{"id":1082,"date":"2018-09-28T14:02:00","date_gmt":"2018-09-28T12:02:00","guid":{"rendered":"https:\/\/samovar2022.int-evry.fr\/index.php\/2018\/09\/28\/mecanisme-de-confiance-pour-les-communications-web-en-temps-reel\/"},"modified":"2020-09-04T18:45:45","modified_gmt":"2020-09-04T16:45:45","slug":"mecanisme-de-confiance-pour-les-communications-web-en-temps-reel","status":"publish","type":"post","link":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/2018\/09\/28\/mecanisme-de-confiance-pour-les-communications-web-en-temps-reel\/","title":{"rendered":"\u00abM\u00e9canisme de confiance pour les communications web en temps r\u00e9el\u00bb"},"content":{"rendered":"<p>AVIS DE SOUTENANCE de <strong>Monsieur Ibrahim Tariq JAVED<\/strong><br \/>\nAutoris\u00e9 \u00e0 pr\u00e9senter ses travaux en vue de l\u2019obtention du Doctorat de T\u00e9l\u00e9com SudParis avec l&rsquo;Universit\u00e9 Paris 6 en : Informatique &#038; R\u00e9seaux<\/p>\n<p>\u00abM\u00e9canisme de confiance pour les communications web en temps r\u00e9el\u00bb<\/p>\n<p><strong>le 4 octobre 2018 \u00e0 9 heures &#8211; Salle A003<br \/>\nT\u00e9l\u00e9com SudParis &#8211; 9 Rue Charles Fourier, 91000 \u00c9vry<\/strong><\/p>\n<p><strong>Membres du jury :<\/strong><br \/>\nDirecteur de th\u00e8se : No\u00ebl CRESPI &#8211; Professeur<\/p>\n<p><strong>Rapporteurs :<\/strong><\/p>\n<table>\n<tbody>\n<tr class='row_even'>\n<td>Jeaseung SONG <\/td>\n<td> Professeur &#8211; Sejong University &#8211; Chine<\/td>\n<\/tr>\n<tr class='row_odd'>\n<td>Gyu Myoung LEE <\/td>\n<td> Reader &#8211; John Moores University &#8211; Liverpool &#8211; Royaume-Uni<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>Examinateurs :<\/strong><\/p>\n<table>\n<tbody>\n<tr class='row_even'>\n<td>Rami LANGAR <\/td>\n<td> Professeur &#8211; Universit\u00e9 Paris-Est-Marne-La-Vall\u00e9e-LIGM<\/td>\n<\/tr>\n<tr class='row_odd'>\n<td>Joaquin GARCIA-ALFARO<\/td>\n<td> Professeur &#8211; T\u00e9l\u00e9com SudParis<\/td>\n<\/tr>\n<tr class='row_even'>\n<td>Tiziana MARGARIA <\/td>\n<td> Professeure &#8211; University of Limerick &#8211; Irlande<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>R\u00e9sum\u00e9 :<\/strong><\/p>\n<p>Les services de conversation Web en temps r\u00e9el permettent aux utilisateurs d&rsquo;avoir des appels audio et vid\u00e9o sur Internet. Les op\u00e9rateurs au top comme Google et Facebook offrent des services de communication rentables avec des fonctions conversationnelles avanc\u00e9es. Avec l&rsquo;introduction de la norme WebRTC, n&rsquo;importe quel site Web ou application Web peut maintenant avoir des capacit\u00e9s de communication int\u00e9gr\u00e9es. On s&rsquo;attend \u00e0 ce que la technologie WebRTC stimule la voix sur IP en la rendant plus robuste, plus souple et plus accessible. Les op\u00e9rateurs de t\u00e9l\u00e9communications ont \u00e9galement l&rsquo;intention d&rsquo;utiliser la technologie sous-jacente pour offrir des services de communication \u00e0 leurs abonn\u00e9s sur le Web. Les nouvelles plates-formes de communication centr\u00e9es sur le Web visent \u00e0 offrir des m\u00e9thodes modernes de contact et de communication sur le Web.<\/p>\n<p>Toutefois, les op\u00e9rateurs web ne sont pas en mesure d&rsquo;assurer la fiabilit\u00e9 de leurs abonn\u00e9s, car les identit\u00e9s sont bas\u00e9es sur des profils d&rsquo;utilisateurs et des informations d&rsquo;identification auto-v\u00e9rifi\u00e9s. Ainsi, ils restent expos\u00e9s \u00e0 de nombreuses menaces sociales dans lesquelles le contexte entre les parties en communication est manipul\u00e9. Un agresseur fait g\u00e9n\u00e9ralement une fausse d\u00e9claration pour transmettre de fausses informations \u00e0 la victime cibl\u00e9e. Les menaces sociales typiques comprennent l&rsquo;hame\u00e7onnage, le pourriel, le t\u00e9l\u00e9marketing frauduleux et la distribution ill\u00e9gale de contenu. Pour assurer la s\u00e9curit\u00e9 des utilisateurs sur les r\u00e9seaux de communication, la confiance entre les parties en communication doit \u00eatre \u00e9tablie. Les participants qui communiquent devraient \u00eatre en mesure de v\u00e9rifier l&rsquo;identit\u00e9 de chacun pour \u00eatre s\u00fbrs de savoir \u00e0 qui ils s&rsquo;adressent. Cependant, l&rsquo;authentification ne peut \u00e0 elle seule garantir la fiabilit\u00e9 d&rsquo;un appelant. De nouvelles m\u00e9thodes d&rsquo;estimation de la r\u00e9putation de l&rsquo;appelant devraient \u00e9galement \u00eatre int\u00e9gr\u00e9es aux services d&rsquo;appel sur le Web.<\/p>\n<p>Dans cette th\u00e8se, nous pr\u00e9sentons un nouveau cadre de confiance qui fournit des informations sur la fiabilit\u00e9 des appelants dans les r\u00e9seaux de communication web. Notre approche est organis\u00e9e en quatre parties. Tout d&rsquo;abord, nous d\u00e9crivons la notion de confiance dans les services de communication web en temps r\u00e9el. Une approche de mod\u00e8le de confiance est pr\u00e9sent\u00e9e pour introduire formellement les param\u00e8tres et les relations de calcul de confiance dans un syst\u00e8me de communication.<\/p>\n<p>Deuxi\u00e8mement, nous d\u00e9taillons le m\u00e9canisme de provisionnement de l&rsquo;identit\u00e9 qui permet aux participants de communiquer entre eux afin de v\u00e9rifier l&rsquo;identit\u00e9 des uns et des autres d&rsquo;une mani\u00e8re Peer-to-Peer. Le choix du protocole d&rsquo;authentification a un impact important sur la vie priv\u00e9e des utilisateurs. Nous avons montr\u00e9 comment OpenID Connect utilis\u00e9 pour l&rsquo;authentification Single-Sign-On peut \u00eatre utilis\u00e9 efficacement pour provisionner les identit\u00e9s tout en pr\u00e9servant la confidentialit\u00e9 des utilisateurs.<\/p>\n<p>Troisi\u00e8mement, un mod\u00e8le de calcul de confiance est propos\u00e9 pour mesurer la fiabilit\u00e9 des appelants dans un r\u00e9seau de communication. La l\u00e9gitimit\u00e9 et l&rsquo;authenticit\u00e9 de l&rsquo;identit\u00e9 de l&rsquo;appelant sont calcul\u00e9es \u00e0 partir des recommandations des membres du r\u00e9seau. D&rsquo;autre part, la popularit\u00e9 d&rsquo;un appelant est estim\u00e9e en analysant son comportement sur le r\u00e9seau. Chaque abonn\u00e9 pourra visualiser la confiance calcul\u00e9e des autres membres avant d&rsquo;initier ou d&rsquo;accepter une demande d&rsquo;appel.<\/p>\n<p>Enfin, la r\u00e9putation d&rsquo;un appelant est utilis\u00e9e pour lutter contre les appels nuisibles g\u00e9n\u00e9r\u00e9s sur les r\u00e9seaux de communication. Les appels nuisibles sont d\u00e9crits comme des appels t\u00e9l\u00e9phoniques non sollicit\u00e9s de spam en masse g\u00e9n\u00e9r\u00e9s \u00e0 des fins de marketing et \u00e0 des fins trompeuses. La r\u00e9putation de l&rsquo;appelant est calcul\u00e9e \u00e0 partir de la diversit\u00e9 des appels sortants, de la dur\u00e9e des appels, des recommandations des participants appel\u00e9s, de la r\u00e9ciprocit\u00e9 et de la nature r\u00e9p\u00e9titive des appels. La r\u00e9putation est utilis\u00e9e pour diff\u00e9rencier les appels l\u00e9gitimes et les appels nuisibles g\u00e9n\u00e9r\u00e9s sur le r\u00e9seau.<\/p>\n<p><strong>Abstract:<\/strong><\/p>\n<p>Real-time web conversational services allow users to have audio and video calls over the Internet. Over-The-Top operators such as Google and Facebook offer cost-effective communication services with advanced conversational features. With the introduction of WebRTC standard, any website or web application can now have built-in communication capabilities. WebRTC technology is expected to boost Voice-Over-IP by making it more robust, flexible and accessible. Telco operators also intend to use the underlying technology to offer communication services to their subscribers over the web. Emerging web-centric communication platforms aims to offer modern methods of contacting and communicating over the web.<\/p>\n<p>However, web operators are unable to ensure the trustworthiness of their subscribers, since identities are based on self-asserted user profiles and credentials. Thus, they remain exposed to many social threats in which the context between communicating parties is manipulated. An attacker usually misrepresents himself to convey false information to the targeted victim. Typical social threats include phishing, spam, fraudulent telemarketing and unlawful content distribution. To ensure user security over communication networks, trust between communicating parties needs to be established. Communicating participants should be able to verify each other\u2019s identity to be sure of whom they are talking to. However, authentication alone cannot guarantee the trustworthiness of a caller. New methods of estimating caller\u2019s reputation should also be built in web calling services.<\/p>\n<p>In this thesis, we present a novel trust framework that provides information about the trustworthiness of callers in web communication networks. Our approach is organized in four parts. Firstly, we describe the notion of trust in real-time web communication services. A trust model approach is presented to formally introduce the trust computation parameters and relationships in a communication system.<\/p>\n<p>Secondly, we detail the mechanism of identity provisioning that allows communicating participants to verify each other\u2019s identity in a Peer-to-Peer fashion. The choice of authentication protocol highly impacts user privacy. We showed how OpenID Connect used for Single-Sign-On authentication purposes can be effectively used for provisioning identities while preserving user privacy.<\/p>\n<p>Thirdly, a trust computational model is proposed to measure the trustworthiness of callers in a communication network. The legitimacy and genuineness of a caller\u2019s identity is computed using recommendations from members of the network. On the other hand, the popularity of a caller is estimated by analyzing its behavior in the network. Each subscriber will be able to visualize the computed trust of other members before initiating or accepting a call request.<\/p>\n<p>Lastly, the reputation of a caller is used to combat nuisance calls generated over communication networks. Nuisance calls are described as unsolicited bulk spam phone calls generated for marketing and deceptive purposes. Caller\u2019s reputation is computed using the diversity of outgoing calls, call duration, recommendations from called participants, reciprocity and repetitive nature of calls. The reputation is used to differentiate between legitimate and nuisance calls generated over the network.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>AVIS DE SOUTENANCE de Monsieur Ibrahim Tariq JAVED Autoris\u00e9 \u00e0 pr\u00e9senter ses travaux en vue de l\u2019obtention du Doctorat de T\u00e9l\u00e9com SudParis avec l&rsquo;Universit\u00e9 Paris 6 en : Informatique &#038; R\u00e9seaux \u00abM\u00e9canisme de confiance pour les communications web en temps r\u00e9el\u00bb le 4 octobre 2018 \u00e0 9 heures &#8211; Salle A003 T\u00e9l\u00e9com SudParis &#8211; 9 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1081,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[314],"tags":[],"class_list":["post-1082","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-theses-2018-fr","entry","has-media"],"_links":{"self":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/1082","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/comments?post=1082"}],"version-history":[{"count":1,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/1082\/revisions"}],"predecessor-version":[{"id":1512,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/1082\/revisions\/1512"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/media\/1081"}],"wp:attachment":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/media?parent=1082"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/categories?post=1082"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/tags?post=1082"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}