1 Network Composition between Ambient Networks Cornelia Kappler, Siemens AG ITG Fachgruppentreffen in Aachen, 4./5. Mai 2006

2 Outline Motivation for Composition Composition Examples Composition Process GANS Protocol Identifiers in Composition Detailed Use Case Standardization Summary

3 Motivation: Why Composition? Number and heterogeneity of networks increases Common interface for data communication (IP) exists But what about control signalling? Networks have different capabilities/resources How to extend the capabilities/resources of networks? Networks are moving How to attach/detach moving networks? Radio resources are not the bottleneck But how to exploit them?

4 Motivation: What is Composition A central concept of Ambient Networks is Composition Composition is… a uniform, dynamic procedure for network interworking on the control plane Control Plane Interworking regarding routing, addressing, mobility, QoS, security, charging,.. Uniform procedure independent of network type and technology Dynamic procedure minimize human intervention

5 Composition Examples Creation of PAN 1 BlueTooth WLAN WLAN Access Network in a Café Cellular Operator Network A Cellular Operator Network B Automatic establishment or dynamic update of Roaming Agreements Attaching the Access Network to the Cellular Network PAN 2 WLAN UMTS

6 Composition Examples Types of Composition Network Integration Involved networks merge into one common network E.g. creation of a PAN Control Delegation One AN delegates certain control functions to the other AN 3GPP-WLAN interworking: WLAN delegates authentication, authorization and charging to 3GPP network Mobility delegation a la nemo Network Interworking Cooperation but no control delegation E.g. dynamic roaming agreements Increasing control plane interworking

7 Network A+B Composition Procedure Ambient Connectivity FE 4 FE 3 Composition FE FE1 FE4 Ambient Network Interface Ambient Service Interface Ambient Resource Interface Ambient Control Space Mobility FE QoS-FE FE: Functional Entity Ambient Connectivity FE 4 FE 3 FE5 Composition FE FE1 FE6 FE2 Ambient Control Space Ambient Connectivity FE 4 FE 3 FE5 Composition FE FE1 FE6 FE2 Ambient Control Space

8 Security and Internetworking Establishment Composition Procedure Communication of Functional Entities (FEs) across ANI ANI FE A1 AN 2AN 1 GANS Mediasense Discovery / Composition Media Sense Discovery / Advertisement Composition Agreement Negotiation Composition Agreement Realization FE B1 FE C1 FE A2 AN 2 FE B2 FE C2

9 GANS Signaling Protocol for communication of FEs across ANI (and intra-AN) To facilitate composition E.g. QoS FEs negotiate SLA Is backwards compatible with NSIS protocols standardized by NSIS (Next Steps In Signaling) WG of IETF NSIS is a general protocol suite control signaling Modular and extensible Signaling flow-related Signaling to entities on the flow path GANS generalization Signaling composition related rather than flow-related control signaling between FEs rather than along data path Symbolic addressing of FEs ANI FE y FE x AN 2AN 1 GANS

10 GANSNSIS GANS Signaling Two layer approach: Lower layer for transporting signaling messages and common functions Upper layer for signaling applications Upper layer GSLPs (Application Layer) Actual signaling application, e.g. SLA negotiation Lower layer GTLP (Transport Layer) provides common message transport services –Resolves abstract name (FEy.AN1) into host ID/locator (e.g. IP address) –Locates signaling peer, i.e. FE in other AN Establishes security association between pairs of signaling FEs Establishes signaling relation between pairs of signaling FEs maintained if a peer FE is relocated/reconfigured Lower NSIS / GANS Layer QoS NSIS Application SLS Negotiation GANS Application NAT/FW NSIS Application Other GANS Applications Abstract Addressing Resolution

11 Identifiers in Composition Problem How identify entities as belonging to a particular AN E.g. nodes, FEs,… How dynamically change this identification upon composition? Identification includes Authentication Establishing a security association …

12 Solution Each security domain (e.g. ANs α and φ) is identified by a public key E.g. α, φ These identifier / public keys are exchanged in the Discovery/Advertisment phase The associated private key is located with the security manager of the AN E.g. Nodes B, F Each entity owns a self-generated private/public key pair E.g. A, A* Each entity belonging to the same AN owns a certificate by the security manager, signed with the private key This way entities belonging to this AN can authenticate themselves Identifiers in Composition

13 –Rearrangement of identifiers upon composition –Example: network integration, φ absorbs α Security manager of AN α sends list of all entities belonging to α to security manager φ E.g. entities A, B, C Security manager of AN φ issues membership certificates to A, B, C Security manager of AN φ installs the membership certificates in each A, B, C with an assertion from manager of AN α Security manager of AN α removes its own membership certificates from A, B and C Identifiers in Composition

14 Composition Use Case: Extension of an Access Networks Café sets up WLAN network to offer Internet Access to its customers has corresponding agreement with Operator Network Case 1: Customer is authenticated and charged by Operator Network Case 2: Customer is authenticated and charged by Café Network Café and Operator have SLA guaranteeing access and bandwidth As 3GPP-WLAN interworking in , but plug&play and more flexible

15 Discovery WLAN Access Router has preconfigured access information IP address of Operator gateway ->Ambient Network ID WLAN sends discovery message to Operator gateway Security and Internetworking Establishment Authentication and Authorisation Establishment of IPSec tunnel for control signaling On basis of pre-established shared secret Composition Agreement preconfigured. May detail control delegation: Who is responsible for allocating addresses? Who is responsible for authentication and authorization? Who is responsible for charging? QoS (may still adjust this via SLA negotiation) Composition Realization Composition Use Case: Extension of an Access Networks Mapping onto Composition Process

16 Discovery WLAN-internal logic decides to send discovery messages upon detecting Internet connectivity Protocol for such messages Operator gateway-internal logic allows acting upon reception of discovery messages Dynamic automated agreement establishment between Café Network and Operator Network Preconfigured Agreements Protocol for agreement establishment Dynamic agreement realization WLAN may have to activate DHCP Server, accounting… Composition Use Case: Extension of an Access Networks New Functionality needed

17 Composition - Standardization The Ambient Networks Project established a Study Item Network Composition in 3GPP SA1 TR Network composition feasibility study; (Release 7) Content Purpose and benefits of composition Use cases Requirement Composition Process New functionality in 3GPP networks Relation to other functionality in evolving 3GPP architecture AIPN,…

18 Summary Composition is a uniform, dynamic procedure for network interworking in the control plane Feasibility study in 3GPP Composition process Discovery/ Advertisment Security and Internetworking establishment Composition Agreement negotiation Composition Agreement realization GANS is the protocol for negotiating and realizing Composition Agreements Based on NSIS work ANs and their members are identified by a cryptographic key Certificates based on this key identify members Certificates are updated upon composition Composition is a Study Item in 3GPP SA1

19 Any Questions? FE5 FE4 QoS-FE Ambient Connectivity FE 4 FE 3 FE5 Composition FE FE1 FE6 FE2 Ambient Control Space FE1 FE2 Mobility FE Ambient Connectivity FE 4 FE 3 FE5 Composition FE FE1 FE6 FE2 Ambient Control Space Decomposing Thank you!

20 Backup

21 GANS Signaling – GTLP and DEEP DEEP (Destination Endpoint Exploring Protocol) Supporting distributed name resolution of abstract name into host ID/locator (e.g. IP address) Flexible regarding name resolution infrastructure (DNS, more dynamic mechanisms,…) Not tied to any particular name resolution mechanism/concept FE x AN 1 DEEP GANS GSLP GTLP name resolution FE y AN 2 GANS GSLP GTLP name resolution GANS

22 Composition Agreement - Overview The agreement made between two ANs during the composition is called the Composition Agreement Can pre-establish and re-use Composition Agreements E.g. for reoccurring compositions A Composition Agreement covers Commercial and Technical issues Details of composing ANs relationship

23 Composition Agreement - Information Model Identification Composition Agreement Legal Issues Service description Service description Financial Issues Monitoring & performance reporting Monitoring & performance reporting QoS related part Other issues Problem reporting & Troubleshooting Problem reporting & Troubleshooting

24 Different Composition Agreements Depending on compensation involved different forms of Composition Agreements may be required medium or large amount of compensation, e.g. 3GPP networks composition preestablished paper Composition Agreements giving legal framework, possible range of cooperation During composition procedure determine specific parameters low or no amount of compensation, e.g. small AN networks, or PANs composing electronic Composition Agreements Electronic Composition Agreements may revolutionize network cooperation, in a way credit cards have revolutionized the way we pay!