You are on page 1of 357

Telecommunications & Networks

A 12-session course by Ravi S. Sharma


At SPJCM – Dubai
Sep 2007
Introduction to the Course

• Scope : management centered


• Text : The Essential Guide by Dodd
• Case : Skype + …
• Assessment :20 + 30 + 50
• Schedule : cf. Outline
• Questions?
!"
Figure 1.2
Noise amplified on the analog line, eliminated on digital service.
Bits
• A bit = the smallest unit of information
– On or off signals
– Analog bits
– Digital bits
Bytes
• 8 bits
– A character
• Code - bytes in a common format
• Examples of ASCII code
– 1110101 W
– 1111110 ?
– 1011000 Return
Figure 1.1
One cycle of an analog wave, 1 hertz (Hz).
Broadband
• Multiple simultaneous
streams
• Examples
– Wireline
– Wireless
• Why the growth?
– Enterprises
– Consumers
Compression
A way to make networks more efficient
Abbreviating text
– Common characters
Compressing video
Not sending stationary objects
Matching compression algorithms at each
end
Where is Compression used?

# $
Figure 1.3
Multiplexing.
Types of Multiplexing
• Time division
Based on strict timing
Everyone gets an equal turn

• Statistical division
First come, first served
Or prioritization
Protocols
• A protocol is a set of
rules for
communicating
between computers.
• Why are they needed?
Protocol Functions
• Who goes first? • There are errors
• Are you ready? • This is a high priority
• I got your message message
• Who is sending?
How do Protocols Differ?
• HTML & XML
• VoIP
• Security protocols
• Layer 3 vs. Layer 4
LANs
• Characteristics
– Ownership
– Limited geography
– High speeds
– Shared devices

• Devices on LANs
• Changes in LANs
! % &
% '(
Figure 1.4
LAN architecture.
Figure 1.5
Rack-mounted and chassis-based switches.
The Work Environment
• How has the way your organization
conducts business changed in the last five
years?
• Which technologies have enabled these
changes?
• What’s next?
Figure 1.6
Home LAN.
Figure 1.7
Edge and core routers.
Recap
A Bit is ____
– Bits sent as analog signals have the following disadvantages:
– Bits sent as digital signals the following advantages:
Bytes are:
ASCII code is:
Multiplexing makes better use of _____ by _____
Compression adds efficiencies to networks by ____
______ changes the format of what is sent
______ does not change the format of what is transmitted
Recap Continued
Protocols are important because they:
Layers simplify changes because they:
What do we mean by a layer 3 device versus a
layer 4 device?
Characteristics of LANs are:
Switches perform the following functions:
Routers are needed to:
Edge devices are more complex than core
devices because they:
Learning & Discussion
• Why do we need computer codes?
• What is the difference between a bit and a byte?
• Define multiplexing and compression. How do they differ?
How are they the same?
• List three Internet services that have been enhanced through
compression.
• Define protocol and explain why protocols are important. Give
examples of two protocols and how they impact our work or
our personal use of technology.
• How do core networks differ from the edge of the network?
List five functions commonly performed at the edge.
• Describe functions at the core of the network.
• How have backbone networks changed in the last five years
and why are these changes important?
! "
Figure 2.1
A hybrid system with circuit switched PBX and Voice over IP capabilities.
VoIP, PBXs and Cabling

• In this session we shall learn about:


– The structure of VoIP based telephone systems vs.
traditional PBXs
– Applications such as voice mail, ACDs, unified
messaging and integrated voice response, and how
they are connected to telephone systems
– Characteristics of unshielded twisted pair and fiber
optic cabling
TDM Vs. IP

# $ % & ' (((% & ' ((( % & '


)

% &&&& %& %' && % *


*

.
" + , /
- .
Figure 2.2
Circuit switched PBXs connected to a data network for Voice over IP traffic.
Figure 2.3
Connection to a branch office Voice over IP telephone system.
Figure 2.4
Courtesy of Avaya, 2005. Voice over IP
softphone with the same extension
number as the desk telephone.
Figure 2.5
PBX trunks from the telephone company to the demarcation.
Figure 2.6
Direct inward dialing (DID) carried on a T-1 trunk to an IP-based telephone system.
Figure 2.7
In-building wireless service.
Figure 2.8
One-number wireless service in conjunction with a PBX.
Figure 2.9
Integrated voice response system linked to a computer and an ACD.
Figure 2.10
Queue management software linked to an e-mail server and PBX.
Media
• What are my choices?
• What are the criteria
for selection?
• Implication of choices
Figure 2.11
Cross section of Category 6 cabling.
Fiber Applications & Characteristics

• Characteristics
• Applications
– Performance
– Electrical immunity – CATV
– Security – Backbones
– Durability
– Trans oceanic routes
– Cost
– Size – Cellular backhaul
– Weight
– Flexibility
– Material & labor costs
Figure 2.12
Fiber optics in cable TV networks.
Impact of Wavelength Division
Multiplexing

0 " 1 "

2 (
2 3

Figure 2.13
Coarse wavelength division multiplexing
(CWDM) in cable TV networks.
Summary
• Traditional PBXs differ from soft-switches (to
be re-visited) in the following ways:
• Customers purchase VoIP based switches
because:
• How do customers insure security?
• How do fiber cabling and unshielded twisted
pair differ from each other?
• In what applications are fiber rather than copper
used?
Learning & Discussion
• How are proprietary PBXs different than telephone systems
based on Voice over IP? How are they alike?
• Describe four reasons organizations purchase VoIP PBXs
rather than traditional, telephone systems based on proprietary
protocols and signaling.
• Why do some people refer to voice as an application on the
local area network?
• What advice would you give organizations that purchase VoIP
systems to ensure that they have successful implementations.
List five actions that you think they should take.
• Discuss the rationale for purchasing a hybrid VoIP/traditional
telephone system rather than a strictly VoIP system.
• Describe the main functions of contact centers and why reports
are critical.
• Describe coarse wave division multiplexing. Why do you think
cable companies are interested in bringing fiber closer to
homes?
!

"
#
! !
VoIP, the PSTN & Signaling

• Key components & rationale for converged


networks
• Residential VoIP services
• The public switched telephone network
• The structure & limitations of the public
switched telephone network
• Challenges & components of the last mile
• Signaling & why it matters
The Traditional Public Switched
Telephone Network
Local calls in the PSTN

Carrier B’s customer calls carrier A’s customer.


E911 call to a public safety answering point.
911 call to a public safety answering point
without enhanced 911 (E911)
The last-mile access portion of incumbent local exchange carrier networks.
Bringing Fiber closer to customers via
digital loop carriers
Broadband over power lines

figure courtesy of Amperion, Inc.


Residential Voice over IP over DSL or cable modem service
Pre-paid calling services
Common channel signaling— separate links for signaling and voice traffic.
Bypassing telephone Companies’
Access Fees Using Competitive
Access Providers (CAPs)

How did the industry change after


Divestiture?
Post-Telecommunications Co-location

Figure 3.4
A local loop leased by a CLEC.
Enter Convergence - The Triple Play

• Wireless Carriers
• Cable TV Providers
• CLECs
• ILECs
• Utilities
Connections between IP networks
Peer-to-peer services
• Examples of providers
• Services offered
• Pluses
$
• Minuses
• Impact on the industry

() $ * )
+) % ! % )
) % * ,
$ )

$
&'
Thinking Aloud
• Why are carriers transitioning to VoIP?
• How do these networks differ from traditional
public switched networks?
• Explain the functions of:
– Softswitches, gateways and media servers
• In what ways is signaling the glue that holds
networks together?
• Why are consumers attracted to Skype &
Vonage?
Learning & Discussion
1. Describe the main pieces of equipment in carriers’ voice over IP
architecture: soft-switches, media gateways, signaling gateways,
media servers and application servers. What functions does each of
them provide?
2. Analysts are predicting that VoIP for residential customers will boom
over the next few years. Do you agree or disagree? Defend your
answer.
3. Why are some carriers selling VoIP services through retail outlets
and on the Web rather than directly through live sales
representatives?
4. Define the last mile in carriers’ networks and why it such a challenge
to upgrade these facilities.
5. What are the functions of digital loop carriers and why are they
important?
6. Why did the Skype CEO in an October 17, 2005 interview in the New
York Post say that his biggest competitors are Yahoo! and
Microsoft? What did the CEO’s comments suggest about Yahoo! and
Microsoft’s plans? Do you agree that these are his main
competitors? Why or why not?
Case Discussion –
The making of a Full Service Provider.
• Read the case on Telesp (HBS Case No. 804-
149), taking the position of a consultant to the
Board, give your recommendations on each of
the opportunities identified in the case:
– Expand nationally?
– Launch narrowband ISP?
– Develop integrated fixed mobile services?
! " # $
%
! & '()

1
VPNs & Specialized Network
Services
• Virtual private networks
– Lowering the cost of enterprise links & enabling
remote access
• Frame relay as a replacement for private lines
• T-1/E-1 the first high speed service …
SDH/SONET & OC-3, 12, 48;
• ISDN – bri, pri, caller ID & video conferencing
• Gigabit Ethernet in carrier & enterprise
metropolitan networks
2
VPNs & Specialized Network
Services continued
• ATM compared to IP
• SONET
– In the backbone
– In the metropolitan area
– Compared to gigabit ethernet

3
virtual private networks

" * + ,
& %

4
IPSec virtual private network for remote access

-. % /
-. $ $ " /
-0 $1 " /
2 34 . !
5
Key Components of Frame relay

6
Multipoint private lines with
hub and spoke for small locations

-. $ /
7
Mesh network topology pros & cons

8
Mesh; hub & spoke combo

Any-to-any mesh design in a VPN; hub and spoke (star) to headquarters for
Internet access. 9
Local and inter-exchange channels of a private line

- %5 " 10
Integrated access device for T-1s
carrying voice and data

- " " " "


-6" "

11
T-1 and E-1

• 1.544 or 2.048 Megabits per second


– Bell Standard
– IT Standard
• Applications
7 8 9:; < = >1 ? 4 87 ; % % 7 9:

T-1 Mux T-1 Mux

!1 5 "

12
28 T-1s = a T-3 Circuit

Boston

ISP
T-1
T-3

Dallas T-1
Fiber or Wireless

London

13
Videoconferencing using
three bonded BRI ISDN circuits

14
BRI ISDN bonding

15
Primary rate interface ISDN

• PRI ISDN carrying the caller’s billed telephone number automatic number identification (ANI).
The ANI is often the same as the customer’s telephone number.
16
Digital subscriber line service

• No need for fiber to the home or business


• A response to cable providers
• Use of same copper already deployed
• Strategic implications of RBOC & cable
offerings

"

"

17
DSLAMs in
digital loop carriers (remote terminals)

18
DSLAM connection to
an Internet service provider

19
Figure 5.14 20
Neighborhood mini remote access multiplexers (MiniRAMs).
Gigabit Ethernet

fiber-optic cabling and metropolitan fiber rings

21
Leasing wavelengths in the metropolitan area

22
Parallel streams in an ATM circuit

•Fixed size cells 53 bytes @ payload of 48


•Quality of service*
•Asynchronous switching
•In the frame relay backbone
23
SONET rings in the backbone

- bidirectional duplicate rings in a carrier’s backbone network


- The fiber glut & pricing
- SONET or SDH … backbone of PSDN

24
Summary

• What are the major trends in high-speed


networking
• Why are carriers, residential consumers and
enterprises demanding higher-speed services
• Which technologies will supply the required
capacity and speeds?
• Contrast & compare: ISDN, T-1, E-3, Gig-E,
SONET/SDH & ATM

25
Learning & Discussion
1. Compare gigabit Ethernet to SONET. How do carriers use each
of these technologies? What about enterprises?
2. Describe and compare Multiprotocol label switching (MPLS)
virtual private networks (VPNs) to IP VPNs. How are they
different from each other and what are advantages of each type
of network technology?
3. Security on VPNs is a major concern to carriers. Discuss how
businesses and carriers use firewalls and token ID security to
protect their networks.
4. List three reasons organizations are tending to use newer VPN
services rather than frame relay?
5. How does PRI ISDN differ from T-1? How is it the same?
6. Analysts are predicting that business and commercial
customers are going to use more services offered by large
carriers and that they will not be as price conscious because of
the importance of these value added services. What services do26
you think they were thinking of?
Case Discussion on Care Group
(HBS case no 303-097)
• If you were the CIO of the CareGroup, would
you define your primary role as being an
integrator?
• What are some of the blind spots that John
Halamka does not appear to see?

27
! "
#

$
# %
1
Entertainment Networks
• The competitive
landscape
• Lifestyle changes
• Network evolutions
• The role of regulations
• Technological influences

2
Hybrid fiber cable (HFC) network

Two-way Internet access, improved reception, and


added reliability.
3
Linking distribution hubs to headends

4
The Triple Play

video, voice, and television 5


The Evolution of Set-top Boxes
• What is their function?
– Billing
– Tuners
– Security
• How have they changed? DOCSIS 1.0, 1.1, 2.0
• Personal video recorders (PVRs)
• Strategic advantages for cable companies
– Program guides
– Home networks
6
Digital broadcasting with compression

7
Broadcasters Use of Spare Digital
Spectrum for Extra Revenue

USDTV broadcasts. Figure courtesy of USDTV. 8


Satellite TV

• Why does it cost less to operate satellite


networks?
• The impact on cable TV operators
• Implications for the future

9
Satellite Digital Radio Broadcasts

10
Courtesy XM Satellite Radio
Over the Air TV Broadcasts
!
& ' ()

* & # & # & & 11


A Passive Optical Network
for Cable Television

12
optical network unit (ONU)
Fiber to the Home from Telcos

A passive optical network with optical network terminations (ONTs). 13


Entertainment via the Internet

• The impact of Netflix


• Do people want to watch movies or TV reruns
on their PCs?
– Home networks
• What about on an i-Pods?
• Technological factors

14
Multiple System Operators (MSOs)
vs. Telcos

• Cable operators’ competitive advantages


• Telco strengths
• Regulatory issues
– Local franchises
– National legislation

15
Summary
• A couch potato world?
• The structure of cable TV networks compared to voice
and data networks
– How are networks converging?
• Enabling technologies for video on demand
– Fiber
– Data storage
– Faster processors
– Compression

16
Learning & Discussion
Cable television is an extremely capital intensive business. Why do
you think cable TV networks are more capital intensive than
wireless networks such as direct broadcast satellite TV
networks?
Cable operators have lost many customers to satellite TV because of
lower pricing offered by satellite TV providers. What advice
would you give cable operators on how to win back customers?
Incumbent telephone companies are also gearing up to compete
against cable operators. Describe how a carrier such as
Deutsche Telekom uses passive optical networking. List the
main components and their functions.
Would you order cable TV from your telephone company? Why or
why not?
What would telephone companies have to do to get your business?
List four ways that cable TV products and services have changed in
the last five years. What technologies did operators have to 17
implement to offer these services?
!
" #$ % &' (
)

1
The Internet

Structure & evolution


Messaging
Addressing
E-Commerce
Intranets & Internets
2
Background
*
Department of Defense
Research vehicle "

The IS & IETF


"
Arcane commands
Peer to peer
IPv6
!

3
What Makes the Web Special?
Graphical Interface from CERN
HTTP
– Client server
Addressing
Commercialization
SEs
SSL
*World Wide Web

4
Linked Networks
MAE* East
MCI
MAE* West Vienna, VA
MCI
San Jose MCI* Backbone AT&T** Backbone

Sprint Backbone
Sprint NAP
Pennsauken NJ

Metropolitan Area Exchanges: Sites Carriers monitor their


with routers where ISPs exchange Networks at NOCs,
traffic. Also called network access Network Operations
points, NAPs. Centers

* MCI to be purchased by Verizon Communications


** AT&T to be purchased by SBC
5
Keeping up With Changes on Corporate Web Sites

Figure 7.1
Web server, application server, content management software, and content database.
(Courtesy of Ektron, Inc.) 6
Internet Connections to a Cable Multiple
System Operator (MSO)

7
E-Mail, Chats & Instant Messaging
• The killer apps
• HTML formatted
email
• Impact of attachments
• IM & presence for
businesses
• Teenagers & chat
• Multi-media
messaging
• … XML
8
Figure 7.3
Links between hosting companies and the Internet. 9
BLOGs, Craig’s List & Really
Simple Syndication
• Web logs
• Impact on news media
• New distribution
– Push Vs. pull
– Pod casting via really simple syndication (RSS)
• Will newspapers disappear?

10
Figure 7.4
Distance learning company hosting
applications and course material for schools. 11

Figure courtesy Blackboard, Inc. … NTU’s edventure


Phishing and Identity Theft

• Are our identities safe?


• Which of our organizations’ identities have
been forged by phishers?
• How can we protect our identities?

• SPAM – stamps
• Spyware

12
E-Commerce
Who shops online?
What sells?
Pornography
Gambling
Retail products
Ads on search sites
Privacy
Cookies
Surveys
Database sales 13
Thinking Aloud
Describe the structure of the Internet
How has the Internet changed the way
we do business?
We live?
What are the biggest opportunities for e-
commerce?
Who are the major competitors & future
winners?
How will the Internet change life for the
next generation? 14
Learning & Discussion
1. How do teens and college students study, socialize and interface with
family members differently today than ten years ago due to technologies
enabled by the Internet? What about 20 years ago?
2. How has the ways business is conducted changed as a result of the Internet?
If you were working 10 years ago describe how these differences impacted
your work.
3. What technological developments have enabled the changes discussed in
questions one and two above?
4. Explain how customers’ with broadband connections are connected from
their modem to the Internet. For example, how does email travel from your
home, to MSN or T-Online and then to the Internet.
5. How are Internet backbone networks such as those owned by AT&T and
Sprint connected to each other?
6. Why are businesses interested in instant messaging? What are the technical
challenges of implementing instant messages in commercial organizations?
7. What impact have spam and viruses had on use of the Internet? How can
residential customers protect themselves from: Phishing, Spam, Viruses.

15
! "
# $

1
Mobile Services
• Cellular networks
• Spectrum
• The structure of the industry
• Second & third generation networks
• Handhelds
• M-Commerce

2
Pre-cellular Mobile Service

3
Wireless Milestones
In the U.S.
1984 1994 PCS Auctions Late 1990s
Cellular ServiceEntry of Competitors
Consolidation & Grow
2 Carriers/market AT&T Wireless Sprint Nextel, AT&T/Cingula
Sprint, T-Mobile predecessors
Verizon Wireless/Vodafone

4
Cellular’s Additional Capacity

5
Spectrum

• What is it?
• Wavelength
• Allocation
– Licensed
– Unlicensed
• Harmonization

6
$ %

7
2nd Generation Wireless
Services

8
SS7 & Registers - Tracking Users

9
Third Generation Cellular
• WCDMA
– GSM & TDMA
– Evolution via:
• GPRS (General Packet radio services)
• EDGE (Enhanced data rates for GSM)
• HSDPA (High speed uplink packet access)
• CDMA2000
– 1x
– 1xEV-DO
– Rev A
10
U.S. Carriers
• GSM evolving to • CDMA2000 1X & EV-
WCDMA DO
– Cingular Wireless – Verizon Wireless
– T-Mobile – Sprint Nextel
• iDEN
• Trialing WiMAX

11
Third generation
network architecture -
3GPP
for WCDMA

12
Nextel’s Nationwide Push-to-talk Service

13
What Issues are Carriers
Facing?
• $$$
• Roaming
• Capacity
• Billing
• New Applications

14
What do Customers Want?
• Voice
– Quality
– Pricing
– Coverage
• Features
• Data
• Video

15
Third Generation
Economics

New Handsets
Denser base station coverage
$$$ for licenses
Will companies pay for high-speed
data?
Will consumers?

16
Figure 8.6
Kodiak push-to-talk
between cellular networks.
17
Figure courtesy of Kodiak
Networks.
Handhelds
• Triple mode • Multi-band
– WCDMA – 800 megahertz (MHz)
– GSM – 1.8 gigahertz (GHz)
– GPRS

18
Handheld Capabilities
• Ring tones
• Cameras
• Video & games
• Battery life
• Differentiators
• Subsidies

19
Advanced Applications & M-
commerce
• Pay by phone
• Multi-media
• Internet access
• Remote Access to Enterprise applications
• Challenges
– Spam
– Security

20
Mobile Services Summary
• The Significance of cellular service
• Differences between 2nd & 3rd
Generation Service
• Impact of governments’ spectrum policies
• Handhelds & user experiences

21
Learning & Discussion
1. Define spectrum and discuss its impact on: speed, capacity and costs for
carriers to build networks.
2. How should governments allot spectrum? Should it be free? Why or why not.
What is the business and technological impact of the way governments allot
spectrum.
3. What are three advantages of second generation over first generation cellular
services? Does anyone remember having an analog handset and the features
that were available on it?
4. Currently, close to 10% of telephone customers have substituted cellular service
for their main telephone service. What factors do you think have led to this
substitution? Why don’t more people use cellular service as their only telephone
service? What about Fixed Mobile Integration?
5. What are the two main third generation mobile standards? Discuss the ways that
carriers using the two different standards WCDMA and CDMA2000 are evolving
to third generation networks.
6. How will customers benefit from 3G?
7. Which applications will customers want and what are barriers to acceptance?
What advice would you give carriers to further acceptance of new applications?
8. List the ways that consumers and business customers will benefit from and be
hurt from the consolidation in the wireless industry.

22
1
Wi-Fi, Wireless Broadband,
Sensor & Personal Area
• 802.11
Networks
– Standards
– Applications
• Broadband Wireless Access
– WiMAX
– Adapting 3G for WBA: UMTS TDD
• Personal Area Networks: Bluetooth, RFID, UWB
• Sensor Networks - Zigbee
• Comparisons of Technologies & Applications

2
What is Wi-Fi?
• A wireless Ethernet standard
– Wi-Fi - (wireless fidelity) IEEE 802.11b, 802.11a &
802.11g
• Why standards matter
• The downside of standards

3
802.11 Standards

Standard Top Speed Achievable No. of Frequency


Speed Channels Band
802.11b 11 megabits 5 megabits per 3 2.4 gigahertz
per second second
802.11a 54 megabits 32 megabits 12 5 gigahertz
per second per second
802.11g 54 megabits 14.4 megabits 3 2.4 gigahertz
per second per second

• 802.11n
• Range
• Capacity
• Data Rate
• Why these matter 4
Portability in Enterprises

!
"
!
# $ !
!

5
802.11 Components
• Access points
• The user interface
• Switches
• Controllers
%
&

' ! ()

6
Workgroup
switches (which
are on
individual
floors), access
points, and a
core switch in
an enterprise
network.
7
Wi-Fi in Hot Spots

•Speed
•Convenience
•Benefits to providers

8
A Clearinghouse for Single Sign on & Billing

Clearinghouse passes billing data to WISP 9


who bills user & pays clearing house a fee
A secure virtual private network (VPN) connection
between hotspots and enterprises using tunneling

10
WISPs & Aggregators
• WISPs
– Wayport
– T-Mobile
• Aggregators
– Boingo - billing “uber-aggregator”
– GoRemote
– iPass
– Fiberlink

11
Mesh networks

12
Hot Spot Remote Access
Lost PDAs & laptops
Eavesdropping
Stolen data
Log in to WISP authenticated but data
not secured

13
Wi-Fi in Homes
• Why did residential customers use Wi-Fi
earlier than business & commercial
customers?
• How will future residential applications
differ from initial applications?
• Is there a downside to Wi-Fi in homes?

14
Voice over IP on corporate 802.11 wireless
networks

15
Security
• Security on wireless services compared
to that of wireline
• Software on access points or devices
connected to corporate networks
• Software on clients

16
What can go wrong?
• Unauthorized access
• Snooping
• Competitive information compromised
• Rogue access points

17
Security Tools
• WEP - Wired Equivalent Privacy
– Easy to “crack”
– Shared passwords

• WPA (Wi-Fi Protected Access) 802.11i


subset
– 128 bit level of encryption - more scrambled
– “Keys” between user & access point changed
more frequently

18
Implications for the CIO

Complexity Vs. ease of administration

19
Compared to cellular

•13% of the cost of cellular data to provision*


•Stationary
•Speed
•Coverage

* Craig Mathias, the Farpoint Group

20
What about WiMAX?
• 802.16d - fixed
• 802.16e - mobile
• Longer distances
• MMDS - Multipoint Microwave
Distribution System
• Will these go the way of WinStar &
Teligent?

21
WiMAX service with overlapping wireless
coverage between towers for redundancy

22
WiMAX to Extend Wireline
Networks

ISP

) * + ,

! *

23
Bluetooth
• Short distances
• 2.4 GHz
• Standards
• Version 1 vs. Version
Palm2

Bluetooth wireless links


24
RFID service in hospitals to manage
assets

25
Ultra-wideband (UWB) low-power
signals

26
A ZigBee partial mesh network

27
Summary
• Wi-Fi use in enterprises will increase
when:___
• Hot spots compared to Cellular?
– Will wane as 3G grows
– Will outpace 3G
• Explain the differences & similarities
between fixed & mobile WiMAX
• Compare: bluetooth, RFID, Ultra-
Wideband & Zigbee
28
Learning & Discussion
1. Of those of you that use a hot spot why and for what purpose do you use
it?
2. Discuss the pros and cons of using a hot spot for remote access to
corporate applications.
3. Wi-Fi doesn’t exist in a vacuum; rather it needs to be connected to other
networks – the Internet and LANs. Discuss various ways to make these
connections. List various connectivity options.
4. List four challenges of using voice on Wi-Fi networks.
5. Some carriers (eg Vodaphone)have announced that they are
considering offering handsets that work on both cellular and Wi-Fi
services. What are the challenges they will face if they do offer these
handsets?
6. List three reasons why fixed WiMAX service will succeed or why it will
not achieve significant market share.
7. List the technical and regulatory challenges faced by municipalities that
build mesh Wi-Fi networks.
8. Compare Zigbee, Bluetooth and RFID. How do they differ? How are
they the same?
9. Why are developing countries interested in broadband wireless access?
29
!
"
#$ %
Learning Objectives
Define the key terms client/server architecture,
local area network LAN, distributed database,
and middleware.
Distinguish between file server and
client/server environments and contrast how
each is used in a LAN.
Describe alternative designs for distributed
systems and their trade-offs.
Describe how standards shape the design of
Internet-based systems.

Chapter 14 © 2008 by Prentice Hall


Learning Objectives (Cont.)
Describe options for ensuring Internet design
consistency.
Describe how site management issues can
influence customer loyalty and trustworthiness
as well as system security.
Discuss issues related to managing online
data, including context development, online
transaction processing (OLTP), online
analytical processing (OLAP), and data
warehousing.

Chapter 14 © 2008 by Prentice Hall


The Process of Designing
Distributed and Internet Systems
• Similar to designing single-location systems.
• Due to multi-location deployment, numerous
design issues must be considered.
• More opportunity for failure due to number of
components.
• Main issues involve ensuring reliability,
availability, survivability, performance.

Chapter 14 © 2008 by Prentice Hall


Deliverables and Outcome

• Document that consolidates system


design information:
– Description of each site.
– Description of data usage for each site.
– Description of business process for each
site.
– Contrasts of alternative IS architectures for
site, data and processing needs of each
site.

Chapter 14 © 2008 by Prentice Hall


Designing Distributed Systems
• Distributed systems use:
– LAN-based file server architecture.
– Client/server architecture

• File server: a device that manages file


operations and is shared by each client
PC attached to a LAN.

Chapter 14 © 2008 by Prentice Hall


Limitations of File Servers

• Excessive data movement.


– Entire data tables must be transferred instead
of individual records.
• Need for powerful client workstations.
– Each client workstation must devote memory
to a full DBMS.
• Decentralized data control.
– Complicates record concurrency control,
recovery, and security.

Chapter 14 © 2008 by Prentice Hall


Designing Systems for a
Client/Server Architecture
• Client/server architecture: a LAN-based
computing environment in which central
database server or engine performs all
database commands sent to it from client
workstations, and application programs
on each client concentrate on user
interface functions.

Chapter 14 © 2008 by Prentice Hall


Designing Systems for a
Client/Server Architecture
• Application processing is divided
between client and server.
• Client manages the user interface.
• Database server is responsible for
data storage and query processing.

Chapter 14 © 2008 by Prentice Hall


Designing Systems for a
Client/Server Architecture (Cont.)
• Database engine: the (back-end)
portion of the client/server database
system running on the server that
provides database processing and
shared access functions.

Chapter 14 © 2008 by Prentice Hall


Designing Systems for a
Client/Server Architecture (Cont.)
• Client: the (front-end) portion of the
client/server database system that
provides the user interface and data
manipulation functions.

Chapter 14 © 2008 by Prentice Hall


Designing Systems for a
Client/Server Architecture (Cont.)
• Application program interface (API):
software building blocks that are used to
ensure that common system capabilities, such
as user interfaces and printing, as well as
modules are standardized to facilitate data
exchange between clients and servers.
– Common API interface can be used by any
kind of DBMS (MySQL, Sybase, or Oracle).

Chapter 14 © 2008 by Prentice Hall


Client/Server Advantages and
Cautions
• Advantages
– Leverages benefits of microcomputer
technology.
– Processing performed close to data source.
• Improves response time.
• Reduces network traffic.
– Facilitates use of GUIs.
– Encourages acceptance of open systems.

Chapter 14 © 2008 by Prentice Hall


Client/Server Advantages and
Cautions
• Cautions
– Difficult migration from file server to
client/server.
– Compatibility issues.
– Limited system design and performance
monitoring tools.

Chapter 14 © 2008 by Prentice Hall


Advanced Forms of
Client/Server Architectures
• Application server: a computing server
where data analysis functions primarily
reside.
• Three-tiered client/server: advanced
client/server architectures in which there
are three logical and distinct applications
– data management, presentation, and
analysis – that are combined to create a
single information system.
Chapter 14 © 2008 by Prentice Hall
Advanced Forms of Client/Server
Architectures (Cont.)

• Middleware: a combination of hardware,


software, and communication
technologies that bring data
management, presentation, and analysis
together into a three-tiered client/server
environemnt.

Chapter 14 © 2008 by Prentice Hall


Approaches to Designing
Client/Server Architectures
• Distributed Presentation
• Remote Presentation
• Remote Data Management
• Distributed Function
• Distributed Database
• Distributed Processing

Chapter 14 © 2008 by Prentice Hall


Advanced Forms of Client/Server
Architectures (Cont.)
• Applications can be partitioned in a way that
best fits the organizational computing need.
• Easier customization: application code resides
on application server, so change done only in
one place.
• Easier maintenance: data analysis is separate
from user interface, so changing one can be
done independently of the other.

Chapter 14 © 2008 by Prentice Hall


Designing Internet Systems
• Most new system development focuses
on Internet-base applications (for internal
processing, business-to-business, and
business-to-consumer).
• Main design issues: standards,
separating content from display, future
evolution, site consistency, site
management and online data
management.

Chapter 14 © 2008 by Prentice Hall


Standards Drive the Internet
• Internet design is simpler than
client/server due to proliferation of
standards.
• Types of Standards:
– Domain naming (BIND): a method for
translating domain names into Internet
Protocol (IP) addresses.
• “B” refers to Berkeley, Ca. where first developed.
• See www.isc.org/products/BIND/bind-history.html

Chapter 14 © 2008 by Prentice Hall


Standards Drive the Internet
(Cont.)
– Hypertext Transfer Protocol (HTTP): a
communication protocol for exchanging
information on the Internet.
– Hypertext Markup Language (HTML): the
standard language for representing content
on the Web via command tags.

Chapter 14 © 2008 by Prentice Hall


Separating Content and Display

• HTML has limitations due to format


orientation of tags.
• eXtensible MarkupLanguage (XML): an
Internet-authoring language that allows
designers to create customized tags,
enabling the definition, transmission,
validation, and interpretation of data
between applications.

Chapter 14 © 2008 by Prentice Hall


Future Evolution

• Thin client: a client device designed so


that most processing and data storage
occur on the server.
• Use of wireless mobile devices
– Wireless Access Protocol (WAP): a wireless
version of HTTP.
– Wireless Markup Language (WML): a
wireless version of HTML.

Chapter 14 © 2008 by Prentice Hall


Site Consistency
• Professionalism requires a consistent
look-and-feel across all pages of a Web
site.
• Cascading Style Sheets (CSSs): a set
of style rules that tells a Web browser
how to present a document.

Chapter 14 © 2008 by Prentice Hall


Site Consistency (Cont.)

• Extensible Style Language (XSL): a


specification for separating style from
content when generating HTML
documents.
– Methods for transforming XML documents into
a generic comprehensive form.
– Methods for formatting the generic
comprehensive form into a device-specific
form.
Chapter 14 © 2008 by Prentice Hall
Other Site Consistency Issues
• Two key issues should be considered:
– Use unique titles.
– Choose words carefully.
• Major problem is users do not know
where they are going when they follow a
hyperlink.

Chapter 14 © 2008 by Prentice Hall


Design Issues Related to Site
Management
• Customer Loyalty and Trustworthiness
– Design quality.
– Up-front disclosure.
– Comprehensive, correct, and current content.
– Connected to the rest of the Web.

Chapter 14 © 2008 by Prentice Hall


Customer Loyalty and
Trustworthiness
• Personalization: providing Internet
content to a user based upon knowledge
of that customer.
• Customization: Internet sites that allow
users to customize the content and look
of the site based on their personal
preferences.

Chapter 14 © 2008 by Prentice Hall


Web Pages Must Live Forever

• Customer Bookmarks.
• Links from Other Sites.
• Search Engine Referrals.
• Old Content Adds Value.
• System Security vs. ease of use
– “Remember my password”.
– Use of cookies.

Chapter 14 © 2008 by Prentice Hall


Online Data Management
• Context development : a method that helps
analysts to better understand how a system
fits within the existing business activities and
data.
• Integration depth: a measurement of how
far into the existing technology infrastructure
a system penetrates.
• Organizational breadth: a measurement
that tracks the core business functions
affected by a system.
Chapter 14 © 2008 by Prentice Hall
Online Transaction Processing
(OLTP)
• Online transaction processing (OLTP):
the immediate automated responses to
the requests of users.
• Designed to handle multiple concurrent
transactions.
• Plays a large role in electronic commerce
applications.

Chapter 14 © 2008 by Prentice Hall


Online Analytical Processing
(OLAP)
• Online analytical processing (OLAP):
the use of graphical software tools that
provide complex analysis of data stored
in a database.
• OLAP server is the chief component
• Good for time series and trend analysis.
• Enables user to “drill-down” into the data.

Chapter 14 © 2008 by Prentice Hall


Merging Transaction and
Analytical Processing
• Operational systems: systems that are
used to interact with customers and run a
business in real time.
• Informational systems: systems
designed to support decision making
based on stable point-in-time or historical
data.

Chapter 14 © 2008 by Prentice Hall


Data Warehousing
• Data warehouse: a subject-oriented,
integrated, time-variant, nonvolatile
collection of data used in support of
management decision making.
Data Warehousing (Cont.)
• Key features
– Subject-oriented: organized around key
subjects.
– Integrated: data are collected from many
operational systems and made to conform to
standards.
– Time-variant: data contains a time dimension.
– Nonvolatile: data cannot be updated by users.

Chapter 14 © 2008 by Prentice Hall


Data Warehousing (Cont.)

• Four basic steps to build:


– Extract data from various source system files
and databases.
– Transform, integrate, and load the data.
– Data warehouse is a read-only environment.
– Users access via query languages and
analytical tools.

Chapter 14 © 2008 by Prentice Hall


Data Warehousing (Cont.)

• Two level Architecture:


– Data warehouse and decision support
environment.
• Three-level architecture:
– Operational systems and data.
– An enterprise data warehouse.
– Data marts.

Chapter 14 © 2008 by Prentice Hall


Data Warehousing (Cont.)

• Enterprise data warehouse (EDW): a


centralized, integrated data warehouse that
is the control point and single source of all
data made available to end users for
decision support applications throughout the
entire organization.
• Data mart: a data warehouse that is limited
in scope: its data are obtained by selecting
and (where appropriate) summarizing data
from the enterprise data warehouse.

Chapter 14 © 2008 by Prentice Hall


Web Site Content Management
• Content management system (CMS): a
special type of software application for
collecting, organizing, and publishing
Web site content.

Chapter 14 © 2008 by Prentice Hall


Electronic Commerce Application:
Designing a Distributed Advertisement
Server for a WebStore
• Benefits for including advertising:
– Potential to increase revenue generated from
the WebStore.
– Potential to create cross-promotions and
alliances with other online commerce systems.
– Potential to provide customers with improved
service when looking for additional products
that accessorize PVF’s product line.

Chapter 14 © 2008 by Prentice Hall


Advertising on PVF’s WebStore
• List of advertisement system concerns:
– Advertisement must be served quickly so that
site performance is not affected.
– Advertisement must be uniform in size and
resolution, so as not to disrupt the site layout.
– Advertisement links must not redirect the
user’s browser away from the WebStore.

Chapter 14 © 2008 by Prentice Hall


Designing the Advertising
Component
• Transactional requirements are:
– Determine which advertisements apply,
based on where the user is in the WebStore.
– Personalize the advertisement if the identity
of user and preferences are known.
– Check for any seasonal or promotional
advertisements.
– Log the transaction.

Chapter 14 © 2008 by Prentice Hall


Designing the Management
Reporting Component
• Queries for top-management:
– “How many women, when shopping for
desks, clicked on an advertisement for
lamps?”
– “How many advertisements were served to
shoppers looking at filing cabinets?”

Chapter 14 © 2008 by Prentice Hall


Designing the Management
Reporting Component
– How many people clicked on the first
advertisement they saw?”
– “How many people clicked on an
advertisement and then purchased something
from the WebStore?”

Chapter 14 © 2008 by Prentice Hall


Summary
Define the key terms client/server
architecture, local area network LAN,
distributed database, and middleware.
Distinguish between file server and
client/server environments and contrast how
each is used in a LAN.
Describe alternative designs for distributed
systems and their trade-offs.
Describe how standards shape the design of
Internet-based systems.
Chapter 14 © 2008 by Prentice Hall
Summary (Cont.)
Describe options for ensuring Internet design
consistency.
Describe how site management issues can
influence customer loyalty and
trustworthiness as well as system security.
Discuss issues related to managing online
data, including context development, online
transaction processing (OLTP), online
analytical processing (OLAP), and data
warehousing.
Chapter 14 © 2008 by Prentice Hall
Learning & Discussion
A discussion of the case on Rakuten (HBS Case No. 305-050):

A pure play merchant server based in Japan

Key decision points:-


• Which LoBs to expand?
• Should it go global?
• Is it time for clicks and bricks?
• What is the potential downside (ie risks)?
• What other business partnerships (including co-sourcing) should it explore?
(based on Chapter 6; ref – R. Panko, Corporate
Computer and Network Security, Prentice Hall, New
York, 2003.)

1
Outline

!
"

2
Availability & Reliability - series

Combining components in
series decreases overall
availability

3
Availability & Reliability - parallel

Effect of Redundancy –

5 components in series

Pr (5 components fail at the same time) =


.02 * .02 * .02 * .02 * .02

A = 99.99999968
4
High Availability Facilities

#$ %
#%!
#
#&
#&'( &'&
) *! !
+

5
CSI/FBI Computer Crime and Security
Survey
• Annual survey conducted by the
Computer Security Institute
(http://www.gocsi.com) in cooperation
with the FBI.

• Based on replies from 503 U.S.


Computer Security Professionals.

• If fewer than 20 firms reported quantified


dollar losses, data for the threat are not
shown. 6
FBI / CSI Survey (contd.)
Threat Percent Percent Average Average
Reporting Reporting Annual Annual
an an Loss per Loss per
Incident Incident Firm Firm
1997 2002 (x1000) (x1000)
1997 2002
Viruses 82% 85% $76 $283

Laptop 58% 65% $38 $89


Theft

7
FBI / CSI Survey (contd.)

Threat Percent Percent Average Average


Reporting Reporting Annual Annual
an an Loss per Loss per
Incident Incident Firm Firm
1997 2002 (x1000) (x1000)
1997 2002
Denial of 24% 40% $77 $297
Service
System 20% 40% $132 $226
Penetration
Unauthorized 40% 38% NA NA
Access by
Insiders 8
FBI / CSI Survey (contd.)

Threat Percent Percent Average Average


Reporting Reporting Annual Annual
an an Loss per Loss per
Incident Incident Firm Firm
1997 2002 (x1000) (x1000)
1997 2002
Theft of 20% 20% $954 $6,571
Intellectual
Property
Financial 12% 12% $958 $4,632
Fraud
Sabotage 14% 8% $164 $541
9
FBI / CSI Survey (contd.)

Threat Percent Percent Average Average


Reporting Reporting Annual Annual
an an Loss per Loss per
Incident Incident Firm Firm
1997 2002 (x1000) (x1000)
1997 2002
Telecom 27% 9% NA NA
Fraud
Telecom 11% 6% NA NA
Eaves-
dropping
Active 3% 1% NA NA
Wiretap 10
Other Empirical Attack Data
• Riptech
– Analyzed 5.5 billion firewall log entries in 300
firms in five-month period

– Detected 128,678 attacks—an annual rate of


1,000 per firm

– Only 39% of attacks after viruses were


removed were directed at individual firms

11
Other Empirical Attack Data
• SecurityFocus
– Data from 10,000 firms in 2001
– Attack Frequency
• 129 million network scanning probe packets
(13,000 per firm)
• 29 million website attack packets (3,000 per firm)
• 6 million denial-of-service attack packets (600 per
firm)

12
Other Empirical Attack Data
• SecurityFocus
– Attack Targets
• 31 million Windows-specific attacks
• 22 million UNIX/LINUX attacks
• 7 million Cisco IOS attacks
• All operating systems are attacked!

13
Other Empirical Attack Data
• Honeynet project
– Networks set up for adversaries to attack

– Windows 98 PC with open shares and no


password compromised 5 times in 4 days

– LINUX PCs took 3 days on average to


compromise

14
Attack Trends
• Growing Incident Frequency
– Incidents reported to the Computer
Emergency Response Team/Coordination
Center
– 1997: 2,134
– 1998: 3,474 (75% growth from previous
year)
– 1999: 9,859 (164% growth)
– 2000: 21,756 (121% growth)
– 2001: 52,658 (142% growth) 15
– Tomorrow?
Attack Trends
• Growing Randomness in Victim Selection
– In the past, large firms were targeted

– Now, targeting is increasingly random

– No more security through obscurity for small


firms and individuals

16
Attack Trends
• Growing Malevolence
– Most early attacks were not malicious

– Malicious attacks are becoming the norm

17
Attack Trends
• Growing Attack Automation
– Attacks are automated, rather than humanly-
directed

– Essentially, viruses and worms are attack


robots that travel among computers

– Attack many computers in minutes or hours

– Cyberweapons of mass destruction

18
Attack Trends
• Recap
– Growing Frequency of Attacks
– Growing Randomness of Victim Selection
– Growing Malevolence of Attacks
– Growing Attack Automation

• So don’t base thinking and planning on


today’s threats!
19
Framework for Attackers
• Elite Hackers
– Hacking: intentional access without
authorization or in excess of authorization

– Cracking versus hacking

– Technical expertise and dogged persistence

– Use attack scripts to automate actions, but


this is not the essence of what they do

– Deviants and hacker groups 20


Framework for Attackers

• White Hat or Ethical Hackers


– A term used in several ways
– Hackers who attack at the invitation of
target firms for vulnerability detection
– Hackers who hack without invitation but
who have a code of ethics about what
not to do.
• Codes often permit considerable mischief
21
• Still illegal
Framework for Attackers
• Virus Writers and Releasers
– Virus writers versus virus releasers

– Only releasing viruses is punishable

22
Framework for Attackers
• Script Kiddies
– Use pre-written attack scripts (kiddie scripts)

– Viewed as lamers and script kiddies

– Large numbers make dangerous

– Noise of kiddie script attacks masks more


sophisticated attacks

23
Framework for Attackers
• Criminals
– Many attackers are ordinary garden-variety
criminals

– Credit card and identity theft

– Stealing trade secrets (intellectual property)

– Extortion

24
Framework for Attackers
• Internal Employees
– Have access and knowledge
– Financial theft
– Theft of trade secrets (intellectual property)
– Sabotage
– IT and security staff
– Consultants
25
Framework for Attackers

• Cyberterrorism and Cyberwar


– New level of danger

– Infrastructure destruction
• IT infrastructure
• Use IT to damage physical infrastructure

– Cyberterrorists versus cyberwar by


national governments

– Amateur information warfare 26


Framework for Attacks

Attacks

Physical Access Social Engineering


Attacks --
-- Opening Attachments
Dialog Attacks Password Theft
Wiretapping
-- Information Theft
Server Hacking
Eavesdropping Penetration
Vandalism
Impersonation Attacks
Message Alteration
Malware
Denial of --
Scanning Viruses
Break-in Service
(Probing) Worms

27
Social Engineering Attacks and
Defenses
• Social Engineering
– Tricking an employee into giving out
information or taking an action that reduces
security or harms a system
– Opening an e-mail attachment that may
contain a virus
– Asking for a password claiming to be
someone with rights to know it
– Asking for a file to be sent to you 28
Social Engineering Attacks and
Defenses
• Social Engineering Defenses
– Training

– Enforcement through sanctions (punishment)

29
Eavesdropping on a Dialog

Dialog

Hello
Client PC
Server
Bob
Alice

Hello

Attacker (Eve) intercepts


and reads messages
30
Impersonation and
Authentication

I’m Bob

Prove it!
(Authenticate Yourself)
Client PC Attacker Server
Bob (Eve) Alice

31
Classification of Threats – Spoofing

32
Message Alteration
Dialog

Balance = Balance =
Client PC $1 $1,000,000 Server
Bob Alice

Balance =
$1 Balance =
$1,000,000
Attacker (Eve) intercepts
and alters messages

33
Scanning (Probing) Attacks

I’m a Attack Packets to


Candidate 172.16.99.1, 172.16.99.2, etc.

Host
Internet
172.16.99.1
I’m a
Candidate Attacker

Host
172.16.99.2
Corporate Network

34
Single-Message Break-In
Attack

1.
Single Break-In Packet

2.
Server Attacker
Taken Over
By Single Message

35
Denial-of-Service (DoS) Flooding
Attack

Message Flood

Server
Attacker
Overloaded By
Message Flood

36
Classification of Threats – DoS Attack

37
Security Management
• Security is a Primarily a Management
Issue, not a Technology Issue
• Top-to-Bottom Commitment
– Top-management commitment
– Operational execution
– Enforcement

38
Security Management
• Comprehensive Security
– Closing all avenues of attack
– Asymmetrical warfare
• Attacker only has to find one opening
– Defense in depth
• Attacker must get past several defenses to
succeed
– Security audits
• Run attacks against your own network
– Managing incidents before they occur
39
Security Management

• General Security Goals (CIA)


– Confidentiality
• Attackers cannot read messages if they
intercept them
– Integrity
• If attackers change messages, this will be
detected
– Availability
• System is able to server users
40
The Plan—Protect—Respond
Cycle

Plan

Respond Protect

41
The Plan—Protect—Respond
Cycle
• Planning
– Need for comprehensive security (no gaps)
– Risk analysis
• Enumerating threats
• Threat severity = estimated cost of attack X
probability of attack
• Value of protection = threat severity – cost of
countermeasure
• Prioritize countermeasures by value of
prioritization
42
Threat Severity Analysis

Step Threat A B C D

1 Cost if attack succeeds $500,000 $10,000 $100,000 $10,000

2 Probability of occurrence 80% 20% 5% 70%

3 Threat severity $400,000 $2,000 $5,000 $7,000

4 Countermeasure cost $100,000 $3,000 $2,000 $20,000

5 Value of protection $300,000 ($1,000) $3,000 ($13,000)

6 Apply countermeasure? Yes No Yes No

7 Priority 1 NA 2 NA

43
The Plan—Protect—Respond
Cycle
• Planning
– Security policies drive subsequent specific
actions
– Access control
– Technical security architectures
• Tools and interactions for comprehensive security
• Central management
– Awareness and procedure training
– Punishment
44
The Plan—Protect—Respond
Cycle
• Protecting
– Installing protections: firewalls, IDSs, host
hardening, etc.

– Updating protections as the threat


environment changes

– Testing protections: security audits

45
The Plan—Protect—Respond
Cycle
• Responding
– Planning for response (Computer Emergency
Response Team)
– Incident detection and determination
• Procedures for reporting suspicious situations
• Determination that an attack really is occurring
• Description of the attack

46
The Plan—Protect—Respond
Cycle
• Responding
– Recovery
• The first priority
• Stop the attack
• Repair the damage
– Punishment
• Forensics: application of science to investigation
• Prosecution
• Employee Punishment
– Fixing the vulnerability that allowed the attack

47
Encryption for Confidentiality

Encrypted
Message
“100100110001”

Client PC Server
Bob Alice

“100100110001”

Attacker (Eve) intercepts


Original but cannot read Decrypted
Message Message
“Hello” “Hello”

48
Cryptographic System

Secure Dialog

Client PC
Automatically Handles Server
Bob
Negation of Security Options Alice
Authentication
Encryption
Integrity
Attacker cannot
read messages, alter
messages, or impersonate

49
Network Penetration Attacks and
Firewalls

Passed Packet Attack


Internet Packet
Firewall
Hardened
Client PC Internet

Attacker

Dropped
Packet

Hardened
Server Internal
Log File Corporate
Network
50
Intrusion Detection System

1.
4. Alarm Intrusion Suspicious
Detection Packet
System
Network
2. Suspicious
Administrator Internet
Packet Passed
Attacker

3. Log
Packet

Hardened
Server
Log File Corporate Network

51
Firewalls Versus IDSs

• Firewalls
– Actually drop attack packets
– This requires clear evidence of being
attack packets
• IDSs
– Log but then pass suspicious packets
– Log even if evidence is weak
• Products on the Market Often Blur
52
This Distinction
Recap

• Threats are considerable today


• Threats will be worse tomorrow, so
plan for tomorrow’s threat
environment
• There are many threats from many
attackers
• Technology can reduce threats
– Firewalls 53

– IDSs
Recap

• However, security is primarily a


management issue: without strong
management and processes,
technology will do nothing
– Management cooperation
– Employee diligence
– Procedures
– Enforcement
54

• Plan-Protect-Respond Cycle
Learning & Discussion

$ ! "
" , - !
.

55
An E-Biz Infrastructure

56
iPremier Company
• Luxury goods retailer
– Under attack from an unknown hacker
– Case covers events as they unfold

• What can we learn from this case


– IT infrastructure must be secured
– Decisions involved, however technical, must
be addressed by business and IT executives

=> Good basis for Learning & Discussion 57


!
" #$ % # &

1
Summary
• So, what is e-TOM anyway?
• NGNs, NGOSS and soft-switches
• Triple Play is here to stay
• Regulatory Best Practices deserve
awards

2
Learning & Discussion
1. What motivated the TeleManagement Forum to begin the e-TOM
initiative?
2. How does e-TOM help the typical telco?
3. What are 3 executive learnings from the the NGOSS work of the TMF?
4. How are Deutche Telekom, Korea Telecom and Saudi Telecom
benefiting from e-TOM?
5. Why is there a need to re-look some of the regulatory issues in the
emerging Triple Play scenario?
6. List 5 good practices for regulators of the converged marketplace?
7. Is it easier to sell converged services (than stand-alone fixed, mobile,
cable, internet) to the marketplace? Which do you think is the more
receptive – the consumer or business sector?

3
Case study: NGOSS at KT

Kyle Park

January 2006

Customer Service Management Division


Network Technology Lab., KT
Agenda

OSS/BSS Paradigm Shift towards Agility


Changing Architecture
A brief look at KT OSS
Design Concepts & Architecture
Mapping of NeOSS to NGOSS eTOM
NeOSS Compliance to NGOSS
NGOSS Principles in compliance
Realization of NGOSS Principles to NeOSS
Common Communication Vehicle
Contract Defined Interfaces
Contract Registration & Trading
Externalized Process Control
Shared Information/Data Model
Status of NeOSS in terms of NGOSS compliance
Conclusion
2
OSS/BSS Paradigm Shift towards Agility

Business Process

Operations
Adaptability
Automatically balance,
schedule, and allocate

Operations resources
based on business priorities

Efficiency and impacts


Service

Optimize utilization and


performance of business
Link Infrastructure with processes and applications
the business – communicate,
measure and deliver services Manage end-
end-to-
to-end business

Operations Align resources and


interactions across multiple
services
processes to enable
Stability optimal utilization,
performance and response
Resource

Plan Automate Operations,


Provision auto-
auto-activate and
Prioritize Operations based on reconfigure infrastructure based
Monitor business importance
Billing on business needs

Get the network under


control
Discrete / Partitioned Integrated / Clustered Virtualized / Federated

~2002 2003~2004 2005~

3
Changing Architecture

From To
Integrations = cost Integrations = value
Function oriented Process oriented
Build to last Build to change
Prolonged development Incrementally deployed

Application silos Orchestrated solutions


Tightly coupled Loosely coupled
Object oriented Message oriented

Source : Microsoft

4
What is NeOSS ?

New & Next Generation Operations Support System


(NeOSS) – KT NG OSS

Fully adaptive OSS platform for business process revolution

XML–based Service Oriented Architecture (SOA)

Interoperable architecture with NGOSS architectural


principles

An integrated solution for mitigating organization’s OPEX

5
Design Concepts of NeOSS

Customer-Centric Architecture
One-stop Service / Appointment of Visiting Customer Premises
Pre-Ordering / Order Tracking
Customer Service fulfillment/assurance time saving
SLA enabled

Integrated Inventory Management


End-to-end View of Multiple Domain Network Inventory
Consolidated Customer Information
Consolidated Customer Service Configuration Information

Separation of Business Flows and Functions


Using workflow engine

Loosely-coupled integration using EAI

6
NeOSS Architecture

Subscription
BSS Order
Order Entry
Entry

EAI Information Bus Problem Report

NeOSS-
NeOSS-SO NeOSS-
NeOSS-SA NeOSS-
NeOSS-SLA NeOSS-
NeOSS-NetIS/NE
Service Delivery Service Assurance Service Quality OSS Information
Management Management Management Management
Integrated
Integrated Order
Order Management
Management Customer
Customer Care
Care SLA
SLA Management
Management Network
Network Data
Data
Ware
Ware housing
housing
Flow-
Flow-though Service
Flow-though Service Customer/Service
Customer/Service Service
Service QoS
QoS
Provisioning
Provisioning Trouble
Trouble Management
Management Management Reporting
Reporting
Management
Device
Device Activation
Activation for
for Service
Service Agreement
Agreement Network
Network Planning
Planning
Network
Network Test
Test Management
Management
Seamless
Seamless Service
Service Delivery
Delivery Management
Management and
and Engineering
Engineering

EAI Information Bus


NeOSS-
NeOSS-FM NeOSS-
NeOSS-WM NeOSS-
NeOSS-ADM NeOSS-
NeOSS-xNMS
Inventory Workforce Access Domain Plug-
Plug-and-
and-Play Network Management
Management Management Management
Inventory
Inventory Workforce
Workforce Service
Service Maintenance
Maintenance Configuration
Configuration Performance
Performance IP,
IP, ATM,
ATM, FR,
FR,
Management
Management Scheduling
Scheduling Management
Management Management
Management Leased
Leased Line,
Line,
Fiber,
Fiber, WiBro,
WiBro,
Service,
Service, Resource
Resource &
& Field
Field Work
Work Access
Access Domain
Domain Device
Device Activation
Activation
Fault
Fault Management
Management etc
etc
Customer
Customer Data
Data Mgmt.
Mgmt. Management
Management Network
Network Mgmt.
Mgmt. Management
Management

SO: Service Ordering WM: Workforce Management TN: Transmission Network NE: Network engineering
SA: Service Assurance ADM: Access Domain Management SLA: Service Level Agreement ICIS: Integrated Customer Information System
FM: Facility Management DeL: Dedicated Line NetIS: Network Information Support System EAI: Enterprise Application Integration

7
Mapping of NeOSS to NGOSS eTOM
Operations Operations
Operations Support Fulfillment Assurance Billing
Operations Support Fulfillment & Readiness Assurance Billing
& Readiness Customer Relationship Management
Customer Relationship Management
Customer
CustomerInterface
InterfaceManagement
Management
CRM
CRMOperations
Operations
Support
Support&&Process
Process
Management
Management Selling Problem
ProblemHandling
Customer
CustomerInterface
InterfaceManagement
Selling
Management
Handling
Billing
Billing&&
CRM
CRMOperations
Operations Collections
Collections
CRM
CRMOperations Management
Support
Support&&Process
Process Operations
Readiness
Readiness
Marketing
Marketing
Fulfillment
Order
Order
Handling
Customer
CustomerQoS
QoS//SLA
Management
SLA Management

Management
Management Selling
Selling Problem
ProblemHandling
Fulfillment
Handling
Response
Response
Handling Management

Billing
Billing&&
CRM
ICIS Sales
Sales&&Channel
Channel
Management
Management Retention
Retention&&Loyalty
Collections
Collections
CRMOperations
Loyalty
Operations Marketing Order Customer
Readiness
Marketing Order CustomerQoS
QoS//SLA
SLA Management
Management
Readiness Fulfillment
Fulfillment Handling
Handling Management
Management
Response
Response Service Management & Operations
Sales
Sales&&Channel
Channel SM&O Service
Service&&
Management SM&OSupport
Support&&Process
Process Retention &&Loyalty
Service
Service
ServiceProblem
ProblemManagement
Management
Management Management
Management RetentionService
Configuration
Configuration
Loyalty Specific
Specific
Instance
&&Activation Instance
Rating
NeOSS-
-SA
Activation
NeOSS
NeOSS-SA
Rating
Service
ServiceManagement
Management&& Operations
Operations Service
ServiceQuality
QualityAnalysis,
Analysis,
Readiness
Readiness Action
Action&&Reporting
Reporting

Service Management & Operations


SM&O
NeOSS-
NeOSS -SO Management & Operations
NeOSS-SO
Resource Resource
ResourceProblem
ProblemManagement
Management
SM&OSupport
Support&&Process
Process Service Service
ServiceProblem
Problem Management
Management Service
Service&&
Management
Management Service RM&O
RM&OSupport
Support&&Process
Process Resource Provisioning
Specific
Configuration
Management
Management & Allocation Resource
ResourceQuality
QualityAnalysis,
Analysis, Specific
Configuration to Service Instance Action
Action&&Reporting Instance
&&Activation
Reporting
Instance
Activation Resource Management Service Rating
Service
ServiceManagement
Management&& Operations
Operations Resource Management
&& Operations
OperationsReadiness
Readiness
ServiceQuality
QualityAnalysis,
Analysis, Rating
Resource Data Collection, Analysis & Control
Resource Data Collection, Analysis & Control
Readiness
Readiness Action
Action&&Reporting
Reporting
NeOSS-
NeOSS-SLA
NeOSS-SLA
NeOSS-
NeOSS-NetIS
NeOSS-NetIS Supplier/Partner Relationship Management
Resource Management & Operations NeOSS-
NeOSS-WM
NeOSS-WM
S/P S/PRM
S/PRMSettlements
S/P
S/P S/P Purchase
S/P Purchase S/PProblem
Problem S/P
S/P Performance
Performance Settlements
S/PRM
S/PRMOperations
OperationsSupport
Support&&Process
Process Resource
Buying Problem
Resource
Buying
Problem Management
Management
Order
Order
Reporting
Reporting&& Management
Management
&&Billing
Billing
Management
Management Management Management Management
Management Management Management
RM&O
RM&OSupport
Support&&Process
Process Resource Provisioning Resource
Management ResourceQuality
QualityAnalysis,
NeOSS-
NeOSS-FM
NeOSS-FM Analysis, Supplier/Partner Interface Management
S/P Relationship
RelationshipManagement
Management & Allocation S/POperations Management
OperationsReadiness
Readiness
Action
Action&&Reporting
Reporting
Supplier/Partner Interface Management
to Service Instance
Resource
ResourceManagement
Management
Resource Data
DataCollection,
Collection,Analysis
Analysis&&Control
&& Operations
OperationsReadiness
Readiness
NeOSS-
NeOSS-ADM NeOSS-
NeOSS
NeOSS-NM-NM
Resource Control
NeOSS-ADM
Supplier/Partner Relationship Management

S/PRM S/P
S/P S/P
S/PPurchase
Purchase S/P
S/PProblem
Problem S/P
S/P Performance
Performance S/PRM
S/PRM
S/PRMOperations
OperationsSupport
Support&&Process
Process Reporting
Management
Management
Buying
Buying Order
Order Reporting&& Management
Management Settlements
Settlements && Billing
Billing
Management
Management Management
Management Management
Management
S/P
S/PRelationship
RelationshipManagement
Management
Operations Supplier/Partner
Supplier/PartnerInterface
InterfaceManagement
Management
OperationsReadiness
Readiness

8
NGOSS Principles in Compliance
NGOSS Framework Requirements
TMF052
TMForum NGOSS Compliance Testing Strategies
TMF050, TMF051
Matrix for core NGOSS Principles (TMF050)
Common Communication Vehicle
support a communications Infrastructure Service to communicate between
components
Contract Defined Interfaces
Support the need for secure, contracted open interfaces between multiple
components to support inter- and intra-business requirements
Contract Registration and Trading
Support a Repository of runtime information
Support the mechanism to register the contracts and to communicate the
contract when requested by a client.
Externalized Process Control
Separation of business process from software implementation
Shared Information/Data Model (SID)
Use of a single information representation for business information concepts
communicated between two or more components

9
Realization of NGOSS Principles in NeOSS :
I. Common Communication Vehicle (1)

The Benefits of Common Communication Vehicle


Ease of integration
Ease of access to information
NeOSS uses EAI as a message bus
Use Microsoft BizTalk Server as a communication bus for the
communication in and out of NeOSS
To collaborate with foreign .NET applications
Use Web Services
Put Interworking Function Gateway for protocol adapters

NeOSS EAI NeOSS-xNMS


Web Service (Web Service)
SO Non - .NET Framework
DB

ADM SA EAI Legacy


EAI Protocol
ASYNC
Adapter Socket
Systems
(Proprietary
interface only)
WM FM XML-RPC

Microsoft .NET Framework IWF Gateway Non - .NET Framework

10
Realization of NGOSS Principles in NeOSS :
I. Common Communication Vehicle (2)

The Granularity of functions visible at the bus level


Fine grain approach
Large amount of business logics required; processes become slow and inefficient
Significantly more bus traffic occurred and negative impacts on scalability
Coarse grain approach
Simplified processes resulting in lower traffic volumes and better scalability
Limited business agility
Adopted design principles
The communication between elementary business-process-aware (BPA)
functional units is exposed to the bus level
Defined Functional Part Contracts as business processes-aware functionality
Common
Common Communication
Communication Vehicle
Vehicle (EAI)
(EAI)

Business
Business Process
Process
BPA functionality BPA functionality … BPA functionality


Common
Common APIs
APIs
Atomic API Atomic API Atomic API Atomic API

11
Realization of NGOSS Principles in NeOSS :
II. Contract Defined Interfaces (1)

Business System Implementation Deployment

Business Personnel Technical Staff Programmer OA&M Staff

Specifies High-level Specifies Specifies the Specifies


goals & obligations Architectural configuration, mechanism for
that resource requirements programming and monitoring &
/service must necessary to implementation administering the
supply modeling of system factors of functionality and
processes & components / Contracts
Information functionality
eTOM eTOM & SID, TNA TNA, TSA

Template of Contract Definition


General Contract Part: Header, Descriptive Part
Functional Part: defines the capabilities provided by the Contract
Non-Functional Part: defines aspects which govern & restrict the bounds of operation
Management Part: Defines the management capabilities needed to OA&M the Contract
View Specific Model Part: Defines various types of models

12
Examples: Model Parts for System Views

Process Flow Diagrams


Activity Diagrams
Use Case Diagrams
State Chart Diagrams
Sequence Diagrams

13
Development Methodology in KT NeOSS
NeOSS Implementation /
Business Modeling Logical Modeling Physical Modeling
Phase Deployment
NGOSS
View Business View System View Implementation View Deployment View

BM100 1

Analyze Business Use Case


PM100 7
BM200 2
Design Component Model
Analyze Business Flow

BM300 3 LM100 6 PM200 8


Design Application Implementation of
NeOSS Analyze User Requirement Design Class Model
Architecture Component
Process
BM400 4 LM200 6 PM300 7

Analyze System Use Case Design Logical UI Design Physical UI Implementation of UI

BM500 5 LM300 6 PM400 7


Implementation of
Realize System Use Case Design Local Database Design Physical Database
Database

Integration of Components

Application Architecture Classes Spec. and Diagram Component Spec. User Manual
Guideline of Development Sequence Diagram Component Interaction OAM Guideline
NeOSS User Requirement State Chart Diagram Diagram
Artifact Use Case Spec. and Logical UI Spec. Physical UI Spec.
Diagram Logical ERD(DB) Spec. Physical ERD(DB) Spec.

14
Realization of NGOSS Principles in NeOSS :
II. Contract Defined Interfaces (2)

Criteria for Contracts applied to NeOSS in 4 Views


4 View Contracts Criteria Contract Examples for SA
Business View • eTOM OPS Level 2 Order handling, Retention & Loyalty,
ÎOperable/Deployable Unit Service configuration and Activation,
in term of relevant Divisions in Problem Handling,
Operational Organizations Service Problem Management…

System View • Business-process-aware Interface Validate Service Order, Create Work


- Functional Part invoked within business process Order(WO), Add WO, Update WO,
Î eTOM OPS Level 3 * Service Delete WO, Cancel WO, Query WO,
Types(PSTN, xDSL, Leased-Line) * Reserve IP, Assign IP, Return IP…
Resource Types (SDH, xDSL, IP…) Diagnose Service Configuration for
PSTN/xDSL/…,
Implementation • Component Unit Diagnose Resource Configuration
View (DLLs in .NET, Packages in Java) for DSLAM/Switch/…
Î eTOM OPS Level 3 * Services
Types * Resource Types
Deployment View • Functionalities for OA&M eTOM OPS Level 2

Business Flow Monitoring,


Health & Perf. Monitoring for
Contract,
Contract Administering (registration,
update, delete …)

15
Realization of NGOSS Principles in NeOSS :
III. Contract Registration and Trading

The benefits of Contract Registration and Trading


Ease of Upgrade and Maintenance of a Contract
Ease of Integration

In NeOSS
Ability to add/remove services while system still in operation,
discovery of services through appropriate location transparency
service
Contract Definition, Registration and Discovery is achieved with
UDDI and WSDL
UDDI for contract registration and discovery
UDDI: Universal Description, Discovery and Integration
WSDL for defining Contract Specification & interfaces
Use XML Based messages
WSDL: Web Service Description Language

16
Realization of NGOSS Principles in NeOSS :
IV. Externalized Process Control (1)

The Benefits of Externalized Process Control


Ease of adaptation to business evolution
Ease of procurement

NeOSS
Separates Business Process flow from application component
operation for greater flexibility, more re-use of components
across business scenarios
Uses BizTalk Server 2004 as Workflow Engine for designing and
operating business process based on business rules
various application logics could be designed, especially, in the
following areas
Choice of the appropriate design solution according to service and
resource types in fulfillment.
Determination of customer order feasibility according to the order types
Choice of testing rules according to the service types and network
facility types in the service assurance.

17
Realization of NGOSS Principles in NeOSS :
IV. Externalized Process Control (2)
Business process orchestration via workflow engine
Order Analysis &
Dispatch-in & Dispatch-out Order Completion
Create Work Order Message
>> Port Surface >> Port Surface Port Surface << >> Port Surface >> Port Surface

Receive PO SendApprvPor
Port Receive ReceivePOPort Receive_PO
Operation_1 t
Operation
-> Request Operation_1 ConstructRule
Request
Contract ->
Request
Construct Message Check Quantity Msg Assign
Denied Else

{}

Transform Denied Msg Send_Approve Scope


Port SendApprvPor
! Call Rules
Operation t
Request Transform Operation_1
->
Send Request
SendDeniedPort Over Credit Limit
Send_Denied
Operation_1 Denied Else
<- Request

Business Process(Workflow) Business Process(Workflow) Business Process(Workflow)

Application Logic (BSL, DSL) Common Repository

Separate BP from Realize BP centric Seamless Order Visualize BP and


Application Logic Order management harmonization Gain flexibility
Among domains
Systems
Prior to NeOSS
ICIS ADSL-SDMS IDMS TIMS IPMS Legacy systems
18
Realization of NGOSS Principles in NeOSS :
V. Shared Information/Data Model
The Benefits of Shared Information Model
Commonality of terminology
Ease of Integration
Ease of procurement

NeOSS provides
Integrated Management of Information for physical/logical
resources, customer and service information
Integrated Database for
enhanced data accuracy with Database Consolidation
Master, Code, Backup, Rolling, Collaboration
common schema, data
stewardship, common Service
repository Service Service
order Configuration
Status of NeOSS in the SID
Not yet used SID Customer NeOSS-FM Products
relationship/attributes and design Customer
patterns. order Various code
Resource
Will be applied to NeOSS TO-BE
Model
19
Status of NeOSS in terms of NGOSS Compliance

TM Forum NGOSS Principle KT NeOSS Architecture Features

Common Communication 9Use Microsoft


9Use Microsoft BizTalk
BizTalk Server
Server (EAI)
(EAI) as
as message
message bus
bus
Vehicle

9Service Oriented
9Service Oriented Architecture
Architecture
9Uses Web
9Uses Web Service
Service (UDDI,
(UDDI, WSDL)
WSDL) technology
technology for
for
Contract Defined Interfaces registering
registering and
and trading
trading of
of Contract
Contract
& Registration / Trading 9Supports Run-time
9Supports Run-time monitor/control
monitor/control
functions
functions for
for each
each interface
interface and
and version
version
of
of component
component

9Separate process
9Separate process flow
flow from
from application
application
component
component operation
operation
Externalized Process Control
9Use BizTalk
9Use BizTalk Server
Server as
as Work
Work Flow
Flow Engine
Engine for
for
designing
designing business
business process
process based
based on
on policy
policy

Shared Information / 9Not yet


9Not yet use
use SID
SID Model
Model fully.
fully.
9Support Data
9Support Data Integrity
Integrity and
and consistency
consistency
Data Model by
by logically
logically centralized
centralized Database
Database
9Design Common
9Design Common Information
Information Model
Model

20
Conclusion - Proof of NGOSS Architecture & Principles

NGOSS architecture & principles are field-proved in NeOSS


field-proved
as aa real
real telco
telco OSS
OSS

Development
Development period/cost
period/cost reduction
reduction for
for new
new services
services
Operational
Operational cost
cost reduction
reduction
Database
Database Consolidation
Consolidation
Operational
Operational environment
environment consolidation
consolidation

The
The key
key aspects
aspects of
of NeOSS
NeOSS

Focus
Focus on
on aa dramatic
dramatic reduction
reduction in
in the
the number
number ofof applications
applications
Continue
Continue toto use
use existing
existing systems
systems and
and system
system interfaces
interfaces
while
while introducing
introducing standard
standard systems
systems
Transition
Transition gradually,
gradually, driven
driven by
by business
business objectives,
objectives,
organizational
organizational patterns
patterns and
and projects
projects
Re-orchestrate
Re-orchestrate transactions
transactions and
and data
data flows
flows to
to support
support
the
the transition
transition

21
For further information, please contact

Kyle Park

Researcher
Service Provisioning Department
Network Technology Lab, KT
463-1 Jeonmin-Dong Yuseong-Gu, Daejeon 305-811
Korea

Tel: +82 42 870 8628


E-mail: pck@kt.co.kr

22
!

" ""
Indian Merchants’ Chambers “# $ ”

% & !''(

1 2

© 2005 Frost & Sullivan. All rights reserved.


)

Overview of Convergence
Case Study of a Next-Generation Service Provider
Regulatory Best Practices
Concluding Remarks
Questions and Answers

2
) *+
Convergence of
Networks and Technologies
(Mobile, Fixed, Wi-Fi, IP, PSDN, VPN)
Terminals/Devices
(Handphones, PCs)
Services
(Voice, Data, Multimedia)
Regulated Markets
(Telcos, Broadcasters, Media Cos)

Blurring of boundaries between voice, data and


video delivery and applications

3
) *,

! " # $ #!% !
& '
! (

")* + ,
& %
+ ,

4
) * & -. &

50.00% 90.0%

45.00% 80.0%

40.00%
70.0%

35.00%
60.0%

30.00%
50.0%
25.00%
40.0%
20.00%

30.0%
15.00%

20.0%
10.00%

5.00% 10.0%

0.00% 0.0%
d
a

s
ng

e
a

nd
na

an
st

ne
an
re

si

or
si
di

pa
Au

Ko

la
hi

iw
ay
ne
In

Ko

ap
pi
al
Ja

ai
C

Ta
al

ilip
Ze
do

ng
g

Th
h

M
on

ut
In

Ph

Si
ew
H

So

Source: Frost & Sullivan


Narrowband Penetration % Broadband Penetration % Broadband % of Total

5
) * "
IP Centrex IP Video Others
1% Conferencing 0%
1%

Local VoIP
13% Local VoIP
ILD
DLD
22%
ILD
IP Centrex
IP Video Conferencing
Others

DLD
63%
Source : Frost & Sullivan
Data includes Australia. China, Japan, Singapore,
South Korea and Taiwan revenues in 2003

• Domestic long distance VoIP calls dominate in revenue terms


• IP Centrex, IP video conferencing and other IP enhanced services
revenue only nominal in 2003

6
) * $ "
Significant impact on service providers and customers

Service Providers
New business model
New opportunity
Reduce OPEX
Train & retain employees
Next Generation Network and Services

Customers
Increased Options
Possible paradigm shift in service adoption
Sophisticated Customer Service Management

7
8
Services can be in-house, outsourced and hosted

Critical Mass of Demand


Content Application Mass and
Demand Mass
High Investment
,

Effective Value Proposition


.
*

Revenues Outflow
'
'
*

& &

.
'
-
!
)
– / & "
FastWeb is a leading Broadband SP in Italy (www.fastweb.it)

ARPU per year € 780…

Data Voice Video


9
/ &* )

Fastweb’s Marketing strategy based upon Triple Play service


bundles
Voice
Internet
Video

No single killer application: the real killer application is the


Service Mix

Combination of Flat Rate and Pay Per Use tariff plans to match
specific customer needs

10
/ &0 $ 1 &0 2
FastWeb TV
Unified interface for content in all formats:
Terrestrial broadcast: RAI, Mediaset, ...
Satellite broadcast : CNN, Bloomberg, ...
Pay--TV/Pay
Pay TV/Pay--per-
per-View: Stream & TELE+
Video-
Video-on-
on-Demand
Integrated with VideoREC and Electronic
Program Guide

Video on Demand offer


First VoD licensing agreements with
US major film studios:
20th Century Fox
Universal Studios
DreamWorks
Over 3,000 titles (up over 30% from
the end of the second quarter)

11
/ &0 $ 1
2
FastWeb’s Video Non-FastWeb
clients (ISDN)
Communication allows
business and residential
customers to video FastWeb clients FastWeb
conference: Party 1 residential
customers
TV + TV Cam
Between different
locations

With other external


PC + Webcam
parties using FastWeb’s
services Party 2

With traditional ISDN


video conferencing
systems and through the
Internet with PC-based Internet
web-cameras

12
/ &0 1
2 ,
Virtual VCR service:
allows clients to
record favorite free-to-
air TV programs (RAI,
Mediaset, ...) with no
need for a VCR or tape

Easy and convenient


programming: just
click on the desired
show, directly on your
TV or on any PC with
an Internet connection

13
/ &0 1
/ 3 45/ 3 67
Fast Internet at up
FastWeb’s
to 10 Mb/s from network
any point of the
house Access base

No need for wires


or cables

Fastest wireless
offer on the
market

Access kit on sale


at only 250 EUR

14
/ &0 1
$ 2 . !,
Installed IP VPNs grew 85 (from 255 to 340) in 3Q 2002, confirming
FastWeb’s unique accelerated pace in this market segment
10 Mb/s (scalable) bi-directional connection among different branches
and from employees’ premises to the corporate LAN, on FastWeb
network
Service quality and security guaranteed through MPLS technology
and IPSec protocol

Branch 2
IP VPNs
FastWeb’s
server farm

Business-to-Employee
(B2E) services

Branch 1 Big Internet

Branch 3

Other
networks

15
*+
90% 85%
80%

70%
Both residential and
60% 53%
enterprise users find IP
50% 45% an attractive value
40%
30%
proposition
18%
20%
8%
10% 5%

0%
Cost Global Efficiency Convergence Bundled Marketing
Connectivity Service/VAS Push

120%

100%
100% 95%

80% 73% 75%

60%
60% 53%

35% 38%
40% 33%
23%
20%

0%
ERP CRM SCM Email Data Transfer VoIP Video E-Commerce Real Time Collaboration
Source: Frost & Sullivan

16
*$

Traditional Structure Emerging Structure

Technology Push

Market Pull

Regulatory Arbitration

17
*

• No national • Broadband vision • Sharing • Unified regulatory


broadband (triple (E Korea 2005, infrastructure and regime (Multimedia
play) policy Cyber Korea 21) facilities &
Telecommunication
• Light touch • Policies for • Stimulating
s Regulatory
competition in supply of content,
• USO metric: Commission)
voice, data & applications &
homes passed
mobile services • Promotion of
rather than uptake
multimedia super-
• Hands off internet • Encouraging
• Build-up of corridor and
services regulation SMEs to e-biz
national facilities flagship projects
encouraged • Competition of • Creating a
• Possible
facilities-based SPs secondary market
• Technology competition
for radio spectrum
neutral • Promotion of between
broadband network incumbent,
building (loans, KII, competitive 3G
Internet usage, carriers and CATV
public/education operator
sectors)

18
*$

Licensing of all existing and new services as they emerge, under


the ambit of convergence
Licensing fee – Auction, beauty contest or free for all?
Service area – Universal Service or roll-out Obligations
Setting an appropriate Universal Service incentive
Creating a level playing field for incumbent or competitive,
standalone or full service operators
Interconnectivity and tariff agreements
Numbering and addressing issues, directory and look-up
services
Regulation of shared facilities, example infrastructure and OSS

19
* 8

• Stabilize voice revenues


• Velocity and shelf-life of Next-Gen services
• Open platforms and business models
• One-touch for the customer

• Increase data revenues


• Grow an Internet based economy

• New Generation networks


• Applications
• Critical mass of subscriber services

• Allow SPs the opportunity to “lock-in”


customers
• Recognize that access and services are
evolving separately

20
* 9" 2
• Facilitate environment for high
adoption of new technologies;
• Availability of latest services with
Technology service quality;
• Competitive Cost for these services;
• Skilled IT workforce

Consumer Regulatory
Markets Policy

• Strengthen regulatory framework;


• Knowledgeable and sophisticated user • Consumer advocacy
communities • Enable Growth of innovation drivers
• Drivers for sustainable growth • Availability of workforce with specific
• Support for open competition skill sets at competitive costs
21
*
Benefits predominantly for end user
Service providers
Core competency based
Advantage Competition: Leap-frogging with Cost and Scale
Content/Application Developers/Providers also benefit
Create green-field applications and opportunities
Customers will not pay; unless …
They can’t do without it (the utility of convergence)

22
:

© 2005 Frost & Sullivan. All rights reserved.


! " #
!!
$% "
OUTLINE
Overview of Sharma & Azura

• The Digital Divide


• A 3-Pillar Model
• APAC Telecom Trends
• Seeing Value in Applications
• Information Literacy
• Creating an Information Society
The Digital Divide
The term "digital divide" refers to the gap between individuals, households,
businesses and geographic areas at different socio-economic levels with
regard to their opportunities to access information and communication
technologies (ICTs) and their use of the Internet. It reflects differences
among and within countries, and raises a number of questions. Where
does it occur and why? What are its causes? How can it be measured?
What are the relevant parameters? How wide is it? Where is it most
critical? What are its effects likely to be in the short term? In the longer
term? What needs to be done to alleviate it? These questions have only
recently been raised, and it is not possible, as yet, to answer all of them
with any certainty.


 
            
    
Why Bridge the Digital Divide?
Now that we are accomplishing the goal we set 15 years ago, we must set
ourselves a new goal. That goal is: by the early part of the next century
virtually the whole of mankind should be brought within easy reach of
modern means of telecommunications, including the Internet. Once we
have established telephone connections, this goal will not be as difficult to
achieve as the first one. Giving everyone access to the wealth of
information available online, is not only a matter of justice, but is vital for
the whole world. The move from an agricultural economy to an industrial
economy, has generated enormous wealth, and raised our standard of
living throughout the world. The same quantum leap will be experienced in
the transition to a global information economy. Everyone must be given
access to the tools of this economy if they are to enjoy its benefits.

Dr Yoshio Utsumi, ITU SecGen, 1999.


… is it being bridged?
Top 15 Markets for Broadband
Penetration
Broadband subscribers Broadband households
% of those
Total Change Per 100 % of all
with % of all
Economy 000s 2001-02 inhabitants subscribers
Internet
1 Korea (Rep.) 10'128 24% 21.3 94% 83% 43%
Hongkong,
2 989 38% 14.6 42% 68% 36%
China
3 Canada 3'600 27% 11.5 50% ~ 41% 20% ~
4 Taiwan, China 2'100 86% 9.4 28% 59% 31%
5 Iceland 25 138% 8.6 21% ~ 12% 9% ~
6 Denmark 462 107% 8.6 19% 24% 16%
7 Belgium 869 90% 8.4 51% 41% 17%
8 Sweden 693 48% 7.7 23% 20% 13%
9 Austria 540 123% 6.6 22% ~ 28% 14%
10 Netherlands 1'060 127% 6.5 10% ~ 29% 19%
11 United States 18'700 46% 6.5 18% ~ 19% 10% ~
12 Switzerland 455 308% 6.3 5% ~ 9% 4%
13 Japan 7'806 176% 6.1 27% 18% 5% ~
14 Singapore 230 73% 5.5 26% 35% 20%
15 Finland 274 426% 5.3 5% ~ 15% 8%

Source: ITU World Telecommunication Indicators Database


A 3-Pillar Model
APAC Telecom Trends
… and the growth of the mobile Internet is the catalyst
to “anytime, anyplace” access to information and
communication…
Seeing Value in Applications
WSIS 2003 Plan of Action, to be achieved by 2015.
1. to connect villages with ICTs and establish community access points;
2. to connect universities, colleges, secondary schools and primary schools with
ICTs;
3. to connect scientific and research centres with ICTs;
4. to connect public libraries, cultural centres, museums, post offices and archives
with ICTs;
5. to connect health centres and hospitals with ICTs;
6. to connect all local and central government departments and establish websites
and email addresses;
7. to adapt all primary and secondary school curricula to meet the challenges of
the Information Society, taking into account national circumstances;
8. to ensure that all of the world's population have access to television and radio
services;
9. to encourage the development of content and to put in place technical
conditions in order to facilitate the presence and use of all world languages on
the Internet;
10. to ensure that more than half the world’s inhabitants have access to ICTs within
their reach.
Information Literacy
Landmark 1989 report of the American Library
Association describes information literate individuals
as those who have learned how to learn and that
they know how information is organised, how to find
information, and how to use information in such a
way that others can learn from them
… in order to engage in useful human endeavours

Measures and models : Big6, Kuhlthau (1993), Bruce


(1997)
AASL (1098) & ACRL (2000) : de-facto guidelines for
information literacy competencies
Analysis of ICT levels in Asia
Country Infrastructure Usage Market Hosts Users PCs
per per 10K per
10K 100
China 14.95 36.79 61.11 1.28 632.48 2.76
(63) (61) (66)
India 0.72 45.30 76.26 0.82 174.86 0.72
(160) (15) (45)
Indonesia 12.39 39.38 55.56 2.88 377.16 1.19
(70) (40) (82)
Japan 58.42 24.93 78.00 1016.47 4488.56 38.22
(7) (148) (44)
Korea 65.12 33.77 89.68 52.30 6034.20 55.14
(3) (91) (14)
HK SAR 58.42 50.58 96.10 864.49 4691.66 42.20
(8) (4) (3)
Lao PDR 0.26 28.76 37.50 1.65 33.46 0.35
(180) (127) (129)
Asia 13.10 33.92 61.11 50.34 674.25 4.45
OECD 36.10 37.70 71.41 1485.75 3993.38 41.77
Creating an Information Society
Access to distributed, secure, multimedia content
and transactions (Mobility of the user; Ubiquity of
devices and applications; Pervasive platform and
services)
There is a strong link between education, internet
use and the utilization of knowledge
Information literacy as a means of bridging the
digital divide and achieving the information society
Income levels, age, gender, education,
urbanization and the oft-cited lament that 80% of
Internet content is in English which less than 10%
of the world’s people understand
Required investments … e-Korea as a benchmark
… regulatory best practices – a tale of 4
countries

• No national • Broadband vision (E • Sharing • Unified regulatory


broadband (triple Korea 2005, Cyber infrastructure and regime (Multimedia &
play) policy Korea 21) facilities Telecom Regulatory
Commission)
• Light touch • Policies for • Stimulating supply
competition in voice, of content, • Promotion of
• USO metric: homes
data & mobile applications & multimedia super-
passed rather than
services corridor and flagship
uptake • Hands off internet projects
services regulation • Encouraging SMEs
• Build-up of national
to e-biz • Possible competition
facilities encouraged • Competition of between incumbent,
facilities-based SPs • Creating a
• Technology neutral competitive 3G
secondary market for
• Promotion of carriers and CATV
radio spectrum
broadband network operator
building (loans, KII,
Internet usage,
public/education
sectors)
References
Ravi S Sharma & Intan Azura Mokhtar, “Bridging the Digital Divide in Asia : challenges and solutions.”,
International Journal of Technology, Knowledge & Society 1 (3) 2006.

ITU World Telecommunication Indicators Database : http://www.itu.int/ITU-D/ict/statistics/

World Summit on the Information Societies Geneva 2003 – Tunis 2005 : http://www.itu.int/wsis/index.html

Asia Pacific Networking Group (APNG) is an Internet organization dedicated to the advancement of networking
infrastructure in this region, and to the research and development of all associated enabling technologies.
Its mission is to promote the Internet and the coordination of network inter-connectivity in the Asia Pacific
Region : http://www.apng.org

National Information Infrastructure In South-East Asia - 1997. This report examines the information
infrastructure programs in twelve Asia Pacific nations, and discusses APEC's recent initiative to establish
an APII - an Asia Pacific Information Infrastructure : http://www.vacets.org/vtic97/txbui.htm

Asia - Pacific Developement Information Programme (APDIP) seeks to promote and establish information
technology (IT) for social and economic development throughout Asia-Pacific. Launched in 1997 and
based in Kuala Lumpur, the Programme serves 42 countries in a vast region, from Iran in the west, north to
Mongolia and south to the Pacific Islands of Fiji : http://www.apdip.net

Rockman, I. F. (2003). Information literacy, a worldwide priority for the twenty-first century. Reference Services
Review. 31(3), 209-210.

Ma, F. and Hu, C. (2002). Information literacy, education reform and the economy – China as a case study.
White paper presented for UNESCO, the US National Commission on Libraries and Information Science,
and the National Forum on Information Literacy, for use at the Information Literacy Meeting of Experts,
Prague, Czech Republic. Available online at http://www.nclis.gov/libinter/infolitconf&meet/papers/ma-
E-Commerce (re)Defined

Electronic commerce is a phenomenon that


is dramatically changing the way in which
people live, learn, and communicate with
one another. How people will benefit from
e-commerce and how policy issues can
affect the growth of e-commerce and the
costs as well as the benefits that are
associated with electronic commerce is the
subject of this topic.
E-Commerce Re-visited
Access to distributed, secure, multimedia content and secure
transactions
Mobility of users, ubiquity of devices and applications
Pervasive platform and services
There is a strong link between telecoms infrastructure, internet use,
electronic financial instruments and e-commerce
E-commerce = transacting over public info-comms networks; ranges
from browsing web catalogs, to e-mail / ICQ enquiries, secure
ordering and payment clearance, to supply chain management and
after sales support.
Connectivity is the ability to securely transmit information between
electronic devices at different locations.
E-COMMERCE SNAPSHOTS
In 1997, e-business grew from an IBM advertising campaign to a catchy
metophor that expressed a way of doing business.
Amazon.com is now profitable, selling 2.5 million (10 x its nearest
bricks-and-motar competitor!) products to its 100 million (?)
customers at the fraction of industry norms for time/cost.
Dell, Toyota, eBay, Cisco are other success stories, as are SQ, DBS
and CabLink.
And some not-so-successful ones … Levi’s e-tailing (1998) and
Hershey’s Halloween rollout (1999) … eToys (2000)
Clorox estimates that the cost of ordering from its suppliers has dropped
from $100 to $15 through supply chain management.
E-COMMERCE BUSINESS MODELS
MODEL FUNCTION EXAMPLES
E-retailer Use the Internet to sell Amazon.com,
directly to customers expedia.com
Clicks & Bricks Use both the Internet Barnes & Noble
and physical stores to Mustafa’s
sell to customers
Financial Services Provide services such as Visa, MasterCard,
payment clearance and AmEx
brokerage
E-auction Run auctions to secure eBay, Freemarkets
highest bidder
E-marketplace Provide information and Ariba, Commerce One,
commercial transactions TradeNet, LawNet
for specific industry
verticals
Content Aggregator Serve as a portal for Yahoo, Lycos
many types of
information and users
Content Provider Provide online content Rediff.com, china.com

Managed Hosting Provide outsourced IBM, HP, EDS


… resulting in a basket of multimedia telematics applications over a converged
platform.
Emerging Applications and Services
Multimedia content: including graphics, video clips, music, locator
services, games and directories formatted especially for mobile
handsets.
Multimedia Messaging: Any combination of photos, video clips,
audio clips, graphics or text can be sent to another mobile handset,
PC or other device. "Mobile broadcasting“ of media (such as news)
to many terminals simultaneously is similar to cell broadcasting for
SMS.
Internet/Extranet Access: Mobile access to e-mail, rich web
content, corporate network resources etc.
Instant Messaging: "real-time" text-based messaging via the
Internet.
Location Based Services: LBS could allow subscribers to locate
the nearest restaurant, fuel station or shop of their choice.
Rich Voice: Two-way real-time enhanced voice, video and other
forms of data. Presence – enabling a caller to see if a contact is
available or "on-line" to receive calls or messages – will promote
even greater usage of voice telephony. .. Eg. "Push-to-Talk“ over
Cellular, ICQ, MSN, IVR solutions.
BACKED BY A SOLID BUSINESS
MODEL?
Challenges to Pervasive E-Commerce

Availability of affordable end-systems


Open architectures and access
Revenue sharing business models
Move away from point-to-point
communications to user communities (eg.
e-government, schools-on-the-net, tele-
medicine and EPR, …)
The Media-Market Lag
Lessons from the ITU on why this is so …

It takes longer than you think


The media and the market follow different
cycles
Convergence cannibalizes existing cash
cows
First movers often get burnt fingers
Standards and technologies are key in
promoting convergence and inter-
operability
Best Practices for Development
The telecoms market is liberalized (reflected by an
increased share private providers).
Telecoms charges fall (e.g., cost per minute, connection
charges) when volumes increase.
With USO, coverage expands (number of main lines in
operation), especially in rural areas.
The emergence of open delivery platforms allow a host of
content and transaction service providers to access a
critical mass of subscribers / customers.
Value-added taxation and revenue settlement
mechanisms encourage the move up the value chain.
LAST WORD

Moving towards the information society is in the interest


of government, industry and the public
Information and communication (in general) are not niche
applications; neither is e-commerce
The digital divide must be bridged in order to create a
mass market, high volume business (the Grameen Bank
is an outstanding case in point for micro-payment
services)
Connectivity, security, content and business models are
the key infrastructure challenges
The Singapore Story – training (ISS), CSCP, R&D (ITI),
MNCs … e-citizen
Learning & Discussion
1. Does convergence support e-Business or is it the other way around?
2. Recall your last experience with e-commerce. Was it safe, affordable and
convenient? What could have been done better? Would you pay a premium for
such a service? Or more likely to use it?
3. Why do you think the state of ICT in Asia (and more so, India) is what it is?
4. Why is the digital divide even a problem since neither the poor nor the rural
communities clamour for more ICT?
5. What has been your experience with e-government services?
6. Is e-government an effective tool for citizen to reach out to their elected leaders
and universal public services?
7. What do you think is the connection between National ICT Policy and economic
growth?