KR20130100185A - A communication system - Google Patents

Abstract

The wireless communication system includes a network configured to wirelessly connect the plurality of devices via the plurality of network access modes; And the plurality of network access modes includes a WiMAX or LTE access mode, wherein the WiMAX or LTE access mode is configured for device independent authentication.

Description

Communication system {A COMMUNICATION SYSTEM}

WiMAX or LTE communication networks are used to provide "last mile" wireless broadband Internet access. However, wireless means that microwave air traffic between the device and the access point has security vulnerabilities, for example, wireless eavesdropping may be possible. Therefore, transport layer security (TLS) protocol is generally used for access authentication. However, the TLS protocol binds the device to the subscriber.

A WiMAX or LTE communication network may also provide multimedia services using servers at the back end of the network. These multimedia services generally require one or more secure logins. The user is inconvenient because he must provide at least two different logins (login for multimedia services as well as login to access WiMAX or LTE networks) to access the multimedia services. Typical multimedia backends may use the XML Configuration Access Protocol (XCAP) as a protocol for synchronizing user configuration and information between server components of the backend.

In addition to the use of WiMAX or LTE, communication networks may also be implemented using a plurality of other access modes, such as Wi-Fi or fixed line service. Each of these other access modes may generally have its own authentication and access control framework.

For communication between devices in a communication network, typically each device is uniquely associated with a phone number. If a user carries multiple devices, each of these devices will have their own unique telephone number. Thus communication links can be established by calling the originating device telephone number of the destination device. However, the preceding trend shows the proliferation of devices, where each user can have many devices associated with it. The number of telephones associated with each user increases, causing communication inconvenience.

In an embodiment, a wireless communication system is disclosed. The wireless communication system includes a network configured to wirelessly connect a plurality of devices via a plurality of network access modes, the plurality of network access modes including a WiMAX or LTE access mode, and the WiMAX or LTE access mode is device independent It is configured for device independent authentication.

Optionally, device independent authentication can include TTLS. The system may further comprise a database comprising user datasets, each user dataset configured to associate a user identity with a device independent public identity, wherein the TTLS authentication is This is done using the public ID of one of the user datasets. The system further includes an IP multimedia subsystem configured for each device to connect to a core network via a backhaul network, each user dataset associating the user ID with a private identity. And a personal ID is used to authenticate each device's connection to the core network. Each user dataset may be further configured to associate one or more devices with the user ID. The personal ID may be uniquely associated with one of the one or more devices of the user ID. The personal ID can be automatically generated by the algorithm. Optionally, an algorithm may be configured to determine the public ID of a user dataset, a type of one of the one or more devices of the user dataset, a model of one of the one or more devices of the user dataset, and another one of the one or more devices. Can be combined with an identifier selected from a group consisting of numbers that uniquely identify one of the one or more devices. Optionally, a request for a communication link to a user ID can be sent to all devices associated with that user ID. All devices associated with each user ID may be assigned a priority value. A request for a communication link to a user ID may be sent to one of the devices associated with the user ID in accordance with the priority value of the device. Each user ID may be associated with a profile page. Each profile page may include a plurality of public fields that can be viewed according to friend status with an associated user ID. Optionally, the IP multimedia subsystem may include a server configured to provide profile pages. Each profile page can be provided using a schema.

In one embodiment, a wireless communication device is disclosed. The wireless communication device includes a secure login interface configured to authenticate a user with a user ID of a communication system and a communication circuit configured to wirelessly connect through a plurality of network access modes, wherein the device includes concurrent association of a plurality of user IDs. Is received by the device for a communication link to any user IDs currently logged in the device.

Optionally, the device may further include an interface for a network-based address book stored on the remote server and accessible through the device. The device may further include an interface for a network-based address book stored at a remote server and accessible through the device. The device may also further include an interface for a network-based address book stored on a remote server and accessible through the device. The device may further comprise an interface for a locally stored address book, wherein a copy of the locally stored address book is stored on a remote server and refreshed / synchronized with the locally stored address book. . Remotely stored address books can be stored using XCAP, and SyncML can be used to play / synchronize remotely stored address books.

In one embodiment, a method of registering a wireless communication device is disclosed. A method of registering a wireless communication device includes connecting a communication device over a wireless access network, using the common public identifier and a common password associated with the common public identifier to connect the device to the multimedia subsystem. Registering, and requesting a communication link to the device according to the common public identifier and a common password.

These and other functions will be more clearly understood from the following detailed description set forth in conjunction with the accompanying drawings and the claims.

According to the present invention, a wireless communication system is provided.

For a more complete understanding of the present specification, like reference numerals refer to like parts and reference is now made to the following brief descriptions made in connection with the accompanying drawings and the description.
1 is a schematic diagram of a communication system according to an embodiment of the present disclosure.
2 is a schematic diagram of a core network of the communication system of FIG.
3 is a flowchart illustrating a method of registering a device with the communication system of FIG. 1.
4 is a flow chart illustrating a method for establishing a communication link between devices of the communication system of FIG.
5 is a schematic diagram illustrating user dataset for the communication system of FIG.

While illustrative implementations of one or more embodiments are illustrated below, it is understood from the outset that the disclosed systems and methods may be constructed using any number of techniques, whether currently known or not yet present. Should be. The present disclosure is not limited to the example embodiments, figures, and techniques illustrated below, but may be modified within the scope of the appended claims, along with the full range of equivalents of the appended claims.

As the number of devices that can provide communication services increases, users can carry multiple mobile telephones. In addition, other devices, such as digital cameras or MP3 players, or other devices, such as appliances such as refrigerators or televisions, may also require communications connectivity. Thus, each user can have wireless connectivity through multiple devices.

This disclosure thus contemplates providing convenient access to the various devices associated with each user. This can be done in a secure and device agnostic manner, and the devices can be independent of access. Each user may be associated with a single user profile that provides connectivity to all devices associated with the user via different modes of network access. For example, for Voice-over-IP (VoIP), this user profile may be associated with several telephone numbers. Calling any phone number associated with a user causes all devices associated with that user to ring. The user can then accept a call to any device that rings without additional login. This, in turn, can bring a secure and easy way to establish a communication link between users.

In certain embodiments, the association for each user with a single profile is taken in the form of a single login, and the user provides a single login to the device to have network access as well as access to the multimedia services provided by the network. do. This single login can be implemented with an enhanced level of authentication security, for example in Tunnelled Transport Layer Security (TTLS).

The conceptual association of each user with its user identifier, device and subscriber information can further enhance the concept of unified communications. Each user may be associated with one or more user IDs, for example taken in the form of telephone numbers. Each user ID may be associated with one or more devices. Each device may also be associated with multiple user IDs. In other words, certain devices may be configured to be associated with various user IDs, in which case such devices may be connectable by placing a connection with any of the various user IDs associated with the user profile.

Referring now to FIG. 1, a schematic diagram of a communication system 100 in accordance with an embodiment of the present invention is shown. The communication system 100 includes a plurality of access points 130a-130b and a plurality of network devices 120a-120g that communicate with each other using the Internet Protocol (IP). The network appliance 120a-120g can be any of a variety of devices known to those skilled in the art, for example mobile devices such as mobile phones or laptop computers, or alternatively, computer servers, desktop computers or clients. There are fixed devices such as local area networks (LANs). However, it can be expected that the network devices 120a-120g may be proprietary mobile devices having formal factors similar to the form factors of the mobile device. In addition, the access points 130a-130c may be any of various forms of wired or wireless access points known to those skilled in the art. The access points 130a-130c may be, for example, a wireless access point such as, for example, a WiMAX or LTE base station 130a, 130b or a Wi-Fi base station 130c, as shown in FIG. 1. Alternatively, other radio access modes may be used, such as High-Speed Downlink Packet Access (HSDPA), General Packet Radio Service (GPRS), or satellite connection. Optionally, the access points 130a-130c may also be a wired connection, such as, for example, Digital Subscriber Lines (DSL), telephone lines or power-line internet.

If WiMAX or LTE is used as the access mode, devices that do not have built-in WiMAX or LTE access capabilities can use WiMAX or LTE using Customer Premises Equipment (CPE) 160 or WiMAX or LTE router 162. You can expect to be able to access it. The WiMAX or LTE router 162 may share one WiMAX or LTE connection with multiple devices. In the example shown in FIG. 1, network device 120f uses CPE 160 to obtain WiMAX or LTE access, and network devices 120c-120e use a router 162 to establish a WiMAX or LTE connection. Share.

The access points 130a-130c are interconnected by the backhaul network 110. The backhaul network 110 uses the IP protocol for connection. Backhaul network 110 generally has a high connection bandwidth and may include a wired and / or wireless connection. The backhaul network 110 also connects the access points 130a-130c to the core network 150. The core network 150 consists of a network of interconnected servers that function to provide services such as, for example, user registration and authentication, call routing or multi-media services. Overall, WiMAX or LTE access points 130a and 130b and associated backhaul network 110 may be referred to as WiMAX or LTE radio access network (RAN).

Network devices 120a-120g are generally associated with subscribed users 140a-140c. In FIG. 1, network device 120b is associated with a subscribed user A 140a, network devices 120c-120e are associated with another subscribed user B 140b, and network devices 120e-120g. Is associated with a subscribed user C 140c. Thus, some devices may be associated with one or more users, for example, network device 120e is associated with both subscribed user B 140b and user C 140c.

2 shows a schematic diagram of a core network 150 of the communication system 100 of FIG. 1. The core network 150 is composed of a plurality of servers each functioning to provide a service. Those skilled in the art will appreciate that the network topology illustrated in FIG. 1 is merely illustrative and may be used with other network topologies. For example, the core network 150 may be connected to the backhaul network 110 through several spare connections. Alternatively, core network 150 may also be connected to backhaul network 110 via a single gateway.

The core network 150 includes an AAA (Authentication, Authorization and Accounting) server 210. This server is responsible for allowing devices that have authenticated network devices 120a-120g d, f and then have passed authenticated access to the communication system 100. AAA server 210 is primarily used to control access via WiMAX or LTE access points 130a and 130b. However, the common AAA server 210 can be used to control access for all other access modes in an unified manner. In the latter case, the AAA server 210 controlling access via WiMAX or LTE access points 130a and 130b is the same as controlling access via Wi-Fi access point 130c and / or other wired and wireless access points. It can be a server.

The core network 150 also includes a Content Services Gateway (CSG) server 276 and a Billing and Revenue Management (BRM) server 278. CSG server 276 and BRM server 278 work together to perform subscriber usage measurement and billing. The CSG server 276 functions as a gateway to perform actual usage measurements in accordance with operator usage and pricing. The usage measured for each subscriber is sent to the BRM server 278. The BRM server 278 then calculates and bills the subscriber the usage costs incurred by each subscriber. The CSG server 276 may be operated by a vendor such as Cisco Systems, while the BRM server 278 may be operated by a vendor such as Oracle Corporation. In this case, the CSG server 276 communicates using the GPRS Tunneling Protocol (GTP), and the BRM server 278 communicates using the diameter protocol. Since different protocols are used for servers, a bridge is implemented between the two servers to perform a bidirectional interpretation of the communication between the servers. An example of such a bridge may be Openet platform software.

Core network 150 also includes a Dynamic Host Configuration Protocol (DHCP) server 258. DHCP server 258 is responsible for assigning IP addresses to network devices 120a-120g. This is mainly done during device registration when the devices negotiate access to the communication system 100 via WiMAX or LTE. However, if one DHCP server 258 can be used to assign IP addresses across multiple access modes, it can be expected that DHCP server 258 cannot be used exclusively for WiMAX or LTE access.

The core network 150 further includes a Service Control Engine (SCE) 272 and a Home Agent (HA) 274. SCE 272 not only propagates QoS policies and settings to routers and / or switches, but also to end-to-end traffic QoS measurements between core network 105 and network devices 120a-120g. Responsible for monitoring. HA 274 provides network devices 120a-120g to allow traffic to continue to pass between the core network 150 and the network devices without interruption if the network devices are switched to different networks. It serves as a static point of contact on the core network 150 for the sake of brevity.

In addition, the core network 150 also includes an IP Multimedia Subsystem (IMS) 250 that is coupled to the backhaul network 110. IMS 250 includes a plurality of servers that together provide multimedia functions such as, but not limited to, Voice-over-IP (VoIP), Instant Messaging (IM), and Information Synchronization.

IMS 250 includes one or more Call Session Control Function (CSCF) gateways 260. CSCF gateway 260 serves as an initial point of contact for accessing network devices 120a-120g to IMS 250. There may be several CSCF gateways 260 within IMS 250 where the gateways may be configured to use different gateways with different access modes. Alternatively, IMS 250 may use one CSCF gateway 260 to ensure that all access modes use common CSCF gateway 260.

IMS 250 also includes a Home Subscriber Server (HSS) 252 that is responsible for authenticating users and authorizing access to services provided by IMS 250. The HSS 252 may have a user information database separate from the user information database of the AAA server 210. In this case, other user IDs can be used to log in to WiMAX or LTE and IMS networks.

Optionally, the databases associated with AAA server 210 and HSS server 252 may be synchronized with each other. This synchronization may be partial or total. Partial synchronization of each database may include only data fields associated with it associated with the server, while still having common data fields. For example, a database that coexists with the AAA server 210 may include data fields that specify network access control, as well as general user information, and the HSS 252 may include IMS 250 user rights (in addition to general user information). data fields related to user rights). In this case, only general user information is synchronized between the two databases. By synchronizing the database of the AAA server 210 with the HSS server 252, a common login can be used for WiMAX or LTE access and IMS access, thereby providing the advantage of a single login. Single login can require the user to enter their login ID and password only once per session. Alternatively, this single login ID may be stored on the device and used for automatic login.

IMS 250 further includes a Session Border Controller (SBC) 254 that is responsible for establishing settings and maintaining and terminating communication links between network devices 120a-120d. Examples of such communication links may be VoIP links or video conferencing links.

IMS 250 also includes an IMS server 262. The IMS server 262 is responsible for session control and, in coordination with the SBC 254, is responsible for establishing the communication link. IMS server 262 also functions as a link to functional servers 256 and / or application server 264.

IMS 250 also includes one or more function servers 256 or application servers (264). The function servers 256 provide functions for establishing and functioning communication links (eg, voice mail routing function for call forwarding or VoIP links). The application servers 264 then provide user information synchronization for multimedia services such as instant messaging, network based address book, user profile service or refreshable telephone.

IMS 250 is interconnected with other existing communication networks by the use of gateways. For example, the IMS 250 has a Multimedia Gateway (MGW) between the PSTN and the IMS 250 so that incoming links from a Public Switched Telephone Network (PSTN) d can be established with one of the network devices 120a-120g. do. In addition, IMS 250 is connected to Internet 270 by Session Border Controller (SBC) 254. The Internet 270 is external to the communication system 100, so the SBC 254 functions as a gateway between the IMS 250 and the Internet 270 for the purpose of providing voice services.

User dataset ( User dataset )

5 is a schematic diagram illustrating a user dataset 500 for the communication system of FIG. Dataset 500 includes a relationship between a user and his or her IDs, devices, and subscriber information. User B 140b is used as an example in FIG. 5. Various attributes (eg, a plurality of network devices 510, stored user IDs 520, or subscriber information 530) illustrated in FIG. 5 may vary.

In the user dataset 500 of FIG. 5, user B 140b is associated with a plurality of network devices 510 including network devices 120c-120e. User B 140b is also associated with various user IDs 520, including, for example, phone number 522 and / or user name 524. User B 140b is also associated with subscriber information 530. Subscriber information 530 may include, for example, status information 532 and / or access control rights 534. As a result, the access control right 534 may include a public ID 536, a personal ID 540, and a password 538 associated with the public ID 536 and / or personal ID 540. Public ID 536, personal ID 540, and password 538 may be used in method 300 of registering a device with communication system 100, which will be described later.

The device may also be associated with multiple user IDs. Taking network device 120e as an example, network device 120e is associated with user profiles of user B 140b and user C 140c. Thus, network device 120e is connectable using any of the user IDs associated with user profiles of user B 140b or user C 140c.

Subscriber information 530 of user B 140b may be stored in one database or, alternatively, may be stored across a plurality of other databases. In the latter case, data distribution across the database may be done according to the data type, for example state information 532 may be stored on an instant messaging server separate from access control authority 534. As a result, access control rights 534 can be stored across multiple servers, for example, public ID 536 and password 538 are stored on AAA server 210, and personal ID 540 and password ( 538 may be stored in HSS 252. Optionally, data can be partitioned into subsets of users to distribute across databases, for example, a server is implemented using a variety of geographically dispersed servers. If multiple databases are used for the storage of user profiles, there may be replication of data across multiple databases. Thus replicated data can be synchronized between databases.

The concept of user dataset 500 may allow for the integrated functioning of the components of communication system 100. In such a scenario, the subscribed user 140b, associated network devices 510, user IDs 520, subscriber information 530, user and device status information 532, and / or user and device access control There is a conceptual linkage between the rights 534. All or some of the components of the communication system 100 may commonly use the relationships included in the user dataset 500 for functions such as communication routing, status updates, access control, and the like.

device  Enrollment( Device Registrstion )

3 is a flow chart illustrating a method 300 of registering a device with the communication system 100 of FIG. The method 300 connects the network device 102c to the communication system 100 via WiMAX or LTE access point 130a and negotiates for access to the services provided by the IMS 250. Authentication for the access point 130a and IMS 250 may be performed automatically without user intervention using stored login IDs. The method 300 may be implemented without using a SIM card.

At 310, the process of registering network device 120c is initiated by network device 120c. The initiation can be done automatically, for example, when the network device 120c is powered on, or alternatively can be done manually when user B 140b selects registration with communication system 100.

At 320, network device 120c authenticates itself to AAA server 210. This is done using Phase II of the Tunnelled Transport Layer Security (TTLS) standard as Extensible Authentication Protocol (EAP). EAP-TTLS authentication is a " Request for Comments", for example, the contents of which are incorporated herein by reference. for Comments ) 5281, Network Working Group, http://tools.ietf.org/html/rfc5281 Request ”.

With EAP-TTLS authentication, the public ID and password are encrypted and sent from network device 120c to AAA server 201 via WiMAX or LTE access point 130a. The public ID is a login ID uniquely associated with user B 140b, and the password is associated with the public ID. Therefore, since EAP-TTLS is used, it may be more secure against wireless eavesdropping. It is also noted that the use of EAP-TTLS may provide the benefit of device independence, since no hardware or device dependent IDs are used.

At 330, the public ID and password are received from network device 120c by AAA server 210. The AAA server 210 searches its user information database to authenticate the public ID and password. If authentication is successful, the AAA server 210 may grant the network device 102c access to WiMAX or LTE RAN.

At 340, network device 120c is granted access to WiMAX or LTE RAN, and DHCP server 258 then assigns IP address to network device 120c. In addition, the AAA server 210 then initiates a process of usage account.

At 350, when network device 120c is provided with the IP address of CSCF gateway 260, an IMS gateway search is performed. CSCF gateway 260 serves as an initiation point of contact for network device 120c to access IMS 250. Network device 120c negotiates to access IMS 250 via CSCF gateway 260.

At 360, network device 120c negotiates to access the services provided by IMS 250. This sends a personal ID and a password associated with that personal ID to the HSS 252 via the CSCF gateway 260.

At 370, HSS server 252 receives a personal ID and password from network device 120c. HSS server 252 searches its user information database to authenticate the personal ID and password. If authentication succeeds, the HSS server 252 grants the network device 120c access to the services provided by the IMS 250 server, and sends a message to the network device 120c informing that access has been granted. Send. However, if authentication fails, the HSS 252 may inform the network device 120c that the access has been denied, in which case the network device 120c may proceed to step 360 where the network device 120c negotiates for access. You can choose to repeat.

It can be expected that each device of the communication system 100 is associated with a unique personal ID. The personal ID can be used to authenticate access to IMS 250 and thus uniquely identify the device at IMS 250. The use of a personal ID separate from the public ID may have the advantage of separating the device's ID from the user ID. Multiple devices (each device with a unique personal ID) can share a public ID across both WiMAX or LTE and IMS networks. This may occur concurrently and may still be unique in relation to the registration of different devices using the same user ID.

Personal IDs can be automatically generated using an algorithm. This may be done by IMS 250 and may be assigned to network devices 120a-120g. An example of such an algorithm may form a personal ID by adding a device suffix after the user's public ID. As a result, the device suffix may be a number that uniquely identifies the network device 120c among the devices owned by the user, and alternatively the model, manufacturer, type and / or name of the network device 120c. It may be a text string that contains. For example, in a particular embodiment, the device suffix is a four character string that represents the device category. The use of such algorithms has the advantage of being automatic and repeatable. In addition, since the personal ID is derived from the public ID, the user convenience for single login can be realized, while the user maintains separate login IDs for WiMAX or LTE access and IMS access.

Although the method 300 of registering the network device 120c has been described using separate login IDs (i.e., public ID and private ID, respectively) for WiMAX or LTE access and IMS access, a single log ID is used for WiMAX or LTE and It can be expected that it can be used for both IMS access. An example of such a single login ID may be a public ID. In this case, AAA 210 and HSS 252 may use a single user login to authenticate access and authorize, and network device 120c may send the same login ID in steps 320 and 360. . AAA 210 and HSS 252 may then perform access authentication using the same login ID at steps 330 and 370. Login data for the AAA 210 may be synchronized with the HSS 252 of the IMS. Using similar user logins for both WiMAX or LTE and IMS access can enable the concept of a single login and bring advantages for user convenience, while still separating the WiMAX or LTE access mode from the IMS system. have.

Certain devices may be configured to be associated with more than one user. As an example, network device 120e is shown in FIG. 1 as being associated with both user B 140b and user C 140c. In this case, the network device 120e may perform device registration twice (ie, once for user B 140b and once for user C 140c). Two user profiles for user B and user C may then be activated simultaneously at network device 120e. Optionally, an association of user B 140b and user C 140c with network device 120e may be made in the user information database of AAA server 210 and HSS server 252. In this case, only a single session can be activated, and network device 120d is associated with both users 140b and 140c. Therefore, device registration can be performed only once.

Certain users may also be associated with multiple devices. As an example, user B 140b is shown in FIG. 1 as being associated with three network devices 120c-120e. In this case, each of the network devices 120c-120e performs device registration with the AAA server 210 and the HSS server 252. However, network devices 120c-120e can be associated with user B 140b in both user information databases, thus providing a public public ID and password for authentication at AAA server 210 and HSS server 252. Can be used.

The network devices 120c-120e owned by the user B 140b may use the same login information, but the network devices 120c-120e may be authenticated and registered in the system 100 at the same time. Thus, for example, not only can the mobile router and all three devices access the system 100 at the same time, but also the user B 140b can have a laptop, a mobile phone. Since several devices of a user can access the system 100 at the same time, it can be expected that the user's first device can establish a communication link with a second device of the same user. For example, for user B 140b, device 120c may be a mobile phone and may establish a VoIP call with device 102, which may be a home phone.

The method 300 of registering the network device 120c may be further extended for use in registering the network device 120c for access via another access mode (eg, Wi-Fi access point 130c). . If an access mode other than WiMAX or LTE is used, finding 350 the IMS gateway will not be done. In this case, network device 120c may access the CSCF gateway 260 using a fixed IP address. CSCF gateway 260 for an access mode other than WiMAX or LTE may be configured differently than accessing using WiMAX or LTE.

The method 300 also registers a single network device 120c for access via multiple simultaneous access modes (single connection for simultaneous connection via both WiMAX or LTE access point 130a and Wi-Fi access point 130c). By registering the network device 120c).

Link settings ( Link Establishment )

4 is a flowchart illustrating a method 400 of establishing a communication link between devices of the communication system 100 of FIG. By way of example, the method 400 includes the originating user A 140a of the communication system 100 from the originating network device 120b of the destination user B 140b of the network device 120c-120e. It is described using a communication link set to). Before the link establishment is initiated, the network device 120b and the network devices 120c-120e are registered with the AAA server 210 and the HSS server 252.

The establishment of a link between two users allows for direct communication between users. For example, services such as VoIP, video conferencing, Short Messaging Service (SMS) or instant messaging can be done between users via the link. The IMS 250 may be expected to be accessed independently, so the access mode (eg, WiMAX or LTE, WiFi, etc.) may be independent of call control or link establishment methods.

At 410, link establishment is initiated by originating user A 140a of network device 120b, which link is directed to destination user B 140b. This can be done, for example, when user A 140a dials a telephone number uniquely associated with user B 140b at originating network device 120b.

Alternatively, instead of dialing the telephone number, user A 140a may initiate the connection by entering a user ID uniquely associated with user B 140b or selecting from an electronic address book. When link establishment is initiated, originating network device 120b sends a link establishment message to SBC 254. This message includes a destination user identifier that identifies user B 140b as the link destination. The destination user identifier may be, for example, the telephone number of user B or the user ID of user B. Link establishment messages may be sent using signal processing protocols known in the art (eg, Session Initiation Protocol (SIP)), which may request for " comment request 3261, network working group, http: // tools. ietf.org/html/rfc3261 ", the contents of which are incorporated herein by reference.

The destination user B 140b may have several destination user identifiers associated with several phone numbers, for example, if user B 140b has multiple phone numbers. In this case, user A 140a is one of the destination user identifiers for user B 140b because several destination user identifiers are all associated with user B 140b and therefore also with network devices 120c-120e. Any can be used to establish a link with the network devices 120c-120e of user B 140b.

In a line with the access independent nature of IMS 250, the originating device may be a telephone in a PSTN network, for example. In this case, the voice call can be established between the PSTN originating telephone and the network devices 120c-120e belonging to the destination user B 140b by dialing a general telephone number in the originating telephone. Calls from the originating phone are routed through the PSTN network and arrive at the MGW server 266 of the IMS 250. This call is then routed to the IMS server 262 to resolve in the same way as in subsequent steps 420-450.

At 420, SBC 254 forwards the link establishment message to IMS server 262. IMS server 262 resolves the destination user identifier. IMS server 262 includes a record of the states of network device 120c associated with user B 140b. Using the status records, IMS server 262 determines whether any of network devices 120c-120e are registered with communication system 100. If one or more network devices 120c-120e are registered, the IMS server 262 provides the SBC 254 with IP addresses of registered network devices of the destination user B. If no network devices 120c-120e are registered, the HSS 252 then informs the SBC 254 of that fact.

At 430, IMS server 262 optionally interacts with function server 256 for additional services. The function server 256 may be implemented as a single server that provides several additional services, or may be implemented as a collection of servers, each providing additional services. Examples of such additional services are call forwarding or voice mail routing.

The call forwarding service allows a link to user B 140b to be forwarded to another user (eg, user C 140c.) In this case, function server 256 is to IMS server 262, and the link is a user. Informing the user C 140c from B 140b, the IMS server 262 parses the destination user identifier for user C 140c instead.

The voice mail routing service allows the link to user B 140b to be terminated by the voice mail recording service. In this case, IMS server 262 terminates the link establishment, and user A 140a is given the opportunity to leave a voice mail recording for user B 140b.

At 440, SBC 254 sends a link establishment message to each of network devices 102c-120e associated with destination user B 140b. SBC 254 may not transmit a message to unregistered devices. For example, this can happen when the device is powered off or in airplane mode. If none of the network devices 120c-120e are registered with the system 100, the SBC 254 may inform the originating network device 120b of that fact. Messages sent from SBC 254 to each of network devices 120c-120e may be processed using a signaling protocol such as SIP.

Upon receipt of the message from SBC 254, the incoming link establishment may be indicated by ringing network devices 120c-120e, respectively. In other words, if there are several registered devices associated with user B 140b, all of the registered devices may ring. Optionally, the network devices 120c-120e can be configured to automatically accept the incoming link. If there are one or more network devices 120c-120e registered in the communication system 100, a hierarchy may be used to determine which of the registered devices should automatically accept the incoming link. This layer may be implemented, for example, in the IMS server 262 or, alternatively, may be implemented in the SBC server 254. An example of a hierarchy may be a Q-value system. The Q-value system can give priority to network devices 120c-120e of user B 140b by assigning a Q-value to each device. The Q-value represents the priority of the device. The lower the Q-value, the higher the priority of the device. In this case, the link establishment message is first sent to the device with the lowest Q-value and then to the device with the highest Q-value in order. If there are two devices with similar Q-values, they can have the same priority. Thus, when there are several devices with Q-values when the link is directed to a priority level, all devices with Q-values receive the link establishment message at the same time.

At 450, destination user B 140b accepts the incoming link establishment at one of the network devices 120c-120e. As an example, user B 140b may accept an incoming link at network device 120c. When this happens, a bearer path is established between the originating network device 120b of user A 140a and the network device 120c of user B 140b. Originating network device 120b may then communicate directly with the destination device to exclude other devices associated with user A or user B. Thus, if the incoming link setup has been accepted at device 120c, other devices associated with user B (eg, network device 120b or 120e) may not be able to hear the communication between network devices 120b and 120c. If the incoming link setup also includes a message to be sent (eg, an SMS or IM message), the message can be received and displayed at all network devices 120c-120e.

If the device is configured to be associated with one or more users, the device rings when any user is selected as the link destination. As an example, the network device 120e shown in FIG. 1 is associated with both user B 140b and user C 140c. Thus, network device 120e may be configured to notify or accept the connection when a communication link arriving at network device 120e is directed to either user B 140b or user C 140c.

If the originating device is a device in the PSTN network, a link is established between the originating device and the device on which user B 140b has accepted the incoming link. The link is established through an MGW server 266 that converts between PSTN phone traffic and VoIP traffic.

If the signaling protocol used is based on Internet Protocol (IP) (eg, SIP), and one of the originating network devices 120b and / or destination network devices 120c-120e resides on the internet 270 SIP packets can be prevented from reaching IMS 250. This is because a firewall running on IP network 268 can filter IP packets originating from the Internet 270.

In such a situation, a network address translation (NAT) search may be performed at routers (ie, routers of users) connecting network devices 120b-120e to the Internet 270. This allows SIP packets to reach IMS 250 while the firewall is active. Similarly, NAT discovery may also be performed in the opposite direction at SBC 254. This allows SIP packets originating from IMS 250 to bypass any firewalls that may be activated at users' routers.

Also, although the specification refers to servers (eg, SBC 254, function server 256, IMS server 262 as a single server), the SBC 254, function server 256 or IMS server 262 is referred to. ) Can optionally be implemented as multiple servers each. Having multiple servers for each function allows the servers to be geographically distributed and to provide services to a wider area.

Quality of service ( QoS )

QoS of WiMAX or LTE access in system 100 is maintained at IMS 250 by prioritizing traffic and reserving bandwidth. Traffic packets are prioritized based on the time urgency of the application. The urgency is determined using the Differentiated Services Code Point (DSCP) field present in the header of each packet. For example, traffic from applications such as VoIP or live video may use DSCP field codes that give higher priority than web page traffic. Network routers and / or switches between the originating and destination network devices route each packet based on the DSCP field; VoIP or live video traffic packets are routed before web page traffic packets because they are considered more time sensitive. Since web page traffic is considered less time sensitive, it is routed on a "best-effort" basis.

Bandwidth reservation is used in conjunction with traffic prioritization to ensure QoS for certain classes of traffic. This is accomplished by ensuring that for each time interval, the minimum number of packets belonging to the higher priority class before sending packets of the lower priority class. In other words, the higher priority class has a minimum bandwidth threshold. Such a bandwidth reservation scheme may be adaptive in that the threshold for the class of traffic may rise or fall depending on overall bandwidth utilization. Bandwidth reservation is implemented by the SCE 272. SCE 272 is responsible for monitoring QoS measures of end-to-end traffic as well as propagating QoS policies and settings to routers and / or switches. . If Wi-Fi is used in the access mode, QoS may be achieved by establishing a VPN tunnel between HA 274 and network devices 120c-120e. In the case of a connection between first and second network devices of network devices 120c-102e, VPN tunnels are maintained between HA 274 and each of the first and second network devices. Similar to what has been described above for WiMAX or LTE, traffic packets traveling through this tunnel are prioritized based on the time priority of the application and bandwidth reservation is performed.

Network Devices 120a-120g

Example embodiments of network devices 120a-120g are described next. By allowing a wide range of devices to work with the system 100, users can easily select the device of the most convenient form factor for their work. For example, a user who wants to send an SMS can choose to send an SMS using a WiMAX or LTE capable laptop, thereby taking advantage of the laptop's full-size keyboard.

WiMAX  or LTE  Mobile phones

The network devices 120a-120g may include a WiMAX or LTE capable mobile telephone. Such a mobile phone may incorporate WiMAX or LTE access, or WiMAX or LTE access may be utilized by pairing a mobile phone with a WiMAX or LTE access device as described later.

Such a mobile phone does not have a Subscriber Identity Module (SIM) card in the mobile phone and registers with the communication system 100 using the method 300. Subscriber information, including the public ID and password used for authentication at 320, is stored in the mobile phone (eg, in onboard memory). To register a mobile phone with the system 100, a user enters a password and a public ID associated with his account into the mobile phone. Account portability may then be achieved by allowing public IDs and passwords to be stored and used throughout other mobile phones and network devices 120a-120g.

Since mobile phones no longer rely on physical SIM cards for subscriber information, account mobility can be more conveniently achieved; A single user account can be used across multiple mobile phones without the need for additional SIM cards.

In addition, WiMAX or LTE capable mobile telephones may also take the form of embedded devices. In this case, services such as VoIP, IM or SMS, for example, can access a mobile phone in an “as is” manner without the user having to actively run and maintain a client program. For example, incoming and outgoing VoIP functions can be used continuously on a mobile phone without the user having to actively maintain a VoIP client program running in the foreground. In this case, the user can thus experience smooth access to services with the complexity of the underlying technology hidden from the user.

In addition, the WiMAX or LTE capable mobile telephone may be a "refreshable" device. A "playable" device is a device that separates the user ID from the device, thus allowing any user to simply take over the "playable" device by logging in to the "playable" device. As soon as the user logs into the "playable" device, the user can then use the device as if it were his personal device.

A "playable" mobile telephone can be virtually proprietary and can be configured to protect sensitive user specific data. This can be done by making a fully reproducible " reproducible " mobile phone, i.e. all sensitive personal specific data is resynchronized to the network and deleted from the mobile phone as soon as the user logs out of the phone. This may also be done by hiding sensitive user specific data within the mobile phone, for example using encryption technology or operating system access rights. In addition, sensitive user data may also be hidden in "playable" mobile phones by using the concept of "guest" and "owner" accounts. "Guest" accounts may have lower access rights than "owner" accounts, and as a result may not be able to view or access data belonging to the "owner" account. In this configuration, a "playable" mobile phone may still require a user login, but the phone recognizes a particular user as an "owner" account, and other users become "guest" accounts.

Personal computer

Network devices 120a-120g may also include a personal computer. Such computers may have built-in WiMAX or LTE functionality. Alternatively, WiMAX or LTE access may be achieved by pairing the computer with a WiMAX or LTE access device as described below. In addition to WiMAX or LTE, computers can also have access to Wi-Fi or wired Internet.

The computer gains access to services such as VoIP, SMS, or IM provided by IMS 250 by executing a client program. Such client program may be web based and may be hosted on an application server 264. IMS 250 is connected to Internet 270 by IP network 268, and if this computer is used outside of system 100, this computer still accesses IMS 250 by Internet 270. can do. In this case, an IMS access negotiation (ie, step 360 of method 300) is performed between the computer and the CSCF gateway 260.

Thus, it can be expected that IMS 250 and its services are generally accessible everywhere over the Internet, so that by using a PC, VoIP roaming outside the system 100 may be possible over the entire Internet. Can be. This allows the user to save money because the user no longer needs to subscribe to the mobile carrier's roaming service to stay in touch abroad.

WiMAX  or LTE  access device

If the network devices 120a-120g do not have WiMAX or LTE access capability, the network devices 120a-120g take the form of, for example, WiMAX or LTE CPE 160 or WiMAX router 162. WiMAX or LTE access can be obtained using a WiMAX or LTE access device. This case is illustrated in FIG. 1, where, according to FIG. 1, network device 120f is paired with CPE 160 to obtain WiMAX or LTE access, and network devices 120c-120e are WiMAX or LTE. Share the WiMAX or LTE connection through router 162.

When the CPE 160 is used as an access device, the host device (i.e., network device 120f) is a wired or wireless pairing standard known in the art (e.g., Universal Serial Bus (USB), wired Ethernet connection, WiFi). Or Bluetooth) with the access device. By using widely available pairing standards, the access device can be used with a wide range of host devices. For example, using Wi-Fi, a user can pair their laptop with a WiMAX or LTE access device to gain Internet access on the laptop, and then the same WiMAX or LTE access device can use the VoIP feature on the tablet device. It can also be paired with a tablet device to acquire.

The WiMAX or LTE CPE 160 can store subscriber authentication and login information in its onboard memory, so that the network devices 120f do not need to run a client program to gain access to the WiMAX or LTE RAN. . The CPE 160 may be configured to perform automatic authentication to automatically detect the presence of WiMAX or LTE services and log in to the RAN when the CPE 160 is powered up. Thus, the user can seamlessly experience WiMAX or LTE connectivity with the complexity of the negotiation for hidden access.

WiMAX or LTE CPE 160 may also function as a VoIP Analogue Terminal Adapter (ATA). In this case, the WiMAX or LTE CPE 160 may convert between VoIP traffic and analog telephone signals. The WiMAX or LTE CPE 160 may establish a telephone connection via the WiMAX or LTE RAN by transmitting and receiving VoIP phone traffic between itself and the IMS 250. VoIP traffic is then converted from the CPE 160 to an analog PSTN telephone signal or from an analog PSTN telephone signal. CPE 160 has a telephone jack (eg, RJ11 standard jack) for plugging a PSTN telephone. The PSTN phone can be used to receive or initiate telephone calls.

WiMAX or LTE router 162 may also be used to share a single WiMAX or LTE connection among multiple network devices 120c-120e. In this case, the WiMAX or LTE router 162 independently registers itself with the WiMAX or LTE RAN and authenticates itself. As in the case of WiMAX or LTE CPE 160, the subscriber's authentication and login information may be stored in onboard memory. Each of the network devices 120c-120e individually establishes a connection with the router 162, and then a WiMAX or LTE connection is shared with each of the network devices 120c-120e via the router 162. The connection between the router 162 and each network device 120c-120e may be wired (eg, using USB or IEEE 802.3 wired Ethernet) or wireless (eg, using Wi-Fi or Bluetooth). It is also contemplated that the WiMAX or LTE router 162 may include all / arbitrary functionality of the WiMAX or LTE CPE 160 described above.

Network-based services

The communication system 100 of FIG. 1 may also be configured to provide network-based services by providing servers that provide services at the IMS 250 of the core network 150.

As an example, the core network 150 shown in FIG. 2 may be configured to provide a network-based address book (NAB) service running on an application server (AS) 264. The NAB service enables synchronization of address book data for a user across multiple devices. When modifications are made in the address book of a device belonging to a user, this modification is propagated across all other devices belonging to that user. Thus, taking FIG. 1 as an example, when the modification is made in the address book in the network device 120b of the user B 140b, the modification is propagated to the network devices 120a-120. Such modifications to an address book can be, for example, modifications to an address book entry, entry deletion, or addition of a new entry.

The NAB service may use SyncML to synchronize data between devices and AS 264. SyncML is a standard defined by the Open Mobile Alliance (OMA) and is an open standard. The use of SyncML may thus have the strength of interoperability between service providers, network access providers and / or equipment vendors, thus contributing to the advantages of access and device independence.

Another service that may be provided is a service that has a profile page for each user of IMS 250. Profile pages may allow social networking between users. Such profile pages may be provided from AS 264, for example, as HTML web pages in a presentation or layout controlled by a schema. The AS 264 providing the profile pages may be one of the same or different servers as the server for the NAB service.

The profile page may include selected information about the user. This information can be divided into sharable public and private fields. An example of a sharable public field may be the user's online state, and the personal field may be the user's subscription account number. The concepts of "friends" and "non-friends" can be used to control who can see the public fields of the user, while the "friends" of the user can see the public fields of the user, while "non-friends" You may not be able to see your public fields. The user may then have the ability to make another user a "friend" through the user interface of the profile pages.

The profile page also contains public status information indicating the status of the user (eg, whether the user is registered with the communication system 100 or whether the user is recorded in one of the services provided by the IMS 250). It may further include. The AS 264 may obtain user status information directly from an application server that provides instant message services, or alternatively may also obtain this information from the HSS 252 and / or the AAA server 210.

The user's profile page can also be expected to function as a social network page. The profile page may include, for example, an electronic bulletin board or "wall" that allows the user to publish information about him or her. Such information may be, for example, multimedia such as pictures or videos, and may include information about the status and location of the user. "Month" also allows other users to post comments about the user's public information. Access to this "month" can be controlled by the "friend" status of other users.

Providing a profile page for each user can also facilitate their address book population. In such a scenario, one person may fill in his or her address book by visiting other users' user profiles, for example, adding contact information of other users to his or her address book by clicking a button. These address book entries may exist as a reference to the profile pages if any user's address needs to be modified, and the modified contact information may be automatically updated in the address book entry. In addition to easily filling the address book, one can expect that contact list information can be incorporated into the address book, in which case the contact information is imported from the third party service (eg Yahoo) into the address book. . This is done, for example, using a client program running on a PC.

In addition to profile pages, each user of communication system 100 may have a configuration page associated with his or her account. This configuration page may take the form of a web page or may be a user interface provided by a client program running on the device. The configuration page allows the user to set his own user settings (eg, information protection settings) or call handling and routing settings. Information protection settings not only control whether or not to list their contact details in the directory service, but also control the amount of personal information that users place on their profile pages.

Call handling or routing setup may include instructions on how incoming calls should be handled. These routing commands can take the form of the Q-value hierarchy described above, and the user can set how his calls should be routed by modifying the Q-values associated with his devices. In addition, call handling commands may set, for example, when rejecting incoming calls from a particular originating telephone number or when incoming calls are automatically received after ringing a predetermined number of times. When set or modified in the configuration page, call handling or routing settings are propagated to the application server 264 of the IMS 250, which is responsible for providing the individual function server 256 or associated services.

While various embodiments are provided herein, it is to be understood that the disclosed systems and methods may be embodied in many other specific forms without departing from the spirit or scope of the disclosure. The examples are to be considered as illustrative and not restrictive, and the intention is not to be limited to the details described herein. For example, various elements or components may be combined or integrated in other systems, or certain functions may be omitted or not implemented.

In addition, the techniques, systems, subsystems, and methods described and illustrated as separate or separate in the various embodiments may be combined with other systems, modules, techniques, or methods without departing from the scope of this specification. It can be combined or integrated. Other items shown or described as being directly connected or communicating with each other may be indirectly connected or communicating via an interface, device or intermediate component, indirectly, electrically, mechanically, or otherwise. Other examples of modifications, substitutions, and substitutions may be identified by one skilled in the art and may be made without departing from the spirit and scope described herein.

For example, as understood by a person skilled in the art, a “server” referred to in this description may be a single server computer or may include several server computers. In the latter case, various server computers may function as server clusters, or may act as distributed servers. It will further be appreciated that several "servers" each providing different services may be arranged to run on a single server computer.

WiMAX and LTE are examples of 4G, and the present invention is also intended to cover other variations of 4G (eg, HSPA +). 4G networks are recognized under the ITU-R organization and are specified in the IMT-Advanced standard. For example, 4G networks in general may be characterized by techniques such as OFDMA, MIMO, dynamic channel allocation and / or channel-dependent scheduling.

Claims (20)

A network configured to wirelessly connect the plurality of devices via the plurality of network access modes; And
Wherein the plurality of network access modes comprises a WiMAX or LTE access mode, and wherein the WiMAX or LTE access mode is configured for device independent authentication. The method according to claim 1,
The device independent authentication comprises TTLS. The method according to claim 2,
Further comprising a database comprising user datasets, each user dataset configured to associate a user identity with a device independent public identity; And
The TTLS authentication is performed using a public ID of one of the user datasets. The method according to claim 3,
Each device further comprising an IP multimedia subsystem configured to connect to a core network via a backhaul network; And
Each user dataset is further configured to associate the user ID with a personal ID, wherein the personal ID is used to authenticate each device's connection to the core network. The method of claim 4,
Each user dataset is further configured to associate one or more devices with the user ID. The method according to claim 5,
And the personal ID is uniquely associated with one of the one or more devices of a user ID. The method of claim 6,
And the personal ID is automatically generated by an algorithm. The method of claim 7,
The algorithm uses the public ID of the user dataset,
A type of one of the one or more devices of the user dataset;
A model of one of the one or more devices of the user dataset; And
And combine with an identifier selected from the group consisting of numbers that uniquely identify one of the one or more devices from another one of the one or more devices. The method according to any one of claims 1 to 8,
A request for a communication link to a user ID is sent to all devices associated with that user ID. The method according to claim 9,
All devices associated with each user ID are assigned a priority value. The method of claim 10,
The request for a communication link to a user ID is sent to one of the devices associated with the user ID in accordance with the priority value of the device. The method according to any one of claims 1 to 11,
Each user ID is associated with a profile page. The method of claim 12,
Wherein each profile page includes a plurality of public fields that are viewable according to friend status having the associated user ID. The method of claim 13, wherein when dependent on claim 4,
The IP multimedia subsystem includes a server configured to provide the profile pages. 15. The system of claim 14 wherein each profile page is provided using a schema. Communication circuitry configured to wirelessly connect via a plurality of network access modes; And
A secure login interface configured to authenticate a user with a user ID of a communication system,
The device is configured to allow concurrent association of a plurality of user IDs,
And a request for communication link to any user IDs currently logged in the device is received by the device. 18. The method of claim 16,
And an interface for a network-based address book stored on a remote server and accessible through the wireless communication device. 18. The method of claim 16,
Further includes an interface for a locally stored address book,
And a copy of the locally stored address book is stored on a remote server to refresh / synchronize with the locally stored address book. 19. The method of claim 18,
The remotely stored address book is stored using XCAP,
And the SyncML is used to play / synchronize a remotely stored address book. A method of registering a wireless communication device,
Connecting the communication device via a radio access network;
Registering the device with the multimedia subsystem using a common public identifier and a common password associated with the common public identifier; And
Requesting a communication link to the device according to the common public identifier and a common password.

Images