An Integrated Accounting and Charging Architecture for Mobile Grids

Cristian Morariul, Martin Waldburgerl, Burkhard Stillerl,2

'University of Zurich, Department of Informatics IFI, Communication Systems Group CSG Binzmuihlestrasse 14, CH 8050 Zurich, Switzerland 2 Swiss Federal Institute of Technology ETH Zurich, TIK, Gloriastrasse 35, CH 8092 Zurich, Switzerland [morariulwaldburgerl stiller]@ifi.unizh.ch
The adoption of the Internet Protocol (IP) by a number of non-IP network operators, such as telecom or cable TV operators, opens the path toward new business models. IP will allow operators to provide a unified wired as well as wireless access to a wide range of services to their users. Additionally, using the same communication protocols and standard interfaces, enables different providers to coordinate any type of resources in Virtual Organizations (VO) and supports the composition of services aggregated across multiple domains. On one hand, such an open environment requires new business models to be adopted by the involved parties. On the other hand, Grid middleware infrastructure supporting integrated accounting, charging, pricing, and billing across multiple domains has to be in place to facilitate service provisioning in multiple VOs. Based on the relevant set of requirements derived, a new and extended A4C Architecture (Authentication, Authorization, Accounting, Auditing, Charging) has been developed, implemented, and evaluated for mobile Grids providing pervasive access to knowledge.

qualify here as a well-suited solution. In the same way as IP serves as an integration enabler for underlying protocols and access technologies, grids allow for an integration of various stand-alone services, offered by different providers, to be composed in applications. This demands for accounting and charging mechanisms, since various service providers need to charge service consumption if services are offered in a competitive environment. Several grid-related projects have designed and implemented accounting mechanisms for grid-services, such as APEL [8], DGAS [20], GASA [3], [12], GRASP [13], GSAX [4], Nimrod/G [2], and SGAS [22]. However, the key drawback with those approaches is that these solutions did propose and implement proprietary accounting and charging mechanisms only. Additionally, any interconnection of such accounting tasks with charging functions is not part of those solutions either. Thus, the accounting and charging architecture proposed within this paper extends existing work by far. The term Grid was traditionally used for defining a distributed high-performance computing (HPC) architecture. Computational and storage grids are the two examples everyone thinks Keywords: Mobile Grid, Accounting, Charging, A4C, about when dealing with this domain. However, more recently, Business Grid, IP-based Grid Services, Virtual Organization grid principles are not only applied to HPC, but are used for service virtualization [10] so that Virtual Organizations (VO) I. INTRODUCTION AND PROBLEM STATEMENT can be created by aggregating resources and services from difThe rapid growth of Internet penetration in the mobile com- ferent domains and different providers, irrespective of the munication market as well as the capabilities improvement of underlying infrastructure and protocols used in those different today's mobile devices offer new opportunities for existing domains. Taking the VO concept a step further, by granting technologies designed for traditional wired networks to be mobile or nomadic users pervasive access to knowledge, sets deployed on modern mobile communications platforms. Most the key focus for the work performed here and mobile grids in of the current research efforts on future mobile communication general. Such mobile grids need to integrate and harmonize various technologies adopt the Internet Protocol (IP) as the underlying communication protocol for video, voice, and data. The usage views of all actors involved in an operational VO. These views of IP will ease the process of integration of different communi- are expressed typically by business roles determining a cation infrastructures and will trigger the development of mid- player's specific behavior and requirements. In order to outline dleware services, such as AAA (Authentication, Authorization, the full range of organizational arrangements in providing Accounting), which offer their functionality to a broad range of mobile grid services in VOs, a comprehensive understanding of the underlying role model marks a prerequisite for the develapplications to be deployed. Integration of different access technologies as well as video, opment of the according accounting and charging architecture voice, and data services in an all-IP environment also paves the for mobile grids. Thus, the respective role model for mobile way towards offering of more complex services being com- grids has been developed in a first step, being described in this posed by basic services. This, however, requires an appropriate paper, to provide the basis for the charging and accounting service delivery platform to be in place, providing mechanisms technology developed in a second step, being described afterfor service delivery and service composition. Driven by the wards. Over the last few years multiple research efforts have been main concept of resource coordination across administrative domains and a strong service-orientation [11], grid systems performed on accounting, charging, and billing models for

1 -4244-0425-8/06/$20.00 ©2006 IEEE

[15]. the role model has to consider in the . and presents well as with respect to dynamics.as it is used in the context of commercial electronic service ing mobile grid support explicitly. an approach to design and implement a commercial is positioned logically on top of metering and accounting. Furthermore. Grid middleware and the network. two worlds converge. of the art and embraces on one hand the identification of relacross administrative domains. An overview of existing pricing schemes used in broadband IP networks is given in [9]. a role model is needed that is on one hand goal. the grid systems' sion) and communicates using standard. Finally. On the other grid systems in the area of mobile grid resources and users as hand. Based on [24] and ing of virtual operators. but also for generating and sharing revenue. AccordSeveral definitions for VOs exist. Auditing. and while running or yet to be initiated workflows adapt to changed conditions. and bill. partly overlapping aspects [23]. Accounting. a layered model and definition is used. Mobile Dynamic Virtual developed and presented in Section III. device. ACCOUNTING AND CHARGING IN MOBILE GRIDS strong dynamic element with respect to their organizational Accounting and charging mechanisms have to be able to composition and their business processes" [27]. Towards this ing in MDVOs. coming to the conclusion that there are still based networks use different terminologies with regard to multiple aspects to be addressed. where charging Thus. Section IV delivers (MDVO) are seen as extensions of VOs: major implementation details. key requirements on the integrated A4C architecing mechanisms used by ISPs and mobile network operators. A. while key challenges are shown. the vider). The solution proposed here. This termisupport of mobile users has been undertaken in Akogrimo nology defines the understanding of accounting and charging [1]. which is newly tionally are not reflected by VOs.main idea namely resource sharing and resource coordipose protocols and interfaces in order to deliver non-trivial nation across administrative borders [11] is reflected by and optimized Quality-of-Service (QoS) depending on the Virtual Organizations (VO).2) VO Role Modelfor Electronic Service Provisioning In order to determine the full picture of service provisionferent business partners. general-pur. Thus. Sec." [26] The architecture developed provides relevant mechanisms 1) Mobile Dynamic VO Nature to deploy grid applications in a mobile environment. the relevant accounting. the extended architecture design is new. Authorization. while B. such as multicast or exist. In other words. which voked by mobility support. This provides the basis for cover all composing elements for commercially offered elecan investigation of the specific organizational characteristics tronic services. charging. to which has to be supported by The remainder of this paper is structured as follows. and a VOs. incorporating mechanisms evant key requirements on an accounting and charging archifor parameterizable secure authentication and authorization". goes beyond current state accountable and chargeable resource coordination ported. Accordingly. workflows and an accounting system that envisages adaptive tion II extracts as new work the relevant set of requirements context-based charging. capture the specifics of each of the different entities involved. This assures seamless interoperability between dif. [16] compares existing accounting. and to ogy in use has to be determined. conclusions are drawn and ideas for remain available even after temporary loss of reachability. those terms are also applied to the definition given by Foster for grid systems [11]. include as well the evaluation of the architecture against the and service mobility requires a grid system to dynamically scenario drawn for detailed motivation purposes. open. one of the two only projects in the world so far address. each focusing on differingly. user. Accounting and Charging Terminology Those schemes are evaluated in terms of technical and ecoThe two worlds of mobile telecommunication and IPnomic efficiency. Based on both. and sesFrom an organizational point of view. In accordance with the provisioning.adapt changing context. Since mobility and dynamics tradifor the accounting and charging architecture.and charging-related terminol. ture (Authentication. whereas the latter is proin a detailed manner selected implementation aspects. Akogrimo domain of mobile grids.sample mobile grid scenario is depicted. VOs for grid systems are perceived as to mechanisms of mobile grid services in a multi-provider set"allow for information and communications technology-supting.generic enough to reflect all stake holders incentives. while this model on the other hand has to prevailing in mobile grids.charging and its associated processes. the main problem in a mobile business grid is found in ent. Mobility in terms of user. By following the determining and implementing accounting and charging definition of [27]. grid solution for service providers and telecom operators in but below billing. future extensions are discussed in Section V. a systems into account suggests an inspection of the VO conMobile Grid is communicating with the underlying network cept with respect to potential extensions or even fundamental in both directions enabling cross-layer cooperation between changes required. followed by an extensive Organizations "MDVOs are virtual organizations whose members are able functional evaluation of the architecture against a mobile to change locations while provided or consumed services grid scenario. Taking mobility aspects in grid current context of the resource or the user. [6]. the role model for integrate the specific characteristics of grid systems and mobile grid service provision in a VO is developed.scenario.telecommunication operators and ISPs (Internet Service Pro. so that MDVOs are characterized by a II. as Table 1 describes in detail. tecture for mobile grid services by means of a businessMobile grid systems show important extensions over fixed driven role model and a mobile grid scenario. Role Modelfor Mobile Dynamic VOs it supports all kind of mobility (such as device. defines mobile grids as follows: "A Mobile Grid consists out of resources that are not subject to centralized control. which will be faced as the and Charging) are derived. not only for service provisioning.

e.. and economical ones.. including Quality-ofService (QoS). Metering determines the particular usage of resources within end-systems (hosts) or intermediate systems (routers) on a technical level. e.g. Since these services are consid- . Services are rather perceived as non-tangible goods with an assigned utility level (macroeconomic and accounting view) or as electronic products (marketing view). * consume the service results in terms of an electronic product (service user). the present gap between the respective service notions from a technical and businessdriven view has to be bridged in order to integrate both understandings what is implemented by means of the grid middleware..e. Charging acts as an umbrella term for charging options and charging mechanisms.g. * are charged for service consumption (service customers). Therefore.e. no strict time constraints concerning the processing time of charging (i. Incorporating those requirements results in the basic role model for electronic service provision within VOs as it is shown in the form of an Entity Relationship diagram in Figure 1.Table 1: Accounting and Charging Terminology [24]. the respective role set dealing with financial flows has to be included in the role model. Tariff or tariff function. which has implications on the understanding of the terminology in use. applying tariffing theory or marketing methods. Mediation is intended to filter. composed services to be in place.g. charge calculation applies a given tariff to the data accounted for. only an at most generalized minimal role set has been expressed in Figure 1. the customer has to have a certain amount of credits prior to the service usage. management. billing provider. Charge Calculation covers the complete calculation of a price for a given accounting record and its consolidation into a charging record. Even though those aspects are specific extensions of MDVOs over VOs. whereof A4C is one important part with regard to commercial service provision. Prepaid charging influences the delivery of services to the customer. Prices may be calculated on a cost/profit base or on the current market situation..g. and finally * offer and potentially also aggregate services (service provider). With the postpaid charging option. and networking parameters. they do not alter the role of. charge calculation) are defined. e. The term Service accordingly is not understood in a technical sense as a wellin a layered approach defined functionality that is offered through a service access point to a higher layer [7]. or content and application service provider. Coordinating and sharing knowledge requires the aggregation of basic services into more complex. Nevertheless. the charging (i. service charges are aggregated on the user's account after service usage and the user is invoiced after a predefined period. With the online charging mechanism. Note that online charging implies that accounting and metering have to be done in real-time as well. LU-.e. For the offline charging mechanism. Accounting defines summarized information (accounting records) in relation to a customer's service utilization. resource consumption. most general form an as wide as possible range of grid services that in turn aim at high-level resource (i. Online/offline Charging Mechanism |Service Customer| k-L i (.g. independent of whether a service user is mobile or not. are assumed to satisfy the characteristics of a full-fledged electronic product. \ 7UV Billing Figure 1: Basic Role Model for Electronic Service Provision in Virtual Organizations The proposed role model has been drawn from an organizational viewpoint. while mapping technical values into monetary units. This process may combine technical considerations. This is caused by its generic nature: While mobility and dynamics show implications on MDVO business flows. e. Billing is the process of consolidating charging information on a per customer basis and delivering a certain aggregate of it to a customer. a service user. bundled in an application (potentially including additional benefits like warranty). [15] Termimnuts Charging Unde*rstandig Charging calculates the charge for a given service consumption based on accounting records and the tariffs defined in the SLA. specifically networking resources and services in an open market situation. Since the role model needs to support a wide range of commercial services and organizational arrangements. Charging mechanisms are used to implement and realize charging options. calls. consisting of entities that * initiate service provisioning by explicitly expressing a demand for it (service requestor). aggregate. the same basic role model is valid in both cases. periodical credit checks during service usage are performed. With the prepaid charging option.. and correlate raw technical data which in most cases has been collected by metering. The role model does not explicitly reflect mobility or dynamics aspects. The understanding of this role remains unchanged. while in fact only aggregated electronic services.. charge calculation) has to be performed in realtime.. Mediation transforms these data into a form which can be used for storing and further processing. knowledge) coordination. It is expressed in metered resource consumption. service usage may be denied. This orthogonal separation helps to emphasize either on the more technical or economic aspects of charging. Prepaid/postpaid Charging Option ered to be commercial in terms of that they have to be charged to an entity. takes a set of accounting parameters as its input and outputs the charge to be paid for the particular value of those input parameters. or any type of connections. such as communications provider. grid service provider. A real-word entity in terms of an actor can embody one or Accounting Charge Calculation Mediation Metering Pricing Pricing covers the specification and setting of prices for goods. The role of a service provider will find in specific scenarios more concrete realizations. for applications. e. Depending on the type service.

full anonymity a new virtual identity is generated whenever a user requests a service from a foreign domain. pseudo anonymity a separate identity Inrrrf (virtual identity) for each domain needs to be created and used whenever a service is requested from that domain. while this service in the end will be charged to a third entity. It also allows for the mapping of all service sessions to an initial authentication event.B). From a services viewpoint. The service itself is requested by none (push service type) or one or multiple (pull service type) requestors. e. Unavailability of any component should have minimal impact on the user's possibility to access services or provider's ability to charge for service consumption. and more than one in case a cost splitting scheme is applied. while for broadcast services the full range of potential users in reach are supplied. and customer to have access to multiple services and still receiving a single aggregated bill for all the services used during a given period of time. a company that subscribed to this service with the service provider so that the company's employees would be informed on important changes and news. such as user credentials. and SP2 that provides the necessary computation power for analyzing the real-time data received from different patients. In commercial as well as in non-free service provision. at least one service customer must be present. the case of multiple users can be sub-divided in multicast services with more than one. SPI and SP2 accordingly focus on their specific competencies in the role of grid service providers.multiple roles. the user. For instance. communication between these components needs to be secured. This device continuously monitors human heart activity and periodically sends data to a monitoring facility that based on a patient's historic records and other patterns in its database can detect when a heart condition is imminent. an authorized agent might trigger upon a certain threshold or event reached that updated stock market analyses are prepared by the service provider and sent to a second entity. A SSO approach allows users to authenticate once and then use services across different domains. This division of tasks allows a user . IC collaborates with two service providers. NINO handles systems integration and runs the technical infrastructure. a user's real identity should be protected. For the necessary resources to perform health monitoring services. packets or flows.in this scenario an individual. MNO takes the roles of a communications provider (for voice and data services) and of a billing provider. for a pull-type service. No service provider should have access to a users's real identity without the user's authorization. whereas either one or multiple service users exist. The A4C Server in the home domain of the user should be the only network component capable to map between virtual and real user identities. whereas IC acts as a content and application service provider. SPI that provides database storage for patient records. user and customer in basic organizational alignments probably are taken by one organizational entity. Anonymity: When using services in domains other than the home domain. With respect to compensation for service consumption. (Business-to-Business) relationship with IC. IC concluded a contract with a Mobile Network Operator (MNO) to get access to a large number of potential customers. while IC is concerned with direct customer relations and marketing activities of the e-health application. an inteMobile Grid Scenario grated accounting infrastructure for a mobile grid is In the presented scenario. one service thus has exactly one service provider assigned.. the user is assumed to maintain required to understand and manage a larger set of paramecontractual relationships both with MNO for communication ters and multiple accounting record formats. Single Sign-On (SSO) Functionality A single action of authentication and authorization from the user should give access to all the services she or he is allowed to use. It should be the user who decides which level of anonymity she or he prefers: No the real identity of the user can be used in anonymity foreign domains. Section II. - D. * Multi-service and multi-domain accounting and charging Whereas in traditional networks accounting consists Figure 2: Actors and Contractual Relationships in the in counting the number of octets. InsurerComp (IC) company just released its new service. One user only represents a unicast service. Mobile Grid Scenario At this stage a realistic mobile-grid scenario has been developed to enable the reader an easy to understanding of interactions among different players as depicted in Figure 2 and of players involved in service provisioning and in revenue distribution. while in more complex arrangements different actors play these roles. B2C B2B * Robustness of the architecture The A4C architecture should provide mechanisms to overcome faulty behavior of its components. the set of key requirements has been identified. exactly one in case a full charging. service usage records and charging records. For delivering this service. For instance. user. Requirements Driven by the investigated specific scenario and the underlying general role model.g. thus applying the proposed role model (cf. Based on a B2B ts to have meaningful accountable units and QoS parameters * . a wearable heart monitoring device. but specified number of users. the roles of a service requestor. taking the roles of a service requestor. Security Confidentiality: As the A4C components transfer sensitive data. This requires services and IC for the e-health application. They address the middleware infrastructure related to A4C architecture an protocols as the main links between business and technology view on commercial service provisioning as follows: * C.

In order to provide support for SAML messaging. Besides those specific requirements derived. Applications offered in a MDVO will most of the time aggregate services from multiple service providers. All nominated tasks are services offered to components located in the same domain as the A4C Server in question. SAML is a secure interoperable language used to share users' information from the A4C Server to other components in order to provide SSO capability to the user and to offer attribute sharing of the user to other components. For the communication between the SAML Authority and the A4C Server the SOAP protocol is used. capabilities negotiation. Besides these. the SSO functionality is supported by the integration of a SAML (Security Assertion Markup Language) Authority component. Its main tasks cover authentication of users. * Roaming and Mobility Typical users of a mobile grid are customers of mobile network operators. Each service component that requires one of the functionality the A4C Server provides requires to integrate an A4C Client. and protocols used for communication. this section describes the main components of the A4C architecture. transported over HTTP. a mobile grid accounting and charging architecture has to be flexible enough to support the full role model set. A more detailed view on the interactions between different components can be seen inFigure 4. SAML [21] is used to send security information in the form of authentication and attribute assertions to the mobile grid components. Figure 3: A4C Architecture Components III. using any type of access network. i. the A4C Server keeps all internal data integer and consistent. The A4C Client is the counterpart of the A4C Server on the client side. service usage accounting and charging. A4C Architecture Design The A4C architecture presented in this paper is based on the generic AAA architecture [17] as defined by the IETF. key requirements and behaviors of AAA architectures as well as protocols are already standardized by the IETF and applied by network operators. * Deployment For integrating an accounting and charging architecture for mobile grids in an existing infrastructure of a mobile operator compatible technologies need to be used. its functionality. the architecture uses a logically centralized A4C Server in every domain. .C against these requirements. The central approach has to be seen only in the context of the architecture design. access control to services. error notification. The A4C Server is the central component of the architecture. The physical deployment of the A4C Server might include several physical nodes acting as A4C Servers. extensibility through addition of new commands and AVPs and services necessary for applications.at hand. Furthermore. such as session handling or accounting. A. For having success a mobile grid should allow its services to be accessible from anywhere. It aims at supplying IDTokens and SAML assertions to the A4C Server. access control to services. and the section ends with an overview on how different QoS parameters can influence accounting mechanisms and charging policies. A4C Servers also have to manage interdomain related tasks such as authentication and authorization of roaming users. Starting from the the identified requirements. an A4C architecture for mobile grids was designed and prototypically implemented. Diameter provides support for delivery of AVPs (Attribute Value Pairs). All communication between A4C Server and A4C Client is based on the Diameter protocol [5]. and it should be based on existing adopted or upcoming standards in order to be accepted widely by MNOs. grid service as well as content level. Its task is to generate XML messages based on the SAML standard for sending authentication and attribute information in a secure manner. The solution presented in this paper will be later evaluated in Section IV. or accounting and charging for service sessions spanning across multiple domains. The A4C Server contacts the SAML Authority when it requires to generate IDTokens and to verify such tokens presented by different components. Its main task is to give network or grid components access to A4C services. that hold for all relevant levels. Besides these. As a clear must. SAML provides an additional security block concerning high confidential information (such as authentication and attribute information of a user) in the A4C architecture. A4C ARCHITECTURE In response to those requirements listed above. for load-balancing purposes or for distributing A4C tasks to specialized nodes. Thus. Additional tasks are the auditing of service consumption for QoS compliance and storing of user and service specific profiles. A discussion about how inter-domain service composition is supported follows. All components of the A4C architecture are outlined in Figure 3. particularly network. and collection of data required for service charging. Based on IETF (Internet Engineering Task Force) AAA standards. The two most important components are the A4C Server and the A4C Client. This process was performed partially in the context of the Akogrimo [1] project Therefore. The accounting and charging components and protocols need to provide the mechanisms to aggregate accounting sessions from different administration domains and allow the aggregation of different service charges into a single bill.e. a SAML Authority is needed. The SAML Authority has been designed as an internal subcomponent of the A4C Server. the A4C Server is one of the key components in a service provider's domain as it provides those mechanisms for user identification. an A4C architecture for mobile grids was designed and prototypically implemented on foundation of existing AAA standards. For achieving this.

units. Whenever a service component receives an IDToken from a user. IMPLEMENTATION AND EVALUATION For the prototypical implementation performed. but only who can prove that the user is authenticated. while Domain A has the information required to charge Domain B B for the service session. those parameters. The A4C Client sends an Accounting-Start-Request to the A4C Server of its own domain sing the Diameter protocol. If everything is OK an accounting session ID is sent back to the metering component. For exemplification the network access service in a foreign domain has been chosen. if on grid level a considerable amount of main memory is reserved for one job request. If required. which will generate an IDToken after authentication and send it via the A4C Server in the visited domain. grid services. The use of parent sessions requires a close coupling of the service component to the A4C Client in the sense that services are required to be aware of the session ID of the attached A4C accounting session ID. During the service provisioning phase. The unique identifier is based on ongoing work performed in [25] and it is globally unique for each session. The SAML Authority is implemented in Java. integrated architecture. A4C Session Model For accounting and charging purposes. and content view. . session hierarchies are created. propose the complete set of parameters for the purpose of this work. The session record is sent using Diameter protocol. so that service hierarchies across multiple domains can be formed. Section lI. The respective sections in Table 2. Multi-layer QoS Definition Both. As soon as a user accessed the network (in the foreign domain) and was authenticated. At this point. since different customers will probably have different expectations on the service quality and they are ready to pay accordingly. This paper does not address the mechanisms needed to signal. If the user connects to the access network from a foreign domain the authentication request is forwarded to the home domain of the user. are not standardized or commonly used so far. as well as for auditing the SLA compliance. requirements for multi-service accounting and flexible charging mechanisms.D). service sessions between service delivery components and users need corresponding A4C sessions between service management and monitoring components and the A4C Server. and then charged accordingly. since guarantees given on one of these three levels influence the cost drivers of assigned accountable IV. To enable the integration of the A4C Client in grid components mainly developed in C++ and Java A4C Client interfaces are provided both. The operating system used for development and testing of the A4C implementation is Linux. the metering component periodically sends accounting records for user's session using the C++/Java interface provided by the A4C Client. shows impacts on the costliness of service provision. having a broader understanding of QoS than traditional throughput. These accounting records are encapsulated in Diameter messages and sent to the A4C Server in domain A. Each time an authentication is successful. The IDToken does not reveal a user's real identity. jitter and loss will determine the basis for mobile grid architectures. Thus. Figure 4 shows in more detail how the accounting process is realized for a service started in a foreign domain in our proposed architecture. In mobile grids. Domain B has enough information to charge the user for the consumed service in the foreign domain. Once the session is terminated. For instance. thus. the metering service starts uses the C++/Java interface provided by the A4C Client to start an accounting session for that user. An A4C session can be an authentication. Session hierarchies have the purpose of keeping track of how multiple services interacted in order to assure the delivery of a more complex application. An IDToken is information that can be linked to a previous authentication event. Besides these individual expectations. Whenever services are automatically instantiated and aggregated by service composition entities. it needs to contact an A4C Server for checking the validity of this IDToken. the A4C Server is informed and a session record containing a summary of consumed resources and corresponding charges is created and sent to the A4C Server in the home domain of the user. Only on the networking level QoS parameters are widely understood to consist of the named parameters as they are presented in detail in the first section of Table 2 For the grid and the content level. For better understanding. the set of QoS parameters for context-based charging needs to include the network. The IDToken is always generated in the home domain of the user. the Charging component of the A4C Server in domain A can make a request to the A4C Server in the home domain of the user in order to check whether the user is authorized/able to pay for the service. measure. an IDToken is generated and handed to the user who requested an authentication. Tracking of parent sessions assure that every service that was executed by a service provider can be linked to a session requested by a user. based on previously defined policies. The remainder of the sec- tion will emphasize major implementation decisions and . the A4C Server can return the real identity of the user or a virtual identity. The IDToken can be used further by the user when requesting for services as a proof of authentication. QoS (Quality-of-Service) parameters for mobile grids will influence the accounting and charging mechanism with respect to context-based charging. have to be addressed by the A4C architecture in a multi-domain service provisioning environment (cf. delay. The A4C Server and A4C Client are implemented in C++. or accounting session for a running service session. thus preventing other larger jobs from being accepted. the OpenDiameter library was chosen for the core of the A4C architecture. The A4C components keep track of the session hierarchies by using two techniques: uniquely identification of each A4C session and tracking the parent session of each session. This request is also encapsulated in a Diameter message. If it proves to be valid.Support for an SSO and anonymity is achieved by using IDTokens. which embraces device and user context elements to be considered. authorization. B. as C++ and as Java interfaces. and enforce the QoS at different layers. The creation and transmission of this session record is the task of the charging component. but argues that flexible SLAs and QoS parameters are required for an inter-layer. C.

g. mood) Guarantees that are specific for an application or a group of applications. It also handles inter-domain-related tasks. Figure 6) is quite similar to the inter- . B. Diameter messages are pre-processed by the Diameter protocol handler as depicted in Figure 5 and delivered to the A4C Server module required to process the request. The internal architecture of the A4C Client (cf. A4C Server Implementation The A4C Server implements a set of applications (e. or charging) on top of the Diameter protocol. connection type. such as authentication in a foreign domain. and service sessions (such as user profiles.Table 2: Multi-layer Quality-of-Service Parameters Domain A (foreign domain) Access Router Domain B (home domain) Jitter Delay/ Latency Connection Availability lne variance or the expected dutrerence minimal and maximal datagram delay between the The time between an event and the expected effect The ratio of the time a system is functional and the summarized time intervals a system is functional and not functional Packet Loss The ratio of packets that arrived at the destination and the total amount of sent packets Throughput/ The amount of information units transmitted per Data Rate given time interval Response Time CPU Type The time between a grid service request and the arrival time of the expected response The relevant set of CPU architecture architecture characteristics.g. location. The A4C Client is responsible to set the right command code in the Diameter request sent to the A4C Server. available exclusively for grid-related communication The available amount of main memory available for a process on a given grid resource for a given time period The available amount of background storage available for a process on a given grid resource for a given time period or for permanent storage The guarantee that only authorized entities are provided access to a given piece of infornation The guarantee that data or messages are not altered in any way The guarantee that data or messages are not linkable with an identifying element of an entity The proof of the data or message origin The possibility to restrict personal information about an individual or group of individuals from being distributed to unauthorized entities Availability of an entity that assumes legal responsibility for the delivered content The guarantee that content can be inspected only in the presence of the corresponding decrypting key Parameters that modify the quality degree of a service based on specific context information (e. tariff schemes. service profiles.g. but the possibility of using the Diameter protocol for the communication between the A4C Server and the SAML Authority is investigated.. authentication. or control of the inter-domain charging messages exchange. resolution. accounting and auditing records. The database is used by the A4C Server. Charging Module Authenticity Privacy A4C Databases Manager Policy Liability Encryption Contextspecific Guarantees Server Controller BASE SIP EAP SAML Auditing Non Rep Charging Acct Applicationspecific Guarantees DIAMETER Protocol Handler details of the A4C Server and the A4C Client. For the mobile-grid A4C implementation proposed Figure 5: Internal A4C Server Architecture The SAML Authority is implemented in Java [14] and the SOAP protocol is used for communication to the A4C Server. (e. The implementation performed uses a MySQL database [18]. Based on the command code included in the Diameter packet the message is forwarded to the proper module. the instruction set architecture in use The characteristic pattern of interconnections between single CPUs Guaranteed throughput. e. The A4C Server is implemented in C++ and acts as a stand-alone application. and authentication and authorization logs) and a SAML Authority. accounting. A4C Client The A4C Client implements the client end of the respective applications in the A4C Server. encoding) CPU Topol- ogy Reserved Throughput Memory Storage Confidentiality Integrity Anonymity Figure 4: Accounting Implementation Architecture in this paper a new authentication/authorization Diameter application was created as well as a new accounting application. The A4C Server controller defines a set of interfaces between different A4C Server modules for internal communication. presence. but any other database can be used as long as it implements the interface defined.g. color depth. frames per second. services. The A4C Server includes two external components: a database which stores all information related to users. SOAP was used simply because of the current OASIS specifications for SAML.. device type. A.

Authentication and Authorization (AA) module It is involved in the processes of initial authentication. * tion process. and service access authorization.. the IC can obtain from the MNO the session ID generated for the authentica- 3) Security Security determines the important topic for all tasks performed by the A4C infrastructure. Every service component integrates an A4C Client that connects to the A4C Server of the respective service provider domain.g. After the service request is received. include the costs of the two subservices in the price of the EH Service. C++ and Java. This section runs a qualitative evaluation of the architecture proposed against the scenario described in Section II. accounting and charging for service sessions that are executed inside the domain.*- i Money Flow MNO Figure 7: Heart Monitoring Scenario Network Architecture Figure 6: Internal A4C Client Architecture As seen in Figure 6.C and all major identified requirements of the A4C. C. Based on this information. The use of TLS and IPSec assures the confidentiality and integrity of the control data transmitted. the IC can. the two services from SPI and SP2 can be related to the EH service. The use of the Diameter protocol is fully in-line with those measures. on the other hand. Whenever a user connects to an access network of an MNO he is first authenticated and a network accounting session is started. Moreover multiple parallel sessions to different A4C Servers allows to load-balance the tasks of A4C infrastructure. Evaluation 2) Robustness of the Architecture Each service component maintains through its A4C Client permanent connectivity with several A4C Servers at the same time. As A4C session IDs are globally unique. . price) and are required for later billing. summary of accounting data. * Accounting module It creates accounting sessions and handles the accounting messages related to service sessions. All requests for the two subservices contain the accounting session ID of the EH Service. Interdomain A4C Session 1 Service Session . this A4C Client implementation uses the Java Native Interface (JNI) concept and offers interfaces to the A4C Client library in both. When the service session ends. Charging records are generated by the A4C Server of SPI and SP2. all communication between the A4C Client and the A4C Server is handled by the OpenDiameter library.> ~'" . any service request in the IC domain can be related to an authentication process. they are sent to IC. and. on one hand.nal architecture of the A4C Server. Any change in the internal A4C mechanisms can be handled locally in the module they belong to. service session duration. Thus. As grid services are typically implemented in Java. It shows the major difference that the control of different modules is not internally centralized. Based on the IDToken. the IC can distribute to SPI and SP2 revenue received for the EH Service. The EH (E-Health) monitoring service is started by connecting to the EH Service component in the IC domain and presenting the IDToken for proofing the authenticity of the user. 1) Scenario Mapping Figure 7 depicts the network architecture used in the presented scenario. the EH Service component using its A4C Client starts an accounting session and requests a new database access service instance from SPI and a new computation service instance from SP2. but it is outsourced to external applications through C++ and Java interfaces.. This way a single point of failure is avoided and the basic robustness of the A4C server infrastructure is achieved. The A4C Client is implemented in C++ and deployed as a Linux shared library. On top of this. The functionality of internal modules is made available to external applications through a set of interfaces. without any impact on external applications or other modules. respectively. IDToken validation. communication between A4C Servers and Clients can be secured by using dedicated IPSec and Transport Layer Security (TLS) channels between these components. Once charging records have been generated. SPI and SP2 apply their own charging schemes on the accounted for data and generate charging records for each of the two services separately. The charging records contain information related to a service session (e. even the latest is executed in a different administrative domain. In case the server who is serving a current client becomes unavailable. SPI and SP2 account separately for their services based on their own policies and relate their accounting sessions to the session ID received from IC. Based on those charging records received. three major modules for handling messages are implemented: * Auditing module It handles auditing related tasks as non-repudiation of messages or event notifications.i i M o ble . the next messages will be forwarded to one of the other servers from the same domain. Each domain operates an A4C Server that performs access control. Intradomain A4C Session .

no/v2004/data/gruppeO5/files/ cgc2004_report. this paper presented a new and extended A4C architecture for accounting and charging of such mobile grid services. [4] A. David Hausheer (University of Zuirich). Twigg: GSAX Grid Service Accounting Extensions. May 2005. Arkko: Diameter Base Protocol. [10] I. Barmouta. The Diameter protocol provides support for creating roaming-aware A4C applications. Devetsikiotis. Thus. which will enable grid service providers to bill for their service in an integrated manner. IEEE Communications Review. Workshop Presentation. Extensions of the base protocol are specified and can be added on top of existing implementations. S. Discussions with Peter Racz.hig. which will be based in user as well as customer preferences and provider application markets. June 2002. Further work will be focused on the integration of a charging settlemtent entity. pp 1-59. RFC 3588. nents. Master thesis. pp 1-154. [12] C. while being in a foreign access network. 1. K.e-irg. May 2004. and Ruth del Campo (University of Stuttgart) in particular with respect to multidomain service provisioning and SAML issues are acknowledged kindly. Study Project Report. References [1] Akogrimo: Access to Knowledge through Grids in a Mobile World. Foster: What is the Grid? A Three Point Checklist. such as HPC clusters and computers. I. pp 1-18. pp 6-7.mobilegrids. Beardsmore. Vol. Buyya: GridBank: A Grid Accounting Services Architecture (GASA) for Distributed Systems Sharing and Integration. No. H. Nice. A. and flexible charging 2001. Hartley. the use the SAML approach and its respective IDTokens for authentication of users enables a certain degree of anonymity by the hiding of user's real identity from the provider. 12. 2. Calhoun. December 1983. Frogner. Foster: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. 71. Falkner. http:H www. No. The solution proposed. GridToday. Barmouta: Authorization andAccounting Services for the World Wide Grid. Laws. [8] technology-wise by an integrative effort of the various mechanisms discussed both for the A4C Server and Client compo- V.uk/-sjn5/GGF/ggf-rus-gsax-01. targeted at multi-service service provisioning platforms and spanning across several administrative domains. only A4C Servers need to be deployed in every service provider domain and each service is required to integrate an A4C Client. April 2003. Furthermore. for security purposes SAML Authorities are required in each administrative domain. 6. the A4C architecture proposed was implemented in key parts and successfully evaluated against a mobile grid scenario as well as major functional requirements. March 2006. M. [2] A. 7) Deployment The A4C architecture described is fully based on the Diameter protocol. L. J. [3] A. thus making the integration in existing network infrastructures easier. IEEE Conference Emerging Technologies and Factory Automation 2003.org/meetings/2005-NL/johngordon-accounting.Additionally. P. or accessing services provided by third parties. G. France. T. Acknowledgements This work has been performed partially in the framework of the EU IST project Akogrimo "Access to Knowledge through the Grid in a Mobile World" (FP6-2003-IST-2-004293).pdf. addresses on one hand those requirements of single sing-on.ac. Hawkins. June 2004. pp 1-30. On the other hand. Brisbane. [5] [6] [7] http://www. This is achieved by using IDTokens for authentication and having trust between different administrative domains. [11] I. the solution developed shows the first integrated approach on these subjects in a homogeneous architecture. IETF. May . Guttman. IDTokens also provide support for anonymity. J. S. 5) Multi-Service and Multi-Domain Support The support of accounting and charging across multiple domains is provided by the use of globally unique session IDs for all accounting sessions and by mapping them to service hierarchies. Proceedings of the IEEE. J. Parallel and Distributed Processing Symposium 2003 (IPDPS 2003). Vol. the A4C servers may inter operate between two different domains by applying standard Diameter protocol messages and exchanges. Zimmermann: The OSI Reference Model. 6) Roaming and Mobility The use of IDTokens and the trust relationship between different service providers allow users to authenticate. EU Research Project FP6-2003-IST-2-004293. University of Western Australia. 3.pdf. and on the investigation of detailed grid accounting and charging policies. while being charged by their home operator. anonymity. The A4C Server retrieves from this database the format of the accounting record expected whenever an accounting session is started. For each service an accounting record format is defined in the A4C Server database. [9] M. 2000. E. Magowan. Mandt. Vol.ic. Gordon: Accounting. 4) Single Sign-on Functionality The A4C architecture developed provides a key functionality for commercial applications: Single Sign-on. which is widely accepted by mobile operators. every domain may offer independent services or mobility support functions on their own. Int. Australia. which operates a customer database and which need to perform authentication. No. Day. CONCLUSIONS AND FUTURE WORK Driven by the key set of newly developed requirements on accounting and charging of electronic service provisioning in Mobile Dynamic Virtual Organizations forming the concrete instantiation of a mobile grid .doc.Where We Are. Finally. In addition. http://www. M. J. September 2002. Camarinha-Matos: Infrastructures for Virtual Organizations . Wethal: Cluster and Grid Computing: Accounting and Banking Systems. multi-service accounting. September 2003 J. S. August 2005. Thus. http://hovedprosjekter. on the integration with the architecture proposed into existing grid metering systems. Loughney. 1st IEEE/ACM International Symposium on Cluster Computing and the Grid.D. R. Lambadaris: An overview of pricing concepts for broadband ip networks. pp 1334-1340. September 2003.org.pdf. Zorn. 'the last A'.

ftp:Hftp. de Laat. August 2000. 05. Manageability and Accounting Subsystem. E. L. Vollbrecht.pdf. Jahnert. P. UAE. Academia/Industry Working Conference on Research Challenges 2000 (AIWoRC'00). http://www. Guarise. 4th International Workshop on Grid Computing 2003. RFC 2903. February 2005. Waldburger. L.org/. Seattle. Morariu. Piro. 2nd International Conference on Service Oriented Computing (ICSOC 2004). U. C. Dubai/Sharjah. pp 202-204. Wesner.net/english/SalernoMeeting/ GRASP%2OTutorial%2OFinal%20-/0o20Verdino. B. November 2003. Stiller. (VTC 2002). Flury: Management of Differentiated Services Usage by the Cumulus Pricing Scheme and a Generic Internet Charging System. 3. pp 290-302. [23] Y. Carle. Gardfjall.sun. [27] M. 0.A.aaaarch. Stiller: Grids in a Mobile World: Akogrimo's Network and Business Views. Reichl. Mullmo: An OGSA-based accounting system for allocation enforcement across HPC centers.. Vollbrecht. IEEE/IFIP Integrated Network Management Symposiums (IM 2001). Elmroth. 23. Alonistioti: Charging. M. Racz. A. J. . IFI Technical Report 2006. pp 279-288. New York.ch/pub/techreports/TR-2006/ifi-2006.S. May 14-16.comr. Stiller. K. P. New York City. Sandholm. [18] MySQL Website: http://www. Gross. pp 579-583. March 2006. Koutsopoulou. P.oasis-open. February 2000. 4th ACS/IEEE International Conference on Computer Systems and Applications (AICCSA-06). [24] B. [20] R. 0. Vol. Work in Progress. Kaloxylos. A. S. Karsten. IETF. [26] M.[13] The Grid-based Application Service Provision (GRASP) Project: GRASP Tutorial. Arizona.A.opendiame.ifi. B. [19] OpenDiameter Project Website: http://www.mysql. ter. [16] M. J. A..05.orglcommitteesI securityl. pp 3-8. M.org/drafts/irtf-aaaarch-session-id-00. Gommans. September 2002. April 2006. Spence: Generic AAA Architecture.unizh. March 2006. Phoenix. March 2006. Lee. D. U. A. [14] Java Website: http://java. [25] J. Schmitt. 2001. Gerke. pp 1-14.S. Computer Communication. Accounting and Billing as a Sophisticated and Reconfigurable Discrete Service for next Generation Mobile Networks. J. Zander. [21] SAML Homepage: http://www. Waldburger. March 2006 [22] T. Vancouver. Johnsson. Wolf: Charging for Packet-switched Network Communications Motivation and Overview. P. November 2004. Canada. G. G. Zseby: Session ID. USA. L. March 2006. April 2000. S. First Presentation: SLA Document. IEEE Semiannual Vehicular Technology Conference. B. [17] C. Werbrouck: An Economy-based Accounting Infrastructure for the DataGrid. Internet Draft. J. org/. Stiller: Toward the Mobile Grid: Service Provisioning in a Mobile Dynamic Virtual Organization. Y.txt. S. [15] M. P. Washington. T. Liao: Virtual Organizations: The Key Dimensions. http:Heu-grasp. No.ppt. Shao.