Diameter Protocol - the Next Generation AAA Protocol
Diameter protocol is an upgrade of the older AAA protocol, Remote Authentication Dial In User Service (RADIUS) So what good are these AAA protocolsDiameter protocol is an upgrade of the older AAA protocol, Remote Authentication Dial In User Service (RADIUS). So what good are these AAA protocols? Let us start by defining what AAA stands for. Authentication, Authorization, and Accounting (AAA) are the major processes required when an entity requests a connection to a network service. Both Diameter and RADIUS protocols provide these services for anybody or any machine that wishes to make contact with a network.
Services requiring AAA protocols include ISP?s, web servers, Wireless Networks, and other services that need authentication of an entity before providing a connection. Connecting to an ISP providing dial-up connection requires a user of an ID and a password. The process starts by verifying the account from the ISP?s valid entries, once verified it continues to search for privileges given to the user before allowing it to access the accounting section of the network. Diameter protocol uses an enhanced method in performing the process.
Advanced features of diameter protocol include error management and notification, enhanced AVP (attribute-value pairs), and reliable connection through the use of TCP and SCTP instead of UDP. RADIUS can perform the basic function of an AAA protocol however, the demand for more reliability and security made the advent of diameter protocol. This includes the requirement of wireless network providers for advance roaming features.
Diameter protocol uses peer-to-peer standard. This means that an entity implementing the protocol can either be the client or server. A client may request a connection to the server by sending an Accounting-Request. This request will then be verified by a Capability-Exchange-Request (CER) message and once recognized for compatibility the receiver will then be sending Account- Answer message.
To secure diameter messages, it is required that a diameter stack must use IPsec and an optional TLS (Transport Layer Security) to convey these messages. Diameter data is carried in the form of AVP containing routing information and AAA information. Messages can be in different forms, but are synchronous from both the requesting entity and the server. A counterpart message form is located at the server to transport back responses to the client.
A connection can be established by sending a request to another diameter peer. Once a responding peer is detected, a client diameter will then issue a unique session-id to determine the time frame of the connection. The session-id holds the information for the session as the communication continues. The session will be constantly monitored by the diameter server to determine to connectivity of both nodes. If a recipient is not present, a termination session will be sent ending the connection.
Diameter stack allows developer to integrate the protocol to any application that complies with the requirement. Through the diameter stack, an application may be able to support applications or interfaces with extensions Cx, CCA, Dx, Rf, Ro, and Sh. A diameter stack should also be compliant with the 3GPP or 3GPP2 standards.
If you are looking for more information related to then feel free to visit http://www.traffixsystems.com