DOCSLIB.ORG

Advanced NFV Features Applied to Multimedia Real-Time Communications Use Case

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Advanced NFV Features Applied to Multimedia Real-Time Communications Use Case Advanced NFV Features Applied to Multimedia Real-Time Communications Use Case Ana Pol ∗, Anton Roman ∗, Panagiotis Trakadas†, Panagiotis Karkazis†, Evgenia Kapassa‡, Marios Touloupou‡, Dimosthenis Kyriazis‡, Juan L. de la Cruz§, Pol Alemany§, Ricard Vilalta§, Raul Munoz§ ∗Quobis, O Porrino, Spain, Email: [ana.pol,anton.roman]@quobis.com †Synelixis Solutions S.A. 157, Perissou, str., 14343, Athens, Greece, Email: [ptrak,pkarkazis]@synelixis.com ‡Department of Digital Systems, University of Piraeus, Piraeus, Greece, Email: [ekapassa, mtouloup,dimos]@unipi.gr §CTTC, Castelldefels, Spain, Email:[jdelacruz,palemany,rvilalta,rmunoz]@cttc.es Abstract — Real-time communications are services with very application service on top of the SONATA (powered by demanding requirements in terms of reliability and Quality of 5GTANGO) service platform. Service (QoS) that is not easy to be reached. 5G technologies provide tools and techniques that promise to overcome the The remaining of the paper is organized as follows. Section current shortcomings and thus give the opportunity to service II presents the state of the art of this work, while Section III providers to offer better services to the end users. This paper introduces the overall SONATA (powered by 5GTANGO) aims at describing how an existing real-time communications Service Platform. Section IV describe in detail then enhanced service can leverage the innovative features offered by the proposed features, specially focusing on the recently new- SONATA Service Platform (SP), such as network slicing, added features such as QoS and multi-WIM support. This automated monitoring management and Service Level section describes also the principles of SONATA (powered Agreement (SLA) enforcement, to meet the challenging requirements of the service. In this paper, we especially focus on by 5GTANGO) Monitoring Manager as well as the insights the specific mechanisms implemented to support different QoS of the realization of the SNMP solution that has been utilized profiles at network level and automatic scale in/out of the service in this pilot. Additionally, this section presents the role of the depending on the system load. SLA Manager and how it enables the definition and enforcement of SLAs, as well as the Slice Manager which Keywords— Real-time communications , 5G technologies , helps to meet the QoS requirements of the network service. QoS Enforcement , SLAs, Monitoring, Slicing Section V presents the corresponding real-time communications use case, while Section VI states the evaluation of the proposed architecture. Finally, in Section I. INTRODUCTION VII, we close up with ideas for future experiments and current While the 5G concept is still rather unclear in study capabilities. certain dimensions [1], the evolved 5G network will be, for sure, characterized by agile, resilient and converged network II. STATE OF THE ART realization, based on one hand on the disruptive core and Active and advanced work has been conducted on radio access technologies and on the other hand on the multimedia real-time communications use cases implied in network softwarization context brought by Network Function 5G-enabled network softwarization technologies. In this Virtualization (NFV) and Software Defined Networking direction, there are several approaches and architectures (SDN) technologies. In the network softwarization frontier, enabling effective communication between IP Multimedia a handful of commercial as well as open source Management Subsystems (IMS) and Web Real-Time Communication and Orchestration (MANO) platforms have emerged (e.g. (WebRTC) users. The authors in [8], introduced a novel OSM [2], ONAP [3], Cloudify [4], SONATA [5], OPNFV architecture supporting WebRTC users for smart community [6]), considered as suites of functionalities for the services, and proposed an optimization model to design and management and orchestration of virtual resources related to allocate resources for such systems while ensuring the desired the instantiation of Network Services (NS) consisting of QoS level. Furthermore, worth mentioned is the work Virtual Network Functions (VNFs) and their real-time conducted in [9], where the authors presented an open-source provisioning. platform enabling developers to create and deploy RTC applications with advanced media processing capabilities. These MANO platforms are expected to add value to For this, they introduced the concept of Media Pipeline which operators by reducing costs and deployment time and is in fact chains of interconnected media processing elements. simplifying the management of the VNF and NS throughout Their approach was also based on ETSI NFV their lifecycle. By capitalizing on the implemented techniques recommendations. Henceforth, another interesting work was of the 5G innovative concepts, these platforms are able to introduced in [10]. In this paper, a set of three software accommodate different types of services and deal with the architectures were introduced for efficient virtualization of complexity of the NS-specific requirements. SONATA IMS in different operator environments responding to the platform is an open source MANO framework whose high-level requirements of the ETSI NFV use case for functionalities are currently extended under the scope of the virtualizing operator core network functions. In addition, 5GTANGO H2020 project [7], offering unique advantages based on their experiments, they have successfully managed and innovative features demanded by real use cases. In to simplify the deployment and runtime orchestration of such particular, those features include a) an automated network a virtual service on top of a cloud infrastructure. Not only that, monitoring framework, b) novel policy and SLA management but also in [11], an analysis of next generation network and c) implementation of network slicing. This paper architectures enabling real time multimedia communications describes and evaluates the implementation of a real-time was conducted. The novelty and contribution of this paper lies in the fact described in sub-section F of section IV. Additionally, the SP that: a) the described functionalities are already implemented follows a policy-driven approach through the Policy and given to the research and industrial community as open Manager, meaning that the full operations can be controlled source code, and b) the evaluation is based on a real service by a set of policies that determine the behavior of the NSs. provided by Quobis offering a first-class opportunity to Policies materialize the zero-touch service management validate the benefits of the implemented 5G network (ZSM) concept, enabling the automation of the decision- softwarization characteristics. making process. Another new component is the Slice Manager, which is described in more detail in sub-section G III. SONATA SERVICE PLATFORM OVERVIEW of section IV, allowing the creation of multiple slices on top Before proceeding with the description of the service and of a single infrastructure. For that, it uses NFV artifacts as the results of our work, we will briefly describe the main building blocks (i.e. NSs), interconnecting them in order to components of the SONATA (powered by 5GTANGO) build end-to-end slices, capable to cope with the 3GPP platform. In brief, its open source software is comprised by requirements. Moreover, in order to monitor not only the three main components: the Software Development Kit infrastructure resources, but the performance of a service (SDK) [12], the Verification and Validation (V&V) either on VNF or NS level, the SP includes a Monitoring Framework [13] and the Service Platform (SP) [14]. The Manager, with new features, enabling the proper management entry point of the SONATA platform is the SDK, which is a of the use case specific requirements, as will be described in CLI based toolkit that allows NS packages creation, on- sub-section C of section V. At a lower level, the SP takes boarding, towards the V&V component that is responsible for advantage of the MANO Framework, implementing the the verification and benchmarking of NS’s and their functions of Network Service Orchestration (NSO), Resource constituent VNFs. Afterwards, the SP takes the control of the Orchestration (RO) and VNF Management. Mapping to the NFV Management and Orchestration (MANO) features. ETSI NFV Architecture, this roughly corresponds to the NFV Figure 1 depicts the overall SONATA (powered by Orchestrator (NFVO) and VNF Manager (VNFM) 5GTANGO) service platform architecture, indicating the components. In terms of infrastructure, the SP is ready to interactions between the SP and the rest of the components. support multiple NFV Infrastructures (NFVIs) and VIMs, The main focus of this paper will be in the description of the using an Infrastructure Adaptor (IA) component to abstract internal components of the SP, giving emphasis to advanced the particularities of each infrastructure. Currently, two features that provide support to a real-time communication technologies are supported, Openstack and Kubernetes, but NS, running on top of a virtualized infrastructure. others can be added by extending the platform with new plugins. IV. PROPOSED FEATURES This section describes the proposed features that was introduced into the SONATA (powered by 5GTANGO) SP architecture, that allow the enhanced management and orchestration of a real-time communication service. The next subsections are going to describe advanced features like a) End-Point Support, b) Multi-WIM and QoS Support, c)
Load more

Recommended publications
  • Effects and Opportunities of Native Code Extensions For
    Effects and Opportunities of Native Code Extensions for Computationally Demanding Web Applications DISSERTATION zur Erlangung des akademischen Grades Dr. Phil. im Fach Bibliotheks- und Informationswissenschaft eingereicht an der Philosophischen Fakultät I Humboldt-Universität zu Berlin von Dipl. Inform. Dennis Jarosch Präsident der Humboldt-Universität zu Berlin: Prof. Dr. Jan-Hendrik Olbertz Dekan der Philosophischen Fakultät I: Prof. Michael Seadle, Ph.D. Gutachter: 1. Prof. Dr. Robert Funk 2. Prof. Michael Seadle, Ph.D. eingereicht am: 28.10.2011 Tag der mündlichen Prüfung: 16.12.2011 Abstract The World Wide Web is amidst a transition from interactive websites to web applications. An increasing number of users perform their daily computing tasks entirely within the web browser — turning the Web into an important platform for application development. The Web as a platform, however, lacks the computational performance of native applications. This problem has motivated the inception of Microsoft Xax and Google Native Client (NaCl), two independent projects that fa- cilitate the development of native web applications. Native web applications allow the extension of conventional web applications with compiled native code, while maintaining operating system portability. This dissertation determines the bene- fits and drawbacks of native web applications. It also addresses the question how the performance of JavaScript web applications compares to that of native appli- cations and native web applications. Four application benchmarks are introduced that focus on different performance aspects: number crunching (serial and parallel), 3D graphics performance, and data processing. A performance analysis is under- taken in order to determine and compare the performance characteristics of native C applications, JavaScript web applications, and NaCl native web applications.
    [Show full text]
  • Introducing 2D Game Engine Development with Javascript
    CHAPTER 1 Introducing 2D Game Engine Development with JavaScript Video games are complex, interactive, multimedia software systems. These systems must, in real time, process player input, simulate the interactions of semi-autonomous objects, and generate high-fidelity graphics and audio outputs, all while trying to engage the players. Attempts at building video games can quickly be overwhelmed by the need to be well versed in software development as well as in how to create appealing player experiences. The first challenge can be alleviated with a software library, or game engine, that contains a coherent collection of utilities and objects designed specifically for developing video games. The player engagement goal is typically achieved through careful gameplay design and fine-tuning throughout the video game development process. This book is about the design and development of a game engine; it will focus on implementing and hiding the mundane operations and supporting complex simulations. Through the projects in this book, you will build a practical game engine for developing video games that are accessible across the Internet. A game engine relieves the game developers from simple routine tasks such as decoding specific key presses on the keyboard, designing complex algorithms for common operations such as mimicking shadows in a 2D world, and understanding nuances in implementations such as enforcing accuracy tolerance of a physics simulation. Commercial and well-established game engines such as Unity, Unreal Engine, and Panda3D present their systems through a graphical user interface (GUI). Not only does the friendly GUI simplify some of the tedious processes of game design such as creating and placing objects in a level, but more importantly, it ensures that these game engines are accessible to creative designers with diverse backgrounds who may find software development specifics distracting.
    [Show full text]
  • Introduction to Google Gears
    Colorado Software Summit: October 21 – 26, 2007 © Copyright 2007, Google Google Gears Dion Almaer code.google.com ajaxian.com Dion Almaer — Google Gears Slide 1 Colorado Software Summit: October 21 – 26, 2007 © Copyright 2007, Google Offline Web via Open Web • Why just solve this problem for Google? • Why not solve it for others? • Solution: Make it open source with a liberal license • New BSD Dion Almaer — Google Gears Slide 2 Colorado Software Summit: October 21 – 26, 2007 © Copyright 2007, Google Why? “How often are you on a plane?” • Reliability • 1% of downtime can hurt at the wrong time • Performance • Local acceleration • Convenience • Not having to find a connection • You are offline more than you think! Dion Almaer — Google Gears Slide 3 Colorado Software Summit: October 21 – 26, 2007 © Copyright 2007, Google What is the philosophy? •One application, one URL •Seamless transitions between online and offline •Ability to use local data, even when online •Available to all users on all platforms •... and a pony Dion Almaer — Google Gears Slide 4 Colorado Software Summit: October 21 – 26, 2007 © Copyright 2007, Google What is the philosophy? Browser plugin: IE, Firefox, Safari (almost!) Dion Almaer — Google Gears Slide 5 Colorado Software Summit: October 21 – 26, 2007 © Copyright 2007, Google What is the philosophy? Dion Almaer — Google Gears Slide 6 Colorado Software Summit: October 21 – 26, 2007 © Copyright 2007, Google What is the philosophy? Do for offline what XMLHttpRequest did for web apps Ajax Libraries Gears Libraries Dojo,
    [Show full text]
  • Learning HTML5 Game Programming Addison-Wesley Learning Series
    Learning HTML5 Game Programming Addison-Wesley Learning Series Visit informit.com/learningseries for a complete list of available publications. The Addison-Wesley Learning Series is a collection of hands-on programming guides that help you quickly learn a new technology or language so you can apply what you’ve learned right away. Each title comes with sample code for the application or applications built in the text. This code is fully annotated and can be reused in your own projects with no strings attached. Many chapters end with a series of exercises to encourage you to reexamine what you have just learned, and to tweak or adjust the code as a way of learning. Titles in this series take a simple approach: they get you going right away and leave you with the ability to walk off and build your own application and apply the language or technology to whatever you are working on. Learning HTML5 Game Programming A Hands-on Guide to Building Online Games Using Canvas, SVG, and WebGL James L. Williams Upper Saddle River, NJ • Boston • Indianapolis • San Francisco New York • Toronto • Montreal • London • Munich • Paris • Madrid Cape Town • Sydney • Tokyo • Singapore • Mexico City Many of the designations used by manufacturers and sellers to distinguish their products Associate are claimed as trademarks. Where those designations appear in this book, and the publish- Publisher er was aware of a trademark claim, the designations have been printed with initial capital Mark Taub letters or in all capitals. Senior Acquisitions The author and publisher have taken care in the preparation of this book, but make no Editor expressed or implied warranty of any kind and assume no responsibility for errors or omis- Trina MacDonald sions.
    [Show full text]
  • Will HTML 5 Restandardize the Web?
    TECHNOLOGY NEWS Will HTML 5 Restandardize the Web? Steven J. Vaughan-Nichols The World Wide Web Consortium is developing HTML 5 as a stan- dard that provides Web users and developers with enhanced func- tionality without using the proprietary technologies that have become popular in recent years. n theory, the Web is a resource enhanced functionality without using “Microsoft is investing heavily in that is widely and uniformly proprietary technologies. the W3C HTML 5 effort, working with usable across platforms. As Indeed, pointed out Google our competitors and the Web commu- such, many of the Web’s researcher Ian Hickson, one of the nity at large. We want to implement key technologies and archi- W3C’s HTML 5 editors, “One of our ratified, thoroughly tested, and stable Itectural elements are open and goals is to move the Web away from standards that can help Web interop- platform-independent. proprietary technologies.” erability,” said Paul Cotton, cochair of However, some vendors have The as-yet-unapproved standard the W3C HTML Working Group and developed their own technologies takes HTML from simply describing Microsoft’s group manager for Web that provide more functionality than the basics of a text-based Web to creat- services standards and partners in Web standards—such as the ability to ing and presenting animations, audio, the company’s Interoperability Strat- build rich Internet applications. mathematical equations, typefaces, egy Team. Adobe System’s Flash, Apple’s and video, as well as providing offline At the same time though, Web QuickTime, and Microsoft’s Silverlight functionality. It also enables geoloca- companies say their proprietary tech- are examples of such proprietary tion, a rich text-editing model, and nologies are already up and running, formats.
    [Show full text]
  • Silo: Exploiting Javascript and DOM Storage for Faster Page Loads
    Silo: Exploiting JavaScript and DOM Storage for Faster Page Loads James Mickens Microsoft Research [email protected] Abstract fast-loading pages result in happier users, longer visit times, and higher revenues for page owners. For exam- A modern web page contains many objects, and fetch- ple, when the e-commerce site Shopzilla reduced its av- ing these objects requires many network round trips— erage load time from 5 seconds to 1.5 seconds, it boosted establishing each HTTP connection requires a TCP page views by 25% and revenue by 10% [4]. Faster loads handshake, and each HTTP request/response pair re- also lead to more advertising impact, since Google’s Ad- quires at least one round trip. To decrease a page’s load Words system preferentially displays ads whose target time, designers try to minimize the number of HTTP re- pages load quickly [9]. Search engines also make load- quests needed to fetch the constituent objects. A com- ing speed a factor in their page rankings [22]. mon strategy is to inline the page’s JavaScript and CSS Given all of this, web designers have accumulated a files instead of using external links (and thus separate series of techniques for decreasing load times. Souder’s HTTP fetches). Unfortunately, browsers only cache ex- influential book High Performance Web Sites lists 14 of ternally named objects, so inlining trades fewer HTTP these techniques [23], with the most important one be- requests now for greater bandwidth consumption later if ing to minimize the number of HTTP requests needed a user revisits a page and must refetch uncacheable files.
    [Show full text]
  • Geolocation in the Browser from Google Gears to Geolocation Sensors
    Geolocation in the Browser From Google Gears to Geolocation Sensors Thomas Steiner Anssi Kostiainen Marijn Kruisselbrink Google LLC Intel Corporation Google LLC 20354 Hamburg, Germany 02160 Espoo, Finland San Francisco, CA 94105, USA [email protected] [email protected] [email protected] ABSTRACT 1 HISTORY OF BROWSER GEOLOCATION Geolocation is arguably one of the most powerful capabilities of Geolocation has been available to developers implicitly through smartphones and a lot of attention has been paid to native applica- the mapping of Internet Protocol (ip) addresses or address blocks tions that make use of it. The discontinued Google Gears plugin was to known locations. There are numerous paid subscription and one of the rst approaches to access exact location data on the Web free geolocation databases with varying claims of accuracy that as well, apart from server-side coarse location lookups based on In- range from country level to state or city level, sometimes including ternet Protocol (ip) addresses; and the plugin led directly to the now zip/post code level. A popular free way to obtain ip-based location widely implemented Geolocation api. The World Wide Web Con- data was through Google’s ajax api Loader library [2], which pro- sortium (w3c) Geolocation api specication denes a standard for vided an approximate, region-level estimate of a user’s location accessing location services in the browser via JavaScript. For a long through its google.loader.ClientLocation property. This api time, developers have also demanded more advanced features like did not require users to install any client-side software. Implicit background geolocation tracking and geofencing.
    [Show full text]
  • HTML5 in Web Development: a New Approach
    International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 05 Issue: 03 | Mar-2018 www.irjet.net p-ISSN: 2395-0072 HTML5 in Web Development: A New Approach Ashis Kumar Ratha1, Shibani Sahu2, Priya Meher3 1Asst.Prof, Department of Computer Science & Engg., VIT, Bargarh, Odisha ,INDIA 2,3 Student Researcher, Department of Computer Science & Engg., VIT, Bargarh Odisha ,INDIA ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - HTML5 is everywhere these days. HTML5 is the designer the new features provided by the HTML5 would new and elegant standard for HTML that provides web users add up new values. and developers enhanced functionality. The older versions of HTML, HTML 4.01, which came in 1999, and the web development have changed notably since then. HTML 4, XHTML, CSS and the HTML DOM Level 2 are now replaced with HTML5. It was brought to deliver rich content without the need for additional plug-ins and proprietary technologies. The new power of HTML5 supplies the user everything from animation to graphics, music to movies, and can also be used to build complicated web applications and also supports cross-platform. HTML5 standard initiates the development of real-time collaborations in web browsers, which leads to less work for web developers. (Figure-1) Key Words: Web, users, HTML, HTML5 features, accessibility HTML5 provides cross platform, which is designed to display webpages on Smart TV, Tablet, PC, Smartphone etc. INTRODUCTION So many websites as well as browser designers are adopting HTML5 elements. The main temptation for the Web is the fastest growing resource that is rapidly and web developers and browsers is that someone can create constantly used across almost every platforms.
    [Show full text]
  • A Plug-In Based RIA for Multimedia Communication
    Technical Report VS-R08-2010 Aspectix Research Team | Institute of Distributed Systems | University of Ulm, Germany RAPIX A plug-in based RIA for multimedia communication Jan-Patrick Elsholz · Eduard Seibel · Franz J. Hauck 2010 Title Image: Antal, „Lautsprecher“, CC-Lizenz (BY 2.0), www.piqs.de http://creativecommons.org/licenses/by/2.0/de/deed.de RAPIX: A plug-in based RIA for Multimedia Communication Jan-Patrick Elsholz, Eduard Seibel, Franz J. Hauck Institute of Distributed Systems Ulm University, Germany Email: {jan-patrick.elsholz,eduard.seibel,franz.hauck}@uni-ulm.de Abstract—Multimedia communication like voice and video used worldwide from any web browser without installation calls over IP or Video on Demand grows in popularity today [1], and maintenance issues. And third, the RIA has a consistent [2]. However, the development of such applications is a complex look-and-feel across all devices and platforms, improving user and error-prone process, as only basic framework support is available. In this paper we introduce RAPIX, a plug-in based acceptance and orientation in the User Interface (UI). Rich Internet Application (RIA) that eases this development. The paper is structured as follows. First, we show related Furthermore, our web-based approach supports a wide range work and categorise it related to placement of application logic of devices enabling even mobile phones for multimedia commu- and access to system resources. Then, basic technology is nication. We prove our concept with a prototype implementation introduced. Section IV presents our prototype implementation based on the Rich AJAX Platform [3] enriched with Adobe Flash to support multimedia playback and access audio and video with device access, multimedia playback, a notification system capture from the web browser.
    [Show full text]
  • Kast – Watch Together Android Application
    Kast – Watch Together Android application Emil Kaidesoja Bachelor’s Thesis Information Technology 2020 Summary Author Emil Kaidesoja Degree program Information technology Title of the thesis Number of Kast – Watch Together Android application pages and ap- pendices 61 + 2 Kast is a live hangout platform which empowers users to share content and connect over the internet in real time. Kast allows communication with text and voice chat and sharing content with video capture technologies. The topic of this thesis is to develop the Kast An- droid application. This provides new and existing users a native Kast experience on their Android devices. The need for applications such as Kast has never been higher. With the current state of the world, spending time with friends and family, watching movies, and organizing busi- ness meetings have moved over to the internet. Our mission at Kast is to give users the ability to do all these activities in a single platform. In this thesis I go through the Kast ecosystem and features with details about the Android application scope and functionalities. I also explain what development tools and technolo- gies I have used to complete the project. I explore the Android environment and the Android framework by discussing the software stack, the programming language Kotlin and modern robust user interface elements used in the application. An important aspect of this thesis is the audio and video sharing capabilities completed with Googles WebRTC technology. I explain how the WebRTC fundamentals work in the- ory and what protocols and technologies it consists of. In the latter part of this thesis I cover details about the development of Kast Android.
    [Show full text]
  • Web Application Development Seminar Google Web Toolkit (GWT) and Google Gears
    WADS2007_GoogleGears+GWT_presentation https://docs.google.com/PresentationView?docID=dghfs2v2_1dnhd8k... Web Application Development Seminar Google Web Toolkit (GWT) and Google Gears Mika Pänkälä Raine Mäkeläinen Outline Basic Idea Benefits Installation & Building Debugging Examples Conlusions 1 of 8 24.10.2007 15:00 WADS2007_GoogleGears+GWT_presentation https://docs.google.com/PresentationView?docID=dghfs2v2_1dnhd8k... Google Web Toolkit (GWT) GWT - Basic Idea Apache 2 licenced Java framework for developing AJAX apps Applications are developed with given set of Java libraries => Java code is compiled to JavaScript Makes it possible to produce applications that are run in a browser without the developer being a JavaScript specialist IDE can be any editor that supports Java (~= Eclipse) GWT includes four components (see following slide) 2 of 8 24.10.2007 15:00 WADS2007_GoogleGears+GWT_presentation https://docs.google.com/PresentationView?docID=dghfs2v2_1dnhd8k... GWT - Benefits Web application developers are only required to know Java Benefits of object-oriented language and modularity Static type checking of Java language No need to worry about incompatibilities of browsers Developer can really debug web apps with Java language i.e. with Eclipse (vs. JavaScript debugging) Usage of Google APIs, e.g. Google Gears GWT borrows from the Java Native Interface (JNI) concept to implement Java Script Native Interface (JSNI) 3 of 8 24.10.2007 15:00 WADS2007_GoogleGears+GWT_presentation https://docs.google.com/PresentationView?docID=dghfs2v2_1dnhd8k... GWT - Debugging Hosted environment for local use Application runs as Java bytecode within the Java Virtual Machine (JVM) Tomcat launches itself on the background for local debugging (you can debug stuff, i.e. with Eclipse) Needs a special browser that is provided GWT Examples 4 of 8 24.10.2007 15:00 WADS2007_GoogleGears+GWT_presentation https://docs.google.com/PresentationView?docID=dghfs2v2_1dnhd8k..
    [Show full text]
  • Protecting Browsers from Extension Vulnerabilities
    Protecting Browsers from Extension Vulnerabilities Adam Barth, Adrienne Porter Felt, Prateek Saxena Aaron Boodman University of California, Berkeley Google, Inc. fabarth, afelt, [email protected] [email protected] Abstract browser’s full privileges. If an attacker can exploit an ex- tension vulnerability, the attacker can usurp the extension’s Browser extensions are remarkably popular, with one in broad privileges and install malware on the user’s machine. three Firefox users running at least one extension. Although At this year’s DEFCON, Liverani and Freeman presented well-intentioned, extension developers are often not security attacks against a number of popular Firefox extensions [24]. experts and write buggy code that can be exploited by ma- In one example, if the user dragged an image from a mali- licious web site operators. In the Firefox extension system, cious web page into the extension, the web site operator these exploits are dangerous because extensions run with could install a remote desktop server on the user’s machine the user’s full privileges and can read and write arbitrary and take control of the user’s mouse and keyboard. files and launch new processes. In this paper, we analyze These attacks raise the question of whether browser ex- 25 popular Firefox extensions and find that 88% of these tensions require such a high level of privilege. To investi- extensions need less than the full set of available privileges. gate this question, we examine 25 popular Firefox exten- Additionally, we find that 76% of these extensions use un- sions to determine how much privilege each one requires.
    [Show full text]