Vojnotehnički Glasnik (Jun 2013)

Analysis of the radius and diameter protocols in terms of pricing telecommunication services

  • Vesna M. Radonjić,
  • Andrijana N. Todosijević,
  • Milica R. Petrović,
  • Mirjana D. Stojanović,
  • Aleksandra M. Kostić-Ljubisavljević

DOI
https://doi.org/10.5937/vojtehg61-2221
Journal volume & issue
Vol. 61, no. 2
pp. 218 – 241

Abstract

Read online

Accounting of telecommunication services is closely related to the functions of authentication and authorization. These functions are usually considered together and implemented within the same server using a common protocol. The most renowned protocols for authentication, authorization and accounting are the RADIUS and Diameter protocols. AAA functions and related protocols In this chapter, the accounting management architecture developed by IETF is presented. It includes the interaction between network elements, accounting servers and billing and charging servers. Accounting data can be used for management, planning and charging users as well as other (specific) purposes. Authentication is the process of confirming a user's digital identity, usually through some type of identifiers and related data. Authorization determines whether a particular entity is authorized to perform an activity. Basic Functions of the RADIUS Protocol The RADIUS architecture is based on a client-server model. It uses UDP on the transport layer. Transactions between the client and the server are authenticated, which is achieved by using a common secret key that is never sent through the network. Given the limited resources available to network devices, RADIUS facilitates and centralizes charging end users, provides some protection against active attacks by unauthorized users and it has great support from different network equipment vendors. Although RADIUS is a widely accepted protocol for the mechanisms of authentication, authorization and accounting, it has certain shortcomings that may be caused by the protocol itself or by its poor implementation. Architecture and Operation of the Diameter Protocol Diameter is a scalable protocol designed by the IETF working group in order to eliminate shortcomings and functional limitations of the RADIUS protocol and eventually to replace it in the near future. Most of the basic Diameter mechanisms and its functionality are based on the fundamental functionality of the RADIUS protocol and the rest is a result of new solutions and improvements to the existing ideas. The Diameter protocol focuses on the expansion of flexible, advanced routing algorithms, dynamic troubleshooting and safety characteristics of the transport layer. This paper defines the basic packet formats, data transfer mechanisms and error management, methods of communication between individual elements of the architecture and basic security functions. The Diameter protocol architecture is based on the peer-to-peer model. Besides clients and servers, network agents can be the elements of this architecture. The Diameter agent is an element that does not allow authentication / authorization locally, but the server performs this operation, while one node can be both the client and the server simultaneously. The role of agents can be forwarding (Relay Agent), redirection (Redirect Agent), mediation (Proxy Agent) and translation (Translation Agent). Since the peer-to-peer model is applied, each Diameter element can establish more connections at the same time. Diameter enables the delivery of attribute value pairs, the possibility of negotiation, error notification, extensibility by adding new commands and attribute value pairs, the basic services necessary for applications such as managing user sessions or accounting. Comparison of the RADIUS and Diameter protocols Although at the protocol market for authentication, authorization and accounting, the RADIUS protocol remains the most popular, its popularity and dominance has a decreasing tendency. The main reasons for this are more prominent limitations which are particularly perceived due to new and increasingly popular technology. Therefore, the main issue is about a protocol that will replace RADIUS. The peer-to-peer architecture used by Diameter is much more flexible than the client-server model because in the peer-to-peer architecture every element can be both the client and the server, depending on the current needs of the network. At the transport layer, Diameter uses the TCP or SCTP protocols. When compared to UDP, these protocols provide reliable transmission which is very important for applications exchanging data related to accounting. In addition, the Diameter protocol allows the transmission of accounting information in real time and it incorporates several methods for troubleshooting in order to minimize the loss of accounting data when a failure occurs, which is not the case with RADIUS. Given the present benefits, introduced improvements, flexibility, expandability, IETF and 3GPP's support and the support of big companies, there is a great chance that Diameter will replace RADIUS. Conclusion This paper presents a general overview of the RADIUS and Diameter protocols, including some of their basic operations with a special emphasis on accounting applications. The similarities of these protocols are reflected in the support of the same functions in a similar format of the packages. The differences are related to the protocol architectures and the methods of determining authentication, authorization and accounting mechanisms. Regarding accounting aspects, the most important advantages of the Diameter protocol are its possibility to transmit accounting information in real time and implemented mechanisms for troubleshooting in order to minimize the loss of accounting data in case of failure. Owing to to these characteristics, the Diameter protocol achieves a significant advantage over RADIUS in next generation networks.

Keywords