Method for implementing an internet protocol (IP) charging and rating middleware platform and gateway system

Information

  • Patent Grant
  • 7644158
  • Patent Number
    7,644,158
  • Date Filed
    Monday, November 3, 2008
    16 years ago
  • Date Issued
    Tuesday, January 5, 2010
    14 years ago
Abstract
A method for Internet Protocol (IP) charging and rating gateway within a system having a proxy server for connection to an Authentication, Authorization, and Accounting (AAA) server, an access gateway, an IP classification engine for connection between a data network and the access gateway and a gateway controller connected to the proxy server and the IP classification engine, including the steps of receiving IP packets at the IP classification engine, the IP packets originating from the data network and destined for a subscriber device via the access gateway, classifying the IP packets according to the protocol of each of the packets at the IP classification engine and selectively instructing the IP classification engine to permit or deny the flow of IP packets between the data network and the access gateway at the gateway controller. Preferably, the proxy server is configured to emulate the access gateway and the AAA server.
Description
BACKGROUND

With the evolution and migration of Internet and related informational services to mobile and/or wireless handsets, devices and so on, telecommunications network operators are constantly seeking enhanced ways of rating for their respective data services. The prior art demonstrates considerable limitations, weaknesses and infirmities in this regard.


Consider U.S. Patent Application 20010055291 by Schweitzer, entitled System, method and computer program product for charging for competitive IP-over-wireless service, which details a means for charging Internet Protocol (IP) traffic but no substantial means for differentiating the traffic therein. Similarly, European Patent Application (EP) 1026853 by Yamaguchi et al., entitled Charging Method for Information Communication Network, teaches of art directed at merely counting the number of packets exchanged and nothing again of rating the different types of packets therein according to their pre-established utility and/or value.


Additionally, art which does address the problem of classifying IP traffic remains insufficient or lacks the sophistication of that of present. As with U.S. Patent Application 20020152321 by Le et al., entitled Method and apparatus for classifying IP data, makes reference to classifying said IP packets based only on IP header fields—basically Layer two (2) of the OSI stack (said stack has seven (7) layers). Our method disclosed goes well beyond Layer two (2) and involves classifying packets based on information obtained from Layer two (2) through to Layer seven (7). (For example, Multi-Media Service (MMS) classification performed by the disclosed invention depends on information obtained from layer six (6) and layer seven (7)). Our classification methodology incorporates correlation of data within the seven (7) layers to classify a packet. And similarly, U.S. Patent Application 20020103925 by Sheth et al., entitled Generic programmable internet protocol classification technique for a broadband engine, concentrates on IP classification specifically at the IPv4 header (i.e. layer 2/3). The art thereof is primarily directed at classification for more or less quality of service (QoS) reasons (indeed, the same can be said of the art identified former) and providing differentiated services. Our art is directed primarily at classification for the purpose of packet and application level data type identification(s).


Note also U.S. Patent Application 20020152321 October, 2002 Le et al. 709/238; U.S. Patent Application 20020103925 August, 2002 Sheth et al. 709/236; U.S. Patent Application 20010055291 December, 2001 Schweitzer 370/337; Foreign Patent Document(s) 1026853 August, 2000 EPO.


TECHNICAL FIELD

The present invention relates generally to wireless communications and gateway services; and more specifically, to a method for implementing an Internet Protocol (IP) charging and rating middleware platform and gateway system.


SUMMARY OF THE INVENTION

The Internet Protocol (IP) charging and rating middleware platform and gateway system disclosed herewith is intended to equip, in this instance, telecommunications network operators with the ability to rate and bill IP traffic (such as File Transfer Protocol (FTP) and HyperText Transfer Protocol (HTTP)) based upon any number of informational variables, including volume, quality of service, source address, destination address, and/or time of day. The art also accommodates differentiated billing based upon service type, including Wireless Application Protocol (WAP), Multimedia Message Service (MMS), and other services which utilize the Internet Protocol (IP) as the transport protocol.


The implementation of the architecture preferentially resides at the access gateway point, between the telecommunication provider's and/or wireless operator's IP network (as for instance, GGSN (Gateway GPRS (General Packet Radio Service) Support Node) based or PDSN (Packet Data Service Node) based and the Internet/Intranet. The IP charging and rating middleware platform and gateway system effectively allows for the inspection of IP traffic at definable points within the packet information.


For the purposes of simplicity and elucidation, the architecture of the Internet Protocol (IP) charging and rating middleware platform and gateway system may be divided functionally among the IP Classification Engine (the core of the art seeking protection of Letters Patent) and the residual art, the IP charging controllers.


Inherent to the technology and methodology of the IP Classification Engine (IPCE) remain the rating rules. Such rules are loaded into the IPCE, whereupon a series of system level triggers are then armed to detect the occurrence of certain events as per the existing rating criteria. The arming of triggers and generation of event sets, providing specific charging and/or informational events form the functional foundation of the IPCE.


Triggers may be armed on a real time basis through the provisioning interface which link to a set of underlying Application Programming Interface's (API's) (in this instance), thereby providing application control for non-limiting instantiations of protocol state, destination URL or address, Time of Day, volume message content or type, and text string, among others. Indeed, those skilled in the art shall recognize that a variety of object oriented application programming interfaces will serve the purpose of notification without affecting the intent and scope of the present invention. Triggers may also be armed on a protocol-specific level, including among others, HTTP, POP3, SMTP, FTP, MMS, and WAP.


The IPCE also provides the logic for the blocking of data wherever said subscriber has insufficient funds.


The IP charging controllers in this instance represent much of the residual, generic components of the Internet Protocol (IP) charging and rating middleware platform and gateway system as performing balance queries (which decrements the usage values on each subscriber's temporary token account store, after applying rating specific charges on the data flow information, in real time) and other intermediating functions.





BRIEF DESCRIPTION OF THE DRAWINGS


FIG. 1 illustrates a typical, non-limiting embodiment of the system level architecture employed in the disclosure of present;



FIG. 2A and FIG. 2B illustrate the Internet Protocol (IP) rating and classification techniques, methods and advances pertinent to the Internet Protocol (IP) charging and rating middleware platform and gateway system disclosed herein.





DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

With reference to FIG. 1, wherever a mobile subscriber seeks to access the Internet 44 and/or related informational services via 45, 46, 47 (WAP Gateway, NMSC or Multi-Media Server, respectively), the GGSN 10 sends via the RADIUS protocol 11, an authorization request to the RADIUS Proxy Server 260 of the Internet Protocol (IP) charging and rating middleware platform and gateway system 200. Technicians skilled in the art will recognize that mobile subscriber's may wish to access content at their wireless handset and/or other similar wireless device other than those delimited prior without diluting the intent and scope of the invention of present. Further still, those practitioners will also recognize that a variety of protocols, including Authentication, Authorization, and Accounting (AAA) protocols, will satisfy the implementation of said architecture without affecting the intent and scope of the present invention. Fundamentally, the Internet Protocol (IP) charging and rating middleware platform and gateway system 200 resides between the GGSN 10 and the Master RADIUS server 20; in a lay manner, the GGSN 10 simply presupposes the gateway system 200 is the Master RADIUS server 20, and vice versa.


Continuing with reference to FIG. 1, the RADIUS Proxy Server 260 checks the master data to confirm that the account in question is active, via LDAP or RADIUS. Practitioners skilled in the art shall recognize that a variety of protocols will satisfy the implementation of said architecture without affecting the intent and scope of the present invention. Where the returned response is negative (not shown) an authorization reject 11 is returned to the GGSN.


The gateway system 200, makes a request to an Open Charging (OC) middleware platform and gateway system 250 as detailed in patent application Ser. No. 10/307,335 to confirm the status of the account in question and related profile capabilities. Technicians skilled in the art will recognize that the invention of present need not be limited to the aforementioned Open Charging (OC) middleware platform and gateway system and other similar network implementations may be employed without diluting the intent and scope as such.


The Open Charging (OC) middleware platform and gateway system 250 accesses the subscriber account server (SCP), removing the access charge from the account (pre-paid). Where the account can not support the requested charge then a negative response is returned (not shown) and a negative authorization is passed 11 to the GGSN as a failed access request.


From the Unified Rating Service 240 the user profile in question is recovered. In the preferred embodiment, assuming both the account check, and the profile were positive an authorization accept 11 is returned to the GGSN 10 via the gateway system's 200 RADIUS Proxy server 260.


The gateway system 200 preloads the said user profile and loads the rating plans (detailed further in FIG. 2A and FIG. 2B), as a result, when the first user data packet is received the gateway controller 220, already has a complete user profile built.


So thus, still in reference in FIG. 1 now, whenever the mobile subscriber initiates a data session 12 and the RADIUS Proxy Server 260 triggers the gateway controller 220 with the subscriber specific identification parameters such as the IP address, MSISDN, APN etc., said controller 220 makes a token reservation request to OCG's Prepay Account Manager 250 application in order to obtain a certain amount of usage quota; 250 responds with a the requested number of credits/quota for consumption, for a particular ID.


Simultaneously, the gateway controller 220 obtains the rating and charging information 240 specific to the subscriber. The gateway controller 220 then arms the IPCE 210 with the appropriate information, including MSISDN, IP address, the rating specific inspection criteria etc.


IPCE 210 then internally arms the respective IP Flow Classification triggers (not shown) associated with the specific information. For example, the Flow Classification might specify the URL's allowed for the subscriber, the blocking of streaming service etc. The subscriber specific information is in addition to the regular usage statistic detectors. These generic IP Flow Classifiers perform accounting of usage on IP addresses, ports, protocols and maintain the user state information within the several IP flows.


Where events corresponding to these trigger points occur, the IP Flow Classifiers update the Internet Protocol (IP) charging and rating middleware platform and gateway system 200 accounting interface (not shown), which monitors the usage related to each type of data flow within the user data session.


The Internet Protocol (IP) charging and rating middleware platform and gateway system 200 decrements the usage details from the allocated quota. Periodically, these usage statistics are updated on the gateway controller 220, which applies the charging to the usage information with rating information and decrements the credits reserved. Where the allocated tokens are exhausted, a token confirmation report is sent to OCG's Prepay Server 250, in order to debit the users account balance and simultaneously reserve additional credit/quota and allocation of usage quotas.


The Packet Analyzer component of the IP Classification Engine (IPCE) instantiates and configures itself using the downloaded IP Classification Modules Registry. It creates a decision tree based on the IP Classification Modules registry for analyzing and determining packet types. FIG. 2A and FIG. 2B serve to delineate these processes.


When a packet is captured, it is passed onto the Packet Analyzer. If the source and destination IP addresses are not blocked, the Packet Analyzer obtains a copy of the packet and immediately re-releases the packet into the network. (Blocked packets are copied and dropped within the system. However, if the source or destination IP addresses or ports are defined to be free, the message is forwarded regardless of the blocking logic.) Using the copy of the captured packet, the Packet Analyzer determines the packet type using the decision tree of FIG. 2A.


For commercial purposes it must be recognized that only chargeable packets may be analyzed.


When the packet type is determined, the Rating and Charging Component of the IP Classification Engine is notified.


The IP Classification Modules (IPCM) Registry is used to specify the logic for analyzing the packets. It specifies a decision tree for determining the packet type of each packet; it also specifies the IP Classification module to be used for determining each packet type


As explicated earlier with reference to FIG. 1, to enable all the above features of the Internet Protocol (IP) charging and rating middleware platform and gateway system, the Unified Rating Service (URS) on the control plane (i.e. service logic plane) is invoked to arm Flow Classification triggers on the data plane (i.e. user traffic plane). When a subscriber starts a data session, the standard and subscriber specific rating information is loaded from the URS onto the IPCE through the Controllers.


Based on this rating profile, the appropriate Flow Classification triggers are armed within the IPCE. During regular inspection of IP flows, when a set of events corresponding to the armed triggers occurs in the data plane, the control plane service logic is triggered to take control of the IP flow to perform further analysis, accounting, routing and control of the session.


Protocols such as FTP, POP, RTP/RTSP and SMTP have well-defined state machines where the service logic session information can indicate when a state has been reached. On the contrary, HTTP does not have well-defined state machines, but can be inspected in a way such that service logic can indicate when a state has been reached. For example, the control plane service logic has been implemented to start the counting the number and type of bytes transported after a HTTP GET Response has been detected. The accounting of packets is terminated when a TCP FIN is detected. Further refined service logic has also been implemented in the service logic of the IPCE, to detect content based on Layer 7 information. For example, particular internet content may have restricted access, or may be free of charge.


Consider further the advances achieved by the IPCM in providing a unique way of identifying and classifying MMS traffic for rating purposes. Now, MMS traffic is usually transported over the standard WAP protocol stack within a GPRS network; the IP Classification Flow Monitors detect MMS traffic within the WAP protocol stack through the ‘Content Type’ field within the WSP layer of the WAP protocol or the presence of the MMSC URI in the GET header of the WSP layer of the WAP protocol. All WAP messages with the same Transaction ID as the original MMS packets are considered to be part of the MMS message stream. To ensure that all packets related to a MMS message are correctly rated, session-management is required to correlate all traffic with the same Transaction ID (in the WTP layer).


Grouping by Transaction ID is terminated by either a time-based counter or the arrival of an ‘Abort (0 x 04) PDU within the Wireless Transaction Protocol layer.


Tables 1A and 1B have been included herewith to further elucidate these advances.









TABLE 1A







MMS Traffic Identification









Layer
Field
Value





Wireless Transaction
Transaction ID
Transaction ID compared


Protocol

against existing transaction ID




for MMS traffic streams. If the




transaction ID matches an




existing MMS traffic stream,




it is automatically identified as




MMS traffic.


Wireless Session Protocol
Content Type
e.g.




‘application/vnd.wap.mms-Protocol message’


Wireless Session Protocol
URI (where Content Type is
The URI of the serving



unavailable).
MMSC.


Wireless Session Protocol
PDU Type URI
e.g. Get (0 × 40)




http://[MMSC URI]?message-id=XXXXXX
















TABLE 1B







MMS Traffic Identification









Layer
Field
Description





Frame
Packet Length
The size of the packet. Value




is used as the size of the




packet during IP rating. Packet




Length is presented in bytes..


Internet Protocol
Source/Destination
The source or destination IP




address. Used to identify the




subscriber.


Wireless
Transaction ID
Assigned transaction ID used


Transaction

to correlate all transactions


Protocol

within the subscriber-initiated




session.









The Internet Protocol (IP) charging and rating middleware platform and gateway system obtains the usage accounting information (not shown), applies the associated rating information to calculate the incurred charge to the subscriber and decrements that from the quota allocated by the Prepaid Application Manager, in the case of prepaid subscribers. When the allocated quota has been depleted (or lower than a defined threshold) the quota usage is confirmed with a request for more. In the event that the subscriber has no more balance in their prepaid account, it is possible to selectively drop the subscriber packets, or direct them to a top-up site, depending on the subscriber specific rating information. In the case of post paid subscribers, the appropriate usage CDR's (or similar type Event Records) are generated for transfer to the network billing system.

Claims
  • 1. A method for Internet Protocol (IP) charging and rating gateway within an IP charging and rating gateway system, said system comprising: a proxy server for connection to an Authentication, Authorization, and Accounting (AAA) server;an access gateway, said proxy server configured to reside between said AAA server and said access gateway, said proxy server further configured to emulate said access gateway such that when said AAA server communicates with said proxy server said AAA server presupposes that said AAA server is communicating with said access gateway, said proxy server further configured to emulate said AAA server such that when said access gateway communicates with said proxy server said access gateway presupposes said access server is in communication with said AAA server;an IP classification engine for connection between a data network and said access gateway; anda gateway controller connected to said proxy server and said IP classification engine, said method comprising: receiving IP packets at said IP classification engine, said IP packets originating from said data network and destined for a subscriber device via said access gateway;classifying said IP packets according to the protocol of each of said packets at said IP classification engine; andselectively instructing said IP classification engine to permit or deny the flow of IP packets between said data network and said access gateway at said gateway controller.
  • 2. The method of claim 1, wherein a set of rating rules for classifying said IP packets are loaded into said IP classification engine.
  • 3. The method of claim 2, wherein a series of system level triggers in said IP Classification Engine are armed on a real-time basis providing application control for, at least one of protocol state, destination URL or address; or according to said protocol of each said packet, said protocols of each packet including at least one of HTTP, POP3, SMTP, MMS, FTP, and WAP.
  • 4. The method of claim 3, where a series of system level triggers in said IP Classification Engine are armed based on attributes associated with OSI layers 2-7 including protocol-specific attributes and according to said protocol of each said packet, said protocols of each packet including, at least one of HTTP, POP3, SMTP, MMS, FTP, and WAP.
  • 5. The method of claim 4, wherein a decision tree is created based upon a plurality of rating rules for analyzing and determining each packet type.
  • 6. The method of claim 5, wherein each said packet is analyzed using said decision tree.
  • 7. The method of claim 1, wherein said system further comprises an open charging middleware gateway for connection between a subscriber account server and said gateway controller, and wherein said method further comprises: at said gateway controller, modifying, subscriber information stored in said subscriber account server and associated with said subscriber device according to classes of IP packets as classified by said IP classification engine as said IP packets flow to or from said data network or to or from said access gateway.
  • 8. The method of claim 1, wherein said system further comprises an open charging middleware gateway for connection between a subscriber account server and said gateway controller; said subscriber account server maintaining information associated with said subscriber device, and wherein said method further comprises: instructing said IP classification engine to deny or redirect the flow of IP packets to or from said data network to or from said subscriber device via said access gateway if subscriber information in said subscriber account server indicates that flow of IP packets is not permitted.
  • 9. The method of claim 1, wherein the access gateway comprises a Gateway GPRS Support Node (GGSN).
  • 10. The method of claim 1, wherein the access gateway comprises a Packet Data Service Node (PDSN).
  • 11. The method of claim 1, where the Authentication, Authorization, and Accounting server comprises a Remote Authentication Dial-In User Service (RADIUS) server.
  • 12. The method of claim 1, further comprising, at said gateway controller, instructing said IP classification engine to redirect traffic from said data network if subscriber information in said subscriber account server indicates that flow of IP packets to or from said subscriber device is not permitted.
  • 13. The method of claim 1, further comprising, at said IP classification engine, denying or redirecting IP packets according to how said IP packets are classified.
  • 14. The method of claim 1, wherein said IP packets can be classified according to one or more of: a protocol type, a protocol state, a destination Uniform Resource Locator (“URL”), an address, a time of day, a message content, or a message type.
  • 15. The method of claim 1, further comprising, at said IP classification engine, denying or redirecting IP packets according to a particular protocol into which said IP packets are classified.
  • 16. The method of claim 1, wherein said IP packets can be classified according to one or more of the following protocols: Hyper Text Transfer Protocol (“HTTP”), Post Office Protocol (“POP3”), Simple Mail Transfer Protocol (“SMTP”), File Transfer Protocol (“FTP”), Multi-media Messaging Service (“MMS”), Wireless Application Protocol (“WAP”), Real Time Protocol (“RTP”), and Real Time Streaming Protocol (“RTSP”).
  • 17. The method of claim 1, further comprising, at said proxy server, confirming if a subscriber's account is active via either the Lightweight Directory Access Protocol (“LDAP”) or the Remote Authentication Dial In User Service (“RADIUS”) protocol.
CROSS-REFERENCE TO RELATED APPLICATIONS

This is a continuation of U.S. application Ser. No. 10,348,972 now U.S. Pat. No. 7,457,865, filed Jan. 23, 2003, and is generally related to U.S. patent application Ser. No. 10/307,335, filed Dec. 2, 2002, the entire contents of each of which is incorporated herein by reference.

US Referenced Citations (73)
Number Name Date Kind
6473622 Meuronen Oct 2002 B1
6611875 Chopra et al. Aug 2003 B1
6615262 Schweitzer et al. Sep 2003 B2
6621793 Widegren et al. Sep 2003 B2
6661780 Li Dec 2003 B2
6667780 Cho Dec 2003 B2
6714515 Marchand Mar 2004 B1
6718380 Mohaban et al. Apr 2004 B1
6775267 Kung et al. Aug 2004 B1
6785534 Ung Aug 2004 B2
6847708 Abbasi et al. Jan 2005 B1
6891811 Smith et al. May 2005 B1
6895235 Padgett et al. May 2005 B2
6947531 Lewis et al. Sep 2005 B1
7003307 Kupsh et al. Feb 2006 B1
7039037 Wang et al. May 2006 B2
7107068 Benzon et al. Sep 2006 B2
7139387 Dahari Nov 2006 B2
7194235 Nykanen et al. Mar 2007 B2
7215970 Corrigan et al. May 2007 B2
7269431 Gilbert Sep 2007 B1
7272133 Valin et al. Sep 2007 B2
7302254 Valloppillil Nov 2007 B2
7340214 Hamberg Mar 2008 B1
20010026553 Gallant et al. Oct 2001 A1
20010053687 Sivula Dec 2001 A1
20010055291 Schweitzer Dec 2001 A1
20020052754 Joyce et al. May 2002 A1
20020103925 Sheth et al. Aug 2002 A1
20020107754 Stone Aug 2002 A1
20020126701 Requena Sep 2002 A1
20020152319 Amin et al. Oct 2002 A1
20020152321 Le et al. Oct 2002 A1
20020176378 Hamilton et al. Nov 2002 A1
20030003932 Corrigan et al. Jan 2003 A1
20030009580 Chen et al. Jan 2003 A1
20030035409 Wang et al. Feb 2003 A1
20030051041 Kalavade et al. Mar 2003 A1
20030069922 Arunachalam Apr 2003 A1
20030074286 Rodrigo Apr 2003 A1
20030083990 Berg et al. May 2003 A1
20030096605 Schlieben et al. May 2003 A1
20030105720 Ishibashi Jun 2003 A1
20030105864 Mulligan et al. Jun 2003 A1
20030112936 Brown et al. Jun 2003 A1
20030134615 Takeuchi Jul 2003 A1
20030157925 Sorber et al. Aug 2003 A1
20030158902 Volach Aug 2003 A1
20030187996 Cardina et al. Oct 2003 A1
20030207686 Ramanna et al. Nov 2003 A1
20030214958 Madour et al. Nov 2003 A1
20040022191 Bernet et al. Feb 2004 A1
20040028055 Madour et al. Feb 2004 A1
20040066769 Ahmavaara et al. Apr 2004 A1
20040092250 Valloppillil May 2004 A1
20040092272 Valloppillil May 2004 A1
20040095924 Holur et al. May 2004 A1
20040105424 Skoczkowski et al. Jun 2004 A1
20040117312 Lialiamou et al. Jun 2004 A1
20040127215 Shaw Jul 2004 A1
20040236686 Bohmer et al. Nov 2004 A1
20050100035 Chiou et al. May 2005 A1
20050131984 Hofmann et al. Jun 2005 A1
20050185661 Scott et al. Aug 2005 A1
20050185664 Chaskar et al. Aug 2005 A1
20050195743 Rochberger et al. Sep 2005 A1
20050272465 Ahmavaara et al. Dec 2005 A1
20060008063 Harnesk et al. Jan 2006 A1
20060028980 Wright Feb 2006 A1
20060031297 Zuidema Feb 2006 A1
20060039374 Belz et al. Feb 2006 A1
20060075467 Sanda et al. Apr 2006 A1
20080013531 Elliott et al. Jan 2008 A1
Foreign Referenced Citations (15)
Number Date Country
10148540 Apr 2003 DE
1 026 853 Aug 2000 EP
1 278 359 Jan 2003 EP
1 278 383 Jan 2003 EP
1 298 599 Apr 2003 EP
1 309 213 May 2003 EP
1 320 214 Jun 2003 EP
1 278 359 Jun 2004 EP
1 278 359 Mar 2007 EP
0163883 Aug 2001 WO
0169891 Sep 2001 WO
03032618 Apr 2003 WO
03037023 May 2003 WO
03047164 May 2003 WO
2007138407 Dec 2007 WO
Related Publications (1)
Number Date Country
20090133114 A1 May 2009 US
Continuations (1)
Number Date Country
Parent 10348972 Jan 2003 US
Child 12264137 US