Digital still cameras and mobile agents: How to create a
Transcription
Digital still cameras and mobile agents: How to create a
Digital still cameras and mobile agents: How to create a distributed service for image processing Mirko Guarnera(1), Massimo Mancuso(1) Antonio Puliafito(2), Massimo Villari(2) (1): STMicroelectronics - AST Catania Lab - Digital Still Camera & Multimedia Mobile Group e-mail: - massimo.mancuso@st.com - mirko.guarnera@st.com (2): University of Messina, Department of Mathematics - Engineering Faculty e-mail: - apulia@ingegneria.unime.it - mvillari@ingegneria.unime.it A BSTRACT The new distributed multimedia applications require more and more to manage user’s mobility. The opportunity of accessing the data at any time, from any place, and with terminals having several processing capabilities, is one of the most important features required. Adequate mechanisms need therefore to be developed, in order to manage the user’s mobility and the distributed processing of data transparently. In this scenario, we think that an approach based on the mobile agent paradigm can be particularly good for dealing with the described issues, by making service provisioning highly flexible and customizable. In this context, this paper deals with the issues of Internet photography and of the distributed processing of digital images acquired by using a Digital Still Camera (DSC). This project includes an architectural solution for the distributed processing of high-quality images based on the mobile agent communication paradigm. The prototype for a new DSC has been developed. Keywords: Mobile agents, Digital Still Cameras, Security, Image Processing 1 I NTRODUCTION The recent technological progress in the areas of highspeed networks, wireless systems, and low-cost multimedia workstations is enabling the development and the diffusion of new types of distributed multimedia applications [1]. In this area, the user’s mobility is another important aspect to be considered. It introduces space and time discontinuity for accessing the distributed system. Adequate mechanisms need therefore to be developed, in order to manage both the user’s temporary disconnection from the system and his/her subsequent connection from another client transparently. The system must therefore be able to dynamically adapt the presentation modes of data to the actual resources of user’s viewing and calculation, considering that they might change throughout the time. For instance, the concept of Virtual Home Environment (VHE), which has been developed for the third generation of mobile networks (UMTS), provides the user with the opportunity of service roaming on different networks and different access devices [2]. In this scenario, we think that an approach based on the mobile agent paradigm can be particularly good for dealing with the described issues, by making service provi- sioning highly flexible and customizable [3]. This would happen in a distributed way, since the different elements of the network become active entities in the provision of the service, while controlling the quality of the service provided, and in any necessary processing. As well as the aspects related with the application features of agents, agent systems may provide technical advantages such as the reduction of communication costs, a reduced use of bandwidth, the possibility of using customizable remote interfaces, and a support for off-line computations [4]. The time and space distribution of the logic of service adds the scalability of the system. This is a key feature, when one wishes to provide a service on a wide area. The distributed processing of digital images seems to be a promising application. This is confirmed by the fact that the demand for Digital Still Cameras (DSCs) has increased very rapidly over the last three years, being the global market for the year 2000 from 13 to 15 million of unit [5]. However, a DSC does not provide the user with the same services available with the traditional photography systems. Furthermore, the management of photos (long-term storage, post-processing, printing) requires a PC able to connect to the Internet, in order to transfer the images acquired through the DSC. For these reasons, during the last few years, the market of online services for digital photography has developed together with the market of DSCs. According to the specifications of the VHE [2], a direct access - by means of a DSC - to the services described would be interesting. The DSC connected in a wireless mode, transfers the images to the Internet, in order to process them. This solution is still limited, but proves how image transmission is an essential component of wireless multimedia. The infrastructural elements included in Internet photography have been identified by Corcoran in [8] and [9]. He shows how connectivity solutions can be made by using a conventional PC, but also describes a next generation of Internet connectivity through embedded Internet appliances. By using the opportunities provided by the connection to remote systems, in [7] Toi proposes to encode the image of the sensor, without doing any processing within the DSC, but moving the phase of processing to the Internet. However, good results can be obtained only on low-quality images, such as the ones of video conferences. Starting from what has been considered so far, this paper deals with the issue of Internet photography and of the distributed processing of digital images acquired by using a DSC. The prototype for a new DSC has been developed. This DSC has no inner processing that can be connected to the Internet in a wireless mode. Furthermore, several experiments have been made for validating the solution proposed. The solution used makes a wide use of the mobile agent technology. Furthermore, it is based on strong security mechanisms, in order to protect the user against an undesired use of his/her images, as well as to protect the service provider with regard to the user’s entity. This solution provides a new image compression mode, which makes their Internet transfer faster. The peculiarity of not having a processing within the DSC, and the use of proprietary encoding before sending the image, also give the opportunity of obtaining considerable benefits in terms of power consumption [11] and architectural complexity. The rest of this paper is organized as follows. The reference architecture for the distributed processing of images is described in section 2, where we show the use of mobile agents and the modes of secure data transfer. In Section 3 we describe the prototype implementation and the experimental results obtained. In particular, in Section 3.1 we show how we managed to create a prototype of wireless DSC through the potential of PDA. In Section 3.3 we show the new data compression mode used. Finally, in Section 4 we present the conclusions, as well as the future lines. 2 G ENERAL DESCRIPTION OF THE SYSTEM Figure 1: Overview of the DSC connections Unlike a conventional DSC (which processes, compresses, and then transfers images through the serial or USB port to a PC, in order to view and process them), the system we propose is different, since the DSC does not perform any pre-processing, and delegates the task of image processing to the distributed service in the Internet. As long as the new images are acquired, they are sent to the DSC on the Internet through a wireless connection. Some software agents, which have been appropriately developed, will access a set of distributed services, in order to process the images according to the user’s requests. The network (with its authentication, post-processing and printing servers) becomes the core element of the architecture, thus enabling the user to access the service notwithstanding the location where he/she is, the terminal he/she uses (if necessary, the images might be transferred through a modem), and the time. The service provided would also be automatically adapted to the specific needs declared within the user profile provided when subscribing the service. The reference architecture is presented in Fig.1. The images acquired by a low-cost DSC are transferred through the Internet or through a wireless (GSM, GPRS, UMTS) connection provided by a network operator, or throug a wired connection. The service of distributed processing is created on the Internet, by using the features made available by appropriately programmed servers. They allow to access storage, e-mail, printing, special effects, and Web gallery features. The communication among the servers is based on the mobile agent communication paradigm, which provides flexibility and adaptability. The use of the services made available by the system is done after the user has been recognized. He/she makes a service query, and therefore needs sophisticated security mechanisms able to assure authentication and privacy of data. According to the features of the mobile terminal, the user will have the opportunity of sending also other multimedia contents (as well as the single images), such as text or short audio streams. The multimedia packet obtained will be encrypted and sent to the reception system, which will provide all the services the user requested when he/she delivered the message. In Fig. 2 we provide a detailed functional description of the system. The message coming from the DSC (consisting of the image and the indication of the actions to be made on the image) is authenticated by an authentication server. As we will clarify in Section 2.1, this starts the phase of setup for the creation of the secure channel, identifies the user through a query LDAP [19] sent to the servers containing the data of the users enabled. Furthermore, the services enabled are checked, and the requests are sorted among the agents designed for this task. The agents search for any filter for processing the images that can be customized by the users. The agents also process the images, by selecting the server with the lowest computational load. They also solve any issue due to the unavailability of a server, and they meet the user’s general needs. These are the basic services provided: • image storage: the images acquired are stored in secure servers. • web gallery: the images are published in real time in a Web page used as a photo album. • image processing: the images are processed by using filters supplied by the service provider or developed by the user. • printing: The images are printed on paper. Some agreements could be stipulated with a service provider, in order to print and deliver the photographs to the user’s home, once a given amount of photos are taken. • e-mail: the image is sent by e-mail, together with any text or voice message. • photo-CD: the images are stored on a CD. One of the main advantages in the use of the agent technology is that the connection of the wireless DSC to • Check for the user’s state: one can imagine the existence of an agent able to search for users according to specific conditions (for example, one may want to contact the users whose credit has gone below a specific threshold, promote new merchandising initiatives, etc.). 2.1 Figure 2: Architecture of the system the network is not always guaranteed (unavailability of the signal in non-covered areas): once the software agent has been instructed, it can process the user’s request, even if he/she can no longer be reached. The results of this processing will therefore be visible at a second time. The agents included within the architecture will therefore need a minimum of intelligence, in order to communicate with other agents independently. In this sense, the compliance with the FIPA standard is essential [6]. The organization of the service according to the agent programming paradigm also provides the advantage of simple updated of the service. In fact, the service administrator will have the opportunity of introducing new features, by sending new agents with advanced software, should this become necessary. Some of the reasons which justify the use of agent technology are mentioned below: • Initialization of the system: by using mobile agents, the distribution is allowed for the code needed for the operation of the system, together with the possibility of introducing new services and initializing them. Furthermore, agents will be necessary for registering the new servers in the server list. Example: a new machine is available. The agent platform is installed on it, and an agent is created. This agent migrates on all of the machine available so far, which are thus notified about the presence of this new machine. The new server is thus initialized by means of an agent coming directly from a main server [13]. • Code update: should a code vary, the changes would be distributed among the agents [14]. Example: one will just need to change the code on a machine directly, and to create an agent. By migrating from a machine to another, the agent will distribute the new code and install it. • Balancing of the workload: once the user forwards a generic request to the closest server, if it cannot satisfy this request (for example, due to an overload [12]), it generates an agent that can migrate and locate the most appropriate server for performing such request. This is done for optimizing the throughput and to improve the effectiveness of the system. Communication & security protocol We need to specify that the DSC does not send e-mails, neither does it perform the other services. By means of a client-server communication, the DSC (client) sends images and multimedia files to a server that manages the generic user’s requests. In order to do so, the server receives other commands, containing the client’s requests. An agent is triggered on MAP platform [16], and listens on a port, waiting for a generic client to request for specific services. While developing the security mechanism on which the prototype of the DSC is based, we needed to solve the issue of avoiding to make the traffic heavier (this specification is very binding in the wireless environment), and to equip the system with "strong" authentication and encryption mechanisms. The client-server communication protocol is very simple: first of all, a "packet" is sent, containing an ID (32 bits) that identifies the user (and thus the services he/she is enabled to use), and a 32bit symmetric key. This key is generated at random [20] during each communication session, and will enable the client to encrypt any multimedia files (even the one of the commands), before sending them to the server. In order to assure a secure transmission, the symmetric key (one generated) is encrypted with the user’s private key [21]. The packet, consisting of the ID and of the encrypted symmetric key, will be encrypted by the public key of the server, and sent to it. The Fig. 3 shows this packet. The server receives the packet and decrypts it by means of its private key. The client’s ID is therefore worked out from the packet. Now one needs to know the user’s public key. This enables the server to decrypt the packet and to extract the session symmetric key. This server, after being interrogated by entering the client’s ID, returns quite the key that is being searched (if it is still valid). One of the purposes that have been achieved is that of structuring the system in order to interact with servers distributed in Internet according to LDAP queries. Once the client’s identity has been verified, the authentication server opens a session for that client on the DB. The rest of the communication between the client (digital still camera) and the DSC system takes place by encrypting the "data" with the symmetric key that is known by only the parties. An area is created in the server for each new client, and a copy of the user’s public key is saved in this area. Figure 3: First packet with criypted data 3 E XPERIMENTAL ENVIRONMENT In this section we will describe the main implementation decisions taken for creating the system described in the previous section. In particular, we will focus our attention on the prototype of wireless DSC created, on the new data compression mode used, and on the preparation of the processing servers. Figure 6: Web of User ID:1234 Web available at the URL http://jada1.unime.it./˜dscnet Figure 4: The wireless DSC prototype. 3.1 Client emulation The client prototype has been created by using a PDA of the new generation. This is Ipaq 3630 by Compaq with a WinCe 3.0 operating system. It is connected to a cam produced by STMicroelectronics, by means of a 115 Kbps RS232 channel. Figure 4 shows the prototype created. The feasibility has been assessed by using a LAN wireless transmission system. A Wlan pcCard has been used for the Ipaq. A graphic interface has been created on the PDA. This allows taking and previewing photos, enabling different services, choosing the recipients (for sending photos by e-mail), publishing the photos on the Web, or saving them in one’s private area. As we can see in Figure 5, the interface created emulates the menus and submenus that should exist in a real DSC. during the registration to the service. The user addresses to a service center, and obtains a SIM card with all its services enabled, and a private key. The service center updates the LDAP server with the user’s public key on-line. With regard to the core of the system shown in the functional scheme of Figure 2 (and with regard to the parts of authentication-verification and control), static software agents have been developed, one for each functional block described. Our idea is that of creating different agents able to start different setup phases and/or different services. This technique provides some flexibility to the system. Should a security strategy be inadequate or should a service be obsolete, one will only need to send a new agent with the relevant software, and kill the previous one, with no need to install the whole system again. The same flexibility applies to the mobile agents that migrate from a server to another, and will be able to satisfy more and more complex services, or to respond to the users’ requests independently and simply. The agents developed currently manage to select the servers for image processing according to criteria of costs. They also provide the filters selected by the user, and perform the final phases of the service: e-mail forwarding, Web publishing, private storage, and print service. In the next paragraph our attention will be focused on the internal architecture of the new DSC, and on a new data compression technique in particular. 3.3 Figure 5: Graphic Interface Ipaq, user Id:180 The wireless communication between the PDA and the network is assured by a WLAN(AC) Access Point. 3.2 Server architecture A computer cluster has been arranged for hosting the whole system. On some computers we used the MAP platform. On other ones we used an LDAP server and MySql databases, in order to assure the storage of photos. The Web server provides the photos taken by each user in real time. In Figure 6 we show the images taken by the prototype, and made public by the User ID 1234. The creation of the private area, of the Web area, and of the public and private keys for each user take place New DSC Architecture A Digital Still Camera (DSC) acquires the information from the sensor in a Color Filter Array (CFA) format, usually Bayer Pattern [10]. To obtain a colored image we need a Color Process that does not increase the information content of the image itself. If we want to store the image or transmit it over a network infrastructure (wireless or wired), the resulted image is usually compressed. So a large amount of data is processed and a large number of operations are required. In order to generate a colored image from a mobile terminal (such as a DSC), we have focused on the possibility to transmit the image in an adequate format, to reduce the amount of calculation on the mobile terminal and add to the terminal itself other multimedia capabilities. Actually there is, in a DSC, a kind of paradox as explained in fig. 7 The data-computation-compression paradox resides in all the operations needed to generate data required by the Compression Standard. According to the traditional timedia data are added and then packed in a proprietary format. To guarantee data privacy and integrity a security system is expected (with the use of Public an Private Keys, depending on the data to be transmitted) . At last, an I/O interface allows to send the data on the wished channel. The data to be transmitted can be sent on the desired channel (Ethernet) or a wireless channel (GPRS), so we need these interfaces in our system. 4 Figure 7: Image transmission Paradox approach (see fig. 8a), after a Sensor Processing (PreProcessing) a large amount of data are elaborated with high computational cost algorithms (Image Generation Process) and the Compression Standard itself discards some of the generated information in order to reduce the amount of data. All This has an impact in term of power consumption and architectural complexity. Thus, as shown in fig. 8b, we have thought that the power consumption could be reduced distributing the processing over the infrastructure/network and we need only a proprietary Light Coding and Transcoding algorithm. Figure 8: Traditional and proposed image transmission schemes The encoder system is designed in order to compress directly the Bayer pattern array (sensor image) with a proprietary lossy compression scheme that not increase visible artifacts to the output JPEG image (on server side). The Terminal System that performs these requirements is shown in the following figure 9. E XPERIMENTAL ASSESSMENTS In this section we will analyze the purposes for the creation of the demos concerning the image processing by means of distributed services. Two demos have been developed. One is a wired demo, while the second one is wireless. The wired demo allowed to achieve these purposes: • Testing the security mechanisms has been possible. • Certificates complying with the X509 standard have been created. Consequently, the LDAP server has been remotely updated. • The user’s area has also been remotely created, together with its Web space, private area, and the arrangement for the MySql database. • The times for encryption-decryption and Web publishing have been checked. • Finally, the time for performing the whole service has been checked. The strategies used for the management of security have been effective. An equal compromise has been achieved between the computational capabilities required and the level of security guaranteed. Several successful registrations to the service of distributed image processing have also been done, in order to emulate a real service center, by assuring both the security in transactions, and a simple interfacing to the system. With regard to the execution time, a total average Ttot time of service performance of about 22 sec. Ttot is the time needed for the complete processing and delivery of a 352x288 pixel color image. T tot = T a + T t + T b + T p; Figure 9: Terminal Scheme When a single scene is acquired, a sensor clock generator produces a clock signal which scans the sensor producing analog values for every pixels. An analog to digital converter produces a digital value for each pixel. During the scan sequence, the pixels, acquired in the CFA format, are divided in 3 single color channel subimages. To avoid distortions due to the subsampling of the CFA format, we perform a light color interpolation only for the G channel. Thus, from a NxM image, we obtain 2 images N/2 x M/2 and a NxM image. These data are stored in a memory. Each image is then compressed using a standard coding algorithm (JPEG). To these data, other mul- (1) where Ta = 4 sec. Tt =7 sec. Tb = 5 sec. Tp = 6 sec. are the average times detected during each activity. Ta - time needed (t.n.) for the creation of service files and image cryptography on the client side. Tt - time needed for transferring the photo+service packet from the laptop computer to the server, by using a 56Kbps telephone connection. This parameter is greatly affected by the traffic conditions of the network. Tb - time needed for decrypting the image and the serv. file, and forwarding them to a mobile agent. Tp - time needed for processing the image and publishing it in the Web. With regard to the wireless demo, we wanted to estimate the transmission time through the wireless channel, as well as the maximum distance that can be reached from the base station in a wlan system. The DSC has been connected to the Ipaq through a serial port. The GUI has taken some photos and enabled the services. The pros and cons of menus and submenus have been detected, and all the necessary improvements have been done. In Figure 10 we show the devices used in the wireless demo. The laptop computer did not only guarantee the Internet access with its integrated modem, but has also guaranteed the wireless communication with the PDA, thus acting as a DCHP gateway. No difference has been found with the times obtained pressor (the factor to multiplied to the Quantizer table). This factor influences strongly the accuracy of the output image. Figure 11: Compression Factor vs Gain and PSNR vs Gain estimations uncompressed The Compression Factor (CF) was evaluated as: CF = Figure 10: Wireless Demo in the first demo, during the time assessment. Actually, the wireless communication provides a high passing bandwidth (close to 2 Mbps), even with palmtop devices. The maximum operation range does not exceed 50m in a closed environment with walls. In this demo we did not use security. Consequently, the total Ttot time is lower, since the times needed for the encryption/decryption of images are not present. According to what we have said so far, the use of Wlan systems is not considered appropriate for this type of applications. Conversely, the experiments made with wireless technologies have provided a useful feedback about the validity of the architecture designed, and about the effectiveness of the distributed service. The use of the mobile agent programming paradigm has shown a considerable flexibility both in the phase of programming and in the phase of use of the system proposed. At the moment, they are performing functions of information search and differentiation of services. The idea of delegating the image processing to the agents is being considered. Sun has recently developed very effective tools of Image Processing (IP) in Java [24]. With regard to image encoding before their transmission, to perform a system where (by the compression of the uninterpolated source image) the final color image has no visible errors compared with the uncompressed color image, we have used a Low Cost Digital Still Camera by STMicroelectronics. The Bayer Pattern (BP) can be firectly taken from this DSC; furthermore, its encoding system has been totally implemented in software. With reference to Figure 12, we have tested our system first, without applying the Light color interpolation for G (Fig. 12b), and then applying it (Fig. 12c). These tests are parameterized by the Gain factor (fig. 11) of the com- Dim(BP ) (2) Dim(Rjpeg) + Dim(Gjpeg) + Dim(Bjpeg) The inverse of CF can be considered as the bpp(bit per pixel). The PSNR is calculated between a picture processed before the transmission and the same picture processed after the transmission. The PSNR values are average values calculated for a Image test Database. From fig. 11 is it clear that there is a tradeoff between accuracy (PSNR) and compression. Notice that for PSNR grater than 35 is difficult to find differences between the image processed with the traditional process and the new proposed model. In the hypothesis of a desired PSNR=35,65 we obtain a CF=4. In this case if the image is in VGA format, the Bayer Pattern is 304KB, the coloured image should be 900KB, instead of we transmit only ˜80KB of data. Figure 12: Images obtained with different approaches. 5 C ONCLUSIONS In this work we have presented an innovative solution to the issue of Internet photography. A reference architecture, based on the use of the agent programming paradigm, has been proposed for the creation of a secure distributed service for processing the digital images acquired through a low-cost DSC that can be connected to the Internet in a wireless mode. The issues that have been dealt with during the work are typical of a Virtual Home Environment (VHE) system where the access to the distributed information is going to be assured notwithstanding the user’s terminal, the location, and time. We think that our solution can easily be extended to some situations that overcome the issue of Internet photography. However, this area has seemed very interesting to us, both for the potential number of users, and for the typically distributed nature of the issue. Due to the growing number of terminals based on JVM Micro Edition, and to the constant increase in the computational capabilities they provide, one can expect that the opportunity of accessing (in a wireless mode) the processing and storage services of distributed data in the Internet will be more and more urgently requested by users. The security issues will therefore be a very interesting area. The same way, we think that the potential provided by the agent programming paradigm can be widely used in this area, thanks to the flexibility it provides in the management of situations related with the customization of services, the control of the quality provided, and the increased reliability. R EFERENCES [1] Manufacturers pin hopes on 3G and Wireless Internet. IEEE Internet Computing, Vol. 4, N. 6, pp. 12-15 November-December 2000. http://dlib.computer.org/ic/books/ic2000/pdf/w6012.pdf [2] The contents of 3GPP specification releases. Release 4, Services and system aspects: VHE. http://www.3gpp.org/. [3] David Kotz and Bob Gray, Mobile Agents and the Future of the Internet, ACM Operating Systems Review, Vol. 33, N. 3, Aug 1999 [4] Michael N. Huhns ,Munindar P. Singh. Mobile Agents, Agents on the Web, IEEE Internet Computing, Vol. 1, N. 3, pp. 80-82 May-June 1997. [5] Journal of Electronic Imaging. JEI, January 2001, http://www.spie.org/. [6] FIPA, a non-profit organisation aimed at producing standards for the interoperation of heterogeneous software agents. http://www.fipa.org. [7] Toi T., Ohta M. A subband coding technique for image compression in single ccd cameras with Bayer color filter arrays. IEEE transaction on Consumer Electronics, Vol. 45, N.1, February 1999 [8] Corcoran P.M., Bigioi P. Internet Enabled Digital Photography. IEEE Transaction on Consumer Electronics, Vol. 45, N.3, August 1999 [9] Corcoran P.M., Steinberg E. Internet Connectivity for Digital Photography. IEEE Transaction on Consumer Electronics, Vol. 46, N.3, August 2000 [10] Okada S., Matsuda Y. System on a Chip for Digital Still Camera. IEEE Transaction on Consumer Electronics, Vol. 45, N.3, August 1999 [11] Appadwedula S., Goel M., Jones D. L., Ramachandran K. and Shanbhag N. R. Efficient wireless image transmission under a total power constraint. 1998 IEEE Multimedia Signal Processing Workshop, Los Angeles, CA, Dec. 8-12, 1998. [12] A. Bieszczad, T. White, and B. Pagurek. Mobile Agents for Network Management. IEEE Communication Surveys, September 1998. [13] V. A. Phan and A. Karmouch. Mobile Software Agents: An Overview. IEEE Communication Magazine, Vol. 31, N. 7, pag.26-37, July 1998. [14] D. Chess, B. Grosof, C. Harrison, D. Levine, C. Parris, and G. Tsudik. Itinerant agents for mobile computing. IEEE Personal Communications, Vol. 2, N. 5, pag.34-49, October 1995. [15] H. de Meer, A. Puliafito, and O. Tomarchio. Management of QoS with Software Agents. Cybernetics and Systems: An International Journal, Vol. 27, N. 5, 1998. [16] A. Puliafito, O. Tomarchio, and L. Vita. MAP: Design and Implementation of a Mobile Agent Platform. Journal of System Architecture. [17] International Telegraph and Telephone Consultative Committee (CCITT), Recom-mendation X.509, The Directory - Authentication Framework, CCITT Blue Book, Vol VIII.8, pp. 48-81, 1988. [18] Netscape has a freely available C and Java software developers kit at http://developer.netscape.com/tech/ directory/. The source for these kits can be found at http://www.mozilla.org/ldap/. [19] T. Howes and M. Smith, LDAP: Programming Directory-Enabled Applications with Lightweight Directory Access Protocol, Macmillan, Indianapolis, Ind., 1997. [20] M. Ellison, B. Frantz, B. Lampson, R. Rivest, B. M. Thomas, and T. Ylönen, SPKI Examples, Internet-Draft draft-ietf-spki-cert-examples-01. txt, work in progress, Internet Engineering Task Force, March 1998. [21] Li Gong, and R. Schemers, Implementing Protection Domains in the Java Devel-opment Kit 1.2, In Proceedings of the 1998 Network and Distributed System Security Symposium, San Diego, CA, March 11//13, 1998. [22] B. Kaliski. RFC 1424: Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services. February 1993. [23] C. Adams, S. Farrell. RFC 2510: Internet X.509 Public Key Infrastructure Certificate Management Protocols. March 1999. [24] Java Media APIs. http://java.sun.com/products/java-media/.