A structural and functional specification of a SCIM for service interaction management and personalisation in the IMS

The Internet Protocol Multimedia Subsystem (IMS) is a component of the 3G mobile network that has been specified by standards development organisations such as the 3GPP (3rd Generation Partnership Project) and ETSI (European Telecommunication Standards Institute). IMS seeks to guarantee that the telecommunication network of the future provides subscribers with seamless access to services across disparate networks. In order to achieve this, it defines a service architecture that hosts application servers that provide subscribers with value added services. Typically, an application server bundles all the functionality it needs to execute the services it delivers, however this view is currently being challenged. It is now thought that services should be synthesised from simple building blocks called service capabilities. This decomposition would facilitate the re-use of service capabilities across multiple services and would support the creation of new services that could not have originally been conceived. The shift from monolithic services to those built from service capabilities poses a challenge to the current service model in IMS. To accommodate this, the 3GPP has defined an entity known as a service capability interaction manager (SCIM) that would be responsible for managing the interactions between service capabilities in order to realise complex services. Some of these interactions could potentially lead to undesirable results, which the SCIM must work to avoid. As an added requirement, it is believed that the network should allow policies to be applied to network services which the SCIM should be responsible for enforcing. At the time of writing, the functional and structural architecture of the SCIM has not yet been standardised. This thesis explores the current serv ice architecture of the IMS in detail. Proposals that address the structure and functions of the SCIM are carefully compared and contrasted. This investigation leads to the presentation of key aspects of the SCIM, and provides solutions that explain how it should interact with service capabilities, manage undesirable interactions and factor user and network operator policies into its execution model. A modified design of the IMS service layer that embeds the SCIM is subsequently presented and described. The design uses existing IMS protocols and requires no change in the behaviour of the standard IMS entities. In order to develop a testbed for experimental verification of the design, the identification of suitable software platforms was required. This thesis presents some of the most popular platforms currently used by developers such as the Open IMS Core and OpenSER, as well as an open source, Java-based, multimedia communication platform called Mobicents. As a precursor to the development of the SCIM, a converged multimedia service is presented that describes how a video streaming application that is leveraged by a web portal was implemented for an IMS testbed using Mobicents components. The Mobicents SIP Servlets container was subsequently used to model an initial prototype of the SCIM, using a mUlti-component telephony service to illustrate the proposed service execution model. The design focuses on SIP-based services only, but should also work for other types of IMS application servers as well

Remote service discovery and control for ubiquitous service environments in next-generation networks

Doktorgradsavhandling i informasjons- og kommunikasjonsteknologi, Universitetet i Agder, Grimstad, 201

Remote service discovery and control for ubiquitous service environments in next-generation networks

Doktorgradsavhandling i informasjons- og kommunikasjonsteknologi, Universitetet i Agder, Grimstad, 201

Quality-driven resource utilization methods for video streaming in wireless communication networks

This research is focused on the optimisation of resource utilisation in wireless mobile networks with the consideration of the users’ experienced quality of video streaming services. The study specifically considers the new generation of mobile communication networks, i.e. 4G-LTE, as the main research context. The background study provides an overview of the main properties of the relevant technologies investigated. These include video streaming protocols and networks, video service quality assessment methods, the infrastructure and related functionalities of LTE, and resource allocation algorithms in mobile communication systems. A mathematical model based on an objective and no-reference quality assessment metric for video streaming, namely Pause Intensity, is developed in this work for the evaluation of the continuity of streaming services. The analytical model is verified by extensive simulation and subjective testing on the joint impairment effects of the pause duration and pause frequency. Various types of the video contents and different levels of the impairments have been used in the process of validation tests. It has been shown that Pause Intensity is closely correlated with the subjective quality measurement in terms of the Mean Opinion Score and this correlation property is content independent. Based on the Pause Intensity metric, an optimised resource allocation approach is proposed for the given user requirements, communication system specifications and network performances. This approach concerns both system efficiency and fairness when establishing appropriate resource allocation algorithms, together with the consideration of the correlation between the required and allocated data rates per user. Pause Intensity plays a key role here, representing the required level of Quality of Experience (QoE) to ensure the best balance between system efficiency and fairness. The 3GPP Long Term Evolution (LTE) system is used as the main application environment where the proposed research framework is examined and the results are compared with existing scheduling methods on the achievable fairness, efficiency and correlation. Adaptive video streaming technologies are also investigated and combined with our initiatives on determining the distribution of QoE performance across the network. The resulting scheduling process is controlled through the prioritization of users by considering their perceived quality for the services received. Meanwhile, a trade-off between fairness and efficiency is maintained through an online adjustment of the scheduler’s parameters. Furthermore, Pause Intensity is applied to act as a regulator to realise the rate adaptation function during the end user’s playback of the adaptive streaming service. The adaptive rates under various channel conditions and the shape of the QoE distribution amongst the users for different scheduling policies have been demonstrated in the context of LTE. Finally, the work for interworking between mobile communication system at the macro-cell level and the different deployments of WiFi technologies throughout the macro-cell is presented. A QoEdriven approach is proposed to analyse the offloading mechanism of the user’s data (e.g. video traffic) while the new rate distribution algorithm reshapes the network capacity across the macrocell. The scheduling policy derived is used to regulate the performance of the resource allocation across the fair-efficient spectrum. The associated offloading mechanism can properly control the number of the users within the coverages of the macro-cell base station and each of the WiFi access points involved. The performance of the non-seamless and user-controlled mobile traffic offloading (through the mobile WiFi devices) has been evaluated and compared with that of the standard operator-controlled WiFi hotspots

Integrating Context-Awareness in the IP Multimedia Subsystem for Enhanced Session Control and Service Provisioning Capabilities

The 3GPP-defined IP Multimedia Subsystem (IMS) is becoming the de-facto standard for IP-based multimedia communication services. It consists of an overlay control and service layer that is deployed on top of IP-based mobile and fixed networks. This layer encompasses a set of common functions (e.g. session control functions allowing the initiation/modification/termination of sessions) and service logics that are needed for the seamless provisioning of IP multimedia services to users, via different access technologies. As it continues to evolve, the IMS still faces several challenges including: the enabling of innovative and personalized services that would appeal to users and increase network operators' revenues; its interaction with other types of networks (e.g. wireless sensor networks) as means to enhance its capabilities; and the support of advanced QoS schemes that would manage the network resources in an efficient and adaptive manner. The context-awareness concept, which comes from the pervasive computing field, signifies the ability to use situational information (or context) in support to operations and decision making and for the provision of relevant services to the user. Context-awareness is considered to enhance users' experience and is seen as an enabler to adaptability and service personalization - two capabilities that could play important roles in telecommunication environments. This thesis focuses on the introduction of the context-awareness technology in the IMS, as means to enhance its session control and service provisioning capabilities. It starts by presenting the necessary background information, followed by a derivation of requirements and a review of the related work. To ensure the availability of contextual information within the network, we then propose an architecture for context information acquisition and management in the IMS. This architecture leverages and extends the 3GPP presence framework. Building on the capabilities of this architecture, we demonstrate how the managed information could be integrated in IMS operations, at the control and service levels. Showcasing control level integration, we propose a novel context-aware call differentiation framework as means to offer enhanced QoS support (for sessions/calls) in IMS-based networks. This framework enables the differentiation between different categories of calls at the IMS session control level, via dynamic and adaptive resource allocation, in addition to supporting a specialized charging model. Furthermore, we also propose a framework for enhanced IMS emergency communication services. This framework addresses the limitations of existing IP-based emergency solutions, by offering three main improvements: a QoS-enhanced emergency service; a context-aware personalized emergency service; and a conferencing-enhanced emergency service. We demonstrate the use of context awareness at the IMS service level using two new context-aware IMS applications. Finally, to validate our solutions and evaluate their performance, we build various proof-of-concept prototypes and OPNET simulation model

Decentralized Identity and Access Management Framework for Internet of Things Devices

The emerging Internet of Things (IoT) domain is about connecting people and devices and systems together via sensors and actuators, to collect meaningful information from the devices surrounding environment and take actions to enhance productivity and efficiency. The proliferation of IoT devices from around few billion devices today to over 25 billion in the next few years spanning over heterogeneous networks defines a new paradigm shift for many industrial and smart connectivity applications. The existing IoT networks faces a number of operational challenges linked to devices management and the capability of devices’ mutual authentication and authorization. While significant progress has been made in adopting existing connectivity and management frameworks, most of these frameworks are designed to work for unconstrained devices connected in centralized networks. On the other hand, IoT devices are constrained devices with tendency to work and operate in decentralized and peer-to-peer arrangement. This tendency towards peer-to-peer service exchange resulted that many of the existing frameworks fails to address the main challenges faced by the need to offer ownership of devices and the generated data to the actual users. Moreover, the diversified list of devices and offered services impose that more granular access control mechanisms are required to limit the exposure of the devices to external threats and provide finer access control policies under control of the device owner without the need for a middleman. This work addresses these challenges by utilizing the concepts of decentralization introduced in Distributed Ledger (DLT) technologies and capability of automating business flows through smart contracts. The proposed work utilizes the concepts of decentralized identifiers (DIDs) for establishing a decentralized devices identity management framework and exploits Blockchain tokenization through both fungible and non-fungible tokens (NFTs) to build a self-controlled and self-contained access control policy based on capability-based access control model (CapBAC). The defined framework provides a layered approach that builds on identity management as the foundation to enable authentication and authorization processes and establish a mechanism for accounting through the adoption of standardized DLT tokenization structure. The proposed framework is demonstrated through implementing a number of use cases that addresses issues related identity management in industries that suffer losses in billions of dollars due to counterfeiting and lack of global and immutable identity records. The framework extension to support applications for building verifiable data paths in the application layer were addressed through two simple examples. The system has been analyzed in the case of issuing authorization tokens where it is expected that DLT consensus mechanisms will introduce major performance hurdles. A proof of concept emulating establishing concurrent connections to a single device presented no timed-out requests at 200 concurrent connections and a rise in the timed-out requests ratio to 5% at 600 connections. The analysis showed also that a considerable overhead in the data link budget of 10.4% is recorded due to the use of self-contained policy token which is a trade-off between building self-contained access tokens with no middleman and link cost

FLUTE - File Delivery over Unidirectional Transport

Internet Engineering Task Force (IETF) Request for Comments: 6726This document defines File Delivery over Unidirectional Transport (FLUTE), a protocol for the unidirectional delivery of files over the Internet, which is particularly suited to multicast networks. The specification builds on Asynchronous Layered Coding, the base protocol designed for massively scalable multicast distribution. This document obsoletes RFC 3926

Service composition based on SIP peer-to-peer networks

Today the telecommunication market is faced with the situation that customers are requesting for new telecommunication services, especially value added services. The concept of Next Generation Networks (NGN) seems to be a solution for this, so this concept finds its way into the telecommunication area. These customer expectations have emerged in the context of NGN and the associated migration of the telecommunication networks from traditional circuit-switched towards packet-switched networks. One fundamental aspect of the NGN concept is to outsource the intelligence of services from the switching plane onto separated Service Delivery Platforms using SIP (Session Initiation Protocol) to provide the required signalling functionality. Caused by this migration process towards NGN SIP has appeared as the major signalling protocol for IP (Internet Protocol) based NGN. This will lead in contrast to ISDN (Integrated Services Digital Network) and IN (Intelligent Network) to significantly lower dependences among the network and services and enables to implement new services much easier and faster. In addition, further concepts from the IT (Information Technology) namely SOA (Service-Oriented Architecture) have largely influenced the telecommunication sector forced by amalgamation of IT and telecommunications. The benefit of applying SOA in telecommunication services is the acceleration of service creation and delivery. Main features of the SOA are that services are reusable, discoverable combinable and independently accessible from any location. Integration of those features offers a broader flexibility and efficiency for varying demands on services. This thesis proposes a novel framework for service provisioning and composition in SIP-based peer-to-peer networks applying the principles of SOA. One key contribution of the framework is the approach to enable the provisioning and composition of services which is performed by applying SIP. Based on this, the framework provides a flexible and fast way to request the creation for composite services. Furthermore the framework enables to request and combine multimodal value-added services, which means that they are no longer limited regarding media types such as audio, video and text. The proposed framework has been validated by a prototype implementation

Contribution to the modelling and evaluation of radio network slicing solutions in 5G

Network slicing is a key feature of 5G architecture that allows the partitioning of the network into multiple logical networks, known as network slices, where each of them is customised according to the specific needs of a service or application. Thus, network slicing allows the materialisation of multi-tenant networks, in which a common network infrastructure is shared among multiple communication providers, acting as tenants and each of them using a different network slice. The support of multi-tenancy through slicing in the Radio Access Network (RAN), known as RAN slicing, is particularly challenging because it involves the configuration and operation of multiple and diverse RAN behaviours over the common pool of radio resources available at each of the RAN nodes. Moreover, this configuration needs to be performed in such a way that the specific requirements of each tenant are satisfied and, at the same time, the available radio resources are efficiently used. Therefore, new functionalities that allow the deployment of RAN slices are needed to be introduced at different levels, ranging from Radio Resource Management (RRM) functionalities that incorporate RAN slicing parameters to functionalities that support the lifecycle management of RAN slices. This thesis has addressed this need by proposing, developing and assessing diverse solutions for the support RAN slicing, which has allowed evaluating the capacities, requirements and limitations of network slicing in the RAN from diverse perspectives. Specifically, this thesis is firstly focused on the analytical assessment of RRM functionalities that support multi-tenant and multi-services scenarios, where services are defined according to their 5G QoS requirements. This assessment is conducted through the Markov modelling of admission control policies and the statistical modelling of the resourc allocation, both supporting multiple tenants and multiple services. Secondly, the thesis addresses the problem of slice admission control by proposing a methodology for the estimation of the radio resources required by a RAN slice based on data analytics. This methodology supports the decision on the admission or rejection of new RAN slice creation requests. Thirdly, the thesis explores the potential of artificial intelligence, and specifically, of Deep Reinforcement Learning (DRL) to deal with the capacity sharing problem in RAN slicing scenarios. To this end, a DRL-based capacity sharing solution that distributes the available capacity of a multi-cell scenario among multiple tenants is proposed and assessed. The solution consists in a Multi-Agent Reinforcement Learning (MARL) approach based on Deep Q-Network. Finally, this thesis discuses diverse implementation aspects of the DRL-based capacity sharing solution, including considerations on its compatibility with the standards, the impact of the training on the achieved performance, as well as the tools and technologies required for the deployment of the solution in the real network environment.El Network Slicing és una tecnologia clau de l’arquitectura del 5G que permet dividir la xarxa en múltiples xarxes lògiques, conegudes com a network slices, on cada una es configura d’acord a les necessitats d’un servei o aplicació específic. Així, el network slicing permet la materialització de les xarxes amb múltiples inquilins, on una infraestructura de xarxa comuna es comparteix entre diferents proveïdors de comunicacions, que actuen com a inquilins i utilitzen network slices diferents. El suport de múltiples inquilins mitjançant l’ús del network slicing a la xarxa d’accés ràdio (RAN), que es coneix com a RAN slicing, és un gran repte tecnològic, ja que comporta la configuració i operació de múltiples i diversos comportaments sobre els recursos ràdio disponibles a cadascun dels nodes de la xarxa d’accés. A més a més, aquesta configuració s’ha de portar a terme de forma que els requisits específics de cada inquilí es satisfacin i, al mateix temps, els recursos ràdio disponibles s’utilitzin eficientment. Per tant, és necessari introduir noves funcionalitats a diferents nivells que permetin el desplegament de les RAN slices, des de funcionalitats relacionades amb la gestió dels recursos ràdio (RRM) que incorporin paràmetres per al RAN slicing a funcionalitats que proporcionin suport a la gestió del cicle de vida de les RAN slices. Aquesta tesi ha adreçat aquesta necessitat proposant, desenvolupant i avaluant diverses solucions pel suport del RAN slicing, que han permès analitzar les capacitats, requisits i limitacions del RAN slicing des de diferents perspectives. Específicament, aquesta tesi es centra, en primer lloc, en realitzar una anàlisi de les funcionalitats de RRM que suporten escenaris amb múltiples inquilins i múltiples serveis, on els serveis es defineixen d’acord amb els seus requisits de 5G QoS. Aquesta anàlisi es porta a terme mitjançant la caracterització de polítiques de control d’admissió amb un model de Markov i el modelat estadístic de l’assignació de recursos, ambdós suportant múltiples inquilins i múltiples serveis. En segon lloc, la tesi aborda el problema del control d’admissió de network slices proposant una metodologia per l¿estimació dels recursos requerits per una RAN slice, que es basa en la anàlisi de dades. Aquesta metodologia dona suport a la decisió sobre l’admissió o rebuig de noves sol·licituds de creació de RAN slices. En tercer lloc, la tesi explora el potencial de la intel·ligència artificial, concretament, de les tècniques de Deep Reinforcement Learning (DRL) per a tractar el problema de la compartició de capacitat en escenaris amb RAN slicing. Amb aquest objectiu, es proposa i s’avalua una solució de compartició de capacitat basada en DRL que distribueix la capacitat disponible en un escenari multicel·lular entre múltiples inquilins. Aquesta solució es planteja com una solución de Multi-Agent Reinforcement Learning (MARL) basat en Deep Q-Network. Finalment, aquesta tesi tracta diversos aspectes relacionats amb la implementació de la solució de compartició de capacitat basada en DRL, incloent-hi consideracions sobre la compatibilitat de la solució amb els estàndards, l’impacte de l’entrenament de la solució al seu comportament i rendiment, així com les eines i tecnologies necessàries per al desplegament de la solució en un entorn de xarxa real.El Network Slicing es una tecnología clave de la arquitectura del 5G que permite dividir la red en múltiples redes lógicas, conocidas como network slices, que se configuran de acuerdo a las necesidades de servicios y aplicaciones específicas. Así, el network slicing permite la materialización de las redes con múltiples inquilinos, donde una infraestructura de red común se comparte entre diferentes proveedores de comunicaciones, que actúan como inquilinos y que usan network slices diferentes. El soporte de múltiples inquilinos mediante el uso del network slicing en la red de acceso radio (RAN), que se conoce como RAN slicing, es un gran reto tecnológico, ya que comporta la configuración y operación de múltiples y diversos comportamientos sobre los recursos radio disponibles en cada uno de los nodos de la red de acceso. Además, esta configuración debe realizarse de tal manera que los requisitos específicos de cada inquilino se satisfagan y, al mismo tiempo, los recursos radio disponibles se utilicen eficazmente. Por lo tanto, es necesario introducir nuevas funcionalidades a diferentes niveles que permitan el despliegue de las RAN slices, desde funcionalidades relacionadas con la gestión de recursos radio (RRM) que incorporen parámetros para el RAN slicing a funcionalidades que proporcionen soporte a la gestión del ciclo de vida de las RAN slices. Esta tesis ha abordado esta necesidad proponiendo, desarrollando y evaluando diversas soluciones para el soporte del RAN slicing, lo que ha permitido analizar las capacidades, requisitos y limitaciones del RAN slicing desde diversas perspectivas. Específicamente, esta tesis se centra, en primer lugar, en realizar un análisis de funcionalidades de RRM que soportan escenarios con múltiples inquilinos y múltiples servicios, donde los servicios se definen según sus requisitos de 5G QoS. Este análisis se lleva a cabo mediante la caracterización de políticas de control de admisión mediante un modelo de Markov y el modelado a nivel estadístico de la asignación de recursos, ambos soportando múltiples inquilinos y múltiples servicios. En segundo lugar, la tesis aborda el problema del control de admisión de network slices proponiendo una metodología para la estimación de los recursos radio requeridos por una RAN slice que se basa en análisis de datos. Esta metodología da soporte a la decisión sobre la admisión o el rechazo de nuevas solicitudes de creación de RAN slice. En tercer lugar, la tesis explora el potencial de la inteligencia artificial, y en concreto, de las técnicas de Deep Reinforcement Learning (DRL) para tratar el problema de compartición de capacidad en escenarios de RAN slicing. Para ello, se propone y evalúa una solución de compartición de capacidad basada en DRL que distribuye la capacidad disponible de un escenario multicelular entre múltiples inquilinos. Esta solución se plantea como una solución de Multi-Agent Reinforcement Learning (MARL) basado en Deep Q-Network. Finalmente, en esta tesis se tratan diversos aspectos relacionados con la implementación de la solución de reparto de capacidad basada en DRL, incluyendo consideraciones sobre su compatibilidad con los estándares, el impacto del entrenamiento en el comportamiento y rendimiento conseguido, así como las herramientas y tecnologías necesarias para su despliegue en un entorno de red real.Postprint (published version

An investigation into interoperable end-to-end mobile web service security

The capacity to engage in web services transactions on smartphones is growing as these devices become increasingly powerful and sophisticated. This capacity for mobile web services is being realised through mobile applications that consume web services hosted on larger computing devices. This thesis investigates the effect that end-to-end web services security has on the interoperability between mobile web services requesters and traditional web services providers. SOAP web services are the preferred web services approach for this investigation. Although WS-Security is recognised as demanding on mobile hardware and network resources, the selection of appropriate WS-Security mechanisms lessens this burden. An attempt to implement such mechanisms on smartphones is carried out via an experiment. Smartphones are selected as the mobile device type used in the experiment. The experiment is conducted on the Java Micro Edition (Java ME) and the .NET Compact Framework (.NET CF) smartphone platforms. The experiment shows that the implementation of interoperable, end-to-end, mobile web services security on both platforms is reliant on third-party libraries. This reliance on third-party libraries results in poor developer support and exposes developers to the complexity of cryptography. The experiment also shows that there are no standard message size optimisation libraries available for both platforms. The implementation carried out on the .NET CF is also shown to rely on the underlying operating system. It is concluded that standard WS-Security APIs must be provided on smartphone platforms to avoid the problems of poor developer support and the additional complexity of cryptography. It is recommended that these APIs include a message optimisation technique. It is further recommended that WS-Security APIs be completely operating system independent when they are implemented in managed code. This thesis contributes by: providing a snapshot of mobile web services security; identifying the smartphone platform state of readiness for end-to-end secure web services; and providing a set of recommendations that may improve this state of readiness. These contributions are of increasing importance as mobile web services evolve from a simple point-to-point environment to the more complex enterprise environment