A telecommunications system can be considered as a system comprising a plurality of devices arranged to cooperate among them to provide telecommunications services to a plurality of users. Their number and kind depend on the particular characteristics of a telecommunications system and, in general, depend to a great extent on the functions implemented and services provided by (or through) said system. Devices on a telecommunication system are, for example: Public Switches of public switched telephone networks PSTN, Mobile Switching Centers MSCs, Serving or Gateway GPRS Support Nodes SGSNs GGSNs, Session Initiation Protocol SIP proxy or redirect servers, data bases storing data related to users or services (such as Home Location Registers HLRs, Number Portability data bases, user profile data bases, etc), specialized servers for pre-paid or post-paid processing, application servers, protocol and/or media gateways, authentication-authorization-accounting servers AAA, data packet routers, etc. User terminals utilized by the end users of a telecommunications system to access to the services it provides (e.g.: mobile phones, personal computers, etc), can also be considered as devices in a telecommunications system.
Each device in a telecommunications system can perform or intervene in the accomplishment of one or more services and/or functions, and can hold one or more data objects that can be used, for example, as parameters for governing an execution aspect of said function or service, or as information elements for shaping or characterizing the content of the information provided by said function or service. The nature of a particular data object can vary according to the nature of the specific service or function it relates to. For example, a data object can be a single data structure comprising just an integer value that determines e.g. a given time value of a protocol timer, or can be a complex data structure that stores e.g. data related to a subscriber (e.g.: a set of identifiers such as his Mobile Subscriber ISDN Numbers MSISDN, International Mobile Subscriber Identity IMSI number, Uniform Resource Locators URLs, allowed services, subscribed/activated services, etc) or to a service (e.g.: service name, available languages, allowed users, available service time per user, service specific data, etc).
A given device in a telecommunications network can contain one or more data objects which are manageable by means of one or more management operations which allow a data object to be initially set, accessed, modified, erased, etc. This is commonly achieved by entering into the managed device a management order which requests one or more management operations over one or more managed data objects said device holds.
Among other factors, the huge number of devices in some state-of-the-art telecommunications systems, as well as their distribution in distant geographical locations, has made unfeasible to handle the management processes locally (e.g. by entering management orders into said devices by means of a local management terminal connected to a local management interface in the managed device). This has driven to the development of management frameworks which allow to handle the management process remotely. These management frameworks usually comprises a number of management servers, arranged to issue remotely management orders to, commonly, a plurality of managed devices, and the use of one or more management protocols—(such as the standardized “Simple Network Management Protocol” SNMP, “Lightweight Directory Access Protocol” LDAP or other non-standardized—i.e. ad oc, proprietary—management protocols) to convey the management orders between a management server and a managed device (as well as, when it proceeds, to convey the corresponding responses from a management device to a management server); wherein the management servers and the managed devices communicates via one or more communication networks to which they are connected. Additionally, for handling more homogeneously the management processes, it is usually defined the identifiers and generic pattern structures of the commonly managed data objects (which can comprise, for example, the data structure of the data attributes in said data objects together with their relationships, as well as their respective value range), and also the identifiers of the management operations to initially set, modify, obtain, etc, these data objects.
Accordingly, a management order can comprise an identifier of a managed device (e.g.: an Internet Protocol IP address, a URL, etc), an identifier of a managed data object, and an identifier of a management operation. In some cases wherein, for example, a response to a management order needs to be sent from a managed device (e.g.: conveying a result, or conveying the content of a data object), a management order can also comprise an identifier (e.g.: an Internet Protocol IP address, a URL, etc) of the management server which sends it in order to send back said response.
Given that the content of management orders sent to the managed devices, as well as the content of the eventual subsequent responses from the managed devices, can be considered as sensitive information, secure communication mechanisms can be also utilized to establish a secure communication between a management server and a managed device which can prevent eavesdropping.
On the other hand, and conditioned (among other) by the need of using multiple-purpose platforms and products and facilitating the management processes, there can be cases where the same machine (e.g.: a personal computer) can be utilized as a management server by a given person to issue management orders, as well by other people for the same or different purposes. Similarly, a subscriber of a telecommunication system can use his end user terminal (e.g.: a mobile phone) as a management server to issue managements orders (e.g.: through a self-provisioning application accessed via HTTP or WAP) which request the execution of management operations over his subscription data or service data. Accordingly, the origin of a management order (hereinafter referred as “origin manager”) can be considered as comprising, not only the machine from which it is sent, but, additionally or alternatively, the user who is operating said machine.
In summary, the constant evolution of products, platforms and services has made the telecommunications systems become more complex, with more number and kind of devices to be managed. At the same time, the management orders can be originated from a greater number of origin managers due, not only to scalability, reliability or usability reasons, but also due to the specialization and/or assignation of some origin managers for managing certain kind of devices and/or certain kind of data objects (e.g.: management orders related to user-subscription data in HLRs, related to provisioning of service data in service data bases or application servers, related to operation and maintenance functions in certain devices, etc).
However, the greater is the number of origin managers, the greater is the possibility of having failures in the management processes; and neither, the mere use of pre-defined (or standardized) structures and coding for management operations and managed data objects, nor the use of secure communication mechanisms, can prevent per se that, for example, a local malfunction in a management server, or an error of the user operating said management server, or a misuse of said user, etc; causes the execution of an inappropriate management operation that makes an improper access or modification of data on a given device.
It is therefore an object of the present invention to ensure that only the appropriate management operations are executed and, at the same time, to alleviate the managed devices of receiving, checking or executing improper management orders.