idnits 2.17.1 draft-ietf-lmap-use-cases-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There is 1 instance of too long lines in the document, the longest one being 2 characters in excess of 72. ** There are 2 instances of lines with control characters in the document. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (April 2, 2014) is 3670 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 2 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 INTERNET-DRAFT Marc Linsner 3 Intended Status: Informational Cisco Systems 4 Expires: October 4, 2014 Philip Eardley 5 Trevor Burbridge 6 BT 7 Frode Sorensen 8 NPT 9 April 2, 2014 11 Large-Scale Broadband Measurement Use Cases 12 draft-ietf-lmap-use-cases-03 14 Abstract 16 Measuring broadband performance on a large scale is important for 17 network diagnostics by providers and users, as well as for public 18 policy. Understanding the various scenarios and users of measuring 19 broadband performance is essential to development of the framework, 20 information model and protocol. This document details two use cases 21 that can assist to developing that framework. The details of the 22 measurement metrics themselves are beyond the scope of this document. 24 Status of this Memo 26 This Internet-Draft is submitted to IETF in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF), its areas, and its working groups. Note that 31 other groups may also distribute working documents as 32 Internet-Drafts. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 The list of current Internet-Drafts can be accessed at 40 http://www.ietf.org/1id-abstracts.html 42 The list of Internet-Draft Shadow Directories can be accessed at 43 http://www.ietf.org/shadow.html 45 Copyright and License Notice 47 Copyright (c) 2014 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents 52 (http://trustee.ietf.org/license-info) in effect on the date of 53 publication of this document. Please review these documents 54 carefully, as they describe your rights and restrictions with respect 55 to this document. Code Components extracted from this document must 56 include Simplified BSD License text as described in Section 4.e of 57 the Trust Legal Provisions and are provided without warranty as 58 described in the Simplified BSD License. 60 Table of Contents 62 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 63 2 Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 64 2.1 Internet Service Provider (ISP) Use Case . . . . . . . . . . 3 65 2.2 Regulators . . . . . . . . . . . . . . . . . . . . . . . . . 4 66 2.3 Implementation options . . . . . . . . . . . . . . . . . . . 5 67 3 Details of ISP Use Case . . . . . . . . . . . . . . . . . . . . 6 68 3.1 Understanding the quality experienced by customers . . . . . 6 69 3.2 Understanding the impact and operation of new devices and 70 technology . . . . . . . . . . . . . . . . . . . . . . . . . 7 71 3.3 Design and planning . . . . . . . . . . . . . . . . . . . . 7 72 3.4 Monitoring Service Level Agreements . . . . . . . . . . . . 8 73 3.5 Identifying, isolating and fixing network problems . . . . . 8 74 4 Details of Regulator Use Case . . . . . . . . . . . . . . . . . 9 75 4.1 Promoting competition through transparency . . . . . . . . . 9 76 4.2 Promoting broadband deployment . . . . . . . . . . . . . . . 10 77 4.3 Monitoring "net neutrality" . . . . . . . . . . . . . . . . 11 78 5 Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . 12 79 6 Security Considerations . . . . . . . . . . . . . . . . . . . . 13 80 7 IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 14 81 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 82 Informative References . . . . . . . . . . . . . . . . . . . . . . 14 83 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 16 85 1 Introduction 87 This document describes two use cases for the Large-scale Measurement 88 of Broadband Performance (LMAP), in particular use cases for ISPs and 89 regulators. Although there are many other use cases for large-scale 90 measurements systems, the two described here are the consensus 91 starting point for defining the system. 93 2 Use Cases 95 From the LMAP perspective, there is no difference between fixed 96 service and mobile (cellular) service used for Internet access. 97 Hence, like measurements will take place on both fixed and mobile 98 networks. Fixed services, commonly known as "Last Mile" include 99 technologies like DSL, Cable, and Carrier Ethernet. Mobile services 100 include all those advertised as 2G, 3G, 4G, and LTE. A metric 101 defined to measure end-to-end services will execute similarly on all 102 access technologies. Other metrics may be access technology specific. 103 The LMAP architecture also covers both IPv4 and IPv6 networks. 105 2.1 Internet Service Provider (ISP) Use Case 107 An ISP, or indeed another network operator, needs to understand the 108 performance of their networks, the performance of the suppliers 109 (downstream and upstream networks), the performance of services, and 110 the impact that such performance has on the experience of their 111 customers. Largely, the processes that ISPs operate (which are based 112 on network measurement) include: 114 o Identifying, isolating and fixing problems in the network, 115 services or with CPE and end user equipment. Such problems may be 116 common to a point in the network topology (e.g. a single 117 exchange), common to a vendor or equipment type (e.g. line card or 118 home gateway) or unique to a single user line (e.g. copper 119 access). Part of this process may also be helping users understand 120 whether the problem exists in their home network or with an over- 121 the-top service instead of with their broadband (BB) product. 123 o Design and planning. Through identifying the end user experience 124 the ISP can design and plan their network to ensure specified 125 levels of user experience. Services may be moved closer to end 126 users, services upgraded, the impact of QoS assessed or more 127 capacity deployed at certain locations. Service Level Agreements 128 (SLAs) may be defined at network or product boundaries. 130 o Understanding the quality experienced by customers. Alongside 131 benchmarking competitors, gaining better insight into the user's 132 service through a sample panel of the operator's own customers. 134 The end-to-end perspective matters, across home/enterprise 135 networks, peering points, Content Delivery Networks (CDNs), etc. 137 o Understanding the impact and operation of new devices and 138 technology. As a new product is deployed, or a new technology 139 introduced into the network, it is essential that its operation 140 and impact on other services is measured. This also helps to 141 quantify the advantage that the new technology is bringing and 142 support the business case for larger roll-out. 144 2.2 Regulators 146 Regulators in jurisdictions around the world are responding to 147 consumers' adoption of Internet access services for traditional 148 telecommunications and media services by promoting competition among 149 providers of electronic communications, to ensure that users derive 150 maximum benefit in terms of choice, price, and quality. 152 Some jurisdictions have responded to a need for greater information 153 about Internet access service performance in the development of 154 regulatory policies and approaches for broadband technologies by 155 developing large-scale measurement programs. Programs such as the 156 U.S. Federal Communications Commission's (FCC) Measuring Broadband 157 America (MBA), European Commission's Quality of Broadband Services in 158 the EU reports and a growing list of other programs employ a diverse 159 set of operational and technical approaches to gathering data to 160 perform analysis and reporting on diverse aspects of broadband 161 performance. 163 While each jurisdiction responds to distinct consumer, industry, and 164 regulatory concerns, much commonality exists in the need to produce 165 datasets that are able to compare multiple Internet access service 166 providers, diverse technical solutions, geographic and regional 167 distributions, and marketed and provisioned levels and combinations 168 of broadband Internet access services. In some jurisdictions, the 169 role of measuring is provided by a measurement provider. 171 Measurement providers measure network performance from users towards 172 multiple content and application providers, including dedicated test 173 measurement servers, to show a performance of the actual Internet 174 access service provided by different ISPs. Users need to know the 175 performance that they are achieving from their own ISP. In addition, 176 they need to know the performance of other ISPs of same location as 177 background information for selecting their ISP. Measurement providers 178 will provide measurement results with associated measurement methods 179 and measurement metrics. 181 From a consumer perspective, the differentiation between fixed and 182 mobile (cellular) Internet access services is blurring as the 183 applications used are very similar. Hence, regulators are measuring 184 both fixed and mobile Internet access services. 186 A regulator's role in the development and enforcement of broadband 187 Internet access service policies also requires that the measurement 188 approaches meet a high level of verifiability, accuracy and provider- 189 independence to support valid and meaningful comparisons of Internet 190 access service performance 192 LMAP standards could answer regulators shared needs by providing 193 scalable, cost-effective, scientifically robust solutions to the 194 measurement and collection of broadband Internet access service 195 performance information. 197 2.3 Implementation options 199 There are several ways of implementing a measurement system. The 200 choice may be influenced by the details of the particular use case 201 and what the most important criteria are for the regulator, ISP or 202 third party operating the measurement system. 204 One way involves a special hardware device that is connected directly 205 to the home gateway. The devices are deployed to a carefully selected 206 panel of end users and they perform measurements according to a 207 defined schedule. The schedule can run throughout the day, to allow 208 continuous assessment of the network. Careful design ensures that 209 measurements do not detrimentally impact the home user experience or 210 corrupt the results by testing when the user is also using the 211 broadband line. The system is therefore tightly controlled by the 212 operator of the measurement system. One advantage of this approach is 213 that it is possible to get reliable benchmarks for the performance of 214 a network with only a few devices. One disadvantage is that it would 215 be expensive to deploy hardware devices on a mass scale sufficient to 216 understand the performance of the network at the granularity of a 217 single broadband user. 219 Another approach involves implementing the measurement capability as 220 a webpage or an "app" that end users are encouraged to download onto 221 their mobile phone or computing device. Measurements are triggered by 222 the end user, for example the user interface may have a button to 223 "test my broadband now". Compared with the previous approach, the 224 system is much more loosely controlled, as the panel of end users and 225 the schedule of tests are determined by the end users themselves 226 rather than the measurement system. It would be easier to get large- 227 scale, however it is harder to get comparable benchmarks as the 228 measurements are affected by the home network and also the population 229 is self-selecting and so potentially biased towards those who think 230 they have a problem. This could be alleviated by stimulating 231 widespread downloading of the app and careful post-processing of the 232 results to reduce biases. 234 There are several other possibilities. For example, as a variant on 235 the first approach, the measurement capability could be implemented 236 as software embedded in the home gateway, which would make it more 237 viable to have the capability on every user line. As a variant on the 238 second approach, the end user could initiate measurements in response 239 to a request from the measurement system. 241 3 Details of ISP Use Case 243 3.1 Understanding the quality experienced by customers 245 Operators want to understand the quality of experience (QoE) of their 246 broadband customers. The understanding can be gained through a 247 "panel", i.e., a measurement probe is deployed to a few 100 or 1000 248 of its customers. The panel needs to include a representative sample 249 for each of the operator's technologies (Fiber To The Premise (FTTP), 250 Fiber To The Curb (FTTC), DSL...) and broadband options (80Mb/s, 251 20Mb/s, basic...), ~100 probes for each. The operator would like the 252 end-to-end view of the service, rather than (say) just the access 253 portion. So as well as simple network statistics like speed and loss 254 rates they want to understand what the service feels like to the 255 customer. This involves relating the pure network parameters to 256 something like a 'mean opinion score' which will be service dependent 257 (for instance web browsing QoE is largely determined by latency above 258 a few Mb/s). 260 An operator will also want compound metrics such as "reliability", 261 which might involve packet loss, DNS failures, re-training of the 262 line, video streaming under-runs etc. 264 The operator really wants to understand the end-to-end service 265 experience. However, the home network (Ethernet, WiFi, powerline) is 266 highly variable and outside its control. To date, operators (and 267 regulators) have instead measured performance from the home gateway. 268 However, mobile operators clearly must include the wireless link in 269 the measurement. 271 Active measurements are the most obvious approach, i.e., special 272 measurement traffic is sent by - and to - the probe. In order not to 273 degrade the service of the customer, the measurement data should only 274 be sent when the user is silent, and it shouldn't reduce the 275 customer's data allowance. The other approach is passive measurements 276 on the customer's ordinary traffic; the advantage is that it measures 277 what the customer actually does, but it creates extra variability 278 (different traffic mixes give different results) and especially it 279 raises privacy concerns. 281 From an operator's viewpoint, understanding customers better enables 282 it to offer better services. Also, simple metrics can be more easily 283 understood by senior managers who make investment decisions and by 284 sales and marketing. 286 3.2 Understanding the impact and operation of new devices and technology 288 Another type of measurement is to test new capabilities and services 289 before they are rolled out. For example, the operator may want to: 290 check whether a customer can be upgraded to a new broadband option; 291 understand the impact of IPv6 before it makes it available to its 292 customers (will v6 packets get through, what will the latency be to 293 major websites, what transition mechanisms will be most 294 appropriate?); check whether a new capability can be signaled using 295 TCP options (how often it will be blocked by a middlebox? - along the 296 lines of some existing experiments) [Extend TCP]; investigate a 297 quality of service mechanism (e.g. checking whether Diffserv markings 298 are respected on some path); and so on. 300 3.3 Design and planning 302 Operators can use large scale measurements to help with their network 303 planning - proactive activities to improve the network. 305 For example, by probing from several different vantage points the 306 operator can see that a particular group of customers has performance 307 below that expected during peak hours, which should help capacity 308 planning. Naturally operators already have tools to help this - a 309 network element reports its individual utilization (and perhaps other 310 parameters). However, making measurements across a path rather than 311 at a point may make it easier to understand the network. There may 312 also be parameters like bufferbloat that aren't currently reported by 313 equipment and/or that are intrinsically path metrics. 315 With information gained from measurement results, capacity planning 316 and network design can be more effective. Such planning typically 317 uses simulations to emulate the measured performance of the current 318 network and understand the likely impact of new capacity and 319 potential changes to the topology. Simulations - informed by data 320 from a limited panel of probes - can help quantify the advantage that 321 a new technology brings and support the business case for larger 322 roll-out. 324 It may also be possible to use probes to run stress tests for risk 325 analysis. For example, an operator could run a carefully controlled 326 and limited experiment in which probing is used to assess the 327 potential impact if some new application becomes popular. 329 3.4 Monitoring Service Level Agreements 331 Another example is that the operator may want to monitor performance 332 where there is a service level agreement. This could be with its own 333 customers, especially enterprises may have an SLA. The operator can 334 proactively spot when the service is degrading near to the SLA limit, 335 and get information that will enable more informed conversations with 336 the customer at contract renewal. 338 An operator may also want to monitor the performance of its 339 suppliers, to check whether they meet their SLA or to compare two 340 suppliers if it is dual-sourcing. This could include its transit 341 operator, CDNs, peering, video source, local network provider (for a 342 global operator in countries where it doesn't have its own network), 343 even the whole network for a virtual operator. 345 Through a better understanding of its own network and its suppliers, 346 the operator should be able to focus investment more effectively - in 347 the right place at the right time with the right technology. 349 3.5 Identifying, isolating and fixing network problems 351 Operators can use large scale measurements to help identify a fault 352 more rapidly and decide how to solve it. 354 Operators already have Test and Diagnostic tools, where a network 355 element reports some problem or failure to a management system. 356 However, many issues are not caused by a point failure but something 357 wider and so will trigger too many alarms, whilst other issues will 358 cause degradation rather than failure and so not trigger any alarm. 359 Large scale measurements can help provide a more nuance view that 360 helps network management to identify and fix problems more rapidly 361 and accurately. The network management tools may use simulations to 362 emulate the network and so help identify a fault and assess possible 363 solutions. 365 One example was described in [IETF85-Plenary]. The operator was 366 running a measurement panel for reasons discussed in sub use case #1. 367 It was noticed that the performance of some lines had unexpectedly 368 degraded. This led to a detailed (off-line) investigation which 369 discovered that a particular home gateway upgrade had caused a 370 (mistaken!) drop in line rate. 372 Another example is that occasionally some internal network management 373 event (like re-routing) can be customer-affecting (of course this is 374 unusual). This affects a whole group of customers, for instance those 375 on the same DSLAM. Understanding this will help an operator fix the 376 fault more rapidly and/or allow the affected customers to be informed 377 what's happening and/or request them to re-set their home hub 378 (required to cure some conditions). More accurate information enables 379 the operator to reassure customers and take more rapid and effective 380 action to cure the problem. 382 There may also be problems unique to a single user line (e.g. copper 383 access) that need to be identified. 385 Often customers experience poor broadband due to problems in the home 386 network - the ISP's network is fine. For example they may have moved 387 too far away from their wireless access point. Perhaps 80% of 388 customer calls about fixed BB problems are due to in-home wireless 389 issues. These issues are expensive and frustrating for an operator, 390 as they are extremely hard to diagnose and solve. The operator would 391 like to narrow down whether the problem is in the home (with the home 392 network or edge device or home gateway), in the operator's network, 393 or with an over-the-top service. The operator would like two 394 capabilities. Firstly, self-help tools that customers use to improve 395 their own service or understand its performance better, for example 396 to re-position their devices for better WiFi coverage. Secondly, on- 397 demand tests that can the operator can run instantly - so the call 398 center person answering the phone (or e-chat) could trigger a test 399 and get the result whilst the customer is still in an on-line 400 session. 402 4 Details of Regulator Use Case 404 4.1 Promoting competition through transparency 406 Competition plays a vital role in regulation of the electronic 407 communications markets. For competition to successfully discipline 408 operators' behavior in the interests of their customers, end users 409 must be fully aware of the characteristics of the ISPs' access 410 offers. In some jurisdictions regulators mandate transparent 411 information made available about service offers. 413 End users need effective transparency to be able to make informed 414 choices throughout the different stages of their relationship with 415 ISPs, when selecting Internet access service offers, and when 416 considering switching service offer within an ISP or to an 417 alternative ISP. Quality information about service offers could 418 include speed, delay, and jitter. Regulators can publish such 419 information to facilitate end users' choice of service provider and 420 offer. It may also help content, application, service and device 421 providers develop their Internet offerings. 423 The published information needs to be: 425 o Accurate - the measurement results must be correct and not 426 influenced by errors or side effects. The results should be 427 reproducible and consistent over time. 429 o Comparable - common metrics should be used across different 430 ISPs and service offerings so that measurement results can be 431 compared. 433 o Meaningful - the metrics used for measurements need to reflect 434 what end users value about their broadband Internet access service 436 o Reliable - the number and distribution of measurement agents, 437 and the statistical processing of the raw measurement raw data, 438 needs to be appropriate 440 A set of measurement parameters and associated measurement methods 441 are used over time, e.g. speed, delay, and jitter. Then the 442 measurement raw data are collected and go through statistical post- 443 processing before the results can be published in an Internet access 444 service quality index to facilitate end users' choice of service 445 provider and offer. 447 The regulator can also promote competition through transparency by 448 encouraging end users to monitor the performance of their own 449 broadband Internet access service. They might use this information to 450 check that the performance meets that specified in their contract or 451 to understand whether their current subscription is the most 452 appropriate. 454 4.2 Promoting broadband deployment 456 Governments sometimes set strategic goals for high-speed broadband 457 penetration as an important component of the economic, cultural and 458 social development of the society. To evaluate the effect of the 459 stimulated growth over time, broadband Internet access take-up and 460 penetration of high-speed access can be monitored through measurement 461 campaigns. 463 An example of such an initiative is the "Digital Agenda for Europe" 464 which was adopted in 2010, to achieve universal broadband access. The 465 goal is to achieve by 2020, access for all Europeans to Internet 466 access speeds of 30 Mbps or above, and 50% or more of European 467 households subscribing to Internet connections above 100 Mbps. 469 To monitor actual broadband Internet access performance in a specific 470 country or a region, extensive measurement campaigns are needed. A 471 panel can be built based on operators and packages in the market, 472 spread over urban, suburban and rural areas. Probes can then be 473 distributed to the participants of the campaign. 475 Periodic tests running on the probes can for example measure actual 476 speed at peak and off-peak hours, but also other detailed quality 477 metrics like delay and jitter. Collected data goes afterwards through 478 statistical analysis, deriving estimates for the whole population 479 which can then be presented and published regularly. 481 Using a harmonized or standardized measurement methodology, or even a 482 common quality measurement platform, measurement results could also 483 be used for benchmarking of providers and/or countries. 485 4.3 Monitoring "net neutrality" 487 Regulatory approaches related to net neutrality and the open Internet 488 has been introduced in some jurisdictions. Examples of such efforts 489 are the Internet policy as outlined by the Body of European 490 Regulators for Electronic Communications Guidelines for quality of 491 service [BEREC Guidelines] and US FCC Preserving the Open Internet 492 Report and Order [FCC R&O]. Although legal challenges can change the 493 status of policy such as the court action negating the FCC R&O, the 494 take away for LMAP purposes are that policy-makers are looking for 495 measurement solutions to assist them in discovering biased treatment 496 of traffic flows. The exact definitions and requirements vary from 497 one jurisdiction to another; the comments below provide some hints 498 about the potential role of measurements. 500 Net neutrality regulations do not necessarily require every packet to 501 be treated equally. Typically they allow "reasonable" traffic 502 management (for example if there is exceptional congestion) and allow 503 "specialized services" in parallel to, but separate from, ordinary 504 Internet access (for example for facilities-based IPTV). A regulator 505 may want to monitor such practices as input to the regulatory 506 evaluation. However, these concepts are evolving and differ across 507 jurisdictions, so measurement results should be assessed with 508 caution. 510 A regulator could monitor departures from application agnosticism 511 such as blocking or throttling of traffic from specific applications, 512 and preferential treatment of specific applications. A measurement 513 system could send, or passively monitor, application-specific traffic 514 and then measure in detail the transfer of the different packets. 515 Whilst it is relatively easy to measure port blocking, it is a 516 research topic how to detect other types of differentiated treatment. 517 The paper, "Glasnost: Enabling End Users to Detect Traffic 518 Differentiation" [M-Labs NSDI 2010] and follow-on tool "Glasnost" 520 [Glasnost] are examples of work in this area. 522 A regulator could also monitor the performance of the broadband 523 service over time, to try and detect if the specialized service is 524 provided at the expense of the Internet access service. Comparison 525 between ISPs or between different countries may also be relevant for 526 this kind of evaluation. 528 5 Conclusions 530 Large-scale measurements of broadband performance are useful for both 531 network operators and regulators. Network operators would like to use 532 measurements to help them better understand the quality experienced 533 by their customers, identify problems in the network and design 534 network improvements. Regulators would like to use measurements to 535 help promote competition between network operators, stimulate the 536 growth of broadband access and monitor 'net neutrality'. There are 537 other use cases that are not the focus of the initial LMAP charter 538 (although it is expected that the mechanisms developed would be 539 readily applied), for example end users would like to use 540 measurements to help identify problems in their home network and to 541 monitor the performance of their broadband provider. 543 From consideration of the various use cases, several common themes 544 emerge whilst there are also some detailed differences. These 545 characteristics guide the development of LMAP's framework, 546 information model and protocol. 548 A measurement capability is needed across a wide number of 549 heterogeneous environments. Tests may be needed in the home network, 550 in the ISP's network or beyond; they may be measuring a fixed or 551 wireless network; they may measure just the access network or across 552 several networks; at least some of which are not operated by the 553 measurement provider. 555 There is a role for both standardized and non-standardized 556 measurements. For example, a regulator would like to publish 557 standardized performance metrics for all network operators, whilst an 558 ISP may need their own tests to understand some feature special to 559 their network. Most use cases need active measurements, which create 560 and measure specific test traffic, but some need passive measurements 561 of the end user's traffic. 563 Regardless of the tests being operated, there needs to be a way to 564 demand or schedule the tests. Most use cases need a regular schedule 565 of measurements, but sometimes ad hoc testing is needed, for example 566 for troubleshooting. It needs to be ensured that measurements do not 567 affect the user experience and are not affected by user traffic 568 (unless desired). In addition there needs to be a common way to 569 collect the results. Standardization of this control and reporting 570 functionality allows the operator of a measurement system to buy the 571 various components from different vendors. 573 After the measurement results are collected, they need to be 574 understood and analyzed. Often it is sufficient to measure only a 575 small subset of end users, but per-line fault diagnosis requires the 576 ability to test every individual line. Analysis requires accurate 577 definition and understanding of where the test points are, as well as 578 contextual information about the topology, line, product and the 579 subscriber's contract. The actual analysis of results is beyond the 580 scope of LMAP, as is the key challenge of how to integrate the 581 measurement system into a network operator's existing tools for 582 diagnostics and network planning. 584 Finally the test data, along with any associated network, product or 585 subscriber contract data is commercial or private information and 586 needs to be protected. 588 6 Security Considerations 590 This informational document provides an overview of the use cases for 591 LMAP and so does not, in itself, raise any security issues. 593 The framework document [framework] discusses the potential security, 594 privacy (data protection) and business sensitivity issues that LMAP 595 raises. The main threats are: 597 1. a malicious party that gains control of Measurement Agents to 598 launch DoS attacks at a target, or to alter (perhaps subtly) 599 Measurement Tasks in order to compromise the end user's privacy, 600 the business confidentiality of the network, or the accuracy of 601 the measurement system. 603 2. a malicious party that intercepts or corrupts the Measurement 604 Results &/or other information about the Subscriber, for similar 605 nefarious purposes. 607 3. a malicious party that uses fingerprinting techniques to 608 identify individual end users, even from anonymized data 610 4. a measurement system that does not obtain the end user's 611 informed consent, or fails to specify a specific purpose in the 612 consent, or uses the collected information for secondary uses 613 beyond those specified. 615 5. a measurement system that is vague about who is responsible for 616 privacy (data protection); this role is often termed the "data 617 controller". 619 The [framework] also considers some potential mitigations of these 620 issues. They will need to be considered by an LMAP protocol and more 621 generally by any measurement system. 623 7 IANA Considerations 625 None 627 Contributors 629 The information in this document is partially derived from text 630 written by the following contributors: 632 James Miller jamesmilleresquire@gmail.com 634 Rachel Huang rachel.huang@huawei.com 636 Informative References 638 [IETF85-Plenary] Crawford, S., "Large-Scale Active Measurement of 639 Broadband Networks", 640 http://www.ietf.org/proceedings/85/slides/slides-85-iesg- 641 opsandtech-7.pdf 'example' from slide 18 643 [Extend TCP] Michio Honda, Yoshifumi Nishida, Costin Raiciu, Adam 644 Greenhalgh, Mark Handley and Hideyuki Tokuda. "Is it Still 645 Possible to Extend TCP?" Proc. ACM Internet Measurement 646 Conference (IMC), November 2011, Berlin, Germany. 647 http://www.ietf.org/proceedings/82/slides/IRTF-1.pdf 649 [framework] Eardley, P., Morton, A., Bagnulo, M., Burbridge, T., 650 Aitken, P., Akhter, A. "A framework for large-scale 651 measurement platforms (LMAP)", 652 http://datatracker.ietf.org/doc/draft-ietf-lmap-framework/ 654 [FCC R&O] United States Federal Communications Commission, 10-201, 655 "Preserving the Open Internet, Broadband Industries 656 Practices, Report and Order", 657 http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-10- 658 201A1.pdf 660 [BEREC Guidelines] Body of European Regulators for Electronic 661 Communications, "BEREC Guidelines for quality of service 662 in the scope of net neutrality", 663 http://berec.europa.eu/eng/document_register/ 664 subject_matter/berec/download/0/1101-berec-guidelines-for- 665 quality-of-service-_0.pdf 667 [M-Labs NSDI 2010] M-Lab, "Glasnost: Enabling End Users to Detect 668 Traffic Differentiation", 669 http://www.measurementlab.net/download/AMIfv945ljiJXzG- 670 fgUrZSTu2hs1xRl5Oh-rpGQMWL305BNQh- 671 BSq5oBoYU4a7zqXOvrztpJhK9gwk5unOe-fOzj4X-vOQz_HRrnYU- 672 aFd0rv332RDReRfOYkJuagysstN3GZ__lQHTS8_UHJTWkrwyqIUjffVeDxQ/ 674 [Glasnost] M-Lab tool "Glasnost", http://mlab-live.appspot.com/tools/ 675 glasnost 677 Authors' Addresses 679 Marc Linsner 680 Cisco Systems, Inc. 681 Marco Island, FL 682 USA 684 EMail: mlinsner@cisco.com 686 Philip Eardley 687 BT 688 B54 Room 77, Adastral Park, Martlesham 689 Ipswich, IP5 3RE 690 UK 692 Email: philip.eardley@bt.com 694 Trevor Burbridge 695 BT 696 B54 Room 77, Adastral Park, Martlesham 697 Ipswich, IP5 3RE 698 UK 700 Email: trevor.burbridge@bt.com 702 Frode Sorensen 703 Norwegian Post and Telecommunications Authority (NPT) 704 Lillesand 705 Norway 707 Email: frode.sorensen@npt.no