Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L12/00—Data switching networks
  • H04L12/02—Details
  • H04L12/12—Arrangements for remote connection or disconnection of substations or of equipment thereof
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L12/00—Data switching networks
  • H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
  • H04L12/2854—Wide area networks, e.g. public data networks
  • H04L12/2856—Access arrangements, e.g. Internet access
  • H04L12/2869—Operational details of access network equipments
  • H04L12/2898—Subscriber equipments
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
  • H04L41/08—Configuration management of networks or network elements
  • H04L41/0803—Configuration setting
  • H04L41/0813—Configuration setting characterised by the conditions triggering a change of settings
  • H04L41/082—Configuration setting characterised by the conditions triggering a change of settings the condition being updates or upgrades of network functionality
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
  • H04L41/08—Configuration management of networks or network elements
  • H04L41/0876—Aspects of the degree of configuration automation
  • H04L41/0886—Fully automatic configuration
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
  • H04L41/34—Signalling channels for network management communication
  • H04L41/344—Out-of-band transfers
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L43/00—Arrangements for monitoring or testing data switching networks
  • H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
  • H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
  • H04L43/0811—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L67/00—Network arrangements or protocols for supporting network services or applications
  • H04L67/01—Protocols
  • H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
  • H04L67/125—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L67/00—Network arrangements or protocols for supporting network services or applications
  • H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
  • H04L69/40—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass for recovering from a failure of a protocol instance or entity, e.g. service redundancy protocols, protocol state redundancy or protocol service redirection

Definitions

• the invention relates to the field of remote management of devices, and devices for implementing the method.
• the invention relates to a life-line connection for remote management of devices which can be used when a remote management communication has been lost between a remote manageable device and a remote management server.
• TR-069 Auto Configuration Server
• ACS Automatic Configuration Server
• TR-069 is supported by devices such as gateways and routers, Set Top Boxes for audiovisual reception, voice over IP (VoIP) telephone sets, and Network Attached Storage (NAS).
• VoIP voice over IP
• NAS Network Attached Storage
• TR-069 the CPE device is responsible for establishing a management session with the auto configuration server (ACS).
• the ACS can trigger at any time a CPE to establish a management session by a so-called "connection request".
• This relatively complex means for allowing remote management, that comprises additional security measures such as authentication, ensures the security of the remote management.
• TR-069 is designed to be a robust protocol, there are situations in which the ACS does not succeed in triggering the CPE to establish a remote management connection with it.
• Reasons of this failure comprise: TLS (Transport Layer Security) certificate expiration which results in the CPE no longer trusting the ACS and hence refuses to establish a management connection with the ACS; Configuration problem on the CPE, e.g. the CPE has lost the ACS URL (Uniform Resource Locator) or the CPE has wrong ACS authentication credentials; Network topology changes that were not communicated to the CPE device due to the CPE having been in a power-off state during a long time; or even voluntary end-user intervention e.g. by hacking, to disable the remote management for a reason of gaining control over the CPE device.
• TLS Transport Layer Security
• This loss of the remote management connection poses a big problem for a service provider because the remote management connection is used for monitoring, diagnostics, configuration management, or even firmware update.
• a device which is no longer manageable can no longer receive configuration updates required to use services such as QoS (Quality of Service), security or firewall services, IPTV (Internet Protocol Television); new services such as adding of VoIP and configuration of the telephone number, ; diagnostics or troubleshooting for any reported issues such as bad connectivity, bad service quality); and automated firmware upgrade for resolving bugs or for introducing new device capabilities.
• QoS Quality of Service
• IPTV Internet Protocol Television
• new services such as adding of VoIP and configuration of the telephone number, ; diagnostics or troubleshooting for any reported issues such as bad connectivity, bad service quality
• automated firmware upgrade for resolving bugs or for introducing new device capabilities.
• the present invention aims at alleviating at least some of the inconveniences of prior art.
• the invention allows optimized remote management of a service operator's service subscription devices or CPE.
• the invention proposes a method of communication between a remote configuration device and a remote configurable device interconnected in a digital communication network via a remote management connection, the method comprising the steps, at the remote configuration device, of:
• the request being a result of use by the remote configurable device of the information comprised in the message and of application by the remote management device of the at least one command.
• the invention also proposes a method of communication between a remote configurable device and a remote configuration device interconnected in a digital communication network via a remote management connection, the method comprises the steps, at the remote configurable device, of:
• the predetermined port number is that of a port number on which the remote configurable device listens for messages allowing the remote configurable device to reestablish the remote management connection with the remote configuration device when the remote management connection is lost.
• the information comprises connection request credentials that are to be used for reestablishing the lost remote management connection.
• the information comprises an address of the remote configuration device with which the lost remote management connection is to be reestablished.
• the invention also comprises a device that comprises:
• connection request server for reception, over a connection other than a remote management connection, on a predetermined port number of the device, of a message that comprises information and at least one command allowing reestablishment, by the device, of a remote management connection that is lost;
• a client module for transmission of a request for reestablishment of the lost remote management connection to a remote configuration device, the request being a result of use by the device of the information comprised in the message and of application by the device of the at least one command.
• connection request server and the client module function independently of other modules of the device. 4. List of figures.
• FIG. 1 shows an example network infrastructure in which the invention is implemented
• Figure 2 shows additional modules 201 and 204 that are added to devices 104 and 106/108/1 10/1 1 1 of figure 1 that implement the invention.
• FIG. 1 shows an example network infrastructure in which the invention is implemented.
• the network infrastructure comprises:
• a set of provider servers 100-103 for example a web server 100, a Video On Demand (VoD) server 101 , a Broadband Broadcast Server 102 and a VoIP server 103;
• VoIP Video On Demand
• CS configuration server
• gateway (GW) device 106 a gateway (GW) device 106, a CPE ;
• an access network 105 for example the Internet, or a dedicated network
• the access network interconnects provider servers 100-103 (via connection 1000), configuration server 104 (via connection 1001 ) and gateway 106 (via connection 1002);
• a local network 107 interconnecting devices on the home network, and connecting them via the gateway 106 to the access network 105 (via connections 1004, 1005 and 1006 and to the other devices (100-103, 104) connected to the access network 105;
• PC personal computer
• CPE central processing unit
• STB Set Top Box
• Gateway 106 is a device that is provided by the operator to offer triple-play services to the subscriber.
• the gateway 106 allows the subscriber to:
• Continuous lines 1000, 1001 and 1001 are physical connections.
• Broken lines 2001 -2003 are logical connections.
• Broken line 2001 illustrates the logical lifeline connection according to the invention.
• Broken line 2002 illustrates the logical remote management connection between the configuration server 104 and the gateway CPE device 106.
• Broken line 2003 illustrates the logical connection between one or more service provider servers 100-103 and gateway 106. Though the broken lines are depicted as having a central point at gateway 106, it should be understood that these broken lines can connect any of the CPE devices 108, 1 10 and 1 1 1 as well to the provider service servers 100-103 and configuration server 104.
• the provider When the provider wants to send a configuration or software update to one or more of the CPE devices (106, 108, 1 10, 1 1 1 ), it instructs the configuration server 104 which automatically updates or reconfigures the selected CPE device(s), using remote management connection 2002, without manual intervention (i.e. without the operator's technical services being required to intervene at the subscriber's premises).
• the configuration server 104 using remote management connection 2002, can modify the address of the configuration server as it is stored in the gateway 106 (for example, if additional configuration servers are necessary due to an increased number of subscribers, or in case of redistribution of IP addresses; i.e. in case of a network topology change that impacts configuration server address(es)).
• the address update cannot be not propagated to these devices. Then, some of them may no longer be reachable for configuration management by the configuration server (i.e. the remote management connection 2002 is said to be lost'), which may result in incorrect behavior of the concerned CPE devices.
• a software update distributed to CPEs during a configuration management session over remote management connection 2002 may result in a CPE operating system crash on reboot, in which case the concerned CPEs are definitely out of order and can no longer be reached by the configuration server for configuration management, and the subscriber can no longer access to the subscribed services, including for example a telephony service.
• the one or more CPE devices in the subscriber's home network become unmanageable by the configuration server due to a wrong configuration sent out by the configuration server (remember, that the CPE device must establish the management connection; if data required to set up the management connection is wrong, the remote management connection 2002 cannot be set up by the CPE device).
• the TLS (Transport Layer Security) security certificate has come to expire and the CPE device no longer trusts the configuration server, and the CPE device thus refuses to establish a management session. All of these scenarios and other not discussed scenarios make the CPE device unreachable for configuration management because they result in a loss of remote configuration connection 2002.
• the invention therefore adds a lifeline connection 2001 allowing to restore a correct functioning of the CPE devices when a CPE device has become unmanageable for the ACS, i.e. when remote management connection 2002 is lost.
• the lifeline connection 2001 is connects the configuration server 104 to gateway 106.
• lifeline connection 2001 is connected to another device (not shown) than CS 104. This allows for example to 'troubleshoot' the gateway 106 from an ad-hoc device.
• Figure 2 shows additional modules 201 , 204 and 207, that are added to devices 104 and 106 that implement the invention. These modules are indicated in fig. 2 by dashed-line box 209.
• connection request client 201 is added to the configuration server 104.
• CPE side 106, 108, 1 10 or 1 1 1
• a connection request server 203 and a persistent storage space 207 are added.
• the connection request client 201 in the CS 104 communicates with the connection request server in the CPE over a connection 2001 .
• the service provider provides its services to any of the CPE devices via connection 2003.
• HTTP client 205 in the CPE device communicates with HTTP server 202 in the CS 104 via a remote management connection 2002.
• the HTTP server 202 and HTTP client 204 communicate over this connection 2002 according to the TR-069 protocol.
• Modules 200 and 208 are modules that are needed for the normal functioning of configuration server 104 respectively gateway 106. These modules comprise for example a CPU (Central Processing Unit), memory, a firewall, a NAT (Network Address Translation) module, and so on.
• the modules intercommunicate via internal communication means, such as an internal bus 203 for configuration server 104, respectively 206 for devices 106, 108, 1 10 or 1 1 1 .
• connection 2001 constitutes a life-line connection to the devices 106
• the role of the Connection Request Server (CRS) 204 of the devices 106, 108, 1 10 or 1 1 1 is to act as a server and listen for incoming connection requests, i.e. HTTP GET requests, on a predetermined port number, for example TCP port 7547. This port is hereafter referred to as lifeline connection port'.
• the CRS further authenticates entities that issue a request with a set of CPE configured credentials, for example factory default username and password.
• the CPE is provided with optional mechanisms such as those which allow to protect against malicious use.
• An example protection mechanism is connection request throttling allowing to limit the number of accepted requests over time, in order to protect the CPE against denial of service attacks, where the CPE would become unavailable when it is servicing many requests simultaneously.
• the role of the HTTP client 205 of devices 106, 108, 1 10 or 1 1 1 is to act as an HTTP client that communicates over the remote configuration connection 2002 with the configuration server 104, possibly after having resolved the configuration server's URL (Unified Resource Locator) via DNS (Domain Name System) queries to one or more DNS servers (not shown) in order to obtain the IP address of the configuration server 104.
• URL Unified Resource Locator
• DNS Domain Name System
• a connection to the CS 104 is established on occurrence of a number of events, for example: whenever a connection request is received by the CRS 204 over the lifeline connection 2001 the CRS informs the HTTP client of such an event; on startup of the device 106, 108, 1 10 or 1 1 1 , or when the device configuration of device 106, 108, 1 10 or 1 1 1 changes and the CS 104 subscribed to be notified of such a change.
• the list of events that trigger an establishment of a connection to the CS 104 comprises TR-069 Inform RPC (Remote Procedure Call) events.
• the HTTP client 205 of devices 106, 108, 1 10 or 1 1 1 further validates certificate signature provided by CS 104 with any one of a number of locally stored certificates (for example locally stored in persistent storage 107) to trust the CS 104, and the HTTP client 205 applies commands received from the CS 104, which commands comprise for example 'SetParameterValues' to modify a specific configuration parameter of the devices 106, 108, 1 10 or 1 1 1 , stored in persistent storage 207, or 'Reboot'.
• the role of the persistent storage 207 of devices 106, 108, 1 10 or 1 1 1 is to:
• connection request credentials (username and password);
• the Connection Request Client (CRC) 201 of the CS 104 is for example a HTTP client that can initiate a connection request and authenticate to the devices 106, 108, 1 10 or 1 1 1 at a particular point of time and trigger the establishment of a management session by the remote configurable device.
• the role of the HTTP server 202 in CS 104 is among others to provide a
• HTTP server and to provide the CS's certificate signature to the devices 106, 108, 1 10 or 1 1 1 .
• the devices 106, 108, 1 10 or 1 1 1 are taken as example CPE devices.
• the invention is however not limited to implementation in these type of device, but can be implemented in any type of CPE.
• the CRS 204 of CS 104 is configured to listen on the lifeline connection port.
• a mechanism is implemented by a watchdog mechanism, where one of the other modules of the device implementing the invention regularly transmits a keep alive signal to the CRS 204. If the keep alive signal is not received after expiry of a watchdog timer, the listing process of the CRS is automatically started.
• the listening process is always active. The first embodiment allows for example to reduce the power consumption of the device implementing the invention as the listening process (and the modules required to implement the listening process) do not have to remain powered on all the time.
• the CPE's IP address is typically known by the service operator.
• the lifeline connection port number is a default port number as fixed for example by IANA (Internet Assigned Numbers Authority) for TR-069 (TCP port 7547), or is agreed between the service provider and the CPE device manufacturer.
• the CPE's CRS for example CRS 204 of GW 106 verifies the rescue message.
• the rescue message comprises rescue information and a rescue command.
• Typical rescue information is: device entity, for example comprising Manufacturer ID, Product Class, Serial Number; this is to ensure that a the rescue command will only be taken into account by the CPE device for which it is destined; or a valid ACS URL, etc.
• Typical rescue commands comprise:
• the information in the rescue message comprises a hash value calculated over the rescue message command, signed with the CPE manufacturer's private key, so that the CPE device can check that the rescue command have not been altered by an unauthorized entity.
• the CPE executes the rescue command, for example download of new firmware.
• the CPE is correctly reconfigured and the CPE transmits a request for reestablishment of the remote management connection to the CS.
• This request is possibly based on the information provided in the rescue message (i.e. use of a provided new ACS URL or in other words address of the remote configuration device) and possibly comprises at least some of the information that was provided in the information provided in the rescue message (i.e. use of provided new connection request credentials that are valid for authentication); the request is thus a result of use by the remote configurable device of the information provided in the rescue message and of application by said remote management device of the rescue command comprised in the rescue message.
• the CPE device confirms that the rescue command has been taken into account by sending a confirmation message over the lifeline connection 2001 to the CS indicating that the command has been taken into account.
• This variant has the advantage of signaling the exact moment to the configuration server when the CPE is ready to establish the remote management session.
• a rescue message comprises several rescue commands that are to be executed by the CPE.
• the CS transmits over the lifeline connection 2001 , several rescue messages in order to apply several rescue commands.
• each subsequent rescue message is transmitted only after having received the previously mentioned confirmation message that acknowledges the taking into account by the CPE of the previously transmitted rescue message.
• the CPE after having taken into account the rescue message(s), verifies if it is able to contact the CS and reports this back over the lifeline connection 2001 .
• connection request server 204 and client module 205 function in an autonomous manner, i.e. independently from other modules of the remote configurable device.
• the device that implements the invention can be returned to an operable state via the lifeline connection 2001 , that allows for example to download a good configuration or a corrected firmware version to the device that is in an inoperable and unmanageable state.
• the variant embodiments can be combined to form a particular advantageous embodiment.
• the invention is entirely implemented in hardware, for example as a dedicated component (for example as an ASIC, FPGA or VLSI) (respectively « Application Specific Integrated Circuit » « Field-Programmable Gate Array » and « Very Large Scale Integration ») or as distinct electronic components integrated in a device or in a form of a mix of hardware and software.
• a dedicated component for example as an ASIC, FPGA or VLSI
• VLSI Application Specific Integrated Circuit » « Field-Programmable Gate Array » and « Very Large Scale Integration »

Landscapes

• Engineering & Computer Science (AREA)
• Computer Networks & Wireless Communication (AREA)
• Signal Processing (AREA)
• Computing Systems (AREA)
• Computer Security & Cryptography (AREA)
• Computer Hardware Design (AREA)
• General Engineering & Computer Science (AREA)
• Environmental & Geological Engineering (AREA)
• Automation & Control Theory (AREA)
• Health & Medical Sciences (AREA)
• Medical Informatics (AREA)
• General Health & Medical Sciences (AREA)
• Data Exchanges In Wide-Area Networks (AREA)
• Telephonic Communication Services (AREA)
• Communication Control (AREA)
• Computer And Data Communications (AREA)

Priority Applications (8)

Applications Claiming Priority (2)

Publications (1)

Family

ID=46456551

Family Applications (1)

Country Status (8)

Cited By (3)

Families Citing this family (1)

Citations (2)

Family Cites Families (6)

• 2011
  • 2011-06-29 EP EP11447015A patent/EP2541836A1/en not_active Withdrawn
• 2012
  • 2012-06-27 JP JP2014517671A patent/JP6293050B2/ja active Active
  • 2012-06-27 EP EP12731402.9A patent/EP2727286B1/en active Active
  • 2012-06-27 CN CN201280031897.3A patent/CN103718510B/zh active Active
  • 2012-06-27 PL PL12731402T patent/PL2727286T3/pl unknown
  • 2012-06-27 WO PCT/EP2012/062415 patent/WO2013000936A1/en not_active Ceased
  • 2012-06-27 ES ES12731402.9T patent/ES2690218T3/es active Active
  • 2012-06-27 KR KR1020147002102A patent/KR102070275B1/ko active Active
• 2013
  • 2013-12-13 ZA ZA2013/09454A patent/ZA201309454B/en unknown

Patent Citations (2)

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events