Page 140 - 5G Basics - Core Network Aspects
P. 140
1 Core network aspects
18.2 Network-to-network interface (NNI)
An NNI reference point resides between physical resources that individually belong to two different network
operators. It can also reside between physical resources of a network operator and federation functions of
an LINP exchanger when LINP federation is done using the LINP exchanger's federation functions.
18.3 Virtual resource management interface (VMI)
A VMI reference point resides between virtual resource management functions of a network operator and
LINP operator functions of an LINP operator.
18.4 LINP management interface (LMI)
An LMI reference point resides between LINP management functions of a network operator and LINP
operator functions of an LINP operator. It can also reside between LINP management functions of a network
operator and service deployment functions of a service developer when service deployment functions are
implemented by the service developer.
18.5 Service management interface (SMI)
An SMI reference point resides between service deployment functions of a network operator and service
developer functions of a service developer when service deployment functions are implemented by the
network operator.
18.6 Programmer-to-redirector interface (PRI)
A PRI reference point resides between a programmer and a redirector of physical node resource.
19 Security considerations
To make sure that all the LINPs are logically independent, virtual resources allocated to each LINP have to be
isolated from those allocated to other LINPs. From the viewpoint of security, isolation of virtual resources is
essential in preventing parties from having access or influence to unauthorized LINPs, whether or not they
have a malicious intention. Thus, abstraction and allocation that physical resource management functions
execute have to ensure the isolation of individual virtual resources. In addition, it is desirable that abnormal
use of virtual resources can be detected by a collaborative mechanism of physical resource monitoring and
fault management functions, virtual resource monitoring and fault management functions, and LINP
monitoring and fault detection functions.
Also important for security is the implementation of authentication and authorization mechanisms. Since
various kinds of user roles are involved in an LINP, network operators have to execute authentication and
authorization for each kind of user roles. End-users that wish to enjoy services have to be authorized before
they become able to access the corresponding LINPs. Service developers and LINP operators also have to be
authorized before becoming able to execute their functions through appropriate reference points. LINP
management functions and gateway functions that network operators implement are responsible in this
regard.
130