1 © NOKIA 2003 diameter.ppt / John A. Loghney
Diameter overviewTWG joint meeting
Xiamen, China
June 29, 2004
John Loughney
Research Manager
Nokia Research Center
2 © NOKIA 2003 diameter.ppt / John A. Loghney
AAA & Diameter
• Next generation Authentication, Authorization & Accounting protocol
• Consists of base specification and applications• MIP
• Network Access Server (Dial-up / PPP / SLIP environment)
• SIP Services
• Accounting Extensions
3 © NOKIA 2003 diameter.ppt / John A. Loghney
RADIUS Standard Model
Diameter Roaming
4 © NOKIA 2003 diameter.ppt / John A. Loghney
Short comings of RADIUS
• Backoff unspecified
• Failover unspecified
• Application layer acknowledgement missing
• Undefined proxy behavior
• No error messages prevent intelligent failure response
• Transport security has no confidentiality, known attacks
• Replay protection only in post-processing
• No object security, subject to man-in-the-middle attacks.
5 © NOKIA 2003 diameter.ppt / John A. Loghney
Diameter Examples
Server Serverrelay
Peer connection A Peer connection B
User session X
NAS Home Server
Translation Agent
RADIUS Req Diameter Req
RADIUS Ans Diameter Ans
Diameter Connections and Sessions
Translation of RADIUS to Diameter
6 © NOKIA 2003 diameter.ppt / John A. Loghney
Diameter Proxy Example
NetworkAccessServer
Primary Proxy Server
Backup Proxy Server
Primary Home Server
Backup Home Server
local service provider
home service provider
7 © NOKIA 2003 diameter.ppt / John A. Loghney
AAA-SIP in 3GPP Rel. 5
SGW
UE P-CSCF I-CSCF
MGCF
Gm Mw Mw
SLF
Dx Cx
HSS AS
Cx
MGW
Mc
Mj
Mi
SIP
Diameter
SIP
Megaco
Mr
MRFC
GGSN
Go COPS forPolicy Control
Sh
Visited Domain
Home Domain
ISC
MRFP
Megaco
SIP-ISUP
Compression
S-CSCF
BGCF
Diameter
Diameter
8 © NOKIA 2003 diameter.ppt / John A. Loghney
Stardards Work to Do• Diameter Base Specification just submitted.• Diameter Mobile IPv4 Application nearly ready (needed
by 3GPP2).• Diameter NASREQ Application nearly ready.• CMS Security Application, needed for e2e security• AAA Key Distribution• SIP-AAA Requirements• Diameter Mobile IPv6 Application• Diameter Multimedia Application (3GPP rel. 6)• Diameter Credit Control Application (3GPP rel. 6)• May need extensions to support session mobility.
9 © NOKIA 2003 diameter.ppt / John A. Loghney
Vision
WLAN
For phones, laptops and PDAsSame authentication
Same end-to-end securitySame applications
Same service providerSame bill
Multi-radio mobile access
Sessionmobility
Access to SIP servicesWCDMA
GSM/GPRS
DSL
10 © NOKIA 2003 diameter.ppt / John A. Loghney
Corporateintranet
VPN Gateway
Operator ServicesGSM
roaming
Operator site
SS7
SMSC
AAA Server
Router/firewall
Billing system
ChargingGateway
Diameter and DNS servers
Access Controller
Any WLAN card
Internet
11 © NOKIA 2003 diameter.ppt / John A. Loghney
Operator IP
Auth. Server
AC(opt.)
GPRS-WLAN Service Mobility
Home AC
Operatorservices incl.
intelligent content
Corporate
Diameter ServerDHCP
GPRS-WLANcommonsubscriber data
Service/Access selection based on common:• Subscription (GPRS ”access points”)• Terminal configuration (opt.)
IP tunnel with IETF protocol
Common service awareness:• Differentiated and pre-paid charging
for corporate and intelligent Web content
Common connectivity to corporate:• Existing L2/L3 connections • Corporate IP address (security)• Optional authentication
AP Access Zone
Internet
Managed IP flow enables common: • Control of direct Internet access• Support of existing terminals• Service guarantee and QoS• Roaming through GRX
LAN, VLAN,or IP tunnel
12 © NOKIA 2003 diameter.ppt / John A. Loghney
Wireless PDA
PC
Laptop withWLAN
Mobile
(SIP) phone
SIP enables service convergence
MobileTelephone
SIP conversational connectivityplus more:
Presence, instant messaging, file sharing,
video …
Telephony conversationalconnectivity
Separate,telecom-driven
standards
Common,IP-driven
call/session set-up
13 © NOKIA 2003 diameter.ppt / John A. Loghney
Multi-Access to IP Multimedia CoreCPSsession control
Operator WLANpublic access zones DSL Broadband
offices, homes
IP MultimediaCore & Services
local servicessupplemented by operator services
Cellularwide-area network
voice
Device mobility (Mobile IP)Service mobility (SIP + presence)
Internet
messaging,video
allmultimedia
services
presence, messaging, group services
end-usercontrol
rich callstreamingetc.
browsing,downloading,
VPN remote access
14 © NOKIA 2003 diameter.ppt / John A. Loghney
Operator Services
• Provide Authorization Services.
• Provide Authentication Services.
• Sell branded content networks.
• Provide roaming brokers.
• PKI services.
15 © NOKIA 2003 diameter.ppt / John A. Loghney
Summary
• Integrating different access technologies (3G, WLAN, DSL, Dial-up):
• increases the potential for increasing subscribers.
• increases accesses to services.
• Integrating/harmonizing signaling:• harmonizes network infrastructure.
• simplifies network management.
• simplifies charging/billing.
• simplifies the user experience.
Top Related