Page 140 - 5G Basics - Core Network Aspects
P. 140

1                                                Core network aspects


            18.2    Network-to-network interface (NNI)

            An NNI reference point resides between physical resources that individually belong to two different network
            operators. It can also reside between physical resources of a network operator and federation functions of
            an LINP exchanger when LINP federation is done using the LINP exchanger's federation functions.

            18.3    Virtual resource management interface (VMI)

            A VMI reference point resides between virtual resource management functions of a network operator and
            LINP operator functions of an LINP operator.


            18.4    LINP management interface (LMI)
            An  LMI  reference  point  resides  between  LINP  management  functions  of  a  network  operator  and  LINP
            operator functions of an LINP operator. It can also reside between LINP management functions of a network
            operator and service deployment functions of a service developer when service deployment functions are
            implemented by the service developer.

            18.5    Service management interface (SMI)

            An SMI reference point resides between service deployment functions of a network operator and service
            developer functions of a service developer when service deployment functions are implemented by the
            network operator.

            18.6    Programmer-to-redirector interface (PRI)

            A PRI reference point resides between a programmer and a redirector of physical node resource.


            19      Security considerations
            To make sure that all the LINPs are logically independent, virtual resources allocated to each LINP have to be
            isolated from those allocated to other LINPs. From the viewpoint of security, isolation of virtual resources is
            essential in preventing parties from having access or influence to unauthorized LINPs, whether or not they
            have a malicious intention. Thus, abstraction and allocation that physical resource management functions
            execute have to ensure the isolation of individual virtual resources. In addition, it is desirable that abnormal
            use of virtual resources can be detected by a collaborative mechanism of physical resource monitoring and
            fault  management  functions,  virtual  resource  monitoring  and  fault  management  functions,  and  LINP
            monitoring and fault detection functions.
            Also important for security is the implementation of authentication and authorization mechanisms. Since
            various kinds of user roles are involved in an LINP, network operators have to execute authentication and
            authorization for each kind of user roles. End-users that wish to enjoy services have to be authorized before
            they become able to access the corresponding LINPs. Service developers and LINP operators also have to be
            authorized  before  becoming  able  to execute their  functions  through  appropriate  reference  points.  LINP
            management functions and gateway functions that network operators implement are responsible in this
            regard.





















            130
   135   136   137   138   139   140   141   142   143   144   145