Mobility Growth Subscribers, Handsets. Erosion and Opportunities. Scenario and Problems. AAA Architecture and Weaknesses



Similar documents
Session Initiation Protocol (SIP) The Emerging System in IP Telephony

Internet Economics 6. Agenda

Voice over IP. Presentation Outline. Objectives

Quality of Service Management for Teleteaching Applications Using the MPEG-4/DMIF

VITAL. Enabling convergence of IP Multimedia Services over NGN Technology. Contents. Project overview. VITAL Platform. User scenarios.

Application Note. Onsight Connect Network Requirements v6.3

Review: Lecture 1 - Internet History

Computer Networks. Voice over IP (VoIP) Professor Richard Harris School of Engineering and Advanced Technology (SEAT)

Inter-Domain QoS Control Mechanism in IMS based Horizontal Converged Networks

Overview of Voice Over Internet Protocol

Avaya Solution & Interoperability Test Lab

EXPLOITING SIMILARITIES BETWEEN SIP AND RAS: THE ROLE OF THE RAS PROVIDER IN INTERNET TELEPHONY. Nick Marly, Dominique Chantrain, Jurgen Hofkens

Unit 23. RTP, VoIP. Shyam Parekh

Application Note. Onsight Connect Network Requirements V6.1

Today s Hottest Communications Protocol Comes of Age. Understanding SIP. Today s Hottest Communications Protocol Comes of Age WHITE PAPER

point to point and point to multi point calls over IP

White Paper. Traversing Firewalls with Video over IP: Issues and Solutions

Introducing Cisco Voice and Unified Communications Administration Volume 1

Authentication, Authorization and Accounting (AAA) Protocols

A Model-based Methodology for Developing Secure VoIP Systems

Enterprise VoIP Services over Mobile Ad-Hoc Technologies

Chapter 2 PSTN and VoIP Services Context

How to make free phone calls and influence people by the grugq

COPYRIGHTED MATERIAL. Contents. Foreword. Acknowledgments

Open Voice over IP according to Aastra SIP. Your connection to the World

802.11: Mobility Within Same Subnet

FRAFOS GmbH Windscheidstr. 18 Ahoi Berlin Germany

Improving Quality in Voice Over Internet Protocol (VOIP) on Mobile Devices in Pervasive Environment

Mobility and cellular networks

EDA Training Programs. Catalog of Course Descriptions

Voice Over IP. Priscilla Oppenheimer

Abstract. Avaya Solution & Interoperability Test Lab

A B S T R A C T. Index Trems- Wi-Fi P2P, WLAN, Mobile Telephony, Piconet I. INTRODUCTION

Computer Networks. A Top-Down Approach. Behrouz A. Forouzan. and. Firouz Mosharraf. \Connect Mc \ Learn. Hill

FRAFOS GmbH Windscheidstr. 18 Ahoi Berlin Germany

Mobile Voice Off-Load

VOICE SERVICES AND AVIATION DATA NETWORKS

Realising the Virtual Home Environment (VHE) concept in ALL-IP UMTS networks

VoIP with SIP. Session Initiation Protocol RFC-3261/RFC

The Picture must be Clear. IPTV Quality of Experience

EE4607 Session Initiation Protocol

Firewalls and H.323 based VC-Systems

Master Kurs Rechnernetze Computer Networks IN2097

Packetized Telephony Networks

Application Note. Firewall Requirements for the Onsight Mobile Collaboration System and Hosted Librestream SIP Service v5.0

SHORT DESCRIPTION OF THE PROJECT...3 INTRODUCTION...4 MOTIVATION...4 Session Initiation Protocol (SIP)...5 Java Media Framework (JMF)...

Enhancements to Collaborative Media Streaming with IETF Protocols

Mixer/Translator VOIP/SIP. Translator. Mixer

NETOP SUITE NETOP POLICY MANAGER (PM)

Authentication and Security in IP based Multi Hop Networks

Analysis of QoS parameters of VOIP calls over Wireless Local Area Networks

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

Security issues in Voice over IP: A Review

RSVP as Firewall Signalling Protocol

Web Applications Access Control Single Sign On

R&S IP-GATE IP gateway for R&S MKS9680 encryption devices

Monitoring for network security and management. Cyber Solutions Inc.

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

To ensure you successfully install Timico VoIP for Business you must follow the steps in sequence:

Computer Networks CS321

TECHNICAL CHALLENGES OF VoIP BYPASS

Project Code: SPBX. Project Advisor : Aftab Alam. Project Team: Umair Ashraf (Team Lead) Imran Bashir Khadija Akram

This presentation discusses the new support for the session initiation protocol in WebSphere Application Server V6.1.

Mobility Task Force. Deliverable F. Inventory of web-based solution for inter-nren roaming

10 Signaling Protocols for Multimedia Communication

Application Note. Onsight TeamLink And Firewall Detect v6.3

Service Announcements for Hot-Spots: Enabling Automated Access and Provider Selection for (WLAN-based) Voice Upperside WiFi Voice 2005

Internet Technology Voice over IP

Wi3GTalk: Fixed-mobile convergence

Software Engineering 4C03 VoIP: The Next Telecommunication Frontier

METHODS OF INTEGRATING mvoip IN ADDITION TO A VoIP ENVIRONMENT

Internet, Part 2. 1) Session Initiating Protocol (SIP) 2) Quality of Service (QoS) support. 3) Mobility aspects (terminal vs. personal mobility)

I. INTRODUCTION II. PROBLEM DOMAIN. A. Multimedia Applications. A. IP-Telephony

IPTV and Internet Television

"Charting the Course... Implementing Cisco IP Telephony & Video, Part 1 v1.0 ( CIPTV1 ) Course Summary

Feature and Technical

Nokia Call Connect v1.1 for Cisco User s Guide. Part Number: N Rev 003 Issue 1

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues

Mobile IP Part I: IPv4

Mechanisms for AAA and QoS Interaction

CompTIA Security+ Cert Guide

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

IP Ports and Protocols used by H.323 Devices

SIP SECURITY WILEY. Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne. A John Wiley and Sons, Ltd.

IP and Mobility. Requirements to a Mobile IP. Terminology in Mobile IP

Application Note. Onsight Mobile Collaboration Video Endpoint Interoperability v5.0

TSIN02 - Internetworking

com.sat IP Basic ISDN

Performance Evaluation of VoIP Services using Different CODECs over a UMTS Network

Deployment of Snort IDS in SIP based VoIP environments

Implementing Cisco Unified Communications Manager Part 1, Volume 1

Implementing Cisco IP Telephony & Video, Part 1 CIPTV1 v1.0; 5 Days; Instructor-led

White Paper. D-Link International Tel: (65) , Fax: (65) Web:

An MPLS-Based Micro-mobility Solution

Authentication and Authorisation for Integrated SIP Services in Heterogeneous Environments 1

Interconnection of Heterogeneous Networks. Internetworking. Service model. Addressing Address mapping Automatic host configuration

Security and Authentication Concepts

ABC SBC: Charging and Accounting. FRAFOS GmbH

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme

Transcription:

October 28-30, 2002, Dagstuhl Seminars in Networks and Distributed Systems Mobility Growth Subscribers, Handsets ing and in the A x Architecture Burkhard Stiller Information Systems Laboratory IIS, University of Federal Armed Forces Munich Werner-Heisenberg-Weg 39, D-85577 Neubiberg, Germany and Computer Engineering and Networks Laboratory TIK, ETH Zürich Gloriastrasse 35, CH-8092 Zürich, Switzerland stiller@informatik.unibw-muenchen.de or stiller@tik.ee.ethz.ch Introduction Scenario and Problems A x Architecture: ing and Conclusions Millions 1,400 1,200 1,000 800 600 400 200 0 More handsets than PCs connected to the Internet by the end of 2003! Projected PCs connected to the Internet (Dataquest 10/98) Projected cellular subscribers (Nokia 1999) Projected Web handsets (Nokia 1999) 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 Be careful on any projected extrapolations! year Erosion and Opportunities Carrier s average revenue per user (ARPU) Scenario and Problems Source: A. D. Little time Necessities: Careful definition of services: cost-sensitive. differentiation: reliability,, pricing. support: mobility, secure access, auditing. Technology and Application Scenario AAA Architecture and Weaknesses Web-based Training Home VoD ADSL Content Provider PSTN WirelessLAN Ensure: Office Mobility: Privacy identity Company Data : Internet Payment NAS GSM, UMTS ing Traffic (Cars) Customer Office Mobile E-Mail To charge: Access Content (1) AAA Server RBE (1) (2) (3) (3) Applicationspecific Event Log Module (4) AAA Server RBE AAA Repository (1) AAA Protocol (2) API or AAA Protocol (3) LDAP or API (4) Special Protocol AAA Authentication, Authorization, Accounting LDAP Light-weight Directory Access Protocol RBE Rule-based Engine decision and policy enforcement not separated: AAA Server decides on authorization, but enforces accounting. Difficult enhancements: Enforcement located in the AAA server or the Application-specific module. AAA applied to transport, but not content, charging, and auditing. support not provided. 1

Overall A x Requirements Major requirements for an A X Architecture (AAA and Beyond: X stands for ing and ): A X for charging, pricing, and auditing (meeting business requirements) and special security issues. A X for support: Multi-provider and Level Agreements as well as Profiles A X for mobility support: inter- as well as intra-domain and intra-technology. Scalability considerations. A x Architecture A x Model: Interactions A x Model: Levels and Partitions Objective: Support of multiple user services with configuration req s. Generic A x services. Logical separation. Sequence of action: s A x Request A x Request Authenticat. Authorizat. Pre Delivery Metering Delivery Accounting Billing Charge Calculation After time Horizontal levels: Internet connectivity Transport Application Content Vertical partitioning: Control path (signaling) Data path (payload) Level Control Path Data Path Content RTSP news, streams Application HTTP, H.245, SIP video conf, IP telephony, Java applets Transport RSVP, RTCP, ICMP TCP, UDP, RTP Connectivity DHCP Sonet/SDH, DWDM Horizontal structure leads to service classes with similar characteristics and similar A x requirements. Systematic View Model of the A x Architecture Authentication Overall Commercial Authorization Billing Accounting Operational View ing Generic, -based A x Architecture Major assumptions: Macro-/micro-mobility support. Independent A x services: Authorization, Authentication, Accounting, ing,. Behavior by policies. Single/multiple repositories. A PDP per policy type. All s part of architecture: For authorization, metering located in Others in dedicated modules. Real-time auditing fully distributed, otherwise local. Authentication Management Tool A x Repository A x Server PDP PDP Authorization Metering Accounting Event Log Accounting Records Real-time ing ing Records 2

Definition ing A x ing ing is the process of examining information on a provided service to check, whether the service has been provided correctly or the contractual negotiated parameters have been met. Logging of events and actions is based on information transmitted in messages between A x entities. A x support services: Provider Provider: A x, Compliance Provider : Mobile Network Access, A x, Compliance Provider security: Attack, Misuse, Bugs From Use Case Maps to Message Sequence Charts Messages Example of an A X Use Case Maps Message Sequence Charts ID req1 req2 res2a Message MN Authentication Request (MNARq) Access Router Request (ARR.f) Access Router Answer (ARA) NAI; Credentials Parameters Session Id; Host Information; Information Result Code; Session Information res1a MN Access Response (MNARp) Keys; Profile Sub-Set; Session Information Parameter References Message Formalization Sample NAR : instance in MNARq from MN MNARq : message Mobile Node Authentication Request, MN ( (10) <CAAP-Header: CHAP_CODE=2> (11) {Challenge} (12) {NAI} (13) {MIPv6-Mobile-Node-Address} (14) [MIPv6-Home-Agent-Address] (15) [MIP-Binding-Update]* (16) {MN-DH-PV} (17) <MN-MAC> (18) [AVP]* ) endmessage endinstance Diameter AVPs or similar Sample Log Entry Action: AAAC.h has granted MN access and send an ARA message back to AAAC.f. event; logger; from; to; time[hrs:ms:date]; session-id, resultcode, origin-host, session-timeout etc.... Sample: ara_sent; aaach::123; aaach::123; nar::121; 2000:0020:08162002; ses01, res2000, fe80::201::fec:a072, 2010:0000:08162002 3

Main ing and Logging Policies P1:= A valid request should not be turned down. P2:= An invalid request should be rejected. P3:= The active entity, taking an action is responsible for logging this action, not the entity experiencing the event triggered. L6:= Whenever a log entry is made, the actual time the reported action took place must be logged. Logging and ing Mechanisms Centralized main log: mysql or similar One or per main task: E.g., per process (Registration, Flow Termination) Local s store individual log entries. Main log entries with embedded SQL code White-Box logging: Different logging levels implemented in A x entities Dynamically control of logging levels ing Framework Addressing service level guarantees and violation conditions. Attendant Acc. A x AAAC Server Integrated Logger AAAC Client Trail or Rpt Local Log Local Log Mgmt Central Log Mgmt Rules Databases A X Instantiation IST MobyDick Project Profile Acctg Module AAAC Server AAAC Server DIAMETER Server Home Agent ASM Broker Registration Protocol AAAC Attendant Trail or 4

Issues Conclusions Convergence: Fixed and mobile Internet services define a service mix. E.g., Video-on-demand vs. location-based services, telemetry. All, A x and pricing essential for commercially operated wired and wireless networks. Current limitations: Content charging/pricing. Existing infrastructure not optimized for mobile IP use. Opportunities: A x and their extensions on auditing, charging. Handover and roaming support. Both, service and network management for mobility. Future Work Mobile networking: Adaptation of Mobile IP to UMTS/Wireless LAN. UMTS pricing models: class-of-service. Underliner: To achieve interoperability between fora, standardization organizations, and business solutions. Mobile content and service quality: C4C: Content-for-cash or Cash-for-content? MPEG-7 and MPEG-21. P2P systems and networks with wireless links. Thank you for your attention. Many thanks to J. Gerke, Hasan, D. Hausheer, P. Kurtansky, J. Mischke, C. Rensing, M. Vinje and all partners of the MobyDick project, in particular FhG FOKUS. 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information