In mobile communication systems, the nature of mobile devices creates situations where as a wireless transmit/receive unit (WTRU) moves through an area, the WTRU may encounter multiple gateways through which it could connect. These multiple gateways may use different communication architectures to connect devices and to Internet protocol (IP) access.
Some gateways may be under the control of a service to which the WTRU user subscribes. Other gateways may belong to systems that are not aware of the user but may still allow the user's WTRU to establish a connection.
As the user moves throughout the coverage areas of these gateways, it may be better for the WTRU to switch from a current communication architecture to another architecture, such as a trusted network, or a network that may be able to take advantage of more sophisticated capabilities of the WTRU. When this occurs, a handover takes place to move the access from the original network architecture to the newly detected architecture. Likewise, when a trusted network architecture's signal becomes weak, the WTRU may decide to handover to a different network architecture.
In prior handoff methodologies, the WTRU could establish connectivity with the new network architecture and abruptly sever its connection with the original network. It would be beneficial if the original network connection could be terminated in an orderly fashion when handover between network architectures occurs.
The network architecture showing the relationship between a third generation partnership project (3GPP) architecture and a non-3GPP architecture is depicted in FIG. 1. A network architecture 100 includes a 3GPP and non-3GPP system architecture, divided by a dashed line 101. Above the line 101 is 3GPP compliant architecture and below the dashed line 101 connections is a non-3GPP architecture. WTRU 103 may gain access to the 3GPP architecture through connection S2a 105, S2b 107, or S2c 109, depending on the architecture to which the WTRU 103 is connected and the relation of that architecture to the 3GPP network. If the non-3GPP architecture is a trusted non-3GPP IP connection 111, the connection to the packet data network gateway 113 is made directly through S2a 105. S2a 105 provides the user plane with related control and mobility support between trusted non 3GPP IP access and the packet data network (PDN) Gateway (GW) 113.
When the non-3GPP architecture is untrusted 115, the connection is made through an evolved Packet Data Gateway (ePDG) 117. The connection between the ePDG 117 and the PDN GW 113 is made through an S2b 109 connection. S2b 109 provides the user plane with related control and mobility support between evolved packet data gateway (ePDG 117) and the PDN GW 113.
Connection between the WTRU 103 and the PDN GW 113, while the WTRU 103 is connected to either a trusted or untrusted non-3GPP or 3GPP, may be provided through S2c 107. S2c 107 provides the user plane with related control and mobility support between a wireless transmit/receive unit (WTRU) 103 and the PDN GW 113. This reference point is implemented over trusted and/or untrusted non-3GPP access and/or 3GPP access.
An S5 connection 119 exists between the PDN GW 113 and a serving gateway 121 in the 3GPP system. S5 119 provides user plane tunneling and tunnel management between Serving GW and PDN GW. It is used for Serving GW relocation due to mobility and in case the Serving GW needs to connect to a non-collocated PDN GW for the required PDN connectivity.
An S6a interface 123 is defined between mobility management entity (MME) 125 and home subscriber server (HSS) 127 for authentication and authorization.
The point defined by S6c 129 is the reference point between PDN GW 113 in a home public land mobile network (HPLMN) and a 3GPP authentication, authorization and accounting (AAA) server 131 for mobility related authentication if needed. This reference point may also be used to retrieve and request storage of mobility parameters.
Reference point S6d (not shown) is between Serving Gateway in a visited public land mobile network (VPLMN) and a 3GPP AAA Proxy for mobility related authentication if needed. This reference point may also be used to retrieve and request storage of mobility parameters.
Connection S7 133 provides transfer of quality of service (QoS) policy and charging rules from policy and charging rules function (PCRF) 135 to policy and charging enforcement point (PCEF) (not shown).
SGi 117 is the reference point between the PDN Gateway 113 and the packet data network 139. The packet data network 139 may be an operator external public or private packet data network or an intra operator packet data network, e.g. for provision of IP multimedia subsystem (IMS) services. This reference point supports any 3GPP and non-3GPP access systems.
Wa* 141 connects the untrusted non-3GPP IP access with the 3GPP AAA server/proxy 131 and transports access authentication, authorization and charging-related information in a secure manner.
Ta* 143 connects the trusted non-3GPP IP Access 111 with the 3GPP AAA server/proxy 131 and transports access authentication, authorization, mobility parameters and charging-related information in a secure manner.
The Wm* 145 reference point is located between 3GPP AAA Server/Proxy 131 and ePDG 117 and is used for AAA signaling, (transport of mobility parameters, tunnel authentication and authorization data).
Wn* 147 is the reference point between the untrusted Non-3GPP IP Access 115 and the ePDG 117. Traffic on this interface for a initiated tunnel has to be forced towards ePDG 117.
Wx* 149 is the reference point is located between 3GPP AAA Server 131 and HSS 127 and is used for transport of authentication data.
A diagram illustrating the handover process between untrusted non-3GPP IP access using PMIPv6 to an E-UTRAN 3GPP network is depicted in FIG. 2. The WTRU 201 is initially connected to the untrusted non-3GPP access. There is an IPsec tunnel 203 between the WTRU 201 and the ePDG 205 and a PMIPv6 tunnel 207 between the ePDG and the PDN GW 209. As the WTRU 201 moves, it may switch from the untrusted non-3GPP IP access to a 3GPP architecture such as E-UTRAN. The WTRU 201 attaches to the E-UTRAN network 211. Next, the WTRU 201 performs access authorization with the mobility management entity (MME) 213. The MME 213 contacts the home subscriber server (HSS) 215 for authentication of the WTRU 201. As part of the authentication procedure, the packet data network gateway (PDN GW) 209 that will be used is conveyed to the MME 213. The MME 213 performs a location update procedure and subscriber data retrieval 214 from the HSS 215. After the MME 213 authenticates the WTRU 201, it sends a create default bearer request message 217 to the serving gateway (GW) 219. In the message 217, the MME 213 includes the WTRU's 201 identifier (NAI) and the PDN GW 209 that will be used. The serving GW 219 sends a proxy binding update (BU) message 221 to the PDN GW 209 to setup a default bearer for the WTRU 201. The proxy BU 221 includes the WTRU's 201 identifier and a request for an IP address from the PDN GW 209. The PDN GW 209 processes the proxy BU message 221 from the serving GW 219, updates the binding cache entry for the WTRU 201 and responds with a proxy binding acknowledgement 223. In the proxy binding acknowledgement (Ack) 223, the PDN GW 209 replies with the same IP address or prefix that was assigned to the WTRU 201 earlier. At that point a PMIPv6 tunnel 225 exists between the PDN GW 209 and the serving GW 219. The serving GW 219 responds to the MME 213 with the create default bearer response message 217. In this message 217, the serving GW 219 includes the IP address of the WTRU 201. An S1_U default bearer establishment procedure 227 is performed. This procedure includes a radio bearer setup 228. At the end of the handover procedure 200, there is a default bearer for the WTRU 201 that consists of E-UTRAN radio bearer 227, S1 bearer between the e Node B and the serving GW 219 and a PMIPv6 tunnel 229 between the serving GW 219 and the PDN GW 209.
FIGS. 3A and 3B are an illustration of a handover procedure over interface S2c of FIG. 1 from non-3GPP IP Access to 3GPP access. The session starts in untrusted non-3GPP access 301 using DSMIPv6 over the S2c interface. The session hands over to 3GPP access, for example, E-UTRAN 303. The WTRU 305 uses an untrusted non-3GPP access system 301. It has an IPsec/IKEv2 session with the ePDG 307 and a DSMIPv6 session with the PDN GW 309. The WTRU 305 discovers the 3GPP access system 303 and decides to handover from the currently used trusted non-3GPP 301 access system to the discovered 3GPP access system 302. The WTRU 305 sends an attach request 313 which is routed by 3GPP access system 303 to an MME 311 instance in the evolved packet core (EPC) which is not shown. The MME 311 contacts the HSS/3GPP authorization and authentication (AAA) 315 and authenticates the WTRU 305. As part of the authentication procedure, the IP address of the PDN GW 309 that will be used for 3GPP access is conveyed to the MME 311. After successful authentication, the MME 311 performs a location update procedure with HSS 315. The MME 311 selects a serving GW 317 and sends a create default bearer request message 319 to the selected PDN GW 309. The serving GW 317 may initiate the PMIPv6 registration procedure towards the PDN GW 309 by sending a Proxy Binding Update 321, such as when using Internet Engineering Task Force (IETF) based S5 interface between the PDN GW 309 and the serving GW 317. If GPRS Tunneling Protocol (GTP) is used for S5, the serving GW 307 send a create bearer request message 309 to the PDN GW 309. In IETF based S5, the PDN GW 309 responds with a proxy binding acknowledgement 327 and updates its mobility binding which effectively switches the DSMIPv6 tunnel from the non-3GPP access network to the PMIPv6 tunnel to the serving GW 307. In the proxy binding acknowledgement 327, the PDN GW 309 includes the home IP address or prefix that was assigned to the WTRU 305 earlier. For GTP-based S5, the PDN GW 309 responds with a create bearer response message 329 to the serving GW 307. The create bearer response 329 contains the home IP address or prefix that was assigned to the WTRU 305 earlier. The serving GW 317 then returns a create default bearer response message 329 to the MME 311 that includes the IP address of the WTRU 305. This message 329 also serves as an indication to the MME 311 that the binding was successful. The MME 311 sends an attach accept message 331 to the WTRU 305 through 3GPP access 303. The 3GPP access system 303 initiates radio bearer setup procedures and the 3GPP access system responds with an Attach Complete Message 331. The WTRU 305 may send a binding update 321 to the PDN GW 309 to de-register its DSMIPv6 binding 325 that was created with the WTRU 305 was in untrusted non-3GPP IP access 301. The WTRU 305 may send IKEv2 messages if necessary to tear down its system aspects (SA) with the ePDG 307.
A handover process 400 from 3GPP IP Access to untrusted non-3GPP IP access over the S2b interface is shown in FIG. 4. The WTRU 401 is connected to the 3GPP network through the serving GW 403 through a PMIPv6 Tunnel 405 to the PDN GW 407 when handover is initiated and the WTRU attaches to the non-3GPP network 411. Authentication of the WTRU 401 is done by the HSS/AAA 409 on the 3GPP system. IKEv2 authorization and tunnel setup 415 between the WTRU 401 and the ePDG 413. A proxy binding update message 417 is sent the PDN GW 407. The proxy binding Acknowledgement message 419 is returned to the ePDG 413. The IPsec tunnel setup and address configuration is performed 421 and the PMIPv6 tunnel 423 is established between the ePDG 413 and the PDN GW 407. Non-3GPP IP access is now established through an IPsec Tunnel 425 between the WTRU 401 and the ePDG 413 and a PMIPv6 tunnel 427 between the ePDG 413 and the PDN GW 407.
The handover process 500 from 3GPP IP Access to trusted/untrusted non-3GPP IP access over the S2c interface is shown in FIG. 5. The WTRU 501 is connected to the 3GPP network through the serving GW 503 through a PMIPv6 Tunnel 505 to the PDN GW 507 when handover is initiated and the WTRU attaches to the non-3GPP network 511. Authentication of the WTRU 501 is done by the HSS/AAA 509 on the 3GPP system. IKEv2 authorization and tunnel setup 515 between the WTRU 501 and the ePDG 513 when the non-3GPP network is untrusted. Alternatively, the IKEv2 authorization and tunnel setup 516 may occur between the WTRU 501 and the PDN GW 507 when the non-3GPP network is a trusted network. A proxy binding update message 517 is sent the PDN GW 507. The proxy binding Acknowledgement message 517 is returned to the ePDG 513. The IPsec tunnel setup and address configuration is performed 521 and the PMIPv6 tunnel 527 is established between the WTRU 501 and the PDN GW 507. Non-3GPP IP access is now established through an IPsec Tunnel 525 between the WTRU 501 and the ePDG 513 and a PMIPv6 tunnel 527 between the WTRU 501 and the PDN GW 507.