Patent Application
20130276072
The invention relates to devices and methods for enabling exchange of user profiles between a visited user profile server of the visited network and a home user profile server of the home network.
In today's dynamic business environment it is important for an operator of a communication system to have as much information about their subscribers as possible. The operator is thereby able to offer the subscribers more personalized and thus more valuable services. The subscribers can be provided with nearly unlimited choices for services, tailored to their unique personalities, preferences and lifestyles.
Today, some difficulties are encountered when acquiring information about specific subscribers, in the following also denoted users. Many of the techniques used for deriving user preferences are based on user representation in a declarative and static way. However, in today's environment, user context often changes, which necessitates the need to adapt the services being used by the user in accordance with his/hers current context. An effort to improve this static user knowledge comprises using machine learning algorithms, which is a more advanced technique for depicting user preferences.
The gathering/acquisition of information about specific subscribers entails also another difficult aspect: the integrity of the subscriber. User preferences are stored in user profiles and in order to maintain personal privacy a separate user profile may for example be kept for an identity in a specific user context. This not only ensures protection of the information but also allows the user to have different preferences for different contexts.
A user roaming between different communication networks is preferably provided services suited for his current context. For example, if the user is on vacation in a particular country, he may prefer and need different services than if he is on a work journey. Today, the user accessing services in a first communication network or a first location is not able to continue to use those equivalent services without interruption when moving to a new location or different communication network, even provided the service is accessible at this new location.
Existing user profile management systems offer up-to-the-minute information about one single subscriber view, including updates to the subscriber's profile. Each operator domain persists in using their particular user profile solution in order to enable them to consolidate and/or federate real-time information such as data in their home location register (HLR), home subscriber server (HSS) or in multiple database types across their communication network. There is a need for providing personalized user preferences even when the user is moving across boundaries of different communication networks and meeting the user's current needs and demands without provoking privacy.
In “Service Invocation and Roaming in Pervasive-Computing Environments” by Alvin Yung Chian Chin, a framework is developed for a service paradigm that facilitates a user to perform a particular task to get access to services in a seamless manner, tailored to their preferences and to the location that they are in. However, the document fails to consider roaming scenarios.
A challenge thus comprises how to find a unified, manageable, consistent user preference or user profile across boundaries of different operator's communication networks, without increasing the operational costs and without compromising the user privacy. It is clear that there is a need for improvements in this regards.
It is an object of the invention to enable subscribers of a communication network to obtain tailored services even when roaming, with maintained user integrity.
The object is according to a first aspect of the invention achieved by a method in a visited gateway server in a communication system. The communication system comprises a home network and a visited network for enabling exchange of user profiles between a visited user profile server of the visited network and a home user profile server of the home network. The method comprises receiving a user identification from a user equipment requesting access to the visited network; transmitting, in response to received user identification, an identifier of the visited user profile server to the user equipment for conveyance by the user equipment to the home user profile server, thereby enabling the exchange of user profiles.
By enabling the exchange of user profiles between the home network and the visited network, services provided to a user may be adapted in accordance with the user's context information associated with his/hers current identity and/or location. The exchange of user profiles enables an adaptation of the services provided to the user, who thereby is able to get tailored services when roaming within the communication system.
In one embodiment, the method comprises transmitting the identifier of the visited user profile server to an authentication, authorization and accounting proxy of the visited network. The proxy is thereby able to convey the identifier of the visited user profile server to an authentication, authorization and accounting server of the home network.
In one embodiment, the step of receiving user identification from the user equipment is performed during a procedure for initiating, by the user equipment, a new access to the visiting network.
In one embodiment, the identifier of the visited user profile server comprises a unique identifier pointing to the visited user profile server.
The unique identifier may for instance comprise a domain name address or Internet protocol address.
The object is according to a second aspect of the invention achieved by a visited gateway server in a communication system comprising a home network and a visited network for enabling exchange of user profiles between a visited user profile server of the visited network and a home user profile server of the home network. The visited gateway server comprises receiving circuitry for receiving user identification from a user equipment, and transmitting circuitry. The visited gateway server is configured to transmit, by means of the transmitting circuitry, an identifier of the visited user profile server to the user equipment in response to receiving, by means of the receiving circuitry, the user identification, for conveyance by the user equipment to the home user profile server. Thereby the visited user profile server and the home user profile server are able to initiate user profiles exchange.
The object is according to a third aspect of the invention achieved by a computer program for enabling, in a communication system comprising a home network and a visited network, exchange of user profiles between a visited user profile server of the visited network and a home user profile server of the home network. The computer program comprises computer program code which, when run on a visited gateway server of the visited network, causes the visited gateway server to: receive a user identification from a user equipment requesting access to the visited network; transmit, in response to receiving the user identification, an identifier of the visited user profile server to the user equipment for conveyance by the user equipment to the home user profile server, whereby the visited user profile server and the home user profile server are able to exchange user profiles.
In one embodiment, a computer program product is provided. The computer program product comprises the computer program and a computer readable means on which the computer program is stored.
The object is according to a fourth aspect of the invention achieved by a method in a visited user profile server of a communication system comprising a home network and a visited network for enabling exchange of user profiles between a home user profile server of the home network and a visited user profile server of the visited network. The method comprises: receiving from the home user profile server a user profile for a user visiting the visited network; creating a temporary user profile for the user based on the received user profile; receiving new user profile preferences for the user obtained while the user roams in the visited network; and updating the temporary user profile with the new user profile preferences.
The received user profile may for instance be based on one or more of: a pre-configured policy, a service level agreement between the home network and the visited network, user profile information allowed by the user and/or subscription data of the user.
In one embodiment, the method comprises the further steps of: receiving a close connection message; updating, in response to the close connection message, the temporary user profile in the visited user profile server, the updating comprising new user profile preferences; transmitting to the home user profile server the updated user profile.
In a variation of the above embodiment the method comprises the step of, after transmitting to the home user profile server the updated user profile, deleting in the visited user profile server the temporary user profile for the user.
The object is according to a fifth aspect of the invention achieved by visited user profile server of a communication system comprising a home network and a visited network for enabling exchange of user profile preferences between a home user profile server of the home network and a visited user profile server of the visited network, the visited user profile server comprising: first receiving circuitry configured to receive from the home user profile server a user profile for a user visiting the visited network; first processing circuitry configured to create a temporary user profile for the user based on the user profile received by means of the first receiving circuitry; and second processing circuitry configured to update the temporary user profile with new user profile preferences obtained while the user equipment roams in the visited network.
In one embodiment, the visited user profile server further comprises: second receiving circuitry configured to receive a close connection message; third processing circuitry configured to update the temporary user profile in the visited user profile server, the updating comprising new user profile preferences; first transmitting circuitry configured to transmit to the home user profile server the updated user profile.
The object is according to a sixth aspect of the invention achieved by computer program for enabling, in a communication system comprising a home network and a visited network, exchange of user profiles between a visited user profile server of the visited network and a home user profile server of the home network, the computer program comprising computer program code which, when run on the visited user profile server of the visited network, causes the visited user profile server to: receive from the home user profile server a user profile for a user visiting the visited network; create a temporary user profile for the user based on the received user profile; and update the temporary user profile with new user profile preferences obtained while the user roams in the visited network.
In one embodiment, the computer program further comprises computer program code which, when run on the visited user profile server of the visited network, causes the visited user profile server to: receive a close connection message; update the temporary user profile in the visited user profile server, the updating comprising latest user profile preferences; and transmit to the home user profile server the updated user profile.
In one embodiment, computer program product is provided comprising the computer program and computer readable means on which the computer program is stored.
The object is according to a seventh aspect of the invention achieved by a method in a user equipment of a communication system comprising a home network and a visited network for enabling exchange of user profiles between a home user profile server of the home network and a visited user profile server of the visited network. The method comprises: requesting access to the visited network; receiving, in response to the request, from a visited gateway server of the visited network, an identifier of a visited user profile server; and conveying the identifier of the visited user profile server to the home user profile server.
In one embodiment, the step of conveying the identifier of the visited user profile server comprises: performing a mobile internet protocol, MIP, registration or binding; adding in the MIP registration or binding an identifier of the visited user profile server; and conveying the identifier of the visited user profile server to the home user profile server.
In one embodiment, the step of conveying the identifier of the visited user profile server comprises adding in a registration or binding request message the identifier of the visited user profile server. The method is thus applicable in communication systems using different versions of internet protocols, e.g. IPv4 or IPv6.
In one embodiment, the identifier of the visited user profile server comprises a unique identifier pointing to the visited user profile server.
The unique identifier may for instance comprise a domain name address or Internet protocol address.
The object is according to a eighth aspect of the invention achieved by user equipment of a communication system comprising a home network and a visited network for enabling exchange of user profiles between a home user profile server of the home network and a visited user profile server of the visited network. The user equipment comprises a first processor configured to: request access to the visited network utilizing access circuitry; receive, by means of first receiving circuitry and in response to the request, from a visited gateway server of the visited network, an identifier of a visited user profile server; and convey, using first transmitting circuitry, the identifier of the visited user profile server to the home user profile server.
The object is according to a ninth aspect of the invention achieved by a computer program for enabling, in a communication system comprising a home network and a visited network, exchange of user profiles between a visited user profile server of the visited network and a home user profile server of the home network, exchange of user profiles between a visited user profile server of the visited network and a home user profile server of the home network, the computer program comprising computer program code which, when run on a user equipment, causes the user equipment to: request access to the visited network; receive, in response to said request, from a visited gateway server of the visited network, an identifier of a visited user profile server; and convey the identifier of the visited user profile server to the home user profile server.
In one embodiment, a computer program product is provided comprising a computer program computer readable means on which the computer program is stored.
Further features and advantages thereof will become clear upon reading the following description and the accompanying drawings.
a illustrates a visited gateway server.
b illustrates computer program and computer program product for the visited gateway server of
a illustrates a user equipment.
b illustrates computer program and computer program product for the user equipment of
a illustrates a visited user profile server.
b illustrates computer program and computer program product for the visited user profile server of
In the following description, for purposes of explanation and not limitation, specific details are set forth such as particular architectures, interfaces, techniques, etc. in order to provide a thorough understanding of the invention. However, it will be apparent to those skilled in the art that the invention may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known devices, circuits, and methods are omitted so as not to obscure the description of the invention with unnecessary detail. Like numbers refer to like elements throughout the description.
In the following, user and subscriber are used interchangeably for denoting a user of a user equipment for which a subscription for communication services has been signed with an operator of a communication system.
The home network 10 comprises a home policy server 13, and the visited network 20 comprises a visited policy server 23. The policy server 13, 23 is a security component based on policy control technology that provides authorization services and facilitates tracking and control of among other profile sharing policies authorization. The policy server 13, 23 accepts user profile sharing requests, processes them against a formal set of statements that define how such profiles are to be allocated among its requesters.
The home network 10 and the visited network 20 both comprise a respective user profile server, denoted home user profile server 12 in the home network 10 and visited user profile server 22 in the visited network 20. The user profile servers 12, 22 may have their own mechanisms for obtaining user preferences or user profiles. Machine learning algorithms may for instance be to this end. The user profile servers 12, 22 creates and store short term and long term user profiles depending on an analysis of data regarding the user such as subscription database, network nodes, location etc. The user profile server, or user profile engine UPE, as such is subject of a co-pending patent application, assigned to the same Applicant as the present application.
The home network 10 comprises a home gateway 11 and home agent 14 in conventional manner. Likewise, the visited network 20 comprises a visited gateway 21 and foreign agent 24. The home network 10 further comprises an authentication, authorization and accounting (AAA) server 19, whereas the visited network 20 correspondingly comprises an AAA proxy 29. Conventionally, the service providers apply some security procedure before accessing services, which procedures are performed in the AAA server 19 and AAA proxy 29, respectively.
A subscriber having a user equipment 2 has a subscription with the service provider of the home network 10, and is able to roam to the visited network 20 by means of which another service provider provides services. The home network 10 and the visited network 20 have roaming agreements and, as mentioned earlier, possibly other agreements defining the user profile exchange or sharing.
Picture a scenario wherein the visited network 20 wants to e.g. push some advertisements to the subscriber roaming therein. In order to decide when and what to be pushed for advertisements to the subscriber, the visited network 20 would like to know more about the subscriber. However, the visited network 20 has no access to the traffic data or other subscription data that could be analyzed in order to find a profile best describing the subscriber. The visited network 20 needs a user profile containing the latest user context.
At arrow 1, upon attachment to a new access, the user equipment 2 starts an association or discovery and handshaking procedure toward an authentication agent or authenticator, e.g. the foreign agent 24, in the visited gateway server 21.
At arrow 2, the discovery procedure for the AAA proxy 29 in the visited network 20 is performed.
At arrow 3, the access authentication procedure is carried on without any information concerning the discovery of policy server 23 or the visited user profile server 22. The steps indicated at arrows 1, 2 and 3 are known procedures and are therefore not described in any detail.
At arrow 4, a dynamic host configuration protocol (DHCP) for a local IP (Internet Protocol) address is run, which is an auto-configuration protocol used on IP networks. The user equipment 2 is configured with an identifier, e.g. an address, to the visited user profile server 22, which is done in dependence on the assigned IP address.
At arrow 5, an IP session setup request is sent to the visited policy server 23. The visited policy server 23 forwards the request to the visited user profile server 22.
At arrow 6, an IP security is run between the user equipment 2 and the AAA server 19 and the home agent 14 is assigned and the home agent 14 is included amongst other information in the IP security signaling.
At arrow 7, the home gateway server 11, which holds the home agent 14 for the user, assigns a home IP address and sends an IP session setup request to the home policy server 13.
At arrow 8, the user equipment 2 starts an MIP binding update request (for IPv6) or MIP registration request (for IPv4) to the home agent 14 including the identifier, e.g. address, to the visited user profile server 22, wherein the home agent 14 sends update request to the home policy server 13.
At arrow 9, the home policy server 13 informs the home user profile server 12 about the visited user profile server 22 information. For the interaction between the home policy server 13 and the home user profile server 12, for instance security assertion markup language (SAML) as an XML-based framework for communicating user authentication, entitlement and attribute information can be used with XCAML.
At arrow 10, the home user profile server 12 initiates interaction with the visited user profile server 22 for pushing user profile according to specific authorized policies in the related home policy server 13. The interface between the two user profile servers 12, 22 to expose the user profile can use for example the Standard Semantic Web (RDF/OWL). The home user profile server 12 then sends notification to the home policy server 13, which sends an answer to the home gateway server 11.
At arrow 11, the home gateway server 11 sends MIP acknowledgment or answer to the user equipment 2.
At arrow 12, the visited user profile engine 22 creates a temporary user profile, in the following denoted short term profile, for the user based on a default user profile that it received from the home user profile server 12. This short term profile is stored in a cache memory 30 or the like as long as the user is roaming in the visited network 20. This short term profile can be stored in the visited network 20 if this is agreed upon, e.g. in a business SLA agreement.
At arrow 13, the visited user profile server 22 will update the short term profile according to new preferences that the user gains while roaming the visited network 20.
At arrow 14, when the user leaves the visited network 20, the home agent server 13 receives a termination request, which will be forwarded to the home user profile server 12 via the home policy server 13.
At arrow 15, the home user profile server 12 sends a close connection message to the visited user profile server 22, expecting an answer in return with the latest update made to the short term profile. The visited user profile server 22 sends an acknowledge close connection message to the home user profile server 12 with the latest user profile for the user.
Finally, at arrow 16, the home user profile server 12 will update a user profile database 31 with the latest update.
Above, an embodiment of the invention has been described. The invention is however not restricted to this scenario. The user profile servers 12, 22 can be used for interacting with other service providers, e.g. a 3rd party service provider, requesting the user profile.
There is no need to assign an IP address prior to the authentication procedure, and the implementation is independent of the access control protocol used for the authentication. The interaction between the user profile servers 12, 22 starts first after the IP sessions setup in both home network 10 and visited network 20, respectively, and use is made of policy control architecture. This means that there is a need for more signaling before initiation of the interaction between the user profile servers 12, 22 and the exchange of user profiles is effectuated after the MIP establishment is acknowledged by the concerned agent 14, 24.
MIP tunneling procedures and protocols may be used to carry the identifier, e.g. an address, to the visited user profile server 22 in early stages to enable a short term user profile creation according to policies that can be executed in line with the MIP tunneling procedure.
The visited gateway server 21 in the communication system 1 will be described next with reference to
The visited gateway server 21 is configured to transmit, by means of the transmitting circuitry 125, an identifier of the visited user profile server 22 to the user equipment 2 in response to receiving, by means of the receiving circuitry 124, the user identification. The user equipment 2 is thus able to convey the identifier of the visited user profile server 22 to the home user profile server 12, whereby the visited user profile server 22 and the home user profile server 12 are able to initiate user profiles exchange.
The above can be implemented by a computer program 132 comprising computer program code which, when run on the visited gateway server 21 causes the visited gateway server 21 to receive a user identification from a user equipment 2 requesting access to the visited network 20; and to transmit, in response to receiving the user identification, an identifier of the visited user profile server 22 to the user equipment 2 for conveyance by the user equipment 2 to the home user profile server 12. In particular, the computer program may be run on a processor 130 of the visited gateway server 21 with associated program memory including computer program code for performing the functionality.
In
The user equipment 2 for use in the communication system 1 will be described next with reference to
The above can be implemented by a computer program 82 comprising computer program code which, when run on the first processor 3 causes the user equipment perform the above described functionality. In particular, the first processor 3 with associated program memory including computer program code performs the desired functionality.
In
The visited user profile server 22 will be described next with reference to
In one embodiment, the visited user profile server 22 further comprises second receiving circuitry 43 configured to receive a close connection message; third processing circuitry 44 configured to update the temporary user profile in the visited user profile server 22, the updating comprising new user profile preferences; first transmitting circuitry 45 configured to transmit to the home user profile server 12 the updated user profile.
The visited user profile server 22 may be provided with a processor with associated program memory including computer program code for performing the functionality of the various circuitries mentioned above. It should be realized that the functions described may also be provided in the form of the above mentioned hardware, like for instance in the form of ASIC circuits. The computer program code may be provided on a computer readable means, for instance in the form of a data carrier, like a CD ROM disc, a memory stick or a DVD disc, which will implement the function of the above-described units of the communication aspect investigating device when being loaded into a computer.
In particular, a computer program 52 for enabling the above functions may be provided. The computer program 52 comprises computer program code which, when run on the visited user profile server 22, e.g. a processor 50 therein, causes the visited user profile server 22 to: receive from the home user profile server 12 a user profile for a user visiting the visited network 20; create a temporary user profile for the user based on the received user profile, and update the temporary user profile with new user profile preferences obtained while the user roams in the visited network 20.
The computer program 52 may further comprise computer program code which, when run on the visited user profile server 22, e.g. in the processor 50, causes the visited user profile server 22 to: receive a close connection message; update the temporary user profile in the visited user profile server 22, the updating comprising latest user profile preferences; transmit to the home user profile server 12 the updated user profile. The program code can thus also be provided as a pure computer program. This computer program would then include computer program modules, which include computer program instructions that implement the functionality of the circuitry. This may be downloaded from a server, for instance via the Internet or via a point-to-point connection.
In an embodiment, illustrated in
With reference to
The method 40 comprises the second step of transmitting 42, in response to the received user identification, an identifier of the visited user profile server 22 to the user equipment 2. The user equipment 2 may then convey the identifier of the visited user profile server 22 to the home user profile server 12, thereby enabling the exchange of user profiles.
The identifier of the visited user profile server 22 comprises a unique identifier pointing to the visited user profile server 22, and may for example be a domain name address or Internet protocol address.
In one embodiment, illustrated in
In the method 40, the step of receiving a user identification from the user equipment 2 may be performed during a procedure for initiating, by the user equipment 2, a new access to the visiting network 20, as was described earlier with reference to
With reference to
The received user profile may be based on for instance a pre-configured policy, a service level agreement between the home network 10 and the visited network 20, user profile information allowed by the user and/or subscription data of the user.
In one embodiment, illustrated in
In one embodiment, illustrated in
With reference to
In one embodiment, illustrated in
The step of conveying the identifier of the visited user profile server 22 further comprises adding 75 in the MIP registration or binding an identifier of the visited user profile server 22, and conveying 76 the identifier of the visited user profile server 22 to the home user profile server 12. The identifier of the visited user profile server 22 is thus carried from the visiting network 20 to the home gateway server 11 in a message depending on the IP version used by the user equipment. In implementing the invention, there is no need to introduce impact on entities of the MIP architecture, as extensions to the existing binding or registration request are used.
| Filing Document | Filing Date | Country | Kind | 371c Date |
|---|---|---|---|---|
| PCT/SE2010/051447 | 12/21/2010 | WO | 00 | 6/18/2013 |
