TIA-1039-A:2011

$32.50

QoS Signaling for IP QoS Support and Sender Authentication

Published By	Publication Date	Number of Pages
TIA	2011	48

Guaranteed Safe Checkout

Category: TIA

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

This document updates TIA-1039 protocol which provides a Quality
of Service (QoS) signaling standard for use within IPv4 and IPv6
network-layer protocols. It also adds a security capability which
allows authentication of the sender to greatly increase the network
security. The TIA-1039A signaling scheme is designed to work
"in-band", and requires hardware or microcode support in the
participating network elements. To accomplish this, the QoS is
setup in real time across the network without a separate, outof-
band, software signaling structure like Reservation Protocol
(RSVP). The resource "request" and the "response" messages for TCP
are incorporated into the initial packets in the actual data flow,
allowing the QoS requirements to be setup in parallel with the
initial network traversal from sender to receiver and back. This
signaling scheme can be used to set the rate, burst tolerance,
preference priority, and delay priority.

TIA-1039 was introduced into the ITU many years ago and is now
progressing as Q.Flowstatesig. However, the marking of signaling
packets with a DCSP code has been rejected as creating a potential
incompatibility with other IP systems. In order to avoid any impact
on current IP practices, the revised approach is to encapsulate all
packets with a GRE protocol packet header using a IEEE assigned
Ethertype code, making the TIA-1039A traffic all appear as a new
protocol. An Ethertype code (0x22EF) has been obtained for the
revised protocol. As all the packets are now unique to this
protocol, signaling can easily be marked with no conflict with
other IP traffic. Also, since TIA-1039 has been extensively tested
under two DARPA programs, there are other simplifications and some
changes to avoid possible error conditions. Lastly, this version
has a new addition; the addition of a security structure to allow
secure authentication of the sender. The network uses this to
obtain the current maximum priority allocated to the sender, and
the receiver may also obtain certain limited information about the
sender. This addition allows the new protocol to be safely used for
Emergency Services to give priority to designated personal during
an Emergency. It also is designed to support a wide priority range
for use in a military network. It is designed to provide a new,
much higher level of network security where it is used.

The QoS defined within this signaling structure can support four
general types of service. The first is a fully guaranteed rate
service flow, which implies no oversubscription of network
resources. The second is a maximum rate service flow, which allows
some oversubscription but virtually no packet loss. The third is a
variable rate service flow, where available rate is combined with a
minimum rate guarantee. The fourth is an available rate service
flow, one that can jumpstart the Transmission Control Protocol
(TCP) to the highest rate the network can support, eliminating
slow-start problems. In the available rate service case the
capacity available based on network congestion is fed back to the
sender very rapidly at all times. This will help to differentiate
congestion problems from channel errors (measured in bit error
rates), permitting the sender to then optimize his packet error
control without confusing it with congestion. For premium services
like voice and video maximum rate service sets up a low delay, low
loss path with a minimal of effort.

This version of TIA-1039A adds a new capability to improve
network security through session authentication. Security against
cyber crime has thus far been mainly focused on the computer but
this battle is being lost; more software holes are found each month
than can be patched. This goal of this new capability is to have
the network help in this battle by authenticating the user and the
computers attached. The session authentication is optional and the
attributes of ones identity which are provided to the network or
the receiver are under the sender's control. However, legal
investigation of a cyber crime may have access to the user's
identity and transaction history, thus allowing, finally, the
ability to track down and stop most all cyber crime.