1. Field of the Invention
The invention relates to telecommunications. In particular, the invention relates to providing a fixed access point for a terminal device communicating with a packet data network via a mobile access system.
2. Description of the Related Art
In recent years mobile access systems, i.e. systems which allow mobile access to packet switched data communication networks or packet data networks, have emerged. The access provided by mobile access systems is typically, although not necessarily, wireless. Wireless Local Area Network (WLAN or Wireless LAN) is an example of a mobile access system. A Wireless LAN allows a mobile user to connect to a packet data network through a wireless connection. A standard, IEEE 802.11, specifies the technologies for Wireless LANs.
Another example of a mobile access system is General Packet Radio Service (GPRS). GPRS also allows packet data transmission for mobile communication networks. GPRS is designed to support e.g. digital mobile telecommunication networks based on the Global System for Mobile Communications (GSM) standard. However, GPRS is not restricted to only GSM networks but supports also for example 3rd Generation Partnership Project (3GPP) based digital mobile telecommunication networks, or 3GPP systems for short.
Since the packet data networks typically utilize Internet Protocol (IP), Mobile Internet Protocol (Mobile IP) is typically utilized to provide mobility. Mobile IP is an extension to Internet Protocol aimed to provide mobility support for Internet Protocol. Using Mobile IP allows a terminal device to move from one link to another without changing its IP address (as seen by the layers above Internet Protocol) and yet be reachable by other terminal devices. Mobile IP is being developed by IETF (Internet Engineering Task Force) and full specifications may be obtained e.g. from http://www.ietf.org.
Mobile IP basically implements a forwarding system. When a mobile terminal device, or mobile node, is on its ‘home’ network, it functions normally. When it moves to a different network, data packets are forwarded from its home network to its new location. This allows normal hosts and routers that do not implement Mobile IP to continue to operate as if the mobile node had not moved. The router on the home network that is responsible for catching data packets intended for the mobile node and forwarding them to the mobile node when it is moving is called a home agent. The mobile node is assigned a permanent or semi-permanent IP address called a home address. When the mobile node is moving, it is also assigned a new, temporary address called a care-of address. The mobile node, being away from home, informs its home agent of its current care-of address with a process called registration after which the home agent will be able to forward the data packets addressed to the home address of the mobile node on to the care-of address of the mobile node.
Mobile access systems interface with packet data networks via access points. In other words, the access point is a network entity providing an interface via which a mobile access system may access a packet data network. For example, in the case of General Packet Radio Service, a network node called a Gateway GPRS Support Node (GGSN) typically comprises one or more access points serving as interfaces to external IP networks such as the Internet, other mobile service providers' GPRS services, or enterprise intranets. In the case of Wireless LAN, a network node called Packet Data Gateway (PDG) typically comprises one or more access points serving as interfaces to packet data networks. In the case of GPRS, the interface is referred to as Gi interface, whereas in the case of Wireless LAN, the interface is referred to as Wi interface. It should be noted that the term ‘access point’ is sometimes used in prior art, particularly in relation to Wireless LAN, to refer to a base station to which a mobile terminal device connects over a radio link. However, herein the term ‘access point’ is strictly used to refer to the above described network entity providing an interface via which a mobile access system may access a packet data network.
A current object on the field of telecommunications is to enable interworking between various mobile access systems, such as between GPRS systems and Wireless LANs so that e.g. resources and services within a GPRS system may be accessed by Wireless LAN users and vice versa. As part of this object, it is intended to integrate access points associated with various mobile access systems into one network node. For example, it is intended to implement the functionalities of a Gateway GPRS Support Node, a Packet Data Gateway and a home agent in one network node.
However, while the integration of the functionalities of the Gateway GPRS Support Node, the Packet Data Gateway and the home agent into one network node facilitates interworking between various mobile access systems, it also creates further problems of its own.
One of these problems relates to handovers between GPRS and WLAN not being seamless. This problem is illustrated in FIGS. 1a-1b. FIGS. 1a-1b disclose a packet data network 101, a first gateway 102, a second gateway 103, a GPRS mobile access system 104, a WLAN mobile access system 105, a terminal device 106, a first home agent 107, a first WLAN access point 108, a first GPRS access point 109, a second home agent 110, a second WLAN access point 111 and a second GPRS access point 112. FIG. 1a illustrates a situation before a handover, whereas FIG. 1b illustrates the situation after the handover. As illustrated by arrow 113 in FIG. 1a, the terminal device 106 has GPRS access to the packet data network 101 via the GPRS mobile access system 104 and the first GPRS access point 109 at the first gateway 102. Furthermore, the terminal device 106 has registered itself with the first home agent 107 at the first gateway 102. Therefore, all the IP traffic to and from the terminal device 106 will be routed via the first home agent 107 at the first gateway 102, as illustrated by arrow 113.
A need may arise for the terminal device 106 to switch its mobile access from GPRS to WLAN. For example, the terminal device 106 may move to an area where GPRS reception is unacceptably poor but where WLAN reception is acceptable. The problem with prior art in such a situation is the randomness of the selection of the subsequent access point. When the terminal device 106 wants to create a WLAN or GPRS connection, it uses an Access Point Name (APN) to specify to which external packet data network it requires to establish a connection. In the example of FIGS. 1a-1b, the terminal device 106 uses an Access Point Name specifying the packet data network 101. When, as is often the case in real life implementations, there are multiple suitable access points corresponding to the specified Access Point Name, a Domain Name System server selects one of the multiple suitable access points. The selection by the Domain Name System server is typically random, due to e.g. load balancing issues. The Domain Name System server may utilize e.g. round robin in selecting the access point.
Therefore, in our example, the second WLAN access point 111 at the second gateway 103 will be selected by chance during the handover from GPRS to WLAN. Yet, at the same time, the IP traffic will still need to be routed via the first home agent 107 at the first gateway 102 since that is the home agent the terminal device 106 registered itself with. The result is illustrated in FIG. 1b. All the IP traffic to and from the terminal device 106 will be routed via both the second gateway 103 and the first gateway 102, as illustrated by arrow 114.
Obviously, in order to optimize routing it would have been desirable to be able to specifically select the first WLAN access point 108 which is located in the same gateway 102 as the home agent 107 used. However, due to the random nature of the prior art access point selection by the Domain Name System server, this is not possible. As a result, Mobile IP based handover between GPRS and WLAN is not seamless.
Yet another problem associated with prior art relates to isolating mobile terminal devices infected with viruses and other malicious software. As the mobile terminal devices are getting more software capabilities, they are also becoming more vulnerable to viruses. If a network can detect a misbehaving mobile terminal device, it should be able to either disconnect the terminal device from the network or it should be able to make sure that the misbehaving terminal device is not causing any additional damage to other terminal devices and network elements. In the latter case, one way is to use a dedicated gateway for infected terminals to provide quarantined access to services. However, since in prior art the Domain Name System server randomly selects the gateway, the terminal device access cannot be anchored to any dedicated gateway.
Therefore, the object of the present invention is to alleviate the problems described above and to introduce a mechanism that allows providing a fixed access point for a terminal device.