Third Generation (3G) Wireless Networks
3G wireless networks may interface with external networks such as the internet. Third generation (3G) wireless networks have a General Packet Radio Service (GPRS) core network that facilitates the transmission of Internet Protocol (IP) packets between the 3G wireless network and the internet. The GPRS core network may use a GPRS tunneling protocol that allows users of the 3G wireless network to be coupled to external packet switched networks (such as the Internet) while moving from one location to the other. The GPRS may include various components such as the Service GPRS Support Node (SGSN) and Gateway GPRS Support node (GGSN). The SGSN can interface with a Radio Network Controller (RNC).
The functionality of the different 3G wireless network components is known in the art and defined in various known standards. One non-limiting explanation relating to the SGSN, the RNC and the GGSN can be found in www.wikipedia.org.
Gateway GPRS Support Node (GGSN)—The Gateway GPRS Support Node (GGSN) is a main component of the GPRS network. The GGSN is responsible for the interworking between the GPRS network and external packet switched networks, like the Internet and X.25 networks. From an external network's point of view, the GGSN is a router to a sub-network, because the GGSN ‘hides’ the GPRS infrastructure from the external packet switched network. The GGSN may perform a network address translation (NAT) process which may corrupt address information about various entities of the RAN (or those which are coupled to the RAN) that participate in this exchange of information.
When the GGSN receives data addressed to a specific user, it checks if the user is active. If it is, the GGSN forwards the data to the SGSN serving the mobile user, but if the mobile user is inactive, the data is discarded. On the other hand, mobile-originated packets are routed to the right network by the GGSN. The GGSN is the anchor point that enables the mobility of the user terminal in the GPRS/UMTS networks. In essence, it carries out the role in GPRS equivalent to the Home Agent in Mobile IP. It maintains routing necessary to tunnel the Protocol Data Units (PDUs) to the SGSN that service a particular MS (Mobile Station).
The GGSN converts the GPRS packets coming from the SGSN into the appropriate packet data protocol (PDP) format (e.g., IP or X.25) and sends them out on the corresponding packet data network. In the other direction, PDP addresses of incoming data packets are converted to the GSM address of the destination user. The readdressed packets are sent to the responsible SGSN. For this purpose, the GGSN stores the current SGSN address of the user and his or her profile in its location register. The GGSN is responsible for IP address assignment and is the default router for the coupled user equipment (UE). The GGSN also performs authentication and charging functions. Other functions include subscriber screening, IP Pool management and address mapping, QoS and PDP context enforcement. With LTE scenario the GGSN functionality moves to SAE gateway (with SGSN functionality working in MME).
Serving GPRS Support Node (SGSN)—a Serving GPRS Support Node (SGSN) is responsible for the delivery of data packets from and to the mobile stations within its geographical service area. Its tasks include packet routing and transfer, mobility management (attach/detach and location management), logical link management, and authentication and charging functions. The location register of the SGSN stores location information (e.g., current cell, current VLR) and user profiles (e.g., IMSI, address or addresses) used in the packet data network) of all GPRS users registered with this SGSN components.
Radio Network Controller (RNC)—the RNC is a governing element in the UMTS radio access network (UTRAN) and is responsible for controlling the Node Bs that are coupled to it. The RNC carries out radio resource management, some of the mobility management functions and is the point where encryption is done before user data is sent to and from the mobile. The RNC connects to the Circuit Switched Core Network through Media Gateway (MGW) and to the SGSN (Serving GPRS Support Node) in the Packet Switched Core Network. The logical connections between the network elements are known as interfaces.
The interface between the RNC and the Circuit Switched Core Network (CS-CN) is called Iu-CS and between the RNC and the Packet Switched Core Network is called IuPS. Other interfaces include Iub (between the RNC and the Node B) and Iur (between RNCs in the same network). Iu interfaces carry user traffic (such as voice or data) as well as control information Iur interface is mainly needed for soft handovers involving 2 RNCs though not required as the absence of Iur will cause these handovers to become hard handovers . . . ub, Iu and Iur protocols all carry both user data and signaling (that is, control plane).
Signaling protocol responsible for the control of the Node B by the RNC is called NBAP (Node-B Application Part). NBAP is subdivided into Common and Dedicated NBAP (C-NBAP and D-NBAP), where Common NBAP controls overall Node B functionality and Dedicated NBAP controls separate cells or sectors of the Node B. NBAP is carried over Iub. In order for NBAP to handle common and dedicated procedures, it is divided into: NodeB Control Port (NCP) which handles common NBAP procedures and Communication Control Port (CCP) which handles dedicated NBAP procedures. Control plane protocol for the transport layer is called ALCAP (Access Link Control Application Protocol).
Basic functionality of ALCAP is multiplexing of different users onto one AAL2 transmission path using channel IDs (CIDs). ALCAP is carried over Iub and Iu-CS interfaces. Signaling protocol responsible for communication between RNC and the core network is called RANAP (Radio Access Network Application Part), and is carried over Iu interface. Signaling protocol responsible for communications between RNCs is called RNSAP (Radio Network Subsystem Application Part) and is carried on the Iur interface.
Forth Generation (4G) Wireless Networks
4G networks can include a RAN that in turn may include components such as the enhanced Node B (eNodeB) that is the hardware that is coupled to the mobile phone network that communicates directly with mobile handsets.
4G networks can have a System Architecture Evolution (SAE) architecture. The SAE has a flat, all-IP architecture with separation of control plane and user plane traffic (www.wikipedia.org). The main component of the SAE architecture is the Evolved Core network (EPC), also known as SAE Core. The EPC will serve as equivalent of GPRS networks (via the Mobility Management Entity, Serving Gateway and PDN Gateway subcomponents).
FIG. 1 illustrates a prior art 4G network that is coupled to the Internet 230 and to a user equipment (UE) 210. It is noted that multiple UEs are coupled to the 4G network and are arranged in cells. The prior art 4G wireless network includes eNodeB 212, ePDG (Evolved Packet Data Gateway) 216, ANDSF (Access Network Discovery and Selection Function) 214, MME (Mobility Management Entity) 218, SGW (Serving Gateway) 220, HSS (Home Subscriber Server) 222 and PGW (PDN Gateway) 224.
FIG. 1 illustrates UE 210 as being coupled to eNodeB 212 and to ePDG 216, eNodeB 212 and ePDG 216 as being coupled to SGW 220. PGW 224 as being coupled between SGW 220 and the Internet 230, and MME 218 as being coupled between HSS 222 and eNodeB 212.
MME 218 is the key control-node for the LTE access-network. It is responsible for idle mode UE (User Equipment) tracking and paging procedure including retransmissions. It is involved in the bearer activation/deactivation process and is also responsible for choosing the SGW 220 for a UE at the initial attach and at time of intra-LTE handover involving Core Network (CN) node relocation. It is responsible for authenticating the user (by interacting with the HSS).
The Non Access Stratum (NAS) signaling terminates at the MME 218 and it is also responsible for generation and allocation of temporary identities to UEs. It checks the authorization of the UE to camp on the service provider's Public Land Mobile Network (PLMN) and enforces UE roaming restrictions. The MME 218 is the termination point in the network for ciphering/integrity protection for NAS signaling and handles the security key management. Lawful interception of signaling is also supported by the MME 218. The MME 218 also provides the control plane function for mobility between LTE and 2G/3G access networks with the S3 interface terminating at the MME 218 from the SGSN. The MME 218 also terminates the S6a interface towards the home HSS 222 for roaming UEs.
SGW 220 routes and forwards user data packets, while also acting as the mobility anchor for the user plane during inter-eNodeB handovers and as the anchor for mobility between LTE and other 3GPP technologies (terminating S4 interface and relaying the traffic between 2G/3G systems and PGW 224). For idle state UEs, the SGW 220 terminates the DL data path and triggers paging when DL data arrives for the UE. It manages and stores UE contexts, e.g. parameters of the IP bearer service, network internal routing information. It also performs replication of the user traffic in case of lawful interception.
PGW 224 provides connectivity from the UE to external packet switched networks by being the point of exit and entry of traffic for the UE. The PGW 224 can perform a NAT process that corrupts address information. A UE may have simultaneous connectivity with more than one PGW 224 for accessing multiple PDNs. The PGW 224 performs policy enforcement, packet filtering for each user, charging support, lawful Interception and packet screening. Another key role of the PGW 224 is to act as the anchor for mobility between 3GPP and non-3GPP technologies such as WiMAX and 3GPP2 (CDMA 1X and EvDO).
HSS 222 is a central database that contains user-related and subscription-related information. The functions of the HSS 222 include functionalities such as mobility management, call and session establishment support, user authentication and access authorization. The HSS is based on pre-Rel-4 Home Location Register (HLR) and Authentication Center (AuC).
ANDSF 214 provides information to the UE about connectivity to 3GPP and non-3GPP access networks (such as Wi-Fi). The purpose of the ANDSF 214 is to assist the UE to discover the access networks in their vicinity and to provide rules (policies) to prioritize and manage connections to these networks.
ePDG 216—the main function of the ePDG 216 is to secure the data transmission with a UE coupled to the EPC over an untrusted non-3GPP access. For this purpose, the ePDG 216 acts as a termination node of IPsec tunnels established with the UE.
Non Access Stratum (NAS) Protocols—The non-access stratum (NAS) protocols form the highest stratum of the control plane between the user equipment (UE) and MME. NAS protocols support the mobility of the UE and the session management procedures to establish and maintain IP connectivity between the UE and a PDN GW. They define the rules for a mapping between parameters during inter-system mobility with 3G networks. They also provide the NAS security by integrity protection and ciphering of NAS signaling messages. EPS provides the subscriber with a “ready-to-use” IP connectivity and an “always-on” experience by linking between mobility management and session management procedures during the UE attach procedure
Complete NAS transactions consist of specific sequences of elementary procedures with EPS Mobility Management (EMM) and EPS Session Management (ESM) protocols.
The MME protocol stack consists of S1-MME stack to support S1-MME interface with eNodeB 212 and S11 stack to support S11 interface with Serving Gateway. MME 218 supports the S1 interface with eNodeB 212. The integrated S1 MME interface stack consists of IP, SCTP and S1AP.
SCTP (Stream Control Transmission Protocol) is a common transport protocol that uses the services of Internet Protocol (IP) to provide a reliable datagram delivery service to the adaptation modules, such as the S1AP. SCTP provides reliable and sequenced delivery on top of the existing IP framework. The main features provided by SCTP are (A) association setup: An association is a connection that is set up between two endpoints for data transfer, much like a TCP connection. A SCTP association can have multiple addresses at each end. (B) Reliable Data Delivery: Delivers sequenced data in a stream (Elimination of head-of-line blocking): SCTP ensures the sequenced delivery of data with multiple unidirectional streams, without blocking the chunks of data in other direction.
S1AP (S1 Application Part) is the signaling service between E-UTRAN and the Evolved Core network (EPC) that fulfills the S1 Interface functions such as SAE Bearer management functions, Initial context transfer function, Mobility functions for UE, Paging, Reset functionality, NAS signaling transport function, Error reporting, UE context release function, Status transfer. MME S11 Interface support MME supports S11 interface with Serving Gateway. The integrated S11 interface stack consists of IP, UDP and eGTP-C.
SGW (Serving Gateway) protocol includes: S11 control plane stack to support S11 interface with MME, S5/S8 control and data plane stacks to support S5/S8 interface with PGW, S1 data plane stack to support S1 user plane interface with eNodeB, and S4 data plane stack to support S4 user plane interface between RNC of UMTS and SGW of eNodeB.
SGW supports S11 interface with MME and S5/S8 interface with PGW. The integrated control plane stack for these interfaces consists of IP, UDP and eGTP-C.
SGW supports the S1-U interface with eNodeB and S5/S8 data plane interface with PGW. The integrated data plane stack for these interfaces consists of IP, UDP, eGTP-U.
PGW (Packet Data Network Gateway) protocols include S5/S8 control and data plane stacks to support S5/S8 interface with SGW. PGW supports S5/S8 interface with Serving Gateway. The integrated control plane stack for the S5/S8 interfaces consists of IP, UDP, eGTP-C. The integrated data plane stack for the S5/S8 interface consists of IP, UDP, eGTP-U.
There is a growing need to perform policy enforcement on packets that propagate across these networks.