The disclosed embodiments relate generally to wireless mobile communication network, and, more particularly, to method of Onboarding via Stand-alone Non-Public Network (ON-SNPN).
A Public Land Mobile Network (PLMN) is a network established and operated by an administration or recognized operating agency (ROA) for the specific purpose of providing land mobile communication services to the public. PLMN provides communication possibilities for mobile users. A PLMN may provide service in one or a combination of frequency bands. Access to PLMN services is achieved by means of an air interface involving radio communications between mobile phones and base stations with integrated IP network services. One PLMN may include multiple radio access networks (RAN) utilizing different radio access technologies (RAT) for accessing mobile services. A radio access network is part of a mobile communication system, which implements a radio access technology (RAT). Conceptually, RAN resides between a mobile device and provides connection with its core network (CN). Depending on the standard, mobile phones and other wireless connected devices are varyingly known as user equipment (UE), terminal equipment, mobile stations (MS), etc. Examples of different RATs include 2G GERAN (GSM) radio access network, 3G UTRAN (UMTS) radio access network, 4G E-UTRAN (LTE), 5G new radio (NR) radio access network, and other non-3GPP access RAT including WiFi.
As compared to PLMN, a non-public network (NPN) is a 5GS deployed network for non-public use. An NPN is either a Stand-alone Non-Public Network (SNPN), i.e., operated by an NPN operator and not relying on network functions provided by a PLMN; or a Public Network Integrated NPN (PNI-NPN), i.e., a non-public network deployed with the support of a PLMN. The combination of a PLMN ID and Network identifier (NID) identifies an SNPN. A UE may be enabled for SNPN. The UE selects an SNPN for which it is configured with a subscriber identifier and credentials. The UE can have several sets of subscriber identifiers, credentials, and SNPN identities.
Onboarding is the service to allow a non-provisioned UE to obtain SNPN credentials in order to get connectivity service from the SNPN. Onboarding of UFs for SNPNs allows the UE to access an onboarding network (ON) based on default UE credentials for the purpose of provisioning the UE with SNPN credentials for primary authentication and other information to enable access to a desired SNPN. An Onboarding Network (ON) refers to the network (e.g., ON-SNPN or ON-PLMN) providing connectivity to the UE via which to obtain the credentials from a subscriber owner (e.g., SO-SNPN) using User Plane (UP) or Control Plane (CP) provisioning procedure after the UE successfully registers to the ON. While normal registration refers to UE registration in a network for any purpose, onboarding registration refers to UE registration in a network for onboarding purpose only, i.e., the UE may o get connectivity from the network for the purpose of doing onboarding for obtaining the credentials of the desired SNPN. The entity that owns, stores and provides the credentials/subscription data to the UE is defined as the SO and can provide the credentials to the UE via a Provisioning Server (PVS). Information (e.g., credentials for accessing ON) that the OF may have before the actual onboarding procedure to make the UE unique identifiable and. verifiably secure is defined as default UE credentials.
A method is desired to facilitate the onboarding registration procedure for SNPN.
A method to facilitate onboarding registration via an onboarding network (ON) that is a stand-alone non-public network (ON-SNPN) is proposed. A UE is preconfigured with default UE credentials for Onboarding. UE discovers and selects an ON-SNPN and registers to the ON-SNPN using default UE credentials and/or the pre-configured information (e.g., ON-SNPN network selection information). Both user plane (UP) and control plane (CP) provisioning procedure can be used to obtain the SNPN credentials from a subscriber owner (SO) via ON-SNPN access connectivity to the provisioning server (PVS) A PVS is the entity that provides network credentials and other data in. the UF to enable SNPN access. In accordance with one novel aspect, when UE sends a registration request for UE onboarding registration, the registration request comprises information for registration type (e.g., SNPN ONBOARDING), and UE supported provisioning procedure (e.g., Control Plane (CP), User Plane (UP), or both). Upon successfully onboarding registration, UE later follows the supported provisioning procedure (i.e., CP or UP remote provisioning procedure) decided by the ON-SNPN to obtain the SNPN credentials from a subscriber owner (SO-SNPN) via the ON-SNPN access connectivity to the PVS.
In one embodiment, a UE receives an indication from a serving base station in a stand-alone non-public network (SNPN). The indication indicates that Onboarding is enabled by the SNPN. The UE transmits a registration request to the serving base station. The registration request indicates an Onboarding Registration type and one or more remote provisioning procedures supported by the UE. The UE performs an Onboarding registration to the SNPN with default UE credentials. Upon successful registration, the UE performs a selected remote provisioning procedure (either CP or UP remote provisioning procedure) with the SNPN to obtain SNPN credentials.
In another embodiment, a base station broadcasts an indication in a stand-alone non-public network (SNPN). The indication indicates that Onboarding is enabled by the SNPN. A UE indicates in an RRC signaling that a registration is for onboarding. Then, the BS selects a proper AMF of the selected SNPN based on the indication and forwards a registration request sent from the UE to the AMF. The registration request indicates an Onboarding Registration type and one or more remote provisioning procedures supported by the UE. The AMF performs Onboarding registration with the UE according to default UE credentials. Upon successful registration, a selected remote provisioning procedure is performed for providing SNPN credentials to the UE.
Other embodiments and advantages are described in the detailed description below. This summary does not purport to define the invention. The invention is defined by the claims.
Reference will now be made in detail to some embodiments of the invention, examples of which are illustrated in the accompanying drawings.
To provision. SNPN credentials in a UF, that is configured with default UE credentials, the UE discovers and selects an SNPN as ON and establishes a secure connection with that SNPN referred to as Onboarding SNPN (ON-SNPN). After the secure connection is established, the UF is provisioned with SNPN credentials to enable discovery, selection, and registration for a desired SNPN. Upon successful registration, both user plane (UP) and control plane (CP) remote provisioning procedure can be triggered by UE or network to obtain the SNPN credentials from the subscriber owner via onboarding network access connectivity to the PVS. In accordance with one novel aspect, when UE 101 sends a registration request to serving gNB 102 for UE onboarding registration, the registration request comprises information for registration type (e.g., SNPN ONBOARDING), and UE supported remote provisioning procedure (e.g., CP, UP, or both). Upon successful onboarding registration, UE 101 later follows the corresponding remote provisioning procedure (i.e., CP or UP) decided by the ON-SNPN to obtain the desired SNPN credentials from the SO-SNPN via onboarding network access connectivity to the PVS.
Similarly, UE 201 has memory 202, a processor 203, and radio frequency (RF) transceiver module 204. RF transceiver 204 is coupled with antenna 205, receives RF signals from antenna 205, converts them to baseband signals, and sends them to processor 203. RF transceiver 204 also converts received baseband signals from processor 203, converts them to RF signals, and sends out to antenna 205. Processor 203 processes the received baseband signals and invokes different functional modules and circuits to perform features in UE 201. Memory 202 stores data and program instructions 210 to be executed by the processor to control the operations of UE 201. Suitable processors include, by way of example, a special purpose processor, a digital signal processor (DSP), a plurality of micro-processors, one or more micro-processor associated with a DSP core, a controller, a microcontroller, application specific integrated circuits (ASICs), file programmable gate array (FPGA) circuits, and other type of integrated circuits (ICs), and/or state machines. A processor in associated with software may be used to implement and configure features of UE 201.
UE 201 also comprises a set of functional modules and control circuits to carry out functional tasks of UE 201. Protocol stacks 260 comprise Non-Access-Stratum (NAS) layer to communicate with an AMF entity connecting to the core network, Radio Resource Control (RRC) layer for high layer configuration and control, Packet Data Convergence Protocol/Radio Link Control (PDCP/RLC) layer, Media Access Control (MAC) layer, and Physical (PHY) layer. System modules and circuits 270 may be implemented and configured by software, firmware, hardware, and/or combination thereof. The function modules and circuits, when executed by the processors via program instructions contained in the memory, interwork with each other to allow UE 201 to perform embodiments and functional tasks and features in the network.
In one example, system modules and circuits 270 comprise registration circuit 221 that performs onboarding registration procedure with the network, a connection and session management circuit 222 that handles the connection and session management, a config and control circuit 223 that handles configuration and control parameters. For example, when UE 201 sends a registration request to a serving gNB for UE onboarding registration, the registration request comprises information for registration type (e.g., SNPN ONBOARDING), and UE supported remote provisioning procedure (e.g., CP, UP, or both). Upon successfully onboarding registration, UE 201 later follows the corresponding remote provisioning procedure (i.e., CP or UP) decided by the ON-SNPN to obtain the SNPN credentials from the SO-SNPN.
In the example of
In step 413, UE 401 performs ON-SNPN discover and selection, based on the received SIB broadcasting. Note that UE 401 may also be pre-configured with ON-SNPN selection information (in step 411), for the purpose of ON-SNPN selection. After the UE has selected an ON-SNPN for onboarding, in step 421, UE 401 initiates the onboarding registration procedure. In AS layer, the UE establishes an RRC connection towards the NG-RAN node 402 of the ON-SNPN. The UE provides an indication in the RRC connection establishment request message that the RRC connection is for onboarding. This indication allows the NG-RAN node 402 to select an appropriate AMF (e.g., target AMF 403) that supports the UE onboarding procedures. The UE indicates the ON-SNPN as the selected network, and the NG-RAN node indicate the selected PLMN ID and NID of the ON-SNPN to the AMF 403. In NAS layer, the UE initiates the NAS registration procedure by sending a NAS registration request message with the following characteristics: the UE shall set the 5GS Registration Type to the value “SNPN Onboarding” indicating that the registration request is for onboarding. In one novel aspect, this registration request message further indicates the UE-supported remote provision is either CP, UP, or both.
In step 422, NG RAN 402 selects AMF 403 as the target AMF for onboarding. In step 423, NG RAN 402 forwards the NAS registration request message to the target AMF 403. In step 431, the new target AMF 403 sends a UE context request message to an old source AMF 404, which has the UE context information. In step 432, the source AMF 404 sends a UE context response message, together with the UE context information back to the target AMF 403. In step 441, UE 401 performs onboarding registration with corresponding entities in the ON-SNPN. The other 5G NFs 505 may include AUSF, SMF etc. Based on the default UE credentials, the ON-SNPN may determine corresponding DCS identity or address/domain. The AMF 403 supporting UE onboarding is configured with AMF Onboarding Configuration Data for Onboarding, in order to restrict UE network usage to only onboarding.
When AMF 403 receives the NAS Registration Request with a 5GS Registration Type set to “SNPN Onboarding”, AMF 403 starts an authentication procedure towards the AUSF, applies the AMF Onboarding Configuration Data, and stores the UE context in the AMF indication that the UE is registered for SNPN onboarding. Upon successful authentication from AUSF, the AMF informs the UE about the result of the registration. If the UE is not successfully authenticated, the target AMF rejects the registration procedure for onboarding, and UE may selected a different ON-SNPN to register. In step 451, target AMF 403 sends a registration accept message to UE 401. In step 452, UE 401 sends a registration complete message to target AMF 403 to complete the registration procedure.
In step 461, upon successful registration, UE 401 follows the remote provisioning procedures (e.g., CP or UP) decided by the ON-SNPN to obtain the credentials from SO-SNPN via an onboarding network access connectivity to the PVS. The NG-RAN/base station facilitates such provisioning procedure by selecting the AMF and executing configuration based on UE provided information. A UP provisioning procedure is performed over a PDU session, while a CP provision procedure is performed over control plane messages, e.g., using UE parameters Update via UDM Control Procedure as specified in TS 23.502. Note that the ON-SNPN determines the provisioning procedure based on UE capability, as indicated in the registration request in step 421. In order to enable UP Remote Provisioning of SNPN credentials for a UE, UE Configuration Data for UP Remote Provisioning are either pre-configured on the UE or provided by the ON-SNPN. If Onboarding Services are provided using a restricted PDU session for remote provisioning of UE via User Plane, the AMF selects an SMF used for Onboarding Services using the SMF discovery and selection functionality. When the UE registered for Onboarding successfully completes the user plane remote provisioning of SNPN credentials via the ON-SNP, the UE should deregister from the ON-SNPN. The UE then use the obtained SNPN credentials to gain access to a specific SNPN, using normal registration procedure to get normal services from that specific SNPN.
Although the present invention has been described in connection with certain specific embodiments for instructional purposes, the present invention is not limited thereto. Accordingly, various modifications, adaptations, and combinations of various features of the described embodiments can be practiced without departing from the scope of the invention as set forth in the claims.
This application claims priority under 35 U.S.C. § 119 from U.S. Provisional Application No. 63/140,264, entitled “Onboarding Network Procedures for UE and Network”, filed on Jan. 22, 2021, the subject matter of which is incorporated herein by reference.
Number | Date | Country | |
---|---|---|---|
63140264 | Jan 2021 | US |