WO2002011467A2 - Use of radius (remote authentication dial-in user service) in umts to perform hlr function and for roaming - Google Patents

Use of radius (remote authentication dial-in user service) in umts to perform hlr function and for roaming Download PDF

Info

Publication number
WO2002011467A2
WO2002011467A2 PCT/GB2001/003385 GB0103385W WO0211467A2 WO 2002011467 A2 WO2002011467 A2 WO 2002011467A2 GB 0103385 W GB0103385 W GB 0103385W WO 0211467 A2 WO0211467 A2 WO 0211467A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
service provider
radius
network
access
Prior art date
Application number
PCT/GB2001/003385
Other languages
French (fr)
Other versions
WO2002011467A3 (en
Inventor
William John Jones
Michael Bowring
Andrew Gordon Williams
Original Assignee
Ipwireless, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ipwireless, Inc. filed Critical Ipwireless, Inc.
Priority to JP2002515858A priority Critical patent/JP5083718B2/en
Priority to MXPA02003159A priority patent/MXPA02003159A/en
Priority to EP01953216A priority patent/EP1410569A2/en
Priority to AU75711/01A priority patent/AU784411B2/en
Priority to CA002384890A priority patent/CA2384890A1/en
Publication of WO2002011467A2 publication Critical patent/WO2002011467A2/en
Publication of WO2002011467A3 publication Critical patent/WO2002011467A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/04Protocols specially adapted for terminals or networks with limited capabilities; specially adapted for terminal portability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/162Implementing security features at a particular protocol layer at the data link layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Definitions

  • the present invention is directed to the use of the Internet web technology to perform a home location register function in a wireless access network.
  • HLR Home Location Register
  • SS7 Signaling System #7
  • PSTN Public Switched Telephone Network
  • RADIUS server provides such function.
  • a description of RADIUS is provided by an Internet article, RFC2138 Remote Authentication Dial-In User Service (RADIUS) by C. Rigney, et al., April 1997 which is available at WWW.IETF.ORG (Internet Engineering Task Force) .
  • RADIUS Remote Authentication Dial-In User Service
  • This system has only been used for Public Switched Telephone Network access.
  • Traditional mobile communications roaming methods protocols may not satisfactorily support the roaming function of the Internet Protocol (IP) based wireless access system describe in the above co-pending application 09/432,824. There is therefore a need for provision of HLR functions and roaming in an IP based wireless access system whereby the above disadvantages may be alleviated.
  • IP Internet Protocol
  • a wireless access network system as claimed in claim 13.
  • a RADIUS arrangement for use in a wireless access network system, as claimed in claim 25.
  • a network controller for use in a wireless access network system, the network controller having a RADIUS client for use with a RADIUS server in authorising user access to the network, as claimed in claim 26.
  • a computer program element comprising computer program means for performing the method of operation in a wireless access network system, as claimed in claim in claim 27.
  • a method of operating a cellular wireless Internet access system using RADIUS Remote Authentication Dial-In User Service which is normally used for dial-up Internet access over the PSTN (Public Switched Telephone Network) where the user utilizes a portable subscriber terminal with a directly attached antenna for communicating in a wireless manner via a cellular network to an integrated network controller and then to a target Internet Service Provider (ISP), comprising the steps of providing the subscriber terminal with an access network operator identifier and user identifier and password, both related to said access network operator.
  • the subscriber terminal requests Internet access from the integrated network controller.
  • the integrated network controller requests verification of the user from the RADIUS server of the operator.
  • the RADIUS server verifies the user identifier and password.
  • the integrated network controller receives an acceptance message.
  • the integrated network controller connects to a layer two tunneling protocol network server and a targeted Internet service provider and the subscriber terminal begins an Internet session.
  • FIG. 1 is a block diagram of an Internet system illustrating the present invention.
  • FIG. 2 is a flow chart illustrating the method of FIG. 1 of the present invention.
  • FIG. 3 is a diagram illustrating the method of FIG. 1 of the present invention.
  • FIG. 4 is a block diagram similar to FIG. 1.
  • FIG. 5 is a flow chart for FIG. 4,
  • FIG. 6 is a data format diagram.
  • Each wireless access user has a personal computer PC and a UMTS user equipment (UE) 21' and 22' with a directly attached antenna 20 and is connected by typical data connections such as an RS232, USB or Ethernet to the PC.
  • the user equipment is termed a portable subscriber terminal, operating in conjunction with its associated PC.
  • the wireless access user is described in the above co- pending application and is a part of a UMTS/UTRAN system 23 as described in the above co-pending application, which communicates in a wireless manner via a UTRAN network to an integrated network controller (INC) 24, via a link 1.
  • INC integrated network controller
  • Such controller may be connected by wire or otherwise to an Internet system or web 31.
  • the controller 24 includes an RNC or Radio Network Controller 26, which controls and allocates the radio network resources and provides reliable delivery of user traffic between a base station (NODE B) and subscriber terminal.
  • An SGSN (Serving General Packet Radio Service Node) 27 provides session control.
  • a RADIUS element designated RADIUS client 28 is incorporated to provide authentication and other functions.
  • the Internet protocol network 31 is connected to INC 24 by an Internet Protocol connection 32 and then to a UMTS access network operator 35, through its Layer 2 Tunneling Protocol Network Server 35', having a RADIUS server 34.
  • RADIUS server unit 34 may, for example, be in the user's home area of San Francisco (S.F.) and is the home Radius server. Thus, this is the server for both authentication and accounting functions as described in the above co- pending application.
  • the user would communicate via the network 31 with target Internet service provider 36 through its Layer 2 Tunneling Protocol Network Server LNS 36'.
  • the user's subscriber terminal may be in New York (N.Y.)
  • he is a roaming user, who must use a partner access network operator.
  • RADIUS server 37 N.Y.
  • UMTS access network operator 38 which has a roaming agreement.
  • that operator 38 would have an LNS unit 38' .
  • FIG. 2 illustrates the typical home operation of the system using RADIUS servers where after start as shown in step 1, the integrated network controller (INC) receives a session request from the mobile wireless user (UE) for Internet access.
  • the numbered steps of FIG. 2 correspond to the communication paths illustrated in FIG. 1.
  • INC 24 requests access verification for the mobile wireless user from the RADIUS server 34.
  • the link 2 is illustrated in network 31.
  • the decision is made by RADIUS server 34 whether to accept or reject the user as shown by the accept and reject paths and verifies the user ID and password.
  • Each user has both a user identifier, a user password, and also includes an identification for its access network operator 35.
  • step 9 the INC 24 tears down the session and it comes to an end.
  • the integrated network controller receives the accept message (see the link 4 in the network 31 in FIG. 1) with the subscribed-to-tier of service, roaming indicator (in this case it would be negative) and target ISP.
  • step 5 see the link 5 in FIG. 1) the INC 24 connects to the LNS 36' of the target ISP 36 and the user does an end-to-end negotiation for ISP access with LNS 36'. Then the Internet session, between the user' s PC and the target ISP begins.
  • FIG. 3 illustrates the normal authentication, connection and session tear down between the INC radius client 28 and the home server 34.
  • access is requested and then accepted in 42.
  • the connection is made as shown in 43 via a layer 2 tunneling protocol tunnel to the target ISP.
  • a user disconnect notification is provided to the radius server 34 as discussed in the above co-pending application.
  • FIG. 4 is very similar to FIG. 1 and simplified with the links 1, 2, 4, 5 being the same as illustrated in FIG. 1.
  • the user is attempting to gain access via UMTS roaming where access is desired with the partner or operator 38 with a roaming agreement.
  • step 1 the INC 24 receives a session request from the wireless user as before. Then, in step 2 the INC 24 requests access verification for the mobile wireless user from the radius server 34.
  • the access network operator identifier which has been supplied to the UE 21' and 22' is sent up via the radius client 28 and the SGSN 27 but identifies a different UMTS access network operator, with whom this operator has a roaming agreement.
  • the users 21 and 22, as illustrated in FIG. 4 are now out of their home territory as shown by the access network operator ID.
  • step 3' the radius server 34 determines that this is a request from a roaming user (based on operator ID sent up in the request) and it forwards (link 3', FIG. 4) the request to the partner operator radius server 37.
  • the partner radius server 37 verifies user ID and password. If no verification occurs, then a rejection and tear down occurs as shown in steps 8 and 9 similar to FIG. 2. However, if acceptance occurs then in step 10 via the link 10 as shown in FIG. 4 between partner operator 38 and home operator 35, the home radius server 34 receives the accept and passes it on to the INC 24. In step 4 and the link 4 shown in FIG. 4 (similar to that of FIG.
  • step 5 the INC 24 receives the accept message with the subscribed-to-tier of service, the roaming indicator (which in this case is positive) , and the subscribed-to ISP.
  • the INC 24 connects to the LNS of the target ISP 36. Again, the user begins a session.
  • the message types, structure and encoding are standard as outlined in the RFC 2138 above. As shown in those standards, the data packets all have pre-assigned attributes which are given a standard attribute number. To facilitate the additional functionality required for a RADIUS server to perform the HLR function, the standard attributes are required and also additional attributes. These are all contained in the code format of FIG. 6 where octets relate to the data octets and the box labeled TYPE relates to the attribute number. In the RADIUS system, attribute number 26 is a vendor-specific attribute. Morever, this is believed to be the most convenient way in order to interface with the standard RADIUS system.
  • FIG. 6 is a basic code format which would be modified for each particular function and, thus, it illustrates in general the basic code format.
  • a user name attribute is included (that is, type number 1) and the data of the octet string takes the form of a network access identifier (NAI) defined by an attribute number 32.
  • NAI network access identifier
  • the vendor specific attribute which differentiates this system from the standard PSTN system would in the box of FIG. 6 labeled IPW-Type and have the number 10 to show a NODE B ID (that is, the base station ID) .
  • the identification of that ID would actually be in the VALUE box as shown in FIG. 6.
  • Another vendor-specific attribute is the ISP name indicated in the IPW-Type box by the number 9, and the actual name would be expressed as a string octet as indicated in FIG. 6.
  • the present system provides a tier of service value which is related to the data capacity which the ultimate subscriber terminal is to have and also the latency.
  • latency is defined as a time lag between the beginning of a request for data and the moment it begins to be received.
  • tier of service is indicated by IPW-Type attribute number 1 and in the value field the following enumerated values are provided starting from a low level to a high level.

Abstract

Internet web technology is used, and specifically a RADIUS (Remote Authentication Dial-In User System) and associated protocols to authenticate network access for fixed end users and for end users who roam in a wireless system.

Description

USE OP RADIUS IN UMTS TO PERFORM HLR FUNCTION AND FOR ROAMING
RELATED APPLICATIONS
U.S. patent application Serial No. 09/626,582, filed July 27, 2000, entitled "USE OF INTERNET WEB TECHNOLOGY TO PERFORM ACCOUNTING FUNCTIONS", which is a continuation- in-part of U.S. patent application Serial No. 09/626,699, filed July 27, 2000, entitled "USE OF INTERNET WEB TECHNOLOGY TO REGISTER WIRELESS ACCESS CUSTOMERS," which is a continuation-in-part of U.S. patent application Serial No. 09/432,824, filed November 2, 1999, entitled "CELLULAR WIRELESS INTERNET ACCESS SYSTEM USING SPREAD 'SPECTRUM AND INTERNET PROTOCOL (IP)", and published in equivalent form as European patent publication EP1098539.
INTRODUCTION
The present invention is directed to the use of the Internet web technology to perform a home location register function in a wireless access network.
BACKGROUND OF THE INVENTION
As disclosed in application Serial No. 09/432,824 of November 2, 1999 entitled CELLULAR WIRE INTERNET ACCESS SYSTEM USING SPREAD SPECTRUM AND INTERNET PROTOCOL (IP), this describes a cellular wireless Internet access system which operates in the 2 gigahertz or other frequency bands to provide high data rates to fixed and portable wireless Internet devices. Such users connect to near-by base stations which in turn communicate to Integrated Network Controllers which are then connected to the Internet. Such wireless implementation relates to an access network of the UMTS (Universal Mobile Telephone Service) and its subset UTRAN (Universal Terrestrial Radio Access Network) standards. UMTS/UTRAN standards are published by the 3G Project Partnership (3GPP) , www.3gpp. org.
In any telecommunications access system, be it wired or wireless, there must be accommodation for end users who roam. In traditional cellular wireless systems, roaming is typically controlled by a Home Location Register (HLR) which communicates with the cellular network using traditional telecommunications protocols such as
Signaling System #7 (SS7) . Where the access to the Internet is via the Public Switched Telephone Network (PSTN), a RADIUS server provides such function. A description of RADIUS is provided by an Internet article, RFC2138 Remote Authentication Dial-In User Service (RADIUS) by C. Rigney, et al., April 1997 which is available at WWW.IETF.ORG (Internet Engineering Task Force) . Thus far, this system, however, has only been used for Public Switched Telephone Network access. Traditional mobile communications roaming methods protocols may not satisfactorily support the roaming function of the Internet Protocol (IP) based wireless access system describe in the above co-pending application 09/432,824. There is therefore a need for provision of HLR functions and roaming in an IP based wireless access system whereby the above disadvantages may be alleviated.
SUMMARY OF INVENTION
In accordance with a first aspect of the invention there is provided a method of operation in a wireless access network system, as claimed in claim 1.
In accordance with a second aspect of the invention there is provided a wireless access network system, as claimed in claim 13. In accordance with a third aspect of the invention there is provided a RADIUS arrangement for use in a wireless access network system, as claimed in claim 25.
In accordance with a fourth aspect of the invention there is provided a network controller for use in a wireless access network system, the network controller having a RADIUS client for use with a RADIUS server in authorising user access to the network, as claimed in claim 26. In accordance with a fifth aspect of the invention there is provided a computer program element comprising computer program means for performing the method of operation in a wireless access network system, as claimed in claim in claim 27.
In a preferred form of the invention, there is provided a method of operating a cellular wireless Internet access system using RADIUS (Remote Authentication Dial-In User Service) which is normally used for dial-up Internet access over the PSTN (Public Switched Telephone Network) where the user utilizes a portable subscriber terminal with a directly attached antenna for communicating in a wireless manner via a cellular network to an integrated network controller and then to a target Internet Service Provider (ISP), comprising the steps of providing the subscriber terminal with an access network operator identifier and user identifier and password, both related to said access network operator. The subscriber terminal requests Internet access from the integrated network controller. The integrated network controller requests verification of the user from the RADIUS server of the operator. The RADIUS server verifies the user identifier and password. The integrated network controller receives an acceptance message. The integrated network controller connects to a layer two tunneling protocol network server and a targeted Internet service provider and the subscriber terminal begins an Internet session. BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a block diagram of an Internet system illustrating the present invention.
FIG. 2 is a flow chart illustrating the method of FIG. 1 of the present invention.
FIG. 3 is a diagram illustrating the method of FIG. 1 of the present invention.
FIG. 4 is a block diagram similar to FIG. 1.
FIG 5. is a flow chart for FIG. 4,
FIG. 6 is a data format diagram.
DETAILED DESCRIPTION OF PREFERRED EMBODIMENT
Referring now to FIG. 1, two typical users of the Internet access system are illustrated at 21 and 22. Each wireless access user has a personal computer PC and a UMTS user equipment (UE) 21' and 22' with a directly attached antenna 20 and is connected by typical data connections such as an RS232, USB or Ethernet to the PC. The user equipment is termed a portable subscriber terminal, operating in conjunction with its associated PC. The wireless access user is described in the above co- pending application and is a part of a UMTS/UTRAN system 23 as described in the above co-pending application, which communicates in a wireless manner via a UTRAN network to an integrated network controller (INC) 24, via a link 1. Such controller may be connected by wire or otherwise to an Internet system or web 31. As discussed in the above co-pending application, the controller 24 includes an RNC or Radio Network Controller 26, which controls and allocates the radio network resources and provides reliable delivery of user traffic between a base station (NODE B) and subscriber terminal. An SGSN (Serving General Packet Radio Service Node) 27 provides session control. Lastly, a RADIUS element designated RADIUS client 28 is incorporated to provide authentication and other functions.
The Internet protocol network 31 is connected to INC 24 by an Internet Protocol connection 32 and then to a UMTS access network operator 35, through its Layer 2 Tunneling Protocol Network Server 35', having a RADIUS server 34. RADIUS server unit 34 may, for example, be in the user's home area of San Francisco (S.F.) and is the home Radius server. Thus, this is the server for both authentication and accounting functions as described in the above co- pending application. Thus, after authentication normally the user would communicate via the network 31 with target Internet service provider 36 through its Layer 2 Tunneling Protocol Network Server LNS 36'. However, in the case where the user's subscriber terminal may be in New York (N.Y.), for example, he is a roaming user, who must use a partner access network operator. Specifically, RADIUS server 37 (N.Y.) along with a UMTS access network operator 38, which has a roaming agreement. Of course, that operator 38 would have an LNS unit 38' .
FIG. 2 illustrates the typical home operation of the system using RADIUS servers where after start as shown in step 1, the integrated network controller (INC) receives a session request from the mobile wireless user (UE) for Internet access. The numbered steps of FIG. 2 correspond to the communication paths illustrated in FIG. 1.
Next in step 2, INC 24 requests access verification for the mobile wireless user from the RADIUS server 34. Referring to FIG 1, for step 2 the link 2 is illustrated in network 31. In step 3, the decision is made by RADIUS server 34 whether to accept or reject the user as shown by the accept and reject paths and verifies the user ID and password. Each user, of course, has both a user identifier, a user password, and also includes an identification for its access network operator 35.
Thus, to summarize so far, when a user requests wireless Internet access, three pieces of authentication information are sent up into the network: 1) operator identifier - the name of the UMTS access licensed operator, 2) user identifier relating to the UMTS access licensed operator, and 3) user password relating to the UMTS access licensed operator. As thus far illustrated, the user authentication is taking place within the home network. As will be discussed below, it can also take place where the user is roaming onto another network, as will be described in conjunction with FIGS. 4 and 5.
Completing the flow chart of FIG. 2, if the authentication is rejected as shown at 8, then in step 9, the INC 24 tears down the session and it comes to an end. However, if an acceptance takes place as shown in step 4, the integrated network controller receives the accept message (see the link 4 in the network 31 in FIG. 1) with the subscribed-to-tier of service, roaming indicator (in this case it would be negative) and target ISP. Then in step 5 (see the link 5 in FIG. 1) the INC 24 connects to the LNS 36' of the target ISP 36 and the user does an end-to-end negotiation for ISP access with LNS 36'. Then the Internet session, between the user' s PC and the target ISP begins.
FIG. 3 illustrates the normal authentication, connection and session tear down between the INC radius client 28 and the home server 34. In step 41, access is requested and then accepted in 42. Then the connection is made as shown in 43 via a layer 2 tunneling protocol tunnel to the target ISP. Again, there is a disconnect access request at 44 and an access accept at 46. Finally, for accounting purposes a user disconnect notification is provided to the radius server 34 as discussed in the above co-pending application.
FIG. 4 is very similar to FIG. 1 and simplified with the links 1, 2, 4, 5 being the same as illustrated in FIG. 1. Here, the user is attempting to gain access via UMTS roaming where access is desired with the partner or operator 38 with a roaming agreement.
Referring now to the flow chart of FIG. 5, as well as FIG. 4, after Start, in step 1 the INC 24 receives a session request from the wireless user as before. Then, in step 2 the INC 24 requests access verification for the mobile wireless user from the radius server 34. In this case, the access network operator identifier which has been supplied to the UE 21' and 22' is sent up via the radius client 28 and the SGSN 27 but identifies a different UMTS access network operator, with whom this operator has a roaming agreement. In other words, the users 21 and 22, as illustrated in FIG. 4, are now out of their home territory as shown by the access network operator ID. In step 3', the radius server 34 determines that this is a request from a roaming user (based on operator ID sent up in the request) and it forwards (link 3', FIG. 4) the request to the partner operator radius server 37. In decision step 3, the partner radius server 37 verifies user ID and password. If no verification occurs, then a rejection and tear down occurs as shown in steps 8 and 9 similar to FIG. 2. However, if acceptance occurs then in step 10 via the link 10 as shown in FIG. 4 between partner operator 38 and home operator 35, the home radius server 34 receives the accept and passes it on to the INC 24. In step 4 and the link 4 shown in FIG. 4 (similar to that of FIG. 1) the INC 24 receives the accept message with the subscribed-to-tier of service, the roaming indicator (which in this case is positive) , and the subscribed-to ISP. In step 5, as above, the INC 24 connects to the LNS of the target ISP 36. Again, the user begins a session.
To implement the above messages of FIG. 3 in RADIUS, the message types, structure and encoding are standard as outlined in the RFC 2138 above. As shown in those standards, the data packets all have pre-assigned attributes which are given a standard attribute number. To facilitate the additional functionality required for a RADIUS server to perform the HLR function, the standard attributes are required and also additional attributes. These are all contained in the code format of FIG. 6 where octets relate to the data octets and the box labeled TYPE relates to the attribute number. In the RADIUS system, attribute number 26 is a vendor-specific attribute. Morever, this is believed to be the most convenient way in order to interface with the standard RADIUS system. However, it is possible to create new attribute types. But it is believed that interfacing with the standard RADIUS system is the most efficient way to accomplish the method of the present invention. Thus, the following discussion relates to the message definitions of FIG. 3 with the data format of FIG. 6 where when standard attributes must be used in a particular way they will be specifically described below.
FIG. 6 is a basic code format which would be modified for each particular function and, thus, it illustrates in general the basic code format. Now also referring to FIG. 3, with relation to step 41, the access request, a user name attribute is included (that is, type number 1) and the data of the octet string takes the form of a network access identifier (NAI) defined by an attribute number 32. For example, this might be user @ realm. Then, the vendor specific attribute (attribute number 26 as discussed above) which differentiates this system from the standard PSTN system would in the box of FIG. 6 labeled IPW-Type and have the number 10 to show a NODE B ID (that is, the base station ID) . The identification of that ID would actually be in the VALUE box as shown in FIG. 6. Another vendor-specific attribute is the ISP name indicated in the IPW-Type box by the number 9, and the actual name would be expressed as a string octet as indicated in FIG. 6.
Next, with regard the step 42, the access-accept message, the present system provides a tier of service value which is related to the data capacity which the ultimate subscriber terminal is to have and also the latency. And latency, of course, is defined as a time lag between the beginning of a request for data and the moment it begins to be received. Thus, referring to FIG. 6 such tier of service is indicated by IPW-Type attribute number 1 and in the value field the following enumerated values are provided starting from a low level to a high level.
0 Bronze
1 Silver
2 Gold
3 Business
In addition in the access accept message, there is another vendor-specific roaming indication indicating whether roaming is being done where in the value field of FIG. 6 after an IPW-Type number 2 is placed a value of 0 indicating a home network subscriber and a value of 1 indicating a roaming subscriber. Of course, the ISP name is also provided in a string data octet as discussed above. Lastly, there are no significant changes for either the access request or the access accept steps 44 and 46.
It is believed in the context of the wireless system as above that the assigning of tiers of services is unique especially when this is related to the standard data format of existing RADIUS standards.
It will, of course, be appreciated that the HLR and roaming functions discussed above will typically be carried out in computer programs or routines in software (like other system functions) running on processors (not shown) . Thus, an improved roaming function in a wireless network has been provided in which Radius Server and associated protocols replace the traditional UMTS or cellular network HLR function and its associated protocols.

Claims

WHAT IS CLAIMED IS:
1. A method of operation in a wireless access network system, comprising the steps of: providing a RADIUS arrangement; providing a network controller; a user accessing the network via wireless user equipment and requesting access to a desired service provider; the network controller receiving the user access request, requesting verification of the user from the RADIUS arrangement of the desired service provider and receiving user acceptance therefrom; and the network controller connecting to the desired service provider and the user thereby establishing a communication link therewith to begin a communication session.
2. The method of claim 1, wherein a predetermined service provider identification is associated with the wireless user equipment and the step of requesting verification of the user comprises: requesting verification of the user from a first RADIUS arrangement associated with a first service provider; in the event that the predetermined service provider identification does not match that of the first service provider, the first RADIUS arrangement communicating the verification request to a further RADIUS arrangement of a service provider whose identification matches the predetermined service provider identification; and the further RADIUS arrangement communicating user acceptance to the network controller.
3. The method of claim 1 or 2, including assigning the user a tier of service value related to data capacity.
4. The method of claim 1, 2 or 3, including assigning the user a tier of service value related to latency.
5. The method of claim 3 wherein the assigned tier of service value is contained in a standard RADIUS format message .
6. The method of any preceding claim wherein the system is a cellular wireless Internet access system.
7. The method of any preceding claim wherein the system is a UMTS system.
8. The method of any preceding claim wherein a user identifier and password related to a predetermined service provider are associated with the wireless user equipment, and the step of requesting verification of the user comprises communicating the user identifier and password to the RADIUS arrangement of the desired service provider.
9. The method of any preceding claim wherein the step of the network controller connecting to the desired service provider comprises the network controller connecting via a Layer 2 Tunneling Protocol link.
10. The method of any preceding claim wherein the service provider is an Internet service provider.
11. The method of any preceding claim wherein the step of requesting verification of the user comprises sending to the RADIUS arrangement a standard format RADIUS message containing: a user name attribute, a network access identifier equal to 32, a vendor specific attribute equal to 26, a base station ID value equal to 6, a service provider value equal to 9, and a text string indicating the name of the desired service provider.
12. The method of any preceding claim wherein the step of receiving user acceptance from the RADIUS arrangement of the desired service provider comprises receiving a standard format RADIUS message containing: a user name attribute, a network access identifier equal to 32, a vendor specific attribute equal to 26, a base station ID value equal to 6, a service provider value equal to 9, a text string indicating the name of the desired service provider, and an indication of whether the user is a home network user or a roaming user.
13. A wireless access network system, comprising: a RADIUS arrangement; a network controller; wireless user equipment for a user to access the network and to make a user access request to a desired service provider; the network controller being arranged to receive the user access request, and to request verification of the user from the RADIUS arrangement of the desired service provider and to receive user acceptance therefrom; and the network controller being arranged to connect to the desired service provider and the user thereby establishing a communication link therewith to begin a communication session.
14. The system of claim 13, wherein a predetermined service provider identification is associated with the wireless user equipment and the network controller is arranged to request verification of the user by requesting verification of the user from a first RADIUS arrangement associated with a first service provider; in the event that the predetermined service provider identification does not match that of the first service provider, the first RADIUS arrangement is arranged to communicate the verification request to a further RADIUS arrangement of a service provider whose identification matches the predetermined service provider identification; and the further RADIUS arrangement is arranged to communicate user acceptance to the network controller.
15. The system of claim 13 or 14, wherein the system is arranged to assign the user a tier of service related to data capacity.
16. The system of claim 13, 14 or 15, wherein the system is arranged to assign the user a tier of service related to latency.
17. The system of claim 15 or 16 wherein a value indicative of the assigned tier of service is contained in a standard RADIUS format message.
18. The system of any one of claims 13-17 wherein the system is a cellular wireless Internet access system.
19. The system of any one of claims 13-18 wherein the system is a UMTS system.
20. The system of any one of claims 13-19 wherein a user identifier and password related to a predetermined service provider are associated with the wireless user equipment, and the network controller is arranged to request verification of the user by communicating the user identifier and password to the RADIUS arrangement of the desired service provider.
21. The system of any one of claims 13-20 wherein the network controller is arranged to connect to the desired service provider via a Layer 2 Tunnelling Protocol link.
22. The system of any one of claims 13-21 wherein the service provider is an Internet service provider.
23. The system of any one of claims 13-22 wherein the network controller is arranged to request verification of the user by sending to the RADIUS arrangement a standard format RADIUS message containing: a user name attribute, a network access identifier equal to 32, a vendor specific attribute equal to 26, a base station ID value equal to 6, a service provider value equal to 9, and a text string indicating the name of the desired service provider.
24. The system of any one of claims 13-23 wherein the RADIUS arrangement is arranged to indicate user acceptance to the network controller by sending a standard format RADIUS message containing: a user name attribute, a network access identifier equal to 32, a vendor specific attribute equal to 26, a base station ID value equal to 6, a service provider value equal to 9, a text string indicating the name of the desired service provider, and an indication of whether the user is a home network user or a roaming user.
25. A RADIUS arrangement for use in a wireless access network system, the RADIUS arrangement being arranged to receive from a network controller of the system a request for verification of a wireless equipment user, and to provide to the network controller user acceptance.
26. A network controller for use in a wireless access network system, the network controller having a RADIUS client for use with a RADIUS server in authorising user access to the network.
27. A computer program element comprising computer program means for performing the method of operation in a wireless access network system as claimed in any one of claims 1 to 12.
28. A method of operating a cellular wireless Internet access system using RADIUS (Remote Authentication Dial-In User Service) which is normally used with a PSTN (Public Switched Telephone Network) where the user utilizes a portable subscriber terminal with a directly attached antenna for communicating in a wireless manner via a cellular network to an integrated network controller to a target Internet Service Provider (ISP), comprising the following steps: providing said subscriber terminal with an access network operator identifier and user identifier and password, both related to said access network operator; the subscriber terminal requesting access from the integrated network controller; the integrated network controller requesting verification of the user from the RADIUS server of said operator; the RADIUS server verifying the user identifier and password; the integrated network controller receiving an acceptance message; the integrated network controller connecting to a layer two tunneling protocol network server and a targeted Internet service provider and the subscriber terminal beginning an Internet session.
29. A method as in claim 28 including the step of said RADIUS server determining based on operator ID, that this is a roaming user, and the step of said RADIUS server of said home access network operator forwarding to a partner licensed operator and its said RADIUS server, the subscriber request for access, and the step of said partner RADIUS server verifying user ID and password and passing it on to the integrated network controller.
30. A method as in claim 28 including the step of assigning a subscriber terminal a tier of service value related to the data capacity and latency of said access system.
31. A method as in claim 28 where said RADIUS has a standard data format and including the step of storing said tier of service value in said format.
PCT/GB2001/003385 2000-07-27 2001-07-27 Use of radius (remote authentication dial-in user service) in umts to perform hlr function and for roaming WO2002011467A2 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
JP2002515858A JP5083718B2 (en) 2000-07-27 2001-07-27 Method and system using RADIUS in UMTS for HLR function execution and roaming
MXPA02003159A MXPA02003159A (en) 2000-07-27 2001-07-27 Use of radius in umts to perform hlr function and for roaming.
EP01953216A EP1410569A2 (en) 2000-07-27 2001-07-27 Use of radius (remote authentication dial-in user service) in umts to perform hlr function and for roaming
AU75711/01A AU784411B2 (en) 2000-07-27 2001-07-27 Use of radius in UMTS to perform HLR function and for roaming
CA002384890A CA2384890A1 (en) 2000-07-27 2001-07-27 Use of radius in umts to perform hlr function and for roaming

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US62670000A 2000-07-27 2000-07-27
US09/626,700 2000-07-27

Publications (2)

Publication Number Publication Date
WO2002011467A2 true WO2002011467A2 (en) 2002-02-07
WO2002011467A3 WO2002011467A3 (en) 2002-11-21

Family

ID=24511458

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2001/003385 WO2002011467A2 (en) 2000-07-27 2001-07-27 Use of radius (remote authentication dial-in user service) in umts to perform hlr function and for roaming

Country Status (7)

Country Link
EP (1) EP1410569A2 (en)
JP (1) JP5083718B2 (en)
AU (1) AU784411B2 (en)
CA (1) CA2384890A1 (en)
GB (1) GB2369271B (en)
MX (1) MXPA02003159A (en)
WO (1) WO2002011467A2 (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2369271A (en) * 2000-07-27 2002-05-22 Ipwireless Inc Using radius to perform a home location register function in a wireless access network and for roaming
WO2003024128A1 (en) * 2001-09-12 2003-03-20 Telefonaktiebolaget Lm Ericsson (Publ.) Arrangements and method in mobile internet communications systems
EP1372298A1 (en) * 2002-06-14 2003-12-17 TeliaSonera Finland Oyj Method of transferring user data of a data transmission device of a wireless local area network, and wireless local area network system
GB2394143A (en) * 2002-10-08 2004-04-14 Ipwireless Inc System and method for use of internet authentication technology to provide umts authentication of a usim in a radius server means
WO2005029904A1 (en) 2003-09-15 2005-03-31 Qualcomm, Incorporated Systems and methods for home carrier determination using a centralized server
JP2007507125A (en) * 2003-07-03 2007-03-22 華為技術有限公司 Method for processing network selection information in user terminal of wireless local area network
CN1319337C (en) * 2003-07-02 2007-05-30 华为技术有限公司 Authentication method based on Ethernet authentication system
US7519036B2 (en) 2003-06-06 2009-04-14 Huawei Technologies Co., Ltd. Method of user access authorization in wireless local area network
US8117291B1 (en) 1999-11-02 2012-02-14 Wireless Technology Solutions Llc Use of internet web technology to register wireless access customers

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6865169B1 (en) 1999-11-02 2005-03-08 Ipwireless, Inc. Cellular wireless internet access system using spread spectrum and internet protocol
US7416714B2 (en) 2006-03-28 2008-08-26 Unimin Corporation Preparation of hydroxysodalite
US8910300B2 (en) * 2010-12-30 2014-12-09 Fon Wireless Limited Secure tunneling platform system and method

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999001969A1 (en) * 1997-07-03 1999-01-14 3Com Corporation Network access methods, including direct wireless to internet access
EP0918417A2 (en) * 1997-10-14 1999-05-26 Lucent Technologies Inc. Message and communication system in network
US6061650A (en) * 1996-09-10 2000-05-09 Nortel Networks Corporation Method and apparatus for transparently providing mobile network functionality
WO2001028168A1 (en) * 1999-10-08 2001-04-19 Microsoft Corporation Transfer of packet data from a network server to a mobile station over a digital radio communication network
WO2001041470A2 (en) * 1999-12-03 2001-06-07 Qualcomm Incorporated Method and apparatus for authentication in a wireless telecommunications system
WO2001067706A2 (en) * 2000-03-10 2001-09-13 Telefonaktiebolaget L M Ericsson (Publ) Method in a packet data network of reporting accounting records

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5889958A (en) * 1996-12-20 1999-03-30 Livingston Enterprises, Inc. Network access control system and process
US6512754B2 (en) * 1997-10-14 2003-01-28 Lucent Technologies Inc. Point-to-point protocol encapsulation in ethernet frame
US6466571B1 (en) * 1999-01-19 2002-10-15 3Com Corporation Radius-based mobile internet protocol (IP) address-to-mobile identification number mapping for wireless communication
WO2002011467A2 (en) * 2000-07-27 2002-02-07 Ipwireless, Inc. Use of radius (remote authentication dial-in user service) in umts to perform hlr function and for roaming

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6061650A (en) * 1996-09-10 2000-05-09 Nortel Networks Corporation Method and apparatus for transparently providing mobile network functionality
WO1999001969A1 (en) * 1997-07-03 1999-01-14 3Com Corporation Network access methods, including direct wireless to internet access
EP0918417A2 (en) * 1997-10-14 1999-05-26 Lucent Technologies Inc. Message and communication system in network
WO2001028168A1 (en) * 1999-10-08 2001-04-19 Microsoft Corporation Transfer of packet data from a network server to a mobile station over a digital radio communication network
WO2001041470A2 (en) * 1999-12-03 2001-06-07 Qualcomm Incorporated Method and apparatus for authentication in a wireless telecommunications system
WO2001067706A2 (en) * 2000-03-10 2001-09-13 Telefonaktiebolaget L M Ericsson (Publ) Method in a packet data network of reporting accounting records

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
EKSTEIN R ET AL: "AAA protocols: Comparison between RADIUS, DIAMETER and COPS" ROAMOPS WORKING GROUP INTERNET DRAFT, August 1999 (1999-08), pages 1-17, XP002141537 *

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8117291B1 (en) 1999-11-02 2012-02-14 Wireless Technology Solutions Llc Use of internet web technology to register wireless access customers
GB2369271A (en) * 2000-07-27 2002-05-22 Ipwireless Inc Using radius to perform a home location register function in a wireless access network and for roaming
GB2369271B (en) * 2000-07-27 2004-11-10 Ipwireless Inc Use of radius in UMTS to perform HLR function and for roaming
WO2003024128A1 (en) * 2001-09-12 2003-03-20 Telefonaktiebolaget Lm Ericsson (Publ.) Arrangements and method in mobile internet communications systems
GB2394866A (en) * 2001-09-12 2004-05-05 Ericsson Telefon Ab L M Arrangements and method in mobile internet communications systems
GB2394866B (en) * 2001-09-12 2006-03-15 Ericsson Telefon Ab L M Arrangements and method in mobile internet communications systems
EP1372298A1 (en) * 2002-06-14 2003-12-17 TeliaSonera Finland Oyj Method of transferring user data of a data transmission device of a wireless local area network, and wireless local area network system
GB2394143A (en) * 2002-10-08 2004-04-14 Ipwireless Inc System and method for use of internet authentication technology to provide umts authentication of a usim in a radius server means
WO2004034673A1 (en) * 2002-10-08 2004-04-22 Ipwireless, Inc. System and method to provide umts and internet authentication
GB2394143B (en) * 2002-10-08 2006-04-05 Ipwireless Inc System and method for use of internet authentication technology to provide umts authentication
US8077688B2 (en) 2003-06-06 2011-12-13 Huawei Technologies Co., Ltd. Method of user access authorization in wireless local area network
US7519036B2 (en) 2003-06-06 2009-04-14 Huawei Technologies Co., Ltd. Method of user access authorization in wireless local area network
CN1319337C (en) * 2003-07-02 2007-05-30 华为技术有限公司 Authentication method based on Ethernet authentication system
JP2007507125A (en) * 2003-07-03 2007-03-22 華為技術有限公司 Method for processing network selection information in user terminal of wireless local area network
JP2007520910A (en) * 2003-09-15 2007-07-26 クゥアルコム・インコーポレイテッド System and method for home carrier determination using a centralized server
JP2011130455A (en) * 2003-09-15 2011-06-30 Qualcomm Inc System and method for home carrier determination using centralized server
WO2005029904A1 (en) 2003-09-15 2005-03-31 Qualcomm, Incorporated Systems and methods for home carrier determination using a centralized server
KR101120979B1 (en) * 2003-09-15 2012-03-09 퀄컴 인코포레이티드 Systems and methods for home carrier determination using a centralized server
US8160580B2 (en) 2003-09-15 2012-04-17 Qualcomm Incorporated Systems and methods for home carrier determination using a centralized server
CN102811434A (en) * 2003-09-15 2012-12-05 高通股份有限公司 Systems and methods for home carrier determination using a centralized server

Also Published As

Publication number Publication date
JP5083718B2 (en) 2012-11-28
EP1410569A2 (en) 2004-04-21
GB2369271A (en) 2002-05-22
WO2002011467A3 (en) 2002-11-21
GB2369271B (en) 2004-11-10
JP2004505568A (en) 2004-02-19
CA2384890A1 (en) 2002-02-07
AU7571101A (en) 2002-02-13
AU784411B2 (en) 2006-03-30
GB0118391D0 (en) 2001-09-19
MXPA02003159A (en) 2003-09-22

Similar Documents

Publication Publication Date Title
EP1842353B1 (en) Method for selecting an access point name (apn) for a mobile terminal in a packet switched telecommunications network
CN1689369B (en) Method and system for establishing a connection via an access network
EP2403283B1 (en) Improved subscriber authentication for unlicensed mobile access signaling
EP1693988B1 (en) A method of the subscriber terminal selecting the packet data gateway in the wireless local network
CN1998260A (en) Method and system for providing backward compatibility between protocol for carrying authentication for network access (PANA) and point-to-point protocol (PPP) in a packet data network
US20030145091A1 (en) Access terminal profile in a data cellular network
US20040162998A1 (en) Service authentication in a communication system
US20030171112A1 (en) Generic wlan architecture
EP1452050A1 (en) A method for providing service based on service quality and an accounting method in a mobile communication system
MXPA04012155A (en) Wlan as a logical support node (sgsn) for interworking between the wlan and a mobile communications system.
US7587209B2 (en) Method of SMS message transfer after GPRS attach
AU784411B2 (en) Use of radius in UMTS to perform HLR function and for roaming
US20080076454A1 (en) Method and system of forming a wlan for a dual mode cellular device
CN100553240C (en) Support the device of access registrar and the method for system and use thereof
US8117291B1 (en) Use of internet web technology to register wireless access customers
KR100399576B1 (en) The Servicing Method of Simple IP and Mobile IP Service in IMT-2000 Packet Data Service Node
US8463231B1 (en) Use of radius in UMTS to perform accounting functions
WO2006003630A1 (en) Method and system for providing backward compatibility between protocol for carrying authentication for network access (pana) and point-to-point protocol (ppp) in a packet data network
KR20050095420A (en) The method of charging of user traffic except for signaling in umts network
CN103582159A (en) Method and system for establishing multiple connections in fixed and mobile convergence scene
WO2006003629A1 (en) Method and packet data serving node for providing network access to mobile terminals using protocol for carrying authentication for network access (pana) and point-to-point protocol (ppp)
KR100485517B1 (en) Apparatus and method of user authentication for WLAN system
CN103687049A (en) Multi-connection establishing method and system
US7904359B1 (en) Providing accounting services for a communication network
Park Wireless Internet access of the visited mobile ISP subscriber on GPRS/UMTS network

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

ENP Entry into the national phase

Ref document number: 2002 515858

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2384890

Country of ref document: CA

Ref document number: PA/A/2002/003159

Country of ref document: MX

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 518630

Country of ref document: NZ

WWE Wipo information: entry into national phase

Ref document number: 75711/01

Country of ref document: AU

AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWE Wipo information: entry into national phase

Ref document number: 2001953216

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 2001953216

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2001953216

Country of ref document: EP