HK1144628A - Home base station - Google Patents
Home base station Download PDFInfo
- Publication number
- HK1144628A HK1144628A HK10111078.0A HK10111078A HK1144628A HK 1144628 A HK1144628 A HK 1144628A HK 10111078 A HK10111078 A HK 10111078A HK 1144628 A HK1144628 A HK 1144628A
- Authority
- HK
- Hong Kong
- Prior art keywords
- base station
- packet data
- home base
- wireless communication
- access terminal
- Prior art date
Links
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
This application claims priority from U.S. provisional patent application No.60/942,643 entitled "HOME BASE STATION" filed on 7/6/2007. The foregoing application is incorporated by reference herein in its entirety.
Technical Field
The following description relates generally to wireless communications, and more particularly to base stations in wireless communication systems.
Background
Wireless communication systems are widely deployed to provide various types of communication; voice and/or data may be provided, for example, over such wireless communication systems. A typical wireless communication system or network may provide multi-user access to one or more shared resources, such as bandwidth, transmission power, interference, time slots … …. For example, the system may use various multiple access techniques such as Frequency Division Multiplexing (FDM), Time Division Multiplexing (TDM), Code Division Multiplexing (CDM), Orthogonal Frequency Division Multiplexing (OFDM), and so on.
In general, a wireless multiple-access communication system can simultaneously support communication for multiple access terminals. Each access terminal may communicate with one or more base stations via transmissions on forward and reverse links. The forward link (or downlink) refers to the communication link from base stations to access terminals, and the reverse link (or uplink) refers to the communication link from access terminals to base stations. The communication link may be established via a single-input single-output system, a multiple-input single-output system, or a multiple-input multiple-output (MIMO) system.
MIMO systems typically use multiple (N)TMultiple) transmitting antenna and multiple (N)RMultiple) receive antennas for data transmission. From NTA transmitting antenna and NRThe MIMO channel formed by the receiving antennas can be decomposed into NSA separate channel, N can be dividedSThe individual channels are called spatial channels, where NS≤{NT,NR}. This NSEach of the individual channels corresponds to a dimension. Furthermore, MIMO systems may provide improved performance (e.g., increased spectral efficiency, higher throughput, and/or greater reliability) if the additional dimensionalities created by the multiple transmit and receive antennas are utilized.
MIMO systems may support multiple duplexing techniques to divide forward and reverse link communications over a common physical medium. For example, a Frequency Division Duplex (FDD) system may use different frequency ranges for forward and reverse link communications. Further, in Time Division Duplex (TDD) systems, the forward and reverse link communications may use a common frequency range, such that the reciprocity principle allows estimation of the forward link channel from the reverse link channel.
Wireless communication systems often utilize one or more base stations that provide a coverage area. A typical base station can transmit multiple data streams for broadcast, multicast, and/or unicast services, wherein a data stream is a stream of data that can be of independent reception interest to an access terminal. An access terminal within the coverage area of that base station can be employed to receive one, more than one, or all the data streams conveyed by the composite stream. Similarly, an access terminal can transmit data to a base station or another access terminal.
There are many specific situations where mobile communication devices, such as smart phones, cellular phones, etc., lose connectivity with the macro cellular network to which they belong. Especially if the mobile or portable device is brought into a home or business location where the cell coverage is at best only sparse. The claimed subject matter is directed to solving, or at least reducing, one or all of the problems set forth above.
Disclosure of Invention
The following presents a simplified summary of one or more embodiments in order to provide a basic understanding of such embodiments. This summary is not an extensive overview of all contemplated embodiments, and is intended to neither identify key or critical elements of all embodiments nor delineate the scope of any or all embodiments. Its sole purpose is to present some concepts of one or more embodiments in a simplified form as a prelude to the more detailed description that is presented later.
In accordance with aspects disclosed herein, the claimed subject matter provides an architecture that compresses the BTS/BSC/PCF functionality into a single entity called a home base station. The home base station may utilize or use an a10 connection established between the home base station and the cellular network packet data interworking function to provide seamless handover from the home base station to the cellular network. Furthermore, according to other aspects, the claimed subject matter may use an a11 concentrator that allows multiple a11 connections to be merged, thereby reducing impact on the packet data exchange aspects of the cellular system. In addition, by utilizing the devices and functions managed by the home base station, other interfaces (e.g., a13, a16, a17, a18, a19, a21) may be established and/or utilized that enable or facilitate mobile connectivity to the macrocell network.
In accordance with one or more embodiments and corresponding disclosure thereof, various aspects are described in connection with facilitating or enabling establishment of an IPSec tunnel for use in a wireless communication environment. According to one aspect, the claimed subject matter includes a method for establishing an IPSec tunnel for use in a wireless communication environment, comprising the steps of: establishing the IPSec tunnel between a home base station and a packet data interworking function component using an IPSec establishment procedure on the home base station, the IPSec establishment procedure being based at least in part on one user, all users, or on quality of service (QoS); authenticating an access terminal associated with the home base station using at least one of a challenge-handshake authentication protocol (CHAP) at a high-speed packet data (HRDP) point-to-point protocol (PPP) or a non-access stratum (NAS) based support managed by the IPSec tunnel; identifying or selecting a packet data serving node with which to establish communication between the home base station and the packet data serving node using an International Mobile Subscriber Identity (IMSI) associated with the access terminal; and establishing an A10 connection with the packet data serving node using A11 signaling
According to yet another aspect, the claimed subject matter includes a wireless communications apparatus that establishes an IPSec tunnel for use in a wireless communication environment. The wireless communication apparatus includes: an IPSec establishment procedure using means for using an IPSec establishment procedure on means for establishing an IPSec tunnel, the IPSec tunnel being established between the means for establishing an IPSec tunnel and means for mediating communications between a secure portion of the wireless communication environment and an unprotected portion of the wireless communication environment, wherein the IPSec establishment procedure is based at least in part on one user, all users, or on a quality of service (QoS); means for authenticating mobile communications associated with the means for establishing an IPSec tunnel using one or more of high speed packet data (HRDP) point-to-point protocol (PPP) cycle-handshake authentication protocol (CHAP) or non-access stratum (NAS) based support managed by the IPSec tunnel; means for identifying or selecting a packet data service module for serving packet data using an International Mobile Subscriber Identity (IMSI) associated with the mobile communication module, wherein communication between the means for establishing an IPSec tunnel and the packet data service module is to be established using the packet data service module; and means for establishing an a10 connection with the packet data service module using a11 signaling.
According to another aspect, the claimed subject matter includes a wireless communication device comprising: a memory holding instructions related to: establishing an IPSec tunnel extending from the home base station to the packet data interworking function using an IPSec establishment procedure; directing a high-speed packet data (HRDP) point-to-point protocol (PPP) challenge-handshake authentication protocol (CHAP) to authenticate an access terminal associated with the home base station in a secure wireless communication environment through an IPSec tunnel; identifying a packet data serving node based at least in part on an International Mobile Subscriber Identity (IMSI) associated with the access terminal; establishing dynamic data exchange between the packet data serving node and the home base station; and establishing an a10 connection with the packet data serving node using a11 signaling; and a processor, coupled to the memory, configured to execute the instructions retained in the memory.
According to another aspect, the claimed subject matter includes a machine-readable medium comprising machine-executable instructions stored thereon for: establishing an IPSec tunnel between the home base station and the packet data interworking function component using an IPSec establishment procedure on the home base station, the IPSec establishment procedure based at least in part on one user, all users, or a quality of service (QoS) attribute; authenticating an access terminal associated with the home base station using at least one of a challenge-handshake authentication protocol (CHAP) or non-access stratum (NAS) support at a high speed packet data (HRDP) point-to-point protocol (PPP) directed through an IPSec tunnel; identifying or selecting a packet data serving node with which to establish communication between the home base station and the packet data serving node using an International Mobile Subscriber Identity (IMSI) associated with the access terminal; and establishing an a10 connection with the packet data serving node using a11 signaling.
Furthermore, in accordance with another aspect, the claimed subject matter can include an apparatus in a wireless communication system comprising: a processor configured to: establishing an IPSec tunnel between the home base station and a packet data interworking function component using an IPSec establishment procedure on the home base station, wherein the IPSec establishment procedure is based at least in part on one user, a plurality of users, or a quality of service (QoS) attribute; authenticating an access terminal associated with the home base station using one or more of a point-to-point protocol (PPP) challenge-handshake authentication protocol (CHAP) or non-access stratum (NAS) based support directed through the IPSec tunnel; identifying or selecting a packet data serving node with which to establish communication between the home base station and the packet data serving node using an International Mobile Subscriber Identity (IMSI) associated with the access terminal; and establishing an a10 connection with the packet data serving node using a11 signaling.
To the accomplishment of the foregoing and related ends, the one or more embodiments comprise the features hereinafter fully described and particularly pointed out in the claims. The following description and the annexed drawings set forth in detail certain illustrative aspects of the one or more embodiments. These aspects are indicative, however, of but a few of the various ways in which the principles of various embodiments may be employed and the described embodiments are intended to include all such aspects and their equivalents.
Drawings
Fig. 1 is an illustration of a wireless communication system in accordance with various aspects set forth herein.
Fig. 2 is an illustration of an example network architecture that employs home base stations in a wireless communication environment.
Fig. 3-5 illustrate exemplary network architectures employing home base stations in a wireless communication environment.
Fig. 6 is an illustration of an example access terminal establishing a tunnel through a home base station in accordance with aspects of the subject disclosure.
Fig. 7 is an illustration of an example home base station that implements tunneling in accordance with aspects of the subject disclosure.
Fig. 8 is another illustration of an example home base station that implements tunneling in accordance with aspects of the subject disclosure.
Fig. 9 provides an illustration of a home base station implementing tunneling according to an aspect of the subject disclosure.
Fig. 10 provides an illustration of an exemplary network architecture including an a11 concentrator for use in accordance with an aspect of the subject disclosure.
Fig. 11 is an illustration of an example methodology that facilitates utilizing a home base station in a wireless communication environment.
Fig. 12 is another illustration of an example access terminal establishing a tunnel through a home base station in accordance with aspects of the subject disclosure.
Fig. 13 provides an illustration of an exemplary home base station establishing a tunnel to a packet data interworking function in accordance with various aspects of the subject disclosure.
Fig. 14 is an illustration of an example system that allocates resource blocks for access terminals using a flexible signaling scheme in a wireless communication environment.
Fig. 15 is an illustration of an exemplary system that enables establishment of a tunnel linking a home base station with a packet data interworking function at a point of connection between the public internet and a core cellular wireless communication environment.
Detailed Description
Various embodiments are now described with reference to the drawings, wherein like reference numerals are used to refer to like elements throughout. In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of one or more embodiments. It may be evident, however, that such embodiment(s) may be practiced without these specific details. In other instances, well-known structures and devices are shown in block diagram form in order to facilitate describing one or more embodiments.
As used in this application, the terms "component," "module," "system," and the like are intended to refer to a computer-related entity, either hardware, firmware, a combination of hardware and firmware, software, or software in execution. For example, a component may be, but is not limited to: a process running on a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on a computing device and the computing device can be a component. One or more components can reside within a process and/or thread of execution and a component can be localized on one computer and/or distributed between two or more computers. In addition, these components can execute from various computer readable media having various data structures stored thereon. The components may communicate by way of local and/or remote processes such as in accordance with a signal having one or more data packets (e.g., data from one component interacting with another component in a local system, distributed system, and/or across a network such as the internet with other systems by way of the signal).
The techniques described herein may be used for various wireless communication systems such as Code Division Multiple Access (CDMA), Time Division Multiple Access (TDMA), Frequency Division Multiple Access (FDMA), Orthogonal Frequency Division Multiple Access (OFDMA), single carrier frequency division multiple access (SC-FDMA), and others. The terms "system" and "network" are often used interchangeably. A CDMA system may implement a radio technology such as Universal Terrestrial Radio Access (UTRA), CDMA2000, etc. UTRA includes wideband CDMA (W-CDMA) and other variants of CDMA. In addition, CDMA2000 covers IS-2000, IS-95 and IS-856 standards. TDMA systems may implement radio technologies such as global system for mobile communications (GSM). OFDMA systems may implement radio technologies such as evolved UTRA (E-UTRA), Ultra Mobile Broadband (UMB), IEEE802.11 (Wi-Fi), IEEE 802.16(WiMAX), IEEE 802.20, Flash-OFDM, etc. UTRA and E-UTRA are part of the Universal Mobile Telecommunications System (UMTS). The 3GPP Long Term Evolution (LTE) is a upcoming release of UMTS that uses E-UTRA, which uses OFDMA on the downlink and SC-FDMA on the uplink.
Single carrier frequency division multiple access (SC-FDMA) utilizes single carrier modulation and frequency domain equalization. SC-FDMA has similar performance and substantially the same overall complexity as OFDMA systems. The SC-FDMA signal has a lower peak-to-average power ratio (PAPR) due to the single carrier structure inherent to the SC-FDMA signal. For example, SC-FDMA can be used in uplink communications, where lower PAPR greatly benefits access terminals in terms of transmit power efficiency. Thus, SC-FDMA may be implemented as an uplink multiple access scheme in 3GPP Long Term Evolution (LTE) or evolved UTRA.
Moreover, various embodiments are described herein in connection with an access terminal. An access terminal can also be called a system, subscriber unit, subscriber station, mobile, remote station, remote terminal, mobile device, user terminal, wireless communication device, user agent, user device, or User Equipment (UE). An access terminal may be a cellular telephone, a cordless telephone, a Session Initiation Protocol (SIP) phone, a Wireless Local Loop (WLL) station, a Personal Digital Assistant (PDA), a handheld device having wireless connection capability, a computing device, or other processing device connected to a wireless modem. Moreover, various embodiments are described herein in connection with a base station. A base station may be utilized for communicating with access terminal(s) and may also be referred to as an access point, node B, evolved node B (enodeb), or some other terminology.
Moreover, various aspects or features described herein may be implemented as a method, apparatus, article of manufacture using standard programming and/or engineering techniques. The term "article of manufacture" as used herein is intended to encompass a computer program accessible from any computer-readable device, carrier, or media. For example, computer-readable media may include, but are not limited to: magnetic storage devices (e.g., hard disk, floppy disk, magnetic strips, etc.), optical disks (e.g., Compact Disk (CD), Digital Versatile Disk (DVD), etc.), smart cards, and flash memory devices (e.g., EPROM, card, stick, key drive, etc.). In addition, various storage media described herein can represent one or more devices and/or other machine-readable media for storing information. The term "machine-readable medium" can include, but is not limited to: wireless channels and various other media capable of storing, containing, and/or carrying instruction(s) and/or data.
According to one aspect, the claimed subject matter provides an architecture for compressing BTS/BSC/PCF functionality into a single entity called a home base station. The home base station may utilize or use an a10 connection established between the home base station and the cellular network packet data interworking function to provide seamless handover from the home base station to the cellular network. Further, according to another aspect, the claimed subject matter may use an a11 concentrator that allows for the consolidation of a11 connections, thereby reducing impact on packet data exchange aspects of the cellular system. In accordance with another aspect of the claimed subject matter, other interfaces (e.g., a13, a16, a17, a18, a19, a21, etc.) included and/or defined in a cellular system or network definition (e.g., 3GPP2) can be implemented and utilized without modification with the connectivity and functionality established by the home base station.
Referring now to fig. 1, a wireless communication system 100 is illustrated in accordance with various embodiments herein. System 100 comprises a base station 102 that can include multiple antenna groups. For example, one antenna group can include antennas 104 and 106, another group can include antennas 108 and 110, and an additional group can include antennas 112 and 114. Although only two antennas are shown for each antenna group, more or fewer antennas may be utilized for each antenna group. Base station 102 can additionally include a transmitter chain and a receiver chain, each of which can in turn comprise a plurality of components associated with signal transmission and reception (e.g., processors, modulators, multiplexers, demodulators, demultiplexers, antennas, etc.), as will be appreciated by one skilled in the art.
Base station 102 may communicate with one or more access terminals, such as access terminal 116 and access terminal 122; however, it is to be appreciated that base station 102 can communicate with substantially any number of access terminals similar to access terminals 116 and 122. Access terminals 116 and 122 can be, for example, cellular phones, smart phones, laptops, handheld communication devices, handheld computing devices, satellite radios, global positioning systems, PDAs, and/or any other suitable device for communicating over wireless communication system 100. As shown, access terminal 116 can be in communication with antennas 112 and 114, where antennas 112 and 114 transmit information to access terminal 116 over forward link 118 and receive information from access terminal 116 over reverse link 120. In addition, access terminal 122 can be in communication with antennas 104 and 106, where antennas 104 and 106 transmit information to access terminal 122 over forward link 124 and receive information from access terminal 122 over reverse link 126. In a Frequency Division Duplex (FDD) system, forward link 118 can utilize a different frequency band than that used by reverse link 120, and forward link 124 can employ a different frequency band than that employed by reverse link 126, for example. Further, in a Time Division Duplex (TDD) system, forward link 118 and reverse link 120 can utilize a common frequency band and forward link 124 and reverse link 126 can utilize a common frequency band.
Each group of antennas and/or the area in which they are assigned to communicate can be referred to as a sector of base station 102. For example, antenna groups can be designed to communicate to access terminals in a sector of the areas covered by base station 102. In communication over forward links 118 and 124, the transmitting antennas of base station 102 can utilize beamforming in order to improve signal-to-noise ratio of forward links 118 and 124 for access terminals 116 and 122. Moreover, while base station 102 utilizes beamforming to transmit to access terminals 116 and 122 scattered randomly through an associated coverage, access terminals in neighboring cells can be subject to less interference as compared to a base station transmitting through a single antenna to all its access terminals.
For example, system 100 may be a home base station environment. For example, in the system 100, the base stations 102 may be deployed in a home or small business/enterprise network environment. By utilizing the claimed subject matter, existing functionality and features typically associated with third generation (3G) cellular systems and/or networks can be extended to base stations 102 located in home or small business/enterprise network environments, thereby providing improved interoperability between larger macro networks (e.g., 3G systems and/or networks as a whole) and local home or small business/enterprise network environments in which the base stations 102 are located.
When located in a home or small business/enterprise network environment, the base station 102 may be disposed therein for two purposes. First, base station 102 can be disposed in a home or small business/enterprise network environment to provide a 3G system and/or network coverage extension, and second, base station 102 can be included in a home or small business/enterprise network environment to provide peak 3G throughput rates for individual users of system 100. Moreover, the methodologies taken and used by the claimed subject matter can leverage users of system 100 to employ base stations 102 in preference to larger macro networks (e.g., 3G systems and/or networks) whenever possible. For example, when the base station 102 is located in or associated with a home or small business/enterprise network environment, a home owner or small business/enterprise owner can obtain unlimited usage time for using the base station 102 with a small monthly fee (paid to the provider of the base station 102), through which the base station 102 can access a larger macro network without additional fees.
Locating the base stations 102 on existing switching media for transporting network traffic data between decentralized sites and more centralized points of presence (e.g., backhaul) avoids or alleviates the need for T1 connections to be used in a home or small business/enterprise network environment, and more particularly prevents the need for deploying T1 connections to the base stations 102 in advance. Rather, the claimed subject matter can use an existing DSL (digital subscriber loop/line and/or variants thereof)/cable modem connection with the base station 102 to transport packets over the backhaul. Such a deployment may save money for operators (e.g., home users and small business or enterprise owners). However, the prior art is generally insufficient in itself for or to enable interconnectivity between 3G wireless networks and conventional residential and/or commercial local area networks. For example, existing access terminals 116 and 122 that use Frequency Division Duplex (FDD) or Time Division Duplex (TDD) technologies typically and currently cannot utilize wireless networking technologies that use IEEE802.11 standards (e.g., Wi-Fi); existing cellular mobile technologies are generally unable to take advantage of Wi-Fi systems. Furthermore, devices utilizing or based on the IEEE802.11 paradigm, such as, for example, DSL or cable modems, are generally unable to sustain speeds in excess of 300 KB/sec, and the over-the-air (wireless) performance of these systems is generally limited to 3.1 MB/sec. Thus, it can be appreciated that backhaul speeds in these systems can be significantly lower than over-the-air speeds, and as a result, it has not heretofore been necessary for access terminals (e.g., access terminals 116 and 122) to utilize techniques that have been used in the IEEE802 standard.
Fig. 2 depicts an exemplary network architecture 200 in accordance with aspects of the claimed subject matter. As shown, the network architecture 200 may include an access terminal 202 that may be in continuous and/or operable communication with a home base station 204 and/or with a larger cellular system or network (e.g., a third generation (3G) cellular system) as directed by a macro base station transceiver 218. As exemplified above in the context of access terminals 116 and 122, access terminal 202 can be implemented entirely in hardware and/or in a combination of hardware and/or software in execution. Moreover, access terminal 202 can be included in and/or associated with other compatible components. Additionally, access terminal 202 can be, but is not limited to being, any type of machine that includes a processor and/or is capable of operative communication with network topology 208. Exemplary machines that may comprise access terminal 202 may include: desktop computers, cellular telephones, smart phones, laptop computers, notebook computers, tablet PCs, consumer and/or industrial devices and/or appliances, handheld devices, personal digital assistants, multimedia internet mobile phones, multimedia players, and the like.
The network architecture 200 may also include a home base station 204 that extends functionality provided in a cellular network (e.g., a third generation cellular system) into a home network environment or a small business enterprise network environment by utilizing the means presented herein. Locating the home base station 204 in a home network or small business enterprise network may provide improved interoperability between cellular networks and local IEEE 802-based networking (wired and/or wireless) environments common in these home and/or business networks. In addition, locating the home base station 204 in a home network or small business enterprise network provides coverage extension of the cellular system and/or network to the home or small enterprise network and provides peak cellular throughput rates for individual users of the enterprise/business network environment. Moreover, the use of home base station 204 by access terminal 202 may affect the user of network architecture 200 such that, whenever possible, home base station 204 is used in preference to the cellular network whenever access terminal 202 is within range of home base station 204.
Additionally, placing or associating home base stations 204 in existing forms of communication (e.g., IEEE 802-based technologies) for transporting network traffic data between dispersed locations and/or more concentrated points of presence may obviate the need to establish additional T1 connections beyond the capabilities currently available in a home/small business/enterprise network environment. In contrast, home base station 204 may use existing DSL/cable modem connections to transmit packets within or between home/small business/enterprise networks, distributed locations, and/or more centralized points of presence via existing communication means. The deployment or association of home base stations 204 in conjunction with existing and available IEEE 802.11-based communication means may thus save money for home users and/or small business owners.
In addition, network architecture 200 may also include a firewall/Network Address Translation (NAT) component 206 that inspects network traffic data passing through it and denies or allows packets to pass through according to a set of specified rules. The firewall/Network Address Translation (NAT) component 206 actually manages traffic flow between computer networks of different trust levels, such as between network segments in contact with untrusted areas (e.g., the internet) and network segments associated with highly trusted areas (e.g., a corporate intranet). Additionally and/or alternatively, the firewall/Network Address Translation (NAT) component 206 can also be used for network address translation (e.g., spoofing, origin address translation, or Internet Protocol (IP) spoofing), whereby the firewall/Network Address Translation (NAT) component 206 overwrites the source and/or destination IP addresses and/or transmission control protocol/user datagram protocol (TCP/UDP) port numbers of IP packets transmitted through the firewall/Network Address Translation (NAT) component 206. In general, the firewall/Network Address Translation (NAT) component 206 may be implemented or realized entirely in hardware, and/or as a combination of hardware and/or software in execution. Further, firewall/Network Address Translation (NAT) component 206 can be, but is not limited to being, a machine, device, apparatus, and/or tool that includes a processor and/or any type of mechanism, machine, apparatus, device, and/or tool that is capable of effective and/or operable communication with network topology 208. Mechanisms, machines, devices, apparatuses, and/or tools that may comprise the firewall/Network Address Translation (NAT) component 206 may include: tablet PCs, server-level computers and/or databases, laptop computers, notebook computers, desktop computers, cellular phones, smart phones, consumer appliances and/or instruments, industrial devices and/or components, handheld devices, personal digital assistants, multimedia internet enabled phones, multimedia players, and the like.
Network topology 208 can include any variable communication and/or broadcast technology, e.g., wired and/or wireless forms and/or technologies, that can be used to implement claimed subject matter. Further, network topology 208 may include the use of a Personal Area Network (PAN), a Local Area Network (LAN), a school area network (CAN), a Metropolitan Area Network (MAN), an extranet, an intranet, the internet, a Wide Area Network (WAN), which may be centralized and/or distributed, and/or any combination, permutation, and/or collection of these networks. Network topology 208 can provide the devices and functionality necessary for interconnection and/or data exchange between various components included in network architecture 200 and depicted in connection with network architecture 200. Moreover, as will be readily appreciated by those skilled in the art, the network topology 208 is not as a single monolithic entity, but may be comprised of multiple portions or segments (e.g., intranet, extranet, etc.) that have access to some, but not all, areas or sub-areas that are limited to identified and/or identifiable individuals and/or utilizations.
A Packet Data Interworking Function (PDIF) component 210 may also be included in network architecture 200 and may generally be responsible for the following functions: such as providing access to packet data services, implementing end-to-end tunneling, assigning IP addresses, encapsulating and de-encapsulating traffic data, implementing user authentication, etc. The Packet Data Interworking Function (PDIF) component 210, which may also be referred to as a Packet Data Gateway (PDG) in the 3GPP specifications, is typically located at the boundary between the core network of the cellular communication system and the public internet. In general, the Packet Data Interworking Function (PDIF) component 210 can be considered a protector that protects the cellular communication system from intrusions from an unrestricted ordinary IP domain. Accordingly, any entity (e.g., access terminal 202) that needs to communicate with or gain access to the core network of the cellular communication system needs to establish communication with and/or through the Packet Data Interworking Function (PDIF) component 210 and, more particularly, needs to take steps to initiate an IPSec (IP security) tunnel corresponding to the Packet Data Interworking Function (PDIF) component 210. The Packet Data Interworking Function (PDIF) component 210 can be implemented entirely in hardware and/or in a combination of hardware and/or software in execution. Further, a Packet Data Interworking Function (PDIF) component 210 can be included within and/or associated with other compatible components. Additionally, Packet Data Interworking Function (PDIF) component 210 can be, but is not necessarily limited to, including a processor and/or any type of machine capable of effectively communicating with network topology 208. Exemplary machines that may contain a data interworking function (PDIF) component 210 may include: desktop computers, cellular telephones, smart phones, laptop computers, notebook computers, tablet PCs, consumer and/or industrial devices and/or appliances, handheld devices, personal digital assistants, multimedia internet mobile phones, multimedia players, and the like.
A Packet Data Serving Node (PDSN) component 212 depicted in network architecture 200 may be generally responsible for the establishment, maintenance, and termination of point-to-point protocol (PPP) sessions between itself and one or more access terminals 202. In addition, Packet Data Serving Node (PDSN) component 212 may assign dynamic Internet Protocol (IP) addresses in addition to supporting mobile Internet Protocol (IP) functionality. Further, similar to those components already described thus far, Packet Data Serving Node (PDSN) component 212 may be implemented and/or realized entirely in hardware and/or as a combination of hardware and/or software in execution. Moreover, Packet Data Serving Node (PDSN) component 212 can be, but is not limited to being, an engine, machine, conversion tool, or generation mode of any type that includes a processor and/or is capable of effective and/or operable communication with network topology 208. Exemplary translation tools, production schemas, engines, mechanisms, devices and/or machines that may comprise and/or implement Packet Data Serving Node (PDSN) component 212 may include desktop computers, server-level computing devices and/or databases, cellular telephones, smart phones, laptop computers, notebook computers, tablet PCs, consumer and/or industrial devices and/or appliances and/or processes, handheld devices, personal digital assistants, multimedia internet enabled mobile phones, multimedia players, and the like.
In addition, network architecture 200 may also include an access, authentication, and accounting (AAA) component 214, which may be associated with a Packet Data Serving Node (PDSN) component 212. An access, authentication, and accounting (AAA) component 214 provides access, authentication, and auditing means, which may include utilizing biometric scans, digital signatures, passwords, and the like, in order to determine the identity and authority of those individuals attempting to access the secure segment of the network topology 208 (e.g., corporate internet, third generation cellular networks, and the like), and to track the activities of those individuals granted access to the secure segment of the network topology 208. Again, as with previous components disclosed herein, the access, authentication, and accounting (AAA) component 214 may be implemented and/or realized entirely in hardware and/or as a combination of hardware and/or software in execution. Further, access, authentication, and accounting (AAA) component 214 may be, but is not limited to including a processor and/or any type of mechanism, machine, device, apparatus, and/or tool capable of effective and/or operable communication with Packet Data Serving Node (PDSN) component 212 and/or network topology 208. Mechanisms, machines, devices, apparatus, and/or tools that may include an access, authentication, and accounting (AAA) component 214 may include: tablet PCs, server-level computing devices and/or databases, laptop computers, notebook computers, desktop computers, cellular phones, smart phones, consumer appliances and/or instruments, industrial devices and/or components, handheld devices, personal digital assistants, multimedia internet enabled phones, multimedia players, and the like.
As shown, network architecture 200 may also include a proxy call session control function (P-CSCF) component 216, which is an IP Multimedia Subsystem (IMS) generally identified as the first point of contact that access terminal 202 obtains within an IP multimedia core network system. Typical functions provided by proxy call session control function (P-CSCF) component 216 can include forwarding Session Initiation Protocol (SIP) messages received from access terminal 202 and forwarding the messages to other components located and included in the core network depending on the type of message and/or the process being performed. Again, as with previously disclosed components related to network architecture 200, proxy call session control function (P-CSCF) component 216 may be implemented entirely in hardware and/or a combination of hardware and/or software in execution. Additionally, proxy call session control function (P-CSCF) component 216 can be, but is not limited to being, a machine, device, apparatus, and/or tool that includes a processor and/or any type of mechanism, machine, apparatus, device, and/or tool that is capable of effectively and/or operatively communicating with network topology 208. Mechanisms, machines, devices, apparatus and/or tools that may comprise a proxy call session control function (P-CSCF) component 216 may include: tablet PCs, server-level computing devices and/or databases, laptop computers, notebook computers, desktop computers, cellular phones, smart phones, consumer appliances and/or instruments, industrial devices and/or components, handheld devices, personal digital assistants, multimedia internet enabled phones, multimedia players, and the like.
Additionally, the network architecture 200 may also include a macro base station transceiver component 218 that receives and/or transmits radio signals and/or is capable of encrypting and/or decrypting communications with a base station controller. The macro base station transceiver components 218 typically terminate the radio or wireless interface between the access terminal 202 and other wired or ground-based components of the network architecture 200. Similar to the other components of the network architecture 200 previously discussed, the macro base station transceiver component 218 may be implemented or realized entirely in hardware and/or as a combination of hardware and/or software in execution and may be any type of engine, machine, translation tool, or generation mode that includes a processor and/or is capable of effective and/or operable communication with the network topology 208.
Fig. 3 depicts a network architecture 300 that facilitates and implements an aspect of the claimed subject matter. Network architecture 300 may include an access terminal 202, a home base station 204, a firewall/Network Address Translation (NAT) component 206, a Packet Data Interworking Function (PDIF) component 210, and a Packet Data Serving Node (PDSN) component 212. Because many of the configurations and operations of the aforementioned components are substantially similar to those described for the components discussed in connection with fig. 2, detailed descriptions of these features are omitted so as to avoid unnecessary redundancy and for the sake of brevity. However, network architecture 300 may include a tunnel portion (aspect)302, e.g., an IPSec tunnel, for which construction or establishment may be initiated by access terminal 202. In accordance with an aspect of the claimed subject matter and as shown in fig. 3, a tunnel portion 302 can extend from an access terminal 202 to a packet data interworking function component 210 and can include a home base station 204 and a firewall/Network Address Translation (NAT) component 206. Generally in accordance with the concepts illustrated by network architecture 300, access terminal 202 needs to recognize or be aware that it is communicating with a home base station (e.g., home base station 204) rather than a macro base station transceiver (e.g., macro base station transceiver 218), and access terminal 202 may initiate an IPSec tunnel establishment procedure based at least in part on this recognition to create construction or establishment of tunnel portion 302. Once the tunnel portion 302 is established, the tunnel portion 302 can effectively and/or seamlessly link the access terminal 202 with the packet data interworking function component 210, with the consequent result that data exchanges or communications between the access terminal 202 and components and devices located outside the public internet-core network/intranet boundary 304 (e.g., at the third generation core network) can proceed as if the public internet-core network/intranet boundary 304 were completely transparent, rather than obscured from transparency (e.g., with perceptible blocking or impediment to seamless intercommunication as is currently the case).
FIG. 4 illustrates another network architecture 400 that implements and facilitates an aspect of the claimed subject matter. Similar to the network architecture 300 illustrated in fig. 3, the network architecture 400 may include an access terminal 202, a home base station 204, a firewall/Network Address Translation (NAT) component 206, a Packet Data Interworking Function (PDIF) component 210, and a Packet Data Serving Node (PDSN) component 212. As will be readily appreciated by one of ordinary skill in the art, the access terminal 202, home base station 204, firewall/Network Address Translation (NAT) component 206, Packet Data Interworking Function (PDIF) component 210, Packet Data Serving Node (PDSN) component 212 may generally be connected through wired or wireless communication forms such as network topology 208. Moreover, as one of ordinary skill in the art will appreciate, because many of the configurations and operations of the aforementioned components are substantially similar to those set forth for the components discussed in the context of fig. 2 and 3, detailed descriptions of these features are omitted so as to avoid unnecessary repetition and for the sake of brevity. However, the network architecture 400 may also include a tunnel portion 402, e.g., an IPSec tunnel, established by the home base station 204 between the home base station 204 and the Packet Data Interworking Function (PDIF) component 210. In this example, access terminal 202 is generally unaware that it has moved within range of a home base station (e.g., home base station 204) or that it is communicating with a home base station (e.g., home base station 204). In accordance with this aspect of the claimed subject matter, the focus on the access terminal 202 as a whole is that the tunnel portion 402 has been established by a home base station (e.g., home base station 204) and that it (e.g., access terminal 202) can utilize the tunnel portion 402 to seamlessly communicate with devices and/or components dispersed outside or behind the public internet-core network/intranet boundary 404.
Thus, the home base station 204 may generally take on the task of establishing the tunnel part 402 between the home base station 204 and the packet data interworking function component 210 (e.g., utilizing IPSec tunnel establishment policies). As shown, the tunnel portion 402 breaks an existing boundary (e.g., the public internet-core network intranet boundary 404) between the entire public internet and a protected core cellular network (e.g., a third generation cellular system or network), thereby providing a seamless interconnection between the access terminal 202 and the packet service node assembly 212; and interconnection is typically not allowed in the absence of the means or functionality provided by the claimed subject matter.
Once the tunnel portion 402 is established, linking the home base station 204 with the packet data interworking function component 210 through the firewall/Network Address Translation (NAT) component 206, the radio link between the access terminal 202 and the protected cellular core network will typically be exactly the same as if the access terminal 202 were caused to communicate with the cellular core network through the macro base station transceiver 218.
Once the tunnel portion 402 is established between the home base station 204 and the packet data interworking function 210, the home base station 204 (e.g., referred to as a home node B in the 3GPP specifications) may transmit packets into the cellular network (e.g., to the packet data serving node 212 and/or the proxy call session control function component 216 located outside the public internet-core network/intranet boundary 404) through the tunnel portion 402. Home base station 204, to implement the construction of tunnel portion 402, typically needs to provide a set of credentials uniquely associated with the home base station, and it also provides transparency with respect to multiple users that may utilize home base station 204 to interact with the cellular network.
To facilitate the foregoing, in addition to supporting mobile Internet Protocol (IP) functionality, a packet data service portion, which is responsible for establishing, maintaining, and terminating point-to-point protocol (PPP) sessions and assigning dynamic Internet Protocol (IP) addresses, may typically be included in or associated with home base station 204. From the perspective of the access terminal 202, including or associating packet data service functionality in the home base station 204 causes the home base station 204 to exhibit the same functionality as the macro base station transceiver 218. With respect to the point-to-point protocol (PPP), it should be noted that it may have two parts: (1) a control portion LCP/IPCP that may be used to authenticate an access terminal and assign an IP address to the access terminal in 3GPP 2. In 3GPP, this function can be performed by a control protocol defined as NAS (non access stratum); and (2) HDLC framing (blurring) performed to distinguish the boundaries of IP packets. Typically, this is necessary for 3GPP 2. The 3GPP uses packet-based framing at the RLC layer to distinguish IP packets and does not typically require this functionality.
Fig. 5 illustrates another network architecture 500 that facilitates and implements an aspect of the claimed subject matter. Network architecture 500 may include an access terminal 202, a home base station 204, a firewall/Network Address Translation (NAT) component 206, a Packet Data Interworking Function (PDIF) component 210, and a Packet Data Serving Node (PDSN) component 212. As will be appreciated by those of ordinary skill in the art, the Packet Data Interworking Function (PDIF) component 210 may be located at an interface between the public internet and the core cellular network/intranet (e.g., the public internet-core network/intranet boundary 504), and the packet data serving node component 212 is typically located within the protected core cellular network, rather than being disposed throughout the public internet. Further, as will also be appreciated by those of ordinary skill in the art, intercommunication between various devices and components that can encompass both the public internet and/or the core cellular network/intranet can be performed by means of wired and/or wireless communication means. In addition, as will also be appreciated by those of ordinary skill in the art, the tunnel linking the Packet Data Interworking Function (PDIF) component 210 with the home base station 204 can be established on a user-by-user basis, or can be implemented across all users, or can be differentiated based at least in part on different traffic data types (e.g., quality of service (QoS)).
As many of the configurations and functions of the foregoing components are substantially similar to those previously described in connection with fig. 2-4, as described above in connection with fig. 2-4, a detailed description of these features and devices is omitted for the sake of brevity. However, network architecture 500 may include a tunnel 502, e.g., an IPSec tunnel, tunnel 502 may be established to link home base station 204 with packet data interworking function component 210. In this example, home base station 204 may have a base transceiver station, base station controller, and/or packet control function (e.g., BTS/BSC/PCF) device, but unlike the approach set forth with reference to fig. 4, home base station 204 lacks packet data service functionality; instead, the actual packet data service intermediary may be implemented by the packet data service node 212 located within the core cellular network/intranet.
Thus, in contrast to the implementation set forth with reference to fig. 4, in the implementation set forth with reference to fig. 4, the home base station 204 communicates within the tunnel aspect 402 established from the home base station 204 to the packet data interworking function component 210 by means of Internet Protocol (IP) packets; whereas in the concept provided by fig. 5, this exchange uses a point-to-point protocol (PPP) within the tunnel 502 such that the point-to-point protocol (PPP) endpoint is at the packet data serving node component 212. Thus, in the case where the packet data serving node assembly 212 is generally located behind the public internet-core network/intranet boundary 504 (e.g., the packet data serving node assembly 212 is generally disposed on a macro cellular network, rather than in an environment that may include the public internet), the point-to-point protocol (PPP) is extended all the way into the macro cellular core network, rather than being mediated by the packet data interworking function assembly 210.
It should be noted, and as will be apparent to those of ordinary skill in the art, once the tunnel 502 connecting the home base station 204 with the packet data interworking function component 210 is established by the home base station 204, various schemes of the tunnel 502 may be used to implement the interface overage specified in the macrocellular system specification. E.g., the a13 interface, which transfers signaling information between the SC/MM function in the source Access Node (AN) and the SC/MM function in the target Access Node (AN) to implement dormant state session transfer. As further shown, the a16 interface may be utilized through a tunnel 502 established between the home base station 204 and the packet data interworking function component 210. The a16 interface typically conveys signaling information between a source Access Node (AN) and a target Access Node (AN) to enable High Rate Packet Data (HRPD) inter-AN connection state session transfer (e.g., hard handoff).
Additionally, the tunnel 502 may also support a17, a18, a19, and/or a21 interfaces. The a17 interface typically conveys signaling information between a source Access Node (AN) and a target Access Node (AN) in order to manage resources supporting inter-AN cross-connectivity (soft/softer handoff). The a17 interface typically establishes a dedicated endpoint (endpoint) for the a18 and a19 interfaces. In addition, the a17 interface tunnels air interface forward control channel signaling messages from a source Access Node (AN) to a target Access Node (AN) that has sectors in AN active set of access terminals to be sent to the access terminals. The a18 interface endpoint typically transports user traffic data (e.g., air interface traffic channel data) for AN access terminal between a source Access Node (AN) and a target RT during a cross-connect. The a18 interface endpoint is typically set using the a17 interface. The a19 interface generally transports bearer-specific cross-connection control messages dedicated to a Remote Transmitter (RT) for AN access terminal between AN Access Node (AN) and a target Remote Transmitter (RT). The a19 interface endpoint is typically set using the a17 interface. The a21 interface may convey signaling information between a High Rate Packet Data (HRPD) Access Node (AN) and AN Indoor Wireless System (IWS). The a21 interface may provide a switch to 1 x.
Fig. 6 provides an illustration 600 of an access terminal 202 in accordance with an aspect of the claimed subject matter. As previously described with reference to fig. 1 and 2, access terminal 202 may have basic functionality similar to that set forth above in connection with access terminals 116 and 122, and thus such basic functionality is omitted for brevity.
However, in addition to these basic functions, access terminal 202 can also include a tunnel establishing component 602 that can be utilized to establish a tunnel (e.g., an IPSec tunnel) that extends from access terminal 202 to packet data interworking function component 210. In general, the tunnel established by tunnel establishing component 602 can include the use of home base station 204 and/or firewall/Network Address Translation (NAT) component 206. In accordance with this aspect of the claimed subject matter, tunnel establishing component 602 needs to know, make known, or become known that it is communicating with one home base station (e.g., home base station 204) rather than communicating with a macro base station transceiver (e.g., macro base station transceiver 218). Accordingly, tunnel establishing component 602 may begin an IPSec tunnel establishment procedure to establish a tunnel between access terminal 202 and packet data interworking function component 210 in the event that tunnel establishing component 602 knows or becomes aware that it is communicating with one home base station (e.g., home base station 204) rather than a macro base station transceiver (e.g., macro base station transceiver 218).
Once tunnel establishment component 602 facilitates or effectuates establishment of a tunnel between access terminal 202 and packet data interworking function component 210, intercommunication between access terminal 202 and components and devices located on the core cellular network can occur in a seamless manner; as if the boundary between the public internet and the core cell did not exist.
Turning now to fig. 7, an illustration 700 of a home base station 204 in accordance with an aspect of the claimed subject matter is provided. As explained in connection with fig. 1 and 2, home base station 204 may have basic functions similar to those set forth above in connection with access terminals 116 and 122, and thus these basic functions are omitted for brevity. However, as shown, the home base station 204 may also have capabilities in addition to those already discussed so far. The home base station 204 may include base station transceiver equipment, wherein a base station transceiver (BTS) component 704 may enable wireless communication between a plurality of access terminals (e.g., access terminal 202) and a core cellular network by utilizing a tunnel extending between the home base station 204 and the Packet Data Interworking Function (PDIF) component 210. Base Transceiver Station (BTS) component 704 may also include schemes related to encrypting and/or decrypting communications between various components contained within home base station 204 and devices and schemes that may comprise a typical cellular network or system.
The home base station 204 may also include base station controller related functionality. Thus, home base station 204 may include a Base Station Controller (BSC) component 706 that may provide intelligence and coordination to support a Base Transceiver Station (BTS) component 704. A Base Station Controller (BSC) component 706 may control a plurality of base station transceiver (BTS) components 704 included in or associated with the home base station 204, if desired. In general, Base Station Controller (BSC) component 706 may handle assignment of radio channels, receive measurements from access terminals (e.g., access terminal 202), and control handovers from and between base station transceiver (BTS) component 704. Additionally and/or alternatively, the Base Station Controller (BSC) component 706 can act as a concentrator in which different low capacity connections from and/or to multiple base station transceiver (BTS) components 704 can be reduced to a smaller number of connections, thereby alleviating congestion in tunnels established between the home base station 204 and the Packet Data Interworking Function (PDIF) component 210.
Home base station 204 may also include a Packet Control Function (PCF) component 708 that may control packet transmissions between home base station 204 itself and a packet data serving node component (e.g., packet data serving node 212) located on the macro cellular network.
Additionally and/or alternatively, home base station 204 may include functions and devices normally assigned to packet data serving node 212. In this example, home base station 204 can include a packet data serving node component 710 that can be responsible for the establishment, maintenance, and termination of point-to-point (PPP) sessions between home base station 204 and one or more access terminals (e.g., access terminal 202) in communication with home base station 204. In accordance with this concept or scheme, packet data serving node component 710 may allocate dynamic Internet Protocol (IP) addresses and support mobile Internet Protocol (IP) functionality. The inclusion of the packet data serving node assembly 710 in the home base station 204 from the perspective of a communicating access terminal (e.g., access terminal 202) enables the home base station 204 to exhibit similar or identical functionality as a typical macro base station transceiver (e.g., macro base station transceiver 218).
As shown, the functions and means described above in connection with base station transceiver (BTS) component 704, Base Station Controller (BSC) component 706, Packet Control Function (PCF) component 708, and/or packet data serving node component 710 may be provided or included in tunnel establishment component 702, which tunnel establishment component 702 may in turn be associated with, included in, or integrated with home base station 204.
Fig. 8 provides an illustration 800 of a home base station 204 in accordance with another aspect of the claimed subject matter. As shown, the home base station 204 can include a Base Transceiver Station (BTS) portion 802 that can facilitate and enable wireless communication between an access terminal (e.g., access terminal 204) and a cellular system/network through a tunnel established between and connecting the home base station 204 and a Packet Data Interworking Function (PDIF) component 210. Similar to the Base Transceiver Station (BTS) component 704, the Base Transceiver Station (BTS) portion 802 may also perform encryption and/or decryption of communications between many different devices and components comprising the cellular system/network, as well as between multiple components and/or portions comprising or associated with the home base station 204.
In addition, the home base station 204 may also include devices normally associated with a base station controller. Thus, the home base station 204 may include a Base Station Controller (BSC) portion 804 that may provide the basic intelligence and/or configuration necessary for cooperation between the Base Transceiver Station (BTS) portion 802 and multiple Base Transceiver Station (BTS) portions (e.g., multiple Base Transceiver Station (BTS) portions 802) included in or associated with the home base station 204 (e.g., where multiple access terminals are near or within range of the home base station 204 and in communication therewith, multiple Base Transceiver Station (BTS) portions 802 may be utilized). A Base Station Controller (BSC) section 804 may allocate radio channels, receive measurements from access terminals within range of the home base station 204, and control handovers from the multiple base station transceiver (BTS) sections 802 under its supervision. In addition, the Base Station Controller (BSC) section 804 may also function as a combiner in which multiple low capacity connections from and/or to multiple base station transceiver (BTS) sections 802 may be combined in order to reduce congestion in the tunnel established between the home base station 204 and the packet data interworking capability (PDIF) component 210.
In addition, home base station 204 may also include a Packet Control Function (PCF) portion 806 that may control packet transmissions between home base station 204 and a packet data serving node component (e.g., packet data service interface 212) located on the larger cellular system/network.
However, in contrast to the concept disclosed with reference to fig. 7, the solution disclosed in fig. 8, in particular the home base station 204, does not comprise the functionality and means of the packet data serving node assembly 710. In contrast, home base station 204 relies on the assistance of packet data serving node 212 disposed within the macro cellular network to provide a point-to-point protocol (PPP) endpoint. Accordingly, the exchange between the home base station 204 and the cellular core network employs point-to-point protocol (PPP) in establishing a tunnel between the home base station 204 and the Packet Data Interworking Function (PDIF) component 210, with the result that communications are now actually conducted between the home base station 204 and the Packet Data Serving Node (PDSN) component 212, rather than being mediated by the Packet Data Interworking Function (PDIF) component 210.
As shown, the apparatus set forth above in connection with base station transceiver (BTS) portion 802, Base Station Controller (BSC) portion 804, and Packet Control Function (PCF) portion 806 may be associated with or included in tunnel establishment component 808, and tunnel establishment component 808 may be included in home base station 204.
To further understand fig. 8 and the functionality of the home base station 204 according to this scenario, the following review is presented. When an access terminal (e.g., access terminal 202) initiates a connection with home base station 204, home base station 204 establishes a tunnel (e.g., an IPSec tunnel) with packet data interworking function 210. Once the tunnel is established, home base station 204 may authenticate access terminal 202 using High Rate Packet Data (HRPD) point-to-point protocol (PPP) challenge-handshake authentication protocol (CHPA). It should be noted that without limitation, according to this aspect of the claimed subject matter, a tunnel needs to be established before High Rate Packet Data (HRPD) authentication proceeds, as a constructed tunnel is typically required to transport remote user authentication dial in service (RADIUS) messages. Authentication may be accomplished using an access, authentication and accounting (AAA) component 214 located in the cellular core network. A home base station 204 in accordance with an aspect of the claimed subject matter can be configured with a list of allowed or licensed access terminals (e.g., a list of persistent Network Address Identifiers (NAIs)). Additionally and/or alternatively, a list of persistent Network Address Identifiers (NAIs) may be used to distinguish between different service types (e.g., all users using a certain service may be provided with the same Network Address Identifier (NAI)). Other access terminal identifiers may be used to identify and authorize the user. In the event that it is determined that the Network Address Identifier (NAI) of the access terminal is not in the list of Network Address Identifiers (NAIs), home base station 204 may deny access to this access terminal. Furthermore, in case the Network Address Identifier (NAI) of the access terminal is found in the list of Network Address Identifiers (NAIs), but the challenge-handshake authentication protocol (CHAP) scheme fails, the home base station 204 may also deny access for this access terminal, and without remedial measures, the home base station 204 will not provide service for this access terminal.
Generally, in accordance with aspects of the claimed subject matter, there are two levels of authentication, first at the home base station 204 level and second at the access, authentication and accounting (AAA) component 214 level. Security at the level of the home base station 204 may be managed by the direct addition by a user (e.g., a management user) of the Network Address Identifier (NAI) of those access terminals that normally utilize the home base station 204 to gain access to the cellular core network. Such user interaction can typically be done without losing the integrity of the cellular core network. Security from the point of view of the access, authentication and accounting (AAA) component 214 level, existing cellular (e.g., 3G) authentication credentials can be used with the home base station 204 accessing the access, authentication and accounting (AAA) component 214 for the keys necessary for authentication.
Once an access terminal is authenticated and authorized, home base station 204 may use the access terminal's International Mobile Subscriber Identity (IMSI) to identify and select an appropriate packet data serving node (e.g., packet data serving node 212) with which to establish communication. In general, a "modulo-N IMSI" algorithm may be utilized and executed, where N represents the number of possible Packet Data Serving Nodes (PDSNs) reachable by home base station 204. Typically, the number "N" may also be remotely configured and updated by carrier (e.g., in the event that the number of possible Packet Data Serving Nodes (PDSNs) changes). It should be noted that since the packet control function/radio network controller (PCF/RNC) in the radio access network also uses the same algorithm to select a possible Packet Data Serving Node (PDSN), it is possible that the home base station 204 will select the same packet data serving node after the access terminal transitions to communicating through the home base station 204 rather than through the macro base station transceiver 218.
After home base station 204 identifies and/or selects a packet data serving node (e.g., Packet Data Serving Node (PDSN) component 212), home base station 204 may establish an a10 connection with Packet Data Serving Node (PDSN) component 212 using a11 signaling. Therefore, to achieve this goal, a Generic Routing Encapsulation (GRE) tunnel needs to be established between the Packet Data Serving Node (PDSN) component 212 and the home base station 04. Here, the identified and selected Packet Data Serving Node (PDSN) component 212 remains the same during the transition of the access terminal 202 from the macro base station transceiver 218 to the home base station 204, and typically does not have to perform Mobile Internet Protocol (MIP) registration. By eliminating the necessity of performing Mobile Internet Protocol (MIP) registration, disruption to voice over internet protocol (VoIP) services during handoff between Wireless Access Network (WAN) coverage and home coverage (e.g., with communications via the home base station 204) can be greatly mitigated.
Other functions that may be performed by the home base station 204 may also include: accounting and then forwarding any accounting records to the Packet Data Serving Node (PDSN) over the a11 airlink records, supporting network-initiated quality of service (QoS) using existing PDSN-PCF/RNC signaling between the Packet Data Serving Node (PDSN) component 212 and the home base station 204, and supporting different traffic types between the Packet Data Interworking Function (PDIF) component 210 and the home base station 204 using different Security Associations (SAs). With respect to the latter aspect (e.g., supporting different traffic types between the Packet Data Interworking Function (PDIF) component 210 and the home base station 204 based at least in part on different Security Associations (SAs)), multiple a10 connections (e.g., among or between access terminals) having similar quality of service (QoS) characteristics can be mapped to the same IPSec Security Association (SA) in order to limit the number of sub-security associations created.
Fig. 9 provides an illustration 900 of another aspect of a home base station 204 in accordance with the claimed subject matter. As shown, the home base station 204 may be connected to or contain a memory 902, the memory 902 may comprise any suitable data necessary for the home base station 204 to fulfill its purpose. For example, memory 902 may include a Network Address Identifier (NAI)904 associated with one or more access terminals (e.g., access terminal 202) currently in communication with home base station 204 or potentially in communication with home base station 204. Additionally, memory 902 may also include information related to user data, data related to a portion of a transaction, credit information, historical data related to previous transactions, a portion of data related to purchasing goods and/or services, a portion of data related to selling goods and/or services, geographic location, online activity, previous online transactions, activity on different networks, activity on one network, credit card verification, membership, time of validity of membership, communications associated with a network, buddy list, contact status, questions answered, questions posed, time of response to questions, blog data, blog entry, endorsement, item purchased, item sold, product on a network, information collected from different websites, information obtained from different networks, levels of websites, historical data related to previous online transactions, activity on different networks, activity on one network, credit card verification, membership, time of validity of membership, communications associated with a network, contact status, question answered, question posed, question, blog data, Credit score, geographic location, donations to charities, or any other information related to software, applications, holding a web conference, and/or any suitable data related to a transaction, etc.
It will be appreciated that the memory 902 can be, for example, either volatile or nonvolatile memory, or can include both volatile and nonvolatile memory. By way of example, and not limitation, nonvolatile memory can include Read Only Memory (ROM), Programmable Read Only Memory (PROM), Electrically Programmable Read Only Memory (EPROM), Electrically Erasable Programmable Read Only Memory (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM), which acts as external cache memory. By way of example, and not limitation, RAM can take many forms, such as Static RAM (SRAM),Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM),DRAM(SLDRAM)Direct RAM (RDRAM), direct memoryDynamic RAM (DRDRAM) anddynamic ram (rdram). The memory 902 of the subject systems and methods is intended to comprise, without being limited to, these and any other suitable types of memory. Additionally, it will be appreciated that the memory 902 may be a server, a database, a hard drive, or the like.
Fig. 10 shows an illustration 1000 of another aspect of the claimed subject matter in which an a11 concentrator component 1002 can be interposed between a Packet Data Interworking Function (PDIF) component 210 and a Packet Data Serving Node (PDSN) component 212. As shown, the a11 concentrator component 1002 may be used to minimize the number of a11 connections that need to be made to the Packet Data Serving Node (PDSN) component 212. In accordance with this aspect of the claimed subject matter, a11 concentrator component 1002 can generally maintain a single a11 connection with Packet Data Serving Node (PDSN) component 212, thereby reducing the impact on Packet Data Serving Node (PDSN) component 212 necessary to maintain and/or monitor multiple a11 connections between itself and devices and/or components with which it communicates. Thus, when an access terminal (e.g., access terminal 202) sends packets through home base station 204, individuals using the access terminal perceive that they are communicating directly with Packet Data Serving Node (PDSN) component 212 located within the core cellular network. In practice, however, the access terminal 202 is communicating with the home base station 204, the home base station 204 in turn establishes and maintains an a11/a10 interface with the a11 concentrator component 1002, and the a11 concentrator component 1002 can in turn communicate with the packet data serving node 212 over the a11 connection established between it (e.g., the a11 concentrator component 1002) and the packet data serving node 212.
To facilitate the foregoing functionality, a11 concentrator component 1002 needs to be provisioned in advance with a MN-HA key that can be used to communicate with Packet Data Serving Node (PDSN) component 212. Further, the a11 concentrator component 1002 may maintain a mapping between: i.e., mapping between a11 and a10 connections with different home base stations, and a11 and a10 interactions between different home base stations connected to the a11 concentrator component 1002 and the Packet Data Serving Node (PDSN) component 212. Generally, mappings established and/or maintained between a11 and a10 connections with different home base stations connected to the a11 concentrator component 1002 may be used to route packets to/from the a11 concentrator component 1002. Also, the established and/or maintained mapping may be dynamically updated based at least in part on when a home base station (e.g., home base station 204) joined the network and when it established the required a10 connection. In addition, the home base station 204 may break the a10 connection when the previously established a10 connection is no longer being used by any access terminal, or in the event that no access terminal is associated with the a10 connection.
Further with respect to the a11 concentrator component 1002, when robust header compression (RoHC) is implemented on the a11 concentrator component 1002 in accordance with the streaming protocol, robust header compression (RoHC) context can be addressed directly to the Packet Data Serving Node (PDSN) 212. Conversely, when robust header compression (RoHC) is implemented on the a11 concentrator component 1002 pursuant to a routing protocol, robust header compression (RoHC) can be targeted to the home base station 204.
It should be noted that while, without limitation, the a11 concentrator component 1002 is depicted as a separate, individual component for purposes of illustration, one of ordinary skill in the art will appreciate that the a11 concentrator component 1002 may be associated with or integrated with the Packet Data Interworking Function (PDIF) component 210 for purposes of deployment, thereby reducing the number of nodes that need to be deployed in the core cellular network. Additionally, it will also be appreciated that for an a 13-like interface, a similar mechanism as used by the a11 concentrator component 1002 can be utilized to pass sessions between the macrocellular network and a network in accordance with the IEEE802 standard. In addition, the A11 concentrator component 1002 can be employed to concentrate A16 signaling information communicated to and from a source Access Node (AN) and a target Access Node (AN) to facilitate high speed packet data inter-AN connection state session transfer. Additionally, the a11 concentrator component 1002 may also be used to concentrate a17, a18, a19, and/or a21 interfaces. As previously mentioned, the a17 interface typically conveys signaling information between a source Access Node (AN) and a target Access Node (AN) to manage resources supporting inter-AN cross-connections. The a18 interface generally transports user traffic data (e.g., air interface traffic channel data) for AN access terminal between a source Access Node (AN) and a target RT during a cross-connect. The a18 interface endpoint is typically set using the a17 interface. The a19 interface generally conveys bearer-related cross-connection control messages specific to a Remote Transmitter (RT) for AN access terminal between AN Access Node (AN) and a target Remote Transmitter (RT). The a19 interface endpoint is typically set using the a17 interface. The a21 interface may convey signaling information between a High Rate Packet Data (HRPD) Access Node (AN) and AN Indoor Wireless System (IWS). The a21 interface may provide a switch to 1 x.
According to another aspect, the a11 concentrator component 1002 may mask or hide the IP address of the target Access Node (AN) from the home base station. According to this exemplary scheme, a11 concentrator component 1002, upon receiving a particular request, may query an association database that maps IP addresses to physical locations, and may thereafter find an appropriate target access node to which to forward the message. Once completed, the home base station and the target access node may perform their required operations at least partially in accordance with the macro cellular specification.
Referring to fig. 11, a methodology relating to utilizing a home base station in a wireless communication environment is illustrated. While, for purposes of simplicity of explanation, the methodologies are shown and described as a series of acts, it is to be understood and appreciated that the methodologies are not limited by the order of acts, as some acts may, in accordance with one or more embodiments, occur in different orders and/or concurrently with other acts from that shown and described herein. For example, those skilled in the art will understand and appreciate that a methodology could alternatively be represented as a series of interrelated states or events, such as in a state diagram. Moreover, not all illustrated acts may be required to implement a methodology in accordance with one or more embodiments.
Referring to fig. 11, illustrated is a methodology 1100 for utilizing a home base station in a wireless communication environment. Methodology 1100 can begin at 1102, where an IPSec tunnel can be established to a packet data interworking function component located at a boundary between a public internet and a core cellular communications network. The IPSec tunnel may typically be established when the access terminal initiates a connection with the home base station. Once a tunnel is established between the home base station and the packet data interworking function component, the home base station may authenticate an access terminal initiating a connection with the home base station using a High Rate Packet Data (HRPD) point-to-point protocol (PPP) challenge-handshake authentication protocol (CHAP). Authentication of the access terminal may be achieved using access, authentication and accounting means located in the cellular core network. Additionally and/or alternatively, the home base station may query a persistent Network Address Identifier (NAI) list to identify access terminals allowed to access the core cellular network through the home base station. In the event that the Network Address Identifier (NAI) of the access terminal is determined not to be in the persistent Network Address Identifier (NAI) list, or in the event that challenge-handshake authentication protocol (CHAP) authentication fails, the home base station may deny access to the access terminal and may implement a fallback remedy.
Once the access terminal is authenticated, the home base station may use the access terminal's International Mobile Subscriber Identity (IMSI) to identify or select the appropriate packet data serving node with which to establish communication, after which the home base station may use a11 signaling to establish an a10 connection with the identified packet data serving node, at 1104. At 1106, conventional Generic Routing Encapsulation (GRE) tunnel packets can be exchanged between the home base station and the packet data serving node. It should be noted that an access terminal typically maintains an association with the core cellular network while using a currently active service, even when it is within range of a home base station, but associates itself with a home base station when the previously active service is terminated.
As used herein, the term to "infer" or "inference" refers generally to the process of reasoning about or inferring states of the system, environment, and/or user from a set of observations as captured via events and/or data. Inference can be employed to identify a specific context or action, or can generate a probability distribution over states, for example. The inference can be probabilistic-that is, the computation of a probability distribution over states of interest based on a consideration of data and events. Inference can also refer to techniques employed for composing higher-level events from a set of events and/or data. Such inference results in the construction of new events or actions from a set of observed events and/or stored event data, whether or not the events are correlated in close temporal proximity, and whether the events and data come from one or several event and data sources.
Fig. 12 is an illustration 1200 of an access terminal 202 that obtains and/or utilizes a home base station in a wireless communication system. Access terminal 202 can comprise a receiver 1202 that receives a signal, e.g., from a receive antenna (not shown), and performs conventional operations (e.g., filters, amplifies, downconverts, etc.) on the received signal and digitizes the conditioned signal to obtain samples. Receiver 1202 can be, for example, an MMSE receiver, and can comprise a demodulator 1204, which demodulator 1204 can demodulate received symbols and provide them to a processor 1206 for channel estimation. Processor 1206 can be a processor dedicated to analyzing information received by receiver 1202 and/or generating information for transmission by a transmitter 1214, a processor that controls one or more components of access terminal 202, and/or a processor that both analyzes information received by receiver 1202, generates information for transmission by transmitter 1214, and controls one or more components of access terminal 202.
Access terminal 202 can also include memory 1208 that is operatively coupled to processor 1206 and that can store data to be transmitted, received data, and any other suitable information related to performing the various operations and functions set forth herein. For example, memory 1208 can store particular group signaling constraints utilized by one or more base stations. Memory 1208 can additionally store protocols and/or algorithms related to identifying signaling constraints for communicating resource block assignments and/or analyzing received assignment messages using such signaling constraints.
It will be appreciated that the data store (e.g., memory 1208) described herein can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. By way of example, and not limitation, nonvolatile memory can include Read Only Memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), electrically erasable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM), which acts as external cache memory. By way of example and not limitation, RAM may be provided in a variety of ways, such as: synchronous RAM (sram), Dynamic RAM (DRAM), synchronous DRAM (sdram), double data rate sdram (ddr sdram), enhanced sdram (esdram), Synchlink DRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The memory 1208 of the subject systems and methods is intended to comprise, without being limited to, these memory types and any other suitable accessor types.
Receiver 1202 is also operatively coupled to a tunnel establishment component 1210 that is substantially similar to tunnel establishment component 602 of fig. 6. Tunnel establishing component 1210 may be used to establish a tunnel extending from access terminal 202 to a packet data interworking function component located at a boundary between a core cellular communication network and the entire internet. Access terminal 202 can further comprise a modulator 1212 and a transmitter 1214 that transmit signals to, for instance, a home base station, another access terminal, and/or the like. Although illustrated as being separate from the processor 1206, it is to be appreciated that the tunnel establishment assembly 1210 and/or the modulator 1212 can be part of the processor 1206 or a number of processors (not shown).
Fig. 13 is an illustration of a system 1300 that facilitates utilizing a home base station in a wireless communication environment. System 1300 includes a home base station 204 (e.g., an access point.) having a receiver 1308 that receives signals from one or more access terminals 1302 via a plurality of receive antennas 1304 and a transmitter 1320 that transmits signals to one or more access terminals 1302 via transmit antennas 1306. A receiver 1308 can receive information from receive antennas 1304 and is operatively coupled to a demodulator 1310 that demodulates received information. Demodulated symbols can be analyzed by a processor 1312, which processor 1312 is similar to the processor described above with reference to fig. 12, and coupled to memory 1314, memory 1314 can store data to be transmitted to and received from access terminal 1302 (or a disparate base station (not shown)), and/or any other suitable information for performing the various operations and functions set forth herein. The processor 1312 is also coupled to a tunnel establishing component 1316 which establishes a tunnel extending from the home base station 204 to a packet data interworking function component located at the boundary between the core cellular communication network and the internet. Further, tunnel establishing component 1316 may provide information to be transmitted to modulator 1318. A modulator 1318 can multiplex the frame for transmission by a transmitter 1320 through antenna 1306 to access terminal 1302. Although illustrated as being separate from the processor 1312, it is to be appreciated that tunnel establishing component 1316 and/or modulator 1318 may be part of processor 1312 or a number of processors (not shown).
Fig. 14 shows an exemplary wireless communication system 1400. The wireless communication system 1400 depicts one home base station 1410 and one access terminal 1450 for sake of brevity. However, it is to be appreciated that system 1400 can include more than one home base station and/or more than one access terminal, wherein other home base stations and/or access terminals can be substantially similar or different from exemplary home base station 1410 and access terminal 1450 described below. In addition, it is to be appreciated that home base station 1410 and/or access terminal 1450 can employ the systems (fig. 1-10) and/or methods (fig. 11) described herein to enable wireless communication there between.
At home base station 1410, traffic data for a number of data streams is provided from a data source 1412 to a Transmit (TX) data processor 1414. According to an example, each data stream can be transmitted over a respective antenna. TX data processor 1414 formats, codes, and interleaves the traffic data stream based on a particular coding scheme selected for that data stream to provide coded data.
The coded data for each data stream can be multiplexed with pilot data using Orthogonal Frequency Division Multiplexing (OFDM) techniques. Additionally or alternatively, the pilot symbols may be Frequency Division Multiplexed (FDM), Time Division Multiplexed (TDM), or Code Division Multiplexed (CDM). The pilot data is typically a known data pattern that is processed in a known manner and can be used at the access terminal to estimate channel response. The multiplexed pilot and coded data for each data stream is modulated (i.e., symbol mapped) based on a particular modulation scheme (e.g., binary phase-shift keying (BPSK), quadrature phase-shift keying (QSPK), M-phase-shift keying (M-PSK), M-quadrature amplitude modulation (M-QAM), etc.) selected for that data stream to provide modulation symbols. The data rate, coding, and modulation for each data stream can be determined by instructions performed or provided by processor 1430.
The modulation symbols for the data streams are then provided to a TX MIMO processor 1420, which may further process the modulation symbols (e.g., for OFDM). TX MIMO processor 1420 then forwards NTA number of transmitters (TMTR)1422a through 1422t provide NTA stream of modulation symbols. In various embodiments, TX MIMO processor 1420 applies beamforming weights to the symbols of the data streams and to the antenna from which the symbol is being transmitted.
Each transmitter 1422 receives and processes a respective symbol stream to provide one or more analog signals, and further conditions (e.g., amplifies, filters, and upconverts) the analog signalsAn analog signal to provide a modulated signal suitable for transmission over a MIMO channel. Then from N respectivelyTN transmitted from transmitters 1422a through 1422t by antennas 1424a through 1424tTA modulated signal.
At access terminal 1450, by NRThe transmitted modulated signals are received by antennas 1452a through 1452r and the received signal from each antenna 1452 is provided to a respective receiver (RCVR)1454a through 1454 r. Each receiver 1454 conditions (e.g., filters, amplifies, and downconverts) a respective signal, digitizes the conditioned signal to provide samples, and further processes the samples to provide a corresponding "received" symbol stream.
RX data processor 1460 may receive and process data from N based on a particular receiver processing techniqueRN of receiver 1454RA stream of received symbols to provide NTA "detected" symbol stream. RX data processor 1460 can demodulate, deinterleave, and decode each detected symbol stream to recover the traffic data for the data stream. The processing by RX data processor 1460 is complementary to that performed by TX M1MO processor 1420 and TX data processor 1414 at home base station 1410.
Processor 1470 periodically determines which of the available techniques described above to use. Further, processor 1470 can formulate a reverse link message comprising a matrix index portion and a rank value portion.
The reverse link message may comprise various types of information regarding the communication link and/or the received data stream. The reverse link message can be processed by a TX data processor 1438, modulated by a modulator 1480, conditioned by transmitters 1454a through 1454r, and transmitted back to base station 1410, the TX data processor 1438 also receives traffic data for a number of data streams from a data source 1436.
At home base station 1410, the modulated signals from access terminal 1450 are received by antennas 1424, conditioned by receivers 1422, demodulated by a demodulator 1440, and processed by a RX data processor 1442 to extract the reverse link message transmitted by access terminal 1450. Further, processor 1430 can process the extracted message to determine which precoding matrix to use for determining the beamforming weights.
Processors 1430 and 1470 can direct (e.g., control, coordinate, manage, etc.) operation at home base station 1410 and access terminal 1450, respectively. Respective processors 1430 and 1470 can be associated with memory 1432 and 1472 that store program codes and data. Processors 1430 and 1470 can also perform operations to derive frequency and impulse response estimates for the uplink and downlink, respectively.
In one aspect, logical channels are classified into control channels and traffic channels. Logical control channels may include a Broadcast Control Channel (BCCH), which is a DL channel for broadcasting system control information. In addition, the logical control channel may include a Paging Control Channel (PCCH), which is a channel transmitting paging information. In addition, the logical control channels may include a Multicast Control Channel (MCCH), which is a Point-to-multipoint DL channel used to transmit Multimedia Broadcast and Multicast Service (MBMS) scheduling and control information for one or several MTCHs. Typically, this channel is only used by UEs receiving MBMS (e.g. old MCCH + MSCH) after a Radio Resource Control (RRC) connection is established. In addition, the logical control channels may include a Dedicated Control Channel (DCCH), which is a point-to-point bi-directional channel that transmits dedicated control information and is used by UEs having an RRC connection. In one aspect, the logical traffic channels can include a Dedicated Traffic Channel (DTCH), which is a point-to-point bi-directional channel dedicated to one UE for transmitting user information. In addition, the logical traffic channels may include a Multicast Traffic Channel (MTCH), which is a point-to-multipoint DL channel for transmitting traffic data.
In one aspect, transport channels are classified as DL and UL. DL transport channels include a Broadcast Channel (BCH), a downlink shared data channel (DL-SDCH) and a Paging Channel (PCH). The PCH may support UE power saving by being broadcast over the entire cell and mapped onto physical layer (PHY) resources that may be used for other control/traffic channels (e.g., Discontinuous Reception (DRX) cycles may be indicated to the UE by the network). The UL transport channels may include a Random Access Channel (RACH), a request channel (REQCH), an uplink shared data channel (UL-SDCH), and a plurality of PHY channels.
The PHY channels may include a set of DL channels and UL channels. For example, DL PHY channels may include: a common pilot data channel (CPICH); a Synchronization Channel (SCH); common Control Channel (CCCH); shared DL Control Channel (SDCCH); multicast Control Channel (MCCH) Shared UL Allocation Channel (SUACH); acknowledgement channel (ACKCH); DL physical shared data channel (DL-PSDCH); UL Power Control Channel (UPCCH); a Paging Indication Channel (PICH); and/or a Load Indication Channel (LICH). By way of further illustration, the UL PHY channels may include: physical Random Access Channel (PRACH); channel Quality Indication Channel (CQICH); acknowledgement channel (ACKCH); an Antenna Subset Indicator Channel (ASICH) shared request channel (SREQCH); UL physical shared data channel (UL-PSDCH); and/or a wideband pilot channel (BPICH).
It is to be understood that the embodiments described herein may be implemented by hardware, software, firmware, middleware, microcode, or any combination thereof. For a hardware implementation, the processing units may be implemented within one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), processors, controllers, micro-controllers, microprocessors, other electronic units designed to perform the functions described herein, or a combination thereof.
When the embodiments are implemented in software, firmware, middleware or microcode, program code or code segments, they can be stored in a machine-readable medium, such as a storage component. A code segment may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a class, or any combination of instructions, data structures, or program statements. A code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters, or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted using any suitable means including memory sharing, message passing, token passing, network transmission, etc.
For a software implementation, the techniques described herein may be implemented with modules (e.g., procedures, functions, and so on) that perform the functions described herein. The software codes may be stored in memory units and executed by processors. The memory unit may be implemented within the processor or external to the processor, in which case it can be communicatively coupled to the processor via various means as is known in the art.
Turning to fig. 15, illustrated is a system 1500 that enables utilizing home base stations in a wireless communication environment. For example, system 1500 may be located within a home base station. As shown, system 1500 includes functional blocks that can represent functions implemented by a processor, software, or combination thereof (e.g., firmware). System 1500 includes a logical grouping 1502 of a plurality of electrical components that can act in conjunction. Logical grouping 1502 can include an electrical component for establishing an IPSec tunnel to a packet data interworking function 1504. Further, logical grouping 1502 may include an electrical component for establishing an a11/a10 interface between the home base station and a packet data serving node located in a core cellular communication network 1506. Further, logical grouping 1502 may include an electrical component for exchanging generic routing encapsulation packets between the home base station and the packet data serving node 1508. Additionally, system 1500 can include a memory 1510 that retains instructions for executing functions associated with electrical components 1504, 1506, and 1508. While shown as being external to memory 1510, it is to be understood that electrical components 1504, 1506, and 1508 can exist within memory 1510.
What has been described above includes examples of one or more embodiments. It is, of course, not possible to describe every conceivable combination of components or methodologies for purposes of describing the aforementioned embodiments, but one of ordinary skill in the art may recognize that many further combinations and permutations of various embodiments are possible. Accordingly, the described embodiments are intended to embrace all such alterations, modifications and variations that fall within the spirit and scope of the appended claims. Furthermore, to the extent that the term "includes" is used in either the detailed description or the claims, such term is intended to be inclusive in a manner similar to the term "comprising" as "comprising" is interpreted when employed as a transitional word in a claim.
Claims (54)
1. A method for establishing an IPSec tunnel for use in a wireless communication environment, comprising the steps of:
establishing the IPSec tunnel between a home base station and a packet data interworking function component using an IPSec establishment procedure on the home base station, the IPSec establishment procedure being based at least in part on one user, all users, or on quality of service (QoS);
authenticating an access terminal associated with the home base station using at least one of a challenge-handshake authentication protocol (CHAP) at a high-speed packet data (HRDP) point-to-point protocol (PPP) or non-access stratum (NAS) based support directed through the IPSec tunnel;
identifying or selecting a packet data serving node with which to establish communication between the home base station and the packet data serving node using an International Mobile Subscriber Identity (IMSI) associated with the access terminal; and
an A10 connection is established with the packet data serving node using A11 signaling.
2. The method of claim 1, further comprising the steps of: the established IPSec tunnel is utilized to transport remote user authentication dial in service (RADIUS) messages.
3. The method of claim 1, further comprising the steps of: authenticating the access terminal associated with the home base station using access, authentication and accounting services located within a secure portion of the wireless communication environment.
4. The method of claim 1, wherein the IPSec tunnel traverses an access barrier between a secure portion of the wireless communication environment and an unprotected portion of the wireless communication environment.
5. The method of claim 1, wherein the packet data interworking function component is located at an interface between a secure portion of the wireless communication environment and an unprotected portion of the wireless communication environment.
6. The method of claim 1, wherein the packet data serving node is located in a secure portion of the wireless communication environment.
7. The method of claim 1, wherein the step of utilizing an IPSec establishment procedure further comprises the steps of: querying a persistent Network Address Identifier (NAI) list comprising network address identifiers associated with the access terminal in communication with the home base station.
8. The method of claim 1, further comprising the steps of: maintaining a connection with the macro base station transceiver during a transition from the macro base station transceiver to the home base station until a service currently performed on the access terminal is terminated.
9. The method of claim 1, further comprising the steps of: determining the packet data serving node with which to establish communication based at least in part on using an International Mobile Subscriber Identity (IMSI) modulo N algorithm, where N represents a number of possible packet data serving nodes present in the wireless communication environment.
10. The method of claim 1, wherein the step of establishing an a10 connection using a11 signaling further comprises the steps of: establishing a Generic Routing Encapsulation (GRE) tunnel between the packet data serving node and the home base station.
11. The method of claim 1, wherein the home base station performs a billing function and transmits a billing record to the packet data serving node over an a11 airlink record.
12. The method of claim 1, wherein the home base station communicates with an a11 concentrator interposed between the home base station and the packet data serving node.
13. The method of claim 12, wherein the a11 concentrator communicates with the packet data serving node over a single a11 connection.
14. The method of claim 12, wherein the home base station establishes a plurality of a11/a10 interfaces with the a11 concentrator, each of the plurality of a11/a10 interfaces established based at least in part on other access terminals that initiate access to the home base station.
15. The method of claim 12, wherein the a11 concentrator maintains a mapping between a11 and a10 connections with one or more home base stations and a10 and a11 interactions among the one or more home base stations, the mapping for routing packets to or from the a11 concentrator.
16. The method of claim 15, wherein the mapping is dynamically updated based at least in part on a time range associated with when the home base station established an a10 connection with the a11 concentrator.
17. The method of claim 1, wherein the home base station is located in an unprotected part of the wireless communication environment, the unprotected part further comprising wired and wireless home or small business environments.
18. The method of claim 17, wherein the wired and wireless home or small business environment uses an IEEE802 communication paradigm.
19. The method of claim 1, wherein the access terminal is wirelessly inaccessible to the wireless communication environment.
20. The method of claim 1, further comprising the steps of: communicating directly from the access terminal with the packet data serving node using the IPSec tunnel established between the home base station and the packet data interworking function component, wherein the packet data serving node is located in a protected portion of the wireless communication environment.
21. A wireless communications apparatus that establishes an IPSec tunnel for use in a wireless communication environment, the apparatus comprising:
an IPSec establishment procedure using means for using an IPSec establishment procedure on means for establishing an IPSec tunnel, the IPSec tunnel being established between the means for establishing an IPSec tunnel and means for mediating communications between a secure portion of the wireless communication environment and an unprotected portion of the wireless communication environment, wherein the IPSec establishment procedure is based at least in part on one user, all users, or on a quality of service (QoS);
an authentication module for authenticating a mobile communication module for mobile communication associated with the means for establishing an IPSec tunnel using one or more of a point-to-point protocol (PPP) challenge-handshake authentication protocol (CHAP) or non-access stratum (NAS) based support directed through the IPSec tunnel;
means for identifying or selecting a packet data service module for serving packet data with which to establish communication between the means for establishing an IPSec tunnel and the packet data service module using an International Mobile Subscriber Identity (IMSI) associated with the mobile communication module; and
means for establishing an A10 connection with the packet data service module using A11 signaling.
22. The wireless communications apparatus of claim 21, wherein the tunnel is utilized to transport remote user authentication dial in service (RADIUS) messages.
23. The wireless communications apparatus of claim 21, further comprising: means for authenticating located in the secure portion of the wireless communication environment.
24. The wireless communications apparatus of claim 21, wherein the IPSec tunnel traverses a boundary implemented between the secure portion of the wireless communication environment and an unprotected portion of the wireless communication environment.
25. The wireless communications apparatus of claim 21, wherein the means for mediating communications is located at an edge of each of the secure portion of the wireless communication environment and the unprotected portion of the wireless communication environment.
26. The wireless communications apparatus of claim 21, wherein the packet data service module is located within the secure portion of the wireless communication environment.
27. The wireless communications apparatus of claim 21, wherein the means for establishing the IPSec tunnel queries a Network Address Identifier (NAI) list stored on the means for persisting, the network address identifier list comprising network address identifiers associated with the mobile communications module initiating the connection with the means for establishing the IPSec tunnel.
28. The wireless communications apparatus of claim 21, wherein the mobile communication module maintains communication with a module for transceiving associated with the secure portion of the wireless communication environment until a service executing on the mobile communication module ends.
29. The wireless communications apparatus of claim 21, wherein the IPSec establishment procedure usage module determines the packet data service module based at least in part on use of an International Mobile Subscriber Identity (IMSI) modulo N algorithm, where N represents a possible number of packet data service modules available in the secure portion of the wireless communication environment.
30. The wireless communications apparatus of claim 21, wherein the means for using a11 signaling comprises: means for establishing a Generic Routing Encapsulation (GRE) tunnel between the means for establishing an IPSec tunnel and the packet data service module.
31. The wireless communications apparatus of claim 21, wherein the means for establishing the IPSec tunnel communicates with a means for a centralized a11 interface, the means for a centralized a11 interface disposed between the means for establishing the IPSec tunnel and the packet data serving means.
32. The wireless communications apparatus of claim 31, wherein the means for a centralized a11 interface exchanges data with the packet data service module over a single a11 connection.
33. The wireless communications apparatus of claim 31, wherein the means for establishing the IPSec tunnel utilizes a plurality of a11/a10 interfaces with the means for concentrating an 11 interface, wherein each of the plurality of a11/a10 interfaces is established at least in part upon a request from other mobile communication modules associated with the means for establishing the IPSec tunnel.
34. The wireless communications apparatus of claim 31, wherein the means for concentrating an a11 interface maintains a mapping between a11 and a10 connections with more than one means for establishing IPSec tunnels and a10 and a11 interactions among the more than one means for establishing IPSec tunnels, the mapping to direct packets to or from the means for concentrating an a11 interface.
35. The wireless communications apparatus of claim 21, wherein the means for establishing the IPSec tunnel is located in an unprotected portion of the wireless communication environment, the unprotected portion of the wireless communication environment comprising a wired or wireless home or small business environment.
36. The wireless communications apparatus of claim 21, wherein the means for mobile communicating utilizes the IPSec tunnel maintained by the means for establishing an IPSec tunnel to establish direct communication with the packet data serving means located on the secure portion of the wireless communication environment.
37. A wireless communications apparatus, comprising:
a memory holding instructions related to:
establishing an IPSec tunnel extending from the home base station to the packet data interworking function using an IPSec establishment procedure;
direct high-speed packet data (HRDP) Point-to-Point protocol (PPP) challenge-handshake authentication protocol (CHAP) through the IPSec tunnel to authenticate an access terminal associated with the home base station in a secure wireless communication environment;
identifying a packet data serving node based at least in part on an International Mobile Subscriber Identity (IMSI) associated with the access terminal;
establishing dynamic data exchange between the packet data serving node and the home base station; and
establishing an A10 connection with the packet data serving node using A11 signaling; and
a processor, coupled to the memory, configured to execute the instructions retained in the memory.
38. The wireless communications apparatus of claim 37, wherein the memory further retains instructions related to:
transmitting a remote user authentication dial in service (RADIUS) message; and
using an authentication service to authenticate the access terminal with the home base station.
39. The wireless communications apparatus of claim 37, wherein the IPSec tunnel extending from the home base station to the packet data interworking function traverses a security barrier interposed between the home base station and the packet data serving node.
40. The wireless communications apparatus of claim 37, wherein the packet data interworking function is located at an interface between the secure wireless communication environment and an unmasked portion of a wired or wireless communication environment.
41. The wireless communications apparatus of claim 37, wherein the memory further retains instructions related to:
querying a Network Address Identifier (NAI) list to locate a Network Address Identifier (NAI) associated with the access terminal requesting communication with the home base station;
maintaining a connection with a macro base station transceiver upon transitioning from the macro base station transceiver to the home base station until all executing services running on the access terminal become idle; and
determining the packet data serving node with which to establish communication according to an IMSI modulo N algorithm, wherein N represents a number of possible packet data serving nodes present in the secure wireless communication environment.
42. The wireless communications apparatus of claim 37, wherein the home base station includes functionality relating to a Base Transceiver Station (BTS) portion, a Base Station Controller (BSC) portion, and a Packet Control Function (PCF) portion.
43. A computer program product, comprising:
a machine-readable medium comprising:
code for causing a computer to establish an IPSec tunnel between the home base station and a packet data interworking function component using an IPSec establishment procedure on the home base station, the IPSec establishment procedure based at least in part on one user, all users, or a quality of service (QoS) attribute;
code for causing a computer to authenticate an access terminal associated with the home base station using at least one of a high rate packet data (HRDP) Point-to-Point protocol (PPP) challenge-handshake authentication protocol (CHAP) or non-Access stratum (NAS) based support directed through the IPSec tunnel;
code for causing a computer to identify or select a packet data serving node with which to establish communication between the home base station and the packet data serving node using an International Mobile Subscriber Identity (IMSI) associated with the access terminal; and
code for causing a computer to establish an A10 connection with the packet data serving node using A11 signaling.
44. The computer program product of claim 43, wherein the home base station comprises means relating to base station transceiver (BTS) capabilities, Base Station Controller (BSC) capabilities, Packet Control Function (PCF) capabilities, and packet data service capabilities.
45. The computer program product of claim 44, wherein the packet data service capability ensures that the access terminal is unable to distinguish between communications with the home base station or communications with a macro base station transceiver.
46. The computer program product of claim 43, wherein the home base station includes functionality relating to base station transceiver (BTS) capabilities, Base Station Controller (BSC) capabilities, and Packet Control Function (PCF) capabilities, the home base station providing packet data service capabilities using the packet data service node located in a protected portion of a wireless communication environment to ensure that the access terminal is unable to distinguish between communication with the home base station or communication with a macro base station transceiver.
47. The computer program product of claim 46, wherein the protected portion of a wireless communication environment comprises a cellular mobile communication network.
48. In a wireless communication system, an apparatus comprising:
a processor configured to:
establishing an IPSec tunnel between the home base station and a packet data interworking function component using an IPSec establishment procedure on the home base station, wherein the IPSec establishment procedure is based at least in part on one user, a plurality of users, or a quality of service (QoS) attribute;
authenticating an access terminal associated with the home base station using one or more of a point-to-point protocol (PPP) challenge-handshake authentication protocol (CHAP) or non-access stratum (NAS) based support directed through the IPSec tunnel;
identifying or selecting a packet data serving node with which to establish communication between the home base station and the packet data serving node using an International Mobile Subscriber Identity (IMSI) associated with the access terminal; and
an A10 connection is established with the packet data serving node using A11 signaling.
49. The wireless communication system of claim 48, wherein the processor is further configured to: dormant state session transfer is performed between the source access node and the target access node using a13 signaling through the concentrator component.
50. The wireless communication system of claim 48, wherein the processor is further configured to: high speed packet data inter-access node connection state session transfer is accomplished using a16 signaling between the source access node and the target access node through the concentrator component.
51. The wireless communication system of claim 48, wherein the processor is further configured to: resources supporting cross-connections between access nodes are managed by passing a17 signaling information between a source access node and a target access node through a concentrator component.
52. The wireless communication system of claim 48, wherein the processor is further configured to: during cross-connection, a18 traffic data associated with the access node is transmitted between the source access node and the target remote transmitter through the concentrator component.
53. The wireless communication system of claim 48, wherein the processor is further configured to: bearer-specific cross-connection control messages specific to the a19 remote transmitter for the access terminal are exchanged between the access node and the target remote transmitter through the concentrator component.
54. The wireless communication system of claim 48, wherein the processor is further configured to: a21 signaling information is communicated between the high rate packet data access node and the indoor wireless system to each other through the concentrator component.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US60/942,643 | 2007-06-07 | ||
| US12/132,552 | 2008-06-03 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| HK1144628A true HK1144628A (en) | 2011-02-25 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9155071B2 (en) | Employing a home base station in a wireless communication environment | |
| JP7428723B2 (en) | Method and apparatus for secure access control in wireless communications | |
| US10069803B2 (en) | Method for secure network based route optimization in mobile networks | |
| JP5646762B2 (en) | Method and apparatus for providing uplink traffic identification support for encrypted tunnels | |
| US9075953B2 (en) | Method and apparatus for providing notification of detected error conditions in a network | |
| US8677114B2 (en) | Application steering and application blocking over a secure tunnel | |
| US20090300207A1 (en) | Pcc enhancements for ciphering support | |
| EP3818740B1 (en) | Method and system for integrity protection of user plane signaling messages in wireless network | |
| CN101554013A (en) | Method and apparatus with null encryption for signaling and media packets between a mobile station and a secure gateway | |
| Yegin et al. | Protocol for carrying authentication for network access (PANA) requirements | |
| HK1144628A (en) | Home base station | |
| US20250350641A1 (en) | Methods and apparatus for a sixth generation (6g) roaming solution using protocol for n32 interconnect security (prins) with roaming intermediaries | |
| WO2025210408A1 (en) | Authentication using a user identifier | |
| Ma | Security investigation in 4G LTE wireless networks | |
| Chamas et al. | Securing open access networks using intelligent policy management system | |
| Makaya | Mobile Virtual Private Networks Architectures: Issues and Challenges | |
| Ohba et al. | RFC 4058: Protocol for Carrying Authentication for Network Access (PANA) Requirements | |
| Penno et al. | Network Working Group A. Yegin, Ed. Request for Comments: 4058 Samsung AIT Category: Informational Y. Ohba Toshiba | |
| Komarova et al. | Wireless Network Architecture to Support Mobile Users. | |
| HK1135257A (en) | Method and apparatus having null-encryption for signaling and media packets between a mobile station and a secure gateway | |
| HK1152811A1 (en) | Policy control for encapsulated data flows |