AUTOMATED SLA NEGOTIATION FOR WIRELESS UBIQUITY
A Secure Approach
Les Green
Faculty of Information Technology,University of Technology, Sydney, P.O. Box 123, Broadway, NSW, Australia
Keywords: Billing, Ubiquity, Authentication, Speculation.
Abstract: This document explores the financial system for automatically negotiated service level agreements. Focus is
placed on billing and a solution is proposed based on autonomous, negotiating agents. Security, non-
repudiation and authentication issues are addressed, along with the role of speculation and aggregation
within the system.
1 INTRODUCTION
New Generation Networks attempt to offer
additional benefits to both consumers and providers
in the telecommunication value chain. They are
designed to enhance End User Quality of Experience
(QoE) by providing greater choice of services,
breaking the traditional fixed service offerings and
allowing the user to do what they want, when they
want, where they want at a given price. Service
Providers stand to benefit from these customised
service offerings through the ability to gain
additional income from the value added services.
Research has suggested (Cushnie et al., 2000)
that the current cost of providing and maintaining a
mobile network billing system may be anything up
to 50% of the total infrastructure investment and
annual turnover. Seamless, automated billing which
can provide added value to the service delivery
chain is therefore a large concern for current and
new generation network operators.
This document discusses a billing framework to
support the delivery of customised Service Level
Agreements; addressing security, authenticity and
validity of the different entities involved in the
economic system.
This work is part of a greater project exploring
service ubiquity through electronic negotiation,
titled “Managing Quality of experience Delivery In
New generation telecommunication networks with
E-negotiation” (QDINE)
1
.
1
http://qdine.it.uts.edu.au
Section 2 discusses the problem background and
the role of aggregators and speculators in a billing
system, a solution is proposed in section 3 ,
highlighting the interactions between actors in the
system. Section 4 introduces future work.
2 THE PROBLEM
Within ubiquitous service availability, an end user is
free to roam within the constraints of possible
network connectivity. Consequently, application
services utilized by end users may be delivered via
any number of network service domains. The owner
of each domain involved in the delivery path at any
given point in time will want to be reimbursed for
the services it has provided.
Previous work towards a Service Level
Agreement (SLA) negotiation framework (Green,
2004)(CADENUS , 2004) provides a cascading
model for user billing domains. A benefit of the
cascaded service agreement model is that an end
user need only be concerned with billing between
itself and the domain to which it is directly
connected. Additionally, only domains which offer
end user connectivity need to support user billing.
Users desire simplicity and predictability
(Nielsen, 2000). In terms of billing, an end user will
not want to pay individually each domain which has
provided (a fraction of) a network service. This
opens the way for billing aggregators and
speculators. Billing aggregators package provided
services into one bill whilst speculators speculate on
101
Green L. (2006).
AUTOMATED SLA NEGOTIATION FOR WIRELESS UBIQUITY - A Secure Approach.
In Proceedings of the International Conference on Wireless Information Networks and Systems, pages 101-107
Copyright
c
SciTePress
future costs and so quote a fee for some future
period. Say the next six months. Section 3.4
discusses the role of speculation in greater depth.
A player may be both an aggregator and a
speculator, with end users appointing such a player
to manage billing on their behalf. Given a larger
buying power than a single end user, the speculator
or aggregator, following referred to as a Billing
Provider may negotiate for bulk rates from network
providers. A billing provider may be a user's home
network service provider or a third party billing
provider.
Additional advantages for billing providers are
also possible, such as the ability to offset loss and
form strategic alliances. Such alliances may provide
free partner traffic or other incentives, and may give
greater marketing leverage to billing providers.
The way in which an end user is charged by, and
pays the billing provider is tied directly to the
marketing strategy chosen and therefore unspecified.
However, the way in which a billing provider is
charged from service providers for services used by
an end user is the interesting research point that is
addressed here.
With the increase of global wireless connectivity
via a multitude of available access technologies,
both in the licensed and unlicensed radio
frequencies, it is not feasible for a billing provider to
have pre-negotiated service agreements with every
possible network access provider around the world
into which an end user could roam. Ubiquitous
service availability may require user connectivity
from a domain with which a billing provider is
unfamiliar. We are left with issue of establishing a
valid billing path for a service.
3 A POSSIBLE SOLUTION
In consideration of the above requirements, a
method is proposed whereby an end user, or more
precisely a user agent is responsible for negotiating
service contracts autonomously, and is supported by
a means to verify its trust in an unknown network.
Every user has an associated Billing Provider, whose
status as a trusted and reliable player is generally
known. The Billing Provider is responsible for
authenticating the user agent to foreign networks as
required.
Many business processes occur to deliver valid bills
to end users for a particular service. The financial
system in telecommunications networks can be
broadly defined as the following path.
Pricing Accounting Charging Billing Payment
Pricing is the process in which a concrete pricing
model instance for the use of a particular service is
defined. Accounting involves recording use of a
particular service. Charging is concerned with
generating costs based on the pricing model and
service accounting data. Billing is the process of
delivering those costs to the consumer of the service
or resource. Finally the consumer must pay the
provider for a given service.
This paper discusses the pricing and billing
components of this chain. The accounting, charging
and payment components are also important but are
not discussed here due to space constraints.
3.1 Billing Security
An electronic bill for some good or service is worth
no more than the cyber space it occupies, unless all
parties concerned can be sure of the bill's
authenticity. To ensure an accurate and valid billing
process, many requirements must be met to produce
and deliver authentic bills.
1. All parties must be Authenticated
2. The Agreements must be valid and binding
3. The charges must be verifiable
4. When required, communication must be secure
and Non-Repudiable.
Accordingly, the billing framework is designed
with security, authentication and verification as a
primary influence.
3.2 User Authentication
Borrowing from Internet Single Sign On (SSO)
technologies(Josephson et al., 2004)(The Java Open
Single Sign-On Project, url), the following User
Agent authentication model is proposed, based on
asymmetric encryption(Hellman, 2002)(Kaliski,
1993). Refer to Figure 1 for a diagram of the below
Figure 1: User Authentication.
WINSYS 2006 - INTERNATIONAL CONFERENCE ON WIRELESS INFORMATION NETWORKS AND SYSTEMS
102
points.
1. The user generates a public and private key pair
and registers the public key with the Billing
Provider. This step only happens once and may
be performed manually by the user via a web
interface on the billing provider's website or by
any other means.
User public keys remain valid throughout a
specific time period. All entities in the negotiation
environment should have synchronised clocks
within a broad tolerance to ensure correct
authentication. This requirement is easily
satisfiable using the existing and widely used
network time protocol (Mills, 1992).
2. When a user agent wants authorisation to request
services from a provider, it creates a User
Authorisation Request (Figure 2) comprised of its
billing provider details and customer identifier
and sends it to the service provider.
3. At this point, the Authorisation request may be
rejected by the service provider for any reason
such as a banned billing provider or maybe
because the service provider is simply too busy.
4. The service provider then builds a User
Authentication Request (Figure 3) from the
original signed User Authorisation Request and
includes a request for the Billing Provider's
Identity Credentials (Digital Certificate) if the
identity of the billing provider is not known in
advance. The Authentication Request is then sent
to the billing provider.
5. The billing provider checks the User
Authentication Request by validating the
signature on the enclosed User Authorisation
Message against the stored public key on the
customer record.
6. If user authentication is successful, the Billing
Provider returns a Success Message (Figure 4)
bundled with the user's public key and a Service
Provider Billing Authorisation which authorises
the Service Provider to issue bills for the supplied
public key. The Billing Provider's credentials are
also supplied if initially requested, to certify the
billing provider's identity.
The billing provider must, for each customer,
maintain a list of Service Providers which have
been authorised as billers for the particular
customer's public key. This is to ensure that if for
some reason the customer's purchasing rights are
revoked, or the secrecy of the private key
associated with the public key has been breached,
the Billing Provider can contact each Service
Provider to revoke the public key.
The Billing Provider must receive proof from
each Service Provider it has registered as an
authorised biller that it has acknowledged the
revocation of the public key. One appropriate
means of non-repudiation is through the use of
digitally signed messages in concert with valid
Digital Certificates. A Billing Provider cannot
claim it did not have a particular service provider
registered as a recipient of a key because the User
Authorisation Success Message provides a
digitally signed proof that a service provider was
given authorisation to send the billing provider
bills signed by a particular public key.
7. Upon receiving a success message, the service
provider validates the billing provider's
credentials. The returned user's public key is used
to validate the signature from the initial User
Authorisation Request received from the User
Agent. On successfully passing authorisation, a
billing path for future services is established, and
Figure 3: User Authorisation Request
Figure 2: Authentication Success Message
Figure 4: User Authentication Request.
AUTOMATED SLA NEGOTIATION FOR WIRELESS UBIQUITY - A Secure Approach
103
the user can proceed to request services from the
provider.
Users' public keys are stored by service
providers for use in validating future Service
Level Agreement (SLA) requests. In this way, the
service provider need not validate with the billing
provider for each SLA provisioned.
3.3 Pricing
Pricing is concerned with generating the instantiated
values to be used within a charging model.
Pricing of service level agreements in the
QDINE framework is not limited to one specific
pricing mechanism. The pricing mechanism for any
particular SLA instance is encapsulated within
prices quoted on the SLA.
The actual mechanisms used to generate
individual prices to be used in an SLA offer are
implementation specific. The QDINE project has
developed an intelligent pricing mechanism based
on limited supply and the pre-emptive capability of
differentiated service networks(Debenham, 2004)
for use in testing the billing framework. The pricing
mechanism adopted by a service provider will be
based around that service provider's business model.
The billing framework is designed to be independent
of any specific pricing mechanism.
3.4 Speculation
Speculation can play a major part in pricing of any
good or service. To understand the role speculation
may play in the QDINE project, existing
telecommunication trading is examined.
Beginning around 1998, bandwidth commodity
markets such as Band-X (Band-X), Arbinet
(Arbinet) and Bandwidth Market Ltd (Bandwidth
Market) have emerged, trading point to point
bandwidth as a commodity on an open market.
Unlike the majority of traded commodities such
as gold or electricity, spot bandwidth is a temporal,
non storable commodity (Chiu et al., 1999). As such,
it cannot be purchased today, stored and released
back onto the market at a later time. If it is not used
when purchased, it is lost.
Financial market speculation involves buying,
holding and selling a financial asset to benefit from
fluctuations in price. Due to its non-storable nature,
financial bandwidth speculation does not lend its self
to spot markets, but to derivative markets such as
futures and options.
Using futures and options, a speculator can
manage risk in a market place by purchasing SLAs
for future time periods, or purchasing the option to
buy or sell predefined SLAs in the future at a
predetermined price.
Success of bandwidth markets and exchanges has
been limited for a number of reasons. Firstly,
network operators do not want their main source of
income, i.e. Bandwidth, to be devalued and sold as a
simple commodity with no product differentiation.
Additionally, lack of standardised contracts and
negotiation protocols for bandwidth trading has been
a problem, along with long provisioning cycles once
trades have occurred (Borthick, 2001).
The QDINE service negotiation framework does
not aim to commoditise network bandwidth.
However, services will be specified in a common
format. It can be assumed that within a distributed,
open, well defined SLA trading environment such as
the QDINE framework, speculation over network
services will occur.
Three types of speculation are identified.
1. If an asset is to be purchased and held for a period
of time, speculation is made on the value of that
asset for the duration of the ownership.
2. If an asset is purchased to be divided into smaller
lots for resale, there is speculation on the future
value and demand of the divided lots.
3. “Pure” financial market speculation, involving the
purchase, holding and selling of a financial asset
to benefit from fluctuations in price.
Below are the speculative activities carried out
by a billing provider in the QDINE project.
3.4.1 Customer Side Biller Speculation
The billing provider (BP) speculates on service use
by a customer over a future period and offers an
agreement for some future service period to one or
more of its customers. A simple scenario of
customer side speculation is outlined below.
Billing provider proposes a deal to a customer -
“You can get 30 hours of grade 1 video
conference per month from any of {Optus,
Telstra, Vodaphone} during the next month for
$30.
If the customer accepts, the User Agent then
knows it will cost $1 per hour for the first 30
hours from the specified providers for grade 1
video service.
The User Agent negotiates as normal for services,
receiving quotes for current market prices for
requested services. The User Agent knows
however, that within its first 30 hours for the
month for grade 1 video calls prom participating
providers, no matter what the actual price
WINSYS 2006 - INTERNATIONAL CONFERENCE ON WIRELESS INFORMATION NETWORKS AND SYSTEMS
104
negotiated is, the cost charged to the User Agent
from the billing provider will be $30 for that
month.
When requesting a service, the User Agent must
rationalise, based on many factors, possibly
including average monthly use and current price
whether or not to choose one of the alliance
service providers from the pre-arranged deal to
deliver the service. Possibly at some times, the
User Agent will have no available alternative but
to use an alliance Service Provider. Therefore
even though the current price may be only 80¢
per hour, the user will be charged $1 per hour for
that period.
This type of customer side speculation is
common in today's service offerings, such as 100
hour free weekend talk time or such.
3.4.2 Provider Side Biller Speculation
The billing provider speculates on how much of a
particular service type its customers will use for a
future period, and may pre-purchase such a service
from Network Service Providers.
A particular Billing Provider may decide to pre
purchase 10,000 hours of grade 1 video conference
from service provider “A” at a price of $1 per hour
to be used over the next month by its subscribers.
Depending on the billing method adopted by the
service provider, the pre-negotiated cost could be
specified by the service provider on the bill sent to
the Billing Provider, along with the signed SLAs, or
the Billing Provider could be responsible for
applying the speculated costing on reconciliation of
the bill.
3.5 SLA Request Process
As described above in section 3.2 , previous to
requesting an SLA, the user agent has been
authorised by the service provider as a customer of a
particular billing provider. This allows any SLA
signed by the user agent to be authorised
immediately by the Service Provider without
needing to contact the billing provider.
If a user's public key has changed between
authorisation and an SLA request, the cached public
key will not validate against the SLA request
signature. The user authentication procedure must be
repeated to establish user identity.
As outlined in the negotiation mechanism from
(Green, 2004), negotiations towards an acceptable
SLA including pricing is performed.
During the negotiations, once a user agent
accepts an SLA offer, it signs the SLA and returns it
to the Service Provider. If the Service Provider
agrees with the parameters on the signed SLA, it
stores the SLA and activates the service.
3.6 Billing
The billing process allows new foreign network
Service Providers to form billing relationships with
unknown billing providers associated with roaming
users. To establish a trusting financial relationship,
billing providers and service providers should be
certain of each others identity and must agree on
other billing details such as invoicing frequency and
payment method employed. Discounting specifics
and other pricing related details may also be
included in a billing method.
Payment methods adopted may be be a bank
routing and account number, credit card number or
any other of the numerous payment systems
available. Payments are not addressed further in this
project. It is sufficient to say that at Biller/Service
Provider negotiation time, the payment method to be
used should be defined. ISO 20022
2
, IFX
3
and
Rosettanet
4
all offer tools to mark up payment
information.
Authentication of Billing Providers to Service
Providers is done during User Authentication,
however other specifics of the billing method
adopted between service provider and billing
provider should not be limited to a single
implementation, ultimately they should be based on
individual provider requirements. However, a basic
process for establishing or “bootstrapping” the
billing process needs to be common amongst
participants and is specified below.
The Bootstrap Mechanism. The mechanism
used to establish a billing method between the
service provider and billing provider is built around
the process of each party aiming to fulfil its own
requirements for the final billing method
specification. The mechanism to establishing the
billing method occurs in three stages.
1. Initially, each party informs the other of a list of
ontologies which it can understand, and in which
the billing method may be specified.
2. In the second stage, the service provider informs
the billing provider of the information it requires
to bill for services. The billing provider then
2
http://www.iso20022.org/
3
http://www.ifxforum.org/
4
http://www.rosettanet.org/payment
AUTOMATED SLA NEGOTIATION FOR WIRELESS UBIQUITY - A Secure Approach
105
constructs a billing method template including
components satisfying the informational
requirements of the service provider, and
components satisfying its own requirements of a
billing method. The billing method template
constructed is composed of ontological elements
common to both sets of ontologies specified in
step 1.
3. The third stage in establishing a billing method is
forming an agreement on the concrete values to
be used in the billing method. This stage follows
an offer / counter offer / final offer argumentation
strategy at which point either the negotiation
succeeds and the outcome is a concrete billing
method instance, or the negotiation fails and the
service provider may not provide services to the
billing provider's customers. A Service
Negotiation Protocol (SrNP)(MESCAL
Deliverable 1.2) has been proposed by the
TEQUILA(TEQUILA) and MESCAL(MESCAL)
projects and is well suited to this argumentation
component.
A billing provider may also be a network service
provider – and hence at some point may act as a
Service Provider to the foreign Service Provider's
home customers. Both parties have something to
gain by establishing an optimal agreement.
At initial Biller-Service Provider relationship
establishment, for instance when a customer of a
Billing Provider wanders into a unknown Service
Provider's zone and wishes to use its services, the
Service Provider and Billing Provider have a
requirement to establish some sort of agreement
before the user can use the services. This may be
relatively urgent. The Service Provider may have a
“base” pricing scheme which is used when it has
accumulated little or no information on the Billing
Provider or User. The Billing Provider is left in a
take-it-or-leave-it situation with the service provider
until a stronger relationship can be formed.
In contrast, adjustments to the billing method
formed between a service provider and billing
provider are infrequent, may have no strict time
requirements for convergence, and presumably
happen over high speed network links. A more
complex and optimal negotiation strategy can
therefore be employed.
4 CONCLUSION AND FUTURE
WORK
This work has explored the need for a
comprehensive and open billing solution, required
for ubiquitous service delivery to mobile and fixed
users. Service billing is examined in a broad context
with focus placed on managing secure and binding
relationships between involved entities.
A billing solution based on negotiating electronic
agents is presented, describing the process used for
authenticating and authorising involved entities.
Further discussion of the key components in a
comprehensive billing solution is also made.
An interesting component of this research is the
consideration of speculators and aggregators in the
billing process. The introduction of a Billing
Provider to promote security and encapsulate much
of the speculation is an innovative component with
respect to current state of the art.
Work has been done in developing a
communication set based on open protocols and a
shared ontology. A framework has been previously
designed for SLA negotiations. Future work will see
the integration of this ubiquitous billing work into
the SLA negotiation framework towards a seamless,
open, service delivery platform. During this
implementation, the scalability of the approach will
be examined.
This research is performed as part of an
Australian Research Council Linkage Grant,
LP0560935 between Alcatel and the University of
Technology, Sydney. It extends work already
performed on the Negotiation of Service Level
Agreements for New Generation Networks,
performed as part of the Alcatel Research
Partnership Program (ARPP).
REFERENCES
Cushnie, J., Hutchinson, D., Oliver, H., 2000, Evolution of
Charging and Billing Models for GSM and Future
Mobile Internet Services, QofIS '00: Proceedings of
the First COST 263 International Workshop on
Quality of Future Internet Services, London, UK
Green, L., 2004, Auto Negotiation of Service Levels for
NGNs - T2D2 - System Architecture, University of
Technology, Sydney
CADENUS - Creation and Deployment of End-User
Services in Premium IP Networks, Source:
http://www.cadenus.fokus.fraunhofer.de/, Accessed:
26 November 2004
Nielsen, J., 2000, Designing Web Usability: The Practice
of Simplicity, New Riders Publishing, Indianapolis
WINSYS 2006 - INTERNATIONAL CONFERENCE ON WIRELESS INFORMATION NETWORKS AND SYSTEMS
106
Josephson, W., Sirer, E., Schneider, F., 2004, Peer-to-
Peer Authentication With a Distributed Single Sign-
On Service, Peer-to-Peer Systems III, Third
International Workshop IPTPS 2204, San Diego, CA
The Java Open Single Sign-On Project, Source:
http://www.josso.org/
Hellman, M., 2002, An overview of public key
cryptography, IEEE Communications Magazine, vol.
40, num. 5, pp. 42 - 49
Kaliski, B., 1993, A Survey of Encryption Standards, IEEE
Micro, vol. 13, num. 6, pp. 74-81
Mills, D., 1992, RFC 1305 - Network Time Protocol
(Version 3), University of Delaware
Debenham, J., 2004, Auto-Negotion of Service Level
Agreements, University of Technology Sydney,
Band-X, Source: http://www.band-x.com/en/
Arbinet, Source: http://arbinet.com/
Bandwidth Market, Source:
http://www.bandwidthmarket.com/
Chiu, S., Crametz, J., 1999, Taking Advantage of The
Emerging Bandwidth Exchange Market, Oncept Inc.
Borthick, S., 2001, Bandwidth Trading: What's In It For
You?, Business Communications Review, pp. 26-30
MESCAL Deliverable 1.2, Source:
http://www.mescal.org/deliverables/MESCAL-D12-
public-final.pdf
TEQUILA - Traffic Engineering for Quality of Service in
the Internet, at Large Scale, Source: http://www.ist-
tequila.org
MESCAL - Management of End-to-end Quality of Service
Across the Internet at Large, Source:
http://www.mescal.org
AUTOMATED SLA NEGOTIATION FOR WIRELESS UBIQUITY - A Secure Approach
107