AAA-ARCH - PowerPoint PPT Presentation

About This Presentation
Title:

AAA-ARCH

Description:

Car Rental. Daily life. 2 of 14. Physics-UU to IPP-FZJ = 7 kingdoms. Netherlands. Physics dept ... Events. 2. 1. 1. 3. Service. 5. Types of communication: 5: ... – PowerPoint PPT presentation

Number of Views:25
Avg rating:3.0/5.0
Slides: 20
Provided by: cde59
Category:
Tags: aaa | arch | car | events | for | rental

less

Transcript and Presenter's Notes

Title: AAA-ARCH


1
AAA-ARCH
1 of 14
  • IRTF-RG
  • Authentication Authorisation and Accounting
    ARCHitecture Research Group
  • chairs
  • C. de Laat
  • J. Vollbrecht
  • Content of this talk has contributions from many
    persons including
  • B. de Bruijn, CK Dobbins, S. Farrell, G. Gross,
  • L. Gommans, D. Spence, E. Verharen, T.
    Verschuren,
  • T. Zseby

2
Applications
2 of 14
  • Applications
  • Network Access
  • Bandwidth Broker
  • Authorization of resources living in many
    administrative domains
  • Budget system
  • Library system
  • Computer based education system
  • E-Commerce
  • Micro-payments
  • Car Rental
  • Daily life

3
Multi Kingdom Problem
3 of 14
  • Physics-UU to IPP-FZJ gt 7 kingdoms
  • Netherlands
  • Physics dept
  • Campus net
  • SURFnet
  • Europe
  • TEN 155
  • Germany
  • WINS/DFN
  • Juelich, Campus
  • Plasma Physics dept

3 ms
2.5 ms
17 ms
Jülich
4
The need for AAA
4 of 14
AAA

?
AAA
AAA
?
BB
BB
management
management
Remote service
End user
R
R
R
R
Kingdom N
Kingdom N1
5
Roaming Agent Authorization Model
5 of 14
User
User Home Organization
Request
AAA Server
1
Approved
4
2
Commit Approval
Conditional Approval
Service Provider
3
AAA Server
3
Service Equipment
use service
5
Example application bandwidth brokerage at
Enterprise/Service Provider boundary
6
Roaming Pull Authorization Model
6 of 14
User
User Home Organization
AAA Server
3
Commit Approval
Conditional Approval
2
Service Provider
AAA Server
4
Request
Service Equipment
1
1
Approved
4
use service
5
Example applications Mobile IP, PPP dial-in to
NAS
7
Roaming Push Authorization Model
7 of 14
User
User Home Organization
Request
AAA Server
1
Conditional Approval with ticket
2
Service Provider
Request with ticket
AAA Server
3
4
4
Approved
Service Equipment
use service
5
Example application Internet printing, where
file and print servers are in different admin
domains
8
AAA Server building block
8 of 14
Rule example Auth_A (Bgt9) .or. C .and. D
USER
1
1
Generic AAA server Rule based engine
Auth rules
API
3
2
Application Specific Module
Events
Types of communication 1 The AAA protocol 2
interface (API) to app specific module
(addressing!) 3 interface (API or connection) to
repositories (e.g. LDAP)
9
Pushing the buttons
9 of 14
1
1
Generic AAA server Rule based engine
Policy
3
2
Application Specific Module
Events
5
Service
Types of communication 5 Towards service (f.e.
COPS, CLI, SNMPv3)
10
Legacy protocols
10 of 14
1
1
Generic AAA server Rule based engine
Policy
2
3
Application specific Module
Events
4
Types of communication 4 Legacy protocols
(Radius, Diameter, )
11
Gateway
11 of 14
1
1
Generic AAA server Rule based engine
1
Policy
3
2
Application specific Module
GW
Events
4
2
12
AAA Server with Accounting as Separate Service
12 of 15
1
1
Generic AAA server Rule based engine
Policy
3
2
2
Events
Application Specific Module
Accounting Module
Acct Data
3
5
6
Service
Metering
13
AAA Server with Accounting as Part of the Service
13 of 16
1
1
Generic AAA server Rule based engine
Policy
3
2
Events
Application specific Module
5
5
Accounting/ Metering
Service
Acct Data
3
14
Example Interaction with Authorization
14 of 16
15
Generic AAA Agent Model
15a of 16
16
Future AAA Application (ASP)
15b of 16
17
RG-Goals-1
15c of 16
  • Specific goals of the RG are
  • develop generic AAA model by specifically
    including Authentication and Accounting
  • develop auditability framework specification that
    allows the AAA system functions to be checked in
    a multi-organization environment
  • develop a model that supports management of a
    "mesh" of interconnected AAA Servers
  • define distributed policy framework, coordinate
    with policy framework WG and others
  • develop an accounting model that allows
    authorization to define the type of accounting
    processing required for each session

18
RG-Goals-2
15d of 16
  • Specific goals of the RG are
  • implement a simulation model that allows
    experimentation with the the proposed
    architectural models (also work on an emulation)
  • describe interdomain issues using generic model
  • work with AAA WG to align short term AAA protocol
    requirements with long term requirements as much
    as possible
  • complete the work in Q4 - 2000 (ambitious)

19
Research Group - info
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "AAA-ARCH" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!