Field of the Invention
The present invention relates to mobile communication.
Related Art
In 3GPP in which technical standards for mobile communication systems are established, in order to handle 4th generation communication and several related forums and new technologies, research on Long Term Evolution/System Architecture Evolution (LTE/SAE) technology has started as part of efforts to optimize and improve the performance of 3GPP technologies from the end of the year 2004.
SAE that has been performed based on 3GPP SA WG2 is research regarding network technology that aims to determine the structure of a network and to support mobility between heterogeneous networks in line with an LTE task of a 3GPP TSG RAN and is one of recent important standardization issues of 3GPP. SAE is a task for developing a 3GPP system into a system that supports various radio access technologies based on an IP, and the task has been carried out for the purpose of an optimized packet-based system which minimizes transmission delay with a more improved data transmission capability.
An Evolved Packet System (EPS) higher level reference model defined in 3GPP SA WG2 includes a non-roaming case and roaming cases having various scenarios, and for details therefor, reference can be made to 3GPP standard documents TS 23.401 and TS 23.402. A network configuration of FIG. 1 has been briefly reconfigured from the EPS higher level reference model.
FIG. 1 shows the configuration of an evolved mobile communication network.
An Evolved Packet Core (EPC) may include various elements. FIG. 1 illustrates a Serving Gateway (S-GW) 52, a Packet Data Network Gateway (PDN GW) 53, a Mobility Management Entity (MME) 51, a Serving General Packet Radio Service (GPRS) Supporting Node (SGSN), and an enhanced Packet Data Gateway (ePDG) that correspond to some of the various elements.
The S-GW 52 is an element that operates at a boundary point between a Radio Access Network (RAN) and a core network and has a function of maintaining a data path between an eNodeB 22 and the PDN GW 53. Furthermore, if a terminal (or User Equipment (UE) moves in a region in which service is provided by the eNodeB 22, the S-GW 52 plays a role of a local mobility anchor point. That is, for mobility within an E-UTRAN (i.e., a Universal Mobile Telecommunications System (Evolved-UMTS) Terrestrial Radio Access Network defined after 3GPP release-8), packets can be routed through the S-GW 52. Furthermore, the S-GW 52 may play a role of an anchor point for mobility with another 3GPP network (i.e., a RAN defined prior to 3GPP release-8, for example, a UTRAN or Global System for Mobile communication (GSM) (GERAN)/Enhanced Data rates for Global Evolution (EDGE) Radio Access Network).
The PDN GW (or P-GW) 53 corresponds to the termination point of a data interface toward a packet data network. The PDN GW 53 can support policy enforcement features, packet filtering, charging support, etc. Furthermore, the PDN GW (or P-GW) 53 can play a role of an anchor point for mobility management with a 3GPP network and a non-3GPP network (e.g., an unreliable network, such as an Interworking Wireless Local Area Network (I-WLAN), a Code Division Multiple Access (CDMA) network, or a reliable network, such as WiMax).
In the network configuration of FIG. 1, the S-GW 52 and the PDN GW 53 have been illustrated as being separate gateways, but the two gateways may be implemented in accordance with a single gateway configuration option.
The MME 51 is an element for performing the access of a terminal to a network connection and signaling and control functions for supporting the allocation, tracking, paging, roaming, handover, etc. of network resources. The MME 51 controls control plane functions related to subscribers and session management. The MME 51 manages numerous eNodeBs 22 and performs conventional signaling for selecting a gateway for handover to another 2G/3G networks. Furthermore, the MME 51 performs functions, such as security procedures, terminal-to-network session handling, and idle terminal location management.
The SGSN handles all packet data, such as a user's mobility management and authentication for different access 3GPP networks (e.g., a GPRS network and an UTRAN/GERAN).
The ePDG plays a role of a security node for an unreliable non-3GPP network (e.g., an I-WLAN and a Wi-Fi hotspot).
As described with reference to FIG. 1, a terminal (or UE) having an IP capability can access an IP service network (e.g., IMS), provided by a service provider (i.e., an operator), via various elements within an EPC based on non-3GPP access as well as based on 3GPP access.
Furthermore, FIG. 1 shows various reference points (e.g., S1-U and S1-MME). In a 3GPP system, a conceptual link that connects two functions that are present in the different function entities of an E-UTRAN and an EPC is called a reference point. Table 1 below defines reference points shown in FIG. 1. In addition to the reference points shown in the example of Table 1, various reference points may be present depending on a network configuration.
TABLE 1REFERENCEPOINTDESCRIPTIONS1-MMEA reference point for a control plane protocol between the E-UTRAN and the MMES1-UA reference point between the E-UTRAN and the S-GW for path switching between eNodeBs during handover and user plane tunneling per bearerS3A reference point between the MME and the SGSN that provides the exchange of pieces of user and bearer information for mobility between 3GPP access networks in idle and/or activation state. This reference point can be used intra-PLMN or inter-PLMN (e.g. in the case of inter-PLMN HO).S4A reference point between the SGW and the SGSN that provides related control and mobility support between the 3GPP anchor functions of a GPRS core and the S-GW. Furthermore, if a direct tunnel is not established, the reference point provides user plane tunneling.S5A reference point that provides user plane tunneling and tunnel management between the S-GW and the PDN GW. The reference point is used for S-GW relocation due to UE mobility and if the S-GW needs to connect to a non-collocated PDN GW for required PDN connectivityS11A reference point between the MME and the S-GWSGiA reference point between the PDN GW and the PDN. The PDN may be a public or private PDN external to an operator or may be an intra-operator PDN, e.g., for the providing of IMS services. This reference point corresponds to Gi for 3GPP access.
Among the reference points shown in FIG. 1, S2a and S2b correspond to non-3GPP interfaces. S2a is a reference point providing the user plane with related control and mobility support between a PDN GW and a reliable non-3GPP access. S2b is a reference point providing the user plane with mobility support and related control between a PDN GW and an ePDG.
FIG. 2 is an exemplary diagram showing the architecture of a common E-UTRAN and a common EPC.
As shown in FIG. 2, the eNodeB 20 can perform functions, such as routing to a gateway while RRC connection is activated, the scheduling and transmission of a paging message, the scheduling and transmission of a broadcast channel (BCH), the dynamic allocation of resources to UE in uplink and downlink, a configuration and providing for the measurement of the eNodeB 20, control of a radio bearer, radio admission control, and connection mobility control. The EPC can perform functions, such as the generation of paging, the management of an LTE_IDLE state, the ciphering of a user plane, control of an EPS bearer, the ciphering of NAS signaling, and integrity protection.
FIG. 3 is an exemplary diagram showing the structure of a radio interface protocol in a control plane between UE and an eNodeB, and FIG. 4 is another exemplary diagram showing the structure of a radio interface protocol in a control plane between UE and an eNodeB.
The radio interface protocol is based on a 3GPP radio access network standard. The radio interface protocol includes a physical layer, a data link layer, and a network layer horizontally, and it is divided into a user plane for the transmission of information and a control plane for the transfer of a control signal (or signaling).
The protocol layers may be classified into a first layer (L1), a second layer (L2), and a third layer (L3) based on three lower layers of the Open System Interconnection (OSI) reference model that is widely known in communication systems.
The layers of the radio protocol of the control plane shown in FIG. 3 and the radio protocol in the user plane of FIG. 4 are described below.
The physical layer PHY, that is, the first layer, provides information transfer service using physical channels. The PHY layer is connected to a Medium Access Control (MAC) layer placed in a higher layer through a transport channel, and data is transferred between the MAC layer and the PHY layer through the transport channel. Furthermore, data is transferred between different PHY layers, that is, PHY layers on the sender side and the receiver side, through the PHY layer.
A physical channel is made up of multiple subframes on a time axis and multiple subcarriers on a frequency axis. Here, one subframe is made up of a plurality of symbols and a plurality of subcarriers on the time axis. One subframe is made up of a plurality of resource blocks, and one resource block is made up of a plurality of symbols and a plurality of subcarriers. A Transmission Time Interval (TTI), that is, a unit time during which data is transmitted, is 1 ms corresponding to one subframe.
In accordance with 3GPP LTE, physical channels that are present in the physical layer of the sender side and the receiver side can be divided into a Physical Downlink Shared Channel (PDSCH) and a Physical Uplink Shared Channel (PUSCH), that is, data channels, and a Physical Downlink Control Channel (PDCCH), a Physical Control Format Indicator Channel (PCFICH), a Physical Hybrid-ARQ Indicator Channel (PHICH), and a Physical Uplink Control Channel (PUCCH), that is, control channels.
A PCFICH that is transmitted in the first OFDM symbol of a subframe carries a Control Format Indicator (CFI) regarding the number of OFDM symbols (i.e., the size of a control region) used to send control channels within the subframe. A wireless device first receives a CFI on a PCFICH and then monitors PDCCHs.
Unlike a PDCCH, a PCFICH is transmitted through the fixed PCFICH resources of a subframe without using blind decoding.
A PHICH carries positive-acknowledgement (ACK)/negative-acknowledgement (NACK) signals for an uplink (UL) Hybrid Automatic Repeat reQuest (HARQ). ACK/NACK signals for UL data on a PUSCH that is transmitted by a wireless device are transmitted on a PHICH.
A Physical Broadcast Channel (PBCH) is transmitted in four former OFDM symbols of the second slot of the first subframe of a radio frame. The PBCH carries system information that is essential for a wireless device to communicate with an eNodeB, and system information transmitted through a PBCH is called a Master Information Block (MIB). In contrast, system information transmitted on a PDSCH indicated by a PDCCH is called a System Information Block (SIB).
A PDCCH can carry the resource allocation and transport format of a downlink-shared channel (DL-SCH), information about the resource allocation of an uplink shared channel (UL-SCH), paging information for a PCH, system information for a DL-SCH, the resource allocation of an upper layer control message transmitted on a PDSCH, such as a random access response, a set of transmit power control commands for pieces of UE within a specific UE group, and the activation of a Voice over Internet Protocol (VoIP). A plurality of PDCCHs can be transmitted within the control region, and UE can monitor a plurality of PDCCHs. A PDCCH is transmitted on one Control Channel Element (CCE) or an aggregation of multiple contiguous CCEs. A CCE is a logical allocation unit used to provide a PDCCH with a coding rate according to the state of a radio channel A CCE corresponds to a plurality of resource element groups. The format of a PDCCH and the number of bits of a possible PDCCH are determined by a relationship between the number of CCEs and a coding rate provided by CCEs.
Control information transmitted through a PDCCH is called Downlink Control Information (DCI). DCI can include the resource allocation of a PDSCH (also called a downlink (DL) grant)), the resource allocation of a PUSCH (also called an uplink (UL) grant), a set of transmit power control commands for pieces of UE within a specific UE group, and/or the activation of a Voice over Internet Protocol (VoIP).
Several layers are present in the second layer. First, a Medium Access Control (MAC) layer functions to map various logical channels to various transport channels and also plays a role of logical channel multiplexing for mapping multiple logical channels to one transport channel. The MAC layer is connected to a Radio Link Control (RLC) layer, that is, a higher layer, through a logical channel. The logical channel is basically divided into a control channel through which information of the control plane is transmitted and a traffic channel through which information of the user plane is transmitted depending on the type of transmitted information.
The RLC layer of the second layer functions to control a data size that is suitable for sending, by a lower layer, data received from a higher layer in a radio section by segmenting and concatenating the data. Furthermore, in order to guarantee various types of QoS required by radio bearers, the RLC layer provides three types of operation modes: a Transparent Mode (TM), an Un-acknowledged Mode (UM), and an Acknowledged Mode (AM). In particular, AM RLC performs a retransmission function through an Automatic Repeat and Request (ARQ) function for reliable data transmission.
The Packet Data Convergence Protocol (PDCP) layer of the second layer performs a header compression function for reducing the size of an IP packet header containing control information that is relatively large in size and unnecessary in order to efficiently send an IP packet, such as IPv4 or IPv6, in a radio section having a small bandwidth when sending the IP packet. Accordingly, transmission efficiency of the radio section can be increased because only essential information is transmitted in the header part of data. Furthermore, in an LTE system, the PDCP layer also performs a security function. The security function includes ciphering for preventing the interception of data by a third party and integrity protection for preventing the manipulation of data by a third party.
A Radio Resource Control (RRC) layer at the highest place of the third layer is defined only in the control plane and is responsible for control of logical channels, transport channels, and physical channels in relation to the configuration, re-configuration, and release of Radio Bearers (RBs). Here, the RB means service provided by the second layer in order to transfer data between UE and an E-UTRAN.
If an RRC connection is present between the RRC layer of UE and the RRC layer of a wireless network, the UE is in an RRC_CONNECTED state. If not, the UE is in an RRC_IDLE state.
An RRC state and an RRC connection method of UE are described below. The RRC state means whether or not the RRC layer of UE has been logically connected to the RRC layer of an E-UTRAN. If the RRC layer of UE is logically connected to the RRC layer of an E-UTRAN, it is called the RRC_CONNECTED state. If the RRC layer of UE is not logically connected to the RRC layer of an E-UTRAN, it is called the RRC_IDLE state. Since UE in the RRC_CONNECTED state has an RRC connection, an E-UTRAN can check the existence of the UE in a cell unit, and thus control the UE effectively. In contrast, if UE is in the RRC_IDLE state, an E-UTRAN cannot check the existence of the UE, and a core network is managed in a Tracking Area (TA) unit, that is, an area unit greater than a cell. That is, only the existence of UE in the RRC_IDLE state is checked in an area unit greater than a cell. In such a case, the UE needs to shift to the RRC_CONNECTED state in order to be provided with common mobile communication service, such as voice or data. Each TA is classified through Tracking Area Identity (TAI). UE can configure TAI through Tracking Area Code (TAC), that is, information broadcasted by a cell.
When a user first turns on the power of UE, the UE first searches for a proper cell, establishes an RRC connection in the corresponding cell, and registers information about the UE with a core network. Thereafter, the UE stays in the RRC_IDLE state. The UE in the RRC_IDLE state (re)selects a cell if necessary and checks system information or paging information. This process is called camp on. When the UE in the RRC_IDLE state needs to establish an RRC connection, the UE establishes an RRC connection with the RRC layer of an E-UTRAN through an RRC connection procedure and shifts to the RRC_CONNECTED state. A case where the UE in the RRC_IDLE state needs to establish with an RRC connection includes multiple cases. The multiple cases may include, for example, a case where UL data needs to be transmitted for a reason, such as a call attempt made by a user and a case where a response message needs to be transmitted in response to a paging message received from an E-UTRAN.
A Non-Access Stratum (NAS) layer placed over the RRC layer performs functions, such as session management and mobility management.
The NAS layer shown in FIG. 3 is described in detail below.
Evolved Session Management (ESM) belonging to the NAS layer performs functions, such as the management of default bearers and the management of dedicated bearers, and ESM is responsible for control that is necessary for UE to use PS service from a network. Default bearer resources are characterized in that they are allocated by a network when UE first accesses a specific Packet Data Network (PDN) or accesses a network. Here, the network allocates an IP address available for UE so that the UE can use data service and the QoS of a default bearer. LTE supports two types of bearers: a bearer having Guaranteed Bit Rate (GBR) QoS characteristic that guarantees a specific bandwidth for the transmission and reception of data and a non-GBR bearer having the best effort QoS characteristic without guaranteeing a bandwidth. A default bearer is assigned a non-GBR bearer, and a dedicated bearer may be assigned a bearer having a GBR or non-GBR QoS characteristic.
In a network, a bearer assigned to UE is called an Evolved Packet Service (EPS) bearer. When assigning an EPS bearer, a network assigns one ID. This is called an EPS bearer ID. One EPS bearer has QoS characteristics of a Maximum Bit Rate (MBR) and a Guaranteed Bit Rate (GBR) or an Aggregated Maximum Bit Rate (AMBR).
Meanwhile, in FIG. 3, the RRC layer, the RLC layer, the MAC layer, and the PHY layer placed under the NAS layer are also collectively called an Access Stratum (AS).
FIG. 5a is a flowchart illustrating a random access process in 3GPP LTE.
The random access process is used for UE 10 to obtain UL synchronization with a base station, that is, an eNodeB 20, or to be assigned UL radio resources.
The UE 10 receives a root index and a physical random access channel (PRACH) configuration index from the eNodeB 20. 64 candidate random access preambles defined by a Zadoff-Chu (ZC) sequence are present in each cell. The root index is a logical index that is used for the UE to generate the 64 candidate random access preambles.
The transmission of a random access preamble is limited to specific time and frequency resources in each cell. The PRACH configuration index indicates a specific subframe on which a random access preamble can be transmitted and a preamble format.
The UE 10 sends a randomly selected random access preamble to the eNodeB 20. Here, the UE 10 selects one of the 64 candidate random access preambles. Furthermore, the UE selects a subframe corresponding to the PRACH configuration index. The UE 10 sends the selected random access preamble in the selected subframe.
The eNodeB 20 that has received the random access preamble sends a Random Access Response (RAR) to the UE 10. The random access response is detected in two steps. First, the UE 10 detects a PDCCH masked with a random access-RNTI (RA-RNTI). The UE 10 receives a random access response within a Medium Access Control (MAC) Protocol Data Unit (PDU) on a PDSCH that is indicated by the detected PDCCH.
FIG. 5b illustrates a connection process in a radio resource control (RRC) layer.
FIG. 5b shows an RRC state depending on whether there is an RRC connection. The RRC state denotes whether the entity of the RRC layer of UE 10 is in logical connection with the entity of the RRC layer of eNodeB 20, and if yes, it is referred to as RRC connected state, and if no as RRC idle state.
In the connected state, UE 10 has an RRC connection, and thus, the E-UTRAN may grasp the presence of the UE on a cell basis and may thus effectively control UE 10. In contrast, UE 10 in the idle state cannot grasp eNodeB 20 and is managed by a core network on the basis of a tracking area that is larger than a cell. The tracking area is a set of cells. That is, UE 10 in the idle state is grasped for its presence only on a larger area basis, and the UE should switch to the connected state to receive a typical mobile communication service such as voice or data service.
When the user turns on UE 10, UE 10 searches for a proper cell and stays in idle state in the cell. UE 10, when required, establishes an RRC connection with the RRC layer of eNodeB 20 through an RRC connection procedure and transits to the RRC connected state.
There are a number of situations where the UE staying in the idle state needs to establish an RRC connection, for example, when the user attempts to call or when uplink data transmission is needed, or when transmitting a message responsive to reception of a paging message from the EUTRAN.
In order for the idle UE 10 to be RRC connected with eNodeB 20, UE 10 needs to perform the RRC connection procedure as described above. The RRC connection procedure generally comes with the process in which UE 10 transmits an RRC connection request message to eNodeB 20, the process in which eNodeB 20 transmits an RRC connection setup message to UE 10, and the process in which UE 10 transmits an RRC connection setup complete message to eNodeB 20. The processes are described in further detail with reference to FIG. 6.
1) The idle UE 10, when attempting to establish an RRC connection, e.g., for attempting to call or transmit data or responding to paging from eNodeB 20, sends an RRC connection request message to eNodeB 20.
2) When receiving the RRC connection message from UE 10, eNodeB 20 accepts the RRC connection request from UE 10 if there are enough radio resources, and eNodeB 20 sends a response message, RRC connection setup message, to UE 10.
3) When receiving the RRC connection setup message, UE 10 transmits an RRC connection setup complete message to eNodeB 20. If UE 10 successfully transmits the RRC connection setup message, UE 10 happens to establish an RRC connection with eNodeB 20 and switches to the RRC connected state.
Meanwhile, it becomes legal to monitor communications between terrorists in order to deter Islamic State (IS) terror threats in recent times. Accordingly, countries request Lawful Interception (LI) from telecommunications providers. Therefore, upon a request for LI from a state agency, a telecommunications provider may monitor communications of a specific user. Here, monitoring needs to be fully performed not only on communications of a subscriber to the telecommunications provider but also on communications of a roaming user from another telecommunications provider.
However, when a user roams a visitor-based network and performs communications via a wireless local area network (that is, Wi-Fi), it is impossible to monitor the user.
Therefore, it is necessary to present a technique for legally monitoring communications between terrorists.