190 likes | 312 Views
Distributed Storage Networks. Dr. Stephan Rupp s.rupp@alcatel.de. Distibuted Storage Networks. Problems in current network design Solutions - the Flexinet approach Data beyond current user profiles Technical options for distributed storage networks. Current Networks, for example 3GPP.
E N D
Distributed Storage Networks • Dr. Stephan Rupp • s.rupp@alcatel.de
Distibuted Storage Networks • Problems in current network design • Solutions - the Flexinet approach • Data beyond current user profiles • Technical options for distributed storage networks
Current Networks, for example 3GPP Each function requires new network elements. => growing complexity
Problems with current network design Specialised Network Elements Specialised Protocols User Data hidden in Network Elements No Future! C#4 Gc#3 D#17 • a closed environment • a network for each service • too complex • too expensive Iu#19
Distibuted Storage Networks Functions of network elements & protocols become self-explanatory • Problems in current network design • Solutions - the Flexinet approach: • Data beyond current user profiles • Technical options for distributed storage networks • > go “meta”: use IDL on interfaces & semantic models to describe the meaning of interfaces • > separate data from applications Facilitates virtualisation of resources (application = computer power, data = storage). The bigger bang.
The traditional approach: functions and protocols Billing CRM HSS CC CSE The Customer Distributed and hidden information Marketing
A new approach: data centric design Billing CC Marketing Consolidation of customer data HSS “The Customer Profile” CSE CRM
HLR SCP Keep data in one place. HLR1 SCP2 SCP1 HLRn HLR2 SCPn Video Mail Voice Mail Video Mail Voice Mail E-Mail SMS E-Mail SMS Technical Challenges Instead of protocol specifications: IDL + semantic model of interfaces Data models & technical options for implementation (distribution, persistency, redundancy, security) Which data? New areas of application?
Distibuted Storage Networks • Problems in current network design • Solutions - the Flexinet approach • Data beyond current user profiles • Technical options for distributed storage networks:
Beyond current user profiles Device HW FW SW • Extended User Profile • e.g. Mobile Subcriber • User data and services subscribed • Device Profiles • associated with user profile • decribes device, supplier, hardware, firmware software • Identification System • Semantic models for classification • Meta Data • Place, how to access, interface definition Messages, Files, Executables and Blobs • Any information distributed over the network in need of storage User Device
Beyond current service offerings Identity Provider Semantic Modell: System for Classification and Schnema-Transformations Meta-Information: Object References, IDL, Inventory User and Devices Devices & Software (Supplier, ASP) Service ?
Distibuted Storage Networks • Problems in current network design • Solutions - the Flexinet approach • Data beyond current user profiles • Technical options for distributed storage networks: > store data in a redundant and secure way > present single point of access to all data for all applications and administrative systems
Redundancy and geographic distribution Fibre Channel DWDM SDH Dark Fiber Database Server Database Server Database Server Database Server LAN LAN WAN Layer 2 Appl. Logic 1 e.g. HLR Appl. Logic x Appl. Logic 1 e.g. HLR Appl. Logic x Layer 3 Signaling Network (SS7, SIGTRAN) WAN Site 1 Site 2 SAN SAN Layer 1 Fibre Channel
Resilience and Redundancy Source: Siemens/Apertio, Flexinet 2nd operator workshop, Dec. 2, 2005
Security threats for distributed storage networks • Same risks as in current distributed systems, but the the potential damage is much bigger. However: • Centralisation facilitates higher level of protection compared to protecting many distributed systems.
Security Concept: Access Control & Roles Departsments/ Organisations define: Authentication Role Security Policy Functions Access rights Tasks Processes Role Processes Security Policy Security Policy Security Category . . . Desired Ressource . . . Role Security Policy Authorisation Access rights Functions Tasks Processes Processes Application / Ressource Security Policy
Security Policy How - should access be controlled ? - secure has communication to be ? - to reverse interventions ? - to log interventions ? How, how-long, where - should data be stored ? What is used ? is accessible ? Security Policy Access rights to - IT services (applications, tools) - Data - Ressources (Subnetworks, disks, ...) Administrator rights Physical access to - plants and buildings - technical equipment ... Processes - Logging, recording of interventions Log Files, Tracking - Physical access Authentication, Monitoring, ... Registration, Deregistration, ... - Backup procedures - Roll Back methods ...
Thanks for your attention! Questions? www.alcatel.com