Ericsson Connected Home Solution


Published on

Your media everywhere, anytime. This summarizes end-user expectations when ever-wider broadband and ever-lower flat-rate tariffs combine with users’ thirst for digital content.
The authors describe Ericsson’s end-to-end solution for remote access services, which builds on the IMS and UPnP families of standards, along with the Home IMS Gateway (HIGA), which serves as an intermediary gateway for connecting the device-centric consumer electronics space with the user-centric telecommunications world. The gateway approach leaves
the consumer electronics and telecommunications business models unaffected, while at the same time creating synergies between the two.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Ericsson Connected Home Solution

  1. 1. Virtually at home: High-performance access to personal media Andreas Fasbender, Martin Gerdes, Johan Hjelm, Bo Kvarnström, Justus Petersson, Robert Skog Your media everywhere, anytime. This summarizes end-user expectations an option for operators; the only workable when ever-wider broadband and ever-lower flat-rate tariffs combine with solution is to manage the quality of service users’ thirst for digital content. (QoS) in the wide-area access and core net- The authors describe Ericsson’s end-to-end solution for remote access works, and all the way into the home net- work and end devices. services, which builds on the IMS and UPnP families of standards, along Most users are unwilling to buy a separate with the Home IMS Gateway (HIGA), which serves as an intermediary gate- box just to enable remote access. By the same way for connecting the device-centric consumer electronics space with token, separate boxes represent a significant the user-centric telecommunications world. The gateway approach leaves outlay to operators who would carry the bulk the consumer electronics and telecommunications business models unaf- of the costs and would need to further sub- fected, while at the same time creating synergies between the two. sidize users for making good use of invest- ments in broadband infrastructure. Consumer electronics companies prefer a solution that extends the DLNA standard Connecting users to their also want to access their content from remote outside the home via UPnP Remote Access. locations. A mobile phone with WiFi con- Notwithstanding, this approach falls short home networks nectivity can easily serve as a peer in a home in terms of usability and quality of service. TV sets, set-top boxes, game consoles, ste- network, but connecting to this network What is more, it does not permit users to ac- reos, cameras and other entertainment ap- remotely is an entirely different matter. At cess their home services from an unknown pliances now routinely come with built-in present, to access the home island from out- peer to the home network, such as a friend’s communications capabilities that enable side, users must either choose a proprietary, PC or via a hotel TV (Box A). them to upload, download, and display data service-specific system or lower their security Ericsson’s target architecture for remote from other devices in the home. The Digi- and run the risk of making their home net- access combines the strengths of tal Living Network Alliance (DLNA), for works vulnerable to external attacks. • IMS (IP Multimedia Subsystem); and example, develops device interworking pro- In our example scenarios (Box A) Mr. and • UPnP and DLNA. files for home-based media-sharing services.1 Mrs. Martin will expect specific features of It takes the best of both worlds and molds DLNA is based on the Universal Plug and the remote access service. Opening a connec- them into one coherent solution. This solu- Play (UPnP) family of standards.2 UPnP tion into the home means opening a back tion, which does not require additional boxes also standardizes other services, such as the door into a network that is otherwise “se- in users’ homes, reuses existing operator IMS control of home appliances. Now widely ac- cure by obscurity.” And without end-to-end infrastructure to authenticate users, to set up cepted in the industry, with more than 100 bandwidth and delay guarantees, the user secure media sessions, to perform routing, devices being certified each month, DLNA experience suffers from contention in both and (optional) to ensure the establishment of will soon enable interworking for all sorts of the home (LAN) and wide-area (WAN) net- end-to-end QoS. devices across home networks. works. This can translate into poor sound The core element in this architecture is the Once users have their media devices con- quality and pixellated artifacts in video sig- Home IMS Gateway (HIGA, Box B), a func- nected and running at home, they will soon nals. Over-provisioning the network is not tional block in the residential gateway that has been under development at Ericsson since 2005. HIGA is currently being standardized in HGI, ETSI TISPAN and the Open IPTV Forum.3-5 TERMS AND ABBREVIATIONS As an interworking function that resides in users’ homes, HIGA serves both as a ter- CE Consumer equipment PCEF Policy control and enforcement mination point for IMS signaling from the CPE Customer premises equipment function DLNA Digital Living Network Alliance P-CSCF Proxy call session control function operator backend and as a UPnP peer to- DMC Digital media controller RAA Remote access application wards the home network (Figure 1). HIGA DMR DLNA media renderer RAC Remote access client provides control over the home network con- DMS DLNA media server RADA Remote access discovery agent nection and enables devices residing inside DVR Digital video recorder RAS Remote access server ETSI European Telecommunications RATA Remote access transport agent the home to connect to peers and services in Standards Institute RCEF Resource control and enforcement the WAN using the IMS security and QoS. HGI Home Gateway Initiative function By using HIGA for remote access, operators HIGA Home IMS gateway RGW Residential gateway can deliver trusted connections with main- IGD Internet gateway device RTP Real-time transport protocol tained control over the managed network. IMPU IMS public user identity SDP Session description protocol IMS IP Multimedia Subsystem SIP Session initiation protocol ISIM LAN IMS subscriber identity module Local area network UE UPnP User equipment Universal plug-and-play UPnP Remote Access NAS Network-attached storage VoIP Voice over IP The UPnP Forum is in the process of stan- NAT Network address translation VPN Virtual private network OIF Open IPTV Forum WAN Wide area network dardizing the UPnP Remote Access architec- QoS Quality of service WiFi Wireless LAN ture. The specification is close to approval, 58 Ericsson Review No. 2, 2008
  2. 2. but not presently included in the DLNA in- teroperability guidelines. UPnP Remote Access specifies mecha- nisms that make it possible to extend the home network so that it logically includes remote devices outside the home LAN. De- vices may thus communicate among them- selves using UPnP procedures (specified, for example, in the UPnP Device Architecture). The main functional components of the UPnP Remote Access architecture are the • Remote Access Transport Agent (RATA); and • Remote Access Discovery Agent (RADA). These two components are applied in both the Remote Access Server (RAS) and Re- mote Access Client (RAC). The correspond- ing RATAs establish secure communication channels between remote devices and the home network, while the RADAs synchro- nize UPnP device information and content exchanges between RACs and the home net- work. At present, UPnP Remote Access cannot support QoS management over the wide-area link. It can only support best-effort delivery of media. Also, to exchange credentials dur- ing the initial pairing process, the remote ac- cess server and client must be attached to the same LAN. This effectively prohibits remote Figure 1 access devices – in particular non-portable High-level Remote Access architecture. ones – from establishing a remote access ses- sion with an arbitrary remote server. Ericsson’s goal has been to enhance stan- dard UPnP Remote Access functionality with support for setting up an IMS-based functions as both the IMS User Agent and remote access tunnel. Non-IMS-enhanced termination point of the virtual private net- RASs and RACs may still use the tunnel work (VPN) tunnel in the home (Figure 2). establishment as described in the UPnP ar- For the flow shown in Figure 3, the mo- chitecture. The proposed IMS enhancements bile device and HIGA must already have provide particular benefits in managed net- connected to and registered with the IMS Figure 2 work environments. Ericsson is also studying network. HIGA can therefore be reached Functional architecture. additional extensions that use IMS provi- through its default IMPU (for instance, sioning mechanisms to enable a remote pair- Further- ing process between client and server. more, it is assumed that HIGA has, via UPnP ceremonies in the RADA listener, col- lected information about and built up a de- IMS-assisted remote vice database for DLNA-compatible devices in the residential network. In our example access flow below, this database holds an entry for The main flow for establishing a remote- the NAS, which is assumed to support a access session is based on IMS and supports DLNA DMS profile. the UPnP/DLNA 2-box model. The remote access service is invoked between a Digital Phase 1: Connection request Media Renderer (DMR – implemented in our Using his mobile phone, Mr. Martin wants scenario on a mobile device such as a mobile to access a video clip located on the NAS in phone or laptop) and a Digital Media Serv- his home network. The remote-access ap- er (DMS) in the home network. The HIGA plication on his mobile device sends an IMS Ericsson Review No. 2, 2008 59
  3. 3. BOX A, USE CASES 3-box streaming: 2-box download: Ordinarily, Mr. Martin’s commute to work takes about 30 minutes, but Mrs. Martin unexpectedly runs into an old friend while shopping in today the roads are packed. He pulls out his phone and logs on to town. As the two begin talking about their summer vacations, Mrs. his media portal. He then selects his home server as source and the Martin pulls up some images from her home media server and dis- car stereo for output. Music from his favorite playlists is immediately plays them on her phone. streamed to his car speakers. 2-box upload: 2-box remote control: Having no recent photos of her friend, Mrs. Martin uses her phone to Mr. Martin, realizing that he’s going to miss the Champions League take a snapshot of the two of them together. She then uploads the final due to a late customer meeting, logs on to his home server from image to a digital photo frame at home, annotating it with a message his laptop. With a few simple clicks, he programs his digital video to her husband: “I’ll be out a little longer than expected!” recorder (DVR) to record the match. 2-box remote control: 3-box streaming: A few minutes later, Mr. Martin receives a message on his phone Finishing work rather late, Mr. Martin and some colleagues decide indicating that somebody has rung the doorbell at home. Mr. Martin to watch the Champions League final at a friend’s place. Using his connects to the door system to find that the “visitor” is his son, who mobile phone, Mr. Martin connects to his home server and directs the forgot his keys. Mr. Martin approves entry and the door opens. recorded game to be played via his friend’s big-screen TV. 60 Ericsson Review No. 2, 2008
  4. 4. INVITE message to HIGA, which au- thenticates the request by comparing the P-Asserted-ID (inserted by the home opera- tor in the INVITE message) with the values of allowed user identities. In short, home ac- cess control is delegated to established IMS mechanisms, whereas the user (Mr. Martin) maintains control of the access control list. Optionally, the operator backend can man- age access control and operation. The session description protocol (SDP) in- cluded in the IMS signaling, is used to in- form the RAS and RAC of the IP addresses and ports for the remote access tunnel. It is also used to negotiate VPN profiles and the key management protocols used to establish the tunnel. This negotiation ensures agree- ment on a common secure mechanism sup- ported by both HiGA and the remote client. It also allows for continuous updates as new security schemas emerge. Phase 2: Peer-to-peer VPN setup over Figure 3 the IMS media plane Main flow for session set-up between remote device, HIGA and home NAS. Once Mr. Martin is successfully authenticat- ed and authorized, the remote client sets up a secure media control session between itself and HIGA. For tunnel setup, UPnP Remote Ac- cess specifies an out-of-band connection- establishment procedure. Ericsson’s solu- tion employs a corresponding connection- establishment profile based on operator- managed IMS network procedures, with HIGA functioning as the VPN server. After tunnel setup, the connection between Mr. Martin’s remote device and the NAS in the home network appears as a local UPnP con- nection. Phase 3 – UPnP discovery Because UPnP was originally designed for BOX B, HOME IMS GATEWAY use in local area networks, there are some challenges associated with extending it for The Home IMS Gateway (HIGA) is a logical function that collects information about users, de- use in wide area networks. For example, vices and services in the home, and manages IMS sessions on behalf of non-IMS-capable home the UPnP device-discovery mechanisms are devices. HIGA is registered to the IMS core based on secure authentication, for example, using a soft based on the exchange of multicast mes- or hard ISIM with a family identity. Through a back-to-back user agent (B2BUA) and a SIP user sages that internet routers typically discard. agent (SIP UA), home devices can interact and interwork with the IMS core. SIP devices that con- UPnP Remote Access solves this by filtering tain a SIP UA, such as a VoIP phone, can directly register with HIGA. The B2BUA then translates relevant messages in the remote access server SIP control signaling into IMS-specific messages that it relays to the IMS core. For IP devices, such as DLNA-compatible media servers and renderers, a SIP UA inside HIGA and by forwarding them to remote peers via acts as a proxy. To support remote access, HIGA deploys a Remote Access Server (RAS) and unicast. (optionally) a UPnP control point for QoS policy control in the home network. By applying the standard UPnP RADA HIGA functionality can be deployed anywhere in a user’s home network. From a practical per- mechanism for synchronizing Mr. Martin’s spective, it is easiest to co-locate it with the user’s residential gateway (RGW) – that is, with the remote mobile client with the remote ac- router in the home. While it is possible to manage network address translation (NAT) and firewall control through the use of the UPnP internet gateway device (IGD) profile even when HIGA and cess server (co-located with HIGA in Figure the gateway are not co-deployed, co-deployment avoids relying on this interface, which is con- 2), the mobile device can retrieve a list of sidered insecure in IGD v1.0. It also makes provisioning and firewall management more natural, home media servers and their UPnP service since the HIGA-gateway combination serves both as operator termination and entry point. Ericsson Review No. 2, 2008 61
  5. 5. Figure 4 End-to-end QoS control for IMS-assisted remote access. descriptions. RADA is also used to dynami- In the example flow, Mr. Martin’s remote- with managed QoS. Assisted by IMS, HIGA cally inform remote clients about device up- access application sees the need for a QoS can prevent unauthorized file sharing and dates, for example, when a media server is upgrade from the existing best-effort con- unlawful access to content, since content re- switched on. Given the IMS identity of the nection and issues an IMS re-INVITE or a questors and providers can be identified in a remote user, HIGA can be configured to session UPDATE to the IMS network and trusted manner. perform additional filtering of UPnP devices Mr. Martin’s HIGA. Based on the session In a 3-box remote access or “placeshift” made available to the remote client. description protocol (SDP) in this SIP mes- scenario, remote DLNA media renderers sage and the confirmation from HIGA, the (DMR) are used as the endpoints of remote Phase 4 – Content selection IMS Core provides the policy and resource access sessions – for instance, when Mr. Mar- Mr. Martin selects his home NAS as content control and enforcement functions (PCEF/ tin accesses content from his friend’s TV (Box source, browses through the list of available RCEF). Optionally, to ensure full end-to-end A). While the secure control channel is es- media items (based on the UPnP Content quality of service, UPnP QoS management tablished just like in the 2-box case between Directory Service profile), and selects a video may be applied in the residential network, the mobile client (now functioning as a digi- clip either for download or streaming. The thereby bridging the QoS management pro- tal media controller, DMC) and HIGA, the UPnP/DLNA control points manage all me- cedures on the WAN and LAN sides through media session must now be set up between dia access and trickplay functions. HTTP HIGA. the DMR in the TV and the home network. (the default transport protocol in DLNA) as In this case, the remote access client is only well as RTP (optional in DLNA) can be used Phase 6 – Content playout used to authenticate and authorize the DMR, to transport media through the VPN con- The video clip is played on Mr. Martin’s mo- and instructs HIGA to set up a VPN tunnel nection over the IMS media plane. bile device. that it can use to deliver the media. Phase 5 – IMS media plane QoS Standardization upgrade Placeshift – 3-box remote UPnP does not support QoS management The UPnP Forum and DLNA have made beyond the home LAN. However, one can access good progress in delivering standards for support the requirements that real-time- Apart from setting up an authenticated, au- interoperable consumer equipment. So far, critical media services put on delay and band- thorized and secure tunnel with a mobile however, support is limited to services in width by applying standard IMS procedures, remote device, HIGA can, in the same way, the home network. A standardized solution which facilitate QoS control between the re- facilitate connections between two homes, that enables DLNA devices to access wide- mote client and HIGA (Figure 4). effectively creating a peer-to-peer network area services without the need for specialized 62 Ericsson Review No. 2, 2008
  6. 6. telecommunications software offers a signifi- be fully compliant with UPnP RA and cant value-add to the consumer equipment to ensure broad acceptance for IMS-based industry and paves the way for economy of tunnel establishment in the CE industry, scale and market uptake. Ericsson is actively participating in UPnP In Ericsson’s approach, the Home IMS Forum and DLNA standardization. Gateway (HIGA) provides a generic mecha- nism for connecting consumer equipment to IMS-based operator infrastructure, and Conclusion via a virtual private network (VPN) to re- In an all-connected world, remote access is mote user equipment. Although any type of a key scenario. The simple user proposition service can generally be supported through is that user-created and commercial content such a tunnel, we outline how one can real- will be available anywhere, anytime and on ize UPnP Remote Access with the help of any device. Remote access also applies to oth- IMS. er application areas, such as home monitor- HIGA is currently being standardized ing & control and sensor networking. in the Home Gateway Initiative (HGI) and Ericsson’s solution consists of an architec- ETSI TISPAN.3-4 In TISPAN, Ericsson is ac- ture that enables secure remote access with tively engaged in the standardization of cus- telecom-grade performance. The solution tomer premises network equipment that builds on the IMS standard for user authenti- • supports, for example, IMS Multimedia cation and authorization, for routing remote Telephony and IMS-based IPTV; and access control messages, and for negotiating • defines requirements and the architecture end-to-end QoS. What is more, the architec- for next-generation customer network ture is fully compliant with the consumer gateways and services, including remote equipment industry’s standards for media- access. sharing services. HGI is defining requirements for coming Ericsson has, together with Sony and Sony generations of residential gateways that will Ericsson, demonstrated the described target serve as a hub between a home network and solution at leading industry events such as a remote environment. Ericsson has a driving GlobalComm 2006, IBC 2006, Broadband role in HGI. World Forum 2007 and Mobile World Con- The UPnP Remote Access standard sup- gress 2008. The solution is now being pre- ports the coexistence of various tunnel-setup pared for consumer trials with key operators mechanisms in the remote access server and and leading consumer electronics and gate- client. Ericsson is defining profiles suitable way partners. The architecture is also being for IMS-based tunnel setup, allowing the brought forward in standardization, in par- client and the server to negotiate security ticular within ETSI TISPAN and the Home schemas for the tunnel. For the solution to Gateway Initiative. REFERENCES 1. DLNA: 2. UPnP Forum: 3. Home Gateway Initiative: 4. ETSI TISPAN: 5. Open IPTV Forum: Ericsson Review No. 2, 2008 63