DESC:
FORM 2

THE PATENTS ACT, 1970
(39 of 1970)
&
THE PATENTS RULES, 2003

COMPLETE SPECIFICATION
(See section 10 and rule 13)
1. TITLE OF THE INVENTION
METHOD AND SYSTEM FOR ENABLING HIGH AVAILABILITY OF RESOURCES
2. APPLICANT(S)
NAME NATIONALITY ADDRESS
JIO PLATFORMS LIMITED INDIAN OFFICE-101, SAFFRON, NR. CENTRE POINT, PANCHWATI 5 RASTA, AMBAWADI, AHMEDABAD 380006, GUJARAT, INDIA
3.PREAMBLE TO THE DESCRIPTION

THE FOLLOWING SPECIFICATION PARTICULARLY DESCRIBES THE NATURE OF THIS INVENTION AND THE MANNER IN WHICH IT IS TO BE PERFORMED.

FIELD OF THE INVENTION
[0001] The present invention relates to Security Edge Protection Proxy (SEPP), more particularly relates to a method and a system for providing a scalable SEPP architecture targeting high availability and redundancy in a communication network.
BACKGROUND OF THE INVENTION
[0002] Security Edge Protection Proxy (SEPP) is a proxy deployed at an edge or a perimeter of a Public Land Mobile Network (PLMN) and enables secured communication between inter-PLMN network messages. The SEPP is a just proxy enabled to authenticate, provide confidentiality protection, and enable integration protection between two different mobile service providers i.e., inter-PLMN.
[0003] For e.g., a person visiting India with a Subscriber Identity Module (SIM) issued in another country can access a mobile network in India, with roaming enabled, using the SEPP deployed at various geo-sites. Further, the SEPP implements transport layer security (TLS) for the service layer information exchanged between two different PLMNs. The TLS connection may be implemented on User Datagram Protocol (UDP) or Transmission Control Protocol (TCP).
[0004] Further the commonly deployed architecture for ensuring high availability currently relies on a central database. The central database is configured to store data and delta data, i.e. any change/addition/deletion in original data stored may refer to as delta data. The drawback of having dependency on the central database is inefficiency since it increases the latency each time a node sends a request. Further, in a network implementing (SEPP) Security Edge Protection Proxy in the node may frequently send queries to the central database to get updated data, thus affecting the efficiency of the network and latency in the network.
[0005] In addition to the above drawback, commonly used network architecture does not support GR (Geo Redundancy)/DR (Disaster Recovery) deployment of SEPP instances. Also, the existing architecture involves a cluster mode, where multiple SEPPs (e.g., active SEPP, Standby SEPP or the like) instances at each core site, and in the network, multiple core site exists for the DR/the GR. Also, the SEPPs are stateless as per defined by a 3rd Generation Partnership Project (3GPP) standard, but the current SEPPs are performing transformation or modification of the requests/responses received and storing them in a cache request/response attributes for e.g., fully qualified domain name (FQDN), internet protocol (IP), port, etc., of received requests/responses. These information needs to be in synchronous with all instances and also with DR/GR sites as well.
[0006] In view of the above, there is a need for a system and method for enabling high availability of resource which overcomes at least the above indicated problems.
SUMMARY OF THE INVENTION
[0007] One or more embodiments of the present disclosure provide a system and a method for enabling high availability of resources in a communication network.
[0008] In one aspect of the present invention, a method for enabling high availability of resources is disclosed. The method includes broadcasting, by one or more processor, a copy of cache to all Security Edge Protection Proxy (SEPP) embedded into an active node and a standby node, present in a network (e.g., communication network or the like). Further, the method includes generating, by the one or more processor, a delta data during an instance, upon receiving a request from another active node at one of: a foreign network and a DR/GR site via an inter-PLMN. The method includes storing, by the one or more processor, the delta data. The method includes sharing, by the one or more processor, the delta data, between all the active nodes and the standby node via a peer-to-peer technique facilitating zero data loss in the delta data.
[0009] In another aspect of the present invention, a system for enabling high availability of resources is disclosed. The system includes an active node configured to host a Security Edge Protection Proxy (SEPP), and further comprise a High Availability State manager (HSM) bundled within the active node. A standby node is associated with the active node. A copy of cache is broadcasted to all the SEPP embedded into the active node and the standby node, present in a network. A delta data is generated during an instance, upon receiving a request from another active node via inter-PLMN. The delta data is stored in the active node. The delta data is configured to be shared between all the active nodes and the standby node via a peer-to-peer technique facilitating a zero data loss in the delta data.
[0010] In an embodiment, the copy of cache includes configuration data, where the configuration data includes a handshake data configured to connect with the SEPP.
[0011] In an embodiment, the HSM enables creating the copy of cache in a restarted node or the active node, upon detecting unavailability of cache within the restarted node.
[0012] In an embodiment, an active instance is handed over from the active node to the associated standby node upon detecting failure/crash of the active node.
[0013] In an embodiment, the failure or the crash or any other status of the active node is monitored by the High Availability State manager (HSM).
[0014] In an embodiment, the High Availability State manager (HSM) is further configured to transfer any new incoming active instance to the active node from the standby node in-case the active node is back online.
[0015] In an embodiment, the delta data is shared by the active node with other remote active nodes and their associated standby node, to facilitate the data availability across multiple sites, enabling to handle geo-redundancies and disaster recoveries
[0016] Other features and aspects of this invention will be apparent from the following description and the accompanying drawings. The features and advantages described in this summary and in the following detailed description are not all-inclusive, and particularly, many additional features and advantages will be apparent to one of ordinary skill in the relevant art, in view of the drawings, specification, and claims hereof. Moreover, it should be noted that the language used in the specification has been principally selected for readability and instructional purposes and may not have been selected to delineate or circumscribe the inventive subject matter, resort to the claims being necessary to determine such inventive subject matter.

BRIEF DESCRIPTION OF THE DRAWINGS
[0017] The accompanying drawings, which are incorporated herein, and constitute a part of this disclosure, illustrate exemplary embodiments of the disclosed methods and systems in which like reference numerals refer to the same parts throughout the different drawings. Components in the drawings are not necessarily to scale, emphasis instead being placed upon clearly illustrating the principles of the present disclosure. Some drawings may indicate the components using block diagrams and may not represent the internal circuitry of each component. It will be appreciated by those skilled in the art that disclosure of such drawings includes disclosure of electrical components, electronic components or circuitry commonly used to implement such components.
[0018] FIG. 1 is an exemplary block diagram of an environment for enabling high availability of resource in a communication network, according to various embodiments of the present disclosure;
[0019] FIG. 2 shows a block diagram of the system illustrating data flow between SEPP nodes, in accordance with an exemplary embodiment of the present subject matter;
[0020] FIG. 3 illustrates a flow of data restoration for a master SEPP node, in accordance with the exemplary embodiment of the present disclosure;
[0021] FIG. 4 is a block diagram of an active node included in the system of FIG. 1, according to various embodiments of the present disclosure;
[0022] FIG. 5 is an example schematic representation of the system of FIG. 1 in which various entities operations are explained, according to various embodiments of the present system;
[0023] FIG. 6 illustrates an exemplary method for scalable SEPP architecture targeting high availability and redundancy, in accordance with the present disclosure
[0024] FIG. 7 shows a sequence flow diagram illustrating a method for enabling high availability of resource in the communication network, according to various embodiments of the present disclosure; and
[0025] FIG. 8 illustrates an exemplary system architecture of a SEPP deployed in the active node and a standby node, in accordance with an exemplary embodiment of the present subject matter.
[0026] Further, skilled artisans will appreciate that elements in the drawings are illustrated for simplicity and may not have been necessarily been drawn to scale. For example, the flow charts illustrate the method in terms of the most prominent steps involved to help to improve understanding of aspects of the present invention. Furthermore, in terms of the construction of the device, one or more components of the device may have been represented in the drawings by conventional symbols, and the drawings may show only those specific details that are pertinent to understanding the embodiments of the present invention so as not to obscure the drawings with details that will be readily apparent to those of ordinary skill in the art having benefit of the description herein.
[0027] The foregoing shall be more apparent from the following detailed description of the invention.

DETAILED DESCRIPTION OF THE INVENTION
[0028] Some embodiments of the present disclosure, illustrating all its features, will now be discussed in detail. It must also be noted that as used herein and in the appended claims, the singular forms "a", "an" and "the" include plural references unless the context clearly dictates otherwise.
[0029] Various modifications to the embodiment will be readily apparent to those skilled in the art and the generic principles herein may be applied to other embodiments. However, one of ordinary skill in the art will readily recognize that the present disclosure including the definitions listed here below are not intended to be limited to the embodiments illustrated but is to be accorded the widest scope consistent with the principles and features described herein.
[0030] A person of ordinary skill in the art will readily ascertain that the illustrated steps detailed in the figures and here below are set out to explain the exemplary embodiments shown, and it should be anticipated that ongoing technological development will change the manner in which particular functions are performed. These examples are presented herein for purposes of illustration, and not limitation. Further, the boundaries of the functional building blocks have been arbitrarily defined herein for the convenience of the description. Alternative boundaries can be defined so long as the specified functions and relationships thereof are appropriately performed. Alternatives (including equivalents, extensions, variations, deviations, etc., of those described herein) will be apparent to persons skilled in the relevant art(s) based on the teachings contained herein. Such alternatives fall within the scope and spirit of the disclosed embodiments.
[0031] The following acronym and definition are used in the patent disclosure.
1. NMS: Network Management System
2. HSM: HA State Manager
3. PDU: Protocol Data Unit
4. SEPP: Security Edge Protection Proxy
5. GR: Geo Redundancy
6. DR: Disaster Recovery
7. PLMN: Public Land Mobile Network
8. SIM: Subscriber Identity Module
9. UDP : User Datagram Protocol
10. TCP: Transmission Control Protocol
11. TLS : transport layer security
12. HA: High Availability. Component, or application can operate at all times without network disruption due to availability of a backup instance.
[0032] Various embodiments of the invention provide a system and a method for scalable SEPP architecture targeting high availability and redundancy in a communication network. In an exemplary embodiment of the invention, the SEPP may be deployed in a pair consisting of an active node, and in a standby node. Deploying SEPP in the pair with the active node, and the standby node, ensures high availability and redundancy. Further, the SEPP instance may be configured to generate delta information, and further the delta information may be broadcasted to a plurality of SEPP in the network providing all the instances with their own copy of cache in a system memory.
[0033] Further in accordance with the exemplary embodiment, a High Availability (HA) state manger monitor may be deployed to monitor and track instances of an active SEPP node. Further, the High Availability (HA) state manger monitor may be configured to inform the standby node to take over the active instance if the active node faces network or software issues. Further, the SEPP manager enables complete data replication to a new / restarted SEPP instance facilitating zero data loss even when the application is shutdown.
[0034] FIG. 1 shows a network level block diagram of a system 100 in accordance with one embodiment of the present subject matter. The system 100 may comprise a plurality of active nodes 102-1, 102-2,……102-n. At least one of the active node 102-n from the plurality of the active nodes 102-1, 102- 2,……102-n may be communicably connected to another SEPP node 104. Further for ease of disclosure, the first device may be represented as 102. In accordance with an aspect of the exemplary embodiment, the active node 102 may be a part of a first mobile service provider and the another SEPP node 104 may be from another service provider.
[0035] Further, the active node 102, may be communicably connected with the SEPP node 104, over a network 110. The network 110 may be a PLMN network, and further the network 110 may enable inter-PLMN communication between the active node 102, and the another SEPP node 104.
[0036] In accordance with yet another aspect of the exemplary embodiment, the plurality of active nodes 102 may be communicated with a wireless device or a communication device (not shown) that may be a part of the system 100. The wireless device or the communication device may include, but are not limited to, a handheld wireless communication device (e.g., a mobile phone, a smart phone, a phablet device, and so on), a wearable computer device (e.g., a head-mounted display computer device, a head-mounted camera device, a wristwatch computer device, and so on), a laptop computer, a tablet computer, or another type of portable computer, a media playing device, a portable gaming system, and/or any other type of computer device with wireless communication or VoIP capabilities.
[0037] In accordance with yet another aspect of the exemplary embodiment, the another SEPP node 104 may be communicated with the wireless device or the communication device (not shown) that may be a part of the system 100. The wireless device or the communication device may include, but are not limited to, a handheld wireless communication device (e.g., a mobile phone, a smart phone, a phablet device, and so on), a wearable computer device (e.g., a head-mounted display computer device, a head-mounted camera device, a wristwatch computer device, and so on), a laptop computer, a tablet computer, or another type of portable computer, a media playing device, a portable gaming system, and/or any other type of computer device with wireless communication or VoIP capabilities.
[0038] The another SEPP node 104 may comprise a first memory such as a volatile memory (e.g., RAM), non-volatile memory (e.g., disk memory, FLASH memory, EPROMs, etc.), unalterable memory, and/or other types of memory. In one implementation, the first memory might be configured or designed to store data, program instructions. The program instructions might control the operation of an operating system and/or one or more application. In another implementation the SEPP may be embedded into the first memory. The SEPP may be further configured to enable the another SEPP node 104 to request an access to the network hosting the active node 102.
[0039] The system may further comprise the plurality of standby nodes 108-1, 108- 2,……108-n. Further for ease of disclosure, the standby node may be represented as 108. In accordance with yet another aspect of the exemplary embodiment, the standby node 108 may be a wireless device or a communication device that may be a part of the system 100. The wireless device or the communication device may include, but are not limited to, a handheld wireless communication device (e.g., a mobile phone, a smart phone, a phablet device, and so on), a wearable computer device (e.g., a head-mounted display computer device, a head-mounted camera device, a wristwatch computer device, and so on), a laptop computer, a tablet computer, or another type of portable computer, a media playing device, a portable gaming system, and/or any other type of computer device with wireless communication or VoIP capabilities. The standby node 108, may be communicably connected to the active node 102 via a communication network 106. The communication network 106, may use one or more wireless interfaces/protocols such as, for example, 802.11 (Wi-Fi), 802.15 (including Bluetooth™), 802.16 (Wi-Max), 802.22, Cellular standards such as CDMA, CDMA2000, WCDMA, Radio Frequency (e.g., RFID), Infrared, laser, Near Field Magnetics, etc. Further, the active node 102 and the standby node 104 may be configured to host SEPP or have the SEPP embedded into a memory.
[0040] The communication network 106 may also include, by way of example but not limitation, at least a portion of one or more networks having one or more nodes that transmit, receive, forward, generate, buffer, store, route, switch, process, or a combination thereof, etc. one or more messages, packets, signals, waves, voltage or current levels, some combination thereof, or so forth. The network may also include, by way of example but not limitation, one or more of a wireless network, a wired network, an internet, an intranet, a public network, a private network, a packet-switched network, a circuit-switched network, an ad hoc network, an infrastructure network, a Public-Switched Telephone Network (PSTN), a cable network, a cellular network, a satellite network, a fiber optic network, a VOIP or some combination thereof. The communication network 106 may include, but is not limited to, a Third Generation (3G), a Fourth Generation (4G), a Fifth Generation (5G), a Sixth Generation (6G), a New Radio (NR), a Narrow Band Internet of Things (NB-IoT), an Open Radio Access Network (O-RAN), and the like.
[0041] Alternately, the active node 102, may be communicably connected with the SEPP node 104 through a server (not shown). The server can be, for example, but not limited to a standalone server, a server blade, a server rack, a bank of servers, a business telephony application server (BTAS), a server farm, a cloud server, an edge server, home server, a virtualized server, one or more processors executing code to function as a server, or the like. In an implementation, the server may operate at various entities or a single entity (include, but is not limited to, a vendor side, service provider side, a network operator side, a company side, an organization side, a university side, a lab facility side, a business enterprise side, a defense facility side, or any other facility) that provides service.
[0042] Operational and construction features of the enterprise system 100 will be explained in detail with respect to the following figures.
[0043] FIG. 2 shows a block diagram of the system 100 illustrating data flow between SEPP nodes, in accordance with an exemplary embodiment of the present subject matter. The block diagram further shows flow of SEPP nodes in case of georedundancy (GR) and disaster recovery (DR) 112. In accordance with the present disclosure, the active node 102, may comprise HSM (HA State Manager), and further active host SEPP. Further, the active node 102, may be configured to generate a delta data during an instance i.e., upon receiving a request from another node via the inter-PLMN. Further, the active node 102, may be configured to store the delta data, and send the delta data to another active node, within the same network via the network 106. The active node 102, may be further configured to send the delta data to the standby node 108. The delta data is shared between all the active node 102 and standby node 108 in a peer-to-peer manner, i.e., each node irrespective of being active node 102, or standby node 108, receives the delta data continuously.
[0044] The standby node 108, in an aspect of the invention is provided on the same site as the active node 102. Further, each active node 102 may be associated with at least one other standby node 108, thereby having a pair of active node 102, and standby node 108 hosting the SEPP. Further since the nodes may exist in pair, if the active node 102, is detected to be failing, the standby node 108 can respond to the query received by the active node 102. Further, since all the nodes have the delta data, the handover between the active node 102 and standby node 108 does not have any data loss with respect to delta data.
[0045] Further in accordance with the exemplary embodiment, the sharing of delta data, between all the active nodes 102 and the standby node 108 in a peer-to-peer technique enables zero data loss in delta data. Further as plurality of active nodes 102, and the plurality of standby nodes 108 may be placed at various geographical regions, the system enables managing geo-redundancy and disaster recovery.
[0046] In accordance with the exemplary embodiment, the HSM hosted within the active node 102 may be configured to manage the handover between the active node 102 and the standby node 108. Further in another aspect of the present exemplary embodiment, the standby node 108 may also comprise HSM and the HSM may be further configured to handover the query/instances back to the active node 102. In another aspect of the present exemplary embodiment, the HSM (414) is responsible for managing the high-availability of cluster components. The HSM (414) continuously monitors the SEPP instance and when active instance goes down, the HSM makes the standby node as active node.
[0047] FIG. 3 illustrates an example system 300 depicting data restoration for the master SEPP node, in accordance with the exemplary embodiment of the present disclosure. In accordance with the exemplary embodiment, the active node 102 or the standby node 108 may act as a master SEPP node. Further in a scenario, if the active node 102 goes down, any delta data generated by the other active node, and/or standby node 108, is not updated in the active node 102. Further once the active node 102, is operational again, the SEPP manager 304, enables updating the delta data in the now active node 102. The SEPP manager 304 is the controller of a SEPP cluster. All SEPPs at a site are connected to the SEPP manager 304. The SEPP manager 304 provides backup & restore functionality for all SEPPs. Also, the SEPP manager 304 designates one SEPP as the master SEPP. If new SEPP instance is installed, it is registered with the SEPP manager 304. The SEPP manager 304 facilitates necessary cache copy to the new SEPP instance.
[0048] FIG. 4 is a block diagram of the active node 102 included in the system 100 of FIG. 1, according to various embodiments of the present disclosure.
[0049] As per the illustrated embodiment, the active node 102 includes one or more processors 402, a memory 404, an input/output interface unit 406, a display 408, and an input device 410. Further the active node 102 may comprise one or more processors 402. The one or more processors 402, hereinafter referred to as the processor 402 may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, state machines, logic circuitries, single board computers, and/or any devices that manipulate signals based on operational instructions. As per the illustrated embodiment, the active node 102 includes one processor 402. However, it is to be noted that the active node 102 may include multiple processors as per the requirement and without deviating from the scope of the present disclosure.
[0050] The information related to the delta data may be provided or stored in the memory 404 of the active node 102. Among other capabilities, the processor 402 is configured to fetch and execute computer-readable instructions stored in the memory 404. The memory 404 may be configured to store one or more computer-readable instructions or routines in a non-transitory computer-readable storage medium, which may be fetched and executed to create or share data packets over a network service. The memory 404 may include any non-transitory storage device including, for example, volatile memory such as RAM, or non-volatile memory such as disk memory, EPROMs, FLASH memory, unalterable memory, and the like.
[0051] The information related to the delta data may further be configured to render on the user interface 406. The user interface 406 may include functionality similar to at least a portion of functionality implemented by one or more computer system interfaces such as those described herein and/or generally known to one having ordinary skill in the art. The user interface 406 may be rendered on the display 408, implemented using LCD display technology, OLED display technology, and/or other types of conventional display technology. The display 408 may be integrated within the active node 102 or connected externally. Further the input device(s) 410 may include, but not limited to, keyboard, buttons, scroll wheels, cursors, touchscreen sensors, audio command interfaces, magnetic strip reader, optical scanner, etc.
[0052] The active node 102 may further comprise a centralized database (not shown). The centralized database may be communicably connected to the processor 402, and the memory 404. The centralized database may be configured to store and retrieve data pertaining to features, or services, access rights, attributes, approved list, and authentication data provided by an administrator or a network operator. Further the active node 102 may allow the system 100 to update/create/delete one or more parameters of their information related to the delta data. In another embodiment, the centralized database may be outside the active node 102 and communicated through a wired medium and wireless medium.
[0053] Further, the processor 402, in an embodiment, may be implemented as a combination of hardware and programming (for example, programmable instructions) to implement one or more functionalities of the processor 402. In the examples described herein, such combinations of hardware and programming may be implemented in several different ways. For example, the programming for the processor 402 may be processor-executable instructions stored on a non-transitory machine-readable storage medium and the hardware for the processor 402 may comprise a processing resource (for example, one or more processors), to execute such instructions. In the present examples, the memory 404 may store instructions that, when executed by the processing resource, implement the processor 402. In such examples, the active node 102 may comprise the memory 404 storing the instructions and the processing resource to execute the instructions, or the memory 404 may be separate but accessible to the active node 102 and the processing resource. In other examples, the processor 402 may be implemented by electronic circuitry.
[0054] In order for the active node 102 to enable high availability of resource, the processor 402 includes a delta data generation unit 412, a HSM 414 and a restoring unit 416.
[0055] The delta data generation unit 412, the HSM 414 and the restoring unit 416 are implemented as a combination of hardware and programming (for example, programmable instructions) to implement one or more functionalities of the processor 402. In the examples described herein, such combinations of hardware and programming may be implemented in several different ways. For example, the programming for the processor 402 may be processor-executable instructions stored on a non-transitory machine-readable storage medium and the hardware for the processor may comprise a processing resource (for example, one or more processors), to execute such instructions. In the present examples, the memory 404 may store instructions that, when executed by the processing resource, implement the processor. In such examples, the node 108 may comprise the memory 404 storing the instructions and the processing resource to execute the instructions, or the memory 404 may be separate but accessible to the system 408 and the processing resource. In other examples, the processor 402 may be implemented by electronic circuitry.
[0056] The delta data generation unit 412 broadcasts the copy of cache to all SEPP embedded into the active node 102 and the standby node 108 present in the network 106. The broadcasting enables continuously receiving the delta data to the active node 102 and the standby node 108 present in the network 106. The copy of cache includes configuration data, wherein the configuration data includes handshake data configured to connect with the SEPP.
[0057] Further, the delta data generation unit 412 generates the delta data during the instance, upon receiving the request from another active node via the inter-PLMN 110. For example, since, SEPPs store request/response attributes like PLMN, FQDN, IP, port, protocol, schemes etc,. these attributes are used to perform relevant transformation/modification of request/response. Such modification/transformation is done at the SEPP to adapt to foreign request/response format. Besides that, the SEPPs stores information like handshake or authentication keys for requests/response. Now if a new request is received at the active SEPP of a primary site, the active SEPP performs processing on the request as above, generates the data and stores in its cache, this data is referred as delta data. Now, this delta data is not present at the standby SEPP and DR/GR site’s active-standby SEPP pair. Hence, shared with these SEPPs. (as show in FIG. 2). If the active SEPP if failed, the standby SEPP becomes active. When the formerly active SEPP is restored, the current active SEPP (standby one) sends it’s copy of cache to the restored SEPP, as the current active SEPP is the one receiving request/response from foreign SEPP. Restored SEPP updates it’s caches and perform handover.
[0058] The delta data generation unit 412 stores the delta data in the memory 406. Further, the delta data generation unit 412 sends the delta data to another active node. Further, the delta data generation unit 412 send the delta data to the standby node 108. Further, the delta data generation unit 412 shares the delta data, between all the active nodes and the standby node 108 via a peer-to-peer technique facilitating zero data loss in the delta data.
[0059] In an embodiment, the HSM 414 manages the handover between the active node 102 and the standby node 108 based on the instance generated.
[0060] In an embodiment, the restoring unit 416 detects reestablishing of the failed active node to hand over the active instances from the standby-node 108 to the active node 102.
[0061] FIG. 5 is an example schematic representation of the system 100 of FIG. 1 in which various entities operations are explained, according to various embodiments of the present system.
[0062] Referring to FIG. 5, FIG. 5 describes a system 100 for enabling high availability of resource in the communication network 106. It is to be noted that the embodiment with respect to FIG. 5 will be explained with respect to the active node 102 and the standby node 108 for the purpose of description and illustration and should nowhere be construed as limited to the scope of the present disclosure. The same explanation shall apply to multiple active node 102-1 to 102-n and multiple standby node 108-1 to 108-n.
[0063] As mentioned earlier, the first standby node 108-1 includes one or more primary processors 505 communicably coupled to the one or more processors 402 of the active node 102. The one or more primary processors 505 are coupled with a memory 510 storing instructions which are executed by the one or more primary processors 505. Execution of the stored instructions by the one or more primary processors 505 enables the active node 102 to transmit the delta data via an interface module 515 to the standby node 108-1 in order to register for a service related to the delta data.
[0064] As per the illustrated embodiment, the active node 102 includes the one or more processors 402, the memory 404, the input/output interface unit 406, the display 408, and the input device 410. The operations and functions of the one or more processors 402, the memory 404, the input/output interface unit 406, the display 408, and the input device 410 are already explained in FIG. 4. For the sake of brevity, we are not explaining the same operations (or repeated information) in the patent disclosure.
[0065] Further, the processor 402 includes the delta data generation unit 412, the HSM 414 and the restoring unit 416. The delta data generation unit 412 broadcasts the copy of cache to all SEPP embedded into the active node 102 and the standby node 108 present in the network 106. The broadcasting enables continuously receiving the delta data to the active node 102 and the standby node 108 present in the network 106. The copy of cache includes configuration data, wherein the configuration data includes a handshake data configured to connect with the SEPP. Further, the delta data generation unit 412 generates the delta data during the instance, upon receiving the request from another active node via the inter-PLMN 110. The delta data is generated upon detecting a failure of the active node 102.
[0066] The delta data generation unit 412 stores the delta data in the memory 406. Further, the delta data generation unit 412 shares the delta data, between all the active nodes and the standby node 108 via a peer-to-peer technique facilitating zero data loss in the delta data.
[0067] In an embodiment, the HSM 414 manages the handover between the active node 102 and the standby node 108 based on the instance generated. In an embodiment, the restoring unit 416 detects reestablishing of the failed active node to hand over the active instances from the standby-node 108 to the active node 102.
[0068] Referring to FIG. 6, illustrates an exemplary method 600 for scalable SEPP architecture targeting high availability and redundancy, in accordance with the present disclosure. Further in accordance with the present embodiment, at step 602, the method includes generating the new delta data in the active node 102. The active node 102, may be configured to host Security Edge Protection Proxy (SEPP). Further, the active node 102 also may be configured have the HSM bundled within the active node 102. The active node 102 may be further associated with the standby node 108, thereby the system 100 having the pair of active node 102, and the standby node 108. The active node 102 and the associated standby node 108 may be in the same site. Further the generated delta data may be transferred in real-time to the associated standby node 108 at the same site.
[0069] Further at step 604, the method includes handing over the active instance from the active node 102 to the associated standby node 108, upon detecting failure/crash of the active node 102. The failure or the crash or any other status of the active node 102, may be monitored by the HSM. The HSM may be configured further to transfer the active instance to the active node 102 from the standby node 108, in-case the active node 102 is back online. Further the handover between the active node 102 and the standby node 108 is achieved without data loss or delta data loss.
[0070] At step 606, the method includes simultaneously sharing the delta data by active node 102 with other remote active node 102 and their associated standby node 108. This way the data availability is ensured across multiple sites. The availability of shared delta data across multiple sites enables handling of geo-redundancies and disaster recoveries.
[0071] Further at step 608, the method includes sharing the delta data generated in the master node 302 while the active node 102 was down. The sharing of the delta data from the master node 302 to the active node 102 on receiving a query from the SEPP manager 304 once the active node 102 is online again.
[0072] FIG. 7 shows a sequence flow diagram illustrating a method 700 for enabling high availability of resource in the communication network 106, according to various embodiments of the present disclosure.
[0073] At step 702, the method includes broadcasting the copy of cache to all SEPP embedded into the active node 102 and the standby node 108 present in the network 106. In an embodiment, the method allows the delta data generation unit 412 to broadcast the copy of cache to all SEPP embedded into the active node 102 and the standby node 108 present in a network 106.
[0074] At step 704, the method includes generating the delta data during the instance, upon receiving the response from another active node at one of: a foreign network and the DR/GR site 112 via the inter-PLMN 110. In an embodiment, the method allows the delta data generation unit 412 to generate the delta data during the instance, upon receiving the request from another active node at one of: the foreign network and the DR/GR site 112 via the inter-PLMN 110.
[0075] At step 706, the method includes storing the delta data. In an embodiment, the method allows the delta data generation unit 412 to store the delta data.
[0076] At step 708, the method includes sending the delta data to the standby node 108. In an embodiment, the method allows the delta data generation unit 412 to send the delta data to the standby node 108.
[0077] At step 708, the method includes sharing the delta data, between all the active nodes and the standby node 108 via a peer-to-peer technique facilitating zero data loss in the delta data. In an embodiment, the method allows the delta data generation unit 412 to share the delta data, between all the active nodes 102 and the standby node 108 via a peer-to-peer technique facilitating zero data loss in the delta data.
[0078] FIG. 8 illustrates an exemplary system architecture 800 of a SEPP deployed in the active node 102 and the standby node 108, in accordance with an exemplary embodiment. The system architecture 800 discloses active node, having SEPP. Further each active node 102 is associated with the standby node 108. The standby node 108 also comprises SEPP. Further the active node 102 and the standby node 108 communicate with each other via HSM.
[0079] The system architecture 800 further discloses, a communication between the active node/standby node from one location with active node/standby node at another location to monitor GR/DR. The relevant operations and functions are already defined in FIG. 2 and FIG. 3. For the sake of brevity, we are not repeating the same in the FIG. 8.
[0080] The system architecture (800) includes a network management system (NMS) (802), a first super core (804a), a second super core (804b), a first super core (SC) database (806a), a second SC database (806b), a first consumer network function (808a), a second consumer network function (808b), a first producer network function (810a), a second producer network function (810b), roaming partner SEPPs (812a, 812b), a first SC SEPPM (814a), a second SC SEPPM (814b), a first SC JVCM-IAM (816a), a second SC JVCM-IAM (816b), a first SC primary (818a), a second SC primary (818b), a second SC GR/DR (820a), a first SC GR/DR (820b). The NMS (802), the first super core (804a), the second super core (804b), the first SC database (806a), the second SC database (806b), the first consumer network functions (808a), the second consumer network functions (808b), the first producer network functions (810a), the second producer network functions (810b), the roaming partner SEPPs (812a, 812b), the first SC SEPPM (814a), the second SC SEPPM (814b), the first SC JVCM-IAM (816a), the second SC JVCM-IAM (816b), the first SC primary (818a), the second SC primary (818b), the second SC GR/DR (820a), the first SC GR/DR (820b) are communicated with each other (through a direct communication or an indirect communication).
[0081] The first SC SEPPM (814a) includes the first HSM, the second HSM, the SEPPM ACTIVE, and the SEPPM standby. The second SC SEPPM (814b) includes the first HSM, the second HSM, the SEPPM ACTIVE, and the SEPPM standby. The first SC SEPPM (814a) and the second SC SEPPM (814b) are communicated with each other. The first SC SEPPM (814a) communicates with the first super core (SC) database (806a). The second SC SEPPM (814b) communicates with the second super core (SC) database (806b).
[0082] The first SC primary (818a) includes the first HSM, the second HSM, the SEPPM active, and the SEPPM standby. The second SC primary (818a) includes the first HSM, the second HSM, the SEPPM ACTIVE, and the SEPPM standby. The first SC primary (818a) and the second SC primary (818a) are communicated with each other.
[0083] The second SC GR/DR (820a) includes the first HSM, the second HSM, the SEPPM ACTIVE, and the SEPPM standby. The first SC GR/DR (820b) includes the first HSM, the second HSM, the SEPPM ACTIVE, and the SEPPM standby. The first SC GR/DR (820b) and the second SC GR/DR (820a) are communicated with each other.
[0084] The first SC JVCM-IAM (816a) includes the first HSM, the second HSM, the JVCM-IAM ACTIVE, and the JVCM-IAM standby. The second SC JVCM-IAM (816b) includes the first HSM, the second HSM, the JVCM-IAM ACTIVE, and the JVCM-IAM standby. The first SC JVCM-IAM (816a) and the second SC JVCM-IAM (816b) are communicated with each other.
[0085] Various embodiments of the invention provide a system and a method for scalable SEPP architecture targeting high availability and redundancy in a communication network. In an exemplary embodiment of the invention, the SEPP may be deployed in a pair consisting of an active node, and in a standby node. Deploying SEPP in the pair with the active node, and the standby node, ensure high availability and redundancy. Further, the SEPP instance may be configured to generate delta information, and further the delta information may be broadcasted to a plurality of SEPP in the network providing all the instances with their own copy of cache in a system memory.
[0086] Further in accordance with the exemplary embodiment, a High Availability (HA) state manger monitor may be deployed to monitor and track instances of an active SEPP node. Further, the High Availability (HA) state manager monitor is configured to inform the standby node to take over the active instance if the active node faces network or software issues. Further, the SEPP manager enables complete data replication to a new / restarted SEPP instance facilitating zero data loss even when application shutdown.
[0087] A person of ordinary skill in the art will readily ascertain that the illustrated embodiments and steps in description and drawings (FIGS.1-8) are set out to explain the exemplary embodiments shown, and it should be anticipated that ongoing technological development will change the manner in which particular functions are performed. These examples are presented herein for purposes of illustration, and not limitation. Further, the boundaries of the functional building blocks have been arbitrarily defined herein for the convenience of the description. Alternative boundaries can be defined so long as the specified functions and relationships thereof are appropriately performed. Alternatives (including equivalents, extensions, variations, deviations, etc., of those described herein) will be apparent to persons skilled in the relevant art(s) based on the teachings contained herein. Such alternatives fall within the scope and spirit of the disclosed embodiments.
[0088] The present invention offers multiple advantages over the prior art and the above listed are a few examples to emphasize on some of the advantageous features. The listed advantages are to be read in a non-limiting manner.

REFERENCE NUMERALS
[0089] System - 100
[0090] Active nodes – 102, 102-1-102-n
[0091] SEPP node - 104
[0092] Communication Network - 106
[0093] standby node – 108, 108-1-108-n
[0094] Network- 110
[0095] SCI GR/DR (or DR/GR site) 112
[0096] System 300
[0097] Master SEPP node - 302
[0098] SEPP manager - 304
[0099] Processor – 402
[00100] Memory – 404
[00101] User Interface – 406
[00102] Display – 408
[00103] Input device – 410
[00104] Delta data generation unit - 412,
[00105] HSM - 414
[00106] Restoring unit - 416
[00107] System – 500
[00108] Primary processors -505
[00109] Memory Unit– 510
[00110] Interface Module – 515
[00111] System architecture – 800
[00112] NMS - 802
[00113] First super core - 804a
[00114] Second super core - 804b
[00115] First super core (SC) database - 806a
[00116] Second SC database - 806b
[00117] First consumer network functions - 808a
[00118] Second consumer network functions - 808b
[00119] First producer network functions - 810a
[00120] Second producer network functions - 810b
[00121] Roaming partner SEPPs - 812a, 812b
[00122] FIRST SC SEPPM - 814a
[00123] Second SC SEPPM - 814b
[00124] FIRST SC JVCM-IAM - 816a
[00125] Second SC JVCM-IAM - 816b
[00126] FIRST SC primary - 818a
[00127] Second SC primary - 818b
[00128] Second SC GR/DR - 820a
[00129] First SC GR/DR - 820b

,CLAIMS:CLAIMS:
We Claim
1. A method for enabling high availability of resources, the method comprising the steps of:
broadcasting, by one or more processor (402), a copy of cache to all Security Edge Protection Proxy (SEPP) embedded into an active node (102) and a standby node (108), present in a network (106);
generating, by the one or more processor (402), a delta data during an instance, upon receiving a request from another active node at one of: a foreign network and a DR/GR site (112) via inter-PLMN (110);
storing, by the one or more processor (402), the delta data; and;

sharing, by the one or more processor (402), the delta data between all the active nodes and the standby node (108) via a peer-to-peer technique facilitating zero data loss in the delta data.

2. The method as claimed in claim 1, comprises, managing, by the one or more processor (402), the handover between the active node (102) and the standby node (108) based on the instance generated.

3. The method as claimed in claim 1, wherein generating and receiving the delta data comprises, detecting a failure, by the one or more processor (402), of the active node.

4. The method as claimed in claim 1, wherein broadcasting enables continuously receiving, by the one or more processor (402), the delta data.

5. The method as claimed in claim 1, comprises, detecting, by the one or more processor (402), reestablishing of the failed active node.

6. The method as claimed in claim 1, comprises, handing-over, by the one or more processor (402) active instances from the standby-node (108) to the active node (102).

7. The method as claimed in claim 1, wherein the copy of cache comprises configuration data, and the configuration data comprises a handshake data configured to connect with the SEPP.

8. A system (100) for enabling high availability of resource, the system (100) comprising:
an active node (102), configured to host a Security Edge Protection Proxy (SEPP), and further comprise a High Availability State manager (HSM) (414) bundled with the active node (102); and
a standby node (108) associated with the active node (102), wherein the system (100) further comprises a pair of active nodes, and the standby node (108);
wherein, a copy of cache is broadcasted to all the SEPP and the standby node (108), present in a network (106);
a delta data is generated during an instance, upon receiving a request from another active node at one of: a foreign network and a DR/GR site (112) via an inter-PLMN (110);
the delta data is stored in the active node (102); and
the delta data is configured to be shared between all the active nodes and the standby node (108) via a peer-to-peer technique facilitating a zero data loss in the delta data.

9. The system (100) as claimed in claim 8, wherein the copy of cache comprises configuration data and wherein the configuration data comprises a handshake data configured to connect with the SEPP.

10. The system (100) as claimed in claim 8, wherein the HSM (414) enables creating the copy of cache in a restarted node or the active node (102), upon detecting unavailability of cache within the restarted node.

11. The system (100) as claimed in claim 8, wherein an active instance is handed over from the active node (102) to the associated standby node upon detecting failure/crash of the active node (102).

12. The system (100) as claimed in claim 10, wherein the failure or the crash or any other status of the active node (102) is monitored by the High Availability State manager (HSM) (414).

13. The system (100) as claimed in claim 8, wherein the High Availability State manager (HSM) (414) is further configured to transfer any new incoming active instance to the active node (102) from the standby node (108) in-case the active node (102) is back online.

14. The system (100) as claimed in claim 8, wherein the delta data is shared by the active node (102) with other remote active nodes and their associated standby node, to facilitate the data availability across multiple sites, enabling to handle geo-redundancies and disaster recoveries.