Professional Documents
Culture Documents
Aug, 2009
Futureinfonet
Proposed AAA system is …
Interface Systems
•Samsung ASN-GW
•Multi vender ASN-GW, Simultaneously
•Multi protocol, Simultaneously
•Proxy / Server Mode, Simultaneously
•Cisco HA
•Verint LI Server
•Billing: Oracle, Geneva, Darnet Baltic UAB, Netup, ESKADENIA,
Crescent
•OpenNet AAA
•Mformation OMA-DM
•Cisco SME/SCE
•Hot lining ( ASN-GW Hot lining, HA Hot lining)
•CPEs in the world (by 2nd International Certification Center)
AAA Key Features
Standard Features
•High preference memory database
•Multi-Profile support, i.e. Bronze, Silver, Gold, roamer vs. non-roamer
•Configurable Peer management
•Intelligent Routing Features i.e. Realm / NAI / User-Name / App ID based
routing
•Extensible via Plug-in capabilities
•High functionality, high performance
•Multiple business model supported, i.e. wholesale/MVNO/retail
(need customizing for interwork with VNO’s systems)
•Simultaneous Radius and Diameter support
WiMAX Features
•Multiple EAP methods (TLS, TTLS, AKA, MSCHAPv2)
•Mobility Key Generation and Management
•Active Session State, i.e. Pseudo and Real Identity
•Mobility Control
•Fixed & Mobile WiMAX support
•Convert Pseudo-ID to Real-ID in accounting record
•WiMAX Forum Compliant and committed to Standards
AAA Components
Key Components
•Support Multiple Access Network – Non performance impact
•Support Multi-vender Access Network– Non performance impact
•Dual Stack (RADIUS and DIAMETER)
•Proxy & Server mode support
•Intelligent Routing Features i.e. Realm / NAI / User-Name / App ID based
routing
•OAM
•Accounting Interface
•Subscriber Management Management Layer
•Modula software Log Manager
Configure Statistics Alarm/Status
Admin Control
Manager Manager Control
Application Layer
Interface Layer
Diameter RADIUS
Protocol Protocol
•Inbound / Outbound Roamer Processing EAP App Accounting App AAA System
•Diameter
DIAMETER ACR (Start) RADIUS Accounting Req. (Start) Quota
DIAMETER ACA RADIUS Accounting Response remaining
•CDR
Quota
•CDR File
DIAMETER ACR (Interim) RADIUS Accounting Req
DIAMETER ACA
(Interim) debit and
remaining
RADIUS Accounting Response
Various interface
•HTTP
•HTTPS – Secure channel
•DB API
•TCP Message
Benefits
•Flexibility and Control
•Fast implementation
DB
Service HTTP/S Subscriber & Service Info.
Connection
Function Service (ID, Password, Service etc)
Manager
MS Auth. Key Info.
(Fixid, K)
Environment Log
Manager Manager
Operation, Administration and Maintenance
Administration
•Administrator Register / Management
•Peer Configuration Inquiry/Addition/Delete
•Realm-Routing Configuration Inquiry/Add/Delete
•EAP Configuration Inquiry / Change
•Pseudo Key Inquiry/Addition
•Alarm Manager
•Subscriber Inquiry / Change / Modify / Delete
•Statistics & History
EAP-REQUEST / IDENTITY_
User Authentication_
Check Calling-Station-Id_
(MS’s Real MAC-ID)
EAP-SUCCESS_ EAP-SUCCESS_
Authentication / Authorization Flow
EAP-REQUEST / IDENTITY_
User Authentication
EAP-RESPONSE / TTLS:_ DER / EAP-RESPONSE / TTLS:_
UserName UserName
MS-CHAP-Challenge MS-CHAP-Challenge
MS-CHAP2-Response MS-CHAP2-Response
Authentication Request
Authorization Request
( Access-Request )
Access-Accept with
Class, QV, QT
Authentication Success
Basic Data Flow & Accounting Flow
Internet
ASN-GW Billing
AAA
MS Accounting START Accounting START
ACTIVE Acct-Multi-Seesion-Id = Class
Disconnect
Quality Of Service
Authentication
Diameter
Extract Per-SF
QoS Profile
DSA-REQ
R6 SF setup
DSA-RSP
Service Flow Based Accounting Start
DSA-ACK