Moby Dick Consolidated System Integration Plan
Moby Dick Consolidated System Integration Plan Moby Dick Consolidated System Integration Plan
D0103v1.doc Version 1 6.7.2003 4.5.6.2 Requirements 4.5.6.2.1 Auditing Requirements There are three tasks to be accomplished to detect SLG violation: ? Determine the downtime of MobyDick entities ? Determine whether all consecutive registration attempts of a user currently in the home domain, fail within the pre-defined time interval . Failures due to invalid NAI and credentials do not violate SLG. To perform this task it is necessary to query the customer database to check, whether the NAI is valid (is a home user). The validity check of the credentials supplied by the user will rely on the response coming from the AAAC server. This response is reflected in the AAAC client’s response to the mobile terminal. This means correct implementation and behaviour of the AAAC server and client is assumed and expected. ? Determine whether all consecutive service requests of an authenticated user are rejected or ignored within the pre-defined time interval . 4.5.6.2.2 Logging Requirements Downtime determination requires Moby Dick entities to periodically send a sign of life. The sign of life contains the identity of the entity (EntityID) and a Timestamp. The time interval must be configurable. To determine whether registration attempts are successful following events need to be logged: ? Each valid registration request must be logged by the AAAC Client, ? Each registration response must be logged by the AAAC Client. The receipt of a valid registration request must be logged and the log must contain the following information: EventID, Timestamp, CoA, and NAI. EventID identifies uniquely the event that occurs; in this case the arrival of a valid registration request. The arrival of a valid registration request will trigger a sequence of message exchange in the provider’s network to carry out the registration process. In the end the AAAC Client will receive a response from the AAAC Server or a request timeout will occur. This will lead to AAAC Client sends a registration response containing the result of the request to the MN. Note here that communication errors can lead to missing response. MN should perform registration retries, if no positive answer is received after a certain timeout. The following information needs to be logged after sending a response to the MN: EventID, Timestamp, CoA, NAI, and ResultCode. The ResultCode should tell whether the registration is successful or not, and if not due to what reason. To determine whether service requests are accepted following events need to be logged: • Each service request sent to QoS broker must be logged by the QoS Manager, • Each corresponding response coming from QoS broker must be logged by the QoS Manager. After detecting that a new service is requested by a MN (MN sends a packet marked with a DSCP not being used), the QoS Manager in the access router needs to log the following information regarding this event: EventID, Timestamp, DSCP, DestAddr, CoA, and NAI. EventID identifies the arrival of a service request. The arrival of a service request will trigger a sequence of message exchange between QoS Manager and QoS Broker. In the end the QoS Manager will receive a response from the QoS Broker or a request timeout will occur. This will lead to QoS Manager configures the Access Router to forward or drop the packets of this requested service. The following information needs to be logged: EventID, Timestamp, DSCP, DestAddr, CoA, NAI, and ResultCode. The ResultCode states whether the requested service is accepted or not, and if not due to what reason. 4.5.6.3 Architecture The following figure depicts the logging and auditing architecture. As described in the section on Logging Requirements, in addition to availability events, AAAC Clients have to log user registration events, while QoS Managers have to log service authorization events. Both entities, the AAAC Client and the QoS Manager, reside in each Access Router. Events to be logged will first be stored in the Local Log via an Integrated Logger. This Local Log will be managed by Local Log Management module, which has the responsibility to transfer the logs to the Central Log Management module. The Central Log Management module will store the logs in the Audit Trail before being fetched by the Auditing module to be examined with respect to the given commitments. D0103v1.doc 136 / 168
D0103v1.doc Version 1 6.7.2003 Access Router AAAC Client Integrated Logger QoS Manager Integrated Logger Local Log Audit Trail Auditing Local Log Mgmt Central Log Mgmt Figure 92: Auditing and Logging Architecture The task carried out by the Integrated Logger should not significantly affect the tasks of the hosting entity, i.e., the AAAC Client and the QoS Manager. This is the reason why the event logs are not s ent directly to a central Audit Trail, which may last longer due to the network communication overhead. Since QoS Manager does not aware of NAI, a way to map a CoA to NAI needs to be found to allow for logging of NAI in the service authorization event logs. This mapping can be done with the help of the AAAC Client, who knows exactly which NAI a certain CoA belongs to, as long as the MN having this CoA is currently registered by this AAAC Client. Because this is a logging issue, the required communication will be carried out between the AAAC Client’s Integrated Logger and the QoS Manager’s Integrated Logger. The information on CoA-NAI mapping will be provided to the Integrated Logger by the AAAC Client. The Local Log is not implemented as a flat file, but as a MySQL database. This requires a running MySQL server in each Access Router. Logs that have been successfully sent to the Central Log Management will be deleted from the Local Log. In this regard MySQL provides for a reliable and easy manipulation of event logs. Since each Local Log Management in each Access Router is connected to the Central Log Management, the data transfer need to be controlled, so that no packet loss occurs due to buffer overflow. The Audit Trail is a MySQL database, which has the same structure as the Local Log. It stores the event logs collected from every Local Log before being processed by the Auditing module. Logs in the Audit Trail that have been completely processed will be deleted or moved into data archives by the Auditing module. The result of the auditing process is a report telling whether or not violation to each commitment has occurred. This report is written into different flat files for each customer in case of user registration and service authorization, and for each entity in case of entity availability. 4.5.6.4 Data Structures Based on the logging requirements, five types of events have been identified, which can be separated into three groups. The five types of events are Entity Availability Event, User Registration Request Event, User Registration Response Event, Service Authorization Request Event, and Service Authorization Response Event. The three groups are obviously Entity Availability Event Group, User Registration Event Group, and Service Authorization Event Group. All event logs in a group will be stored in the same MySQL table in the Local Log, and after being collected in the same MySQL table in the Audit Trail. The three tables corresponding to the three groups are named SoL (Sign of Life), UsrReg (User Registration), and SvcAuth (Service Authorization). The following subsections describe the data structure of each table. 4.5.6.4.1 Sign of Life MySQL Table: SoL D0103v1.doc 137 / 168
- Page 85 and 86: D0103v1.doc Version 1 6.7.2003 The
- Page 87 and 88: D0103v1.doc Version 1 6.7.2003 4.3.
- Page 89 and 90: D0103v1.doc Version 1 6.7.2003 be u
- Page 91 and 92: D0103v1.doc Version 1 6.7.2003 o Ma
- Page 93 and 94: D0103v1.doc Version 1 6.7.2003 Gene
- Page 95 and 96: D0103v1.doc Version 1 6.7.2003 Upli
- Page 97 and 98: D0103v1.doc Version 1 6.7.2003 Now
- Page 99 and 100: D0103v1.doc Version 1 6.7.2003 3. D
- Page 101 and 102: D0103v1.doc Version 1 6.7.2003 User
- Page 103 and 104: D0103v1.doc Version 1 6.7.2003 Inte
- Page 105 and 106: D0103v1.doc Version 1 6.7.2003 User
- Page 107 and 108: D0103v1.doc Version 1 6.7.2003 Serv
- Page 109 and 110: D0103v1.doc Version 1 6.7.2003 S1 E
- Page 111 and 112: D0103v1.doc Version 1 6.7.2003 The
- Page 113 and 114: D0103v1.doc Version 1 6.7.2003 Old
- Page 115 and 116: D0103v1.doc Version 1 6.7.2003 This
- Page 117 and 118: D0103v1.doc Version 1 6.7.2003 Leng
- Page 119 and 120: D0103v1.doc Version 1 6.7.2003 4.5.
- Page 121 and 122: D0103v1.doc Version 1 6.7.2003 MN M
- Page 123 and 124: D0103v1.doc Version 1 6.7.2003 4.5.
- Page 125 and 126: D0103v1.doc Version 1 6.7.2003 Afte
- Page 127 and 128: D0103v1.doc Version 1 6.7.2003 Pack
- Page 129 and 130: D0103v1.doc Version 1 6.7.2003 4.5.
- Page 131 and 132: D0103v1.doc Version 1 6.7.2003 miss
- Page 133 and 134: D0103v1.doc Version 1 6.7.2003 Conn
- Page 135: D0103v1.doc Version 1 6.7.2003 4.5.
- Page 139 and 140: D0103v1.doc Version 1 6.7.2003 Logg
- Page 141 and 142: D0103v1.doc Version 1 6.7.2003 repr
- Page 143 and 144: D0103v1.doc Version 1 6.7.2003 Type
- Page 145 and 146: D0103v1.doc Version 1 6.7.2003 o DM
- Page 147 and 148: D0103v1.doc Version 1 6.7.2003 5 Mo
- Page 149 and 150: D0103v1.doc Version 1 6.7.2003 MN A
- Page 151 and 152: D0103v1.doc Version 1 6.7.2003 3 AA
- Page 153 and 154: D0103v1.doc Version 1 6.7.2003 give
- Page 155 and 156: D0103v1.doc Version 1 6.7.2003 9 Ha
- Page 157 and 158: D0103v1.doc Version 1 6.7.2003 MN 1
- Page 159 and 160: D0103v1.doc Version 1 6.7.2003 5.2.
- Page 161 and 162: D0103v1.doc Version 1 6.7.2003 No.
- Page 163 and 164: D0103v1.doc Version 1 6.7.2003 The
- Page 165 and 166: D0103v1.doc Version 1 6.7.2003 MN R
- Page 167 and 168: D0103v1.doc Version 1 6.7.2003 for
D0103v1.doc Version 1 6.7.2003<br />
4.5.6.2 Requirements<br />
4.5.6.2.1 Auditing Requirements<br />
There are three tasks to be accomplished to detect SLG violation:<br />
? Determine the downtime of <strong>Moby</strong><strong>Dick</strong> entities<br />
? Determine whether all consecutive registration attempts of a user currently in the home<br />
domain, fail within the pre-defined time interval . Failures due to invalid NAI and credentials<br />
do not violate SLG. To perform this task it is necessary to query the customer database to check,<br />
whether the NAI is valid (is a home user). The validity check of the credentials supplied by the<br />
user will rely on the response coming from the AAAC server. This response is reflected in the<br />
AAAC client’s response to the mobile terminal. This means correct implementation and<br />
behaviour of the AAAC server and client is assumed and expected.<br />
? Determine whether all consecutive service requests of an authenticated user are rejected or<br />
ignored within the pre-defined time interval .<br />
4.5.6.2.2 Logging Requirements<br />
Downtime determination requires <strong>Moby</strong> <strong>Dick</strong> entities to periodically send a sign of life. The sign of life<br />
contains the identity of the entity (EntityID) and a Timestamp. The time interval must be configurable.<br />
To determine whether registration attempts are successful following events need to be logged:<br />
? Each valid registration request must be logged by the AAAC Client,<br />
? Each registration response must be logged by the AAAC Client.<br />
The receipt of a valid registration request must be logged and the log must contain the following<br />
information: EventID, Timestamp, CoA, and NAI. EventID identifies uniquely the event that occurs; in<br />
this case the arrival of a valid registration request.<br />
The arrival of a valid registration request will trigger a sequence of message exchange in the provider’s<br />
network to carry out the registration process. In the end the AAAC Client will receive a response from the<br />
AAAC Server or a request timeout will occur. This will lead to AAAC Client sends a registration<br />
response containing the result of the request to the MN. Note here that communication errors can lead to<br />
missing response. MN should perform registration retries, if no positive answer is received after a certain<br />
timeout. The following information needs to be logged after sending a response to the MN: EventID,<br />
Timestamp, CoA, NAI, and ResultCode. The ResultCode should tell whether the registration is successful<br />
or not, and if not due to what reason.<br />
To determine whether service requests are accepted following events need to be logged:<br />
• Each service request sent to QoS broker must be logged by the QoS Manager,<br />
• Each corresponding response coming from QoS broker must be logged by the QoS Manager.<br />
After detecting that a new service is requested by a MN (MN sends a packet marked with a DSCP not<br />
being used), the QoS Manager in the access router needs to log the following information regarding this<br />
event: EventID, Timestamp, DSCP, DestAddr, CoA, and NAI. EventID identifies the arrival of a service<br />
request.<br />
The arrival of a service request will trigger a sequence of message exchange between QoS Manager and<br />
QoS Broker. In the end the QoS Manager will receive a response from the QoS Broker or a request<br />
timeout will occur. This will lead to QoS Manager configures the Access Router to forward or drop the<br />
packets of this requested service. The following information needs to be logged: EventID, Timestamp,<br />
DSCP, DestAddr, CoA, NAI, and ResultCode. The ResultCode states whether the requested service is<br />
accepted or not, and if not due to what reason.<br />
4.5.6.3 Architecture<br />
The following figure depicts the logging and auditing architecture. As described in the section on<br />
Logging Requirements, in addition to availability events, AAAC Clients have to log user registration<br />
events, while QoS Managers have to log service authorization events. Both entities, the AAAC Client and<br />
the QoS Manager, reside in each Access Router. Events to be logged will first be stored in the Local Log<br />
via an Integrated Logger. This Local Log will be managed by Local Log Management module, which has<br />
the responsibility to transfer the logs to the Central Log Management module. The Central Log<br />
Management module will store the logs in the Audit Trail before being fetched by the Auditing module to<br />
be examined with respect to the given commitments.<br />
D0103v1.doc 136 / 168