Diameter Overview
6 likes8,415 views
The document provides an overview of the Diameter protocol, which serves as a next-generation authentication, authorization, and accounting system, discussing its advantages over the older RADIUS protocol. Key topics include Diameter's applications, current standardization efforts, and its role in integrating various access technologies to enhance subscriber access and network management. Additionally, it highlights the need for security enhancements and different Diameter applications necessary for telecommunications services.
Diameter Overview
- 1. Diameter overview TWG joint meeting Xiamen, China June 29, 2004 John Loughney Research Manager Nokia Research Center [email protected] 1 © NOKIA 2003 diameter.ppt / John A. Loghney
- 2. AAA & Diameter • Next generation Authentication, Authorization & Accounting protocol • Consists of base specification and applications • MIP • Network Access Server (Dial-up / PPP / SLIP environment) • SIP Services • Accounting Extensions 2 © NOKIA 2003 diameter.ppt / John A. Loghney
- 3. RADIUS Standard Model Diameter Roaming 3 © NOKIA 2003 diameter.ppt / John A. Loghney
- 4. Short comings of RADIUS • Backoff unspecified • Failover unspecified • Application layer acknowledgement missing • Undefined proxy behavior • No error messages prevent intelligent failure response • Transport security has no confidentiality, known attacks • Replay protection only in post-processing • No object security, subject to man-in-the-middle attacks. 4 © NOKIA 2003 diameter.ppt / John A. Loghney
- 5. Diameter Examples Diameter Connections and Sessions Server relay Server Peer connection A Peer connection B User session X Translation of RADIUS to Diameter RADIUS Req Diameter Req Translation Home NAS RADIUS Ans Agent Diameter Ans Server 5 © NOKIA 2003 diameter.ppt / John A. Loghney
- 6. Diameter Proxy Example local service home service provider provider Primary Primary Proxy Home Server Server Network Access Server Backup Backup Proxy Home Server Server 6 © NOKIA 2003 diameter.ppt / John A. Loghney
- 7. AAA-SIP in 3GPP Rel. 5 Diameter SLF HSS AS Sh Diameter ISC Dx Cx Cx Diameter Gm Mr Mw Mw UE P-CSCF I-CSCF S-CSCF MRFC Megaco Compression Mi COPS for Go SIP MRFP Policy Control GGSN Mj BGCF MGCF SGW SIP SIP-ISUP Megaco Mc Visited Home Domain Domain MGW 7 © NOKIA 2003 diameter.ppt / John A. Loghney
- 8. Stardards Work to Do • Diameter Base Specification just submitted. • Diameter Mobile IPv4 Application nearly ready (needed by 3GPP2). • Diameter NASREQ Application nearly ready. • CMS Security Application, needed for e2e security • AAA Key Distribution • SIP-AAA Requirements • Diameter Mobile IPv6 Application • Diameter Multimedia Application (3GPP rel. 6) • Diameter Credit Control Application (3GPP rel. 6) • May need extensions to support session mobility. 8 © NOKIA 2003 diameter.ppt / John A. Loghney
- 9. Vision GSM/GPRS Multi-radio mobile DSL access Session WLAN mobility Access to WCDMA SIP services For phones, laptops and PDAs Same authentication Same end-to-end security Same applications Same service provider 9 © NOKIA 2003 diameter.ppt / John A. Loghney Same bill
- 10. Operator Services GSM roaming Corporate intranet SS7 Billing system Internet SMSC Diameter and VPN Gateway DNS servers AAA Server Charging Gateway Access Controller Router/firewall Operator site Any WLAN card 10 © NOKIA 2003 diameter.ppt / John A. Loghney
- 11. GPRS-WLAN Service Mobility Service/Access selection based on common: GPRS-WLAN Common connectivity to corporate: common • Existing L2/L3 connections • Subscription (GPRS ”access points”) subscriber data • Terminal configuration (opt.) • Corporate IP address (security) • Optional authentication Diameter Server Auth. Server DHCP Internet Corporate AP Access Zone Operator IP Operator LAN, VLAN, AC IP tunnel with Home IETF protocol AC services incl. or IP tunnel (opt.) intelligent content Managed IP flow enables common: • Control of direct Internet access Common service awareness: • Support of existing terminals • Differentiated and pre-paid charging for corporate and intelligent Web content • Service guarantee and QoS • Roaming through GRX 11 © NOKIA 2003 diameter.ppt / John A. Loghney
- 12. SIP enables service convergence Telephony conversational connectivity Separate, telecom-driven Telephone Mobile standards Wireless PDA (SIP) phone Common, IP-driven call/session set-up SIP conversational connectivity Laptop with plus more: WLAN Presence, instant PC messaging, file sharing, Mobile 12 © NOKIA 2003 diameter.ppt / John A. Loghney video …
- 13. Multi-Access to IP Multimedia Core CPS rich call session control presence, messaging, Internet streaming group services etc. IP Multimedia Core & Services Device mobility (Mobile IP) Service mobility (SIP + presence) browsing, messaging, downloading, video VPN remote access all multimedia local services Cellular services supplemented by operator services wide-area network Operator WLAN public access zones DSL Broadband offices, homes voice end-user control 13 © NOKIA 2003 diameter.ppt / John A. Loghney
- 14. Operator Services • Provide Authorization Services. • Provide Authentication Services. • Sell branded content networks. • Provide roaming brokers. • PKI services. 14 © NOKIA 2003 diameter.ppt / John A. Loghney
- 15. Summary • Integrating different access technologies (3G, WLAN, DSL, Dial-up): • increases the potential for increasing subscribers. • increases accesses to services. • Integrating/harmonizing signaling: • harmonizes network infrastructure. • simplifies network management. • simplifies charging/billing. • simplifies the user experience. 15 © NOKIA 2003 diameter.ppt / John A. Loghney