240 likes | 372 Views
Network Composition between Ambient Networks Cornelia Kappler, Siemens AG. ITG Fachgruppentreffen in Aachen, 4./5. Mai 2006. Outline. Motivation for Composition Composition Examples Composition Process GANS Protocol Identifiers in Composition Detailed Use Case Standardization Summary.
E N D
Network Composition between Ambient NetworksCornelia Kappler, Siemens AG ITG Fachgruppentreffen in Aachen, 4./5. Mai 2006
Outline • Motivation for Composition • Composition Examples • Composition Process • GANS Protocol • Identifiers in Composition • Detailed Use Case • Standardization • Summary
Motivation: Why Composition? • Number and heterogeneity of networks increases • Common interface for data communication (IP) exists But what about control signalling? • Networks have different capabilities/resources How to extend the capabilities/resources of networks? • Networks are moving How to attach/detach moving networks? • Radio resources are not the bottleneck But how to exploit them?
Motivation: What is Composition • A central concept of Ambient Networks is Composition • Composition is… • a uniform, dynamic procedure for network interworking on the control plane • Control Plane Interworking regarding • routing, addressing, mobility, QoS, security, charging,.. • Uniform procedure • independent of network type and technology • Dynamic procedure • minimize human intervention
Composition Examples WLAN WLAN PAN 2 WLAN Access Network in a Café BlueTooth UMTS Attaching the Access Network to the Cellular Network Creation of PAN 1 Cellular Operator Network B Cellular Operator Network A Automatic establishment or dynamic update of Roaming Agreements
Composition Examples • Types of Composition • Network Integration • Involved networks merge into one common network • E.g. creation of a PAN • Control Delegation • One AN delegates certain control functions to the other AN • 3GPP-WLAN interworking:WLAN delegates authentication, authorization and charging to 3GPP network • Mobility delegation a la nemo • Network Interworking • Cooperation but no control delegation • E.g. dynamic roaming agreements Increasing control plane interworking
AmbientServiceInterface AmbientConnectivity Ambient Control Space Ambient Control Space AmbientNetworkInterface AmbientNetworkInterface FE5 FE5 FE1 FE1 AmbientConnectivity AmbientConnectivity FE2 FE2 FE6 FE6 AmbientResourceInterface Network A+B Composition FE Composition FE FE 4 FE 4 FE 3 FE 3 Composition Procedure FE: Functional Entity Ambient Control Space QoS-FE FE1 Mobility FE FE4 Composition FE FE 4 FE 3
AN 2 FE A2 FE B2 FE C2 Composition Procedure ANI Media sense Media Sense AN 1 AN 2 FE A1 FE B1 Discovery / Discovery / Advertisement GANS FE C1 Security and InternetworkingEstablishment Communication of Functional Entities (FEs) across ANI Composition Agreement Negotiation Composition Composition Agreement Realization
GANS Signaling ANI AN 1 AN 2 • Protocol for communication of FEs across ANI (and intra-AN) • To facilitate composition • E.g. QoS FEs negotiate SLA • Is backwards compatible with NSIS protocols • standardized by NSIS (Next Steps In Signaling) WG of IETF • NSIS is a general protocol suite control signaling • Modular and extensible • Signaling flow-related • Signaling to entities on the flow path • GANS generalization • Signaling composition related rather than flow-related • control signaling between FEs rather than along data path • Symbolic addressing of FEs FE x FE y GANS
GANS Signaling • Two layer approach: • Lower layer for transporting signaling messages and common functions • Upper layer for signaling applications • Upper layer GSLPs (Application Layer) • Actual signaling application, e.g. SLA negotiation • Lower layer GTLP (Transport Layer) provides common message transport services • Resolves abstract name (“FEy.AN1”) into host ID/locator (e.g. IP address) • Locates signaling peer, i.e. FE in other AN • Establishes security association between pairs of signaling FEs • Establishes signaling relation between pairs of signaling FEs • maintained if a peer FE is relocated/reconfigured NSIS GANS SLS Negotiation GANS Application Other GANS Applications QoS NSIS Application NAT/FW NSIS Application Abstract Addressing Resolution Lower NSIS / GANS Layer
Identifiers in Composition • Problem • How identify entities as belonging to a particular AN • E.g. nodes, FEs,… • How dynamically change this identification upon composition? • Identification includes • Authentication • Establishing a security association • …
Identifiers in Composition • Solution • Each security domain (e.g. ANs α and φ) is identified by a public key • E.g. α, φ • These identifier / public keys are exchanged in the Discovery/Advertisment phase • The associated private key is located with the security manager of the AN • E.g. Nodes B, F • Each entity owns a self-generated private/public key pair • E.g. A, A* • Each entity belonging to the same AN owns a certificate by the security manager, signed with the private key • This way entities belonging to this AN can authenticate themselves
Identifiers in Composition • Rearrangement of identifiers upon composition • Example: network integration, φ absorbs α • Security manager of AN αsends list of all entities belonging to αto security manager φ • E.g. entities A, B, C • Security manager of AN φ issues membership certificates to A, B, C • Security manager of AN φ installs the membership certificates in each A, B, C • with an assertion from manager of AN α • Security manager of AN α removes its own membership certificates from A, B and C
Composition Use Case: Extension of an Access Networks • Café sets up WLAN network to offer Internet Access to its customers • has corresponding agreement with Operator Network • Case 1: Customer is authenticated and charged by Operator Network • Case 2: Customer is authenticated and charged by Café Network • Café and Operator have SLA guaranteeing access and bandwidth As 3GPP-WLAN interworkingin 23.234, but plug&play and more flexible
Composition Use Case: Extension of an Access NetworksMapping onto Composition Process • Discovery • WLAN Access Router has preconfigured access information • IP address of Operator gateway ->Ambient Network ID • WLAN sends discovery message to Operator gateway • Security and Internetworking Establishment • Authentication and Authorisation • Establishment of IPSec tunnel for control signaling • On basis of pre-established shared secret • Composition Agreement preconfigured. May detail control delegation: • Who is responsible for allocating addresses? • Who is responsible for authentication and authorization? • Who is responsible for charging? • QoS (may still adjust this via SLA negotiation) • Composition Realization
Composition Use Case: Extension of an Access NetworksNew Functionality needed • Discovery • WLAN-internal logic decides to send discovery messages upon detecting Internet connectivity • Protocol for such messages • Operator gateway-internal logic allows acting upon reception of discovery messages • Dynamic automated agreement establishment between Café Network and Operator Network • Preconfigured Agreements • Protocol for agreement establishment • Dynamic agreement realization • WLAN may have to activate DHCP Server, accounting…
Composition - Standardization • The Ambient Networks Project established aStudy Item “Network Composition” in 3GPP SA1 • TR 22.980 „Network composition feasibility study; (Release 7)” • Content • Purpose and benefits of composition • Use cases • Requirement • Composition Process • New functionality in 3GPP networks • Relation to other functionality in evolving 3GPP architecture • AIPN,…
Summary • Composition is a uniform, dynamic procedure for network interworking in the control plane • Feasibility study in 3GPP • Composition process • Discovery/ Advertisment • Security and Internetworking establishment • Composition Agreement negotiation • Composition Agreement realization • GANS is the protocol for negotiating and realizing Composition Agreements • Based on NSIS work • ANs and their members are identified by a cryptographic key • Certificates based on this key identify members • Certificates are updated upon composition • Composition is a Study Item in 3GPP SA1
Ambient Control Space Ambient Control Space FE5 FE5 FE1 FE1 AmbientConnectivity AmbientConnectivity FE5 QoS-FE FE1 FE2 FE2 FE6 FE6 Mobility FE FE2 FE4 Composition FE Composition FE FE 4 FE 4 FE 3 FE 3 Decomposing Thank you! Any Questions?
GANS Signaling – GTLP and DEEP • DEEP (Destination Endpoint Exploring Protocol) • Supporting distributed name resolution of abstract name into host ID/locator (e.g. IP address) • Flexible regarding name resolution infrastructure (DNS, more dynamic mechanisms,…) • Not tied to any particular name resolution mechanism/concept FE x FE y GANS GANS GANS GSLP GSLP name resolution name resolution GTLP GTLP AN 1 name resolution AN 2 DEEP name resolution
Composition Agreement - Overview • The agreement made between two ANs during the composition is called the Composition Agreement • Can pre-establish and re-use Composition Agreements • E.g. for reoccurring compositions • A Composition Agreement covers Commercial and Technical issues • Details of composing AN‘s relationship
Composition Agreement - Information Model Composition Agreement Legal Issues Identification Financial Issues Service description Monitoring & performance reporting QoS related part Problem reporting & Troubleshooting Other issues
Different Composition Agreements • Depending on compensation involved different forms of Composition Agreements may be required • medium or large amount of compensation, e.g. 3GPP networks composition • preestablished paper Composition Agreements giving legal framework, possible range of cooperation • During composition procedure determine specific parameters • low or no amount of compensation, e.g. small AN networks, or PANs composing • electronic Composition Agreements • Electronic Composition Agreements may revolutionize network cooperation, in a way credit cards have revolutionized the way we pay!