Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04W—WIRELESS COMMUNICATION NETWORKS
  • H04W8/00—Network data management
  • H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04W—WIRELESS COMMUNICATION NETWORKS
  • H04W8/00—Network data management
  • H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
  • H04W8/20—Transfer of user or subscriber data
  • H04W8/205—Transfer to or from user equipment or user record carrier
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04W—WIRELESS COMMUNICATION NETWORKS
  • H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
  • H04W12/06—Authentication
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04W—WIRELESS COMMUNICATION NETWORKS
  • H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
  • H04W12/30—Security of mobile devices; Security of mobile applications
  • H04W12/35—Protecting application or service provisioning, e.g. securing SIM application provisioning
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04W—WIRELESS COMMUNICATION NETWORKS
  • H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
  • H04W12/40—Security arrangements using identity modules
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
  • H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
  • H04L41/40—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using virtualisation of network functions or resources, e.g. SDN or NFV entities
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04W—WIRELESS COMMUNICATION NETWORKS
  • H04W24/00—Supervisory, monitoring or testing arrangements
  • H04W24/08—Testing, supervising or monitoring using real traffic
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04W—WIRELESS COMMUNICATION NETWORKS
  • H04W8/00—Network data management
  • H04W8/30—Network data restoration; Network data reliability; Network data fault tolerance

Definitions

• This disclosure falls within the field of telecommunications network operations management and more particularly network operations management using software functions governed by associated operating licenses.
• NPN non-public networks
• service providers integrate virtual software functions into the architecture of the network, such functions having operating conditions for the deployed services specified by right-of-use licenses associated with these software functions.
• service operating conditions may, for example, relate to the maximum number of simultaneous connections to a service as supported by the deployed network.
• the operation of the deployed network involves in particular the connection to the network of the various terminals constituting the fleet of customer equipment.
• This attachment can in particular be subscribed by the customer via an offer allowing the customer to benefit from a single contract while authorizing the various terminals of the customer's equipment fleet to be associated with this contract.
• Such an offer then involves the service provider providing several service profiles for the same contract, each profile being able to be downloaded onto an electronic security processor (known as Embedded Subscriber Identity Module, embedded SIM or eSIM) most often integral with 'a terminal.
• an electronic security processor known as Embedded Subscriber Identity Module, embedded SIM or eSIM
• the customer also lacks visibility on the operation of the deployed network with regard to the conditions of use of the software functions used for the construction of the deployed network as specified by the operating licenses, which potentially leads to overuse or, on the contrary, to underuse of the real capacities of the deployed network.
• a management server of a provider of a plurality of services for managing service profiles relating to a service of the plurality, the profiles being attributable to communication terminals accessing a communication network supporting said service, the method comprising: a) receiving a first management server update message from an access manager, said first message comprising at least one update of a first total number of active service profiles on the communication network, b) a reception of a second update message from the management server originating from an authentication server, said second message comprising at at least one update of a second total number of active service profiles on the communication network, c) management of access to the service by at least one comparison between the first total number of active service profiles on the network at the communication network and the second total number of active service profiles on the communication network.
• the method allows both a customer operating the services of a communication network and the network service provider to manage the access and use of the network services.
• access and use management consists in particular in regularly ensuring that the number of service profiles registered by the supplier and authorized to be activated on the network is identical to the number of service profiles actually active and used on the network by the client. This makes it possible to detect any active profiles on the network without the customer's authorization (these profiles being qualified as "ghost profiles") or any problems of correspondence between the information systems of the customer and the supplier.
• the proposed method consists in updating a management server making it possible to ensure visibility of the access and use of the network, in particular within the framework of a management of service profiles subscribed for a customer's fleet of terminal equipment.
• the management server therefore makes it possible to centralise, on the one hand, information on the use of network services by the client, via the update operated by the access manager, and, on the other hand, authentication information. recorded by the supplier, via the update operated by the authentication server.
• Such centralization of information by the management server provides overall visibility on the level of use of network services by the customer and allows both the customer and the supplier to control the consistency of operation of network services. .
• the access manager can correspond to a platform for managing service profiles activated on communication terminals, and more particularly on security modules of the "eSIM" (or embedded Subscriber Identity Module) card type allowing a communication terminal to download service profiles as part of a virtualized connectivity offer.
• the access manager is then able to create, at the request of the service provider, service profiles that can be downloaded onto the eSIM cards of communication terminals.
• the access manager can in particular communicate directly with a communication terminal of the client, for example when the terminal wishes to activate its profile created by the access manager.
• the access manager can in particular list the service profiles that it has created and effectively activated on the eSIM cards of the communication terminals.
• the first update message from the management server coming from the access manager can contain information relating to the service profiles actually activated and makes it possible to reflect a real state of use of the services of the network by the client.
• the authentication server is mainly attached to an authentication database making it possible to record the service profiles subscribed to by the customer, their activation status and other information, in particular related to the various communication terminals using saved profiles.
• the authentication database of the authentication server thus contains all the information relating to the service profiles as recorded by the provider.
• the second update message from the management server coming from an authentication server can contain information relating to the service profiles registered by the supplier under an "active" type activation status and makes it possible to reflect the profiles authorized by the supplier to access the network.
• the updates of the service profiles recorded by the authentication server on the one hand, and by the access manager on the other hand, are made a priori without mutual checks of consistency between the authentication server and the access manager, so that the information recorded by the authentication server may differ from the information recorded by the access manager.
• the management of access to the services of the network by the management server then makes it possible in particular to verify such consistency of information recorded.
• Such a process can be implemented periodically, for example as part of an audit of the service provider's information system, so as to have visibility at regular intervals on the management of access to supplier services by each customer.
• the method is implemented after acceptance of a request from a current terminal for modifying the allocation of a current profile among the subscribed service profiles.
• a current profile assignment modification request can be initiated by a current terminal among the client's communication terminals and may relate to a current profile among the service profiles subscribed to by the client.
• a current profile is defined as a service profile which is the subject of the request and which is allocated to the customer within the framework of a connectivity offer subscribed by the customer with the service provider for example. Such a current profile may have been activated by the client (for example during a previous request) or may also be inactive (if the client has not yet activated the current profile for example).
• a common terminal is defined as a communication terminal that is part of the customer's fleet of equipment, this equipment being able to be attached to the communication network so as to use the services provided by the supplier within the framework of a subscribed connectivity offer. by the customer.
• the communication terminal concerned by the request is referred to as the “current terminal”.
• a current terminal may, at the time of initiating a request, already be attached to the network deployed by an active service profile (which may or may not be the current profile) or be not connected to the network (for example if the current terminal n does not yet have an associated active service profile).
• a request to modify the allocation of the current profile by the current terminal can then consist of requesting the activation of the current profile on the current terminal in order to attach this current terminal to the network and thus record an addition of the profile current to all service profiles activated on the network.
• the current profile allocation modification request by the current terminal can also consist of requesting disassociation between the current profile and the current terminal initially in correspondence, and thus recording a deletion of the current profile from all the profiles of services activated on the network.
• the request can be processed according to procedures existing installation and uninstallation of service profiles so as to lead to an acceptance or not of the request resulting in a modification of access to the service profiles subscribed to the network.
• the process for updating the management server and managing access to network services can be triggered when the service provider receives, via a man-machine interface for example, a request from a current terminal requesting the modification of allocation of a current profile by a current terminal and that this request is validated by the supplier, for example after execution of existing verification procedures making it possible to validate the request.
• the steps of the proposed method are then initiated, for example when the service provider determines that the current profile can be associated with the current terminal (in the context of an add request) or that the current profile can be deleted from the current terminal (in the context of a delete request) and the provider triggers the recording of the change accordingly.
• the management server can in particular receive a notification, an activation or any other signal sent, for example, by the access manager, by the authentication server or more generally by the service provider. services, in order to signal the acceptance of a new allocation modification request by the provider and a new imminent update of the management server, which triggers the proposed method.
• a management server of a supplier of a plurality of services comprising at least:
• management server being adapted to implement the method as described.
• a computer program comprising instructions for implementing the method as described when this program is executed by a processor.
• the management server further comprises at least one value relating to a maximum number of service profiles that can be activated simultaneously on the communication network.
• the management server makes it possible in particular to compare the number of active service profiles on the network as recorded by the authentication server, the total number of active service profiles on the network as recorded by the access manager and the maximum number of service profiles that can be activated simultaneously on the network, so as to control the use of the services of the network by the customer in relation to the operating conditions of this network.
• the access management process described can then consist in carrying out several comparisons: on the one hand, one or more consistency comparisons of the information recorded by the authentication server and by the access manager, and on the other hand , a comparison of this information (for example, whether this information is consistent) with the conditions of use of the network services.
• the management server thus allows centralization of information, which offers visibility to the client (for example by direct read access of the management server at any time) on his level of use of the services to which he has subscribed.
• This centralization of information at the level of the management server potentially allows the supplier to identify a need to update the customer's subscription offer so that the dimensioning of the network as subscribed by the latter (for example, in terms of maximum number of profiles supported simultaneously by the network) or consistent with its actual use of the network (for example, in terms of the number of profiles actually active simultaneously on the network).
• the management server can also include several values relating to several different maximum numbers of service profiles that can be activated simultaneously on the communication network. This is particularly the case when several software functions are used by the supplier in the construction of the network and that each software function corresponds to a distinct operating license.
• the management server is readable by at least one client of the service provider via a man-machine interface.
• the method offers real-time visibility of the use of network services by the customer and allows management of access to network services visible to the customer.
• the reading of the management server in the context of the process allows the customer to detect a possible problem of correspondence between the information systems of the supplier and the customer and to detect any anomaly of use such as the presence of active profiles on the network without customer's authorization or believed to have been removed from the network by the customer.
• reading the management server allows the client to verify, within the framework of the management of subscribed service profiles and the general operation of network services, that the capacities of the network are not exceeded in accordance the conditions of use subscribed to by the customer and more generally, that the network is operated as accurately as possible by the customer in terms of its capacities and its sizing.
• the reading of the management server centralizing all the information, in particular concerning the rights of use of the network potentially allows the customer to identify a possible need to adapt the sizing of the network to the actual use made of it by the customer, for example by a change of offer subscribed by the customer with the supplier.
• the maximum number of service profiles that can be activated simultaneously on the communication network is predefined by at least one communication network operating license.
• the method makes it possible to link, via the management server, information on the operation of the network by the client and the content of the network operating licenses defining the usage rights relating to the network.
• these rights of use being typically unknown and poorly correlated to the actual use of the network by the customer.
• the service provider corresponding for example to a mobile network operator
• These Terms of Use are detailed in Network Operating Licenses and may relate to various aspects of the Provider's Customer's use of the Network.
• a right to use the network may relate to a maximum number of service profiles that can be activated simultaneously on the communications network.
• the customer subscribes to a communication offer with the supplier, the customer subscribes to as many operating licenses as there are potential network users (this number of users typically corresponding to the number of communication terminals that the client wishes to attach to the network).
• the customer and the supplier generally lack visibility on the consistency of use of the network in relation to the operating licenses taken out.
• the method allows both the customer and the supplier to ensure that the operating licenses as subscribed by the supplier for the construction of the network are respected by the customer.
• profile access management via the management server can make it possible to check that the maximum number of service profiles that can be activated simultaneously on the communication network is not exceeded, in particular each time the allocation of a service profile by the client (in particular each time an activated profile is added to the network).
• This access management then allows the customer and/or the supplier to adapt the offer subscribed to by the customer so that the capacities of the network correspond best with the needs of use of the customer.
• the first message further comprises at least one update of an association between:
• the second message further comprises an update of an association between:
• network access management makes it possible not only to check the consistency of the number of active service profiles on the network but also the different associations between each active service profile and each terminal attached to the communication network.
• this allows both the customer and the supplier to ensure that the profiles activated among all the service profiles subscribed to by the customer are indeed the profiles actually requested and used by the customer (and therefore to identify a possible problem in processing a request to add a service profile by the provider by activating a profile instead of another example) and that each activated profile is indeed associated with a communication terminal designated by the customer.
• the management server includes data indicating an anomaly if the first total number of active service profiles on the communication network and the second total number number of active service profiles on the communication network are not equal.
• the method makes it possible to notify the client, via the management server, (which the client can for example read directly via a screen of a communication terminal) that access to the network and its use comprise a irregularity due to the fact that the number of profiles listed by the supplier via the authentication server is different from the number of profiles actually used by the client and listed by the access manager.
• This then allows the client to regularize access to the network (for example by requesting the deletion of a profile activated by mistake by the provider and not used by the client) in order to update the management server and ensure again of the consistency of the information contained in the control register.
• the method can also allow the supplier to be notified, via the management server, of an irregularity in the operation of the network due to the fact that the number of profiles listed by the supplier via the authentication is different from the number of profiles actually used by the client and counted by the access manager.
• the supplier can then contact the customer or, for example, temporarily suspend any new request to add customer service profiles until the situation of irregularity is regularized (for example, until the customer requests the deletion of a profile activated by mistake by the provider and not used by the customer).
• the service access management further comprises a comparison of the first total number and/or of the second total number of active service profiles on the communication network with at least the maximum number of profiles services that can be activated simultaneously on the communication network.
• the management of the network may further comprise several comparisons between the first total number and/or the second total number of active service profiles on the network of communication and several maximum numbers of users connected to the network corresponding to different operating licenses.
• the operating license is updated if, after comparing the first total number and/or the second total number of active service profiles on the communication network with the maximum number of service profiles that can be activated simultaneously on the communication network, the first total number and/or the second total number of active service profiles on the communication network does not correspond to the maximum number of service profiles that can be activated simultaneously on the network network, said updating of the operating license consisting in modifying the maximum number of service profiles that can be activated simultaneously on the communication network.
• the method makes it possible at least to identify a need to adapt the connectivity offer subscribed by the customer to the supplier in an "intelligent" way, according to the actual level of exploitation of the capacities of the network by the customer.
• Updating the operating license may consist of increasing the number of licenses associated with the offer subscribed to by the customer, so as to increase the maximum number of service profiles that can be activated simultaneously on the communication network if the management of Access to network services reflects overexploitation of the network, namely that the client simultaneously activates a number of service profiles greater than the maximum number of service profiles that can be activated simultaneously on the communication network.
• the management server can trigger a request to update the client's connectivity offer, for example by executing an update of the smart contract type subscription contract.
• the updating of network operating licenses is carried out by the vendors of the relevant software functions, for example by carrying out a network software update.
• the proposed process thus allows the service provider as well as the customer to manage access to network services by the customer and to best adapt the connectivity offer subscribed to by the customer to his actual need for use.
• FIG. 1 shows an update operation of a management server allowing network management according to one embodiment.
• FIG. 2 shows a succession of steps implemented by a management server allowing network access and use management according to one embodiment.
• FIG. 3 schematically illustrates a hardware structure of a management server according to one embodiment.
• FIG. 1 illustrates an operation implemented within a computerized system of a service provider MNO deploying a communication network available to a customer CL.
• This operation makes it possible, for example following a request received from a current terminal UE1 concerning a modification of the allocation of a current profile P1 subscribed by the client CL, to update a management server VNF-the ensuring among other things, both management of access to the deployed network and operational consistency control of the deployed network.
• the client CL can be a company, for example an industrial company, subscribing to a communication offer from a communication service provider MNO for the use of one or more several of its services, such a service provider MNO corresponding for example to a mobile network operator (“Mobile Network Operator” or MNO).
• the subscription then includes the deployment of a communication network supporting the subscribed service(s), for example a non-public network (“Non Public Network” or NPN) deployed by the operator MNO to which the client company CL can connect its fleet terminal equipment comprising the current terminal UE1.
• NPN non-public network
• a terminal equipment UE1 can equally well correspond to user equipment of the smartphone type and to any type of connected mobile object or module within the framework of the Internet of Things (“Internet of Things” or loT).
• the communication of the terminal equipment of the client CL is ensured by a connection to the network deployed by the service provider MNO in accordance with service profiles (or access profiles) subscribed by the client CL with the operator MNO.
• the subscription of service profiles can be done via a so-called classic offer using physical security processors or via a so-called virtualized connectivity offer using electronic security processors or eSIM.
• the physical security processor of a terminal equipment commonly called “SIM card” for "Subscriber Identity Module” is an insertable and removable physical support of a terminal equipment allowing to embark a set of data and associated applications, this set of data and associated applications that make up a service profile.
• terminals no longer directly include a physical security processor, of the SIM card type, but rather a security processor in the form of a software module directly implanted in the terminal.
• This is the electronic SIM card (“embedded SIM”) or eSIM. All of the data and associated services constituting a service profile can then be downloaded onto the eSIM of each terminal as part of a virtualized connectivity offer involving a fleet of terminals.
• the terminal equipment of the client CL each contains a security module and is compatible with the subscription to a connectivity offer for a fleet of terminals.
• the security module is typically an “eSIM” type card, also called “eULCC” (“embedded Universal Integrated Circuit Card”) or non-removable SIM card. No limitation is attached to this type of card.
• the security module is a smart card with an operating system offering the functionalities of an eUlCC type card.
• the security module is integrated into each terminal, thus forming a single entity.
• the security module is an inviolable dedicated platform, comprising hardware and software, capable of securely hosting applications and their confidential and cryptographic data and providing a secure application execution environment, these applications and data forming for example a downloadable service profile reversibly on the security module of the terminal.
• the customer CL subscribes to a certain number of service profiles (including the current profile P1) with the service provider MNO, the number of subscribed profiles depending for example on the number of terminals from the CL customer's equipment fleet to be attached to the deployed network.
• Each subscribed service profile can then be downloaded and active on a single terminal in the CL customer's equipment fleet at a time.
• the management of subscribed service profiles and terminals connected to the deployed network can be managed, at least partially, by the client CL.
• the client CL can request the addition, deletion or modification of a service profile and can also modify the associations between a service profile and a given terminal, for example by unassociating an active service profile on a given terminal or on the contrary by associating a service profile that can be activated on a given terminal.
• These modifications can in particular be managed by the service provider MNO in the form of requests addressed by the client CL and processed by the service provider MNO.
• This description is placed in the context of the technical specifications of the GSMA in particular described in sections 3.1.1 and 3.1.4 of the document RSP Technical Specification, Version 2.0 (14 October 2016).
• a request to modify the allocation of a current profile P1 to a terminal UE1 represented by steps S1, S2a and S2b, S3 and S4 of FIG. 1 can be processed according to existing procedures as mentioned in the specifications techniques.
• a current terminal UE1 belonging to the customer equipment fleet CL makes a request to modify the allocation of a current profile P1 belonging to the profiles of service subscribed by the CL customer via the connectivity offer.
• FIG. 1 is placed in a common situation in which a connectivity offer has already been subscribed to by the customer CL and a fixed number of activatable service profiles has been previously allocated to the customer CL by the supplier MNO.
• the definition of the CL customer's connectivity offer may involve, according to existing methods, the creation of "activation code" type identifiers matched with the service profiles allocated to the CL customer and subsequently recognizable by the supplier MNO and for example by the access manager SM.
• activation codes are then sent to the CL customer so that the various terminals of the CL customer's equipment fleet perform activation requests for the allocated service profiles by entering, for example, the activation codes provided.
• a certain number of subscribed service profiles have been activated and associated with terminals connected to the deployed network, for example, during previous requests made by the client CL to the supplier MNO and not represented on FIG. 1.
• FIG. 1 then represents a new request for modifying the allocation of a current profile P1 made by a current terminal UE1 among the fleet of equipment items of the customer CL.
• Such an allocation modification request may for example consist of requesting a disassociation between the current profile P1 and the current terminal UE1 in the case where a previously requested association (during a previous request) exists between the current profile P1 and the current terminal UE1.
• the allocation modification request can also consist of adding the new current profile P1 by associating it with the current terminal UE1, so as to add a new connection to the network deployed by the supplier MNO, for example in the case where the current profile P1 has been subscribed to and has never yet been downloaded to a terminal in the CL customer's equipment fleet.
• the current profile P1 allocation modification request is performed at step S1 by the current terminal UE1 by communicating with the system operator information MNO, for example via a human-machine interface HMI of the operator information system MNO.
• the content of such a current profile assignment modification request P1 transmitted to the supplier MNO by the current terminal UE1 may include: - a network identifier making it possible to identify the network concerned by the request, for example a NID (“Network Identifier”),
• an identifier IMEI1 making it possible to identify the current terminal UE1 in a unique way, for example an identifier IMEI ("International Mobile Equipment Identity”) or an identifier El D1 of a security processor integrated in the current terminal UE1 of the identifier type EID ( "Embedded Identity Document”),
• This identifier makes it possible to define the identity of the profile concerned in a unique way and can correspond for example to the activation code or authentication code communicated by the supplier MNO to the customer CL when subscribing to the offer and assigned in a unique way to a subscribed profile (in this case, the current profile P1).
• Such an activation code can for example include a “Matching ID” data type allowing the supplier MNO to recognize the current profile P1 concerned by the request.
• this identifier may correspond to any other value allowing the client CL to designate, uniquely or not, a profile targeted by the request from the current terminal UE1 among all the service profiles subscribed, for example the International Mobile Subscriber Identity (I MSI) in the context of second, third or fourth generation networks (2G, 3G or 4G) or the Subscription Permanent Identifier (SU PI) in the context of fifth generation networks (5G).
• I MSI International Mobile Subscriber Identity
• 2G, 3G or 4G second, third or fourth generation networks
• SU PI Subscription Permanent Identifier
• an identifier of the subscribed connectivity offer to which the current profile P1 is attached can be communicated by the supplier MNO to the customer CL when subscribing to the offer,
• the supplier's information system MNO After receiving such a request to modify the allocation of the current profile P1, the supplier's information system MNO identifies the current profile P1 concerned by the request, for example by association of the "Matching ID" received by the current terminal UE1 during the request with an identifier I MS11 known to the supplier MNO and uniquely associated with the current profile P1.
• the activatable current profile P1 can also be created by the supplier MNO at the end of step S1, for example in the case where the allocation modification request consists of requesting the activation of the current profile P1 on the current terminal UE1 and that the current profile P1 was not created by the supplier MNO when subscribing to the offer.
• the HSS authentication server is a "Home Subscriber Server” type server and mainly comprises an authentication database BDD_HSS recording information relating to the different subscriptions with the MNO provider, the different service profiles subscribed for a given customer subscription and their activation status in particular.
• the HSS authentication server corresponds in particular to the U DR (“User Data Registry”) server for 5th generation ( 5G ) mobile networks and formerly called the HLR (“Home Location Register”) server.
• the authentication server HSS in particular allows the service provider MNO to record the service profiles of terminals authorized to connect to the network.
• the authentication server HSS includes an update concerning the current profile P1 and the current terminal UE1 concerned by the request to modify the allocation of the current profile P1.
• the authentication database BDD_HSS takes account in particular, at the end of step S2a: - deletion of an existing correspondence between the network with identifier NID, the current terminal UE1 with identifier El D1 and the current profile P1 with identifier I MS11, and
• the supplier MNO then records via the BDD_HSS database of the authentication server HSS that the current profile P1 can again be activated by a communication terminal of the client CL and that the current terminal UE1 is once again able to accommodate a new profile service to connect to the network.
• step S1 If the current profile P1 assignment modification request received by the supplier MNO in step S1 consists in associating the current profile P1 with the current terminal UE1, the authentication database BDDJHSS takes account in particular, at the end of step S2a:
• step S2a an addition of a correspondence newly created in step S2a between the network with identifier NID, the current terminal UE1 with identifier El D1 and the current profile P1 with identifier I MS11, and - an increment of the total number N_HSS of service profiles recorded on the network by the authentication server HSS.
• the MNO provider then records via the BDD_HSS database of the HSS authentication server that the current profile P1 is activated and associated with the current terminal UE1.
• step S2a ensures that the current profile P1 is created by the provider MNO in a secure manner and that such a profile current P1 can be activated and used by the current terminal UE1.
• the update of the authentication database BDD_HSS of the HSS authentication server in step S2a can in particular take place after a procedure for validating the request by the provider MNO (not shown in FIG. 1 ), for example in order to ensure that the current profile P1 is not already activated and associated with another communication terminal or even that the current terminal UE1 does not already contain another active service profile for example.
• Various existing methods allow the provider MNO to determine whether the request from the current terminal UE1 is acceptable or not. Methods can thus consist, in the case of an association request between the current terminal UE1 and the current profile P1, in automatically disassociating any existing association between the current terminal UE1 and another service profile to replace the latter by the current profile P1.
• the supplier MNO transmits a message of refusal of the request to the current terminal UE1, for example via a refusal message sent by the manager of access SM to step S4.
• the authentication database BDDJHSS is not updated at step S2a and no new current profile P1 is created by the access manager SM at a step S2b.
• step S2b the supplier MNO transmits the information relating to the request to modify the allocation of the current profile P1 (including in particular the "Matching ID" relating to the current profile P1 and the identifier El D1 of the current terminal UE1) to the access manager SM so that the latter SM creates the current profile P1 to be specifically downloaded onto the security module eSIM with identifier El D1 of the current terminal UE1.
• the access manager SM corresponds in this context to an eSIM module management platform deployed by the supplier MNO of the "Subscriber Manager eSIM" type which corresponds to the SMDP server ("Subscription Manager Data Preparation") in the technical specifications defined by the GSMA association ("Global System for Mobile Communications Association”) or the grouping of the SMDP server and the SM-SR ("Subscription Manager Secure Routing") in the Machine-To-Machine (M2M) framework for example.
• the access manager SM then makes it possible to save the service profiles subscribed to by the client CL in the eSIM cards of the communication terminals of the client CL.
• step S2b in the case of a request to add the current profile P1 to the current terminal UE1 for example, the access manager SM then prepares the download data for the current profile UE1 that can be activated by the terminal.
• current UE1 by encapsulating these current profile data P1 in a message to be transmitted to the current terminal UE1 at a step S4, for example in the form of a QR code.
• the access manager SM can also check in the authentication database BDDJHSS of the authentication server HSS that the current profile P1 is indeed registered and can be activated by the current terminal UE1 .
• the access manager SM can check at step S3 that the disassociation of the current profile P1 and the current terminal UE1 is registered in the BDDJHSS authentication database.
• step S4 the access manager SM then transmits the confirmation of the required association modification to the current terminal UE1.
• the access manager SM effectively encapsulates the data linked to the current profile P1 with identifier I MS11 and transmits the data in encrypted form allowing the installation of the current profile P1 and its content in a message sent to the current terminal UE1 in step S4.
• This message can correspond to a digital code of the “QR code” type or any other type of message encapsulating the data of the current profile P1 and readable by the current terminal UE1 via a graphic sensor integrated into the current terminal UE1 for example.
• the message transmitted by the access manager SM to the current terminal UE1 in step S4 then contains the current profile P1 to be downloaded by the current terminal UE1 onto its eSIM security module.
• the access manager SM can simply transmit the confirmation that the disassociation has indeed been validated by the supplier MNO, in particular by checking at the step S3 that such disassociation is indeed recorded by the provider MNO in the authentication database BDD_HSS.
• the manager of access SM saves in a database BDD_SM or in a local memory specific to the access manager SM the modification of association concerning the network of identifier NID, the current terminal UE1 of identifier El D1 (corresponding here to the identifier of an eSIM module attached to the current terminal UE1) and the current profile P1.
• the access manager SM waits, at the end of step S4, for a return message from the current terminal UE1 before updating its database BDD_SM. This return message, not represented in FIG.
• step S4 can be a message confirming the correct reception by the current terminal UE1 of the message sent by the access manager SM in step S4 or else confirming the correct progress of the downloading of the data from installation of the current profile P1 in the case of a profile installation request for example.
• the access manager SM when the access manager SM receives, at the end of step S4, a confirmation from the client CL (for example via the terminal UE1) of the successful downloading of data from the current profile P1 to the current terminal UE1, the access manager SM updates its database BDD_SM by recording in turn that:
• the access manager SM If the accepted request consists on the contrary in requesting the disassociation between the current terminal UE1 and the current profile P1, when the access manager SM receives, at the end of step S4, a confirmation from the client CL (for example via the terminal UE1) that the disassociation has indeed been taken into account (for example that the eSIM module of the current terminal UE1 is indeed free again for a new association with a service profile), the access manager SM puts updates its BDD_SM database by recording in turn that:
• the total number N_SM of service profiles activated on an eSIM module and/or the associations registered by the access manager SM may potentially differ from the total number N_HSS of service profiles registered by the authentication server HSS and/or or the associations registered by the authentication server HSS in the event of any problems in processing the request signaled by the client CL at the end of step S4, the return message received by the access manager SM indicating for example that the current profile P1 could not be downloaded to the eSIM module of the current terminal UE1 (the QR code not being readable by the current terminal UE1 for example).
• the total number N_SM of service profiles activated on an eSIM module registered by the access manager SM will not be incremented and will therefore be lower than the total number N_HSS of service profiles registered by the authentication server.
• HSS The association between the identifiers NID, El D1 and I MS11 corresponding to an association between the current terminal UE1 and the current profile P1 will exist in the authentication database BDD_HSS of the authentication server HSS but absent from the database. BDD_SM data from the access manager SM.
• the access manager SM and the authentication server HSS centralize, among other things, the information contained in their respective databases BDD_SM and BDDJHSS as updated at the end of the request treated. This centralization of information is carried out within a VNF-le management server.
• the VNF-le management server is a register specific to the deployed network and contains in particular information relating to the rights of use associated with the respective operating licenses of the software functions used in the architecture of the network, such as the server of HSS authentication for example.
• the management server VNF-le contains for example information relating to a maximum number N_max of service profiles that can be activated simultaneously by the authentication server HSS on the deployed network, in accordance with the conditions of use of the authentication server HSS as subscribed by the HSS authentication server.
• the VNF-le management server can include several maximum numbers of concurrent users on the network, each maximum number being specific to each software function of the network.
• the access manager SM thus sends a first message to the management server VNF-le, this first message containing in particular information contained in the database BDD_SM or the memory of the access manager SM as updated by the latter after step S4 (for example, after receipt of a message confirming the correct processing of the request by the current terminal UE1).
• This updated information concerns for example:
• Such a first message sent by the access manager SM to the VNF-le management server in step S5 allows the VNF-le management server to include up-to-date information related to the service profiles such as actually activated and associated with the respective eSIM modules of the communication terminals of CL customers.
• the HSS authentication server sends a second message to the VNF-le management server, this second message containing in particular information contained in the BDD_HSS database of the HSS authentication server as updated. day by the latter at the end of step S2a.
• This updated information concerns for example: - the NJHSS total number of service profiles registered on the network as updated in the BDD_HSS database of the HSS authentication server, and/or
• Such a second message sent by the HSS authentication server to the VNF-le management server in step S6 allows the VNF-le management server to include up-to-date information related to the service profiles and their association with given terminals as actually validated by the authentication server HSS.
• the second message can be sent by the HSS authentication server to the VNF-le management server as soon as the authentication database BDDJHSS of the HSS authentication server is updated at from step S2a.
• the management server VNF-le also includes its own database BDD_LE containing information relating to the usage rights of each software function used in the deployed network and associated with an operating license.
• a database BDD_LE can in particular comprise the maximum number of simultaneous users on the network as defined by each of the software functions of the network, such as for example the maximum number N_max of service profiles simultaneously activated on the network by the authentication server HSS.
• the VNF-le management server can include:
• the COM communication interface of the VNF-le management server is also linked to a BDD_LE database containing information relating to the usage rights of each software function used in the deployed network and associated with an operating license, these information including, for example, the maximum number N_max of service profiles that can be activated simultaneously on the network by the authentication server HSS or even other maximum numbers of simultaneous users on the network defined by other vendors of software functions included in the network.
• a database BDD_LE can be directly integrated into the management server VNF-le;
• the memory unit MEM also stores the messages received from the access manager SM and the authentication server HSS.
• a processing circuit comprising a processor PROC and cooperating with the communication interface COMM for the execution of the method for managing access to the network as detailed below in the description of FIG. 2; and - a client interface INT enabling the management server VNF-le to display information resulting in particular from the execution of the network access control method by the processing circuit, so that this information can be read by the client CL (via one or more terminals in its equipment fleet, for example).
• FIG. 2 illustrates a method implemented by a management server VNF-le of the service provider MNO so as to operate a management of access and use of the services of the network by the client CL.
• the management server VNF-le receives a first update message from the access manager SM.
• This first message stored in the memory unit MEM of the management server VNF-le, contains in particular: - the total number N_SM of active service profiles on the network counted by the access manager SM following a last update of the database BDD_SM of the access manager SM, and/or
• the service profiles activated and associated with communication terminals connected to the network as recorded by the access manager SM following a last update of the database BDD_SM of the access manager SM .
• Such a first update message received by the management server VNF-le from the access manager SM in step S5 takes place in particular when, after processing a client request from a current terminal UE1 as shown in Figure 1, the access manager SM records:
• Such an update of the management server VNF-le by the access manager SM does not a priori take place (or at least does not modify the existing data) when the access manager SM transmits a rejection decision of the request in step S4 of FIG. 1 and that the database BDD_SM of the access manager SM is not modified for example.
• the first message received from the access manager SM is identical to a message previously received from the access manager SM.
• the management server VNF-le can receive the first message even in the absence of a new request for modifying the allocation of a current profile P1 accepted by the provider MNO and therefore of an update of the SM access manager data.
• the VNF-le management server can receive the first message as part of a periodic update of the VNF-le management server and/or as part of an audit, for example.
• step S6 the management server VNF-le receives a second update message from the authentication server HSS.
• This second message stored in the memory unit MEM of the management server VNF-le, contains at least: - the total number N_HSS of active service profiles on the network as recorded by the HSS authentication server following a last update of the HSS authentication server's BDDJHSS database, and
• the service profiles activated and associated with communication terminals connected to the network as recorded by the HSS authentication server following a last update of the BDDJHSS database of the HSS authentication server .
• Such a second update message received by the management server VNF-le from the authentication server HSS in step S6 takes place in particular when, after processing a client request from a current terminal UE1 as illustrated by FIG. 1, the authentication server HSS validates the request from the terminal UE1 and records:
• the second message received from the HSS authentication server is identical to a message previously received from the HSS authentication server.
• the management server VNF-le can receive the second message even in the absence of a new request for modifying the allocation of a current profile P1 accepted by the provider MNO and therefore of an update of the HSS authentication server data.
• the VNF-le management server can receive the second message as part of a periodic update of the VNF-le management server and/or as part of an audit, for example.
• the management server VNF-le performs network access and use management via a first comparison in step S7 .
• This first comparison consists of comparing the total number N_SM of active service profiles on the network counted by the access manager SM with the NJHSS total number of active service profiles on the network as activated by the HSS authentication server and to verify that these two values N_SM, N_HSS updated separately by the access manager SM and the HSS authentication server are equal.
• the equality of the N_SM and NJHSS values first of all guarantees that the total number of NJHSS profiles activated by the HSS authentication server and therefore to the knowledge of the MNO provider is the same as the total number of profiles N_SM actually activated on eSIM modules of the terminals and used on the network with the knowledge of the CL customer. If these two values N_SM and NJHSS are different, the management server VNF-le signals the presence of an irregularity in the use of the network in a step S9.
• the N_SM and NJHSS values may differ in the event of any problems processing the request signaled by the client CL via a return message received by the access manager SM indicating for example that the current profile P1 subject to the last request processed by the supplier MNO could not be downloaded to the eSIM module of the current terminal UE1 (the QR code not being readable by the current terminal UE1 for example) despite the activation of the current profile P1 by the server HSS authentication.
• the total number N_SM of service profiles activated on an eSIM module registered by the access manager SM will not be incremented and will therefore be lower than the total number N_HSS of service profiles activated by the authentication server. HSS.
• the association between the identifiers NID, El D1 and IMSI1 corresponding to an association between the current terminal UE1 and the current profile P1 will exist in the authentication database BDDJHSS of the authentication server HSS but absent from the database BDD_SM of the SM access manager.
• the values N_SM and N_HSS as updated in the management server VNF-1e by the access manager SM and the authentication server HSS in steps S5 and S6 will differ.
• this network usage irregularity is displayed in the client interface INT so as to be readable by the client CL via a reading from the management server VNF-le.
• the management server VNF-le can communicate with a management entity of the service provider MNO in order to signal an irregularity in the use of the deployed network so as to block any new request for addition as long as the irregularity of use is not resolved (for example by a new update of the VNF-le management server in steps S5 and S6, such an update having equal NJHSS and N_SM values). If the values N_SM and NJHSS are indeed equal, the management server VNF-le continues the management of access and use of the network via a second comparison in step S8.
• This second comparison consists in verifying that the associations between service profiles and communication terminals activated on the network as recorded on the one hand, by the access manager SM and on the other hand, the authentication server HSS are quite the same. In other words, this second comparison makes it possible both to verify that: - the service profiles active on the network as recorded by the access manager
• the access manager SM and the authentication server HSS effectively associate the same communication terminal with it.
• step S8 makes it possible to guarantee that there is no association error between the terminals of the fleet of customer CL equipment connected to the network and the different profiles activated and used by the client CL, such errors being for example linked to problems of correspondence between the profile management systems on the side of the service provider MNO (therefore on the side of the authentication server HSS) and on the side of the client CL (therefore on the side of the access manager SM).
• step S8 If in step S8, an association error is detected (for example, a given identifier IMSIk service profile is registered by the access manager SM and the authentication server HSS as being associated with two terminals of identifiers EIDa and EIDb different for example), the management server VNF-le proceeds to step S9 and signals an irregularity in the use of the network.
• steps S7 and S8 may correspond to a single step in the case where for example the management server VNF-le detects a difference between the values N_SM and N_HSS by comparing the associations between service profiles and terminals communications enabled on the network.
• step S8 the management server VNF-le continues the procedure for managing access and use of the network by the client CL by carrying out a third comparison at step S10.
• the VNF-le management server reads from the BDD_LE database of the VNF-le management server information relating to the rights of use of the software functions used in the network and identifies in particular the maximum number N_max of service profiles that can be activated simultaneously by the HSS authentication server on the network.
• the third comparison of the process then consists in comparing the number total N_SM (or N_HSS) of active service profiles on the network as counted by the access manager SM and the authentication server HSS (step S7 guarantees that this number is the same for the two entities SM and HSS ) with the maximum number N_max of profiles that can be activated simultaneously on the network, as stipulated in the terms of the operating licenses associated with the CL client's subscription and contained in the BDD_LE database of the VNF-le management server.
• Step S10 can also include comparisons between the total number N_SM (or N_HSS) of active service profiles on the network as counted by the access manager SM and the authentication server HSS and each of the maximum numbers of users simultaneously authorized on the network, as defined by the operating licenses of other software functions of the network, these maximum numbers being read by the management server VNF-le in the database BDD_LE.
• N_SM or N_HSS
• the step S10 thus makes it possible to check whether the licenses taken out by the service provider MNO with one or more vendors of software functions used in the network by the customer CL have hardware and software capabilities such as are actually required. and operated by the client CL. If in step S10, the total number N_SM (or N_HSS) of active service profiles on the network as counted by the access manager SM and the authentication server HSS is equal to the maximum number N_max of profiles that can be activated simultaneously on the network, this means that the network as deployed by the MNO service provider is operated to its capacity by the CL customer and that the operating conditions of the licenses as subscribed by the MNO provider (and underlying , the client CL) from vendors of software functions (in this case the vendor of the software function of the authentication server HSS) are well estimated.
• N_SM or N_HSS
• the VNF-le management server optionally confirms that the licenses as subscribed to by the CL client are well suited to its use of the network by displaying a confirmation message of the "license OK" type, for example on the client interface INT in a step S101.
• the procedure for managing access to and using the management server VNF-le therefore ends at step S101 without changing the subscription conditions of the client CL with the supplier MNO.
• step S10 the total number N_SM (or NJHSS) of active service profiles on the network as counted by the access manager SM and the authentication server HSS is greater than the maximum number N_max of profiles that can be activated simultaneously on the network (or at one of the maximum numbers defined by the operating license for one of the network software functions), this means that the operating conditions for the network software functions as established by the vendors software functions to the MNO service provider are not complied with and that the CL customer is overusing the network deployed by the MNO service provider.
• step S10 the total number N_SM (or N_HSS) of active service profiles on the network as counted by the access manager SM and the authentication server HSS is less than the maximum number N_max of profiles that can be activated simultaneously on the network, this means that the CL customer is underutilizing the network deployed by the MNO service provider.
• the CL customer may have subscribed to a connectivity offer for N terminals (therefore leading to N operating licenses associated with the subscription) without however using the N communication terminals simultaneously and/or without having required the activation simultaneous N service profiles ordered.
• a readjustment of the network operating licenses can make it possible to resize the capacities of the network in line with the usage needs of the CL customer (either for reasons in particular legal compliance with network operating conditions in the case of network overuse, or for example for reasons of additional cost in the case of network underuse).
• Such a readjustment of the operating licenses can be carried out by the vendors of the software functions concerned by the readjustment via, for example, a software update.
• the management server VNF-le then proceeds to a step S100 aimed at such a readjustment of the network operating licenses, for example by the execution of a smart contract ("smart contract a") between the service provider MNO and the vendors of software functions concerned whose execution condition corresponds to the inequality between the total number N_SM (or N_HSS) of active service profiles on the network as counted by the access manager SM and the authentication server HSS and the maximum number N_max of profiles that can be activated simultaneously on the network and the execution result leads to a software update of the network.
• the update may relate to all the software functions of the network coming in particular to modify the information of the operating licenses.
• the management server VNF-le then displays via the client interface CL a message of the “license UPDATED” type for example.
• the operating license is not necessarily updated by the VNF-le management server of the MNO service provider and the VNF-le management server simply displays a message of the type "license KO » via the INT client interface, so as to inform the client of the relevance of a modification of the licenses subscribed.
• the management server VNF-le then makes it possible to manage access and use of the network by the fleet of terminal equipment of a customer CL and deployed by a service provider MNO. It allows both the customer and the MNO service provider to ensure proper management of operations within the deployed communication network in compliance with the conditions of use of the software functions associated with the latter.

Landscapes

• Engineering & Computer Science (AREA)
• Computer Networks & Wireless Communication (AREA)
• Signal Processing (AREA)
• Computer Security & Cryptography (AREA)
• Databases & Information Systems (AREA)
• Computer And Data Communications (AREA)
• Telephonic Communication Services (AREA)
• Data Exchanges In Wide-Area Networks (AREA)
• Mobile Radio Communication Systems (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=76159571

Family Applications (1)

Country Status (4)

Family Cites Families (1)

• 2021
  • 2021-04-13 FR FR2103782A patent/FR3121813A1/fr active Pending
• 2022
  • 2022-04-07 WO PCT/FR2022/050644 patent/WO2022219265A1/fr active Application Filing
  • 2022-04-07 EP EP22721808.8A patent/EP4324231A1/de active Pending
  • 2022-04-07 US US18/555,231 patent/US20240196196A1/en active Pending

Also Published As

Similar Documents

Legal Events