You are on page 1of 10

An Integrated Accounting and Charging Architecture for Mobile Grids

Cristian Morariul, Martin Waldburgerl, Burkhard Stillerl,2

'University of Zurich, Department of Informatics IFI, Communication Systems Group CSG Binzmuihlestrasse 14, CH 8050 Zurich, Switzerland 2 Swiss Federal Institute of Technology ETH Zurich, TIK, Gloriastrasse 35, CH 8092 Zurich, Switzerland [morariulwaldburgerl stiller]@ifi.unizh.ch
The adoption of the Internet Protocol (IP) by a number of non-IP network operators, such as telecom or cable TV operators, opens the path toward new business models. IP will allow operators to provide a unified wired as well as wireless access to a wide range of services to their users. Additionally, using the same communication protocols and standard interfaces, enables different providers to coordinate any type of resources in Virtual Organizations (VO) and supports the composition of services aggregated across multiple domains. On one hand, such an open environment requires new business models to be adopted by the involved parties. On the other hand, Grid middleware infrastructure supporting integrated accounting, charging, pricing, and billing across multiple domains has to be in place to facilitate service provisioning in multiple VOs. Based on the relevant set of requirements derived, a new and extended A4C Architecture (Authentication, Authorization, Accounting, Auditing, Charging) has been developed, implemented, and evaluated for mobile Grids providing pervasive access to knowledge.

qualify here as a well-suited solution. In the same way as IP serves as an integration enabler for underlying protocols and access technologies, grids allow for an integration of various stand-alone services, offered by different providers, to be composed in applications. This demands for accounting and charging mechanisms, since various service providers need to charge service consumption if services are offered in a competitive environment. Several grid-related projects have designed and implemented accounting mechanisms for grid-services, such as APEL [8], DGAS [20], GASA [3], [12], GRASP [13], GSAX [4], Nimrod/G [2], and SGAS [22]. However, the key drawback with those approaches is that these solutions did propose and implement proprietary accounting and charging mechanisms only. Additionally, any interconnection of such accounting tasks with charging functions is not part of those solutions either. Thus, the accounting and charging architecture proposed within this paper extends existing work by far. The term Grid was traditionally used for defining a distributed high-performance computing (HPC) architecture. Computational and storage grids are the two examples everyone thinks Keywords: Mobile Grid, Accounting, Charging, A4C, about when dealing with this domain. However, more recently, Business Grid, IP-based Grid Services, Virtual Organization grid principles are not only applied to HPC, but are used for service virtualization [10] so that Virtual Organizations (VO) I. INTRODUCTION AND PROBLEM STATEMENT can be created by aggregating resources and services from difThe rapid growth of Internet penetration in the mobile com- ferent domains and different providers, irrespective of the munication market as well as the capabilities improvement of underlying infrastructure and protocols used in those different today's mobile devices offer new opportunities for existing domains. Taking the VO concept a step further, by granting technologies designed for traditional wired networks to be mobile or nomadic users pervasive access to knowledge, sets deployed on modern mobile communications platforms. Most the key focus for the work performed here and mobile grids in of the current research efforts on future mobile communication general. Such mobile grids need to integrate and harmonize various technologies adopt the Internet Protocol (IP) as the underlying communication protocol for video, voice, and data. The usage views of all actors involved in an operational VO. These views of IP will ease the process of integration of different communi- are expressed typically by business roles determining a cation infrastructures and will trigger the development of mid- player's specific behavior and requirements. In order to outline dleware services, such as AAA (Authentication, Authorization, the full range of organizational arrangements in providing Accounting), which offer their functionality to a broad range of mobile grid services in VOs, a comprehensive understanding of the underlying role model marks a prerequisite for the develapplications to be deployed. Integration of different access technologies as well as video, opment of the according accounting and charging architecture voice, and data services in an all-IP environment also paves the for mobile grids. Thus, the respective role model for mobile way towards offering of more complex services being com- grids has been developed in a first step, being described in this posed by basic services. This, however, requires an appropriate paper, to provide the basis for the charging and accounting service delivery platform to be in place, providing mechanisms technology developed in a second step, being described afterfor service delivery and service composition. Driven by the wards. Over the last few years multiple research efforts have been main concept of resource coordination across administrative domains and a strong service-orientation [11], grid systems performed on accounting, charging, and billing models for

1 -4244-0425-8/06/$20.00 ©2006 IEEE

charging and its associated processes.adapt changing context. an approach to design and implement a commercial is positioned logically on top of metering and accounting.2) VO Role Modelfor Electronic Service Provisioning In order to determine the full picture of service provisionferent business partners. which will be faced as the and Charging) are derived. conclusions are drawn and ideas for remain available even after temporary loss of reachability. Thus. the role model for integrate the specific characteristics of grid systems and mobile grid service provision in a VO is developed. and while running or yet to be initiated workflows adapt to changed conditions. and sesFrom an organizational point of view. a layered model and definition is used. Mobile Dynamic Virtual developed and presented in Section III. Grid middleware and the network. and a VOs. Based on both. a systems into account suggests an inspection of the VO conMobile Grid is communicating with the underlying network cept with respect to potential extensions or even fundamental in both directions enabling cross-layer cooperation between changes required.generic enough to reflect all stake holders incentives. Auditing. [16] compares existing accounting. such as multicast or exist. future extensions are discussed in Section V.scenario. the relevant accounting. Authorization. This assures seamless interoperability between dif. device. user. and presents well as with respect to dynamics. Sec. to which has to be supported by The remainder of this paper is structured as follows. Accounting. followed by an extensive Organizations "MDVOs are virtual organizations whose members are able functional evaluation of the architecture against a mobile to change locations while provided or consumed services grid scenario. while this model on the other hand has to prevailing in mobile grids. two worlds converge. general-pur. coming to the conclusion that there are still based networks use different terminologies with regard to multiple aspects to be addressed. Role Modelfor Mobile Dynamic VOs it supports all kind of mobility (such as device. the vider). Accordingly. each focusing on differingly. Furthermore. as Table 1 describes in detail. while B. A. charging. An overview of existing pricing schemes used in broadband IP networks is given in [9]. whereas the latter is proin a detailed manner selected implementation aspects. partly overlapping aspects [23]. while key challenges are shown. the extended architecture design is new. In accordance with the provisioning. goes beyond current state accountable and chargeable resource coordination ported.sample mobile grid scenario is depicted." [26] The architecture developed provides relevant mechanisms 1) Mobile Dynamic VO Nature to deploy grid applications in a mobile environment. Akogrimo domain of mobile grids. Accounting and Charging Terminology Those schemes are evaluated in terms of technical and ecoThe two worlds of mobile telecommunication and IPnomic efficiency. capture the specifics of each of the different entities involved. grid solution for service providers and telecom operators in but below billing. include as well the evaluation of the architecture against the and service mobility requires a grid system to dynamically scenario drawn for detailed motivation purposes. [6].main idea namely resource sharing and resource coordipose protocols and interfaces in order to deliver non-trivial nation across administrative borders [11] is reflected by and optimized Quality-of-Service (QoS) depending on the Virtual Organizations (VO). which is newly tionally are not reflected by VOs. defines mobile grids as follows: "A Mobile Grid consists out of resources that are not subject to centralized control.and charging-related terminol. By following the determining and implementing accounting and charging definition of [27]. Based on [24] and ing of virtual operators. ture (Authentication. AccordSeveral definitions for VOs exist. the main problem in a mobile business grid is found in ent. Section IV delivers (MDVO) are seen as extensions of VOs: major implementation details. Finally. and bill. [15]. VOs for grid systems are perceived as to mechanisms of mobile grid services in a multi-provider set"allow for information and communications technology-supting. one of the two only projects in the world so far address. On the other grid systems in the area of mobile grid resources and users as hand.as it is used in the context of commercial electronic service ing mobile grid support explicitly. of the art and embraces on one hand the identification of relacross administrative domains. The solution proposed here. but also for generating and sharing revenue. workflows and an accounting system that envisages adaptive tion II extracts as new work the relevant set of requirements context-based charging. where charging Thus. In other words. incorporating mechanisms evant key requirements on an accounting and charging archifor parameterizable secure authentication and authorization".telecommunication operators and ISPs (Internet Service Pro. This termisupport of mobile users has been undertaken in Akogrimo nology defines the understanding of accounting and charging [1]. ACCOUNTING AND CHARGING IN MOBILE GRIDS strong dynamic element with respect to their organizational Accounting and charging mechanisms have to be able to composition and their business processes" [27]. Mobility in terms of user. key requirements on the integrated A4C architecing mechanisms used by ISPs and mobile network operators. a role model is needed that is on one hand goal. so that MDVOs are characterized by a II. tecture for mobile grid services by means of a businessMobile grid systems show important extensions over fixed driven role model and a mobile grid scenario. the role model has to consider in the . Since mobility and dynamics tradifor the accounting and charging architecture. which voked by mobility support. the grid systems' sion) and communicates using standard. Towards this ing in MDVOs. This provides the basis for cover all composing elements for commercially offered elecan investigation of the specific organizational characteristics tronic services. not only for service provisioning. and to ogy in use has to be determined. open. Taking mobility aspects in grid current context of the resource or the user. those terms are also applied to the definition given by Foster for grid systems [11].

e. consisting of entities that * initiate service provisioning by explicitly expressing a demand for it (service requestor). For the offline charging mechanism. or any type of connections. the charging (i. the respective role set dealing with financial flows has to be included in the role model. and finally * offer and potentially also aggregate services (service provider). while in fact only aggregated electronic services. Prepaid charging influences the delivery of services to the customer. [15] Termimnuts Charging Unde*rstandig Charging calculates the charge for a given service consumption based on accounting records and the tariffs defined in the SLA. grid service provider.. and networking parameters. Nevertheless. service usage may be denied. Charging acts as an umbrella term for charging options and charging mechanisms.e.. resource consumption. Tariff or tariff function.g. e. most general form an as wide as possible range of grid services that in turn aim at high-level resource (i. Since these services are consid- . Prepaid/postpaid Charging Option ered to be commercial in terms of that they have to be charged to an entity. Even though those aspects are specific extensions of MDVOs over VOs. they do not alter the role of... such as communications provider. A real-word entity in terms of an actor can embody one or Accounting Charge Calculation Mediation Metering Pricing Pricing covers the specification and setting of prices for goods. LU-. Therefore. bundled in an application (potentially including additional benefits like warranty). are assumed to satisfy the characteristics of a full-fledged electronic product. while mapping technical values into monetary units. or content and application service provider. Metering determines the particular usage of resources within end-systems (hosts) or intermediate systems (routers) on a technical level. The role model does not explicitly reflect mobility or dynamics aspects. Mediation transforms these data into a form which can be used for storing and further processing. Online/offline Charging Mechanism |Service Customer| k-L i (. * are charged for service consumption (service customers).. This is caused by its generic nature: While mobility and dynamics show implications on MDVO business flows. including Quality-ofService (QoS). specifically networking resources and services in an open market situation. for applications.g.g. This process may combine technical considerations.g. With the prepaid charging option. the same basic role model is valid in both cases. e. independent of whether a service user is mobile or not. With the online charging mechanism. no strict time constraints concerning the processing time of charging (i. takes a set of accounting parameters as its input and outputs the charge to be paid for the particular value of those input parameters. composed services to be in place. Prices may be calculated on a cost/profit base or on the current market situation.e.. calls. Charging mechanisms are used to implement and realize charging options. management. This orthogonal separation helps to emphasize either on the more technical or economic aspects of charging.Table 1: Accounting and Charging Terminology [24]. Incorporating those requirements results in the basic role model for electronic service provision within VOs as it is shown in the form of an Entity Relationship diagram in Figure 1. Depending on the type service. a service user. service charges are aggregated on the user's account after service usage and the user is invoiced after a predefined period. charge calculation applies a given tariff to the data accounted for. Mediation is intended to filter. \ 7UV Billing Figure 1: Basic Role Model for Electronic Service Provision in Virtual Organizations The proposed role model has been drawn from an organizational viewpoint. Services are rather perceived as non-tangible goods with an assigned utility level (macroeconomic and accounting view) or as electronic products (marketing view). The role of a service provider will find in specific scenarios more concrete realizations. whereof A4C is one important part with regard to commercial service provision. applying tariffing theory or marketing methods. * consume the service results in terms of an electronic product (service user). charge calculation) has to be performed in realtime. Since the role model needs to support a wide range of commercial services and organizational arrangements. periodical credit checks during service usage are performed. e. The understanding of this role remains unchanged. knowledge) coordination. The term Service accordingly is not understood in a technical sense as a wellin a layered approach defined functionality that is offered through a service access point to a higher layer [7]. aggregate. the present gap between the respective service notions from a technical and businessdriven view has to be bridged in order to integrate both understandings what is implemented by means of the grid middleware. Coordinating and sharing knowledge requires the aggregation of basic services into more complex. With the postpaid charging option. e..g. the customer has to have a certain amount of credits prior to the service usage. charge calculation) are defined. Note that online charging implies that accounting and metering have to be done in real-time as well. and correlate raw technical data which in most cases has been collected by metering. only an at most generalized minimal role set has been expressed in Figure 1. Billing is the process of consolidating charging information on a per customer basis and delivering a certain aggregate of it to a customer. Charge Calculation covers the complete calculation of a price for a given accounting record and its consolidation into a charging record. billing provider. which has implications on the understanding of the terminology in use. e. and economical ones. Accounting defines summarized information (accounting records) in relation to a customer's service utilization. It is expressed in metered resource consumption.

With respect to compensation for service consumption. and SP2 that provides the necessary computation power for analyzing the real-time data received from different patients. This requires services and IC for the e-health application. the case of multiple users can be sub-divided in multicast services with more than one. NINO handles systems integration and runs the technical infrastructure. a wearable heart monitoring device. taking the roles of a service requestor. communication between these components needs to be secured. It also allows for the mapping of all service sessions to an initial authentication event. For the necessary resources to perform health monitoring services. user and customer in basic organizational alignments probably are taken by one organizational entity. a company that subscribed to this service with the service provider so that the company's employees would be informed on important changes and news. It should be the user who decides which level of anonymity she or he prefers: No the real identity of the user can be used in anonymity foreign domains. IC concluded a contract with a Mobile Network Operator (MNO) to get access to a large number of potential customers.B). user. One user only represents a unicast service. For instance. A SSO approach allows users to authenticate once and then use services across different domains. but specified number of users. while in more complex arrangements different actors play these roles. the roles of a service requestor. In commercial as well as in non-free service provision. service usage records and charging records. The service itself is requested by none (push service type) or one or multiple (pull service type) requestors. IC collaborates with two service providers. whereas either one or multiple service users exist. MNO takes the roles of a communications provider (for voice and data services) and of a billing provider. This division of tasks allows a user . Mobile Grid Scenario At this stage a realistic mobile-grid scenario has been developed to enable the reader an easy to understanding of interactions among different players as depicted in Figure 2 and of players involved in service provisioning and in revenue distribution. They address the middleware infrastructure related to A4C architecture an protocols as the main links between business and technology view on commercial service provisioning as follows: * C. Section II. an inteMobile Grid Scenario grated accounting infrastructure for a mobile grid is In the presented scenario.g. packets or flows. B2C B2B * Robustness of the architecture The A4C architecture should provide mechanisms to overcome faulty behavior of its components. while this service in the end will be charged to a third entity. the user. and more than one in case a cost splitting scheme is applied. the set of key requirements has been identified. SPI that provides database storage for patient records. for a pull-type service. The A4C Server in the home domain of the user should be the only network component capable to map between virtual and real user identities. such as user credentials. Requirements Driven by the investigated specific scenario and the underlying general role model. No service provider should have access to a users's real identity without the user's authorization. From a services viewpoint. whereas IC acts as a content and application service provider. Based on a B2B ts to have meaningful accountable units and QoS parameters * . full anonymity a new virtual identity is generated whenever a user requests a service from a foreign domain. For instance. a user's real identity should be protected. one service thus has exactly one service provider assigned. SPI and SP2 accordingly focus on their specific competencies in the role of grid service providers. and customer to have access to multiple services and still receiving a single aggregated bill for all the services used during a given period of time. For delivering this service. This device continuously monitors human heart activity and periodically sends data to a monitoring facility that based on a patient's historic records and other patterns in its database can detect when a heart condition is imminent. while for broadcast services the full range of potential users in reach are supplied. InsurerComp (IC) company just released its new service. thus applying the proposed role model (cf. Anonymity: When using services in domains other than the home domain. the user is assumed to maintain required to understand and manage a larger set of paramecontractual relationships both with MNO for communication ters and multiple accounting record formats.. e. * Multi-service and multi-domain accounting and charging Whereas in traditional networks accounting consists Figure 2: Actors and Contractual Relationships in the in counting the number of octets. at least one service customer must be present.in this scenario an individual. exactly one in case a full charging. Security Confidentiality: As the A4C components transfer sensitive data. while IC is concerned with direct customer relations and marketing activities of the e-health application.multiple roles. Unavailability of any component should have minimal impact on the user's possibility to access services or provider's ability to charge for service consumption. an authorized agent might trigger upon a certain threshold or event reached that updated stock market analyses are prepared by the service provider and sent to a second entity. pseudo anonymity a separate identity Inrrrf (virtual identity) for each domain needs to be created and used whenever a service is requested from that domain. Single Sign-On (SSO) Functionality A single action of authentication and authorization from the user should give access to all the services she or he is allowed to use. (Business-to-Business) relationship with IC. - D.

A4C ARCHITECTURE In response to those requirements listed above. For the communication between the SAML Authority and the A4C Server the SOAP protocol is used. i. The SAML Authority has been designed as an internal subcomponent of the A4C Server. The A4C Client is the counterpart of the A4C Server on the client side. that hold for all relevant levels. service usage accounting and charging. The solution presented in this paper will be later evaluated in Section IV. for load-balancing purposes or for distributing A4C tasks to specialized nodes. All nominated tasks are services offered to components located in the same domain as the A4C Server in question.e. Besides those specific requirements derived. its functionality. the SSO functionality is supported by the integration of a SAML (Security Assertion Markup Language) Authority component. a mobile grid accounting and charging architecture has to be flexible enough to support the full role model set. Besides these. transported over HTTP. SAML [21] is used to send security information in the form of authentication and attribute assertions to the mobile grid components. * Deployment For integrating an accounting and charging architecture for mobile grids in an existing infrastructure of a mobile operator compatible technologies need to be used. a SAML Authority is needed. It aims at supplying IDTokens and SAML assertions to the A4C Server. Figure 3: A4C Architecture Components III. access control to services. Besides these. All communication between A4C Server and A4C Client is based on the Diameter protocol [5]. and it should be based on existing adopted or upcoming standards in order to be accepted widely by MNOs. SAML provides an additional security block concerning high confidential information (such as authentication and attribute information of a user) in the A4C architecture. The A4C Server contacts the SAML Authority when it requires to generate IDTokens and to verify such tokens presented by different components. using any type of access network. Its main task is to give network or grid components access to A4C services. Starting from the the identified requirements. the architecture uses a logically centralized A4C Server in every domain. grid service as well as content level. particularly network.C against these requirements. For achieving this. Based on IETF (Internet Engineering Task Force) AAA standards. such as session handling or accounting. For having success a mobile grid should allow its services to be accessible from anywhere. As a clear must. access control to services. Thus. A. In order to provide support for SAML messaging. and collection of data required for service charging. The two most important components are the A4C Server and the A4C Client. Its task is to generate XML messages based on the SAML standard for sending authentication and attribute information in a secure manner. This process was performed partially in the context of the Akogrimo [1] project Therefore. All components of the A4C architecture are outlined in Figure 3. error notification.at hand. The central approach has to be seen only in the context of the architecture design. Additional tasks are the auditing of service consumption for QoS compliance and storing of user and service specific profiles. . A4C Servers also have to manage interdomain related tasks such as authentication and authorization of roaming users. or accounting and charging for service sessions spanning across multiple domains. Furthermore. The A4C Server is the central component of the architecture. Diameter provides support for delivery of AVPs (Attribute Value Pairs). and the section ends with an overview on how different QoS parameters can influence accounting mechanisms and charging policies. the A4C Server is one of the key components in a service provider's domain as it provides those mechanisms for user identification. extensibility through addition of new commands and AVPs and services necessary for applications. an A4C architecture for mobile grids was designed and prototypically implemented. The physical deployment of the A4C Server might include several physical nodes acting as A4C Servers. The accounting and charging components and protocols need to provide the mechanisms to aggregate accounting sessions from different administration domains and allow the aggregation of different service charges into a single bill. A more detailed view on the interactions between different components can be seen inFigure 4. the A4C Server keeps all internal data integer and consistent. A discussion about how inter-domain service composition is supported follows. Its main tasks cover authentication of users. key requirements and behaviors of AAA architectures as well as protocols are already standardized by the IETF and applied by network operators. Each service component that requires one of the functionality the A4C Server provides requires to integrate an A4C Client. * Roaming and Mobility Typical users of a mobile grid are customers of mobile network operators. A4C Architecture Design The A4C architecture presented in this paper is based on the generic AAA architecture [17] as defined by the IETF. Applications offered in a MDVO will most of the time aggregate services from multiple service providers. capabilities negotiation. an A4C architecture for mobile grids was designed and prototypically implemented on foundation of existing AAA standards. this section describes the main components of the A4C architecture. and protocols used for communication. SAML is a secure interoperable language used to share users' information from the A4C Server to other components in order to provide SSO capability to the user and to offer attribute sharing of the user to other components.

the OpenDiameter library was chosen for the core of the A4C architecture. but argues that flexible SLAs and QoS parameters are required for an inter-layer. The A4C Server and A4C Client are implemented in C++. which will generate an IDToken after authentication and send it via the A4C Server in the visited domain. An A4C session can be an authentication. an IDToken is generated and handed to the user who requested an authentication. B. The operating system used for development and testing of the A4C implementation is Linux. delay. The use of parent sessions requires a close coupling of the service component to the A4C Client in the sense that services are required to be aware of the session ID of the attached A4C accounting session ID. If everything is OK an accounting session ID is sent back to the metering component. the A4C Server is informed and a session record containing a summary of consumed resources and corresponding charges is created and sent to the A4C Server in the home domain of the user. as well as for auditing the SLA compliance. session hierarchies are created. based on previously defined policies. Domain B has enough information to charge the user for the consumed service in the foreign domain. To enable the integration of the A4C Client in grid components mainly developed in C++ and Java A4C Client interfaces are provided both. have to be addressed by the A4C architecture in a multi-domain service provisioning environment (cf. This paper does not address the mechanisms needed to signal. but only who can prove that the user is authenticated. it needs to contact an A4C Server for checking the validity of this IDToken. or accounting session for a running service session. The A4C Client sends an Accounting-Start-Request to the A4C Server of its own domain sing the Diameter protocol. The SAML Authority is implemented in Java. The IDToken is always generated in the home domain of the user. having a broader understanding of QoS than traditional throughput. The remainder of the sec- tion will emphasize major implementation decisions and . Whenever a service component receives an IDToken from a user. As soon as a user accessed the network (in the foreign domain) and was authenticated. These accounting records are encapsulated in Diameter messages and sent to the A4C Server in domain A. Multi-layer QoS Definition Both. The session record is sent using Diameter protocol. measure. shows impacts on the costliness of service provision. This request is also encapsulated in a Diameter message. jitter and loss will determine the basis for mobile grid architectures. QoS (Quality-of-Service) parameters for mobile grids will influence the accounting and charging mechanism with respect to context-based charging. thus. The IDToken can be used further by the user when requesting for services as a proof of authentication. Besides these individual expectations. are not standardized or commonly used so far. At this point. For instance. A4C Session Model For accounting and charging purposes. units. For better understanding.D). The A4C components keep track of the session hierarchies by using two techniques: uniquely identification of each A4C session and tracking the parent session of each session. For exemplification the network access service in a foreign domain has been chosen. If it proves to be valid. which embraces device and user context elements to be considered. Section lI. the A4C Server can return the real identity of the user or a virtual identity. An IDToken is information that can be linked to a previous authentication event. the set of QoS parameters for context-based charging needs to include the network. Session hierarchies have the purpose of keeping track of how multiple services interacted in order to assure the delivery of a more complex application. Each time an authentication is successful. the metering component periodically sends accounting records for user's session using the C++/Java interface provided by the A4C Client. During the service provisioning phase. the Charging component of the A4C Server in domain A can make a request to the A4C Server in the home domain of the user in order to check whether the user is authorized/able to pay for the service. Only on the networking level QoS parameters are widely understood to consist of the named parameters as they are presented in detail in the first section of Table 2 For the grid and the content level. If the user connects to the access network from a foreign domain the authentication request is forwarded to the home domain of the user. C. service sessions between service delivery components and users need corresponding A4C sessions between service management and monitoring components and the A4C Server. integrated architecture. IMPLEMENTATION AND EVALUATION For the prototypical implementation performed. The unique identifier is based on ongoing work performed in [25] and it is globally unique for each session. The respective sections in Table 2. Thus. as C++ and as Java interfaces. requirements for multi-service accounting and flexible charging mechanisms. while Domain A has the information required to charge Domain B B for the service session. the metering service starts uses the C++/Java interface provided by the A4C Client to start an accounting session for that user. and enforce the QoS at different layers. and content view. authorization. and then charged accordingly. The creation and transmission of this session record is the task of the charging component. Whenever services are automatically instantiated and aggregated by service composition entities. . so that service hierarchies across multiple domains can be formed. thus preventing other larger jobs from being accepted. If required. The IDToken does not reveal a user's real identity. Tracking of parent sessions assure that every service that was executed by a service provider can be linked to a session requested by a user. propose the complete set of parameters for the purpose of this work. since different customers will probably have different expectations on the service quality and they are ready to pay accordingly. Figure 4 shows in more detail how the accounting process is realized for a service started in a foreign domain in our proposed architecture. since guarantees given on one of these three levels influence the cost drivers of assigned accountable IV. grid services. if on grid level a considerable amount of main memory is reserved for one job request. In mobile grids. Once the session is terminated.Support for an SSO and anonymity is achieved by using IDTokens. those parameters.

The database is used by the A4C Server. e. tariff schemes. encoding) CPU Topol- ogy Reserved Throughput Memory Storage Confidentiality Integrity Anonymity Figure 4: Accounting Implementation Architecture in this paper a new authentication/authorization Diameter application was created as well as a new accounting application. service profiles. device type. Charging Module Authenticity Privacy A4C Databases Manager Policy Liability Encryption Contextspecific Guarantees Server Controller BASE SIP EAP SAML Auditing Non Rep Charging Acct Applicationspecific Guarantees DIAMETER Protocol Handler details of the A4C Server and the A4C Client.. and service sessions (such as user profiles.g. such as authentication in a foreign domain. color depth. A4C Server Implementation The A4C Server implements a set of applications (e. but any other database can be used as long as it implements the interface defined. or control of the inter-domain charging messages exchange.g.Table 2: Multi-layer Quality-of-Service Parameters Domain A (foreign domain) Access Router Domain B (home domain) Jitter Delay/ Latency Connection Availability lne variance or the expected dutrerence minimal and maximal datagram delay between the The time between an event and the expected effect The ratio of the time a system is functional and the summarized time intervals a system is functional and not functional Packet Loss The ratio of packets that arrived at the destination and the total amount of sent packets Throughput/ The amount of information units transmitted per Data Rate given time interval Response Time CPU Type The time between a grid service request and the arrival time of the expected response The relevant set of CPU architecture architecture characteristics.. A4C Client The A4C Client implements the client end of the respective applications in the A4C Server. services.g. The A4C Server controller defines a set of interfaces between different A4C Server modules for internal communication. It also handles inter-domain-related tasks. frames per second. the instruction set architecture in use The characteristic pattern of interconnections between single CPUs Guaranteed throughput. available exclusively for grid-related communication The available amount of main memory available for a process on a given grid resource for a given time period The available amount of background storage available for a process on a given grid resource for a given time period or for permanent storage The guarantee that only authorized entities are provided access to a given piece of infornation The guarantee that data or messages are not altered in any way The guarantee that data or messages are not linkable with an identifying element of an entity The proof of the data or message origin The possibility to restrict personal information about an individual or group of individuals from being distributed to unauthorized entities Availability of an entity that assumes legal responsibility for the delivered content The guarantee that content can be inspected only in the presence of the corresponding decrypting key Parameters that modify the quality degree of a service based on specific context information (e. The A4C Server is implemented in C++ and acts as a stand-alone application. but the possibility of using the Diameter protocol for the communication between the A4C Server and the SAML Authority is investigated. mood) Guarantees that are specific for an application or a group of applications. authentication. The implementation performed uses a MySQL database [18]. resolution. For the mobile-grid A4C implementation proposed Figure 5: Internal A4C Server Architecture The SAML Authority is implemented in Java [14] and the SOAP protocol is used for communication to the A4C Server. The internal architecture of the A4C Client (cf. and authentication and authorization logs) and a SAML Authority. presence. Figure 6) is quite similar to the inter- . Based on the command code included in the Diameter packet the message is forwarded to the proper module. The A4C Server includes two external components: a database which stores all information related to users.g. B. location. (e. The A4C Client is responsible to set the right command code in the Diameter request sent to the A4C Server. or charging) on top of the Diameter protocol. connection type. SOAP was used simply because of the current OASIS specifications for SAML. A. Diameter messages are pre-processed by the Diameter protocol handler as depicted in Figure 5 and delivered to the A4C Server module required to process the request. accounting. accounting and auditing records.

respectively. Based on this information.nal architecture of the A4C Server. Authentication and Authorization (AA) module It is involved in the processes of initial authentication. When the service session ends.> ~'" . Moreover multiple parallel sessions to different A4C Servers allows to load-balance the tasks of A4C infrastructure. Any change in the internal A4C mechanisms can be handled locally in the module they belong to. * tion process. After the service request is received. As grid services are typically implemented in Java. the IC can distribute to SPI and SP2 revenue received for the EH Service. all communication between the A4C Client and the A4C Server is handled by the OpenDiameter library. The EH (E-Health) monitoring service is started by connecting to the EH Service component in the IC domain and presenting the IDToken for proofing the authenticity of the user. the IC can obtain from the MNO the session ID generated for the authentica- 3) Security Security determines the important topic for all tasks performed by the A4C infrastructure. Intradomain A4C Session . Every service component integrates an A4C Client that connects to the A4C Server of the respective service provider domain. the next messages will be forwarded to one of the other servers from the same domain. The use of the Diameter protocol is fully in-line with those measures. Whenever a user connects to an access network of an MNO he is first authenticated and a network accounting session is started.*- i Money Flow MNO Figure 7: Heart Monitoring Scenario Network Architecture Figure 6: Internal A4C Client Architecture As seen in Figure 6. and service access authorization. Once charging records have been generated. The functionality of internal modules is made available to external applications through a set of interfaces. It shows the major difference that the control of different modules is not internally centralized. This section runs a qualitative evaluation of the architecture proposed against the scenario described in Section II. As A4C session IDs are globally unique. Thus. but it is outsourced to external applications through C++ and Java interfaces.i i M o ble . The use of TLS and IPSec assures the confidentiality and integrity of the control data transmitted.g. even the latest is executed in a different administrative domain. * Accounting module It creates accounting sessions and handles the accounting messages related to service sessions. the EH Service component using its A4C Client starts an accounting session and requests a new database access service instance from SPI and a new computation service instance from SP2. the two services from SPI and SP2 can be related to the EH service. C. Based on those charging records received. they are sent to IC. price) and are required for later billing. The charging records contain information related to a service session (e.. SPI and SP2 apply their own charging schemes on the accounted for data and generate charging records for each of the two services separately. This way a single point of failure is avoided and the basic robustness of the A4C server infrastructure is achieved. any service request in the IC domain can be related to an authentication process. communication between A4C Servers and Clients can be secured by using dedicated IPSec and Transport Layer Security (TLS) channels between these components.. C++ and Java. three major modules for handling messages are implemented: * Auditing module It handles auditing related tasks as non-repudiation of messages or event notifications. Interdomain A4C Session 1 Service Session . Each domain operates an A4C Server that performs access control. accounting and charging for service sessions that are executed inside the domain. this A4C Client implementation uses the Java Native Interface (JNI) concept and offers interfaces to the A4C Client library in both. 1) Scenario Mapping Figure 7 depicts the network architecture used in the presented scenario. on the other hand. include the costs of the two subservices in the price of the EH Service. Evaluation 2) Robustness of the Architecture Each service component maintains through its A4C Client permanent connectivity with several A4C Servers at the same time. summary of accounting data. the IC can. without any impact on external applications or other modules. IDToken validation. Based on the IDToken. on one hand. The A4C Client is implemented in C++ and deployed as a Linux shared library. In case the server who is serving a current client becomes unavailable. Charging records are generated by the A4C Server of SPI and SP2. . All requests for the two subservices contain the accounting session ID of the EH Service. SPI and SP2 account separately for their services based on their own policies and relate their accounting sessions to the session ID received from IC. and. service session duration.C and all major identified requirements of the A4C. On top of this.

the solution developed shows the first integrated approach on these subjects in a homogeneous architecture. September 2003 J. Extensions of the base protocol are specified and can be added on top of existing implementations. Acknowledgements This work has been performed partially in the framework of the EU IST project Akogrimo "Access to Knowledge through the Grid in a Mobile World" (FP6-2003-IST-2-004293). or accessing services provided by third parties. http://hovedprosjekter. Gordon: Accounting. Twigg: GSAX Grid Service Accounting Extensions. 5) Multi-Service and Multi-Domain Support The support of accounting and charging across multiple domains is provided by the use of globally unique session IDs for all accounting sessions and by mapping them to service hierarchies. References [1] Akogrimo: Access to Knowledge through Grids in a Mobile World. pp 1-154. pp 1-18. Mandt. J. pp 1334-1340. Finally. Camarinha-Matos: Infrastructures for Virtual Organizations . Wethal: Cluster and Grid Computing: Accounting and Banking Systems. Calhoun. multi-service accounting. and on the investigation of detailed grid accounting and charging policies. 4) Single Sign-on Functionality The A4C architecture developed provides a key functionality for commercial applications: Single Sign-on. Further work will be focused on the integration of a charging settlemtent entity. 7) Deployment The A4C architecture described is fully based on the Diameter protocol. Foster: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. Thus. Magowan. June 2004. P. No. S. [12] C. only A4C Servers need to be deployed in every service provider domain and each service is required to integrate an A4C Client. [2] A. David Hausheer (University of Zuirich). the use the SAML approach and its respective IDTokens for authentication of users enables a certain degree of anonymity by the hiding of user's real identity from the provider. March 2006. 12. such as HPC clusters and computers. 3. Laws. Buyya: GridBank: A Grid Accounting Services Architecture (GASA) for Distributed Systems Sharing and Integration. [5] [6] [7] http://www. May 2005. RFC 3588. May . September 2003. 2. [3] A. Loughney. IEEE Conference Emerging Technologies and Factory Automation 2003.uk/-sjn5/GGF/ggf-rus-gsax-01. 1.hig. which will be based in user as well as customer preferences and provider application markets. http://www. On the other hand. Study Project Report.pdf. August 2005.no/v2004/data/gruppeO5/files/ cgc2004_report. [8] technology-wise by an integrative effort of the various mechanisms discussed both for the A4C Server and Client compo- V. Barmouta. 1st IEEE/ACM International Symposium on Cluster Computing and the Grid. Guttman. [10] I.Where We Are. while being charged by their home operator. This is achieved by using IDTokens for authentication and having trust between different administrative domains. Hawkins. [11] I. S. Vol. and Ruth del Campo (University of Stuttgart) in particular with respect to multidomain service provisioning and SAML issues are acknowledged kindly. 6. 71.ic. The A4C Server retrieves from this database the format of the accounting record expected whenever an accounting session is started. pp 6-7. L. Workshop Presentation. this paper presented a new and extended A4C architecture for accounting and charging of such mobile grid services. J. addresses on one hand those requirements of single sing-on. Discussions with Peter Racz. June 2002. [4] A. while being in a foreign access network. April 2003.e-irg. EU Research Project FP6-2003-IST-2-004293. IEEE Communications Review. Day. http:H www.org. France. R.pdf.ac. Brisbane. A. December 1983.org/meetings/2005-NL/johngordon-accounting. University of Western Australia. GridToday. Barmouta: Authorization andAccounting Services for the World Wide Grid. September 2002. Lambadaris: An overview of pricing concepts for broadband ip networks. No. Thus. pp 1-59. thus making the integration in existing network infrastructures easier. nents. J. for security purposes SAML Authorities are required in each administrative domain. In addition. Furthermore. Proceedings of the IEEE. M. M. anonymity. pp 1-30. For each service an accounting record format is defined in the A4C Server database. Devetsikiotis. and flexible charging 2001.D. Vol. CONCLUSIONS AND FUTURE WORK Driven by the key set of newly developed requirements on accounting and charging of electronic service provisioning in Mobile Dynamic Virtual Organizations forming the concrete instantiation of a mobile grid .Additionally. I. J. the A4C servers may inter operate between two different domains by applying standard Diameter protocol messages and exchanges. Master thesis. E. 2000. which will enable grid service providers to bill for their service in an integrated manner.doc. Frogner. the A4C architecture proposed was implemented in key parts and successfully evaluated against a mobile grid scenario as well as major functional requirements. Australia. IETF. K. Falkner. IDTokens also provide support for anonymity. [9] M. targeted at multi-service service provisioning platforms and spanning across several administrative domains. 'the last A'. Beardsmore. Int. Zimmermann: The OSI Reference Model. G. Arkko: Diameter Base Protocol. H. No.mobilegrids. Hartley. May 2004. which is widely accepted by mobile operators. Nice. Zorn. 6) Roaming and Mobility The use of IDTokens and the trust relationship between different service providers allow users to authenticate. T. which operates a customer database and which need to perform authentication. S. Foster: What is the Grid? A Three Point Checklist. on the integration with the architecture proposed into existing grid metering systems. The Diameter protocol provides support for creating roaming-aware A4C applications. Vol. Parallel and Distributed Processing Symposium 2003 (IPDPS 2003). The solution proposed.pdf. every domain may offer independent services or mobility support functions on their own.

February 2005. P. Gerke. Gommans. [17] C. Alonistioti: Charging. November 2004. Morariu. A. Johnsson. B. Phoenix.S. Accounting and Billing as a Sophisticated and Reconfigurable Discrete Service for next Generation Mobile Networks. Vollbrecht. [14] Java Website: http://java. 3. [26] M. Piro. [19] OpenDiameter Project Website: http://www. Sandholm.org/. Stiller. J. Internet Draft. S. [23] Y. IEEE/IFIP Integrated Network Management Symposiums (IM 2001). Arizona. Spence: Generic AAA Architecture. USA. Canada..pdf. New York. Gardfjall. Work in Progress. Guarise. May 14-16. Racz. Manageability and Accounting Subsystem. M. 0. S. J. IFI Technical Report 2006. [27] M. New York City. Stiller: Toward the Mobile Grid: Service Provisioning in a Mobile Dynamic Virtual Organization. 2nd International Conference on Service Oriented Computing (ICSOC 2004). E. [16] M. pp 202-204. Vol. Lee. L.opendiame. Stiller.05.comr. http:Heu-grasp. Gross. A.orglcommitteesI securityl. Y.oasis-open. pp 279-288. Vollbrecht. D. A. P. de Laat. U. pp 579-583. April 2000. Reichl. Mullmo: An OGSA-based accounting system for allocation enforcement across HPC centers.mysql. Waldburger. S. B. 0. K. J. ftp:Hftp.org/drafts/irtf-aaaarch-session-id-00. Shao. UAE. Elmroth.aaaarch. IEEE Semiannual Vehicular Technology Conference. . P. March 2006. org/.A. L.net/english/SalernoMeeting/ GRASP%2OTutorial%2OFinal%20-/0o20Verdino. G. Liao: Virtual Organizations: The Key Dimensions. RFC 2903.txt. [24] B. Computer Communication. March 2006. J. Koutsopoulou.[13] The Grid-based Application Service Provision (GRASP) Project: GRASP Tutorial. C. [15] M. [21] SAML Homepage: http://www. G. March 2006 [22] T. Wolf: Charging for Packet-switched Network Communications Motivation and Overview.ifi. P. A. Zseby: Session ID. March 2006.sun. Academia/Industry Working Conference on Research Challenges 2000 (AIWoRC'00). (VTC 2002). November 2003. No. Washington. Werbrouck: An Economy-based Accounting Infrastructure for the DataGrid. Carle. Seattle. [20] R.ppt. Vancouver. 4th ACS/IEEE International Conference on Computer Systems and Applications (AICCSA-06). ter. August 2000. pp 1-14. February 2000.unizh. http://www. 05. Schmitt. pp 290-302. Wesner. IETF. 2001. P. Waldburger. Karsten.S. September 2002. L. Kaloxylos. U. Dubai/Sharjah. 4th International Workshop on Grid Computing 2003. 23. M. [25] J. [18] MySQL Website: http://www.. April 2006. Stiller: Grids in a Mobile World: Akogrimo's Network and Business Views.A. Jahnert.ch/pub/techreports/TR-2006/ifi-2006. Flury: Management of Differentiated Services Usage by the Cumulus Pricing Scheme and a Generic Internet Charging System. T. B. March 2006. pp 3-8. First Presentation: SLA Document. Zander.