Wipro Technologies - Body electronics, Design for test, Design Services, Diagnostics, Digital TV software, DVB stack, Embedded solutions, Firmware development,H.264 decoder,H.264 encoder, Hands free telephony, ISO 13485,Medical devices, Physical design, Plant integration, SCADA, Software product engineering, Software quality assurance, Storage network, Storage virtualization, VLSI design

Search

Telecommunication Solutions

Broadband Network

Optical Networks

Space Communications

Voice and Next-Generation Networks

Wireless Networks and Devices

Systems Integration and Consulting

Testing

Hardware Expertise

Intellectual Property

OPTICAL NETWORKS

Case Study

The client

The client is a Telecom Vendor with products in enterprise, optical, wireline, and wireless networks covering network element, element management, and network management spaces.

Challenge

The customer had an existing element management system and network element controller. The EMS communicated with the element controller to extract the required data from the network element for management purposes.

One of the major end-customer of Wipro's customer wanted to deploy a optical network and wanted to have enhanced security features at the network element controller.

One of the major enhancements was a centralized security mechanism wherein the users can authenticate and authorize from a central location, element management system. The security mechanism had to synchronize with network element and NE controller layers.

The element controller and the network element performed user authentication with the local database of its own. It was required to decouple the authentication from local databases and having the same at element management system layer.

Other features like Keyboard locking, port locking and max invalid attempts was required to be implemented and the parameters need to be distributed to the complete network.

Solution

	After series of brainstorming sessions with architects, architecture was decided upon. Architecture based on TL1 protocol and CMISE protocol was chosen
	The radius protocol (RFC 2865) was used as a mechanism to perform remote user authentication. The login subsystems in the element controller was to send the Userid and the Password to the Radius server residing in the centralized element management system via radius protocol
	Any attempt to authenticate on the network element resulted in a CMISE message being sent to the element controller. A daemon process running on the element controller could receive the CMISE message and was to act as the radius client, thereby forwarding the authentication request to the centralized radius server residing on the element management system
	The radius accept message sent form the EMS contained the privilege of the user. This value was then to be sent to the NE via the element controller
	The element controller performed the authorization by virtue of the privilege it obtained from the centralized radius server residing on the EMS, based on which the users were provided with the required functionalities
	The challenge mechanism was used as an alternative to log in to the element controller and the network element in case of a radius link failure between the element controller and EMS having the centralized radius server. The challenge mechanism involved the generation of a random challenge to the user for which the user was to provide the right response. The user privilege and UserId along with the challenge string was converted to a challenge response via MD5 encryption routines
	TL1 protocol was used to distribute the security parameters like keyboard lockout, port lockout and maximum invalid attempts between the EMS and the element controller. CMISE messaging was used for communication between element controller and the network element
	The keyboard lockout functionality assured that if a screen was left unused it would get locked after a threshold time period decided by the keyboard timeout parameter
	Port locking was a feature by which the serial port was locked when a certain threshold of logins had been performed
	A tool was created which would convert the switch the element controller between the two modes. One with enhanced security mechanisms and the other mode where in the older security mechanism is used

Benefits

	Effort deviation for the entire project when compared to the original projected effort was within 10%
	Unit Test execution results were having a pass rate of more than 85%

Achievements

This feature was very important for the client since this was one of the main features, which the client's end-customer (service provider) was interested in. This enabled the client to release a competitive product with required secure mechanism in time.

Technology used

Software	Element Controller and Optical Digital Cross Connect Network Element.
Hardware	HP-UX workstations
Protocols/Standards	TL1, CMISE, RADIUS
Languages	C


	Send us an email Request proposal for services Subscribe to our monthly newsletter

CASE STUDIES

	Design and development of a generic TL1 network element simulator
	Element management system for optical network elements
	Element management system gateway on TMF 814 framework for optical network elements
	More case studies

Privacy

Sitemap