RADIUS (Remote Authentication Dial In User Service) is a protocol used to authenticate remote users logging in to a network and is used as the way to authenticate users in a GPRS-system. In case the RADIUS-server provides the subscriber with a dynamic IP-address to use, a RADIUS accounting-server marks the address as used and freed.
The GPRS (General Packet Radio Service) offers a high-speed, packet-switched, mobile datacommunication network, where the subscribers can connect themselves to an external network from a mobile terminal. The GPRS system consists mainly of two nodes. One of them, the Gateway GPRS Support Node (GGSN), is an example node where this invention may be implemented.
The subscribers need an IP (Internet Protocol)-address to route packets to and from the external network. This IP-address can be provided by a RADIUS-server, in which case a unique identifier must be provided to relate the subscriber to this IP-address. The identifier is described as attribute Acct-Session-Id in IETF RFC 2139 (April 1997) “RADIUS Accounting”. Due to the nature of a GPRS system, a subscriber will with a high degree of probability be connected to an external network for a long time, allocating the IP-address for an equally long period of time.
The RADIUS accounting server is requested to start an accounting session when the RADIUS client sends an accounting start request towards the RADIUS accounting server. This is done to mark the IP-address as used by the subscriber in the RADIUS accounting server. The RADIUS client in the accounting start request must give an accounting identifier, and the same accounting identifier is sent in an accounting stop request to stop the accounting and release the IP-address. The accounting identifier must be generated for each subscriber’ connection receiving an IP-address from the RADIUS server, and it must be guaranteed to be unique for each connection.
The GPRS-system can be connected to several external networks, and all the networks may use the same RADIUS server. The different networks may also contain the same range of IP-addresses (private address-space), and hence the RADIUS server must be able to give out the same IP-address to subscribers belonging to the different external networks.
The accounting identifier is usually made from the time in the system acting as a client (usually an NAS) towards the RADIUS server. Other solutions are one or several counters that are incremented for each new accounting session and/or for each restart of the system. It is also known that some implementations use process identifiers as a part of the accounting identifier.
But these approaches require system resources to create and maintain the generation of the accounting identifiers. Getting the system-time does not require any storage, but may be inaccurate or inefficient in the case of a large number of simultaneous requests for the system-time. Having counters to be incremented uses system memory and computational time to recalculate the values and requires some algorithm to avoid two subscribers getting the same value of the counter. The counter must also be large enough to generate enough identifiers for all the possible subscribers. These values are not predictable and are usually based on a statistical distribution to assure uniqueness; hence they can not be guaranteed to be absolutely unique.
An object of the invention is to overcome these problems by providing unique accounting identifiers using any new system resources other than those already available.