UMA (Unlicensed Mobile Access)

UMA (Unlicensed Mobile Access) is an industry collaboration to extend GSM and GPRS services nto customer sites by utilizing unlicensed radio technologies such as Wi-Fi (Wireless Fidelity) and Bluetooth®. This is achieved by tunnelling GSM and GPRS protocols through a broadband IP network towards the Access Point situated in the customer site and across the unlicensed radio link to the mobile device.

Thus UMA provides an additional access network to the existing GERAN (GSM EDGE Radio Access Network) and UTRAN (UMTS Terrestrial Radio Access Network).

Unlicensed Mobile Access (UMA) technology enables access to GSM and GPRS mobile services over unlicensed spectrum, including Bluetooth™ and WiFi™. Highlights of UMA Technology:

  • Seamless delivery of mobile voice and data services over unlicensed wireless networks.
  • Provides the same mobile identity on Cellular RAN and unlicensed wireless networks.
  • Seamless transitions (roaming and handover) between Cellular RAN and unlicensed wireless networks.
  • Preserves investment in existing/future mobile core network infrastructure
  • Independent of underlying unlicensed spectrum technology (e.g. WiFi™, Bluetooth™)
  • Transparent to existing, standard CPE devices (e.g. access points, routers and modems)
  • Utilizes standard “always on" broadband IP access networks (e.g. DSL, Cable, T1/E1, Broadband Wireless, FTTH…)
  • Security equivalent to current GSM mobile networks
  • No impact to operations of Cellular RAN (e.g. spectrum engineering, cell planning,…)
UMA Technology Operation

UMA technology provides alternative access to GSM and GPRS core network services via IP-based broadband connections. In order to deliver a seamless user experience, the specifications define a new network element (the UMA Network Controller, UNC) and associated protocols that provide for the secure transport of GSM/GPRS signalling and user plane traffic over IP. The UNC interfaces into the core network via existing 3GPP specified A/Gb interfaces.

UMA Interoperability

An open test specification is under development that can be used to facilitate interoperability testing between implementations. The test specification will be available through this web site. Companies planning to implement products based on the UMA specifications should seek bilateral compliancy testing agreements directly with other vendors.

In principle, the UMA specifications ensure interoperability similar to any other industry specifications, but the specifications may include options and parameters that have to be agreed bilaterally with other vendors. The UMA participating companies do not guarantee interoperability and the specifications may be upgraded without notice.

  1. A mobile subscriber with a UMA-enabled, dual-mode handset moves within range of an unlicensed wireless network to which the handset is allowed to connect.
  2. Upon connecting, the handset contacts the UMA Network Controller (UNC) over the broadband IP access network to be authenticated and authorized to access GSM voice and GPRS data services via the unlicensed wireless network.
  3. If approved, the subscriber’s current location information stored in the core network is updated, and from that point on all mobile voice and data traffic is routed to the handset via the Unlicensed Mobile Access Network (UMAN) rather than the cellular radio access network (RAN).
  4. ROAMING: When a UMA-enabled subscriber moves outside the range of an unlicensed wireless network to which they are connected, the UNC and handset facilitate roaming back to the licensed outdoor network. This roaming process is completely transparent to the subscriber.
  5. HANDOVER: If a subscriber is on an active GSM voice call or GPRS data session when they come within range (or out of range) of an unlicensed wireless network, that voice call or data session can automatically handover between access networks with no discernable service interruption. Handovers are completely transparent to the subscriber.
UMA enables GSM/GPRS handsets equipped with Wi-Fi or Bluetooth to access the GSM and General Packet Radio Service GPRS core networks using the unlicensed air interface when available (see figure from the UMA Consortium at above right). As such, UMA represents an extension of the GSM/GPRS network for mobile operators, which can support voice services in homes, offices and hotspots both through the cellular and the WLAN networks. Subscribers using UMA can take advantage of improved indoor coverage and higher data rates, when accessing the local WLAN.

Unlike other convergence solutions, UMA is tightly linked to the mobile core network, which is used for routing, authentication and billing. Regardless of the air interface used, the handset or mobile station (MS) is connected to a 2G or 3G core network. A call initiated using the Wi-Fi interface reaches the 2G core network through the UMA Network (UMAN).

It is important to keep in mind that UMA is not a SIP-based VoIP technology, as the core network is still old-fashioned, circuit-switched GSM. VoIP is employed to carry the signal from the MS to the UNC, over the WLAN and the broadband connection, but once transferred to the core GSM network it is indistinguishable from the rest of the cellular traffic.

The MS accesses the UMA network through a Wi-Fi Access Point (AP) and an IP broadband connection. While the AP and the broadband connections are necessary, the UMA specifications do not mandate their particular requirements. The WLAN infrastructure and broadband connection have to be managed by the user (or the mobile operator, if it so decides). Any Wi-Fi AP and broadband connection are expected to work in an UMA environment. However, performance may be impacted when using APs or broadband connections that lack QoS functionality.

The UMA Network Controller (UNC) provides the interface to the cellular core network. The UNC performs the same function as the GERAN base station and, at the core level, traffic from the two systems (GERAN and UMAN) is treated equally. UMA specifications recommend that the UNC is able to route calls through the 3G core network as well.

UMA promises seamless mobility between the WLAN and the cellular network. A call initiated within the cellular network can be transferred to a WLAN network and vice versa as the subscriber moves to areas with or without WLAN coverage. During the handoff, the MS needs to be able to maintain a connection with both networks, as it is a make-before-break connection. As a result, the subscriber will not notice delays or other changes in the quality of the call.

Different security mechanism operate at different levels:

  • MS to AP – UMA does not mandate any security mechanism, but can coexist with those available, such WPA, WPA2, or WEP.
  • MS to UNC – The UNC includes a security gateway that provides mutual authentication and encryption for the traffic across the WLAN and the broadband connection.
  • MS to core mobile network – The encryption and authentication methods used by the MS when using the GERAN are also used to protect UMA connections.
  • MS to application server – An additional end-to-end data application mechanism (for example, HTTPS) may be used if needed.

UMA will be relatively simple and inexpensive to deploy at the core network level, as no substantial changes are required. The UNCs (and links to the core network) are the only key new infrastructure elements that need to be introduced into the access network.

In its basic form—that is without QoS mechanisms in the WLAN—UMA does not require any change to the WLAN network either. Any AP is expected to work with UMA, although we expect that mobile operators will encourage APs that support QoS. This is because the throughput available in the WLAN and in the broadband connection should make it provide toll voice quality if no other application contends for the same bandwidth. If there is contention, however, UMA cannot guarantee the quality of a voice call or the throughput of a data connection and traffic prioritization with QoS can significantly improve performance, especially in a residential environment where traffic is likely to be less heavy than in the enterprise.

The most expensive and technologically challenging component of UMA solution is the Wi-Fi and cellular handset, because of battery-life limitations, cost, and size. To be UMA-enabled, a Wi-Fi and cellular phone requires client software to communicate with the UNC. While it may be possible to load the UMA software in any Wi-Fi and cellular phone, mobile operators are currently working on, and are more likely to market, handsets developed specifically for UMA access. Any UMA-enabled MS includes a Wi-Fi radio, which will give it access to any IP network and VoIP services (such as those from Skype or Vonage for instance). However mobile operators may decide to block this functionality, especially if they decide to subsidize the phones.


Compiler writing techniques have undergone a number of major revisions over the past forty years. The introduction of object-oriented design and implementation techniques promises to improve the quality of compilers, while making large-scale compiler development more manageable.

In this seminar you want to show that a new way of thinking of a compiler s structure is required to achieve complete object-orientation. This new view on compiling can lead to alternative formulations of parsing and code generation. In practice, the object-oriented formulations have not only proven to be highly efficient, but the have also been particularly easy to teach to students

Wireless Markup Language

When its time to find out how to make content available over WAP, we need to get to grips with its Markup Language. ie, WML. WML was designed from the start as a markup language to describe display of content on small screen devices.

It is a Markup language enabling the formatting of text in WAP environment using a variety of markup tags to determine the display appearance of content. WML is defined using the rules of XML-extensible markup language and therefore an XML application. WML provides a means of allowing the user to navigate around the WAP application and supports the use of anchored links as found commonly in the web pages. It also provides support for images and layout within the constraints of the device.

WML (Wireless Markup Language) is the first markup language standard for wireless devices. It is supported by all the major mobile phone manufacturers. At the beginning of this WML tutorial, you can learn about the basics of WML, such as the deck and card concept, WML's document structure and syntax, etc. Then topics like font styles, images, tables, anchor links and softkeys will be covered. After that we will move on to more advanced topics of WML like events, input elements, variables, and the submission of form data to the server. Plenty of code examples are given in the WML tutorial to help you understand the concepts and techniques.

WML (Wireless Markup Language) 1.x is the markup language defined in the WAP 1.x specification. WAP is the standard created by the WAP Forum (now the Open Mobile Alliance [OMA]) that brings the World Wide Web to wireless devices. It specifies the protocol stack and application environment of mobile Internet browsing applications.

The role of WML in mobile Internet applications is the same as that of HTML in web applications. WAP sites are written in WML, while web sites are written in HTML.

WML 1.x is very similar to HTML. Both of them use tags and are written in plain text format. Some tags in WML 1.x are directly borrowed from HTML. If you have experience in using the HTML markup language, you should be able to learn WML 1.x quickly.

Some features of WML 1.x are specific to wireless devices. For example, WML 1.x provides a way for developers to program the softkeys of mobile phones. This feature is not supported in HTML since computers do not have any softkeys.

The most up-to-date version of the WAP 1.x specification is WAP 1.2.1, which defines WML 1.3.

WML files have the extension ".wml". The MIME type of WML is "text/vnd.wap.wml".

WML supports client-side scripting. The scripting language supported is called WMLScript. Its syntax is based on JavaScript. If you want to learn it, our WMLScript tutorial will be a good starting point for you.

The Wireless Markup Language (WML) is the markup language used to make sites suitable for viewing using a WAP (Wireless Application Protocol) device. If you don't have a WAP device to view the pages, you can get a simulator by downloading the Wireless Companion from YourWAP. The Wireless Markup Language (WML) documents are based on the Extensible Markup Language (XML), and as such need to be well-formed.

  • WML is case sensitive. Elements and attributes are all in lowercase.
  • All tags must have closing tags.
  • Tags must be nested correctly.
  • All attribute values must be enclosed in either single or double quotes.

A WML document must correspond to a valid Document Type Definition (DTD). The DTD used throughout this tutorial is wml_1.1.xml. The DTD should be specified at the top of the document following an xml declaration, as in the following example.

WML Cards

The content of the page is placed between wml tags within the document. WAP sites consist of cards rather than pages. Each card represents the text that will be displayed on the device's screen. Not surprisingly, a collection of cards is referred to as a deck. A single document may contain one or more cards. Each card should contain an id attribute, and a title attribute. The id attribute is used for linking, and the title attribute will be displayed as the title on the device's screen. The following example defines a basic WML document with a single card.

Wireless Markup Language is a lot like HTML (Hyper Text Markup Language) in that it provides navigational support, data input, hyperlinks, text and image presentation, and forms. A WML document is known as a “deck”. Data in the deck is structured into one or more “cards” (pages) – each of which represents a single interaction with the user. The introduction of the terms "deck" and "card" into the internet and mobile phone communities was a result of the user interface software and its interaction with wireless communications services having to comply with the requirements of the laws of two or more nations.

WML decks are stored on an ordinary web server trivially configured to serve the text/vnd.wap.wml MIME type in addition to plain HTML and variants. The WML cards when requested by a device are accessed by a bridge WAP gateway, which sits between mobile devices and the World Wide Web, passing pages from one to the other much like a proxy. The gateways radio the WML pages in a form suitable for mobile device reception. This process is hidden from the phone, so it may access the page in the same way as a browser accesses HTML, using a URL (for example, http://example.com/foo.wml), provided the mobile phone operator has not specifically locked the phone to prevent access of user-specified URLs.

WML has a scaled down set of procedural elements which can be used by the author to control navigation to other cards.

It is an error and misconception to think of WML as a pinhole view of the Internet. The real magic and value of WML is that it provides an interface with the phone hardware to initiate a call based on web content requested by user query, for example the telephone number of a taxi servicing your zip code:

Mobile devices are moving towards support for greater amounts of XHTML and even standard HTML as processing power in handsets increases. These standards are concerned with formatting and presentation. They do not however address cell-phone or mobile device hardware interfacing.

WML can be a very powerful and effective cell-phone add on. It lets you for example enter a zip code, and obtain a list of clickable phone numbers of pizza parlors and taxicabs in your immediate location.


iSCSI Defined Internet SCSI (iSCSI) is a draft standard protocol for encapsulating SCSI command into TCP/IP packets and enabling I/O block data transport over IP networks. iSCSI can be used to build IP-based SANs. The simple, yet powerful technology can help provide a high speed, low-cost, long-distance storage solution for Web sites, service providers, enterprises and other organizations.

An iSCSI HBA, or storage NIC, connects storage resources over Ethernet. As a result, core transport layers can be managed using existing network management applications. High-level management activities of the iSCSI protocol - such as permissions, device information and configuration - can easily be layered over or built into these applications. For this reason, the deployment of interoperable, robust enterprise management solutions for iSCSI devices is expected to occur quickly. First-generation iSCSI HBA performance is expected to be well suited for the workgroup or departmental storage requirements of medium- and large-sized businesses. The expected availability of TCP/IP Offload Engines in 2005 will significantly improve the performance of iSCSI products in future.

Kerberos

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well.

The Internet is an insecure place. Many of the protocols used in the Internet do not provide any security. Tools to "sniff" passwords off of the network are in common use by malicious hackers. Thus, applications which send an unencrypted password over the network are extremely vulnerable. Worse yet, other client/server applications rely on the client program to be "honest" about the identity of the user who is using it. Other applications rely on the client to restrict its activities to those which it is allowed to do, with no other enforcement by the server.

Some sites attempt to use firewalls to solve their network security problems. Unfortunately, firewalls assume that "the bad guys" are on the outside, which is often a very bad assumption. Most of the really damaging incidents of computer crime are carried out by insiders. Firewalls also have a significant disadvantage in that they restrict how your users can use the Internet. (After all, firewalls are simply a less extreme example of the dictum that there is nothing more secure then a computer which is not connected to the network --- and powered off!) In many places, these restrictions are simply unrealistic and unacceptable.

Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity as they go about their business.

Kerberos is freely available from MIT, under copyright permissions very similar those used for the BSD operating system and the X Window System. MIT provides Kerberos in source form so that anyone who wishes to use it may look over the code for themselves and assure themselves that the code is trustworthy. In addition, for those who prefer to rely on a professionally supported product, Kerberos is available as a product from many different vendors.

In summary, Kerberos is a solution to your network security problems. It provides the tools of authentication and strong cryptography over the network to help you secure your information systems across your entire enterprise. We hope you find Kerberos as useful as it has been to us. At MIT, Kerberos has been invaluable to our Information/Technology architecture.

Kerberos is a secure method for authenticating a request for a service in a computer network. Kerberos was developed in the Athena Project at the Massachusetts Institute of Technology (MIT). The name is taken from Greek mythology; Kerberos was a three-headed dog who guarded the gates of Hades. Kerberos lets a user request an encrypted "ticket" from an authentication process that can then be used to request a particular service from a server. The user's password does not have to pass through the network. A version of Kerberos (client and server) can be downloaded from MIT or you can buy a commercial version.

Briefly and approximately, here's how Kerberos works:

  1. Suppose you want to access a server on another computer (which you may get to by sending a Telnet or similar login request). You know that this server requires a Kerberos "ticket" before it will honor your request.
  2. To get your ticket, you first request authentication from the Authentication Server (AS). The Authentication Server creates a "session key" (which is also an encryption key) basing it on your password (which it can get from your user name) and a random value that represents the requested service. The session key is effectively a "ticket-granting ticket."
  3. You next send your ticket-granting ticket to a ticket-granting server (TGS). The TGS may be physically the same server as the Authentication Server, but it's now performing a different service.The TGS returns the ticket that can be sent to the server for the requested service.
  4. The service either rejects the ticket or accepts it and performs the service.
  5. Because the ticket you received from the TGS is time-stamped, it allows you to make additional requests using the same ticket within a certain time period (typically, eight hours) without having to be reauthenticated. Making the ticket valid for a limited time period make it less likely that someone else will be able to use it later.

The actual process is much more complicated than just described. The user procedure may vary somewhat according to implementation.

In a non-networked personal computing environment resources and information can be protected by physically securing the personal computer. But in a network of users requiring services from many computers the identity of each user has to be accurately verified. For authentication kerberos is being used. Kerberos is a third party authentication technology used to identify a user requesting a service.

imode

The imode is the NTT Do Como s new Internet access system. It is an advanced intelligent messaging service for digital mobile phones and other mobile terminals that will allow you to see Internet content in special text format on special imode-enabled mobile phones. Enabling information access from handheld devices requires a deep understanding of both technical and market issues that are unique to the wireless environment. The imode specification was developed by the industry s best minds to address these issues. Wireless devices represent the ultimate constrained computing device with limited CPU, memory and battery life and a simple user interface. Wireless networks are constrained by low bandwidth, high latency and unpredictable availability and stability.

The imode specification addresses these issues by using the best of existing standards and developing new extensions when needed. The imode solution leverages the tremendous investment in web servers, web development tools, web programmers and web applications while solving the unique problems associated with the wireless domain. The specification ensures that this solution is fast, reliable and secure. The imode specification is developed and supported by the wireless telecommunication community so that the entire industry and its subscribers can benefit from a single, open specification.

NTT DoCoMo: The Creators of imode

NTT DoCoMo is a subsidiary of Japan s incumbent telephone operator NTT. The majority of NTT-DoCoMo s shares are owned by NTT, and the majority of NTT s shares are owned by the Japanese government. NTT-DoCoMo s shares are separately listed on the Tokyo Stock Exchange and on the Osaka Stock Exchange, and NTT-DoCoMo s market value (capitalization) makes it one of the world s most valued companies.

Goals of the imode.

The goals of the imode forum are listed as follows. >>To bring Internet content and advanced data services to wireless phones and other wireless terminals.

>>To develop a global wireless protocol specification that works across all wireless network technologies.

>>To enable the creation of content and applications that scale across a wide range of wireless bearer networks and device types, i.e. to maintain device and bearer independence.

>>To embrace and extend existing standards and technology whenever possible and appropriate.

  • i-Mode paid content in Japan alone is worth about US$ 1 Billion/year, and overall m-commerce and m-transactions in Japan are estimated to be US$ 10 billion or more per year in 2005.
  • i-Mode is big new business: 45 million paying subscribers (as of July 2004) and more than 3000 participating companies in Japan, France, Germany, Netherlands, Belgium, Greece, Italy, Spain, Australia!
  • i-Mode means m-Commerce: selling always and everywhere, a totally new and very flexible way of interactive advertising and customer relations management and brand management, transactions, business, games and fun!
  • For several years we build and support i-Mode businesses and the entry into the i-Mode world.

i-mode is a new and completely different service that offers you more than ever before on your phone. And it's important you know how to make the most of this new world. To help you find your way round i-mode, subscribe to i-mode sites and send messages from i-mode, in this section there are a number of detailed "How do I..." question and answer scenarios available covering some of the most important elements of the i-mode service.

i-Mode is a mobile internet business system with 45 million users and more than 3000 participating companies performing a great variety of mobile business transactions, from email, booking rail and air-tickets to games; i-mode was introduced by NTT-DoCoMo, and includes both a proprietary "walled-garden"-type official menu, mainly used for selling content and games and providing information services, as well as a completely open free access to the internet. In Japan i-Mode relies of DoCoMo 2G and 3G packet switched DoPa data networks, and i-Mode is also used on the networks of many other countries including Germany, France, Netherlands, Belgium, Italy, Spain, Australia, and other countries. Business transactions over i-mode are many billion dollards per year, and i-Mode has become an important part of JapanÕs social and commercial infrastructure. i-Mode and competing systems have been completely integrated into the daily life of most Japanese people.


Home Automation

Smart Home is the term commonly used to define a residence that uses a Home Controller to integrate the residence s various home automation systems. The most popular Home Controllers are those that are connected to a Windows based PC during programming only, and are then left to perform the home control duties on a stand-alone basis. Integrating the home systems allows them to communicate with one another through the home controller.

For example, a scenario such as i m home could be triggered by pressing one button on a Keychain Remote from your vehicle as you approach the driveway. The Home Controller receives the Keychain Remote command triggering a scenario, preprogrammed and stored in the home controller. The celestial clock in the controller knows that it is 8 p.m. and past sunset in your geographical location, therefore starting the scenario by sequentially turning on the lighting in the driveway, garage entry, walkway, hallway and kitchen. It then disarms the security system. opens the garage door, unlocks the interior garage entry door, adjusts the thermostat(s) to a preset home position: and turns on the whole-house audio system.

A home systems status check is also a convenient feature to add to the Good Night scenario. In addition to automatically turning off all lights and adjusting the thermostats, the system will also provide an audio report indicating the status of the security system by zone, the temperature in each zone, the position of the garage doors, and the wakeup times selected.

PC Networks PC Networks are quickly becoming an essential element of today s Smart Homes: A Windows 98 release 2PC Network allows all of the family PCs to share resources including one connection, and one account to the internet, simultaneously. This is also convenient for smart home system upgrades, since much of the home automation and home systems equipment is PC programmable and equipment manufacturers now provide the software upgrades via the Internet. The Internet connection will increasingly play a major role in the operation and monitoring of our home.

Home automation is an excellent choice for anybody who spends time away from home, or anybody who simply wants the best in home security. Home automation allows you to control your lights and cameras in several convenient ways from home. For added ease, home automation also allows you to control timers from a remote location. With home automation systems, you can set automatic and delayed timers, giving the appearance of being home, even if you are on an extended trip. Home automation systems are a smart and affordable investment in home security.

Home automation is a field of building automation that is focused on the automation of private residences. Home automation can include the automation of temperature, lighting, homes security, intercoms and even multi-media entertainment centers. Home automation can be installed in a home during construction, or added to a home later. Home automation includes sensors, controllers, and actuators.
Home automation can be wirelesses or connected by wire.

Home automation generally refers to several specific tasks. A home automation system can control the heat and humidity of your private residence. It also regulates the lighting in the house to automatically turn off and on at designated times. This is a great way to save power, especially if you have the tendency to walk out of the house with the lights on. The home automation of video and audio can allow distribution from a single audio and visual source to multiple radios or televisions.

One of the most important parts of home automation is security. Home automation regulates cameras for security surveillance, as well as sensors for any unwanted visitors. Home automation also includes detection of fire or carbon monoxide and the ability to contact emergency medical assistance in the case of an accident.
Meta Description: Home automation is not only about convenience, it's also about keeping your home and family secure.

Home automation (also called domotics) is a field within building automation, specializing in the specific automation requirements of private homes and in the application of automation techniques for the comfort and security of its residents. Although many techniques used in building automation (such as light and climate control, control of doors and window shutters, security and surveillance systems, etc.) are also used in home automation, additional functions in home automation can include the control of multi-media home entertainment systems, automatic plant watering and pet feeding, automatic scenes for dinners and parties, and a more user-friendly control interface.

When home automation is installed during construction of a new home, usually control wires are added before the interior walls are installed. These control wires run to a controller, which will then control the environment.

In extreme installations, rooms can sense not only the presence of a person but know who that person is and perhaps set appropriate lighting, temperature and music/TV taking into account day of week, time of day, and other factors.

Other automated tasks may include setting the air conditioning to an energy saving setting when the house is unoccupied, and restoring the normal setting when an occupant is about to return. More sophisticated systems can maintain an inventory of products, recording their usage through an RFID tag, and prepare a shopping list or even automatically order replacements.

Some practical implementations of home automation are for example when an alarm detects a fire or smoke condition, then all lights in the house will blink to alert occupants. If the house is equipped with a home theater, a home automation system can shut down all audio and video components to alert the user to a possible fire or a burglar


Virtual Surgery

The 3-D images can also be colour enhanced to highlight, say, bone or blood vessels. Imagery of this kind relies on a technique called ray tracing : an algorithm calculates which rays of light from the volume image would enter a virtual eye located at a point that will give the surgeon the desired perspective. The virtual eye can for example be induced to move down an esophagus, simulating the path an endoscopic probe would take.

3-D rendering provide a concise way of depicting an entire data set, instead of flipping through lots and lots of two dimensional images.

Virtual surgical training is one of the most promising areas in medicine where 3-D computer graphics and virtual reality techniques are emerging. While currently available VR surgery systems usually require expensive hardware and software, we developed a desktop VR orthopedic surgery training system that can run on commonly available personal computer so that it is able to work even at the surgeon’s home PCs.

During the common orthopedic surgery training, the students are asked to fix up fractures on plastic bones using surgical tools and implants. The typical fractured plastic bone is shown in Figure 1. The students have to reduce the fracture and internally fix it using implants that include hundreds of different plates, screws, nails, and wires. See Figure 2, for example, where the fractured femur is fixed with the nail inserted in its canal. For the insertion of implants, different surgical instruments are used which allow the surgeons to drill the holes, to measure for a length, to insert the implants, etc. The next step will be surgical operations on cadavers, and only after that the student will be allowed to approach the real patient. The idea to use a computer for the orthopedic surgery training came from the Department of Orthopedics at Singapore General Hospital who approached the School of Applied Science at the Nanyang Technological University where Olga and me were employed at the moment. The surgeons were interested, first, in saving the cost of the bones since the good quality synthetic bones are expensive, and, second, in the ability to work with the certain bones that might be not available in the market. Besides that, the surgeons anticipated an attractive possibility of training the students on the virtual models of real fractures obtained from the CT or MRI data. Certainly, this virtual training will not substitute completely the compulsory training on synthetic bones and on cadavers but may allow the students to perform the initial routine work entirely in the virtual environment thus saving the cost and the time of the common training. To make this virtual training easily accessible, we decided to develop the core system capable of running on common personal computers available in every medical clinic and at homes. We’ve come up with the project aiming to develop an inexpensive alternative to the common orthopedic surgery training that allows the surgeons the following:
- To keep in the computer every single bone with different sizes and specific features that might be difficult and expensive using the synthetic models.
- To create models of the fractured bones from real patients where the data comes from CT and MRI images.
- To go even further and to perform surgical operation planning before the actual operation is undertaken.

Virtual Surgery is a one stop shop for all your technical needs. We can teach you how to use your technology more productively, solve problems you are having and advise you on what products to buy.

Virtual Surgery was set-up to help a growing number of people deal with a huge variety of technical issues they may face.

Services which we provide for both personal and corporate include:

  • Consulting / Advice
  • Tutoring / Teaching
  • Trouble shooting
  • Installations
  • Tune-ups
  • Video Editing
  • Web Design
  • Coding
Finally - Someone to turn to for advice!


Web Spoofing

This paper describes an Internet security attack that could endanger the privacy of World Wide Web users and the integrity of their data. The attack can be carried out on today s systems, endangering users of the most common Web browsers, including Netscape Navigator and Microsoft Internet Explorer.

1.1 HISTORY

The concept of IP spoofing was initially discussed in academic circles in the 1980 s. It was primarily theoretical until Robert Morris, whose son wrote the first Internet Worm, discovered a security weakness in the TCP protocol known as sequence prediction. Another infamous attack, Kevin Mitnick s Christmas day, crack of Tsutomu Shimomura s machine, employed the IP spoofing and TCP sequence prediction techniques. While the popularity of such cracks has decreased due to the demise of the services they exploited, spoofing can still be used and needs to be addressed by all security administrators.

1.2 WHAT IS SPOOFING?

Spoofing means pretending to be something you are not. In Internet terms it means pretending to be a different Internet address from the one you really have in order to gain something. That might be information like credit card numbers, passwords, personal information or the ability to carry out actions using someone else’s identity.

IP spoofing attack involves forging one s source address. It is the act of using one machine to impersonate another. Most of the applications and tools in web rely on the source IP address authentication. Many developers have used the host based access controls to secure their networks. Source IP address is a unique identifier but not a reliable one. It can easily be spoofed.

Web spoofing allows an attacker to create a shadow copy of the entire World Wide Web. Accesses to the shadow Web are funneled through the attacker s machine, allowing the attacker to monitor the all of the victim s activities including any passwords or account numbers the victim enters. The attacker can also cause false or misleading data to be sent to Web servers in the victim s name, or to the victim in the name of any Web server. In short, the attacker observes and controls everything the victim does on the Web.

The various types of spoofing techniques that we discuss include TCP Flooding, DNS Server Spoofing Attempts, web site names, email ids and link redirection.

Web spoofing is the act of secretly tricking your Web browser into talking to a different Web server than you intend. How? By attacking the DNS (domain name system) that maps the "www.site.com" in a URL to a network address, or by modifying a Web page to have a bad URL, or by tricking your browser as it interprets CGI data, JavaScript, etc.

After your browser has been fooled, the spoofed Web server can send you fake Web pages or prompt you to provide personal information such as your login ID, password, or even credit card or bank account numbers. If done carefully, you probably will not even notice that you have been duped.

How to Spot a Spoofed Page

Some Web spoofing may be noticeable, so it is helpful to keep these tips in mind:

  • If you hold your mouse over a URL that is a link, the status line displays the corresponding URL. Be suspicious if the status line URL is different from what you think you should see.
  • When the Web page is being requested, the status line will show the name of the server. Beware if the server name is different from what you expected.
  • Your browser's location line is the place to watch for anything unusual about a site's URL.

Unfortunately, clues to a Web spoofing attack can be hidden if the attacker is using JavaScript (which can write to the status line and rewrite location line URLs) or a similar program that makes all requests for a particular URL go to the attacker's system. After obtaining the desired information, the spoofed Web site might even send you to the correct site.

Another way to think about Web spoofing is to be aware of where a link goes--whether to a place you expected or to someplace odd.

Private Information Requests

If Web pages with which you are familiar suddenly ask you to fill in private information, weigh the situation carefully before supplying it. If possible, call or send mail to the official source to verify that this change is legitimate. When in doubt, do not enter any information you feel uncomfortable providing.

Even a secure "https" connection (with Secure Sockets Layer) does not guarantee against surveillance or modification of information you send. If you are already connected to the attacker's system, you may simply be securely connected to the Web spoofer's server.

What to Do

If you think you are a victim of a Web spoof, report it to the official source of the page by phone or via an email address that you know to be correct. If you have been tricked into supplying your password, you should change it immediately.

Web spoofing allows an attacker to create a "shadow copy" of the entire World Wide Web. Accesses to the shadow Web are funneled through the attacker's machine, allowing the attacker to monitor the all of the victim's activities including any passwords or account numbers the victim enters. The attacker can also cause false or misleading data to be sent to Web servers in the victim's name, or to the victim in the name of any Web server. In short, the attacker observes and controls everything the victim does on the Web.

SPOOFING ATTACKS

In a spoofing attack, the attacker creates misleading context in order to trick the victim into making an inappropriate security-relevant decision. A spoofing attack is like a con game: the attacker sets up a false but convincing world around the victim. The victim does something that would be appropriate if the false world were real. Unfortunately, activities that seem reasonable in the false world may have disastrous effects in the real world.

Spoofing attacks are possible in the physical world as well as the electronic one. For example, there have been several incidents in which criminals set up bogus automated-teller machines, typically in the public areas of shopping malls. The machines would accept ATM cards and ask the person to enter their PIN code. Once the machine had the victim's PIN, it could either eat the card or "malfunction" and return the card. In either case, the criminals had enough information to copy the victim's card and use the duplicate. In these attacks, people were fooled by the context they saw: the location of the machines, their size and weight, the way they were decorated, and the appearance of their electronic displays.

People using computer systems often make security-relevant decisions based on contextual cues they see. For example, one might decide to type in your bank account number because he/she believes you are visiting your bank's Web page. This belief might arise because the page has a familiar look, because the bank's URL appears in the browser's location line, or for some other reason.



WEB SPOOFING

Web spoofing is a kind of electronic con game in which the attacker creates a convincing but false copy of the entire World Wide Web. The false Web looks just like the real one: it has all the same pages and links. However, the attacker controls the false Web, so that all network traffic between the victim's browser and the Web goes through the attacker.

Consequences Since the attacker can observe or modify any data going from the victim to Web servers, as well as controlling all return traffic from Web servers to the victim, the attacker has many possibilities. These include surveillance and tampering.

Surveillance The attacker can passively watch the traffic, recording which pages the victim visits and the contents of those pages. When the victim fills out a form, the entered data is transmitted to a Web server, so the attacker can record that too, along with the response sent back by the server. Since most on-line commerce is done via forms, this means the attacker can observe any account numbers or passwords the victim enters.

The attacker can carry out surveillance even if the victim has a "secure" connection (usually via Secure Sockets Layer) to the server, that is, even if the victim's browser shows the secure-connection icon (usually an image of a lock or a key).

Tampering The attacker is also free to modify any of the data traveling in either direction between the victim and the Web. The attacker can modify form data submitted by the victim. For example, if the victim is ordering a product on-line, the attacker can change the product number, the quantity, or the ship-to address.
The attacker can also modify the data returned by a Web server, for example by inserting misleading or offensive material in order to trick the victim or to cause antagonism between the victim and the server.


Spoofing the Whole Web

You may think it is difficult for the attacker to spoof the entire World Wide Web, but it is not. The attacker need not store the entire contents of the Web. The whole Web is available on-line; the attacker's server can just fetch a page from the real Web when it needs to provide a copy of the page on the false Web.

How the Attack Works:

The key to this attack is for the attacker's Web server to sit between the victim and the rest of the Web. This kind of arrangement is called a "man in the middle attack" in the security literature.

Web Spoofing is a security attack that allows an adversary to observe and modify all web pages sent to the victim's machine, and observe all information entered into forms by the victim. Web Spoofing works on both of the major browsers and is not prevented by "secure" connections. The attacker can observe and modify all web pages and form submissions, even when the browser's "secure connection" indicator is lit. The user sees no indication that anything is wrong.

The attack is implemented using JavaScript and Web server plug-ins, and works in two parts. First, the attacker causes a browser window to be created on the victim's machine, with some of the normal status and menu information replaced by identical-looking components supplied by the attacker. Then, the attacker causes all Web pages destined for the victim's machine to be routed through the attacker's server. On the attacker's server, the pages are rewritten in such a way that their appearance does not change at all, but any actions taken by the victim (such as clicking on a link) would be logged by the attacker. In addition, any attempt by the victim to load a new page would cause the newly-loaded page to be routed through the attacker's server, so the attack would continue on the new page.

The attack is initiated when the victim visits a malicious Web page, or receives a malicious email message (if the victim uses an HTML-enabled email reader).

We have implemented a demonstration of the Web Spoofing attack and have shown the demo live at the Internet World conference and on MSNBC television. Although the implementation is not trivial, it is well within the means of a single dedicated programmer.

Current browsers do not prevent Web Spoofing, and there seems to be little movement in the direction of addressing this problem. We believe that there can be no secure electronic commerce on the Web until the Web Spoofing vulnerability has been addressed.

Many false claims have been made about Web Spoofing, and some people who make public statements about Web Spoofing do not understand the full scope of the problem. If you want to understand Web Spoofing, please read our paper on the topic. We worked hard to make it accessible to non-experts.



Tripwire

Tripwire is a reliable intrusion detection system. It is a software tool that checks to see what has changed in your system. It mainly monitors the key attribute of your files, by key attribute we mean the binary signature, size and other related data. Security and operational stability must go hand in hand, if the user does not have control over the various operations taking place then naturally the security of the system is also compromised. Tripwire has a powerful feature which pinpoints the changes that has taken place, notifies the administrator of these changes, determines the nature of the changes and provide you with information you need for deciding how to manage the change.

Tripwire Integrity management solutions monitor changes to vital system and configuration files. Any changes that occur are compared to a snapshot of the established good baseline. The software detects the changes, notifies the staff and enables rapid recovery and remedy for changes. All Tripwire installation can be centrally managed. Tripwire software’s cross platform functionality enables you to manage thousands of devices across your infrastructure.

Security not only means protecting your system against various attacks but also means taking quick and decisive actions when your system is attacked. First of all we must find out whether our system is attacked or not, earlier system logs were certainly handy. You can see evidences of password guessing and other suspicious activities. Logs are ideal for tracing steps of the cracker as he tries to penetrate into the system. But who has the time and the patience to examine the logs on a daily basis .

A tripwire is a passive triggering mechanism, usually/originally employed for military purposes, although its principle has been used since prehistory for methods of trapping game.

Typically, a wire or cord is attached to some device for detecting or reacting to physical movement. From this basic meaning, several extended and metaphorical uses of the term have developed.

Military usage may designate a tripwire as a wire attached to one or more mines — normally bounding and fragmentation type mines — in order to increase their activation area. Pressure against, or the breaking of, this tripwire will result in activation of the mine fuse.

Soldiers sometimes detect the presence of tripwires by spraying the area with Silly String. If the string falls to the ground there are no tripwires. If there is a tripwire, the string will be suspended in the air without pulling the wire.It is being used by U.S. troops in Iraq for this purpose.

Tripwire is a system integrity checker, a utility that compares properties of designated files and directories against information stored in a previously generated database. Any changes to these files are flagged and logged, including those that were added or deleted, with optional email reporting. Additionally, support files (databases, reports, etc.) are cryptographically signed


Java Ring

A Java Ring is a finger ring that contains a small microprocessor with built-in capabilities for the user, a sort of smart card that is wearable on a finger. Sun Microsystem s Java Ring was introduced at their JavaOne Conference in 1998 and, instead of a gemstone, contained an inexpensive microprocessor in a stainless-steel iButton running a Java virtual machine and preloaded with applets (little application programs). The rings were built by Dallas Semiconductor.

Workstations at the conference had ring readers installed on them that downloaded information about the user from the conference registration system. This information was then used to enable a number of personalized services. For example, a robotic machine made coffee according to user preferences, which it downloaded when they snapped the ring into another ring reader.

Although Java Rings aren t widely used yet, such rings or similar devices could have a number of real-world applications, such as starting your car and having all your vehicle s components (such as the seat, mirrors, and radio selections) automatically adjust to your preferences.

The Java Ring is an extremely secure Java-powered electronic token with a continuously running, unalterable real-time clock and rugged packaging, suitable for many applications. The jewel of the Java Ring is the Java iButton -- a one-million transistor, single chip trusted microcomputer with a powerful Java Virtual Machine (JVM) housed in a rugged and secure stainless-steel case.

The Java Ring is a stainless-steel ring, 16-millimeters (0.6 inches) in diameter, that houses a 1-million-transistor processor, called an iButton. The ring has 134 KB of RAM, 32 KB of ROM, a real-time clock and a Java virtual machine, which is a piece of software that recognizes the Java language and translates it for the user s computer system.

The Ring, first introduced at JavaOne Conference, has been tested at Celebration School, an innovative K-12 school just outside Orlando, FL. The rings given to students are programmed with Java applets that communicate with host applications on networked systems. Applets are small applications that are designed to be run within another application. The Java Ring is snapped into a reader, called a Blue Dot receptor, to allow communication between a host system and the Java Ring.

Designed to be fully compatible with the Java Card 2.0 standard the processor features a high-speed 1024-bit modular exponentiator fro RSA encryption, large RAM and ROM memory capacity, and an unalterable real time clock. The packaged module has only a single electric contact and a ground return, conforming to the specifications of the Dallas Semiconductor 1-Wire bus. Lithium-backed non-volatile SRAM offers high read/write speed and unparallel tamper resistance through near-instantaneous clearing of all memory when tampering is detected, a feature known as rapid zeroization.

Data integrity and clock function are maintained for more than 10 years. The 16-millimeter diameter stainless steel enclosure accomodates the larger chip sizes needed for up to 128 kilobytes of high-speed nonvolatile static RAM. The small and extremely rugged packaging of the module allows it to attach to the accessory of your choice to match individual lifestyles, such as key fob, wallet, watch, necklace, bracelet, or finger ring.

NAS

Information Technology (IT) departments are looking for cost-effective storage solutions that can offer performance, scalability, and reliability. As users on the network increase and the amounts of data generated multiply, the need for an optimized storage solution becomes essential. Network Attached Storage (NAS) is becoming a critical technology in this environment.

The benefit of NAS over the older Direct Attached Storage (DAS) technology is that it separates servers and storage, resulting in reduced costs and easier implementation. As the name implies, NAS attaches directly to the LAN, providing direct access to the file system and disk storage. Unlike DAS, the application layer no longer resides on the NAS platform, but on the client itself. This frees the NAS processor from functions that would ultimately slow down its ability to provide fast responses to data requests.

In addition, this architecture gives NAS the ability to service both Network File System (NFS) and Common Internet File System (CIFS) clients. As shown in the figure below, this allows the IT manager to provide a single shared storage solution that can simultaneously support both Windows*-and UNIX*-based clients and servers. In fact, a NAS system equipped with the right file system software can support clients based on any operating system.

NAS is typically implemented as a network appliance, requiring a small form factor (both real estate and height) as well as ease of use. NAS is a solution that meets the ever-demanding needs of today s networked storage market.

COOPERATIVE LINUX

COOPERATIVE LINUX, abbrieviated as coLinux, is a software that lets Microsoft Windows cooperate with the Linux kernel, to run both in parallel, on the same machine. Cooperative Linux utilizes the concept of a Cooperative Virtual Machine (CVM). In contrast to the traditional Virtual Machines(VMs), the CVM shares, the resources that already exist in the host OS. In traditional (host) VMs, resources are virtualized for every (guest) OS. The Cooperative Virtual Machine(CVM) gives both operating systems complete control of the host machine, while the traditional VM sets every guest OS in an unprivileged state to access the real machine.

The term cooperative is used to describe two entities working in parallel. In effect, Cooperative Linux turns the two different operating system kernels into two big *coroutines. Each kernel has its own complete CPU context and address space. Each kernel also decides when to give control back to its partner. However, while both kernels theoretically have full access to the real hardware, modern PC hardware is incompatibly designed to be controlled by two different operating systems at the same time. Therefore the host kernel is left in control of the real hardware, while the guest kernel contains special drivers that communicates with the host and provide various important devices to the guest OS. *program components that generalize subroutines to allow multiple entry points and suspending and resuming of execution at certain locations.

DNA Computing in security

In today’s world where no modern encryption algorithms are spared of the security breach, the world of information security is on the look out for fresh ideas. Thus came up the new theory of DNA computing in the fields of cryptography and steganography.

Though researches have been done to demonstrate DNA computing and its use in the areas of cryptography, steganography and authentication, the limitations of sophisticated lab requirements, along with high labour cost has still kept DNA computing at bay from today’s security world. But on the other hand DNA authentication has become a great boon.

LonWorks Protocol

A technology initiated by the Echelon Corporation in 1990, the LonWorks provides a platform for the for building industrial, transportation, home automation and public utility control networks to communicate with each other. Built on the Local Operating Network, it uses the LonTalk protocol, in order to have a peer to peer communication with each other, with out actually having a gateway or other hardware.

As cell phones become a part and parcel of our life so do the threats imposed to them is also on the increase. Like the internet, today even the cell phones are going online with the technologies like the edge, GPRS etc. This online network of cellphones has exposed them to the high risks caused by malwares viruses, worms and Trojans designed for mobile phone environment. The security threat caused by these malwares are so severe that a time would soon come that the hackers could infect mobile phones with malicious software that will delete any personal data or can run up a victim s phone bill by making toll calls.

All these can lead to overload in mobile networks, which can eventually lead them to crash and then the financial data stealing which poises risk factors for smart phones. As the mobile technology is comparatively new and still on the developing stages compared to that of internet technology, the anti virus companies along with the vendors of phones and mobile operating systems have intensified the research and development activities on this growing threat, with a more serious perspective.

IMBRICATE CRYPTOGRAPHY

Imbricate cryptography is a new technique that uses the layered approach designed by us. It is a type of symmetric cryptography in which the key is implanted in the message, so the message cannot be recovered without using the correct key. Here the message and the key are inwardly plaited. It involves layers of encryption and decryption. Since the key is of variable length of the user's choice, it cannot be found by permutation and combination. Moreover, the output transmitted as a bitmap file perplexes the cracker. Thus the encrypted file can be sent across the network of interest. Implementation is done by us for the message involving text but the algorithm is extensible to any media. Simplicity, user-orientation and compatibility are the key features of the algorithm.

Security and privacy are critical for electronic communication and e-business. Network security measures are needed to protect data during its transmission. Cryptography plays a vital role in network security as it allows two parties to exchange sensitive information in a secured manner. The word cryptography means covered writing’. The art or science of transforming an intelligible message into unintelligible one and then retransforming that message back to its original form is cryptography. There are two types of cryptography: asymmetric cryptography and symmetric cryptography.

If the sender and the receiver use different keys. It is called asymmetric or multiple-key, public-key encryption. If the sender and the receiver use the same key it is called single key, secret-key or conventional encryption. It involves the use of a symmetric cryptography. secret key known only to the participants of the secure communication: If A wants to send a message to B, he encrypts the original message X by the encryption algorithm using the key agreed upon by them.

If the sender and the receiver use different keys. It is called asymmetric or multiple-key, public-key encryption. If the sender and the receiver use the same key it is called single key, secret-key or conventional encryption. It involves the use of a symmetric cryptography. secret key known only to the participants of the secure communication: If A wants to send a message to B, he encrypts the original message X by the encryption algorithm using the key agreed upon by them.

The encrypted message is through the communication media transmitted a secured and the key is transmitted through RF cable, fiber, tc.The receiver media like decrypts the original message from the encrypted message using the same key and the decryptor. A cryptanalyst may try to capture the message and the key. If he fails to do so, the encryption algorithm is successful.

Case Based Reasoning

Artificial Intelligence has long been considered as fruit of our intentions to realize nature in our mechanized- human lives; just as aero planes were, of our desire to fly with like the birds of flight. Case-based reasoning (CBR), is the process of solving new problems based on the solutions of similar past problems. An auto mechanic who fixes an engine by recalling another car that exhibited similar symptoms is using case-based reasoning. A lawyer who advocates a particular outcome in a trial based on legal precedents or a judge who creates case law is using case-based reasoning. Case-based reasoning is a prominent kind of analogy making.

It has been argued that case-based reasoning is not only a powerful method for computer reasoning, but also a pervasive behavior in everyday human problem solving. Or, more radically, that all reasoning is based on past cases experienced or accepted by the being actively exercising choice – prototype theory – most deeply explored in human cognitive science.

CBR technology has produced a number of successful deployed systems, the earliest being Lockheed s CLAVIER, a system for laying out composite parts to be baked in an idustrial convection oven. CBR has been used extensively in help-desk applications such as the Compaq SMART system. As of this writing, a number of CBR decision support tools are commercially available, including k-Commerce from eGain (formerly Inference Corporation), Kaidara Advisor from Kaidara (formerly AcknoSoft) and SMART from Illation.

SyncML




SyncML (Synchronization Markup Language) is the former name (currently referred to as: Open Mobile Alliance Data Synchronization and Device Management) for a platform-independent information synchronization standard. Existing synchronization solutions have mostly been somewhat vendor-, application- or operating system specific. The purpose of SyncML is to change this by offering an open standard as a replacement. Several major companies such as Motorola, Nokia, Sony Ericsson, LG, IBM and Siemens AG already support SyncML in their products, although LG do not support it in all their phone models, preferring to use their own proprietary syncing protocols such as LG Sync SPP. Philippe Kahn was instrumental in the founding vision for synchronization with Starfish Software, later acquired by Motorola. The founding vision as expressed by Kahn was: "Global synchronization and integration of wireless and wireline devices".

SyncML is most commonly thought of as a method to synchronize contact and calendar information (Personal Information Manager) between some type of handheld device and a computer (personal, or network-based service), such as between a mobile phone and a personal computer. The new version of the specification includes support for push email, providing a standard protocol alternative to proprietary solutions like BlackBerry.

Some products are now using SyncML for more general information synchronization purposes, such as to synchronize project task information across a distributed group of team members. SyncML can also be used as a base for backup solutions.

  • A fairly intricate and vague protocol specification has meant that there in general are major interworking problems with different servers against different clients.
  • In addition to the server address, user name and password, SyncML requires a database name to be specified for opening a connection. This database name is not standardized, and different servers use different names for the same service. E.g. one server might use card while another ./contacts for the contact database.
  • Only the over-the-air (OTA) interface has any degree of standardization, whereas synchronization over a local interface is not standardized, and requires specific solution for any device, if available at all. 

  • The popularity of mobile computing and communications devices can be traced to their ability to deliver information to users when needed. Users want ubiquitous access to information and applications from the device at hand, plus they want to access and update this information on the fly.

    The ability to use applications and information on one mobile device, then to synchronize any updates with the applications and information back at the office, or on the network, is key to the utility and popularity of this pervasive, disconnected way of computing.

    Unfortunately, we cannot achieve these dual visions:

    o Networked data that support synchronization with any mobile device

    o Mobile devices that support synchronization with any networked data

    Rather, there is a proliferation of different, proprietary data synchronization protocols for mobile devices. Each of these protocols is only available for selected transports, implemented on a selected subset of devices, and able to access a small set of net-worked data. The absence of a single synchronization standard poses many problems for end users, device manufacturers, application developers, and service providers.

    SyncML is a new industry initiative to develop and promote a single, common data synchronization protocol that can be used industry-wide. Driving the initiative are Ericsson, IBM, Lotus, Motorola, Nokia, Palm Inc., Psion, Starfish Software. Additional companies are being recruited to join and participate.

    The SyncML initiative recognized the worldwide need for one common data synchronization protocol. With the industry-wide proliferation of mobile devices and the evolution toward mobile devices as the major means of information exchange, remote synchronization of data will be of integral importance. The SyncML initiative, officially supported by well over 200 device manufacturers, service providers and application developers, is currently developing and promoting an open global specification for mobile data synchronization.