Search

EP-4740386-A1 - METHOD AND SYSTEM FOR ENABLING HIGH AVAILABILITY OF RESOURCES

EP4740386A1EP 4740386 A1EP4740386 A1EP 4740386A1EP-4740386-A1

Abstract

The present disclosure relates to a system (100) for enabling high availability of resources. The system (100) includes an active node (102) configured to host a Security Edge Protection Proxy (SEPP), and further comprise a High Availability State manager (HSM) (414) bundled within the active node (102). A standby node (108) is associated with the active node (102). A copy of cache is broadcasted to all the SEPP embedded into the active node (102) and the standby node (108), present in a network (110). A delta data is generated during an instance, upon receiving a request from another active node via an inter-PLMN. The delta data is stored in the active node. The delta data is configured to be shared between all the active nodes and the standby node via a peer-to-peer technique facilitating a zero data loss in the delta data.

Inventors

  • BHATNAGAR, AAYUSH
  • BISHT, SANDEEP
  • MISHRA, RAHUL
  • Chillapalli, Jyothi Durga Prasad

Assignees

  • Jio Platforms Limited

Dates

Publication Date
20260513
Application Date
20240702

Claims (15)

  1. 1. A method for enabling high availability of resources, the method comprising the steps of: broadcasting, by one or more processor (402), a copy of cache to all Security Edge Protection Proxy (SEPP) embedded into an active node (102) and a standby node (108), present in a network (106); generating, by the one or more processor (402), a delta data during an instance, upon receiving a request from another active node at one of: a foreign network and a DR/GR site (112) via inter-PLMN (110); storing, by the one or more processor (402), the delta data; and; sharing, by the one or more processor (402), the delta data between all the active nodes and the standby node (108) via a peer-to-peer technique facilitating zero data loss in the delta data.
  2. 2. The method as claimed in claim 1, comprises, managing, by the one or more processor (402), the handover between the active node (102) and the standby node (108) based on the instance generated.
  3. 3. The method as claimed in claim 1, wherein generating and receiving the delta data comprises, detecting a failure, by the one or more processor (402), of the active node.
  4. 4. The method as claimed in claim 1, wherein broadcasting enables continuously receiving, by the one or more processor (402), the delta data.
  5. 5. The method as claimed in claim 1, comprises, detecting, by the one or more processor (402), reestablishing of the failed active node.
  6. 6. The method as claimed in claim 1, comprises, handing-over, by the one or more processor (402) active instances from the standby-node (108) to the active node (102).
  7. 7. The method as claimed in claim 1, wherein the copy of cache comprises configuration data, and the configuration data comprises a handshake data configured to connect with the SEPP.
  8. 8. A system (100) for enabling high availability of resource, the system (100) comprising: an active node (102), configured to host a Security Edge Protection Proxy (SEPP), and further comprise a High Availability State manager (HSM) (414) bundled with the active node (102); and a standby node (108) associated with the active node (102), wherein the system (100) further comprises a pair of active nodes, and the standby node (108); wherein, a copy of cache is broadcasted to all the SEPP and the standby node (108), present in a network (106); a delta data is generated during an instance, upon receiving a request from another active node at one of: a foreign network and a DR/GR site (112) via an inter-PLMN (110); the delta data is stored in the active node (102); and the delta data is configured to be shared between all the active nodes and the standby node (108) via a peer-to-peer technique facilitating a zero data loss in the delta data.
  9. 9. The system (100) as claimed in claim 8, wherein the copy of cache comprises configuration data and wherein the configuration data comprises a handshake data configured to connect with the SEPP.
  10. 10. The system (100) as claimed in claim 8, wherein the HSM (414) enables creating the copy of cache in a restarted node or the active node (102), upon detecting unavailability of cache within the restarted node.
  11. 11. The system (100) as claimed in claim 8, wherein an active instance is handed over from the active node (102) to the associated standby node upon detecting failure/crash of the active node (102).
  12. 12. The system (100) as claimed in claim 10, wherein the failure or the crash or any other status of the active node (102) is monitored by the High Availability State manager (HSM) (414).
  13. 13. The system (100) as claimed in claim 8, wherein the High Availability State manager (HSM) (414) is further configured to transfer any new incoming active instance to the active node (102) from the standby node (108) in-case the active node (102) is back online.
  14. 14. The system (100) as claimed in claim 8, wherein the delta data is shared by the active node (102) with other remote active nodes and their associated standby node, to facilitate the data availability across multiple sites, enabling to handle geo-redundancies and disaster recoveries.
  15. 15. A non-transitory computer-readable medium having stored thereon computer- readable instructions that, when executed by a processor, cause the processor to: broadcast a copy of cache to all Security Edge Protection Proxy (SEPP) embedded into an active node (102) and a standby node (108), present in a network (106); generate a delta data during an instance, upon receiving a request from another active node at one of: a foreign network and a DR/GR site via an inter- PLMN (HO); store the delta data; and share the delta data, between all the active nodes and the standby node (108) via a peer-to-peer technique facilitating zero data loss in delta data.

Description

METHOD AND SYSTEM FOR ENABLING HIGH AVAILABILITY OF RESOURCES FIELD OF THE INVENTION [0001] The present invention relates to Security Edge Protection Proxy (SEPP), more particularly relates to a method and a system for providing a scalable SEPP architecture targeting high availability and redundancy in a communication network. BACKGROUND OF THE INVENTION [0002] Security Edge Protection Proxy (SEPP) is a proxy deployed at an edge or a perimeter of a Public Land Mobile Network (PLMN) and enables secured communication between inter-PLMN network messages. The SEPP is a just proxy enabled to authenticate, provide confidentiality protection, and enable integration protection between two different mobile service providers i.e., inter-PLMN. [0003] For e.g., a person visiting India with a Subscriber Identity Module (SIM) issued in another country can access a mobile network in India, with roaming enabled, using the SEPP deployed at various geo-sites. Further, the SEPP implements transport layer security (TLS) for the service layer information exchanged between two different PLMNs. The TLS connection may be implemented on User Datagram Protocol (UDP) or Transmission Control Protocol (TCP). [0004] Further the commonly deployed architecture for ensuring high availability currently relies on a central database. The central database is configured to store data and delta data, i.e. any change/addition/deletion in original data stored may refer to as delta data. The drawback of having dependency on the central database is inefficiency since it increases the latency each time a node sends a request. Further, in a network implementing (SEPP) Security Edge Protection Proxy in the node may frequently send queries to the central database to get updated data, thus affecting the efficiency of the network and latency in the network. [0005] In addition to the above drawback, commonly used network architecture does not support GR (Geo Redundancy)/DR (Disaster Recovery) deployment of SEPP instances. Also, the existing architecture involves a cluster mode, where multiple SEPPs (e.g., active SEPP, Standby SEPP or the like) instances at each core site, and in the network, multiple core site exists for the DR/the GR. Also, the SEPPs are stateless as per defined by a 3rd Generation Partnership Project (3GPP) standard, but the current SEPPs are performing transformation or modification of the requests/responses received and storing them in a cache request/response attributes for e.g., fully qualified domain name (FQDN), internet protocol (IP), port, etc., of received requests/responses. These information needs to be in synchronous with all instances and also with DR/GR sites as well. [0006] In view of the above, there is a need for a system and method for enabling high availability of resource which overcomes at least the above indicated problems. SUMMARY OF THE INVENTION [0007] One or more embodiments of the present disclosure provide a system and a method for enabling high availability of resources in a communication network. [0008] In one aspect of the present invention, a method for enabling high availability of resources is disclosed. The method includes broadcasting, by one or more processor, a copy of cache to all Security Edge Protection Proxy (SEPP) embedded into an active node and a standby node, present in a network (e.g., communication network or the like). Further, the method includes generating, by the one or more processor, a delta data during an instance, upon receiving a request from another active node at one of: a foreign network and a DR/GR site via an inter-PLMN. The method includes storing, by the one or more processor, the delta data. The method includes sharing, by the one or more processor, the delta data, between all the active nodes and the standby node via a peer-to-peer technique facilitating zero data loss in the delta data. [0009] In another aspect of the present invention, a system for enabling high availability of resources is disclosed. The system includes an active node configured to host a Security Edge Protection Proxy (SEPP), and further comprise a High Availability State manager (HSM) bundled within the active node. A standby node is associated with the active node. A copy of cache is broadcasted to all the SEPP embedded into the active node and the standby node, present in a network. A delta data is generated during an instance, upon receiving a request from another active node via inter-PLMN. The delta data is stored in the active node. The delta data is configured to be shared between all the active nodes and the standby node via a peer- to-peer technique facilitating a zero data loss in the delta data. [0010] In an embodiment, the copy of cache includes configuration data, where the configuration data includes a handshake data configured to connect with the SEPP. [0011] In an embodiment, the HSM enables creating the copy of cache in a restarted node or the active node, upon detecting unavailab