AAA is the key to mobile WiMAX
The development of mobile WiMAX network technology is gathering pace, and it brings with it specific challenges, not the least of which is the need for a far superior form of authentication, authorization and accounting (AAA).
AAA is a vital function of any IP telecoms network, since it is the means by which customers' identities are validated, their access to specific services and levels of service is authorized and charging information is prepared.
The AAA server does not perform such functions in isolation, however, relying on interfacing and exchanging information - including policy-management, customer-profile and network-inventory data - with a number of other network elements.
Adding to the complexity is the need to validate the device being used to access the network. Some of the pressure to improve AAA functionality is coming from the diversity of end-user devices, and the problem of developing a robust AAA function in mobile WiMAX networks is exacerbated by the lack of a common standard for interoperability among different authentication methods in fixed-WiMAX networks.
With mobile WiMAX, users can roam across networks, not all of which would use the same authentication protocols, giving rise to the need for a common standard that is also backward-compatible with a range of authentication techniques.
"Fixed WiMAX, as well as Wi-Fi, can use RADIUS [remote authentication dial-in user service] AAA, extensible authentication protocol or a custom authentication method," Tyler Nelson, vice president of business development and marketing at Bridgewater Systems, told Informa Telecoms & Media. "With fixed WiMAX, authorization is carried out in ways similar to those used for common Wi-Fi deployments. However, given that there is currently no interoperability specification governing the use of AAA in fixed WiMAX, vendors have implemented their own custom specifications."
He added that network operators are able to take a proprietary approach because although end-users log on to different access points, they essentially use the same network, using devices approved by the operator. But that is not the case in a roaming situation.
"One of the crucial points about deploying AAA in a mobile WiMAX environment is key management, and this is done very differently in mobile WiMAX than it is other networks," Tyler said. He added that access keys - used in the process of authentication - are derived and distributed differently.
When the customer roams to another network, not only do the original keys have to be passed on to that network, but its authorization requirements have to be read and accommodated by the home network.
Another major difference is that the AAA server in a mobile WiMAX network must be able to remember key sequence numbers and previously generated keys. A typical AAA server does not need to maintain such knowledge, because keys are used only once.
One other important function of the AAA server is maintaining quality of service. Unlike the simplistic QoS support used in Wi-Fi, which largely relates only to specifying bandwidth rates, the AAA server in WiMAX must also be able to provide QoS parameters to various network elements, which are set up as part of the user profile during network authentication and authorization.
A customer could be subscribed to a number of different services, some of which - such as streaming video - might have specified bandwidth speeds, while others might be only best-effort services.
The AAA server needs to be able to differentiate among such services and pass the authorization back to the network so that the appropriate provisioning can be made. WiMAX's support for multiple traffic flows with different QoS characteristics enables efficient traffic management and segregation, which in turn enables the provision of service tiers and individual services, such as VoIP and video calling.
WiMAX is working to standardize these functions and is considering including specifications for AAA support for fixed and nomadic WiMAX in future versions of the standard. In the WiMAX Forum's NWG Stage 3 release 1.0.0 specification, AAA is specified as a basic building block, but the specification also includes some functions that are not typically supported in other AAA deployments, such as Wi-Fi. This version of the standard is focused on the use of AAA in mobile WiMAX, including support for mobile IP.
Bridgewater has had a carrier-grade AAA server on the market for over a year and says it is seeing increasing interest in the product. It has signed channel partnerships with Nortel, Alvarion and, most recently, Motorola.
Bridgewater announced at last month's Mobile World Congress in Barcelona that its AAA Service Controller had been upgraded to support 3GPP-compliant FMC deployments based on UMA, VCC and WLAN architectures, effectively making it access-network-technology-agnostic. Aptilo Networks also has on the market an AAA service controller, which it recently announced was compliant with WiChorus' Intelligent ASN Gateway, which also works with the Bridgewater product.
Bridgewater and Aptilo appear to be the only companies in the market offering AAA products for WiMAX, which is perhaps a sign of the complexity of the problems such products are designed to address. But given the importance of a robust AAA server in mobile-WiMAX-network architecture, that situation is likely to change very soon.
[get this widget]