doc

Manage your eBusiness !

Trustix is a leading provider of Internet infrastructure software and services, providing next generation solutions for software and contents provisioning and systems administration

TrIPTM

Trustix Internet resource Provisioning

TRUSTIX TECHNOLOGY WHITE PAPER

TrIP August 2001

Brief Note on TrademarksTrustix is marketing products and solutions under the following trademarks of the company: TrustixTM, XPloyTM, XSentryTM, TrIPTM and Manage your eBusiness!TM.

All other brands or product names are trademarks or registered trademarks and property of their respective holders. Linux is a registered trademark of Linus Torvalds.

Trustix Company BackgroundTrustix is a leading provider of Internet infrastructure software and services, providing next generation solutions for software and contents provisioning and systems administration.

Trustix AS is a limited liability privately held company incorporated in Trondheim, Norway (Scandinavia). The company was founded in late 1997 by experienced entrepreneurs from Scandiavia and USA. Trustix has offices in Europe, USA and Asia.

Software and Contents Provisioning and ManagementA new generation of computing systems will be connected to the Internet over the coming years. Such emerging computing devices and embedded computing systems will soon outnumber traditional PCs, and they will be connected to the Internet all the time (24/365).

The race of increasing processor speed and memory capacity at lower power consumption will continue. Many of the services that are currently implemented on stationary systems, like servers, workstations and PCs, will within a year or two be found on handheld PDAs – and this new generation of mobile devices will all be connected to the Internet all the time (24/365). Many of the traditional electronic devices, such as videocameras, walkmans and even various electronic household appliances will in the near future be equipped with OS-based embedded computing systems. Many of these devices will as well be connected to the Internet all the time (24/365).

All these emerging computing devices and embedded computing systems have one thing in common: the conventional way of software and contents provisioning and management (initial installation, updating and management) using stationary systems, physical cables and intermediate storage media (such as CD-ROMs, cartridges, etc) will soon be obsolete. In other words, the conventional way of software and contents provisioning and management has been one depending on close physical proximity. In the extended Internet, where emerging computing devices and embedded systems will soon outnumber traditional computing systems, this will no longer be a viable way of software and contents provisioning and management.

Trustix Technology White Paper Copyright 2001 Trustix AS of 15

TrIP August 2001

The future of software and contents provisioning and management lies in technologies that use the Internet (or IP networks) as a delivery platform for both software and contents provisioning and management.

TrIP is a new technology that enables secure, remote, automated and highly scalable provisioning and management of software and contents across the Internet (IP networks). This new technology will also deliver the level of convenience and functionality that we believe customers will expect (and demand) from the next generation emerging computing devices and embedded computing systems.

Ideally, open standards will be established for the management and provisioning of software and contents, enabling interoperability and open competition between various industry players. Trustix is providing a complete solution for both provisioning and management of software and contents, because Trustix believes that device manufacturers, service providers and other industry players will want one complete solution for both provisioning and management of software and contents.


Internet

Wireless / Wireline

Trustix Service Infrastructure

Trustix XPloy and TrIP

Software and ContentsPackages

TrIP August 2001

Introduction to TrIPSolutions for remote software and contents provisioning and management across IP networks should satisfy some key requirements. These are shown on the left hand side in the table below, while Trustix' solutions are shown in the right hand side of the table.

REQUIREMENTS TRUSTIX SOLUTION

New solutions must protect the copyrights of holders (i.e., they must enable 3rd party companies developing software and contents to extract economic value when using the new infrastructure solutions).

The Trustix software provisioning solution uses strong encryption technology to protect 3rd party software and contents. The Trustix solution uses advanced proprietary licensing technology, protecting 3rd party software and contents against unauthorized distribution.

New solutions must be secure.

The Trustix solution includes essential security features such as secure transportation, user authentication and source verification of software and contents.

New solutions must work for any number and kind of computing systems (i.e., they must scale).

The Trustix solution scales from one to millions (unlimited number) of computing devices. The Trustix solution also works for all kinds of computing systems, from mainframes to small handheld computing devices.

New solutions must work anywhere and anytime.

The Trustix solution enables software and contents delivery and management with intervals from milliseconds to days, weeks or years. Trustix’ solution will deliver to and manage any computing system connected to an IP network.

New solutions must be failsafe and automated.The Trustix solution resolves dependencies and thus ensure failsafe and automated delivery, installation and management of software and contents.

New solutions must facilitate secure and remote management.

The Trustix solution enables secure and remote management from one (or several) point(s).

New solutions must facilitate rapid expansion of network management functionality.

The Trustix solution enables Trustix or 3rd parties to use the SDK/API to rapidly develop new management function modules that will meet specific needs for system administration (change configuration, etc.) for an application.

New solutions must be dynamically extended in real time, without any need for restarting computing systems affected by the extension.

Trustix’ solutions can be dynamically extended by adding new functionality modules in real time, without any need for restarting affected computing systems.

New solutions must integrate well with other solutions.

The Trustix solution offers a rich SDK/API for integration and customization.

New solutions must allow for rapid deployment. The Trustix solution can be rapidly deployed.

New solutions must allow for flexible pricing models.

The Trustix solution offers great flexibility of pricing of Trustix’ and 3rd party software and contents.

TrIP can be used as a stand-alone technology and solution, or it can be applied in integration with Trustix XPloy – the award winning systems management solution.


TrIP August 2001

TrIP - Trustix Internet resource Provisioning TrIP is a solution for seamless and secure software and contents distribution and maintenance over the Internet. TrIP automates every step from software licensing and software distribution to secure transport, verification, resolving software dependencies, installation and upgrades. TrIP is taking care of service providers’ or ISVs’ interests in protecting their license rights and copyright. It supports models both for license sales and subscription. At the same time TrIP is a solution for low cost, scalable and automatic software distribution. TrIP is taking care of the end users’ interests by keeping all user-, appliance- and network-information secret to the supplier. All communication are on secured links and the software is verified against trusted signatures. Package dependencies are checked and resolved. TrIP can implement both push and pull of software and contents.

TrIP Architecture Overview


WirelessWireline

Internet

TrIPServer

TrIPServer

TrIPAdministrationTool

TrIPAdministrationTool

TrIP August 2001

Key Features of TrIP

Scalability

With a rapidly increasing mumber of remote (mobile or embedded) devices in use and connected to the Internet, the cost of software and contents provisioning and management will increase dramatically. The TrIP solution:

Any number of computing devices connected to the Internet (or IP networks) can be accessed using TrIP.

TrIP enables both push (broadcast) and pull software and contents provisioning.

Security

With an incrasing number of remote (mobile or embedded) devices the risk exposure will increase dramatically. The TrIP solution:

With TrIP, all information and software to be provisioned is protected by digital signatures.

TrIP resolves all dependencies and conflicts before downloading software components or packages. Additional required packages are automatically fetched and installed or upgraded.

Modularity / openness

Hyper Distribution: package information, software packages and signatures can freely be stored at different locations

Multiple preferred sites and mirrors can be specified. TrIP will only use information for a package retrieved from the highest priority sites if multiple information is found for the package.

Packages or software components information can be represented on any standard TrIP can be defined to operate in push- as well as pull mode X-platform and generic structure: TrIP is independent of underlying package

system

At functional level the key features of TrIP are:

TrIP can be defined to operate in push- as well as pull mode Initial installation Remote software and content updating Remote administration and management (systems administration and change

configuration, security management, contents management)


TrIP August 2001

TrIP System Layers

TrIP Application LayerThe TrIP Application Layer defines the overlying protocol at functional level, with respect to such as initiator, respondent, push, pull etc.

TrIP Instruction LayerThe TrIP Instruction Layer defines the instruction set used to operate the software and content provisioning, such as file transfer, package transfer, write to flash, execure, break, modify, etc.

TrIP Security and Dependency Resolvment LayerThe TrIP Security and Dependency Resolvment Layer defines the methods used to resolve software dependencies as well as the methods used to authenticate users, provide secure transportation, etc.

TrIP File and SW Package Transfer LayerLowest level binary data transfer algorithms and data link. The TrIP File and SW Package Transfer agent will to some extent have to understand parts of the underlying hw plattform architecture.

TrIP OS API LayerThe purpose of the TrIP OS API Layer is to abstract away the platform operating system from the rest of the TrIP Layers.


05 TrIP Application Layer

04 TrIP Instruction Layer

03 TrIP Security and Dependency Resolvment Layer

02 TrIP File and SW Package Transfer Layer

01 TrIP OS API Layer

TrIP August 2001

TrIP Scenarios

Stationary clients

The TrIP system can provide the following for a stationary system:Instant upgrade of an application in a server farm (OS upgrades and/or new components, patches, new versions of a application, etc.)

Upgrade of OS Installment of new OS Remote management of software install/upgrade

Let's say that you buy three servers (3S) and install network cards with boot option in all of them. When running a TrIP server on the network a install application will be automatically booted on the 3S. The software the TrIP administrator has specified in the TrIP Administration Tool will be installed and configured.

When a new version of some software on the 3S is available the TrIP administrator triggers an install of the new software from the TrIP Administration Tool.

When a new version of the OS is available for the 3S the TrIP administrator triggers an install and the OS is upgraded.

Portable devices

Same as for Stationary clients, and more specifically for wireless devices: Instant upgrade of a category of devices, for example all Compaq iPAQ's are to be

upgraded with some new software. Solves the limited bandwith problem by using delta compression algorithms


Physical Link

TrIP Client

/SyncML

/HTTP

/TCP

/IP

Ethernet/GPRS/GSM

TrIP Server

/SyncML

/HTTP

/TCP

/IP

Ethernet/GPRS/GSM

TrIP August 2001

Solves the problem with interrupted Internet connection by using resume functionality

Cellular phones

Same as for Stationary clients and Portable devices, and: The cases witnessed recently where new GPRS handsets had to be withdrawn

from the market because they had software bugs.

System Architecture Scenarios

Use Case Scenario 1


TrIPServer

TrIPPackages

Patch Mobile PhoneManufacturerTrIP

DB

TrIP August 2001

Use Case Scenario 2


TrIPServer

TrIPPackages

UserData

SW Company

Patch TrIPDB

LicencedUsers

TrIP August 2001

Use Case Scenario 3

Use Case Scenarios

Referring to the architectures above:

TrIP Use Case Scenario 1:

Mobile phone manufacturer discovers a fault in the kernel of a distributed mobile phone series.

Model sold in 14 countries. Time and cost consuming to call back the distribution. Manufacurer knows the range of the model serieal number. Maintains a database of the local distributors (in each country) and the local

distributors are contacted to update the kernel. Local distributors maintain a TrIP database and configures an upgrade for the

kernel on the models in concern. A TrIP software package is compiled on the known criterias and a broadcast is sent to the customer's (end user's) mobile phone.

Mobile phone receives a signal to upgrade with importance 'critical'. Mobile phone contacts the TrIP server and downloads the kernel patch. End user is told that a kernel patch is scheduled and that the patch will take place

at next shutdown. A shutdown/reboot is called and the patch is applied. On success the mobile phone contacts the TrIP server to inform of the new kernel

version.


TrIPServer

TrIPPackages

UserData

SW Vendor *.exe TrIPDB

Device Model /OS

Advertising

TrIP August 2001


Application developer discovers a security flaw in a newly released software. A patch has been made and distributed to all software providers. Software provider maintains a TrIP database and searches for all users who have

installed this software. A tag is checked for this software update on the concerned users. The TrIP client on the end user's workstation is scheduled to look for updates

once a day. The client discovers that there's a patch for the application and connects to the

TrIP server to download this patch. At next boot the patch is applied and the upgrade is noticed in the TrIP database.


A software vendor has released a new pocket dictionary for Pocket PC running Windows CE.

The vendor would like to promote his release to all users of Pocket PC's with one internet provider through a screen saver.

The internet provider maintains a TrIP database of his customers. The vendor delivers the screen saver to the internet provider, along with the

criterias of the targeted end user. The internet provider compiles a package and tags all users of Pocket PCs and

Windows CE with update. The TrIP client on the end user's Pocket PC is scheduled to look for updates once

a day. The client discovers that there's a new mandatory screen saver and downloads the

package. The new screen saver is installed and the end user watches the advertisement next

time the screen saver kicks in.


TrIP August 2001

TrIP ImplementationsImplementations of TrIP technology from Trustix:

TXPI - the Trustix eXtended Package Installer – the Trip technology employed on Linux platforms, from mainframes to handheld mobile PDAs

TEMSU - the Trustix EMbedded Software Updater – the TrIP technology employed on the Windows CE platform

TrIP-M – implementation of the TrIP technology for other mobile platforms (including GPRS handsets)

The TrIP technology from Trustix is generic and it can be implemented on any platform, on any transport channel.

TrIP on Windows CEWindows CE is based on the Microsoft Windows operating system but is designed for including or embedding in mobile and other space-constrained devices. Like the full-scale Windows systems, Windows CE is a 32-bit multitasking, multithreading operating system. Microsoft emphasizes that the system was "built from scratch" while taking advantage of Windows architectural concepts and interfaces.

GPRSGeneral Packet Radio Services (GPRS) is a packet-based wireless communication service that is based on Global System for Mobile (GSM) communication system. GPRS promises theoretical data rates from 56 up to 114 Kbps and continuous connection to the Internet for mobile handheld devices as well as notebook computers.

The higher data rates will allow users to take part in video conferences and interact with multimedia Web sites.

The GPRS service is supposed to cost the users less than circuit-switched services since the communication capasity is being used on a shared-basis.


TrIP

WinCE

Pad HW

GPRS

TrIP August 2001

GPRS supports the Internet Protocol (IP) and X.25, a packet-based protocol that is used mainly in Europe. GPRS is an evolutionary step toward Enhanced Data GSM Environment (EDGE) and Universal Mobile Telephone Service (UMTS).

TrIP / GPRS

BTS = Base Tranceiver StationMS = Mobile Station

When employing TrIP architecture on GPRS the TrIP should correspond directly to the IP level. The GPRS supports IP as well as X.25, baset on GSM as an underlying protocol. For this reason IP-packets must on signalling level be adressed to unique SIM-card identifiers.

GSM distinguishes explicitly between user and equipment and deals with them separately. Besides phone numbers and subscriber and equipment identifiers, several other identifiers have been defined; they are needed for the management of subscriber mobility and for addressing of all the remaining network elements.

The international mobile station equipment identity (IMEI) uniquely identifies a mobile station internationally. It is a kind of serial number. The IMEI is allocated by the equipment manufacturer and registered by the network operator who stores it in the EIR.

Each registered user is uniquely identified by its international mobile subscriber identity (IMSI). It is stored in the subscriber identity module (SIM). A mobile station can only be operated if a SIM with a valid IMSI is inserted into equipment with a valid IMEI.


LAN/ISP-POP

BTS

BTS

BTS

SW remote managerSW & Content

- Provision- Updating- Management

Transmission Channel- IP / GPRS /

GSM

Remote GPRS Device

- MS- Handheld

IPIP to SIMaccess point conversion

TrIP August 2001

The "real telephone number" of a mobile station is the mobile subscriber ISDN number (MSISDN). It is assigned to the subscriber (his or her SIM, respectively), such that a mobile station set can have several MSISDNs depending on the SIM.

A serving GPRS support node (SGSN) is responsible for the delivery of data packets from and to the mobile stations within its service area. Its tasks include packet routing and transfer, mobility management (attach/detach and location management), logical link management, and authentication and charging functions. The location register of the SGSN stores location information (e.g., current cell, current VLR) and user profiles (e.g., IMSI, address(es) used in the packet data network) of all GPRS users registered with this SGSN.

---

Scenario: the Software Manager wants to update content or software on a group of remote GPRS devices. As the GPRS supplies an virtual always-on packet protocol, this can be done as broadcast with the TrIP. The devices will be updated immedately as the packets arrive at the remote end, at no other cost than the transport through the transmission channel.

Key benefits:

- Earlier market introduction - at reduced risk. Detected errors can be corrected immediately and without any physical contact with the GPRS device hardware. Competitive positioning by speed-to-market.

- Faster service adaption. Contents and new features can be added continuousely and without any physical contact with the GPRS device hardware. Competitive Positioning.

- Continuous contents and software maintenance and management. A very cost effective way of product-life-cycle management.


GSM

BST SGSN GGSN TrIP Server

doc

Technology

Transcript of doc