Folie 1 Analysis of SM-Exchange Protocol using SM&C MAL DLR/GSOC Author: S.Gully

Folie 2 Idea Use the SM&C MAL as underlying communication service in the SM Document Exchange protocol Document Exchange Protocol SM&C MAL ?

Folie 3 Req.Nr.RequirementMAL compliance UCS The underlying communication service shall be reliable – that is, the underlying communication service must ensure that every document sent from a communication entity is actually delivered to the destination communication entity. compliant UCS The underlying communication service shall authenticate the Network Source of each document carried by the service and validate that the Network Source is permitted to send documents to the Network Destination. NOTES 1.As used in this Recommended Standard, Network Source and Network Destination refer to the SM entities as they are known to the underlying communication service. 2.The format of the identification of the Network Source and Network Destination within the underlying communication technology is dependent upon that technology. 3.References [18], [19], and [20] specify the security mechanisms for authentication, data privacy, and data integrity that are recommended for use when the SCCS-SM documents are encoded as XML documents References [18], [19], and [20] specify the security mechanisms for authentication, data privacy, and data integrity that are recommended for use when the SCCS-SM documents are encoded as XML documents compliant (Directory + Login services) UCS Documents for which the Network Source cannot be authenticated and recognized shall be discarded by the communication service. NOTE -There is no requirement on the underlying communication service to notify the Network Source when a document is dropped because of failure to authenticate the Network Source or recognize it on behalf of the intended Network Destination. Only when the underlying communication service authenticates the Network Source and recognizes it as a legitimate Network Source for the intended Network Destination does it deliver the document to the Network Destination compliant Requirements (1/2)

Folie 4 Requirements (2/2) Req.Nr.RequirementMAL compliance UPS The underlying communication service shall supply the authenticated identity of the Network Source of the document to the SM document exchange protocol. NOTE -As specified in 3.3 the SM document exchange protocol uses that authenticated identity for the purposes of (a) verifying the authority of the SM entity located at the Network Source to issue documents in the context of the Service Agreement that is identified in the message, and (b) allowing the document exchange protocol and the SCCS-SM applications that use it to know where to send responses, if necessary. compliant MPS The underlying communication service shall provide the ability for an SM entity to send documents to two logically separate ports on a peer SM entity. These logically separate ports, the SM message set port and the SM exception response port, are used by the document exchange protocol to separate SM operation message traffic from protocol exception reporting traffic. not compliant (MAL has only 1 address / end point) Solution: SM Service must implements virtual ports A (send/receive request/response) and port B (send / receive Error) as a layer over the MAL

Folie 5 Document Exchange Protocol Sequence Diagram SM Service must implement check and send exception response SM Service must implement check and send exception response SM Service must implement check and send exception response

Folie 6 Message structure The MessageSet / Message structure should map the following class structures. SmMessageSet Class Diagram SM Service must define the SmMessageSet as „data“ part of the MAL messages

Folie 7 Document Exchange - Two phase Operation Procedure Pattern The two-phase operation procedure pattern begin with the Invoker sending an operation invocation message. The performer starts a timer and return a successfulReturn if he can perform the invocation under time or a FailedReturn / FailedReturnWithDenial if not. SM Service must manage the timer SM Service should use a MAL REQUEST IP: -REQUEST contains the invocation -RESPONSE contains the Sucess- fullReturn, FailedReturn or Failed- ReturnWithDenial -RESPONSE ERROR could be send in case of an exception error

Folie 8 MAL – REQUEST Interaction Pattern ? What is about a Return message that generates an exception ???

Folie 9 Document Exchange - Three phase Operation Procedure Pattern The three-phase operation procedure pattern begin with the Invoker sending an operation invocation message. The performer estimate how long it will take to process the operation, starts a timer and return an acknowledgeReturn containing the time estimation information “expectedDispositionTime”. The Invoker starts a timer upon receiving the acknowledge and wait for a return. The Performer performs the invocated operation it possible and return a sucessfullReturn, or returns a failedReturn/failedReturnWithDenial if the operation could not be preformed or the timer ran out before. SM Service must manage the performer and invoker timers SM Service should use a MAL INVOKE IP to map this operation: -INVOKE contains the invocation -ACK contains the acknowledgement -ACK ERROR could be sent in case of an exception error -RESPONSE contains the Sucess- fullReturn, FailedReturn or Failed- ReturnWithDenial -RESPONSE ERROR could be send in case of an exception error

Folie 10 MAL – INVOKE Interaction Pattern ? What is about an Acknowledge or Return message that generate an exception ???

Folie 11 Document Exchange - Notify Operation Procedure Pattern The notify operation procedure begin with the Notifier sending a notification message. The Recipent should then confirm to the Notifier that the notification has been received by sending a confirmation message. SM Service must manage the notifier and recipient timers SM Service should use a MAL REQUEST IP to map this operation: -REQUEST contains the notification -RESPONSE contains the confir- mation -RESPONSE ERROR could be sent in case of an exception error

Folie 12 MAL – REQUEST Interaction Pattern ? What is about a Confirmation message that generatess an exception ???

Folie 13 Other Solution – use MAL SUBMIT IP for each send message Each send message operation should use the MAL SUBMIT IP: -SUBMIT contains the sended message -ACK is not used -ERROR could be send in case of an exception error SM Service have to define the two-phase, three-phase and notifica- tion operations as multiple MAL SUBMIT IPs and implement the operation flow control !!!

Folie 14 Conclusion Using the SM&C MAL as underlying communication service in the SM Document Exchange protocol is possible. A “Document Exchange Service Layer” should be developed, that implement the following features, common to all SM service operations: 1) Use a MAL SUBMIT IP for sending each message / messageSet: The SUBMIT message will contain the message/messageSet -> this will arrive to a virtual “message port” The ACK message will not be used The ACK ERROR message will contain the exception responses -> this will arrive to a virtual “exception port” 2) Take the SmMessageSet for the “data part” of the MAL message 3) Implement the syntax validation + increment number check + notification check on each message 4) Generate and take care of the timer(s) 5) Build and control the 2-phase, 3-phase and notification operation procedure patterns Based on that “Document Exchange Service Layer”, SM services can be defined that correspond to the Service Package, Configuration Profile, Trajectory Prediction and Service Agreement operations.