Jonathan Rosenberg.
Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.
XCAP Tutorial Jonathan Rosenberg.
Yunling Wang VoIP Security COMS 4995 Nov 24, 2008 XCAP The Extensible Markup Language (XML) Configuration Access Protocol (XCAP)
Feature Interaction Handling in LESS Xiaotao Wu and Henning Schulzrinne Internet Real Time Laboratory.
SIMPLE Presence Traffic Optimization and Server Scalability Vishal Kumar Singh Henning Schulzrinne Markus Isomaki Piotr Boni IETF 67, San Diego.
A Generic Event Notification System Using XML and SIP Knarig Arabshian and Henning Schulzrinne Department of Computer Science Columbia University
Making Multimedia Services Location-Aware Henning Schulzrinne (with Knarig Arabshian, Stefan Berger, Stelios Sidiroglou, Kundan Singh, Xiaotao Wu, Weibin.
Internet Telephony Helen J. Wang Network Reading Group, Jan 27, 99 Acknowledgement: Jimmy, Bhaskar.
Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.
SIMPLEStone – A presence server performance benchmarking standard SIMPLEStone – A presence server performance benchmarking standard Presented by Vishal.
ORBIT NSF site visit - July 14, Location-based Services & data propagation in ORBIT Henning Schulzrinne Dept. of Computer Science.
XCON architecture and protocol musings Henning Schulzrinne Columbia University.
Presence Vishal Kumar Singh and Henning Schulzrinne Feb 10, 2006.
CFP 2005 (Seattle) -- April 2005 Location-based services – an IETF perspective Henning Schulzrinne (+ Xiaotao Wu, Ron Shacham) Dept. of Computer Science.
A Brief Taxonomy of Firewalls
IETF 68 – SIMPLE WG SIMPLE Problem Statement draft-ietf-simple-interdomain-scaling-analysis-00 Avshalom Houri – IBM Tim Rang - Microsoft Edwin Aoki – AOL.
March 7, 2005MOBIKE WG, IETF 621 Mobility Protocol Options for IKEv2 (MOPO-IKE) Pasi Eronen.
RPIDS - Rich Presence Information Data Format for Presence Based on the Session Initiation Protocol (SIP) Henning Schulzrinne (ed.) Vijay Gurbani Krisztian.
1 © NOKIA 1999 FILENAMs.PPT/ DATE / NN SIP Service Architecture Markus Isomäki Nokia Research Center.
SIPPING - IETF 62 - Minneapolis (March 2005) LESS effort, more services Xiaotao Wu Henning Schulzrinne Dept. of Computer Science Columbia University.
November 2006IETF67 - GEOPRIV1 A Location Reference Event Package for the Session Initiation Protocol (SIP) draft-schulzrinne-geopriv-locationref-00 Henning.
Project Objectives A multi-function programmable SIP user agent for multimedia communications, such as audio, video, white board, desktop sharing, shared.
PAPI: Simple and Ubiquitous Access to Internet Information Services JISC/CNI Conference - Edinburgh, 27 June 2002.
Core VoIP and 911 issues and alternatives Henning Schulzrinne Columbia University August 2003.
ORBIT: Location- based services Henning Schulzrinne Columbia University.
IETF 67 – SIMPLE WG SIMPLE Problem Statement Draft-rang-simple-problem-statement-01 Tim Rang - Microsoft Avshalom Houri – IBM Edwin Aoki – AOL.
March 2004GEOPRIV - IETF 59 (Seoul)1 GEOPRIV Policy draft-ietf-geopriv-policy draft-ietf-geopriv-common-policy Henning Schulzrinne Columbia University.
Policy Rules for Disclosure and Modification of Geographic Information ( draft-ietf-geopriv-policy-00.txt ) Authors: H. Schulzrinne J. Morris H. Tschofenig.
SIP Events: Changes and Open Issues IETF 50 / SIP Working Group Adam Roach
Module 5: Managing Content. Overview Publishing Content Executing Reports Creating Cached Instances Creating Snapshots and Report History Creating Subscriptions.
ORBIT: Multimedia Messaging & location- based services Henning Schulzrinne Columbia University.
SIPc, a Multi-function SIP User Agent Xiaotao Wu and Henning Schulzrinne.
1 Implementation of IMS-based S-CSCF with Presence Service Jenq-Muh Hsu and Yi-Han Lin National Chung Cheng University Department of Computer Science &
Company LOGO OMA Presence SIMPLE. What is OMA? The Open Mobile Alliance (OMA) is a standards body which develops open standards for the mobile phone industry.
IETF61 (November 2004) SIMPLE1 Data model and RPID Henning Schulzrinne Columbia University.
Pervasive Computing MIT SMA 5508 Spring 2006 Larry Rudolph 1 Publish & Subscribe Larry Rudolph May 3, 2006 SMA 5508 & MIT
SIP wg Items Jonathan Rosenberg dynamicsoft Caller Preferences: Changes Discussion of Redirects –Previous draft only proxy –Nothing different for redirect.
Jonathan Rosenberg dynamicsoft
Volker Hilt SIP Session Policies Volker Hilt
Session-Independent Policies draft-ietf-sipping-session-indep-policy-02 Volker Hilt Jonathan Rosenberg Gonzalo.
Making your good ideas count!
draft-ietf-simple-message-sessions-00 Ben Campbell
RELO: Retrieving End System Location Information draft-schulzrinne-geopriv-relo-03 Henning Schulzrinne March 2007 IETF68 - GEOPRIV.
Introduction to Networking
Distributed Mobility Management (DMM) WG DMM Work Item: Forwarding Path & Signaling Management (FPSM) draft-ietf-dmm-fpc-cpdp-01.txt IETF93, Prague.
Making your good ideas count!
Ticketing Systems with RT
Event notification and filtering
Architecture Competency Group
دیواره ی آتش.
RELO: Retrieving End System Location Information draft-schulzrinne-geopriv-relo-03 Henning Schulzrinne March 2007 IETF68 - GEOPRIV.
Charles Shen, Henning Schulzrinne, Arata Koike
Jonathan Rosenberg dynamicsoft
Mobile Content Sharing Utilizing the Home Infrastructure
SIMPLE Presence Traffic Optimization and Server Scalability
SIP Session Policies Volker Hilt
COMPONENTS – WHY? Object-oriented source-level re-use of code requires same source code language. Object-oriented source-level re-use may require understanding.
RPIDS and tuple issues Henning Schulzrinne with help from Paul Kyzivat
Henning Schulzrinne Columbia University
IETF SIP Interim Meeting, Feb. 2001
RPIDS - Rich Presence Information Data Format for Presence Based on the Session Initiation Protocol (SIP) Henning Schulzrinne (ed.) Vijay Gurbani Krisztian.
Henning Schulzrinne Columbia University
LUMP: Location-to-URL mapping draft-schulzrinne-ecrit-lump
Veterans Health Administration
Presentation transcript:

Policy enforcement and filtering for geospatial information Henning Schulzrinne Columbia University 4-Aug-19 IETF GEOPRIV interim meeting

Architectures for (geo) information access Claim: all using protocols fall into one of these categories Presence or event notification “circuit-switched” model subscription: binary decision Messaging email, SMS basically, event notification without (explicit) subscription but often out-of-band subscription (mailing list) Request-response RPC, HTTP; also DNS, LDAP typically, already has session-level access control (if any at all) Presence is superset of other two 4-Aug-19 IETF GEOPRIV interim meeting

Presence/Event notification Three places for policy enforcement subscription  binary only policy, no geo information subscriber may provide filter  could reject based on filter (“sorry, you only get county-level information”)  greatly improves scaling since no event-level checks needed notification  content filtering, suppression third-party notification e.g., event aggregator can convert models: gateway subscribes to event source, distributes by email both policy and geo data 4-Aug-19 IETF GEOPRIV interim meeting

IETF GEOPRIV interim meeting Presence model SUBSCRIBE subscription policy subscriber (watcher) for each watcher event generator policy subscriber filter rate limiter change to previous notification? NOTIFY 4-Aug-19 IETF GEOPRIV interim meeting

IETF GEOPRIV interim meeting Policy rules There is no sharp geopriv boundary Presence contains other sensitive data (activity, icons, …) and others may be added Example: future extensions to personal medical data “only my cardiologist may see heart rate, but notify everybody in building if heart rate = 0” Thus, generic policies are necessary 4-Aug-19 IETF GEOPRIV interim meeting

IETF GEOPRIV interim meeting Processing models Sequential model: for each subscriber, apply rules to new data doesn’t scale well to large groups Relational database model: re-use indexing and other query optimizations well-defined query and matching semantics e.g., mySQL and PostGres have geo extensions At time of subscription: SELECT address FROM policies WHERE person=$subscriber (AND now() between(starttime,endtime) OR starttime is null) AND (a3=$a3 or a3 is null) … 4-Aug-19 IETF GEOPRIV interim meeting

IETF GEOPRIV interim meeting Request-response Same as presence: request ≈ event trigger sometimes also session-based  ≈ subscription 4-Aug-19 IETF GEOPRIV interim meeting

Concern: fit into protocols Authentication is done in using protocol Must fit into those protocols E.g., can’t magically say “present token” without specifying how token can be presented in these protocols effectively modifies using protocols  e.g., requires SIP or HTTP modification 4-Aug-19 IETF GEOPRIV interim meeting

Concern: explicit consent “Require consent” are not implementable without lots of additional detail Require consent means different things in different contexts: subscription: mark subscription as pending, notify presentity, presentity installs filter that resolves into accept or reject  SIMPLE model careful not to reveal that presentity is present… notification: why not just proxy NOTIFY to rulemaker? minor efficiency advantage by sending list only would need to define format for identifying precise requests same person could have multiple requests with different details 4-Aug-19 IETF GEOPRIV interim meeting

Concern: explicit notification To be useful, requires definition of notification format Could simply ‘cc’ rulemaker on each notification If that, why not just subscribe to my own presence status? Is it important to know the complete list of people that got the current notification and what exactly they received? Opportunity for spamming innocent third parties that never wanted to be notified Notification can be very large if it includes copies of actual notifications  sorcerer’s apprentice problem 4-Aug-19 IETF GEOPRIV interim meeting

Concern: provide meaningful feedback to subscriber Polite model: allow subscription, but never send any notifications avoids offense  Frank model: evaluate subscriber (or request) filter if too nosy, tell subscriber what to ask for avoids surprises and simplifies debugging reveals my privacy preferences  do I care if Acme Towing knows that I don’t fully trust them? 4-Aug-19 IETF GEOPRIV interim meeting

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.