Hyong Sop Shim

DistView: support for building efficient collaborative applications using replicated objects

The ability to share synchronized views of interactions with an application is critical to supporting synchronous collaboration. This paper suggests a simple synchronous collaboration paradigm in which the sharing of the views of user/application interactions occurs at the window level within a multi-user, multi-window application. The paradigm is incorporated in a toolkit, DistView, that allows some of the application windows to be shared at a fine-level of granularity, while still allowing other application windows to be private. The toolkit is intended for supporting synchronous collaboration over wide-area networks. To keep bandwidth requirements and interactive response time low in such networks, DistView uses an object-level replication scheme, in which the applicaton and interface objects that need to be shared among users are replicated. We discuss the design of DistView and present our preliminary experience with a prototype version of the system.

Data management issues and trade-offs in CSCW systems

Substantial interest has developed in recent years in building computer systems that support cooperative work among groups without the need for physical proximity. This paper examines some of the difficult data management issues in designing systems for computer-supported cooperative work (CSCW). Specifically, we consider an example CSCW system to support large-scale team science over the Internet: the Collaboratory Builders Environment. We discuss the issues of managing shared data in such systems, reducing information overload and providing group awareness and access control. We discuss several promising approaches to these issues. We point out where a significant gap remains in addressing the requirements of such systems and where designers have to make design trade-offs that can be difficult to evaluate. Finally, we discuss several open issues for future work.

The upper atmospheric research collaboratory

A lthough observations of upper atmospheric phenomena are made at all latitudes, because of the characteristics of the earth’s magnetic field, most ground-based instruments are concentrated at high latitudes, particularly in the Arctic. Many of these facilities are in remote areas and are relatively difficult to reach. With the ending of the Cold War in the early 1990s, inexpensive military flights to many of these remote areas ended, making access more difficult and more expensive. Fortunately, these changing circumstances coincided with the emergence of the Internet. It occurred to a number of scientists in the field that network connections to these remote facilities could improve access and have a beneficial effect on the practice of science. Obviously network access to remote facilities would ameliorate the transportation difficulties, but in addition, it would provide greater access to such facilities for scientists and students at all kinds of institutions and would offer great flexibility for the scheduling of observations to coincide with scientifically important events. For instance, spontaneous coordinated scientific campaigns in response to events such as solar flares would be possible. These problems and opportunities fit very nicely the vision of a collaboratory [1]. In 1992, a group of space scientists, computer scientists, and behavioral scientists at the University of Michigan obtained funding from the National Science Foundation to launch the Upper Atmospheric Research Collaboratory (UARC). UARC is a 6-year project to design, develop, deploy, and evaluate a testbed collaboratory. The Upper Atmospheric Research Collaboratory

Providing flexible services for managing shared state in collaborative systems

To effectively collaborate in Internet environments, it is critical to efficiently manage the shared state of collaboration. However, the management of shared state is highly situational; different collaboration semantics require different measures tailored to their specific needs. Hence, providing a general set of services that meet the management requirements of varying collaboration situations is challenging. In this paper, we discuss our approach to providing such services. The services are made flexible by allowing collaborators to choose appropriate services based on the needs of their collaboration tools and specific characteristics of their shared state. We present the shared state management services provided by our Corona server that embodies our approach and report experience with its use.

Privacy and Scalability Analysis of Vehicular Combinatorial Certificate Schemes

Vehicular networks require secure communication, especially for safety applications. A public key infrastructure using a Combinatorial Certificate Scheme was implemented in the US Vehicle Infrastructure Integration (VII) Proof-of-Concept (PoC) trial to secure V2V communication and preserve vehicle privacy. This paper analyzes the privacy and scalability of the Combinatorial Certificate approach for a nationwide network of 200 million vehicles. It examines the tradeoffs between privacy, the ability to efficiently detect and remove bad actors, and the need to minimize the impact on innocent vehicles due to revocation and replacement of compromised shared certificates. Key findings include the level of vehicle anonymity that exists in situations of low vehicular density and the impact that certificate revocations have on innocent vehicles. A refinement to the Combinatorial Certificate Scheme is described that improves the innocent vehicle re-key quota lifetime by an order of magnitude.

Software architecture for the UARC Web-based collaboratory

The Upper Atmospheric Research Collaboratory was actively used over a period of six years to study space weather phenomena such as magnetic storms and solar winds. The UARC software was designed as a modular system of independent services that work over a wide area network and support a complex array of data suppliers, transformation modules that provided quality-of-service support, and client tools such as groupware applications. During the last two years of the project, the system provided access to over 30 data sources including ground- and satellite-based instruments and predictive model output from supercomputers during active data collection periods that lasted up to 2 weeks. This article describes the UARC architecture and services. The main UARC servers are a data dissemination substrate specifically designed to support push-based applications using attribute-based routing, and a group management and shared state management server. The servers are scalable, and designed to operate satisfactorily on a wide variety of networking conditions and client resources.

VDTLS - Providing secure communications in vehicle networks

A novel security mechanism, called Vehicular Datagram Transport Layer Security (VDTLS), for providing secure User Datagram Protocol (UDP)-based communications in vehicle networks is described. VDTLS extends the Internet standard protocol DTLS and integrates a recent development in asymmetric cryptography, called Identity Based Encryption (IBE), to effectively address the unique challenges in providing secure communications in vehicle networks, e.g., a large number of mobile nodes, limited over-the-air bandwidth, unreliable, intermittent network connectivity, and privacy. VDTLS is being used in the US Department of Transportations (US DOTs) Vehicle Infrastructure Integration (VII) Proof-of-Concept (POC) Trial in 2008.

Presence management in next-generation networks

The popularity of instant messaging highlights the power that the addition of presence information can bring to communications. Instant messaging systems combine multi-party communications with active presence notifications, allowing users to monitor the presence status of others. We describe several ways presence information can enhance next generation telephone communications and how integration can actually improve instant messaging as well. In addition, we will describe some of the issues associated with implementing and deploying such services, including privacy, data ambiguity and inter-system compatibility.

Modeling cryptographic properties of voice and voice-based entity authentication

Strong and/or multi-factor entity authentication protocols are of crucial importancein building successful identity management architectures. Popular mechanisms to achieve these types of entity authentication are biometrics, and, in particular, voice, for which there are especially interesting business cases in the telecommunication and financial industries, among others. Despite several studies on the suitability of voice within entity authentication protocols, there has been little or no formal analysis of any such methods. In this paper we embark into formal modeling of seemingly cryptographic properties of voice. The goal is to define a formal abstraction for voice, in terms of algorithms with certain properties, that are of both combinatorial and cryptographic type. While we certainly do not expect to achieve the perfect mathematical model for a human phenomenon, we do hope that capturing some properties of voice in a formal model would help towards the design and analysis of voice-based cryptographic protocols, as for entity authentication. In particular, in this model we design and formally analyze two voice-based entity authentication schemes, the first being a voice-based analogue of the conventional password-transmission entity authentication scheme. We also design and analyze, in the recently introduced bounded-retrieval model [4], one voice-and-password-based entity authentication scheme that is additionally secure against intrusions and brute-force attacks, including dictionary attacks.

A model-driven approach to rapid service introduction

We present a model-driven approach to rapid service introduction, in which the need for writing and integrating custom integration code in existing operations systems is replaced by interface mapping between service components and management components of operations systems. In particular, services are represented as dependency models, from which mappings to management interfaces of individual OSS components can be derived. Through strategic use of XML, XSLT, and related technologies, our approach is applicable to a wide variety of services and operations systems. A working prototype system has been developed, which includes a custom modeling tool and OSS environment. By separately developing and deploying VoIP and push-to-talk (PTT) services in the prototype, we have successfully demonstrated viability of our approach.