In conventional mobile networks, a Radio Access Network (RAN) is paired with a, typically wireline based, core network. The RAN provides connections to the mobile devices, such as User Equipment (UE), through the use of network Access Points (AP) connected to the core network through a backhaul connection. In existing third fourth generation (3G/4G) mobile networks, the RAN and core network are closely interlinked. Typically the core and RAN are owned by a single entity that provides service to end users, and may offer a platform through which a Mobile Virtual Network Operator (MVNO) can provide services to its own end users.
In mobile networks, 4G networks, such as those compliant with the Long Term Evolution (LTE) standards set by the 3rd Generation Partnership Project (3GPP), a UE begins an process of attaching to the network by transmitting an Attach Request. This is request is received by an eNodeB, which then sends the request to the Mobility Management Entity which resides within the core network. Authentication of the UE, the Non-Access Stratum (NAS) Security Setup and AS Security Setup are all performed. The AS Security Setup is the only process that is carried out between the UE and RAN-based entities (in this case the eNodeB). Because network operators typically own infrastructure in the RAN, as well as the Core Network, and use these resources to provide service to end users, authentication and access control procedures, are exclusively performed in the Core Network.
It is no longer necessary for a single entity to own and administer all resources and infrastructure for providing connectivity and networking services. A Mobile Virtual Network Operator (MVNO) provides services to its subscribers using the services provided and resources of the network operator (also referred to as a service provider). Typically, the MVNO provides authentication and authorization information to the network operator, so that this information can be used in the network operator's core network when an MVNO customer connects to a network access point. Some MVNOs have relationships with more than one service provider. This allows the MVNO to take advantage of the coverage maps of multiple providers. The MVNO may be able to create a broader coverage area where the service provider maps are non-overlapping, and to allow either deeper or more redundant coverage where the service areas overlap. The usage of the service provider network for traffic flows associated with the MVNO are typically governed by a Service Level Agreements (SLAs).
As network architectures evolve, the RAN may not be associated with a single Core Network. A RAN that is used for access to a series of Core Network slices (or a single Core Network that makes use of network slicing) will effectively be associated with a number of different Core Networks. When a UE attaches, an attach procedure that so heavily relies upon access to resource in the Core Network may not be feasible. There are proposals and standard preparations (such as Network Functions Virtualization (NFV) MANagement and Orchestration architectural framework (MANO), collectively NFV-MANO as described, e.g. by the European Telecommunications Standards Institute ETSI) to facilitate a network architecture where a Service Provider (SP) can provide a virtual network (VN) as a service to its customers using virtualized infra-structure resources. In such as scenario, even the SP providing the authentication and authorization information may be within the VN, and not within a core network that is directly accessible to the RAN.
There is a need for methods to admit individual sessions which belong to a VN, or to a particular Core Network (or Core Network slice as the case may be). There is a need for a framework and a method to admit individual sessions in accordance with the requirements of either the relevant Core Network or the relevant VN, SLAs and individual session requirements.