Eunice2012
-
Upload
ictseserv -
Category
Technology
-
view
427 -
download
0
description
Transcript of Eunice2012
© 2012 UZH, CSG@IFI 1
The Design of a Single Funding Point Charging Architecture (SFP-CA)
Christos Tsiaras, Martin Waldburger, Guilherme Sperb Machado,Andrei Vancea, Burkhard Stiller
{tsiaras,waldburger,machado,vancea,stiller}@ifi.uzh.ch
Department of Informatics IFI, Communication Systems Group CSG, University of Zürich UZH
Budapest, August 31, 2012EUNICE 2012
Motivation
Requirements
Components
Architecture
© 2012 UZH, CSG@IFI 2
Motivation
Institution & federation expenses decrease– Cautious user resources requests– Unnecessary infrastructure replication avoidance
User- instead of service-dependent funding accounts– A missing feature from Single Sign-on (SSO) systems– Not the case in the majority of federations today
Inter-domain charging capability– Make sense for costly services
• NOT for eduroam / YES for printing, Short Message Service (SMS), VoIP– Today this is a privilege only for Mobile Network Operators (MNOs)
and banks Real-time service access decision making functionality
– Today is mainly offered only by MNOs A Single Funding Point Charging Architecture (SFP-CA) as an add-on for
SSO systems in federated environments is essential
© 2012 UZH, CSG@IFI 3
Use case: SMS service @ ETHZ
SMS offered by the Eidgenössische Technische Hochschule Zürich (ETHZ)– SMS gateway– Agreement with an operator
• The more SMS are sent the better the price per SMS is
Assume that the University of Zurich (UZH) is willing to offer the same service– A second SMS gateway is needed
• Infrastructure cost (purchase, setup, maintain)– A separate agreement with an operator is needed
• Best case: The same price will be achieved
Low SMS service load @ ETHZ– The existing infrastructure could serve all federation members– Better agreement with the SMS operator could be achieved!
© 2012 UZH, CSG@IFI 4
SFP-CA Requirements
organizationVirtualFundsAccount
ServiceTariffMap
ServiceUsageConstraints andLimits
Interruption Service Trigger
userVirtualFundsAccount
SMS: 10 BC Min: 0 BC . . .
© 2012 UZH, CSG@IFI 5
Virtual Funds Accounts (VFAs) uVFA
– One per user– Credits used to pay the
requested resources– In postpaid solutions negative
values are allowed– Created by user's IdP
oVFA(A)
oVFA(B)
oVFA(A)
oVFA(B)0
-x
x
↓
↑ ↓
↑
oVFA– Each organization has one oVFA for every
other organization in the federation– If a user from organization A use
resources at B then oVFA(A) ↓ and oVFA(B) ↑
• If a payment has been done thenoVFA(A) = oVFA(B) = 0
• If oVFA(A) + oVFA(B) ≠ 0 then Charging Data Record (CDR) transfer error occurred
© 2012 UZH, CSG@IFI 6
SFP-CA Components
Authentication and Authorization Infrastructure (AAI) / Single Sign-On (SSO) System
Organization
IdentityProvider
ChargingRateManager
ChargingManager
AccountBalanceManager
User
ServiceProvider
SMS: 10 BC Min: 0 BC . . .
Service Provider Manager (SPM)– Service Providers (SPs) and users
location-independent charging Charging Rate Manager (CRM)
– Support of event- and session-based services
Account Balance Manager (ABM)– Support of prepaid and postpaid
payment method Charging Manager (CM)
– Support of multiple organizations, which belong on the same federation
Service Provider Manager
© 2012 UZH, CSG@IFI 7
Charging scenarios that can be handled by the SFP-CA
his home organizationwhich is charging...
The service is providedto the user by...
a foreign organizationwhich is charging...
the user using a...user's homeorganization, using a...
- VoIP- Printing
- VoIP- Printing
- VoIP- SMS
offline chargingmethod
offline chargingmethod
online chargingmethod
and then user's home
institution will charge...
© 2012 UZH, CSG@IFI 8
Service UsageConstraints &Limits
SFP-CA
AAI / SSO System
Organization A
IdentityProvider
ChargingRateManager
Service Provider Manager
InterruptionServiceTrigger
ChargingManager
AccountBalanceManager
User
userVirtual Funding Account
organizationVirtual Funding Account
Multiple times interaction
One-time interaction Service request
Organization B
IdP
CM
ABM
User
uVFA
SUCLoVFA
This domain does not offer a serviceServiceTariffMap Service
Provider
© 2012 UZH, CSG@IFI 9
Summary & future work The SFP-CA enables the inter-domain charging
functionality for federations– User & organization level
The SFP-CA enables the real-time service access decision making– Grant access– Interrupt service
The SFP-CA handles a large scenario set of charging requests– Local & guest users– Event & session based services– Offline & online charging
SSO system + SFP charging mechanism => Efficiency Implementation of the SFP-CA (printing, SMS, VoIP)
© 2012 UZH, CSG@IFI 10
Q&A