Prior art in which a mobile communication network provides a private leased line connection capability between external networks and mobile terminals includes GPRS (General Packet Radio Service), which is a mobile communication technology prescribed by the ETSI (European Telecommunications Standards Institute) and 3GPP (Third-Generation Partnership Project). GPRS both supports movement of terminals and provides private leased line connection capabilities for connecting mobile terminals to specific external networks.
In addition, a mobile control technology that has been developed by IETF (Internet Engineering Task Force) includes Mobile IP (RFC2002) and a private network technology that includes IPSEC. A combination of these technologies supports the movement of terminals and can realize private leased line connections between mobile terminals and external networks.
Still further, technology proposals exist for using a virtual private network technology in a core network of a mobile communication network for connecting mobile terminals to external networks, one example being disclosed in http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/itsolutions/network/deploy/depovq/ieee802.asp.
However, the above-described technology has various problems as described hereinbelow.
In the above-described GPRS, tunnels are set between mobile terminals and the gateways with external networks, and all communication is realized by way of these tunnels. When communication is implemented between mobile terminals, packets transmitted by the mobile terminals are transmitted to the gateways with the external networks by way of the tunnels, and then again returned to the mobile terminals of the communication partners from the gateways with the external networks by way of the tunnels.
As a result, the technology of the prior art suffers from such problems as the considerable delay of the packets and the poor efficiency of circuit use due to wasted bandwidth within the mobile communication network.
In addition, there is also the problem of wasted bandwidth within the network and the poor efficiency of circuit use when implementing multicast communication to a plurality of mobile terminals, because the multicast packets are copied and transmitted for each tunnel of a mobile terminal at the gateway with an external network.
On the other hand, in the case of an IP based mobile communication network that employs Mobile IP and IPSEC, it is assumed that the mobile network and external networks are the IP network. The movement of terminals in this flat IP network is supported by Mobile IP. To further provide a private leased line connection capability, gateways are arranged between the mobile communication network and external networks, and tunnels are set between mobile terminals and the gateways by means of IPSEC.
Thus, when a private leased line connection capability is offered in an IP based mobile communication network that uses Mobile IP and IPSEC, all packets are exchanged by way of tunnels, and the same problems therefore occur in this configuration as occur in GPRS.
As a different configuration, when realizing communication between mobile terminals, it is also possible to directly set IPSEC tunnels between mobile terminals without implementing return communication by way of gateways. This configuration, however, provides no solution for the problems encountered in multicast communication. There is also the problem that management of tunnels becomes problematic when there are numerous communication partner mobile terminals.
In addition, in an IP based mobile communication network that uses Mobile IP and IPSEC, nodes in the mobile communication network can be freely accessed from the outside, and a security function is therefore necessary. For example, when realizing handover between radio access points, packets for handover requests and handover notifications between radio access points must be authenticated, and as a result, a security association must be established in advance for implementing authentication between radio access points. Such a method suffers from the problem that the management of the security association becomes troublesome with increase in the number of radio access points.
When a virtual private network technology is used in the core network of a mobile communication network and connections are provided to external networks, the problem occurs in the prior art that the connection to the private network is cut off when a terminal moves.
The present invention was realized in view of the above-described circumstances and has as its first object the provision of a mobile communication network system and mobile communication method for realizing an improvement in the efficiency of circuit use when implementing communication between mobile terminals.
Another object of the present invention is to provide a mobile communication network system and mobile communication method for realizing an improvement in the efficiency of circuit use in the multicast communication of mobile terminals.
It is yet another object of the present invention to provide a mobile communication network system and mobile communication method that eliminates the inconvenience of establishing a security association between mobile terminals or between nodes.
Finally, it is another object of the present invention to provide a mobile communication network system and mobile communication method that can continue a private line connection between a mobile terminal and an external network without cutting off the private leased line connection when the mobile terminal implements handover.