[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Logical sessions vs. statement reconcilliation (was RE: )

To: "'Nelson, David'" <dnelson@enterasys.com>, radiusext@ops.ietf.org
Subject: RE: Logical sessions vs. statement reconcilliation (was RE: )
From: Avi Lior <avi@bridgewatersystems.com>
Date: Tue, 4 Jan 2005 15:30:22 -0500

Hi David,

> -----Original Message-----
> From: Nelson, David [mailto:dnelson@enterasys.com] 
> Sent: Tuesday, January 04, 2005 2:39 PM
> To: radiusext@ops.ietf.org
> Subject: Logical sessions vs. statement reconcilliation (was RE: )
> 
> 
> Avi Lior writes...
> 
> > When User-name is not available, CUI can be used to help
> > correalating related (shorter) accounting session into 
> > longer "user experienced session" that extend over multiple
> > disconnect and reconnect cases.
> 
> I think what this means is that the Home AAA might choose to 
> issue a one consistent value of the "user handle" (CUI) for a 
> number of authentication requests, and switch to issuing a 
> different consistent value after some session threshold has 
> expired, e.g. 24 hours after the initial "sign-up" for 
> service, or at 12:00 noon on each day of use, etc.

Yes. The number of authentication requests and when the switch happens will
be driven by the Service Level agreement and/or specified by an SDO for
their specific network (Eg., GSMA).

> This is not immediately in conflict with the notion that the 
> CUI value is sufficiently long-lived as to be useful for 
> billing purposes, but sufficiently short-lived as to protect 
> anonymity, when such is required. This is especially so as 
> the longevity issue is left as out-of-scope for the document.

Right.

> The grouping of accounting records by CUI value is very 
> similar to grouping of accounting records by User-Name value 
> -- typically a reconciliation process that leads to issuing 
> an itemized statement or bill, e.g. on a monthly basis.

Right.
 
> One question remains in my mind, however.  If the Home AAA 
> changes the CUI value for a given user on a (frequent) 
> logical session basis, how many CUI values will the Home AAA 
> need to remember as belonging to the given user, in order for 
> the end-of-month statement reconciliation process to be feasible? 


It will have to remember all of them.  Note though that we don't specify how
the CUI is generated.  The Home Network may only need to remember some
"parameters". For example, as long as the CUI value is unique it may be
consturucted by encrypting  the real user-identity (or an constant index to
the real user identity) plus a sequence number. So to recupe the identity,
during the reconcilliation phase it just needs to decrpypt the CUI and get
its answer.  You know what I mean.

So in deployments where the number of CUIs maybe a problem this strategy
maybe employed.
 
> 
> 
> --
> to unsubscribe send a message to 
> radiusext-request@ops.ietf.org with the word 'unsubscribe' in 
> a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
> 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: Re:
Next by Date: CUI - I'm happy
Previous by thread: Re: Logical sessions vs. statement reconcilliation (was RE: )
Next by thread: RE:
Index(es):
- Date
- Thread