World Library  
Flag as Inappropriate
Email this Article

Diameter protocol

Article Id: WHEBN0002166952
Reproduction Date:

Title: Diameter protocol  
Author: World Heritage Encyclopedia
Language: English
Subject: PureLoad, AAAA, Code division multiple access, Computer security procedures, WikiProject Academic Journals/Journals cited by Wikipedia/P42
Collection:
Publisher: World Heritage Encyclopedia
Publication
Date:
 

Diameter protocol

Defined by the URI scheme; AAA stands for Diameter based Protocol, AAAS stands for Diameter based Protocol with Secure Transport.[1] These protocols were defined by the Internet Engineering Task Force in RFC 6733 and are intended to provide an Authentication, Authorization, and Accounting (AAA) framework for applications such as network access or IP mobility in both local and roaming situations.[2]

Diameter protocol refers to a security architecture for distributed systems for controlling which users are allowed access to which services, and tracking which resources they have used. Two network protocols providing this functionality are particularly popular: the RADIUS protocol,[3] and its newer Diameter counterpart.[4][5]

Contents

  • Authentication 1
  • Authorization 2
  • Accounting 3
  • Usage of AAA servers in CDMA networks 4
  • References 5
  • External links 6

Authentication

Authentication refers to the process where an entity's identity is authenticated, typically by providing evidence that it holds a specific digital identity an identifier and the corresponding credentials. Examples of types of credentials are passwords, one-time tokens, digital certificates, digital signatures and phone numbers (calling/called).

Authorization

The authorization function determines whether a particular entity is authorized to perform a given activity, typically inherited from authentication when logging on to an application or service. Authorization may be determined based on a range of restrictions; for example, time-of-day restrictions, or physical location restrictions, or restrictions against multiple access by the same entity or user. Typical authorization in everyday computer life is, for example, granting read access to a specific file for a specific authenticated user. Examples of types of service include, but are not limited to: ip address filtering, address assignment, route assignment, quality of Service/differential services, bandwidth control/traffic management, compulsory tunneling to a specific endpoint, and encryption.

Accounting

Accounting refers to the tracking of network resource consumption by users for the purpose of capacity and trend analysis, cost allocation, billing.[6] In addition, it may record events such as authentication and authorization failures, and include auditing functionality, which permits verifying the correctness of procedures carried out based on accounting data. Real-time accounting refers to accounting information that is delivered concurrently with the consumption of the resources. Batch accounting refers to accounting information that is saved until it is delivered at a later time. Typical information that is gathered in accounting is the identity of the user or other entity, the nature of the service delivered, when the service began, and when it ended, and if there is a status to report.

Usage of AAA servers in CDMA networks

AAA servers in CDMA data networks are entities that provide Internet Protocol (IP) functionality to support the functions of authentication, authorization and accounting. The AAA server in the CDMA wireless data network architecture is similar to the HLR in the CDMA wireless voice network architecture.

Types of AAA servers :

  • Access Network AAA (AN-AAA) – Communicates with the RNC in the Access Network (AN) to enable authentication and authorization functions to be performed at the AN. The interface between AN and AN-AAA is known as the A12 interface.
  • Broker AAA (B-AAA) – Acts as an intermediary to proxy AAA traffic between roaming partner networks (i.e., between the H-AAA server in the home network and V-AAA server in the serving network). B-AAA servers are used in CRX networks to enable CRX providers to offer billing settlement functions.
  • Home AAA (H-AAA) – The AAA server in the roamer's home network. The H-AAA is similar to the HLR in voice. The H-AAA stores user profile information, responds to authentication requests, and collects accounting information.
  • Visited AAA (V-AAA) – The AAA server in the visited network from which a roamer is receiving service. The V-AAA in the serving network communicates with the H-AAA in a roamer's home network. Authentication requests and accounting information are forwarded by the V-AAA to the H-AAA, either directly or through a B-AAA.

Current AAA servers communicate using the RADIUS protocol. As such, TIA specifications refer to AAA servers as RADIUS servers. However, future AAA servers are expected to use a successor protocol to RADIUS known as Diameter.

The behavior of AAA servers (radius servers) in the CDMA2000 wireless IP network is specified in TIA-835.

References

  1. ^ "Uniform Resource Identifier (URI) Schemes". Retrieved 12 October 2014. 
  2. ^ "RFC 6733 - Diameter Base Protocol". PROPOSED STANDARD. Standards Track.  
  3. ^ C. Rigney, S. Willens, A. Rubens, W. Simpson, "Remote Authentication Dial In User Service (RADIUS)", IETF RFC 2865, June 2000.
  4. ^ P. Calhoun, J. Loughney, E. Guttman, G. Zorn, J. Arkko, "Diameter Base Protocol", IETF RFC 3588, September 2003.
  5. ^ Sasu Tarkoma, "Mobile Middleware: Architecture, Patterns and Practice", John Wiley and Sons, 2009, pp. 248–251. ISBN 9780470745526.
  6. ^ Bernard Aboba, Jari Arkko, David Harrington, "Introduction to Accounting Management", RFC 2975, IETF, Oct. 2000.

External links

  • The webpage of the Authentication, Authorization and Accounting IETF working group
  • Authentication, Authorization and Accounting overview
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and USA.gov, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for USA.gov and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
 
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
 
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.
 


Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.