All rights reserved © 2005, Alcatel

Distributed Storage Networks

Dr. Stephan Rupp s.rupp@alcatel.de

All rights reserved © 2005, Alcatel

Page

Distibuted Storage Networks

Problems in current network design

Solutions - the Flexinet approach

Data beyond current user profiles

Technical options for distributed storage networks

All rights reserved © 2005, Alcatel

Page

Current Networks, for example 3GPP

Each function requires new network elements.

=> growing complexity

All rights reserved © 2005, Alcatel

Page

Problems with current network design

No Future!

Gc#3

C#4

Iu#19

D#17

SpecialisedNetwork Elements

Specialised Protocols

User Data hidden in Network

Elements

• a closed environment• a network for each service• too complex• too expensive

All rights reserved © 2005, Alcatel

Page

> go “meta”: use IDL on interfaces & semantic

models to describe the meaning of interfaces

> separate data from applications

Distibuted Storage Networks

Problems in current network design

Solutions - the Flexinet approach:

Data beyond current user profiles

Technical options for distributed storage networks

Functions of network

elements & protocols

become self-explanatory

Facilitates virtualisation of resources (application = computer power, data =

storage).The bigger bang.

All rights reserved © 2005, Alcatel

Page

The traditional approach: functions and protocols

The Customer

Billing CSE HSS CRMCC Marketing

Distributed and hidden information

All rights reserved © 2005, Alcatel

Page

A new approach: data centric design

Billing

CSE

HSS

CRM

CC

Consolidation of customer data

“The Customer Profile”

Marketing

All rights reserved © 2005, Alcatel

Page

Keep data in

one place.

HLR

SCP

Voice

Mail

Video

Mail

E-Mail

SMS

HLR1 HLR2 HLRn

SCPnSCP1 SCP2

VoiceMail Video

Mail

E-MailSMS

Which data?

Instead of protocol

specifications:IDL + semantic

model of interfaces

New areas of application?

Data models & technical options for

implementation (distribution, persistency,

redundancy, security)

Technical Challenges

All rights reserved © 2005, Alcatel

Page

Distibuted Storage Networks

Problems in current network design

Solutions - the Flexinet approach

Data beyond current user profiles

Technical options for distributed storage networks:

All rights reserved © 2005, Alcatel

Page

Beyond current user profiles

Extended User Profile e.g. Mobile SubcriberUser data and services subscribed

Device Profilesassociated with user profiledecribes device, supplier, hardware, firmware software

Identification SystemSemantic models for classification

Meta Data Place, how to access, interface definition

Messages, Files, Executables and Blobs Any information distributed over the network in need of

storage

User

Device

Device

HW FW SW

All rights reserved © 2005, Alcatel

Page

Beyond current service offerings

User and Devices

Identity Provider

Devices & Software(Supplier, ASP)Service

Semantic Modell:System for Classification and Schnema-Transformations

Meta-Information:Object References, IDL, Inventory?

All rights reserved © 2005, Alcatel

Page

Distibuted Storage Networks

Problems in current network design

Solutions - the Flexinet approach

Data beyond current user profiles

Technical options for distributed storage networks:

> store data in a redundant and secure way

> present single point of access to all data for all

applications and administrative systems

All rights reserved © 2005, Alcatel

Page

Redundancy and geographic distribution

SAN SANSite 1 Site 2

Layer 1 Fibre Channel

DatabaseServer

LAN

DatabaseServer

LANWANLayer 2

DatabaseServer

DatabaseServer

Appl. Logic 1e.g. HLR

Appl. Logic x Appl. Logic 1e.g. HLR

Appl. Logic x

Signaling Network (SS7, SIGTRAN)

Layer 3

WAN

Fibre Channel

DWDMDark FiberSDH

All rights reserved © 2005, Alcatel

Page

Resilience and Redundancy

CharacteristicTypical High Availability Systems

Redundancy by Distributed Storage Networks

Unit Cost

High

(Proprietary HW and standby redundant policy)

Low

(COTS HW and optimised redundancy policy)

Typical Architecture Mated-pair Load-sharing peers

Local Fault Tolerance 2 x N N + k

Geographical Redundancy 4 x N N + k

Disaster Recovery Time Minutes -> Hours Instant

Source: Siemens/Apertio, Flexinet 2nd operator workshop, Dec. 2, 2005

All rights reserved © 2005, Alcatel

Page

Security threats for distributed storage networks

Same risks as in current distributed systems, but the the potential damage is much bigger.

However:Centralisation facilitates higher level of

protection compared to protecting many distributed systems.

All rights reserved © 2005, Alcatel

Page

Security Concept: Access Control & Roles

.

.

.

Authentication

Role

Departsments/ Organisations define:

Role

Role

.

.

.

Security Policy

Processes

Access rights

Security Policy

Security Category

Processes

Access rightsAuthorisation

Security PolicyProcesses

Tasks

Functions

Security Policy

Application / Ressource

Desired Ressource

Security PolicyProcesses

Tasks

Functions

All rights reserved © 2005, Alcatel

Page

Security Policy

Access rights to

- IT services (applications, tools)

- Data

- Ressources (Subnetworks, disks, ...)

Administrator rights

Physical access to

- plants and buildings

- technical equipment

...

Processes

- Logging, recording of interventions

Log Files, Tracking

- Physical access

Authentication, Monitoring, ...

Registration, Deregistration, ...

- Backup procedures

- Roll Back methods

...

What is used ?

is accessible ?

How- should access be controlled ?

- secure has communication to be ?- to reverse interventions ?

- to log interventions ?How, how-long, where- should data be stored ?

Security Policy

All rights reserved © 2005, Alcatel

Page

www.alcatel.com

Thanks for your attention!

Questions?