|
|
| |
Industry Insights |
| |
Role of CSN and challenges addressed in WiMAX 802.16e Ecosystem
World Interoperability for Microwave Access (WiMAX) reduces the barriers to widespread broadband access that is standard based compliant wireless solutions engineered to deliver fixed and mobile services. |
|
Moving to Next Generation Networks
As competition is intensifying service providers need to improve their competitive positioning through offering value added services that drive ARPU.
|
|
|
|
|
|
| |
|
 |
| |
Role of AAA in WiMAX |
| |
| WiMAX has been designed as a true next-generation access technology. WiMAX provides fixed, nomadic, portable, mobile wireless broadband connectivity without the need for direct line-of-sight with a base station and is expected to replace the GSM Technology in the long term. Much has been talked on what WiMAX can enable but the real challenge is living upto the expectation of the customer through efficient service delivery. In the WIMAX forum’s NWG release specification AAA is specified as the basic building block to effectively capitalize on the opportunities presented by WiMAX. |
| |
| The reference architecture, service flexibility and mobility supported by WIMAX demands a robust AAA server. In addition to the authentication, authorization and accounting functionality required by other types of networks, WIMAX AAA system requires the intelligence and performance to manage mobility and roaming. In this respect, the role of the AAA system in WIMAX networks extends well beyond access security and accounting, and into the very enablement of WIMAX services. Service providers will need to closely examine the capabilities of the AAA system for successfully launching WiMAX services. Akin to any other type of network, the AAA server performs the following tasks in case of WiMAX: |
| |
 |
Authentication: The credentials of users seeking access to the network are verified as part of the authentication process. CPE Credentials and its association with customer are also verfied as part of authentication. |
|
Authorization: The user is granted or denied access to resources based on whether the success or failure of authentication. In case of successful authentication the user is authorized to use the services with designated rights based on the profile. |
|
Accounting: The “usage” of services made by the user is tracked for the purpose of rating or charging by downstream systems. |
|
| |
| |
| With WiMAX, a user can access one or more services at the same time. This added with mobility brings the following challenges on the AAA front: |
| |
|
MIP for Mobility: The system needs to support wireless Mobile-IP (MIP) standards that are very essential for data roaming facility which would allow subscribers from one network to use their devices to access their “home” data services on another network. |
|
On-the move authentication: Centralized encryption and key management is needed for security while ensuring fast handovers when users switch between different networks. |
|
Managing differentiated services for a single customer profile: QoS requirements of different services is different. The user needs to be provided with the appropriate QoS depending on the service he’s accessing from time to time. |
|
Consolidation of Usage: When the user moves from between different WiMAX base stations while accessing services, numerous usage records are likely to be generated for each service. Aggregating, correlating, formatting and passing consolidated usage information to downstream systems becomes a vital factor for accurate accounting. |
|
Flexible and versatile policy management: Various policies like access policy, QoS policy, and concurrent login policy drive the access to services rendered to a WiMAX user. In certain cases where the IP allocation too is driven by IP pool management policies. This requires versatile policy management functions to ensure efficient subscriber profiling considering a multi-service scenario. |
|
Centralized State Management: Providers need to track active sessions across the network and maintain essential subscriber information in a realtime data store. This is required to look up the IP address being used by a subscriber and enables tracking the session’s starts and stops in realtime. |
|
Support for ASN gateways with different NWG compliance: The infrastructure and access networks for realizing services over WiMAX are varied. Some ASN gateways comply with the WiMAX Forum’s Network Working Group (NWG) 1.0 specifications while some others comply to 1.2 specifications. It becomes imperative for the provider to AAA system to support both types of compliances to look into current as well as future needs. |
|
AAA Vendor Selection: Key challenges in AAA vendor selection include but are not limited to compliance of AAA as per latest WiMAX standard, compliance to latest RFCs, support for variety of network elements, supported data sources, policy management, supported 3rd party elements, and so on. |
|
| |
| WiMAX AAA - Check list |
| Standards |
802.16 & 802.16e & NWG 1.2 Compliant |
| QOS |
Multi Service QoS |
| Mobility & Security |
802.16e Certificate Support |
| Protocols |
RADIUS & Diameter (Roadmap) |
| Accounting |
Flow based & Session based
Accounting with Prepaid Support |
| Authentication |
EAP-TTLS & EAP-TLS |
|
| |
| |
EliteAAA Features |
| |
| EliteAAA provides a future-proof AAA solution which allows providers to easily adapt to ongoing changes in the WiMAX ecology even as they add new access networks resorting to differing standards and protocols as per their business needs. |
| |
|
Multi-service, Multi-business Support: The system supports AAA for multiple services to provide access to the subscriber considering bandwidth, QoS, IP, concurrent sessions and so on. It supports multiple business models based on subscriber profile. |
|
Policy Management: EliteAAA policy repository provides control on access to advanced services across multiple networks in fixed, mobile & converged deployments. It uses global or NAS-specific IP pools comprising a list or range of IP-Address and allows more than one NAS to share common centralized address pools. |
|
Pre-provisioned QoS: It can communicate pre-provisioned QoS parameters such as upload or download bandwidth related parameters, where the metering could be time-based or volume-based, to the network elements. It supports dynamic tariff switching through pre-provisioned QoS. |
|
Prepaid WiMAX Support: EliteAAA ascertains whether the ASN/HA provides prepaid accounting support while trying to authenticate the user. If such support is available, and the user being authenticated is of prepaid type, it responds back with usage access limit based on the metering type. EliteAAA’s active mediation interfaces with the pre-rating engine to avail usage access limit. |
|
Flow-based Accounting: Flow-based accounting is critical for providers to deploy plans with innovative flow-based pricing schemes. EliteAAA supports complex accounting correlation strategies that take care of the numerous accounting records generated as a result of mobility. It deals with large volumes of accounting information and identifies usable records from the raw accounting records it receives and synthesizes those records into formats that can be used by downstream systems. |
|
Broad Multi-vendor Support: The system fits into any network environment and works with the widest variety of network access equipment. This broad multi-vendor support leads to easy integration of legacy systems with new systems. It supports most of the back-end authentication databases, and is compatible with the latest authentication, provisioning, and billing systems. |
|
RFC Compliance and Diameter Support: EliteAAA complies with latest RFCs and provides support of Radius & Diameter for AAA. |
| |
|
| |
RFC Compliance |
| |
|
RFC 3748 - Extensible Authentication Protocol (EAP) |
|
RFC 3579 - RADIUS Support for EAP |
|
RFC 2246 - The TLS Protocol, Version 1.0 |
|
RFC 2716 - EAP-TLS Authentication Protocol |
|
Draft-Funk-EAP-TTLS-v0-04.txt - EAP Tunneled TLS Authentication Protocol Version |
|
Draft-Ietf-PPPEXT-EAP-TTLS-01.txt - EAP Tunneled TLS Authentication Protocol |
|
RFC 2868: For encrypting master session key and MIP keys for WiMAX |
|
Draft-LIOR-Radius-prepaid-extensions-14.txt - Prepaid Extensions to Remote Authentication Dial-In User Service (RADIUS) |
|
| |
|
| |
WiMAX Forum NWG Compliance |
| |
|
WiMAX Forum Network Architecture – Stage 3 – Detailed Protocols and Procedures – Release 1.0.0 |
|
WiMAX Forum Network Architecture – Stage 3 – Detailed Protocols and Procedures - Release 1, Version 1.2 |
|
WiMAX Forum Network Architecture - Stage 3 - Annex: Prepaid Accounting - Release 1, Version 1.2 |
|
| |
|
|
Realtime Session Management & Accounting: It enables real-time session management to enable mobility, roaming, security, and usage tracking. EliteAAA aggregates, correlates, formats, and automatically streams records to appropriate billing and settlement systems with no human intervention. |
| |
|
|
Multi-protocol Support: Dual-stack AAA with RADIUS and Diameter support enables migration to IMS. |
| |
|
|
Single-platform Solution for WiMAX: EliteAAA provides a highly scalable, carrier grade AAA system with inbuilt policy management for mobile WiMAX CSN. |
| |
|
|
Seamless Integration with CRESTEL CSN components: |
| |
|
CRESTEL Realtime Billing |
|
CRESTEL Rating & Balance Management |
|
CRESTEL Multi-Service Product Catalog with Rule based Policy Management where QoS and Service Flows can be configured as part of Single Product Plan |
|
|
| |
 |
| |
EliteAAA Benefits |
| |
|
Faster rollout of differentiated services. |
|
Smooth migration from fixed to mobile WiMAX. |
|
Multi-vendor support on a single platform. |
|
Checks revenue leakage likely to arise from flow-based accounting. |
|
Easy migration to IMS by supporting existing and new applications. |
|
Integrates easily with all types of network infrastructure and access equipment. |
|
Improvized control and management of subscriber service realization. |
|
Serves multiple networks, eliminating the need to re-provision subscribers as new networks are introduced, and accelerates time to market for new services. |
|
Simultaneous support for RADIUS and Diameter provides investment protection for legacy applications and services as providers roll out new SIP-based services and migrate to next-generation 4G networks and IMS/MMD frameworks. |
|
Leverage new business models with a common policy management infrastructure. |
|
Supports differentiated services and appeals to a broader base of subscribers who may want to manage data services consumption in different ways. |
|
Reduce customer-care costs, and improves customer satisfaction during the migration to new network services, thus minimizing subscriber churn. |
|
Cost-effective migration from RADIUS to Diameter by reusing many existing components such as servers and databases and facilitating the gradual introduction of Diameter-based network elements. |
|
Uninterrupted availability of services without compromising on quality as a result of the failover measures taken by the service provider. |
|
Roaming between networks provides a realtime mobile experience. |
|
Real-time assistance in the form of notifications on events such as exhaustion of credit limit and automatic redirection to payment gateways, recharge portals and any other service provider designated portals. |
|
Benefits from high data rates, high sector throughput, multiple hand-off mechanisms, advanced QoS and low latency for improved support of realtime applications. |
|
Savings from cost-effectiveness due to bundling of services with high level of security. |
|
Independence of choosing WiMAX-enabled equipments due to elimination of vendor-dependency. |
|
| |
| |
|
|
|
|
