Telecommunications networks current status and future trends

  • 459 trang
  • file .pdf
TELECOMMUNICATIONS
NETWORKS –
CURRENT STATUS
AND FUTURE TRENDS
Edited by Jesús Hamilton Ortiz
Telecommunications Networks – Current Status and Future Trends
Edited by Jesús Hamilton Ortiz
Published by InTech
Janeza Trdine 9, 51000 Rijeka, Croatia
Copyright © 2012 InTech
All chapters are Open Access distributed under the Creative Commons Attribution 3.0
license, which allows users to download, copy and build upon published articles even for
commercial purposes, as long as the author and publisher are properly credited, which
ensures maximum dissemination and a wider impact of our publications. After this work
has been published by InTech, authors have the right to republish it, in whole or part, in
any publication of which they are the author, and to make other personal use of the
work. Any republication, referencing or personal use of the work must explicitly identify
the original source.
As for readers, this license allows users to download, copy and build upon published
chapters even for commercial purposes, as long as the author and publisher are properly
credited, which ensures maximum dissemination and a wider impact of our publications.
Notice
Statements and opinions expressed in the chapters are these of the individual contributors
and not necessarily those of the editors or publisher. No responsibility is accepted for the
accuracy of information contained in the published chapters. The publisher assumes no
responsibility for any damage or injury to persons or property arising out of the use of any
materials, instructions, methods or ideas contained in the book.
Publishing Process Manager Martina Durovic
Technical Editor Teodora Smiljanic
Cover Designer InTech Design Team
First published March, 2012
Printed in Croatia
A free online edition of this book is available at www.intechopen.com
Additional hard copies can be obtained from [email protected]
Telecommunications Networks – Current Status and Future Trends,
Edited by Jesús Hamilton Ortiz
p. cm.
ISBN 978-953-51-0341-7
Contents
Preface IX
Part 1 New Generation Networks 1
Chapter 1 Access Control Solutions
for Next Generation Networks 3
F. Pereniguez-Garcia, R. Marin-Lopez
and A.F. Gomez-Skarmeta
Chapter 2 IP and 3G Bandwidth Management
Strategies Applied to Capacity Planning 29
Paulo H. P. de Carvalho, Márcio A. de Deus
and Priscila S. Barreto
Chapter 3 eTOM-Conformant IMS Assurance Management 51
M. Bellafkih, B. Raouyane, D. Ranc,
M. Errais and M. Ramdani
Part 2 Quality of Services 75
Chapter 4 A Testbed About Priority-Based
Dynamic Connection Profiles
in QoS Wireless Multimedia Networks 77
A. Toppan, P. Toppan, C. De Castro and O. Andrisano
Chapter 5 End to End Quality of Service in UMTS Systems 99
Wei Zhuang
Part 3 Sensor Networks 127
Chapter 6 Power Considerations for Sensor Networks 129
Khadija Stewart and James L. Stewart
Chapter 7 Review of Optimization Problems
in Wireless Sensor Networks 153
Ada Gogu, Dritan Nace, Arta Dilo and Nirvana Meratnia
VI Contents
Part 4 Telecommunications 181
Chapter 8 Telecommunications Service Domain
Ontology: Semantic Interoperation
Foundation of Intelligent Integrated Services 183
Xiuquan Qiao, Xiaofeng Li and Junliang Chen
Chapter 9 Quantum Secure
Telecommunication Systems 211
Oleksandr Korchenko, Petro Vorobiyenko,
Maksym Lutskiy, Yevhen Vasiliu and Sergiy Gnatyuk
Chapter 10 Web-Based Laboratory
Using Multitier Architecture 237
C. Guerra Torres and J. de León Morales
Chapter 11 Multicriteria Optimization
in Telecommunication Networks
Planning, Designing and Controlling 251
Valery Bezruk, Alexander Bukhanko,
Dariya Chebotaryova and Vacheslav Varich
Part 5 Traffic Engineering 275
Chapter 12 Optical Burst-Switched
Networks Exploiting Traffic
Engineering in the Wavelength Domain 277
João Pedro and João Pires
Chapter 13 Modelling a Network Traffic Probe
Over a Multiprocessor Architecture 303
Luis Zabala, Armando Ferro,
Alberto Pineda and Alejandro Muñoz
Chapter 14 Routing and Traffic Engineering
in Dynamic Packet-Oriented Networks 329
Mihael Mohorčič and Aleš Švigelj
Chapter 15 Modeling and Simulating
the Self-Similar Network Traffic
in Simulation Tool 351
Matjaž Fras, Jože Mohorko and Žarko Čučej
Part 6 Routing 377
Chapter 16 On the Fluid Queue Driven by
an Ergodic Birth and Death Process 379
Fabrice Guillemin and Bruno Sericola
Contents VII
Chapter 17 Optimal Control Strategies for
Multipath Routing: From Load Balancing
to Bottleneck Link Management 405
C. Bruni, F. Delli Priscoli, G. Koch, A. Pietrabissa and L. Pimpinella
Chapter 18 Simulation and Optimal Routing
of Data Flows Using a Fluid Dynamic Approach 421
Ciro D’Apice, Rosanna Manzo and Benedetto Piccoli
Preface
In general, all-IP network architecture only provides “Best Effort” services for large
volume of data flowing through the network. This massive amount of data and
applications in different areas increasingly demand better treatment of the
information. Many applications such as medicine, education, telecommunications,
natural disasters, stock exchange markets or real-time services, require a superior
treatment than the one offered by the “Best Effort” IP protocol.
The new requirements arising from this type of traffic and certain users' habits have
produced the necessity of different levels of services and a more scalable architecture,
with better support for mobility and increased data security. Large companies are
increasing the use of data content, which requires greater bandwidth. Video-
conferencing is a good example. There are also delay-sensitive applications like the
stock exchange market.
The relentless use of mobile terminals and the growth of traffic over
telecommunication networks, whether fixed or mobile, are a true global phenomenon
in the field of telecommunications. The increasing use of mobile devices in recent years
has been exponential. Nowadays, the number of mobile terminals exceeds that of
personal computers. At the same time, we see that mobile networks are a good
alternative to complement or replace existing gaps for Internet access in fixed
networks, especially in developing countries.
The growth in the use of Telecommunications networks has come mainly with the
third generation systems and voice traffic. With the current third generation and the
arrival of the 4G, the number of mobile users in the world will exceed the number of
landlines users. Audio and video streaming have had a significant increase, parallel to
the requirements of bandwidth and quality of service demanded by those
applications.
The increase in data traffic is due to the expansion of the Internet and all kinds of data
and information on different types of networks. The success of IP-based applications
such as web and broadband multimedia contents are a good example. These factors
create new opportunities in the evolution of the Telecommunications Networks. Users
demand communications services regardless whether the type of access is fixed or via
X Preface
radio, using mobile terminals. The services that users demand are not only traditional
data, but interactive multimedia applications and voice (IMS). To do so, a certain
quality of service (QoS) must be guaranteed.
The success of IP-based applications has produced a remarkable evolution of
telecommunications into an all-IP network. In theory, the use of IP communications
protocol facilitates the design of applications and services regardless the environment
where they are used, either a wired or a wireless network. However, IP protocols were
originally designed for fixed networks. Their behaviour and throughput are often
affected when they are launched over wireless networks.
When it comes to quality of service in communications, IP-based networks alone do
not provide adequate guarantees. Therefore, we need mechanisms to ensure the
quality of service (QoS) required by applications. These mechanisms were designed
for fixed networks and they operate regardless the conditions and status of the
network. In wireless networks (Sensor, Manet, etc.), they must be related to the
mobility protocols, since the points where a certain quality of service is provided may
vary. The challenge is to maintain the requested QoS level while terminals move on
and handovers occur.
The technology requires that the applications, algorithms, modelling and protocols
that have worked successfully in fixed networks can be used with the same level of
quality in mobile scenarios. The new-generation networks must support the IP
protocol. This book covers topics key to the development of telecommunications
networks researches that have been made by experts in different areas of
telecommunications, such as 3G/4G, QoS, Sensor Networks, IMS, Routing, Algorithms
and Modelling.
Professor Jesús Hamilton Ortiz
University of Castilla La Mancha
Spain
Part 1
New Generation Networks
1
Access Control Solutions for
Next Generation Networks
F. Pereniguez-Garcia, R. Marin-Lopez and A.F. Gomez-Skarmeta
Faculty of Computer Science, University of Murcia
Spain
1. Introduction
In recent years, wireless telecommunications systems have been prevalently motivated
by the proliferation of a wide variety of wireless technologies, which use the air as a
propagation medium. Additionally, users have been greatly attracted for wireless-based
communications since they offer an improved user experience where information can be
exchanged while changing the point of connection to the network. This increasing interest
has led to the appearance of mobile devices such as smart phones, tablet PCs or netbooks
which, equipped with multiple interfaces, allow mobile users to access network services and
exchange information anywhere and at any time. To support this always-connected experience,
communications networks are moving towards an all-IP scheme where an IP-based network
core will act as connection point for a set of accessible networks based on different wireless
technologies. This future scenario, referred to as the Next Generation Networks (NGNs), enables
the convergence of different heterogeneous wireless access networks that combine all the
advantages offered by each wireless access technology per se.
In a typical NGN scenario users are expected to be potentially mobile. Equipped with
wireless-based multi-interface lightweight devices, users will go about their daily life (which
implies to perform movements and changes of location) while demanding access to network
services such as VoIP or video streaming. The concept of mobility demands session continuity
when the user is moving across different networks. In other words, active communications
need to be maintained without disruption (or limited breakdown) when the user changes its
connection point to the network during the so-called handoff.
This aspect is of vital importance in the context of NGNs to allow the user to roam seamlessly
between different networks without experiencing temporal interruption or significant delays
in active communications. Nevertheless, during the handoff, the connection to the network
may for various reasons be interrupted, which causes a packet loss that finally impacts on the
on-going communications.
Thus, to achieve mobility without interruptions and improve the quality of the service
perceived by the user, it is crucial to reduce the time required to complete the handoff. The
handoff process requires the execution of several tasks (N. Nasser et al. (2006)) that negatively
affect the handoff latency. In particular, the authentication and key distribution processes
have been proven to be one of the most critical components since they require considerable
time (A. Dutta et al. (2008); Badra et al. (2007); C. Politis et al. (2004); Marin-Lopez et al. (2010);
R. M. Lopez et al. (2007)). The implantation of these processes during the network access control
4
2 Telecommunications Networks – Current Status andWill-be-set-by-IN-TECH
Future Trends
demanded by network operators is destined to ensure that only allowed users can access the
network resources in a secure manner. Thus, while necessary, these security services must be
carefully taken into account, since they may significantly affect the achievement of seamless
mobility in NGNs.
In this chapter we are going to revise the different approaches that have been proposed to
address this challenging issue in future NGNs. More precisely, we are going to carry out
this analysis in the context of the Extensible Authentication Protocol (EAP), a protocol which
is acquiring an important position for implementing the access control solution in future
NGNs. This interest is motivated by the important features offered by the protocol such as
flexibility and media independence. Nevertheless, the EAP authentication process has shown
certain inefficiency in mobile scenarios. In particular, a typical EAP authentication involves
a considerable signalling to be completed. The research community has addressed this
problem by defining the so-called fast re-authentication solutions aimed at reducing the latency
introduced by the EAP authentication. Throughout this chapter, we will revise the different
groups of fast re-authentication solutions according to the strategy followed to minimize the
authentication time.
The remaining of the chapter is organized as follows. Section 2 describes the different
technologies related to the network access authentication. Next, Section 3 outlines the
deficiencies of EAP in mobile environments, which have motivated the research community
the proposal of fast re-authentication solutions. The different fast re-authentication schemes
proposed so far are analyzed in Section 4. Finally, the chapter finalizes with Section 5 where
the most relevant conclusions are extracted.
2. Protocols involved in the network access service
2.1 AAA infrastructures: Authentication, Authorization and Accounting (AAA)
Network operators need to control their subscribers so that only authenticated and authorized
ones can access to the network services. Typically, the correct support of a controlled access
to the network service has been guaranteed by the deployment of the so-called Authentication,
Authorization and Accounting (AAA) infrastructures (C. de Laat et al. (2000)). AAA essentially
defines a framework for coordinating these individual security services across multiple
network technologies and platforms.
An overview of the different components is the best way to understand the services provided
by the AAA framework.
• Authentication. This service provides a means of identifying a user that requires access to
some service (e.g., network access). During the authentication process, users provide a set
of credentials (e.g., password or certificates) in order to verify they are who they claim to
be. Only when the credentials are correctly verified by the AAA server, the user is granted
access to the service.
• Authorization. Authorization typically follows the authentication and entails the process
of determining whether the client is allowed to perform and request certain tasks or
operations. Authorization is the process of enforcing policies, determining what types
or qualities of activities, resources or services a user is permitted.
• Accounting. The third component in the AAA framework is accounting, which measures
the resources a user consumes during network access. This can include the amount of time
Access Control
Access Control Solutions
Solutions for for
Next Generation Next Generation Networks
Networks 53
a service is used or the amount of data a user has sent and/or received during a session.
Accounting is carried out by gathering session statistics and usage information, and it is
used for different purposes like billing.
The following sections provide a detailed description for the general AAA architecture and
the most relevant AAA protocols.
2.1.1 Generic AAA architecture
The general AAA scheme, as defined in (C. de Laat et al. (2000)), requires the participation
of four different entities (see Fig. 1) that take part in the authentication, authorization and
accounting processes:
• A user desiring to access a specific service offered by the network operator.
• A domain where the user is registered. This domain, typically referred to as home domain, is
able to verify the user’s identity based on some credentials. Optionally, the home domain
not only authenticates but also provides authorization information to the user
• A service provider controlling the access to the offered services. The service provider
can be implemented by the domain where the user is subscribed to (home domain) or
by a different domain in the roaming cases. In the case the service provider is located
outside the home domain, the access to the service is provided on condition that an
agreement is established between the service provider and the home domain. These
bilateral agreements, which may take the form of formal contracts known as Service Level
Agreements (SLAs), suppose the establishment of a trust relationship between the involved
domains that will allow the service provider to authenticate and authorize foreign users
coming from another administrative domains.
• A service provider’s service equipment which will be typically located on a device that belongs
to the service provider. For example, in the case of network access service, this role is
played by the Network Access Server (NAS) like, for example, an 802.11 access point.
Fig. 1. Generic AAA architecture
2.1.2 Relevant AAA protocols
To allow the communication between AAA servers, it is required the deployment of a AAA
protocol. Nowadays, the most relevant AAA protocols are RADIUS (C. Rigney et al. (2000))
and Diameter (P. Calhoun & J. Loughney (2003)). Despite Diameter is the most complete
AAA protocol, RADIUS is the most widely deployed one in current AAA infrastructures. In
the following, it is provided a brief overview of both.
6
4 Telecommunications Networks – Current Status andWill-be-set-by-IN-TECH
Future Trends
2.1.2.1 RADIUS
RADIUS is a client-server protocol where a NAS usually acts as RADIUS client. During
authentication procedures, the RADIUS client is responsible for passing user information in
the form of requests to the RADIUS server and waits for a response from the server. Depending
on the policy, the NAS may only need a successful authentication or further authorization
directives from the server to enable data traffic to the client. The RADIUS server, on the
other hand, is responsible for processing requests, authenticating the users and returning the
information necessary for user-specific configuration to deliver the service.
The typical RADIUS conversation consists of the following messages:
• Access-Request. This message is sent from the RADIUS client (NAS) to the server to request
authentication and authorization for a particular user.
• Access-Challenge. This message, sent from the RADIUS server to the client, is used by the
server to obtain more information from the NAS about the end user in order to make a
decision about the requested service.
• Access-Accept. This message is sent from the RADIUS server to the NAS to indicate a
successful completion of the request.
• Access-Reject. This message is sent by the server to indicate the rejection of a request.
Typically, the main part of a RADIUS conversation consists of several
Access-Request/Access-Challenge message exchanges where the RADIUS client and
server exchange information transported within RADIUS attributes. Depending on whether
the client is successfully authenticated or not, the RADIUS server finalizes the communication
with an Access-Accept or Access-Reject, respectively.
Apart from these main messages, the RADIUS base specification defines some others to
transmit accounting information (Accounting-Request/Accounting-Response) or the status of the
RADIUS entities (Status-Client/Status-Server).
Regarding the protocol used to transport RADIUS messages, protocol designers considered
that the User Datagram Protocol (UDP) was the most appropriate one since the Transmission
Control Protocol (TCP) session establishment is a time-consuming process requiring the
management of connection state. Nevertheless, the lack of a reliable transport causes serious
problems to RADIUS. For example, clients are unable to distinguish when a request is received
by the server or a communication problem has occurred and the RADIUS packet has not
reached its destination. Similarly, a client cannot distinguish whether a server is down or
discarding requests.
RADIUS security is another aspect that was not deeply considered. In particular, it is based
on the use of shared secrets between the RADIUS client and the server. In real deployments,
this basic security mechanism has been known to cause several vulnerabilities:
• Shared secrets must be statically configured. No method for dynamic shared secret
establishment is defined in the RADIUS protocol.
• Shared secrets are determined according to the source IP address in the RADIUS packet.
This introduces management problems when the client’s IP address change.
• When using RADIUS proxies, the RADIUS client only shares a secret with the RADIUS
server in the first hop and not with the ultimate RADIUS server. In other words, the trust
Access Control
Access Control Solutions
Solutions for for
Next Generation Next Generation Networks
Networks 75
relationship between the RADIUS client and the final RADIUS server is transitive rather
than using a direct trust relationship. If a server in the chain is compromised, some security
problems arise.
• RADIUS does not provide high transport protection. For example, an observer can
examine the content of RADIUS messages and trace the content of a specific attribute.
To overcome these security weakness, it has been proposed the use of TLS (T. Dierks & C.
Allen (1999)) to provide a means to secure the RADIUS communication between client and
server on the transport layer (S. Winter et al. (2010)). Nevertheless, the main research and
standardization efforts have focused on the design of a new AAA protocol called Diameter.
2.1.2.2 Diameter
Diameter, proposed as an enhancement to RADIUS, is considered the next generation AAA
protocol. Diameter is characterized by its extensibility and adaptability since it is designed
to perform any kind of operation and supply new needs that may appear in future control
access technologies. Another cornerstone of Diameter is the consideration of multi-domain
scenarios where AAA infrastructures administered by different domains are interconnected to
provide an unified authentication, authorization and accounting framework. For this reason,
Diameter is widely used in 3G networks and its adoption is recommended in future AAA
infrastructures supporting access control in NGN.
The Diameter protocol defines an extensible architecture that allows to incorporate new
features through the design of the so-called Diameter applications, which rely on the basic
functionality provided by the base protocol. The Diameter base protocol (P. Calhoun & J.
Loughney (2003)), defines the Diameter minimum elements such as the basic set of messages,
attribute structure and some essential attribute types. Additionally, the basic specification
defines the inter-realm operations by defining the role of different types of Diameter entities.
Diameter applications are services, protocols and procedures that use the facilities provided
by the Diameter base protocol itself. Every Diameter application defines its own commands
and messages which, in turn, can define new attributes called Attribute Value Pair (AVP) or
re-use existing ones already defined by some other applications.
The Diameter base protocol does not define any use of the protocol and expects the definition
of specific applications using the Diameter functionality. For example, the use of Diameter
for providing authentication during network access is defined in the Diameter NAS Application
(P. Calhoun et al. (2005)). In turn, this specification is used by the Diameter EAP Application
(P. Eronen et al. (2005)) to specify the procedure to perform the network access authentication
by using the EAP protocol. Similarly, authorization and accounting procedures are expected
to be handled by specific applications.
Within a Diameter-based infrastructure, the protocol distinguishes different types of nodes
where each one plays a specific role:
1. Diameter Client: represents an entity implementing network access control like,
for example, a NAS. The Diameter client issues messages soliciting authentication,
authorization or accounting services for a specific user.
2. Diameter Server: is the entity that processes authentication, authorization and accounting
request for a particular domain. The Diameter server must support the Diameter base
protocol and the applications used in the domain.