ECMA TR 92-2010 Corporate Telecommunication Networks - Mobility for Enterprise Communications (2nd Edition)《企业通信网络 企业通信的移动性(第2版)》.pdf

1、 Reference numberECMA TR/92:2010Ecma International 2010ECMA TR/92 2ndEdition / December 2010 Corporate Telecommunication Networks Mobility for Enterprise Communications COPYRIGHT PROTECTED DOCUMENT Ecma International 2010 Ecma International 2010 i Contents Page 1 Scope 1 2 References . 1 3 Terms and

2、 definitions . 3 4 Abbreviations . 7 5 Background 9 6 Mobility types and terms 11 6.1 Mobility types . 12 6.1.1 Terminal mobility . 12 6.1.2 User mobility 12 6.1.3 Session mobility 12 6.1.4 Service mobility . 12 6.2 Mobility across different network infrastructures . 13 6.2.1 Mobility across access

3、network technologies . 13 6.2.2 Mobility across administrative network domains 13 6.3 Mobility modes 13 6.3.1 Nomadic mode . 14 6.3.2 Portable mode 14 6.3.3 Mobile mode . 14 7 Basic functionalities to enable mobility 14 7.1 Mobility management 15 7.1.1 Handover of media connections and sessions 16 7

4、.1.2 Mobility management support for IP-networks 17 7.2 Identity and access management 18 7.2.1 User and terminal identification . 19 7.2.2 Authentication . 20 7.2.3 Access management . 20 7.3 Device/ configuration management and policy enforcement . 21 7.4 Location management 21 7.5 Reachability ma

5、nagement 21 7.6 Virtual Desktop Infrastructure 22 8 Requirements and standardization gaps 23 8.1 Nomadic deployments 25 8.1.1 Scenario: Hot-desking within the enterprise network (NGCN) . 26 8.1.2 Scenario: Remote access from a public network 26 8.2 Portable deployments . 27 8.2.1 Scenario: Changing

6、location of a terminal while keeping communication sessions alive . 27 8.2.2 Scenario: Changing terminal while keeping communication sessions alive . 28 8.3 Mobile deployments 28 8.3.1 Scenario: Continuous connection across different public networks with the same access technology . 28 8.3.2 Scenari

7、o: Continuous connection across an enterprise and a public mobile network with different access technologies 29 9 Summary of standardization gaps . 30 9.1 General issues . 30 9.2 Mobility management 31 9.3 Identity and access management 31 9.4 Device/configuration management 31 9.5 Reachability mana

8、gement and location management 31 ii Ecma International 2010Introduction This Technical Report identifies key mobility issues for IP-based enterprise communications. It defines terms for different types of mobility, describes basic functionality in support of mobility, and lists common deployment sc

9、enarios. For each scenario the report identifies functional requirements and standardization gaps related to the management of mobility, identity, terminals and reachability. This Technical Report is based upon the practical experience of Ecma member companies and the results of their active and con

10、tinuous participation in the work of ISO/IEC JTC1, ITU-T, ETSI, IETF and other international and national standardization bodies. It represents a pragmatic and widely based consensus. Compared to the 1st Edition, this document has been completely rewritten, taking into account more recent informatio

11、n and identifying requirements and standardization gaps. This Ecma Technical Report has been adopted by the General Assembly of December 2010. Ecma International 2010 iii “DISCLAIMER This document and possible translations of it may be copied and furnished to others, and derivative works that commen

12、t on or otherwise explain it or assist in its implementation may be prepared, copied, published, and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this section are included on all such copies and derivative works. However, this docume

13、nt itself may not be modified in any way, including by removing the copyright notice or references to Ecma International, except as needed for the purpose of developing any document or deliverable produced by Ecma International (in which case the rules applied to copyrights must be followed) or as r

14、equired to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by Ecma International or its successors or assigns. This document and the information contained herein is provided on an “AS IS“ basis and ECMA INTERNATIONAL DISCLAI

15、MS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY OWNERSHIP RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.“ iv Ecma International 2010 Ecma International 2010 1Corpor

16、ate Telecommunication Networks Mobility for Enterprise Communications 1 Scope Mobility for enterprise communications is the ability for persons and objects, e.g. vehicles, sensors and other machines, belonging to the enterprise to use communication and information services regardless of changes in t

17、heir physical location. This includes also the ability to be reached by other persons or objects for communications. The Technical Report encompasses the mobility of enterprise users connecting to enterprise and public IP networks using wired and wireless terminals for voice, data and converged serv

18、ices. It defines terms for different types of mobility, describes basic functionality in support of mobility, and lists common deployment scenarios. For each scenario the report identifies functional requirements and standardization gaps with the main focus on the management of mobility, identity, t

19、erminals and reachability. However, it does not provide technical solutions but lays the foundations for triggering standardization projects in areas where gaps have been identified. More general aspects of enterprise communications based on Next Generation Corporate Networks (NGCN) and interconnect

20、ion with Next Generation Networks (NGN) are covered by the companion series of Ecma Technical Reports on NGCN 1, 2, 3 and 4. 2 References For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. 1

21、ECMA TR/95, Next Generation Corporate Networks (NGCN) - General http:/www.ecma-international.org/publications/techreports/E-TR-095.htm 2 ECMA TR/96, Next Generation Corporate Networks (NGCN) - Identification and Routing http:/www.ecma-international.org/publications/techreports/E-TR-096.htm 3 ECMA TR

22、/100, Next Generation Corporate Networks (NGCN) - Security of Session-based Communications http:/www.ecma-international.org/publications/techreports/E-TR-100.htm 4 ECMA TR/101, Next Generation Corporate Networks (NGCN) - Emergency Calls http:/www.ecma-international.org/publications/techreports/E-TR-

23、101.htm 5 ECMA TR/102, Personal Networks Overview and Standardization Needs http:/www.ecma-international.org/publications/techreports/E-TR-1xx.htm 6 IETF RFC 2904, AAA Authorization Framework http:/tools.ietf.org/html/rfc2904 7 IETF RFC 3261, SIP: Session Initiation Protocol http:/tools.ietf.org/htm

24、l/rfc3261 8 IETF RFC 3344, IP Mobility support for IPv4 http:/tools.ietf.org/html/rfc3344 2 Ecma International 20109 IETF RFC 3515, The Session Initiation Protocol (SIP) Refer Method http:/tools.ietf.org/html/rfc3515 10 IETF RFC 3748, Extensible Authentication Protocol (EAP) http:/tools.ietf.org/htm

25、l/rfc3748 11 IETF RFC 3775, IP Mobility support in IPv6 http:/tools.ietf.org/html/rfc3775 12 IETF RFC 3856, A Presence Event Package for the Session Initiation Protocol (SIP) http:/tools.ietf.org/html/rfc3856 13 IETF RFC 3891, The Session Initiation Protocol (SIP) Replaces Header http:/tools.ietf.or

26、g/html/rfc3891 14 IETF RFC 3920, XML streams, SASL, TLS, stringprep profiles, stanza semantics http:/tools.ietf.org/html/rfc3920 15 IETF RFC 3921, XMPP extensions for basic instant messaging and presence http:/tools.ietf.org/html/rfc3921 16 IETF RFC 4282, The Network Access Identifier http:/tools.ie

27、tf.org/html/rfc4282 17 IETF RFC 4301, Security Architecture for the Internet Protocol http:/tools.ietf.org/html/rfc4301 18 IETF RFC 4511, Lightweight Directory Access Protocol (LDAP): The Protocol http:/tools.ietf.org/html/rfc4511 19 IETF RFC 4831, Goals for Network-Based Localized Mobility Manageme

28、nt (NETLMM) http:/tools.ietf.org/html/rfc4831 20 IETF RFC 5213, Proxy Mobile IPv6 http:/tools.ietf.org/html/rfc5213 21 IETF RFC 5246, The Transport Layer Security (TLS) Protocol Version 1.2 http:/tools.ietf.org/html/rfc5246 22 IETF RFC 5247, Extensible Authentication Protocol (EAP) Key Management Fr

29、amework http:/tools.ietf.org/html/rfc5247 23 IETF RFC 5281, Extensible Authentication Protocol Tunneled Transport Layer Security Authenticated Protocol Version 0 (EAP-TTLSv0) http:/tools.ietf.org/html/rfc5281 24 IETF RFC 5589, Session Initiation Protocol (SIP) Call Control Transfer http:/tools.ietf.

30、org/html/rfc5589 25 IETF RFC 5849, The OAuth 1.0 Protocol http:/tools.ietf.org/html/rfc5849 26 ITU-T Rec. G.1010, End-user multimedia QoS categories http:/www.itu.int/rec/dologin_pub.asp?lang=e Technical Specification Group Services and System Aspects; Feasibility Study on Support for 3GPP Voice Int

31、erworking with Enterprise IP-PBX (VINE) http:/www.3gpp.org/ftp/tsg_sa/WG1_Serv/TSGS1_51_Seoul/Docs/S1-102379.zip 29 IEEE 802.1X, IEEE Standard for Local and metropolitan area networks - Port-Based Network Access Control http:/www.ieee802.org/1/pages/802.1x-rev.html 30 IEEE 802.21, Media independent

32、handover http:/www.ieee802.org/21/ 31 Liberty Alliance Identity Federation Framework V.1.2 (ID-FF) http:/projectliberty.org/resource_center/specifications/liberty_alliance_id_ff_1_2_specifications/?f=resource_center/specifications/liberty_alliance_id_ff_1_2_specifications 32 OASIS, Web Services Fede

33、rations http:/www.oasis-open.org/committees/documents.php?wg_abbrev=wsfed 33 OASIS, XACML 2.0 Core: eXtensible Access Control Markup Language (XACML) V 2.0, http:/docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf 34 OASIS, Security Assertion Markup Language (SAML) 1.0/1.1/2.0 h

34、ttp:/www.oasis-open.org/specs 35 OMA Device Management V2.0 http:/www.openmobilealliance.org/Technical/release_program/dm_v2_0.aspx 36 OpenID Authentication 1.1/2.0 http:/ 37 OSGi Alliance, JSR 232 Mobile Operational Management http:/www.osgi.org/JSR232/HomePage 38 WiFi Alliance WPA2 (WiFi Protected

35、 Access 2) http:/www.wi-fi.org/knowledge_center/wpa2 39 SPICE Project, Spice remote computing protocol definition v1.0 http:/www.spicespace.org/docs/spice_protocol.pdf 40 SPICE Project, VD Interfaces http:/www.spicespace.org/docs/vd_interfaces.pdf 41 IST ENABLE Project Report, ENABLE Enabling effici

36、ent and operational mobility in large heterogeneous IP networks, ISBN 978-84-691-0647-1 (http:/www.ipv6tf.org/pdf/enablebook.pdf) 42 Claims-based Identity for Windows, Report from David Chappell increase of hosted ICT services offered by ISPs or public carriers for non-core enterprise tasks; demand

37、for access to ICT resources from everywhere, meaning mobility; fast growing variety in types and applications of ICT. For the support of mobility, the architecture of the enterprise ICT infrastructure must support access by the mobile workforce. The architecture therefore has to provide interfaces t

38、o the basic functions of the data center, e.g. ERP and work flows, for a diversity of mobile/ portable terminals. In addition interfaces are needed to enable the provision of services, for exchange of data and communications in a managed and secure way. In the highly responsive enterprise of the fut

39、ure (real-time enterprise) the office no longer represents the actual physical location where all of the employees are situated, but the environment they are working in at the office, at an industrial plant, at home or on the road with a range of digital appliances that continues to diversify and pr

40、oliferate. Next generation public networks (NGN) and next generation corporate networks (NGCNs 1) are extending their reach to provide mobility with wireless or wired technology, e.g. high-bandwidth wireless hotspots, digital cellular or DSL access to address the needs of anytime, anywhere at any 10

41、 Ecma International 2010device communications. This includes besides the support of interpersonal communication (e.g. via voice/video), person-to-machine (e.g. IVR), machine-to-person (e.g. broadcast or alarms) and machine-to-machine communications (e.g. automatic software updates of terminals). Exa

42、mples for mobility applications in enterprise communications are: Public transport, logistics: voice over WLAN and mobile data for personnel, e.g. at loading docks; access to enterprise resources during travel. Hospitals: communications services and database access to patients; patient personal comm

43、unications; monitoring patients; data-interchange with ambulance; easy ad-hoc access to patient data (for authorized personnel only) anywhere; voice over WLAN for nurses and doctors; information on where to find personnel within premises. Large industrial plants, campus areas: machine-to-machine com

44、munication; many “mobile“ people (many meetings, projects, various large buildings); mobile access to data, e.g. for service personnel; remote and distributed inventory management. Figure 1 depicts an example of an enterprise network environment for mobility using enterprise (solid lines) and public

45、 network (dotted lines) connections. Ecma International 2010 11Fixed Desktops Mobile Devices Figure 1 Enterprise network environment for mobility As shown in Figure 1, mobility for enterprise communication is supported not only by the corporate LAN/WAN but also by the emerging IP-based public mobile

46、 and fixed networks, including the Internet. Of high importance for mobility are WLAN islands (hotspots) that provide broadband data access and voice telephony (VoWLAN), either on the enterprise campus or in public areas, Other promising technologies for enterprise mobility are WIMAX, moving network

47、s, self-organizing mobile networks (e.g. adhoc and meshed networks) and personal networks 5. However, these technologies are out of scope of this report. As ICT has become an integral part of business processes the provision of mobility may introduce serious risks to business continuity, due to the

48、opening of the ICT network infrastructure to foreign network domains. In addition, the emergence of new mobile platforms (e.g. smart phones, netbooks) and the rapid growth of mobile applications have triggered the infiltration of personal devices into the workplace. Therefore enterprise ICT departme

49、nts are challenged to exploit changed mobility technology and user behaviour for the benefit of business processes without threatening the security of enterprise data and infrastructure For economic reasons the enterprise information and communication infrastructure has to rely on the same technologies and standards as used for the public infrastruct