Authentication, authorization and accounting (AAA) functions refer to the functions of processing authentication, authorization and accounting of subscribers. AAA functions are often required when a subscriber wants to receive a predetermined service through a network. One technique discussed in the related art to provide AAA functions is through a remote access dial in user service (RADIUS) protocol. The RADIUS of protocol suffers from many disadvantages including scalability, supporting a large number of subscribers that require server-based authentication, and fulfilling the requirements of new technologies, such as wireless networks, mobile internet protocols (IPs) and the others.
To overcome these disadvantages, a new AAA protocol, known as a Diameter protocol, has been defined. The Diameter protocol is an extensible peer-based AAA protocol that provides AAA functions for conventional technologies as well as new technologies. The Diameter is designed as a peer-to-peer architecture, where every network node that implements the Diameter protocol can act as either a client or a server depending on the network deployment.
The deployment of a typical Diameter protocol is illustrated in FIG. 1. Diameter messages are exchanged between a Diameter client 110 and a Diameter server 120. The Diameter client 110 is a device at the edge of the network that performs access control including, for example, a network access server (NAS) or a foreign agent (FA). The Diameter client 110 generates Diameter requests for authentication, authorization, and/or accounting of subscribers. The Diameter server 120 performs authentication and/or authorization of subscribers according to requests generated by the Diameter client 110.
In order to allow communication between the Diameter client 110 and server 120 a connection is first established between them, where the client and server are exchanging capabilities. Then the client and server communicate through messages, and these messages may be part of multi-message sessions. A Diameter connection is typically established by exchanging CER and CEA messages between the client 110 and server 130. To close a Diameter connection, the client 110 and server 120 exchange disconnection messages, such as a DPR.
Generally, a session is a logical connection between two Diameter nodes and refers to the interactions between a Diameter client 110 and a Diameter server 120 in a given period of time. A session is associated with a client-generated session identification (ID) number that is globally and eternally unique. The session-ID is used to identify a particular session during further communication. The Diameter client 110 and server 120 communicate over a transport protocol, such as a transmission control protocol (TCP) or a stream control transmission protocol (SCTP).
Another example for an AAA protocol that enables enhanced AAA functions is a lightweight directory access protocol (LDAP). The LDAP is an application protocol for querying and modifying directory services running over a TCP. The LDAP generally has the same functionality as the Diameter protocol. In the LDAP communication, a client and a server first bind to each other to establish a connection by exchanging BIND messages (request and reply), and then start exchanging messages. To disconnect, the client and server exchange UNBIND messages.
As network providers continue to increase their services, reliability, scalability and availability become increasingly important. High availability solutions are required to enable subscribers to use the network services and to bill subscribers for using such services during peak-load periods or during device maintenance or failure. That is, there is a need for an efficient solution that enables the continued and reliable operating of AAA services and functions even during peak-load periods, device maintenance or device failures.