Presentation is loading. Please wait.

Presentation is loading. Please wait.

MUSE Policy Control Framework in FMC Govinda Rajan

Similar presentations


Presentation on theme: "MUSE Policy Control Framework in FMC Govinda Rajan"— Presentation transcript:

1 MUSE Policy Control Framework in FMC Govinda Rajan rajan@alcatel-lucent.com

2 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 2 What is Policy Control? The term Policy Control refers to definition & provisioning of policies to the appropriate network elements and the execution or enforcement of policies at network elements. As such, policy control provides the means for handling a more predictable service delivery, a better utilization of the network resources, and a more defined control of QoS and Charging.

3 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 3 QoS Based on Resource Admission Control Connectivity Provider RNP Subscriber NSP ASP1 ASP2 NAP RAC AF PDF Policy Enforcement Aggregate QoS-pipe AF– Application FunctionASP – Application Service Provider NAP – Network Access ProviderNSP – Network Service Provider PDF – Policy Decision FunctionQoS – Quality of Service RAC – Resource Admission ControlRNP – Regional Network Provider

4 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 4 Definition of Policy Policies enable the service provider to control the behaviour of the network or a service at various granularities such as global (all subscribers), group (a subset of subscribers) and individual. A policy can be defined from two perspectives: A set of rules to administer, manage, and control access to and usage of network resources (IETF RFC 3060 [52]). A definite goal, course or method of action to guide and determine present and future decisions. In this context, policies are implemented or executed within a given environment, e.G. Policies defined within a business unit.

5 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 5 Policy Rule A policy rule is a basic building block of a policy- based system. It constitutes the binding of a set of actions to a set of conditions (the conditions are evaluated to determine whether the actions are performed). A Policy Rule consists of one or more Policy Conditions and Policy Actions. A Policy Action defines the behaviour of a Policy Rule when the Policy Condition(s) of that Rule are met. A Policy Condition describes the conditions under which a particular Policy Action should be applied.

6 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 6 Policy repository The policy repository contains the Policy Rules that are centrally defined in each of the domains. In order to define them, the operator must take into account the SLAs in force with the neighbouring networks, so that the end-to-end behaviour provided to end users are coherent. In FMC, multiple network domains are involved and in order to be able to provide a good user experience, it is important that in each domain the appropriate service & network resources are allocated. Since the different domains are usually operated and/or owned by different business players, SLA's are indispensable. These SLA's define among others, the bandwidth, QoS, user preferences, user subscription details, etc. and are captured in appropriate policy repositories.

7 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 7 Policy Decision Point The Policy Decision Points are situated within a network domain and they are in charge of deciding which Policy Action has to be applied upon the evaluation of Policy Conditions. An example of a Policy Decision Point is the checking if a subscriber is entitled to watch a certain TV channel based on a local access list at the Access Node for an IPTV service.

8 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 8 Policy Enforcement Point The Policy Enforcement Point is the place in the network where Policy Actions are enforced (e.g. access control and traffic policing) and should be located, at least, at the border between different domains or networking technology (e.g. border of Ethernet based network and IP based network), although they are currently located in the BRAS.

9 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 9 Charging Charging refers to the policies used in the identification and calculation of the cost of using a service such as time (total time of usage) based charging, volume (total quantity of data transferred) based charging, etc. Its association with Policy Control derives from the fact that the policy control operation in NGN networks deeply influence the charging calculated and subsequently collected from the subscriber.

10 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 10 Classification of Policies for FMC To define a PCF for FMC, it is quite useful to classify the different policies that can be defined as a relation of their target domain. Policy contents, policy derivation and policy execution/enforcement are often dependent on the service requirements and characteristics, which determine the user requirements for that particular service, as well as network requirements or capabilities that must be available in order to fulfil the service operation. Hence it is appropriate to classify policies into User Policies, Network Policies and Service Policies within a single Access Network domain and External Policies for the policies between different network domains.

11 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 11 Service Policies Service policies describe how the different services that are provided over the network must behave. Some of the service related aspects are: Different ways for using the service, e.g. - a TVoIP service could be supported with different codecs. What are the conditions to use the service, e.g. - a given service is available only for users subscribed to this specific service, and hence they must be previously authenticated and authorised at network level. What are the network resources needed by the service to be provided with a satisfactory QoE, e.g. - what QoS guarantees must be provided by the network. What are the terminal resources needed for the service e.g. - whether the terminal is required to have a HDTV resolution.

12 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 12 IPTV Service Policies In IPTV services, service policies would be mostly defined per channel or per bundle of channels: What are the available formats, resolutions and preconditions that must be fulfilled for accessing any of them? For example: Potential resolutions: SDTV, HDTV, mobile formats, etc. Bitrates Class of Traffic (precedence). Note that several classes could be used by one channel, so that the basic layer information has more precedence than other additional layers. Trans-rate capable channel. Potential preconditions, which correspond to marketing offers in any inter-set combination, For example: Set1: generally available, available under subscription, currently issued program available under payment (PPV) (additionally with maximum time limit with free availability). Set2: promoted channel (in case of not being generally available). Set3: Network access technology (xDSL, FTTx, WiMAX, UMTS, etc).

13 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 13 User Policies User policies are used for particularising the service policies to individual users so that they can have a choice in subscribing to particular services and the subscribed services can be further personalised. Some of the user related aspects are: The list of subscribed services that are available once that network level AAA has been performed and the list of services that can be available on demand upon payment. Particularised (application, network and or terminal) operational parameters of each service. Priorities among subscribed services.

14 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 14 IPTV User Policies List of channels that the user is subscribed to and their format – SDTV, HDTV, etc. List of channels that can be potentially acquired by the user (Pay Per View) and their format. Note that time limits (per program/channel and per user) can be defined so that programs issued on these channels can be watched for a period of time not exceeding these limits. Parental conditions could also be used. List of channels under promotion and their format, not subscribed by the user, but can be temporarily accessed by the user. Note that time limits can be defined so that these channels can be watched before the time limit expires. List of channels (and their format) that the user can access from sites other than the home-site (nomadic service).

15 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 15 Network Policies Network policies are used to describe how the network capabilities are used. Some of the network related aspects are: What are the available network resources and how they are managed, e.g., which are the available traffic classes, which are the available resources per traffic class, whether multicast service is offered. What are the specific procedures that should be followed in case of network failure. What are the mechanisms that are adopted in order to discover different network entities.

16 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 16 IPTV Network Policies A definition of a set of Classes of Traffic in the network, with a class for streaming (inelastic and non-interactive) traffic. Support for multicast based flows in the network. Support for local admission control at Access Nodes, for quick channel zapping.

17 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 17 External Policies External policies are used for describing how the network and services within a network domain should behave with regards to other network domains. Some of the external policy related aspects are: What roaming agreements, including SLAs, have been reached with external network domains. How roaming agreements, including SLAs, with external network domains can be reached automatically. Which policies can be exchanged (imported/exported) with agreed networks, and how should that transfer be performed, i.e., what type of approach should be adopted (static, dynamic, semi-dynamic), or at what level should it be carried, i.e. application level, or transport level.

18 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 18 IPTV External policies Multicast capabilities usage conditions for neighbour networks where an agreement exists (e.g. for instance, number of simultaneous channels than can be viewed, maximum number of replicas of a given channel, etc). List of channels that could be provided to any home user that is connected to a visited network where an agreement exists. List of channels that could be provided to any visited user from a foreign network where an agreement exists. DRM negotiation capabilities for importing/exporting channels automatically on demand of users.

19 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 19 Inter-domain Transfer of Policies Inter-domain transfer of policies may be accomplished by the use of SLA for Static and / or for Dynamic Policy Handling. These terms correspond to two different ways of performing policy control in roaming/nomadic situations and are associated with how policies from the home network are transferred to the visited network.

20 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 20 Inter-domain Static Transfer of Policies Static transfer means that the required policies to support services for nomadic / roaming users are provisioned and distributed during SLA process or default policies are used as per SLA. This implies that a nomadic / roaming user may experience a completely different service offering in a visited network, than at the home network. Additionally, it is possible that there are restricted per user service differentiation possibilities in the visited network, since it would be gargantuan to have all nomadic / roaming user details provisioned in all possible visited networks.

21 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 21 Inter-domain Dynamic Transfer of Policies By dynamic transfer it is meant that the policies have not been transferred before a visiting user associates to the visiting network, i.e. the policies have not been trasferred during the SLA process. There are 2 ways of dynamically transferring policies: Local Control: The checking of policies or policy execution is performed in the visited network, which means that once the subscriber is detected, relevant policies are transferred over the management plane. Remote Control: The check of policies or policy execution is performed in the home network, which means that there is no initial or pre-transfer of policies. This could lead to undesirable delays that may affect service delivery.

22 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 22 Policy Management AN Agr. N EN SP2 SP1 Central Policy Repository Access Policy Manager Local Policy Repository SP3 FMC Provider Nomadism Provider Local Policy Repository RN Policy CPs Policy Repository Packager Policy Repository User, service, network & business rules

23 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 23 Policy Execution AN Agr. N EN SP2 SP1 Central Policy Server User, service, network & business rules Local Policy Server User, service, network & business rules SP3 FMC Provider Nomadism Provider RN PDF CPs PDF Packager Local Policy Server User, service, network & business rules

24 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 24 Access Policy Manager The Access Policy Manager is a functional entity which is used to provision policies in the Access Network at the appropriate nodes & can be divided into the following additional (sub) functional entities: the External Policy Management (EPM), the Service Policy Management (SPM), the Network Policy Management (NPM), and the User Policy Management (UPM). The individual functional entities – EPM, SPM, NPM & UPM maybe implemented as separate independent modules or they can be sub-modules of a combined Access Policy Manager.

25 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 25 External Policy Manager (EPM) The External Policy Manager (EPM) is responsible for generating business related policies, (such as roaming agreements and SLAs) and pushing them down to the correct policy decision points. The EPM plays a key role when it comes to nomadism support. In nomadic cases where policies need to be transferred or re-generated based on location, the EPM is always the starting point. The EPM stores information about the roaming agreements that have been reached with other providers / operators / packagers. This information will generally be retrieved for the first time, when a user moves to a new visited network.

26 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 26 Service Policy Manager (SPM) The Service Policy Manager creates and pushes service related policies to proper policy enforcement points. Service policies describe the overall business logic that is applied to requests from application servers and from peer SPMs. The interface between peering SPMs is also an important step towards nomadism support. In 3GPP, a similar interface, s9 between PCRFs, is being standardized. SPMs are hosted by individual application service providers. The most significant service policies include service resource requirement policies, QoS policies, nomadic policies, etc. To support nomadism, it is recommended to have at least two sets of policies for the same service, one set used in home network case and the other used in visited network case. Service policies generated by SPMs are based on the SLA policies held by the EPM, and depending on how the roaming policies are defined in the EPM, the SPM could decide whether multiple policy sets are needed for the same service.

27 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 27 Network Policy Manager (NPM) The Network Policy Manager (NPM) receives service policies from service policy managers and maps them to network dependent policies if defined business policies allow it. Additionally it can create network related policies based on the existing network status, in an active manner. Some of the functions of the NPM are: Definition and maintenance of a default set of static policies for the stability of the access network. A conflict solving mechanism to detect and remove potential policy conflicts from different SPMs. A priority setting mechanism to prioritize policies, e.g. home policies to have higher priority than external ones. A rollback mechanism. When the access network enters into an unstable status due to undetected policy conflicts, the NPM should provide a policy set which helps the network to roll back to the latest previous stable status. A conflict reporting mechanism. When there are unsolvable policy conflicts, the NPM should be able to report the situation to all related SPMs and to the overall management systems.

28 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 28 User Policy Manager (UPM) The User Policy Manager (UPM) controls all end-user related policies, such as user identification, AAA, billing records, etc. It corresponds to functionalities in NASS in the TISPAN specification. User Policy Manager should also hold information about service subscriptions of a specific user. When a user is in a nomadic status, AAA will be performed against this information before services can be used.

29 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 29 Service Controller (SC) The Service Controller handles service requests by performing a check of its contents against service policies, and sends requests for resources to the Resource Controller. The functionalities associated with the Service Controller are similar to those of the SPDF FE as defined by ETSI TISPAN.

30 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 30 Resource Controller (RC) The Resource Controller handles resource requests from the Service Controller by performing a check of its contents against the subscriber profile based on network policies and user policies, as well as by performing a check on the availability of resources necessary to deliver the requested service with the requested network parameters such as QoS. If resources are available, the Resource Controller (RC) may derive traffic policies to be enforced in the underlying transport network elements. The functionalities associated with the Resource Controller are similar to those of the A-RACF FE as defined by ETSI TISPAN.

31 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 31 Policy Control: Nomadic User Moving Between Roaming Networks Users home Packager Connectivity provider RNP NAP Access EN NSP Service EN ASP (single ASP in overlay to NSP) Peering points between NSP Service EN Packager Service EN Visited domain Home domain GGSN SGSN 3GPP RAN 3GPP CN PDF RAC PCRF (Policy and Charging Rules Function) Offline Charging System Subscription Policy Rules Fixed Access Network Mobile network EPM SPMUPM SPM NPMUPM EPM SPM = Policy Repository Online Charging System

32 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 32 Left Intentionally Blank. A Policy Interaction Exercise Follows.

33 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 33 Exercise: Policy Interactions in FMC Nomadic Use Case Action: Jose brings his own laptop to his parents and attaches it to a dedicated nomadism port on the RGW. The terminal authenticates to the network and gets an IP address.

34 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 34 Policy Interactions in FMC: Step 1a Quiz example SLA Policy Management (Static) Visited NetworkHome Network SPM: Has received service policies for internet access, just after authentication. NPM: Already has network policies for internet access as per SLA with vISP. UPM: Recieves user polcies from home network just after authentication. SPM: Has already transfered policies for internet access to visited network, just after authentication. UPM: User policies are available for remote access service (initiated at time of subscription). Use Case Action: He uses the Internet to access his media centre (can be in his CPN or at another location), where he has stored all the pictures from his daughters last birthday, and shows it on the TV screen at his parents home.

35 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 35 Policy Interactions in FMC: Step 1b Quiz Visited NetworkHome Network Policy Management (Dynamic) Policy Control Use Case Action: He uses the Internet to access his media centre (can be in his CPN or at another location), where he has stored all the pictures from his daughters last birthday, and shows it on the TV screen at his parents home.

36 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 36 Policy Interactions in FMC: Step 2a Quiz SLA Policy Management (Static) Visited NetworkHome Network Use Case Action: Due to the nomadic feature, he has access to the list of available services in visited network according to his service profile. Assumptions: A video call SP exists in visited network, so that video call can use high priority traffic (i.e. not internet based) in the visited network

37 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 37 Policy Interactions in FMC: Step 2b Quiz Visited NetworkHome Network Policy Management (Dynamic) Policy Control Use Case Action: Due to the nomadic feature, he has access to the list of available services in visited network according to his service profile. Assumptions: A video call SP exists in visited network, so that video call can use high priority traffic (i.e. not internet based) in the visited network

38 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 38 Left Intentionally Blank. Solution to Exercise Follows.

39 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 39 Policy Interactions in FMC: Step 1b Solution Visited NetworkHome Network Policy Control vNAP enforces network policies for internet access. User policies are checked either by vNAP or vISP as per implementation hSP controls user policies (application level authentication). Optionally, hNAP enforces network policies as per SLA with hSP. Note: NAT transversal mechanisms to be enforced where needed, e.g. at Residential Gateway. Use Case Action: He uses the Internet to access his media centre (can be in his CPN or at another location), where he has stored all the pictures from his daughters last birthday, and shows it on the TV screen at his parents home.

40 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 40 Policy Interactions in FMC: Step 2a Solution SLA Policy Management (Static) Visited NetworkHome Network vSP/Packager: Transferred service policies & general network policies related to services offered to nomadic users of home SP, as per SLA. hSPM: Already has service policies as per SLA from visited SP/Packager. Services displayed as a list of services available in the visited network. Use Case Action: Due to the nomadic feature, he has access to the list of available services in visited network according to his service profile. Assumptions: A video call SP exists in visited network, so that video call can use high priority traffic (i.e. not internet based) in the visited network

41 Govinda Rajan, rajan@alcatel-lucent.com All Rights Reserved © Alcatel-Lucent 2007 41 Policy Interactions in FMC: Step 2b Solution Visited NetworkHome Network Policy Management (Dynamic) vUPM may receive specific user policies. (vNAP vCP vSP hSP). vNAP may receive specific network policies, incl. QoS. (vNAP vCP vSP hSP). hUPM optionally transfers specific user policies to visited network based on user- subscribed nomadic services. hSP optionally transfers specific network policies to visited network based on user- subscribed nomadic services. Policy Control hSP controls user policies, related to available & subscribed services at visited network. Use Case Action: Due to the nomadic feature, he has access to the list of available services in visited network according to his service profile. Assumptions: A video call SP exists in visited network, so that video call can use high priority traffic (i.e. not internet based) in the visited network


Download ppt "MUSE Policy Control Framework in FMC Govinda Rajan"

Similar presentations


Ads by Google