The present invention relates to a method of connection and in particular but not exclusively to a method of connecting user equipment to a public land mobile network via wireless local area network.
The communication system is a facility that enables communication between two more entities such as user terminal equipment and/or network entities and other nodes associated with the communication system. The communication may comprise, for example, a communication of voice, electronic mail (email), text messages, data, multimedia and so on.
A communication may be provided by a fixed line and/or wireless communication interfaces. A feature of wireless communication system is that they provide mobility for the users thereof. An example of communication systems providing wireless communication is a public land mobile network (PLMN). An example of the fixed line system is a public switched telephone network (PSTN).
The communication system typically operates in accordance with a given standard or specification which sets out what the various elements of a system are permitted to do and how that should be achieved. For example, the standard or specification may define if the user or more precisely user equipment is provided with a circuit switched server or a packet switched server or both. Communication protocols and/or parameters, which should be used for the connection, are also typically defined. For example, the manner in which communication is implemented between the user equipment and the elements of the communication network is typically based on a predefined communication protocol. In other words, a specific set of rules on which the communication can be based needs to be defined to enable the user equipment to communicate via the communication system.
The 3G partnership project (3GPP) is defining a reference architecture for the universal mobile telecommunication system (UMTS) core network which will provide the users of user equipment with access to services. The term “service” used in this document should be understood to broadly cover any services or goods which a user may desire, require or be provided with. The term is to be understood to cover the provision of complementary services. In particular, but not exclusively, the term “service” will be understood to include internet protocol multimedia IM services, conferencing, telephoning, gaming, rich call, presence, e-commerce, messaging and instant messaging.
Reference will be made to the 3GPP technical specification TS24.234 and TS23.234, both documents, which are hereby incorporated by reference. Both of these documents relate to WLAN (wireless local area network) inter working. WLAN inter working is inter working between a proposed 3GPP system and the WLAN family of standards. Examples of WLAN radio network type technology include Bluetooth, the IEEE standards 802.11B, 802.11G, 802.11A and HIPERLan-2. The wireless local area network inter working allows a WLAN UE (user equipment) to connect to a WLAN and from there to either a visited PLMN or the home HPLMN. The PLMNs are 3G communication systems. A WLAN UE is all the user equipment, which can be used to allow a 3GPP subscriber to access the WLAN inter working. This may include, for example a computer. It should be appreciated that the WLAN UE may be capable of WLAN access only or may be capable of WLAN and 3GPP system access.
In the proposed specification, the network selection procedure consists of two parts. The first part is radio selection. This is the first phase of network selection and always takes place before VPLMN (visited PLMN) selection. In this phase the WLAN UE selects an access point AP and associates itself with it. The parameter used for the selection of the access point is the SSID (service set ID). In the second part, the VPLMN is selected. After selecting an access point, that is after completion of the radio selection, the WLAN UE may need to select a PLMN through which to authenticate, if more than one is available behind the chosen WLAN. This is called VPLMN selection in the WLAN inter working.
However, the proposed procedure has a problem. After associating with an access point, the WLAN UE initiates the VPLMN selection process. EAP (extensible authentication protocol) as defined in the IETF Internet Engineering Task Force draft as defined in draft-arkko-pppext-eap-aka (EAP AKA (authentication and key agreement) authentication) and draft-haverinen-pppext-eap-sim (EAP SIM (subscriber Identity module)). Both of these documents are hereby incorporated by reference.
When the WLAN user equipment receives an EAP failure indicating that the procedure has failed, it is not always advised as to the reason of the failure. This is disadvantageous because the WLAN UE could end up associating with each available access point until it finds one which supports WLAN inter working and/or has the capability to route the WLAN user equipment authentication signalling to the home server. At this point, it is possible that the WLAN user equipment is not aware whether the AP supports WLAN IW and therefore is not able route EAP signalling to the home AAA server. It may also be possible that the AP supports WLAN inter working with the routing failing for other reasons, for example there is not a direct roaming relationship with the respective home PLMN. Yet another possible cause of failure could be authentication failure at the home server, even if the AP was able to route the signalling to the HPLM.
It is the aim of the embodiments of the present invention to address the problems discussed.
According to a first aspect of the present invention, there is provided a method of connecting user equipment to a communications network via a wireless local area network, said method comprising the steps of a first selecting step for selecting an access point, a second selecting step for selecting a communications network, wherein if said connection fails, sending a message comprising information indicating if said access point supports inter-working with a communications network.
According to another aspect of the present invention, there is provided a method of connecting user equipment to a communications network via a wireless local area network, said method comprising the steps of a first selecting step for selecting an access point, a second selecting step for selecting a communications network, wherein if said connection fails, sending a message comprising information indicating a location at which said connection fails.
According to another aspect of the present invention, there is provided a system comprising user equipment to be connected to a communications network via a wireless local area network, said wireless local area network having an access point, wherein if said connection fails, the wireless local area network is arranged to send a message to the user equipment comprising information indicating if said access point supports inter-working with the communications network.
According to another aspect of the present invention, there is provided a system comprising user equipment to be connected to a communications network via a wireless local area network, said wireless local area network having an access point, wherein if said connection fails, the wireless local area network is arranged to send a message to the user equipment comprising information indicating a location in said network at which said connection fails.
According to another aspect of the present invention, there is provided an entity of a wireless local area network in a system comprising user equipment to be connected to a communications network via the wireless local area network, said wireless local area network having an access point, said entity being arranged to send a message to the user equipment comprising information indicating if said access point supports inter-working with the communications network.
According to another aspect of the present invention, there is provided user equipment for connection to a communications network via a wireless local area network, said user equipment comprising means for receiving a message if a connection fails, comprising at least one of information indicating if an access point supports inter-working with a communications network and information indicating a location at which said connection fails.
According to another aspect of the present invention, there is provided user equipment for connection to a communications network via a wireless local area network, said user equipment comprising means for receiving a message if a connection fails, and response to said message said user equipment is arranged to do at least one of the following: select a different access point, select a different communications network, retry to establish said connection, retry authentication and provide identity information.
For a better understanding of the present invention and as to how the same may be carried into effect, reference will now be made by way of example only to the accompanying drawings in which:
Reference is made to
The WLAN UE is arranged to make a connection with an access point (AP). In the arrangement shown in
The respective WLAN access networks, of which the three APs, AP1-3 form a part are not shown but may also include intermediate AAA (authentication, authorisation and accounting) elements. A WLAN may include other devices such as routers.
The first access point AP1 is connected to a first VPLMN 10 and a second VPLMN 12.
The first access point AP1 is also connected to a second VPLMN 12. However, this second VPLMN 12 is not able to make a connection to the HPLMN 18. This may for example because for example there is no appropriate roaming agreement with the HPLMN 18. Finally the first access point is also directly connected to the HPLMN 18.
The second access point AP2 is connected to a third VPLMN 14. The third VPLMN 14 has a connection to the HPLMN 18. It should be appreciated that the third VPLMN 14 has a similar structure to the first VPLM shown in
The third access point AP3 is connected to an internet service provider 16. This allows the user to access the Internet.
In preferred embodiments of the present invention, the user equipment will be provided with a SSID (service set identifier) list, which lists the preferred addresses. In the embodiment shown in
The user equipment also has a preferred PLMN list. In the arrangement shown in
Embodiments of the present invention propose to use EAP notifications. In particular, embodiments of the invention use EAP/SIM notifications (used in GSM global system for mobile communications) and EAP/AKA notifications (used in 3G systems). Embodiments of the present invention use new notification codes to indicate to the user equipment the reason for an authentication failure response (for example as a result of a wrong network selection). It should be appreciated that this may imply either radio selection or VPLMN selection failure. This information makes the network selection process more effective.
Reference is now made to
Consider case a. In case a, the WLAN (of which the AP is part) supports WLAN inter working. In the example associated with case a, authentication signalling could not be routed to the AAA server 22 of the HPLMN.
In step S1, the WLAN shall issue an EAP Req/identity. The EAP Req/Identity is a request for the identity of the UE.
In step S2, on receipt of the EAP request, the UE 2 sends EAP response/identity message. The EAP Resp/identity is a response, which provides the identity of the UE and may for example be the user's international mobile subscriber identity (IMSI), a temporary identity or any other suitable identity information. In preferred embodiments of the invention this may be the root NAI (network access identifier). This can take the form of: userX@HPLM id. In other words the user and the associated network are identified.
In step S3, the WLAN sends an EAP request/identity message including a network advertisement. This will occur if the root NAI is not understood. In step S4 the user equipment set to the WLAN EAP response/identity message including decorated NAI (Network access identifier). This will take the form of: userX@VPLM1 “HPLMN”. In other words, there is information identifying the VPLMN via which the HPLMN is connected as well as the HPLMN. Steps S3 and S4 provide network advertisement information to the UE using an extra EAP Req/identity and EAP Resp/identity exchange. These steps are optional and can be omitted in some embodiments of the present invention, if the root NAI is understood.
In step S5, the WLAN sends an EAP notification code to the user equipment. The EAP notification will include a notification code, which indicates the cause of the failure. This will include an indication that the WLAN supports WLAN inter working.
On receipt of the indication that the WLAN supports WLAN inter working, the WLAN user equipment may proceed by trying to associate with another access point or may decide to remain with a currently associated AP and try to authenticate with HPLMN by for example selecting another VPLMN. Other actions are of course possible.
In step S6, the WLAN sends an EAP failure message. The EAP failure message is sent if the connection has failed. In some embodiments of the invention, this message may be omitted, with the information in the notification message being used to provide the failure information.
Case b will now be described. In case b, the WLAN does not support inter working WLAN. Steps T1 and T2 correspond to steps S1 and S2 respectively. Steps corresponding to steps S3 and S4 may be provided if necessary. In step T3, the WLAN 20 sends an EAP failure message. In this case, the user equipment will most probably not receive any EAP notifications before the EAP failure. In this way, the user equipment will know that the WLAN probably does not support WLAN inter working.
In cases C and D, the WLAN supports WLAN inter working and the authentication fails in the HPLMN 18.
In case c, the authentication is not started. Steps A1 and A2 correspond to steps S1 and S2 respectively. In step A3, an EA response including the root NAI or the decorated NAI is sent from the WLAN to the AAA server 26.
In step A4, an EAP notification is sent from the server 26 to the WLAN. This EAP notification is forwarded by the WLAN to the user equipment in step A5. This notification will indicate that the procedure failed prior to authentication. In step A6, the server 26 sends an EAP failure message to the WLAN. In step A7 the EAP failure message is sent to the user equipment.
In case D, the authentication has been performed. Steps B1, B2 and B3 correspond to steps A1, A2 and A3.
In step B4, the EAP notification is sent from the server 26 to the WLAN 20. In step B5, the EAP notification is sent from the WLAN 20 to the user equipment 2 indicating that the failure was a result of authentication failure.
In step B6, an EAP failure message is sent from the server 26 to the WLAN 20. The WLAN 20 sends the EAP failure message to the user equipment in step B7.
Thus, in cases c and d, the EAP notification includes an indication of the authentication failure message before the EAP failure message is sent. The indication could also include a pointer to the state when the authentication fails and/or further actions to be taken by the user equipment.
On receipt of the notification packet including an indication of the authentication fails at the HPLMN the user equipment may proceed by trying to authenticate itself with the HPLMN. If the network indicates in the new notification code that it does understand the user identity. WLAN user may reissue NAI and try to authenticate again. If the network indicates in the new notification code that it can not access some authentication parameters, e.g. triplets, the user equipment may try to authenticate again after timer expiry. Other actions and other reasons why authentication could fail are also possible.
Embodiments of the invention are implemented using the attribute “AT_NOTIFICATION” defined in the IETF draft documents mentioned previously.
The notification message can be used to convey a displayable message from the appropriate server, either in the WLAN or the 3GPP server, depending on the circumstances to the user equipment. These messages are textual messages.
The notification code is a 16-bit number. The most significant bit is called the Failure bit (F). The F bit specifies whether or not the notification implies failure. The code values with the F bit set to zero are used in the for the unsuccessful cases and in preferred embodiments is set to zero where failure has occurred and the reasons for the failure are included in the notification message.
The notification code also has a Phase bit “P”. It specifies at which phase the notification can be used. If the P bit is set to zero, it is used after the challenge round in full authentication or re-authentication in re-authentication. The attribute AT_MAC may be included in the notifications.
If the P bit is set to one, the notification is used before the challenge round in full authentication or the re-authentication round in re-authentication. The attribute AT_MAC may not be included in the notification.
In embodiments of the invention, the error causes can be indicated by appropriated text or they can be indicated by error codes. Error codes effectively assign different values to different error conditions. Where error codes are use, the user equipment is arranged to be able to decode these error codes to determine the cause of failure.
In response to information identifying the cause of failure, the user equipment may display an appropriate message for the user. Alternatively or additionally the user equipment may modify its behaviour, as indicated in some of the examples, in response to the error message.
Thus in embodiments of the present invention, the following failure reasons can be given
Information indicating that authentication signalling could not be routed to a server;
Information indicating that authentication signalling was routed to a server and authentication failed;
Information indicating that authentication signalling was routed to a server and authentication failed before challenge;
Information indicating that authentication signalling was routed to a server and authentication failed after challenge;
Information indicating that said access point does not support inter-working with said communication network;
Information indicating that there is no roaming relationship with a home network;
Information indicating a location of the network failure;
Information indicating a reason for said failure;
Information indicating an internal failure in at least one of said access point and communications network;
Information indicating a temporary unavailability of at least one of said access point and communications network; and
Information indicating traffic congestion.
In preferred embodiments of the invention, the requirement to provide information as to the cause of a failure of a connection is mandatory except in the case where inter-working is not supported.
Embodiments of the invention have been described in the context of using notification messages to provide the error information. It should be appreciated that a new message may be created to provide said information or one of the other messages may be modified to provide this information. For example, a new attribute can be defined.
EAP-TLV Type length values may be used in alternative embodiments of the invention.
Embodiments of the invention have been described in the context of the EAP protocol. However it should be appreciated that other protocols may be used in alternative embodiments of the invention.
The described preferred embodiments of the invention have been described in the context of inter-working with a 3G network. Embodiments of the invention may also be applied to other types of network including the Internet and other types of communication network, which may be based on wired or wireless technologies.
Number | Date | Country | Kind |
---|---|---|---|
0400694.6 | Jan 2004 | GB | national |