30-Sep-14Advanced Programming Spring 2002 Software Models Henning Schulzrinne.
April 26, 2004 Critical Issues Forum (Baltimore) 1 An Architecture for Next- Generation Emergency...
-
date post
22-Dec-2015 -
Category
Documents
-
view
215 -
download
0
Transcript of April 26, 2004 Critical Issues Forum (Baltimore) 1 An Architecture for Next- Generation Emergency...
April 26, 2004April 26, 2004 Critical Issues Forum (Baltimore)Critical Issues Forum (Baltimore) 11
An Architecture for Next-An Architecture for Next-Generation Emergency Generation Emergency
ServicesServices
Henning SchulzrinneHenning SchulzrinneColumbia UniversityColumbia University
April 26, 2004April 26, 2004 22
OverviewOverview
How does VoIP differ from landline and wireless How does VoIP differ from landline and wireless PSTN?PSTN?
Getting from here to there: I1, I2 and I3Getting from here to there: I1, I2 and I3 IETF effortsIETF efforts
statusstatus assumptionsassumptions
Common URL for emergency servicesCommon URL for emergency services Routing emergency callsRouting emergency calls Common location formatCommon location format Configuration of local emergency call numbersConfiguration of local emergency call numbers Security issuesSecurity issues
April 26, 2004April 26, 2004 33
PSTN vs. Internet TelephonyPSTN vs. Internet Telephony
Signaling & Media Signaling & Media
Signaling Signaling
Media
PSTN:
Internettelephony:
China
Belgian customer,currently visiting US
Australia
April 26, 2004April 26, 2004 44
SIP trapezoidSIP trapezoid
SIP trapezoid
outbound proxy
[email protected]: 128.59.16.1
registrar
1st request
2nd, 3rd, … request
voice trafficRTP
destination proxy(identified by SIP URI domain)
April 26, 2004April 26, 2004 55
SIP addressingSIP addressing
Users identified by SIP or tel URIsUsers identified by SIP or tel URIs sip:[email protected]:[email protected]
tel: URIs describe E.164 number, not tel: URIs describe E.164 number, not dialed digits (RFC 2806bis)dialed digits (RFC 2806bis)
tel URIs tel URIs SIP URIs by outbound proxy SIP URIs by outbound proxy A person can have any number of SIP A person can have any number of SIP
URIsURIs The same SIP URI can reach many The same SIP URI can reach many
different phones, in different networksdifferent phones, in different networks sequential & parallel forkingsequential & parallel forking
SIP URIs can be created dynamically:SIP URIs can be created dynamically: GRUUsGRUUs conferencesconferences device identifiers device identifiers
(sip:[email protected])(sip:[email protected]) Registration binds SIP URIs (e.g., Registration binds SIP URIs (e.g.,
device addresses) to SIP “address-of-device addresses) to SIP “address-of-record” (AOR)record” (AOR)
tel:110 sip:sos@domain
domain 128.59.16.17via NAPTR + SRV
April 26, 2004April 26, 2004 66
How does VoIP differ from How does VoIP differ from landline and wireless PSTN?landline and wireless PSTN?
Telephone companies are no Telephone companies are no longer neededlonger needed there are still carriers for DSL and there are still carriers for DSL and
cable “IP dial tone”cable “IP dial tone” but unaware of type of data but unaware of type of data
carriedcarried VSP may be in another state or VSP may be in another state or
countrycountry Corporations and universities Corporations and universities
don’t have email carriers, eitherdon’t have email carriers, either
voice service provider
(RTP, SIP)
ISP(IP, DHCP, DNS)
dark fiberprovider
Yahoo
MC
IN
YSER
NE
T
April 26, 2004April 26, 2004 77
Why is VoIP ≠ wireless?Why is VoIP ≠ wireless? VoIP devices may not have phone VoIP devices may not have phone
numbers as lookup keysnumbers as lookup keys e.g., sip:[email protected]., sip:[email protected]
Location information for devices is civic, Location information for devices is civic, not longitude/latitudenot longitude/latitude e.g., service address for VSPse.g., service address for VSPs GPS not available (nor functional) on indoor GPS not available (nor functional) on indoor
devicesdevices plus, accuracy of 50 m (67%) or 150 m spans plus, accuracy of 50 m (67%) or 150 m spans
many buildings…many buildings… no floor informationno floor information
Cell phones don’t work in our building…Cell phones don’t work in our building… so A-GPS is unlikely to work there, eitherso A-GPS is unlikely to work there, either
Plus, wireless E911 complexity due to old Plus, wireless E911 complexity due to old signaling mechanismsignaling mechanism
50m
April 26, 2004April 26, 2004 88
IETF effortsIETF efforts
IETF = Internet Engineering Task ForceIETF = Internet Engineering Task Force ““The Internet Engineering Task Force The Internet Engineering Task Force (IETF)(IETF) is is
a large open international community of a large open international community of network designers, operators, vendors, and network designers, operators, vendors, and researchers concerned with the evolution of researchers concerned with the evolution of the Internet architecture and the smooth the Internet architecture and the smooth operation of the Internet. It is open to any operation of the Internet. It is open to any interested individual.”interested individual.”
Efforts on 911 services go back to 2001, …Efforts on 911 services go back to 2001, … but only recent high-impact effortsbut only recent high-impact efforts individuals working both in NENA and IETF individuals working both in NENA and IETF
WGsWGs
April 26, 2004April 26, 2004 99
Current IETF draftsCurrent IETF drafts
draft-taylor-sipping-emerg-scen-01draft-taylor-sipping-emerg-scen-01 scenarios, e.g., hybrid VoIP-PSTNscenarios, e.g., hybrid VoIP-PSTN
draft-schulzrinne-sipping-emergency-arch-00draft-schulzrinne-sipping-emergency-arch-00 overall architecture for emergency callingoverall architecture for emergency calling
draft-ietf-sipping-sos-00draft-ietf-sipping-sos-00 describes ‘sos’ SIP URIdescribes ‘sos’ SIP URI
draft-rosen-dns-sos-00draft-rosen-dns-sos-00 new DNS resource records for location mappingnew DNS resource records for location mapping
April 26, 2004April 26, 2004 1010
Three stages to VoIP 911Three stages to VoIP 911spec. spec. availableavailable??
use 10-use 10-digit digit admin. admin. numbernumber??
mobilitymobility callbaccallbackk
numbenumber to r to PSAP?PSAP?
callercaller
locatiolocation to n to PSAP?PSAP?
PSAPPSAP
modificatmodificationion
ALI (DB)ALI (DB)
modificationmodificationnew servicesnew services
I1I1 nownow allowedallowed stationarstationaryy
nono nono nono nono nonenone
I2I2 Dec. Dec. 20042004
nono stationarstationaryy
nomadicnomadic
yesyes yesyes no (8 or no (8 or 10 digit)10 digit)
updateupdate nonenone
I3I3 late late 20042004
nono stationarstationaryy
nomadicnomadic
mobilemobile
yesyes yesyes IP-IP-enabledenabled
ALI not ALI not neededneeded
MSAG MSAG replaced by replaced by DNSDNS
location in-location in-bandband
GNPGNP
multimediamultimedia
international international callscalls
April 26, 2004April 26, 2004 1111
Architectural assumptions and Architectural assumptions and goals for I3goals for I3
SIP-based for interchangeSIP-based for interchange other protocols (e.g., H.323) via gatewayother protocols (e.g., H.323) via gateway
avoid complexity of multiple protocols everywhereavoid complexity of multiple protocols everywhere H.248/MGCP not used for interdomain signaling H.248/MGCP not used for interdomain signaling not not
needed hereneeded here InternationalInternational
devices bought anywhere can make emergency calls devices bought anywhere can make emergency calls anywhereanywhere
limit biases in address formats, languages, …limit biases in address formats, languages, … avoid built-in bias for “911” or “112” (mostly)avoid built-in bias for “911” or “112” (mostly) use term “ECC” (emergency call center) instead of “PSAP” use term “ECC” (emergency call center) instead of “PSAP”
MultimediaMultimedia support non-audio media if available in PSAPsupport non-audio media if available in PSAP e.g., images or video for situational awarenesse.g., images or video for situational awareness
April 26, 2004April 26, 2004 1212
Goals, cont’d.Goals, cont’d.
Support other communications modesSupport other communications modes IMIM maybe email latermaybe email later
Support access for callers with disabilitiesSupport access for callers with disabilities real-time textreal-time text video for sign languagevideo for sign language
Easy access to external dataEasy access to external data hazmat recordshazmat records sensor data (collision data, video images, …)sensor data (collision data, video images, …)
April 26, 2004April 26, 2004 1313
Architecture componentsArchitecture components
1.1. Common URL for emergency callsCommon URL for emergency calls
2.2. Convey local emergency number to Convey local emergency number to devicesdevices
3.3. Allow devices to obtain their Allow devices to obtain their locationlocation
4.4. Route calls to right destinationRoute calls to right destination
April 26, 2004April 26, 2004 1414
Component 1: Common URL Component 1: Common URL for emergency servicesfor emergency services
Emergency numbers may be dialed from Emergency numbers may be dialed from many different placesmany different places about 60 (national) different emergency service about 60 (national) different emergency service
numbers in the worldnumbers in the world many are used for other services elsewhere (e.g., many are used for other services elsewhere (e.g.,
directory assistance)directory assistance) End systems, proxies and gateways should End systems, proxies and gateways should
be able to tell easily that a call is an be able to tell easily that a call is an emergency callemergency call
Thus, need common identifier for callsThus, need common identifier for calls
April 26, 2004April 26, 2004 1515
Common URL for emergency Common URL for emergency callscalls
IETF draft suggests “sip:sos@home-IETF draft suggests “sip:sos@home-domain”domain” home-domain: domain of callerhome-domain: domain of caller
Can be recognized by proxies along the Can be recognized by proxies along the wayway short cut to emergency infrastructureshort cut to emergency infrastructure
If not, it reaches home proxy of subscriberIf not, it reaches home proxy of subscriber Call can be routed from there easilyCall can be routed from there easily
global access to routing information (see later)global access to routing information (see later)
April 26, 2004April 26, 2004 1616
Service identificationService identification
In some countries, In some countries, specialized numbers for specialized numbers for police, fire, …police, fire, …
We add SIP protocol We add SIP protocol header that identifies header that identifies call service:call service: Accept-Contact:
* ;service=“sos.mountain”
Generally, not user Generally, not user visiblevisible
sos.firesos.fire fire brigadefire brigade
sos.rescuesos.rescue ambulanceambulance
sos.marinesos.marine marine marine guardguard
sos.policesos.police policepolice
sos.mountasos.mountainin
mountain mountain rescuerescue
sos.testsos.test only testingonly testing
April 26, 2004April 26, 2004 1717
Other call identifiersOther call identifiers
Using SIP caller preferences/callee Using SIP caller preferences/callee capabilitiescapabilities
Caller languagesCaller languages automatically route to PSAP or call taker that automatically route to PSAP or call taker that
speaks Frenchspeaks French Accept-Language: frAccept-Language: fr
Caller media preferencesCaller media preferences automatically route to PSAP or call taker that can automatically route to PSAP or call taker that can
deal with typed textdeal with typed text Accept-Contact: *;text;requireAccept-Contact: *;text;require
April 26, 2004April 26, 2004 1818
Component 2: Translating Component 2: Translating dialed digits dialed digits
Always available: 112 and 911Always available: 112 and 911 Configuration mechanisms:Configuration mechanisms:
SIM cards (GSM phones)SIM cards (GSM phones) XCAP configurationXCAP configuration
local (outbound) proxylocal (outbound) proxy home proxyhome proxy
DNSDNS Default configuration if no other Default configuration if no other
information available:information available: 000, 08, 110, 999, 118 and 119000, 08, 110, 999, 118 and 119
April 26, 2004April 26, 2004 1919
Emergency number Emergency number configuration via DNSconfiguration via DNS
NAPTR 100 10 "u" "SOS" "/110/sips:[email protected]/i
de.sos.arpa
country=DEDHCP server
add 110 to list ofemergency dial strings
April 26, 2004April 26, 2004 2020
Translating dialed numbers to Translating dialed numbers to emergency identifiersemergency identifiers
“9-1-1” no.no. URIURI serviceservice
911911 sossos sossos
110110 sossos sos.policesos.police
112112 sossos sos.firesos.fire
On many telephone-like systems, only numbers are available number translation
sips:[email protected]
April 26, 2004April 26, 2004 2121
GEOPRIV and SIMPLE GEOPRIV and SIMPLE architecturesarchitectures
targetlocationserver
locationrecipient
rulemaker
presentity
caller
presenceagent
watcher
callee
GEOPRIV
SIPpresence
SIPcall
PUBLISHNOTIFY
SUBSCRIBE
INVITE
publicationinterface
notificationinterface
ruleinterface
INVITE
April 26, 2004April 26, 2004 2222
Component 3: Determining Component 3: Determining locationslocations
Conveyed via DHCP from IP-level providerConveyed via DHCP from IP-level provider Formats:Formats:
geospatial (longitude, latitude, altitude or floor)geospatial (longitude, latitude, altitude or floor) civic (country, administrative units, street)civic (country, administrative units, street)
Provider usually knowsProvider usually knows Does not depend on being a voice service providerDoes not depend on being a voice service provider
802.11 triangulation802.11 triangulation GPS (for mobile devices)GPS (for mobile devices) Via configuration protocol (XCAP)Via configuration protocol (XCAP)
relies on VSP having accurate service location relies on VSP having accurate service location informationinformation
User-configured (last resort)User-configured (last resort)
April 26, 2004April 26, 2004 2323
Enhancing DHCP for Enhancing DHCP for locationslocations
use MAC address backtracing to get location informationuse MAC address backtracing to get location information can use existing DHCP servers and clientscan use existing DHCP servers and clients
DHCPserver
458/17 Rm. 815458/18 Rm. 816
DHCP answer:sta=DC loc=Rm815lat=38.89868 long=77.03723
8:0:20:ab:d5:d
CDP + SNMP8:0:20:ab:d5:d 458/17
April 26, 2004April 26, 2004 2424
Conveying location along the Conveying location along the call pathcall path
INVITE sip:[email protected]: sip:[email protected]: sip:[email protected]: multipart/mixed
<gp:locationinfo><loc:civil> <c:a1>PA</c:a1> <c:a2>University Park</c:a2> <c:zip>10025</c:zip></loc:civil></gp:location-info>
on boot
placing emergency
call
April 26, 2004April 26, 2004 2525
GEOPRIV geospatial formatGEOPRIV geospatial format
GEOPRIV = IETF GEOPRIV = IETF working group working group for geospatial for geospatial privacyprivacy
Location within Location within call signalingcall signaling not ALI not ALI
referencereference Based on GML Based on GML
mark-upmark-up
<?xml version="1.0" encoding="UTF-8"?> <presence xmlns="urn:ietf:params:xml:ns:pidf" xmlns:gp="urn:ietf:params:xml:ns:pidf:geopriv10" xmlns:gml="urn:opengis:specification:gml:schema-xsd:feature:v3.0" entity="pres:[email protected]"> <tuple id="sg89ae"> <timestamp>2003-06-22T20:57:29Z</timestamp> <status> <gp:geopriv> <gp:location-info> <gml:location> <gml:Point gml:id="point96" srsName="epsg:4326"> <gml:coordinates>31:56:00S 115:50:00E</gml:coordinates> </gml:Point> </gml:location> </gp:location-info> <gp:usage-rules> <gp:retransmission-allowed>no</gp:retransmission-allowed> <gp:retention-expiry>2003-06-23T04:57:29Z</gp:retention-expiry> </gp:usage-rules> </gp:geopriv> </status> </tuple> </presence>
April 26, 2004April 26, 2004 2626
GEOPRIV civic formatGEOPRIV civic format
Based on NENA XML Based on NENA XML elementselements
Except internationalized Except internationalized administrative divisions:administrative divisions:
AA11
national subdivisions (state, region, national subdivisions (state, region, province, prefecture)province, prefecture)
AA22
county, parish, gun (JP), district (IN)county, parish, gun (JP), district (IN)
AA33
city, township, shi (JP)city, township, shi (JP)
AA44
city division, borough, city district, ward, city division, borough, city district, ward, chou (JP)chou (JP)
AA55
neighborhood, blockneighborhood, block
AA66
streetstreet
<country>US</country><A1>NJ</A1><A2>Bergen</A2><A3>Leonia</A3><A6>Westview</A6><STS>Ave</STS><HNO>313</HNO><NAM>Schulzrinne</NAM><ZIP>07605-1811</ZIP>
April 26, 2004April 26, 2004 2727
Location-based call routing – Location-based call routing – UA knows its locationUA knows its location
GPS
48° 49' N 2° 29' E
INVITE sips:sos@
DHCP
outboundproxy server
48° 49' N 2° 29' E Paris fire department
April 26, 2004April 26, 2004 2828
Location-based call routing – Location-based call routing – network knows locationnetwork knows location
IP
48° 49' N 2° 29' E
TOA
include locationinfo in 302
INVITE sips:sos@ INVITE sips:[email protected]
map location to (SIP) domain
outbound proxy
April 26, 2004April 26, 2004 2929
A quick review of DNSA quick review of DNS
DNS = mapping from hierarchical names to DNS = mapping from hierarchical names to resource recordsresource records commonly, but not necessarily IP addressescommonly, but not necessarily IP addresses
Authoritative server for each domain operated by Authoritative server for each domain operated by domaindomain e.g., columbia.edu server is owned & operated by e.g., columbia.edu server is owned & operated by
Columbia University Columbia University
pc.example.com leonia.nj.uscaches results
leonia.nj.us?
April 26, 2004April 26, 2004 3030
A quick review of DNSA quick review of DNS
Thus, globally visible database, with delegated Thus, globally visible database, with delegated control of contentcontrol of content
Replication of DNS servers mandatoryReplication of DNS servers mandatory at least 2, often moreat least 2, often more automatically synchronizedautomatically synchronized
Robustness by cachingRobustness by caching typically life time of 24 hourstypically life time of 24 hours end system may not notice outage of authoritative serverend system may not notice outage of authoritative server
Host security Host security modification control modification control DNS security (DNSsec) to ensure authenticity of DNS security (DNSsec) to ensure authenticity of
contentcontent
April 26, 2004April 26, 2004 3131
How does the PSAP find the How does the PSAP find the caller’s location?caller’s location?
Largest difference to existing E911 systemLargest difference to existing E911 system In-band, as part of call setupIn-band, as part of call setup
carried in body of setup messagecarried in body of setup message rather than by reference into external databaserather than by reference into external database
May be updated during callMay be updated during call moving vehiclesmoving vehicles late availability of information (GPS acquisition late availability of information (GPS acquisition
delay)delay) Also possible: subscribe to location information Also possible: subscribe to location information
April 26, 2004April 26, 2004 3232
Using DNS for determining Using DNS for determining PSAPsPSAPs
Define new domain, e.g., sos.arpaDefine new domain, e.g., sos.arpa .arpa used for infrastructure functions.arpa used for infrastructure functions
top-level queries done only rarelytop-level queries done only rarely results are cached at clientresults are cached at client
*.us.sos.arpa
*.sos.arpa
*.nj.us.sos.arpa
firedept.leonia.nj.gov
leonia.nj.us.sos.arpa?
April 26, 2004April 26, 2004 3333
Obtaining all sub-regionsObtaining all sub-regions
us.sos.arpa nj.us.sos.
arpa
us.sos.arpus.sos.arpaa
PTPTRR
al.us.sos.arpal.us.sos.arpaa
us.sos.arpus.sos.arpaa
PTPTRR
ak.us.sos.arak.us.sos.arpapa
us.sos.arpus.sos.arpaa
PTPTRR
nj.us.sos.arpnj.us.sos.arpaa
…… PTPTRR
……
CN=usA1=njA2=bergenA3=leonia
nj.us.sos.arpanj.us.sos.arpa PTRPTR sussex.nj.us.sos.arsussex.nj.us.sos.arpapa
nj.us.sos.arpanj.us.sos.arpa PTRPTR passaic.nj.us.sos.arpassaic.nj.us.sos.arpapa
nj.us.sos.arpanj.us.sos.arpa PTRPTR bergen.nj.us.sos.arbergen.nj.us.sos.arpapa
…… PTRPTR ……
April 26, 2004April 26, 2004 3434
What about geo addresses?What about geo addresses?
Store one DNS record for each Store one DNS record for each PSAPPSAP or whatever the last caller-or whatever the last caller-
visible SIP proxy isvisible SIP proxy is could be state, county, city, … could be state, county, city, …
Point to record containing PSAP Point to record containing PSAP boundaryboundary retrieved via HTTP (web)retrieved via HTTP (web) cached as neededcached as needed
Records polygon edges of PSAP Records polygon edges of PSAP service area (longitude-latitude service area (longitude-latitude tuples)tuples)
Same descent of hierarchySame descent of hierarchy at each level, search all leaves at each level, search all leaves
for matchfor match
BergenPassaicAtlantic…
April 26, 2004April 26, 2004 3535
Address hidingAddress hiding Some advocate hiding IP addresses of PSAPs Some advocate hiding IP addresses of PSAPs
(or groups of PSAPs)(or groups of PSAPs) Not clear what this meansNot clear what this means
if call made, IP address will be returned in packetsif call made, IP address will be returned in packets Can, however, have different perimetersCan, however, have different perimeters
source address of SIP and audiopackets
April 26, 2004April 26, 2004 3737
Privacy and authenticationPrivacy and authentication
Want to ensure privacy of call setup Want to ensure privacy of call setup informationinformation
prevent spoofing of call originsprevent spoofing of call origins but can’t enforce call authenticationbut can’t enforce call authentication
need to authenticate call destinationneed to authenticate call destination ideally, certificate for PSAPsideally, certificate for PSAPs but initially just verify that reached DNS-but initially just verify that reached DNS-
indicated destinationindicated destination use TLS (SSL), as in httpuse TLS (SSL), as in httpss://:// host certificates widely availablehost certificates widely available
just need a domain name and a credit cardjust need a domain name and a credit card
April 26, 2004April 26, 2004 3838
Testing emergency callsTesting emergency calls
Current E911 system has no good way to Current E911 system has no good way to test 911 reachability without interfering test 911 reachability without interfering with emergency serviceswith emergency services
With VoIP, more distributed system With VoIP, more distributed system more need for testingmore need for testing
Use SIP OPTIONS request Use SIP OPTIONS request route request, route request, but don’t reach call takerbut don’t reach call taker
Also, DNS model allows external Also, DNS model allows external consistency checkingconsistency checking e.g., nationwide 911 testing agencye.g., nationwide 911 testing agency
April 26, 2004April 26, 2004 3939
Open issuesOpen issues
Technical (protocol) issues:Technical (protocol) issues: details of DNS recordsdetails of DNS records top-level DNS domain?top-level DNS domain? how to do testing with minimal impact?how to do testing with minimal impact?
Operational issues:Operational issues: who runs sos.arpa and us.sos.arpa?who runs sos.arpa and us.sos.arpa? export of MSAG information into DNS?export of MSAG information into DNS? will DSL and cable modem carriers provide location will DSL and cable modem carriers provide location
information?information? Funding issues:Funding issues:
use IP-layer funding for 911, not voice servicesuse IP-layer funding for 911, not voice services
April 26, 2004April 26, 2004 4040
ConclusionConclusion
Good news:Good news: VoIP-based 911 is not nearly as hard as Phase VoIP-based 911 is not nearly as hard as Phase
II wirelessII wireless can be leveraged to provide simpler Phase II can be leveraged to provide simpler Phase II
services for non-VoIP terminalsservices for non-VoIP terminals PC-based end system can be maintained as isPC-based end system can be maintained as is use of COTS, across national bordersuse of COTS, across national borders
Challenges:Challenges: cannot simply add one more patch to existing cannot simply add one more patch to existing
circuit-switched 911 systemcircuit-switched 911 system