Isode XMPP Whitepapers
Whitepapers with a special relevance to XMPP solutions together with those of a more general relevance to Instant Messaging and Presence.
|Interconnecting XMPP and IRC
This whitepaper looks at how IRC (Internet Relay Chat) and XMPP (eXtensible Messaging and Presence Protocol) text chat services can be interconnected. It describes both services briefly and then looks at how a number of existing IRC/XMPP gateways work. It then describes the approach taken by the new IRC Gateway capability in Isode's M-Link XMPP server, looking at the operational, security and migration benefits of this approach.
(14th May 2013)
|Deploying IRC, Federated MUC and XMPP Guards
Military communication makes extensive use of text chat services, in particular those using IRC (Internet Relay Chat) and XMPP (eXtensible Messaging and Presence Protocol). The primary approach is use of group chat services to share information. These services are often deployed in hostile environments, and so it is important that they are resilient and will continue to operate when elements of the service fail. Communication needs to operate between partners and across security boundaries (Cross Domain).
(14th May 2013)
|Federated Multi-User Chat: Efficient and Resilient Operation over Slow and Unreliable Networks
XMPP (the Internet Standard eXtensible Messaging and Presence Protocol) Multi-User Chat (MUC) is normally provided by a single server, with clients accessing a MUC Room via their local XMPP servers. This standard approach gives performance and resilience problems when operating over constrained networks. This paper looks at how federating the MUC service can address these problems. Isode's approach to Federated MUC as implemented in the M-Link XMPP server is described in the context of evolving XMPP standards, and benefits of Federated MUC for purposes other than Constrained Networks are considered.
(6th Sept 2012)
|XMPP Message Digital Signatures
Digital signatures are a key part of modern secure communication to provide authentication and integrity services. This paper looks at requirements for using digital signatures with XMPP messages, and how these are addressed by XEP-0290 (Encapsulated Digital Signatures in XMPP), which Isode believes will evolve to be the de jure standard for XMPP message signatures. Finally the paper looks at support for XEP-0290 in Isode’s M-Link and M-Link Edge products.
(25th July 2011)
XMPP has a Publish-Subscribe capability, generally referred to as PubSub, which many XMPP experts see as very important. This white paper seeks to explain PubSub and its significance to non-experts. It also looks at the problems addressed by publish-subscribe systems, shows how XMPP PubSub has beenused by two services (Collecta and buddycloud), discusses PubSub capabilities & potential applications and outlines M-Link's PubSub support.
(13th July 2011)
XMPP (the Internet Standard eXtensible Messaging and Presence Protocol) is being used for mission critical communication, where reliability is essential. Although use of XMPP can seem very reliable, a basic XMPP system has characteristics that are not reliable in some situations. This paper looks at situations where XMPP is not reliable, and discusses how to provide a reliable XMPP system, using advanced XMPP capabilities.
(4th Feb 2011)
|M-Link & XMPP Performance Measurements over HF Radio using STANAG 5066 and IP
This paper describes and analyses measurements made operating XMPP over HF Radio, using HF modems and a simulated radio link. This paper looks at measurements operating directly over STANAG 5066, and operating over IP. The measurements show that good performance is achieved over HF using STANAG 5066 for a wide range of parameters. Operation over IP over HF gives good results in some situations, but is not generally recommended.
(27th Sept 2010)
|M-Link & XMPP Performance Measurements over Satcom and Constrained IP Networks
This paper describes and analyses measurements made operating XMPP over a slow IP link with variable delay to simulate Satcom. These results are applicable to use of XMPP with any constrained IP network. This paper compares measurements of standard XMPP and Isode's optimized server to server protocol. Comparison measurements with IRC (Internet Relay Chat) are also given.
(13th July 2010)
|M-Link Support for XMPP over Constrained Networks
This paper looks at how M-Link, Isode's XMPP server is optimized for operation over constrained networks, including Satcom, HF Radio, and other Radio links. The paper starts by looking at the benefits of using XMPP over constrained networks, and the key problems faced. Then it describes the M-Link architecture and how it addresses the various problems, both for networks where IP will be used, and for HF Radio.
(25th June 2010)
|SCRAM: A New Protocol for Password Authentication
SCRAM (Salted Challenge Response) is a new protocol and data storage mechanism to support password based authentication. This white paper looks at the security benefits of SCRAM, and how it should be used to complement PKI based strong authentication. It describes Isode’s current support and future plans for SCRAM.
(19th May 2010)
|Isode Support for Kerberos, Active Directory and Single Sign On
This paper looks at how Isode client and server products can make use of Kerberos authentication, in configurations where Isode provides both client and server, and in conjunction with third party clients and servers, including Microsoft Active Directory. It looks at how Single Sign On (SSO) can be achieved for Isode products using Kerberos, and compares this with use of other SSO approaches.
(22nd April 2010)
|XMPP Boundary and Cross Domain Protection
This White Paper looks at approaches for checking XMPP (Internet Standard eXtensible Messaging and Presence Protocol) traffic at organizational and other operational boundaries. It looks at the requirements on various approaches, and shows how Isode’s M-Link and M-Link Edge products can be used in these approaches.
(13th Oct 2009)
|Operating XMPP over Radio and Satellite Networks
XMPP, the Internet Standard eXtensible Messaging and Presence Protocol is being widely adopted for Instant Messaging (IM), Group Chat and Presence services in military networks. This paper starts by looking at the military tactical requirements for IM, Group Chat and Presence. It discusses briefly why XMPP is ideal for these services, and also as a building block for situational awareness systems and in support of voice and video communication.
(7th Jan 2009)
|Using Security Labels to
Control Message Flow in XMPP Services
XMPP is widely used by military and government organizations with stringent security requirements, where it is critical to ensure that sensitive information is not sent to inappropriate individuals or domains. Security Labeling is the mechanism of choice for handling sensitive information in high security environments. This paper looks at the use of Security Labels in conjunction with XMPP services, and how Isode plans to enhance its M-Link product to provide Security Label based controls for user-to-user messaging and for Multi-User Chat.
(08th Nov 2008)
|XMPP, M-Link and Directory
Isode provides both directory and XMPP server products, and the approach for M-Link (Isode’s XMPP Server) and associated management tools is to make maximum use of directory. This paper describes how M-Link makes use of directory, and explains why this close integration of XMPP and directory is beneficial.
(23rd Sept 2008)
Real Time Messaging and XMPP Strategy
Isode plans to add an XMPP Server to its product set, in order to provide presence and real time messaging services. XMPP is the Internet Standard eXtensible Messaging and Presence Protocol, sometimes referred to as Jabber. This paper sets out why Presence and Real Time Messaging are important to Isode's customers and markets, why XMPP, and not another technology, why Isode is building a product, rather than integrating with available XMPP servers and outlines what Isode will be providing.
(19th July 2007)
|Password Policy for Directories
In this whitepaper we look at password policy for directories, its major capabilities, benefits, how it is integrated into other applications and how it is used. The paper looks at password policy features implemented by Isode’s M-Vault in Release 14.1. A few features are described that are planned for Release 14.2. M-Vault implements a comprehensive set of password policy features, and so this paper covers all features which are likely to be of interest. The paper focuses on showing how features appear to the end user and can be used and controlled by an administrator.
(27th Sept 2007)
|SNMP and Isode Servers
This white paper looks at the role of SNMP (Simple Network Management Protocol) in managing systems using Isode messaging and directory servers. It explains why SNMP support is provided, the sub-agent architecture used by Isode products, and approaches to deploying SNMP monitoring.
(25th May 2007)
|Operational Monitoring and
Control of Systems using Isode Servers
Isode server products are deployed in a wide variety of situations, and usually there is a high service reliance placed on them. Isode’s approach to server design and management is that the products are building blocks, with maximum use of open standard protocols for interconnection. Management is almost entirely client/server. This combination of building block + client/server means that the approach to operational management needs to be considered as part of the overall system design. This paper explains the approach Isode has taken and the options provided, that can be used to build an operational system.
(1st March 2006)
|Identity Management: Is Directory
Inside or Outside?
The role of directory varies considerably in different Identity Management solutions. This includes; systems where directory is a central and highly visible component, systems where directory is used, but is not really visible and systems that do not use directory. This paper examines the role of directory in Identity Management, with particular focus on functionality where an externally visible directory can play a part.