SIP-Based Emergency Notification System Knarig Arabshian IRT Laboratory Columbia University December 5, 2001

SIP-Based Emergency Notification System

Knarig ArabshianKnarig Arabshian

IRT LaboratoryIRT Laboratory

Columbia UniversityColumbia University

December 5, 2001December 5, 2001

Overview

What is an Emergency Notification System?What is an Emergency Notification System? Current Emergency Notification SystemsCurrent Emergency Notification Systems Using SIP for an Emergency Notification Using SIP for an Emergency Notification

SystemSystem Benefits in using SIP for Emergency Benefits in using SIP for Emergency

NotificationNotification Conclusion and Future workConclusion and Future work

What are Emergency Notification Systems? Allow government officials to notify a community Allow government officials to notify a community

of an emergency and precautionary measures that of an emergency and precautionary measures that must be takenmust be taken

Different emergency situations and alert methodsDifferent emergency situations and alert methods Fire AlarmsFire Alarms Earthquake or chemical spills indicated by Earthquake or chemical spills indicated by

sirenssirens Notifying public of terrorist attacks via Notifying public of terrorist attacks via

radio/TV broadcastingradio/TV broadcasting

Current Emergency Notification Systems Emergency Alert System (EAS)Emergency Alert System (EAS)

Controlled by the government and used Controlled by the government and used mostly for wide area emergency mostly for wide area emergency notificationnotification

Specifies how and when state and local Specifies how and when state and local governments provide emergency governments provide emergency instruction to the publicinstruction to the public

Current Emergency Notification Systems Localized Emergency Alerting SystemsLocalized Emergency Alerting Systems

Reverse 911, Community Alert Network Reverse 911, Community Alert Network notifies local officials or companies that notifies local officials or companies that subscribe to a networksubscribe to a network

Subscriptions include preferences regarding:Subscriptions include preferences regarding:Geographical location of notificationGeographical location of notificationTypes of emergency alertsTypes of emergency alertsAlert methods Alert methods

Using SIP for Emergency Notification It is likely that traditional modes of It is likely that traditional modes of

communication will be augmented by Internet communication will be augmented by Internet telephones and applications in the near futuretelephones and applications in the near future

We need to have Emergency Notification Systems We need to have Emergency Notification Systems established on the Internetestablished on the Internet

SIP is an application-layer signaling protocol SIP is an application-layer signaling protocol which can be used for event notificationwhich can be used for event notification

SIP-based Emergency Notification System Subscribe/Notify methods Subscribe/Notify methods SIP AuthenticationSIP Authentication Network ArchitectureNetwork Architecture

Subscribe/Notify

SIP clients can subscribe to a remote SIP server SIP clients can subscribe to a remote SIP server and request notification from itand request notification from it

In case of an event, remote server will alert the In case of an event, remote server will alert the client that an event has occurredclient that an event has occurred

User Agent Client (UAC) represents the institution User Agent Client (UAC) represents the institution that subscribes for emergency notificationthat subscribes for emergency notification

User Agent Server (UAS) is the institution that User Agent Server (UAS) is the institution that issues notifications during an emergencyissues notifications during an emergency

Subscribe/Notify

SIP message will have “SUBSCRIBE or SIP message will have “SUBSCRIBE or “NOTIFY” in the method section of the SIP “NOTIFY” in the method section of the SIP request.request.

The SUBSCRIBE requestThe SUBSCRIBE request Resembles that of a SIP INVITE Resembles that of a SIP INVITE Must have one “Event” header in the header field Must have one “Event” header in the header field

which will specify the type of event it is subscribing to.which will specify the type of event it is subscribing to. Must also contain an “Expires” header which defines Must also contain an “Expires” header which defines

the duration of the subscriptionthe duration of the subscription

Subscribe/Notify

If the UAC wants to subscribe to multiple events, If the UAC wants to subscribe to multiple events, then it must send multiple SUBSCRIBE messages, then it must send multiple SUBSCRIBE messages, with distinct Call-IDs, to the UAS and indicate with distinct Call-IDs, to the UAS and indicate each Event it is subscribing toeach Event it is subscribing to

If the Subscription has expired, then it sends If the Subscription has expired, then it sends another SUBSCRIBE message with the same Call-another SUBSCRIBE message with the same Call-ID but different CSeq numberID but different CSeq number

To unsubscribe, it sends a SUBSCRIBE message To unsubscribe, it sends a SUBSCRIBE message with the ”Expires” field set to zerowith the ”Expires” field set to zero

Subscribe/Notify

Can contain optional message body in Can contain optional message body in SUBSCRIBE requestSUBSCRIBE request Further details of notification such as methods Further details of notification such as methods

of alerting (of alerting (sirens, IM Messages, telephone calls)sirens, IM Messages, telephone calls)

Standardized grammar to automate the Standardized grammar to automate the processing of the SUBSCRIBE request in the processing of the SUBSCRIBE request in the UASUAS

If message body is not present then UAC will If message body is not present then UAC will expect the default method of alertexpect the default method of alert

Subscribe/Notify

NOTIFY Message RequestNOTIFY Message Request The “Event” header will indicate the type The “Event” header will indicate the type

of emergency notification it isof emergency notification it is The message body of the NOTIFY The message body of the NOTIFY

message will include specific instructions message will include specific instructions on the alert methods on the alert methods

Emergency Notification Process

UAC UAS

Send Notify to UAC

Send 200 Confirmation response to UAS

UAC

Alert Process


SIP Authentication

UAS must verify that UAC is an authorized UAS must verify that UAC is an authorized official capable of handling emergency alertsofficial capable of handling emergency alerts

UAC must also authenticate the veracity of the UAC must also authenticate the veracity of the emergency alerts sent by the UAS to prevent false emergency alerts sent by the UAS to prevent false alarmsalarms

Two authentication schemesTwo authentication schemes Basic: weak security—transmits username and Basic: weak security—transmits username and

password in plain sightpassword in plain sight Digest: better choice—uses more name-value Digest: better choice—uses more name-value

pairspairs

SIP Authentication

Subscriber must be aware of all the local Subscriber must be aware of all the local emergency alerting agencies in its areaemergency alerting agencies in its area

Someone has to provide this informationSomeone has to provide this information Third partyThird party Emergency notification server Emergency notification server

Third Party Provides Credentials

Third party operates directory server with Third party operates directory server with information about a local areainformation about a local area

Monitored and maintained by government Monitored and maintained by government officials who recognize UACs and UASs as valid officials who recognize UACs and UASs as valid institutionsinstitutions

UACs and UASs subscribe to the directory server UACs and UASs subscribe to the directory server indicating alerts they request or supportindicating alerts they request or support

Maps UACs to local UASsMaps UACs to local UASs


Lightweight Directory Access Protocol (LDAP) Lightweight Directory Access Protocol (LDAP) can be used to obtain information from local can be used to obtain information from local directory serverdirectory server

Government officials managing the directory Government officials managing the directory serverserver Provide certificates to local UACs and UASs Provide certificates to local UACs and UASs

which establish them as valid institutions for which establish them as valid institutions for community alertingcommunity alerting

Create and distribute passwords to the UACs Create and distribute passwords to the UACs and their matching UASsand their matching UASs


This method is scalable and works well for large This method is scalable and works well for large number of UACs and UASsnumber of UACs and UASs

Not the preferred method for this system since Not the preferred method for this system since there are only a limited number of agencies within there are only a limited number of agencies within a community who are authorized by the a community who are authorized by the government to provide and receive emergency government to provide and receive emergency notificationnotification

Separate directory server needlessly complicates Separate directory server needlessly complicates the systemthe system

Emergency Notification Server Provides Credentials Each emergency notification server has a pre-Each emergency notification server has a pre-

established list of authorized government officials established list of authorized government officials in its areain its area

It sends either postal mail or encrypted e-mail to It sends either postal mail or encrypted e-mail to them indicatingthem indicating Their password is if they wanted to subscribeTheir password is if they wanted to subscribe Types of emergency notifications the server Types of emergency notifications the server

supportssupports

Emergency Notification Server Provides Credentials UAC sends a SUBSCRIBE message to the UAS directlyUAC sends a SUBSCRIBE message to the UAS directly UAC receives a 401 WWW-Authenticate message in UAC receives a 401 WWW-Authenticate message in

responseresponse UAC responds with its encrypted password in the UAC responds with its encrypted password in the

Authorization headerAuthorization header UAS verifies the password and adds the subscriber as a UAS verifies the password and adds the subscriber as a

registered user in its databaseregistered user in its database UAS sends a confirmation NOTIFY message to the UACUAS sends a confirmation NOTIFY message to the UAC UAC adds the UAS to its database of emergency UAC adds the UAS to its database of emergency

notification serversnotification servers

UAC UAS

UAS responds with WWW-Authenticate message

UAC sends an encrypted concatenation of username and password in the Authorization header

UAS confirms with a NOTIFY response message

UAC sends a SUBSCRIBE message to UAS


Network Architecture

Hierarchical network structure provides Hierarchical network structure provides good scalability and facilitates the good scalability and facilitates the breakdown of geographical locationbreakdown of geographical location

Main emergency notification server at the Main emergency notification server at the root serves all the states in the USAroot serves all the states in the USA

Each state has a server that serves its cities Each state has a server that serves its cities and so onand so on


Within the hierarchical tree, children of the Within the hierarchical tree, children of the same parent should have directory listings same parent should have directory listings of each otherof each other

This is beneficial because the number of This is beneficial because the number of government officials within a community government officials within a community will not be very highwill not be very high

Saves time and resources in a critical Saves time and resources in a critical emergency situationemergency situation

Hierarchy of Emergency Notification Server in the United States

USA

AL AK WY

Abbeville Montgomery


Directory listing maintained by each server Directory listing maintained by each server should map a server to an IP addressshould map a server to an IP address

Server names are stored in a database using Server names are stored in a database using their geographical location names as keystheir geographical location names as keys

Child nodes must subscribe to their parent Child nodes must subscribe to their parent node servers and siblings must subscribe to node servers and siblings must subscribe to each othereach other

Benefits in using SIP for Emergency Notification Use on Different Applications and DevicesUse on Different Applications and Devices

Internet telephony, multimedia Internet telephony, multimedia applications, instant messaging and applications, instant messaging and othersothers

3G cell phones, PDAs, home PCs and 3G cell phones, PDAs, home PCs and telephonestelephones

Benefits in using SIP for Emergency Notification More InformationMore Information

SIP message can carry a lot of SIP message can carry a lot of information which can give a detailed information which can give a detailed description of the emergency eventdescription of the emergency event

Single message can have multilingual Single message can have multilingual content and receiver of the message can content and receiver of the message can choose a languagechoose a language

Benefits in using SIP for Emergency Notification Automated ActionAutomated Action

SIP message body automates subscription and SIP message body automates subscription and notification processnotification process

UAC subscribes to UAS with following UAC subscribes to UAS with following preferences in message body: fire, sound alarm preferences in message body: fire, sound alarm bellsbells

In case of a fire, UAS sends a NOTIFY to the In case of a fire, UAS sends a NOTIFY to the UAC with its message body containing UAC with its message body containing information which will invoke sounding of information which will invoke sounding of alarm bells.alarm bells.

Benefits in using SIP for Emergency Notification Lower Resource ConsumptionLower Resource Consumption

SIP will be running over the Internet which is a much SIP will be running over the Internet which is a much faster medium than PSTNfaster medium than PSTN

Example of a local network connected with a T1 Example of a local network connected with a T1 (1.5Mb/s) line(1.5Mb/s) line

50 subscribers/line50 subscribers/line200 Kb/message200 Kb/message7.49 subscribers/second/T1 line7.49 subscribers/second/T1 line

Compare this with PSTN (56 Kb/s) line which yields Compare this with PSTN (56 Kb/s) line which yields 0.28 subscribers/second/PSTN line. 0.28 subscribers/second/PSTN line.

T1 reaches 27 times more subscribers/sec/lineT1 reaches 27 times more subscribers/sec/line

Benefits in using SIP for Emergency Notification Complementary to Current EAS SystemComplementary to Current EAS System

SIP-based emergency systems can be SIP-based emergency systems can be integrated with radio/TV broadcasting to integrated with radio/TV broadcasting to provide emergency notifications via the provide emergency notifications via the Internet as wellInternet as well

Conclusion and Future Work

Using SIP SUBSCRIBE/NOTIFY messages Using SIP SUBSCRIBE/NOTIFY messages we can develop an Internet-based we can develop an Internet-based emergency notification systememergency notification system

Extend sipc to develop a flashing lights Extend sipc to develop a flashing lights demodemo

Use SOAP (Simple Object Access Protocol) Use SOAP (Simple Object Access Protocol) within the NOTIFY message body to within the NOTIFY message body to automate alert processautomate alert process

Documents

SIP-Based Emergency Notification System Knarig Arabshian IRT Laboratory Columbia University December 5, 2001