WO2010121645A1 - Priority service invocation and revocation - Google Patents

Priority service invocation and revocation Download PDF

Info

Publication number
WO2010121645A1
WO2010121645A1 PCT/EP2009/054708 EP2009054708W WO2010121645A1 WO 2010121645 A1 WO2010121645 A1 WO 2010121645A1 EP 2009054708 W EP2009054708 W EP 2009054708W WO 2010121645 A1 WO2010121645 A1 WO 2010121645A1
Authority
WO
WIPO (PCT)
Prior art keywords
service
priority
user
modification
service flow
Prior art date
Application number
PCT/EP2009/054708
Other languages
French (fr)
Inventor
Wei Hua Zhou
Shun Liang Zhang
Yi Zhang
Original Assignee
Nokia Siemens Networks Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Siemens Networks Oy filed Critical Nokia Siemens Networks Oy
Priority to PCT/EP2009/054708 priority Critical patent/WO2010121645A1/en
Publication of WO2010121645A1 publication Critical patent/WO2010121645A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles
    • H04L67/306User profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/80Actions related to the user profile or the type of traffic
    • H04L47/808User-type aware
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/82Miscellaneous aspects
    • H04L47/824Applicable to portable or mobile terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
    • H04L67/61Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources taking into account QoS or priority requirements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/082Access security using revocation of authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W72/00Local resource management
    • H04W72/50Allocation or scheduling criteria for wireless resources
    • H04W72/56Allocation or scheduling criteria for wireless resources based on priority criteria
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/90Services for handling of emergency or hazardous situations, e.g. earthquake and tsunami warning systems [ETWS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/50Connection management for emergency connections

Definitions

  • the present invention generally relates to priority service invocation and revocation. Specifically, the present invention for example relates to the invocation and/or revocation of priority services in public communication networks.
  • emergency services are only a non-limiting example for a priority service.
  • the subject-matter of the present specification is related to priority services of any kind.
  • Emergency Telecommunication Services are currently defined for fixed/mobile communication systems (like for example PSTN (Public Switched Telephone Network) , GSM (Global System for Mobile Communication) , GPRS (General Packet Radio Service) , UMTS (Universal Mobile Telecommunication System) or the like) .
  • PSTN Public Switched Telephone Network
  • GSM Global System for Mobile Communication
  • GPRS General Packet Radio Service
  • UMTS Universal Mobile Telecommunication System
  • An Emergency Telecommunication Service enables National Security/Emergency Preparedness (NS/EP) users (e.g., commander in chief, federal emergency management, national security staff, CEOs of key financial institution, and first responders leadership) to make priority calls/sessions using the public networks during a network congestion or partial network outage condition, which may be caused by natural disasters (e.g., hurricanes) or man-made disasters (e.g., terrorist attacks) . Namely, due to such natural or man-made disasters, network equipment could be destroyed so that available resources are reduced and/or the amount of traffic could rise, thus leading to a network congestion or partial network outage condition.
  • natural disasters e.g., hurricanes
  • man-made disasters e.g., terrorist attacks
  • ETS representing a priority
  • NS/EP users' calls/sessions are treated in a prioritized manner so as to ensure such priority calls/sessions be established in spite of the general shortage of available resources.
  • SIP Session Initiation Protocol
  • public networks having no standardized means for implementing such emergency services or other priority services, there is no way for prioritizing specific users and/or specific calls, sessions, or the like as compared with other users, calls, sessions, or the like.
  • networks include WiMAX (Worldwide Interoperability for Microwave Access) according to IEEE 802.16 standards and LTE/SAE (LTE: Long Term Evolution, SAE: Service Architecture Evolution) according to 3GPP (Third Generation Partnership Project) standards .
  • WiMAX Worldwide Interoperability for Microwave Access
  • LTE/SAE Long Term Evolution
  • SAE Service Architecture Evolution
  • a web portal may be provided dedicated for emergency data applications, said web portal acting as sort of access point for NS/EP users and being accessible for example via submitting a specific message via HTTP/HTTPS (HTTP: Hypertext Transfer Protocol, HTTPS: Hypertext Transfer Protocol Secure) .
  • HTTP/HTTPS Hypertext Transfer Protocol
  • HTTPS Hypertext Transfer Protocol Secure
  • the present invention and its embodiments are made to provide for a feasible solution for invoking and/or revoking priority services in public communication networks .
  • a method comprising receiving, from a priority user, a request for invoking or revoking a priority data service for a data application in a public communication network, and invoking or revoking the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure.
  • said invoking the requested priority data service comprises initiating an authentication of the priority user at an authentication entity, and acquiring the priority status and the service profile of the priority user and an indication on the applicable service flow procedure from the authentication entity,
  • said invoking the requested priority data service comprises requesting a service flow creation or modification for the priority data service to be invoked in accordance with the applicable service flow procedure at an authentication or policy control entity,
  • said requesting comprises sending, to the authentication entity, a dynamic quality-of-service service creation request including an identity of the priority user,
  • said requesting comprises sending, to the policy control entity, an application and/or service information including the priority status and the service profile of the priority user,
  • said revoking the requested priority data service comprises requesting a service flow deletion or modification for the priority data service to be revoked in accordance with the applicable service flow procedure at an authentication or policy control entity,
  • said requesting comprises sending, to the authentication entity, a dynamic quality-of-service service deletion request including an identity of the priority user,
  • said requesting comprises sending, to the policy control entity, an application and/or service information including the priority status and the service profile of the priority user, - said method is operable at a priority service authentication server,
  • the priority data service is one of an emergency telecommunication service and a multimedia priority service, and/or
  • the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
  • an apparatus comprising a priority service processor configured to receive, from a priority user, a request for invoking or revoking a priority data service for a data application in a public communication network, and invoke or revoke the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure.
  • said priority service processor for invoking the requested priority data service, is configured to initiate an authentication of the priority user at an authentication entity, and acquire the priority status and the service profile of the priority user and an indication on the applicable service flow procedure from the authentication entity,
  • said priority service processor for invoking the requested priority data service, is configured to request a service flow creation or modification for the priority data service to be invoked in accordance with the applicable service flow procedure at an authentication or policy control entity, - said priority service processor, for requesting said service flow creation or modification, is configured to send, to the authentication entity, a dynamic quality-of- service service creation request including an identity of the priority user,
  • said priority service processor for requesting said service flow creation or modification, is configured to send, to the policy control entity, an application and/or service information including the priority status and the service profile of the priority use,
  • said priority service processor for revoking the requested priority data service, is configured to request a service flow deletion or modification for the priority data service to be revoked in accordance with the applicable service flow procedure at an authentication or policy control entity,
  • said priority service processor for requesting said service flow deletion or modification, is configured to send, to the authentication entity, a dynamic quality-of- service service deletion request including an identity of the priority user,
  • said priority service processor for requesting said service flow deletion or modification, is configured to send, to the policy control entity, an application and/or service information including the priority status and the service profile of the priority user,
  • said apparatus is operable as a priority service authentication server
  • the priority data service is one of an emergency telecommunication service and a multimedia priority service, and/or
  • the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
  • a computer program product comprising program code means being arranged, when run on a processor of an apparatus, to perform the method according to the first aspect and/or any one of the further developments or modifications thereof.
  • a method comprising authenticating a priority user requesting an invocation or revocation of a priority data service for a data application in a public communication network upon initiation from a priority service authentication server, and providing a priority status and a service profile of the priority user and an indication on an applicable service flow procedure to the priority service authentication server.
  • the method comprises triggering a service flow creation or modification for an invocation of the requested priority data service in accordance with the applicable service flow procedure, - said triggering comprises receiving, from the priority service authentication server, a dynamic quality-of-service service creation request including an identity of the priority user, and sending, to an access service node, a dynamic service flow creation or modification request including the priority status and the service profile of the priority user,
  • the method comprises triggering a service flow deletion or modification for a revocation of the requested priority data service in accordance with the applicable service flow procedure, - said triggering comprises receiving, from the priority service authentication server, a dynamic quality-of-service service deletion request including an identity of the priority user, and sending, to an access service node, a dynamic service flow deletion or modification request including the priority status and the service profile of the priority user,
  • the method is operable at an authentication, authorization and accounting server, - the priority data service is one of an emergency telecommunication service and a multimedia priority service, and/or
  • the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
  • an apparatus comprising: an authenticating unit configured to authenticate a priority user requesting an invocation or revocation of a priority data service for a data application in a public communication network upon initiation from a priority service authentication server, and a data processor configured to provide a priority status and a service profile of the priority user and an indication on an applicable service flow procedure to the priority service authentication server.
  • the apparatus comprises a priority service flow processor being configured to trigger a service flow creation or modification for an invocation of the requested priority data service in accordance with the applicable service flow procedure, - said priority service flow processor, for triggering, is configured to receive, from the priority service authentication server, a dynamic quality-of-service service creation request including an identity of the priority user, and send, to an access service node, a dynamic service flow creation or modification request including the priority status and the service profile of the priority user,
  • the apparatus comprises a priority service flow processor being configured to trigger a service flow deletion or modification for a revocation of the requested priority data service in accordance with the applicable service flow procedure,
  • said priority service flow processor for triggering, is configured to receive, from the priority service authentication server, a dynamic quality-of-service service deletion request including an identity of the priority user, and send, to an access service node, a dynamic service flow deletion or modification request including the priority status and the service profile of the priority user,
  • said apparatus is operable as an authentication, authorization and accounting server
  • the priority data service is one of an emergency telecommunication service and a multimedia priority service, and/or
  • the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
  • a computer program product comprising program code means being arranged, when run on a processor of an apparatus, to perform the method according to the fourth aspect and/or any one of the further developments or modifications thereof.
  • a method comprising: triggering at least one of a service flow creation, deletion and modification for an invocation or revocation of a priority data service for a data application of a requesting priority user in a public communication network upon initiation from a priority service authentication server, said triggering being based on a priority status and a service profile of the priority user and an applicable service flow procedure.
  • said service flow creation or modification comprises receiving, from the priority service authentication server, an application and/or service information including the priority status and the service profile of the priority user, and sending, to an access service node, a policy and charging rule provision message including the priority status and the service profile of the priority user for requesting creation or modification of an appropriate service flow,
  • said service flow deletion or modification comprises receiving, from the priority service authentication server, an application and/or service information including the priority status and the service profile of the priority user, and sending, to an access service node, a policy and charging rule provision message including the priority status and the service profile of the priority user for requesting deletion or modification of an appropriate service flow, - said method is operable at a policy distribution function and/or a policy and charging rule function,
  • the priority data service is one of an emergency telecommunication service and a multimedia priority service, and/or
  • the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
  • an apparatus comprising a priority service flow processor configured to trigger at least one of a service flow creation, deletion and modification for an invocation or revocation of a priority data service for a data application of a requesting priority user in a public communication network upon initiation from a priority service authentication server, said triggering being based on a priority status and a service profile of the priority user and an applicable service flow procedure.
  • said priority service flow processor for service flow creation or modification, is configured to receive, from the priority service authentication server, an application and/or service information including the priority status and the service profile of the priority user, and send, to an access service node, a policy and charging rule provision message including the priority status and the service profile of the priority user for requesting creation or modification of an appropriate service flow,
  • said service flow priority processor for service flow deletion or modification, is configured to receive, from the priority service authentication server, an application and/or service information including the priority status and the service profile of the priority user, and send, to an access service node, a policy and charging rule provision message including the priority status and the service profile of the priority user for requesting deletion or modification of an appropriate service flow,
  • said apparatus is operable as a policy distribution function and/or a policy and charging rule function
  • the priority data service is one of an emergency telecommunication service and a multimedia priority service, and/or
  • the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
  • a computer program product comprising program code means being arranged, when run on a processor of an apparatus, to perform the method according to the seventh aspect and/or any one of the further developments or modifications thereof.
  • exemplary embodiments of the present invention there is provided support for priority services (e.g. Emergency Telecommunication Service ETS, Multimedia Priority Service MPS, or the like) in public communication networks, such as for example WiMAX or LTE/SAE access and/or core networks.
  • priority services e.g. Emergency Telecommunication Service ETS, Multimedia Priority Service MPS, or the like
  • public communication networks such as for example WiMAX or LTE/SAE access and/or core networks.
  • exemplary embodiments of the present invention may provide a priority access for a priority service (e.g. ETS, MPS, etc.) in public communication networks, such as for example WiMAX or LTE/SAE access and/or core networks.
  • an appropriate invocation and/or revocation of a priority data service for a data application in public communication networks such as for example WiMAX or LTE/SAE access and/or core networks
  • data services may be invoked and/or revoked for all data applications (e.g. web access, email, short message service SMS, Internet Protocol based multimedia IM, file transfer, or the like) of a prioritized user, such as a NS/EP user, in a prioritized manner.
  • the architecture, structures and operations of the underlying network environment e.g. WiMAX, LTE/SAE, etc.
  • the underlying network environment e.g. WiMAX, LTE/SAE, etc.
  • Figure 1 shows a schematic block diagram of an arrangement of a first implementation example according to exemplary embodiments of the present invention
  • Figure 2 shows a signaling diagram of an exemplary priority service invocation procedure for the arrangement of Figure 1 according to exemplary embodiments of the present invention
  • Figure 3 shows a signaling diagram of an exemplary priority service revocation procedure for the arrangement of Figure 1 according to exemplary embodiments of the present invention
  • Figure 4 shows a schematic block diagram of an arrangement of a second implementation example according to exemplary embodiments of the present invention
  • Figure 5 shows a signaling diagram of an exemplary priority service invocation procedure for the arrangement of Figure 4 according to exemplary embodiments of the present invention
  • Figure 6 shows a signaling diagram of an exemplary priority service revocation procedure for the arrangement of Figure 4 according to exemplary embodiments of the present invention
  • Figure 7 shows a flowchart of an exemplary method of a priority service authentication server according to exemplary embodiments of the present invention
  • Figure 8 shows a flowchart of an exemplary method of an authentication entity according to exemplary embodiments of the present invention
  • Figure 9 shows a flowchart of an exemplary method of a policy control entity according to exemplary embodiments of the present invention
  • Figure 10 shows a schematic block diagram of an exemplary configuration of a priority service authentication server according to exemplary embodiments of the present invention
  • Figure 11 shows a schematic block diagram of an exemplary configuration of an authentication entity according to exemplary embodiments of the present invention
  • Figure 12 shows a schematic block diagram of an exemplary configuration of a policy control entity according to exemplary embodiments of the present invention.
  • the present invention and its embodiments are mainly described in relation to IEEE specifications being used as non-limiting examples for certain exemplary network configurations.
  • a WiMAX network according to IEEE 802.16 standards is used as a non- limiting example in this regard.
  • 3GPP specifications and for example a LTE/SAE network could be equally used as well.
  • an emergency service in particular an emergency telecommunication service ETS, is used as a non-limiting example for a priority service, while for example a multimedia priority service MPS could be equally used as well.
  • ETS emergency telecommunication service
  • MPS multimedia priority service
  • the description of the exemplary embodiments given herein specifically refers to terminology which is directly related thereto. Such terminology is only used in the context of the presented non-limiting examples, and does naturally not limit the invention in any way. Rather, any other network configuration or access implementation may also be utilized as long as compliant with the features described herein .
  • AAA authentication, authorization and accounting
  • Figure 1 shows a schematic block diagram of an arrangement of a first implementation example according to exemplary embodiments of the present invention.
  • a mobile station MS representing a priority user is connected with an access service node ASN via a Rl interface and with an ETS authentication server representing a priority service authentication server via an Internet interface
  • the access service node ASN is connected with an AAA server representing an authentication entity via a R3 interface
  • the AAA server is connected with the ETS authentication server via a Re interface.
  • Figure 1 may have the one or more of the following properties. Details are set out below in connection with Figures 2, 3, and 7 to 12.
  • the Re interface i.e. the AAA server and the ETS authentication server, shall be able to support ETS user authentication.
  • the ETS authentication server may access the AAA server to get necessary information for ETS user authentication.
  • the Re interface i.e. the AAA server and the ETS authentication server, shall be able to support to return an appropriate ETS SF (service flow) creation, deletion or modification method from the AAA server to the ETS authentication server, which will be used by the ETS authentication server to decide how to and to initiate ETS SF creation or modification for a current ETS user.
  • ETS SF service flow
  • the Re interface i.e. the AAA server and the ETS authentication server, shall be able to support a dynamic QoS (quality-of-service) service creation/ deletion/ modification.
  • the ETS authentication server may initiate a SF creation, deletion or modification by a dynamic QoS service request to the AAA server for an ETS data (transport) service.
  • the AAA server may trigger the ASN to create, delete or modify at least one dynamic SF with the ETS-specific priority by way of a network-initiated SF creation, deletion or modification procedure, i.e. the appropriate service flow procedure.
  • the R3 interface i.e. the AAA server and the ETS authentication server, is enhanced to support an ETS service, i.e. an ETS data (transport) service.
  • Both the Re and R3 interfaces shall support "ETS user priority” representing a user' s priority status and "ETS QoS profile” representing a user' s service profile on related messages on the respective interface.
  • Figure 2 shows a signaling diagram of an exemplary priority service invocation procedure for the arrangement of Figure 1, i.e. an AAA-based implementation, according to exemplary embodiments of the present invention.
  • ETS emergency telecommunication service
  • An ETS service user represented by his/her user equipment or mobile station MS submits an invocation request for an ETS data application towards an ETS authentication server via an anchor access service node ASN.
  • the ETS authentication server upon receipt of the invocation request, sends an access request to an AAA server to authenticate whether the requesting user has an ETS subscription, i.e. whether the user is authenticated for ETS application invocation.
  • the ETS user authentication is done.
  • the AAA server sends an access response to the ETS authentication server to notify the authentication results of this ETS user, which includes ETS user priority, ETS QoS (quality-of- service) profile and ETS SF (service flow) creation method to be used. Otherwise, i.e. if authentication yields a negative result, the AAA server sends an access reject to the ETS authentication server to reject this user to access to the requested ETS service.
  • the ETS authentication server notifies the ETS user that it is rejected, and terminates the present invocation procedure.
  • the ETS authentication server decides (not shown) how to initiate ETS SF creation based on the applicability indication received from the AAA server. Accordingly, the ETS authentication server sends a dynamic QoS service creation request to the AAA server, which includes ETS user identity (and not ETS user priority and ETS QoS profile) , since the AAA server itself knows ETS priority and ETS QoS profile already.
  • the AAA server then triggers the anchor ASN for SF creation for the requested ETS by sending a dynamic SF creation request message, which shall also include ETS priority and ETS QoS profile.
  • the ASN acknowledges to the AAA server the result of the SF creation.
  • the AAA server acknowledges to the ETS authentication server the result of the dynamic QoS service creation.
  • the ETS authentication server notifies the ETS user whether its ETS data application invocation is success or not.
  • operation 2 represents an initiation of a user authentication
  • operation 6 represents a request for service flow creation.
  • ETS priority and ETS QoS profile represent non-limiting examples for user priority status and user service profile.
  • SF creation is mentioned above, SF modification is equally applicable.
  • Figure 3 shows a signaling diagram of an exemplary priority service revocation procedure for the arrangement of Figure 1, i.e. an AAA-based implementation, according to exemplary embodiments of the present invention
  • ETS emergency telecommunication service
  • An ETS service user represented by his/her user equipment or mobile station MS submits a revocation request for an ETS data application towards an ETS authentication server via an anchor access service node ASN.
  • the ETS authentication server sends a dynamic QoS service delete message to the AAA server.
  • the AAA server sends also a dynamic SF delete message to the ASN to ask it to delete or modify a corresponding ETS-specific SF.
  • the ASN deletes the corresponding ETS SF or modifies it (when modification instead of deletion is requested, which is equally applicable) by removing or altering its ETS indicator to preserve it for further usage.
  • the ASN acknowledges to the AAA server that the ETS SF is deleted or modified.
  • the AAA server acknowledges to the ETS authentication server that the ETS data application revocation is done.
  • the ETS authentication server responds to the ETS user that its ETS data application revocation is done.
  • the parameters in the individual messages exchanged are evident from the illustration of Figure 3.
  • an exemplary priority service revocation procedure may also comprise user authentication and information provisioning operations between the ETS authentication server and the AAA server (similar to those illustrated in steps 2 to 4 of Figure 2) .
  • PCC policy and charging control
  • Figure 4 shows a schematic block diagram of an arrangement of a second implementation example according to exemplary embodiments of the present invention.
  • a mobile station MS representing a priority user is connected with an access service node ASN via a Rl interface and with an ETS authentication server representing a priority service authentication server via an Internet interface
  • the access service node ASN is connected with a PDF/PCRF element (PDF: policy distribution function, PCRF: policy and charging rule function) representing a policy control entity via a PCC-R3-P interface
  • the PDF/PCRF element is connected with the ETS authentication server via a Rx interface.
  • the ETS authentication server is also connected with an AAA server.
  • Figure 4 may have the one or more of the following properties. Details are set out below in connection with Figures 5 to 12.
  • the interface between the AAA server and the ETS authentication server shall be able to support ETS user authentication.
  • the ETS authentication server may access the AAA server to get necessary information for ETS user authentication. It shall be able to support to return an appropriate ETS SF (service flow) creation, deletion or modification method from the AAA server to the ETS authentication server, which will be used by the ETS authentication server to decide how to and to initiate ETS SF creation or modification for a current ETS user.
  • ETS SF service flow
  • the Rx interface i.e. the PDF/PCRF element and the ETS authentication server, shall be able to support a service creation/ deletion/ modification.
  • the ETS authentication server may initiate a SF creation, deletion or modification by application and/or service information transmittal to the PDF/PCRF element for an ETS data (transport) service.
  • the PDF/PCRF element may trigger the ASN to create, delete or modify at least one dynamic SF with the ETS-specific priority by way of a network- initiated SF creation, deletion or modification procedure, i.e. the appropriate service flow procedure.
  • the Rx interface i.e. the PDF/PCRF element and the ETS authentication server, is enhanced to support an ETS service, i.e. an ETS data (transport) service.
  • Both the Rx and PCC-R3-P interfaces shall support "ETS user priority” representing a user' s priority status and "ETS QoS profile” representing a user' s service profile on related messages on the respective interface.
  • Figure 5 shows a signaling diagram of an exemplary priority service invocation procedure for the arrangement of Figure 4, i.e. a PCC-based implementation, according to exemplary embodiments of the present invention
  • An ETS service user represented by his/her user equipment or mobile station MS submits an invocation request for an ETS data application towards an ETS authentication server via an anchor access service node ASN.
  • the ETS authentication server upon receipt of the invocation request, sends an access request to an AAA server to authenticate whether the requesting user has an ETS subscription, i.e. whether the user is authenticated for ETS application invocation.
  • the AAA server sends an access response to the ETS authentication server to notify the authentication results of this ETS user, which includes ETS user priority, ETS QoS (quality-of- service) profile and ETS SF (service flow) creation method to be used. Otherwise, i.e. if authentication yields a negative result, the AAA server sends an access reject to the ETS authentication server to reject this user to access to the requested ETS service.
  • the ETS authentication server notifies the ETS user that it is rejected, and terminates the present invocation procedure.
  • the ETS authentication server decides (not shown) how to initiate ETS SF creation based on the applicability indication received from the AAA server. Accordingly, the sends application and/or service Information to the
  • PDF/PCRF which shall include ETS priority and ETS QoS profile .
  • the PDF/PCRF then triggers the anchor ASN for SF creation or modification for the requested ETS by sending a policy and charging rule provision message, which shall include ETS priority and ETS QoS profile.
  • One new SF is created or one existing SF is modified at/by the ASN to support the requested ETS service.
  • the ETS authentication server notifies the ETS user whether its ETS data application invocation is success or not .
  • operation 2 represents an initiation of a user authentication
  • operation 6 represents a request for service flow creation or modification.
  • the above-mentioned information ETS priority and ETS QoS profile represent non-limiting examples for user priority status and user service profile .
  • Figure 6 shows a signaling diagram of an exemplary priority service revocation procedure for the arrangement of Figure 4, i.e. a PCC-based implementation, according to exemplary embodiments of the present invention.
  • ETS emergency telecommunication service
  • An ETS service user represented by his/her user equipment or mobile station MS submits a revocation request for ETS data application towards an ETS authentication server via an anchor access service node ASN.
  • the ETS authentication server sends application and/or service information to the PDF/PCRF to notify which dynamic QoS service is to be deleted or modified.
  • the PDF/PCRF sends a policy and charging rule provision message to the ASN to ask the ASN to delete or modify a corresponding ETS-specific SF.
  • the ASN deletes the corresponding ETS SF or modifies it (when modification instead of deletion is requested, which is equally applicable) by removing or altering its ETS indicator to preserve it for further usage.
  • the PDF/PCRF acknowledges to the ETS authentication server that the ETS data application revocation is done.
  • the ETS authentication server responds to the ETS user that its ETS data application revocation is done.
  • an exemplary priority service revocation procedure may also comprise user authentication and information provisioning operations between the ETS authentication server and the AAA server (similar to those illustrated in steps 2 to 4 of Figure 5) .
  • FIG 7 shows a flowchart of an exemplary method of a priority service authentication server according to exemplary embodiments of the present invention. The thus depicted and described method may for example be carried out by the ETS authentication server according to any one of Figures 1 to 3 or 4 to 6.
  • a method comprises the operations of receiving, from a priority user, a request for invoking or revoking a priority data service (e.g. a priority data transport service) for a data application in a public communication network, and invoking or revoking the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure.
  • a priority data service e.g. a priority data transport service
  • the receiving operation may be accomplished by a transceiver of the executing apparatus
  • the invoking/revoking operation may be accomplished by a dedicated means or device, for example by a priority service processor.
  • a priority service authentication server may carry out the following operations.
  • the priority service authentication server may receive, from a priority user, such as e.g. an ETS user, a request for invoking or revoking a priority data transport service (e.g. a priority data transport service) for a data application in a public communication network, such as e.g. an ETS data application invocation/revocation request (like in operation 1 of Figures 2, 3, 5 and 6) .
  • a priority user such as e.g. an ETS user
  • a request for invoking or revoking a priority data transport service e.g. a priority data transport service
  • a data application invocation/revocation request like in operation 1 of Figures 2, 3, 5 and 6 .
  • the requested priority data service is invoked (or activated) on the basis of a priority status, such as e.g. ETS priority, and a service profile, such as e.g. ETS QoS profile, of the priority user in accordance with an applicable service flow procedure.
  • a priority status such as e.g. ETS priority
  • a service profile such as e.g. ETS QoS profile
  • the invocation operation may comprise one or more of a user authentication, an information acquisition and a service flow creation or modification request.
  • the priority service authentication server may initiate an authentication of the priority user at an authentication entity, such as the AAA server of Figure 1 or 3. Such initiation may for example comprise the sending of an access request to the AAA server (like in operation 2 of Figures 2 and 5) .
  • it is determined whether the initiated user authentication has been successful which may be accomplished by determining whether an access response or an access reject is received from the AAA server (like in operations 3 and 4 of Figures 2 and 5) .
  • the priority service authentication server may in step S713 acquire information necessary for the further invocation procedure, such as priority status and service profile of the priority user and an indication on the applicable service flow procedure.
  • Such information acquisition may for example comprise the receiving of a message including respective information from the authentication entity, such as the AAA server (like in operation 4 of Figures 2 and 5) .
  • the priority service authentication server may decide on the SF procedure to be used, and may in step S714 request a service flow creation or modification for the priority data service to be invoked accordingly.
  • Such requesting may for example comprise a sending of a corresponding message or corresponding information to an authentication entity, such as the AAA server of Figures 1 and 2 (like in operation 6 of Figure 2), or a policy control entity, such the PDF/PCRF element of Figures 4 and 5 (like in operation 6 of Figure 5) .
  • the priority service authentication server may notify the requesting priority user about the success or non-success of the requested priority service invocation (like in operations 5 and 11 of Figures 2 and 5) , wherein a non-success may be due to a failed authentication, i.e. NO in step S712, or a failed service flow creation or modification, or the like.
  • the requested priority data service is revoked (or deactivated) on the basis of a priority status, such as e.g. ETS priority, and a service profile, such as e.g. ETS QoS profile, of the priority user in accordance with an applicable service flow procedure.
  • a priority status such as e.g. ETS priority
  • a service profile such as e.g. ETS QoS profile
  • the revocation operation may comprise a service flow deletion or modification request.
  • the priority service authentication server may request a service flow deletion or modification for the priority data service to be revoked accordingly.
  • requesting may for example comprise a sending of a corresponding message or corresponding information to an authentication entity, such as the AAA server of Figures 1 and 3 (like in operation 2 of Figure 3) , or a policy control entity, such the PDF/PCRF element of Figures 4 and 6 (like in operation 2 of Figure 6) .
  • the priority service authentication server may notify the requesting priority user about the success or non-success of the requested priority service revocation (like in operation 7 of Figures 3 and 6) , wherein a non-success may be due to a failed service flow deletion or modification, or the like.
  • FIG 8 shows a flowchart of an exemplary method of an authentication entity according to exemplary embodiments of the present invention.
  • the thus depicted and described method may for example be carried out by the AAA server according to any one of Figures 1 to 3 or 4 to 6.
  • a method comprises the operations of authenticating a priority user requesting an invocation or revocation of a priority data transport service (e.g. a priority data transport service) for a data application in a public communication network upon initiation from a priority service authentication server, and providing a priority status and a service profile of the priority user and an indication on an applicable service flow procedure to the priority service authentication server.
  • a priority data transport service e.g. a priority data transport service
  • the authenticating operation may be accomplished by an authenticating unit or authenticator of the executing apparatus, and the information providing operation may be accomplished by a dedicated means or device, for example by a data processor and/or database or memory means.
  • an authentication entity may carry out the following operations .
  • the authentication entity may authenticate a priority user, such as e.g. an ETS user, requesting an invocation or revocation of a priority data service (e.g. a priority data transport service) for a data application in a public communication network, such as e.g. an ETS data application invocation/revocation request, upon initiation from a priority service authentication server, such as e.g. the ETS authentication server, and may respond to the priority service authentication server by way of an authentication success indication (like in operations 3 and 4 of Figures 2 and 5) .
  • the authentication entity may provide the priority service authentication server with information necessary for the further invocation/revocation procedure, such as priority status and service profile of the priority user and an indication on the applicable service flow procedure (like in operation 4 of Figures 2 and 5) .
  • the above operations are common to authentication entities of various implementations according to exemplary embodiments of the present invention.
  • the below operations may be carried out by authentication entities of certain implementations according to exemplary embodiments of the present invention, which is why they are illustrated as being optional by way of dashed lines.
  • an authentication entity according to exemplary embodiments of the present invention may carry out the below operations in an AAA-based implementation.
  • the authentication entity may trigger a service flow creation or modification for an invocation of the requested priority data service in accordance with the applicable service flow procedure.
  • triggering may for example comprise the sending of a corresponding message or corresponding information (like in operation 7 of Figure 2), which may for example be induced by a receiving of a corresponding request from the priority service authentication server, such as the ETS authentication server (like in operation 6 of Figure 2) .
  • the authentication entity may acknowledge the successful or non-successful completion of the requested service flow creation or modification to the requesting priority service authentication server (like in operation 10 of Figure 2) .
  • the authentication entity may trigger a service flow deletion or modification for a revocation of the requested priority data service in accordance with the applicable service flow procedure.
  • triggering may for example comprise the sending of a corresponding message or corresponding information (like in operation 3 of Figure 3), which may for example be induced by a receiving of a corresponding request from the priority service authentication server, such as the ETS authentication server (like in operation 2 of Figure 3) .
  • the authentication entity may acknowledge the successful or non-successful completion of the requested service flow deletion or modification to the requesting priority service authentication server (like in operation 6 of Figure 3) .
  • the above triggering operation (s) may be accomplished by a dedicated means or device, for example by a priority service flow processor.
  • Figure 9 shows a flowchart of an exemplary method of a policy control entity according to exemplary embodiments of the present invention. The thus depicted and described method may for example be carried out by the PDF/PCRF element according to any one of Figures 4 to 6.
  • a method comprises the operations of triggering at least one of a service flow creation, deletion and modification for an invocation or revocation of a priority data service (e.g. a priority data transport service) for a data application of a requesting priority user in a public communication network upon initiation from a priority service authentication server, said triggering being based on a priority status and a service profile of the priority user and an applicable service flow procedure.
  • a priority data service e.g. a priority data transport service
  • the triggering operation may be accomplished by a dedicated means or device, for example by a priority service flow processor.
  • a policy control entity may carry out the following operations.
  • a policy control entity may carry out the below operations in a PCC- based implementation.
  • the operations carried out by a policy control entity in a PCC-based implementation are comparable to those carried out by an authentication entity in an AAA-based implementation, as depicted in the bottom part with dashed lines in Figure 8.
  • the policy control entity may trigger a service flow creation or modification for an invocation of the requested priority data service in accordance with the applicable service flow procedure.
  • triggering may for example comprise the sending of a corresponding message or corresponding information (like in operation 7 of Figure 5) , which may for example be induced by a receiving of a corresponding request from the priority service authentication server, such as the ETS authentication server (like in operation 6 of Figure 5) .
  • the policy control entity may acknowledge the successful or non-successful completion of the requested service flow creation or modification to the requesting priority service authentication server (like in operation 10 of Figure 5) .
  • the policy control entity may trigger a service flow deletion or modification for an invocation of the requested priority data service in accordance with the applicable service flow procedure.
  • triggering may for example comprise the sending of a corresponding message or corresponding information (like in operation 3 of Figure 6) , which may for example be induced by a receiving of a corresponding request from the priority service authentication server, such as the ETS authentication server (like in operation 2 of Figure 6) .
  • the policy control entity may acknowledge the successful or non-successful completion of the requested service flow deletion or modification to the requesting priority service authentication server (like in operation 6 of Figure 6) .
  • an access entity such as e.g. an (anchor) access service node
  • an access entity is configured to be enabled for cooperating in the above- outlined procedures performed by the other entities in an appropriate manner.
  • an access entity according to exemplary embodiments of the present invention may be adapted for supporting a Rl interface as well as an accordingly enhanced R3 and/or PCC-R3-P interface, as depicted in Figures 1 and 4.
  • an access entity may properly participate in and contribute to any kind of message or information transfer in any stage of the above procedures, and particularly in/to service flow creation, deletion and/or modification, as triggered by an authentication entity or a policy control entity (like in operations 7 to 9 of Figures 2 and 5 or in operations 3 to 5 of Figures 3 and 6) .
  • An access entity according to exemplary embodiments of the present invention thus comprises accordingly configured means, devices, processors, or the like for achieving the above effects.
  • the solid line blocks are basically configured to perform the basic operations.
  • the entirety of solid/dashed line blocks are basically configured to perform the methods and operations as described above, respectively.
  • the individual blocks are meant to illustrate respective functional blocks implementing a respective function, process or procedure, respectively.
  • Such functional blocks are implementation- independent, i.e. may be implemented by means of any kind of hardware or software, respectively.
  • the lines interconnecting individual blocks are meant to illustrate an operational coupling there-between, which on the one hand is implementation-independent (e.g. wired or wireless) and on the other hand may also comprise an arbitrary number of intermediary functional entities not shown .
  • Figure 10 shows a schematic block diagram of an exemplary configuration of a priority service authentication server according to exemplary embodiments of the present invention.
  • the thus depicted and described apparatus may for example be (a part of) the ETS authentication server according to any one of Figures 1 to 3 or 4 to 6.
  • an apparatus comprises a priority service processor.
  • the priority service processor may be configured to carry out or to control a procedure according to Figure 7. Namely, the priority service processor may be configured to receive, from a priority user, a request for invoking or revoking a priority data service (e.g. a priority data transport service) for a data application in a public communication network, and to invoke or revoke the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure, as well as to carry out any one of associated operations described above.
  • a priority data service e.g. a priority data transport service
  • the priority service processor may represent means for receiving, from a priority user, a request for invoking or revoking a priority data service (e.g. a priority data transport service) for a data application in a public communication network, and for invoking or revoking the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure, as well as for carrying out any one of associated operations described above.
  • the priority service processor may be connected with a transceiver and/or a database or memory storing priority service information, i.e. information needed for an invocation and/or revocation of a priority service.
  • the transceiver i.e. a combined transmitter and receiver
  • the present apparatus may be connected via respective interfaces with a priority user represented by its user equipment or mobile station MS and an AAA server, thus leading to an arrangement according to an AAA-based implementation as explained above.
  • the present apparatus may be connected via respective interfaces with a priority user represented by its user equipment or mobile station MS, an AAA server and a policy control element such as e.g. PDF/PCRF, thus leading to an arrangement according to a PCC-based implementation as explained above.
  • a system according to exemplary embodiments of the present invention may comprise an apparatus according to Figure 10 and one or more of MS, AAA and PDF/PCRF.
  • FIG 11 shows a schematic block diagram of an exemplary configuration of an authentication entity according to exemplary embodiments of the present invention.
  • the thus depicted and described apparatus may for example be (a part of) the AAA server according to any one of Figures 1 to 3 or 4 to 6.
  • an apparatus comprises an authenticating unit and a data processor.
  • the authenticating unit may be configured to carry out or to control a procedure according to step S801 of Figure 8.
  • the authenticating unit may be configured to authenticate a priority user requesting an invocation or revocation of a priority data service (e.g. a priority data transport service) for a data application in a public communication network upon initiation from a priority service authentication server, as well as to carry out any one of associated operations described above.
  • a priority data service e.g. a priority data transport service
  • the authenticating unit may represent means for authenticating a priority user requesting an invocation or revocation of a priority data service (e.g.
  • the data processor may be configured to carry out or to control a procedure according to step S802 of Figure 8. Namely, the data processor may be configured to provide a priority status and a service profile of the priority user and an indication on an applicable service flow procedure to the priority service authentication server, as well as to carry out any one of associated operations described above. Stated in other terms, the data processor may represent means for providing a priority status and a service profile of the priority user and an indication on an applicable service flow procedure to the priority service authentication server, as well as for carrying out any one of associated operations described above.
  • the data processor may be connected with a database or memory storing priority service information, i.e. information needed for an invocation and/or revocation of a priority service, and the authenticating unit may be connected with a transceiver.
  • the present apparatus may additionally comprise a priority service flow processor.
  • the priority service flow processor may be configured to carry out or to control a procedure according to steps S803 to S806 of Figure 8.
  • the priority service flow processor may be configured to trigger a service flow creation, deletion or modification for an invocation or revocation of a requested priority data service (e.g. a priority data transport service) in accordance with the applicable service flow procedure, as well as associated operations described above.
  • the priority service flow processor may represent means for triggering a service flow creation or modification for an invocation of a requested priority data service (e.g. a priority data transport service) in accordance with the applicable service flow procedure, as well as for carrying out associated operations described above.
  • the priority service flow processor may be connected with the information database or memory and the transceiver.
  • the transceiver i.e. a combined transmitter and receiver
  • the transceiver may be connected with one or more interfaces to other apparatuses, entities, devices, or network nodes.
  • the present apparatus may be connected via respective interfaces with a priority authentication server denoted e.g. as ETS authentication server.
  • the present apparatus may be connected via respective interfaces with a priority authentication server denoted e.g. as ETS authentication server and an (anchor) access entity such as an access service node ASN being connected with a priority user represented by its user equipment or mobile station MS.
  • a system according to exemplary embodiments of the present invention may comprise an apparatus according to Figure 11 and one or more of ETS authentication server, ASN and MS.
  • Figure 12 shows a schematic block diagram of an exemplary configuration of a policy control entity according to exemplary embodiments of the present invention.
  • the thus depicted and described apparatus may for example be (a part of) the PDF/PCRF element according to any one of Figures 4 to 6.
  • an apparatus comprises a priority service flow processor.
  • the priority service flow processor may be configured to carry out or to control a procedure according to Figure 9.
  • the priority service flow processor may be configured to trigger at least one of a service flow creation, deletion and modification for an invocation or revocation of a priority data service (e.g. a priority data transport service) for a data application of a requesting priority user in a public communication network upon initiation from a priority service authentication server, said triggering being based on a priority status and a service profile of the priority user and an applicable service flow procedure, as well as to carry out any one of associated operations described above.
  • a priority data service e.g. a priority data transport service
  • the priority service flow processor may represent means for triggering at least one of a service flow creation, deletion and modification for an invocation or revocation of a priority data service (e.g. a priority data transport service) for a data application of a requesting priority user in a public communication network upon initiation from a priority service authentication server, said triggering being based on a priority status and a service profile of the priority user and an applicable service flow procedure, as well as for carrying out any one of associated operations described above.
  • the priority service flow processor may be connected with a transceiver.
  • the transceiver i.e. a combined transmitter and receiver
  • the transceiver may be connected with one or more interfaces to other apparatuses, entities, devices, or network nodes.
  • the present apparatus may be connected via respective interfaces with a priority authentication server denoted e.g. as ETS authentication server and an (anchor) access entity such as an access service node ASN being connected with a priority user represented by its user equipment or mobile station MS.
  • a system according to exemplary embodiments of the present invention may comprise an apparatus according to Figure 12 and one or more of ETS authentication server, ASN and MS.
  • Any one of the above-outlined apparatuses represents an autonomous entity according to respective embodiments of the present invention, while their interworking entirety or any conceivable combination thereof represents a system according to respective embodiments of the present invention.
  • a system may for example be a (transport) network complying with IEEE 802.16 standards and/or a (transport) network complying with 3GPP LTE/SAE standards .
  • respective functional blocks or elements according to above-described aspects can be implemented by any known means, either in hardware and/or software, respectively, if it is only adapted to perform the described functions of the respective parts.
  • the mentioned method steps can be realized in individual functional blocks or by individual devices, or one or more of the method steps can be realized in a single functional block or by a single device.
  • any method step is suitable to be implemented as software or by hardware without changing the idea of the present invention.
  • Devices and means can be implemented as individual devices, but this does not exclude that they are implemented in a distributed fashion throughout the system, as long as the functionality of the device is preserved. Such and similar principles are to be considered as known to those skilled in the art.
  • Software in the sense of the present description comprises software code as such comprising code means for performing the respective functions, as well as software (or a computer program or a computer program product) embodied on a tangible medium such as a computer-readable storage medium having stored thereon a respective data structure or code portions or embodied in a signal or in a chip, potentially during processing thereof.
  • an access technology may be any technology by means of which a user equipment or terminal device can access an access network (e.g. via a base station or generally an access device) .
  • any present or future technology such as WLAN (Wireless Local Access Network) , WiMAX (Worldwide Interoperability for Microwave Access), BlueTooth, Infrared, and the like may be applicable; access technologies may be distinguishable in at least two categories or access domains such as packet switched and circuit switched, but the existence of more than two access domains does not impede the invention being applied thereto, - an access network may be any device, apparatus, unit or means by which a station, entity or other user equipment may connect to and/or utilize services offered by the access network; such services include, among others, data and/or (audio-) visual communication, data download etc .
  • a user equipment or terminal device may be any device, apparatus, unit or means by which a system user may experience services from an access network such as a mobile phone, personal digital assistant PDA, or computer;
  • - method steps and functions likely to be implemented as software code portions and being run using a processor at one of the entities, a network element, or a terminal are software code independent and can be specified using any known or future developed programming language, such as e.g. Java, C++, C, and Assembler, as long as the functionality defined by the method steps is preserved;
  • any method step is suitable to be implemented as software or by hardware without changing the idea of the invention in terms of the functionality implemented;
  • CMOS Complementary MOS
  • BiMOS Bipolar MOS
  • BiCMOS Bipolar CMOS
  • ECL emitter Coupled Logic
  • TTL Transistor-Transistor Logic
  • any method steps and/or devices, units or means likely to be implemented as software components may for example be based on any security architecture capable e.g. of authentication, authorization, keying and/or traffic protection;
  • devices, apparatuses, units or means can be implemented as individual devices, apparatuses, units or means, but this does not exclude that they are implemented in a distributed fashion throughout the system, as long as the functionality of the device, apparatus, unit or means is preserved,
  • an apparatus may be represented by a semiconductor chip, a chipset, or a (hardware) module comprising such chip or chipset; this, however, does not exclude the possibility that a functionality of an apparatus or module, instead of being hardware implemented, be implemented as software in a (software) module such as a computer program or a computer program product comprising executable software code portions for execution/being run on a processor;
  • a device may be regarded as an apparatus or as an assembly of more than one apparatus, whether functionally in cooperation with each other or functionally independently of each other but in a same device housing, for example.
  • the present invention also covers any conceivable combination of method steps and operations described above, and any conceivable combination of nodes, apparatuses, modules or elements described above, as long as the above-described concepts of methodology and structural arrangement are applicable.
  • An exemplary measure may comprise receiving, from a priority user, a request for invoking or revoking a priority data service (e.g. a priority data transport service) for a data application in a public communication network (e.g. a transport network) , and invoking or revoking the requested priority data service (e.g. a priority data transport service) on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure.
  • a priority data service e.g. a priority data transport service
  • non-limiting examples for such priority services may include ETS in WiMAX network environments, MPS in 3GPP (LTE/SAE) network environments, or any other present or future service in any network environment, which requires a prioritization for calls, sessions or the like of certain prioritized users.
  • ETS in WiMAX network environments
  • MPS in 3GPP (LTE/SAE) network environments
  • SAE 3GPP network environments
  • any other present or future service in any network environment which requires a prioritization for calls, sessions or the like of certain prioritized users.

Abstract

There are provided measures for priority service invocation and revocation. Specifically, the present invention for example relates to the invocation and/or revocation of priority services in public communication networks. An exemplary measure may comprise receiving, from a priority user, a request for invoking or revoking a priority data service for a data application in a public communication network, and invoking or revoking the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure.

Description

Title of the invention
Priority service invocation and revocation
Field of the invention
The present invention generally relates to priority service invocation and revocation. Specifically, the present invention for example relates to the invocation and/or revocation of priority services in public communication networks.
Background of the invention
In public communication networks like public transport communication networks it is typically desirable or even required that measures are taken for enabling to prioritize specific users and/or specific calls, sessions, or the like as compared with other users, calls, sessions, or the like.
As a non-limiting example for such a prioritization emergency services may be mentioned. In view thereof, the following mainly refers to such emergency services for illustrating the subject-matter of the present specification, although it is to be noted that emergency services are only a non-limiting example for a priority service. In general terms, the subject-matter of the present specification is related to priority services of any kind.
For example, emergency services (hereinafter also referred to as Emergency Telecommunication Services ETS) are currently defined for fixed/mobile communication systems (like for example PSTN (Public Switched Telephone Network) , GSM (Global System for Mobile Communication) , GPRS (General Packet Radio Service) , UMTS (Universal Mobile Telecommunication System) or the like) . An Emergency Telecommunication Service (ETS) enables National Security/Emergency Preparedness (NS/EP) users (e.g., commander in chief, federal emergency management, national security staff, CEOs of key financial institution, and first responders leadership) to make priority calls/sessions using the public networks during a network congestion or partial network outage condition, which may be caused by natural disasters (e.g., hurricanes) or man-made disasters (e.g., terrorist attacks) . Namely, due to such natural or man-made disasters, network equipment could be destroyed so that available resources are reduced and/or the amount of traffic could rise, thus leading to a network congestion or partial network outage condition. Without ETS, during such congestion or outage conditions, NS/EP users will suffer from call/session blocking, and will not be able to carry out mission critical communications and tasks. With ETS representing a priority, during such congestion or outage conditions, NS/EP users' calls/sessions are treated in a prioritized manner so as to ensure such priority calls/sessions be established in spite of the general shortage of available resources.
To this end, current fixed/mobile communication systems have specific means for implementing such emergency services. In this regard, specific signaling mechanisms are known to be used in certain network environments to enable the establishment of certain communications. For example, it is known that SIP (Session Initiation Protocol) may be used as a dedicated signaling mechanism for reliably establishing voice and/or video calls in emergency circumstances. However, in public networks having no standardized means for implementing such emergency services or other priority services, there is no way for prioritizing specific users and/or specific calls, sessions, or the like as compared with other users, calls, sessions, or the like. Currently, examples for such networks include WiMAX (Worldwide Interoperability for Microwave Access) according to IEEE 802.16 standards and LTE/SAE (LTE: Long Term Evolution, SAE: Service Architecture Evolution) according to 3GPP (Third Generation Partnership Project) standards .
Furthermore, current emergency services or other priority services are directed to the establishment of voice/video calls/sessions or the like, and are essentially based on the usage of a specific signaling mechanism for such calls/Session. Accordingly, there is no way for prioritizing data applications (i.e., a network access for data applications) lacking any specific signaling mechanisms for use in their conjunction. For example, it could be required that a network access or connection is established for a data application of a NS/EP user (e.g., web access, email, short message service SMS, Internet Protocol based multimedia IM, file transfer, or the like), e.g. Internet access for an emergency or priority data application, i.e. a data application in/for emergency or priority use. In this regard, it could be conceivable that a web portal may be provided dedicated for emergency data applications, said web portal acting as sort of access point for NS/EP users and being accessible for example via submitting a specific message via HTTP/HTTPS (HTTP: Hypertext Transfer Protocol, HTTPS: Hypertext Transfer Protocol Secure) . Yet, such an approach could not ensure the prioritization of network access or connection establishment of emergency data applications or users, i.e. the transport of the HTTP/HTTPS messages to the web portal.
In view of the above, it is evident that there currently exist shortcomings and deficiencies in the provision (i.e. invocation and/or revocation) of priority services, particularly in certain networks and for certain types of applications. That is, particularly in certain networks and for certain types of applications, an appropriate delivery of calls or sessions of a high priority nature may not be ensured.
Accordingly, there does not exist any feasible solution for invoking and/or revoking priority services in public communication networks.
Summary of exemplary embodiments of the invention
The present invention and its embodiments are made to provide for a feasible solution for invoking and/or revoking priority services in public communication networks .
According to an exemplary first aspect of the present invention, there is provided a method comprising receiving, from a priority user, a request for invoking or revoking a priority data service for a data application in a public communication network, and invoking or revoking the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure. According to further developments or modifications thereof, one or more of the following applies:
- said invoking the requested priority data service comprises initiating an authentication of the priority user at an authentication entity, and acquiring the priority status and the service profile of the priority user and an indication on the applicable service flow procedure from the authentication entity,
- said invoking the requested priority data service comprises requesting a service flow creation or modification for the priority data service to be invoked in accordance with the applicable service flow procedure at an authentication or policy control entity,
- said requesting comprises sending, to the authentication entity, a dynamic quality-of-service service creation request including an identity of the priority user,
- said requesting comprises sending, to the policy control entity, an application and/or service information including the priority status and the service profile of the priority user,
- said revoking the requested priority data service comprises requesting a service flow deletion or modification for the priority data service to be revoked in accordance with the applicable service flow procedure at an authentication or policy control entity,
- said requesting comprises sending, to the authentication entity, a dynamic quality-of-service service deletion request including an identity of the priority user,
- said requesting comprises sending, to the policy control entity, an application and/or service information including the priority status and the service profile of the priority user, - said method is operable at a priority service authentication server,
- the priority data service is one of an emergency telecommunication service and a multimedia priority service, and/or
- the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
According to an exemplary second aspect of the present invention, there is provided an apparatus comprising a priority service processor configured to receive, from a priority user, a request for invoking or revoking a priority data service for a data application in a public communication network, and invoke or revoke the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure.
According to further developments or modifications thereof, one or more of the following applies:
- said priority service processor, for invoking the requested priority data service, is configured to initiate an authentication of the priority user at an authentication entity, and acquire the priority status and the service profile of the priority user and an indication on the applicable service flow procedure from the authentication entity,
- said priority service processor, for invoking the requested priority data service, is configured to request a service flow creation or modification for the priority data service to be invoked in accordance with the applicable service flow procedure at an authentication or policy control entity, - said priority service processor, for requesting said service flow creation or modification, is configured to send, to the authentication entity, a dynamic quality-of- service service creation request including an identity of the priority user,
- said priority service processor, for requesting said service flow creation or modification, is configured to send, to the policy control entity, an application and/or service information including the priority status and the service profile of the priority use,
- said priority service processor, for revoking the requested priority data service, is configured to request a service flow deletion or modification for the priority data service to be revoked in accordance with the applicable service flow procedure at an authentication or policy control entity,
- said priority service processor, for requesting said service flow deletion or modification, is configured to send, to the authentication entity, a dynamic quality-of- service service deletion request including an identity of the priority user,
- said priority service processor, for requesting said service flow deletion or modification, is configured to send, to the policy control entity, an application and/or service information including the priority status and the service profile of the priority user,
- said apparatus is operable as a priority service authentication server,
- the priority data service is one of an emergency telecommunication service and a multimedia priority service, and/or
- the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards. According to an exemplary third aspect of the present invention, there is provided a computer program product comprising program code means being arranged, when run on a processor of an apparatus, to perform the method according to the first aspect and/or any one of the further developments or modifications thereof.
According to an exemplary fourth aspect of the present invention, there is provided a method comprising authenticating a priority user requesting an invocation or revocation of a priority data service for a data application in a public communication network upon initiation from a priority service authentication server, and providing a priority status and a service profile of the priority user and an indication on an applicable service flow procedure to the priority service authentication server.
According to further developments or modifications thereof, one or more of the following applies:
- the method comprises triggering a service flow creation or modification for an invocation of the requested priority data service in accordance with the applicable service flow procedure, - said triggering comprises receiving, from the priority service authentication server, a dynamic quality-of-service service creation request including an identity of the priority user, and sending, to an access service node, a dynamic service flow creation or modification request including the priority status and the service profile of the priority user,
- the method comprises triggering a service flow deletion or modification for a revocation of the requested priority data service in accordance with the applicable service flow procedure, - said triggering comprises receiving, from the priority service authentication server, a dynamic quality-of-service service deletion request including an identity of the priority user, and sending, to an access service node, a dynamic service flow deletion or modification request including the priority status and the service profile of the priority user,
- said method is operable at an authentication, authorization and accounting server, - the priority data service is one of an emergency telecommunication service and a multimedia priority service, and/or
- the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
According to an exemplary fifth aspect of the present invention, there is provided an apparatus comprising: an authenticating unit configured to authenticate a priority user requesting an invocation or revocation of a priority data service for a data application in a public communication network upon initiation from a priority service authentication server, and a data processor configured to provide a priority status and a service profile of the priority user and an indication on an applicable service flow procedure to the priority service authentication server.
According to further developments or modifications thereof, one or more of the following applies:
- the apparatus comprises a priority service flow processor being configured to trigger a service flow creation or modification for an invocation of the requested priority data service in accordance with the applicable service flow procedure, - said priority service flow processor, for triggering, is configured to receive, from the priority service authentication server, a dynamic quality-of-service service creation request including an identity of the priority user, and send, to an access service node, a dynamic service flow creation or modification request including the priority status and the service profile of the priority user,
- the apparatus comprises a priority service flow processor being configured to trigger a service flow deletion or modification for a revocation of the requested priority data service in accordance with the applicable service flow procedure,
- said priority service flow processor, for triggering, is configured to receive, from the priority service authentication server, a dynamic quality-of-service service deletion request including an identity of the priority user, and send, to an access service node, a dynamic service flow deletion or modification request including the priority status and the service profile of the priority user,
- said apparatus is operable as an authentication, authorization and accounting server,
- the priority data service is one of an emergency telecommunication service and a multimedia priority service, and/or
- the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
According to an exemplary sixth aspect of the present invention, there is provided a computer program product comprising program code means being arranged, when run on a processor of an apparatus, to perform the method according to the fourth aspect and/or any one of the further developments or modifications thereof.
According to an exemplary seventh aspect of the present invention, there is provided a method comprising: triggering at least one of a service flow creation, deletion and modification for an invocation or revocation of a priority data service for a data application of a requesting priority user in a public communication network upon initiation from a priority service authentication server, said triggering being based on a priority status and a service profile of the priority user and an applicable service flow procedure.
According to further developments or modifications thereof, one or more of the following applies:
- said service flow creation or modification comprises receiving, from the priority service authentication server, an application and/or service information including the priority status and the service profile of the priority user, and sending, to an access service node, a policy and charging rule provision message including the priority status and the service profile of the priority user for requesting creation or modification of an appropriate service flow,
- said service flow deletion or modification comprises receiving, from the priority service authentication server, an application and/or service information including the priority status and the service profile of the priority user, and sending, to an access service node, a policy and charging rule provision message including the priority status and the service profile of the priority user for requesting deletion or modification of an appropriate service flow, - said method is operable at a policy distribution function and/or a policy and charging rule function,
- the priority data service is one of an emergency telecommunication service and a multimedia priority service, and/or
- the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
According to an exemplary eighth aspect of the present invention, there is provided an apparatus comprising a priority service flow processor configured to trigger at least one of a service flow creation, deletion and modification for an invocation or revocation of a priority data service for a data application of a requesting priority user in a public communication network upon initiation from a priority service authentication server, said triggering being based on a priority status and a service profile of the priority user and an applicable service flow procedure.
According to further developments or modifications thereof, one or more of the following applies:
- said priority service flow processor, for service flow creation or modification, is configured to receive, from the priority service authentication server, an application and/or service information including the priority status and the service profile of the priority user, and send, to an access service node, a policy and charging rule provision message including the priority status and the service profile of the priority user for requesting creation or modification of an appropriate service flow,
- said service flow priority processor, for service flow deletion or modification, is configured to receive, from the priority service authentication server, an application and/or service information including the priority status and the service profile of the priority user, and send, to an access service node, a policy and charging rule provision message including the priority status and the service profile of the priority user for requesting deletion or modification of an appropriate service flow,
- said apparatus is operable as a policy distribution function and/or a policy and charging rule function,
- the priority data service is one of an emergency telecommunication service and a multimedia priority service, and/or
- the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
According to an exemplary ninth aspect of the present invention, there is provided a computer program product comprising program code means being arranged, when run on a processor of an apparatus, to perform the method according to the seventh aspect and/or any one of the further developments or modifications thereof.
By way of exemplary embodiments of the present invention, there is provided support for priority services (e.g. Emergency Telecommunication Service ETS, Multimedia Priority Service MPS, or the like) in public communication networks, such as for example WiMAX or LTE/SAE access and/or core networks. Stated in other words, exemplary embodiments of the present invention may provide a priority access for a priority service (e.g. ETS, MPS, etc.) in public communication networks, such as for example WiMAX or LTE/SAE access and/or core networks. By way of exemplary embodiments of the present invention, an appropriate invocation and/or revocation of a priority data service for a data application in public communication networks, such as for example WiMAX or LTE/SAE access and/or core networks, may be provided. Stated in other words, data services may be invoked and/or revoked for all data applications (e.g. web access, email, short message service SMS, Internet Protocol based multimedia IM, file transfer, or the like) of a prioritized user, such as a NS/EP user, in a prioritized manner.
By way of exemplary embodiments of the present invention, the architecture, structures and operations of the underlying network environment (e.g. WiMAX, LTE/SAE, etc.) is minimally affected.
Brief description of the drawings
In the following, the exemplary embodiments of the present invention will be described in greater detail by way of non-limiting examples with reference to the accompanying drawings, in which
Figure 1 shows a schematic block diagram of an arrangement of a first implementation example according to exemplary embodiments of the present invention,
Figure 2 shows a signaling diagram of an exemplary priority service invocation procedure for the arrangement of Figure 1 according to exemplary embodiments of the present invention,
Figure 3 shows a signaling diagram of an exemplary priority service revocation procedure for the arrangement of Figure 1 according to exemplary embodiments of the present invention,
Figure 4 shows a schematic block diagram of an arrangement of a second implementation example according to exemplary embodiments of the present invention,
Figure 5 shows a signaling diagram of an exemplary priority service invocation procedure for the arrangement of Figure 4 according to exemplary embodiments of the present invention,
Figure 6 shows a signaling diagram of an exemplary priority service revocation procedure for the arrangement of Figure 4 according to exemplary embodiments of the present invention,
Figure 7 shows a flowchart of an exemplary method of a priority service authentication server according to exemplary embodiments of the present invention,
Figure 8 shows a flowchart of an exemplary method of an authentication entity according to exemplary embodiments of the present invention,
Figure 9 shows a flowchart of an exemplary method of a policy control entity according to exemplary embodiments of the present invention,
Figure 10 shows a schematic block diagram of an exemplary configuration of a priority service authentication server according to exemplary embodiments of the present invention, Figure 11 shows a schematic block diagram of an exemplary configuration of an authentication entity according to exemplary embodiments of the present invention, and
Figure 12 shows a schematic block diagram of an exemplary configuration of a policy control entity according to exemplary embodiments of the present invention.
Detailed description of embodiments of the present invention
The present invention is described herein with reference to particular non-limiting examples. A person skilled in the art will appreciate that the invention is not limited to these examples, and may be more broadly applied.
In particular, the present invention and its embodiments are mainly described in relation to IEEE specifications being used as non-limiting examples for certain exemplary network configurations. In particular, a WiMAX network according to IEEE 802.16 standards is used as a non- limiting example in this regard. Although not detailed in the following, 3GPP specifications and for example a LTE/SAE network could be equally used as well. Further, an emergency service, in particular an emergency telecommunication service ETS, is used as a non-limiting example for a priority service, while for example a multimedia priority service MPS could be equally used as well. As such, the description of the exemplary embodiments given herein specifically refers to terminology which is directly related thereto. Such terminology is only used in the context of the presented non-limiting examples, and does naturally not limit the invention in any way. Rather, any other network configuration or access implementation may also be utilized as long as compliant with the features described herein .
In the following, various embodiments and implementations of the present invention and its aspects or embodiments are described using several alternatives. It is generally to be noted that, according to certain needs and constraints, all of the described alternatives may be provided alone or in any conceivable combination (also including combinations of individual features of the various alternatives) .
In the following, a first non-limiting implementation example according to exemplary embodiments of the present invention is described, which could be referred to as an AAA-based implementation (AAA: authentication, authorization and accounting) .
Figure 1 shows a schematic block diagram of an arrangement of a first implementation example according to exemplary embodiments of the present invention.
According to the arrangement of Figure 1, a mobile station MS representing a priority user is connected with an access service node ASN via a Rl interface and with an ETS authentication server representing a priority service authentication server via an Internet interface, the access service node ASN is connected with an AAA server representing an authentication entity via a R3 interface, and the AAA server is connected with the ETS authentication server via a Re interface.
Features according to exemplary embodiments of the present invention particularly (but not exclusively) relate to an introduction of the Re interface, an enhancement of the R3 interface, as well as structures and operations of both AAA server and ETS authentication server .
In brief, the arrangement of Figure 1 may have the one or more of the following properties. Details are set out below in connection with Figures 2, 3, and 7 to 12.
- The Re interface, i.e. the AAA server and the ETS authentication server, shall be able to support ETS user authentication. With this interface, the ETS authentication server may access the AAA server to get necessary information for ETS user authentication.
- The Re interface, i.e. the AAA server and the ETS authentication server, shall be able to support to return an appropriate ETS SF (service flow) creation, deletion or modification method from the AAA server to the ETS authentication server, which will be used by the ETS authentication server to decide how to and to initiate ETS SF creation or modification for a current ETS user.
- The Re interface, i.e. the AAA server and the ETS authentication server, shall be able to support a dynamic QoS (quality-of-service) service creation/ deletion/ modification. With this interface, the ETS authentication server may initiate a SF creation, deletion or modification by a dynamic QoS service request to the AAA server for an ETS data (transport) service. Following the request from the ETS authentication, the AAA server may trigger the ASN to create, delete or modify at least one dynamic SF with the ETS-specific priority by way of a network-initiated SF creation, deletion or modification procedure, i.e. the appropriate service flow procedure. - The R3 interface, i.e. the AAA server and the ETS authentication server, is enhanced to support an ETS service, i.e. an ETS data (transport) service.
- Both the Re and R3 interfaces shall support "ETS user priority" representing a user' s priority status and "ETS QoS profile" representing a user' s service profile on related messages on the respective interface.
Figure 2 shows a signaling diagram of an exemplary priority service invocation procedure for the arrangement of Figure 1, i.e. an AAA-based implementation, according to exemplary embodiments of the present invention.
According to the exemplary procedure depicted in Figure 2, the following operations are carried out in the context of emergency telecommunication service (ETS) invocation as an example of priority service invocation.
1) An ETS service user represented by his/her user equipment or mobile station MS submits an invocation request for an ETS data application towards an ETS authentication server via an anchor access service node ASN. 2) The ETS authentication server, upon receipt of the invocation request, sends an access request to an AAA server to authenticate whether the requesting user has an ETS subscription, i.e. whether the user is authenticated for ETS application invocation. 3) The ETS user authentication is done.
4) If this user has an ETS subscription, i.e. if authentication yields a positive result, the AAA server sends an access response to the ETS authentication server to notify the authentication results of this ETS user, which includes ETS user priority, ETS QoS (quality-of- service) profile and ETS SF (service flow) creation method to be used. Otherwise, i.e. if authentication yields a negative result, the AAA server sends an access reject to the ETS authentication server to reject this user to access to the requested ETS service.
5) If this ETS user is rejected, the ETS authentication server notifies the ETS user that it is rejected, and terminates the present invocation procedure.
6) If this ETS user is successfully authenticated, the ETS authentication server decides (not shown) how to initiate ETS SF creation based on the applicability indication received from the AAA server. Accordingly, the ETS authentication server sends a dynamic QoS service creation request to the AAA server, which includes ETS user identity (and not ETS user priority and ETS QoS profile) , since the AAA server itself knows ETS priority and ETS QoS profile already.
7) The AAA server then triggers the anchor ASN for SF creation for the requested ETS by sending a dynamic SF creation request message, which shall also include ETS priority and ETS QoS profile.
8) A corresponding SF is created.
9) The ASN acknowledges to the AAA server the result of the SF creation. 10) The AAA server acknowledges to the ETS authentication server the result of the dynamic QoS service creation.
11) The ETS authentication server notifies the ETS user whether its ETS data application invocation is success or not.
In the above exemplary procedure, operation 2 represents an initiation of a user authentication, and operation 6 represents a request for service flow creation. The above-mentioned information ETS priority and ETS QoS profile represent non-limiting examples for user priority status and user service profile. Although SF creation is mentioned above, SF modification is equally applicable.
Figure 3 shows a signaling diagram of an exemplary priority service revocation procedure for the arrangement of Figure 1, i.e. an AAA-based implementation, according to exemplary embodiments of the present invention,
According to the exemplary procedure depicted in Figure 3, the following operations are carried out in the context of emergency telecommunication service (ETS) revocation as an example of priority service revocation.
1) An ETS service user represented by his/her user equipment or mobile station MS submits a revocation request for an ETS data application towards an ETS authentication server via an anchor access service node ASN. 2) The ETS authentication server sends a dynamic QoS service delete message to the AAA server.
3) The AAA server sends also a dynamic SF delete message to the ASN to ask it to delete or modify a corresponding ETS-specific SF. 4) The ASN deletes the corresponding ETS SF or modifies it (when modification instead of deletion is requested, which is equally applicable) by removing or altering its ETS indicator to preserve it for further usage.
5) The ASN acknowledges to the AAA server that the ETS SF is deleted or modified.
6) The AAA server acknowledges to the ETS authentication server that the ETS data application revocation is done.
7) The ETS authentication server responds to the ETS user that its ETS data application revocation is done. The parameters in the individual messages exchanged are evident from the illustration of Figure 3.
Although not illustrated in Figure 3, an exemplary priority service revocation procedure may also comprise user authentication and information provisioning operations between the ETS authentication server and the AAA server (similar to those illustrated in steps 2 to 4 of Figure 2) .
In the following, a second non-limiting implementation example according to exemplary embodiments of the present invention is described, which could be referred to as a PCC-based implementation (PCC: policy and charging control) .
Figure 4 shows a schematic block diagram of an arrangement of a second implementation example according to exemplary embodiments of the present invention.
According to the arrangement of Figure 1, a mobile station MS representing a priority user is connected with an access service node ASN via a Rl interface and with an ETS authentication server representing a priority service authentication server via an Internet interface, the access service node ASN is connected with a PDF/PCRF element (PDF: policy distribution function, PCRF: policy and charging rule function) representing a policy control entity via a PCC-R3-P interface, and the PDF/PCRF element is connected with the ETS authentication server via a Rx interface. Although not shown, the ETS authentication server is also connected with an AAA server.
Features according to exemplary embodiments of the present invention particularly (but not exclusively) relate to an enhancement of the PCC-R3-P and Rx interfaces, as well as structures and operations of the ETS authentication server, the PDF/PCRF element and the AAA server.
In brief, the arrangement of Figure 4 may have the one or more of the following properties. Details are set out below in connection with Figures 5 to 12.
- The interface between the AAA server and the ETS authentication server shall be able to support ETS user authentication. With this interface, the ETS authentication server may access the AAA server to get necessary information for ETS user authentication. It shall be able to support to return an appropriate ETS SF (service flow) creation, deletion or modification method from the AAA server to the ETS authentication server, which will be used by the ETS authentication server to decide how to and to initiate ETS SF creation or modification for a current ETS user.
- The Rx interface, i.e. the PDF/PCRF element and the ETS authentication server, shall be able to support a service creation/ deletion/ modification. With this interface, the ETS authentication server may initiate a SF creation, deletion or modification by application and/or service information transmittal to the PDF/PCRF element for an ETS data (transport) service. Following the request from the ETS authentication, the PDF/PCRF element may trigger the ASN to create, delete or modify at least one dynamic SF with the ETS-specific priority by way of a network- initiated SF creation, deletion or modification procedure, i.e. the appropriate service flow procedure. - The Rx interface, i.e. the PDF/PCRF element and the ETS authentication server, is enhanced to support an ETS service, i.e. an ETS data (transport) service.
- Both the Rx and PCC-R3-P interfaces shall support "ETS user priority" representing a user' s priority status and "ETS QoS profile" representing a user' s service profile on related messages on the respective interface.
Figure 5 shows a signaling diagram of an exemplary priority service invocation procedure for the arrangement of Figure 4, i.e. a PCC-based implementation, according to exemplary embodiments of the present invention,
According to the exemplary procedure depicted in Figure 5, the following operations are carried out in the context of emergency telecommunication service (ETS) invocation as an example of priority service invocation. It is assumed that PDF/PCRF-initiated SF creation or modification is adopted.
1) An ETS service user represented by his/her user equipment or mobile station MS submits an invocation request for an ETS data application towards an ETS authentication server via an anchor access service node ASN.
2) The ETS authentication server, upon receipt of the invocation request, sends an access request to an AAA server to authenticate whether the requesting user has an ETS subscription, i.e. whether the user is authenticated for ETS application invocation.
3) The ETS user authentication is done.
4) If this user has an ETS subscription, i.e. if authentication yields a positive result, the AAA server sends an access response to the ETS authentication server to notify the authentication results of this ETS user, which includes ETS user priority, ETS QoS (quality-of- service) profile and ETS SF (service flow) creation method to be used. Otherwise, i.e. if authentication yields a negative result, the AAA server sends an access reject to the ETS authentication server to reject this user to access to the requested ETS service.
5) If this ETS user is rejected, the ETS authentication server notifies the ETS user that it is rejected, and terminates the present invocation procedure.
6) If this ETS user is successfully authenticated, the ETS authentication server decides (not shown) how to initiate ETS SF creation based on the applicability indication received from the AAA server. Accordingly, the sends application and/or service Information to the
PDF/PCRF, which shall include ETS priority and ETS QoS profile .
7) The PDF/PCRF then triggers the anchor ASN for SF creation or modification for the requested ETS by sending a policy and charging rule provision message, which shall include ETS priority and ETS QoS profile.
8) One new SF is created or one existing SF is modified at/by the ASN to support the requested ETS service.
9) The ASN acknowledges to the PDF/PCRF the result of SF creation or modification.
10) The PDF/PCRF acknowledges to the ETS authentication server the result of the dynamic QoS service creation or modification .
11) The ETS authentication server notifies the ETS user whether its ETS data application invocation is success or not .
In the above exemplary procedure, operation 2 represents an initiation of a user authentication, and operation 6 represents a request for service flow creation or modification. The above-mentioned information ETS priority and ETS QoS profile represent non-limiting examples for user priority status and user service profile .
Figure 6 shows a signaling diagram of an exemplary priority service revocation procedure for the arrangement of Figure 4, i.e. a PCC-based implementation, according to exemplary embodiments of the present invention.
According to the exemplary procedure depicted in Figure 6, the following operations are carried out in the context of emergency telecommunication service (ETS) revocation as an example of priority service revocation.
1) An ETS service user represented by his/her user equipment or mobile station MS submits a revocation request for ETS data application towards an ETS authentication server via an anchor access service node ASN.
2) The ETS authentication server sends application and/or service information to the PDF/PCRF to notify which dynamic QoS service is to be deleted or modified.
3) The PDF/PCRF sends a policy and charging rule provision message to the ASN to ask the ASN to delete or modify a corresponding ETS-specific SF.
4) The ASN deletes the corresponding ETS SF or modifies it (when modification instead of deletion is requested, which is equally applicable) by removing or altering its ETS indicator to preserve it for further usage.
5) The ASN acknowledges to the PDF/PCRF that the ETS SF is deleted or modified.
6) The PDF/PCRF acknowledges to the ETS authentication server that the ETS data application revocation is done. 7) The ETS authentication server responds to the ETS user that its ETS data application revocation is done.
The parameters in the individual messages exchanged are evident from the illustration of Figure 6.
Although not illustrated in Figure 6, an exemplary priority service revocation procedure may also comprise user authentication and information provisioning operations between the ETS authentication server and the AAA server (similar to those illustrated in steps 2 to 4 of Figure 5) .
Figure 7 shows a flowchart of an exemplary method of a priority service authentication server according to exemplary embodiments of the present invention. The thus depicted and described method may for example be carried out by the ETS authentication server according to any one of Figures 1 to 3 or 4 to 6.
As depicted in Figure 7, a method according to exemplary embodiments of the present invention comprises the operations of receiving, from a priority user, a request for invoking or revoking a priority data service (e.g. a priority data transport service) for a data application in a public communication network, and invoking or revoking the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure. According to an exemplary and non- limiting implementation, the receiving operation may be accomplished by a transceiver of the executing apparatus, and the invoking/revoking operation may be accomplished by a dedicated means or device, for example by a priority service processor. In detail, a priority service authentication server according to exemplary embodiments may carry out the following operations.
In step S701, the priority service authentication server may receive, from a priority user, such as e.g. an ETS user, a request for invoking or revoking a priority data transport service (e.g. a priority data transport service) for a data application in a public communication network, such as e.g. an ETS data application invocation/revocation request (like in operation 1 of Figures 2, 3, 5 and 6) . For the further operations, it is distinguished whether an invocation request or a revocation request is received.
In case of an invocation request, in step S710, the requested priority data service is invoked (or activated) on the basis of a priority status, such as e.g. ETS priority, and a service profile, such as e.g. ETS QoS profile, of the priority user in accordance with an applicable service flow procedure. The invocation operation may comprise one or more of a user authentication, an information acquisition and a service flow creation or modification request.
In step S711, the priority service authentication server may initiate an authentication of the priority user at an authentication entity, such as the AAA server of Figure 1 or 3. Such initiation may for example comprise the sending of an access request to the AAA server (like in operation 2 of Figures 2 and 5) . In step S712, it is determined whether the initiated user authentication has been successful, which may be accomplished by determining whether an access response or an access reject is received from the AAA server (like in operations 3 and 4 of Figures 2 and 5) . In case of a positive authentication result, the priority service authentication server may in step S713 acquire information necessary for the further invocation procedure, such as priority status and service profile of the priority user and an indication on the applicable service flow procedure. Such information acquisition may for example comprise the receiving of a message including respective information from the authentication entity, such as the AAA server (like in operation 4 of Figures 2 and 5) . By way of the thus acquired information, the priority service authentication server may decide on the SF procedure to be used, and may in step S714 request a service flow creation or modification for the priority data service to be invoked accordingly. Such requesting may for example comprise a sending of a corresponding message or corresponding information to an authentication entity, such as the AAA server of Figures 1 and 2 (like in operation 6 of Figure 2), or a policy control entity, such the PDF/PCRF element of Figures 4 and 5 (like in operation 6 of Figure 5) .
In step S720, the priority service authentication server may notify the requesting priority user about the success or non-success of the requested priority service invocation (like in operations 5 and 11 of Figures 2 and 5) , wherein a non-success may be due to a failed authentication, i.e. NO in step S712, or a failed service flow creation or modification, or the like.
In case of a revocation request, in step S730, the requested priority data service is revoked (or deactivated) on the basis of a priority status, such as e.g. ETS priority, and a service profile, such as e.g. ETS QoS profile, of the priority user in accordance with an applicable service flow procedure. The revocation operation may comprise a service flow deletion or modification request.
In step S731, the priority service authentication server may request a service flow deletion or modification for the priority data service to be revoked accordingly. Such requesting may for example comprise a sending of a corresponding message or corresponding information to an authentication entity, such as the AAA server of Figures 1 and 3 (like in operation 2 of Figure 3) , or a policy control entity, such the PDF/PCRF element of Figures 4 and 6 (like in operation 2 of Figure 6) .
In step S740, the priority service authentication server may notify the requesting priority user about the success or non-success of the requested priority service revocation (like in operation 7 of Figures 3 and 6) , wherein a non-success may be due to a failed service flow deletion or modification, or the like.
Figure 8 shows a flowchart of an exemplary method of an authentication entity according to exemplary embodiments of the present invention. The thus depicted and described method may for example be carried out by the AAA server according to any one of Figures 1 to 3 or 4 to 6.
As depicted in Figure 8, a method according to exemplary embodiments of the present invention comprises the operations of authenticating a priority user requesting an invocation or revocation of a priority data transport service (e.g. a priority data transport service) for a data application in a public communication network upon initiation from a priority service authentication server, and providing a priority status and a service profile of the priority user and an indication on an applicable service flow procedure to the priority service authentication server. According to an exemplary and non- limiting implementation, the authenticating operation may be accomplished by an authenticating unit or authenticator of the executing apparatus, and the information providing operation may be accomplished by a dedicated means or device, for example by a data processor and/or database or memory means.
In detail, an authentication entity according to exemplary embodiments may carry out the following operations .
In step S801, the authentication entity may authenticate a priority user, such as e.g. an ETS user, requesting an invocation or revocation of a priority data service (e.g. a priority data transport service) for a data application in a public communication network, such as e.g. an ETS data application invocation/revocation request, upon initiation from a priority service authentication server, such as e.g. the ETS authentication server, and may respond to the priority service authentication server by way of an authentication success indication (like in operations 3 and 4 of Figures 2 and 5) . In step S802, the authentication entity may provide the priority service authentication server with information necessary for the further invocation/revocation procedure, such as priority status and service profile of the priority user and an indication on the applicable service flow procedure (like in operation 4 of Figures 2 and 5) .
The above operations are common to authentication entities of various implementations according to exemplary embodiments of the present invention. The below operations may be carried out by authentication entities of certain implementations according to exemplary embodiments of the present invention, which is why they are illustrated as being optional by way of dashed lines. For example, an authentication entity according to exemplary embodiments of the present invention may carry out the below operations in an AAA-based implementation.
For the further operations, it is distinguished whether a priority service invocation or revocation is in question.
In case of a requested priority service invocation, in step S803, the authentication entity may trigger a service flow creation or modification for an invocation of the requested priority data service in accordance with the applicable service flow procedure. Such triggering may for example comprise the sending of a corresponding message or corresponding information (like in operation 7 of Figure 2), which may for example be induced by a receiving of a corresponding request from the priority service authentication server, such as the ETS authentication server (like in operation 6 of Figure 2) . Then, in step S804, the authentication entity may acknowledge the successful or non-successful completion of the requested service flow creation or modification to the requesting priority service authentication server (like in operation 10 of Figure 2) .
In case of a requested priority service revocation, in step S805, the authentication entity may trigger a service flow deletion or modification for a revocation of the requested priority data service in accordance with the applicable service flow procedure. Such triggering may for example comprise the sending of a corresponding message or corresponding information (like in operation 3 of Figure 3), which may for example be induced by a receiving of a corresponding request from the priority service authentication server, such as the ETS authentication server (like in operation 2 of Figure 3) . Then, in step S806, the authentication entity may acknowledge the successful or non-successful completion of the requested service flow deletion or modification to the requesting priority service authentication server (like in operation 6 of Figure 3) .
The above triggering operation (s) may be accomplished by a dedicated means or device, for example by a priority service flow processor.
Figure 9 shows a flowchart of an exemplary method of a policy control entity according to exemplary embodiments of the present invention. The thus depicted and described method may for example be carried out by the PDF/PCRF element according to any one of Figures 4 to 6.
As depicted in Figure 9, a method according to exemplary embodiments of the present invention comprises the operations of triggering at least one of a service flow creation, deletion and modification for an invocation or revocation of a priority data service (e.g. a priority data transport service) for a data application of a requesting priority user in a public communication network upon initiation from a priority service authentication server, said triggering being based on a priority status and a service profile of the priority user and an applicable service flow procedure. According to an exemplary and non-limiting implementation, the triggering operation may be accomplished by a dedicated means or device, for example by a priority service flow processor. In detail, a policy control entity according to exemplary embodiments may carry out the following operations.
It is to be noted that the below operations may be carried out by policy control entities of certain implementations according to exemplary embodiments of the present invention. For example, a policy control entity according to exemplary embodiments of the present invention may carry out the below operations in a PCC- based implementation. In such a case, the operations carried out by a policy control entity in a PCC-based implementation, as depicted in Figure 9, are comparable to those carried out by an authentication entity in an AAA-based implementation, as depicted in the bottom part with dashed lines in Figure 8.
For such operations, it is distinguished whether a priority service invocation or revocation is in question.
In case of a requested priority service invocation, in step S901, the policy control entity may trigger a service flow creation or modification for an invocation of the requested priority data service in accordance with the applicable service flow procedure. Such triggering may for example comprise the sending of a corresponding message or corresponding information (like in operation 7 of Figure 5) , which may for example be induced by a receiving of a corresponding request from the priority service authentication server, such as the ETS authentication server (like in operation 6 of Figure 5) . Then, in step S902, the policy control entity may acknowledge the successful or non-successful completion of the requested service flow creation or modification to the requesting priority service authentication server (like in operation 10 of Figure 5) .
In case of a requested priority service revocation, in step S903, the policy control entity may trigger a service flow deletion or modification for an invocation of the requested priority data service in accordance with the applicable service flow procedure. Such triggering may for example comprise the sending of a corresponding message or corresponding information (like in operation 3 of Figure 6) , which may for example be induced by a receiving of a corresponding request from the priority service authentication server, such as the ETS authentication server (like in operation 2 of Figure 6) . Then, in step S904, the policy control entity may acknowledge the successful or non-successful completion of the requested service flow deletion or modification to the requesting priority service authentication server (like in operation 6 of Figure 6) .
Although not depicted in detail, an access entity, such as e.g. an (anchor) access service node, according to exemplary embodiments of the present invention is configured to be enabled for cooperating in the above- outlined procedures performed by the other entities in an appropriate manner. For example, an access entity according to exemplary embodiments of the present invention may be adapted for supporting a Rl interface as well as an accordingly enhanced R3 and/or PCC-R3-P interface, as depicted in Figures 1 and 4. Further, an access entity according to exemplary embodiments of the present invention may properly participate in and contribute to any kind of message or information transfer in any stage of the above procedures, and particularly in/to service flow creation, deletion and/or modification, as triggered by an authentication entity or a policy control entity (like in operations 7 to 9 of Figures 2 and 5 or in operations 3 to 5 of Figures 3 and 6) . An access entity according to exemplary embodiments of the present invention thus comprises accordingly configured means, devices, processors, or the like for achieving the above effects.
Although in the foregoing embodiments of the present invention have been described mainly with reference to methods, procedures and functions, corresponding embodiments of the present invention also cover respective apparatuses, network nodes, including both software and/or hardware thereof.
Respective exemplary embodiments of the present invention are described below referring to Figures 10 to 12, while for the sake of brevity reference is made to the detailed description of respective corresponding methods and operations according to Figures 1 to 9, respectively.
In Figures 10 to 12 below, the solid line blocks (as well as the dashed line blocks indicating optional blocks) are basically configured to perform the basic operations. The entirety of solid/dashed line blocks are basically configured to perform the methods and operations as described above, respectively. With respect to Figures 10 to 12, it is to be noted that the individual blocks are meant to illustrate respective functional blocks implementing a respective function, process or procedure, respectively. Such functional blocks are implementation- independent, i.e. may be implemented by means of any kind of hardware or software, respectively. The lines interconnecting individual blocks are meant to illustrate an operational coupling there-between, which on the one hand is implementation-independent (e.g. wired or wireless) and on the other hand may also comprise an arbitrary number of intermediary functional entities not shown .
Further, in Figures 10 to 12, only those functional blocks are illustrated, which relate to any one of the above-described methods, procedures and functions. A skilled person will acknowledge the presence of any other conventional functional blocks required for an operation of respective structural arrangements, such as e.g. a power supply, a central processing unit, respective memories or the like.
Moreover, in Figures 10 to 12, potential system configurations according to exemplary embodiments of the present invention are illustrated.
Figure 10 shows a schematic block diagram of an exemplary configuration of a priority service authentication server according to exemplary embodiments of the present invention. The thus depicted and described apparatus may for example be (a part of) the ETS authentication server according to any one of Figures 1 to 3 or 4 to 6.
As depicted in Figure 10, an apparatus according to exemplary embodiments of the present invention comprises a priority service processor. The priority service processor may be configured to carry out or to control a procedure according to Figure 7. Namely, the priority service processor may be configured to receive, from a priority user, a request for invoking or revoking a priority data service (e.g. a priority data transport service) for a data application in a public communication network, and to invoke or revoke the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure, as well as to carry out any one of associated operations described above. Stated in other terms, the priority service processor may represent means for receiving, from a priority user, a request for invoking or revoking a priority data service (e.g. a priority data transport service) for a data application in a public communication network, and for invoking or revoking the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure, as well as for carrying out any one of associated operations described above. The priority service processor may be connected with a transceiver and/or a database or memory storing priority service information, i.e. information needed for an invocation and/or revocation of a priority service.
The transceiver, i.e. a combined transmitter and receiver, may be connected with one or more interfaces to other apparatuses, entities, devices, or network nodes. For example, the present apparatus may be connected via respective interfaces with a priority user represented by its user equipment or mobile station MS and an AAA server, thus leading to an arrangement according to an AAA-based implementation as explained above. Alternatively, the present apparatus may be connected via respective interfaces with a priority user represented by its user equipment or mobile station MS, an AAA server and a policy control element such as e.g. PDF/PCRF, thus leading to an arrangement according to a PCC-based implementation as explained above. Accordingly, a system according to exemplary embodiments of the present invention may comprise an apparatus according to Figure 10 and one or more of MS, AAA and PDF/PCRF.
Figure 11 shows a schematic block diagram of an exemplary configuration of an authentication entity according to exemplary embodiments of the present invention. The thus depicted and described apparatus may for example be (a part of) the AAA server according to any one of Figures 1 to 3 or 4 to 6.
As depicted in Figure 11, an apparatus according to exemplary embodiments of the present invention comprises an authenticating unit and a data processor. The authenticating unit may be configured to carry out or to control a procedure according to step S801 of Figure 8. Namely, the authenticating unit may be configured to authenticate a priority user requesting an invocation or revocation of a priority data service (e.g. a priority data transport service) for a data application in a public communication network upon initiation from a priority service authentication server, as well as to carry out any one of associated operations described above. Stated in other terms, the authenticating unit may represent means for authenticating a priority user requesting an invocation or revocation of a priority data service (e.g. a priority data transport service) for a data application in a public communication network upon initiation from a priority service authentication server, as well as for carrying out any one of associated operations described above. The data processor may be configured to carry out or to control a procedure according to step S802 of Figure 8. Namely, the data processor may be configured to provide a priority status and a service profile of the priority user and an indication on an applicable service flow procedure to the priority service authentication server, as well as to carry out any one of associated operations described above. Stated in other terms, the data processor may represent means for providing a priority status and a service profile of the priority user and an indication on an applicable service flow procedure to the priority service authentication server, as well as for carrying out any one of associated operations described above. The data processor may be connected with a database or memory storing priority service information, i.e. information needed for an invocation and/or revocation of a priority service, and the authenticating unit may be connected with a transceiver.
According to exemplary embodiments of the present invention, the present apparatus may additionally comprise a priority service flow processor. The priority service flow processor may be configured to carry out or to control a procedure according to steps S803 to S806 of Figure 8. Namely, the priority service flow processor may be configured to trigger a service flow creation, deletion or modification for an invocation or revocation of a requested priority data service (e.g. a priority data transport service) in accordance with the applicable service flow procedure, as well as associated operations described above. Stated in other terms, the priority service flow processor may represent means for triggering a service flow creation or modification for an invocation of a requested priority data service (e.g. a priority data transport service) in accordance with the applicable service flow procedure, as well as for carrying out associated operations described above. The priority service flow processor may be connected with the information database or memory and the transceiver. Dependent on an underlying implementation (e.g. AAA-based or PCC-based implementation explained above) , the transceiver, i.e. a combined transmitter and receiver, may be connected with one or more interfaces to other apparatuses, entities, devices, or network nodes. For example, the present apparatus may be connected via respective interfaces with a priority authentication server denoted e.g. as ETS authentication server. Alternatively, the present apparatus may be connected via respective interfaces with a priority authentication server denoted e.g. as ETS authentication server and an (anchor) access entity such as an access service node ASN being connected with a priority user represented by its user equipment or mobile station MS. Accordingly, a system according to exemplary embodiments of the present invention may comprise an apparatus according to Figure 11 and one or more of ETS authentication server, ASN and MS.
Figure 12 shows a schematic block diagram of an exemplary configuration of a policy control entity according to exemplary embodiments of the present invention. The thus depicted and described apparatus may for example be (a part of) the PDF/PCRF element according to any one of Figures 4 to 6.
As depicted in Figure 12, an apparatus according to exemplary embodiments of the present invention comprises a priority service flow processor. The priority service flow processor may be configured to carry out or to control a procedure according to Figure 9. Namely, the priority service flow processor may be configured to trigger at least one of a service flow creation, deletion and modification for an invocation or revocation of a priority data service (e.g. a priority data transport service) for a data application of a requesting priority user in a public communication network upon initiation from a priority service authentication server, said triggering being based on a priority status and a service profile of the priority user and an applicable service flow procedure, as well as to carry out any one of associated operations described above. Stated in other terms, the priority service flow processor may represent means for triggering at least one of a service flow creation, deletion and modification for an invocation or revocation of a priority data service (e.g. a priority data transport service) for a data application of a requesting priority user in a public communication network upon initiation from a priority service authentication server, said triggering being based on a priority status and a service profile of the priority user and an applicable service flow procedure, as well as for carrying out any one of associated operations described above. The priority service flow processor may be connected with a transceiver.
The transceiver, i.e. a combined transmitter and receiver, may be connected with one or more interfaces to other apparatuses, entities, devices, or network nodes. For example, the present apparatus may be connected via respective interfaces with a priority authentication server denoted e.g. as ETS authentication server and an (anchor) access entity such as an access service node ASN being connected with a priority user represented by its user equipment or mobile station MS. Accordingly, a system according to exemplary embodiments of the present invention may comprise an apparatus according to Figure 12 and one or more of ETS authentication server, ASN and MS. Any one of the above-outlined apparatuses represents an autonomous entity according to respective embodiments of the present invention, while their interworking entirety or any conceivable combination thereof represents a system according to respective embodiments of the present invention. Such a system may for example be a (transport) network complying with IEEE 802.16 standards and/or a (transport) network complying with 3GPP LTE/SAE standards .
In general, it is to be noted that respective functional blocks or elements according to above-described aspects can be implemented by any known means, either in hardware and/or software, respectively, if it is only adapted to perform the described functions of the respective parts. The mentioned method steps can be realized in individual functional blocks or by individual devices, or one or more of the method steps can be realized in a single functional block or by a single device.
Generally, any method step is suitable to be implemented as software or by hardware without changing the idea of the present invention. Devices and means can be implemented as individual devices, but this does not exclude that they are implemented in a distributed fashion throughout the system, as long as the functionality of the device is preserved. Such and similar principles are to be considered as known to those skilled in the art.
Software in the sense of the present description comprises software code as such comprising code means for performing the respective functions, as well as software (or a computer program or a computer program product) embodied on a tangible medium such as a computer-readable storage medium having stored thereon a respective data structure or code portions or embodied in a signal or in a chip, potentially during processing thereof.
Generally, for the purpose of the present invention as described herein above, it should be noted that - an access technology may be any technology by means of which a user equipment or terminal device can access an access network (e.g. via a base station or generally an access device) . Any present or future technology, such as WLAN (Wireless Local Access Network) , WiMAX (Worldwide Interoperability for Microwave Access), BlueTooth, Infrared, and the like may be applicable; access technologies may be distinguishable in at least two categories or access domains such as packet switched and circuit switched, but the existence of more than two access domains does not impede the invention being applied thereto, - an access network may be any device, apparatus, unit or means by which a station, entity or other user equipment may connect to and/or utilize services offered by the access network; such services include, among others, data and/or (audio-) visual communication, data download etc . ; - a user equipment or terminal device may be any device, apparatus, unit or means by which a system user may experience services from an access network such as a mobile phone, personal digital assistant PDA, or computer; - method steps and functions likely to be implemented as software code portions and being run using a processor at one of the entities, a network element, or a terminal (as examples of devices, apparatuses and/or modules thereof, or as examples of entities including apparatuses and/or modules therefor) , are software code independent and can be specified using any known or future developed programming language, such as e.g. Java, C++, C, and Assembler, as long as the functionality defined by the method steps is preserved; - generally, any method step is suitable to be implemented as software or by hardware without changing the idea of the invention in terms of the functionality implemented;
- method steps, functions, and/or devices, apparatuses, units or means likely to be implemented as hardware components at a terminal or network element, or any module (s) thereof, are hardware independent and can be implemented using any known or future developed hardware technology or any hybrids of these, such as MOS (Metal Oxide Semiconductor) , CMOS (Complementary MOS) , BiMOS (Bipolar MOS), BiCMOS (Bipolar CMOS), ECL (Emitter Coupled Logic), TTL (Transistor-Transistor Logic), etc., using for example ASIC (Application Specific IC (Integrated Circuit)) components, FPGA (Field- programmable Gate Arrays) components, CPLD (Complex
Programmable Logic Device) components or DSP (Digital Signal Processor) components; in addition, any method steps and/or devices, units or means likely to be implemented as software components may for example be based on any security architecture capable e.g. of authentication, authorization, keying and/or traffic protection;
- devices, apparatuses, units or means can be implemented as individual devices, apparatuses, units or means, but this does not exclude that they are implemented in a distributed fashion throughout the system, as long as the functionality of the device, apparatus, unit or means is preserved,
- an apparatus may be represented by a semiconductor chip, a chipset, or a (hardware) module comprising such chip or chipset; this, however, does not exclude the possibility that a functionality of an apparatus or module, instead of being hardware implemented, be implemented as software in a (software) module such as a computer program or a computer program product comprising executable software code portions for execution/being run on a processor;
- a device may be regarded as an apparatus or as an assembly of more than one apparatus, whether functionally in cooperation with each other or functionally independently of each other but in a same device housing, for example.
The present invention also covers any conceivable combination of method steps and operations described above, and any conceivable combination of nodes, apparatuses, modules or elements described above, as long as the above-described concepts of methodology and structural arrangement are applicable.
There are provided measures for priority service invocation and revocation. Specifically, the present invention for example relates to the invocation and/or revocation of priority services in public communication networks (e.g. transport networks). An exemplary measure may comprise receiving, from a priority user, a request for invoking or revoking a priority data service (e.g. a priority data transport service) for a data application in a public communication network (e.g. a transport network) , and invoking or revoking the requested priority data service (e.g. a priority data transport service) on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure. From a current point of view, non-limiting examples for such priority services may include ETS in WiMAX network environments, MPS in 3GPP (LTE/SAE) network environments, or any other present or future service in any network environment, which requires a prioritization for calls, sessions or the like of certain prioritized users.
Even though the invention is described above with reference to the examples according to the accompanying drawings, it is to be understood that the invention is not restricted thereto. Rather, it is apparent to those skilled in the art that the present invention can be modified in many ways without departing from the scope of the inventive idea as disclosed herein.

Claims

Claims
1. A method comprising receiving, from a priority user, a request for invoking or revoking a priority data service for a data application in a public communication network, and invoking or revoking the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure.
2. The method according to claim 1, said invoking the requested priority data service comprising: initiating an authentication of the priority user at an authentication entity, and acquiring the priority status and the service profile of the priority user and an indication on the applicable service flow procedure from the authentication entity.
3. The method according to claim 1 or 2, said invoking the requested priority data service comprising: requesting a service flow creation or modification for the priority data service to be invoked in accordance with the applicable service flow procedure at an authentication or policy control entity.
4. The method according to claim 3, said requesting comprising : sending, to the authentication entity, a dynamic quality-of-service service creation request including an identity of the priority user.
5. The method according to claim 3, said requesting comprising: sending, to the policy control entity, an application and/or service information including the priority status and the service profile of the priority user .
6. The method according to any one of claims 1 to 5, said revoking the requested priority data service comprising: requesting a service flow deletion or modification for the priority data service to be revoked in accordance with the applicable service flow procedure at an authentication or policy control entity.
7. The method according to claim 6, said requesting comprising: sending, to the authentication entity, a dynamic quality-of-service service deletion request including an identity of the priority user.
8. The method according to claim 6, said requesting comprising: sending, to the policy control entity, an application and/or service information including the priority status and the service profile of the priority user .
9. The method according to any one of claims 1 to 8, wherein said method is operable at a priority service authentication server, wherein the priority data service is one of an emergency telecommunication service and a multimedia priority service, and wherein the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
10. An apparatus comprising a priority service processor configured to: receive, from a priority user, a request for invoking or revoking a priority data service for a data application in a public communication network, and invoke or revoke the requested priority data service on the basis of a priority status and a service profile of the priority user in accordance with an applicable service flow procedure.
11. The apparatus according to claim 10, said priority service processor, for invoking the requested priority data service, being configured to: initiate an authentication of the priority user at an authentication entity, and acquire the priority status and the service profile of the priority user and an indication on the applicable service flow procedure from the authentication entity.
12. The apparatus according to claim 10 or 11, said priority service processor, for invoking the requested priority data service, being configured to: request a service flow creation or modification for the priority data service to be invoked in accordance with the applicable service flow procedure at an authentication or policy control entity.
13. The apparatus according to claim 12, said priority service processor, for requesting said service flow creation or modification, being configured to: send, to the authentication entity, a dynamic quality-of-service service creation request including an identity of the priority user.
14. The apparatus according to claim 12, said priority service processor, for requesting said service flow creation or modification, being configured to: send, to the policy control entity, an application and/or service information including the priority status and the service profile of the priority user.
15. The apparatus according to any one of claims 10 to 14, said priority service processor, for revoking the requested priority data service, being configured to: request a service flow deletion or modification for the priority data service to be revoked in accordance with the applicable service flow procedure at an authentication or policy control entity.
16. The apparatus according to claim 15, said priority service processor, for requesting said service flow deletion or modification, being configured to: send, to the authentication entity, a dynamic quality-of-service service deletion request including an identity of the priority user.
17. The apparatus according to claim 15, said priority service processor, for requesting said service flow deletion or modification, being configured to: send, to the policy control entity, an application and/or service information including the priority status and the service profile of the priority user.
18. The apparatus according to any one of claims 10 to 17, wherein said apparatus is operable as a priority service authentication server, wherein the priority data service is one of an emergency telecommunication service and a multimedia priority service, and wherein the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
19. A computer program product comprising program code means being arranged, when run on a processor of an apparatus, to perform the method according to any one of claims 1 to 9.
20. A method comprising: authenticating a priority user requesting an invocation or revocation of a priority data service for a data application in a public communication network upon initiation from a priority service authentication server, and providing a priority status and a service profile of the priority user and an indication on an applicable service flow procedure to the priority service authentication server.
21. The method according to claim 20, comprising: triggering a service flow creation or modification for an invocation of the requested priority data service in accordance with the applicable service flow procedure.
22. The method according to claim 21, said triggering comprising: receiving, from the priority service authentication server, a dynamic quality-of-service service creation request including an identity of the priority user, and sending, to an access service node, a dynamic service flow creation or modification request including the priority status and the service profile of the priority user.
23. The method according to any one of claims 20 to 22, comprising: triggering a service flow deletion or modification for a revocation of the requested priority data service in accordance with the applicable service flow procedure.
24. The method according to claim 23, said triggering comprising: receiving, from the priority service authentication server, a dynamic quality-of-service service deletion request including an identity of the priority user, and sending, to an access service node, a dynamic service flow deletion or modification request including the priority status and the service profile of the priority user.
25. The method according to any one of claims 20 to 24, wherein said method is operable at an authentication, authorization and accounting server, wherein the priority data service is one of an emergency telecommunication service and a multimedia priority service, and wherein the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
26. An apparatus comprising: an authenticating unit configured to authenticate a priority user requesting an invocation or revocation of a priority data service for a data application in a public communication network upon initiation from a priority service authentication server, and a data processor configured to provide a priority status and a service profile of the priority user and an indication on an applicable service flow procedure to the priority service authentication server.
27. The apparatus according to claim 26, comprising a priority service flow processor being configured to: trigger a service flow creation or modification for an invocation of the requested priority data service in accordance with the applicable service flow procedure.
28. The apparatus according to claim 27, said priority service flow processor, for triggering, being configured to: receive, from the priority service authentication server, a dynamic quality-of-service service creation request including an identity of the priority user, and send, to an access service node, a dynamic service flow creation or modification request including the priority status and the service profile of the priority user .
29. The apparatus according to any one of claims 26 to 28, comprising a priority service flow processor being configured to: trigger a service flow deletion or modification for a revocation of the requested priority data service in accordance with the applicable service flow procedure.
30. The apparatus according to claim 29, said priority service flow processor, for triggering, being configured to: receive, from the priority service authentication server, a dynamic quality-of-service service deletion request including an identity of the priority user, and send, to an access service node, a dynamic service flow deletion or modification request including the priority status and the service profile of the priority user .
31. The apparatus according to any one of claims 26 to 30, wherein said apparatus is operable as an authentication, authorization and accounting server, wherein the priority data service is one of an emergency telecommunication service and a multimedia priority service, and wherein the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
32. A computer program product comprising program code means being arranged, when run on a processor of an apparatus, to perform the method according to any one of claims 20 to 25.
33. A method comprising: triggering at least one of a service flow creation, deletion and modification for an invocation or revocation of a priority data service for a data application of a requesting priority user in a public communication network upon initiation from a priority service authentication server, said triggering being based on a priority status and a service profile of the priority user and an applicable service flow procedure.
34. The method according to claim 33, said service flow creation or modification comprising: receiving, from the priority service authentication server, an application and/or service information including the priority status and the service profile of the priority user, and sending, to an access service node, a policy and charging rule provision message including the priority status and the service profile of the priority user for requesting creation or modification of an appropriate service flow.
35. The method according to claim 33 or 34, said service flow deletion or modification comprising: receiving, from the priority service authentication server, an application and/or service information including the priority status and the service profile of the priority user, and sending, to an access service node, a policy and charging rule provision message including the priority status and the service profile of the priority user for requesting deletion or modification of an appropriate service flow.
36. The method according to any one of claims 33 to 35, wherein said method is operable at a policy distribution function and/or a policy and charging rule function, wherein the priority data service is one of an emergency telecommunication service and a multimedia priority service, and wherein the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
37. An apparatus comprising: a priority service flow processor configured to trigger at least one of a service flow creation, deletion and modification for an invocation or revocation of a priority data service for a data application of a requesting priority user in a public communication network upon initiation from a priority service authentication server, said triggering being based on a priority status and a service profile of the priority user and an applicable service flow procedure.
38. The apparatus according to claim 37, said priority service flow processor, for service flow creation or modification, being configured to: receive, from the priority service authentication server, an application and/or service information including the priority status and the service profile of the priority user, and send, to an access service node, a policy and charging rule provision message including the priority status and the service profile of the priority user for requesting creation or modification of an appropriate service flow.
39. The apparatus according to claim 37 or 38, said service flow priority processor, for service flow deletion or modification, being configured to: receive, from the priority service authentication server, an application and/or service information including the priority status and the service profile of the priority user, and send, to an access service node, a policy and charging rule provision message including the priority status and the service profile of the priority user for requesting deletion or modification of an appropriate service flow.
40. The apparatus according to any one of claims 37 to 39, wherein said apparatus is operable as a policy distribution function and/or a policy and charging rule function, wherein the priority data service is one of an emergency telecommunication service and a multimedia priority service, and wherein the public communication network is one of a network complying with IEEE 802.16 standards and a network complying with 3GPP LTE/SAE standards.
41. A computer program product comprising program code means being arranged, when run on a processor of an apparatus, to perform the method according to any one of claims 33 to 36.
PCT/EP2009/054708 2009-04-21 2009-04-21 Priority service invocation and revocation WO2010121645A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2009/054708 WO2010121645A1 (en) 2009-04-21 2009-04-21 Priority service invocation and revocation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2009/054708 WO2010121645A1 (en) 2009-04-21 2009-04-21 Priority service invocation and revocation

Publications (1)

Publication Number Publication Date
WO2010121645A1 true WO2010121645A1 (en) 2010-10-28

Family

ID=41210577

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2009/054708 WO2010121645A1 (en) 2009-04-21 2009-04-21 Priority service invocation and revocation

Country Status (1)

Country Link
WO (1) WO2010121645A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013083003A1 (en) * 2011-12-08 2013-06-13 中兴通讯股份有限公司 Method and system for acquiring user priority attribute in multi-access system
US9667582B2 (en) 2013-11-04 2017-05-30 At&T Intellectual Property I, L.P. Per-session invocation of priority services based upon network available information
US10880836B2 (en) 2019-03-28 2020-12-29 At&T Intellectual Property I, L.P. Beam provisioning for sensory data collection for 5G or other next generation networks
US11026095B2 (en) 2019-07-31 2021-06-01 At&T Intellectual Property I, L.P. Real-time network provisioning for distributed virtual zones of collaborative mobile devices for 5G or other next generation network
US11064337B2 (en) 2019-03-28 2021-07-13 At&T Intellectual Property I, L.P. Beam as a service for 5G or other next generation network
US11297554B2 (en) 2019-03-28 2022-04-05 At&T Intellectual Property I, L.P. Candidate beam selection and control for 5G or other next generation network

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080175263A1 (en) * 2007-01-22 2008-07-24 Qualcomm Incorporated Assured packet data services associated with communication networks

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080175263A1 (en) * 2007-01-22 2008-07-24 Qualcomm Incorporated Assured packet data services associated with communication networks

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
NPSTC BROADBAND WORKING GROUP: "Public Saftey 700MHz Broadband Statement of Requirements Version 0.6", INTERNET CITATION, 8 November 2007 (2007-11-08), pages 1 - 53, XP002551758 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013083003A1 (en) * 2011-12-08 2013-06-13 中兴通讯股份有限公司 Method and system for acquiring user priority attribute in multi-access system
US9667582B2 (en) 2013-11-04 2017-05-30 At&T Intellectual Property I, L.P. Per-session invocation of priority services based upon network available information
US10178064B2 (en) 2013-11-04 2019-01-08 At&T Intellectual Property I, L.P. Per-session invocation of priority services based upon network available information
US11178094B2 (en) 2013-11-04 2021-11-16 At&T Intellectual Property I, L.P. Per-session invocation of priority services based upon network available information
US11606324B2 (en) 2013-11-04 2023-03-14 At&T Intellectual Property I, L.P. Per-session invocation of priority services based upon network available information
US10880836B2 (en) 2019-03-28 2020-12-29 At&T Intellectual Property I, L.P. Beam provisioning for sensory data collection for 5G or other next generation networks
US11064337B2 (en) 2019-03-28 2021-07-13 At&T Intellectual Property I, L.P. Beam as a service for 5G or other next generation network
US11297554B2 (en) 2019-03-28 2022-04-05 At&T Intellectual Property I, L.P. Candidate beam selection and control for 5G or other next generation network
US11425652B2 (en) 2019-03-28 2022-08-23 At&T Intellectual Property I, L.P. Beam provisioning for sensory data collection for 5G or other next generation networks
US11026095B2 (en) 2019-07-31 2021-06-01 At&T Intellectual Property I, L.P. Real-time network provisioning for distributed virtual zones of collaborative mobile devices for 5G or other next generation network

Similar Documents

Publication Publication Date Title
US20230139780A1 (en) Network slice authentication
JP6194024B2 (en) M2M service setting changing method and apparatus therefor
JP5588017B2 (en) Evolved packet system and emergency call attachment processing method
US20170332421A1 (en) Connecting to Virtualized Mobile Core Networks
CN110831243B (en) Method, device and system for realizing user plane security policy
US9766967B2 (en) Providing a network access failure cause value of a user equipment
CN105103497A (en) Application traffic pairing
CN109691059B (en) Method for selection of IP version, wireless communication device, and network node
EP3742812B1 (en) Device, system, and method for customizing user-defined mobile network
CN112073919A (en) Communication method and device of multicast broadcast service, electronic equipment and storage medium
WO2010121645A1 (en) Priority service invocation and revocation
EP4197136B1 (en) Policy control for redundant transmissions
US20220360670A1 (en) System and method to enable charging and policies for a ue with one or more user identities
CN113747479B (en) Method, equipment and system for acquiring network resources
CN110933709B (en) Protocol data unit session management method and communication device
WO2021037604A1 (en) Amf re-allocation solution with network slice isolation
US20220248228A1 (en) Methods and Apparatus for Device Authentication and Authorisation
JP2020506629A (en) Routing method and apparatus
US10798253B2 (en) Methods, devices, and computer programs for enabling the sponsoring of data connectivity
EP2721859B1 (en) Handling of operator connection offers in a communication network
CN111164951A (en) Service registration based on service capability requirements and preferences
US20240137447A1 (en) Access and mobility policy control
WO2023274366A1 (en) Method and apparatus for setting up session with required quality of service
US20240137366A1 (en) Systems and methods for providing prioritization for data transport services
WO2024032226A1 (en) Communication method and communication apparatus

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09779321

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09779321

Country of ref document: EP

Kind code of ref document: A1