Current MS Students/Roopesh K Boyapati
From CSWiki
Contents |
[edit] Week 1 (01/05/08)
[edit] Week 2 (01/12/08)
During the first class Professor Dr. Russel Abbot gave us detailed and valuable information about CS590 course. I understood the requirements for the class. I would be doing my master's project under professor Dr. Huo Guiping. I have been offered certain topics to choose from.
I have started my preliminary research on my master's project. I have two topics (will decide on one of them shortly 1)voice over IP 2)Database Security. However, I have choosen Voice Over IP as the topic for the presentation I would be giving on 01/ 19/ 2008.
I have started my preliminary research on VoIP. Text book I am using is Voice over IP crash course by Steven Shepard. I am going through articles on VoIP on websites www.protocol.com and www.packetizer.com apart from wikipedia and www.howstuffworks.com to understand the basic concepts of VoIP. One of the white papers on VoIP from Jupiter networks has been extremely knowledgeable.
I try to outline my preliminary understanding of VoIP based on my reading from the text, websites and papers. VoIP is challenge to traditional public switched telephone networks (PSTN). VoIP is now large accepted by customers as it is one of the most economical way of making phone calls. The major requirement is the need for internet (network). The receiver can be called on his cell phone (internet not required) while the caller must have access to internet to make a phone call using VoIP. Another way of calling through VoIP is from PC to PC. Various service providers such as yahoo and google offer free calling from PC to PC. Next, call can be made from two analog phones connected to computers through ATA (analog telephone adapter). The ATAs convert the human voice (analog signals) to digital format. These digitized voice samples are then compressed using the CODEC algorithm. Then the data is assembled in packets and transported over the network.
I am going through indepth details about the various protocols used in VoIP and its implementation.
[edit] Week 3 (01/19/08)
I continued to work on VoIP. I made a detailed study about the concepts, components, functionality, types,various protocols and challenges in VoIP. Firstly, the concepts and working principle of VoIP is very clear to me. I book referred is VoIP fundamentals by Jonathan Davidson and James Peter. When we already have a circuit switched telephone system which is widely accepted and very successful, where is the need for an alternative. Well, there are various factors that advocates the use of VoIP including important factors such as economy, mobility, local numbers & availability. The cost of calling through VoIP is very minimal as compared to traditional phones. Infact, calling between internet enable PCs costs absolutely nothing. Secondly, users can use their VoIP phones anywhere. All that is required is an internet connectivity. Calls can be made directly from a PC using the VoIP softphone or the regular phone should be connected to internet modem or PC through ATA. Local numbers: The reason to have local numbers is it reduces the cost of calling from distance places by a wide margin.Another factor that bolsters the usage of VoIP is the availability of internet almost everywhere. These are the basic factors that emphasize the need for VoIP. VoIP call could be from PC to a PC or from PC to anolog phone or from a phone to PC or phone to phone (most commonly used). Basic working principle : When a call is successful human voice move back and forth from caller to called parties. These voice signals are compressed to digital from by ATA. The data is then transported over the network by embedding them in TCP/ IP packets. On the called end, the ATA decompresses the digital voice to analog form. Voice is sampled at the rate of 8000 samples per second.
Next,I moved my study on VoIP towards the various components used in VoIP. ATA, service provider's call processor, soft switch & internet connectivity are the most important components of VoIP. ATA stands for analog telephone adapter. It connects the regular phones (land line or cell phone) to either modem device or to a PC. ATA converts the human voice to digital form from the caller's end while it re converts the digital audio signals into analog form. The reason for converting analog to digital and then again from digital to analog is to make the voice enable the voice signals to be moved over the internet. ATAs use codecs G 711 or G 729A for conversion. Other functions of ATAs is checking for proper internet connectivity and then giving a dial tone to the caller indicating that the network is fine and calls can be made. ATAs send signal to called party's phone to ring. There are two kinds of ATAs available. One lets you connect a phone directly to the internet (modem device) and the other kind allows the analog phone to be connected to internet through an internet enable PC. However, the disadvantage of the second one is that the PC should always be kept running when ever a call is been made.
Call processor is a piece of hardware working in synchronous with the VoIP service providers server machine. It can be considered as the heart of the VoIP calling process. Call processor hosts soft switch. Soft switch is an databse/ mapping program that contains the list of users and their corresponding phone numbers. Soft switch is responsible for locating the other end user (called party) and finding the current IP address of the called party. The call processor works in synchrony with ATAs.I am still getting into the details of the underlying concepts of call processor and ATAs.
I will now make an attempt to outline the basics of various protocols used in VoIP. H 323, SIP, RTP and RTCP are the most prominent protocols in VoIP. H323 was developed by international telecommunication union (ITU) in 1996. This protocol is used for enabling voice and video services over the internet. H323 is not a single protocol rather a cluster (suit) of protocols like H225, H245, H450, H235, H239, H261, H263,G711, G722, G723.1, G728, G 729, T122, T124, T125, T126, T127. G series prtocols are used for transmission of audio signals while T series is used for data transmission. H323 protocol uses codecs such as G 711, G729 and T 140. Although H323 consists various protocols and codecs it was not very successful in implementing VoIP. SIP (session initiation protocol): SIP is responsible for initiating a call, maintaining VoIP call & for terminating the call. It is an application protocol in the TCP/ IP 5 layer model, independent of the carrier protocol being used in transport layer. It works with TCP, UDP or SCTP (session control transmission protocol. SIP works in synchronous with various other protocols involved with the signaling process.It is the carrier for session description protocol (SDP). RTP (Real Time Transport Protocol) : RTP, developed by IETF (internet engineering task force) is the protocol used for the actual delivery of data. The data could be anything like voice, video or simulation or any other interactive real time data. An RTP packet consists of the pay load type which describes the kind of codecs used, time stamp from sender machine, sequence number for rearranging packets, and then the actual data. RTP does not provide any acknowledgment of the delivered packets. It is the RTCP (real time transport control protocol)that serves to give the feed back of the kind of data being delivered by RTP.
Next, I was keen to demo the working of voice IP as the interest was to capture the protocols described above and examine the contents of each individual protocol. For this, I had to download a soft phone from VoIP service providers. The soft phone I used for the demo is Sight Speed. I was successful in demonstrating this in the class. All the protocols said and described above were practically seen and understood. I have attached the file (wire shark)which shows the various protocols captured during the demonstration of VoIP.
Finally, I spent my time on summarizing & preparing the slides on VoIP for the presentation in the class.
[edit] Week 4 (01/26/08)
The topics I have been suggested by my project adviser Prof. Huo Guiping is database security,Personalized Privacy Preservation,security of outsourced database and K anonimity : a model for protecting privacy. I have been told to read all the papers and finally decide which topic is best suitable for considering to be a master's project. Hence forth, I spent this week reading the paper "Personalized Privacy Preservation" by Xiaokui Xiao and Yufei Tao. The main aim of this paper is to extract all the possible information from the microdata while maintaining the confidentiality of the personals. All the theoretical concepts mentioned in this paper are verified by extensive experiments. Why do we need microdata to be published? There are certain databases or records that become neccessary and point of interest for researches. For example, a record of diseases along with the age, sex, name, address of the patients. Here, patients may allow the disease and age to be revealed but not the personals details like name and address. The objective of this paper is to get all the desired information from the database table, the raw data, also called as the microdata, while yet maintaining the personal details confidential.
Consider a table consisting of only age, sex , zipcode and the disease suffered but NOT the name of the patient. Although, this table doesnot mention the name of the patient, if a comparision is made between this table and a voters list table then it's quite simple to identify the right person associated with a disease. The three attributes (age, sex and zipcode) are called as quasi identifiers. The paper finds a solution to this problem by making the quasi identifiers less specific to avoid identifying individuals. A table is K anonymous if the QI of each tuple is identical to atleast K-1 other tuples. The draw back of K anonymity is that an adversary can indentify the person even with the minute details by comparing it with other databases/ records. This concludes K anonymity prevents identifying the association between individual and tuples but not individuals and sensitive values. Also, this method gives a chance for loss of data. This paper finds solutions to counter these problems faced by K anonymity method leading to the concept of personalised anonymity.
In personalised anonymity, individuals can specify the extent to which their identity can be revealed. The diseases mentioned in this paper can be classified in to two categories: respiratory or digestive system disease, respiratory diseases can be subdivided into flu, nuemonia, bronchitis and so on while stomach diseases can be classified into ulcer, gastritis and so on. Now, the idea behind this hierarchial classification is that the individuals can choose the level of disease identification. For example a patient suffering from ulcer can specify level 1 indicating he has stomach disease leading to a situation where the observer cannot say the actual disease (ulcer) suffered by the patient.
[edit] Week 5 (02/02/08)
My master's project topic will be based on security of databases in particular Security of outsourced databases (this is in final review with my project adviser). Hence forth, I spent the week reading the paper "DSAC: An Approach to Ensure Integrity of Outsourced Databases using Signature Aggregation and Chaining".Question : How did I land up at this paper? I was suggested to read a few papers (including this)by my project adviser Prof. Huo Guiping to build a strong understanding of databases and its securities before getting into the actual project work.
At the outset, why do we need to outsource any database? and why do we need security of this outsourced database? Data owners outsource their databases in order to concentrate more towards other activities in their organization such as development, programming, client reviews,business enhancements and so on. When a database such as bank information(account number, Name, balance,savings, credit, address) needs high level of security and the third party(handling outsourced databases) cannot be always trusted to full extent by the data owners. Also, queries from the users should yield exact and authentic information. This paper talks about two important issues and solutions of authenticity and completeness guarantees of query replies. It also deals with analyzing a new approach for various base query types and compares the new approach with authenticated data structures. Correct and complete are two key words in this paper. The authors emphasize on correct results returned from outsourced databases making sure no tuples are tampered and complete, meaning to results should be complete without the loss of any tuples. Further down, the paper provides certain mechanisms to ensure correctness and completeness by considering standard SQL queries involving select clauses which (usually) result in the selection of a set of records or fields that match a given predicate or a set thereof. The following sections of the paper discusses signature aggregation and its applications to verifying correctness of query replies and proposes the extensions to achieve completeness guarantees. The paper finally concludes by describing the approach by considering various query types.
After a detailed discussion with my professor, I decided to my master's project on "Ensuring integrity of outsourced databases". This will be the topic for my master's project. The previous week I read a paper about this specified by my project advisor. With this I gained sufficient base to be confident to work on it. Ok now, for this week (02/02-02/09) I decided to go through more on this topic. I picked up a paper "Authentication and Integrity in Outsourced Databases" from the web (as per advisors suggestion) to understand more about the outsourced databases and their security issues. This paper has been extremely helpful interms of understanding the basic concepts in database securities, takes up all the way to cryptography and then to K method privacy preservation.
Apart from this I am consulting my advisor to learn how to design the prospectus for this project. I spent a major chunk of time on this, I was given a few samples to go through to understand how to draft a project prospectus from the begin and then take it up step by step. I feel I have done a sufficient ground work this week to create an impressive project prospectus. I wouls be presenting it in the class shortly.
[edit] Week 7 (02/16/08)
As stated last week I have finalized my project topic and this week I continued to do the ground work for the master's project. I have been trying to segregate resources to improve my knowledge on this subject. I am looking for books in the library and found this one as a good resource "Dynamic group key management in outsourced databases" by Alla Lanovenko. Though this book is not directly relevant to my master's project, it has valuable information on the related topics such as public/ private key management, different schemes of encryption and so on. It talks about the basics of securities of outsourced databases and then takes us up to different schemes of key management in outsourced databases. On the other hand, I am preparing to draft prospectus for the master's project. The first question that arises while preparing a prospectus is "The Aim of my Project/ Thesis". To answer this, I had to do a lot of consultations with my project advisor. My aim is to do an enhanced research on DSAC( digital signature aggregation and chaining) based on the paper "DSAC: An Approach to Ensure Integrity of Outsourced Databases using Signature Aggregation and Chaining" by Maithili Narasimha & Gene Tsudik (Computer Science Department School of Information and Computer Science University of California, Irvine). To be more precise, I am working towards the two main concepts related to DSAC: correctness and completeness.. There are questions which have not be answered to the full satisfaction in this paper like The VB-tree approach only provides a proof of correctness but it does not address the completeness problem, schemes to reduce the cost (in terms of time) of the querier. I am trying to aggregate such drawbacks and find a scheme to improve upon them. This is as per the advice from my project advisor.
[edit] Week 8 (02/23/08)
I am reading and preparing slides for the presentation due on 01/03/08. In this presentation I would be talking about the paper DSAC: An Approach to Ensure Integrity of Outsourced Databases using Signature Aggregation and Chaining. This paper is the basis for my project (details explained in the previous weeks).Task 2: As per the project/ thesis template, I am drafting a prospectus for my project work starting with questions like "What am I trying to accomplish, basic features of my project, why is it academically interesting, is it worth have it at master's level and whom does it help and attract. These are the questions I would present and answer in my next presentation.
What are the hardship(s) I am facing in creating project prospectus? Though I know where I am walking towards, it is quite challenging to draw the block diagram/ flow chart for my project prospectus! I am working on this by reading more related works from web and reference books available in the library in regular consultation with my project advisor.
[edit] Week 9 (03/01/08)
- I am drafting my thesis prospectus. I am trying to come up with a clear view of what I would be doing in my thesis work. The prospectus is almost complete except for the architecture and platforms used.
- The thesis prospectus would be complete by my next presentation (2 more presentations to go) by adding the necessary diagrams, basic and advanced features and other required changes.
- Preparing slides for my next presentation for the paper "Digital Signature Aggregation and Chaining" by Maithili Narasimha & Gene Tsudik
[edit] Week 10 (03/08/08)
DSAC(Digital signature aggregation and chaining) is my thesis topic. DSAC is vast topic, my thesis motivation would be to improve the existing signatures scheme developed in this paper. The current signature scheme involves the result set which consists of valid tuples, its corresponding signatures, aggregate signature & the hash combination of the tuples.
So, my thesis goal is to combine the aggregate signature & hash combinations. This will produce a result set that would reduce the computation time for the verifier, saves the storage space on the server & reduces the bandwidth utility of the server.
I have been working by understanding the concepts & preparing slides for my presentation.
As per the suggestions made in the class, I have modified my prospectus and would present my final prospectus next week.
[edit] Week 11 (Final 03/15/08)
- I spent last week with my project adviser discussing about my thesis work. I am now able to draw a clear picture of my thesis prospectus. It is now more clear of what I would be doing in my thesis.
- Investigating the topic of signature aggregation mechanisms which happens to be one of the main goals of my thesis work.
- I spent last week writing my thesis prospectus.
