Design of a charging and accounting architecture for QoS-differentiated VPN services to mobile users q Thanasis G. Papaioannou * , George D. Stamoulis Department of Informatics, Athens University of Economics and Business (AUEB), 76 Patision Str., 10434 Athens, Greece Received 8 August 2003; accepted 8 August 2003 Abstract In the emerging context of mobile Internet, the importance of VPN services is rapidly increasing. Provision of such services was among the subjects of IST project INTERNODE. Besides the necessary technical means, charging and accounting also are key related issues, and constitute the subject of this paper. Only by dealing successfully with charging and accounting, VPN providers can recover their provision costs, increase their profits, and provide the right incentives to their users, thus leading to efficient operation of their network. In this paper, we first study the chargeable characteristics of QoS-differentiated VPN services offered to mobile users with respect to transport, security and mobility (both personal and terminal). Then, we define a complete charging scheme that is fair for the users and provides them with the incentives to use only the resources they really need. This scheme is based on the time – volume charging approach by Kelly; the adoption of this approach is justified in detail. We then show how the providers involved can share the total charge earned by each VPN service instance in a fair way, with each provider collecting the portion of charge that corresponds to the consumption of his own resources for the service. This is also a very important issue for the commercial viability of VPN services to mobile users, given that its provision spans multiple domains. Our approach also includes computation of an estimate of users’ expected charge prior to using the VPN service. Finally, we specify an appropriate charging and accounting architecture pertaining to the specified charging scheme for VPNs, to the mechanism for revenue sharing, and to the technical implementation of the VPN services studied. This architecture is compliant to the relevant standards, is applicable to the current and the future Internet, was fully implemented, and can serve as a basis for applying other charging schemes as well. Our work can also serve as a methodology for designing charging and accounting architectures for a variety of Internet services. q 2003 Elsevier B.V. All rights reserved. Keywords: Charging; Accounting architecture; VPN; Mobility and security; QoS-differentiated services 1. Introduction The globalization of commerce as well as the ease in human transportation has increased the mobility of professionals and tourists. Also, in recent years the use of mobile phones has grown tremendously. The increased terminal capabilities as well as the on-going development of SMS and WAP applications have started bringing mobile Internet into reality. In this new networking environment, mobile users need to retain seamless and secure connectivity while being in a visited domain, as if being at home. Also, mobile users should be able to form private working groups independently from their respective point of attachment to the Internet. These requirements are fulfilled by the provision of VPN services to mobile users. Furthermore, VPN services should be customized in order to satisfy certain user preferences regarding levels of security and quality of service (QoS). We use the term QoS-differen- tiated in order to imply that there are different possible QoS levels for traffic transport together with the possibility of Best Effort. On the other hand, VPN providers should account and charge for their services, in order to recover their provision costs, increase their profits (while being competitive), and provide the right incentives to their users, Computer Communications 27 (2004) 364–373 www.elsevier.com/locate/comcom 0140-3664/$ - see front matter q 2003 Elsevier B.V. All rights reserved. doi:10.1016/j.comcom.2003.08.009 q The present work has been carried out as a part of the IST project INTERNODE (IST-1999-20117) funded by the European Union, through a subcontract with INTRACOM S.A. q Copyright the INTERNODE consortium: BYTEL, EI-NETC, GMD, BALTIMORE, CR2, INTRACOM, UPC. A previous version of this work was presented in the workshop on Internet Charging and QoS Technologies, Zurich, Switzerland, October 16 – 17, 2002. * Corresponding author. Tel.: þ 30-210-820-3549; Fax: þ 30-210-820- 3686. E-mail addresses: pathan@aueb.gr (T.G. Papaioannou), gstamoul@ aueb.gr (G.D. Stamoulis).