Recently, development of communication networks has made considerable progress. Among such communication networks, there are an increasing number of communication networks supporting mobility of the users having subscribed to the networks. A user is represented by a terminal node he uses for communication with a communication partner node. Note that in general a communication partner node is of the same or a similar type than a terminal node, while “partner node” has only been chosen to illustrate that this is the destination or called node in communication. A terminal node/communication partner node may for example be a mobile phone, mobile laptop computer or the like. Nevertheless, a called communication partner node may also be a fixed terminal such as e.g. a personal computer PC.
With the increasing spreading and acceptance of the Internet, a harmonization of communication networks arises in that communication networks tend to be compatible with the Internet. Thus there is a tendency to adopt the Internet Protocol IP also in communication networks other than the Internet. In particular in mobility supporting communication networks, IP is adopted in a mobility supporting version still compatible with IP “as such”. For example, Mobile IPv4, Mobile IPv6 or Cellular IP protocol version exists. For the purpose of the present invention it is not crucial which protocol is used as long as the protocol supports mobility of terminals within the communication network (or network system) and as long as the used protocol is a packet-based protocol. A packet-based protocol is a protocol according to which data are transmitted in units of packets (also known as cells) consisting of a payload section and a header section. The payload section carries the data to be communicated while the header section contains management data required e.g. for routing of the packet and indicative of e.g. quality of service QoS provided for the packet. Also, the network itself is not limited for the present invention to be described later as long as the network is a packet-switched network supporting mobility of the users such as for example GPRS, UMTS, the Internet or the like.
A brief general introduction to Mobile IP and definitions of common terms in this technical field can be found under http://www.darmstadt.gmd.de/mobile/mobileip/mobileIP.html, retrieved from the Internet on Oct. 10, 2001.
In communication networks, terminal and/or communication partner nodes are identified by a permanent address PA. If the terminal is immobile, an access point address of the terminal to the network and the terminal's permanent address may coincide with each other. However, if the terminal is mobile, this addressing scheme will not work any longer.
FIG. 1 shows in rough outline a mobile terminal MN identified in the communication network NW by its permanent address MN_PA. On the left hand side, the terminal MN is in a first position pos1 and has access to the network NW via an access point AP1. Assigned to the access point AP1 is an access point address denoted by CoA_1. For example, in a UMTS network, an access point could be represented by a Node_B, while in a GPRS network, an access point could be represented by a SGSN. Assuming that the terminal is mobile, it may reach a position pos2 different from position pos1. In position pos2, however, the access point for accessing the network has changed to access point AP2 (having as its address CoA_2). In such cases, addressing of the terminal MN by its permanent address MN_PA will not be possible any longer.
Therefore, in mobile networks the terminal is addressed by its temporary address CoA (known as care-of-address) which is mapped to its permanent address.
For example, Mobile IPv6 defines a mechanism known as Route Optimization. This mechanism enables Correspondent Nodes CN (communication partner nodes) to directly send packets to the Mobile Node MN (terminal node). Namely, when using Route Optimization, the mobile node MN sends a message (known as Binding Update message) indicating its Care-of-Address CoA to the correspondent code CN. The correspondent node CN caches (buffers) the binding of a mobile node MN (i.e. it maps the MN_PA address to the MN_CoA address), and then sends its datagrams (packets) destined for the mobile node MN directly to the care-of address, bypassing a mobile node's home agent. Mobile IPv6 Binding Update messages carry the CoA of the mobile node MN thus revealing information about its geographic location, but operators want to support Location Privacy. That is, by having knowledge of the Mobile Node's Care of Address, the Correspondent Node can deduce the geographic location of the Mobile Node. That is, a communication partner being aware of the (calling) terminal's care-of-address, may deduce the location (e.g. pos1 or pos2) of the terminal from this temporary address as explained before. (Note that the MN is associated with an MN_CoA for addressing while away from “home”, whereas when at home, the MN can be both addressed and identified by the MN_PA.)
One possibility to avoid this is to use a mechanism known as triangular routing using a mobile node's home agent HA in the network. In this case, route optimization will not apply but on the contrary, the correspondent node CN sends the packets to the permanent address PA of the mobile node MN. (Without receiving Binding Update, the mobile node's permanent address MN_PA is the only address the correspondent node CN knows about the mobile node MN). Then the Home agent HA intercepts these packets. And thanks to a Binding cache mapping the MN_PA to the MN_CoA maintained at the HA by having the MN updating it via Binding Update messages; the Home Agent knows where to send the packets and can thus tunnel them to the MN. In the other direction, the MN will use the MN_PA as the source of its packets sent to the CN; and in order to bypass ingress filtering, the mobile node MN first tunnels its packets to the Home Agent which will decapsulate them and send forward them to the correspondent node CN.
Using these mechanisms, triangular routing and reverse-tunneling, MN and CN can still exchange packets and the MN_CoA is not revealed to the CN. Although this approach does not reveal location information by means of the mobile node's care-of-address MN_CoA to the correspondent node CN, this mechanism is not optimized in terms of the routing for the communicated packets as they inevitably have to pass through the mobile node's MN home agent. Thus, triangular routing and reverse tunneling requires going back through the mobile node's MN home network for uplink (from MN to CN) and downlink (from CN to MN) communications and thus implies long routing legs. This may imply a delay of packet delivery. Also, since all packets are routed via the home agent in the home network of the mobile terminal node MN, dependent on the number of other nodes of the same home network communicating via the same home agent of the network or at least via a proper home agent in the same home network, there is a risk that the home network or parts of the network get overloaded by traffic being routed in such a way.
In current cellular networks, location privacy must be supported: The receiving node should not know where the initiating node is geographically located. Mobile IP based networks should at least support the current existing services for a commercial deployment and thus Location privacy should be supported in Mobile IP based networks.
Thus, as basically stated above, Mobile IPv6 has been developed in order to allow an IPv6 Mobile node to seamlessly roam among different subnetworks. When moving to a new point of attachment, the mobile node gets a Care of address and uses it to send and receive packets. This care of address contains information about the mobile node's current location: the network prefix of the care of address may e.g. reveal some information about the current mobile node's location such as the domain and/or any other geographic information.
A mobile node may, however, not want its correspondent nodes to learn such kind of information but may prefer to hide its location. Such property, called Location privacy, is a requirement in some current cellular networks and may be a very desirable if not mandatory feature in IP mobile networks. The goal would be for the corresponding node not to be able to know where the mobile node is located. It is desirable for Mobile IP based networks to at least support the current existing services for a commercial deployment, thus location privacy should be supported in Mobile IP based networks.
Mobile IPv6 allows location privacy to be supported using both triangular routing and reverse tunneling. However, neither of these two solutions is efficient since they require all packets, both destined to and generated by the mobile node, to pass through the home agent. The routing of these packets is therefore not optimal. In addition, these mechanisms rely on tunneling, thus resulting in large overheads (two IP headers) for all the packets originated and sent to the MN. This may not be acceptable over access links where bandwidth is limited and expensive.
In Mobile IPv6, each mobile node is always identified by its home address, regardless of its current point of attachment to the Internet. While situated away from its home, a mobile node is also associated with a care-of address, which may provide to correspondent nodes information about the mobile node's current location.
IPv6 packets addressed to a mobile node's home address are transparently routed to its care-of address: the packets are actually intercepted by a home agent which then encapsulates them to the mobile node's care of address.
A MN may decide not to send any Binding update to the CN but every packets from the CN destined to the MN will then need to go through the HA. This is called triangular routing. The MN can also send a Binding Update to the correspondent node to inform it of its care of address. The correspondent node can thus directly send the packets to the mobile node without going through the Home Agent.
Mobile IPv6 also allows MN to send packets directly to the CN: the source IP address of the packets has to be set to the MN's CoA to bypass ingress filtering and the packets will also carry the Home Address option.
In both cases, the use of Binding Updates and care-of address sourced packets allows the CN to learn the CoA corresponding to the MN and subsequently to learn information about the MN's location.
In order to hide its location, the MN needs to use its home address as the source IP address of the packets, and tunnel packets to the HA to bypass ingress filtering. This is called reverse tunneling.
To support Location privacy with existing mechanisms, both triangular routing and reverse tunneling must be used. However, neither of these two solutions is efficient since they require all the packets, both from the MN to the CN and from the CN to the MN, to go through the Home agent. This may result in very inefficient routing of the packets: e.g. the MN may be from Australia (Home agent therefore in Australia) and roaming to France. Its CN may be in Germany. All the packets exchanged between the MN and CN must go through Australia (France<->Australia<->Germany). The routing of packets between MN and CN is therefore not optimized and this may also induce more delay.
In addition to these drawbacks, since both triangular routing and reverse tunneling rely on tunneling, an extra outer IP header is required. Additional 40 bytes are required for every packets exchanged between the mobile node and the corespondent node.