WO2010026452A2 - Inter-base stations communication using terminal device - Google Patents

Inter-base stations communication using terminal device Download PDF

Info

Publication number
WO2010026452A2
WO2010026452A2 PCT/IB2009/006100 IB2009006100W WO2010026452A2 WO 2010026452 A2 WO2010026452 A2 WO 2010026452A2 IB 2009006100 W IB2009006100 W IB 2009006100W WO 2010026452 A2 WO2010026452 A2 WO 2010026452A2
Authority
WO
WIPO (PCT)
Prior art keywords
base station
receiving
information package
signed information
sending
Prior art date
Application number
PCT/IB2009/006100
Other languages
French (fr)
Other versions
WO2010026452A3 (en
Inventor
Henrik Levkowetz
Original Assignee
Telefonaktiebolaget Lm Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget Lm Ericsson (Publ) filed Critical Telefonaktiebolaget Lm Ericsson (Publ)
Publication of WO2010026452A2 publication Critical patent/WO2010026452A2/en
Publication of WO2010026452A3 publication Critical patent/WO2010026452A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2111Location-sensitive, e.g. geographical location, GPS
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04JMULTIPLEX COMMUNICATION
    • H04J11/00Orthogonal multiplex systems, e.g. using WALSH codes
    • H04J11/0069Cell search, i.e. determining cell identity [cell-ID]
    • H04J11/0093Neighbour cell search
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/61Time-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/73Access point logical identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/08Access point devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W92/00Interfaces specially adapted for wireless communication networks
    • H04W92/16Interfaces between hierarchically similar devices
    • H04W92/20Interfaces between hierarchically similar devices between access points

Definitions

  • the present invention generally relates to radio communication systems, devices, software and methods and, more particularly, to mechanisms and techniques for transferring information among base stations when a destination base station is not known.
  • LTE systems will provide for creation of neighbor cell relations in eNBs, where an eNB is the node of the LTE system.
  • Systems other than LTE are also designed such that nodes of the system communicate among themselves.
  • mechanisms for securely transferring information directly between base stations (or access points) of a wireless network may use direct communication links as disclosed for example in RFC 4067, "Context Transfer Protocol (TCXP)", http://tools.ietf.org/html/rfc4067, the entire content of which is incorporated here by reference.
  • TXP Context Transfer Protocol
  • eNB 10 may include one or more eNBs 12 that are connected via an interface S1 to a core network 14 of the system. Another interface X2 connects the eNBs 12 among themselves.
  • One eNB may serve one or more cells 16.
  • base station is used to refer to an eNB node in the LTE system or a NodeB in a WCDMA system or to other nodes of other systems as will be appreciated by those skilled in the art. Also for simplicity, it is assumed that each node eNB serves only one cell although an eNB node may serve multiple nodes.
  • the base station with which the user terminal currently communicates is referred to as the "serving base station” and a neighbor base station is referred to as the “neighbor base station.”
  • the user terminal may communicate with the neighbor base station while being served by the serving base station.
  • Each cell in a telecommunication system is assigned one of 504 possible physical cell identities (PCI).
  • PCI may be broadcasted on layer 1 in the cell. Knowledge of the PCI of the cell is needed for a terminal (also called user equipment, user terminal) to correctly decode a downlink transmission in a cell. Thus, the PCI is used to distinguish cells from each other and to enable decoding of downlink transmissions.
  • FIG. 2 illustrates an example of how the PCIs of cells in a telecommunication network are reused. Sufficient reuse distances should be used between cells A and C that have the same PCI, so that PCI conflicts are minimized. However, when PCI conflicts occur, these conflicts should be resolved, i.e., at least one cell should have its PCI changed so that the conflict is eliminated.
  • the PCI is a physical layer parameter, which may be easily and quickly read by a terminal. This parameter is reported to the base stations together with Reference Signal Received Power (RSRP) levels in measurement reports generated by the terminals.
  • RSRP Reference Signal Received Power
  • the PCI is relevant to another aspect of a telecommunication system, which is discussed next.
  • a mobile terminal 18 may move around from a serving cell 16a to a neighbor cell 16b, thus moving from one cell to one of its neighbors repeatedly.
  • a list of the known neighbor cells of the serving cell 16a (the same is true for each serving cell), called “neighbor cell set” or “neighbor cell list” may be used both by the network 10 and by the mobile terminal 18 to enable reliable handover between cells.
  • the network 10 may store information relating to a neighbor cell set for each mobile terminal.
  • the neighbor cell set may be used for evaluation and handover of any mobile terminal, from one cell to another cell, as the mobile terminal crosses a cell boundary.
  • the neighbor cell set may be generated based on the PCIs of the cells in the network.
  • a factor that affects the neighbor cell set is the fact that the cell boundaries are not sharply defined. The cell boundaries are somewhat blurred as the range of the base stations overlap with one another and thus, these facts need to be taken into account when generating the neighbor cell list.
  • CIPL Cell Identity PLMN Level
  • PLMN Public Land Mobile Network
  • MCC Mobile Country Code
  • MNC Mobile Network Code
  • the CIPL identity may be included in the system information that is periodically broadcast in each cell. Because a CIPL, unlike a PCI, is unique within a PLMN, no reuse coordination of CIPLs is needed.
  • the creation of the neighbor cell list for each cell may be based on the
  • the creation of the neighbor cell list is a management task that takes into account the configuration of the system.
  • this method is abandoned in favor of automatic detection of neighbor cells aided by the user terminal and subsequent automatic creation of the neighbor list, establishment of the X2 interface, and exchange of relevant information between the involved eNBs (unless the neighboring cells belong to the same eNB, in which case the neighbor relation creation, albeit possibly not neighbor detection, is an entirely eNB internal matter).
  • This approach relies on measurement reports from active terminals to detect neighbor cells.
  • the reports may include the PCIs (as well as other measurement parameters) of detected cells.
  • the serving eNB requests the terminal to read and report the CIPL and PLMN identity of the new cell with the relevant PCI.
  • This action requires that the serving eNB schedules a measurement gap, i.e., a gap in the regular transmissions to and from the terminal, during which the terminal may tune and synchronize its receiver to the other cell until the CIPL and PLMN identity has been received.
  • the serving node eNB may conclude that the new cell belongs to the same PLMN as the serving node eNB itself, and may choose to include the new cell into its list of neighbor cells.
  • the serving node eNB then may use the CIPL to retrieve the IP address of the neighbor node eNB, which serves the detected new cell, establish the X2 interface with this neighbor node eNB (unless the X2 interface was already established), and exchange information which is relevant for the X2 interface and the neighbor relation.
  • ANR Automatic Neighbor Relation
  • FIG. 4 illustrates a possible exchange of information between serving node eNB 12a, new node eNB 12b and a terminal 18 served by the serving node eNB 12a.
  • terminal 18 detects the PCI of the new node eNB 12b.
  • terminal 18 reports the PCI and other measurements of the new node eNB 12b to serving node 12a.
  • the serving node eNB 12a schedules the measurement gap during which terminal 18 synchronizes with new node eNB 12b to detect other parameters of the new node eNB 12b.
  • the serving node eNB 12a instructs terminal 18 to detect PLMN and CIPL of new node eNB 12b.
  • terminal 18 receives the PLMN and CIPL from new node eNB 12b and in step 6 terminal 18 transmits this information to the serving node eNB 12a. Based on this information, the serving node eNB 12a and the new node eNB 12b establish interface X2 and each generate/update its neighbor relation.
  • the interface X2 may be part of a transport network 20, which may be implemented as a landline.
  • the communication between two eNBs is supposed to be performed via the operator's protected zone (part of the Network Domain Security (NDS), see for example 3GPP TS 33.210 v7.3.0, "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Network Domain Security; IP network layer security (Release 7)", September 2007, the entire content of which is incorporated here by reference).
  • NDS Network Domain Security
  • each eNB 12a and 12b (or each eNB site) has established a secure communication path 22 to the operator network 24, as shown in Figure 5.
  • the two eNBs 12a and 12b communicate via a virtual private network (VPN), which means that the two eNBs trust each other and their mutual communication is secure.
  • VPN virtual private network
  • the communication path 26 over the X2 interface is also secure while communications over network 28 are insecure.
  • the two nodes eNBs may communicate directly, without being routed via the operator's NDS zone, as shown in Figure 6.
  • each pair of nodes eNB (or pair of eNB sites) having neighbor relations has to secure the mutual communication of the nodes of the pair.
  • Securing the communication may be achieved using IP security (IPsec, according to RFC 4301) based on Security Association (SAs) established using Internet Key Exchange version 2 (IKEv2) authenticated by certificates.
  • IPsec IP security
  • SAs Security Association
  • IKEv2 Internet Key Exchange version 2
  • the certificates and IPsec provide a similar security as in the NDS case, i.e., the pair of nodes eNBs can trust each other and their mutual communication 22 is secure as illustrated in Figure 6.
  • Figure 6 shows that the secure communication 22 is not routed via the operator's NDS zone 24.
  • an X2 communication via the operator network is the initial track and subsequently, a direct eNB-eNB X2 communication path may be established as the final communication path.
  • a first problem affecting the above described procedure for generating and implementing neighbor relations is that although the actual neighbor relation establishment is secure, in terms of trust relations and protected communication, the relevancy of a reported neighbor is not known. In other words, there is no mechanism for determining whether an alleged neighbor node eNB is indeed a neighbor node.
  • An example is described next to illustrate this problem. Suppose that a malicious terminal reports false CIPLs collected from other parts of the network, which are not neighbor cells of the serving cell. The serving node eNB, not being configured to determine the relevancy of the asserted neighbor cells, would establish unwanted neighbor relations with cells that are in fact not neighbor cells.
  • UE A and UE B communicate with each other from different (geographically distant) parts of the network.
  • UE A collects CIPLs from location A and sends the CIPLs to UE 8 at location B.
  • UE B may report these geographically distant CIPLs, collected in real-time, to the serving eNB.
  • the geographically distant CIPLs correspond to cells that are not neighbor cells of the serving cell.
  • these CIPLs correspond to alleged neighbor candidates.
  • the serving node eNB would establish communication with these alleged neighbor cells and add them to the neighbor cell relations. This results in unnecessary neighbor relations being established.
  • UE A does not have to be an actual terminal. It may be some other type of device, as long as it can receive and decode the system information broadcast from LTE eNBs.
  • Establishing unnecessary neighbor relations may drain node eNB's resources and also may limit the capability of node eNB to establish valid neighbor relations, especially when node eNB cannot maintain an unlimited number of neighbor relations.
  • the LTE standard may place no hard restrictions on the number of neighbor relations a cell or eNB may have, the fact that each neighbor cell has a PCI that is unique among the neighbors sets an upper bound.
  • most implementations likely have their own limit on the number of neighbor relations, after which node eNB accepts no new ones until some of the existing ones have been terminated.
  • a node eNB may monitor the usage frequency (and handover success rate) of each cell listed in the neighbor cell relation, so that unnecessary neighbor relations are eventually terminated.
  • Node eNB is affected by false neighbor cells.
  • a new cell or node eNB is entering service in the network. Initially, the new node eNB has no neighbor relations. The neighbor relations are built up gradually, aided by moving terminals. At this point, a malicious terminal has the opportunity to "fill up" node eNB with false neighbor relations, so that there is no more "room” left for real neighbor relations to true neighbors.
  • node eNB determines that most of its neighbor relations are unnecessary and starts removing these unnecessary relations. Until this happens, handovers to and from the new eNB are not possible. Thus, this is a potential threat that should be avoided if possible.
  • Another consequence of adding excessive numbers of false neighbors to a given cell or node eNB is that it increases the risk of PCI conflicts.
  • IKE Internet Key Exchange
  • SEGW site Security Gateway
  • a method for receiving at a receiving base station a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network wherein the user terminal is served initially by the sending base station and then by the receiving base station.
  • the method includes receiving at the receiving base station the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; verifying at the receiving base station the signature of the signed information package; and adding the sending base station to a neighbor cell list based on elements of the verified signed information package.
  • a receiving base station for receiving a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network, wherein the user terminal is served initially by the sending base station and then by the receiving base station.
  • the receiving base station includes a transceiver configured to receive the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; and a processor connected to the transceiver and configured to verify the signature of the signed information package, and to add the sending base station to a neighbor cell list based on elements of the verified signed information package.
  • a receiving base station for receiving a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network, wherein the user terminal is served initially by the sending base station and then by the receiving base station.
  • the receiving base station includes means for receiving the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; and means for verifying the signature of the signed information package, and for adding the sending base station to a neighbor cell list based on elements of the verified signed information package.
  • a computer readable medium including computer executable instructions, wherein the instructions, when executed by a processor of a receiving base station, cause the receiving base station to receive a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network, wherein the user terminal is served initially by the sending base station and then by the receiving base station.
  • the instructions include receiving at the receiving base station the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; verifying at the receiving base station the signature of the signed information package; and adding the sending base station to a neighbor cell list based on elements of the verified signed information package.
  • IPsec IP security (according to RFC 4301)
  • Figure 1 is a schematic diagram of a communication system including base stations
  • Figure 2 is a schematic diagram showing multiple cells of the communication system
  • Figure 3 is a schematic diagram showing how a user terminal migrates from one cell to another cell
  • Figure 4 is a schematic diagram showing various steps performed by the communication system for detecting a neighbor base station
  • Figure 5 is a schematic diagram showing a secure communication path established between two base stations via an operator network
  • Figure 6 is a schematic diagram showing a direct secure communication path established between the two base stations
  • Figure 7 is a schematic diagram showing how a user terminal is positioned relative to two base stations according to an exemplary embodiment
  • Figure 8 is a schematic diagram showing an initial communication between one base station and the user terminal according to an exemplary embodiment
  • Figure 9 is a schematic diagram showing a later communication between another base station and the user terminal according to the exemplary embodiment shown in Figure 8;
  • Figure 10 is a schematic diagram illustrating an interaction among a sending base station, the user terminal, and a receiving base station according to an exemplary embodiment
  • Figure 11 is a flow diagram illustrating steps performed by the receiving base station according to an exemplary embodiment.
  • Figure 12 is a schematic diagram showing one possible structure for the user terminal and/or the base station according to an exemplary embodiment.
  • a new base station includes not only base stations that are just entering into service but also base stations that are not included in the serving base station's neighbor list.
  • 3GPP submission S5-071484 the content of which is incorporated herein by reference, exemplifies this manual operation.
  • FIG. 7 shows a serving base station 12a that serves terminal 18, which belongs to a cell 16a served by the serving base station 12a.
  • a new base station 12b is not known to base station 12a and terminal 18 may detect a signal from the new base station 12b. Based on this detection, serving base station 12a discovers about the existence of new base station 12b.
  • base station 12a needs the address of new base station 12b in order to be able to communicate with new base station 12b.
  • This address may be obtained by base station 12a via terminal 18.
  • a problem with this mechanism is that it is possible for terminal 18 to "lie" about what it hears, and thus, inject false information about the network into the network's configuration. The impact of this false information has been discussed above in the Background section.
  • Another problem with this mechanism is that base station 12a has to discover base station 12b prior to communicating with base station 12b.
  • the individual access points will, however, not have any prior knowledge of each other, and establishing secure communications with the prior access point through normal means (such as communication through a common trusted relay point) may be relatively costly in time. However, in a handover situation where the time is of essence, the connecting mechanism is too slow.
  • the novel mechanisms to be discussed in the following exemplary embodiments provide a method of passing information between two base stations without requiring prior knowledge of the receiving base station, and also without requiring more bandwidth than that required to transfer one message.
  • the sending base station 12a transfers a signed information package (SIP) to terminal 18 at some point during the terminal's connection (attachment, association, binding) with the serving base station 12a.
  • the SIP may be for example a signed cookie, as used in web based computer applications.
  • a terminal is considered to be a generic name for any device capable of exchanging information with a base station in a communication network.
  • a terminal may be a mobile phone connected to a telecommunication network.
  • the SIP may be, according to an exemplary embodiment, encrypted based on methods known by those skilled in the art.
  • the SIP may be encoded based on a commercially available encryption mechanism.
  • FIG 8 also shows that new base station 12b is unknown, at this stage, to both the base station 12a and terminal 18.
  • the new base station 12b has its own cell 16b, which is different from cell 16a of base station 12a.
  • the two base stations 12a and 12b are connected to each other in system 10 via network 20, as shown in Figures 1 and 4.
  • Terminal 18 receives the SIP or signed cookie and stores this information in temporary or permanent storage.
  • terminal 18 may establish a connection with the new base station 12b and sends the SIP to the base station 12b.
  • terminal 18 is configured to periodically send the SIP to base station 12b while in another exemplary embodiment, terminal 18 sends only once the SIP to base station 12b.
  • Terminal 18 may be configured to send the SIP to any new base station, i.e., any base station that becomes the serving base station for terminal 18.
  • terminal 18 may be configured to send the SIP only to a base station that is determined to be new.
  • terminal 18 Upon establishing this new connection between terminal 18 and the new base station 12b, terminal 18 passes the SIP package to the new base station 12b.
  • the serving base station 12a sends only the last N octets of the SIP and the terminal forwards only the last "N" octets to the new base station 12b, in an effort to reduce the amount of symbols transmitted among the components of the communication network 10.
  • N may be any integer number between 2 and 10.
  • the new base station 12b may verify the signature of the SIP package, optionally decrypts the content if encrypted, for example, using IKE or IKEv2 encryption methods, and then use the information in the SIP package to enhance its operation, e.g., to generate or update the neighbor cell list.
  • Terminal 18 may store SIPs from multiple base stations and transmit those SIPs to a current serving base station such that the current serving base station may establish connection with multiple existing base stations.
  • the information in the SIP package may contain a timestamp of its creation, the identity of the sending base station, the position of the sending base station, etc.
  • the information provided may be used to confirm the validity of the information and the fact that the new base station is indeed a neighbor of the serving base station.
  • the timestamp and the position indication may be used to prevent replay attacks by malicious terminals or base stations.
  • the new base station may build the neighbor cell list based on the received SIP package.
  • the timestamp may be implicitly included in the SIP and the neighbor base station may use fixed time increments when verifying the SIP to determine whether the SIP was sent recently or otherwise discards the received SIP.
  • the neighbor base station verifies the "age" of the SIP and accepts only recent SIPs.
  • the sending base station generates the information package and adds a signature to it to generate the SIP.
  • the sending base station sends the signed information package to the user terminal.
  • the user terminal receives the SIP and stores it.
  • the user terminal leaves the sending base station and enters the receiving base station range, i.e., the serving base station is changed from the sending base station to the receiving base station.
  • the user terminal and the receiving base station establish a communication link and in step 106 the user terminal forwards the SIP to the receiving base station.
  • the receiving base station verifies the signature of the sending base station and if the receiving base station determines that this signature is authentic, the receiving base station adds in step 110 the sending base station to its neighbor cell list.
  • step 1100 the receiving base station receives the signed information package from the user terminal, where the signed information package includes a signature of the sending base station and includes information related to the sending base station.
  • step 1102 the receiving base station verifies the signature of the signed information package and in step 1104 the receiving base station adds the sending base station to a neighbor cell list based on elements of the verified signed information package.
  • the receiving base station is capable of populating its neighbor cell list with the neighbor cells and base stations, without directly communicating with the sending base station.
  • the sending base station does not have to know an address of the receiving base station.
  • information may be passed to base stations which are unknown to the sending base station, making feasible the dynamic growth and change of the set of base stations.
  • the information package may contain information about the sending base station, which makes it possible for the receiving base station to contact the sending base station through more conventional means, these novel mechanisms may also provide a dynamic discovery and the establishment of the network's composition and state, without the need for management actions to explicitly update the network nodes with knowledge about other nearby nodes and their states.
  • the bandwidth consumed by each information package is independent of the size of the network (in terms of number of nodes), which is not the case for the conventional information broadcast mechanisms.
  • FIG. 12 For purposes of illustration and not of limitation, an example of a representative computing system capable of carrying out operations in accordance with the exemplary embodiments is illustrated in Figure 12.
  • the computing system may be a user terminal or a base station. It should be recognized, however, that the principles of the present exemplary embodiments are equally applicable to standard computing systems.
  • the exemplary mobile computing arrangement 1200 may include a processing/control unit 1202, such as a microprocessor, reduced instruction set computer (RISC), or other central processing module.
  • the processing unit 1202 need not be a single device, and may include one or more processors.
  • the processing unit 1202 may include a master processor and associated slave processors coupled to communicate with the master processor.
  • the processing unit 1202 may control the basic functions of the mobile terminal as dictated by programs available in the storage/memory 1204.
  • the processing unit 1202 may execute the functions described in Figures 8 and 9. More particularly, the storage/memory 1204 may include an operating system and program modules for carrying out functions and applications on the mobile terminal.
  • the program storage may include one or more of read-only memory (ROM), flash ROM, programmable and/or erasable ROM, random access memory (RAM), subscriber interface module (SIM), wireless interface module (WIM), smart card, or other removable memory device, etc.
  • ROM read-only memory
  • flash ROM programmable and/or erasable ROM
  • RAM random access memory
  • SIM subscriber interface module
  • WIM wireless interface module
  • smart card or other removable memory device, etc.
  • the program modules and associated features may also be transmitted to the mobile computing arrangement 1200 via data signals, such as being downloaded electronically via a network, such as the Internet.
  • One of the programs that may be stored in the storage/memory 1204 is a specific program 1206.
  • the specific program 1206 may interact with a location server and/or a presence server to fetch and/or subscribe to presence information of one or more presentities.
  • the program 1206 and associated features may be implemented in software and/or firmware operable by way of the processor 1202.
  • the program storage/memory 1204 may also be used to store data 1208, such as the various authentication rules, or other data associated with the present exemplary embodiments.
  • the programs 1206 and data 1208 are stored in non-volatile electrically-erasable, programmable ROM (EEPROM), flash ROM, etc. so that the information is not lost upon power down of the mobile terminal 1200.
  • EEPROM electrically-erasable, programmable ROM
  • the processor 1202 may also be coupled to user interface 1210 elements associated with the mobile terminal.
  • the user interface 1210 of the mobile terminal may include, for example, a display 1212 such as a liquid crystal display, a keypad 1214, speaker 1216, and a microphone 1218. These and other user interface components are coupled to the processor 1202 as is known in the art.
  • the keypad 1214 may include alpha-numeric keys for performing a variety of functions, including dialing numbers and executing operations assigned to one or more keys.
  • other user interface mechanisms may be employed, such as voice commands, switches, touch pad/screen, graphical user interface using a pointing device, trackball, joystick, or any other user interface mechanism.
  • the mobile computing arrangement 1200 may also include a digital signal processor (DSP) 1220.
  • the DSP 1220 may perform a variety of functions, including analog-to-digital (A/D) conversion, digital-to-analog (D/A) conversion, speech coding/decoding, encryption/decryption, error detection and correction, bit stream translation, filtering, etc.
  • the transceiver 1222 generally coupled to an antenna 1224, may transmit and receive the radio signals associated with a wireless device.
  • the mobile computing arrangement 1200 of Figure 12 is provided as a representative example of a computing environment in which the principles of the present exemplary embodiments may be applied. From the description provided herein, those skilled in the art will appreciate that the present invention is equally applicable in a variety of other currently known and future mobile and fixed computing environments.
  • the specific application 1206 and associated features, and data 1208, may be stored in a variety of manners, may be operable on a variety of processing devices, and may be operable in mobile devices having additional, fewer, or different supporting circuitry and user interface mechanisms. It is noted that the principles of the present exemplary embodiments are equally applicable to non-mobile terminals, i.e., landline computing systems.
  • the disclosed exemplary embodiments provide a user terminal, a system, a method and a computer program product for enabling communication to another node in a communication network, when the another node's address is not known. It should be understood that this description is not intended to limit the invention. On the contrary, the exemplary embodiments are intended to cover alternatives, modifications and equivalents, which are included in the spirit and scope of the invention as defined by the appended claims. Further, in the detailed description of the exemplary embodiments, numerous specific details are set forth in order to provide a comprehensive understanding of the claimed invention. However, one skilled in the art would understand that various embodiments may be practiced without such specific details.

Abstract

A base station, computer medium and method for receiving at a receiving base station a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network, wherein the user terminal is served initially by the sending base station and then by the receiving base station. The method includes receiving at the receiving base station the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; verifying at the receiving base station the signature of the signed information package; and adding the sending base station to a neighbor cell list based on elements of the verified signed information package.

Description

Inter-Base Stations Communication using Terminal Device
RELATED APPLICATION
[0001] This application is related to International Patent Application No.
PCT/IB2008/002275, filed on September 2, 2008, entitled "Verifying Neighbor Cell," to J. Rune et al., attorney Docket No. 0110-302/P25810, the entire disclosure of which is incorporated here by reference.
TECHNICAL FIELD
[0002] The present invention generally relates to radio communication systems, devices, software and methods and, more particularly, to mechanisms and techniques for transferring information among base stations when a destination base station is not known.
BACKGROUND
[0003] During the past years, the interest in radio access technologies for providing services for voice, video and data has increased. There are various telecom technologies used in cellular communications. The most widespread radio access technology for mobile communication is digital cellular. Increased interest is shown in 3G (third generation) systems. 3G systems and, then, even higher bandwidth radio communications introduced by Universal Terrestrial Radio Access (UTRA) standards made applications like surfing the web more easily accessible to millions of users. [0004] Even as new network designs are rolled out by network manufacturers, future systems which provide greater data throughputs to end user devices are under discussion and development. For example, the so-called 3GPP Long Term Evolution (LTE) standardization project is intended to provide a technical basis for radio communications in the decades to come. Among other things of note with regard to LTE systems is that they will provide for creation of neighbor cell relations in eNBs, where an eNB is the node of the LTE system. Systems other than LTE are also designed such that nodes of the system communicate among themselves. However, in order to have a safe communication among the nodes, various mechanisms are used. Mechanisms for securely transferring information directly between base stations (or access points) of a wireless network may use direct communication links as disclosed for example in RFC 4067, "Context Transfer Protocol (TCXP)", http://tools.ietf.org/html/rfc4067, the entire content of which is incorporated here by reference.
[0005] More specifically, with respect to Figure 1 , a telecommunication system
10 may include one or more eNBs 12 that are connected via an interface S1 to a core network 14 of the system. Another interface X2 connects the eNBs 12 among themselves. One eNB may serve one or more cells 16. For simplicity, in the following discussion, the generic term "base station" is used to refer to an eNB node in the LTE system or a NodeB in a WCDMA system or to other nodes of other systems as will be appreciated by those skilled in the art. Also for simplicity, it is assumed that each node eNB serves only one cell although an eNB node may serve multiple nodes. [0006] In the following, the base station with which the user terminal currently communicates is referred to as the "serving base station" and a neighbor base station is referred to as the "neighbor base station." The user terminal may communicate with the neighbor base station while being served by the serving base station. Each cell in a telecommunication system is assigned one of 504 possible physical cell identities (PCI). The PCI may be broadcasted on layer 1 in the cell. Knowledge of the PCI of the cell is needed for a terminal (also called user equipment, user terminal) to correctly decode a downlink transmission in a cell. Thus, the PCI is used to distinguish cells from each other and to enable decoding of downlink transmissions. Because the 504 different PCIs are not enough to give every cell a unique PCI (i.e., there are more than 504 cells in a given telecommunication network), the PCIs are reused in a radio network. Figure 2 illustrates an example of how the PCIs of cells in a telecommunication network are reused. Sufficient reuse distances should be used between cells A and C that have the same PCI, so that PCI conflicts are minimized. However, when PCI conflicts occur, these conflicts should be resolved, i.e., at least one cell should have its PCI changed so that the conflict is eliminated. The PCI is a physical layer parameter, which may be easily and quickly read by a terminal. This parameter is reported to the base stations together with Reference Signal Received Power (RSRP) levels in measurement reports generated by the terminals.
[0007] The PCI is relevant to another aspect of a telecommunication system, which is discussed next. During a call, a mobile terminal 18 may move around from a serving cell 16a to a neighbor cell 16b, thus moving from one cell to one of its neighbors repeatedly. A list of the known neighbor cells of the serving cell 16a (the same is true for each serving cell), called "neighbor cell set" or "neighbor cell list" may be used both by the network 10 and by the mobile terminal 18 to enable reliable handover between cells. The network 10 may store information relating to a neighbor cell set for each mobile terminal. The neighbor cell set may be used for evaluation and handover of any mobile terminal, from one cell to another cell, as the mobile terminal crosses a cell boundary. The neighbor cell set may be generated based on the PCIs of the cells in the network. A factor that affects the neighbor cell set is the fact that the cell boundaries are not sharply defined. The cell boundaries are somewhat blurred as the range of the base stations overlap with one another and thus, these facts need to be taken into account when generating the neighbor cell list.
[0008] A different approach for avoiding PCI conflict is the use of a Global or
Network Level Cell Identity. Different terms are used for the global or network level cell identity. The term used in this disclosure is Cell Identity PLMN Level (CIPL), in which PLMN stands for Public Land Mobile Network. A CIPL is unique within the PLMN. Thus, there is no conflict between any two cells in the PLMN. The combination of a CIPL identity within the PLMN (e.g., Mobile Country Code (MCC) combined with a Mobile Network Code (MNC)) becomes a globally unique identification of a cell. The CIPL identity may be included in the system information that is periodically broadcast in each cell. Because a CIPL, unlike a PCI, is unique within a PLMN, no reuse coordination of CIPLs is needed. [0009] However, using CIPL and PLMN identity is much more demanding for a terminal than reading the PCI. The usage of the CIPL and PLMN requires that the terminal is properly synchronized with the cell and that the terminal waits for a periodic transmission of the relevant part of the system information to occur. [0010] The creation of the neighbor cell list for each cell may be based on the
PCI or the combination of CIPL and PLMN discussed above. In most cellular systems, the creation of the neighbor cell list is a management task that takes into account the configuration of the system. However, in LTE, this method is abandoned in favor of automatic detection of neighbor cells aided by the user terminal and subsequent automatic creation of the neighbor list, establishment of the X2 interface, and exchange of relevant information between the involved eNBs (unless the neighboring cells belong to the same eNB, in which case the neighbor relation creation, albeit possibly not neighbor detection, is an entirely eNB internal matter).
[0011] This approach relies on measurement reports from active terminals to detect neighbor cells. The reports may include the PCIs (as well as other measurement parameters) of detected cells. When a PCI of a base station that is new to the serving eNB is reported, the serving eNB requests the terminal to read and report the CIPL and PLMN identity of the new cell with the relevant PCI. This action requires that the serving eNB schedules a measurement gap, i.e., a gap in the regular transmissions to and from the terminal, during which the terminal may tune and synchronize its receiver to the other cell until the CIPL and PLMN identity has been received. [0012] When the terminal has reported the CIPL and PLMN identity of the new possible neighbor cell, the serving node eNB may conclude that the new cell belongs to the same PLMN as the serving node eNB itself, and may choose to include the new cell into its list of neighbor cells. The serving node eNB then may use the CIPL to retrieve the IP address of the neighbor node eNB, which serves the detected new cell, establish the X2 interface with this neighbor node eNB (unless the X2 interface was already established), and exchange information which is relevant for the X2 interface and the neighbor relation. This process of building neighbor cell lists is referred to as Automatic Neighbor Relation (ANR).
[0013] Figure 4 illustrates a possible exchange of information between serving node eNB 12a, new node eNB 12b and a terminal 18 served by the serving node eNB 12a. In step 1 , terminal 18 detects the PCI of the new node eNB 12b. In step 2, terminal 18 reports the PCI and other measurements of the new node eNB 12b to serving node 12a. In step 3, the serving node eNB 12a schedules the measurement gap during which terminal 18 synchronizes with new node eNB 12b to detect other parameters of the new node eNB 12b. Then, in step 4, the serving node eNB 12a instructs terminal 18 to detect PLMN and CIPL of new node eNB 12b. In step 5, terminal 18 receives the PLMN and CIPL from new node eNB 12b and in step 6 terminal 18 transmits this information to the serving node eNB 12a. Based on this information, the serving node eNB 12a and the new node eNB 12b establish interface X2 and each generate/update its neighbor relation. The interface X2 may be part of a transport network 20, which may be implemented as a landline. [0014] A concern exists when new cells are entering the system and neighbor cell relations are generated. This concern is related to the security of the system and is addressed next. The communication between two eNBs is supposed to be performed via the operator's protected zone (part of the Network Domain Security (NDS), see for example 3GPP TS 33.210 v7.3.0, "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Network Domain Security; IP network layer security (Release 7)", September 2007, the entire content of which is incorporated here by reference). It is also supposed that each eNB 12a and 12b (or each eNB site) has established a secure communication path 22 to the operator network 24, as shown in Figure 5. Thus, the two eNBs 12a and 12b communicate via a virtual private network (VPN), which means that the two eNBs trust each other and their mutual communication is secure. The communication path 26 over the X2 interface is also secure while communications over network 28 are insecure.
[0015] Alternatively, the two nodes eNBs may communicate directly, without being routed via the operator's NDS zone, as shown in Figure 6. In this case, each pair of nodes eNB (or pair of eNB sites) having neighbor relations has to secure the mutual communication of the nodes of the pair. Securing the communication may be achieved using IP security (IPsec, according to RFC 4301) based on Security Association (SAs) established using Internet Key Exchange version 2 (IKEv2) authenticated by certificates. In this alternative, the certificates and IPsec provide a similar security as in the NDS case, i.e., the pair of nodes eNBs can trust each other and their mutual communication 22 is secure as illustrated in Figure 6. In addition, Figure 6 shows that the secure communication 22 is not routed via the operator's NDS zone 24.
[0016] Using direct communication via eNB-eNB X2 interface achieves a shorter communication path and eliminates the cryptographic operations in the operator network's security gateways. Thus, according to one scenario, an X2 communication via the operator network is the initial track and subsequently, a direct eNB-eNB X2 communication path may be established as the final communication path.
[0017] However, a couple of problems to be discussed next affect the above noted setup for eNB to eNB communications. A first problem affecting the above described procedure for generating and implementing neighbor relations is that although the actual neighbor relation establishment is secure, in terms of trust relations and protected communication, the relevancy of a reported neighbor is not known. In other words, there is no mechanism for determining whether an alleged neighbor node eNB is indeed a neighbor node. An example is described next to illustrate this problem. Suppose that a malicious terminal reports false CIPLs collected from other parts of the network, which are not neighbor cells of the serving cell. The serving node eNB, not being configured to determine the relevancy of the asserted neighbor cells, would establish unwanted neighbor relations with cells that are in fact not neighbor cells.
[0018] Another example that illustrates this problem is as follows. Suppose that two malicious terminals, UEA and UEB communicate with each other from different (geographically distant) parts of the network. UEA collects CIPLs from location A and sends the CIPLs to UE8 at location B. Then, UEB may report these geographically distant CIPLs, collected in real-time, to the serving eNB. The geographically distant CIPLs correspond to cells that are not neighbor cells of the serving cell. Thus, these CIPLs correspond to alleged neighbor candidates. Not having a mechanism to check that the alleged neighbor candidates are neighbors indeed, the serving node eNB would establish communication with these alleged neighbor cells and add them to the neighbor cell relations. This results in unnecessary neighbor relations being established. In this context, UEA does not have to be an actual terminal. It may be some other type of device, as long as it can receive and decode the system information broadcast from LTE eNBs. [0019] Establishing unnecessary neighbor relations may drain node eNB's resources and also may limit the capability of node eNB to establish valid neighbor relations, especially when node eNB cannot maintain an unlimited number of neighbor relations. Although the LTE standard may place no hard restrictions on the number of neighbor relations a cell or eNB may have, the fact that each neighbor cell has a PCI that is unique among the neighbors sets an upper bound. In addition, most implementations likely have their own limit on the number of neighbor relations, after which node eNB accepts no new ones until some of the existing ones have been terminated. In practice, a node eNB may monitor the usage frequency (and handover success rate) of each cell listed in the neighbor cell relation, so that unnecessary neighbor relations are eventually terminated. [0020] Still another example when node eNB is affected by false neighbor cells is discussed next. Suppose that a new cell or node eNB is entering service in the network. Initially, the new node eNB has no neighbor relations. The neighbor relations are built up gradually, aided by moving terminals. At this point, a malicious terminal has the opportunity to "fill up" node eNB with false neighbor relations, so that there is no more "room" left for real neighbor relations to true neighbors. It will then take some time (which is implementation dependent) until node eNB determines that most of its neighbor relations are unnecessary and starts removing these unnecessary relations. Until this happens, handovers to and from the new eNB are not possible. Thus, this is a potential threat that should be avoided if possible.
[0021] Another consequence of adding excessive numbers of false neighbors to a given cell or node eNB is that it increases the risk of PCI conflicts. In addition, it will be increasingly hard to find a collision free PCI for a cell whose PCI has to be changed because of a detected PCI collision or for a newly deployed cell. This may trigger (sometimes extensive) reshuffling of PCIs among cells in the network in order to avoid (the actually non-existent) PCI conflicts, resulting in traffic disturbances and dropped connections.
[0022] Another problem with establishing neighbor relations relates to the
Internet Key Exchange (IKE) processing performed by node eNB or a site Security Gateway (SEGW) in establishing security association for direct X2 communications. It may well be the case that X2 communication via the operator network as shown in Figure 5 introduces large latency, e.g., for handover situations because of multiple encryptions and decryptions and other cryptographic operations performed by the repeated IPsec processing on the path, so that direct X2 communication as shown in Figure 6 is preferable.
[0023] Hence, when serving node eNB is presented with a new neighbor, or a new neighboring site, this may trigger heavy public key cryptography operations of IKE, reducing the available capacity in node eNB or SEGW for other operations. Generating multiple X2 connections to alleged node neighbors may trigger a Denial- of-Service attack on both serving and alleged neighbor nodes. In particular, by presenting a particular alleged neighbor node eNB to multiple serving nodes eNBs in a distributed and synchronized attack, the alleged neighbor node may be "detained" when establishing unnecessary secure connections between nodes eNBs or sites. This attack may be effective not only during the network deployment phase but under other scenarios.
[0024] Although malicious terminals are not very often present and considerable knowledge is required to create one, the threat of manipulated terminals interfering with network activities is serious and problematic for existing networks. When the network, as in the case of neighbor cell detection in LTE, makes itself dependent on terminals for network configuration matters, the potential attack to the nodes is real.
[0025] In addition, simply relying on successful handovers as a verification of neighbor cell validity may not suffice, because neighbor relations and X2 interfaces may be established for other purposes than handovers, e.g., for inter-cell interference coordination (ICIC). Because handovers among such neighbor cells (interested in ICIC) may never be performed, leaves the neighbor relation invalidated. Thus, neither of the mechanisms discussed above is capable of using a small amount of bandwidth for communicating information to a base station for which an address is not available.
[0026] Accordingly, it would be desirable to provide devices, systems and methods for speech and video communications that avoid the afore-described problems and drawbacks.
SUMMARY
[0027] According to an exemplary embodiment, there is a method for receiving at a receiving base station a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network, wherein the user terminal is served initially by the sending base station and then by the receiving base station. The method includes receiving at the receiving base station the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; verifying at the receiving base station the signature of the signed information package; and adding the sending base station to a neighbor cell list based on elements of the verified signed information package. [0028] According to another exemplary embodiment, there is a receiving base station for receiving a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network, wherein the user terminal is served initially by the sending base station and then by the receiving base station. The receiving base station includes a transceiver configured to receive the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; and a processor connected to the transceiver and configured to verify the signature of the signed information package, and to add the sending base station to a neighbor cell list based on elements of the verified signed information package.
[0029] According to still another exemplary embodiment, there is a receiving base station for receiving a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network, wherein the user terminal is served initially by the sending base station and then by the receiving base station. The receiving base station includes means for receiving the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; and means for verifying the signature of the signed information package, and for adding the sending base station to a neighbor cell list based on elements of the verified signed information package.
[0030] According to yet another exemplary embodiment, there is a computer readable medium including computer executable instructions, wherein the instructions, when executed by a processor of a receiving base station, cause the receiving base station to receive a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network, wherein the user terminal is served initially by the sending base station and then by the receiving base station. The instructions include receiving at the receiving base station the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; verifying at the receiving base station the signature of the signed information package; and adding the sending base station to a neighbor cell list based on elements of the verified signed information package.
LIST OF ABBREVIATIONS
3G 3rd generation
3GPP 3rd Generation Partnership Project
ANR Automatic Neighbor Relation
CIPL Cell Identity PLMN Level eNB eNode B
ICIC Inter-Cell Interference Coordination
IKE Internet Key Exchange
IKEv2 Internet Key Exchange version 2
IPsec IP security (according to RFC 4301)
IP Internet Protocol
LTE Long Term Evolution
MCC Mobile Country Code MNC Mobile Network Code
NDS Network Domain Security
PCI Physical Cell Identity
PLMN Public Land Mobile Network
RNC Radio Network Controller
RSRP Reference Signal Received Power
SA Security Association
SEGW Security Gateway
SIP Signed Information Package
UE User Equipment
UTRAN Universal Terrestrial Radio Access Network
VPN Virtual Private Network
X2 The interface between two eNode Bs in LTE.
BRIEF DESCRIPTION OF THE DRAWINGS
[0031] The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate one or more embodiments and, together with the description, explain these embodiments. In the drawings:
[0032] Figure 1 is a schematic diagram of a communication system including base stations;
[0033] Figure 2 is a schematic diagram showing multiple cells of the communication system; [0034] Figure 3 is a schematic diagram showing how a user terminal migrates from one cell to another cell;
[0035] Figure 4 is a schematic diagram showing various steps performed by the communication system for detecting a neighbor base station;
[0036] Figure 5 is a schematic diagram showing a secure communication path established between two base stations via an operator network;
[0037] Figure 6 is a schematic diagram showing a direct secure communication path established between the two base stations;
[0038] Figure 7 is a schematic diagram showing how a user terminal is positioned relative to two base stations according to an exemplary embodiment;
[0039] Figure 8 is a schematic diagram showing an initial communication between one base station and the user terminal according to an exemplary embodiment;
[0040] Figure 9 is a schematic diagram showing a later communication between another base station and the user terminal according to the exemplary embodiment shown in Figure 8;
[0041] Figure 10 is a schematic diagram illustrating an interaction among a sending base station, the user terminal, and a receiving base station according to an exemplary embodiment;
[0042] Figure 11 is a flow diagram illustrating steps performed by the receiving base station according to an exemplary embodiment; and
[0043] Figure 12 is a schematic diagram showing one possible structure for the user terminal and/or the base station according to an exemplary embodiment. DETAILED DESCRIPTION
[0044] The following description of the exemplary embodiments refers to the accompanying drawings. The same reference numbers in different drawings identify the same or similar elements. The following detailed description does not limit the invention. Instead, the scope of the invention is defined by the appended claims. [0045] Reference throughout the specification to "one embodiment" or "an embodiment" means that a particular feature, structure, or characteristic described in connection with an embodiment is included in at least one embodiment of the present invention. Thus, the appearance of the phrases "in one embodiment" or "in an embodiment" in various places throughout the specification are not necessarily all referring to the same embodiment. Further, the particular features, structures or characteristics may be combined in any suitable manner in one or more embodiments. [0046] Prior to presenting the novel mechanisms for allowing a serving base station to communicate with a potential new base station when the serving base station does not know about the existence of the new base station or the serving base station does not have an address of the neighbor base station, two exemplary cases are discussed that highlight the need of having such mechanisms. A new base station includes not only base stations that are just entering into service but also base stations that are not included in the serving base station's neighbor list. [0047] In the first exemplary case, there is a need to automatically configure networks of radio base-stations, i.e., building and updating neighbor relationships, instead of manually performing this operation. 3GPP submission S5-071484, the content of which is incorporated herein by reference, exemplifies this manual operation. To achieve the automatic configuration, there is a need to have a discovery mechanism which will allow new base stations to be discovered by existing base stations as the new base stations become active. One way of discovering the new base stations is to instruct a terminal to report back to its serving base station, which new base stations it can hear. In this respect, Figure 7 shows a serving base station 12a that serves terminal 18, which belongs to a cell 16a served by the serving base station 12a. Suppose that a new base station 12b is not known to base station 12a and terminal 18 may detect a signal from the new base station 12b. Based on this detection, serving base station 12a discovers about the existence of new base station 12b. However, base station 12a needs the address of new base station 12b in order to be able to communicate with new base station 12b. This address may be obtained by base station 12a via terminal 18. A problem with this mechanism is that it is possible for terminal 18 to "lie" about what it hears, and thus, inject false information about the network into the network's configuration. The impact of this false information has been discussed above in the Background section. Another problem with this mechanism is that base station 12a has to discover base station 12b prior to communicating with base station 12b. [0048] In the second exemplary case, there is a need to perform proper address assignment in an IP network with distributed autonomous wireless access points. Thus, for this case, it may be necessary for a new access point to know the address assigned by a previous access point. The individual access points will, however, not have any prior knowledge of each other, and establishing secure communications with the prior access point through normal means (such as communication through a common trusted relay point) may be relatively costly in time. However, in a handover situation where the time is of essence, the connecting mechanism is too slow.
[0049] Thus, the novel mechanisms to be discussed in the following exemplary embodiments provide a method of passing information between two base stations without requiring prior knowledge of the receiving base station, and also without requiring more bandwidth than that required to transfer one message. [0050] According to an exemplary embodiment shown in Figure 8, the sending base station 12a transfers a signed information package (SIP) to terminal 18 at some point during the terminal's connection (attachment, association, binding) with the serving base station 12a. The SIP may be for example a signed cookie, as used in web based computer applications. A terminal is considered to be a generic name for any device capable of exchanging information with a base station in a communication network. For example, a terminal may be a mobile phone connected to a telecommunication network. The SIP may be, according to an exemplary embodiment, encrypted based on methods known by those skilled in the art. For example, the SIP may be encoded based on a commercially available encryption mechanism.
[0051] Figure 8 also shows that new base station 12b is unknown, at this stage, to both the base station 12a and terminal 18. The new base station 12b has its own cell 16b, which is different from cell 16a of base station 12a. The two base stations 12a and 12b are connected to each other in system 10 via network 20, as shown in Figures 1 and 4.
[0052] Terminal 18 receives the SIP or signed cookie and stores this information in temporary or permanent storage. When terminal 18 moves to another cell 16b (which is adjacent to cell 16a) as shown in Figure 9, terminal 18 may establish a connection with the new base station 12b and sends the SIP to the base station 12b. In one exemplary embodiment, terminal 18 is configured to periodically send the SIP to base station 12b while in another exemplary embodiment, terminal 18 sends only once the SIP to base station 12b. Terminal 18 may be configured to send the SIP to any new base station, i.e., any base station that becomes the serving base station for terminal 18. In another exemplary embodiment, terminal 18 may be configured to send the SIP only to a base station that is determined to be new. Upon establishing this new connection between terminal 18 and the new base station 12b, terminal 18 passes the SIP package to the new base station 12b. In one exemplary embodiment, the serving base station 12a sends only the last N octets of the SIP and the terminal forwards only the last "N" octets to the new base station 12b, in an effort to reduce the amount of symbols transmitted among the components of the communication network 10. "N" may be any integer number between 2 and 10.
[0053] The new base station 12b may verify the signature of the SIP package, optionally decrypts the content if encrypted, for example, using IKE or IKEv2 encryption methods, and then use the information in the SIP package to enhance its operation, e.g., to generate or update the neighbor cell list. Terminal 18 may store SIPs from multiple base stations and transmit those SIPs to a current serving base station such that the current serving base station may establish connection with multiple existing base stations.
[0054] The information in the SIP package may contain a timestamp of its creation, the identity of the sending base station, the position of the sending base station, etc. The information provided may be used to confirm the validity of the information and the fact that the new base station is indeed a neighbor of the serving base station. According to an exemplary embodiment, the timestamp and the position indication may be used to prevent replay attacks by malicious terminals or base stations. Also, the new base station may build the neighbor cell list based on the received SIP package. Mechanisms for determining from the received SIP that the two base stations are neighbors are disclosed, for example, in International Patent Application No. PCT/IB2008/002275, filed on September 2, 2008, entitled "Verifying Neighbor Cell," to J. Rune et al., disclosed above. [0055] According to another exemplary embodiment, the timestamp may be implicitly included in the SIP and the neighbor base station may use fixed time increments when verifying the SIP to determine whether the SIP was sent recently or otherwise discards the received SIP. In other words, according to this exemplary embodiment the neighbor base station verifies the "age" of the SIP and accepts only recent SIPs.
[0056] According to an exemplary embodiment shown in Figure 10, the operation of system 10 is discussed. The sending base station generates the information package and adds a signature to it to generate the SIP. In step 100, the sending base station sends the signed information package to the user terminal. The user terminal receives the SIP and stores it. In step 102, the user terminal leaves the sending base station and enters the receiving base station range, i.e., the serving base station is changed from the sending base station to the receiving base station. In step 104, the user terminal and the receiving base station establish a communication link and in step 106 the user terminal forwards the SIP to the receiving base station. In step 108, the receiving base station verifies the signature of the sending base station and if the receiving base station determines that this signature is authentic, the receiving base station adds in step 110 the sending base station to its neighbor cell list.
[0057] An exemplary method for implementing the above discussed novel mechanisms in a processor of a base station is discussed with regard to Figure 11. With regard to Figure 11 , in step 1100, the receiving base station receives the signed information package from the user terminal, where the signed information package includes a signature of the sending base station and includes information related to the sending base station. In step 1102, the receiving base station verifies the signature of the signed information package and in step 1104 the receiving base station adds the sending base station to a neighbor cell list based on elements of the verified signed information package.
[0058] In this way, according to an exemplary embodiment, the receiving base station is capable of populating its neighbor cell list with the neighbor cells and base stations, without directly communicating with the sending base station. In addition, the sending base station does not have to know an address of the receiving base station. Thus, information may be passed to base stations which are unknown to the sending base station, making feasible the dynamic growth and change of the set of base stations.
[0059] Because the information package may contain information about the sending base station, which makes it possible for the receiving base station to contact the sending base station through more conventional means, these novel mechanisms may also provide a dynamic discovery and the establishment of the network's composition and state, without the need for management actions to explicitly update the network nodes with knowledge about other nearby nodes and their states.
[0060] According to the exemplary embodiments, the bandwidth consumed by each information package is independent of the size of the network (in terms of number of nodes), which is not the case for the conventional information broadcast mechanisms.
[0061] For purposes of illustration and not of limitation, an example of a representative computing system capable of carrying out operations in accordance with the exemplary embodiments is illustrated in Figure 12. The computing system may be a user terminal or a base station. It should be recognized, however, that the principles of the present exemplary embodiments are equally applicable to standard computing systems.
[0062] The exemplary mobile computing arrangement 1200 may include a processing/control unit 1202, such as a microprocessor, reduced instruction set computer (RISC), or other central processing module. The processing unit 1202 need not be a single device, and may include one or more processors. For example, the processing unit 1202 may include a master processor and associated slave processors coupled to communicate with the master processor. [0063] The processing unit 1202 may control the basic functions of the mobile terminal as dictated by programs available in the storage/memory 1204. Thus, the processing unit 1202 may execute the functions described in Figures 8 and 9. More particularly, the storage/memory 1204 may include an operating system and program modules for carrying out functions and applications on the mobile terminal. For example, the program storage may include one or more of read-only memory (ROM), flash ROM, programmable and/or erasable ROM, random access memory (RAM), subscriber interface module (SIM), wireless interface module (WIM), smart card, or other removable memory device, etc. The program modules and associated features may also be transmitted to the mobile computing arrangement 1200 via data signals, such as being downloaded electronically via a network, such as the Internet.
[0064] One of the programs that may be stored in the storage/memory 1204 is a specific program 1206. As previously described, the specific program 1206 may interact with a location server and/or a presence server to fetch and/or subscribe to presence information of one or more presentities. The program 1206 and associated features may be implemented in software and/or firmware operable by way of the processor 1202. The program storage/memory 1204 may also be used to store data 1208, such as the various authentication rules, or other data associated with the present exemplary embodiments. In one exemplary embodiment, the programs 1206 and data 1208 are stored in non-volatile electrically-erasable, programmable ROM (EEPROM), flash ROM, etc. so that the information is not lost upon power down of the mobile terminal 1200.
[0065] The processor 1202 may also be coupled to user interface 1210 elements associated with the mobile terminal. The user interface 1210 of the mobile terminal may include, for example, a display 1212 such as a liquid crystal display, a keypad 1214, speaker 1216, and a microphone 1218. These and other user interface components are coupled to the processor 1202 as is known in the art. The keypad 1214 may include alpha-numeric keys for performing a variety of functions, including dialing numbers and executing operations assigned to one or more keys. Alternatively, other user interface mechanisms may be employed, such as voice commands, switches, touch pad/screen, graphical user interface using a pointing device, trackball, joystick, or any other user interface mechanism. [0066] The mobile computing arrangement 1200 may also include a digital signal processor (DSP) 1220. The DSP 1220 may perform a variety of functions, including analog-to-digital (A/D) conversion, digital-to-analog (D/A) conversion, speech coding/decoding, encryption/decryption, error detection and correction, bit stream translation, filtering, etc. The transceiver 1222, generally coupled to an antenna 1224, may transmit and receive the radio signals associated with a wireless device.
[0067] The mobile computing arrangement 1200 of Figure 12 is provided as a representative example of a computing environment in which the principles of the present exemplary embodiments may be applied. From the description provided herein, those skilled in the art will appreciate that the present invention is equally applicable in a variety of other currently known and future mobile and fixed computing environments. For example, the specific application 1206 and associated features, and data 1208, may be stored in a variety of manners, may be operable on a variety of processing devices, and may be operable in mobile devices having additional, fewer, or different supporting circuitry and user interface mechanisms. It is noted that the principles of the present exemplary embodiments are equally applicable to non-mobile terminals, i.e., landline computing systems. [0068] The disclosed exemplary embodiments provide a user terminal, a system, a method and a computer program product for enabling communication to another node in a communication network, when the another node's address is not known. It should be understood that this description is not intended to limit the invention. On the contrary, the exemplary embodiments are intended to cover alternatives, modifications and equivalents, which are included in the spirit and scope of the invention as defined by the appended claims. Further, in the detailed description of the exemplary embodiments, numerous specific details are set forth in order to provide a comprehensive understanding of the claimed invention. However, one skilled in the art would understand that various embodiments may be practiced without such specific details.
[0069] Although the features and elements of the present exemplary embodiments are described in the embodiments in particular combinations, each feature or element can be used alone without the other features and elements of the embodiments or in various combinations with or without other features and elements disclosed herein. The methods or flow charts provided in the present application may be implemented in a computer program, software, or firmware tangibly embodied in a computer-readable storage medium for execution by a general purpose computer or a processor.

Claims

WHAT IS CLAIMED IS:
1. A method for receiving at a receiving base station a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network, wherein the user terminal is served initially by the sending base station and then by the receiving base station, the method comprising: receiving at the receiving base station the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; verifying at the receiving base station the signature of the signed information package; and adding the sending base station to a neighbor cell list based on elements of the verified signed information package.
2. The method of Claim 1 , wherein the received signed information package does not include an address, of the receiving base station, inserted by the sending base station.
3. The method of Claim 1 , further comprising: maintaining at the receiving base station a neighbor cell list, which does not include the sending base station prior to the verifying step.
4. The method of Claim 1, further comprising: decrypting at the receiving base station the signed information package after the step of receiving.
5. The method of Claim 1 , wherein the elements of the signed information package include one or more of a timestamp of a creation of the signed information package, an identity of the sending base station, and a position of the sending base station.
6. The method of Claim 1 , wherein the step of receiving further comprises: receiving only a last part of the signature of the sending base station.
7. The method of Claim 1 , further comprising: discarding the received signed information package if a predetermined condition is met.
8. The method of Claim 7, wherein the predetermined condition is one or a combination of an age of the signed information package is larger than a predetermined threshold and a location of the sending base station is outside a predetermined range.
9. A receiving base station for receiving a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network, wherein the user terminal is served initially by the sending base station and then by the receiving base station, the receiving base station comprising: a transceiver configured to receive the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; and a processor connected to the transceiver and configured to verify the signature of the signed information package, and to add the sending base station to a neighbor cell list based on elements of the verified signed information package.
10. The receiving base station of Claim 9, wherein the received signed information package does not include an address, of the receiving base station, inserted by the sending base station.
11. The receiving base station of Claim 9, further comprising: a memory device configured to maintain a neighbor cell list, which does not include the receiving base station prior to receiving the signed information package.
12. The receiving base station of Claim 9, wherein the processor is further configured to decrypt the signed information package after receiving.
13. The receiving base station of Claim 9, wherein the elements of the signed information package include one or more of a timestamp of a creation of the signed information package, an identity of the second base station, and a position of the second base station.
14. The receiving base station of Claim 9, wherein the transceiver is further configured to receive only a last part of the signature of the sending base station.
15. The receiving base station of Claim 9, wherein the processor is further configured to discard the received signed information package if a predetermined condition is met.
16. The receiving base station of Claim 15, wherein the predetermined condition is one or a combination of an age of the signed information package is larger than a predetermined threshold and a location of the second base station is outside a predetermined range.
17. A receiving base station for receiving a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network, wherein the user terminal is served initially by the sending base station and then by the receiving base station, the receiving base station comprising: means for receiving the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; and means for verifying the signature of the signed information package, and for adding the sending base station to a neighbor cell list based on elements of the verified signed information package.
18. A computer readable medium including computer executable instructions, wherein the instructions, when executed by a processor of a receiving base station, cause the receiving base station to receive a signed information package from a sending base station via a user terminal, the receiving base station, the user terminal and the sending base station belonging to a communication network, wherein the user terminal is served initially by the sending base station and then by the receiving base station, the instructions comprising: receiving at the receiving base station the signed information package from the user terminal, wherein the signed information package includes a signature of the sending base station and includes information related to the sending base station; verifying at the receiving base station the signature of the signed information package; and adding the sending base station to a neighbor cell list based on elements of the verified signed information package.
19. The medium of Claim 18, wherein the received signed information package does not include an address, of the receiving base station, inserted by the sending base station.
20. The medium of Claim 18, further comprising: maintaining at the receiving base station a neighbor cell list, which does not include the sending base station prior to the verifying instruction.
21. The medium of Claim 18, further comprising: decrypting at the receiving base station the signed information package after the step of receiving.
22. The medium of Claim 18, wherein the elements of the signed information package include one or more of a timestamp of a creation of the signed information package, an identity of the sending base station, and a position of the sending base station.
23. The medium of Claim 18, wherein the step of receiving further comprises: receiving only a last part of the signature of the sending base station.
24. The medium of Claim 18, further comprising: discarding the received signed information package if a predetermined condition is met.
25. The medium of Claim 24, wherein the predetermined condition is one or a combination of an age of the signed information package is larger than a predetermined threshold and a location of the second base station is outside a predetermined range.
PCT/IB2009/006100 2008-09-02 2009-06-29 Inter-base stations communication using terminal device WO2010026452A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US19073008P 2008-09-02 2008-09-02
US61/190,730 2008-09-02

Publications (2)

Publication Number Publication Date
WO2010026452A2 true WO2010026452A2 (en) 2010-03-11
WO2010026452A3 WO2010026452A3 (en) 2010-05-27

Family

ID=41797587

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2009/006100 WO2010026452A2 (en) 2008-09-02 2009-06-29 Inter-base stations communication using terminal device

Country Status (1)

Country Link
WO (1) WO2010026452A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101815301A (en) * 2010-03-17 2010-08-25 华为技术有限公司 Interference coordination method, system and apparatus
US20130155903A1 (en) * 2011-12-16 2013-06-20 Futurewei Technologies, Inc. System and Method of Radio Bearer Management for Multiple Point Transmission

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040166857A1 (en) * 2003-02-20 2004-08-26 Nec Laboratories America, Inc. Secure candidate access router discovery method and system
US20040165551A1 (en) * 2003-02-26 2004-08-26 Govindarajan Krishnamurthi Method of reducing denial-of-service attacks and a system as well as an access router therefor

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040166857A1 (en) * 2003-02-20 2004-08-26 Nec Laboratories America, Inc. Secure candidate access router discovery method and system
US20040165551A1 (en) * 2003-02-26 2004-08-26 Govindarajan Krishnamurthi Method of reducing denial-of-service attacks and a system as well as an access router therefor

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ERICSSON: "Requirements for Automatic Neighbour Relations" 3GPP DRAFT; S5-080409 E REQUIREMENTS FOR ANR, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. SA WG5, no. St Julian, Malta; 20080226, 26 February 2008 (2008-02-26), XP050307020 [retrieved on 2008-02-26] *
T-MOBILE ET AL: "Self configuration & self optimization use cases" 3GPP DRAFT; R3-061974, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. RAN WG3, no. Riga, Latvia; 20061113, 13 November 2006 (2006-11-13), XP050160851 [retrieved on 2006-11-13] *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101815301A (en) * 2010-03-17 2010-08-25 华为技术有限公司 Interference coordination method, system and apparatus
US20130155903A1 (en) * 2011-12-16 2013-06-20 Futurewei Technologies, Inc. System and Method of Radio Bearer Management for Multiple Point Transmission
US9276810B2 (en) * 2011-12-16 2016-03-01 Futurewei Technologies, Inc. System and method of radio bearer management for multiple point transmission
US10680881B2 (en) 2011-12-16 2020-06-09 Futurewei Technologies, Inc. System and method of radio bearer management for multiple point transmission

Also Published As

Publication number Publication date
WO2010026452A3 (en) 2010-05-27

Similar Documents

Publication Publication Date Title
US8630648B2 (en) Verifying neighbor cell
US8549293B2 (en) Method of establishing fast security association for handover between heterogeneous radio access networks
TWI533738B (en) Method and apparatus for self configuration of lte e-node bs
US8498616B2 (en) Method for enabling a base station to connect to a wireless telecommunication network
AU2011207450B2 (en) Method and apparatus for securing wireless relay nodes
US20180359668A1 (en) Operation of a serving node in a network
US20130095789A1 (en) Access point
EP3672324B1 (en) Optimized handovers of wi-fi offload service from a wi-fi network to a cellular network
CN103988567A (en) Method and apparatus for controlling cross link establishment
CN103906162A (en) Framework of media-independent pre-authentication improvements
EP2237587A1 (en) Radio communication system, base station device, gateway device, and radio communication method
KR20150090123A (en) Fast association and address continuity for handoff between unmanaged access points
CN113676904B (en) Slice authentication method and device
US20100118774A1 (en) Method for changing radio channels, composed network and access router
JP5043928B2 (en) Method and apparatus for processing keys used for encryption and integrity
CN112956226B (en) Isolation of false base stations in a communication system
WO2010026452A2 (en) Inter-base stations communication using terminal device
US8483132B2 (en) Apparatus and methods for upgrading an airlink in a wireless system
CN102065507A (en) Framework of media-independent pre-authentication improvements
CN110557753B (en) DNS redirection method based on relay access for public security network access
US20130315205A1 (en) Wireless communication station and transmission interface switching method thereof
WO2023021326A1 (en) Systems and methods for securing wireless communication with device pinning
Nankani Horizontal Handoffs within WLANs: A detailed analysis and measurement concerning voice like traffic
WO2022055402A1 (en) Source and target network nodes and methods therein for preventing agents from illegitimately identifying the source network node when resuming a wireless terminal in a target network node in a wireless communications network

Legal Events

Date Code Title Description
DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09785973

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 09785973

Country of ref document: EP

Kind code of ref document: A2