CN106716920A - Methods and apparatus for hybrid access to a core network based on proxied authentication - Google Patents

Abstract

Apparatus and methods for hybrid access to a core network. In one embodiment, a wireless station enables a subscriber device to connect to a core network via an intermediate network (e.g., a Wi-Fi network) rather than the network traditionally associated with the core network (e.g., a cellular network). In one implementation, the subscriber device connects to the wireless station at the (Transmission Control Protocol/Internet Protocol) TCP/IP layers. Methods and apparatus for securely authenticating the subscriber device via the wireless station are disclosed. In one such variant, the subscriber device is a SIM-less device.

Description

Based on proxy authentication to the method and apparatus of the hybrid access of core network

Priority

Present application advocates that September in 2015 is applied and entitled " based on proxy authentication to the hybrid of core network on the 23rd Method and apparatus (the METHODS AND APPARATUS FOR HYBRID ACCESS TO A CORE NETWORK of access BASED ON PROXIED AUTHENTICATION) " co-own, No. 14/863,239 United States Patent (USP) of CO-PENDING The priority of application case, the application case advocates September in 2014 application, entitled " the hybrid access to core network on the 25th Method and apparatus (METHODS AND APPARATUS FOR HYBRID ACCESS TO A CORE NETWORK) " be total to With possessing, the priority of the 62/071st, 517 U.S. provisional patent application cases of CO-PENDING, above-mentioned application case quotes in full Mode be incorporated herein.

Related application

Present application is related to " METHODS AND APPARATUS FOR A entitled filed in 15 days January in 2014 NETWORK-AGNOSTIC WIRELESS ROUTER's (for the method and apparatus of the unknowable wireless router of network) " is common Possess and No. 14/156,174 U.S. patent application case of CO-PENDING, 15 days January in 2014 filed in it is entitled " to core Method and apparatus (the METHODS AND APPARATUS FOR HYBRID ACCESS TO A of the hybrid access of network CORE NETWORK) " co-own and CO-PENDING the 14/156th, No. 339 U.S. patent application case, foregoing each application Way of reference is incorporated herein case in full.

Technical field

The present invention relates generally to radio communication and the field of data network.More specifically, at an exemplary aspect, this Invention is related to the method and apparatus for the hybrid access to core network.

Background technology

Led come the rapid growth of the mobile data service accelerated by the appearance of particularly so-called " smart phone " technology Caused high speed data transfer amount and Information Mobile Service popularization sharply increase.It is client to more preferable and more reliable along with becoming increasingly popular Service and the expectation of the raising of network capabilities.Short-term solution for alleviating high power capacity demand includes unwelcome reality Trample, such as " data rate throttling ", introduce limited and expensive valency table and phase out " infinite data plan ".Longer solution Certainly scheme needs new access technology (such as Long Term Evolution (LTE)) to meet the demand of client, and needs further exist for costliness Infrastructure investment.

The example of earlier solutions (for example flies cell, picocell and small comprising for example so-called " small cell " Area), " HetNet " (heterogeneous network) and " Wi-Fi unloadings ".Used as brief aside, small cell technology needs network operation The backhaul connectivity of the core network of business；This can make the deployment become complicated, because small cell possibly cannot access enough frequencies Rate resource, but still need the bottom (i.e., it is necessary to provide carrier class connectivity with every much higher cost) of Large Copacity. HetNets simultaneously has various different network technologies, and can experience the interference of the cochannel between macrocell and underlay cell.Conversely Ground, does not lack the frequency spectrum with " Wi-Fi unloadings ", Wi-Fi Hotspot operates in the frequency band for (exempting from licence plate) without approval, it is described There is substantial amounts of frequency spectrum (industrial science and medical science (ISM) and unlicensed national information infrastructure (U-NII) frequency in frequency band Band can provide the frequency spectrum of nearly 0.5GHz).For this reason, Wi-Fi unloadings have a great attraction to Virtual network operator；In fact, Some small cell base stations have integrated Wi-Fi access points (AP) feature (for example, " Wi-Fi is ready ").

In spite of such benefit, but some basic problems being associated with Wi-Fi uninstalling systems and network are still present. Using honeycomb and Wi-Fi network as two independent business department's disposal, it is separate operation and manages existing Virtual network operator Reason.Also there is little fusion and intercommunication between two networks of operation and service aspect.For example, Wi-Fi network is without mark It is accurate " it was found that ", " selection " and " access " mechanism and/or program.This can cause to be difficult to learn such network, and/or cause inconsistent Service quality (QoS), safety and strategy.Additionally, cellular network generally implements single Subscriber Identity Module (SIM), it is through matching somebody with somebody Put to obtain, register, verify and coded communication；By contrast, Wi-Fi network is to be based on depending on wireless the Internet service to supply The auth method of various " being based on network " of business's roaming (WISPr) (or similar variant).WISPr requirement user input users Name and password, user name and password and then by for example verifying, authorizing and charging (AAA)/remote verification dialing user service (RADIUS) server authentication；The cumbersome and prone error of this step.

In view of such shortcoming, it is necessary to improve method and apparatus come utilize other network technologies realize be linked into mobile wireless (such as honeycomb) network.Such improvement will be desirable to provide the integrated solution for such as Wi-Fi and cellular network so that For example Consumer's Experience, policy control, discovery, selection and association, checking and QoS are seamless and similar in two networks.Other are good Place can be comprising such as Wi-Fi roamings, Wi-Fi neutrality main frames and IP mobility capability, while for integrated cellular Wi-Fi network is provided Network handover.

The content of the invention

The present invention is by especially providing the improvement device and method for the hybrid access to core network come before meeting State needs.

A kind of method for disclosing radio communication to contain first and second communication system, wherein first communication system System has at least first node and Section Point for communicating with one another.In one embodiment, methods described is included：Described first The Part I of execution level in node, and make the Part II of the Section Point execution level；One is provided from the first node Or multiple identification informations are to the Section Point, the Part II of one or more identification information binder courses is configured to The first node is verified with least one of first communication system logic entity；And wherein good authentication sets up described Connection between Section Point and at least one logic entity.

In a variant, the Part II of execution level is included and is coupled to the first segment in the Section Point (transmission control protocol/Internet Protocol) tcp/ip layer of point.

In the second variant, the Part I of execution level is included and is coupled to the second section in the first node Complementation (transmission control protocol/Internet Protocol) tcp/ip layer of point.

In the 3rd variant, methods described is included makes the Part II of layer derive one or more checking informations；And base In through the Part II of derived one or more checking informations, layer be further configured to the Section Point with it is described extremely One or more Data payloads of the first link between a few logic entity are encrypted.In this variant, institute The method of stating is further contained at the Part I of layer derives described one or more checking informations；And based on through derived one Or multiple checking informations, one or more Data payloads to the Part II of layer at the Part I of layer enter Row encryption.

In the 4th variant, methods described is included from being not at the local Subscriber Identity Module of the first node (SIM) Receive described one or more identification informations.At one in this case, being performed from the first segment via public-key cryptography scheme Point provides described one or more identification informations to the Section Point.In an exemplary variant, the public-key encryption Scheme includes the password manually typed in from user input reception.In another variant, the public-key cryptography scheme includes inspection Rope predefines public keys.

A kind of internuncial radio station apparatus for being configured to and providing to core network are provided.In one embodiment, The radio station apparatus are included：Network interface, the network interface is configured to connect to related to the second radiotechnics The core network of connection；Radio interface, the radio interface configuration is with according to different from second radiotechnics The first radiotechnics provide open wireless network；Processor；And non-transitory embodied on computer readable media, its with it is described Processor enters row data communication and comprising one or more instructions.In an exemplary embodiment, by the computing device When, described one or more instructions make the radio station apparatus right in response to the subscriber devices request of the open wireless network The access of the core network and carry out following operation：One or more identification informations are received from the subscriber devices；Based on described One or more identification informations are verified via the network interface to the core network, wherein the checking causes one or more The derivation of individual authentication secret；And ordered described in via open wireless network foundation based on described one or more authentication secrets The safety chain of family device.

In a variant, described one or more instructions make the radio station apparatus when by the computing device Perform and the subscriber devices and unique one or more software layers being associated of second radiotechnics.

In one second variant, the calling heap that one or more software layers emulation through performing is associated with the subscriber devices One or more parts of stack.In some cases, emulate and verify the subscriber devices at least to second radiotechnics One software layer.

In the 3rd variant, one or more received identification informations are received via public-key encryption；And wherein The safety chain being set up is based on symmetric key encryption.

Disclose a kind of subscriber devices for being configured to be communicated with core network via radio station.In one embodiment In, the subscriber devices are included：Radio interface, the radio interface is configured to and radio set communication, wherein described Radio station is configured to and the core network；Processor；And non-transitory computer-readable taking equipment, it includes one Or multiple instruction.In an exemplary embodiment, described one or more instructions are configured to during by the computing device, The subscriber devices are made to carry out following operation：One or more identification informations to the radio station are provided, wherein the radio Platform is configured to and the core network；One or more checking informations are received from the radio station；And based on from described One or more keys derived from one or more checking informations set up the secure connection of the radio station.

In a variant, the identification information accesses peace comprising Long Term Evolution (LTE) evolved packet system (EPS) key Full property management entity (KASME) encryption key.

In the second variant, the subscriber devices are further configured to be ordered to described by least one other subscriber devices The use of one or more identification informations of family device is authorized.In this variant, at least one other subscriber's dress Put and the secure connection is shared into the radio station.In another variant, it is right that the subscriber devices are further configured to Described at least one other subscriber devices request Internet Protocol (IP) address.

In the 3rd variant, described one or more identification informations are provided to the radio via public-key cryptography scheme Platform.

The accompanying drawing and the detailed description of one exemplary embodiment that one of ordinary skill in the art give with reference to following article will It is immediately appreciate that further feature of the invention and advantage.

Brief description of the drawings

Fig. 1 is that the block diagram of a 8th edition network architecture of third generation affiliate (3GPP) for prior art is represented.

Fig. 2 is the square frame chart of an one exemplary embodiment by Wi-Fi (WoLTEN) network architecture of Long Term Evolution Show.

Fig. 3 is that the logic block-diagram of an exemplary radio platform is represented, the radio station is configured to according to herein The various principles of description provide the hybrid access to core network.

Fig. 4 is that the logic block-diagram of an exemplary subscriber devices is represented, the subscriber devices are configured to via basis The hybrid access scheme of various principles described herein carrys out Access Core Network.

Fig. 5 is represented with reference to useful IEEE (IEEE) 802.11n of various aspects of the invention The logic block-diagram of physics (PHY) (L1) and medium education (MAC) (L2) protocol stack.

Fig. 6 is (for example, such as Fig. 4 by exemplary radio platform (for example, as depicted in fig. 3) and exemplary subscriber devices Described in) formed Wi-Fi pipes logical expressions.

Fig. 7 is the logic software chart of some logics, transmission and physical channel of the LTE radio architectures of prior art Show.

Fig. 8 is that the logic software figure of the LTE software users plane protocol stacks of prior art is represented.

Fig. 9 is that the logic software figure of the LTE software control plane protocol stacks of prior art is represented.

Figure 10 be illustrate various aspects of the invention LTE radio subscribers plane protocol stack and its modification one The logic software figure of individual one exemplary embodiment, the protocol stack is grasped between subscriber's installation (UE) and evolved NodeB (eNB) Make.

Figure 11 be illustrate various aspects of the invention LTE radio controls plane protocol stack and its modification one The logic software figure of individual one exemplary embodiment, the protocol stack is between the subscriber's installation (UE) and evolution NodeB (eNB) Operation.

Figure 11 A are according to the exemplary stack of use second of principle described herein arrangement and Wi-Fi access points (AP) The logic block-diagram of one processing quality equipment (UE) of communication.

Figure 12 is to illustrate an exemplary implementation with reference to the useful conceptual frameworks of LTE MAC of various aspects of the invention The logic software figure of example.

Figure 13 is total protocol stack construction (user plane and the control plane two for subscriber devices and radio station Person) logic software figure represent.

Figure 14 is a logical flow chart for generalized process of the discovery, starting and configuration for mobile management session.

Figure 15 is to illustrate one performed on subscriber devices exemplary Wi-Fi (WoLTEN) application by Long Term Evolution The logical flow chart of the initialization of the WoLTEN connections of program (APP).

Figure 16 is to illustrate one performed in radio station exemplary Wi-Fi (WoLTEN) agency by Long Term Evolution WoLTEN connection initialization logical flow chart.

Figure 17 is the logic that the exemplary outside Subscriber Identity Module (SIM/USIM) of useful one is combined with the present invention Block diagram.

Specific embodiment

With reference now to schema, wherein identical numeral refers to throughout same section.

In brief, the method and apparatus for the hybrid access to network (such as core network) is disclosed in (such as) It is entitled 15 days January in 2014 being incorporated to before filed in " to the method and apparatus of the hybrid access of core network No. 14/156,339 of (METHODS AND APPARATUS FOR HYBRID ACCESS TO A CORE NETWORK) " It is entitled filed in U.S. patent application case, 15 days January in 2014 " to be used for the method and apparatus of the unknowable wireless router of network The 14/156,174th of (METHODS AND APPARATUS FOR A NETWORK-AGNOSTIC WIRELESS ROUTER) " In number U.S. patent application case.As disclosed herein, " incoming tunnel " (for example, so-called " Wi-Fi pipes ") causes subscriber's dress Putting can contact via go-between (for example, Wi-Fi network) with core network.In one embodiment, radio station's warp Configure and be directly connected to core with using the agreement similar to (or being same as) existing network entity (such as evolution NodeB (eNB)) Heart network.As described in greater detail, exemplary Wi-Fi access points (AP) provide the access to Long Term Evolution (LTE) network. Subscriber devices and radio station connect via Wi-Fi pipes；Radio station performs conversion program, and (for example subscriber's installation (UE) media connect Enter control (MAC), virtual phy (VPHY) and access point (AP) MAC), subscriber devices to LTE cores are seamlessly connected whereby Network.

It is described more fully hereinafter in the various other advantages of disclosed embodiment.

The detailed description of one exemplary embodiment

One exemplary embodiment of the invention will now be described in more detail.Although these embodiment combination Wi-Fi Hotspots (IEEE802.11n) operate and mainly discussed in the case of forth generation Long Term Evolution (4G LTE or LTE-A) wireless network, but It is that one of ordinary skill in the art will be recognized that the present invention is not so limited.In fact, various aspects of the invention exist It is useful in any wireless network that can be benefited from wireless routing described herein.

As used herein, term " wireless " means any wireless signal, data, communication or other interfaces, and it is included But it is not limited to Wi-Fi (IEEE 802.11 and its derivative, such as " b ", " a ", " g ", " n ", " ac " etc.), bluetooth, 3G (examples Such as 3GPP, 3GPP2 and UMTS), 4G (LTE, LTE-A, WiMax), HSDPA/HSUPA, TDMA, CDMA (such as IS-95A, WCDMA etc.), FHSS, DSSS, GSM, PAN/802.15, WiMAX (802.16), 802.20, arrowband/FDMA, OFDM, PCS/ DCS, analog cellular, CDPD, satellite system, millimeter wave or microwave system, acoustics and infrared ray (that is, IrDA).

Additionally, as used herein, term " network " typically refers to any kind of data, telecommunications or other networks, It (includes MAN, PAN, WAN, LAN, WLAN, microgrid, piconet, internet and enterprises including but not limited to data network Net), satellite network, cellular network and communication network.

Existing hybrid access solution-

In the past, backhaul and in-door covering are two maximums " pain spot " for Virtual network operator；Recently, mobile network Network data capacity has become inquiry.Increase data capacity simultaneously for Virtual network operator is time-consuming and money solution will There is return high.Even if Virtual network operator is resisted in its network and uses Wi-Fi, but it becomes obvious that to data capacity The rational solution of problem will need Wi-Fi integrated.

Used as brief aside, frequency spectrum (or bandwidth) is rare and expensive resources costs for Virtual network operator.Although Most of Virtual network operators possess the bandwidth (most) of about 10MHz to 20MHz, but Wi-Fi network across hundreds of MHz frequently Operation in the unlicensed frequency range of spectrum.Supporting industry, science and medical treatment (ISM 2.4GHz) and unlicensed national information foundation set Applying the Wi-Fi systems of (U-NII 5GHz) frequency band will be linked into about 80MHz frequency spectrums under ISM and be linked under U-NII frequency bands About 450MHz frequency spectrums (not comprising outdoor frequency band).Initially, Virtual network operator be concerned about exempt from licensing (exemption) frequency spectrum availability and Quality and the possibility negative effect to Consumer's Experience；However, unlicensed technology (such as Wi-Fi) continues to provide stable and effective Connectivity, even if congestion and it is hostile in the case of be also such.

Different from cellular technology, most of existing Wi-Fi products are based on interim deployment.Wi-Fi network uses warp Collision sense multiple access/conflict avoidance (CSMA/CA) and contention-free (point coordination function of the specific design to realize disposing temporarily (PCF) or distributed coordination function (DCF)) medium education (MAC) agreement.Interim deployment reduces the net of Virtual network operator Network planning, deployment and the burden safeguarded.

For further, cellular technology is initially designed to support that the business model of more equality (is for example provided with phase To a large number of users of low rate speech ability), Wi-Fi technology is designed to support the high-throughput from concept.Existing Wi-Fi dresses Put the data rate that usually can have more than 300 megabit per seconds；Following revision promise to undertake have by gigabit/second in terms of data speed Rate.

Wi-Fi technology and device were manufactured more than 10 years, and component is through commercialization and can be used with relatively low cost.Perhaps More existing consumer devices and have a Wi-Fi technology, thus equipment minimum cost (for Virtual network operator and user two Person) do not exist any notable obstacle for deployment.

For at least the foregoing reasons, so-called " layer (Tier) 1 " operator (such as AT＆And) nearest And have requested that Wi-Fi with core network in the development (such as third generation cooperative partner program (3GPP) the 12nd edition) of future standard It is integrated.Specifically, Virtual network operator is it has been concluded that Wi-Fi can have potential applicability to be used as contemporary communication system Uniting is used for：A () unloads data service, and (b) improves coverage.More directly say, Wi-Fi unloadings can mitigate business congestion, Because the usable spectrum of Wi-Fi exceedes the frequency spectrum of Virtual network operator.Additionally, compared with equal small cell solution, Wi-Fi is more cost effective, and does not require the network planning and operation to " hardly possible covering " region (such as indoor).Therefore, it is many And there is a Wi- newer small cell base station (the evolution NodeB (eNodeB or eNB) of so-called 3G " NodeB " and 4G LTE) Fi access points (AP) ability.

However, existing solution is influenceed by multiple implementation issues.The cellular network for providing Wi-Fi services at present will Honeycomb and Wi-Fi network are considered as two independent business unit, wherein described two networks are through individually operation and manage.From implementation From the perspective of, runing and servicing aspect, there are seldom fusion and intercommunication between two kinds of networks or without fusion and intercommunication.This Outward, Wi-Fi network by shortage standard " it was found that ", " selection " and access mechanism and program influenceed.For this reason, user is usual It is extremely difficult to find and use such network, even and if once find, the service quality (QoS) and strategy of service are across whole network It is not consistent or be guaranteed.Inconsistent service is provided and is easily easily noticed by the users, and can negatively influence CSAT.

As previously mentioned, Wi-Fi network is the network authentication based on such as WISPr (or similar variant) Method, this is based on traditional user name/password example.Although for (such as supporting the checking of extensible authentication protocol with Wi-Fi Key agreement (EAP-AKA)) implementation subscriber identity module (SIM) operation has some major obstacles, but some operators are (for example) use the checking based on Wi-Fi SIM/USIM.Similarly,With proprietary solution (for example, the product line based on aggregated service router (ASR) and the Cisco for network management), such as(such as clever cloud radio (Light Radio) Wi-Fi/WLAN gateways) and(for example, clothes Business perceives charging and the solution of control (SACC) and its system integrating Wi-Fi unloads solution as Wi-Fi) also have Proprietary solution is general.

However, even in these solutions, Wi-Fi network is independently of the entity of cellular network.This is different to cause Different level of securitys and Consumer's Experience, and it is next with the additional investment in multiple networks and interconnection entity to be frequently necessary to operator Two independent and different networks of management.For example, depending on solution, in order to be sufficiently accurate it may be desired to new or modified cell-phone function reality Body, such as EAP-SIM and EAP-AKA (such as mobility and nothing of client-based IP streams of Wi-Fi and routing algorithm Seam unloading (IFOM)).

The present invention is presented the evolution brief history of Wi-Fi honeycombs interoperability.In the version 6 of 3GPP, mainly describe for Wi- Integrated intercommunication-WLAN (I-WLAN) standard of Fi and 3G network.This prior standards supports IP numbers by Wi-Fi or 3G network According to, and be required to have multiple new network entities (for example, WLAN (WLAN) access gateway (WAG), bag data gateway (PDG), checking, mandate and charging (AAA) server and local agent (HA)).Although this standard is not by Virtual network operator institute Receive, but I-WLAN is tighter integrated with Long Term Evolution (LTE) core network and (also referred to as drills in the version 8 of 3GPP Enter type bag core (EPC)).

Fig. 1 describes the network architecture 100 of the 3GPP versions 8 of prior art.As indicated, 3GPP versions 8 introduce 3GPP cores Three networking components in network (EPC), i.e.,：Evolved packet data gateway (ePDG) 102, checking are authorized and charging (AAA) service Device 104 and access network discovery and selection function (ANDSF) 106.Some of Wi-Fi network existing network entity is also through repairing Change or adjust with and have additional functionality (such as mobility/controller gateway 108).As indicated, Wi-Fi AP 116 are conventional IEEE 802.11n AP, it meets IEEE 802.11n standards.During operation, Wi-Fi AP 116 are connected to mobility/control Device gateway 108 processed is simultaneously controlled by it, and mobility/controller gateway 108 is integrated via ePDG 102 and EPC.UE 114 can also be needed The client-based mobile IP and IP flow mobilities that corresponding function is wanted to support to be unloaded for Wi-Fi, and via Wi-Fi AP 116 is supported to find, selected, the ability of association and the checking based on SIM and encryption.

The framework of Fig. 1 is realized so-called " non-trusted access ".Specifically, (it is also connected to and returns aaa server 104 Category subscriber server (HSS) 110) comprising allowing to carry out the testing based on SIM of Wi-Fi subscriber devices by means of EAP-AKA Card.Bag data gateway (PDG) (being previously introduced into version 6) is newly defined as evolved PDG (ePDG) in 3GPP versions 8 102.As indicated, ePDG 102 is directly connected to packet data network (PDN) gateway (P-GW) 112, to support the shifting of the IP of Wi-Fi Dynamic property.In the framework of Fig. 1, subscriber's installation (UE) 114 is configured to itself, and (intervention networking component is not with ePDG 102 The entity of trust, thus this scheme provide non-trusted access) between set up internet protocol secure (IPsec) tunnel.Because Intervention networking component is not trusted, so UE 114 must be set up the IPsec tunnels of ePDG 102.This can be greatly treatment Burden, because ePDG must support and safeguard the independent IPsec tunnels of every UE.

3GPP versions 10 keep the network architecture 100, and by General Packet Radio business (GPRS) tunnel protocol (SaMOG) The mobility based on S2a is introduced, this realizes " trust " access network operation.Different from version 8, in version 10, IPsec tunnels It is arranged between Wi-Fi AP 116 and P-GW 112.This configuration mitigates a large amount of (bandwidth) the IPsec tunnels at ePDG 102；So And, because IPsec tunnels do not extend to Wi-Fi radio interface, air interface must receive another mechanism (such as focus 2.0 (IEEE 802.11i) standards) protection.

In the context of Fig. 1, various unloading algorithms can be used to solve for the ambulant different clothes of different services and IP Business quality (QoS) is required.Two features are specified to the unloading based on QoS in version 10：Multiple access PDN connectivities (MAPCON) and IP flow mobilities (IFOM)；Virtual network operator can implement either a program based on such as business consideration etc..

In both MAPCON and IFOM, unique IP address is assigned to each protocol data network (PDN)；It is each PDN is specific service network, including but not limited to：Internet, IP multimedia subsystem (IMS) in current 3GPP frameworks, IPTV etc..Every PDN is further recognized by APN (APN).Additionally, all of PDN is passed to Wi-Fi unloadings Network returns to cellular network.MAPCON is allowed based on PDN qos requirements or offered load selection access network.IFOM is The higher level version of MAPCON, because it allows the given PDN to have some IP flows, so as to further be improved simultaneously based on QoS Optimization performance.In version 10, every PDN is associated with two IP address, and an address is used for cellular network and accesses and one Address is accessed for Wi-Fi network, so as to allow to access by two networks simultaneously.

In order to complete the integrated of Wi-Fi and 3GPP cellular networks, the automated network of standard " it was found that ", " selection " and " close Connection " and the framework of " policy control " are required by Wi-Fi network.Existing network framework 100 is access network discovery and choosing Select function (ANDSF) 106 and focus 2.0 provides above-mentioned functions.ANDSF provides the policy control based on client-server Solution, focus 2.0 (for example connects in the air for Wi-Fi network provides the checking based on EAP-SIM and EAP-AKA via Wi-Fi Discovery that mouth is carried out, selection and associated with Virtual network operator).

Exemplary Wi-Fi (WoLTEN) network architecture by Long Term Evolution

In spite of previous effort, but continue to receive for combining the existing solution of honeycomb and the Wi-Fi ecosystems The influence of various problems.Specifically, the proposed 3GPP solution integrated to honeycomb/Wi-Fi is not " entirety "；Institute The solution of proposal is across the specialization of network element and/or piecing together for modification functional entity.Gained solution is multiple It is miscellaneous, imperfect, unrealistic and not expansible.Even if entering in one of solution relatively complex and expensive to these After row significant investment, Virtual network operator is still necessary to：I () operates and safeguards two kinds of different networks, and (ii) solution is described Different user experience (such as security and QoS) between network.

Additionally, there are the unsolved other problems of these solutions.For example, version 10 propose (such as SaMOG, MAPCON, IFOM, ANDSF and HotSpot2.0) require that Wi-Fi network is " trust network ".Actual implementation will be most possible Needs are possessed by Virtual network operator.Such limitation (even if being not expressly set out) eliminates desired characteristics, and (such as Wi-Fi overflows Trip, neutral host service function etc.) and limitation Wi-Fi network deployment scenario.Specifically say, some independent operators are (for example) network in unlicensed band is transferred the possession of using Wi-Fi.

Present solutions provide honeycomb (such as 3GPP) and Wi-Fi network a certain degree of integrated and coexist；But These solutions are typically complicated, expensive, and, it is necessary to make some effort to run and safeguard for operator.Thing In reality, at the U.S. (USA), an operator (AT＆T) for having adopted the above-mentioned network architecture is only existed.

Therefore, various embodiments of the present invention are related to the method and apparatus for the hybrid access to core network.Reason The solution thought will be seamless for two kinds of networks and feature similar (such as Consumer's Experience, policy control, hair Existing, selection, association, checking and QoS etc.).Additionally, such embodiment should be provided for Wi-Fi roamings, Wi-Fi neutrality main frames The mobility of ability and IP also supports the component of the network handover for integrated cellular/Wi-Fi network simultaneously.

Wi-Fi integrated current method is depended on for example by adding new functional entity while changing some existing work( Can incrementally change of the entity to existing 3GPP and Wi-Fi network.By contrast, preferred solution should be set up in existing 3GPP On network (that is, wherein 3GPP core networks (for example, the EPC in 4G LTE networks) do not change or have minimum change), without It is to change the feature of Wi-Fi AP and UE to realize the integrated of wanted degree.Therefore, modification Wi-Fi AP features are disclosed to connect With the various solutions of the middleware software in UE, Wi-Fi AP features are configured to minimum change within the core network In the case of realize integrated (being transparent for end user) of total Wi-Fi and 3GPP networks.

Although discussion below is to provide the 4G-LTE (FDDs of the operation in the frequency band of 3GPP approval FDD licenses (FDD)) presented in the context of the 3GPP core networks of network, however, it is understood that described principle can be by association area Those of ordinary skill is in view of present disclosure is easily applicable to other network technologies.Other example bags of 3GPP network technologies Containing but be not limited to 3G WCDMA/UMTS/HSPA, 2G and 2.5G GSM-GPRS networks and FDD and TDD cellular systems.

Although discussion below is presented in the context of IEEE 802.11n access point (AP) technology, however, it is understood that Described principle can be by those of ordinary skill in the related art in view of present disclosure is easily applicable to other network skills Art.Other examples of suitable access technology include such as derivatives of IEEE 802.11, such as " b ", " g ", " a ", " ac ", jump Frequency spread spectrum (FHSS), DSSS (DSSS) and infrared ray (IR).

Fig. 2 describes an one exemplary embodiment of the network architecture 200, and the network architecture 200 is hereinafter referred to as " WoLTEN nets Network " (by the Wi-Fi network of Long Term Evolution (LTE)).In illustrated embodiment, evolution bag core (EPC) 202 needs little Modification need not be changed at all；Alternatively, the software functionality of Wi-Fi AP 204 and UE 206 is configured to adapt to wireless Electrically operated difference (for example, the difference between honeycomb operation and IEEE 802.11 are operated).In illustrated WoLTEN networks, Wi-Fi AP 204 are directly connected to the security gateway 208 of EPC 202, and are taken as with identical with the eNB 210 in network Authority and security (that is, it is " trust " AP).In other embodiments (displaying), security gateway 208 is directly connected to HeNB gateways or local gateway or equivalent security gateway entity.In some variants, Wi-Fi AP can be connected to mobility/ Controller gateway 212 is for use as conventional Wi-Fi AP (for example, for old edition device provides support etc.).Old edition operation similar to Existing proposal (network architecture 100 and do not further describe) for example, with reference to Fig. 1.

During WoLTEN is operated, (i.e. physical layer (PHY) and media are accessed the lower level being associated with IEEE 802.11n Control (MAC) layer) in many layers substantially keep it is identical with existing IEEE 802.11n implementations.In certain embodiments, Not comprising link layer control (LLC) layer；LLC layer can be included in other variants.However, various embodiments of the present invention are in MAC The particular functionality of LTE is realized on layer.Specifically, subscriber devices show as logic LTE subscriber's installations (UE) in MAC layer； Similarly, Wi-Fi AP show as logic LTE evolution NodeB (eNB) in MAC layer.Removed by from the higher function of LTE Dependence to lower level physical functionality, based on related consideration (such as connectivity, power consumption, data demand etc.), Wi- Fi unloading algorithms can any wireless access technology of unrestricted choice (such as LTE or Wi-Fi).

For example, as described in more detail below, the WoLTEN real-time performances of Fig. 2 are with LTE general subscriber identification modules (USIM) (such as the authentication secret based on extensible authentication protocol consults (EAP-AKA)) is verified, and therefore Wi-Fi network Can be operated under " open system authentication " pattern (that is, Wi-Fi accesses should not solve book and be linked into integrated network).Because single USIM is used for both LTE and Wi-Fi network, so Wi-Fi unloading selection algorithms can reside in UE (based on UE) 206 or network In in (such as MME 214) or both, and various considerations (such as load of each radio access unit and/or nothing can be based on Line electricity condition, service quality (QoS) of service provided etc.).Herein in an example, the algorithm based on UE may prefer to make Accessed with Wi-Fi, and if Wi-Fi accesses are unavailable, then UE returns to LTE accesses.

Additionally, because Wi-Fi AP 204 are to be considered as eNB entities, strategy and charging by WoLTEN network entities Rule functional (PCRF) 216 can use identical policy and charging regulation to eNB supporting bodies and appropriately enabled Wi-Fi AP. In some embodiments, operator may prefer to have different strategies to two access units (LTE eNB and Wi-Fi AP) And charging regulation.

Exemplary radio platform-

(see, for example, exemplary subscriber devices hereafter) described in greater detail below, various embodiments of the present invention The middleware software that can be combined in user UE (UE-S) device is used together.In certain embodiments, can (for example by User) download middleware software；Alternatively, can device manufacture during the pre-loaded middleware software.In other realities again Apply in example, various embodiments of the present invention can be used together with reference to subscriber devices, the subscriber devices come comprising special hardware Support appropriate feature.

With reference now to Fig. 3, presentation is configured to provide an exemplary radio to the hybrid access of core network Platform 300.

In one embodiment, radio station 300 is self-contained unit, but those possessing an ordinary skill in the pertinent arts will realize Arrive, described feature is incorporated into wide variety of device, described device including but not limited to：Base station is (such as long-term Evolution (LTE) evolved node B (eNB) etc.), portable computer, desktop computer etc..

Demonstration equipment 300 includes one or more substrates 302, and the substrate is integrated further comprising multiple integrated circuits Circuit includes processing subsystem 304, such as digital signal processor (DSP), microprocessor, programmable logic device (PLD), door Array or multiple processing assemblies, and to power managemet subsystems 306, the memory sub-system 308 and first of the power supply of equipment 300 Radio modem subsystem 310 and Ethernet switch 312 and the ethernet port of association.In some embodiments In, also there may be user input/output (IO) 314.

In some cases, processing subsystem can also include internal cache.Processing subsystem 304 is connected to Memory sub-system 308 comprising non-transitory computer-readable memory, the computer-readable memory can be comprising for example SRAM, quick flashing and SDRAM component.Memory sub-system can implement one or more of DMA type of hardware, to promote data to connect Enter, this is well known in the art.In the normal operation period, processing system is configured to read one of storage in memory Or multiple instruction, and one or more actions are performed based on the instruction read.

There is processing system 304 enough disposal abilities to support the first wireless subsystem 310 and core network simultaneously Connectivity.In an exemplary embodiment, radio station 300 is configured to provide what is run on processing subsystem 304 Additional functionality (that is, Wi-Fi protocol stacks, it modifies to support the LTE protocol storehouse and control software of higher), institute Additional functionality is stated beyond existing radio platform feature (that is, old edition Wi-Fi operations).In an exemplary embodiment, Processor subsystem 304 is configured to perform the software of the operation and control for radio station.This commercial examples is Botong (Broadcom) BCM4705 processor chips (its include processor core and multiple IO, such as GPIO, RS232UART, PCI, GMII, RGMII and DDR sdram controller).

Illustrated power managemet subsystems (PMS) 306 are powered to radio station 300, and can be comprising integrated circuit and/or many Individual discrete electrical components.The Common examples of power managemet subsystems 306 including but not limited to：Rechargeable battery power supply and/or External power source, such as from the external power source of power outlet, induction electricity charger etc..

User IO 314 includes any number of known IO, including but not limited to：LED, loudspeaker etc..For example, This is in the case of one, one group of LED may be used to indicate connection status (for example, " green " indicates on line state, " red " instruction failure or Connection sex chromosome mosaicism etc.).In more complicated embodiment, IO can and have keypad, touch-screen (such as multiple point touching interface), LCD display, backlight, loudspeaker and/or microphone or other IO, such as USB, GPIO, RS232UART, PCI, GMII, RGMII。

First radio subsystem 310 is configured to produce the wireless network for receiving one or more subscriber devices.At one In one exemplary embodiment, produced wireless network is open to the outside world network, i.e. produced wireless network does not require any access Control measure (such as checking, mandate, charging etc.).Although open network operation described herein, it is to be appreciated that accessing control Scheme processed is without open；Equally successfully can be accessed using limited attach and closing.In fact, wireless radio subsystem 310 Certificate can via Ethernet switch 312 and be connected to core network (more fully below describe) it is associated with The too input of net port and setting.In some cases, open network and can have so-called " interim " networking, netted networking etc..

First wireless subsystem is configured to produce wireless network.In an exemplary embodiment, the first wireless electron System produces Wi-Fi network (being based on IEEE, such as 802.11n etc.).Other examples of suitable wireless technology are included but not limited In bluetooth, WiMAX etc..

As shown in Figure 3, there are some (2 or more than 2) antennas to support the multiple-input and multiple-output of first network (MIMO) operate.Although without clearly showing, it is to be appreciated that every RF front ends are opened comprising such as wave filter, duplexer, RF Close, RF signal power levels are monitored, LNA (low-noise amplifier) and PA (power amplifier), it is probably the radio of device Required by subsystem.In an exemplary embodiment, the first wireless subsystem 310 includes configuration and operation IEEE Feature needed for 802.11n modems, comprising Transceiver section, PHY (physical layer) and MAC (media access controller) Unit and associated control and operation software.One commercial examples of this RF front end are Broadcom IEEE 802.11n Single flake products, BCM4322 or BCM4323.

Ethernet switch 312 and associated ethernet port are configured to provide to core network (such as EPC 202) and potential other network entities (such as eNB, HeNB etc.) access.Other common forms for accessing are comprising for example several Word subscribers' line (DSL), T1, ISDN (ISDN), satellite link, Data Over Cable Service Interface Specifications (DOCSIS) cable modem etc..One commercial examples of Ethernet switch 312 are Botong's BCM53115 chips, its There is provided and be up to five (5) individual ethernet ports.In an exemplary embodiment, radio station is configured to connect directly to network The core network of operator realizes that above-mentioned WoLTEN is operated with via Ethernet switch 312.

Exemplary subscriber devices-

With reference now to Fig. 4, an exemplary subscriber devices 400 are configured to via hybrid access scheme (via Fig. 3's Radio station 300) carry out Access Core Network.In one embodiment, subscriber devices 400 are special purpose devices, but association area Those skilled in the art it will be recognized that described feature is incorporated into extensive various devices, device is included but not limited In：Smart phone, portable computer, desktop computer, and even only one of which communicates for Wi-Fi IEEE 802.11n The self-contained unit of radio modem etc..

Demonstration equipment 400 includes one or more substrates 402, and it is further comprising multiple integrated circuits, integrated circuit bag Containing processing subsystem 404, for example digital signal processor (DSP), microprocessor, programmable logic device (PLD), gate array or Multiple processing assemblies, and to power managemet subsystems 406, memory sub-system 408 and one or more nothings that equipment 400 is powered Line electrical modulation demodulator subsystem.As indicated, demonstration equipment includes four (4) radio modem subsystems：LTE honeybees Nest air interface 410A, Wi-Fi IEEE 802.11n air interface 410B, GPS air interface 410C and bluetooth air interface 410D.In certain embodiments, also there may be user input/output (IO) 412.As indicated, processing quality input/output (IO) 412 include：Screen display 412A, keypad 412B, microphone and loudspeaker 412C, audio coder-decoder 412D and Video camera 412E.Other peripheral units can be comprising external media interfaces (such as SD/MMC card interfaces etc.) and/or sensor etc. Deng.

In some cases, processing subsystem can also include internal cache.Processing subsystem 404 is connected to Memory sub-system 408 comprising non-transitory computer-readable memory, computer-readable memory can comprising such as SRAM, Quick flashing and SDRAM component.Memory sub-system can implement one or more of DMA type of hardware, and to promote data access, this is Well known in the art.In the normal operation period, processing system is configured to read one or more in memory of storage and refers to Order, and one or more actions are performed based on the instruction read.

As the processing subsystem 304 (referring to Fig. 3) of radio station 300, the processing system 404 of Fig. 4 is (also referred to as " application processor ") have enough disposal abilities and the access to memory assembly, with least while support Wi-Fi without The connectivity of line electronic system 410B and core network.One commercial examples of processing system 404 are Freescales (Freescale) iMX53 1GHz ARM Cortex-A8 processors or valiant dragon (the QUALCOMM Snapdragon) 800 of high pass.

Illustrated power managemet subsystems (PMS) 406 are powered to subscriber devices 400, and can be comprising integrated circuit and/or many Individual discrete electrical components.The Common examples of power managemet subsystems 406 including but not limited to：Rechargeable battery power supply and/or External power source, such as from the external power source of power outlet, induction electricity charger etc..

User IO 412 can include common for consumer electronics any number of known IO, comprising but do not limit In：Keypad, touch-screen (such as multiple point touching interface), LCD display, backlight, loudspeaker and/or microphone or USB and Other interfaces.

Those possessing an ordinary skill in the pertinent arts will be appreciated that subscriber devices can have multiple other components (such as multiple extra Radio subsystem, graphic process unit etc.), above-mentioned each is merely illustrative.

Cellular radio electronic system 410A is configured to add the cellular network provided by Virtual network operator.In an implementation In example, cellular radio electronic system 410A is forth generation (4G) Long Term Evolution (LTE) modem.Although without clearly opening up Show, it is to be appreciated that every RF front ends comprising such as wave filter, duplexer, RF switches, the monitoring of RF signal power levels, LNA and PA, it may be by the requirement of the radio subsystem of device.Subscriber devices 400 are associated with identification module, the identification module to Virtual network operator verifies subscriber devices.Generally, identification module safely recognizes subscriber devices (or the user's account being associated with device Family) as credible and authorization device for access.The Common examples of identification module are including but not limited to Subscriber Identity Module (SIM), general SIM (USIM), self-mountable ＆ dismountuble identification module (RUIM), CDMA (CDMA) SIM (CSIM) etc..At some In the case of, identification module can be removable (such as SIM), or alternatively intact part (such as the inside tool of described device There is the embedded element of programmed identification module).One commercial examples of cellular radio electronic system 410A are high pass Gobi MDM9600 and its associated RF and peripheral chip.

Wi-Fi radio subsystems 410B is configured to add the wireless network for for example being produced by the radio station 300 of Fig. 3 Network.In one embodiment, wireless network radio subsystem 410B is the compatible modems of IEEE 802.11n.Although Do not show clearly, it is to be appreciated that every RF front ends include such as wave filter, duplexer, RF switches, RF signal power levels Monitoring, LNA and PA, this may be by the requirement of the radio subsystem of device.In an exemplary embodiment, Wi-Fi radio Subsystem 410B is configured to perform the operation of IEEE 802.11n PHY (physical layer) and MAC (media access controller) unit And the software of control, and associated control and operation software.One commercial examples of Wi-Fi radio subsystems 410B are Atheros (Atheros) single-chip (IEEE 802.11n products) AR9285.

In an exemplary embodiment, subscriber devices 400 are further configured to provide on processing subsystem 404 (that is, Wi-Fi protocol stacks, its modified LTE protocol storehouse and control to support higher is soft for the additional functionality of operation Part).

Exemplary " Wi-Fi pipes "-

Fig. 5 explanations are represented and combine various aspects of the invention useful IEEE 802.11n PHY (L1) and MAC (L2) associations Discuss the logic block-diagram of storehouse 500.As indicated, application software 508 is directly in the operation of the top of MAC layer 506.It will be appreciated that base Consider in design, other variants and there can be other software layers (such as logic link control (LLC) and/or IP layers).It is illustrative PHY can be operated in U-NII frequency bands 502 or ISM band 504 or simultaneously in both.

MAC layer 506 can it is configured and with " contention " or " contention-free " pattern operate.In contention-free operation, MAC point of use Coordination function (PCF)；During contention mode is operated, MAC uses distributed coordination function (DCF).Other Wi-Fi MAC functions Comprising registration, handover, electrical management, security and service quality (QoS).It is existing herein without other explanation parts There are Wi-Fi components and feature to be well understood in the related art, and will not be discussed further.

With reference now to Fig. 6, it is considered to exemplary radio platform 300 (for example, as described in Fig. 3 and content discussed above) and Exemplary subscriber devices 400 (for example, as described in Fig. 4 and content discussed above).Once exemplary subscriber devices 400 enter The overlay area of the unknowable radio station 300 of demonstration network and registered to open network, subscriber devices 400 and radio station End-to-end MAC between 300 connects to form " transparent " connecting tube (or incoming tunnel), and this is hereinafter referred to as " Wi-Fi pipes " 602. In certain embodiments, Wi-Fi pipes tunnel is in itself unsafe (for example, wherein focus shows as open to the outside world Wi-Fi network), And basic data pay(useful) load can add according to the existing of honeycomb (LTE) network and/or application layer etc. is used for end-to-end Close scheme is protected, for example, protected by the encipherment scheme of traditional non-trusted Web vector graphic.In other embodiments, it is described Wi-Fi pipes be via close network implement, and and have local cipher etc. (Wired Equivalent Privacy (WEP), Wi-Fi protection access (WPA), WPA2 etc.).

The Wi-Fi pipes enable that two logical endpoints run the first application program 604 and the second application program 606 (difference), with direct communication without any intervention conversion (that is, data transmission is not changed).Logical endpoints can not perceive basic physicses And data link transaction, the transaction generation is in its corresponding Wi-Fi interface.In an exemplary embodiment, first answer The software stack of subscriber devices is coupled to program 604, and the second application program 606 is coupled to the software stack of radio station (displaying).In other words, Wi-Fi is managed and is caused that the storehouse (the SIM/USIM cards on subscriber devices 700) of subscriber devices can be direct It is connected to the storehouse of radio station (in radio station 300).

As previously mentioned (for example, as described in Fig. 2 and content discussed above), radio station is directly connected to evolution Type bag core (EPC) (via such as security gateway 208).In an exemplary embodiment, radio station is configured to use All or some existing eNB LTE software configurations and entity (for example, logic channel, agreement and software stack, RRM etc.) are used for Communicated and/or interacted with LTE EPC and UE.For example, the LTE radio architectures of Fig. 7 explanation prior arts are together with corresponding association Discuss some logics, transmission and the physical channel of stack layer.Fig. 8 illustrates the LTE radio subscriber plane protocol stacks of prior art, It is operated between subscriber's installation (UE), evolution NodeB (eNB), gateway (SGW) and PDN Gateway (PGW).Fig. 9 describes use The LTE control plane protocol stacks of the prior art between UE, eNB and mobility management entity (MME).However, other Physics and/or logic entity (such as radio resource manager (RRM) etc.) can be used for eNB operations, given of the invention In the case of content, comprising or not comprising such entity in the technical ability of those skilled in the relevant art.

For radio station, it is relatively simple to carry out communication with such as SGW and MME in network side.For example, in behaviour During work, radio station 300 configures its Ethernet interface and performs communication protocol as logic eNB, whereby seamlessly with it is existing LTE network framework is integrated.Specifically, on the user plane, radio station 300 is shown as eNB to EPC, and using eNB with The agreement (for example, General Packet Radio business (GPRS) tunnel protocol (GTPU)) used between SGW is communicated with SGW； Communication is performed (via the Ethernet interface of radio station 300 by UDP (UDP) Internet Protocol (IP) 312).On control plane side, radio station 300 is used in eNB and MME (for example, by SCTP (SCTP) S1-AP the agreement used between) is communicated with MME；Communication is performed by IP.In given present disclosure situation Under, although previous examples are presented on the Ethernet interface of radio station, but one of ordinary skill in the art should Understand, by other interfaces (such as by any MAC (L2) and physics for the backbone network between radio station and EPC (L1) layer) executable user plane and control plane communication.

Between exemplary subscriber devices and exemplary radio platform interface (for example, similar to eNB-UE interfaces, via The air interface of Wi-Fi) modification is needed to locate the difference of reason Wi-Fi modem operations introducing.For example, Figure 10 explanation roots According to the LTE radio subscribers plane protocol stack and modification of principle described herein supporting exemplary subscriber devices and show One one exemplary embodiment of plasticity radio station, the storehouse is grasped between subscriber's installation (UE) and evolution NodeB (eNB) Make.Figure 11 is illustrated according to the LTE radio controls plane protocol stack of principle described herein and modification to support demonstration One one exemplary embodiment of property subscriber devices and exemplary radio platform, the storehouse subscriber's installation (UE) with it is evolved Operated between NodeB (eNB).

As indicated, in both Figure 10 and 11, exemplary hybrid Wi-Fi pipes protocol stack is in radio link control (RLC) operated under layer, and it is with corresponding buffering area and MUX/DeMUX sub-assemblies (1002,1004), Wi-Fi pipes 1006 And virtualization PHY 1008, subscriber's installation (UE) MAC 1010 and access point (AP) MAC 1012 replaces MAC and L1 layer of LTE.

In one embodiment, Wi-Fi pipes are coupled at both sides (for example, at subscriber devices 400 and radio station 300) To the data buffer zone of FIFO (FIFO) to process arrival time problem (such as shaking), Wi-Fi is otherwise may result in The scheduling problem of pipe or LTE operation.In the embodiment of multiple users, platform and can have the multiple buffering corresponding to each user Area, it is divided into single buffering area of multiple subregions etc. for each user.

There is a RLC entity for each radio bearer；This enables that multiple radio bearers isolate nothing The performance of line electricity supporting body.LTE RLC are configured to come from the packet point of (and to) bag data convergence protocol (PDCP) layer Solve (and reassembling) into the managed size for Wi-Fi pipes.LTE RLC are further configured to ensure that all receiving What bag was ordered into before being delivered to PDCP layers.In the case of packet loss, LTE rlc layers are executable to be transmitted with by opening again The bag for moving automatic repeat request (ARQ) program to recover to lose.

There is a PDCP entity (ensuring the radio bearer performance of isolation) in each radio bearer.LTE PDCP Entity is configured to provide encryption (and integrality) protection (being connected by non-trusted, such as Wi-Fi pipes).LTE PDCP are through entering one To be provided with robust header compression (ROHC), the expense that it may reduce transmission parcel (further improves Wi-Fi pipes for step configuration Performance).Finally, PDCP entities can provide the rearrangement of bag during handoff operation and transmit again.

Even if Wi-Fi pipes 1006 and corresponding buffering area and MUX/DeMUX sub-assemblies (1002,1004) realize exemplary ordering Wi-Fi radio links between family and exemplary radio platform, but higher level (such as RLC, PDCP, RRM etc.) is still Implemented to process with existing LTE, therefore virtualization PHY 1008, UE MAC 1010 and AP MAC 1012 are ensured based on LTE Higher level can not perceive the operation of Wi-Fi wireless links.More directly, UE MAC 1010 are emulated in radio station 300, nothing Line radio station 300 communicates with virtualization PHY 1008 (VPHY) and the MAC PDU of emulation are delivered into radio with using minimum meditation The AP MAC 1012 of platform.Many LTE PHY operation is not required, and therefore VPHY for UE MAC 1010 and AP MAC 1012 correct operation effectively " can get around " or " forgery " unrelated PHY operations.For example, the program being associated with physical layer operations (such as RACH (RACH), timing advance (TA) etc.) no longer needs.

In some cases, VPHY, UE MAC 1010 and AP MAC 1012 can further optimize (because without reality Physical propagation path) it is " simplifying MAC ", the minimal format required for its successful interoperability with higher level execution Wi-Fi pipes And translation function.For example, Figure 12 describes the concept frame of LTE MAC (UE sides) (the LTE MAC on eNB sides have similar functionality) Structure.MAC control operations, such as RACH, TA, channel dispatch and discontinuous reception/transmission (DRX/DTX).These functions exist completely Treatment in VPHY, and can be disabled or ignore (do not perform appropriate signal or order) or " being forged " (produces in reasonable time The appropriate signal of life or order allow the process to continue whereby to indicate successfully).For example, up-link and downlink Resource is authorized signaling and can carry out " forgery " with the VPHY logics of analog physical signaling, so as to indicate resource always available.Can save Slightly downlink mixed automatic repeat request (HARQ) because packet processed in VPHY (this substantial inerrancy and Loss).Similarly, the HARQ of up-link can be disabled because UE MAC pre-processing data bag mistake and loss (for example, Managed by Wi-Fi).Channel is multiplexed and demultiplexing can also be omitted, because MAC Service Data Unit (SDU) (or The protocol Data Unit (PDU) of MAC outputs) can directly be transmitted between UE MAC and AP MAC via VPHY.Also can be excellent Change and/or omit other MAC correlation functions, including but not limited to buffer status reporting, power headroom reporting (PHR), downlink and on Downlink channel resources scheduling, bgical channel priority etc..

The foregoing discussion of exemplary " simplifying MAC " and VPHY (" virtual " PHY) is referred to based on such as counter, key performance The use of mark (KPI) and control information, control information is provided to higher level to ensure the correct behaviour of LTE protocol storehouse from lower level Make.It will be appreciated that some embodiments may not need simultaneously " simplifying MAC " or VPHY emulation (for example, proprietary embodiment, to existing Have embodiment enhancing in future, extremely the embodiment of optimization, exclusively with situation etc.), in said case, per one end The RLC entities at place can be managed by Wi-Fi and directly transmit its frame among each other.

Other considerations of exemplary Wi-Fi pipes-

Although foregoing discussion is presented with the Wi-Fi pipes feature at MAC and L1 layers, it is to be appreciated that other are implemented Example can be in any layer of subscriber devices and/or radio station's device place's implementation similar operations.For example, it is illustrated in such as Figure 11 A, Wi-Fi pipes are implemented inside the software layer higher of protocol stack；That is, in (transmission control protocol/Internet Protocol) TCP/IP Operated at layer.

One of ordinary skill in the art become readily apparent that, in view of of the invention, the software layer higher of division protocol stack The change of the basic security framework of LTE system can be caused.For example, it is contemplated that arriving following examples：Wi-Fi pipes are inserted in bag data In convergence protocol (PDCP) layer so that up encryption and descending decryption are supported in radio station 204 (rather than at UE 206) Function, and PDCP layers of the compression of up and descending robust header compression (RHOC) and decompressing function are supported in UE 206. In this arrangement, two problems are introduced：1) the SIM/USIM information of UE must be provided to radio station 204 so that radio station 204 " can act on behalf of " UE 206；And 2) further encryption must be transmitted to the Wi-Fi pipes by radio link, because by The LTE that SIM/USIM is provided is encrypted at radio station 204 and terminates.

On " agency ", radio station's (for example, being in this exemplary embodiment Wi-Fi AP) 204 can internally be incorporated to One or some from virtual (that is, safe storage) or physics be embedded or self-mountable ＆ dismountuble SIM/USIM modules.SIM/USIM moulds Block can be to be programmed through static, or be dynamic Reprogrammable in some cases.SIM/USIM modules allow radio station 204 act on behalf of one or more through connecting UE 206 (it is that the UE is serviced to come via Wi-Fi pipes).For example, one or more identification modules (for example, USIM) by radio station 204 it is integrated and " being attached to " (that is, act on behalf of) reside in it is one or more at radio station 204 Individual UE protocol stacks (including PHY layer), each UE protocol stacks correspond to one or more through connecting UE 206.For dynamic Reprogrammable embodiment, then can be sent to radio station (Wi-Fi by the content (including privacy key) of the SIM/USIM of UE AP) one of SIM/USIM modules in 204.Once the content of the SIM/USIM of UE 206 is at radio station (Wi-Fi AP) Replicated in 204, the whole UE that just UE 206 can be imitated to gateway (S-GW) from radio station (Wi-Fi AP) 204 is assisted View storehouse.

Once radio station (Wi-Fi AP) 204 has been successfully connected to S-GW, UE just can be via being connected to radio station The Wi-Fi pipes at tcp/ip layer (or even more high-rise) place of (Wi-Fi AP) 204UE protocol stacks carry out transaction data.

One of ordinary skill in the art are become readily apparent that, SIM/USIM contents from UE should be performed by safety chain 206 transmission for arriving radio station (Wi-Fi AP) 204.In this embodiment, SIM/USIM contents are to use such as PGP (good privacy) agreement is safely transmitted via Wi-Fi pipes.PGP is for the well-known public of securely communicating data Cipher key encryption scheme.Can equally be succeeded using other encipherment schemes, the encipherment scheme includes (but not limited to) symmetric key System, the system based on trust chain etc..

The Second Problem being encrypted to exemplary Wi-Fi pipes is referred to now, because LTE is encrypted at radio station 204 Terminate, so the Wi-Fi pipes between UE 206 and radio station 204 need additional encryption to ensure Secure Transaction.In a reality Apply in example, the encryption of Wi-Fi pipes can be based on the extension of existing LTE encipherment schemes；For example, during operation, usable LTE is symmetrically close Key encryption information produces key to will pass through Wi-Fi pipes extension symmetric key at both UE 206 and the position of radio station 204 place Encryption.In this embodiment, the machine Wi-Fi AESs and special HW accelerators (wired equivalent privacy (WEP), Wi-Fi Protected access (WPA), WPA2 etc.) the key transmission based on the scheme decided through consultation in advance is supported, or by the air through dynamic negotiation. In this way, Wi-Fi AESs and special HW accelerators can be through making full use of (have modification) and/or being produced and phase with follow-up The LTE cipher key combinations of association, to realize aerial Wi-Fi pipes security.Finally, can be implemented in UE 206 with SW or HW emulation The machine LTE Non-Access Stratums (NAS) security and integrity protection, because the data rate and capacity of NAS message are extremely low.

In this embodiment, the encryption of Wi-Fi pipes can be based on associated through one or more in derivation LTE encryption keys Person, and can be used any agreement (for example, foregoing PGP agreements) based on safe public keys (to be encrypted without SIM/USIM to transmit Agreement) arrive UE.For example, public keys is transferred to Wi-Fi AP 204 by UE 206, being then used to by Wi-Fi AP 204 will be suitable When key (for example, one or more of associated LTE keys etc.) is securely sent to UE 206, hereafter Wi-Fi pipes security Can be based on via Wi-Fi pipes the machine crypto engine and can (wired equivalent privacy (WEP), Wi-Fi be protected with HW accelerators Access (WPA), WPA2 etc.) symmetric key encryption.

Alternatively, in certain embodiments, UE 206 can be appropriate soft via what is used with reference to the machine Wi-Fi pipe crypto engines Part user interface (UI) application program supports manually typing in for encryption key, password etc..In some variants, manual authentication is entered again One step realizes the Access Control to WoLTEN operations.In some cases, the key of " manual " key entry corresponds in Wi-Fi AP Setting (via server or be stored in one or more preset radio stations, for example, Wi-Fi AP 204) is predetermined on 204 sides Key.In other situations, public-key cryptography scheme (for example, PGP) can be used to be passed predetermined key according to the outer program of frequency band It is delivered to Wi-Fi AP 204.

Those skilled in the art becomes readily apparent that, because it is to verify to authorize and charging based on existing LTE that client accounts (AAA), so the Wi-Fi AP 204SIM/USIM of agency are operated causes that network operater is capable of identify that in Wi-Fi viabilities The data of (that is, the off line subscriber of UE 206 uses) transaction.Off line can be used to for example directly account, recognizes missing clothes using measurement Business cellular coverage, identifying user custom and/or using, determine unconsummated income chance etc..

Above-mentioned discussion content is the data throughout based on Wi-Fi pipes, its data throughout compared to LTE network requirement It is sufficiently large supporting all users in overlay area.Although foregoing assume to be usually true, it is to be appreciated that LTE network with The speed operation part of Wi-Fi interface is faster than, Wi-Fi pipes may be configured to indicate the active volume of LTE network so that LTE nets Network can make appropriate adjustment (for example, the resource and bandwidth allocation of limitation to every UE MAC) to radio bearer.For example, this Class situation can occur in place of the connectivity and old edition radio operation simultaneously that radio station provides cellular network；Two work( Can be with the certain proportion of platform bandwidth by " covering ", to ensure that described two functions are fully supported.

Exemplary " Wi-Fi pipes " software architecture-

With reference now to Figure 13, present for subscriber devices and radio station overall protocol stack construction (user plane and Both control planes).Two-way secondary control channel (1302,1304) and support application program and agency (1306,1308) are referred to as It is by Wi-Fi (WoLTEN) protocol stack of LTE.

As indicated, WoLTEN APP (application program) 1306 are resided in subscriber devices 400 and comprising LTE protocol storehouse, It supports that radio link controls (RLC) layer to the Non-Access Stratum (NAS) 1314 for control plane operation and supports that rlc layer is arrived For the Internet Protocol (IP) 1316 of user plane operation.WoLTEN APP 1306 also include buffering area and MUX/DeMUX 1310, and WoLTEN control channels 1302 and control and operation software.Pairing WoLTEN agencies 1308 reside in radio In platform 300 and comprising LTE UE MAC, VPHY and LTE AP MAC entities, its pairing control for processing one or more subscriber devices Plane processed and user plane.In one embodiment, WoLTEN agencies can also include other logics and/or physical entity (example Such as provided for radio resources management (RRM)) additional functionality for generally being provided by LTE eNB is provided.

WoLTEN APP 1306 and WoLTEN agencies 1308 carry out two-way communication by WoLTEN control channels.At one In embodiment, security protocol (for example, PGP) can be used to open WoLTEN control channels or be encrypted to it close to exchange Key, and by through exchange key combination Wi-Fi pipes the machine crypto engine and can use HW accelerators (wired equivalent privacy (WEP), The protected accesses of Wi-Fi (WPA), WPA2 etc.) provide security using for WoLTEN control channels.

In one embodiment, during manufacture, WoLTEN APP are Downloadable application program (such as doing shopping) And/or be included in subscriber devices.Depending on connecing that the essence of the software implementation for local LTE softwares and third party support Entering property, during operation, WoLTEN APP can completely or partially replace local LTE protocol storehouse.For example, due to safety problem, WoLTEN APP can have the related LTE protocol storehouse copy of their own；In other embodiments, WoLTEN APP can be configured To interface with supported LTE protocol storehouse.

With reference now to buffering area and MUX/DeMUX 1310, buffering area and MUX/DeMUX 1310 are configured to uplink Via Wi-Fi pipes by different signaling radio bearer bodies (SRB), data radio supporting body (DRB), control plane, use in road The RLC bags of family plane and WoLTEN control channel bag multiplexing are multiplexed in single stream for conveying.In downlink On, buffering area and MUX/DeMUX 1310 are configured to buffering incoming data and bag are demultiplexed into appropriate SRB, DRB, control Plane processed, user plane and WoLTEN control channels.

Similarly, multiple users (MU) buffering area and MUX/DeMUX 1312 that WoLTEN is acted on behalf of are configured to will be single Stream buffering and be transported to Wi-Fi manage for before being transferred to user by the MAC bags (it includes SRB and DRB) of different user and It is multiplexed in the single stream from the bag of its corresponding WoLTEN control channel.In the uplink, MUX/DeMUX 1312 be configured to the corresponding LTE MAC and PHY entities for passing to corresponding to user by Wi-Fi pipes before buffering and multichannel point With the bag conveyed via Wi-Fi pipes (from multiple users).Each user for being attached to network via WoLTEN agencies is respectively provided with The unique instance of corresponding WoLTEN protocol stacks.

Method-

Exemplary Wi-Fi pipes between WoLTEN APP 1306 and WoLTEN agencies 1308 are self-contained.Wi-Fi chains Lu Wu is managed under the input condition from external entity.WoLTEN APP and WoLTEN agency control to believe by WoLTEN Road carries out two-way communication, and is responsible for：

A) when the management of Wi-Fi pipes is in the overlay area in AP 300, it can further be included：

The configuration of a.Wi-Fi pipes, monitors and safeguards the operation of Wi-Fi pipes according to radio-link performance；And

B. with evolved bag core (EPC) Network Capture and configuration LTE sessions, the session is configured to be managed for Wi-Fi Enough handling capacities are provided；

B) LTE link managements (to aid in the selection between LTE and Wi-Fi interface), it is generally comprised：

A. system information transmission；

B. PCH operation；

C. cell measurement and response cell reselection and handoff procedures；

D. radio resource control (RRC)；

E. security, integrality, Access Control (such as via SIM)；

F. Call- Control1；

C) mobility control；And

D) WoLTEN session initiations；

Discovery, startup and the configuration of a.WoLTEN sessions are (such as supporting that WoLTEN and old edition operate both heat Point).

However, other physics and/or logic entity can be useful for operation, in the case of present disclosure is given, Comprising or not comprising such entity in the technical ability of those skilled in the relevant art.

In more detail, the wireless connectivity between Wi-Fi pipes management control subscriber devices and radio station.In an implementation In example, Wi-Fi Hotspot feature is based on the Legacy Components according to for example existing IEEE 802.11n standard operations；In other realities Apply in example, Wi-Fi Hotspot feature can be specifically used for Wi-Fi pipes with WoLTEN APP and/or WoLTEN integrations to optimize Performance.For example, WoLTEN agencies can monitor the internuncial performance of LTE network and notify that Wi-Fi is managed using institute's monitoring performance Operation, for example to improve resource allocation of user etc..By coordinating channel and bandwidth assignments, WoLTEN agencies can reduce buffering Measure and/or provide better quality to be configured for servicing the link of (such as VoLTE (LTE voices) or VoIP (ip voice)) (for example, low time delay and low jitter).It will be appreciated that some operations may not directly affect radio link, and (such as Wi-Fi is noted Volume, Wi-Fi internal hand-overs, Wi-Fi electrical managements and Wi-Fi QoS etc.)；Depending on embodiment, these features can Processed in Legacy Components and/or WoLTEN APP/ agencies.

In one embodiment, LTE network connectivity is based on the Legacy Components according to for example existing LTE specification operation； In other embodiments, LTE chain circuit functions can be specifically used for WoLTEN APP and/or WoLTEN integrations with optimizing The performance of Wi-Fi pipes.As mentioned previously, the performance of LTE links can be monitored to improve the operation of Wi-Fi pipes.Similarly, can not be direct Influenceing the operation of LTE performances can be processed by Legacy Components, or is incorporated in WoLTEN agencies and/or WoLTEN APP. Common examples including but not limited to：LTE network acquisition (selection and gravity treatment), checking, encryption, integrity protection, Call- Control1 (are exhaled Cry/session sets/removes), mobility (in-house network and inside LTE handovers) etc..

On mobile management, a reality of the discovery, startup and the generalized process for configuring for session is described in Figure 14 Apply example.As indicated, WoLTEN APP and/or WoLTEN agency are configured to find, start and configure WoLTEN sessions and Wi-Fi Pipe.

At 1402 the step of process 1400, subscriber devices find the wireless network for enabling.Subscriber devices determine wireless network Whether network supports that WoLTEN is operated.It was found that Common examples including but not limited to：Decoding control broadcast, direct access inquiry etc..

In some variants, wireless network is open to the outside world network.Open network and unconstrained Access Control (for example verify, Authorize etc.).In other networks, network may be closed, partly limitation etc..For example, subscriber devices may be required To point out user input password or press button in radio station etc..In other cases, subscriber devices can be via frequency band Outer program (such as by keeper's permission etc.) allows to access.In the case of given present disclosure, art it is general Technical staff understands various other suitable schemes.

At step 1404, when subscriber devices determine wireless network support WoLTEN operate when, WoLTEN APP attempt through Incoming tunnel (or the session of Wi-Fi pipes) is set up between subscriber devices and Virtual network operator by radio station.In one embodiment In, incoming tunnel includes the Wi-Fi pipes between subscriber devices and radio station.Herein in an example, WoLTEN APP (or WoLTEN is acted on behalf of) via WoLTEN control channel transmission WoLTEN connection requests；Connection request includes the letter set up on connection Breath.The Common examples of information include such as software version, Wi-Fi and LTE neighbor lists etc..

At 1406 the step of process 1400, in response to receiving connection request, WoLTEN agencies determine WoLTEN connections Whether can set up.In some cases, due to resource constraint (such as memory is not enough, disposal ability is not enough, cannot access network Network operator etc.), WoLTEN agencies possibly cannot support connection request.If WoLTEN agencies can support connection request, that WoLTEN agencies are the data stream buffer distribution or reservation memory corresponding to subscriber devices.In one embodiment, The MU buffering areas of WoLTEN agencies and the part of MUX/DeMUX buffering areas or subregion are retained, and are published buffering area ID (treatment Device).Buffering area ID is provided to WoLTEN APP, and hereafter subscriber devices WoLTEN APP will be accessed using buffering area ID/repaiied Change its corresponding WoLTEN connection (WoLTEN agencies can be while process multiple distinct subscribers).

At step 1408, if the success of WoLTEN connection requests, then WoLTEN agencies authorize via WoLTEN connections Connecting quantity is provided back to WoLTEN APP.In one embodiment, Connecting quantity includes buffering area ID.Other of Connecting quantity Common examples can comprising such as quality of connection, maximum data rate and/or handling capacity, minimum data rate and/or handling capacity, when Prolong, other connect quality (for example, QoS) of limitation etc..

At step 1410, hereafter subscriber devices can carry out transaction data via WoLTEN connections.In more general terms, subscriber fills Executable " incoming tunnel " LTE operation is put, such as system is obtained, connection is set up, activate, radio bearer is set up and data flow Etc..

Figure 15 illustrates an one exemplary embodiment for starting the WoLTEN APP performed on subscriber devices platform The exemplary logic flow of WoLTEN connections.

At step 1502, when subscriber devices are powered or reset first, WoLTEN APP are initialized and set inside it Variable and flag are default value (for example, " LTE flags " is reset to " 0 ", available currently without LTE network to indicate).

At step 1504, upon initialization, WoLTEN APP enable LTE modems and search for available LTE ENB and network.When required network and eNB is detected, it is " 1 " that WoLTEN APP set " LTE flags ", to indicate LTE nets It is available that network is accessed.

Before LTE network is attached to, WoLTEN APP try to search for Wi-Fi network to attempt WoLTEN operations.Generally, WoLTEN is accessed better than LTE, because the less electric power of WoLTEN operation consumption and/or support data rate higher etc..Should Understand, some other embodiments and there can be different precedence schemes.

At step 1506, WoLTEN APP enable Wi-Fi modems and search neighbouring Wi-Fi AP.At some In the case of, WoLTEN APP can have preferred access module, and it is specifically configured to find radio station.

At step 1508, if it find that Wi-Fi access points (AP), then WoLTEN APP will be registered to it. In simple embodiment, Wi-Fi AP are operated with open to the outside world pattern.If WoLTEN APP can not be registered to Wi-Fi AP, So WoLTEN APP proceed, as without Wi-Fi AP are found.The Wi-Fi AP of closing can still via replacement Access scheme (then description) and can access.

At step 1510, if WoLTEN APP are successfully registered to Wi-Fi AP, then WoLTEN APP will AP is inquired to find out whether it acts on behalf of with suitable WoLTEN.In one embodiment, inquiry comprising WoLTEN connection requests/ Transaction is authorized in WoLTEN connections.If WoLTEN is inquired successfully, then " WoLTEN APP " can use radio via Wi-Fi pipes The network connection (such as Ethernet) of platform continues LTE network and acquires/registers with.

Regularly during WoLTEN is connected, WoLTEN APP are by measurement performance determining more preferable Wi-Fi AP or LTE Whether eNB can use.In one embodiment, subscriber devices can regularly for the LTE cellular interfaces of its own power it is suitable to perform When measurement.These measurement results are reported to LTE network；LTE network can responsively cause handover (HO).It is useful to HO Exemplary measurement can be including but not limited to：Signal level measuring, the signal to noise ratio of received signal volume indicator (RSSI) (SNR), bit error rate (BER) etc..Other useful informations can include for example for the neighbor list of LTE eNB, its be based on by The measurement that the LTE PHY of subscriber devices are carried out.

Referring back to step 1514, when but no Wi-Fi network is available have one or more LTE networks can use, WoLTEN APP will be continuing with LTE network, while continuing to search for enabling the Wi-Fi AP of WoLTEN.

Figure 16 illustrates an one exemplary embodiment for starting the WoLTEN performed in radio station agencies The logical flow chart of WoLTEN connections.

At step 1602, when radio station is powered or resets first, WoLTEN APP are initialized and set inside it Variable and flag are default value (for example, " user " is set to " 0 ", to indicate the user currently without positive being serviced, and MAX_ USER is set to " 1 " to carry out single user operation), and proceed to connection Wi-Fi modems.

At step 1604, in response to receiving WoLTEN connection request messages, WoLTEN agencies determine that connection request is It is no to be likely to be obtained service.In an exemplary embodiment, WoLTEN agencies are incremented by user register, and verify the quantity of user And not less than the maximum allowable quantity of user.If being not reaching to the maximum allowable quantity of user, then WoLTEN agencies are carried out Buffer space onto distribution MU buffering areas and MUX/DeMUX buffering areas, and WoLTEN APP allocation buffer ID are given, buffer Area ID is to be connected to authorize and be communicated to WoLTEN APP with WoLTEN.During subsequent transaction, it is desirable to which WoLTEN APP are every Buffering area ID is just used during secondary transmission message；In some embodiments, buffering area ID can be by the Wi-Fi user with incoming bag ID (such as MAC Address) is associated and is extracted.

Otherwise, if the unavailable service of connection request (for example, reaching the maximum number of user), then the new user of refusal Access.In some cases, infomational message is sent to be broken down (for example, system overload) to inform it.

At step 1606, the example that WoLTEN agencies are proposed the WoLTEN protocol stacks for new user is (each The example of WoLTEN APP requirement WoLTEN protocol stacks).

Regularly, WoLTEN agencies check to determine whether user has terminated connecting (step 1608).When user has terminated During connection, WoLTEN acts on behalf of decrementing users register, and stops being assisted with the corresponding WoLTEN that corresponding WoLTEN APP are associated Discuss the example of storehouse.

There is incoming handover (HO) similar flow to add new user (referring to step 1604), and spread out of handover Terminate (referring to step 1608) similar to user.

Modification without SIM-

Various embodiments of the present invention be related to be docked to local Subscriber Identity Module (SIM, USIM, UICC, CSIM or RUIM subscriber's installation (UE)).However, alternate embodiment can unload SIM features in the so-called operation without SIM.As herein Used in, term ' refers to generally and unrestrictedly to lack on such as software, hardware and/or firmware operation and locally orders without SIM ' Family identification module (SIM, USIM, UICC, CSIM or RUIM).

In first this kind of embodiment, by the SIM/ of the part (for being associated UE 206) of " agency " UE protocol stacks USIM modules are integrated in Wi-Fi AP 204.As used in this document, term " agency " typically refer to radio station (or Other intermediate nodes) ability that is performed as the authorized replacer of mobile device relative to larger network.In this reality Apply in scheme, PDCP layers functionally manages through division and by the WoLTEN protocol stacks of Wi-Fi pipes.In order to support PDCP The checking and encryption and the security requirement of integrity protection of layer, what is performed at Wi-Fi AP 204 acts on behalf of UE protocol stack bags Containing all subordinate softwares layer (for example, all LTE UE layers up to and comprising PDCP)；Remaining software layer in this embodiment Reside at the UE 206 on user plane (it is just operated with without SIM patterns).Additionally, in exemplary embodiment, control Plane is terminated at Wi-Fi AP 204.

In the case of given present disclosure, one of ordinary skill in the art become readily apparent that, using other Configuration can obtain equal success.For example, Wi-Fi pipes can be placed in PDCP layers of inside by alternative variations so that in radio station 204 It is middle to support up encryption and descending decryption function, and PDCP layers of up and descending robust header pressure is supported in the UE without SIM Contracting (RHOC) compression and decompressing function.Under such configuration, LTE encryptions/decryption is disposed at Wi-Fi AP204, therefore Need additional encryption to protect Wi-Fi pipes to transmit, because the data flow between the UE without SIM and radio station 204 is no longer protected. As it was earlier mentioned, for example, the encryption of Wi-Fi pipes can LTE encryptions keys associated based on one or more/derived, the encryption is close Key can be communicated to the UE without SIM via such as PGP security protocols.

In this second embodiment, via available wired (for example, USB) or wireless (for example, bluetooth) I/O ports by outside Subscriber Identity Module (SIM/USIM) is coupled to the UE without SIM.Outside SIM/USIM is substantially coupled to the LTE of the UE without SIM Storehouse.

Figure 17 illustrates this exemplary configuration of external module 1700, and it is included：SIM/USIM 1702, processor 1704th, non-transitory computer-readable access to memory 1706, power unit (for example, battery) 1708 and I/O communication module (examples Such as, bluetooth, USB etc.) 1710.I/O communication modules, USIM modules 1700 and the UE without SIM can via for example two-way public keys- Private-key encryption, symmetric key encryption (for example, key of the key for manually typing in or pre-installation) protect safety.

In the normal operation period, external module 1700 keeps LTE evolution packet system (EPS) KASME (key access securities Management entity) encryption key, its mobility management entity that external module 1700 and LTE network are realized via the UE without SIM (MME) initial authentication between.After initial authentication process is completed, use existing safety chain (for example, being encrypted via PGP) By key derived from follow-up LTE EPS (for example, KeNB (evolved NodeB keys), CK (Cryptographic key) and CI are (complete Property check)) be safely communicated to the UE without SIM from external module 1700.The software of such as residue LTE security algorithms can be used Simulation implementation scheme postpones continuous encryption/decryption everywhere in the UE without SIM.Alternatively, for PDCP layers of the UE without SIM by Wi- The embodiment of the agencies of Fi AP 204, the machine Wi-Fi crypto engines (wired equivalent privacy (WEP), the protected accesses of Wi-Fi (WPA), WPA2 etc.) key derived from LTE EPS can be utilized in Wi-Fi AP 204 and at the UE without SIM (for example, KeNB, CK And CI) come protect Wi-Fi pipes transmit safety.On Non-Access Stratum (NAS) security and integrity protection, such function can be Implement (for example, in software) in UE without SIM, because the data rate and capacity of NAS message are extremely low.

Other embodiments can be used security protocol that key derived from LTE EPS is delivered into UE from Wi-Fi AP 204 again 206.In addition, NULL encryptions (that is, without encryption) can be used for user plane by some variants, but the security based on software is used for LTE encryptions/decryption and integrity checking at UE without SIM.In such variant, the machine Wi-Fi crypto engine (Wired Equivalencies Privacy (WEP), the protected accesses of Wi-Fi (WPA), WPA2 etc.) one or more associated/derived LTE symmetric keys can be combined For the user plane encryption/decryption in the UE without SIM.

In other variants, the UE " attached extension " without SIM is in the identification module (for example, SIM/USIM) through connecting UE 206 On.For example, it is contemplated that the situation that the UE with SIM/USIM has been associated via identical Wi-Fi AP 204 with LTE network.If Associated UE is connected with its RRC_IDLE pattern, then WoLTEN application programs can trigger RRC_CONNECTED patterns The state transformation of (that is, initial Effective Dialogue).Hereafter, the UE without SIM can ask to share (or attached extension) effectively RRC connections.

In some cases, UE of the susceptible of proofs of Wi-Fi AP 204 without SIM is authorized to and is hung on previously associated UE with attached； Common mandated program includes (but not limited to) the scheme based on password, user's prompting and (that is, points out user's addition nothing of associated UE The UE of SIM) etc..Under attached extension variant, NAS and RRC operations both of which (can operate in correlation by Wi-Fi AP WoLTEN agencies On the connection UE and/or UE without SIM) controlled via WoLTEN APP by special WoLTEN control channels.

If attached extension operation is authorized to, then Wi-Fi AP 204 can support the UE without SIM according to multiple different schemes. In first scheme, if LTE network supports double IP storehouses UE, then Wi-Fi AP 204 are the identical new IP of USIM entity requests Address (from LTE evolved bags core (EPC)).After the second IP address is obtained, Wi-Fi AP 204 can be used for nothing for expectation Second IP address of the UE of SIM sets extra bearer, and sets up the 2nd LTE UE storehouses (up to IP layers).2nd LTE UE storehouses Appropriate IP bags can be made to be tunnelled to the UE without SIM by Wi-Fi pipes.As it was earlier mentioned, Wi-Fi pipes peace can be implemented with various schemes Quan Xing.The WoLTEN networks of associated UE are totally independent of the network of the UE without SIM.

Alternatively, it is associated the UE and UE without SIM identical LTE UE storehouses can be used and is then relayed by Wi-Fi pipes servicing Two IP address.In such embodiment, UE of the IP address by associated UE and without SIM comes via Wi-Fi accesses Use.More directly, two of IP bags set are to be transferred to associated UE and UE without SIM by Wi-Fi pipes.Associated UE and UE both of which without SIM internally determines which bag is addressed to it.

In alternative plan, support that attached extension operates (not providing another IP address) by the IP address for being associated UE.One In individual this embodiment, same bearer is used for WoLTEN networks both UE and associated UE without SIM, but with for nothing The unique port numbering of the UE of SIM and associated UE.Hereafter, IP bags can be routed to expectation UE (without SIM's via Wi-Fi pipes UE or associated UE).Alternatively, in another such embodiment, WoLTEN networks make for UE and associated UE without SIM Numbered with unique port, and be that the UE without SIM sets extra bearer.In this way, the UE without SIM has up to Wi-Fi AP The severance agreement storehouse of the IP levels at 204, lower-level is disposed to the selection of appropriate IP bags and managed to without SIM by Wi-Fi UE and associated UE transmission.

During attached extension operation, Wi-Fi pipe securities are implantable associated UE Cryptographics information etc., as described above. For example, Wi-Fi pipes security can be implemented based on PGP agreements with exchange the machine Wi-Fi AES (wired equivalent privacies (WEP), the protected accesses of Wi-Fi (WPA), WPA2 etc.) key that uses.It is still possible that NULL is encrypted being put down for user Face, but the LTE encryptions that Software implementations are used at the UE without SIM/decrypt and integrity checking, in combination with without SIM's One or more associated LTE symmetric keys of user plane encryption/decryption in UE are (wired using the machine Wi-Fi crypto engines Equivalent privacy (WEP), the protected accesses of Wi-Fi (WPA), WPA2 etc.).Other embodiments can be by different way and/or sharp again The carrying associated with UE is associated is disposed with the different storehouses split from the UE without SIM.

In another variant, the UE without SIM stores and/or manages one or more SIM/USIM using virtual identification module Agreement.In this option, receive and store (manually, outer soft via frequency band in the secure memory area at the UE without SIM Part program (for example, user application), via outside SIM/USIM modules etc.) the KASME keys of USIM are together with pre-installation Checking and encryption key generating algorithms.After the validation, follow-up encryption can be disposed using for example any of above program by the UE without SIM And/or decryption.For example, can be via the Software implementations of LTE algorithms and/or with the air security for Wi-Fi pipes The machine Wi-Fi crypto engines of one or more produced LTE keys dispose security.As it was earlier mentioned, because LTE keys exist It is symmetrical at the Wi-Fi AP 204 and UE without SIM, so such key can independently be produced at the two ends of Wi-Fi pipes. Alternatively, can be used PGP agreements that the LTE keys are delivered into the UE without SIM from Wi-Fi AP 204.It is still possible that will NULL is encrypted for user plane, and the LTE encryptions/decryption and integrality inspection that Software implementations are used at the UE without SIM Look into, one or more the associated LTE symmetric keys in combination with the user plane encryption/decryption in the UE without SIM use the machine Wi-Fi crypto engines (wired equivalent privacy (WEP), the protected accesses of Wi-Fi (WPA), WPA2 etc.).In addition, some embodiment party Case can perform NAS securities and integrity protection in the software of the UE without SIM, because the data rate and capacity of NAS message It is extremely low.

It is still possible that as shown in Figure 18, by wholly or largely putting for the storehouses of UE 206 (for example, comprising NAS layers) Put in access point (for example, Wi-Fi AP 204).In this example, the part of the responsible checking of UE 206NAS is positioned over UE In 206 application program (it can be downloaded), the application program of the UE 206 is connected to UE 206NAS's by DCCH The other parts in Wi-Fi AP 204 are resided in, the DCCH is present in the application program and Wi-Fi of UE 206 Between AP 204 is acted on behalf of.Therefore, the agency in Wi-Fi AP 204 is necessarily connected to reside in the protocol stacks of UE 206 and (resides in In Wi-Fi AP 204) in NAS parts.Equally, the application program of UE 206 is necessarily connected to the residing in UE 206 of NAS Part.In fact, it is possible that whole UE 206NAS entities are maintained in Wi-Fi AP 204, and using being present in Be connected to USIM API in Wi-Fi AP by the control channel between application program and Wi-Fi AP 204 agency of UE 206 UE 206NAS in 204 agencies.

In one embodiment, UE is further comprising the user interface application journey for residing in more than high level operation system Sequence.In a variant, user interface application is configured in software to for processing LTE voices (VoLTE) phone The traditional hardware based element of calling and LTE message transmissions is emulated.In an exemplary embodiment, user interface should The following based on one or more softwares is incorporated with program：Voice codec, echo cancellation, dial pad etc..At one In this variant, user interface application is configured to be connected to VoLTE callings via above-mentioned WoLTEN network connections.

Although the preceding example embodiment and variant for the operation without SIM are described by associated UE, without SIM's The various operations that UE and Wi-Fi AP 204 are performed, but in the case of given present disclosure, art it is general Technical staff will be recognized in addition, and many LTE specific functions are excluded by this operation, and therefore negligible, " amendment " or with other Method optimizing.For example, in this embodiment, residing in the protocol stacks of UE 206 in Wi-Fi AP 204 and residing in ENB protocol stacks in Wi-Fi AP 204 can greatly reduce PHY, MAC, RLC and PDCP software transaction, because such software Layer be only used for LTE radio adaptations (and therefore by Wi-Fi pipes operation include).One of ordinary skill in the art are readily apparent that, The residual version of such layer is can perform to ensure the correct end-to-end operation of LTE programs, and/or the remainder for allowing software stack Divide and operated in the case of minimum influence.

For example, the LTE RRC features in both UE and eNB software stacks can be minimized, because for example, not existing LTE Radio, and thus be excluded that LTE handovers and measurement operation.In another this example, PDCP ROHC and/or internal cryptographic It is not necessarily required to, therefore NULL can be encrypted for user plane operation.For control plane operation, UE 206 and Wi- can be directed to Both sides of Fi AP 204 perform any encryption and integrity protection with software.As described previously, in UE 206 and Wi-Fi The upper LTE keys for producing in both sides of AP 204 can be used with to UE 206 and Wi-Fi AP in Wi-Fi the machine crypto engines User and control plane data between 204 are encrypted.It is present in the application programs of UE 206 and the agencies' of Wi-Fi AP 204 Between DCCH can be open (unencryption) or exchange to add by the PGP keys between application program and agency It is close.

Be given in the case of the present invention, one of ordinary skill in the art will be recognized that for being implemented into the mixed of core network Countless other schemes of box-like access.

It will be recognized that, although the particular sequence with regard to method and step describes certain aspects of the invention, but such retouches State and only illustrate the more extensive method of the present invention, and can be modified as required by application-specific.Some steps in some cases may be used Can be unnecessary or optional.Additionally, some steps or feature can be added to disclosed embodiment, or replaceable two Or the execution order of two or more step.All such changes are all considered to be included in invention that is disclosed herein and advocating It is interior.

Although discussed in detail above have shown that, be described and pointed out the novelty spy suitable for various embodiments of the invention Levy, it will be appreciated that without departing from the present invention, one of ordinary skill in the art can make to illustrated device or process Various omissions, substitution and the change gone out in form and details.It is described above be it is presently contemplated that to carry out optimal mould of the invention Formula.This description is not meant to be limiting in any way, but should be considered as illustrating rule of the invention.The scope of the present invention should Determine with reference to claim.

Claims (20)

1. a kind of method for carrying out radio communication using at least the first communication system and the second communication system, described first leads to Letter system has at least first node and Section Point for communicating with one another, and methods described includes：

The Part I of the layer of the first protocol stack is performed in the first node, and the Section Point is performed described the The Part II of the layer of one protocol stack；And

One or more identification informations to the Section Point are provided from the first node, wherein described one or more identification informations Be configured to combine first protocol stack layer the Part II the execution with second communication system At least one logic entity verify the first node, the checking realizes the Section Point with least one logic Connection between entity.

2. method according to claim 1, wherein described perform first protocol stack in the Section Point The Part II of layer includes described the first of the layer of first protocol stack being coupled in the first node Partial transmission control protocol/Internet Protocol tcp/ip layer.

3. method according to claim 2, wherein described perform first protocol stack in the first node The Part I of layer includes being coupled to the complementary transmission control protocol/Internet Protocol tcp/ip layer of the Section Point.

4. method according to claim 1, it is further included：

Making the Part II of the layer of first protocol stack derives one or more checking informations；And

At least based on described through derived one or more checking informations, the Part II pair of the layer of first protocol stack One or more Data payloads of the first link between the Section Point and at least one logic entity are encrypted.

5. method according to claim 4, further includes：

Described one or more checking informations are derived also at the Part I of the layer of first protocol stack；And

At least based on described one or more checking letters derived from also at the Part I of the layer of first protocol stack Breath, to the Part II of the layer of first protocol stack at the Part I of the layer of first protocol stack One or more Data payloads be encrypted.

6. method according to claim 1, further includes to recognize mould from being not at the local subscriber of the first node Block SIM receives described one or more identification informations.

7. method according to claim 7, wherein being performed via at least public-key cryptography scheme described from described first Node provides described one or more identification informations to the Section Point.

8. method according to claim 8, wherein the public-key cryptography scheme includes receiving manual from user input The password of key entry.

9. method according to claim 8, wherein the public-key cryptography scheme includes the predefined public keys of retrieval.

10. method according to claim 1, wherein first communication system includes meeting the network of Wi-Fi, and it is described Second communication system includes the network for meeting Long Term Evolution LTE with one or more eNodeB entities, and described at least one patrols Collecting entity includes at least one of described one or more eNodeB entities.

A kind of 11. internuncial radio station apparatus for being configured to provide to core network, it includes：

Network interface, it is configured to connect to the core network being associated with the second radiotechnics；

Radio interface, it is configured to provide opening according to the first radiotechnics for being different from second radiotechnics Formula wireless network；

Processor；And

Non-transitory embodied on computer readable media, it enters row data communication and including one or more instructions, institute with the processor State one or more instructions to be configured to during by the computing device, make the radio station apparatus in response to described open The subscriber devices request of wireless network carries out following operation to the access of the core network：

One or more identification informations are received from the subscriber devices；

At least verified to the core network via at least described network interface based on described one or more identification informations, its Described in checking cause the derivation of one or more authentication secrets；And

At least set up to the subscriber devices via at least described open wireless network based on described one or more authentication secrets Safety chain.

12. radio station apparatus according to claim 11, wherein the non-transitory embodied on computer readable media enter one Step includes that one or more are instructed, and described one or more instructions are configured to during by the computing device, make the radio Platform equipment performs one or more software layers being uniquely associated with the subscriber devices and second radiotechnics.

13. radio station apparatus according to claim 12, wherein：

Described one or more software layers through performing imitate one or more portions for the call-stack being associated with the subscriber devices Point；And

Described one or more software layers through performing are configured to verify the subscriber devices to second radiotechnics.

14. radio station apparatus according to claim 12, wherein described one or more received identification informations be through Received by public-key encryption；And

The wherein described safety chain being set up is based on symmetric key encryption.

A kind of 15. subscriber devices being configured to via radio station and core network, it includes：

Radio interface, the radio interface is configured to and radio set communication, and the radio station is configured to and institute State core network；

Processor；And

Non-transitory computer-readable taking equipment, it enters row data communication and including one or more instructions, institute with the processor State one or more instructions to be configured to during by the computing device, the subscriber devices is carried out following operation：

One or more identification informations to the radio station are provided；

One or more checking informations are received from the radio station；And

At least the safety to the radio station is set up based on one or more keys derived from described one or more checking informations Connection.

16. subscriber devices according to claim 15, wherein identification information include Long Term Evolution LTE evolved grouping systems EPS keys access security management entity KASME encryption keys.

17. subscriber devices according to claim 16, it is further configured to authorize at least one other subscriber devices Use to one or more identification informations of the subscriber devices.

18. subscriber devices according to claim 17, wherein at least one other subscriber devices share to the nothing The secure connection in line radio station.

19. subscriber devices according to claim 17, it is further configured to fill at least one other subscriber Put request Internet protocol IP address.

20. subscriber devices according to claim 15, wherein described one or more identification informations are added via public keys Close scheme and the radio station is provided.