GB2538739A - Network elements, wireless communication system and methods therefor - Google Patents
Network elements, wireless communication system and methods therefor Download PDFInfo
- Publication number
- GB2538739A GB2538739A GB1508970.9A GB201508970A GB2538739A GB 2538739 A GB2538739 A GB 2538739A GB 201508970 A GB201508970 A GB 201508970A GB 2538739 A GB2538739 A GB 2538739A
- Authority
- GB
- United Kingdom
- Prior art keywords
- cell
- wireless communication
- communication unit
- identifier
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/021—Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/04—Large scale networks; Deep hierarchical networks
- H04W84/042—Public Land Mobile systems, e.g. cellular systems
- H04W84/045—Public Land Mobile systems, e.g. cellular systems using private Base Stations, e.g. femto Base Stations, home Node B
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/068—Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/08—Access restriction or access information delivery, e.g. discovery data delivery
- H04W48/10—Access restriction or access information delivery, e.g. discovery data delivery using broadcasted information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W60/00—Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W64/00—Locating users or terminals or network equipment for network management purposes, e.g. mobility management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
A mobile equipment (104) entering into the coverage area of a presence cell, determines that the detected cell is a presence cell and subsequently initiates an Radio Resource Control Connection towards the presence cell using an appropriate cause code signifying a presence update and also including an authentication code calculated by making use of an integrity key previously used when last connected to the core network„ an identity broadcast by the presence cell; and an identity assigned to the mobile equipment in the last cell that provided it with a core network connection. A controller (115) receives this information from the mobile equipment and compares it with similar information received from the last cell that provided a service to the mobile equipment. If there is a match, then a presence notification message is generated including the identity of the mobile equipment and of the presence cell.
Description
NETWORK ELEMENTS, WIRELESS COMMUNICATION SYSTEM AND METHODS THEREFOR
Field of the invention
The field of this invention relates to network elements, a wireless communication system and methods for determining a subscriber identity of a wireless communication unit
Background of the Invention
Wireless communication systems, such as the 3' Generation (3G) of mobile telephone standards and technology, are well known. An example of such 3G standards and technology is the Universal Mobile Telecommunications System (UMTSTm), developed by the 3rd Generation Partnership Project (3GPPTM) (www.3qpp.orq). The 3n1 generation of wireless communications has generally been developed to support macro-cell mobile phone communications. Such macro cells utilise high power base stations (NodeBs in 3GPP parlance) to communicate with wireless communication units within a relatively large geographical coverage area. Typically, wireless communication units, or User Equipment (UEs) as they are often referred to in 3G parlance, communicate with a Core Network (CN) of the 3G wireless communication system via a Radio Network Subsystem (RNS). A wireless communication system typically comprises a plurality of radio network subsystems, each radio network subsystem comprising one or more cells to which UEs may attach, and thereby connect to the network. Each macro-cellular RNS further comprises a controller, in a form of a Radio Network Controller (RNC), operably coupled to the one or more Node Bs, via a so-called lub interface.
The second generation wireless communication system (2G), also known as GSM, is a well-established cellular, wireless communications technology whereby "base transceiver stations" (equivalent to the Node B's of the 3G system) and "mobile stations" (user equipment) can transmit and receive voice and packet data. Several base transceiver stations are controlled by a Base Station Controller (BSC), equivalent to the RNC of 3G systems.
Communications systems and networks are developing towards a broadband and mobile system. The 3rd Generation Partnership Project has designed a Long Term Evolution (LTE) solution, namely, an Evolved Universal Mobile Telecommunication System Territorial Radio Access Network, (E-UTRAN), for a mobile access network, and a System Architecture Evolution (SAE) solution, namely, an Evolved Packet Core ( EPC), for a mobile core network. An all IP EPC and an E-UTRAN together are often referred to as an Evolved Packet System (EPS). In LTE a macrocell base station is generally known as an evolved NodeB (or eNB or eNodeB). An EPS provides only packet switching (PS) domain data access so voice services are provided by a 2G or 3G Radio Access Network (RAN) and circuit switched (CS) domain network or Voice over IF (VolP) techniques. User Equipment( UE) can access a CS domain core network through a 2G/3GRAN such as the (Enhanced Data Rate for GSM Evolution, EDGE) Radio Access Network (GERAN) or a Universal Mobile Telecommunication System Terrestrial Radio Access Network ( UTRAN), and access the EPC through the E-UTRAN. -2 -
Some User Equipments have the capability to communicate with networks of differing radio access technologies. For example, a user equipment may be capable of operating within a UTRAN and within an E-UTRAN.
Lower power (and therefore smaller coverage area) cells are a recent development within the field of wireless cellular communication systems. Such small cells are effectively communication coverage areas supported by low power base stations. The terms "picocell" and "femtocell" are often used to mean a cell with a small coverage area, with the term femtocell being more commonly used with reference to residential small cells. Small cells are often deployed with minimum RF (radio frequency) planning and those operating in consumers' homes are often installed in an ad hoc fashion.
The low power base stations which support small cells are referred to as Access Points (AP's) with the term Home Node B (HNB's) or Evolved Home Node B (HeNB) identifying femtocell Access Points. Each small-cell is supported by a single Access Point. These small cells are intended to augment the wide area macro network and support communications to multiple User Equipment devices in a restricted, for example, indoor environment. An additional benefit of small cells is that they can offload traffic from the macro network, thereby freeing up valuable macro network resources An HNB or HeNB is an Access Point that provides a wireless interface for user equipment connectivity. An HNB provides a radio access network connectivity to a user equipment (UE) using the so-called luh interface to a network Access Controller, also known as a Home Node B Gateway (HNB-G. One Access Controller (AC) can provide network connectivity of several HNB's to a core network. An HeNB provides a radio access network connectivity using the so-called Si interface to one or more network Access Controllers, known as an Mobility Management Entities (MMEs.) One MME can provide connectivity to many HeNBs or eNBs.
Typical applications for such Access Points include, by way of example, residential and commercial locations, communication 'hotspots', etc., whereby Access Points can be connected to a core network via, for example, the Internet using a broadband connection or the like. In this manner, small cells can be provided in a simple, scalable deployment in specific in-building locations where, for example, network congestion or poor coverage at the macro-cell level may be problematic.
Thus, an AP is a scalable, multi-channel, two-way communication device that may be provided within, say, residential and commercial (e.g. office) locations, 'hotspots' etc, to extend or improve upon network coverage within those locations. Although there are no standard criteria for the functional components of an AP, an example of a typical AP for use within a 3GPP 3G system may comprise Node-B functionality and some aspects of Radio Network Controller (RNC) functionality as specified in 3GPP TS 25.467. These small cells are intended to be able to be deployed alongside the more widely used macro-cellular network and support communications to UEs in a restricted, for example 'in-building', environment. In the case of LTE, HeNB functionality is described relative to eNodeB functionality in 3GPP TS 36.300. -3 -
Herein, the term "small cell" means any cell having a small coverage area and includes "picocells" and "femtocells." It is often useful in cellular networks (including small cell networks) to obtain the permanent subscriber identity (IMSI) or the permanent mobile equipment identity (IMEI) of the UEs which are accessing the small cells. This identity can be used for various purposes, one being to track UEs as they move through the macrocell or small cell network, thereby providing a so-called "presence" service. In 2G (GSM) and 3G systems, a common technique in small cells is for a Home Node B, (an Access Stratum device), to request the UE's permanent subscriber identity (IMS!) using an NAS (Non-Access Stratum) Identity Request message, normally used by the Core Network. This is possible in these systems because the NAS messages are not generally ciphered by the core network and so can be used by local nodes. In LTE on the other hand, the protocol design authenticates and optionally encrypts the Non-Access Stratum (NAS) between the UE and the MME (Mobility Management Entity) using separate keys from those used for authentication and typically encryption in the Access Stratum or the RRC (Radio Resource Control) layer, which is authenticated and typically encrypted between the UE and the eNode B and these NAS keys are not known to the Access Stratum devices such as the eNode B. Thus, the NAS security deployed in LTE means that an eNode B (or a Home eNode B) cannot use the same technique as is used in 3G and other methods have to be employed in order to acquire the UE's permanent identity. Methods of acquiring a UE's IMSI which result in the IMSI being sent over the air interface are, disadvantageously, vulnerable to attack by malicious entities. For example, in 2G and 3G systems, the UE does not immediately authenticate the Radio Access Network that it is in communication with and the associated core network prior to revealing its identity (over the air interface). A malicious entity could intercept and record data containing a UE's identity and then 'spoof the identity of the UE by re-playing the recorded data. Another disadvantage with some known presence techniques for prompting a UE to reveal its identity is that of the additional over the air signalling required.
Summary of the invention
Accordingly, the invention seeks to mitigate, alleviate or eliminate the above-mentioned disadvantages.
Aspects of the invention provide network elements, a wireless communication system and methods therefor as described in the appended claims.
According to a first aspect of invention there is provided a method for detecting the presence of a wireless communication unit in a wireless communication system comprising a first cell supported by a network element, at least one presence cell, each at least one presence cell having a unique identifier, and a presence controller, the method comprising: at the wireless communication unit, establishing a connection with the first cell; at the presence controller, receiving from the network element an identifier of the first cell, an identifier of the wireless communication unit and an authentication key; at the wireless communication unit, detecting a first presence cell and attempting -4 -to establish a connection therewith by sending a message which includes an identifier of the wireless communication unit, an identifier of the first cell and an authentication code; and at the presence controller, receiving from the first presence cell, the unique identifier of the first presence cell and said message, using the authentication key to verify the authentication code contained in said message, comparing the identifier of the first cell contained in said message with the identifier of the first cell received from the network element and if a match is found and if the authentication code is verified, generating a presence notification message confirming the presence of the wireless communication unit in the first presence cell wherein the presence notification message includes the identifier of the wireless communication unit and the unique identifier of the first presence cell.
In this way, presence of a wireless communication unit (or UE or mobile subscriber unit or the like), can be authenticated. Furthermore, the invention provides secure evidence that a wireless communication unit with a particular NAS identity and which was previously camped onto a previously identified cell (which may be a macrocell on the boundary of a cluster of presence cells, for example) was within the range of a particular presence cell at a particular time.
According to a second aspect of the invention, there is provided a network element for supporting a first cell and arranged to broadcast signals containing information relating to the identity of at least one neighbouring presence cell.
Such broadcast identities of presence cells may comprise their respective broadcast frequencies and may be received by a wireless communication unit within the coverage area of the cell supported by the network element.
The network element may be a base station with eNode B functionality or a proxy therefor. The network element may have the functionality of a Mobility Management Entity (MME). The network element may determine the NAS identifier (ie. permanent identifier or IMSI) of the wireless communication unit from a currently serving MME.
The identifier of the wireless communication unit may be the NAS (Non-Access Stratum) identity, and/or the C-RNTI (Cell Radio Network Temporary Identifier) and/or the S-TMSI (System Architecture Evolution Temporary Mobile Subscriber Identity.
The identifier of the first cell may be for example an operating parameter of that cell (eg. frequency, scrambling code or PCI (Physical Cell Identity) or CGI (Cell Global Identity) or E-CGI (Enhanced CGI).
According to a third aspect of the invention there is provided a wireless communication unit arranged to establish a connection with a first cell of a wireless communication system wherein the first cell has an identifier associated therewith, and wherein the wireless communication unit includes a signal processing module arranged to; detect a presence cell and its identifier and calculate an authentication code and wherein the wireless communication unit is arranged to attempt to establish a connection between the wireless communication unit and the detected presence cell of the wireless communication system by sending a message which includes an identifier of the wireless communication unit, the identifier of the first cell and the authentication code. -5 -
In one embodiment, the wireless communication unit is arranged to receive information broadcast from a network element, such information relating to the identities of one or more presence cells and to search for broadcast transmissions from such presence cells.
Optionally, the signal processor generates a cause code signifying a presence update process, the cause code being included in the sent message.
In one embodiment, each presence cell transmits an indicator in a broadcast channel which identifies it as a presence cell. In such a case, the wireless communication unit is arranged to detect this indicator. In other cases, the wireless communication unit is arranged to determine that a detected cell is a presence cell based on its detected operating parameters such as its operating frequency, its PCI or its eCGI (enhanced Cell Global Identity).
According to a fourth aspect of the invention there is provided a presence controller for verifying the presence of a wireless communication unit in a wireless communication system which includes a first cell and at least one presence cell, wherein the presence controller is arranged to; receive from one or more network elements of the wireless communication system, an identifier of the first cell, an identifier of a wireless communication unit camped onto the first cell, an authentication key and an identifier of a presence cell to which the wireless communication unit is requesting connection, and a message, generated by the wireless communication unit, which includes an identifier of the wireless communication unit, an identifier of the first cell and an authentication code; and wherein the presence controller is further arranged to; use the authentication key to verify the authentication code contained in said message, compare the identifier of the first cell contained in said message with the identifier of the first cell received from a network element and if a match is found and if the authentication code is verified, generate a presence notification message confirming the presence of the wireless communication unit in the presence cell wherein the presence notification message includes the identifier of the wireless communication unit and the unique identifier of the presence cell, In one embodiment, the message received from the wireless communication unit also includes an identifier of the wireless communication unit and the presence controller is further arranged to compare the identity of the wireless communication unit received from a network element with an identity of the wireless communication unit contained in the message.
The authentication code may comprise the so-called MAC-I (Message Authentication Code for integrity) or a derivative thereof such as the 'Short MAC-I' or an enhanced or modified form of Short MAC-I. The Short MAC-I is described in 3GG TS 36.300, 33.401. The wireless communication unit and presence controller may calculate this using the RRC integrity key associated with the first cell. The short MAC-I is an information element (1E) which may be sent in the message to the presence cell and then forwarded to the presence controller. The Short MAC-I is currently used in the LTE RRC Connection Re-establishment procedure by a UE. This procedure was designed for aiding recovery from radio link failure during handovers where the Short MAC-I is calculated based on the last RRC Integrity check key. Conventionally, the Short MAC-I is distributed to the one or more target handover cells prior to a UE having its connection modified as part of a handover attempt and is used by the UE -6 -to identify and authenticate itself if it recovers to one of these cells during a handover failure. The invention can also make use of the standard integrity algorithm block for the Short MAC-I calculation. In one embodiment, the wireless communication units attempts to establish connection with a presence cell by sending a modified RRC Connection Re-establishment Request message.
Advantageously, re-use of the Short MAC-I format ensures that the message length for connection request messages does not increase.
The message may also include a 'COUNT' value which the signal processor in the wireless communication unit increments each time it attempts to connect to a presence cell. This has the advantage of preventing replay attacks where a wireless communication unit's response may have been recorded by third party for the purpose of fraudulent activity by replaying the recorded message thereby imitating the wireless communication unit.
The presence controller may determine the NAS identifier of the wireless communication unit by appearing as another MME and requesting a wireless communication unit Context.
In one embodiment, the network element (first cell) sends to the presence controller the C-RNTI and the NAS identity of the wireless communication unit, the PCI of the first cell and the RRC Integrity keys relating to each presence cell In an alternative embodiment, the network element (first cell) also supplies to the presence controller an RRC Integrity key relating to be wireless communication unit.
In one embodiment the wireless communication unit calculates a Short MAC-I based on an RRC Integrity key, its C-RNTI and the eCGI of the first presence cell.
In one embodiment, the presence controller also compares a C-RNTI received from the wireless communication unit with C-RNTI received from the first cell.
The presence notification message may be sent by the presence controller to an Application server which may, for example, be a payment authorisation system affiliated to a bank. The presence notification message may include a fimestamp.
Once the presence controller has found a match between the compared identifiers of the first cell and has verified the authentication code, it may then generate an acknowledgement message and send this to the presence cell which the presence cell, in turn, may forward to the wireless communication unit. The acknowledgement message may contain a second authentication code. The second authentication code may be in the form of a Short MAC-I based on an RRC integrity key known to the wireless communication unit. The second authentication code may be calculated using the authentication key received from the network element with its DIRECTION bit reversed. The wireless communication unit may be arranged to receive this acknowledgement message, and the signal processor may be arranged to verify the acknowledgement message and, if the verification is successful, increment the COUNT value by 1 when next attempting to establish a connection with a presence cell. -7 -
In one embodiment, the network element supplies information to the presence controller when requested to do so by the presence controller. This could be done by an enhancement to the standard X2 protocol.
The invention has the advantage that no permanent subscriber unit identity needs to be sent over the air, therefore affording security of such an identity. Further, it does not require any presence service network to be able to look up any security keys. Presence cells are not required to provide any user service or mobility and therefore do not require any core network connection. The method according to the invention does not depend on establishing NAS signalling. Therefore the amount of over-the-air signalling required is minimal.
Optionally, the geographical layout of a cluster of presence cells may be known to the presence controller and the movement of a particular wireless communication unit amongst a cluster of presence cells may be monitored and used by the presence controller as an additional verification of the presence of particular wireless communication unit.
These and other aspects, features and advantages of the invention will be apparent from, and elucidated with reference to, the embodiments described hereinafter.
Brief Description of the Drawings
Further details, aspects and embodiments of the invention will be described, by way of example only, with reference to the drawings. Elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale. Like reference numerals have been included in the respective drawings to ease understanding.
FIG. 1 illustrates a part of a wireless communication system including apparatus operating in accordance with an example embodiment of the invention for detecting the presence of a wireless communication unit; and FIG. 2 is a simplified flowchart of an example of a method for detecting the presence of a wireless communication unit.
Detailed Description
Those skilled in the art will recognize and appreciate that the specifics of the specific examples described are merely illustrative of some embodiments and that the teachings set forth herein are applicable in a variety of alternative settings. For example, since the inventive concepts do not depend on any particular radio access technology or combination thereof, it is envisaged that the inventive concepts may be applied to other RAT's although LTE systems systems are shown in the embodiments. As such, other alternative implementations within cellular communication systems conforming to different standards are contemplated and are within the scope of the various teachings described.
Referring now to FIG.1, an example of part of a wireless communication system operating in accordance with embodiments of the invention is illustrated and indicated generally at 100 and -8 -comprises a an evolved Node B (eNode B) 101 supporting an LTE cell, which in this example is a macrocell 102. Other macrocells (not shown) may be included in the wireless communication system 100. The eNodeB 101 is of conventional design but modified to allow distribution of necessary information, which may include its PCI and RRC Integrity keys and C-RNTI of a wireless communication unit to another node. The eNodeB 101 is connected to and communicates with an Evolved Packet Core (EPC) (or Core Network)) in a conventional manner. The macrocell 102 has assigned thereto a unique PCI (Physical Cell Identity).The Evolved Packet Core is also conventional and includes a Mobility Management Enterprise (MME) 103 and other systems (not shown). The MME 103 has a unique identity and is connected to the eNode B 101 and is typically configured to process signalling between a User Equipment (UE) 104 within the coverage area of the eNodeB 101 and the rest of the Core Network. The User Equipment 104 is provided with a signal processor 105.
The macrocell 102 can be thought of as a 'boundary cell' to a cluster of 'presence' cells 106. Four presence cells 107, 108, 109, 110 are shown in FIG.1 as comprising the cluster but there may be more or fewer. Each presence cell is supported by a respective access point 111, 112, 13, 114. Each presence cell has small area of coverage compared with the macrocell 102 and has no connection to the core network. Each access point 111-114 has a functionality that is similar to that of a femtocell or small cell access point but does not provide core network services. The cluster of presence cells 106 may be located in a street or near building entrances at locations where the presence of a User Equipment needs to be detected and verified; close to a bank or cash dispensing machine, for example. The boundary macrocell 102 is a cell through which the UE passes just before entering the region defined by the cluster of cells 106. In this embodiment, each presence cell 107-110 has assigned thereto a unique identifier which in this example is an eCGII. Further, each presence cell 107-110, via its respective access point 111-114 transmits a signal broadcast including its unique identifier and which signifies that it is, in fact, a presence cell.
Each presence cell 111,-114, via its respective access point 107-114, is connected to a presence controller 115. The presence controller 115 is also connected to the eNode B 101, the MME 103 and an application server 116. The application server 116 can be a payment authorisation system affiliated to a bank, for example.
An example of operation of the embodiment of FIG.1 will now be described with reference to the flowchart of FIG. 2. At 201, the UE 104 establishes an RRC connection with the boundary macrocell 102 using conventional techniques. Such a conventional technique can take the form of a Tracking Area Update (TAU) process. As a consequence of the connection with the boundary macrocelll 102, the UE 105 is assigned a C-RNTI.
At 202, the NAS identity of the UE 104 is obtained by the eNode B 101 from the MME 103 and at 203 is made known to the presence controller 115 along with the UE's C-RNTI, the boundary cell's PCI and RRC integrity keys from the eNodeB 101. It will be understood by those skilled in the art that an RRC Integrity key is a cipher key used to ensure the integrity of RRC signalling traffic between a serving eNodeB and a UE. It is derived from a key supplied to the eNodeB by a MME or other eNodeB -9 -for a particular UE in combination with a choice of integrity algorithm and identification as an integrity key.
At 204, the presence controller 115 notifies the application server 116 of the UE's NAS identity, the identity of the serving MME 103 and the boundary cell's PCI. This information will enable the application server 116 itself to query the serving MME for a permanent NAS identity of the UE if it is desired to operate the system so that the presence controller does not handle permanent UE identities.
While the UE 104 is camped onto the boundary cell 102, it moves towards the presence cell cluster 106 and comes within the coverage area of a first presence cell 107.
At 205, the signal processor 105 in the UE 104 detects the presence cell 107, determines that it is a presence cell and reads its eCGI.
At 206, the signal processor 105 in the UE 104 calculates a modified Short MAC-I. It does this using an RRC integrity key which is the key last used when last connected to the core network, the CRNTI and the eCGI of the detected first presence cell 107. It also increments the COUNT value of the standard Short MAC-I by 1 and generates a cause code signifying a presence update process.
At 207, the UE 104 attempts to establish a connection with the first presence cell 107. It does this by sending a modified RRC Connection Re-establishment Request for reception by the first presence cell 107. The Request includes the generated cause code, the calculated modified Short MAC-I with a COUNT value set at 2, the boundary cell's PCI, the UE's C-RNTI.
At 208, the presence cell (via its respective access point 111) forwards to the presence controller 115 the received RRC Connection Re-establishment Request.
At 209, a presence detection and validation process is carried out by the presence controller 107. The presence controller calculates a Short MAC-I using the authentication key received from the eNode B 101 and compares this calculated Short MAC-I (including its COUNT value) with the modified Short MAC-I calculated by the signal processor 105 and received from the first presence cell 107. The calculation can be done using a standard integrity algorithm. The presence controller 107 also compares the C-RNTI received from the eNodeB 101 with the C-RNTI supplied from the UE 104 via the first presence cell 107 and compares the boundary cell's PCI received from the eNodeB 101 with the PCI received from the UE 104 via the first presence cell 107.
If, at 210 not all of the compared values match, then the method ends. If on the other hand, all the compared values match, then at 211, the presence of the UE 104 in the first presence cell 107 is confirmed and its identity is validated. As a consequence, the presence controller 107 generates a presence notification message for sending to the application server 116.
At 212, the notification message which contains the UE's NAS identity, the first presence cell's eCGI, the boundary cell's PCI and the serving MME's identity is sent to the application server.
Subsequently, the presence controller 115 generates an acknowledgement message for the first presence cell 107 to forward to the UE 104. In one example, the acknowledgement takes the form of a message which includes another authentication code that demonstrates that it knew the original -10 -integrity key. This would prevent a bogus, imitation cell being able to cause the UE to successively increment the value of an input parameter such as COUNT. In another example as illustrated in FIG. 2, at 213 the acknowledgment message can take the form of a further, modified RRC Reestablishment message that makes use of a Short-MAC-I calculated using the received input values (including COUNT) but with the DIRECTION reversed.
This acknowledgement message is received by the first presence cell 107 and at 214 is forwarded to the UE 104.
The UE 104 may move out of the coverage area of the first presence cell 107 and into the coverage area of a second presence cell 108. In such a case, the method reverts to step 205 and at step 207, the COUNT value is set to 3.
If a UE subsequently reselects on to a non-presence cell and completes an RRC Connection setup, then its C-RNTI will change and the temporary NAS identity is likely to change as a result of the Tracking Area Update process. The RRC Integrity Key will also change and so the process will normally reset itself The signal processing functionality of the embodiments of the invention, particularly the presence controller 115 may be achieved using computing systems or architectures known to those who are skilled in the relevant art. Computing systems such as, a desktop, laptop or notebook computer, hand-held computing device (PDA, cell phone, palmtop, etc.), mainframe, server, client, or any other type of special or general purpose computing device as may be desirable or appropriate for a given application or environment can be used. The computing system can include one or more processors which can be implemented using a general or special-purpose processing engine such as, for example, a microprocessor, microcontroller or other control module.
The computing system can also include a main memory, such as random access memory (RAM) or other dynamic memory, for storing information and instructions to be executed by a processor. Such a main memory also may be used for storing temporary variables or other intermediate information during execution of instructions to be executed by the processor. The computing system may likewise include a read only memory (ROM) or other static storage device for storing static information and instructions for a processor.
The computing system may also include an information storage system which may include, for example, a media drive and a removable storage interface. The media drive may include a drive or other mechanism to support fixed or removable storage media, such as a hard disk drive, a floppy disk drive, a magnetic tape drive, an optical disk drive, a compact disc (CD) or digital video drive (DVD) read or write drive (R or RVV), or other removable or fixed media drive. Storage media may include, for example, a hard disk, floppy disk, magnetic tape, optical disk, CD or DVD, or other fixed or removable medium that is read by and written to by media drive. The storage media may include a computer-readable storage medium having particular computer software or data stored therein.
In alternative embodiments, an information storage system may include other similar components for allowing computer programs or other instructions or data to be loaded into the -11 -computing system. Such components may include, for example, a removable storage unit and an interface, such as a program cartridge and cartridge interface, a removable memory (for example, a flash memory or other removable memory module) and memory slot, and other removable storage units and interfaces that allow software and data to be transferred from the removable storage unit to computing system.
The computing system can also include a communications interface. Such a communications interface can be used to allow software and data to be transferred between a computing system and external devices. Examples of communications interfaces can include a modem, a network interface (such as an Ethernet or other NIC card), a communications port (such as for example, a universal serial bus (USB) port), a PCMCIA slot and card, etc. Software and data transferred via a communications interface are in the form of signals which can be electronic, electromagnetic, and optical or other signals capable of being received by a communications interface medium.
In this document, the terms 'computer program product', 'computer-readable medium' non-transitory computer-readable medium' and the like may be used generally to refer to tangible media such as, for example, a memory, storage device, or storage unit. These and other forms of computer-readable media may store one or more instructions for use by the processor comprising the computer system to cause the processor to perform specified operations. Such instructions, generally referred to as 'computer program code' (which may be grouped in the form of computer programs or other groupings), when executed, enable the computing system to perform functions of embodiments of the present invention. Note that the code may directly cause a processor to perform specified operations, be compiled to do so, and/or be combined with other software, hardware, and/or firmware elements (e.g., libraries for performing standard functions) to do so.
In an embodiment where the elements are implemented using software, the software may be stored in a computer-readable medium and loaded into computing system using, for example, removable storage drive. A control module (in this example, software instructions or executable computer program code), when executed by the processor in the computer system, causes a processor to perform the functions of the invention as described herein.
Furthermore, the inventive concept can be applied to any circuit for performing signal processing functionality within a network element. It is further envisaged that, for example, a semiconductor manufacturer may employ the inventive concept in a design of a stand-alone device, such as a microcontroller of a digital signal processor (DSP), or application-specific integrated circuit (ASIC) and/or any other sub-system element.
It will be appreciated that, for clarity purposes, the above description has described embodiments of the invention with reference to a single processing logic. However, the inventive concept may equally be implemented by way of a plurality of different functional units and processors to provide the signal processing functionality. Thus, references to specific functional units are only to be seen as references to suitable means for providing the described functionality, rather than indicative of a strict logical or physical structure or organisation.
-12 -Aspects of the invention may be implemented in any suitable form including hardware, software, firmware or any combination of these. The invention may optionally be implemented, at least partly, as computer software running on one or more data processors and/or digital signal processors or configurable module components such as FPGA devices. Thus, the elements and components of an embodiment of the invention may be physically, functionally and logically implemented in any suitable way. Indeed, the functionality may be implemented in a single unit, in a plurality of units or as part of other functional units.
Although the present invention has been described in connection with some embodiments, it is not intended to be limited to the specific form set forth herein. Rather, the scope of the present invention is limited only by the accompanying claims. Additionally, although a feature may appear to be described in connection with particular embodiments, one skilled in the art would recognize that various features of the described embodiments may be combined in accordance with the invention. In the claims, the term 'comprising' does not exclude the presence of other elements or steps.
Furthermore, although individually listed, a plurality of means, elements or method steps may be implemented by, for example, a single unit or processor. Additionally, although individual features may be included in different claims, these may possibly be advantageously combined, and the inclusion in different claims does not imply that a combination of features is not feasible and/or advantageous. Also, the inclusion of a feature in one category of claims does not imply a limitation to this category, but rather indicates that the feature is equally applicable to other claim categories, as appropriate.
Furthermore, the order of features in the claims does not imply any specific order in which the features must be performed and in particular the order of individual steps in a method claim does not imply that the steps must be performed in this order. Rather, the steps may be performed in any suitable order. In addition, singular references do not exclude a plurality. Thus, references to 'a', 'an', 'first, 'second', etc. do not preclude a plurality.
Claims (14)
- -13 -Claims 1. A method for detecting the presence of a wireless communication unit (104) in a wireless communication system (100) comprising a first cell (102) supported by a network element (101), at least one presence cell (107-110), each at least one presence cell having a unique identifier, and a presence controller (115), the method comprising: at the wireless communication unit, establishing (201) a connection with the first cell,; at the presence controller, receiving (203) from the network element an identifier of the first cell, an identifier of the wireless communication unit and an authentication key; at the wireless communication unit, detecting (205) a first presence cell (107) and attempting to establish a connection (207) therewith by sending a message which includes an identifier of the wireless communication unit, an identifier of the first cell and an authentication code; and at the presence controller, receiving (208) from the first presence cell, the unique identifier of the first presence cell and said message, using (209) the authentication key to verify the authentication code contained in said message, comparing (209) the identifier of the first cell contained in said message with the identifier of the first cell received from the network element and if a match is found and if the authentication code is verified; generating (211) a presence notification message confirming the presence of the wireless communication unit in the first presence cell wherein the presence notification message includes the identifier of the wireless communication unit and the unique identifier of the first presence cell.
- 2. The method of claim 1 wherein the authentication key is an RRC, Radio Resource Control, integrity key.
- 3. The method of claim 2 wherein the authentication code is in the form of a Short MAC-I, Message Authentication Code for Integrity.
- 4. The method of any preceding claim wherein each presence cell (107-110) transmits an indicator in a broadcast channel which identifies it as a presence cell.
- 5. A network element (101) for supporting a first cell (102) and arranged to broadcast signals containing information relating to the identity of at least one neighbouring presence cell (107).
- 6. A wireless communication unit (104) arranged to establish a connection with a first cell (102) of a wireless communication system (100) wherein the first cell has an identifier associated therewith, and wherein the wireless communication unit includes a signal -14 -processing module (105) arranged to; detect a presence cell (107-110) and its identifier and calculate an authentication code and wherein the wireless communication unit is arranged to attempt to establish a connection between the wireless communication unit and the detected presence cell of the wireless communication system by sending a message which includes an identifier of the wireless communication unit, the identifier of the first cell and the authentication code..
- 7. The wireless communication unit (104) of claim 6 arranged to attempt to establish a connection with a presence cell (107-110) by sending an RRC, Radio Resource Control, Connection Re-establishment message.
- 8. The wireless communication unit (104) of claim 6 or 7 wherein the signal processor (105) is arranged to generate a cause code signifying a presence update process for inclusion in the message.
- 9. The wireless communication unit (104) of any of claims 6 to 8 arranged to receive information broadcast from a network element (101), such information relating to the identities of one or more presence cells (107-110) and to search for broadcast transmissions from such presence cells 10. The wireless communication unit (104) of any of claims 6 to 9 wherein the signal processor (105) is arranged to include in the message when attempting to establish a connection with a presence cell (107-110) a COUNT value which it increments by 1 each time the wireless communication unit attempts to connect to a presence cell (107).11. The wireless communication unit (104) of claim 10 and arranged to receive an acknowledgement message from a presence cell (107), and wherein the signal processor (105) is arranged to verify the acknowledgement message and, if the verification is successful, increment the COUNT value when next attempting to establish a connection with a presence cell.12. A presence controller (115) for verifying the presence of a wireless communication unit (104) in a wireless communication system (100) which includes a first cell (102) and at least one presence cell (107-110), wherein the presence controller (115) is arranged to; receive from one or more network elements (101, 103, 111) of the wireless communication system, an identifier of the first cell, an identifier of a wireless communication unit (104) camped onto the first cell, an authentication key and a unique identifier of a presence cell (107) to which the wireless communication unit is requesting connection, and a message, -15 -generated by the wireless communication unit, which includes an identifier of the wireless communication unit, an identifier of the first cell and an authentication code; and wherein the presence controller (115) is further arranged to; use the authentication key to verify the authentication code contained in said message, compare the identifier of the first cell contained in said message with the identifier of the first cell received from a network element (101, 103) and if a match is found and if the authentication code is verified, generate a presence notification message confirming the presence of the wireless communication unit (104) in the presence cell (107) wherein the presence notification message includes the identifier of the wireless communication unit (104) and the unique identifier of the presence cell (107)..13. The presence controller (115) of claim 12 wherein the presence controller is arranged to receive an identifier of the wireless communication unit (104) contained in said message and is further arranged to compare the identifier of the wireless communication unit received from a network element (101, 13) with the identifier of the wireless communication unit contained in the message.14. The presence controller (115) of either of claims 12 or 13 arranged to generate an acknowledgement message for reception by the wireless communication unit (104) if a match is found and if the authentication code is verified.15. The presence controller (115) of any of claims 12 to 14 arranged to generate an acknowledgement message comprising a second authentication code in the form of a Short MAC-I calculated using the authentication key received from the network element with a DIRECTION bit reversed.Amendments to the Claims have been filed as follows Claims 1. A method for detecting the presence of a wireless communication unit (104) in a wireless communication system (100) comprising a first cell (102) supported by a network element (101), at least one presence cell (107-110), each at least one presence cell having a unique identifier, and a presence controller (115), the method comprising: at the wireless communication unit, establishing (201) a connection with the first cell,; at the presence controller, receiving (203) from the network element an identifier of the first cell, an identifier of the wireless communication unit and an authentication key; at the wireless communication unit, detecting (205) a first presence cell (107) and attempting to establish a connection (207) therewith by sending a message which includes an identifier of the wireless communication unit, an identifier of the first cell and an authentication code; and at the presence controller, receiving (208) from the first presence cell, the unique identifier of the first presence cell and said message, using (209) the authentication key to verify the authentication code contained in said message, comparing (209) the identifier of the first (r) cell contained in said message with the identifier of the first cell received from the network element and if a match is found and if the authentication code is verified; generating (211) 1.0 a presence notification message confirming the presence of the wireless communication unit in the first presence cell wherein the presence notification message includes the identifier of the wireless communication unit and the unique identifier of the first presence o cell.2. The method of claim 1 wherein the authentication key is an RRC, Radio Resource Control, integrity key.3. The method of claim 2 wherein the authentication code is in the form of a Short MAC-I, Message Authentication Code for Integrity.4. The method of any preceding claim wherein each presence cell (107-110) transmits an indicator in a broadcast channel which identifies it as a presence cell.5. A wireless communication unit (104) arranged to establish a connection with a first cell (102) of a wireless communication system (100) wherein the first cell has an identifier associated therewith, and wherein the wireless communication unit includes a signal processing module (105) arranged to; detect a presence cell (107-110) and its identifier and calculate an authentication code and wherein the wireless communication unit is arranged to attempt to establish a connection between the wireless communication unit and the detected presence cell of the wireless communication system by sending a message which includes an identifier of the wireless communication unit, the identifier of the first cell and the authentication code..6. The wireless communication unit (104) of claim 5 arranged to attempt to establish a connection with a presence cell (107-110) by sending an RRC, Radio Resource Control, Connection Re-establishment message.7. The wireless communication unit (104) of claim 5016 wherein the signal processor (105) is arranged to generate a cause code signifying a presence update process for inclusion in the message.8. The wireless communication unit (104) of any of claims 5 to 7 arranged to receive information broadcast from a network element (101), such information relating to the identities of one or more presence cells (107-110) and to search for broadcast transmissions from such presence cells.9. The wireless communication unit (104) of any of claims 5 to 8 wherein the signal processor (105) is arranged to include in the message when attempting to establish a connection with a presence cell (107-110) a COUNT value which it increments by 1 each time the wireless communication unit attempts to connect to a presence cell (107).
- 10. The wireless communication unit (104) of claim 9 and arranged to receive an acknowledgement message from a presence cell (107), and wherein the signal processor (105) is arranged to verify the acknowledgement message and, if the verification is successful, increment the COUNT value when next attempting to establish a connection with a presence cell.
- 11. A presence controller (115) for verifying the presence of a wireless communication unit (104) in a wireless communication system (100) which includes a first cell (102) and at least one presence cell (107-110), wherein the presence controller (115) is arranged to; receive from one or more network elements (101, 103, 111) of the wireless communication system, an identifier of the first cell, an identifier of a wireless communication unit (104) camped onto the first cell, an authentication key and a unique identifier of a presence cell (107) to which the wireless communication unit is requesting connection, and a message, generated by the wireless communication unit, which includes an identifier of the wireless communication unit, an identifier of the first cell and an authentication code; and wherein the presence controller (115) is further arranged to; use the authentication key to verify the authentication code contained in said message, compare the identifier of the first cell contained in said message with the identifier of the first cell received from a network element (101, 103) and if a match is found and if the authentication code is verified, generate a presence notification message confirming the presence of the wireless communication unit (104) in the presence cell (107) wherein the presence notification message includes the identifier of the wireless communication unit (104) and the unique identifier of the presence cell (107)..
- 12. The presence controller (115) of claim 11 wherein the presence controller is arranged to receive an identifier of the wireless communication unit (104) contained in said message and is further arranged to compare the identifier of the wireless communication unit received from a network element (101, 13) with the identifier of the wireless communication unit contained in the message.
- 13. The presence controller (115) of either of claims 11 or 12 arranged to generate an acknowledgement message for reception by the wireless communication unit (104) if a (r) match is found and if the authentication code is verified.
- 14. The presence controller (115) of any of claims 11 to 13 arranged to generate an acknowledgement message comprising a second authentication code in the form of a Short MAC-I calculated using the authentication key received from the network element o with a DIRECTION bit reversed.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB1508970.9A GB2538739B (en) | 2015-05-26 | 2015-05-26 | Network elements, wireless communication system and methods therefor |
PCT/EP2016/060334 WO2016188728A1 (en) | 2015-05-26 | 2016-05-09 | Network elements, wireless communication system and methods therefor |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB1508970.9A GB2538739B (en) | 2015-05-26 | 2015-05-26 | Network elements, wireless communication system and methods therefor |
Publications (3)
Publication Number | Publication Date |
---|---|
GB201508970D0 GB201508970D0 (en) | 2015-07-01 |
GB2538739A true GB2538739A (en) | 2016-11-30 |
GB2538739B GB2538739B (en) | 2017-06-28 |
Family
ID=53506325
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
GB1508970.9A Active GB2538739B (en) | 2015-05-26 | 2015-05-26 | Network elements, wireless communication system and methods therefor |
Country Status (2)
Country | Link |
---|---|
GB (1) | GB2538739B (en) |
WO (1) | WO2016188728A1 (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20200245135A1 (en) * | 2019-01-28 | 2020-07-30 | Qualcomm Incorporated | Support for early data transmission with central unit/distributed unit functional split |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080198826A1 (en) * | 2007-02-21 | 2008-08-21 | Sang-Yeon Won | Method and system of detecting duplicate SSID via self-scanning in WLAN |
GB2507301A (en) * | 2012-10-25 | 2014-04-30 | Ip Access Ltd | Providing a location presence service in a cellular communication system |
GB2523352A (en) * | 2014-02-21 | 2015-08-26 | Ip Access Ltd | Location validation in cellular communication systems |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2507119B (en) * | 2012-10-22 | 2014-11-12 | Ip Access Ltd | Network elements, wireless communication system and methods therefor |
-
2015
- 2015-05-26 GB GB1508970.9A patent/GB2538739B/en active Active
-
2016
- 2016-05-09 WO PCT/EP2016/060334 patent/WO2016188728A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080198826A1 (en) * | 2007-02-21 | 2008-08-21 | Sang-Yeon Won | Method and system of detecting duplicate SSID via self-scanning in WLAN |
GB2507301A (en) * | 2012-10-25 | 2014-04-30 | Ip Access Ltd | Providing a location presence service in a cellular communication system |
GB2523352A (en) * | 2014-02-21 | 2015-08-26 | Ip Access Ltd | Location validation in cellular communication systems |
Also Published As
Publication number | Publication date |
---|---|
WO2016188728A1 (en) | 2016-12-01 |
GB2538739B (en) | 2017-06-28 |
GB201508970D0 (en) | 2015-07-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2947903B1 (en) | System and method for identifying a subscriber in a network environment | |
EP2345277B1 (en) | Verifying neighbor cell | |
JP5484487B2 (en) | Method and apparatus in a communication network | |
US9066232B2 (en) | Femtocell access control | |
US9654979B2 (en) | Network elements, wireless communication system and methods therefor | |
US9603004B2 (en) | Network elements, wireless communication system and methods therefor | |
US9473934B2 (en) | Wireless telecommunications network, and a method of authenticating a message | |
WO2016188728A1 (en) | Network elements, wireless communication system and methods therefor | |
KR102205389B1 (en) | Method for subscriber identity determination, network elements and wireless communication system therefor | |
US8452283B2 (en) | Femtocell base station and method thereof | |
JP5216790B2 (en) | Mobile communication system, operation apparatus, and mobile communication method |