90 likes | 96 Views
Explore policy-based accounting architecture, integration with authentication, scalability, privacy concerns, and user preferences in ICT environments.
E N D
Policy-based Accounting:Accounting Issues Georg Carle, Sebastian Zander, Tanja Zseby GMD FOKUS - German National Research Center for Information Technology [carle, zander, zseby]@fokus.gmd.de http://www.fokus.gmd.de/glone/ http://www.fokus.gmd.de/usr/carle
Overview • Accounting requirements • Derived issues • Policy-based accounting • draft-irtf-aaaarch-pol-acct-00.txt • Accounting architecture with policy translation Tanja Zseby • relation to other accounting work • Examples • Next steps and open issues AAAARCH Meeting, IETF Pittsburgh
Accounting Requirements • Variety of Provider Characteristics • Size and Purpose (e.g. small ISP, large backbone operator) • QoS provisioning technique (e.g. DiffServ, IntServ) • Service classes • Charging scheme(s) and models • Accounting Services • Accounting agreements with other providers (e.g. data exchange, distribute tasks) • Existing heterogeneous Infrastructure (MIBs, profile meters, etc.) hide heterogeneity • Variety of User Profiles • Number of flows, flow granularity, traffic profiles, unicast/multicast • User preferences (e.g. acc. indication, itemized invoices, spending limits) • Support Distribution of accounting tasks among different entities • Provisioning of accounting service by other providers, and also to users AAAARCH Meeting, IETF Pittsburgh
Accounting Issues • Flexibility: support specific accounting functionality, depending on service, tariff, user, accounting targetwith rich functionality: accounting for (1) usage metering and charging, (2) QoS auditing, (3) others (traffic engineering, non-repudiation of service usage, ...) • Outsourcing - Accounting as separate service: exchange of accounting information between different providers, and to customer. Interoperability: intra-domain, inter-domain, to user. • Abstraction: desire to use variety of metering devices while hiding heterogeneity • Interaction of Accounting with Authentication and Authorisation • Privacy: Restrict access to accounting information • Scalability and Efficiency AAAARCH Meeting, IETF Pittsburgh
Content provider User AAA Server AAA Server AAA Server M Acct. Policy Database Acct. Policy Database M M M M AS 1 AS 2 AS 3 Policy based Accounting Service • Accounting configurability needed for different services/users/tariffs/targets • Accounting service allows outsourcing of functionality • Need for usage accounting and QoS auditing • Consumers of accounting service: ISPs, content providers, users => Intra-Domain Acct., Inter-Domain Acct., User Acct. Indication • Accounting policies specify generation, transport and storage of acct. data AAAARCH Meeting, IETF Pittsburgh
Policy-based Accounting: Addressing the Issues Flexibility • Make accounting components configurable use of accounting policies • Define common configuration interfaces for different types of accounting components (e.g. different meter types) • Re-Use existing components (MIBs, admission control functions) Outsourcing + Abstraction • Relation of service and accounting functionality: (1) accounting as part of the service; (2) accounting as a service • Accounting primitives for specifying accounting service (-> accounting policies; needs accounting support by policy language) Interaction with Authorization + Privacy • Use authorization data bases, messages, languages, etc. • Authorize accounting services (e.g. online charging, itemized invoice) • Support accounting authorization policies. Scalability + Efficiency • Perform metering and accounting at most appropriate location on the path • Control allocation of resources for accounting • Adapt accounting components to specific accounting service (required parameters, meter accuracy) AAAARCH Meeting, IETF Pittsburgh
Draft: Policy-based accounting draft-irtf-aaaarch-pol-acct-00.txt (Carle/Zander/Zseby) • Roles and relations between roles • Reference Model and Building Blocks • Accounting Policies • Accounting Services • Integrated Accounting / Discrete Accounting • Intra-Domain Accounting /Inter-Domain Accounting / Accounting Indication • Integration of Accounting Services in Authorization Model: Agent Sequence, Pull Sequence, Push Sequence • Examples: Intra-Domain / Inter-Domain Accounting, • Accounting/Charging Indication, Mobile/Roaming AAAARCH Meeting, IETF Pittsburgh
Policy based Accounting Architecture AAA Server AAA Server AAA Server • Acct.policies • QoS Auditing. policies • User profiles • Acct. Authent. policies ASM Accounting Consumer ASM ASM Acct. Policy Datab. Accounting data configuration Accout. Data Accounting Serv. Accounting Serv. Accounting Configuration Accounting Serv. Meter Conf. Datab. • Meter • Characteristics • Meter resources Meter Configuration Meter Reader Meter data Meter Meter Meter AAAARCH Meeting, IETF Pittsburgh
Accounting Policies If condition then action set attribute=value Record collection: record type report interval report target Meter Instructions: flow granularity (attributes) stored attributes Record Storage: storage time storage format storage location user ID src/dst host/network flow attributes (src, dst, dscp, port,..) service time of day network load individual resource utilization current QoS AAAARCH Meeting, IETF Pittsburgh