The present invention relates to radio telecommunication systems. More particularly, and not by way of limitation, the present invention is directed to a method, device, and node for controlling a packet flow from a User Equipment (UE) in a radio telecommunication system.
Today, several actors are involved in managing the software and hardware of a UE, such as a mobile telephone or other communication device in a wireless communication system. The software can be applications, services, and modules, including the operating system stored in and used by the UE. The UE's manufacturer typically installs a collection of software in the UE at the time the device is manufactured. Later, an end user may modify the UE's software by downloading to the UE, applications and the like from different sources via, for example, the Internet. The UE's manufacturer, the operator of the communication system to which the UE is subscribed or in which the UE is visiting, and/or an authorized third party, depending on business agreements, may also remotely modify part or all of the UE's software.
After such modifications and in other instances, the UE may behave improperly. From a system operator's point of view, for example, improper behavior may include the UE's diminishing the capacity of the communication system by increasing the number of control or other messages exchanged with the system. Improper UE behavior can arise in a number of ways, such as unexpected interactions between software modules in the UE, malicious software modules, and the like. A user might download a malicious or malformed application such as a Java application, which interacts with the network-protocol stack through open Application Programming Interfaces (APIs) in the UE. As a result, the UE may repeatedly send service requests to an operator's network.
Techniques for dealing with improper UE behavior by disabling services to a UE have been discussed in standardization organizations such as the Third Generation Partnership Project (3GPP). The 3GPP promulgates specifications for the GSM telecommunications system and its enhancements such as Enhanced Data Rates for GSM Evolution (EDGE), the universal mobile telecommunications system (UMTS), the Long Term Evolution (LTE) access network, and systems employing wideband code-division multiple access (WCDMA).
The Third Generation Partnership Project Technical Specification, 3GPP TS 24.305, describes procedures for managing settings of the UE for remotely disabling selected UE capabilities, used over a 3GPP access, i.e., a circuit-switched (CS) and packet-switched (PS) domain over GERAN/UTRAN radio access.
The Open Mobile Alliance (OMA) has developed specifications for Device Management (DM) of communication devices, and versions 1.1.2 and 1.2 of those specifications define a protocol for managing configuration, data, and settings in communication devices. OMA standards and other information are publicly available through the OMA organization. OMA DM can be used to manage the configuration and Management Objects (MOs) of UEs from the point of view of different DM Authorities, including setting initial configuration information in UEs, subsequently updating persistent information in UEs, retrieving management information from UEs, and processing events and alarms generated by UEs. An MO is generally a software object that may be written, for example, according to SyncML, which is a mark-up language specification of an XML-based representation protocol, synchronization protocol, and DM protocol, transport bindings for the protocols, and a device description framework for DM. Using OMA DM, third parties can configure UEs on behalf of end users. A third party, such as a network operator, service provider, and corporate information management department can remotely set UE parameters and install or upgrade software through suitable MOs in the UE.
The Evolved Packet System (EPS) has been defined since 3GPP release-8 as a system for mobile communication using packet data over an evolved GPRS network. The core network is an evolved UMTS packet core network and the radio access network may be an evolved UTRAN (E-UTRAN), a non-3GPP access network (for example WLAN), or a combination of both. The 3GPP Technical Specifications, 3GPP TS 23.401 and 3GPP TS 24.301, describe the GPRS enhancements for E-UTRAN access.
To stay registered in the EPS, an EPS bearer must be retained, as otherwise the EPS mobility procedures will be rejected by the EPS network, as described in 3GPP TS 23.401. Also, as described in 3GPP TS 24.305, the OMA DM server controlling the Selective Disabling of a 3GPP UE Capabilities Management Object (SDoUE MO) needs to be able to push down updates of the MO to the UE. The push of MO updates using SMS cannot always be assumed to be available unless both the UE and the network support SMS using CS Fallback capabilities described in 3GPP TS 23.272, and even then a PS access is required to be open. Thus, the MO update may need to be sent over the PS access. Therefore, the PS access open in the UE needs to be accessible by the OMA DM server. Consequently, an EPS bearer towards a Packet Data Network (PDN) needs to be retained until the software in the UE has been updated. This may imply a risk of flooding the network with malicious traffic if the UE has been hacked.