M2M Service Session Management (SSM) CSF
15
M2M Service Session Management (SSM) CSF Group Name: WG2-ARC Source: IDCC, LGE, ZTE Meeting Date: Agenda Item: CSF Definitions
-
Upload
hugh-mclaughlin -
Category
Documents
-
view
227 -
download
0
description
Outline M2M Service Session Requirements Definition of M2M Service Session M2M Service Session Use Case Examples Role of M2M Service Session Management (SSM) CSF Describe SSM CSF capabilities Describe relationship with other CSFs Show some Stage-2 message flows Show SSM resources
Transcript of M2M Service Session Management (SSM) CSF
M2M Service Session Management (SSM) CSF
Group Name: WG2-ARCSource: IDCC, LGE, ZTEMeeting Date: Agenda Item: CSF Definitions
Outline
© 2013 oneM2M PartnersoneM2M-ARC-0397R01
2
• M2M Service Session Requirements• Definition of M2M Service Session• M2M Service Session Use Case Examples• Role of M2M Service Session Management (SSM) CSF
– Describe SSM CSF capabilities– Describe relationship with other CSFs– Show some Stage-2 message flows– Show SSM resources
Requirements
OSR-003 The M2M System shall support the ability to maintain M2M Session in coordination with application session for those M2M Applications that require it.
OSR-004 M2M System shall support the ability to support session-less application communications for those M2M Applications that require it.
CRPR-005 The M2M System shall be able to maintain context associated with M2M sessions (e.g. security context or network connectivity context during the interruption of the session).
Source: oneM2M-TS-0002-Requirements-V0_6_2
Definition
Source: oneM2M-TR-0004-Definitions_and_Acronyms-V0.2.0 + oneM2M-TP-2013-0352
“M2M Session: A service layer communication relationship between endpoints managed via M2M Common Services consisting of session authentication, connection establishment/termination, transmission of information, and establishment termination of Underlying Network services”
Use Case #1 – Real-Time Audio/Video
© 2013 oneM2M PartnersoneM2M-ARC-0397R01
5
Mcc
Infrastructure Node
Middle Node
Application Service Node
CSE2 CSE3Mcc
CSE1
Mca
AE1
• M2M service session endpoints AE1 and AE2 exchange real-time audio/video commands & data• CSEs manage end-to-end real-time service session between AEs (e.g. establishment/termination),
communication,…)• Service session overlaid on top of multiple underlying network connections (i.e. for each hop)
• Service session is persistent w.r.t. underlying network connections • CSEs use AE defined session policies to coordinate end-to-end QoS required by AE1 and AE2• CSEs collect service session context (e.g. history of prior requests)
• CSE can use context and also make it available to AEs
AE2Mca
Without M2M service session, AEs lack sufficient capability to configure end-to-end communication
policies and CSEs lack capability to effectively manage end-to-end communication.
Use Case #2 – Real-Time & Secure Health Monitoring
© 2013 oneM2M PartnersoneM2M-ARC-0397R01
6
• M2M service session endpoints AE1 and AE2 exchange real-time and secure patient vital signs• CSEs manage end-to-end real-time and secure service session between AEs
• CSE-based registration enables securing individual single hops between CSEs and AEs • Service session enables securing end-to-end multi-hop exchange of patient vital signs
• Traditionally, the burden of securing end-to-end communication has fallen on the AEs• E.g. Over-the-top AE-based end-to-end authentication and encryption
• Service sessions can help offload burden from AEs while not compromising security and also enable additional value-add CSE services that are not possible with over-the-top AE-based security (data centric services such as analytics, semantics, etc)
Mcc
Infrastructure Node
Middle Node
Application Dedicated Node
CSE1 CSE2Mca
AE1 AE2Mca
Without M2M service session, oneM2M service platform lacks services to support end-to-end security. This puts the end-to-end security burden on AEs and
also limits the type of services CSEs can offer.
SSM CSF• SSM CSF manages M2M service session
establishment, communication, and termination.• SSM CSF enforces service session communication
policies, collects and maintains service session context, and generates service session events.
Note – For use cases that do NOT require a service session, SSM CSF will not be used.
SSM CSF Capabilities• Service session authentication, establishment and termination• Collect and maintain service session context/history
– E.g. Keep history of transactions between session endpoints
• Manage service session policies – E.g. SSM can use policies to configure CMDH on a per-session basis
• Manage sessions spanning multiple hops of CSEs– Coordinate and distribute service session policies end-to-end to each SSM on
each CSE along a multi-hop path– Likewise, collect/exchange service session context end-to-end
• Coordinate with other CSFs to support service sessions– E.g. CMDH, SEC, NSE, SCA, etc– E.g. Collaborate with NSE and CMDH to manage underlying network
connections and services required for end-to-end service session
Service Session EstablishmentCSE1AE1 CSE2 CSE3 AE2
Request to Establish M2M Service Session(Session policies, Target endpoint(s) – ‘AE2’, Other attributes,…)
Request to Join the M2M Service Session
Response (M2M-Session-ID,Session Credentials, …)
Response (M2M-Session-ID,Session Credentials, …)
AE1 Registers CSE1 AE2 Registers CSE3
FWD the Request to CSE(s) where the Target Endpoint(s) is registered Notify the Request
FWD the Join Request
Determine M2M-Session-IDand Session Credentials
M2M Service Session is successfully established
Application Dedicated Node
SSM CSF Example
© 2013 oneM2M PartnersoneM2M-ARC-0397R01
10
Middle Node
Mcc
InfrastructureNode
Application Dedicated Node
CSE2CSE1
Mca
CMDHCMDH
AE1
Service session-based communication between AEs
SSMSSM AE2McaDMR
• AE1 establishes service session via CSE1 and configures session communication policies, etc.• AE2 joins service session via CSE2/CSE1
• During this process, SSM on CSE2 is configured with session info from SSM on CSE1• AE2 sends session-based request to AE1 resources via CSE2 and CSE1
• CSE1 can host AE1 resources and service requests on behalf of AE1, or• CSE1 can re-target requests to resources hosted on AE1 that AE1 can service itself
• SSMs on CSE1 and CSE2 service requests and responses in a session-based manner• E.g. SSMs collaborate with CMDHs to configure delivery parameters based on session policies
DMR
NSE NSE
Session-Based Request
M2M-Session-ID = X M2M-Request-ID = Y …
Service Session-based requests can optionally be encrypted using service session-based credentialsNote – Need to consult with SEC WG to further explore this.Note – Association between M2M-Session-ID and M2M-Request-ID is FFS
• CMDH CSF– Supports policy-based delivery of individual M2M requests between CSEs
• Each request has its own independent M2M-Request-ID and delivery parameters
– CMDH provides communication connection controls• Like ISO network model layer 4 functions
– SSM CSF supports policy-based delivery of a stream of session-based requests over top of CMDH policy-based delivery of individual M2M requests (CMDH provides bearer-like mechanism for SSM)• Like ISO network model layer 7 functions, e.g. SIP - SSM handles the session related capabilities which
is based on underlying CMDH based connections• Requests from the same service session share the same M2M-Session-ID and delivery parameters.
This allows SSM CSF to manage these requests in a session-based manner. • SSM CSF is a customer of CMDH CSF. SSM CSF uses session-based policies to configure CMDH delivery
parameters so requests are delivered in a manner that meets the session requirements. • SSM also collects/maintains service session context and generates service session events based on the
service session requests it services which CMDH is not able to do since it is not aware of sessions.
Note - Some non-service-session based CSFs do not need SSM and can invoke CMDH directly.
Relationship between SSM & CMDH
Relationship between SSM & CMDH
CSE
Mcc
Mca
CMDH (Communication Management and Delivery Handling)
AEAE AE
SSM(service sessions mgmt.)
NSE(Underlying Network Services Entity )
DMR
Mcn
non-service-session based communication request
service-session based communication request
Other CSFs
Relationship With Other CSFs• REG CSF
– REG CSF supports an AE or CSE registering to a local CSE to use its M2M services • REG CSF-based registration is single-hop in nature
– SSM CSF supports establishing communication relationships between AEs and/or CSEs layered over top of REG CSF M2M registration(s)• Service session can be multi-hop and end-to-end in nature
• DMR CSF– SSM CSF collaborates with DMR CSF to service session based requests targeting CSE hosted resources
• SEC CSF– SSM CSF may collaborate with SEC CSF for management of service session related security
credentials and authentication of session participants• NSE CSF
– SSM CSF may collaborate with the NGE CSF for establishment termination of Underlying Network services to support service session
– This may be indirectly via CMDH• SCA CSF
– SSM CSF may share service session context and events with SCA CSF
Next Steps and Open Items
© 2013 oneM2M PartnersoneM2M-ARC-0397R01
15
• Next Steps:– Reach clear consensus on SSM concept and capabilities
• Based on approved use cases and requirements
– Reach rough consensus on SSM relationship with other CSFs– Define SSM resources and procedures
• Open Items– Detail relationship between SSM and other CSFs– SSM interaction with SEC
• Service session credentials, authentication, encryption, threats, etc
