Tech-invite3GPPspaceIETFspace
959493929190898887868584838281807978777675747372717069686766656463626160595857565554535251504948474645444342414039383736353433323130292827262524232221201918171615141312111009080706050403020100
in Index   Prev   Next

RFC 8506

Diameter Credit-Control Application

Pages: 130
Proposed Standard
Obsoletes:  4006
Part 1 of 9 – Pages 1 to 9
None   None   Next

Top   ToC   RFC8506 - Page 1
Internet Engineering Task Force (IETF)                     L. Bertz, Ed.
Request for Comments: 8506                                        Sprint
Obsoletes: 4006                                           D. Dolson, Ed.
Category: Standards Track                               Y. Lifshitz, Ed.
ISSN: 2070-1721                                                 Sandvine
                                                              March 2019


                  Diameter Credit-Control Application

Abstract

This document specifies a Diameter application that can be used to implement real-time credit-control for a variety of end-user services such as network access, Session Initiation Protocol (SIP) services, messaging services, and download services. The Diameter Credit- Control application as defined in this document obsoletes RFC 4006, and it must be supported by all new Diameter Credit-Control application implementations. Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at https://www.rfc-editor.org/info/rfc8506.
Top   ToC   RFC8506 - Page 2
Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

   This document may contain material from IETF Documents or IETF
   Contributions published or made publicly available before November
   10, 2008.  The person(s) controlling the copyright in some of this
   material may not have granted the IETF Trust the right to allow
   modifications of such material outside the IETF Standards Process.
   Without obtaining an adequate license from the person(s) controlling
   the copyright in such materials, this document may not be modified
   outside the IETF Standards Process, and derivative works of it may
   not be created outside the IETF Standards Process, except to format
   it for publication as an RFC or to translate it into languages other
   than English.
Top   ToC   RFC8506 - Page 3

Table of Contents

1. Introduction ....................................................6 1.1. Requirements Language ......................................7 1.2. Terminology ................................................7 1.3. Advertising Application Support ............................9 2. Architecture Models .............................................9 3. Credit-Control Messages ........................................11 3.1. Credit-Control-Request (CCR) Command ......................11 3.2. Credit-Control-Answer (CCA) Command .......................12 4. Credit-Control Application Overview ............................13 4.1. Service-Specific Rating Input and Interoperability ........14 4.1.1. Specifying Rating Input AVPs .......................15 4.1.2. Service-Specific Documentation .....................16 4.1.3. Handling of Unsupported/Incorrect Rating Input .....16 4.1.4. RADIUS Vendor-Specific Rating Attributes ...........17 5. Session-Based Credit-Control ...................................17 5.1. General Principles ........................................17 5.1.1. Basic Support for Tariff Time Change ...............18 5.1.2. Credit-Control for Multiple Services within a (Sub-)Session ....................................19 5.2. First Interrogation .......................................23 5.2.1. First Interrogation after Authorization and Authentication .....................................25 5.2.2. First Interrogation Included with Authorization Messages .............................27 5.3. Intermediate Interrogation ................................29 5.4. Final Interrogation .......................................31 5.5. Server-Initiated Credit Re-authorization ..................32 5.6. Graceful Service Termination ..............................34 5.6.1. Terminate Action ...................................37 5.6.2. Redirect Action ....................................38 5.6.3. Restrict Access Action .............................40 5.6.4. Usage of the Server-Initiated Credit Re-authorization ...................................41 5.7. Failure Procedures ........................................41 6. One-Time Event .................................................44 6.1. Service Price Inquiry .....................................45 6.2. Balance Checks ............................................46 6.3. Direct Debiting ...........................................46 6.4. Refunds ...................................................47 6.5. Failure Procedure .........................................48 7. Credit-Control Application State Machines ......................50 8. Credit-Control AVPs ............................................59 8.1. CC-Correlation-Id AVP .....................................61 8.2. CC-Request-Number AVP .....................................62 8.3. CC-Request-Type AVP .......................................62 8.4. CC-Session-Failover AVP ...................................63
Top   ToC   RFC8506 - Page 4
      8.5. CC-Sub-Session-Id AVP .....................................64
      8.6. Check-Balance-Result AVP ..................................64
      8.7. Cost-Information AVP ......................................64
      8.8. Unit-Value AVP ............................................65
      8.9. Exponent AVP ..............................................65
      8.10. Value-Digits AVP .........................................66
      8.11. Currency-Code AVP ........................................66
      8.12. Cost-Unit AVP ............................................66
      8.13. Credit-Control AVP .......................................66
      8.14. Credit-Control-Failure-Handling AVP (CCFH) ...............67
      8.15. Direct-Debiting-Failure-Handling AVP (DDFH) ..............68
      8.16. Multiple-Services-Credit-Control AVP .....................68
      8.17. Granted-Service-Unit AVP .................................70
      8.18. Requested-Service-Unit AVP ...............................71
      8.19. Used-Service-Unit AVP ....................................71
      8.20. Tariff-Time-Change AVP ...................................72
      8.21. CC-Time AVP ..............................................72
      8.22. CC-Money AVP .............................................72
      8.23. CC-Total-Octets AVP ......................................72
      8.24. CC-Input-Octets AVP ......................................72
      8.25. CC-Output-Octets AVP .....................................73
      8.26. CC-Service-Specific-Units AVP ............................73
      8.27. Tariff-Change-Usage AVP ..................................73
      8.28. Service-Identifier AVP ...................................74
      8.29. Rating-Group AVP .........................................74
      8.30. G-S-U-Pool-Reference AVP .................................74
      8.31. G-S-U-Pool-Identifier AVP ................................75
      8.32. CC-Unit-Type AVP .........................................75
      8.33. Validity-Time AVP ........................................75
      8.34. Final-Unit-Indication AVP ................................76
      8.35. Final-Unit-Action AVP ....................................77
      8.36. Restriction-Filter-Rule AVP ..............................78
      8.37. Redirect-Server AVP ......................................78
      8.38. Redirect-Address-Type AVP ................................79
      8.39. Redirect-Server-Address AVP ..............................79
      8.40. Multiple-Services-Indicator AVP ..........................80
      8.41. Requested-Action AVP .....................................80
      8.42. Service-Context-Id AVP ...................................81
      8.43. Service-Parameter-Info AVP ...............................82
      8.44. Service-Parameter-Type AVP ...............................82
      8.45. Service-Parameter-Value AVP ..............................83
      8.46. Subscription-Id AVP ......................................83
      8.47. Subscription-Id-Type AVP .................................83
      8.48. Subscription-Id-Data AVP .................................84
      8.49. User-Equipment-Info AVP ..................................84
      8.50. User-Equipment-Info-Type AVP .............................84
      8.51. User-Equipment-Info-Value AVP ............................85
      8.52. User-Equipment-Info-Extension AVP ........................85
Top   ToC   RFC8506 - Page 5
      8.53. User-Equipment-Info-IMEISV AVP ...........................86
      8.54. User-Equipment-Info-MAC AVP ..............................86
      8.55. User-Equipment-Info-EUI64 AVP ............................86
      8.56. User-Equipment-Info-ModifiedEUI64 AVP ....................86
      8.57. User-Equipment-Info-IMEI AVP .............................86
      8.58. Subscription-Id-Extension AVP ............................87
      8.59. Subscription-Id-E164 AVP .................................87
      8.60. Subscription-Id-IMSI AVP .................................87
      8.61. Subscription-Id-SIP-URI AVP ..............................88
      8.62. Subscription-Id-NAI AVP ..................................88
      8.63. Subscription-Id-Private AVP ..............................88
      8.64. Redirect-Server-Extension AVP ............................88
      8.65. Redirect-Address-IPAddress AVP ...........................89
      8.66. Redirect-Address-URL AVP .................................89
      8.67. Redirect-Address-SIP-URI AVP .............................89
      8.68. QoS-Final-Unit-Indication AVP ............................89
   9. Result-Code AVP Values .........................................91
      9.1. Transient Failures ........................................91
      9.2. Permanent Failures ........................................92
   10. AVP Occurrence Table ..........................................92
      10.1. Credit-Control AVP Table .................................93
      10.2. Re-Auth-Request/Re-Auth-Answer AVP Table .................94
   11. RADIUS/Diameter Credit-Control Interworking Model .............94
   12. IANA Considerations ...........................................97
      12.1. Application Identifier ...................................97
      12.2. Command Codes ............................................97
      12.3. AVP Codes ................................................97
      12.4. Result-Code AVP Values ...................................98
      12.5. CC-Request-Type AVP ......................................98
      12.6. CC-Session-Failover AVP ..................................98
      12.7. CC-Unit-Type AVP .........................................99
      12.8. Check-Balance-Result AVP .................................99
      12.9. Credit-Control AVP .......................................99
      12.10. Credit-Control-Failure-Handling AVP .....................99
      12.11. Direct-Debiting-Failure-Handling AVP ....................99
      12.12. Final-Unit-Action AVP ...................................99
      12.13. Multiple-Services-Indicator AVP ........................100
      12.14. Redirect-Address-Type AVP ..............................100
      12.15. Requested-Action AVP ...................................100
      12.16. Subscription-Id-Type AVP ...............................100
      12.17. Tariff-Change-Usage AVP ................................100
      12.18. User-Equipment-Info-Type AVP ...........................100
   13. Parameters Related to the Credit-Control Application .........101
   14. Security Considerations ......................................101
      14.1. Direct Connection with Redirects ........................102
      14.2. Application-Level Redirects .............................103
Top   ToC   RFC8506 - Page 6
   15. Privacy Considerations .......................................104
      15.1. Privacy-Sensitive AVPs ..................................104
      15.2. Data Minimization .......................................106
      15.3. Diameter Agents .........................................107
   16. References ...................................................107
      16.1. Normative References ....................................107
      16.2. Informative References ..................................110
   Appendix A. Credit-Control Sequences .............................111
     A.1. Flow I ....................................................111
     A.2. Flow II ...................................................113
     A.3. Flow III ..................................................116
     A.4. Flow IV ...................................................117
     A.5. Flow V ....................................................119
     A.6. Flow VI ...................................................120
     A.7. Flow VII ..................................................121
     A.8. Flow VIII .................................................123
     A.9. Flow IX ...................................................124
   Acknowledgements .................................................130
   Authors' Addresses ...............................................130

1. Introduction

This document specifies a Diameter application that can be used to implement real-time credit-control for a variety of end-user services such as network access, Session Initiation Protocol (SIP) services, messaging services, and download services. ("Credit-control" is sometimes abbreviated as "CC" in figures and tables throughout this document.) The Diameter Credit-Control application as defined in this document obsoletes [RFC4006], and it must be supported by all new Diameter Credit-Control application implementations. This document provides a general solution to real-time cost and credit-control. The prepaid model has been shown to be very successful -- for instance, in GSM networks, where network operators offering prepaid services have experienced a substantial growth of their customer base and revenues. Prepaid services are now cropping up in many other wireless and wire-line-based networks. In mobile networks, additional functionality is required beyond that specified in the Diameter base protocol [RFC6733]. For example, the 3GPP charging and billing requirements document [TGPPCHARG] states that an application must be able to rate service information in real time. In addition, it is necessary to check that the end user's account provides coverage for the requested service prior to initiation of that service. When an account is exhausted or expired, the user must be denied the ability to compile additional chargeable events.
Top   ToC   RFC8506 - Page 7
   A mechanism has to be provided to allow the user to be informed of
   the charges to be levied for a requested service.  In addition, there
   are services such as gaming and advertising that may credit as well
   as debit a user account.

   The other Diameter applications provide service-specific
   authorization, and they do not provide credit authorization for
   prepaid users.  The credit authorization shall be generic and
   applicable to all the service environments required to support
   prepaid services.

   To fulfill these requirements, it is necessary to facilitate
   credit-control communication between the network element providing
   the service (e.g., Network Access Server (NAS), SIP Proxy,
   Application Server) and a credit-control server.

   The scope of this specification is credit authorization.  Service-
   specific authorization and authentication are out of scope.

1.1. Requirements Language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

1.2. Terminology

AAA: Authentication, Authorization, and Accounting. AA-Answer: "AA-Answer" generically refers to a service-specific authorization and authentication answer. AA-Answer commands are defined in service-specific authorization applications, e.g., [RFC7155] [RFC4004]. AA-Request: "AA-Request" generically refers to a service-specific authorization and authentication request. AA-Request commands are defined in service-specific authorization applications, e.g., [RFC7155] [RFC4004]. Credit-control: "Credit-control" is a mechanism that directly interacts in real time with an account and controls or monitors the charges related to service usage. Credit-control is a process of (1) checking whether or not credit is available, (2) credit reservation, (3) deduction of credit from the end-user account when service is completed, and (4) refunding of reserved credit that is not used.
Top   ToC   RFC8506 - Page 8
   Diameter Credit-Control server:  A Diameter Credit-Control server
      acts as a prepaid server, performing real-time rating and
      credit-control.  It is located in the home domain and is accessed
      by Service Elements or Diameter AAA servers in real time, for the
      purpose of price determination and credit-control before the
      service event is delivered to the end user.  It may also interact
      with Business Support Systems.

   Diameter Credit-Control client:  A Diameter Credit-Control client is
      an entity that interacts with a credit-control server.  It
      monitors the usage of the granted quota according to instructions
      returned by the credit-control server.

   Interrogation:  The Diameter Credit-Control client uses interrogation
      to initiate a session-based credit-control process.  During the
      credit-control process, it is used to report the used quota and
      request a new one.  An interrogation maps to a request/answer
      transaction.

   One-time event:  A charging transaction session comprising a single
      request and single response.

   Rating:  The act of determining the cost of the service event.

   Service:  A type of task performed by a Service Element for an
      end user.

   Service Element:  A network element that provides a service to the
      end users.  The Service Element may include the Diameter
      Credit-Control client or another entity (e.g., a RADIUS AAA
      server) that can act as a credit-control client on behalf of the
      Service Element.  In the latter case, the interface between the
      Service Element and the Diameter Credit-Control client is outside
      the scope of this specification.  Examples of Service Elements
      include NASs, SIP Proxies, and Application Servers such as
      messaging servers, content servers, and gaming servers.

   Service event:  An event relating to a service provided to the
      end user.

   Session-based credit-control:  A credit-control process that makes
      use of several interrogations: the first, a possible intermediate,
      and the final.  The first interrogation is used to reserve money
      from the user's account and to initiate the process.  Intermediate
      interrogations (if any) may be needed to request a new quota while
      the service is being rendered.  The final interrogation is used to
      exit the process.  The credit-control server is required to
      maintain session state for session-based credit-control.
Top   ToC   RFC8506 - Page 9

1.3. Advertising Application Support

Diameter nodes conforming to this specification MUST advertise support by including the value of 4 in the Auth-Application-Id of the Capabilities-Exchange-Request and Capabilities-Exchange-Answer commands [RFC6733].


(page 9 continued on part 2)

Next Section