Entitlement management is technology that grants, resolves, enforces, revokes, and administers fine-grained access entitlements—also referred to as authorizations, privileges, access rights, permissions, and/or rules.
The purpose of entitlement management is to execute access policies toward services, devices, and data (structured/unstructured). To manage entitlements, communications service providers are investing in auto-configuration or entitlement servers to provide service configuration data to devices during service initialization and later regular basis.
What is Device Entitlement Service
We offer a flexible entitlement management product that handles device entitlements for both the iOS and Android platforms — Device Entitlement Service (DES). DES authenticates the subscriber, the device, and does service configuration. DES is compliant with iOS entitlement server requirements. For RCS-compliant Android devices, DES offers a comprehensive service configuration function.
Device Entitlement Service, DES, is the premier platform for managing GSMA RCC.14 and RCC.07, and Apple iOS devices. In the future, it will also support SailfishOS. DES is utilized by MNOs and MVNOs only.
Trivore DES consists logically of two main sub-components, or server roles:
• The core of DES is identified as the “DES Server”. It hosts the main services. as it processes the requests from devices, and supports all required interfaces to the operator’s platforms, and back-end systems. It also includes interfaces to external analytics and other APIs.
• The “DES Manager” hosts the different management tools and the centralised view of the DES deployment and configuration. As features and functionality, DES offers: • Direct HTTPS-based interactions with iOS and Android devices using native protocols.
Within the sub-components, DES offers:
• Direct HTTPS-based interactions with iOS and Android devices
• Outbound provisioning — interacting with the carrier’s core network system to initiate/activate entitlements as needed
• Authentication function — leveraging information from the device’s USIM/ISIM and the carrier’s 3GPP AAA/HSS system on interacting with the carrier’s Subscriber Information and Profile database to obtain the entitlement status of devices.
• Apple Push Notification Service (APNS) interface to deliver Push Notifications related to configuration updates to iOS devices
• Flexible XML templates for service configuration data toward Android devices
• Websheet integration — allowing for close collaboration between Trivore DES and the mobile operator’s other servers associated with service configuration (for example, VoWiFi Location update)
• Outbound provisioning — interacting with the operator’s core network systems to initiate/activate entitlements as needed
• Authentication function — utilising data from the device’s eSIM/USIM/ISIM and the carrier’s 3GPP AAA/HSS system on interacting with the operartor’s Subscriber Information and Profile database to obtain the entitlement status of devices. This is an alternative to the built-in Profile database.
• Google Cloud Messaging (GCM) and Apple Push Notification Service (APNS) interfaces to deliver Push Notifications related to configuration updates to devices.
• XML templates for RCS service configuration data toward GSMA OpenMarket devices.
• Optionally DES is the primary authority for all RCS-related device configuration.
• Apple and GSMA Websheet feature integration in DES allows for collaboration with the mobile operator’s other servers and service configuration.
The DES Manager has a number of management tools for ease-of-operation and platform manageability:
• Monitoring tool to track the activity of specific devices.
• Scheduled generation of key performance indicator (KPI) reports.
• Firehose feed for external big data analytics.
• An Operations Dashboard to view the current state of the platform.
• Outbound SNMP alerting interface connects to the operators Network Operations Center (NOC). Inbound monitoring via REST APIs. Optionally DES integrates to our EMM offering, a full-blown operator-scale MDM platform.
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 790610