Moby Dick Consolidated System Integration Plan
Share Embed Flag
Download ePaper

Moby Dick Consolidated System Integration Plan

Moby Dick Consolidated System Integration Plan Moby Dick Consolidated System Integration Plan

kt.agh.edu.pl
from kt.agh.edu.pl More from this publisher
27.03.2014 Views

D0103v1.doc Version 1 6.7.2003 4.5.6.2 Requirements 4.5.6.2.1 Auditing Requirements There are three tasks to be accomplished to detect SLG violation: ? Determine the downtime of MobyDick entities ? Determine whether all consecutive registration attempts of a user currently in the home domain, fail within the pre-defined time interval . Failures due to invalid NAI and credentials do not violate SLG. To perform this task it is necessary to query the customer database to check, whether the NAI is valid (is a home user). The validity check of the credentials supplied by the user will rely on the response coming from the AAAC server. This response is reflected in the AAAC client’s response to the mobile terminal. This means correct implementation and behaviour of the AAAC server and client is assumed and expected. ? Determine whether all consecutive service requests of an authenticated user are rejected or ignored within the pre-defined time interval . 4.5.6.2.2 Logging Requirements Downtime determination requires Moby Dick entities to periodically send a sign of life. The sign of life contains the identity of the entity (EntityID) and a Timestamp. The time interval must be configurable. To determine whether registration attempts are successful following events need to be logged: ? Each valid registration request must be logged by the AAAC Client, ? Each registration response must be logged by the AAAC Client. The receipt of a valid registration request must be logged and the log must contain the following information: EventID, Timestamp, CoA, and NAI. EventID identifies uniquely the event that occurs; in this case the arrival of a valid registration request. The arrival of a valid registration request will trigger a sequence of message exchange in the provider’s network to carry out the registration process. In the end the AAAC Client will receive a response from the AAAC Server or a request timeout will occur. This will lead to AAAC Client sends a registration response containing the result of the request to the MN. Note here that communication errors can lead to missing response. MN should perform registration retries, if no positive answer is received after a certain timeout. The following information needs to be logged after sending a response to the MN: EventID, Timestamp, CoA, NAI, and ResultCode. The ResultCode should tell whether the registration is successful or not, and if not due to what reason. To determine whether service requests are accepted following events need to be logged: • Each service request sent to QoS broker must be logged by the QoS Manager, • Each corresponding response coming from QoS broker must be logged by the QoS Manager. After detecting that a new service is requested by a MN (MN sends a packet marked with a DSCP not being used), the QoS Manager in the access router needs to log the following information regarding this event: EventID, Timestamp, DSCP, DestAddr, CoA, and NAI. EventID identifies the arrival of a service request. The arrival of a service request will trigger a sequence of message exchange between QoS Manager and QoS Broker. In the end the QoS Manager will receive a response from the QoS Broker or a request timeout will occur. This will lead to QoS Manager configures the Access Router to forward or drop the packets of this requested service. The following information needs to be logged: EventID, Timestamp, DSCP, DestAddr, CoA, NAI, and ResultCode. The ResultCode states whether the requested service is accepted or not, and if not due to what reason. 4.5.6.3 Architecture The following figure depicts the logging and auditing architecture. As described in the section on Logging Requirements, in addition to availability events, AAAC Clients have to log user registration events, while QoS Managers have to log service authorization events. Both entities, the AAAC Client and the QoS Manager, reside in each Access Router. Events to be logged will first be stored in the Local Log via an Integrated Logger. This Local Log will be managed by Local Log Management module, which has the responsibility to transfer the logs to the Central Log Management module. The Central Log Management module will store the logs in the Audit Trail before being fetched by the Auditing module to be examined with respect to the given commitments. D0103v1.doc 136 / 168

D0103v1.doc Version 1 6.7.2003 Access Router AAAC Client Integrated Logger QoS Manager Integrated Logger Local Log Audit Trail Auditing Local Log Mgmt Central Log Mgmt Figure 92: Auditing and Logging Architecture The task carried out by the Integrated Logger should not significantly affect the tasks of the hosting entity, i.e., the AAAC Client and the QoS Manager. This is the reason why the event logs are not s ent directly to a central Audit Trail, which may last longer due to the network communication overhead. Since QoS Manager does not aware of NAI, a way to map a CoA to NAI needs to be found to allow for logging of NAI in the service authorization event logs. This mapping can be done with the help of the AAAC Client, who knows exactly which NAI a certain CoA belongs to, as long as the MN having this CoA is currently registered by this AAAC Client. Because this is a logging issue, the required communication will be carried out between the AAAC Client’s Integrated Logger and the QoS Manager’s Integrated Logger. The information on CoA-NAI mapping will be provided to the Integrated Logger by the AAAC Client. The Local Log is not implemented as a flat file, but as a MySQL database. This requires a running MySQL server in each Access Router. Logs that have been successfully sent to the Central Log Management will be deleted from the Local Log. In this regard MySQL provides for a reliable and easy manipulation of event logs. Since each Local Log Management in each Access Router is connected to the Central Log Management, the data transfer need to be controlled, so that no packet loss occurs due to buffer overflow. The Audit Trail is a MySQL database, which has the same structure as the Local Log. It stores the event logs collected from every Local Log before being processed by the Auditing module. Logs in the Audit Trail that have been completely processed will be deleted or moved into data archives by the Auditing module. The result of the auditing process is a report telling whether or not violation to each commitment has occurred. This report is written into different flat files for each customer in case of user registration and service authorization, and for each entity in case of entity availability. 4.5.6.4 Data Structures Based on the logging requirements, five types of events have been identified, which can be separated into three groups. The five types of events are Entity Availability Event, User Registration Request Event, User Registration Response Event, Service Authorization Request Event, and Service Authorization Response Event. The three groups are obviously Entity Availability Event Group, User Registration Event Group, and Service Authorization Event Group. All event logs in a group will be stored in the same MySQL table in the Local Log, and after being collected in the same MySQL table in the Audit Trail. The three tables corresponding to the three groups are named SoL (Sign of Life), UsrReg (User Registration), and SvcAuth (Service Authorization). The following subsections describe the data structure of each table. 4.5.6.4.1 Sign of Life MySQL Table: SoL D0103v1.doc 137 / 168

D0103v1.doc Version 1 6.7.2003<br />

4.5.6.2 Requirements<br />

4.5.6.2.1 Auditing Requirements<br />

There are three tasks to be accomplished to detect SLG violation:<br />

? Determine the downtime of <strong>Moby</strong><strong>Dick</strong> entities<br />

? Determine whether all consecutive registration attempts of a user currently in the home<br />

domain, fail within the pre-defined time interval . Failures due to invalid NAI and credentials<br />

do not violate SLG. To perform this task it is necessary to query the customer database to check,<br />

whether the NAI is valid (is a home user). The validity check of the credentials supplied by the<br />

user will rely on the response coming from the AAAC server. This response is reflected in the<br />

AAAC client’s response to the mobile terminal. This means correct implementation and<br />

behaviour of the AAAC server and client is assumed and expected.<br />

? Determine whether all consecutive service requests of an authenticated user are rejected or<br />

ignored within the pre-defined time interval .<br />

4.5.6.2.2 Logging Requirements<br />

Downtime determination requires <strong>Moby</strong> <strong>Dick</strong> entities to periodically send a sign of life. The sign of life<br />

contains the identity of the entity (EntityID) and a Timestamp. The time interval must be configurable.<br />

To determine whether registration attempts are successful following events need to be logged:<br />

? Each valid registration request must be logged by the AAAC Client,<br />

? Each registration response must be logged by the AAAC Client.<br />

The receipt of a valid registration request must be logged and the log must contain the following<br />

information: EventID, Timestamp, CoA, and NAI. EventID identifies uniquely the event that occurs; in<br />

this case the arrival of a valid registration request.<br />

The arrival of a valid registration request will trigger a sequence of message exchange in the provider’s<br />

network to carry out the registration process. In the end the AAAC Client will receive a response from the<br />

AAAC Server or a request timeout will occur. This will lead to AAAC Client sends a registration<br />

response containing the result of the request to the MN. Note here that communication errors can lead to<br />

missing response. MN should perform registration retries, if no positive answer is received after a certain<br />

timeout. The following information needs to be logged after sending a response to the MN: EventID,<br />

Timestamp, CoA, NAI, and ResultCode. The ResultCode should tell whether the registration is successful<br />

or not, and if not due to what reason.<br />

To determine whether service requests are accepted following events need to be logged:<br />

• Each service request sent to QoS broker must be logged by the QoS Manager,<br />

• Each corresponding response coming from QoS broker must be logged by the QoS Manager.<br />

After detecting that a new service is requested by a MN (MN sends a packet marked with a DSCP not<br />

being used), the QoS Manager in the access router needs to log the following information regarding this<br />

event: EventID, Timestamp, DSCP, DestAddr, CoA, and NAI. EventID identifies the arrival of a service<br />

request.<br />

The arrival of a service request will trigger a sequence of message exchange between QoS Manager and<br />

QoS Broker. In the end the QoS Manager will receive a response from the QoS Broker or a request<br />

timeout will occur. This will lead to QoS Manager configures the Access Router to forward or drop the<br />

packets of this requested service. The following information needs to be logged: EventID, Timestamp,<br />

DSCP, DestAddr, CoA, NAI, and ResultCode. The ResultCode states whether the requested service is<br />

accepted or not, and if not due to what reason.<br />

4.5.6.3 Architecture<br />

The following figure depicts the logging and auditing architecture. As described in the section on<br />

Logging Requirements, in addition to availability events, AAAC Clients have to log user registration<br />

events, while QoS Managers have to log service authorization events. Both entities, the AAAC Client and<br />

the QoS Manager, reside in each Access Router. Events to be logged will first be stored in the Local Log<br />

via an Integrated Logger. This Local Log will be managed by Local Log Management module, which has<br />

the responsibility to transfer the logs to the Central Log Management module. The Central Log<br />

Management module will store the logs in the Audit Trail before being fetched by the Auditing module to<br />

be examined with respect to the given commitments.<br />

D0103v1.doc 136 / 168

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!