Search

US-12627661-B2 - Enhanced NETCONF access control model (NACM) operations and granular controls for shared data node management

US12627661B2US 12627661 B2US12627661 B2US 12627661B2US-12627661-B2

Abstract

Systems and methods for handling and/or managing permissions data nodes across multiple NETCONF clients by generating or obtaining, by a NETCONF client, a first identifier, wherein the first identifier uniquely identifies the NETCONF client, establishing a first NETCONF session between a NETCONF server and the NETCONF client, wherein the NETCONF server comprises a first O-RU, wherein the NETCONF client comprises a first O-DU, delivering, from the NETCONF client to the NETCONF server, a first request during a NETCONF session handshake comprising the first identifier, delivering, from the NETCONF client to the NETCONF server, a first edit configuration request or payload, wherein the first edit configuration request or payload comprises the first identifier.

Inventors

  • Krishna Pramod ADHARAPURAPU
  • Nagendra Bykampadi

Assignees

  • RAKUTEN SYMPHONY, INC.

Dates

Publication Date
20260512
Application Date
20230328

Claims (20)

  1. 1 . A method comprising: generating or obtaining a first identifier, wherein the first identifier uniquely identifies a network configuration protocol (NETCONF) client; establishing a first NETCONF session between a NETCONF server and the NETCONF client; transmitting a first request to the NETCONF server, during a NETCONF session handshake, wherein the first request comprises the first identifier; and transmitting a first edit configuration communication to the NETCONF server, wherein the first edit configuration communication comprises the first identifier.
  2. 2 . The method of claim 1 , further comprising: creating one or more data nodes or data node instances in response to receiving the first edit configuration communication; and associating the one or more data nodes or data instances with the first identifier in response to receiving the first edit configuration communication.
  3. 3 . The method of claim 2 , wherein first identifier is stored outside of the one or more data nodes or data node instances.
  4. 4 . The method of claim 2 , further comprising: associating, with the first NETCONF session, the first identifier as metadata.
  5. 5 . The method of claim 1 , further comprising: updating one or more data nodes or data node instances in response to receiving the first edit configuration communication; and associating the one or more data nodes or data instances with the first identifier in response to receiving the first edit configuration communication.
  6. 6 . The method of claim 1 , further comprising: rejecting the first edit configuration communication in response to determining that the one or more data nodes or data instances is associated with a second identifier different from the first identifier.
  7. 7 . The method of claim 1 , further comprising: setting one or more peer permissions to access the first edit configuration communication.
  8. 8 . A system comprising: a non-transitory computer readable medium storing instructions thereon; and a processor connected to the non-transitory computer readable medium, wherein the instructions, when executed by the processor, cause the system to: generate or obtain a first identifier, wherein the first identifier uniquely identifies a network configuration protocol (NETCONF) client; establish a first NETCONF session between a NETCONF server and the NETCONF client; transmit, by a transmitter, a first request to the NETCONF server, during a NETCONF session handshake, wherein the first request comprises the first identifier; and transmit, by the transmitter, a first edit configuration communication to the NETCONF server, wherein the first edit configuration communication comprises the first identifier.
  9. 9 . The system of claim 8 , wherein the system is configured to: create one or more data nodes or data node instances in response to receiving the first edit configuration communication; and associate the one or more data nodes or data instances with the first identifier in response to receiving the first edit configuration communication.
  10. 10 . The system of claim 9 , wherein first identifier is stored outside of the one or more data nodes or data node instances.
  11. 11 . The system of claim 9 , wherein the instructions, when executed by the processor, further cause the system to: associate, with the first NETCONF session, the first identifier as metadata.
  12. 12 . The system of claim 8 , wherein the system is configured to: update one or more data nodes or data node instances in response to receiving the first edit configuration communication; and associate the one or more data nodes or data instances with the first identifier in response to receiving the first edit configuration communication.
  13. 13 . The system of claim 8 , wherein the instructions, when executed by the processor, further cause the system to: reject the first edit configuration communication in response to a determination that the one or more data nodes or data instances is associated with a second identifier different from the first identifier.
  14. 14 . The system of claim 8 , wherein the instructions, when executed by the processor, further cause the system to: set one or more peer permissions to access the first edit configuration communication.
  15. 15 . A non-transitory computer readable medium storing instructions that when executed cause one or more processors cause a system to: generate or obtaining a first identifier, wherein the first identifier uniquely identifies a network configuration protocol (NETCONF) client; establish a first NETCONF session between a NETCONF server and the NETCONF client; transmit, by a transmitter, a first request to the NETCONF server, during a NETCONF session handshake, wherein the first request comprises the first identifier; and transmit, by the transmitter, a first edit configuration communication to the NETCONF server, wherein the first edit configuration communication comprises the first identifier.
  16. 16 . The non-transitory computer readable medium of claim 15 , wherein the instructions when executed by the one or more processors cause the system to: create one or more data nodes or data node instances in response to receiving the first edit configuration communication; and associate the one or more data nodes or data instances with the first identifier in response to receiving the first edit configuration communication.
  17. 17 . The non-transitory computer readable medium of claim 16 , wherein first identifier is stored outside of the one or more data nodes or data node instances.
  18. 18 . The non-transitory computer readable medium of claim 16 , the instructions when executed by the one or more processors cause the system to: associate, with the first NETCONF session, the first identifier as metadata.
  19. 19 . The non-transitory computer readable medium of claim 15 , wherein the instructions when executed by the one or more processors cause the system to: update one or more data nodes or data node instances in response to receiving the first edit configuration communication; and associate the one or more data nodes or data instances with the first identifier in response to receiving the first edit configuration communication.
  20. 20 . The non-transitory computer readable medium of claim 15 , the instructions when executed by the one or more processors cause the system to: reject the first edit configuration communication in response to determining that the one or more data nodes or data instances is associated with a second identifier different from the first identifier.

Description

TECHNICAL FIELD This description relates to enhanced NETCONF access control model (NACM) operations relating to Open Radio Access Network (O-RAN) units and granular control for shared data node management. BACKGROUND Open Radio Access Network (O-RAN) is a technology that aims to create more open and interoperable cellular networks. O-RAN is an evolution of Radio Access Network (RAN) architecture. In some instances, O-RAN is controlled by a single operator. The O-RAN architecture uses a distributed system of intelligent software agents, known as “white boxes,” to control the network. This allows for greater scalability and the ability to use a variety of different hardware components from different vendors. O-RAN provides the ability to easily add new features and capabilities to the network by use of software-defined networking (SDN) and network functions virtualization (NFV) technologies. O-RAN also helps to reduce costs for operators by allowing for the use of cheaper and more efficient hardware components. This helps to lower costs, which are potentially a barrier to the deployment of cellular networks. Some elements of the O-RAN architecture include the Service Management and Orchestration Framework (SMO), RAN Intelligent Controller (RIC), O-Cloud, O-RAN central unit (O-CU or OCU), O-RAN distributed unit (O-DU or ODU), and O-RAN Radio unit (O-RU or ORU). A control plane (C-plane) is responsible for signaling and control operations in the network by communicating with other network elements to coordinate and control various functions, such as call setup, mobility management and network resource allocation. A user plane (U-plane) is responsible for delivering data and voice services to the end-users by transporting the actual user traffic between the radio access network and the core network. A management plane (M-plane) provides centralized management and monitoring of the network elements, as well as configuration and maintenance of the network. The M-plane is responsible for monitoring the health and performance of the network, collecting statistics, and managing software upgrades and other network changes. O-RAN provides a more secure network by separating the control plane and the data plane. This allows for greater flexibility in the deployment of security measures, such as firewalls, intrusion detection systems, and encryption. SUMMARY An aspect of this description relates to a system. The system includes a non-transitory computer readable medium configured to store instructions thereon. The system includes a processor connected to the non-transitory computer readable medium. The processor is configured to execute the instructions comprising generating or obtaining, by a NETCONF client, a first identifier, wherein the first identifier uniquely identifies the NETCONF client, establishing a first NETCONF session between a NETCONF server and the NETCONF client, wherein the NETCONF server comprises a first O-RU, wherein the NETCONF client comprises a first O-DU, delivering, from the NETCONF client to the NETCONF server, a first request during a NETCONF session handshake comprising the first identifier, delivering, from the NETCONF client to the NETCONF server, a first edit configuration request or payload, wherein the first edit configuration request or payload comprises the first identifier. An aspect of this description relates to a method. The method includes generating or obtaining, by a NETCONF client, a first identifier, wherein the first identifier uniquely identifies the NETCONF client, establishing a first NETCONF session between a NETCONF server and the NETCONF client, wherein the NETCONF server comprises a first O-RU, wherein the NETCONF client comprises a first O-DU, delivering, from the NETCONF client to the NETCONF server, a first request during a NETCONF session handshake comprising the first identifier, delivering, from the NETCONF client to the NETCONF server, a first edit configuration request or payload, wherein the first edit configuration request or payload comprises the first identifier. An aspect of this description relates to a non-transitory computer readable medium configured to store instructions. The instructions when executed cause a processor to execute the instructions comprising generating or obtaining, by a NETCONF client, a first identifier, wherein the first identifier uniquely identifies the NETCONF client, establishing a first NETCONF session between a NETCONF server and the NETCONF client, wherein the NETCONF server comprises a first O-RU, wherein the NETCONF client comprises a first O-DU, delivering, from the NETCONF client to the NETCONF server, a first request during a NETCONF session handshake comprising the first identifier, delivering, from the NETCONF client to the NETCONF server, a first edit configuration request or payload, wherein the first edit configuration request or payload comprises the first identifier. BRIEF DESCRIPTION OF THE DRAWINGS Aspects of