Content Distribution Interworking D. Gilletti Working Group CacheFlow, Inc. Internet-Draft R. Nair Expires: December 12, 2002 Cisco Systems J. Scharber CacheFlow, Inc. J. Guha Apogee Networks D. Frascone Blackstorm Networks June 13, 2002 Content Distribution Interworking (CDI) AAA Requirements draft-ietf-cdi-aaa-reqs-01 Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http:// www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on December 12, 2002. Copyright Notice Copyright (C) The Internet Society (2002). All Rights Reserved. Abstract In developing a solution for CDN Internetworking it is necessary to define and accommodate requirements for Authentication, Authorization, and Accounting. Since the Authentication, Authorization, and Accounting (AAA) working group is already focused Gilletti, et al. Expires December 12, 2002 [Page 1] Internet-Draft CDI AAA Requirements June 2002 on defining these requirements, this document attempts to leverage that work. It contains the requirements that would have to be supported by a AAA service to formulate a solution for CDN peering. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 4 1.1 Conventions used in this document . . . . . . . . . . . . 5 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 6 3. Overview of Accounting Peering System . . . . . . . . . . 8 4. Assumptions . . . . . . . . . . . . . . . . . . . . . . . 10 4.1 Firewalls . . . . . . . . . . . . . . . . . . . . . . . . 10 4.2 CDR Generation & Reception . . . . . . . . . . . . . . . . 10 4.3 Storage Requirements . . . . . . . . . . . . . . . . . . . 10 4.4 Authentication & Authorization . . . . . . . . . . . . . . 10 4.5 Measurement / Metering Systems . . . . . . . . . . . . . . 10 4.6 Inter-Domain Trust . . . . . . . . . . . . . . . . . . . . 11 4.7 Proxy CDN-I Account-Peering systems . . . . . . . . . . . 11 5. Accounting 'Works' . . . . . . . . . . . . . . . . . . . . 12 5.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . 12 5.2 General Requirements . . . . . . . . . . . . . . . . . . . 12 5.2.1 Framework . . . . . . . . . . . . . . . . . . . . . . . . 12 5.2.2 Form-Factor of CDRs . . . . . . . . . . . . . . . . . . . 13 5.2.3 Timing Requirement of CDR exchange . . . . . . . . . . . . 13 5.2.4 Identifiers . . . . . . . . . . . . . . . . . . . . . . . 13 5.2.5 Measures . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.2.6 Counters . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.2.7 Name Space Convention (Distributed,Domained,Global) . . . 13 5.2.8 Security Requirements . . . . . . . . . . . . . . . . . . 14 5.3 Core Works Requirements . . . . . . . . . . . . . . . . . 14 5.3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . 14 5.3.1.1 List of Attributes . . . . . . . . . . . . . . . . . . . . 14 5.3.1.2 Encoding and Representation . . . . . . . . . . . . . . . 14 5.3.1.3 Use Case Model . . . . . . . . . . . . . . . . . . . . . . 14 5.3.1.4 Work Flow Model . . . . . . . . . . . . . . . . . . . . . 15 5.3.1.5 Work State Model . . . . . . . . . . . . . . . . . . . . . 15 5.3.2 ContentInjection Work . . . . . . . . . . . . . . . . . . 15 5.3.3 ContentDistribution Work . . . . . . . . . . . . . . . . . 16 5.3.4 ContentRequest Work . . . . . . . . . . . . . . . . . . . 16 5.3.5 ContentRetrieval Work . . . . . . . . . . . . . . . . . . 17 5.3.6 ContentServiceDelivery Work . . . . . . . . . . . . . . . 18 6. Data Exchange Mechanism / Protocol . . . . . . . . . . . . 20 6.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . 20 6.2 General Requirements . . . . . . . . . . . . . . . . . . . 20 6.2.1 Separation of Exchange Protocol from CDR payload . . . . . 20 6.2.2 Transfer Capability Negotiation . . . . . . . . . . . . . 20 6.2.3 Singular, Batched, Flow, & RealTime Modes of Data Exchange 20 6.2.4 Efficient Encoding . . . . . . . . . . . . . . . . . . . . 20 Gilletti, et al. Expires December 12, 2002 [Page 2] Internet-Draft CDI AAA Requirements June 2002 6.2.5 Transfer Flow & Rate Control . . . . . . . . . . . . . . . 20 6.2.6 Guaranteed Delivery . . . . . . . . . . . . . . . . . . . 20 6.2.7 CDR Relationship Identifiers . . . . . . . . . . . . . . . 21 6.2.8 Protocol State Machines . . . . . . . . . . . . . . . . . 21 6.2.9 Encryption . . . . . . . . . . . . . . . . . . . . . . . . 21 6.3 Authorization and Authentication . . . . . . . . . . . . . 21 6.4 CDR Receivers . . . . . . . . . . . . . . . . . . . . . . 21 6.5 CDR Generators : . . . . . . . . . . . . . . . . . . . . . 21 6.6 Fault-Tolerance . . . . . . . . . . . . . . . . . . . . . 21 7. Further Issues . . . . . . . . . . . . . . . . . . . . . . 23 8. Recommendations . . . . . . . . . . . . . . . . . . . . . 24 9. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . 25 References . . . . . . . . . . . . . . . . . . . . . . . . 26 Authors' Addresses . . . . . . . . . . . . . . . . . . . . 26 A. Acknowledgments . . . . . . . . . . . . . . . . . . . . . 28 Full Copyright Statement . . . . . . . . . . . . . . . . . 29 Gilletti, et al. Expires December 12, 2002 [Page 3] Internet-Draft CDI AAA Requirements June 2002 1. Introduction The initial model for the World Wide Web (WWW) was based on clients interacting with origin servers to request and receive content or services. As the Web increased in scale this model proved unwieldy for several reasons and resulted in current industry efforts to build and operate Content Distribution Networks or CDNs. The overall purpose of these CDNs is to create a scalable service that can meet aggregate client demand while improving the performance and quality of delivery. With increased demand for CDN services a need has been generated for a mechanism for interconnecting or peering these systems. A typical CDN has relationships with publishers and provides them with accounting and access related information. This information is typically provided in the form of aggregate or detailed log files. In addition, these CDNs typically collect accounting information to aid in operation, billing and SLA verification. Since all accounting data is collected within the CDN's administrative domain there is no requirement for generalized systems or protocols. Peering or interconnecting these CDNs introduces the need to obtain similar accounting data from a foreign domain. This requirement means that customers of a peered CDN service (publishers, clients, and CDNs) must now have a generalized or standard means of obtaining accounting information to support current as well as planned business models. For example, the desire to implement business models such as "Pay Per View" may require that there exist a mechanism for authenticating and authorizing clients at a delivery point that lies in a foreign domain. This document is focused on describing requirements for the Accounting Peering System as described in [7] This document frames the requirements for the Accounting Peering System against the ongoing work of the AAA working group. This was done because the authors realized that considerable effort has already been expended in identifying inter-domain trust models and accounting requirements within that working group. Therefore, a conscious decision has been made to leverage that existing body of work before making additional proposals. As such, this document relies heavily on RFC 2904 [1], RFC 2975 [2], and RFC 2977 [3]. Since the concentration of this effort is to determine the requirements for CDN internetworking / peering, the accounting requirements within an individual CDN are largely ignored within this document. Gilletti, et al. Expires December 12, 2002 [Page 4] Internet-Draft CDI AAA Requirements June 2002 The core actions and activities within the CDN-I domain is essentially enumerated as Content Injection, Content Distribution, Content Request, Content/Service Delivery, and Content Retrieval. These are the primary activities that need to be tracked and accounted. Please refer architectural diagrams in [5], [6], and [7]. This document focuses and details the requirements on the digital representation of the above activities, along with the means and mechanisms to exchange these representations between peering parties which have participated in the activity, and/or any other component in a secure and guaranteed manner. Requirements for the remaining CDI architectural elements, the Request Routing System, which is responsible for directing user agents to the distributed content, and the Distribution Peering Requirements for CDI, which is responsible for distributing content between a CDN and the elements that it, are detailed in [8], [9]. 1.1 Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [4]. Gilletti, et al. Expires December 12, 2002 [Page 5] Internet-Draft CDI AAA Requirements June 2002 2. Terminology This section introduces new terminology not already defined in < RFC 2975 [2], RFC 2977 [3], or [5] CDN Service: An action that is directly or indirectly related to the act of moving content from publisher to consumer. Customer: A billable entity (typically a publisher, client or peered CDN) that agrees to exchange compensation for a CDN Service. Entitlement: A right to access a given CDN Service or content object typically provided to a customer by a provider. Flat Rate: Indicates there is no limit on the amount of CDN Service that a customer can consume during a Period. Percentile: Indicates that a CDN Service will be billed at a rate that is based on a multiplier (Usage Rate) times the Usage during the Period. Period: The duration for which the Usage counter or Entitlement is active. Provider: An entity that offers a CDN Service in exchange for Compensation. Unit Of Measure (UOM): Indicates how Usage should be tracked (i.e. minutes, seconds, bytes, etc). Usage: A counter that measures the access or use of a CDN Service by the Customer. Usage Rate: A per-unit cost associated with the Usage of a CDN Service. Pricing / Rating Tiers: Indicates the existence of a schedule against which Usage of a given CDN Service is tracked and billed. Work: This is the definition of an activity in which a CDN partakes by providing a specific function, role or service. These activities are restricted to only those which involve the participation of peering entities outside the CDNs administrative domain. Tier: This is the conceptual enclosure of a specific function (such as accounting, settlement, rating, billing, invoicing, payment, provisioning etc) in the context of a layered / phased multi- Gilletti, et al. Expires December 12, 2002 [Page 6] Internet-Draft CDI AAA Requirements June 2002 function environment. CDR (Content Detail Record): This is the digital entity which capture the 'what', 'who', 'when', 'where', and 'how' of the work done. Gilletti, et al. Expires December 12, 2002 [Page 7] Internet-Draft CDI AAA Requirements June 2002 3. Overview of Accounting Peering System The Accounting Peering system is responsible for the definition, generation and exchange of usage / consumption data entities (CDRs) which depict the activities and works performed, requested, and completed between peering CDNs, and any component internetworking with a CDN. These CDRs typically will contain 'what work was done', 'who did the work', 'when was the work done', 'how was the work done', 'Resources Used' etc. --------------------------------------------------------------------- * * +---------------+ * * +---------------+ | Origin | * ==== ContentInjection =====> * | CDN X | +---------------+ * <==== ContentRequest ======= * |...............| * * | | +---------------+ * <==== ContentDistribution ==> * |...............| | Peering CDN | * <==== ContentRetrieve ======> * | | +---------------+ * * |...............| * * | | +---------------+ * <==== ContentServiceDelivery= * | | | Client | * =====ContentRequest =====> * | | + --------------+ * * +---------------+ * * * * Acct-CPG Acct-CPG Figure 1: Accounting Peering System Components and Activities --------------------------------------------------------------------- The above diagram (Figure 1) illustrates the architectural entities which will internetwork with a CDN as well as the activities that transpire between any two peering entities . Each activity is to be considered as discrete accountable events in their own right. The arrows indicate the parties and roles involved in each activity as each activity has a source and destination role in the communications exchange (note : the arrows do not indicate who is generating / receiving the CDR ) The model above allows for complex chaining and sequencing of activities which express the relationship of interoperations that a typical CDN will encounter. The core activities (as described above) that need to be accounted Gilletti, et al. Expires December 12, 2002 [Page 8] Internet-Draft CDI AAA Requirements June 2002 are ContentInjection, ContentDistribution, ContentRequest, ContentRetrieval, and ContentServiceDelivery. The activities above cannot span multiple internetworking hops. Each independent piece of activity or work performed by/to a CDN, can be transmitted and collected by any entity or instrumentation, which implements the Accounting-Peering System Interface(Acct-CPG). It is envisioned that each CDN would have an instrumentation platform which would detect or be informed of the activities described above. This platform or detection mechanism is not in-scope of Acct-CPG. A transport protocol would be used to exchange CDRs between an entity which generates a CDR, and an entity which receives a CDR. Presumably, the entity which is capable of detecting the activity will be the entity that generates the CDR to an entity interested in receiving the CDR. The Acct-CPG interface will not specify which entity can, must, or should implement the Acct-CPG interface. Accounting systems in general will have to support the real-time occurrence of the above mentioned activities. That is when the activities do take place, the activity must be recorded and not lost. Reliability of recording accountable events/activities is required or otherwise the accounting infrastructure will be compromised. However the Acct-CPG will not specify the mechanism to record the activities that have occurred, but will solely impress upon the necessity of reliability and integrity in the process of activity detection, and recording. The nature of certain activities may also span a segment of time from activity initiation to completion. Acct-CPG systems shall be able to generate interim, and composite CDRs of each discrete activity which depict the passage of time and states of an activity. Thus, the Acct-CPG interface shall be charged with the responsibility of support for interim and composite CDRs, and support for real time and/or offline/batch exchange of accountable works / activities. The Accounting data entities (CDRs) may be used by other downstream functional tiers such as Rating & Billing, Capacity Planning, Performance & Monitoring Analysis, Payment systems, Account Management, Settlement Systems etc. These downstream tiers are considered out-of-scope, but the solution should not be incompatible with this functionality Gilletti, et al. Expires December 12, 2002 [Page 9] Internet-Draft CDI AAA Requirements June 2002 4. Assumptions Certain assumptions/expectations of the operating environment are detailed below. Should any of the assumptions change, there may be material implications on the requirements of the CDN-I Accounting Peering (Acct-CPG) systems. 4.1 Firewalls There are no firewalls between the path of the Accounting Peering Systems. Peering CDN-I Accounting systems can establish a communication channel between themselves provided they have the appropriate and valid trust credentials. 4.2 CDR Generation & Reception Any entity (network element or service element) can be a CDR Generator and/or a CDR Receiver as long as the entity is 'CDN-I Acct- CPG' enabled. 4.3 Storage Requirements The CDN-I Accounting Peering requirements shall not place any constraints or restrictions on the storage of CDRs. CDR Storage is essentially out of scope. However, to provide fail-over and recovery in the data exchange protocol, there most likely will be storage implications for an entity to be considered 'CDN-I Accounting Peering' enabled. 4.4 Authentication & Authorization The CDN-I Accounting Peering requirements shall only exchange Authentication & Authorization Messages to enable the exchange of CDRs. The policies, and mechanisms which influence these Authentication and Authorizations messages are to be provided and maintained by an external functional component or process, and are to be considered out-of-scope, except to the extent that it influences the requirements of accounting data exchange. 4.5 Measurement / Metering Systems Instrumentation (hard and/or soft) exists on the CDN-I network which can detect, recognize, and inform an Accounting-Peering System when a ContentInjection, ContentDistribution, ContentRequest, ContentRetrieval, and ContentServiceDelivery act / event has taken place. Gilletti, et al. Expires December 12, 2002 [Page 10] Internet-Draft CDI AAA Requirements June 2002 4.6 Inter-Domain Trust All systems are conformant with the AAA Authentication and Authorization Framework for Inter-Domain trust. Refer [1] 4.7 Proxy CDN-I Account-Peering systems If Accounting-Peering (Acct-CPG) system communicate through intermediate Acct-CPG systems, it is necessary that the CDR payload is secure between the originator Acct-CPG and target Acct-CPG server. The security requirement may be end-to-end security, CDR payload integrity, confidentiality, replay protection, and non-repudiation. Refer [1]. Gilletti, et al. Expires December 12, 2002 [Page 11] Internet-Draft CDI AAA Requirements June 2002 5. Accounting 'Works' The objective of this section is to define the requirement of a scalable framework for depicting all the various acts / services / 'works' performed by any entity which internetworks with a CDN, and which needs to be accounted. It is envisioned that a finite (core) set of works will need to be defined so as to achieve initial adoption and traction. Thereafter the framework must accommodate expansion of acts / services / work in the CDN Internetworking domain. 5.1 Introduction An expression of 'work' performed consists of a collection/sequence of attributes which consist of identifiers, measures, and counters. The attributes serve to answer the who, what, where, and how of these elements of usage or acts of consumption (CDRs). For the CDN peering/interconnection scenario, it is important to construct the expressions/acts of consumption such that there is no dispute and ambiguity in meaning between parties producing and receiving these expressions. In each act of consumption, there is a minimum set of attributes in which an act/expression of consumption/ usage is considered "complete and indisputable" and therefore able to be used by any downstream tiers (ex : rating and billing). 5.2 General Requirements 5.2.1 Framework A framework which can accommodate the scalable definition of CDRs is required. This framework shall be able to introduce new CDRs and their associated schemas at a later time frame. The framework must ensure that 'Context' of the CDR payload is available to any party such that domains / scope of CDR and attribute applicability / validity is defined. 'Context' will mean roles of participating entities, domain, and scope. There shall be no overloading of attribute meanings. Every measure and counter must have have units, minima and maxima, and incrementals defined. Every identifier must be persistent within a defined domain and time frame. Decisions on in-band or out-of-band context embedding will be needed and shall be defined in the framework. The framework shall support self-description of the usage attributes. This framework shall NOT define any actions, rules, constraints and context with regards to the processing of CDRs. Gilletti, et al. Expires December 12, 2002 [Page 12] Internet-Draft CDI AAA Requirements June 2002 XML technology should be considered as a vehicle to achieve the above framework. Other strategies can also be considered if the end-value is achievable. 5.2.2 Form-Factor of CDRs The representation and form-factor of the CDRs must also be addressed. Binary based and character based form factors need to be supported. 5.2.3 Timing Requirement of CDR exchange Certain CDRTypes will have delivery requirements which meet timing constraints. For each independent operating scenario and 'work' (CDR) type, requirements on CDR transport exchange and timings need to be assessed. It will be required to specify timing constraints for certain CDR Types, and will be used by the data exchange protocol during the channel setup phase. 5.2.4 Identifiers An identifier is an attribute which associates a name convention to an entity. Examples of identifies are OrganizationName, EndUserName, Name of Movie, ContentID etc These identifiers can and do have properties and characteristics such as persistence, scope & domain, time-to-live etc. In the accounting context, these identifiers must be resolvable, unambiguous, recoverable and unique in the applicable domain. 5.2.5 Measures Measures are attributes that help to describe 'how' a certain piece of work was performed, delivered or consumed. Typical examples are QoS, JitterDelay, etc. Measures need to be defined completely and without ambiguity by defining known minima, maxima, unit of increments etc. The definition of measures must remain persistent and consistent within its scope and domain. 5.2.6 Counters Counters are attributes that help to describe the quantity of resources consumed by a singular accountable act / work. Typically Counters must be defined by its units, minima and maxima and the mathematical operations that are permissible on a counter. 5.2.7 Name Space Convention (Distributed,Domained,Global) In a distributed environment, a domain consistent way of naming Gilletti, et al. Expires December 12, 2002 [Page 13] Internet-Draft CDI AAA Requirements June 2002 entities such as a customer, ContentID, ContentType etc is required, so that any member participating in the CDN Internetworking activities can be consistently identified. The scope / domain of applicability of every identifier must be referenceable by any party participating in the work represented by the specific CDR, and / or by any party involved in the exchange of the specific CDR. Likewise, the framework must also provision a Name Space mechanism for naming a specific content within the federation. For example, a specific movie or song might need to be named in the same way in all of the different points of the federation, independently of the domain that is delivering the specific content. This SHOULD follow a standard that can be interpreted by every member of the federation. 5.2.8 Security Requirements This document assumes that the solutions suggested within this document will be compliant with the trust model given in RFC 2904 [1]. 5.3 Core Works Requirements This section defines those 'work' items that form the initial core set of 'works' that must be supported by any 'CDN-I Accounting' enabled entity. The objective here is to achieve consensus around a set of accountable works which are deemed sufficiently important such that its definition and support is warranted. 5.3.1 Introduction For each of the accountable works defined below in the subsections, the following must be defined : 5.3.1.1 List of Attributes Each attribute must define its name, its meaning, whether it is a required / optional / conditional attribute, its data type (int, string, complex etc) 5.3.1.2 Encoding and Representation The encoding and representation format of each attribute inside the CDR must be defined. 5.3.1.3 Use Case Model Generally describes the involved entities in the creation of the CDR. The 'Context' of the CDR will most likely be defined here as well. Gilletti, et al. Expires December 12, 2002 [Page 14] Internet-Draft CDI AAA Requirements June 2002 5.3.1.4 Work Flow Model Details the sequencing of events of the involved entities which generates the CDR and where the CDR has to be sent. 5.3.1.5 Work State Model Details the state transition diagram of the 'Work' by defining the triggers and the state of work from inception to completion. The 'State' of Work may or may not be distributed across one or more elements in the federation. 5.3.2 ContentInjection Work This 'work' is the event(CDR) that represents the act of a Host Origin Server which successfully 'injects' a piece of 'content' into a CDN for further distribution. An example scenario is where a Content Provider or a Publisher wishes to distribute content. The Publisher typically transfer the relevant content to a CDN Service Provider. This transaction is referred to as Injection. --------------------------------------------------------------------- A logical representation of this CDR is as below : | CDRType | TimeStamp | ContentID | ContentType | OriginID | CDN_ID | ContentByteSize | State | ErrorCode | Attribute Name | Type | Description ---------------------------------------------------------------------------- CDRType | String| Type of CDR (Value = ContentInjection) TimeStamp | Long | Time of Content Injection transaction (Start/End) ContentURI | String| Unique identifier for the injected content ContentType | String| Type of Content (WebPage, Movie, Song etc) Origin ID | String| Unique Identifier for Content Source CDN_ID | String| Unique Identifier for CDN ServiceProvider ContentByteSize | Long | Size of Content Injected in Bytes State | String| State of Injection (start,complete,error) ErrorCode | String| UnAuthorized,UnAuthenticated,TimeOut,etc Figure 2: Content Injection CDR --------------------------------------------------------------------- Gilletti, et al. Expires December 12, 2002 [Page 15] Internet-Draft CDI AAA Requirements June 2002 5.3.3 ContentDistribution Work This 'work' is the event (CDR) that represents the act where a CDN 'distributes' the 'content' to another peering CDN. --------------------------------------------------------------------- A logical representation of this CDR is as below : | CDRType | TimeStamp | Content_ID | ContentType | CDNSrcID | CDNDestID| | ContentByteSize | State | ErrorCode | Attribute Name | Type | Description ---------------------------------------------------------------------------- CDRType | String| Type of CDR (Value = ContentDistribution) TimeStamp | Long | Time of Content Distribution transaction (start/end) ContentURI | String| Unique identifier of content to be distributed ContentType | String| Type of Content (WebPage, Movie, Song etc) CDNSrcID | String| Unique Identifier of src distributing content CDNDestID | String| Unique Identifier of dest receiving content ContentByteSize | Long | Size of Content distributed in Bytes State | String| Distribution State (start,complete,error) ErrorCode | String| UnAuthorized,UnAuthenticated,TimeOut,etc Figure 3: Content Distribution CDR --------------------------------------------------------------------- 5.3.4 ContentRequest Work This transaction is the event (CDR) that represents the act where an end-user (EU) request access to a specific Content. Gilletti, et al. Expires December 12, 2002 [Page 16] Internet-Draft CDI AAA Requirements June 2002 --------------------------------------------------------------------- A logical representation of this CDR is as below : | CDRType | TimeStamp | ContentURI | ContentType | ContentByteSize | | RequesterID | ReceiverID | State | ErrorCode | Attribute Name | Type | Description ------------------------------------------------------------------------------ CDRType |String| Type of CDR (Value = ContentRequest) TimeStamp | Long | Time of content request transaction (start/end) ContentURI |String| Unique identifier for the content to be distributed ContentType |String| Type of Content (WebPage, Movie, Song etc) RequesterID |String| Unique Identifier for entity requesting the content ReceiverID |String| Unique Identifier for entity receiving request ContentByteSize |Long | Size of Content distributed in Bytes State |String| State of Request (start,complete,error) ErrorCode |String| UnAuthorized,UnAuthenticated,TimeOut,etc Figure 4: Content Request CDR --------------------------------------------------------------------- 5.3.5 ContentRetrieval Work This transaction is the event (CDR) that represents the act where when a Content Request 'Miss' occurs, the 'content' is retrieved from the origin server and delivered to the element (CDN / cache) where the miss occurred. Gilletti, et al. Expires December 12, 2002 [Page 17] Internet-Draft CDI AAA Requirements June 2002 --------------------------------------------------------------------- A logical representation of this CDR is as below : | CDRType | TimeStamp | ContentURI | ContentType | ContentByteSize | | Origin_ID | Receiver_ID | State | ErrorCode | Attribute Name | Type | Description ---------------------------------------------------------------------------- CDRType |String | Type of CDR (Value = ContentRetrieval) TimeStamp | Long | Time of Content Retrieval transaction (start/end) ContentURI |String | Unique identifier for the retrieved content ContentType |String | Type of Content (WebPage, Movie, Song etc) Origin ID |String | Unique Identifier for Content Source Receiver_ID |String | Unique Identifier for receiver of content retrieved ContentByteSize | Long | Size of Content Injected in Bytes State |String | State of Injection (start,complete,error) ErrorCode |String | UnAuthorized,UnAuthenticated,TimeOut,etc Figure 5: Content Retrieval CDR --------------------------------------------------------------------- 5.3.6 ContentServiceDelivery Work This transaction is the event (CDR) that represents the act where a CDN delivers the Content requested to the entity which requested the content. Gilletti, et al. Expires December 12, 2002 [Page 18] Internet-Draft CDI AAA Requirements June 2002 --------------------------------------------------------------------- A logical representation of this CDR is as below : | CDRType | TimeStamp | ContentServiceURI | ContentServiceType | | ContentByteSize | DelivererID | ReceiverID | State | ErrorCode | Attribute Name | Type | Description ---------------------------------------------------------------------------- CDRType |String | Type of CDR (Value = Content/Service Delivery) TimeStamp |Long | Time of Content Delivery transaction (start/end) Content/ServiceURI |String | Unique identifier the delivered content/service Content/ServiceType|String | Type of Content/Service (WebPage, Movie, Song etc) DeliveryMode |String | mode of delivery (stream, filetransfer, http, etc) DelivererID |String | Unique Identifier of entity delivering the content ReceiverID |String | Unique Identifier for entity receiving the content ContentByteSize |Long | Size of Content Injected in Bytes State |String | State of Delivery (start,complete,error) ErrorCode |String | UnAuthorized,UnAuthenticated,TimeOut,etc Figure 6: Content Service Delivery CDR --------------------------------------------------------------------- Gilletti, et al. Expires December 12, 2002 [Page 19] Internet-Draft CDI AAA Requirements June 2002 6. Data Exchange Mechanism / Protocol 6.1 Introduction This objective of this section is to develop the requirements of a transport mechanism which shall be responsible for the transfer / exchange of a 'Work/Activity' (CDR) from one entity to another entity. 6.2 General Requirements This section details some of the general requirements of a transport protocol. 6.2.1 Separation of Exchange Protocol from CDR payload The transfer protocol must be cleanly decoupled from the CDR payloads that it will transfer. 6.2.2 Transfer Capability Negotiation Support for push, pull and poll transfers modes need to be supported. 6.2.3 Singular, Batched, Flow, & RealTime Modes of Data Exchange The transport protocol shall support batch, flow, and real-time modes of exchange of CDR payloads. Support for multiple channels of transport must exist to accommodate multiple varying throughput rate requirements, and/or multiple exchange modes between the accounting peering parties which occur at the same time. A specific transport channel shall be able to exchange multiple CDRs of a singular CDRType. That is, mixed CDRTypes within a singular channel is not supported. 6.2.4 Efficient Encoding 6.2.5 Transfer Flow & Rate Control The transfer protocol shall support flow control mechanisms to achieve sustainable delivery throughput between the two data exchange peers. 6.2.6 Guaranteed Delivery It is to be assumed that all works that are to be accounted for MUST never be lost. Therefore all transfer modes must achieve reliable and guaranteed delivery of CDR payloads. Unless there is a compelling case for an non-guaranteed delivery requirement, this Gilletti, et al. Expires December 12, 2002 [Page 20] Internet-Draft CDI AAA Requirements June 2002 assumption and requirement shall stand. 6.2.7 CDR Relationship Identifiers CDR EventIdentifiers (unique) may be required if relationships exist across a set of CDRs. Situations where interim CDRs are generated, it is necessary to track the sequencing of a related set to ensure completeness, detect errors, and the retransmission of CDRs. If relationships of a set of CDR spans a distributed domain, then a distributed numbering strategy must exist. 6.2.8 Protocol State Machines Clear visualization of transport protocol state machines in the sender and receiver must be developed. 6.2.9 Encryption It is recommended that encryption works from other IETF standards be leveraged to ensure data / CDR security. 6.3 Authorization and Authentication Authorization and authentication mechanisms must exist in the data exchange protocol to enable the initiation of data exchange. This mechanism may be influenced by external (out-of-scope) policy and control mechanisms / processes which precede the transfer / exchange of CDRs. 6.4 CDR Receivers Any entity that is 'CDN-I Accounting' enabled is eligible to receive a CDR. To enable the delivery of CDRs, the CDR Receiver must contact a CDR Generator and establish a channel. A channel must only be able to transfer CDRs of a singular CDRType. 6.5 CDR Generators : Only 1 CDR must be generated for a singular incidence of 'work'. Any entity which is 'CDN-I Accounting' enabled, is eligible to generate the CDR. The CDR Generator entity must be able to support the delivery of a CDR stream to multiple recipients if a single channel has been created between each recipient and the CDR Generator. 6.6 Fault-Tolerance Fault Tolerance, fail-over, and recovery mechanism mechanisms are required to insure against network failure, accounting peering Gilletti, et al. Expires December 12, 2002 [Page 21] Internet-Draft CDI AAA Requirements June 2002 component failure, packet loss, and/or device reboots. Gilletti, et al. Expires December 12, 2002 [Page 22] Internet-Draft CDI AAA Requirements June 2002 7. Further Issues Gilletti, et al. Expires December 12, 2002 [Page 23] Internet-Draft CDI AAA Requirements June 2002 8. Recommendations [Editor's Note: This section is here only to record some ideas that need to be discussed while this specification is being progressed.] One means of accommodating these types of services is to build off of the ongoing work of the IETF AAA working group [2]. At present this work is centered on the Diameter framework and protocol suite for both provisioning and accounting. Early observations indicate that Diameter has several characteristics that are desirable for consideration in fulfilling these accounting requirements. The high point characteristics are that it: Has a model that supports either direct aggregation to home provider 3rd party brokering. Has well developed security and trust relationships. Supports standardized, extensible accounting record format. Is generally extensible. Has hop-by-hop, as well as end-to-end encryption support. Gilletti, et al. Expires December 12, 2002 [Page 24] Internet-Draft CDI AAA Requirements June 2002 9. Conclusion There is a considerable amount of work remaining in defining the accounting requirements and relationships. As such, the authors welcome additional input from interested parties. Gilletti, et al. Expires December 12, 2002 [Page 25] Internet-Draft CDI AAA Requirements June 2002 References [1] "AAA Authorization Framework", August 2000, . [2] "Introduction to Accounting Management", October 2000, . [3] "Mobile IP Authentication, Authorization, and Accounting Requirements", October 2000, . [4] "Key words for use in RFCs to Indicate Requirement Levels", March 1997, . [5] "A Model for Content Internetworking (CDI)", February 2002, . [6] "Content Internetworking (CDI) Scenarios", February 2002, . [7] "Content Internetworking Architectural Overview", February 2002, . [8] "Request-Routing Requirements for Content Internetworking", February 2002, . [9] "Distribution Requirements for Content Internetworking", February 2002, . Authors' Addresses Don Gilletti CacheFlow, Inc. 551 Moffett Park Drive Sunnyvale, CA 94089 USA Phone: +1 408 543 0437 EMail: don@cacheflow.com Gilletti, et al. Expires December 12, 2002 [Page 26] Internet-Draft CDI AAA Requirements June 2002 Raj Nair Cisco Systems John Scharber CacheFlow, Inc. 551 Moffett Park Drive Sunnyvale, CA 94089 USA EMail: john.scharber@cacheflow.com Jay Guha Apogee Networks Park 80 West, Plaza II Saddle Brook, NJ USA Phone: +1 201 368 8800 EMail: jayg@apogeenet.com David Frascone Blackstorm Networks 250 Cambridge Avenue, Suite 200 Palo Alto, CA 94306 USA Phone: +1 972 524 6346 EMail: codemonkey@bstormnetworks.com Gilletti, et al. Expires December 12, 2002 [Page 27] Internet-Draft CDI AAA Requirements June 2002 Appendix A. Acknowledgments The authors acknowledge the contributions and comments of Brad Cain (Mirror Image), Mark Day (Cisco), Fred Douglis (AT&T), John Martin (Network Appliance), Doug Potter (Cisco), Oliver Spatscheck (AT&T), Gary Tomlinson (Entera), Lisa Amini (IBM) and Abhi Deskmukh (Apogee). Gilletti, et al. Expires December 12, 2002 [Page 28] Internet-Draft CDI AAA Requirements June 2002 Full Copyright Statement Copyright (C) The Internet Society (2002). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society. Gilletti, et al. Expires December 12, 2002 [Page 29]