AUTOMATED SLA NEGOTIATION FOR WIRELESS UBIQUITY

A Secure Approach

Les Green

Faculty of Information Technology,University of Technology, Sydney, P.O. Box 123, Broadway, NSW, Australia

Keywords: Billing, Ubiquity, Authentication, Speculation.

Abstract: This document explores the financial system for automatically negotiated service level agreements. Focus is

placed on billing and a solution is proposed based on autonomous, negotiating agents. Security, non-

repudiation and authentication issues are addressed, along with the role of speculation and aggregation

within the system.

1 INTRODUCTION

New Generation Networks attempt to offer

additional benefits to both consumers and providers

in the telecommunication value chain. They are

designed to enhance End User Quality of Experience

(QoE) by providing greater choice of services,

breaking the traditional fixed service offerings and

allowing the user to do what they want, when they

want, where they want at a given price. Service

Providers stand to benefit from these customised

service offerings through the ability to gain

additional income from the value added services.

Research has suggested (Cushnie et al., 2000)

that the current cost of providing and maintaining a

mobile network billing system may be anything up

to 50% of the total infrastructure investment and

annual turnover. Seamless, automated billing which

can provide added value to the service delivery

chain is therefore a large concern for current and

new generation network operators.

This document discusses a billing framework to

support the delivery of customised Service Level

Agreements; addressing security, authenticity and

validity of the different entities involved in the

economic system.

This work is part of a greater project exploring

service ubiquity through electronic negotiation,

titled “Managing Quality of experience Delivery In

New generation telecommunication networks with

E-negotiation” (QDINE)

http://qdine.it.uts.edu.au

Section 2 discusses the problem background and

the role of aggregators and speculators in a billing

system, a solution is proposed in section 3 ,

highlighting the interactions between actors in the

system. Section 4 introduces future work.

2 THE PROBLEM

Within ubiquitous service availability, an end user is

free to roam within the constraints of possible

network connectivity. Consequently, application

services utilized by end users may be delivered via

any number of network service domains. The owner

of each domain involved in the delivery path at any

given point in time will want to be reimbursed for

the services it has provided.

Previous work towards a Service Level

Agreement (SLA) negotiation framework (Green,

2004)(CADENUS , 2004) provides a cascading

model for user billing domains. A benefit of the

cascaded service agreement model is that an end

user need only be concerned with billing between

itself and the domain to which it is directly

connected. Additionally, only domains which offer

end user connectivity need to support user billing.

Users desire simplicity and predictability

(Nielsen, 2000). In terms of billing, an end user will

not want to pay individually each domain which has

provided (a fraction of) a network service. This

opens the way for billing aggregators and

speculators. Billing aggregators package provided

services into one bill whilst speculators speculate on

101

Green L. (2006).

AUTOMATED SLA NEGOTIATION FOR WIRELESS UBIQUITY - A Secure Approach.

In Proceedings of the International Conference on Wireless Information Networks and Systems, pages 101-107

 SciTePress

future costs and so quote a fee for some future

period. Say the next six months. Section 3.4

discusses the role of speculation in greater depth.

A player may be both an aggregator and a

speculator, with end users appointing such a player

to manage billing on their behalf. Given a larger

buying power than a single end user, the speculator

or aggregator, following referred to as a Billing

Provider may negotiate for bulk rates from network

providers. A billing provider may be a user's home

network service provider or a third party billing

provider.

Additional advantages for billing providers are

also possible, such as the ability to offset loss and

form strategic alliances. Such alliances may provide

free partner traffic or other incentives, and may give

greater marketing leverage to billing providers.

The way in which an end user is charged by, and

pays the billing provider is tied directly to the

marketing strategy chosen and therefore unspecified.

However, the way in which a billing provider is

charged from service providers for services used by

an end user is the interesting research point that is

addressed here.

With the increase of global wireless connectivity

via a multitude of available access technologies,

both in the licensed and unlicensed radio

frequencies, it is not feasible for a billing provider to

have pre-negotiated service agreements with every

possible network access provider around the world

into which an end user could roam. Ubiquitous

service availability may require user connectivity

from a domain with which a billing provider is

unfamiliar. We are left with issue of establishing a

valid billing path for a service.

3 A POSSIBLE SOLUTION

In consideration of the above requirements, a

method is proposed whereby an end user, or more

precisely a user agent is responsible for negotiating

service contracts autonomously, and is supported by

a means to verify its trust in an unknown network.

Every user has an associated Billing Provider, whose

status as a trusted and reliable player is generally

known. The Billing Provider is responsible for

authenticating the user agent to foreign networks as

required.

Many business processes occur to deliver valid bills

to end users for a particular service. The financial

system in telecommunications networks can be

broadly defined as the following path.

Pricing → Accounting → Charging → Billing → Payment

Pricing is the process in which a concrete pricing

model instance for the use of a particular service is

defined. Accounting involves recording use of a

particular service. Charging is concerned with

generating costs based on the pricing model and

service accounting data. Billing is the process of

delivering those costs to the consumer of the service

or resource. Finally the consumer must pay the

provider for a given service.

This paper discusses the pricing and billing

components of this chain. The accounting, charging

and payment components are also important but are

not discussed here due to space constraints.

3.1 Billing Security

An electronic bill for some good or service is worth

no more than the cyber space it occupies, unless all

parties concerned can be sure of the bill's

authenticity. To ensure an accurate and valid billing

process, many requirements must be met to produce

and deliver authentic bills.

1. All parties must be Authenticated

2. The Agreements must be valid and binding

3. The charges must be verifiable

4. When required, communication must be secure

and Non-Repudiable.

Accordingly, the billing framework is designed

with security, authentication and verification as a

primary influence.

3.2 User Authentication

Borrowing from Internet Single Sign On (SSO)

technologies(Josephson et al., 2004)(The Java Open

Single Sign-On Project, url), the following User

Agent authentication model is proposed, based on

asymmetric encryption(Hellman, 2002)(Kaliski,

1993). Refer to Figure 1 for a diagram of the below

Figure 1: User Authentication.

WINSYS 2006 - INTERNATIONAL CONFERENCE ON WIRELESS INFORMATION NETWORKS AND SYSTEMS

102

points.

1. The user generates a public and private key pair

and registers the public key with the Billing

Provider. This step only happens once and may

be performed manually by the user via a web

interface on the billing provider's website or by

any other means.

User public keys remain valid throughout a

specific time period. All entities in the negotiation

environment should have synchronised clocks

within a broad tolerance to ensure correct

authentication. This requirement is easily

satisfiable using the existing and widely used

network time protocol (Mills, 1992).

2. When a user agent wants authorisation to request

services from a provider, it creates a User

Authorisation Request (Figure 2) comprised of its

billing provider details and customer identifier

and sends it to the service provider.

3. At this point, the Authorisation request may be

rejected by the service provider for any reason

such as a banned billing provider or maybe

because the service provider is simply too busy.

4. The service provider then builds a User

Authentication Request (Figure 3) from the

original signed User Authorisation Request and

includes a request for the Billing Provider's

Identity Credentials (Digital Certificate) if the

identity of the billing provider is not known in

advance. The Authentication Request is then sent

to the billing provider.

5. The billing provider checks the User

Authentication Request by validating the

signature on the enclosed User Authorisation

Message against the stored public key on the

customer record.

6. If user authentication is successful, the Billing

Provider returns a Success Message (Figure 4)

bundled with the user's public key and a Service

Provider Billing Authorisation which authorises

the Service Provider to issue bills for the supplied

public key. The Billing Provider's credentials are

also supplied if initially requested, to certify the

billing provider's identity.

The billing provider must, for each customer,

maintain a list of Service Providers which have

been authorised as billers for the particular

customer's public key. This is to ensure that if for

some reason the customer's purchasing rights are

revoked, or the secrecy of the private key

associated with the public key has been breached,

the Billing Provider can contact each Service

Provider to revoke the public key.

The Billing Provider must receive proof from

each Service Provider it has registered as an

authorised biller that it has acknowledged the

revocation of the public key. One appropriate

means of non-repudiation is through the use of

digitally signed messages in concert with valid

Digital Certificates. A Billing Provider cannot

claim it did not have a particular service provider

registered as a recipient of a key because the User

Authorisation Success Message provides a

digitally signed proof that a service provider was

given authorisation to send the billing provider

bills signed by a particular public key.

7. Upon receiving a success message, the service

provider validates the billing provider's

credentials. The returned user's public key is used

to validate the signature from the initial User

Authorisation Request received from the User

Agent. On successfully passing authorisation, a

billing path for future services is established, and

Figure 3: User Authorisation Request

Figure 2: Authentication Success Message

Figure 4: User Authentication Request.

AUTOMATED SLA NEGOTIATION FOR WIRELESS UBIQUITY - A Secure Approach

103

the user can proceed to request services from the

provider.

Users' public keys are stored by service

providers for use in validating future Service

Level Agreement (SLA) requests. In this way, the

service provider need not validate with the billing

provider for each SLA provisioned.

3.3 Pricing

Pricing is concerned with generating the instantiated

values to be used within a charging model.

Pricing of service level agreements in the

QDINE framework is not limited to one specific

pricing mechanism. The pricing mechanism for any

particular SLA instance is encapsulated within

prices quoted on the SLA.

The actual mechanisms used to generate

individual prices to be used in an SLA offer are

implementation specific. The QDINE project has

developed an intelligent pricing mechanism based

on limited supply and the pre-emptive capability of

differentiated service networks(Debenham, 2004)

for use in testing the billing framework. The pricing

mechanism adopted by a service provider will be

based around that service provider's business model.

The billing framework is designed to be independent

of any specific pricing mechanism.

3.4 Speculation

Speculation can play a major part in pricing of any

good or service. To understand the role speculation

may play in the QDINE project, existing

telecommunication trading is examined.

Beginning around 1998, bandwidth commodity

markets such as Band-X (Band-X), Arbinet

(Arbinet) and Bandwidth Market Ltd (Bandwidth

Market) have emerged, trading point to point

bandwidth as a commodity on an open market.

Unlike the majority of traded commodities such

as gold or electricity, spot bandwidth is a temporal,

non storable commodity (Chiu et al., 1999). As such,

it cannot be purchased today, stored and released

back onto the market at a later time. If it is not used

when purchased, it is lost.

Financial market speculation involves buying,

holding and selling a financial asset to benefit from

fluctuations in price. Due to its non-storable nature,

financial bandwidth speculation does not lend its self

to spot markets, but to derivative markets such as

futures and options.

Using futures and options, a speculator can

manage risk in a market place by purchasing SLAs

for future time periods, or purchasing the option to

buy or sell predefined SLAs in the future at a

predetermined price.

Success of bandwidth markets and exchanges has

been limited for a number of reasons. Firstly,

network operators do not want their main source of

income, i.e. Bandwidth, to be devalued and sold as a

simple commodity with no product differentiation.

Additionally, lack of standardised contracts and

negotiation protocols for bandwidth trading has been

a problem, along with long provisioning cycles once

trades have occurred (Borthick, 2001).

The QDINE service negotiation framework does

not aim to commoditise network bandwidth.

However, services will be specified in a common

format. It can be assumed that within a distributed,

open, well defined SLA trading environment such as

the QDINE framework, speculation over network

services will occur.

Three types of speculation are identified.

1. If an asset is to be purchased and held for a period

of time, speculation is made on the value of that

asset for the duration of the ownership.

2. If an asset is purchased to be divided into smaller

lots for resale, there is speculation on the future

value and demand of the divided lots.

3. “Pure” financial market speculation, involving the

purchase, holding and selling of a financial asset

to benefit from fluctuations in price.

Below are the speculative activities carried out

by a billing provider in the QDINE project.

3.4.1 Customer Side Biller Speculation

The billing provider (BP) speculates on service use

by a customer over a future period and offers an

agreement for some future service period to one or

more of its customers. A simple scenario of

customer side speculation is outlined below.

• Billing provider proposes a deal to a customer -

“You can get 30 hours of grade 1 video

conference per month from any of {Optus,

Telstra, Vodaphone} during the next month for

$30.

• If the customer accepts, the User Agent then

knows it will cost $1 per hour for the first 30

hours from the specified providers for grade 1

video service.

• The User Agent negotiates as normal for services,

receiving quotes for current market prices for

requested services. The User Agent knows

however, that within its first 30 hours for the

month for grade 1 video calls prom participating

providers, no matter what the actual price

WINSYS 2006 - INTERNATIONAL CONFERENCE ON WIRELESS INFORMATION NETWORKS AND SYSTEMS

104

negotiated is, the cost charged to the User Agent

from the billing provider will be $30 for that

month.

• When requesting a service, the User Agent must

rationalise, based on many factors, possibly

including average monthly use and current price

whether or not to choose one of the alliance

service providers from the pre-arranged deal to

deliver the service. Possibly at some times, the

User Agent will have no available alternative but

to use an alliance Service Provider. Therefore

even though the current price may be only 80¢

per hour, the user will be charged $1 per hour for

that period.

This type of customer side speculation is

common in today's service offerings, such as 100

hour free weekend talk time or such.

3.4.2 Provider Side Biller Speculation

The billing provider speculates on how much of a

particular service type its customers will use for a

future period, and may pre-purchase such a service

from Network Service Providers.

A particular Billing Provider may decide to pre

purchase 10,000 hours of grade 1 video conference

from service provider “A” at a price of $1 per hour

to be used over the next month by its subscribers.

Depending on the billing method adopted by the

service provider, the pre-negotiated cost could be

specified by the service provider on the bill sent to

the Billing Provider, along with the signed SLAs, or

the Billing Provider could be responsible for

applying the speculated costing on reconciliation of

the bill.

3.5 SLA Request Process

As described above in section 3.2 , previous to

requesting an SLA, the user agent has been

authorised by the service provider as a customer of a

particular billing provider. This allows any SLA

signed by the user agent to be authorised

immediately by the Service Provider without

needing to contact the billing provider.

If a user's public key has changed between

authorisation and an SLA request, the cached public

key will not validate against the SLA request

signature. The user authentication procedure must be

repeated to establish user identity.

As outlined in the negotiation mechanism from

(Green, 2004), negotiations towards an acceptable

SLA including pricing is performed.

During the negotiations, once a user agent

accepts an SLA offer, it signs the SLA and returns it

to the Service Provider. If the Service Provider

agrees with the parameters on the signed SLA, it

stores the SLA and activates the service.

3.6 Billing

The billing process allows new foreign network

Service Providers to form billing relationships with

unknown billing providers associated with roaming

users. To establish a trusting financial relationship,

billing providers and service providers should be

certain of each others identity and must agree on

other billing details such as invoicing frequency and

payment method employed. Discounting specifics

and other pricing related details may also be

included in a billing method.

Payment methods adopted may be be a bank

routing and account number, credit card number or

any other of the numerous payment systems

available. Payments are not addressed further in this

project. It is sufficient to say that at Biller/Service

Provider negotiation time, the payment method to be

used should be defined. ISO 20022

, IFX

and

Rosettanet

all offer tools to mark up payment

information.

Authentication of Billing Providers to Service

Providers is done during User Authentication,

however other specifics of the billing method

adopted between service provider and billing

provider should not be limited to a single

implementation, ultimately they should be based on

individual provider requirements. However, a basic

process for establishing or “bootstrapping” the

billing process needs to be common amongst

participants and is specified below.

The Bootstrap Mechanism. The mechanism

used to establish a billing method between the

service provider and billing provider is built around

the process of each party aiming to fulfil its own

requirements for the final billing method

specification. The mechanism to establishing the

billing method occurs in three stages.

1. Initially, each party informs the other of a list of

ontologies which it can understand, and in which

the billing method may be specified.

2. In the second stage, the service provider informs

the billing provider of the information it requires

to bill for services. The billing provider then

http://www.iso20022.org/

http://www.ifxforum.org/

http://www.rosettanet.org/payment

AUTOMATED SLA NEGOTIATION FOR WIRELESS UBIQUITY - A Secure Approach

105

constructs a billing method template including

components satisfying the informational

requirements of the service provider, and

components satisfying its own requirements of a

billing method. The billing method template

constructed is composed of ontological elements

common to both sets of ontologies specified in

step 1.

3. The third stage in establishing a billing method is

forming an agreement on the concrete values to

be used in the billing method. This stage follows

an offer / counter offer / final offer argumentation

strategy at which point either the negotiation

succeeds and the outcome is a concrete billing

method instance, or the negotiation fails and the

service provider may not provide services to the

billing provider's customers. A Service

Negotiation Protocol (SrNP)(MESCAL

Deliverable 1.2) has been proposed by the

TEQUILA(TEQUILA) and MESCAL(MESCAL)

projects and is well suited to this argumentation

component.

A billing provider may also be a network service

provider – and hence at some point may act as a

Service Provider to the foreign Service Provider's

home customers. Both parties have something to

gain by establishing an optimal agreement.

At initial Biller-Service Provider relationship

establishment, for instance when a customer of a

Billing Provider wanders into a unknown Service

Provider's zone and wishes to use its services, the

Service Provider and Billing Provider have a

requirement to establish some sort of agreement

before the user can use the services. This may be

relatively urgent. The Service Provider may have a

“base” pricing scheme which is used when it has

accumulated little or no information on the Billing

Provider or User. The Billing Provider is left in a

take-it-or-leave-it situation with the service provider

until a stronger relationship can be formed.

In contrast, adjustments to the billing method

formed between a service provider and billing

provider are infrequent, may have no strict time

requirements for convergence, and presumably

happen over high speed network links. A more

complex and optimal negotiation strategy can

therefore be employed.

4 CONCLUSION AND FUTURE

WORK

This work has explored the need for a

comprehensive and open billing solution, required

for ubiquitous service delivery to mobile and fixed

users. Service billing is examined in a broad context

with focus placed on managing secure and binding

relationships between involved entities.

A billing solution based on negotiating electronic

agents is presented, describing the process used for

authenticating and authorising involved entities.

Further discussion of the key components in a

comprehensive billing solution is also made.

An interesting component of this research is the

consideration of speculators and aggregators in the

billing process. The introduction of a Billing

Provider to promote security and encapsulate much

of the speculation is an innovative component with

respect to current state of the art.

Work has been done in developing a

communication set based on open protocols and a

shared ontology. A framework has been previously

designed for SLA negotiations. Future work will see

the integration of this ubiquitous billing work into

the SLA negotiation framework towards a seamless,

open, service delivery platform. During this

implementation, the scalability of the approach will

be examined.

This research is performed as part of an

Australian Research Council Linkage Grant,

LP0560935 between Alcatel and the University of

Technology, Sydney. It extends work already

performed on the Negotiation of Service Level

Agreements for New Generation Networks,

performed as part of the Alcatel Research

Partnership Program (ARPP).

REFERENCES

Cushnie, J., Hutchinson, D., Oliver, H., 2000, Evolution of

Charging and Billing Models for GSM and Future

Mobile Internet Services, QofIS '00: Proceedings of

the First COST 263 International Workshop on

Quality of Future Internet Services, London, UK

Green, L., 2004, Auto Negotiation of Service Levels for

NGNs - T2D2 - System Architecture, University of

Technology, Sydney

CADENUS - Creation and Deployment of End-User

Services in Premium IP Networks, Source:

http://www.cadenus.fokus.fraunhofer.de/, Accessed:

26 November 2004

Nielsen, J., 2000, Designing Web Usability: The Practice

of Simplicity, New Riders Publishing, Indianapolis

WINSYS 2006 - INTERNATIONAL CONFERENCE ON WIRELESS INFORMATION NETWORKS AND SYSTEMS

106

Josephson, W., Sirer, E., Schneider, F., 2004, Peer-to-

Peer Authentication With a Distributed Single Sign-

On Service, Peer-to-Peer Systems III, Third

International Workshop IPTPS 2204, San Diego, CA

The Java Open Single Sign-On Project, Source:

http://www.josso.org/

Hellman, M., 2002, An overview of public key

cryptography, IEEE Communications Magazine, vol.

40, num. 5, pp. 42 - 49

Kaliski, B., 1993, A Survey of Encryption Standards, IEEE

Micro, vol. 13, num. 6, pp. 74-81

Mills, D., 1992, RFC 1305 - Network Time Protocol

(Version 3), University of Delaware

Debenham, J., 2004, Auto-Negotion of Service Level

Agreements, University of Technology Sydney,

Band-X, Source: http://www.band-x.com/en/

Arbinet, Source: http://arbinet.com/

Bandwidth Market, Source:

http://www.bandwidthmarket.com/

Chiu, S., Crametz, J., 1999, Taking Advantage of The

Emerging Bandwidth Exchange Market, Oncept Inc.

Borthick, S., 2001, Bandwidth Trading: What's In It For

You?, Business Communications Review, pp. 26-30

MESCAL Deliverable 1.2, Source:

http://www.mescal.org/deliverables/MESCAL-D12-

public-final.pdf

TEQUILA - Traffic Engineering for Quality of Service in

the Internet, at Large Scale, Source: http://www.ist-

tequila.org

MESCAL - Management of End-to-end Quality of Service

Across the Internet at Large, Source:

http://www.mescal.org

AUTOMATED SLA NEGOTIATION FOR WIRELESS UBIQUITY - A Secure Approach

107