Your SlideShare is downloading. ×
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in  Mobile  Telecommunications Networks
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in Mobile Telecommunications Networks

1,470

Published on

PhD Defense April 27, 2010 …

PhD Defense April 27, 2010
by Said Zaghloul, PhD

Published in: Technology, Business
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,470
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • R. Koodli, Fast Handovers for Mobile IPv6 [RFC 4068], Jul 2005 K. Taniuchi, IEEE 802.21: Media Independent Handover , Comm Mag, Jan 09 A. Dutta et al, A Framework of Media-Independent Pre-Authentication (MPA), 2008 I. Ali et al, Network based mobility management in the EPC Network, Comm Mag., Feb 09
  • Transcript

    • 1. Design and Optimization of Authentication, Authorization, and Accounting (AAA) Systems in Mobile Telecommunications Networks Said Zaghloul Technical University Carolo Wilhelmina of Braunschweig, Germany PhD Defense 27.04.2010 Braunschweig, Germany
    • 2. Presentation Outline
    • 3. Background: Evolution Trends Evolution of Service Requirements Evolution of Cellular Systems
    • 4. Cisco Visual Networking Index: Global Mobile Data Traffic Forecast Update, 2009-2014
    • 5. Background: How an all-IP Network Looks Like ? RNC CAS DPI Rating Server Billing Server AAA Internet Acronyms RNC: Radio Network Controller AGW: Access Gateway CAS: Content Adapt. Server DPI: Deep Packet Inspection IMS: IP Multimedia Subsystem PCRF: Policy & Charging Rules Function CSCF: Call Session Control Function AS: Application Server HSS: Home Subscriber Subsystem Users Database AS AS Radio Access Network PCRF HSS AS CSCF AGW IP Transport Network 3 rd Parties IMS Network Authentication & Billing WiFi Access Car-2-X Services Service/Content Aggregation Network Transport Billing Provider Location Info. Broker Content Provider Wireless Access Subscribers Operator Centric Revenue Streams Adapted from Eliot Weinman, Harnessing the Mobile Internet, Yankee Group
    • 6. Background: The AAA Systems Role (1) RNC CAS P-GW Rating Server Billing Server AAA Internet Users Database AS AS Radio Access Network PCRF HSS AS CSCF AGW IP Transport Network 3 rd Parties IMS Network Authentication & Billing WiFi Access Car-2-X Services AAA systems are central elements that enable service offerings in emerging cellular networks.
    • 7. Background: The AAA Systems Role (2) AGW AAA Diameter or RADIUS IP Backbone 1 2 Radio Access Network IP Domain Authenticate Authentication and Accounting Network Access Server (NAS) Call Detail Record (CDR) SQL or LDAP Users DB Billing Systems
      • Common AAA Protocols
      • RADIUS
      • Diameter
    • 8. Presentation Outline
    • 9. Thesis Contribution and Scope
    • 10. Presentation Outline
    • 11. Planning: Problem Statement
      • The goal is to evaluate the signaling rate as function of,
        • Service profile: arrival rate, session duration
        • Protocol settings: Interim Interval, Authorization Lifetime
        • Mobility: random time spent in a given area
        • Topology: gateway arrangement, roaming, different technologies
      • Why ?
        • Dimensioning and evaluating design options
        • Testing : to predict the steady state AAA signaling rate for a test
        • Cost Analysis: to get the cost per user session ($$ per session)
    • 12. Planning: Models and Analytical Tools Probability and stochastic analysis Probability and stochastic analysis Probability and stochastic analysis Renewal theoretic concepts Renewal theoretic concepts Transient Markov chains theory Analytical Tools Fixed Model Basic Model Distributed Model Control Plane Planning Analytical Toolbox
    • 13. Planning: Assumptions
      • Poissonian arrival process for service sessions
      • No lost Response/Answer messages [Response packets are usually smaller than requests]
      • No blocking at the AGW [AGW capacities are usually large (thousands)]
      • No fragmentation [Packet sizes are usually of similar sizes are not large]
      • Successful Re-authentications
    • 14. Planning: Fixed Model (1): Mean Interims Interim Interval Signaling Rate     Authentication/ Authorization   Accounting Interim    Reauth Authorization Lifetime   Interim Interval Session Time ( S ) Accounting Start Accounting Stop A message can be transmitted f times Accepted session with probability ( ) Retransmissions Factor Proportion of Received Accepts Let k be the number of transmissions, p be the packet loss probability, and N be the maximum number of retransmissions.
    • 15. Planning: Fixed Model (2): Mean Interims f J (2) is the service session duration (R.V.) is the accounting interim interval (const.) E[S] /  T Error (E[S]/  T , Model) > 3 < 5% 2-3 30% - 5% 1-2 72% - 30% 0.5 219% 0  T 2  T 3  T 4  T 5  T f S (s) f J (j) 0 1 2 3 4 5
    • 16. Planning – Fixed Model (3) Under exponential assumptions for the session duration, the signaling rate is Parameters: p a = 100%, p=1%, 95% confidence
      • The interim interval (similarly the authorization lifetime) can largely affect the signaling rate and in a non-linear manner
      • Packet errors can be ignored if p < 1%
    • 17. Planning – The Basic Model (1)
      • The fixed model does not account for mobility when users move from one area into another.
      Mobile Node AGW 1 AAA Create Session AGW 2 Authentication & Authorization Handoff To AGW2 1 Auth & Author Accounting (Start, Interim, Stop) Accounting Session Terminate 2 Accounting session is closed upon handoff for AGW 1 Accounting session is started at AGW 2 Session Duration Holding time (h 1 ) Holding time (h 2 )
    • 18. Planning – Basic Model (2)
      • Holding time ( H ): The random time a user spends in an area during an active session.
      • Residence Time ( R ) : The random time that a user spends in an area regardless of his session activity .
      4 5 H Tr H T H O Given session initiation and termination points, Special case In fixed networks: S = H F Area 1 Area 2 H T 3 H O 2 Holding Time Type Full = H F Originating = H O Terminating = H T Transiting = H Tr 1 H F
    • 19. Planning – Basic Model (3)
      • Assumptions
        • Exponential session duration for tractability
        • Generic (e.g., Gamma) distributed residence times ( R )
        • The residence time in the initial area R 0 where the session starts is given by its residual since the instant users enter an area and the instant they start their sessions are not necessarily aligned.
      • The residual lifetime of a random variable is given as
      Session ( S ) H T H Tr H Tr H O
    • 20. Planning – Basic Model (4) t Session Start  T ACR (Stop) Case 3 Handoff Event Handoff Event ACR (Stop) Case 2 Handoff Event ACR (Stop) Case 1  T  T  T  T Case 1 no handoffs S H F  T  T  T Case 2 one handoff S H O H T  T  T  T Case 3 multiple handoffs S H Tr H T H Tr H O Accounting Starts and Authentications Accounting Stop Accounting Interims Session Duration
    • 21. Planning – Basic Model (5) Recall that Break by E [ K ] Combine using E [ K ], p 0 Get E [ I ]
    • 22. Planning – Basic Model (6) * * Basic Model Fixed Model * 0.2 0.4 0.6 0.8 1 1.2 1.4 1.6 1.8 0 200 400 600 800 1000 1200 Mean residence time to mean session time ratio (E[R]/E[S]) Signaling Rate (Messages/sec) Session Arrival Rate Parameters:  =100 req/s,  M =  T = 0.5 E[S] Accounting (Mobile) Accounting (Fixed) Auth (Mobile) Auth (Fixed) Context Transfer
      • Mobility makes a difference when mean session duration > mean residence time.
      • Fixed model: Lower bound for the basic model and an upper bound for Auth signaling in cases of context transfers.
      • Exponential session duration assumption results in approx. 15% error.
      Signaling as we become more mobile
    • 23. Planning – Distributed Model (1)
    • 24. Planning – Distributed Model (2) 15 27 21 9 8 26 20 14 1 2 6 0 7 13 19 25 . . . 12 18 24 32 5 Areas 6 Areas We overlay the a transient Markov chain model to describe the mobility pattern between areas or AGW regions.
    • 25. Planning – Distributed Model (3)
      • Mobility pattern can shift the signaling load from one area or AGW to another.
      • This aspect becomes more adverse
        • When some regions implement different authentication schemes
      • The proposed approach allows “characterizing” each area (user distribution, mobility, protocols)
    • 26. Presentation Outline
    • 27. The Optimization Mechanisms: Delay (2) Policy System Application Server Gateway 1 Gateway 2 Home Agent I am NOT paying for this anymore Delay > 1000 ms Target is 70 ms !!
        • Mobility management (FMIP, MIH, MPA) does NOT cover QoS maintenance
        • Only recently [1], such issues where raised in the context of emerging LTE networks.
        • I. Ali et al, Network based mobility management in the EPC Network, Comm Mag., Feb 09
    • 28. The Optimization Mechanisms: Delay (3) RNC: Radio Network Controller PCRF: Policy and Charging Rules Function AAA: Authentication, Authorization, and Accounting Signal to Noise Ratio TIME Current Cell Candidate Cell Hysteresis Margin Handoff D 1 D 2 Trg2 Trg1 Handoff Prediction Proactive QoS Authorization Service Delay Estimates RNC PCRF AAA AAA PCRF
    • 29. Optimization Mechanisms: Reliability (1)
      • Unreported usage from all users is lost if an AGW fails.
      Start Interim Interim Current Time Unreported Usage [Potential Loss] Latest Interim report Next scheduled Interim report
      • Example
        • 24,000 active users from 267 cells (3 sectors) , 1 session/min/sector
        • Average session duration of 10 min, Cost =10 cents/min
        • Interim Interval = 10 min  Loss = 12K Euros
        • Interim Interval = 5 min  Loss = 6K Euros  AAA Load increase 33%
        • Interim Interval = 50 sec  Loss = 1K Euros  AAA Load increase 314%
    • 30. Optimization Mechanisms: Reliability (2) Load almost independent of the interim interval AAA Server Capacity Limit Potential Loss Min Loss Max Load Max Loss Min Load AAA Load Loss Upper Bound Optimization Region 0 0.5 1 1.5 Interim Interval/Mean Session Duration (  T /E s ) AAA Signaling Load (message/sec)
    • 31. Optimization Mechanisms: Reliability (3)
      • For all services: the signaling load is calculated over the 4 holding time periods,
      System Config Parameters Auth Req. Acct Start Req. Acct Stop Req.
      • Projected Load Estimation
      • Potential Loss Estimation
      • Optimization Policy Formulation
      • Optimization Solver
      Interim Interval Estimation Block Mean Service Arrival Rates Mean Service Session Durations (  i ) ( E [ S i ] , Var [ S i ]) ,
      • The loss is given as,
      Statistics Collection Block
      • For each service,
      • Session arrival rate
      • Session duration
      • Mobility Effects
      Interim Intervals for all services  T  Session Type Acct Start Message [Begin-of-Session AVP] Acct Stop Message [Session-Continue AVP] H F true false H O true true H T False or N/A true H Tr False or N/A false
    • 32. Optimization Mechanisms: Reliability (4): Policies
      • Constrained Loss Policy (CLP)
        • Objective : Minimize the signaling load
        • Constraint : Loss from each AGW does not exceed a given target
      • Simplified CLP (SCLP)
        • Unless the AAA system capacity is exceeded only ensure that the loss from each AGW does not exceed a given target
      • Adaptive Policy with Weight Control (APWC)
        • Objective : Minimize Loss plus weight of the AAA system server load
        • Constraint : AAA System capacity is not exceeded
    • 33.
      • APWC policy limits the load around the knob value when the load is low and matches Static_Min policy otherwise.
      • For 25% more load, CLP is able to minimize the loss to its target value.
      • SCLP is suboptimal for the load.
      • Policies are robust to tariff switching.
    • 34. Presentation Outline
    • 35. Proposed New Applications for AAA Systems Gateway Router 1 AAA RNC RNC Goal: Allow mesh operators to bill cellular operators for backhaul services Wireless Mesh Operator 2 AAA PCE SW Source Domain AAA PCE SW SW Transit Domain AAA SW SW Goal: AAA for multi operator layer 2 optical networking Dest Domain B PCE
    • 36. Summary
      • AAA system planning methods are important at the design time to dimension and evaluate deployment options,
        • Service statistics: arrival rates, session durations, locality, etc
        • Protocol settings: Interim Interval, Authorization Lifetime, protocols
        • Number of AAA systems in the network
      • AAA system optimization methods are needed to,
        • Mitigate the authorization delay for handoff sessions
        • Optimally utilize the AAA system capacity in a way that guarantees the reliability of the accounting process
      • AAA systems are robust and can be used in many areas,
        • Use of AAA signaling in wireless mesh networks for cellular backhaul applications offered by third party networks
        • Use of AAA signaling to secure and guarantee accounting for multi-operator optical networks
    • 37. Open Research Questions
      • Planning of Multiservice Systems
        • Unified billing systems: real-time processing of offline records
        • Prepaid models: business aspects of users quota, rating pools, etc
        • Mobility and roaming characterization: impact of context, network type, operator, correlated residence times, etc
      • Optimization of AAA Systems
        • Integration of advanced pricing models into the accounting reliability optimization mechanism.
        • Integrating the proposed delay mitigation into evolving standards such as 802.21 in IMS context.
      • Investigating of new potential applications for AAA systems
        • E.g., power systems, cognitive radios, sensor networks, and automotive services

    ×