WO2016128039A1 - Apparatus and method for managing communication with a local device of a local network - Google Patents

Apparatus and method for managing communication with a local device of a local network Download PDF

Info

Publication number
WO2016128039A1
WO2016128039A1 PCT/EP2015/052861 EP2015052861W WO2016128039A1 WO 2016128039 A1 WO2016128039 A1 WO 2016128039A1 EP 2015052861 W EP2015052861 W EP 2015052861W WO 2016128039 A1 WO2016128039 A1 WO 2016128039A1
Authority
WO
WIPO (PCT)
Prior art keywords
local
network
local device
gateway module
mobile network
Prior art date
Application number
PCT/EP2015/052861
Other languages
French (fr)
Inventor
Patrik JINGHALL
Jan ARVALD
Erik Westerberg
Original Assignee
Telefonaktiebolaget Lm Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget Lm Ericsson (Publ) filed Critical Telefonaktiebolaget Lm Ericsson (Publ)
Priority to PCT/EP2015/052861 priority Critical patent/WO2016128039A1/en
Publication of WO2016128039A1 publication Critical patent/WO2016128039A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/106Mapping addresses of different types across networks, e.g. mapping telephone numbers to data network addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/51Discovery or management thereof, e.g. service location protocol [SLP] or web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/565Conversion or adaptation of application format or content
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W80/00Wireless network protocols or protocol adaptations to wireless operation
    • H04W80/04Network layer protocols, e.g. mobile IP [Internet Protocol]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/622Layer-2 addresses, e.g. medium access control [MAC] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/65Telephone numbers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/654International mobile subscriber identity [IMSI] numbers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/59Network arrangements, protocols or services for addressing or naming using proxies for addressing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/16Gateway arrangements

Definitions

  • the present invention relates to an apparatus and method for managing communication with a local device of a local network, for example managing communication between a mobile network and a local device of a local network, such as a local device within a WiFi or Zigbee network.
  • Connected devices are becoming an integrated part of the networked society. Many of these devices will be connected to a local network, sometimes referred to as a capillary network, for example a WiFi network or Zigbee network, or similar type of local network.
  • a local network sometimes referred to as a capillary network, for example a WiFi network or Zigbee network, or similar type of local network.
  • a challenge with such connected devices or equipment that connect to such local networks is that they often require manual configuration and management, which can slow down the uptake of their use, and can limit the potential of solutions using these connected devices or equipment.
  • a disadvantage of this is that it is difficult to reach such wireless connected devices from a server or some other form of equipment or device from, for example, public networks such as the internet, or a mobile operator network.
  • Another disadvantage is that management and charging systems designed for handling wireless devices in mobile operator networks cannot be reused for capillary network devices.
  • a gateway module for managing communication with a local device of a local network.
  • the gateway module comprises a local network interface for interfacing with a local device, and a mobile network interface for interfacing with a mobile network.
  • the gateway module further comprises a linking module for linking an operator attribute, from a set of operator attributes associated with the mobile network, with a local address of a local device.
  • a method in a gateway module for managing communication between a local device of a local network and a mobile network comprises associating an operator attribute, from a set of operator attributes related to the mobile network, with a local address of the local device.
  • Figure 1 shows an example of a gateway module according to an embodiment
  • Figure 2a shows an example of an application of an embodiment
  • Figure 2b shows an example of a method according to an embodiment
  • Figure 3a shows another example of an application of an embodiment
  • Figure 3b shows another example of an application of an embodiment
  • Figure 4 shows another example of an application of an embodiment
  • Figure 5 shows further details of an application of an embodiment
  • Figure 6 shows further details of another application of an embodiment
  • FIG 7 shows further detail of a gateway module according to an embodiment
  • Figure 8 shows an example of a method according to an embodiment
  • Figure 9 shows an example of a method according to an embodiment
  • Figure 10 shows an example of an apparatus according to an embodiment.
  • Local networks have traditionally been mainly used for internal communication within the local network, or for communication with external entities outside the local network, and in particular when the
  • External entities may comprise, for example, other users, servers, cloud servers or client devices.
  • the embodiments described below provide a method and apparatus to communicate with devices connected to a local network, for example a WiFi or Zigbee network, and enable such devices to be reachable through operator attributes provided in a mobile network, for example operator attributes such as an International Mobile Subscriber Identity (IMSI) or an alias to an IMSI, for example a Mobile Station International Subscriber Directory Number (MSISDN).
  • IMSI International Mobile Subscriber Identity
  • MSISDN Mobile Station International Subscriber Directory Number
  • LTE Long Term Evolution
  • 4G 4 th Generation
  • 5 th generation networks or any other type of mobile network.
  • 3GPP 3rd Generation Partnership Project
  • LTE Long Term Evolution
  • 4G 4 th Generation
  • 5 th generation networks or any other type of mobile network.
  • the embodiments described herein allow existing mobile network operator capabilities to be used with devices connected to a local network, for example operator capabilities such as management, customer care and charging. As will be explained in greater detail below, such attributes may be used with legacy devices
  • FIG. 1 shows an example of a gateway module 100 according to one embodiment, for managing communication with a local device of a local network.
  • the gateway module 100 comprises a local network interface 101 for interfacing with a local device (for example a local device in a local network 102).
  • the gateway module 100 further comprises a mobile network interface 103 for interfacing with a mobile network 104 (for example a 3GPP network, or a LTE network, or a next generation mobile network).
  • a linking module 105 links an operator attribute, from a set of operator attributes associated with the mobile network 104, with a local address of a local device.
  • an operator attribute may comprise an International Mobile Subscriber Identity (IMSI), or an alias associated with an IMSI, for example a Mobile Station International Subscriber Director Number (MSISDN) associated with an IMSI.
  • IMSI International Mobile Subscriber Identity
  • MSISDN Mobile Station International Subscriber Director Number
  • Other Subscriber Identity Module (SIM) credentials such as encryption secrets, may also be associated with an operator attribute.
  • a set of operator attributes may comprise a set of 3GPP identities of a 3GPP mobile network, wherein the set of 3GPP identities may be
  • a local device associated with, and hence used to identify local network devices.
  • an operator attribute of a mobile network such as an IMSI or IMSI alias such as MSISDN, or some other form of mobile network identity
  • a local address of a local device e.g. a MAC address of a local device
  • the linking module 105 links an operator attribute with a local address of a local device in response to the local network interface 101 detecting that a new local device has connected thereto. In another example, the linking module 105 links an operator attribute with a local address of a local device in response to the local network interface 101 detecting that a new local device has connected to the local network. In another example the linking module 105 links an operator attribute with a local address of a local device in response to the local network interface 101 receiving a notification that a new local device has connected to the local network.
  • the linking module 105 may be adapted to authenticate a local device prior to linking an operator attribute to that local device.
  • the authentication may be performed using authentication procedures of the local network 102.
  • the authentication may be performed by the gateway module 100 itself, or by some other node, for example another node in the local network.
  • the mobile network interface 103 Upon connection of a new local device to the local network interface 101 , according to one embodiment the mobile network interface 103 signals to the mobile network 104 that a local device with an associated operator attribute wishes to attach to the mobile network. Thereafter the identity of the local device will be known within the mobile network such that servers or devices within the mobile network are then able to instigate communication with the local device.
  • the linking module 105 in response to the mobile network interface 103 receiving a request to establish communication with a local device, can determine a local address of the local device using an operator attribute received with the communication request, for establishing communication with a local device having the determined local address. In other words, upon receipt of a request to establish communication with a local device which is identified by its operator attribute (such as IMSI or MSISDN), the linking module 105 is able to map this operator attribute with a local address for that local device, since it is the linking module 105 that will have previously established the link between the two.
  • the gateway module 100 comprises a memory for storing a list of associations between operator attributes and local addresses of local devices. In another example the list of associations may be stored in a remote node or server.
  • the local network interface 101 may communicate with local network devices using local network communication protocols. In this way a local device only needs to use standard local protocols, e.g. standard WiFi or ZigBee protocols, when communicating with a mobile network via the gateway module 100.
  • the mobile network interface 103 may communicate with the mobile network using mobile network protocols. In this way nodes or user equipment within the mobile network only need to use standard mobile network protocols, e.g. standard 3GPP protocols, when communicating with a local device via the gateway module 100.
  • the linking module 105 acts as an identity proxy between a mobile network 104 and a local network 102, for example a 3GPP-identity proxy when the mobile network is a 3GPP network.
  • 3GPP-identity proxy gateway a form of 3GPP-identity function, which may also be referred to as a 3GPP-identity proxy gateway, or proxy gateway.
  • a 3GPP-identity proxy gateway provided by a gateway module 100 may be realized as a logical network function.
  • the gateway module 100 can be realized as a stand-alone physical node.
  • the gateway module 100 forms part of a node within the mobile network, for example a base station within a mobile network, for example part of a 3GPP base station.
  • the gateway module 100 forms part of a cloud based function or service.
  • the gateway module 100 forms part of a node in a local network, for example part of a router in a local network (such as a WiFi router).
  • a gateway module 100 may serve or interface with a single local network or multiple local networks, and/or serve a single mobile network or multiple mobile networks.
  • the gateway module 100 can therefore act as a proxy gateway, such that local network devices appear as mobile clients to an external mobile network 104.
  • the gateway module 100 can also act as a proxy gateway by appearing as a standard capillary network gateway to the local devices (whereby the local devices can be associated with mobile network identities without even being aware of the fact that this is the case).
  • the gateway module 100 effectively becomes transparent (invisible) to most nodes in the external mobile network, whereby the gateway module 100 tricks nodes in the mobile network, for example all nodes except the management systems, to think that the gateway module 100 is the capillary network devices.
  • a gateway module 100 of Figure 2a may perform service detection, step 201 , which provides a local address (for example a MAC address) of a local device 1 10 within the local network 102, for example local device 1 1 O3 of Figure 2a.
  • a media channel in the local network 102 is associated with the local device 1 1 O3.
  • the local address of the local device 1 1 O3, for example its MAC address, is associated or linked with an operator attribute, from a set or pool of operator attributes held by the gateway module 100 (e.g. for enabling the gateway module to create virtual devices within a mobile network).
  • the device media channel is associated with a data channel of the mobile network 104.
  • FIG 3a shows an example of an application incorporating a gateway module 100 according to an embodiment.
  • the gateway module 100 functions as an interface between local devices 1 10 of a local network 102 and a mobile network 104.
  • the mobile network 104 may comprise a web interface for interfacing with an internet network 106.
  • Figure 3b shows an example of how a local device 1 10 in a local network 102 may be addressed from an internet network 106 via a mobile network 104.
  • the mobile network 104 can use functionality as described for example in 3GPP standards to associate an IP address to a IMSI or MSISDN to be used when communicating with an end device from systems outside the mobile network 104, e.g. the Internet 106.
  • an association between the IMSI/MSISDN and the IP address used in the communication can be either static, i.e. the same during the life-cycle of the end device, or dynamic, i.e. whereby a new IP address is associated at each 3GPP attach.
  • an end device is reachable by means of an IP address exposed to the outside world.
  • the gateway module 100 associates an IP address with the local address (MAC address) of the local device, thus providing each local device with an IP address it can use.
  • the gateway module 100 can associate a IMSI/MSISDN with the local device (e.g. using a linking module 105 as described in Figure 1 ) and invoke a "SIM attach procedure" towards the mobile network 104 (e.g. according to 3GPP specifications).
  • the SIM attach procedure can involve a mobile network interface within the gateway module 100 sending a notification to the mobile network, informing the mobile network that a local device having the associated IMSI/MSISDN wishes to attach to the mobile network. This can trigger the mobile network 104 to provision a second IP address, either from a pool of IP addresses available to the PDN GW
  • This second IP address (dynamic IP address allocation) or a static IP address with a fixed relation to the IMSI/MSISDN (fixed IP address).
  • This second IP address (i.e. the one provided by the mobile network 104) is the one by which the local device 1 10 can be reached from outside of the local network 102.
  • this IP address can be associated with an URL (such that a local device 1 10 is publicly reachable via a URL).
  • the local device 1 10 is addressed directly with its IP address that carries an association known only to the owner of the local network 102 (e.g. a utility company or enterprise).
  • the gateway module 100 will therefore have two IP addresses in this embodiment, one to the left associated with the IMSI/MSISDN and known to the outside world, and one to the right associated with the local address (MAC address) and known to the local device 1 10.
  • the gateway module 100 can therefore be configured to either swap IP addresses on each IP Packet Data Unit going left/right (for example using a known Network Address Translation, NAT, function) or re-assign the local device 1 10 with the IP address provided by the mobile network.
  • the set of identities (URL - IMSI/MSISDN - MAC address) now have associations with an IP address (or two or three IP addresses in the case of Network Address Translation) by which IP-level communication can be provided.
  • IP address or two or three IP addresses in the case of Network Address Translation
  • the IMSI or MSISDN may comprise an IMSI or MSISDN that has been allocated by the gateway module 100 to a local device 1 10 within the local network, for example an IMSI or MSISDN from a set of such operator attributes that the gateway module 100 has been provided for providing identities to devices within the local network.
  • the gateway module 100 may provide the function of a mobile network micro radio base station or femto cell with an embedded pool of virtual devices, which can be bridged to a physical device.
  • the logical gateway module 100 may be a self-contained function that sits between the S1 interface in the 3GPP network and the WiFi/Zigbee radio interface in the local network. From an implementation point of view the gateway module 100 may be implemented either as a stand-alone function or node, or as part of a radio base station (including pico, micro, etc., base stations) or as part of a physical capillary network gateway node.
  • the gateway module 100 has the function of a local network hub function, such that local network devices 1 10 can connect to the gateway module 100 with known protocols to the local network 102, such as WiFi and Zigbee protocols, and using associated identities, for example a MAC address within a WiFi network as mentioned earlier. Therefore, a local network interface within the gateway module can communicate with a local network device using local network communication protocols (e.g. WiFi or ZigBee protocols). In a similar manner, a mobile network interface of the gateway module can communicate with the mobile network 104 using mobile network protocols (such as 3GPP protocols).
  • Figures 3a and 3b above therefore show examples of how an embodiment can allow existing mobile network operator capabilities to be used with devices connected to a local network, for example operator capabilities such as management, customer care and charging. Other mobile network capabilities may also be used.
  • FIG. 4 shows another example of an application of an embodiment.
  • a gateway module 100 for interfacing between a mobile network 104 and a local network 102.
  • the gateway module 100 may be configured to provide connectivity management, including for example the provision of global identities as described in the embodiments herein, and other management functions such as security or mobility.
  • the gateway module 100 may be adapted to enable a device in the local network and assign a public identity to that device.
  • a MAC address may be stored in a filter, and the MAC address associated with an operator attribute such as an IMSI, or an MSISDN as an alias.
  • the gateway module 100 behaves as a proxy for the local device.
  • the mobile network 104 sees the gateway module 100 as a device.
  • the local or capillary network becomes a sub network of the mobile network 104.
  • service detection can identify the MAC address of the local device 1 10.
  • the gateway module 100 can verify the MAC address, for example by comparing with known MAC addresses. If the device is known or approved, it is connected to an operator attribute such as an IMSI in the gateway module 100.
  • An MSISDN or an IP address may be provided as an alias for the MAC address, as an external identity for the local device 1 10.
  • the gateway module 100 is capable of managing a pool of operator attributes, such as a pool of IMSIs or MSISDNs, or a pool of embedded universal integrated circuit card (EUICC) device SIM credentials.
  • the gateway module 100 may be configured to signal to a flexible number register, FNR, to route a MAC MSISDN to IMSI when allocated to a local device.
  • the gateway device 100 may signal to a FNR to release MAC MSISDN from IMSI when a local device is detached.
  • FNR flexible number register
  • the gateway module 100 keeps the association between the operator attribute that has been attributed with the local device 1 10 and the true identity of the local device 1 10 (e.g. the true MAC address or similar).
  • Any server, node or other device or equipment in the mobile network 104 can now reach the local device 1 10 within the local network 102 using the 3GPP identity as if the local device had a true IMSI or MSISDN.
  • Packet data aimed for the local device will reach the gateway module 100, which uses the identity association (i.e. IMSI/MSISDN to MAC address mapping) to forward the data packet to the appropriate local device 1 10.
  • Cloud based services 108 may also be used with connected devices, for example via the gateway module 100.
  • Figure 5 shows an example of an application of a gateway module 100, for providing an interface between a mobile network 104 and a local device 1 10 of a local network.
  • the local network interface 101 comprises a Wi- Fi hub
  • the mobile network interface 103 comprises a micro radio base station.
  • the linking module 105 functions as a client emulator towards the mobile network, and comprises an IMSI pool, and stores a list of IMSI and MAC associations.
  • the linking module 105 provides a bridge between a mobile network and a local network.
  • the mobile network in this example comprises a mobile radio access network (RAN) node 501 , a network identity server such as SIM or dynamic downloadable representation of a SIM node 503 and a server 505 linking an alias to the mobile network identity such as IMSI.
  • a back haul 502 for example a femto/micro base station back haul
  • the mobile RAN 501 can send IMSI addressed packets to the mobile network interface 103 of the gateway module 100.
  • the linking module 105 maps the IMSI to the local address of the local device 1 10, so that the IMSI addressed packet can be routed to the local device 1 10 via the local network interface 101 .
  • the linking module 105 may also communicate with the network identity server 503 and the number portability server 505 directly, for example using a IP-backhaul connecting a radio base station to the network backbone, or via the micro radio base station 103.
  • the gateway module 100 can provide a connectivity management system for managing connectivity for connected devices on behalf of mobile network operators.
  • the identities of the connected devices used for the communication may be based on IMSI.
  • the gateway module 100 may be provided with a range of IMSIs connected to its own identity. Allocated credentials to local devices may be referred to as a type of dynamic identity, or dynamic IMSI (D-IMSI), since the identity of a local device can effectively be allocated on a dynamic basis when a local device attaches to a local network.
  • D-IMSI dynamic IMSI
  • the gateway module 100 can therefore function as a type of private automatic branch exchange (PABX) for connected devices.
  • PABX private automatic branch exchange
  • a D-IMSI may be associated with an alias MSISDN.
  • the same local device having a particular MAC address
  • the IMSI may vary from time to time.
  • the association may leverage on existing number portability mechanisms.
  • the gateway module 100 can allocate D-IMSI's to devices that are connected to the capillary or local network managed by the gateway module 100. This may be carried out by connecting a D-IMSI to an identity that the connected device is given during manufacturing (e.g., MAC address or similar) and the dynamic local network address assigned to the device during service discovery. The connected device then has an international identity, communication with which can then be managed by a connectivity manager.
  • Figure 6 is similar to Figure 5, in that it shows an example of an application of a gateway module 100, for providing an interface between a mobile network 104 and a local device 1 10 of a local network. In the example of Figure 6, there is further provided an interface between the mobile network 104 and another network such as a public internet network 106.
  • an internal mobile packet data interface 603 may be provided, for example for converting an address within the internet network 106, for example an IP address, to an address that can be used in the mobile network 104, for example an IMSI or MSISDN.
  • An optional alias lookup module 605 may be provided. Thereafter, packets routed by the mobile network 104 from the internet network 106 are routed from the mobile network 104 to the local device 1 10 via the gateway module 100 as described above.
  • FIG. 7 shows another example of a gateway module 100 in greater detail.
  • the gateway module comprises a local network interface 101 , a mobile network interface 103 and a linking module 105.
  • the local module interface 101 comprises, for example, an industrial, scientific and medical (ISM) radio band interface 101 1 , a Bluetooth interface 1012, a Zigbee interface 1013, a WiFi interface 101 and a UM interface 1015, (i.e. 3GPP radio interface between a radio base station and mobile phone/device).
  • ISM industrial, scientific and medical
  • Such local network interfaces 101 may interface with any type of local device, for example a portable tablet device 1 10i , a mobile telephone 1 102, an ISM wireless sensor 1 1 O3, a wireless device 1 10 4 , a wireless audio/video device 1 10 5 , a wireless meter device 1 10e, or a wireless temperature sensor 1 10 7 . It will be appreciated that these are merely examples, and that other devices may also be connected as local devices.
  • the gateway module 100 when a new local network device connects to the gateway module 100 (or proxy gateway) for the first time, the gateway module associates one of its stored operator attributes with the local device.
  • the gateway module 100 comprises a pool of SIM credentials that can be linked to local devices during service discovery of a device in the local network, e.g. when service detection in a WiFi network identifies a new MAC address.
  • the linking module 105 which may comprise identity enabler logic, can associate one of its 3GPP identities, such as an IMSI and/or associated MSISDN, with that local network device.
  • the linking module may first perform authentication procedures to authenticate the local device, for example using existing local network protocols and authentication procedures.
  • the gateway module may signal up towards a mobile network, for example to a mobile gateway of a mobile network, that a local device with the operator attribute that has been associated with it (such as an IMSI or MSISDN), wishes to attach to the mobile network.
  • a local device with the operator attribute that has been associated with it such as an IMSI or MSISDN
  • the gateway module 100 may be connected to the mobile network through a 3GPP access such as "A", "S1 " or equivalent for 4G or 5G, as shown in Figure 7.
  • Figure 8 shows an example of a method in a gateway module for managing communication between a local device of a local network and a mobile network, according to an embodiment.
  • the method comprises associating an operator attribute, from a set of operator attributes related to the mobile network, with a local address of the local device, step 801 .
  • an operator attribute may comprise an International Mobile Subscriber Identity (IMSI), or an alias associated with an IMSI, for example a Mobile Station International Subscriber Director Number (MSISDN) associated with an IMSI.
  • IMSI International Mobile Subscriber Identity
  • MSISDN Mobile Station International Subscriber Director Number
  • Other Subscriber Identity Module (SIM) credentials such as encryption secrets, may also be associated with an operator attribute.
  • associating an operator attribute with a local address of a local device is performed in response to detecting that a new local device has connected to the gateway module. In another example, associating an operator attribute with a local address of a local device is performed in response to detecting that a new local device has connected to the local network. In another example, associating an operator attribute with a local address of a local device is performed in response to receiving a notification that a new local device has connected to the local network.
  • the method may further comprise the step of authenticating a local device prior to associating an operator attribute to that local device.
  • the method may further comprise the steps of receiving from the mobile network a request to establish communication with a local device, step 901 , determining a local address of the local device using an operator attribute received with the communication request, step 903, and establishing communication with the local device having the determined local address, step 905.
  • the step of determining a local address comprises comparing a previously compiled list of associations between operator attributes and local addresses.
  • a computer program configured, when run on a computer, to carry out a method as described above.
  • a computer program product comprising computer readable medium and a computer program as described above stored on the computer readable medium.
  • Figure 10 shows an apparatus 1000 according to an embodiment, comprising a processor unit 1001 and a memory 1003, wherein the processor unit 1001 is configured to perform operations stored in the memory 1003, for performing a method as described herein.
  • the processor could be any combination of one or more of a suitable central processing unit (CPU), multiprocessor,
  • microcontroller capable of executing software instructions contained in a computer program stored in a computer program product.
  • DSP digital signal processor
  • ASIC application specific integrated circuit
  • the embodiments described herein enable a mobile network to activate one or more legacy functions associated with true 3GPP devices, such as Charging Data Records, Quality of Service (QoS) functions, policy functions,
  • the local device has in essence become a 3GPP device.
  • the mobile network can identify and manage the local device as if it were a device equipped with a 3GPP modem.
  • the local device can, from the viewpoint of the other end, act like a local network device. Indeed, in one embodiment of the invention the local device may not even be aware of the presence of the gateway module. Such an embodiment has an advantage that the gateway module can be used not only for new-design local devices, but also for legacy local devices regardless of which local network standard or protocol is used. The local device will see the gateway module as a standard communication server.
  • the embodiments of the present invention may be used in numerous applications. Examples of use cases for the embodiments described herein is the delivery of media from a cloud or web service to a local device connected through a local or capillary network, such as Netflix R TM or Spotify R TM. Another example could be a cloud service communicating and interacting with local devices in local networks (for control, surveillance, collecting or posting information etc.).
  • the embodiments described herein provide function and protocols associated with the gateway module, and architecture for including the gateway module in the combined mobile network and local network logical architecture.
  • procedures may be provided for creating, maintaining and using an association between the identity of the local device in a local network and the identity of that device in the mobile network.
  • the gateway module may be implemented in a standalone physical node, or alternatively form part of a base station node or a cloud based function.
  • a local device may be provided with a local address when the local device is being manufactured.
  • the gateway module itself may provide a local device with a local network address, for example upon a local device connecting to the gateway module for the first time.
  • the MAC address of a local device may be stored in a local network filter, for example a Wi-Fi, Zigbee, or IPv6 over Low Power Wireless Personal Area Network (6L0WPAN) etc.
  • a request to an external security server may also be used to enforce device and network security policies.
  • neither local devices nor the mobile network have to be modified in order to provide the functionality of the gateway module, whereby the mobile network interface and local network interface of the gateway module provide the communications protocols for communicating between the mobile network and the local network.
  • a gateway module responsible for a local network may manage a pool of EUICC device SIM credentials, and can signal to a number portability node (for example a flexible number register, FNR) to rout traffic to and from a client with MSISDN to the IMSI allocated to a local device MAC and further to the local capillary network address.
  • the gateway module can also signal to the number portability node (FNR) to release "MAC MSISDN" from IMSI when the local device is detached from the local network.
  • a device may be attached to the gateway module or femto capillary (e.g. Wi-Fi), for example upon a WiFi network verifying a MAC against known MACs (MAC filtering standard) or through external policy enforcement. If known (or approved by policy enforcement), a device is connected to a free (i.e. unused) IMSI from the pool of IMSIs.
  • An MSISDN may be assigned as an alias for the MAC as an external identity.
  • a WiFi network can detach the MAC address when the link to the device is lost, and the WiFi network can request the gateway module to release IMSI and the binding or linking of the IMSI and MAC.
  • the embodiments described herein can bring a number of values to several entities in the systems of the Internet of things, or to the networked society, to mobile communication, and to machine to machine communication. Examples described herein have an advantage that they do not require any redesign of the local network devices, which in turn can lead to the advantages of enabling the embodiments to the used in combination with legacy capillary network devices, thus not increasing the complexity (or cost) of a local network device itself.
  • the embodiments enable a device identity (e.g. MAC address) to be linked to a globally known identity from a mobile network (e.g. IMSI / MSISDN).
  • the embodiments enable external servers or devices to contact a local device, without necessarily requiring any design or re-design of the local network devices. This means that embodiments of the invention can be used without increasing the cost of the devices themselves, without special requirements put on the device manufacturers and indeed also for legacy devices already deployed.
  • Servers or equipment external to the local network can address the device using SIM credentials such as IMSI, or an alias such as MSISDN.
  • the mechanism proposed by the embodiments described herein is independent of the actual capillary network technology uses to connect the device to the network.
  • the embodiments of the invention may also be used selectively in a fleet of local or capillary devices, meaning that associating a globally known identity can be provided to selected devices while other devices can be left without this association, even on a dynamic basis.
  • the embodiments described above make it possible for mobile operators to significantly increase the addressable market for connected devices and machine to machine services.
  • the embodiments also makes it possible for an operator to reduce the life-cycle cost for capillary network devices since already existing management systems can be used also for non-3GPP devices.
  • Some of the advantages for mobile network operators therefore include providing an operator with the possibility of offering management to devices of a local network (e.g. connectivity, configuration and security), thus providing connectivity outside their own physical network.
  • Mobile operators may also leverage on existing systems designed to manage devices in mobile networks carrying IMSI/MSISDN identities to manage also devices in capillary networks that lack the IMSO/MSISDN identity capabilities.
  • An advantage for service providers is that the embodiments can provide them with connectivity and the ability to manage devices behind gateways in capillary networks, in an easy and secure way.
  • An advantage for device vendors is that the embodiments provide the devices with a secure international reusable identity based on SIM credentials to which an alias can be linked to.

Abstract

A gateway module (100) for managing communication with a local device of a local network comprises a local network interface (101) for interfacing with a local device, and a mobile network interface (103) for interfacing with a mobile network. A linking module (105) links an operator attribute, from a set of operator attributes associated with the mobile network, with a local address of a local device.

Description

Apparatus and Method for Managing Communication with
a Local Device of a Local Network
Technical Field
The present invention relates to an apparatus and method for managing communication with a local device of a local network, for example managing communication between a mobile network and a local device of a local network, such as a local device within a WiFi or Zigbee network. Background
Connected devices are becoming an integrated part of the networked society. Many of these devices will be connected to a local network, sometimes referred to as a capillary network, for example a WiFi network or Zigbee network, or similar type of local network. A challenge with such connected devices or equipment that connect to such local networks is that they often require manual configuration and management, which can slow down the uptake of their use, and can limit the potential of solutions using these connected devices or equipment. Today, it is estimated that about eighty percent of the wireless connected devices are connected through a non 3GPP access (i.e. not via a mobile network). A disadvantage of this is that it is difficult to reach such wireless connected devices from a server or some other form of equipment or device from, for example, public networks such as the internet, or a mobile operator network. Another disadvantage is that management and charging systems designed for handling wireless devices in mobile operator networks cannot be reused for capillary network devices.
Summary
It is an aim of the present invention to provide a method and apparatus which obviate or reduce at least one or more of the disadvantages mentioned above. According to a first aspect there is provided a gateway module for managing communication with a local device of a local network. The gateway module comprises a local network interface for interfacing with a local device, and a mobile network interface for interfacing with a mobile network. The gateway module further comprises a linking module for linking an operator attribute, from a set of operator attributes associated with the mobile network, with a local address of a local device. According to another aspect there is provided a method in a gateway module for managing communication between a local device of a local network and a mobile network. The method comprises associating an operator attribute, from a set of operator attributes related to the mobile network, with a local address of the local device.
Brief description of the drawings
For a better understanding of examples of the present invention, and to show more clearly how the examples may be carried into effect, reference will now be made, by way of example only, to the following drawings in which:
Figure 1 shows an example of a gateway module according to an embodiment; Figure 2a shows an example of an application of an embodiment; Figure 2b shows an example of a method according to an embodiment; Figure 3a shows another example of an application of an embodiment; Figure 3b shows another example of an application of an embodiment;
Figure 4 shows another example of an application of an embodiment; Figure 5 shows further details of an application of an embodiment; Figure 6 shows further details of another application of an embodiment;
Figure 7 shows further detail of a gateway module according to an embodiment; Figure 8 shows an example of a method according to an embodiment; Figure 9 shows an example of a method according to an embodiment; and Figure 10 shows an example of an apparatus according to an embodiment. Detailed description
Local networks (or capillary networks) have traditionally been mainly used for internal communication within the local network, or for communication with external entities outside the local network, and in particular when the
communication is initiated from a device in the local network. External entities may comprise, for example, other users, servers, cloud servers or client devices.
Therefore, as mentioned in the background section, initiating communication from outside of the local network to a device within the local network can be a challenge. However the need for server initiated communication to devices in a local network increases as services such as cloud services are introduced.
The embodiments described below provide a method and apparatus to communicate with devices connected to a local network, for example a WiFi or Zigbee network, and enable such devices to be reachable through operator attributes provided in a mobile network, for example operator attributes such as an International Mobile Subscriber Identity (IMSI) or an alias to an IMSI, for example a Mobile Station International Subscriber Directory Number (MSISDN).
It is noted that references herein to a mobile network are intended to
encompass any form of telecommunications network, such as the 3rd
Generation Partnership Project (3GPP) network, a Long Term Evolution (LTE) network, which may also be referred to as a 4th Generation (4G) network, or 5th generation networks, or any other type of mobile network. The embodiments described herein allow existing mobile network operator capabilities to be used with devices connected to a local network, for example operator capabilities such as management, customer care and charging. As will be explained in greater detail below, such attributes may be used with legacy devices
connected to a local network, with or without 3GPP modems or the like.
Figure 1 shows an example of a gateway module 100 according to one embodiment, for managing communication with a local device of a local network. The gateway module 100 comprises a local network interface 101 for interfacing with a local device (for example a local device in a local network 102). The gateway module 100 further comprises a mobile network interface 103 for interfacing with a mobile network 104 (for example a 3GPP network, or a LTE network, or a next generation mobile network). A linking module 105 links an operator attribute, from a set of operator attributes associated with the mobile network 104, with a local address of a local device.
In one example, an operator attribute may comprise an International Mobile Subscriber Identity (IMSI), or an alias associated with an IMSI, for example a Mobile Station International Subscriber Director Number (MSISDN) associated with an IMSI. Other Subscriber Identity Module (SIM) credentials, such as encryption secrets, may also be associated with an operator attribute. In one embodiment, a set of operator attributes may comprise a set of 3GPP identities of a 3GPP mobile network, wherein the set of 3GPP identities may be
associated with, and hence used to identify local network devices. By linking an operator attribute of a mobile network, such as an IMSI or IMSI alias such as MSISDN, or some other form of mobile network identity with a local address of a local device (e.g. a MAC address of a local device), this has an advantage that a local device connected to a local network can be provided with an identity within the mobile network, for example a globally known communication identity, which makes it easier for entities, devices or servers outside the local network to reach, address, and communicate with these devices.
In one embodiment, the linking module 105 links an operator attribute with a local address of a local device in response to the local network interface 101 detecting that a new local device has connected thereto. In another example, the linking module 105 links an operator attribute with a local address of a local device in response to the local network interface 101 detecting that a new local device has connected to the local network. In another example the linking module 105 links an operator attribute with a local address of a local device in response to the local network interface 101 receiving a notification that a new local device has connected to the local network.
The linking module 105 may be adapted to authenticate a local device prior to linking an operator attribute to that local device. For example, the authentication may be performed using authentication procedures of the local network 102. The authentication may be performed by the gateway module 100 itself, or by some other node, for example another node in the local network.
Upon connection of a new local device to the local network interface 101 , according to one embodiment the mobile network interface 103 signals to the mobile network 104 that a local device with an associated operator attribute wishes to attach to the mobile network. Thereafter the identity of the local device will be known within the mobile network such that servers or devices within the mobile network are then able to instigate communication with the local device.
The linking module 105, in response to the mobile network interface 103 receiving a request to establish communication with a local device, can determine a local address of the local device using an operator attribute received with the communication request, for establishing communication with a local device having the determined local address. In other words, upon receipt of a request to establish communication with a local device which is identified by its operator attribute (such as IMSI or MSISDN), the linking module 105 is able to map this operator attribute with a local address for that local device, since it is the linking module 105 that will have previously established the link between the two. In one embodiment the gateway module 100 comprises a memory for storing a list of associations between operator attributes and local addresses of local devices. In another example the list of associations may be stored in a remote node or server. The local network interface 101 may communicate with local network devices using local network communication protocols. In this way a local device only needs to use standard local protocols, e.g. standard WiFi or ZigBee protocols, when communicating with a mobile network via the gateway module 100. In a similar manner, the mobile network interface 103 may communicate with the mobile network using mobile network protocols. In this way nodes or user equipment within the mobile network only need to use standard mobile network protocols, e.g. standard 3GPP protocols, when communicating with a local device via the gateway module 100.
In one example, the linking module 105 acts as an identity proxy between a mobile network 104 and a local network 102, for example a 3GPP-identity proxy when the mobile network is a 3GPP network. There is therefore provided a form of 3GPP-identity function, which may also be referred to as a 3GPP-identity proxy gateway, or proxy gateway.
It is noted that, in one example, a 3GPP-identity proxy gateway provided by a gateway module 100 may be realized as a logical network function. There are several possible physical implementations that may be used to realize such an example. In one embodiment, the gateway module 100 can be realized as a stand-alone physical node. In another embodiment the gateway module 100 forms part of a node within the mobile network, for example a base station within a mobile network, for example part of a 3GPP base station. In another embodiment the gateway module 100 forms part of a cloud based function or service. In another embodiment the gateway module 100 forms part of a node in a local network, for example part of a router in a local network (such as a WiFi router). A gateway module 100 according to an embodiment may serve or interface with a single local network or multiple local networks, and/or serve a single mobile network or multiple mobile networks. The gateway module 100 can therefore act as a proxy gateway, such that local network devices appear as mobile clients to an external mobile network 104. The gateway module 100 can also act as a proxy gateway by appearing as a standard capillary network gateway to the local devices (whereby the local devices can be associated with mobile network identities without even being aware of the fact that this is the case). The gateway module 100 effectively becomes transparent (invisible) to most nodes in the external mobile network, whereby the gateway module 100 tricks nodes in the mobile network, for example all nodes except the management systems, to think that the gateway module 100 is the capillary network devices.
This is illustrated, for example, in Figure 2a, which shows an example of an application of a gateway module 100, whereby the gateway module 100 is provided as an interface between a mobile network 104 and a local network 102 (having local devices 1 10i to 1 1 ON within the local network 102). Referring to Figure 2b, in one example a gateway module 100 of Figure 2a may perform service detection, step 201 , which provides a local address (for example a MAC address) of a local device 1 10 within the local network 102, for example local device 1 1 O3 of Figure 2a. In step 203, a media channel in the local network 102 is associated with the local device 1 1 O3. In step 205, the local address of the local device 1 1 O3, for example its MAC address, is associated or linked with an operator attribute, from a set or pool of operator attributes held by the gateway module 100 (e.g. for enabling the gateway module to create virtual devices within a mobile network). In step 207, the device media channel is associated with a data channel of the mobile network 104.
Figure 3a shows an example of an application incorporating a gateway module 100 according to an embodiment. In the example, the gateway module 100 functions as an interface between local devices 1 10 of a local network 102 and a mobile network 104. The mobile network 104 may comprise a web interface for interfacing with an internet network 106.
Figure 3b shows an example of how a local device 1 10 in a local network 102 may be addressed from an internet network 106 via a mobile network 104. The mobile network 104 can use functionality as described for example in 3GPP standards to associate an IP address to a IMSI or MSISDN to be used when communicating with an end device from systems outside the mobile network 104, e.g. the Internet 106. As described in 3GPP standards an association between the IMSI/MSISDN and the IP address used in the communication can be either static, i.e. the same during the life-cycle of the end device, or dynamic, i.e. whereby a new IP address is associated at each 3GPP attach. In this example an end device is reachable by means of an IP address exposed to the outside world. This may be realized by the following steps. First, the gateway module 100 associates an IP address with the local address (MAC address) of the local device, thus providing each local device with an IP address it can use. Second, upon "attach" (e.g. activation of the device), the gateway module 100 can associate a IMSI/MSISDN with the local device (e.g. using a linking module 105 as described in Figure 1 ) and invoke a "SIM attach procedure" towards the mobile network 104 (e.g. according to 3GPP specifications). The SIM attach procedure can involve a mobile network interface within the gateway module 100 sending a notification to the mobile network, informing the mobile network that a local device having the associated IMSI/MSISDN wishes to attach to the mobile network. This can trigger the mobile network 104 to provision a second IP address, either from a pool of IP addresses available to the PDN GW
(dynamic IP address allocation) or a static IP address with a fixed relation to the IMSI/MSISDN (fixed IP address). This second IP address (i.e. the one provided by the mobile network 104) is the one by which the local device 1 10 can be reached from outside of the local network 102. In the case of a fixed IP address (or a long lived dynamic one) this IP address can be associated with an URL (such that a local device 1 10 is publicly reachable via a URL). In another example, instead of being publicly reachable via a URL, the local device 1 10 is addressed directly with its IP address that carries an association known only to the owner of the local network 102 (e.g. a utility company or enterprise). The association may in this case be, for example, {Sensor_ld_GXQ: 123847.01 = IP address 83.255.162.151 }. The gateway module 100 will therefore have two IP addresses in this embodiment, one to the left associated with the IMSI/MSISDN and known to the outside world, and one to the right associated with the local address (MAC address) and known to the local device 1 10. The gateway module 100 can therefore be configured to either swap IP addresses on each IP Packet Data Unit going left/right (for example using a known Network Address Translation, NAT, function) or re-assign the local device 1 10 with the IP address provided by the mobile network. The net effect of such an embodiment is that the set of identities (URL - IMSI/MSISDN - MAC address) now have associations with an IP address (or two or three IP addresses in the case of Network Address Translation) by which IP-level communication can be provided. Thus, in this example, to reach a local device 1 10 the "outside world" can use either the IMSI/MSISDN or the IP address if allocated.
The IMSI or MSISDN may comprise an IMSI or MSISDN that has been allocated by the gateway module 100 to a local device 1 10 within the local network, for example an IMSI or MSISDN from a set of such operator attributes that the gateway module 100 has been provided for providing identities to devices within the local network. The gateway module 100 may provide the function of a mobile network micro radio base station or femto cell with an embedded pool of virtual devices, which can be bridged to a physical device.
The logical gateway module 100 may be a self-contained function that sits between the S1 interface in the 3GPP network and the WiFi/Zigbee radio interface in the local network. From an implementation point of view the gateway module 100 may be implemented either as a stand-alone function or node, or as part of a radio base station (including pico, micro, etc., base stations) or as part of a physical capillary network gateway node.
In one embodiment, the gateway module 100 has the function of a local network hub function, such that local network devices 1 10 can connect to the gateway module 100 with known protocols to the local network 102, such as WiFi and Zigbee protocols, and using associated identities, for example a MAC address within a WiFi network as mentioned earlier. Therefore, a local network interface within the gateway module can communicate with a local network device using local network communication protocols (e.g. WiFi or ZigBee protocols). In a similar manner, a mobile network interface of the gateway module can communicate with the mobile network 104 using mobile network protocols (such as 3GPP protocols). Figures 3a and 3b above therefore show examples of how an embodiment can allow existing mobile network operator capabilities to be used with devices connected to a local network, for example operator capabilities such as management, customer care and charging. Other mobile network capabilities may also be used.
Figure 4 shows another example of an application of an embodiment. Again, there is provided a gateway module 100 for interfacing between a mobile network 104 and a local network 102. The gateway module 100 may be configured to provide connectivity management, including for example the provision of global identities as described in the embodiments herein, and other management functions such as security or mobility. The gateway module 100 may be adapted to enable a device in the local network and assign a public identity to that device. A MAC address may be stored in a filter, and the MAC address associated with an operator attribute such as an IMSI, or an MSISDN as an alias. The gateway module 100 behaves as a proxy for the local device. The mobile network 104 sees the gateway module 100 as a device. The local or capillary network becomes a sub network of the mobile network 104. When a local device 1 10 is attached to the local network 102, service detection can identify the MAC address of the local device 1 10. The gateway module 100 can verify the MAC address, for example by comparing with known MAC addresses. If the device is known or approved, it is connected to an operator attribute such as an IMSI in the gateway module 100. An MSISDN or an IP address may be provided as an alias for the MAC address, as an external identity for the local device 1 10.
The gateway module 100 is capable of managing a pool of operator attributes, such as a pool of IMSIs or MSISDNs, or a pool of embedded universal integrated circuit card (EUICC) device SIM credentials. In one example, the gateway module 100 may be configured to signal to a flexible number register, FNR, to route a MAC MSISDN to IMSI when allocated to a local device. The gateway device 100 may signal to a FNR to release MAC MSISDN from IMSI when a local device is detached. It is noted that flexible number routing is only one example of how an alias can be linked to an operator attribute (e.g. IMSI) and how the alias can remain the same although the associated IMSI may change.
To the mobile network 104 it appears that a 3GPP device with associated IMSI or MSISDN is now attached to the 3GPP network. The gateway module 100 keeps the association between the operator attribute that has been attributed with the local device 1 10 and the true identity of the local device 1 10 (e.g. the true MAC address or similar).
Any server, node or other device or equipment in the mobile network 104 can now reach the local device 1 10 within the local network 102 using the 3GPP identity as if the local device had a true IMSI or MSISDN. Packet data aimed for the local device will reach the gateway module 100, which uses the identity association (i.e. IMSI/MSISDN to MAC address mapping) to forward the data packet to the appropriate local device 1 10. Cloud based services 108 may also be used with connected devices, for example via the gateway module 100.
Figure 5 shows an example of an application of a gateway module 100, for providing an interface between a mobile network 104 and a local device 1 10 of a local network. In this example the local network interface 101 comprises a Wi- Fi hub, while the mobile network interface 103 comprises a micro radio base station. The linking module 105 functions as a client emulator towards the mobile network, and comprises an IMSI pool, and stores a list of IMSI and MAC associations. The linking module 105 provides a bridge between a mobile network and a local network. The mobile network in this example comprises a mobile radio access network (RAN) node 501 , a network identity server such as SIM or dynamic downloadable representation of a SIM node 503 and a server 505 linking an alias to the mobile network identity such as IMSI. Using a back haul 502, for example a femto/micro base station back haul, the mobile RAN 501 can send IMSI addressed packets to the mobile network interface 103 of the gateway module 100. The linking module 105 maps the IMSI to the local address of the local device 1 10, so that the IMSI addressed packet can be routed to the local device 1 10 via the local network interface 101 . The linking module 105 may also communicate with the network identity server 503 and the number portability server 505 directly, for example using a IP-backhaul connecting a radio base station to the network backbone, or via the micro radio base station 103.
The gateway module 100 can provide a connectivity management system for managing connectivity for connected devices on behalf of mobile network operators. The identities of the connected devices used for the communication may be based on IMSI. The gateway module 100 may be provided with a range of IMSIs connected to its own identity. Allocated credentials to local devices may be referred to as a type of dynamic identity, or dynamic IMSI (D-IMSI), since the identity of a local device can effectively be allocated on a dynamic basis when a local device attaches to a local network. The gateway module 100 can therefore function as a type of private automatic branch exchange (PABX) for connected devices.
A D-IMSI may be associated with an alias MSISDN. In one example, the same local device (having a particular MAC address) can always be associated with the same MSISDN, although the IMSI may vary from time to time. The association may leverage on existing number portability mechanisms.
The gateway module 100 can allocate D-IMSI's to devices that are connected to the capillary or local network managed by the gateway module 100. This may be carried out by connecting a D-IMSI to an identity that the connected device is given during manufacturing (e.g., MAC address or similar) and the dynamic local network address assigned to the device during service discovery. The connected device then has an international identity, communication with which can then be managed by a connectivity manager. Figure 6 is similar to Figure 5, in that it shows an example of an application of a gateway module 100, for providing an interface between a mobile network 104 and a local device 1 10 of a local network. In the example of Figure 6, there is further provided an interface between the mobile network 104 and another network such as a public internet network 106. In an example where a public web service 601 wishes to communicate or reach a local device 1 10, an internal mobile packet data interface 603 may be provided, for example for converting an address within the internet network 106, for example an IP address, to an address that can be used in the mobile network 104, for example an IMSI or MSISDN. An optional alias lookup module 605 may be provided. Thereafter, packets routed by the mobile network 104 from the internet network 106 are routed from the mobile network 104 to the local device 1 10 via the gateway module 100 as described above.
Figure 7 shows another example of a gateway module 100 in greater detail. In the example of Figure 7 the gateway module comprises a local network interface 101 , a mobile network interface 103 and a linking module 105. The local module interface 101 comprises, for example, an industrial, scientific and medical (ISM) radio band interface 101 1 , a Bluetooth interface 1012, a Zigbee interface 1013, a WiFi interface 101 and a UM interface 1015, (i.e. 3GPP radio interface between a radio base station and mobile phone/device). Other interfaces, including wireless and wired interfaces may also be provided. Such local network interfaces 101 may interface with any type of local device, for example a portable tablet device 1 10i , a mobile telephone 1 102, an ISM wireless sensor 1 1 O3, a wireless device 1 104, a wireless audio/video device 1 105, a wireless meter device 1 10e, or a wireless temperature sensor 1 107. It will be appreciated that these are merely examples, and that other devices may also be connected as local devices.
In a similar manner to that described above, when a new local network device connects to the gateway module 100 (or proxy gateway) for the first time, the gateway module associates one of its stored operator attributes with the local device. In one embodiment, the gateway module 100 comprises a pool of SIM credentials that can be linked to local devices during service discovery of a device in the local network, e.g. when service detection in a WiFi network identifies a new MAC address. The linking module 105, which may comprise identity enabler logic, can associate one of its 3GPP identities, such as an IMSI and/or associated MSISDN, with that local network device. In one example, prior to associating an operator attribute with the local device, the linking module may first perform authentication procedures to authenticate the local device, for example using existing local network protocols and authentication procedures.
Upon connection of a new local device to the gateway module, the gateway module may signal up towards a mobile network, for example to a mobile gateway of a mobile network, that a local device with the operator attribute that has been associated with it (such as an IMSI or MSISDN), wishes to attach to the mobile network. Following existing 3GPP protocols between the linking module 105 and mobile network nodes (such as a 3GPP core network nodes) the local device having the associated IMSI or MSISDN is attached to the mobile network. The gateway module 100 may be connected to the mobile network through a 3GPP access such as "A", "S1 " or equivalent for 4G or 5G, as shown in Figure 7.
Figure 8 shows an example of a method in a gateway module for managing communication between a local device of a local network and a mobile network, according to an embodiment. The method comprises associating an operator attribute, from a set of operator attributes related to the mobile network, with a local address of the local device, step 801 .
In one example, an operator attribute may comprise an International Mobile Subscriber Identity (IMSI), or an alias associated with an IMSI, for example a Mobile Station International Subscriber Director Number (MSISDN) associated with an IMSI. Other Subscriber Identity Module (SIM) credentials, such as encryption secrets, may also be associated with an operator attribute.
In one example, associating an operator attribute with a local address of a local device is performed in response to detecting that a new local device has connected to the gateway module. In another example, associating an operator attribute with a local address of a local device is performed in response to detecting that a new local device has connected to the local network. In another example, associating an operator attribute with a local address of a local device is performed in response to receiving a notification that a new local device has connected to the local network.
The method may further comprise the step of authenticating a local device prior to associating an operator attribute to that local device.
Referring to Figure 9, the method may further comprise the steps of receiving from the mobile network a request to establish communication with a local device, step 901 , determining a local address of the local device using an operator attribute received with the communication request, step 903, and establishing communication with the local device having the determined local address, step 905. In one example the step of determining a local address comprises comparing a previously compiled list of associations between operator attributes and local addresses. According to another embodiment, there is provided a computer program configured, when run on a computer, to carry out a method as described above. According to another embodiment, there is provided a computer program product comprising computer readable medium and a computer program as described above stored on the computer readable medium.
Figure 10 shows an apparatus 1000 according to an embodiment, comprising a processor unit 1001 and a memory 1003, wherein the processor unit 1001 is configured to perform operations stored in the memory 1003, for performing a method as described herein. The processor could be any combination of one or more of a suitable central processing unit (CPU), multiprocessor,
microcontroller, digital signal processor (DSP), application specific integrated circuit (ASIC) etc., capable of executing software instructions contained in a computer program stored in a computer program product. The embodiments described herein enable a mobile network to activate one or more legacy functions associated with true 3GPP devices, such as Charging Data Records, Quality of Service (QoS) functions, policy functions,
management functions and more. Indeed, to the mobile network the local device has in essence become a 3GPP device. As such, the mobile network can identify and manage the local device as if it were a device equipped with a 3GPP modem.
The local device can, from the viewpoint of the other end, act like a local network device. Indeed, in one embodiment of the invention the local device may not even be aware of the presence of the gateway module. Such an embodiment has an advantage that the gateway module can be used not only for new-design local devices, but also for legacy local devices regardless of which local network standard or protocol is used. The local device will see the gateway module as a standard communication server.
The embodiments of the present invention may be used in numerous applications. Examples of use cases for the embodiments described herein is the delivery of media from a cloud or web service to a local device connected through a local or capillary network, such as NetflixR™ or SpotifyR™. Another example could be a cloud service communicating and interacting with local devices in local networks (for control, surveillance, collecting or posting information etc.).
Applications of the embodiments described herein may also be found within home appliances, construction sites, factories, facility management, and so on.
The embodiments described herein provide function and protocols associated with the gateway module, and architecture for including the gateway module in the combined mobile network and local network logical architecture.
Within the above architecture, procedures may be provided for creating, maintaining and using an association between the identity of the local device in a local network and the identity of that device in the mobile network.
The gateway module may be implemented in a standalone physical node, or alternatively form part of a base station node or a cloud based function.
In one embodiment a local device may be provided with a local address when the local device is being manufactured. In another embodiment, the gateway module itself may provide a local device with a local network address, for example upon a local device connecting to the gateway module for the first time. In another example, the MAC address of a local device may be stored in a local network filter, for example a Wi-Fi, Zigbee, or IPv6 over Low Power Wireless Personal Area Network (6L0WPAN) etc. A request to an external security server may also be used to enforce device and network security policies. In one embodiment, neither local devices nor the mobile network have to be modified in order to provide the functionality of the gateway module, whereby the mobile network interface and local network interface of the gateway module provide the communications protocols for communicating between the mobile network and the local network.
The embodiments described herein may be provided with security provisions when allocating global identities to devices in capillary networks. A gateway module responsible for a local network may manage a pool of EUICC device SIM credentials, and can signal to a number portability node (for example a flexible number register, FNR) to rout traffic to and from a client with MSISDN to the IMSI allocated to a local device MAC and further to the local capillary network address. The gateway module can also signal to the number portability node (FNR) to release "MAC MSISDN" from IMSI when the local device is detached from the local network.
As mentioned above, a device may be attached to the gateway module or femto capillary (e.g. Wi-Fi), for example upon a WiFi network verifying a MAC against known MACs (MAC filtering standard) or through external policy enforcement. If known (or approved by policy enforcement), a device is connected to a free (i.e. unused) IMSI from the pool of IMSIs. An MSISDN may be assigned as an alias for the MAC as an external identity.
When a device is detached from a local network, a WiFi network can detach the MAC address when the link to the device is lost, and the WiFi network can request the gateway module to release IMSI and the binding or linking of the IMSI and MAC.
The embodiments described herein can bring a number of values to several entities in the systems of the Internet of things, or to the networked society, to mobile communication, and to machine to machine communication. Examples described herein have an advantage that they do not require any redesign of the local network devices, which in turn can lead to the advantages of enabling the embodiments to the used in combination with legacy capillary network devices, thus not increasing the complexity (or cost) of a local network device itself.
The embodiments described above have an advantage that devices connected to a local or capillary network can be provided with a globally known
communication identity, which makes it easier for servers outside the capillary network to reach and address these devices.
The embodiments enable a device identity (e.g. MAC address) to be linked to a globally known identity from a mobile network (e.g. IMSI / MSISDN). The embodiments enable external servers or devices to contact a local device, without necessarily requiring any design or re-design of the local network devices. This means that embodiments of the invention can be used without increasing the cost of the devices themselves, without special requirements put on the device manufacturers and indeed also for legacy devices already deployed. Servers or equipment external to the local network can address the device using SIM credentials such as IMSI, or an alias such as MSISDN.
The mechanism proposed by the embodiments described herein is independent of the actual capillary network technology uses to connect the device to the network.
The embodiments of the invention may also be used selectively in a fleet of local or capillary devices, meaning that associating a globally known identity can be provided to selected devices while other devices can be left without this association, even on a dynamic basis. The embodiments described above make it possible for mobile operators to significantly increase the addressable market for connected devices and machine to machine services. The embodiments also makes it possible for an operator to reduce the life-cycle cost for capillary network devices since already existing management systems can be used also for non-3GPP devices.
Some of the advantages for mobile network operators therefore include providing an operator with the possibility of offering management to devices of a local network (e.g. connectivity, configuration and security), thus providing connectivity outside their own physical network. Mobile operators may also leverage on existing systems designed to manage devices in mobile networks carrying IMSI/MSISDN identities to manage also devices in capillary networks that lack the IMSO/MSISDN identity capabilities. An advantage for service providers is that the embodiments can provide them with connectivity and the ability to manage devices behind gateways in capillary networks, in an easy and secure way. An advantage for device vendors is that the embodiments provide the devices with a secure international reusable identity based on SIM credentials to which an alias can be linked to.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design many alternative embodiments without departing from the scope of the appended claims. The word "comprising" does not exclude the presence of elements or steps other than those listed in a claim, "a" or "an" does not exclude a plurality, and a single processor or other unit may fulfil the functions of several units recited in the claims. Any reference signs in the claims shall not be construed so as to limit their scope.

Claims

1 . A gateway module for managing communication with a local device of a local network, the gateway module comprising:
a local network interface for interfacing with a local device; a mobile network interface for interfacing with a mobile network; and a linking module for linking an operator attribute, from a set of operator attributes associated with the mobile network, with a local address of a local device.
2. A gateway module as claimed in claim 1 wherein the linking module links an operator attribute with a local address of a local device in response to:
the local network interface detecting that a new local device has connected thereto; or
in response to the local network interface detecting that a new local device has connected to the local network; or
the local network interface receiving a notification that a new local device has connected to the local network.
3. A gateway module as claimed in claim 1 or 2, wherein the linking module authenticates a local device prior to linking an operator attribute to that local device.
4. A gateway module as claimed in claim 3, wherein the authentication is performed using authentication procedures of the local network.
5. A gateway module as claimed in any one of claims 2 to 4 wherein, upon connection of a new local device to the local network interface, the mobile network interface signals to the mobile network that a local device with an associated operator attribute wishes to attach to the mobile network.
6. A gateway module as claimed in any one of the preceding claims, wherein the linking module, in response to the mobile network interface receiving a request to establish communication with a local device, determines a local address of the local device using an operator attribute received with the communication request, for establishing communication with a local device having the determined local address.
7. A gateway module as claimed in any one of the preceding claims, comprising a memory for storing a list of associations between operator attributes and local addresses of local devices.
8. A gateway module as claimed in any one of the preceding claims, wherein the local network interface communicates with the local network device using local network communication protocols.
9. A gateway module as claimed in any one of the preceding claims wherein the mobile network interface communicates with the mobile network using mobile network protocols.
10. A gateway module as claimed in any one of the preceding claims, wherein an operator attribute comprises:
identifier information for identifying a local device within the mobile network;
an International Mobile Subscriber Identity, IMSI; or
an alias associated with an IMSI; or
a Mobile Station International Subscriber Director Number,
MSISDN, associated with an IMSI.
1 1 . A method in a gateway module for managing communication between a local device of a local network and a mobile network, the method comprising: associating an operator attribute, from a set of operator attributes related to the mobile network, with a local address of the local device.
12. A method as claimed in claim 1 1 , wherein the step of associating an operator attribute with a local address of a local device is performed in response to:
detecting that a new local device has connected to the gateway module; or
detecting that a new local device has connected to the local network; or
receiving a notification that a new local device has connected to the local network.
13. A method as claimed in claim 1 1 or 12, further comprising the step of authenticating a local device prior to associating an operator attribute to that local device.
14. A method as claimed in any one of claims 1 1 or 13, further comprising the steps of:
receiving from the mobile network a request to establish communication with a local device;
determining a local address of the local device using an operator attribute received with the communication request; and
establishing communication with the local device having the determined local address.
15. A method as claimed in claim 14, wherein the step of determining a local address comprises comparing a previously compiled list of associations between operator attributes and local addresses.
16. A computer program configured, when run on a computer, to carry out a method according to any one of claims 1 1 to 15.
17. A computer program product comprising computer readable medium and a computer program according to claim 16 stored on the computer readable medium.
18. An apparatus comprising a processor unit and a memory, wherein the processor unit is configured to perform operations stored in the memory, for performing a method as claimed in any one of claims 1 1 to 15.
PCT/EP2015/052861 2015-02-11 2015-02-11 Apparatus and method for managing communication with a local device of a local network WO2016128039A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2015/052861 WO2016128039A1 (en) 2015-02-11 2015-02-11 Apparatus and method for managing communication with a local device of a local network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2015/052861 WO2016128039A1 (en) 2015-02-11 2015-02-11 Apparatus and method for managing communication with a local device of a local network

Publications (1)

Publication Number Publication Date
WO2016128039A1 true WO2016128039A1 (en) 2016-08-18

Family

ID=52469044

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2015/052861 WO2016128039A1 (en) 2015-02-11 2015-02-11 Apparatus and method for managing communication with a local device of a local network

Country Status (1)

Country Link
WO (1) WO2016128039A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106535172A (en) * 2016-12-28 2017-03-22 中国移动通信集团江苏有限公司 Method, apparatus and server for determining to-be-reminded terminal

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2001194A2 (en) * 2007-06-09 2008-12-10 King's College London Inter-working of networks
US20130097418A1 (en) * 2011-10-17 2013-04-18 Yogesh Bhatt Methods and apparatuses to provide secure communication between an untrusted wireless access network and a trusted controlled network
EP2658301A1 (en) * 2012-04-26 2013-10-30 Juniper Networks, Inc. Non-mobile authentication for mobile network gateway connectivity

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2001194A2 (en) * 2007-06-09 2008-12-10 King's College London Inter-working of networks
US20130097418A1 (en) * 2011-10-17 2013-04-18 Yogesh Bhatt Methods and apparatuses to provide secure communication between an untrusted wireless access network and a trusted controlled network
EP2658301A1 (en) * 2012-04-26 2013-10-30 Juniper Networks, Inc. Non-mobile authentication for mobile network gateway connectivity

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106535172A (en) * 2016-12-28 2017-03-22 中国移动通信集团江苏有限公司 Method, apparatus and server for determining to-be-reminded terminal
CN106535172B (en) * 2016-12-28 2019-12-13 中国移动通信集团江苏有限公司 Method and device for determining terminal to be reminded and server

Similar Documents

Publication Publication Date Title
CN102017677B (en) Access through non-3GPP access networks
US9967738B2 (en) Methods and arrangements for enabling data transmission between a mobile device and a static destination address
JP6909772B2 (en) Infrastructure-based D2D connection configuration using OTT services
US11659621B2 (en) Selection of IP version
KR20140072193A (en) Architecture for virtualized home ip service delivery
WO2012130085A1 (en) Method and device for establishing connection with network management system, and communication system
KR20140072908A (en) Providing virtualized visibility through routers
WO2015005158A1 (en) Communication control method, terminal device, and base station device
CN114205925B (en) Control device and storage medium
JP2017528074A5 (en)
WO2012089001A1 (en) Ip address allocation method and device
CN113439459B (en) Method and apparatus for proxy deployment
EP2477372A1 (en) Method, device and terminal for obtaining terminal identifier
CN116210252A (en) Network operations to receive user consent for edge computation
US20240098583A1 (en) PDU session continuity for a UE moving between a telecommunications network and a gateway device
WO2016128039A1 (en) Apparatus and method for managing communication with a local device of a local network
WO2018149482A1 (en) Providing access to a device
JP4802238B2 (en) How to set up a network-based tunnel for mobile terminals in a local network interconnection
EP2897417A1 (en) Pdn service realizing method, system and network element
US20160142366A1 (en) Method and system for automatic provisioning of enterprise private network over 3g/4g mobile wireless networks while maintaining respectively consistent identities
EP3063964B1 (en) Device-to-device discovery and control in a wide area network
CN116235515A (en) Security protection for user consent for edge computing
CN116889004A (en) Authentication indication for edge data network relocation

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15703988

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15703988

Country of ref document: EP

Kind code of ref document: A1