Quality of service to over the top applications used with VPN

Description

BACKGROUND OF THE INVENTION

1. Field of the Invention

This invention relates generally to Quality of Service (QoS) control for Virtual Private Network(s) (VPNs) established between smart phones and private networks (e.g., enterprise or agency intranet) over Long Term Evolution (LTE) commercial wireless networks. These VPN(s) may be used by smart phone applications to access data in the cloud in a secure manner and typically involve tunneling of original application IP packets in an encrypted fashion inside of an outer IP packet.

2. Background of Related Art

Verizon Wireless™ has recently become the first commercial service provider to fully launch a network with Long Term Evolution (LTE) 4G wireless broadband technology. Long Term Evolution (LTE) 4G wireless broadband technology is a recent technology that supports a fast and efficient all-Internet Protocol (IP) network (i.e., a network that provides services, e.g., voice, video, data, messaging, etc., solely over the Internet). It is expected that the majority of commercial service providers will also adopt an all-Internet Protocol (IP) network at some time in the near future.

As the future of technology gears toward an all-IP network, the number of available over-the-top (OTT) applications is expected to increase. An over-the-top (OTT) application is an application that uses a data channel provided by an Internet service provider (ISP) to connect to the Internet instead of using any special data handling features or network services offered thereby.

In accordance with conventional technology, over-the-top (OTT) application data is sometimes routed over a commercial wireless network via a virtual private network (VPN) tunnel (which involves the tunneling of original IP packets inside outer IP packets in an encrypted fashion). A virtual private network (VPN) tunnel provides additional transmission security to over-the-top (OTT) application data, which is especially helpful to over-the-top (OTT) applications that lack end-to-end encryption on their network connections.

Quality of service (QoS) refers to a set of performance characteristics by which a commercial wireless network is expected to convey data traffic to and from a client (quality of service (QoS) control mechanisms are applied to both the wireless and wireline components of a commercial network). Specific performance characteristics may include throughput (i.e. data quantity transmitted per unit time), latency (i.e. time delay between transmission and receipt of data), loss rate (i.e. frequency by which a commercial wireless network fails to deliver portions of transmitted data), jitter (i.e. a measure of variance of other characteristics), etc.

Currently, there exist several inherent limitations to the quality of service (QoS) treatment that a commercial wireless network is able to provide its' clients. For example, the maximum throughput that a commercial wireless network is able to provide across all clients is dependant on: a spectrum allocation held by the commercial wireless network, a backhaul infrastructure setup between cellular towers and fixed infrastructure within the commercial wireless network, the number of cellular towers in use within the commercial wireless network, the size of a footprint assigned to each cellular tower in use within the commercial wireless network, and any sources of electromagnetic interference within the commercial wireless network.

It is found that applications (e.g. smart phone applications) typically run better (i.e., perform more objective work per unit time and provide better user experience) when they are receiving a higher level of quality of service (QoS) treatment from a commercial wireless network as opposed to a lower level of quality of service (QoS) treatment. Consequently, many clients/service providers enter into contractual agreements with commercial wireless networks to ensure that they receive a data conveyance that is at-or-above a desired minimum performance level. For example, a commercial wireless network may agree (in exchange for monetary compensation) to provide a minimum of 12 kilobit/second throughput and a minimum of 0.1 second latency to a client user equipment (UE) that desires to receive real-time streaming video feed over that wireless network.

Commercial wireless networks use well-known internal techniques to ensure that contracted clients receive a pre-negotiated level of quality of service (QoS) treatment. For example, a network operator may delay transmitting data for one low-level quality of service (QoS) client to prioritize data transmission for another high-level quality of service (QoS) client. Likewise, a network operator may discard data packets transmitted to/from one low-level quality of service (QoS) client more frequently, to ensure data conveyance for another high-level quality of service (QoS) client.

Unfortunately, vendors of over-the-top (OTT) applications and associated data do not typically enter into contractual quality of service (QoS) agreements with commercial wireless networks (e.g. Long Term Evolution (LTE) networks). Therefore, over-the-top (OTT) applications are typically unable to benefit from quality of service (QoS) control mechanisms (e.g. priority, packet delay, guaranteed bit rate, etc.) available thereon. Instead, most over-the-top (OTT) applications (e.g., Skype, Netflix, etc.) provide services on a best-effort basis (i.e., data delivery, efficiency not guaranteed).

Differentiated Services (DiffServ) has defined a mechanism for classifying and managing network traffic on modern Internet Protocol (IP) networks, for the purposes of providing quality of service (QoS) treatment thereon. In particular, DiffServ uses a 6 bit field (i.e. a DS field) in an IP header for packet classification purposes.

In accordance with conventional DiffServ technology, a DS field may be influenced (set) by an application generating IP packets. Moreover, a virtual private network (VPN) client may copy a DiffServ header from an incoming application IP packet (that will eventually be encapsulated) to an IP header of a tunneling IP packet to extend DiffServ quality of service (QoS) treatment to a virtual private network (VPN) environment.

However, though smart phone applications, application cores in the cloud, and virtual private network (VPN) software may all influence the setting of a DS field, there is no guarantee that an Internet Protocol (IP) network (e.g. a long term evolution (LTE) network) will honor a DS field setting and provide desired quality of service (QoS) treatment, being that: first, the honoring of a DS field is not mandated by current standards and, second, triggering quality of service (QoS) treatment in such a fashion defeats the purpose of quality of service (QoS) control as, conceivably, all types of data traffic flowing through an IP network could be marked for preferential treatment by a source application.

As commercial wireless networks begin carrying data for over-the-top (OTT) mission critical applications, such as applications used by emergency dispatch personnel and emergency first responders, a best-effort treatment of over-the-top (OTT) applications will no longer be acceptable. This is especially true in times of disaster, when networks are likely heavily congested. Hence, a successful means of extending quality of service (QoS) treatment to over-the-top (OTT) applications, including over-the-top (OTT) applications transmitting data over a virtual private network (VPN) tunnel, is needed.

SUMMARY

A method and apparatus for extending conventional quality of service (QoS) treatment to over-the-top (OTT) applications transmitting data over a commercial wireless network via a virtual private network (VPN) tunnel, comprises a quality of service (QoS) server. In accordance with the principles of the present invention, an over-the-top (OTT) application server and a virtual private network (VPN) client/server routing data to/from the over-the-top (OTT) application server over a virtual private network (VPN) tunnel, are each integrated with a quality of service (QoS) server. Following integration, the over-the-top (OTT) application server and/or the virtual private network (VPN) client/server may request and get desired quality of service (QoS) treatment for application data routed by the over-the-top (OTT) application over the virtual private network (VPN) tunnel. The present invention is applicable to both single-tenant virtual private network (VPN) tunnels and multi-tenant virtual private network (VPN) tunnels.

In accordance with the principles of the present invention, a single-tenant virtual private network (VPN) tunnel (i.e. a virtual private network (VPN) tunnel that is treated as a single application) is only permitted one quality of service (QoS) designation at a time. Hence, a quality of service (QoS) designation requested for/by an application routing data over a single-tenant virtual private network (VPN) tunnel is applied to all application data routed over that virtual private network (VPN) tunnel.

Alternatively, applications routing data over a multi-tenant virtual private network (VPN) tunnel are acknowledged independently and assigned their own individual quality of service (QoS) designations. Hence, a quality of service (QoS) designation requested for/by an application routing data over a multi-tenant virtual private network (VPN) tunnel is applied to application data routed by that requesting over-the-top (OTT) application, only. In accordance with the principles of the present invention, a multi-tenant virtual private network (VPN) tunnel may define a default quality of service (QoS) designation for application data routed to/from applications that have not indicated a preferred quality of service (QoS) designation.

In accordance with the principles of the present invention, the quality of service (QoS) server forwards desired quality of service (QoS) rules embedded in a quality of service (QoS) request message to a policy and charging rules function (PCRF) on a requesting over-the-top (OTT) application/virtual private network (VPN) client devices' home mobile network operator (MNO). If a client device is roaming, then the policy and charging rules function (PCRF) on the client devices' home mobile network operator (MNO) forwards received quality of service (QoS) rules to a policy and charging rules function (PCRF) serving the client device. Quality of service (QoS) treatment is then carried out in a conventional manner by the serving policy and charging rules function (PCRF).

In accordance with the principles of the present invention, a connection between a quality of service (QoS) server and a policy and charging rules function (PCRF) is preferably established via a diameter Rx interface. Accordingly, the primary function of a quality of service (QoS) server is to translate diameter protocol messages to other communication mediums and vice versa.

In accordance with the principles of the present invention, an over-the-top (OTT) application must provide identification details and register services and application characteristics with the quality of service (QoS) server before that application is permitted to request quality of service (QoS) treatment therefrom. During registration with the quality of service (QoS) server, an over-the-top (OTT) application is required to provision one or more quality of service (QoS) application profiles, each indicating a desired level of quality of service (QoS).

In accordance with the principles of the present invention, a virtual private network (VPN) client/server must furnish relevant tunneling information to the quality of service (QoS) server before that virtual private network (VPN) client/server is permitted to request quality of service (QoS) treatment therefrom. Relevant tunneling information varies depending upon a type of virtual private network (VPN) tunnel established. In particular, during registration with the quality of service (Qos) server, a single-tenant virtual private network (VPN) tunnel is required to provision identification details and one or more quality of service (QoS) application profiles on the quality of service (QoS) server. Alternatively, during registration with the quality of service (Qos) server, a multi-tenant virtual private network (VPN) tunnel must provision identification details and adequate tunneling information on the quality of service (QoS) server, but need not preprovision any quality of service (QoS) application profiles. Tunneling information furnished to the quality of service (QoS) server for a multi-tenant virtual private network (VPN) tunnel must enable the quality of service (QoS) to identify IP packets associated with application data routed thereover.

In accordance with the principles of the present invention, a quality of service (QoS) application profile ID identifying a particular quality of service (QoS) application profile (i.e. quality of service (QoS) rules), is included in each quality of service (QoS) request message sent to the quality of service (QoS) server. A quality of service (QoS) application profile ID indicates to the quality of service (QoS) server a particular quality of service (QoS) application profile to invoke.

When an over-the-top (OTT) application server detects a termination of signaling or service on an over-the-top (OTT) application client device, the over-the-top (OTT) application server sends a quality of service (QoS) termination message to the quality of service (QoS) server, to indicate that reserved quality of service (QoS) values may be terminated on the client devices' home mobile network operator (MNO).

Likewise, a virtual private network (VPN) client/server must inform the quality of service (QoS) server when a virtual private network (VPN) tunnel has terminated.

BRIEF DESCRIPTION OF THE DRAWINGS

Features and advantages of the present invention will become apparent to those skilled in the art from the following description with reference to the drawings, in which:

FIG. 1 depicts an exemplary network structure for extending conventional quality of service (QoS) treatment to over-the-top (OTT) applications routing data over a commercial wireless network via a virtual private network (VPN) tunnel, in accordance with the principles of the present invention.

FIG. 2 depicts an exemplary quality of service (QoS) server architecture, in accordance with the principles of the present invention.

FIG. 3 depicts an exemplary process flow for extending quality of service (QoS) treatment to over-the-top (OTT) applications routing data over a commercial wireless network via a virtual private network (VPN) tunnel, in accordance with the principles of the present invention.

FIG. 4 depicts conventional encryption and encapsulation of an original IP packet, in accordance with conventional IPSec virtual private network (VPN) technology.

FIG. 5 depicts a conventional single-tenant virtual private network (VPN) tunnel.

FIG. 6 depicts a conventional multi-tenant virtual private network (VPN) tunnel.

DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS

The present invention extends conventional quality of service (QoS) treatment to over-the-top (OTT) applications transmitting data over a commercial wireless network (e.g. a long term evolution (LTE) network) via a virtual private network (VPN) tunnel.

New wireless standards, such as long term evolution (LTE), only specify data connectivity, and do not specify any applications. Applications, rather, are expected to be facilitated via carrier-hosted application frameworks (e.g. an internet multimedia system (IMS)).

To ensure that applications carried out via carrier-hosted application frameworks operate at a desired level of quality of service (QoS) (e.g. packet delay, priority, etc.), new wireless standards have defined a policy and charging rules function (PCRF). A policy and charging rules function (PCRF) is a network element (in a long term evolution (LTE) packet core) that may be accessed by carrier-hosted application frameworks (e.g. IMS) (via a diameter protocol based interface (Rx)) for the purposes of providing quality of service (QoS) treatment to applications.

Unfortunately, applications to which policy and charging rules functions (PCRF) are expected to extend quality of service (QoS) treatment, do not include over-the-top (OTT) applications. An over-the-top (OTT) application is an application that provides services/content to a client user equipment (UE) over the Internet, absent the involvement of an Internet service provider (ISP). Hence, conventional over-the-top (OTT) applications are not facilitated via carrier-hosted application frameworks, and are thus not able to benefit from quality of service (QoS) treatment available on today's commercial wireless networks. Rather, conventional over-the-top (OTT) applications are typically forced to operate on a best-effort basis (i.e. data delivery, efficiency not guaranteed).

With the future of technology gearing towards an all IP-network (e.g. a long term evolution (LTE) network), over-the-top (OTT) applications are expected to become increasingly common. As commercial wireless networks begin carrying data for over-the-top (OTT) mission critical applications, such as those applications used by emergency dispatch personnel and emergency first responders, a best effort treatment of over-the-top (OTT) application data will no longer be acceptable.

The present invention expands a method of extending conventional quality of service (QoS) treatment to over-the-top (OTT) applications routing data over a commercial wireless network, as disclosed in co-pending and co-owned U.S. patent application Ser. No. 14/032,913, filed Sep. 20, 2013, entitled: “MECHANISMS FOR QUALITY OF SERVICE TO OVER THE TOP APPLICATIONS FOR USE IN COMMERCIAL WIRELESS NETWORKS”, claiming priority from U.S. Provisional Application No. 61/703,554, filed Sep. 20, 2012, entitled: “MECHANISMS FOR QUALITY OF SERVICE TO OVER THE TOP APPLICATIONS FOR USE IN COMMERCIAL WIRELESS NETWORKS”, and from U.S. Provisional No. 61/714,944, filed Oct. 17, 2012, entitled “MECHANISMS FOR QUALITY OF SERVICE TO OVER THE TOP APPLICATIONS FOR USE IN COMMERCIAL WIRELESS NETWORKS”, all of which are explicitly incorporated herein by reference. Mechanisms for quality of service control disclosed in U.S. patent Ser. No. 14/032,913 address a scenario wherein an over-the-top (OTT) application connects to a cloud based application infrastructure directly.

The present invention addresses a variation of the scenario described in U.S. application Ser. No. 14/032,913. In particular, the present invention addresses a scenario wherein an over-the-top (OTT) application client on a user equipment (UE) is connected to a cloud based over-the-top (OTT) application server via a virtual private network (VPN) connection. A conventional virtual private network (VPN) connection provides additional transport security to over-the-top (OTT) application data traversing a commercial wireless network, by tunneling original IP packets inside outer IP packets in an encrypted fashion. Mechanisms for establishing a virtual private network (VPN) tunnel appropriate to convey over-the-top (OTT) application data are well known to those skilled in the art.

In accordance with the principles of the present invention, conventional quality of service (QoS) treatment is extended to over-the-top (OTT) applications transmitting data over a commercial wireless network (e.g. a long term evolution (LTE) network) via a virtual private network (VPN) tunnel, without requiring that modifications be made to over-the-top (OTT) applications, and without requiring that over-the-top (OTT) application developers negotiate separate quality of service (QoS) agreements with mobile network operators (MNO). Moreover, the present invention extends conventional quality of service (QoS) treatment to virtual private networks (VPN) carrying over-the-top (OTT) application data without burdening virtual private networks (VPN) with network integration aspects, such as: knowledge of user location, knowledge of a policy and charging rules function (PCRF), knowledge of a long term evolution (LTE) packet core, etc.

In accordance with the principles of the present invention, an over-the-top (OTT) application server and a virtual private network (VPN) client/server carrying data to/from that over-the-top (OTT) application server over a virtual private network (VPN) tunnel, are each integrated with an inventive quality of service (QoS) server. Following integration, the over-the-top (OTT) application server and/or the virtual private network (VPN) client/server may send a quality of service (QoS) request message to the inventive quality of service (QoS) server (via an appropriate virtual private network (VPN) client/server interface or over-the-top (OTT) application interface) to request that desired quality of service (QoS) treatment (identified by a quality of service (QoS) application profile ID) be applied to application data routed by the over-the-top (OTT) application over the virtual private network (VPN) tunnel.

The inventive quality of service (QoS) server forwards quality of service (QoS) rules embedded in a quality of service (QoS) request message to a policy and charging rules function (PCRF) residing on a requesting over-the-top (OTT) application/virtual private network (VPN) client devices' home mobile network operator (MNO). If the client device is roaming, then the policy and charging rules function (PCRF) on that device's home mobile network operator (MNO) forwards quality of service (QoS) rules to a policy and charging rules function (PCRF) serving the client device. Quality of service (QoS) treatment is then carried out by the policy and charging rules function (PCRF) in a conventional manner.

In accordance with the principles of the present invention, an over-the-top (OTT) application server and/or a virtual private network (VPN) client/server may modify a previously requested level of quality of service (QoS) treatment, when a previously requested level of quality of service (QoS) treatment is not resulting in desired performance.

The inventive solution may be applied to various virtual private network (VPN) technologies, including: a layer 2 tunneling protocol (L2TP) technology, a point-to-point tunneling protocol (PPTP) technology, a transport layer security/virtual private network (VPN) technology, etc. However, for illustrative purposes, the present invention is described herein via use of an IPSec virtual private network (VPN) technology configured in tunnel mode. In accordance with conventional IPSec virtual private network (VPN) technology, all IP datagrams (including both datagram header and datagram packet) routed over a virtual private network (VPN) tunnel are first encapsulated inside new IP datagrams with IPSec headers.

FIG. 4 depicts conventional encryption and encapsulation of an original IP packet, in accordance with conventional IPSec virtual private network (VPN) technology.

In particular, an original IP packet 420 (including an original IP header 440 and an original application payload 450) is encrypted 400a, 400b and encapsulated in an outer IP packet 410 with an IPSec header 430 before it is routed over a conventional IPSec virtual private network (VPN) tunnel. A virtual private network (VPN) client/server also interprets an original IP packet 420 and assigns an appropriate security parameter index (SPI) value (in accordance with a preconfigured security parameter index (SPI) value) thereto before routing the IP packet over a virtual private network (VPN) tunnel. A security parameter index (SPI) value serves as an index to a conventional security association database (SADB) (i.e. a database that maintains information for a virtual private network (VPN) tunnel) maintained for a virtual private network (VPN) tunnel. A security association database (SADB) preferably includes some or all of the following information: security association information (i.e. security parameter index, IPSec protocol, IP destination address) and security policy information (i.e. IP source address, IP destination address, fully qualified domain name, source port number, destination port number, quality of service (QoS) application profile ID).

The present invention is applicable to both single-tenant virtual private network (VPN) tunnels and multi-tenant virtual private network (VPN) tunnels.

FIG. 5 depicts a conventional single-tenant virtual private network (VPN) tunnel.

In particular, a single-tenant virtual private network (VPN) tunnel 500 is always treated as a single application, regardless of how many applications 510 actually utilize the tunnel 500. Therefore, a single-tenant virtual private network (VPN) tunnel 500 is only permitted one quality of service (QoS) designation 540 at a time. In accordance with the principles of the present invention, a quality of service (QoS) designation requested for/by an application routing data over a single-tenant virtual private network (VPN) tunnel 500 is applied to all application data 510 routed over that virtual private network (VPN) tunnel 500.

FIG. 6 depicts a conventional multi-tenant virtual private network (VPN) tunnel.

As portrayed in FIG. 6, applications 530 transmitting data over a multi-tenant virtual private network (VPN) tunnel 520 are acknowledged independently and may thus be assigned their own individual quality of service (QoS) designations 550. A quality of service (QoS) designation 550 requested for/by an application routing data over a multi-tenant virtual private network (VPN) tunnel 500 is only applied to application data routed by that application.

In particular, as depicted in FIG. 1, a quality of service (QoS) server 100 is configured to directly interface with one or more commercial wireless networks 102a, 102b via a conventional policy and charging rules function (PCRF) (i.e. an IP multimedia subsystem (IMS)/long term evolution (LTE) network component) 104. In accordance with the principles of the present invention, a connection between a quality of service (QoS) server 100 and a policy and charging rules function (PCRF) 104 is preferably established via a diameter Rx interface 106 (3GPP specifications 29.209, 29.214). Hence, the primary function of a quality of service (QoS) server 100 is to translate diameter protocol interface 106 messages to other communication mediums and vice versa.

Once a connection is established between a policy and charging rules function (PCRF) 104 and the quality of service (QoS) server 100, the inventive quality of service (QoS) server 100 takes on the role of a special application function (AF) connected on the backend (i.e. not accessible to a user) 110 of one or more disparate applications. The quality of service (QoS) server 100 also establishes a connection with a virtual private network (VPN) server 112 and/or virtual private network (VPN) client 118, when application data exchanged between an over-the-top (OTT) application client 120 and an over-the-top (OTT) application server 110 happens over a virtual private network (VPN) tunnel 114.

As depicted in FIG. 1, the inventive quality of service (QoS) server 100 uses a secure virtual private network (VPN) client/server interface 116 to interface with a virtual private network (VPN) client 118/server 112 on either end of a virtual private network (VPN) tunnel 114. In accordance with the principles of the present invention, virtual private network (VPN) clients 118/servers 112 use the virtual private network (VPN) client/server interface 116 to provide relevant tunneling information to the quality of service (QoS) server 100. Relevant tunneling information enables the quality of service (QoS) server 100 to identify IP packets associated with over-the-top (OTT) application data transmitted over a virtual private network (VPN) tunnel 114.

In accordance with the principles of the present invention, a virtual private network (VPN) tunnel 114 is established between a virtual private network (VPN) client 118 on a user equipment 108, and a fixed infrastructure virtual private network (VPN) server 112, so that data traffic transmitted to/from one or more over-the-top (OTT) application clients 120 on the user equipment (UE) 108 may traverse the virtual private network (VPN) tunnel 114. A virtual private network (VPN) tunnel 114 encrypts and encapsulates an original IP packet inside an outer IP packet while the IP packet is traversing a commercial wireless network. An underlying commercial wireless network 102a, 102b is typically configured to provide a certain level of quality of service (QoS) treatment to traffic traversing a virtual private network (VPN) tunnel 114.

In accordance with the principles of the present invention, the quality of service (QoS) server 100 must be able to communicate with backend applications 110, carrier policy and charging rules (PCRF) function(s) 104, and virtual private network (VPN) clients 118/servers 112, simultaneously. Simultaneous communication may be permitted via a firewall setting and/or other network configuration rules.

In accordance with the principles of the present invention, a quality of service (QoS) server 100 may be located separate from a mobile network operator (MNO) 102a, 102b or co-located with a mobile network operator (MNO) 102a, 102b. Possible mobile network operator (MNO) integration targets currently include: a universal mobile telecommunications system (UMTS), long term evolution (LTE) technology, an evolved-universal mobile telecommunications system (E-UMTS), long term evolution (LTE) technology advanced, and Wi-Fi. The quality of service (QoS) server 100 may easily be extended to support additional network interfaces as technology evolves.

FIG. 2 depicts an exemplary quality of service (QoS) server architecture, in accordance with the principles of the present invention.

In particular, as portrayed in FIG. 2, the inventive quality of service (QoS) server 100 interacts with a mobile network operator (MNO) policy and charging rules function (PCRF) interface (a diameter protocol interface) 106, an over-the-top (OTT) application interface 210, a number portability database (NPDB) interface 240, and a virtual private network (VPN) client/server interface 116 to extend quality of service (QoS) treatment to applications routing data over a commercial wireless network 102a, 102b via a virtual private network (VPN) tunnel 114.

In accordance with the principles of the present invention, the quality of service (QoS) server 100 maintains profiles and information for over-the-top (OTT) applications in a local application information database 220, tunneling and IP packet information for registered virtual private network (VPN) tunnels in a local virtual private network (VPN) tunneling information database 250, and home mobile network operator (MNO) information for over-the-top (OTT) application client devices in a local mobile network operator (MNO) information database 230.

If by chance the quality of service (QoS) server 100 is not able to find home mobile network operator (MNO) information for a requesting client device 108 in the local mobile network operator (MNO) information database 230, then the quality of service (QoS) server 100 accesses a number portability database (NPDB) interface 240 to retrieve relevant home mobile network operator (MNO) information from an external number portability database (NPDB) 270.

The over-the-top (OTT) application interface 210, as depicted in FIG. 2, is designed to operate over a secure, transport layer security (TLS)/secure sockets layer (SSL) communications channel that utilizes representational state transfer (REST) hypertext transfer protocol (HTTP), hypertext transfer protocol (HTTP), simple object access protocol (SOAP), extensible markup language (XML), etc., message formats. New mediums for the over-the-top (OTT) application interface 210 may be defined and used, as appropriate, as long as application quality of service (QoS) message formats (i.e. attributes and corresponding values included in application quality of service messages) conform minimally to application quality of service (QoS) message formats described herein (i.e. an application quality of service (QoS) request message format, an application quality of service (QoS) response message format, and an application quality of service (QoS) termination message format).

As previously stated, the quality of service (QoS) server 100 uses a diameter Rx protocol (3GPP 29.214) to interface 106 with a mobile network operator (MNO) policy and charging rules function (PCRF) 104. A mobile network operator (MNO) policy and charging rules function (PCRF) interface 106, as depicted in FIG. 2, provides discovery and addressing of a home policy and charging rules function (HPCRF) 104 assigned to a requesting over-the-top (OTT) application/virtual private network (VPN) client device 108. The mobile network operator (MNO) policy and charging rules function (PCRF) interface 106 is also enhanced to allow tracking registration of the following IP header information: a virtual private network (VPN) security parameter index (SPI) (per RFC 2401, as required with IPSec protocol by a virtual private network (VPN) client/server) and an IPSec protocol (per RFC 2401).

In accordance with the principles of the present invention, the quality of service (QoS) server 100 assumes the role of an application function (AF) and complies with policy and charging rules function (PCRF) 104 discovery and addressing, as described in a 3GPP series 29.213 specification. In support of this 3GPP series 29.213 specification, the quality of service (QoS) server 100 preferably maintains a table with a fully qualified domain name (FQDN) or internet protocol (IP) address of a policy and charging rules function (PCRF) 104, for each supported single policy and charging rules function (PCRF) mobile network operator (MNO), and a diameter routing agent, for each supported multi-policy and charging rules function (PCRF) mobile network operator (MNO).

The quality of service (QoS) server 100 interfaces with a home policy and charging rules function (HPCRF) 104, regardless as to whether or not a client user equipment (UE) 108 is roaming. A home policy and charging rules function (HPCRF) 104 coordinates a download of quality of service (QoS) rules to a visiting policy and charging rules function (VPCRF) in a roaming network (per 3GPP standards) when a requesting client user equipment (UE) 108 is roaming.

In accordance with the principles of the present invention, number portability databases (NPDB) 270 and the local mobile network operator (MNO) information database 230 (as shown in FIG. 2) support multiple transaction capabilities application part (TCAP) based protocols (e.g., advanced intelligent network (AIN), intelligent network application protocol (INAP), American national standards institute ((ANSI)-41), etc.) for number portability queries, since such protocols support queries from both wireline and wireless networks based on various standards. The quality of service (QoS) server 100 preferably uses a number portability request (NPREQ) TCAP query (per telecommunications industry association/electronic industries association (TIA/EIA)-756A and telecommunications industry association/electronic industries association (TIA/EIA) ANSI41-D specifications) to determine a current mobile network operator (MNO) associated with an over-the-top (OTT) application client device 108. The quality of service (QoS) server 100 may easily be extended to support other protocols for number portability lookup.

As previously stated, the quality of service (QoS) server 100 uses a virtual private network (VPN) client/server interface 116 to interface with a virtual private network (VPN) client 118 and/or a virtual private network (VPN) server 112. The virtual private network (VPN) client/server interface 116, as portrayed in FIG. 2, is designed to operate over a secure transport layer security (TLS)/secure sockets layer (SSL) communications channel that utilizes representational state transfer (REST) hypertext transfer protocol (HTTP), hypertext transfer protocol (HTTP), simple object access protocol (SOAP), extensible markup language (XML), etc., message formats. The quality of service (QoS) server 100 may also/alternatively interface with a virtual private network (VPN) client 118 via a wireless network connection 260.

New mediums for the virtual private network (VPN) client/server interface 116 may be defined and used as appropriate, as long as VPN quality of service (QoS) message formats (i.e. attributes and corresponding values included in VPN quality of service (QoS) messages) conform minimally to VPN quality of service (QoS) message formats described herein (i.e. a VPN quality of service (QoS) request message format, a VPN quality of service (QoS) response message format, and a VPN quality of service (QoS) termination message format). Depending upon the implementation, a VPN quality of service (QoS) message may additionally be embedded in a defined message format, e.g., a radius or diameter message format.

In particular, as shown in step 1a of FIG. 3, a virtual private network (VPN) tunnel performs VPN profile configuration with a quality of service (QoS) server 100 via an authenticated virtual private network (VPN) client/server interface 116. During virtual private network (VPN) profile configuration, a virtual private network (VPN) client/server furnishes relevant tunneling information to the quality of service (QoS) server 100 for a virtual private network (VPN) tunnel established therebetween. Relevant tunneling information varies depending upon the type of virtual private network (VPN) tunnel established.

In particular, a single-tenant virtual private network (VPN) tunnel 500 provisions one or more quality of service (QoS) application profiles (and corresponding quality of service application profile IDs) on the quality of service (QoS) server 100 during VPN profile configuration. A quality of service (QoS) application profile includes tunnel identification details and indicates a desired level of quality of service (QoS) treatment.

Alternatively, a multi-tenant virtual private network (VPN) tunnel 520 provisions identification details on the quality of service (QoS) server 100 during VPN profile configuration, but need not provision any quality of service application profiles. Rather, over-the-top (OTT) applications 530 utilizing a multi-tenant virtual private network (VPN) tunnel 520 provision their own quality of service (QoS) application profiles on the quality of service (QoS) server 100 during application profile configuration, performed in step 1b. A quality of service (QoS) designation requested by an over-the-top (OTT) application transmitting data over a multi-tenant virtual private network (VPN) tunnel 520 is associated to that multi-tenant virtual private network (VPN) tunnel 520.

In accordance with the principles of the present invention, a multi-tenant virtual private network (VPN) 520 tunnel must provide adequate tunneling information (including IPSec security policy and IPSec security association information) to the quality of service (QoS) server 100 during VPN profile configuration. Adequate tunneling information is any information that enables the quality of service (QoS) server 100 to determine actual IP header information 440 associated with application data routed over the multi-tenant virtual private network (VPN) tunnel 520. Moreover, tunneling information must enable the quality of service (QoS) server 100 to adequately communicate quality of service (QoS) rules defined in a quality of service (QoS) request message to a relevant policy and charging rules function (PCRF) 104.

Table 1 depicts exemplary tunneling information provided to the quality of service (QoS) server during virtual private network (VPN) profile configuration.

TABLE 1

Security Association (Tunnel

Header Information)
Security Policy Information (For Encapsulated Traffic)

Fully

Security

IP

IP
Qualified
Source
Destination
QoS-

Parameter
IPSec
Destination
IP Source
Destination
Domain
Port
Port
Application-

Index
Protocol
Address
Address
Address
Name
Number
Number
Profile-ID

In particular, as portrayed in Table 1, IPSec security policy information (for encapsulated data traffic) and IPSec security association information (tunnel header information) relevant to a virtual private network (VPN) tunnel is provided to the quality of service (QoS) server 100 during VPN profile configuration (step 1a). Relevant IPSec security policy information preferably includes: an IP source address, an IP destination address, a fully qualified domain name, a source port number, a destination port number, and a quality of service application profile ID. Relevant IPSec security association information preferably includes: a security parameter index, an IPSec protocol, and an IP destination address.

Updated tunneling information must be furnished to the quality of service (QoS) server 100 for each new virtual private network (VPN) tunnel that is established. In accordance with the principles of the present invention, tunneling information may either be preprovisioned on the quality of service (QoS) server 100 during VPN profile configuration, or provided to the quality of service (QoS) server 100 dynamically, via use of a VPN quality of service (QoS) registration message.

As portrayed in step 1b of FIG. 3, an application performs application profile configuration on the quality of service (QoS) server 100 via an authenticated over-the-top (OTT) application interface 210. In accordance with the principles of the present invention, an over-the-top (OTT) application must provide identification details and register services and application characteristics with a quality of service (QoS) server 100 before that application is permitted to request quality of service (QoS) treatment therefrom. For security purposes, the quality of service (QoS) server 100 only accepts registration attempts from over-the-top (OTT) applications for which the quality of service (QoS) server 100 has been pre-configured to accept registration attempts. Therefore, not all over-the-top (OTT) applications are permitted to register with a quality of service (QoS) server 100. Moreover, over-the-top (OTT) applications that are granted registration with a quality of service (QoS) server 100 are only permitted to receive levels of quality of service (QoS) treatment for which they have been pre-authorized to receive. Quality of service (QoS) requests are validated by the quality of service (QoS) server 100 before they are processed. An over-the-top (OTT) application also identifies service abilities and provisions one or more quality of service (QoS) application profiles on the quality of service (QoS) server 100 during application profile configuration.

However, before an over-the-top (OTT) application can register and provision quality of service (QoS) application profiles on the quality of service (QoS) server 100, the quality of service (QoS) server 100 must first collect the following data from the over-the-top (OTT) application (more characteristics may be required as new application characteristics present themselves): an over-the-top (OTT) application identifier, over-the-top (OTT) access credentials, one or more quality of service (QoS) application profile IDs, over-the-top (OTT) application characteristics, and one or more mobile network operator (MNO) associations.

In accordance with the principles of the present invention, an over-the-top (OTT) application identifier is a unique string (synchronized with a carrier provided “AF-Application-Identifier”) that is provided to an over-the-top (OTT) application via an out-of-band mechanism. An over-the-top (OTT) application identifier may be prefixed with quality of service (QoS) unique identifiers for use on the quality of service (QoS) server 100.

Over-the-top (OTT) access credentials (e.g. a secret/password or public key infrastructure (PKI) verification) are a set of credentials agreed upon by an over-the-top (OTT) application and the quality of service (QoS) server 100 in an out of band manner.

A quality of service (QoS) application profile ID is a quality of service (QoS) specific value, defined per application identifier. More particularly, the quality of service (QoS) application profile ID is defined by the quality of service (QoS) server 100 and provided to an over-the-top (OTT) application via an out of band mechanism.

In accordance with the principles of the present invention, a quality of service (QoS) application profile ID points to a quality of service (QoS) application profile that is to be provisioned for an over-the-top (OTT) application. A quality of service (QoS) application profile contains application details (e.g. service characteristics, etc.) and indicates a desired level of quality of service (QoS) treatment. A quality of service (QoS) application profile ID is referenced in each quality of service (QoS) request message sent to the quality of service (QoS) server 100, to indicate to the quality of service (QoS) server 100 a particular quality of service (QoS) application profile to invoke. In accordance with the principles of the present invention, an over-the-top (OTT) application may provision multiple quality of service (QoS) application profiles to indicate varying levels of desired quality of service (QoS).

Over-the-top (OTT) application characteristics provided to the quality of service (QoS) server 100 during application profile configuration include (this list may be extended as new requirements develop, either by 3GPP specifications or via over-the-top (OTT) evolution): a media component number (i.e. an ordinal number of a media component), a media sub-component (i.e. a set of flows for one flow identifier), an application identifier, a media type (e.g. audio (0), video (1), data (2), application (3), control (4), text (5), message (6), other (0xFFFFFFFF)), a maximum requested bandwidth (Bw) uplink (UL), a maximum requested bandwidth (Bw) downlink (DL), a flow status, a reservation priority, RS bandwidth (Bw), RR bandwidth (Bw), codec data, and a tunnel encapsulation indicator, e.g., yes, no, IPSec, etc.

In accordance with the principles of the present invention, a media sub-component field may include the following characteristics: a flow number (i.e. an ordinal number of the IP flow), a flow description (e.g. uplink (UL) and/or downlink (DL)), a flow status, flow usage, a maximum requested bandwidth (Bw) uplink (UL), a maximum requested bandwidth (Bw) downlink (DL), and an application function (AF) signaling protocol.

Moreover, a mobile network operator (MNO) associations field provided to the quality of service (QoS) server 100 during application profile configuration identifies all of the networks for which an over-the-top (OTT) application is authorized to designate quality of service (QoS) settings. Values in a mobile network operator (MNO) associations field are defined per quality of service (QoS) implementation and represent system logical identifiers for the purposes of routing communications to particular policy and charging rules (PCRF) functions.

In accordance with the principles of the present invention, once required application data is furnished to the quality of service (QoS) server 100, an over-the-top (OTT) application provisions one or more quality of service (QoS) application profiles on the quality of service (QoS) server 100. Following quality of service (QoS) application profile provisioning, the over-the-top (OTT) application may begin submitting registrations to the quality of service (QoS) server 100, on a per user equipment (UE) basis. In accordance with the principles of the present invention, an over-the-top (OTT) application is required to register with the quality of service (QoS) server 100 periodically.

Following application profile configuration, an over-the-top (OTT) application may send quality of service (QoS) requests to the quality of service (QoS) server 100, on a per user equipment (UE) basis.

As shown in steps 2a and 2b of FIG. 3, a virtual private network (VPN) tunnel 114 is established between a virtual private network (VPN) client 118 on a user equipment (UE) 108 and a fixed infrastructure virtual private network (VPN) server 112, so as to allow data traffic transmitted to/from one or more over-the-top (OTT) application clients 120 (that have undergone application profile configuration on the quality of service (QoS) server 100) on the user equipment (UE) 108 to traverse the tunnel 114.

In accordance with the principles of the present invention, the virtual private network (VPN) client 118/server 112 sends a VPN quality of service (QoS) registration message with appropriate tunneling information to the quality of service (QoS) server 100 during VPN tunnel establishment, as depicted in steps 3a and 3b of FIG. 3. Upon receipt of the VPN quality of service (QoS) registration message, the quality of service (QoS) server 112 returns a VPN quality of service (QoS) registration response message to the virtual private network (VPN) client 118/server 112, as depicted in steps 4a and 4b of FIG. 3. VPN tunneling information may alternatively be provisioned on the quality of service (QoS) server 100 during VPN profile configuration.

Once VPN registration with the quality of service (QoS) server 100 is complete, the virtual private network (VPN) client 118/server 112 may send a VPN quality of service (QoS) request message to the quality of service (QoS) server 100 to request desired quality of service (QoS) treatment therefrom, as shown in steps 5a and 5b of FIG. 3.

In accordance with the principles of the present invention, VPN quality of service (QoS) registration and request messages preferably include: a message ID (i.e. an identifier defined by, and unique to, a requesting virtual private network (VPN) server 112/client 118), a quality of service (QoS) application profile ID (optional), a publically available mobile network assigned source framed internet protocol (IP) address (an attribute-value pair (AVP)) or framed IPv6 prefix (an attribute-value pair (AVP), RFC 4005 [12]), a flow description (an attribute-value pair (AVP), 3GPP 29.214), a virtual private network (VPN) security parameter index (SPI) (per RFC 2041, as required with IPSec protocol by the virtual private network (VPN) client/server), an IPSec protocol (per RFC 2041), a virtual private network (VPN) IP destination (i.e. a routable IP address for the virtual private network (VPN) server), and a VPN-CS.

A quality of service (QoS) application profile ID in a VPN quality of service (QoS) request message indicates a desired level of quality of service (QoS) treatment. A quality of service (QoS) application profile ID is required in a VPN quality of service (QoS) request message when the message is provided to the quality of service (QoS) server 100 dynamically. Otherwise, the quality of service (QoS) server 100 derives a quality of service (QoS) application profile ID based on a combination of values embedded in the VPN quality of service (QoS) request message.

A flow description is required in a VPN quality of service (QoS) request message when a quality of service (QoS) application profile ID is not provided therein. In accordance with the principles of the present invention, a flow description must comprise one of the following two directions: ‘in’ or ‘out’, whereas direction ‘in’ refers to an uplink (UL) IP flow and direction ‘out’ refers to a downlink (DL) IP flow. A flow description may also contain: a source and destination IP address (possibly masked), a protocol and a source and destination port (a source port may be omitted to indicate that any source port is allowed). Lists and ranges may not be used to indicate source and/or destination ports.

In accordance with the principles of the present invention, the quality of service (QoS) server 100 accepts VPN quality of service (QoS) request messages from both a virtual private network (VPN) client 118 and a virtual private network (VPN) server 112. Hence, depending upon the implementation, some information may be missing from a VPN quality of service (QoS) request message.

When both a virtual private network (VPN) server 112 and a virtual private network (VPN) client 118 send a VPN quality of service (QoS) request message to the quality of service (QoS) server 100 for a single VPN connection 114, messages from each source must include a reference to the other, to enable the quality of service (QoS) server 100 to successfully assemble all relevant information and assign an appropriate quality of service (QoS) designation to over-the-top (OTT) application data traversing the virtual private network (VPN) connection 114. A VPN-CS field is preferably used to provide such a reference.

In particular, when VPN quality of service (QoS) request messages are sent by both a virtual private network (VPN) server 112 and a virtual private network (VPN) client 118 for a single virtual private network (VPN) connection 114, optional attribute tag, ‘VPN-CS’ is preferably included therein. Optional attribute tag ‘VPN-CS’ contains a unique message identifier that is used by both a virtual private network (VPN) server 112 and a virtual private network (VPN) client 118, to show that messages refer to a single virtual private network (VPN) connection 114.

As shown in step 6 of FIG. 3, the quality of service (QoS) server 100 performs VPN quality of service (QoS) request message validation in response to a VPN quality of service (QoS) request message received thereon. In particular, during VPN quality of service (QoS) request message validation, the quality of service (QoS) server 100 validates a quality of service (QoS) application profile ID received in the VPN quality of service (QoS) request message.

In accordance with the principles of the present invention, the quality of service (QoS) server 100 may either determine a quality of service (QoS) application profile ID directly or indirectly from the VPN quality of service (QoS) request message. Indirect determination of a quality of service (QoS) application profile ID includes analyzing and matching VPN quality of service (QoS) request message parameters to an appropriate quality of service (QoS) application profile ID. Once a quality of service (QoS) application profile ID is determined, the quality of service (QoS) server 100 performs one of the following two potential courses of action, depending upon the type of virtual private network (VPN) tunnel 114 established in steps 2a-4b.

In particular, if the virtual private network tunnel (VPN) 114 is a multi-tenant virtual private network (VPN) tunnel 520, then the quality of service (QoS) server 100 records and tracks virtual private network (VPN) 114 tunneling information received in the VPN quality of service (QoS) request message in a virtual private network (VPN) tunneling information database 250, and subsequently returns a VPN quality of service (QoS) response message to the requesting virtual private network (VPN) client 118/server 112, as depicted in step 7. In accordance with the principles of the present invention, the quality of service (QoS) server 100 then waits to receive an application quality of service (QoS) registration message or an application quality of service (QoS) termination message from an over-the-top (OTT) application routing or attempting to route data over the virtual private network (VPN) tunnel 114.

In a multi-tenant virtual private network (VPN) scenario, if a quality of service (QoS) application profile ID received in an application quality of service (QoS) request message differs from a quality of service (QoS) application profile ID embedded in a VPN quality of service (QOS) request message, the quality of service (QoS) application profile ID in the application quality of service (QoS) request message is used to influence quality of service (QoS) treatment.

Alternatively, if the virtual private network tunnel (VPN) 114 established in steps 2a-4b is a single-tenant virtual private network (VPN) tunnel 500, then the quality of service (QoS) server 100 immediately applies quality of service (QoS) rules received in the VPN quality of service (QoS) registration or request message to all application data routed over the virtual private network (VPN) tunnel 114. The quality of service rules are extracted from the VPN quality of service (QoS) registration message if that is the only message received and VPN quality of services (QoS) request message if both are received.

In particular, when a VPN quality of service (QoS) registration (or request if received) message is received from a single-tenant virtual private network (VPN) client 118/server 112, the quality of service (QoS) server 100 queries a local mobile network operator (MNO) information database 230 to retrieve home mobile network operator (MNO) information for the over-the-top (OTT) application/virtual private network (VPN) client device 108, as depicted in step 8. If the quality of service (QoS) server 100 cannot find home mobile network operator (MNO) information for the client device in the local mobile network operator (MNO) information database 230, then the quality of service (QoS) server 100 alternatively queries an external number portability database (NPDB) 270 via a number portability database (NPDB) interface 240. Results from either the number portability database (NPDB) 270 or the local mobile network operator (MNO) information database 230 provide the quality of service (QoS) server 100 with enough information to determine a home mobile network operator (MNO) for the over-the-top (OTT) application/VPN client device 108 (step 9).

Once a home mobile network operator (MNO) is identified, the quality of service (QoS) server 100 uses the quality of service (QoS) application profile ID defined in the VPN quality of service (QoS) registration (or request if received) message to determine whether or not over-the-top (OTT) applications routing data over the virtual private network (VPN) tunnel are authorized to influence quality of service (QoS) treatment on the home mobile network operator (MNO) (step 10). In this particular example, there is only one over-the-top (OTT) application configured to transmit data over the virtual private network (VPN) tunnel 114.

In accordance with the principles of the present invention, if the over-the-top (OTT) application configured to route data over the virtual private network (VPN) tunnel 114 is permitted to influence quality of service (QoS) settings on the home mobile network operator (MNO), then the quality of service (QoS) server 100 sends a diameter authentication/authorization request (AAR) message with appropriate quality of service (QoS) information to a policy and charging rules function (PCRF) 104 on the client devices' 108 home mobile network operator (MNO), as shown in step 11.

In step 12, the policy and charging rules function (PCRF) 104 on the client devices' 108 home mobile network operator (MNO) receives the quality of service (QoS) information and returns a diameter authentication/authorization answer (AAA) message to the quality of service (QoS) server 100.

Upon receipt of the diameter authentication/authorization answer (AAA) message, the quality of service (QoS) server 100 sends a VPN quality of service (QoS) response message to the requesting VPN client 118/server 112, as depicted in step 13.

In accordance with the principles of the present invention, a VPN quality of service (QoS) response message preferably includes: a message ID, an application identifier, and a status identifier.

A status identifier included in a status field of a VPN quality of service (QoS) response message may be any one or more of the following: a success status identifier (100), a quality of service (QoS) system failure status identifier (200) (indicating a default failure or unexpected failure with no available details), a failed validation of application identifier/access credentials status identifier (201), a failed validation of quality of service (QoS) profile ID status identifier (202), a quality of service (QoS) system failure reserved message status identifier (defined per quality of service (QoS) implementation and used to explain a unique system failure) (203-299), a PCRF unavailable status identifier (300), and/or an AAR/AAA message failure status identifier (400), wherein the entire contents of the AAA message is embedded in the status field.

Once the virtual private network (VPN) tunnel 114 is setup between the virtual private network (VPN) client 118 on the user equipment 108 and the virtual private network (VPN) server 112, the over-the-top (OTT) application client 120 configured to route data over the virtual private network (VPN) tunnel 114 may use the virtual private network (VPN) tunnel 114 to register with a corresponding over-the-top (OTT) application server 110 (via a Gi/SGi interface 310), as shown in steps 14a and 14b of FIG. 3.

When the over-the-top (OTT) application server 110 receives a service registration request from the over-the-top (OTT) application client 120, the over-the-top (OTT) application server 110 may attempt to establish a mutually authenticated (client 120 and server 110) transport layer security (TLS)/secure sockets layer (SSL) connection with the inventive quality of service (QoS) server 100 (via standard TLS/SSL procedures for mutual authentication), as shown in step 15.

If the initial mutual authentication step is successful, then the over-the-top (OTT) application server 110 sends an application quality of service (QoS) request message to the quality of service (QoS) server 100 to request that a desired level of quality of service (QoS) treatment be applied to application data routed by that over-the-top (OTT) application over the virtual private network (VPN) tunnel 114, as portrayed in step 16.

In accordance with the principles of the present invention, a quality of service (QoS) request message preferably includes: a message ID (i.e. an identifier defined by, and unique to, a requesting over-the-top (OTT) application), an application identifier (as described in 3GPP series 29.214 specification), access credentials (e.g. a secret/password public key infrastructure (PKI) verification, etc.), a quality of service (QoS) application profile ID, a source framed internet protocol (IP) address (an attribute-value pair (AVP)) or framed IPv6 prefix (an attribute-value pair (AVP), RFC 4005 [12]), a service uniform resource name (URN) (an attribute-value pair (AVP), 3GPP 29.214), a reservation priority (TS 183.017 [15]) (a vendor ID shall be set to european telecommunications standards institute (ETSI) (13019) [15]), a subscription ID (RFC 4006 [14]) identifying a particular subscription (e.g. international mobile subscriber identity (IMSI), mobile subscriber integrated services digital network (MSISDN), etc.), and a flow description (an attribute-value pair (AVP), 3GPP 29.214).

A flow description in an application quality of service (QoS) request message must comprise one of the following two directions: ‘in’ or ‘out’, whereas direction ‘in’ refers to an uplink (UL) IP flow and direction ‘out’ refers to a downlink (DL) IP flow. A flow description in an application quality of service (QoS) request message may also contain: a source and destination IP address (possibly masked), a protocol, and a source and destination port (a source port may be omitted to indicate that any source port is allowed). Lists and ranges may not be used to indicate source and/or destination ports.

A quality of service (QoS) application profile ID in an application quality of service (QoS) request message indicates appropriate quality of service (QoS) information to send to a home policy and charging rules function (PCRF) 104.

In accordance with the principles of the present invention, the quality of service (QoS) server 100 performs application quality of service (QoS) request message validation in response to an application quality of service (QoS) request message received thereon, as portrayed in step 17 of FIG. 3.

During application quality of service (QoS) request message validation, the quality of service (QoS) server 100 validates the application identifier, access credentials (e.g. a secret/password public key infrastructure (PKI) verification, etc.), and quality of service (QoS) application profile ID received in the application quality of service (QoS) request message, against application profiles maintained in a local application information database 220. The quality of service (QoS) server 100 validates the format and values of application quality of service (QoS) request message attributes in accordance with a 3GPP series 29.214 specification.

When application quality of service (QoS) request message validation is complete, the quality of service (QoS) server 100 queries a local mobile network operator (MNO) information database 230 to retrieve home mobile network operator (MNO) information for the requesting over-the-top (OTT) application client device 108, as depicted in step 18. If the quality of service (QoS) server 100 cannot find home mobile network operator (MNO) information for the requesting client device 108 in the local mobile network operator (MNO) information database 230, then the quality of service (QoS) server 100 alternatively queries an external number portability database (NPDB) 270 via a number portability database (NPDB) interface 240. Results from either the number portability database (NPDB) 270 or the local mobile network operator (MNO) information database 230 provide the quality of service (QoS) server 100 with enough information to determine a home mobile network operator (MNO) for the requesting client device 108.

Once a home mobile network operator (MNO) is identified (step 19), the quality of service (QoS) server 100 uses a quality of service (QoS) application profile ID, defined in the application quality of service (QoS) request message, to determine whether or not the requesting over-the-top (OTT) application is authorized to influence quality of service (QoS) treatment on the home mobile network operator (MNO).

In step 20 of FIG. 3, if the over-the-top (OTT) application is permitted to influence quality of service (QoS) settings on the home mobile network operator (MNO), then the quality of service (QoS) server 100 queries a local virtual private network (VPN) tunneling information database 250 to determine actual IP packet information associated with application data routed by the over-the-top (OTT) application over the virtual private network (VPN) tunnel 114.

In step 21 of FIG. 3, the quality of service (QoS) server 100 sends a diameter authentication/authorization request (AAR) message with appropriate quality of service (QoS) information and appropriate IP tunneling data to a policy and charging rules function (PCRF) 104 on the client devices' 108 home mobile network operator (MNO). Appropriate quality of service (QoS) information depends on the type of virtual private network (VPN) tunnel 114 routing data.

In particular, if the virtual private network (VPN) tunnel 114 is a single-tenant virtual private network (VPN) tunnel 520, then the diameter authentication/authorization request (AAR) message assigns quality of service (QoS) rules defined in the application quality of service (QoS) request message to all application data routed over the virtual private network (VPN) tunnel 114, as previously described in steps 11-13. This assignment allows mapping to the application quality of service (QoS) request message.

Rather, if the virtual private network (VPN) tunnel 114 is a multi-tenant virtual private network (VPN) tunnel 500, then the quality of service (QoS) server 100 assigns quality of service (QoS) rules defined in the application quality of service (QoS) request message to application data being routed for the requesting over-the-top (OTT) application, only. In particular, the quality of service (QoS) server 100 sends a diameter authentication/authorization request (AAR) message with appropriate quality of service (QoS) rules and appropriate tunnel packet identification information to a policy and charging rules function (PCRF) 104 on the client devices' 108 home mobile network operator (MNO). Tunnel packet identification information sent to the policy and charging rules function (PCRF) must enable the policy and charging rules function (PCRF) to identify which tunnel packets to assign the requested quality of service (QoS) designation.

As portrayed in step 22, the policy and charging rules function (PCRF) 104 on the client devices' 108 home mobile network operator (MNO) receives quality of service (QoS) information and returns a diameter authentication/authorization answer (AAA) message to the quality of service (QoS) server 100.

In step 23, the quality of service (QoS) server 100 sends a quality of service (QoS) application response message with an appropriate status value to the over-the-top (OTT) application server 110.

In accordance with the principles of the present invention, a quality of service (QoS) application response message preferably comprises: a message ID, an application identifier, and a status identifier.

A status identifier included in a status field of a quality of service (QoS) application response message may be any one or more of the following: a success status identifier (100), a quality of service (QoS) system failure status identifier (200) (indicating a default failure or unexpected failure with no available details), a failed validation of application identifier/access credentials status identifier (201), a failed validation of quality of service (QoS) profile ID status identifier (202), a quality of service (QoS) system failure reserved message status identifier (defined per quality of service (QoS) implementation and used to explain a unique system failure) (203-299), a PCRF unavailable status identifier (300), and/or an AAR/AAA message failure status identifier (400), wherein the entire contents of the AAA message is embedded in the status field.

Once quality of service (QoS) rules have been forwarded to the policy and charging rules function (PCRF) 104 on the client devices' 108 home mobile network operator (MNO), the over-the-top (OTT) application client 120 can proceed to transmit and consume data for service delivery purposes (i.e. the over-the-top (OTT) client 120 delivers a service as available to its' functionality and thereby consumes IP bandwidth as a result of service fulfillment). In particular, as depicted in steps 24a and 24b of FIG. 3, the over-the-top (OTT) application client 120 on the user equipment 108 either initiates or receives a request to begin service fulfillment.

As shown in step 25, once a request for service fulfillment is received (or initiated) on the over-the-top (OTT) application server 110 (via a Gi/SGi interface 310), the over-the-top (OTT) application server 110 attempts to establish a mutually authenticated (client 120 and server 110) transport layer security (TLS)/secure sockets layer (SSL) connection with the quality of service (QoS) server 100 (following standard transport layer security (TLS)/secure sockets layer (SSL) procedures for mutual authentication).

As portrayed in step 26, if the initial mutual authentication step is successful, the over-the-top (OTT) application server 110 sends an application quality of service (QoS) request message over the virtual private network (VPN) tunnel 114 to the quality of service (QoS) server 100, to request that a desired level of quality of service (QoS) treatment be applied to application data routed by the over-the-top (OTT) application over the virtual private network (VPN) tunnel 114.

As depicted in steps 27-33, the quality of service (QoS) server 100 then performs application quality of service (QoS) request message validation on the received application quality of service (QoS) request message, identifies a home mobile network operator (MNO) for the requesting client user equipment (UE) 108, sends appropriate quality of service (QoS) data to a home policy and charging rules function (PCRF) 104 based on the type of virtual private network (VPN) tunnel 114 routing application data, and subsequently forwards a quality of service (QoS) application response message to the over-the-top (OTT) application server 110, as previously described in steps 17-23.

In accordance with the principles of the present invention, once signaling or data services are terminated on the over-the-top (OTT) application client device 108, the over-the-top (OTT) application server 110 informs the quality of service (QoS) server 100 of the service termination, to trigger reserved quality of service (QoS) values to be terminated on the client devices' 108 home mobile network operator (MNO).

In particular, as depicted in step 34 of FIG. 3, when the over-the-top (OTT) application server 110 detects a termination of signaling or service on the over-the-top (OTT) application client user equipment (UE) 108, the over-the-top (OTT) application server 110 attempts to establish a mutually authenticated (client 120 and server 110) TLS/SSL connection with the quality of service (QoS) server 100 (following standard TLS/SSL procedures for mutual authentication).

As portrayed in step 35, if the initial mutual authentication step is successful, the over-the-top (OTT) application server 110 sends an application quality of service (QoS) termination message to the quality of service (QoS) server 100.

In accordance with the principles of the present invention, an application quality of service (QoS) termination message preferably includes: a message ID (an identifier defined by, and unique to, a requesting over-the-top (OTT) application), an application identifier (as described in 3GPP series 29.214 specification), access credentials (e.g. a secret/password public key infrastructure (PKI) verification, etc.), a quality of service (QoS) application profile ID, a source framed IP address (an attribute-value part (AVP)) or framed IPv6 prefix (an attribute-value part (AVP), RFC 4005 [12]), a service uniform resource name (URN) (an attribute-value part (AVP), 3GPP 29.214), a reservation priority (TS 183.017 [15]) (a vendor is preferably set to european telecommunications standards institute (ETSI) (13019) [15]), and a subscription ID (RFC 4006 [14]), identifying a particular subscription, e.g., international mobile subscriber identity (IMSI), mobile station integrated services digital network (MSISDN), etc.

In response to an application quality of service (QoS) termination message, the quality of service (QoS) server 100 performs application quality of service (QoS) termination message validation, as portrayed in step 36. During application quality of service (QoS) termination message validation, the quality of service (QoS) server 100 validates the application identifier and access credentials (e.g., a secret/password public key infrastructure (PKI) verification, etc.) received in the application quality of service (QoS) termination message against application profile data maintained in a local application information database 220.

As depicted in step 37, once application quality of service (QoS) termination message validation is complete, the quality of service (QoS) server 100 sends a diameter session termination request (STR) message to the policy and charging rules function (PCRF) 104 on the over-the-top (OTT) application client device's 108 home mobile network operator (MNO), to indicate that service/signaling has been terminated.

In steps 38 and 39, the policy and charging rules function (PCRF) 104 responds to the quality of service (QoS) server 100 with a diameter session termination answer (STA) message, and the quality of service (QoS) server 100 subsequently sends an application quality of service (QoS) response message (including an appropriate status value) to the requesting over-the-top (OTT) application server 110.

Similarly, the virtual private network (VPN) client 118 and/or server 112 sends an IPSec tunnel mapping table, containing appropriate tunnel termination information (tunneling information depicted in Table 1) to the quality of service (QoS) server 100, once the virtual private network (VPN) tunnel 114 is terminated.

In particular, as depicted in steps 40a, 40b, and 40c, the virtual private network (VPN) client 118/server 112 sends a VPN quality of service (QoS) termination message with appropriate tunneling information (tunneling information depicted in Table 1) to the quality of service (QoS) server 100 when the virtual private network (VPN) tunnel 114 is terminated. The virtual private network (VPN) client 118 sends a VPN quality of service (QoS) termination message to the quality of service (QoS) server 100 via a conventional Gi/SGi interface 310.

In accordance with the principles of the present invention, a VPN quality of service (QoS) termination message preferably includes access credentials and a tunnel source and destination IP address, to enable the quality of service (QoS) server to identify which tunnel is being terminated and to determine if a pending quality of service (QoS) configuration in the wireless network need be removed as a result of the tunnel termination. A quality of service (QoS) termination message is typically preceded by a session termination. However, this may not always be the case.

In step 41, the quality of service (QoS) server 100 receives the VPN quality of service (QoS) termination message and appropriately responds to the virtual private network (VPN) client 118/server 112 with a VPN quality of service (QoS) response message.

Many commercial wireless networks provide quality of service (QoS) to their clients. The inventive solution is described herein via use of a specific long term evolution (LTE) network provider. However, the present invention may be applied to any wireless network that supports quality of service (QoS) treatment, including: a universal mobile telecommunications system (UMTS), long term evolution (LTE) technology, an evolved-universal mobile telecommunications system (E-UMTS), long term evolution (LTE) technology advanced, and Wi-Fi.

Inventive quality of service (QoS) logic may and should be extended to support other scenarios, such as scenarios described as “Application Function” logic in 3GPP series 29 specifications.

Use of this inventive technology causes certain packets associated with a virtual private network (VPN) connection to be identified via their security parameter index (SPI) value. Identification of this nature may reveal an associative characteristic of some virtual private network (VPN) packets. Implementers of the inventive technology may wish to determine if additional security, additional encryption, etc., is required to compensate for the reveal of the associative nature of packets.

The present invention has particular applicability to United States federal agencies, such as the Federal Emergency Management Agency (FEMA), and the Department of Homeland Security (DHS), etc., as well as to emergency first responders, large over-the-top (OTT) application providers (e.g., Google™, Apple™, etc.), and enhanced long term evolution (LTE) policy and charging rules function(s) (PCRF), from policy and charging rules function (PCRF) vendors.

While the invention has been described with reference to the exemplary embodiments thereof, those skilled in the art will be able to make various modifications to the described embodiments of the invention without departing from the true spirit and scope of the invention.

Claims

1. A method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network (VPN) tunnel, comprising: receiving an application quality of service (QoS) request message from an over-the-top (OTT) application server;performing validation on said quality of service (QoS) request message;querying a local mobile network operator (MNO) information database for a home mobile network operator (MNO) assigned to an over-the-top (OTT) application client device;determining that said over-the-top (OTT) application is permitted to influence quality of service (QoS) settings on said home mobile network operator (MNO);sending a message with appropriate quality of service (QoS) information to a policy and charging rules function (PCRF) on said home mobile network operator (MNO), said policy and charging rules function (PCRF) providing quality of service (QoS) treatment to said over-the-top (OTT) application transmitting data over said virtual private network (VPN) tunnel;returning an application quality of service (QoS) response message to said over-the-top (OTT) application server with an appropriate status identifier; andquerying an external number portability database (NPDB) for home mobile network operator (MNO) information when home mobile network operator (MNO) information is not found in said local mobile network operator (MNO) information database.
2. The method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network (VPN) tunnel according to claim 1, wherein: said quality of service information is sent to said policy and charging rules function (PCRF) via a diameter protocol interface.
3. The method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network (VPN) tunnel according to claim 1, wherein: said policy and charging rules function (PCRF) on said home mobile network operator (MNO) forwards received quality of service (QoS) rules to a policy and charging rules function (PCRF) serving said over-the-top (OTT) application client device when said (OTT) application client device is roaming.
4. The method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network (VPN) tunnel according to claim 1, wherein: said quality of service (QoS) request message indicates a particular quality of service (QoS) profile to invoke.
5. The method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network (VPN) tunnel according to claim 1, wherein: said over-the-top (OTT) application server sends an application quality of service (QoS) termination message to said quality of service (QoS) server when said over-the-top (OTT) application server detects a termination of service or signaling on said over-the-top (OTT) application client.
6. The method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network (VPN) tunnel according to claim 5, wherein: said application quality of service (QoS) termination message indicates to said quality of service (QoS) server that reserved quality of service (QoS) values may be terminated on said home mobile network operator (MNO) assigned to said over-the-top (OTT) application client device.
7. A method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network (VPN) tunnel, comprising: receiving an application quality of service (QoS) request message from an over-the-top (OTT) application server;performing validation on said quality of service (QoS) request message;querying a local mobile network operator (MNO) information database for a home mobile network operator (MNO) assigned to an over-the-top (OTT) application client device;determining that said over-the-top (OTT) application is permitted to influence quality of service (QoS) settings on said home mobile network operator (MNO);sending a message with appropriate quality of service (QoS) information to a policy and charging rules function (PCRF) on said home mobile network operator (MNO), said message sent to said policy and charging rules (PCRF) function assigning quality of service (QoS) rules defined in said application quality of service (QoS) request message to all application data routed over said virtual private network (VPN) tunnel when said virtual private network (VPN) tunnel is a single-tenant virtual private network (VPN) tunnel; andreturning an application quality of service (QoS) response message to said over-the-top (OTT) application server with an appropriate status identifier.
8. The method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network (VPN) tunnel according to claim 7, wherein: said message sent to said policy and charging rules (PCRF) function assigns quality of service (QoS) rules defined in said application quality of service (QoS) request message to application data routed for said requesting over-the-top (OTT) application when said over-the-top (OTT) application is routing data over a multi-tenant virtual private network (VPN) tunnel.
9. A method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a single-tenant virtual private network (VPN) tunnel, comprising: receiving a VPN quality of service (QoS) registration or both registration and request messages;performing validation on said VPN quality of service (QoS) registration and request messages;querying a local mobile network operator (MNO) information database for a home mobile network operator (MNO) assigned to a requesting VPN client device;determining that an over-the-top (OTT) application routing data over a single-tenant virtual private network (VPN) tunnel is permitted to influence quality of service (QoS) settings on said home mobile network operator (MNO);sending a message with appropriate quality of service (QoS) information to a policy and charging rules function (PCRF) on said home mobile network operator (MNO); andreturning a VPN quality of service (QoS) response message to a VPN client/server with an appropriate status identifier.
10. The method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a single-tenant virtual private network (VPN) tunnel according to claim 9, wherein: said quality of service (QoS) server applies quality of service (QoS) rules received in said VPN quality of service (QoS) request message to all application data routed over said single-tenant virtual private network (VPN) tunnel.
11. The method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a single-tenant virtual private network (VPN) tunnel according to claim 9, wherein: an external number portability database (NPDB) is queried for home mobile network operator (MNO) information when home mobile network operator (MNO) information cannot be found in said local mobile network operator (MNO) information database.
12. The method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a single-tenant virtual private network (VPN) tunnel according to claim 9, wherein: said quality of service information is sent to said policy and charging rules function (PCRF) via a diameter protocol interface.
13. The method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a single-tenant virtual private network (VPN) tunnel according to claim 9, wherein: said policy and charging rules function (PCRF) on said home mobile network operator (MNO) forwards received quality of service (QoS) rules to a policy and charging rules function (PCRF) serving said VPN client device when said VPN client device is roaming.
14. The method for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a single-tenant virtual private network (VPN) tunnel according to claim 9, wherein: said VPN quality of service (QoS) request message indicates a particular quality of service (QoS) profile to invoke.
15. A quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network (VPN) tunnel, comprising: an over-the-top (OTT) application interface for interfacing with an over-the-top (OTT) application server;a mobile network operator (MNO) policy and charging rules function (PCRF) interface for interfacing with a policy and charging rules function (PCRF) on a home mobile network operator (MNO) assigned to an over-the-top (OTT) application client device;a number portability database (NPDB) interface for interfacing with an external number portability database (NPDB);a virtual private network (VPN) client/server interface for interfacing with a virtual private network client/server at either end of a virtual private network (VPN) tunnel routing data to/from said over-the-top (OTT) application server;a local virtual private network (VPN) tunneling information database to store information for supported virtual private networks (VPN);a local application information database to store a profile for a supported over-the-top (OTT) application; anda local mobile network operator (MNO) information database to store home mobile network operator (MNO) information for supported over-the-top (OTT) application clients.
16. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said mobile network operator (MNO) policy and charging rules function (PCRF) interface is a diameter protocol interface.
17. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said virtual private network (VPN) client/server interface is a secure transport layer security (TLS)/secure sockets layer (SSL) communications channel.
18. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said over-the-top (OTT) application interface is a secure transport layer security (TLS)/secure sockets layer (SSL) communications channel.
19. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application on a commercial wireless network according to claim 15, wherein: said quality of service (QoS) server translates received diameter protocol messages to other communication mediums and vice versa.
20. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said over-the-top (OTT) application server requests and gets desired quality of service (QoS) treatment from said quality of service (QoS) server for application data routed over said virtual private network (VPN) tunnel.
21. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said virtual private network client/server requests and gets desired quality of service (QoS) treatment from said quality of service (QoS) server for application data routed over said virtual private network (VPN) tunnel.
22. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said commercial wireless network is a long term evolution (LTE) network.
23. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said commercial wireless network is a universal mobile telecommunications system (UMTS) network.
24. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said commercial wireless network is a Wi-Fi network.
25. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said virtual private network (VPN) tunnel is an IPSec virtual private network (VPN) tunnel.
26. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said virtual private network (VPN) tunnel is a layer 2 tunneling protocol (L2TP) virtual private network (VPN) tunnel.
27. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said virtual private network (VPN) tunnel is point-to-point tunneling protocol (PPTP) virtual private network (VPN) tunnel.
28. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said virtual private network (VPN) tunnel is a transport layer security (TLS) virtual private network (VPN) tunnel.
29. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said virtual private network (VPN) tunnel is a multi-tenant virtual private network (VPN) tunnel.
30. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said virtual private network (VPN) tunnel is a single-tenant virtual private network (VPN) tunnel.
31. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: a single-tenant virtual private network (VPN) tunnel must provision identification details and one or more quality of service (QoS) application profiles on said quality of service (QoS) server before said single-tenant virtual private network (VPN) tunnel may request quality of service (QoS) treatment therefrom.
32. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: a multi-tenant virtual private network (VPN) tunnel must provision identification details and adequate tunneling information on said quality of service (QoS) server before said multi-tenant virtual private network (VPN) tunnel may request quality of service (QoS) treatment therefrom.
33. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 32, wherein: said adequate tunneling information enables said quality of service (QoS) server to determine actual IP header information associated with data routed over said multi-tenant virtual private network (VPN) tunnel.
34. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said quality of service (QoS) application profile indicates a desired level of quality of service (QoS).
35. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said over-the-top (OTT) application server sends an application quality of service (QoS) request message to said quality of service (QoS) server to request quality of service (QoS) treatment therefrom.
36. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 35, wherein: said application quality of service (QoS) request message must indicate desired quality of service (QoS) rules.
37. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said virtual private network client/server sends a VPN quality of service (QoS) request message to said quality of service (QoS) server to request quality of service (QoS) treatment therefrom.
38. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 36, wherein: said quality of service (QoS) server forwards desired quality of service (QoS) rules embedded in said quality of service (QoS) request message to a policy and charging rules function (PCRF) on a home mobile network operator (MNO) assigned to said requesting client device.
39. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said quality of service (QoS) server queries said local mobile network operator (MNO) database to determine a home mobile network operator (MNO) for said requesting client device.
40. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said quality of service (QoS) server queries said external number portability database (NPDB) to determine a home mobile network operator (MNO) for said requesting client device when home mobile network operator (MNO) information is not found in said local mobile network operator (MNO) database.
41. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said home policy and charging rules function (PCRF) provides conventional quality of service (QoS) treatment to said over-the-top (OTT) application transmitting data over said virtual private network (VPN) tunnel.
42. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 41, wherein: said policy and charging rules function (PCRF) on said home mobile network operator (MNO) forwards desired quality of service (QoS) rules to a policy and charging rules function (PCRF) on a visiting mobile network operator (MNO) when said requesting client device is roaming.
43. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said over-the-top (OTT) application server sends an application quality of service (QoS) termination message to said quality of service (QoS) server when said over-the-top (OTT) application server detects a termination of service on said over-the-top (OTT) application client.
44. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 43, wherein: said application quality of service (QoS) termination message indicates that reserved quality of service (QoS) values may be terminated on said home mobile network operator (MNO).
45. The quality of service (QoS) server for extending quality of service (QoS) treatment to an over-the-top (OTT) application transmitting data over a commercial wireless network via a virtual private network tunnel according to claim 15, wherein: said virtual private network (VPN) client/server sends a virtual private network (VPN) quality of service (QoS) termination message to said quality of service (QoS) server when a virtual private network (VPN) tunnel is terminated.

Parent Case Info

The present invention is a continuation-in-part of U.S. application Ser. No. 14/032,913, filed Sep. 20, 2013, entitled “Mechanisms For Quality of Service to Over the Top Applications For Use in Commercial Wireless Networks”; which claims priority from U.S. Provisional No. 61/714,944, filed Oct. 17, 2012, entitled “Mechanisms for Quality of Service to Over the Top Applications For Use In Commercial Wireless Networks”. The present application also claims priority from U.S. Provisional No. 61/815,976, filed Apr. 25, 2013, entitled “Quality of Service to Over the Top Applications Used with VPN”; and from U.S. Provisional No. 61/829,745, filed May 31, 2013, entitled “Quality of Service to Over the Top Applications Used with VPN”. The entirety of all four of these applications are expressly incorporated herein by reference.

US Referenced Citations (687)

Number	Name	Date	Kind
1103073	O'Connell	Jul 1914	A
4445118	Taylor et al.	Apr 1984	A
4494119	Wimbush	Jan 1985	A
4651156	Martinez	Mar 1987	A
4706275	Kamil	Nov 1987	A
4891638	Davis	Jan 1990	A
4891650	Sheffer	Jan 1990	A
4910767	Brugliera et al.	Mar 1990	A
4952928	Carroll	Aug 1990	A
4972484	Theile	Nov 1990	A
5014206	Scribner	May 1991	A
5043736	Darnell	Aug 1991	A
5055851	Sheffer	Oct 1991	A
5068656	Sutherland	Nov 1991	A
5068891	Marshall	Nov 1991	A
5070329	Jasimaki	Dec 1991	A
5081667	Drori	Jan 1992	A
5119104	Heller	Jun 1992	A
5126722	Kamis	Jun 1992	A
5144283	Arens	Sep 1992	A
5161180	Chavous	Nov 1992	A
5166972	Smith	Nov 1992	A
5177478	Wagai	Jan 1993	A
5193215	Olmer	Mar 1993	A
5208756	Song	May 1993	A
5214789	George	May 1993	A
5218367	Sheffer	Jun 1993	A
5223844	Mansell	Jun 1993	A
5239570	Koster	Aug 1993	A
5265630	Hartmann	Nov 1993	A
5266944	Carroll	Nov 1993	A
5283570	DeLuca	Feb 1994	A
5289527	Tiedemann	Feb 1994	A
5293642	Lo	Mar 1994	A
5299132	Wortham	Mar 1994	A
5301354	Schwendeman	Apr 1994	A
5311516	Kuznicki	May 1994	A
5325302	Izidon	Jun 1994	A
5327529	Fults	Jul 1994	A
5334974	Simms	Aug 1994	A
5335246	Yokev	Aug 1994	A
5343493	Karimulah	Aug 1994	A
5347568	Moody	Sep 1994	A
5351235	Lahtinen	Sep 1994	A
5361212	Class	Nov 1994	A
5363425	Mufti	Nov 1994	A
5365451	Wang	Nov 1994	A
5374936	Feng	Dec 1994	A
5379344	Larsson	Jan 1995	A
5379451	Nakagoshi	Jan 1995	A
5381338	Wysocki	Jan 1995	A
5387993	Heller	Feb 1995	A
5388147	Grimes	Feb 1995	A
5390339	Bruckery	Feb 1995	A
5394158	Chia	Feb 1995	A
5396227	Carroll	Mar 1995	A
5398190	Wortham	Mar 1995	A
5406614	Hara	Apr 1995	A
5418537	Bird	May 1995	A
5422813	Schuchman	Jun 1995	A
5423076	Westergren	Jun 1995	A
5432841	Rimer	Jul 1995	A
5434789	Fraker	Jul 1995	A
5454024	Lebowitz	Sep 1995	A
5457746	Dolphin	Oct 1995	A
5461390	Hosher	Oct 1995	A
5470233	Fruchterman	Nov 1995	A
5479408	Will	Dec 1995	A
5479482	Grimes	Dec 1995	A
5485161	Vaugh	Jan 1996	A
5485163	Singer	Jan 1996	A
5488563	Chazelle	Jan 1996	A
5494091	Freeman	Feb 1996	A
5497149	Fast	Mar 1996	A
5506886	Maine	Apr 1996	A
5508931	Snider	Apr 1996	A
5513243	Kage	Apr 1996	A
5515287	Hakoyama	May 1996	A
5517199	DiMattei	May 1996	A
5519403	Bickley	May 1996	A
5530655	Lokhoff	Jun 1996	A
5530914	McPheters	Jun 1996	A
5532690	Hertel	Jul 1996	A
5535434	Siddoway	Jul 1996	A
5539395	Buss	Jul 1996	A
5539398	Hall	Jul 1996	A
5539829	Lokhoff	Jul 1996	A
5543776	L'Esperance	Aug 1996	A
5546445	Dennison	Aug 1996	A
5552772	Janky	Sep 1996	A
5555286	Tendler	Sep 1996	A
5568119	Schipper	Oct 1996	A
5568153	Beliveau	Oct 1996	A
5568551	Kawashima	Oct 1996	A
5574648	Pilley	Nov 1996	A
5579372	Angstrom	Nov 1996	A
5588009	Will	Dec 1996	A
5592535	Klotz	Jan 1997	A
5594780	Wiedeman	Jan 1997	A
5604486	Lauro	Feb 1997	A
5606313	Allen	Feb 1997	A
5606618	Lokhoff	Feb 1997	A
5606850	Nakamura	Mar 1997	A
5610815	Gudat	Mar 1997	A
5614890	Fox	Mar 1997	A
5615116	Gudat	Mar 1997	A
5621793	Bednarek	Apr 1997	A
5628051	Salin	May 1997	A
5629693	Janky	May 1997	A
5633912	Tsoi	May 1997	A
5636276	Brugger	Jun 1997	A
5661652	Sprague	Aug 1997	A
5661755	Van De Kerkhof	Aug 1997	A
5682600	Salin	Oct 1997	A
5689245	Noreen	Nov 1997	A
5699053	Jonsson	Dec 1997	A
5704029	Wright, Jr.	Dec 1997	A
5721781	Deo	Feb 1998	A
5731785	Lemelson	Mar 1998	A
5740534	Ayerst	Apr 1998	A
5761618	Lynch	Jun 1998	A
5765152	Erickson	Jun 1998	A
5767795	Schaphorst	Jun 1998	A
5768509	Gunluk	Jun 1998	A
5771353	Eggleston	Jun 1998	A
5774533	Patel	Jun 1998	A
5774670	Montulli	Jun 1998	A
5787357	Salin	Jul 1998	A
5794142	Vanttila	Aug 1998	A
5797094	Houde	Aug 1998	A
5797096	Lupien	Aug 1998	A
5802492	DeLorrme	Sep 1998	A
5806000	Vo	Sep 1998	A
5809415	Rossmann	Sep 1998	A
5812086	Bertiger	Sep 1998	A
5812087	Krasner	Sep 1998	A
5822700	Hult	Oct 1998	A
5828740	Khue	Oct 1998	A
5835907	Newman	Nov 1998	A
5841396	Krasner	Nov 1998	A
5857201	Wright, Jr.	Jan 1999	A
5864667	Barkam	Jan 1999	A
5874914	Krasner	Feb 1999	A
5896369	Warsta	Apr 1999	A
5920821	Seazholtz	Jul 1999	A
5922074	Richard	Jul 1999	A
5930250	Klok	Jul 1999	A
5930701	Skog	Jul 1999	A
5943399	Banister	Aug 1999	A
5945944	Krasner	Aug 1999	A
5946629	Sawyer	Aug 1999	A
5946630	Willars	Aug 1999	A
5950130	Coursey	Sep 1999	A
5950137	Kim	Sep 1999	A
5953398	Hill	Sep 1999	A
5960362	Grob	Sep 1999	A
5974054	Couts	Oct 1999	A
5978685	Laiho	Nov 1999	A
5983099	Yao	Nov 1999	A
5987323	Huotari	Nov 1999	A
5998111	Abe	Dec 1999	A
5999124	Sheynblat	Dec 1999	A
6014602	Kithol	Jan 2000	A
6032051	Hall	Feb 2000	A
6035025	Hanson	Mar 2000	A
6049710	Nilsson	Apr 2000	A
6052081	Krasner	Apr 2000	A
6058300	Hanson	May 2000	A
6058338	Agashe et al.	May 2000	A
6061018	Sheynblat	May 2000	A
6061346	Nordman	May 2000	A
6064336	Krasner	May 2000	A
6064875	Morgan	May 2000	A
6067045	Castelloe	May 2000	A
6070067	Nguyen	May 2000	A
6075982	Donovan	Jun 2000	A
6081229	Soliman	Jun 2000	A
6081508	West	Jun 2000	A
6085320	Kaliski, Jr.	Jul 2000	A
6101378	Barabush	Aug 2000	A
6104931	Havinis	Aug 2000	A
6108533	Brohoff	Aug 2000	A
6122503	Daly	Sep 2000	A
6122520	Want	Sep 2000	A
6124810	Segal	Sep 2000	A
6131028	Whittington	Oct 2000	A
6131067	Girerd	Oct 2000	A
6133874	Krasner	Oct 2000	A
6134483	Vayanos	Oct 2000	A
6138003	Kingdon	Oct 2000	A
6148197	Bridges	Nov 2000	A
6148198	Anderson	Nov 2000	A
6148342	Ho	Nov 2000	A
6149353	Nilsson	Nov 2000	A
6150980	Krasner	Nov 2000	A
6154172	Piccionelli	Nov 2000	A
6169891	Gorham	Jan 2001	B1
6169901	Boucher	Jan 2001	B1
6169902	Kawamoto	Jan 2001	B1
6173181	Losh	Jan 2001	B1
6178505	Schneider	Jan 2001	B1
6178506	Quick, Jr.	Jan 2001	B1
6181935	Gossman	Jan 2001	B1
6188354	Soliman	Feb 2001	B1
6188752	Lesley	Feb 2001	B1
6188909	Alananra	Feb 2001	B1
6189098	Kaliski, Jr.	Feb 2001	B1
6195557	Havinis	Feb 2001	B1
6198431	Gibson	Mar 2001	B1
6199045	Giniger	Mar 2001	B1
6199113	Alegre	Mar 2001	B1
6205330	Winbladh	Mar 2001	B1
6208290	Krasner	Mar 2001	B1
6208854	Roberts	Mar 2001	B1
6215441	Moeglein	Apr 2001	B1
6219557	Havinis	Apr 2001	B1
6223046	Hamill-Keays	Apr 2001	B1
6226529	Bruno	May 2001	B1
6239742	Krasner	May 2001	B1
6247135	Feaugue	Jun 2001	B1
6249680	Wax	Jun 2001	B1
6249744	Morita	Jun 2001	B1
6249873	Richard	Jun 2001	B1
6253203	O'Flaherty	Jun 2001	B1
6260147	Quick, Jr.	Jul 2001	B1
6266614	Alumbaugh	Jul 2001	B1
6275692	Skog	Aug 2001	B1
6275849	Ludwig	Aug 2001	B1
6278701	Ayyagari	Aug 2001	B1
6289373	Dezonno	Sep 2001	B1
6297768	Allen, Jr.	Oct 2001	B1
6307504	Sheynblat	Oct 2001	B1
6308269	Proidl	Oct 2001	B2
6313786	Sheynblat	Nov 2001	B1
6317594	Gossman	Nov 2001	B1
6321091	Holland	Nov 2001	B1
6321092	Fitch	Nov 2001	B1
6321257	Kotala	Nov 2001	B1
6324524	Lent	Nov 2001	B1
6327473	Soliman	Dec 2001	B1
6327479	Mikkola	Dec 2001	B1
6330454	Verdonk	Dec 2001	B1
6333919	Gaffney	Dec 2001	B2
6360093	Ross	Mar 2002	B1
6360102	Havinis	Mar 2002	B1
6363254	Jones	Mar 2002	B1
6367019	Ansell	Apr 2002	B1
6370389	Isomursu	Apr 2002	B1
6377209	Krasner	Apr 2002	B1
6400314	Krasner	Jun 2002	B1
6400958	Isomursu	Jun 2002	B1
6411254	Moeglein	Jun 2002	B1
6421002	Krasner	Jul 2002	B2
6427001	Contractor	Jul 2002	B1
6433734	Krasner	Aug 2002	B1
6434381	Moore	Aug 2002	B1
6442391	Johansson	Aug 2002	B1
6449473	Raivisto	Sep 2002	B1
6449476	Hutchinson, IV	Sep 2002	B1
6456852	Bar	Sep 2002	B2
6463272	Wallace	Oct 2002	B1
6477150	Maggenti	Nov 2002	B1
6504491	Christians	Jan 2003	B1
6505049	Dorenbosch	Jan 2003	B1
6510387	Fuchs	Jan 2003	B2
6512922	Burg	Jan 2003	B1
6512930	Sandegren	Jan 2003	B2
6515623	Johnson	Feb 2003	B2
6519466	Pande	Feb 2003	B2
6522682	Kohli	Feb 2003	B1
6526026	Menon	Feb 2003	B1
6529500	Pandharipande	Mar 2003	B1
6529829	Turetzky	Mar 2003	B2
6531982	White	Mar 2003	B1
6538757	Sansone	Mar 2003	B1
6539200	Schiff	Mar 2003	B1
6539232	Hendrey et al.	Mar 2003	B2
6539304	Chansarkar	Mar 2003	B1
6542464	Takeda	Apr 2003	B1
6542734	Abrol	Apr 2003	B1
6542743	Soliman	Apr 2003	B1
6549776	Joong	Apr 2003	B1
6549844	Egberts	Apr 2003	B1
6553236	Dunko	Apr 2003	B1
6556832	Soliman	Apr 2003	B1
6560456	Lohtia	May 2003	B1
6560461	fomukong	May 2003	B1
6560534	Abraham	May 2003	B2
6564261	Gudjonsson	May 2003	B1
6570530	Gaal	May 2003	B2
6571095	Koodli	May 2003	B1
6574558	Kohli	Jun 2003	B2
6580390	Hay	Jun 2003	B1
6584552	Kuno	Jun 2003	B1
6587691	Granstam	Jul 2003	B1
6594500	Bender	Jul 2003	B2
6597311	Sheynblat	Jul 2003	B2
6600927	Hamilton	Jul 2003	B2
6603973	Foladare	Aug 2003	B1
6606495	Korpi	Aug 2003	B1
6606554	Edge	Aug 2003	B2
6609004	Morse	Aug 2003	B1
6611757	Brodie	Aug 2003	B2
6618593	Drutman	Sep 2003	B1
6618670	Chansarkar	Sep 2003	B1
6621452	Knockeart	Sep 2003	B2
6621810	Leung	Sep 2003	B1
6628233	Knockeart	Sep 2003	B2
6633255	Krasner	Oct 2003	B2
6640184	Rabe	Oct 2003	B1
6650288	Pitt	Nov 2003	B1
6661372	Girerd	Dec 2003	B1
6665539	Sih	Dec 2003	B2
6665541	Krasner	Dec 2003	B1
6671620	Garin	Dec 2003	B1
6677894	Sheynblat	Jan 2004	B2
6680694	Knockheart	Jan 2004	B1
6680695	Turetzky	Jan 2004	B2
6687504	Raith	Feb 2004	B1
6691019	Seeley	Feb 2004	B2
6694258	Johnson	Feb 2004	B2
6697629	Grilli	Feb 2004	B1
6698195	Hellinger	Mar 2004	B1
6701144	Kirbas	Mar 2004	B2
6703971	Pande	Mar 2004	B2
6703972	Van Diggelen	Mar 2004	B2
6704651	Van Diggelen	Mar 2004	B2
6707421	Drury	Mar 2004	B1
6714793	Carey	Mar 2004	B1
6718174	Vayanos	Apr 2004	B2
6720915	Sheynblat	Apr 2004	B2
6721578	Minear	Apr 2004	B2
6721871	Piispanen	Apr 2004	B2
6724342	Bloebaum	Apr 2004	B2
6725159	Krasner	Apr 2004	B2
6728701	Stoica	Apr 2004	B1
6731940	Nagendran	May 2004	B1
6734821	Van Diggelen	May 2004	B2
6738013	Orler	May 2004	B2
6738800	Aquilon	May 2004	B1
6741842	Goldberg	May 2004	B2
6744856	Karnik	Jun 2004	B2
6744858	Ryan	Jun 2004	B1
6745038	Callaway, Jr.	Jun 2004	B2
6747596	Orler	Jun 2004	B2
6748195	Phillips	Jun 2004	B1
6751464	Burg	Jun 2004	B1
6756938	Zhao	Jun 2004	B2
6757544	Rangarajan	Jun 2004	B2
6757545	Nowak	Jun 2004	B2
6757828	Jaffe	Jun 2004	B1
6771742	McCalmont	Aug 2004	B2
6771971	Smith	Aug 2004	B2
6772340	Peinado	Aug 2004	B1
6775255	Roy	Aug 2004	B1
6775267	Kung	Aug 2004	B1
6775534	Lindgren	Aug 2004	B2
6775655	Peinado	Aug 2004	B1
6775802	Gaal	Aug 2004	B2
6778136	Gronemeyer	Aug 2004	B2
6778885	Agashe	Aug 2004	B2
6781963	Crockett	Aug 2004	B2
6788249	Farmer	Sep 2004	B1
6795444	Vo	Sep 2004	B1
6795699	McGraw	Sep 2004	B1
6799049	Zellner	Sep 2004	B1
6799050	Krasner	Sep 2004	B1
6801159	Swope	Oct 2004	B2
6804524	Vandermaijden	Oct 2004	B1
6807534	Erickson	Oct 2004	B1
6810323	Bullock	Oct 2004	B1
6813264	Vassilovski	Nov 2004	B2
6813560	Van Diggelen	Nov 2004	B2
6816111	Krasner	Nov 2004	B2
6816580	Timmins	Nov 2004	B2
6816710	Krasner	Nov 2004	B2
6816719	Heinonen	Nov 2004	B1
6816734	Wong	Nov 2004	B2
6820269	Baucke et al.	Nov 2004	B2
6829475	Lee	Dec 2004	B1
6832373	O'Neill	Dec 2004	B2
6839020	Geier	Jan 2005	B2
6839021	Sheynblat	Jan 2005	B2
6839417	Weisman	Jan 2005	B2
6842715	Gaal	Jan 2005	B1
6847618	Laursen	Jan 2005	B2
6847822	Dennison	Jan 2005	B1
6853916	Fuchs et al.	Feb 2005	B2
6856282	Mauro	Feb 2005	B2
6861980	Rowitch	Mar 2005	B1
6865171	Nilsson	Mar 2005	B1
6865395	Riley	Mar 2005	B2
6867733	Sandhu	Mar 2005	B2
6867734	Voor	Mar 2005	B2
6873854	Crockett	Mar 2005	B2
6876734	Summers	Apr 2005	B1
6882850	McConnell et al.	Apr 2005	B2
6885874	Grube	Apr 2005	B2
6885940	Brodie	Apr 2005	B2
6888497	King	May 2005	B2
6888932	Snip	May 2005	B2
6895238	Newell	May 2005	B2
6895249	Gaal	May 2005	B2
6900758	Mann	May 2005	B1
6903684	Simic	Jun 2005	B1
6904029	Fors	Jun 2005	B2
6907224	Younis	Jun 2005	B2
6907238	Leung	Jun 2005	B2
6912230	Salkini	Jun 2005	B1
6912395	Benes	Jun 2005	B2
6912545	Lundy	Jun 2005	B1
6915208	Garin	Jul 2005	B2
6917331	Gronemeyer	Jul 2005	B2
6930634	Peng	Aug 2005	B2
6937187	Van Diggelen	Aug 2005	B2
6937872	Krasner	Aug 2005	B2
6940826	Simard	Sep 2005	B1
6940950	Dickinson et al.	Sep 2005	B2
6941144	Stein	Sep 2005	B2
6944540	King	Sep 2005	B2
6947772	Minear	Sep 2005	B2
6950058	Davis	Sep 2005	B1
6957073	Bye	Oct 2005	B2
6961562	Ross	Nov 2005	B2
6963557	Knox	Nov 2005	B2
6965754	King	Nov 2005	B2
6965767	Maggenti	Nov 2005	B2
6968044	Beason	Nov 2005	B2
6970917	Kushwaha	Nov 2005	B1
6973320	Brown	Dec 2005	B2
6975266	Abraham	Dec 2005	B2
6978453	Rao	Dec 2005	B2
6980816	Rohler	Dec 2005	B2
6985747	Chithambaram	Jan 2006	B2
6993355	Pershan	Jan 2006	B1
6996720	DeMello	Feb 2006	B1
6999782	Shaughnessy	Feb 2006	B2
7024321	Deninger	Apr 2006	B1
7024393	Peinado	Apr 2006	B1
7047411	DeMello	May 2006	B1
7065351	Carter	Jun 2006	B2
7065507	Mohammed	Jun 2006	B2
7072667	Olrik	Jul 2006	B2
7079857	Maggenti	Jul 2006	B2
7103018	Hansen	Sep 2006	B1
7103574	Peinado	Sep 2006	B1
7106717	Rosseau	Sep 2006	B2
7110773	Wallace	Sep 2006	B1
7136466	Gao	Nov 2006	B1
7136838	Peinado	Nov 2006	B1
7151946	Maggenti	Dec 2006	B2
7174153	Ehlers	Feb 2007	B2
7177397	McCalmont	Feb 2007	B2
7177398	Meer	Feb 2007	B2
7177399	Dawson	Feb 2007	B2
7185161	Kang	Feb 2007	B2
7200380	Havlark	Apr 2007	B2
7209758	Moll et al.	Apr 2007	B1
7209969	Lahti	Apr 2007	B2
7218940	Niemenna	May 2007	B2
7221959	Lindquist	May 2007	B2
7245900	Lamb	Jul 2007	B1
7260186	Zhu	Aug 2007	B2
7260384	Bales et al.	Aug 2007	B2
7321773	Hines	Jan 2008	B2
7330899	Wong	Feb 2008	B2
7333480	Clarke	Feb 2008	B1
7369508	Parantainen	May 2008	B2
7369530	Keagy	May 2008	B2
7382773	Schoeneberger	Jun 2008	B2
7394896	Norton	Jul 2008	B2
7428571	Ichimura	Sep 2008	B2
7436785	McMullen	Oct 2008	B1
7440442	Grabelsky et al.	Oct 2008	B2
7561586	Wang et al.	Jul 2009	B2
7573982	Breen	Aug 2009	B2
7602886	Beech	Oct 2009	B1
7711094	Olshansky	May 2010	B1
7783297	Ishii	Aug 2010	B2
7930214	Knauerhase et al.	Apr 2011	B2
8089986	Adamczyk et al.	Jan 2012	B2
8504687	Maffione et al.	Aug 2013	B2
20010011247	O'Flaherty	Aug 2001	A1
20010040886	Jimenez	Nov 2001	A1
20010049274	Degraeve	Dec 2001	A1
20020037735	Maggenti	Mar 2002	A1
20020052214	Maggenti	May 2002	A1
20020061760	Maggenti	May 2002	A1
20020069529	Wieres	Jun 2002	A1
20020077083	Zellner	Jun 2002	A1
20020077084	Zellner	Jun 2002	A1
20020077118	Zellner	Jun 2002	A1
20020077897	Zellner	Jun 2002	A1
20020086676	Hendry	Jul 2002	A1
20020098832	Fleischer	Jul 2002	A1
20020102996	Jenkins	Aug 2002	A1
20020102999	Maggenti	Aug 2002	A1
20020111172	DeWolf	Aug 2002	A1
20020112047	Kushwaha	Aug 2002	A1
20020118650	Jagadeesan	Aug 2002	A1
20020123327	Vataja	Sep 2002	A1
20020126656	Park	Sep 2002	A1
20020138650	Yamamoto	Sep 2002	A1
20020156732	Odijk	Oct 2002	A1
20020158777	Flick	Oct 2002	A1
20020173317	Nykanen	Nov 2002	A1
20020191595	Mar	Dec 2002	A1
20030009277	Fan	Jan 2003	A1
20030009602	Jacobs	Jan 2003	A1
20030012148	Peters	Jan 2003	A1
20030013449	Hose	Jan 2003	A1
20030016804	Sheha	Jan 2003	A1
20030026245	Ejzak	Feb 2003	A1
20030037163	Kitada	Feb 2003	A1
20030040272	Lelievre	Feb 2003	A1
20030061170	Uzo	Mar 2003	A1
20030065788	Salomaki	Apr 2003	A1
20030072318	Lam	Apr 2003	A1
20030078064	Chan	Apr 2003	A1
20030081557	Mettala	May 2003	A1
20030086422	Klinker et al.	May 2003	A1
20030096626	Sabo et al.	May 2003	A1
20030100320	Ranjan	May 2003	A1
20030101329	Lahti	May 2003	A1
20030101341	Kettler	May 2003	A1
20030103484	Oommen	Jun 2003	A1
20030108176	Kung	Jun 2003	A1
20030109245	McCalmont	Jun 2003	A1
20030114157	Spitz	Jun 2003	A1
20030119521	Tipnis	Jun 2003	A1
20030119528	Pew	Jun 2003	A1
20030125042	Olrik	Jul 2003	A1
20030137961	Tsirtsis	Jul 2003	A1
20030153340	Crockett	Aug 2003	A1
20030153341	Crockett	Aug 2003	A1
20030153342	Crockett	Aug 2003	A1
20030153343	Crockett	Aug 2003	A1
20030161298	Bergman	Aug 2003	A1
20030196105	Fineberg	Oct 2003	A1
20030204640	Sahineja	Oct 2003	A1
20030223381	Schroderus	Dec 2003	A1
20040002326	Maher	Jan 2004	A1
20040032485	Stephens	Feb 2004	A1
20040043775	Kennedy	Mar 2004	A1
20040044623	Wake	Mar 2004	A1
20040047461	Weisman	Mar 2004	A1
20040068665	Fox	Apr 2004	A1
20040068724	Gardner	Apr 2004	A1
20040092250	Valloppillil	May 2004	A1
20040098497	Banet	May 2004	A1
20040132465	Mattila	Jul 2004	A1
20040148357	Corrigan et al.	Jul 2004	A1
20040181689	Kiyoto	Sep 2004	A1
20040184584	McCalmont	Sep 2004	A1
20040185875	Diacakis	Sep 2004	A1
20040190497	Knox	Sep 2004	A1
20040198332	Lundsgaard	Oct 2004	A1
20040198386	Dupray	Oct 2004	A1
20040203922	Hines	Oct 2004	A1
20040205151	Sprigg	Oct 2004	A1
20040229632	Flynn	Nov 2004	A1
20040235493	Ekerborn	Nov 2004	A1
20040242238	Wang	Dec 2004	A1
20040267445	De Luca	Dec 2004	A1
20050028034	Gantman	Feb 2005	A1
20050039178	Marolia	Feb 2005	A1
20050041578	Huotari	Feb 2005	A1
20050043037	Loppe	Feb 2005	A1
20050053209	D'Evelyn	Mar 2005	A1
20050071671	Karaoguz	Mar 2005	A1
20050083911	Grabelsky	Apr 2005	A1
20050086467	Asokan	Apr 2005	A1
20050090236	Schwinke	Apr 2005	A1
20050838911	Grabelsky	Apr 2005
20050107673	Ball	May 2005	A1
20050112030	Gaus	May 2005	A1
20050119012	Merheb	Jun 2005	A1
20050132200	Jaffe	Jun 2005	A1
20050134504	Harwood	Jun 2005	A1
20050135569	Dickinson et al.	Jun 2005	A1
20050136885	Kaltsukis	Jun 2005	A1
20050149430	Williams	Jul 2005	A1
20050169248	Truesdale	Aug 2005	A1
20050174991	Keagy	Aug 2005	A1
20050192822	Hartenstein	Sep 2005	A1
20050201529	Nelson	Sep 2005	A1
20050209995	Aksu	Sep 2005	A1
20050213716	Zhu	Sep 2005	A1
20050232252	Hoover	Oct 2005	A1
20050243778	Wang	Nov 2005	A1
20050250516	Shim	Nov 2005	A1
20050259675	Tuohino	Nov 2005	A1
20050265318	Khartabil	Dec 2005	A1
20050266864	Chen et al.	Dec 2005	A1
20050271029	Iffland	Dec 2005	A1
20050282518	D'Evelyn	Dec 2005	A1
20050287979	Rollender	Dec 2005	A1
20050287990	Mononen	Dec 2005	A1
20050289097	Trossen	Dec 2005	A1
20060008065	Longman et al.	Jan 2006	A1
20060023747	Koren et al.	Feb 2006	A1
20060026288	Acharya	Feb 2006	A1
20060036680	Shim	Feb 2006	A1
20060053225	Poikselka	Mar 2006	A1
20060058042	Shim	Mar 2006	A1
20060058102	Nguyen et al.	Mar 2006	A1
20060064307	Pakkala	Mar 2006	A1
20060068753	Karpen	Mar 2006	A1
20060079249	Shim	Apr 2006	A1
20060120517	Moon	Jun 2006	A1
20060128395	Muhonen	Jun 2006	A1
20060135177	Winterbottom	Jun 2006	A1
20060188083	Breen	Aug 2006	A1
20060193447	Schwartz	Aug 2006	A1
20060212558	Sahinoja	Sep 2006	A1
20060212562	Kushwaha	Sep 2006	A1
20060225090	Shim et al.	Oct 2006	A1
20060234639	Kushwaha	Oct 2006	A1
20060234698	Fok	Oct 2006	A1
20060239205	Warren	Oct 2006	A1
20060242230	Smith	Oct 2006	A1
20060258380	Liebowitz	Nov 2006	A1
20060293024	Benco	Dec 2006	A1
20060293066	Edge	Dec 2006	A1
20070003024	Olivier	Jan 2007	A1
20070019614	Hoffmann	Jan 2007	A1
20070022011	Altberg	Jan 2007	A1
20070026854	Nath	Feb 2007	A1
20070026871	Wager	Feb 2007	A1
20070027997	Polk	Feb 2007	A1
20070030539	Nath	Feb 2007	A1
20070036139	Patel	Feb 2007	A1
20070037585	Shim	Feb 2007	A1
20070041513	Gende	Feb 2007	A1
20070049288	Lamprecht	Mar 2007	A1
20070072624	Niemaenmaa	Mar 2007	A1
20070081635	Croak	Apr 2007	A1
20070082681	Kim	Apr 2007	A1
20070082682	Kim	Apr 2007	A1
20070115941	Patel	May 2007	A1
20070121601	Kikinis	May 2007	A1
20070149213	Lamba	Jun 2007	A1
20070160036	Smith	Jul 2007	A1
20070162228	Mitchell	Jul 2007	A1
20070167177	Kraufvelin	Jul 2007	A1
20070182547	Wachter	Aug 2007	A1
20070202897	Smith	Aug 2007	A1
20070206568	Silver	Sep 2007	A1
20070206613	Silver	Sep 2007	A1
20070242660	Xu	Oct 2007	A1
20070243885	Shim	Oct 2007	A1
20070263610	Mitchell	Nov 2007	A1
20070270164	Maier	Nov 2007	A1
20080014931	Yared	Jan 2008	A1
20080020733	Wassingbo	Jan 2008	A1
20080037715	Prozeniuk	Feb 2008	A1
20080063153	Krivorot	Mar 2008	A1
20080065775	Polk	Mar 2008	A1
20080109650	Shim	May 2008	A1
20080117859	Shahidi	May 2008	A1
20080186164	Emigh	Aug 2008	A1
20080214202	Toomey	Sep 2008	A1
20080263169	Brabec et al.	Oct 2008	A1
20090137244	Zhou et al.	May 2009	A1
20090158136	Rossano et al.	Jun 2009	A1
20090158397	Herzog et al.	Jun 2009	A1
20090172804	Spies et al.	Jul 2009	A1
20090265552	Moshir et al.	Oct 2009	A1
20090265763	Davies et al.	Oct 2009	A1
20090320123	Yu	Dec 2009	A1
20100250603	Balakrishnaiah	Sep 2010	A1
20100287369	Monden	Nov 2010	A1
20100311447	Jackson	Dec 2010	A1
20110053618	Lin et al.	Mar 2011	A1
20110145564	Moshir et al.	Jun 2011	A1
20110219431	Akhtar et al.	Sep 2011	A1
20110252146	Santamaria et al.	Oct 2011	A1
20110300830	Ramrattan	Dec 2011	A1
20110307947	Kariv	Dec 2011	A1
20120124367	Ota et al.	May 2012	A1
20120150968	Yasrebi et al.	Jun 2012	A1
20120192287	Cai et al.	Jul 2012	A1
20120198535	Oberheide	Aug 2012	A1
20130171971	Fuji	Jul 2013	A1
20130191908	Klein	Jul 2013	A1
20130202108	Kao	Aug 2013	A1
20130336210	Connor et al.	Dec 2013	A1

Foreign Referenced Citations (8)

Number	Date	Country
9801887	Oct 1998	WO
9928848	Dec 1999	WO
WO0145342	Jun 2001	WO
0146666	Nov 2001	WO
WO2004025941	Mar 2004	WO
2005022090	Jun 2005	WO
WO2005051033	Jun 2005	WO
WO2006075856	Jul 2006	WO

Non-Patent Literature Citations (14)

Entry
Intrado Inc., Qwest Detailed SR/ALI to MPC/GMLC Interface Specification for TCP/IP Implementation of TIA/EIA/J-STD-036 E2 with Phase I Location Description Addition, Intrado Informed Response; Apr. 2004; Issue 1.11; pp. 1-57.
International Search Report in PCT/US2007/23243 dated Apr. 2, 2008.
PCT International Search Report (PCTUS2007/23714) and Written Opinion of International Searching Authority, Apr. 18, 2008.
Le-Pond Chin, Jyh-Hong Wen, Ting-Way Liu, the Study of the Interconnection of GSM Mobile Communication System Over IP based Network, May 6, 2001, IEEE, Vehicular Technology Conference, vol. 3, pp. 2219-2223.
Location Based Services V2 Roaming Support (non proprietary), 80-V8470-2NP A, dated Jan. 27, 2005, pp. 1-56.
Qualcomm CDMA Technologies, MS Resident User Plane LBS Roaming—80-VC718-1 E, 2006, pp. 1-37.
Qualcomm CDMA Technologies, LBS Control Plane/User Plane Overview—80-VD378-1 NP B, 2006, pp. 1-36.
Bhalla et al, TELUS, Technology Strategy—LBS Roaming Summit, Sep. 19, 2006.
Alfredo Aguirre, Iusacell, First and Only Carrier in Mexico with a 3G CDMA Network, 2007.
Mike McMullen, Sprint, LBS Roaming Summit, Sep. 19, 2006.
Andrew Yeow, BCE, LBS Roaming Summit, Sep. 19, 2006, pp. 1-8.
Qualcomm CDMA Technologies, LBS Control Plane Roaming—80-VD377-1NP A, 2006, pp. 1-10.
International Search Report received in PCT/US2013/21199 dated Mar. 26, 2013.
International Search Report received in PCT/US2012/068083 dated Feb. 8, 2013.

Related Publications (1)

	Number	Date	Country
	20150085664 A1	Mar 2015	US

Continuation in Parts (1)

	Number	Date	Country
Parent	14032913	Sep 2013	US
Child	14056412		US

Quality of service to over the top applications used with VPN

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

Field of Search

CPC

International Classifications

Term Extension

Abstract