1 / 9

RADIUS Prepaid Extension

RADIUS Prepaid Extension. draft-lior-radius-prepaid-extensions-05.txt. Avi Lior, Yong Li, Bridgewater Systems Parviz Yegani, Cisco Systems Kuntal Chowdhury Nortel Networks. Requirements. Provide support for Prepaid User. Quota management Usage metering Session control

kevlyn
Download Presentation

RADIUS Prepaid Extension

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. RADIUS Prepaid Extension draft-lior-radius-prepaid-extensions-05.txt Avi Lior, Yong Li, Bridgewater Systems Parviz Yegani, Cisco Systems Kuntal Chowdhury Nortel Networks

  2. Requirements • Provide support for Prepaid User. • Quota management • Usage metering • Session control • Support Prepaid business models. • Time based, Volume based, “Token” based (unit less) • Simple rating and complex rating • Session based and single event based.

  3. Key Features • Quota based. • Quotas are initially exchanged in Access-Request/Accept; and are refreshed in Authorize-Only exchanges. • Use RADIUS accounting messages only to record what has happened for audit and billing purposes.

  4. What is New • Simplified the Architecture model (draft 4) • Added support for Multi-Services (draft 5) • Functionally aligned with Diameter CC. • Cleanup and incorporation of comments received on list and privately. • Joel Halpern • Mark Grayson • Nagi Reddy Jonnala • Mike Santoro • Farid Adrangi • Damien Galand • Lothar Reith • Stefaan.de Cnodder

  5. Prepaid Architecture NAS Prepaid Server Prepaid Client Prepaid attributes carried by RADIUS RADIUS Client RADIUS Server RADIUS User Device Router/Gateway Internet

  6. Multi-Services • Main service or “Access Service” • This is what we traditionally authenticate and authorize. • Operators what to differentiate between IP-flows • Some flows are more valuable. • Some flows are metered differently. • Some flows have different QoS. • Additional flows only require authorization only.

  7. Prepaid for Multi-Services • Service defined by a Service-ID (string) • A Service can be an IP-Flow defined by IP-tuples. • “Access Service” is the default or initial service. 3GPP2 it corresponds to the Main-Service-Instance. • Quota allocated • To one Service at a time; or • A group of Services using Rating-Groups: • Rating-Group preconfigured in the Service Access Device. • Define the rating (complex rating) and the Services that are associated with that Rating-Group. • Pools • Associate quotas assigned to Services or Rating- Groups to Pools. • Minimize message. • Help when services are not drawing on quotas equally.

  8. Multi-Service Example PPS NAS/PPC A: A user is Authenticated and Authorized as prepaid and assigned quota to the “Access Service” of 2MB. B: NAS wants to Authz another Service (eg VoIP). Sends an Access-Request (AuthOnly) with PPAQ specifying SID =Service-A. Session-Id needed to tie this Authorize-Only to previous AuthN/AuthZ. C: PPS replies with Access-Accept with a PPAQ for Service-A containing Volume of 1 MB. D: “Access Service” and Service-A request more quota. Report what they used. Update-Reason Quota-Refresh E: PPS authorize more quota to both. Access Service (+2MB) has 4 MB,Service-A (+1MB) 2MB F: User logs off. Report used quota. “Access-Service” 3MB, Service-A 1.5 MB. We know that it’s the end because the PPAQ indicates the cause for reporting Update-Reason User-Termination. A AuthN/AuthZ “Access Service” Session-Id, [PPAQ SID=Service-A] B Access-Request Authz Only [PPAQ QID Service-A, I MB] C Access-Accept Authz Only [PPAQQID 2 MB][PPAQQID Service-A, I MB] D Access-Request Authz Only [PPAQQID 4 MB][PPAQQIDService-A, 2 MB] E Access-Accept Authz Only [PPAQQID 3 MB][PPAQQIDService-A, I.5 MB] F Access-Request Authz Only Access-Accept Authz Only

  9. What is next • Add support for single event. • Scenarios: • Single Event Prepaid Authorization with Authentication. • Single Even Prepaid Authorization only – user has already been authenticated. • Mapping to Diameter

More Related