WO2022219533A1

WO2022219533A1 - Network appliances and a method for gfwa, laas and terms of service compliance over cellular broadband

Info

Publication number: WO2022219533A1
Application number: PCT/IB2022/053432
Authority: WO
Inventors: Lotfi AGUERBAOUI
Original assignee: Societe Kuiklink Technologies
Priority date: 2021-04-12
Filing date: 2022-04-12
Publication date: 2022-10-20
Also published as: TN2021000072A1

Abstract

A cellular data network management system is disclosed, which comprises a cellular data network, a Long Rang WAN, an authorization server, at least one customer premise equipment (CPE) providing access to a cellular data network, which comprises a cellular modem providing a cellular link used to provide a cellular data connection to the cellular data network, and a long range (LR) transceiver providing an access link to an authorization server through a Long Range WAN, wherein the access link carries a message for the authorization server to determine if the CPE is to be authorized an internet service established over the cellular data connection, and the message comprises at least one authorization factor selected from a geolocation of the CPE, one or more geolocating parameter for determining the geolocation of the CPE, one or more parameter related to terms of sendees, or a combination thereof.

Description

NETWORK APPLIANCES AND A METHOD FOR GFWA, LAAS AND TERMS OF SERVICE COMPLIANCE OVER CELLULAR BROADBAND Related Application

This application claims priority to Tunisian Patent Application TN2021/0072, filed on April 12, 2021, the disclosure of which is herein incorporated by reference in its entirety.

Field of the Invention This invention relates in general to telecommunications sector and, in particular, to the field of fixed wireless access technology over cellular broadband.

Background of the Invention

Some WISPs services that are provided by means of cellular broadband CPEs and that are part of service or customer differentiation, generally obligate these CPEs to be compliant to some terms of service. Terms of service, as mentioned herein, may include said CPEs to be immobile or at least limited in mobility (i.e. FWA CPE), and may include to be compliant to a set of service obligations set by either said WISPs, the infrastructure provider or any organization in responsibility of said service. Yet, this is not always possible due respectively, to the ubiquity of cellular signals within a cell, wherein said CPEs attach to the cellular broadband network in similar fashion as mobile devices do, and to the difficulty to use in-band LBS for implementing fixedness-based service policies considering their on-premise local scope and control. This invention provides descriptions of a both a cellular CPE and a method targeting these issues.

For the purposes of the present invention, the following acronyms shall have the definitions below:

API Application Programming Interface

AVP Attribute Value Pair

COA Change of Authorization

CPE Customer Premise Equipment

CPU Central Processing Unit DAC Dynamic Authorization Client

DAS Dynamic Authorization Server eSIM Embedded Subscriber Identity Module

FWA Fixed Wireless Access

GIS Geographic Information System

GNSS Global Navigation Satellite System

IP Internet Protocol

IPsec Internet Protocol Security

ISP Internet Sendee Provider

L2TP Layer 2 Tunneling Protocol

LaaS Location as a Service

LAC L2TP Access Concentrator

LAN Local Area Network

LBS Location based Services

LoRaWAN Long Range Wide Area Network

LPWAN Low Power Wide Area Network

LR Long Range

LOS Line-Of-Sight

LTE Long Term Evolution

MIP Mobile IP

MNO Mobile Network Operator

NAS Netw'ork Access Server

NAT Network Address Translation

OTP One-time Password

PPP Point-to-Point Protocol

RADIUS Remote Authentication

Dial-In User Sendee RAN Radio Access Network RF Radio Frequency

RSSI Received Signal Strength Indicator

SIM Subscriber Identity_^ Module

SNR Signal to Noise Ratio

T OA T ime Of Arrival

UI User Interface

USB Universal Serial Bus VNO Virtual Network Operator

VPDN Virtual Private Dial-up Network VPN

(Virtual Private Network)

WAN Wide Area Network

WISP Wireless Internet Sendee Provider

Also, for the purposes of the present invention, the following abbreviations were introduced by the present document: gFWA Geolocation-Fixed Wireless Access

Brief Summary of the Invention

The present document is a disclosure about an invention that includes network appliances and a cornerstone authorization method for the creation of a geolocation based fixed wireless internet access over cellular broadband networks.

The present invention describes a cellular broadband customer premise equipment as well as an authorization method by which a third party controller entitled by the present invention as the Geo-Authorization system, is able to check that said cellular broadband customer premise is providing an internet service (i.e. or any policy-based service) with compliance to a set of terms of service and obligations predefined by a WISP or by any entity that is in responsibility of said service. Out of these terms, the invention focuses primarily on immobility of said cellular broadband customer premise equipment but gives further details on how to implement the rest of terms, since the latter can be WISP’s specific terms.

In brief, the present invention is based on integration of a LR transceiver and a cellular broadband transceiver, within the same customer premise equipment in order to create an area-fixed or a geolocation-fixed internet service or policy-based internet service based respectively on a GIS-defined service area or a GIS-defined service location inside of a cellular broadband network geographic coverage. In state-of-the-art fixed wireless technologies targeting home Fixed wireless broadband access, rely on point-to-multipoint RF systems operating dedicated spectrum different from those utilized in cellular broadband networks in order to provide a wireline-like internet access, replacing therefore wireline technologies particularly in hard-to-reach locations in underserved and rural areas. Alternatively, and due to limited range, LOS obligation and cost of said technologies, MNOs and WISPs started to leverage the available resources within the installed cellular broadband networks in order to provide fixed wireless internet access through stationary' CPEs that share spectrum and bandwidth with mobile devices that attach to the same RAN. However, due to the ubiquity of cellular broadband signals, the immobility of said CPEs, at least within a macro-cell, cannot be verified, which consequently inhibits MNOs and WISPs from implementing serv ice differentiation and pushing particular functionalities, privileges or restrictions to these CPEs, in comparison with those allocated to mobile devices. The present invention describes a socket-powered cellular CPE embedding a LR link for an extra out-of-band authorization ability by which a Geo- Authorization system and a method are enabled to permanently bind said CPE to a service area or to an exact or approximate service location within the range of a cellular broadband network coverage and to further provide an approach to comply to a set of WISP-defined or regulator-defined terms of service.

According to one embodiment of the invention, a home CPE provided with an access link to a cellular data network and comprising a built-in LR transceiver wherein the cellular link is set either by a built-in eSIM module or, one or more built-in cellular data SIM card modules or by a communication port to which a cellular modem is connected and wherein said cellular access link is used to provide a connection to the cellular data network and said LR transceiver is used to provide an access link to the Long Range WAN to be used to carry' messages serving for the purpose of authorizing an internet service established over the cellular data connection. Authorization factors in this context may include said CPE geolocation or parameters related to terms of services enforced by a service provider or by a regulator in responsibility of said service and may include a combination of said geolocation and said parameters.

According to one aspect of the embodiment, the built-in LR transceiver that is part of the home CPE provides access to a Long Range WAN w'herein the qualification by Long Range in this context designates the use of a LPWAN technology such as LoraWan, Sigfox et cetera. Further, the qualification includes also the use of client mode configured WiFi or Long Range WiFi modules.

According to another aspect of the embodiment, the home CPE further collaborates with a Geo-Authorization system, by means of an authorization method orchestrated by messaging over both the cellular data link and the Long Range authorization link with the aim of geo-binding said home CPE to one or more service areas, or to, one or more, exact and if not applicable approximate, service location, or to a combination of both, from which said home CPE is capable to provide an internet service or a policy-based internet service, carried over the cellular data link, to users connected via a built-in local network such as WiFi, ethemet or by means of an USB communications device class.

According to a further aspect of the embodiment, the home CPE may further comprise hardware capabilities by which said CPE is capable of gathering a geolocating data to be supplied to the Geo-Authorization system via the built-in LR module wherein said geolocating data is uninterpretable by said home CPE host CPU. Thus, said geolocating data is either supplied directly to the Geo-Authorization system via the built- in LR module by the geolocating hardware capability or delivered to said home CPE host CPU in encrypted form with no access for said CPE host CPU to the encryption keys. Further, other cases including said geolocating data to be either insufficient or said CPE is deprived from complementary hardware or software capabilities for said CPE to compute its geolocation, thus incapable, itself, to conclude about its own positioning.

According to one aspect of the embodiment, the service area denotes a geographic area, within the area of reach of the Long Range WAN and within the cellular data network coverage. Said service area is defined and stored in the Geo- Authorization system database in the form of a virtual data representation extracted from a GIS system. Said Geo- Authorization system uses all the stored service areas data representations to corroborate, in case configured to do so, that the home CPE is in fact placed within at least one authorized service area by activating the authorization method.

According to another aspect of the embodiment, the service location whether being exact or approximate denotes a geographic location, within the area of reach of the Long Range WAN and within the cellular data network coverage and defines the actual geographic position of placement of the home CPE that computation or checking includes using either the authorization method or geolocating data gathered by said authorization method.

According to a further aspect of the embodiment, the service location further distinguishes a permanent service location and a computed service location. The permanent service location is either pre-configured in the Geo- Authorization system attached database or computed at setup time either automatically or manually: the user willingly places the CPE at a preferred position and then manually activating the authorization method (e.g. via the CPE UI or via a management program). Said service location is stored in the Geo-Authorization system attached database for the foretold CPE and used thereafter by the Geo-Authorization system as the CPE permanent point of service access. The Geo-Authorization system will thereafter check whether the CPE is displaced, wrapping around that geolocation, or keeping bound with said geolocation. The computed service location is the home CPE geolocation that the Geo- Authorization system computes by activating the same authorization method and uses for comparison with the permanent service location. The computed service location is determined either before or after the CPE establishment of a service connection that is being set up over the cellular connection.

According to one aspect of the embodiment, the Geo-Authorization system denotes a set of services, agents and brokering tools put together depending on a WISP service authorization setup, the authorization method itself and how to issue verdicts following collecting outputs of said method. Said Geo- Authorization system implements at least two listening network sockets (i.e. two different listening ports): The first is reachable by the CPE by establishing a socket via said CPE cellular data link and the second is reachable by said CPE via said CPE Long Range WAN link. Said Geo-Authorization system further includes at least one CPE identification database, a geolocation solver and an authorization agent which is configured to issue a verdict following each authorization method activation. Said verdict is afterwards translated into an action and can be for instance, activating an authorization policy or an access control policy or altering a user authorization within the serving cellular core network or within an external appliance if said cellular network is used as transport medium (e.g. over a VPDN, VPN, etc.) or within the Geo-Authorization system itself in case the latter is acting as an authorization server or proxy . The authorization agent uses either standard or custom methods in order to issue the verdict and enforce the policy.

According to one aspect of the embodiment, the authorization method is defined by sending by the Geo- Authorization system of an authorization message to the home CPE to reach the latter via the cellular link. Said CPE creates, in turn, a new opt-in message based in Information included in said received authorization message and transmits said opt-in message back to the same Geo- Authorization system via the Long Range WAN by means of its built-in LR transceiver. Said opt-in message is constructed by the home CPE operational software assuming that the Geo-Authorization system can relate it to the original authorization message (e.g. using an authorization context). Said Geo- Authorization system, after receiving said opt-in message on a dedicated socket different from the socket used to send the authorization message, uses geolocation information either by reading the opt-in message extra metadata append by the Long Range WAN or by extracting it from the message payload in case it was collected and written by the home CPE and may use a combination of both information to compute the service location of claim 6. This process defines the authorization method, introduced by the present invention, without consideration to communication processes or messaging, between the home CPE and the Geo- Authorization system, preceding or superseding said method.

According to another aspect of the embodiment, the authorization method may further include enclosing by the Geo-Authorization system, of a set of terms of service instructions and queries, to the authorization message that the home CPE operational software must apply the instructions and must provide responses to the queries. The home CPE operational software afterwards, append instructions execution results as well as said responses into the opt-in message payload before performing its transmission via its built- in LR transceiver.

Brief Description of the Drawings

In order for some aspects of the present invention to be clarified, illustrations and figures were attached to this disclosure wherein:

FIG.l is a simplistic external view of the cellular CPE 100 with an extra authorization status light 101. Wherein said extra authorization status light is to provide status of compliance of the cellular CPE to the service provider's terms of service.

FIG. 2 depicts an overview of the cellular CPE 100 placement inside of a service area wherein said CPE is simultaneously connected to the cellular radio access network as well as to the Long Range WAN.

FIG. 3 depicts a simplified illustration of minimum included components for applying the authorization method being disclosed by the present document.

FIGS. 4A and 4B illustrate an example of a possible implementation of the present invention using an external VPDN appliance, wherein the connection to said VPDN appliance is established using a PPP over L2TP over the CPE 100 cellular link, but for said connection to be established, the authorization method must first be run with positive result as an output. The positioning process used herein and that is part of the authorization method is based on an over-the-air geolocation using time-synchronized geolocation-capable LR gateways. FIG. 4B further provides a sequencing scenario demonstrating the authorization process related to the foretold embodiment.

FIGS. 5A and 5B illustrate an another scenario of embodiment of the present invention using the same arrangement already used in FIGS. 4A and 4B Except that the authorization method relies for its positioning process on geolocating data gathered from the cellular CPE 100 via a built-in GNSS scanner as well as geolocation information related to the geolocation-capable LR gateway.

Detailed Description

Before proceeding with details of accompanying illustrations, we will refer to the cellular CPE being described in the present invention by the gFWA CPE as an acronym of Geolocation-Fixed Wireless Access CPE. Also, we will refer to the authorization method being disclosed by the Cellular-to-LR authorization method, furthermore and for a more clarity^ about the present invention, it is to be understood that all the descriptions provided in the present disclosure are focusing mainly on what is considered to be an addition and not on what it is known in prior art. FWA CPEs that use the same spectrum as mobile devices and which may also have more simple designations such as cellular hotspot or cellular router, are devices that commonly provide an internet access through a WiFi, an Ethernet local loop or USB communications device class, by applying a NAT on the cellular connection so that all connected users share the same WAN cellular connection. The present invention consider all aspects related to IP addressing, IP forwarding, NAT and security configured on the CPE as well as on the network as part of known art. The present invention further consider all the following aspects as part of the known art:

The process of connecting the gFWA CPE 100 to the cellular network in case it embeds a built-in cellular module.

The process of connecting the gFWA CPE 100 to the LR WAN (Such as LoRaWan or Sigfox etc.) through the built-in LR module. It is to be understood, also, that the present invention describes the gFWA CPE 100 and the Geo-Authorization system 200 and provides a specification of the Cellular-to- LR authorization method as a form of an out-of-band authorization using the gFWA CPE 100 extra built-in LR module capability. Therefore, some illustrations provided herein are embodiments of the present invention which rely mainly on said gFWA CPE 100, said Geo-Authorization system 200 and said Cellular-to-LR authorization method.

FIG. 1 is a basic illustration about the gFWA CPE, used herein to formalize the idea founding the present invention. The gFWA CPE 100, as defined herein, is a cellular CPE, hence providing an access to a cellular network via a built-in cellular module and a SIM or providing an additional peripheral such as USB to which an external cellular modem is attached. The definition further includes any extension device that access the network, directly or indirectly via the cellular network (e.g. as a hotspot). In addition to these definitions, The CPE must include a built-in uplink LR module (i.e. LR transceiver) for uplink Cellular-to-LR authorization opt-in messages. In the beginning and in a one embodiment, the end user is supposed to install the gFWA CPE in a position within the coverage of both the cellular and in the reach of geolocation-capable Long Range WANs. This means the gFWA CPE to be capable to reach the cellular base station as well as the Long Range gateways (e.g. one or more LoRaWan or Sigfox gateways). This further means that the gFWA CPE 100, is capable to attach to the cellular network via the RAN and obtain an IP address from the cellular core network 320 and capable. Furthermore, to join the Long Range WAN and obtain, if necessary, all the provisioning keys required to communicate with the remaining elements of Long Range network. The gFWA CPE 100 as shown in FIG. 1 , may provide the end user with status lights to provide indications about the status of each connection. Therefore, the end user may be able to understand the status of the cellular connection via a cellular status light 101 as well as the status of the Long Range connection via a Long Range connection status light 102. Further, the end user may check the gFWA CPE access authorization status which is a result of the Cellular-to-LR authorization method.

In a second step, in accordance with the same embodiment, the end user proceeds with an access to the gFWA CPE UI and starts an authorization process. With considerations to possible and different embodiments of the present invention, the gFWA CPE UI may provide the end user with a simple UI button to activate the authorization process and may also provide an advanced panel by which it can manage multiple authorizations (i.e. many service locations). In the context of multiple authorizations (i.e. LaaS), the gFWA CPE is supposed to provide service access from multiple service locations (i.e. access geo locations) but for each authorization, the end user must start a separate authorization process. The end user action on the UI will, therefore, trigger an authorization process and will cause, for example, the gFWA CPE operating software to send an authorization request to the Geo-Authorization system 200 through the cellular link. Said Geo-Authorization system 200, upon receipt of said authorization request, proceeds with activating the Cellular-to-LR authorization method in order to automatically create a permanent service location for the given the gFWA CPE.

Normally, the Geo-Authorization system 200, initially stores a definition context of the gFWA CPE 100, with a mi n imal parameter needed to identify the gFWA CPE 100 or the service being authorized (e.g. access to internet 310 (see FIG. 3), VoIP access, etc.). The Geo-Authorization system 200 further stores a list of GlS-defined service areas, from which the gFWA CPE 100 is supposed to initiate an authorization request and all of the subsequent access requests.

FIG. 2 further provides outer details, through a possible embodiment, in order to bind the present invention into its fundamental context and goal. In this figure, the gFWA CPE 100 is in the reach of both the cellular network and a geolocation-capable Long Range WAN. The gFWA CPE 100 is therefore placed within a cell site 125 and attaches to one cellular base station 124. Also, in this embodiment, the gFWA CPE 100 is capable to reach at least three geolocation- capable Long Range WAN gateways 122. The qualification by "geolocation-capable" means that said Long Range WAN gateways are capable of appending geolocation-related information for each message sent by the gFWA CPE 100 through the built-in uplink LR transceiver and forwarded by said gateways. This information, normally, includes RSSI, reception timestamp as well as gateways own precise geolocations. In Terminology of the LR technology, this list of information are appended in what is known as the metadata. FIG. 2, also, provides a draw of the GIS- defined area 126 (i.e. service area), which is a virtual area created by means of geo- spatial virtual data (i.e. geo-spatial boundaries). This virtual area is a polygon-extract from a geospatial data definition of a given territory and depicts the service area that a WISP is willing to provide service from. In real life cases, outside of this area, alternative access solutions may had been setup and that the act of limiting service access to the service area being defined herein is part of a customer or data plan differentiation strategy or due to the need for applying different billing plan or applying different service policies etc. In fact, the Geo- Authorization system 200 is supposed to store multiple service areas and to link a set of a terms of service to each service area or authoritatively to a group of service areas.

So, in a first summary, the gFWA CPE 100 as illustrated in FIG. 1 is a cellular CPE with two built-in transceivers, the first transceiver provides a link to the cellular network and the second provides a link to a LR network (e.g. LoRaWan or Sigfox). Said gFWA CPE 100 is supposed to be installed in a position (i.e. service location) within or outside of a GIS-defined area 126 (i.e. when applying an opposite authorization procedure). Said GIS-defined area is a virtual representation of a geographic area within the coverage of the cellular network (i.e. inside of a cell site) as well as in the reach of a Long Range WAN (e.g. LoRaWan or Sigfox). A Geo-enforcer system entitled by the present invention as the Geo-Authorization system 200, is used to bind the gFWA CPE 100, to the service location of installation and optionally to the defined service area and ensure that the gFWA CPE 100 is and will be providing service (e.g. internet service or policy-based service) from said service location or from within said service area (or a combination of both) with respect to some terms of service set by the serving WISP or by any entity that is in responsibility of said service for said defined service location or said defined service area. To achieve said tasks, the functioning interface between the Geo- Authorization system 200 and the gFWA CPE 100 is mainly orchestrated by a method entitled by the present invention as the Cellular-to-LR authorization method and which will be detailed further in remaining illustrations.

Now before proceeding with FIG. 3, an unveil of the Cellular-to-LR authorization method is essential. Said method is defined by sending by the Geo- Authorization system 200 of an authorization message via the cellular connection to the gFWA CPE 100 which in turn, creates a new message based in Information included in the received authorization message and transmits the newly created message back to the same Geo-Authorization system 200 via the Long Range WAN. This newly created message is entitled by the present invention as the opt-in message. Said opt-in message is constructed by gFWA CPE 100 assuming that the Geo- Authorization system 200 can relate it to the original authorization message (e.g. using an authorization context and information related to the opt-in message). Said Geo-Authorization system 200, then, receives the opt-in message that had been forwarded by the one or more Long Range gateways 102 on a dedicated socket different from the socket used to send the authorization message. This process defines the Cellular-to-LR authorization method without consideration to communication processes, between the gFWA CPE 100 and the Geo-Authorization system 200, preceding or superseding said method. With considerations to different embodiments of the present invention, the gFWA CPE 100 may, in one embodiment, send an access request to the Geo- Authorization system 200 and that said system, challenges said gFWA CPE 100, by sending back the authorization message, in turn, the gFWA CPE 100, creates the opt-in message, based on information received in the authorization message and information related to the gFWA CPE 100 identification(or service identification), and transmits, via the LR link, said opt-in message back to the Geo-Authorization system 200, via the one or more Long Range gateways 122. The Geo- Authorization system 200, after receiving the opt-in message, processes and checks the information received in the message payload as well as the in the metadata and issues a verdict towards the cellular entity connecting the cellular CPE (i.e. core network or VPDN appliance ). A typical example of this verdict can be a COA message sent to a VPDN appliance authenticating a tunnel established by the gFWA CPE 100 by means of Radius and this COA contains a Filter-ID radius AVP to activate a policy towards said gFWA CPE 100 (i.e. The authenticated user connecting via the CPE or the CPE itself) to allow' user traffic to pass, with suggestion, in this example, that the user traffic is by default blocked by the VPDN appliance and that in order to allow' the user traffic to flow through the tunnel, the gFWA CPE 100 must first opt-in to a service area (or service location or both) and to be compliant to a set of terms of serv ice associated with said service area (or service location or both).

In another embodiment, the Geo-Authorization system 200, may require the gFWA CPE 100 to first register its identity (e.g. IP address and service or CPE identification) in case mobility management technologies like MIP are not provided, before said Geo- Authorization system, at a periodic or arbitrary given time, challenges the gFWA CPE 100 by sending the authorization message, Obligating, therefore, the gFWA CPE 100 to send back the opt-in message via the Long Range WAN. In case the gFWA CPE 100 successfully replies to the authorization challenge which means in essence, being compliant to the set of terms of service including for example, fixedness and WISPs/MNOs service obligations, The Geo-Authorization system 200 may keep the active service established by the gFWA CPE 100, as it is. Contrarily, The Geo-Authorization system 200 may proceed to a service authorization change in case the gFWA CPE 100 failed to properly process the authorization challenge, or, if real-time operations performed by The Geo-Authorization system 200 after receipt of the opt-in message, concluded the non-compliance of the serviced gFWA CPE 100 to the defined terms of runtime service.

Going to FIG. 3, which is an illustration of minimum included topology components for applying the Cellular-to-LR authorization method. This simplified topology provides more clarifications about the network environment described in FIG. 2. This topology does not provide information about the entity inside of the cellular core network 320 that will handle the Geo-Authorization system 200 verdicts as this depends also on which information to add to said verdicts for the core network to identify the subscriber et cetera. Essentially, this topology, comes up with necessary minimum network elements required to run the Cellular-to-LR authorization method. As shown in the figure, in addition to the gFWA CPE 100, The network involves elements from the Long Range WAN as well as from the broadband cellular network as said gFWA CPE is meant to be connected to both networks wherein the Long Range WAN is used to carry authorization messages while the broadband cellular network is used to carry part of said authorization messages as well as the service traffic. According to known art, a Long Range WAN such as LoRaWan or Sigfox, is fundamentally formed by an end-device, a base station (i.e. gateway), a core network server, an application server, and applications. The end-device is supposed to transmit data frames that are received by all base stations which, in turn, take the responsibility in relaying these messages via an IP back-haul to the core network server which make them available to an application server. Then, applications that will consume these messages extract the data from the application server through the use of an API. In fact, Before the data is made available to the application servers, the core network server first extracts usable information from all received copies of the message (i.e. metadata), such as geolocation information, and then exposes one copy with all metadata. In our illustrating figure, the gFWA CPE 100 behaves Iike an end- device while the Geo-Authorization system 200 is acting like an application that receives the opt-in message (i.e. in extended Format), with more mediation techniques allowing said system, to trigger this whole process by first sending the authorization message that reaches the gFWA CPE 100 via the broadband cellular connection. Hence, the Geo- Authorization system 200 is at the meantime, the sender, and the receiver, creating a sort of an authorization loop. The main objective from the above process is to exploit during an out-of-band opt-in technique, among others things, the geolocation capabilities of the Long Range WAN in case the gFWA CPE is not capable of providing the geolocating data, for the Geo- Authorization system to decide on whether to allow or deny access to some services provided by the gFWA CPE and established via the cellular connection with the bigger aim is to create a geolocation-based service access managed from outside of the cellular core network 320 and independent from the service provider itself.

In one embodiment, the gFWA CPE, after establishing connections to the broadband cellular network and to, for example, a geolocation-capable Long Range WAN, may start the authorization process by first sending a service access request message to the Geo-Authorization system 200 rising the broadband cellular connection. Said system, in turn, challenges the gFWA CPE by sending back an authorization message. The gFWA CPE operating software, after receiving said authorization message, creates the opt-in message based in information contained in the latter and transmits said opt-in message via the geolocation-capable Long Range connection. In an explicit manner, the gFWA CPE operating software, creates the opt- in message as a frame that will be transmitted over the LR RF via its built-in uplink LR transceiver. Once received by the geolocation-capable Long Range WAN gateways 102, said gateways append geolocation information to the opt-in message metadata and forward it via an IP back-haul, to the core network server which exposes one copy (i.e. with all append metadata) to the Geo-Authorization system 200. At this stage, said system identifies the authorization context to which belongs said opt-in message, which means, in essence, identifying the challenged gFWA CPE and, if applicable, the service being authorized, by using information in the opt-in message payload. In one embodiment, the opt-in message payload may contain a unique and nonrepeating opt-in token dynamically-created in a similar fashion to OTPs in Multi-factor authentication and to Nonces in a cryptographic communication, copied from the authorization message sent from the Geo-Authorization system 200. It is to be understood, in this context, that the qualification by "unique and non-repeating" does not imply the non-reuse of said opt-in token for the same gFWA CPE (i.e. in retransmissions). In essence, the qualification by "unique and non-repeating” means that each opt-in token is unique and non-repeating when compared to all opt-in tokens used by the Geo- Authorization system in all its internal authorization contexts. That is to say, if the Geo- Authorization system, is running the Cellular-to-LR authorization method for two gFWA CPEs, the Geo- Authorization system creates two different authorization contexts (i.e. authorization threads) and for each authorization context, a unique and non-repeating opt- in token is dynamically created and used for each Cellular-to-LR authorization process. In addition to the opt-in token the opt-in message payload may, in one embodiment, contain a service or a user identifier depending on the authorization purpose. In a broader view of the topology, the Geo-Authorization system 200, may include, in addition to service areas/service locations database, an gFWA CPE identification database, which means a set of identification parameters to identify each gFWA CPE (i.e. or user or service) that would seek authorization from said system. In one embodiment, said identification parameters may be used by the gFWA CPE, when transmitting a service access request message, and may be used also when building the opt-in message payload. The Geo-Authorization system 200, is supposed to never send identification parameters to the gFWA CPE.

In FIG. 3, the illustration of the Geo-Authorization system 200, comes also with a geolocation solver 203, said geolocation solver is used to compute, in real-time, the geolocation of the gFWA CPE 100, using either geolocating data measured by said gFWA CPE 100 or geolocation information metadata that have been append by a geolocation- capable Long Range gateways 102, and made available by LR core network server, in a one copy. In some LR architectures, geolocation computing may be performed by the LR core network server and geolocation coordinates are made available to end applications through an API. Such method is also applicable for the present invention. But, for a better understanding, the geolocation solver is made part of the Geo- Authorization system 200, and that said system receives the opt-in message as well as the geolocating data and then performs a real-time geolocation computing by applying a geolocation algorithm. Once, the geolocation coordinates are available to the Geo-Authorization system 200, said system issues a comparison of said geolocation coordinates to those of the gFWA CPE installation described in Figure 1. The comparison method of these geolocation coordinates is WISP-specific and depends on accuracy and error tolerance radius so to say that geolocation coordinates are equal, in this context, depends on the WISP definition for the qualification by "equal". That is to say , if the calculated position is 50 meters away for the installation position, and that the serving WISP is defining 70 meters as an error tolerance radius, The calculated position is equal to that of installation and the gFWA CPE is considered immobile. At this stage, the Geo-Authorization system 200, after performing the geolocation comparison, performs a terms of serv ice check by looking to terms of service data included in the opt-in message payload. At the beginning, when the Geo- Authorization system 200 challenges the gFWA CPE 100, said system may push some terms of service requests in the authorization message to which said gFWA CPE may push replies in the opt-in message payload. For example, if a FWA VNO is providing fixed wireless internet access using the gFWA CPE via the existing MNOs infrastructures and that, in a given serviec area, the country telecommunications regulator is forcing a LTE technology for the cellular connection in order to meet some quality of service requirements, The Geo-Authorization system 200, must include the cellular network type request in the authorization message, for which, the gFWA CPE must provide a reply in the opt-in message by indicating the Network type of its established broadband cellular connection. Normally, the terms of service items are defined and registered in the service areas/service locations database, and linked to each service area/ location separately. That is to say, following the same example, the country telecommunications regulator may enforce an LTE technology in a given service area / location but may ignore such constraint in another service area/ location.

Then, having checked the gFWA CPE immobility and terms of service compliance, The Geo-Authorization system 200, issues a verdict towards the entity, inside or outside of the cellular core network 320, that is connecting or serving the gFWA CPE. In one embodiment, if the service being established is a VPDN tunnel authenticated by means of RADIUS, Said system may issue via its built-in Geo-authorization agent, a COA message to the VPDN (i.e. acting as a NAS) to allow or deny the VPDN tunnel service depending on the result of the immobility and terms of service compliance check.

So, in a second summary, the Cellular-to-LR authorization method can be considered as an inheritance from multi-factor authorization techniques wherein the gFWA CPE 100, in order to opt-in to given internet service, must bind to a service area or to a service location or to both wherein for the latter, obviously, the service location is geographically inside of the service area, and must comply to a set of terms of service . To opt-in, the gFWA CPE must provide a reply by building and transmitting an opt-in message using its built-in uplink LR transceiver. Said opt-in message, is created based on information in an authorization message, received by the gFWA CPE through the broadband cellular connection and sent by the Geo- Authorization system 200. In one embodiment, said information may contain a unique and non-repeating opt- in token as well as some terms of serv ice requests. The gFWA CPE operating software, In addition to service or CPE identification, copies the opt-in token as it is in the opt-in message payload as well as the terms of service replies and also, if required, a geolocating data and transmit said opt-in message via its built-in uplink LR transceiver. Once received by the one or more Long Range gateways, said gateways forward the opt-in message to the LR core network server which makes it available to the Geo-Authorization system 200 via an application server. Said Geo-authorization system 200 identifies the opt-in message with its authorization context, using the opt-in token and the service or CPE identification, computes the gFWA CPE geolocation using either geolocating data gathered by said gFWA CPE 100 or geolocation information included in the opt-in message metadata, and verifies the immobility of said gFWA CPE 100 by comparing the computed geolocation to the registered geolocation of installation.

Further, Said system, verifies the temis of serv ice compliance by looking into terms of service replies in the opt-in message payload and checks if these replies match the defined terms of service obligations set for the service area/location from which the gFWA CPE is opting-in. After these checks, The Geo-Authorization system 200, issues a verdict towards the entity, inside or outside of the cellular core network 320, that is connecting or serving the gFWA CPE in order to perform the appropriate action defined by the WISP and that aligns with the Cellular-to- LR authorization check result.

Going to FIGS. 4A and 4B which are illustrations of one embodiment of the present invention. This embodiment will bring a better understanding of the present invention. FIG. 4A is similar to FIG. 2 with extra components with the aim of providing an operational scenario of the present invention in which the Cellular-to-LR authorization method can be put into operation. These extra components mainly involve the Geo- Authorization system 200 and a VPDN appliance 300, with the intention to provide an exemplary application of the Cellular-to-LR authorization method to be further detailed in FIG. 4B. In fact, the use of a VPDN appliance 300, in this embodiment, is aligned with the intention from this invention to create a fixed wireless access service over existing broadband cellular networks by the use of an extra authorization medium, that will provide a server-side geolocation computing as well as an out-of-band transport facility for authorization messages . This choice is also aligned with the common use of a VPDN techniques by virtual ISPs for tunneled subscribers. The present invention can be applicable also in favor to said techniques, for the benefit of a FWA VNO using said VPDN to provide an internet browsing service. The term "virtual" herein refers to the use of existing broadband cellular networks for the implementation of a fixed wireless access service. Further, in this embodiment, the chosen geolocation-capable Long Range WAN technology is LoRaWan 420. So, referring to FIG. 4A, The gFWA CPE 100 is placed within a service area defined in a database managed by the Geo-Authorization system 200. Said gFWA CPE is used to provide an internet browsing service by means of a PPP connection over a L2TP tunnel established via the cellular connection, to the VPDN appliance 300 with an extra optional security provided by an IPsec Tunnel. In This embodiment, the supposition is that the FWA VNO or the regulator constrain that this internet browsing service is available only for gFWA CPEs that are placed within the defined service area and that within said service area said gFWA CPEs must maintain the same service location (i.e. geolocation) at least during a bill period .

The gFWA CPE acts like a NAT gateway wherein remote users are connected via a built-in local area network such as WiFi and users’ traffic is transferred via a PPP connection carried by the L2TP tunnel. Clearly, the gFWA CPE is acting like a LAC carrying a single PPP connection to which an IP masquerade is applied allowing all remote users (i.e. connected to the gFWA CPE via WiFi) traffic to flow via said PPP connection. Further, the gFWA CPE is capable of routing all remote users’ traffic to the PPP connection instead of the main cellular IP connection. Also, in this embodiment, the VPDN appliance 300 is supposed to be configured with a list of L2TP unique usernames (i.e. The L2TP Host Name AVP, Attribute Type 7). Initially, the VPDN appliance 300 stores said L2TP unique usernames in a block-list and maintains a listening socket through which it receives a management command from the Geo-Authorization system 200 to retrieve each L2TP username from said block-list, allowing any potential L2TP connection establishment using said username. Such scenario sets an obligation for the gFWA CPE 100 to solicit the Geo-Authorization system 200 in a call-to-open-the- door manner, in order to allow said gFWA CPE to establish the L2TP tunnel. Once solicited, said Geo-Authorization system challenges said gFWA CPE by running the Cellular-to-LR authorization method and decides whether to white-list said gFWA CPE L2TP username or keep it in the VPDN appliance block-list, depending on said method output.

This embodiment is further detailed in FIG. 4B, in which a successful setup of the L2TP tunnel is orchestrated by the three network components namely the gFWA CPE 100, the Geo- Authorization system 200 and the VPDN appliance 300. The gFWA. CPE 100 starts by sending over the cellular connection (established at 450) of a Start-request message mainly containing a unique identifier which is, as already mentioned, the L2TP unique username (i.e. The L2TP Host Name AVP, Attribute Type 7) at 451. At this stage, it is to be understood, that the unique identifier is shared among all three mentioned components and that both the Geo- Authorization system 200 and the VPDN appliance 300 may authenticate any request concerning said unique identifier. It is to be understood also, that in this embodiment, the Start-request message involves one unique identifier but other implementations may include one or more identifiers, being unique or not, such as a service identifier or identifiers related to the built-in SIM card or to the external cellular USB dongle depending on embodiments of the gFWA CPE 100 already mentioned in the present invention. After receiving the Start-request message, the Geo- Authorization system 200, at 452, replies by sending back an opt-in challenge message. This message contains a unique opt-in token as well as terms of service instructions and requests. Said opt-in token is computed by said Geo- Authorization system at the time of receipt of the Start- request message, after creating an authorization context while terms of service instructions and requests are a clone from a set of terms of service stored in attached database defined for the service area from within which the gFWA CPE 100 is trying to establish the L2TP tunnel, that a service regulator or the WISP in responsibility would like to check or to enforce on the gFWA CPE 100. An example of said terms of service instructions can be the enforcement of the number of the remote WiFi clients connected to the gFWA CPE device LAN in such a way, that this number configuration can be read directly from the network instead of storing it on the gFWA CPE operational database.

So after receipt of the opt-in challenge message, the gFWA CPE 100 operational software, reads the terms of service instructions and requests, executes configurations related to said instructions and collects information related to said requests, Then builds the opt-in response message as a bundle of the received opt-in token, the unique identifier (i.e. the L2TP unique username) and others identifiers if existing, The results of executing the terms of service instructions and the collected information related to the terms of service requests. Once the opt-in response message is ready, the gFWA CPE 100 operational software transmits said opt-in response message over the built-in LR transceiver (i.e. as a LR frame). Captured by the geolocation-capable Long Range WAN gateways 102, said gateways add Geolocation-related information to the message metadata. Geolocation-related information as stated herein, depends on the geolocation techniques used by the geolocation solver 203 and may contain for example, measurements by the receiving Long Range WAN gateways related to RSSI, SNR, TOA, said gateways own geolocations and so forth. Then, each geolocation-capable Long Range WAN gateway forwards its copy of the opt-in response message to its configured LR core Network server 205, at 453, which will by then make one copy with all metadata available to the Geo- Authorization system 200. The hops made by the opt-in message to reach the Geo- Authorization system 200 are indicated in black circled numbers. At this level, the said Geo- Authorization system receives said opt-in response message and identify it to its authorization context by using, the opt-in token and the unique identifier, computes the gFWA CPE geolocation, via the geolocation solver 203, by using geolocation information in the opt-in response message metadata, and verifies at first that this geolocation is verily inside of the service area defined by the FWA VNO or by the regulator and at second verifies if this geolocation is equal or at least within the scope of the geoloc ation of installation. The Geo-Authorization system further checks whether the results of executing the terms of service instructions and the collected information related to the terms of service requests are in accordance with those defined by the FWA VNO or by the regulator for the defined service area at 454. As this embodiment suggests all these checks to be successful, said Geo-Authorization system issues, as illustrated in FIG. 4B, at 455 a command towards the VPDN appliance 300, using the unique identifier which is, as already mentioned, the L2TP unique username (i.e. The L2TP Host Name A VP, Attribute Type 7) in order to retrieve said unique identifier from the block-list allowing any potential setup by the gFWA CPE 100 of the L2TP tunnel using said unique identifier.

The VPDN appliance 300, then, performs said operation, and sends, at 456, an acknowledgment of a command execution success back to Geo-Authorization system which in turn, sends at 457, a Start-request success report back to the gFWA CPE via the cellular connection. Finally, it is at this time that the gFWA CPE operational software, establishes the L2TP tunnel at 458 and consequently starts the PPP dial-up process at 459. The CPE may then use data over the cullurlar data network at 460. For network experts, the process being described herein is similar to the common use of a radius COA in a radius based environment wherein an authorization to the network for an already authenticated user can be altered by means of a COA message sent by a DAC towards a NAS or towards a DAS in general. Also, the use of a L2TP Host Name AVP in a conditional access is uncommon and implementations may rely instead on radius Calling- Station-Id AW among others.

Further, the above detailed embodiment is retaken in FIGS. 5A and 5B with modifications related to geolocation data collection and geolocation computing mechanism. As shown in FIG. 5 A, The gFWA CPE 100 is supposed to couple the built-in LR transceiver with an embedded GNSS scanner in order to provide a GNSS data that is to be transferred to the Geo- Authorization system 200 for geolocation computing. The GNSS data thus becomes part of the opt-in message payload which is sent as a Lora uplink by the gFWA CPE 100 during execution of the Cellular-to-LR authorization method. In order to attain the set of goals from the Cellular-to-LR authorization method, the gFWA CPE 100 is not capable by itself to calculate its own geolocation using the GNSS data and the GNSS scanner as mentioned herein, is only capable of capturing GNSS satellites pseudo-ranges which will be required by the Geo-Authorization system 200 to compute positioning of the gFWA CPE 100. In This context, the GNSS scanner that is part of the Semtech LR1110 chip shall be deemed by the present invention as a good illustration. Clearly, to be aligned with the purposes of the Cellular-to-LR authorization method described by the present invention, the gFWA CPE 100 shall not have geolocating computing capabilities but can provide minimum geolocating data, to the Geo- Authorization system 200. Apart from the captured GNSS data, in this embodiment, The Geo-Authorization system 200, via the geolocation solver 203 may need extra measurements for an accurate positioning, such as the geolocation of the LR gateway 500. The gFWA CPE 100 built-in GNSS scanner may also require synchronization with a precise time in order to provide extra precise information about when the GNSS data is received from GNSS satellites 400. In reality, GNSS geolocating mechanism that will be performed by the Geolocation solver 203 by means of a request from the Geo- Authorization system 200, during the Cellular-to-LR authorization method, may require extra information but these details as well the used geolocating procedures are not the main topics of the present embodiment which target the creation of a managed network between the gFWA CPE 100, the Geo- Authorization system 200 and the VPDN appliance 300 by means of the Cellular-to-LR authorization method. To conclude with the present embodiment, with accordance to earlier explanations of FIGS. 4A and 4B, and referring to FIG. 5B, The gFWA CPE 100 handles the opt-in challenge from the Geo- Authorization system 200 differently and instead of only copying the opt-in token into the opt-in message at 553, The gFWA CPE 100 operational software causes the built-in GNSS scanner to go active into a receiving time window during which a capture of a minimum GNSS data (i.e. the pseudo-ranges) is performed at 563. Upon completion of the foretold operation, The GNSS data is made available to the gFWA CPE 100 operational software which therefore uses said data, the opt-in token, the unique identifier, and the information related to several terms of service instructions executions to create the opt-in message at 554. Further, the gFWA CPE 100 operational software transmits said opt-in message using the built-in LR transceiver. The remainder part of the authorization process follows the same description already delineated for FIG. 4A. So, in a third and closing summary, with accordance to the claims disclosed in the present document, the present invention provides descriptions of a dual link CPE entitled as the gFWA CPE and a geolocation-based access authorizer entitled as the Geo- Authorization system. Further, the present invention provides description, by means of several embodiments, of a method entitled as the Cellular-to-LR authorization method which aims at creating an extra layer of authorization to services provided by the gFWA CPE namely internet access and other operator-defined services. In short, Said Cellular-to- LR authorization method, as explained throughout the present document, ensures that said gFWA CPE is provided access to a given service, only if said gFWA CPE provides evidence of its compliance to a set of terms of service defined by a Cellular operator or a regulator by properly replying to an opt-in challenge process carried heterogeneously via both gFWA CPE links scilicet, the cellular and LR links . Distinctively, The described method, focuses on a server-side computed geolocation as a key condition to corroborate that the gFWA CPE is permissible to a given service either by using the over-the-air geolocation capabilities of the LR networks or by using a collection of geolocation information gathered from both the gFWA CPE itself and the LR networks.

Claims

1. A Customer Premise Equipment (CPE) providing access to a cellular data network, comprising: a telecommunication device providing a cellular link used to provide a cellular data connection to the cellular data network, and a long range (LR) transceiver providing an access link to an authorization system through a Long Range WAN, wherein the access link carries a message for the authorization system to determine if the CPE is to be authorized an internet service established over the cellular data connection, and the message comprises at least one authorization factor selected from a geolocation of the CPE, one or more geolocating parameter for determining the geolocation of the CPE, one or more parameter related to terms of services, or a combination thereof.

2. The CPE of claim 1 , wherein the LR transceiver is configured to send the geolocation of the CPE to the authorization system through the access link, for the authorization system to determine if the CPE is to be authorized the internet service based on the geolocation of the CPE.

3. The CPE of claim 2, wherein the LR transceiver is configured to obtain one or more geolocating parameter from each of a plurality of gateways in the Long Rang WAN, and send the geolocation of the CPE determined based on the one or more geolocating parameter to the authorization system through the access link.

4. The CPE of claim 2, further comprising a geolocating device that is configured to obtain the geolocation of the CPE.

5. The CPE of claim 1 , wherein the LR transceiver is configured to send the one or more geolocating parameter for determining the geolocation of the CPE to the authorization system through the access link, for the authorization system to determine the geolocation of the CPE and if the CPE is to be authorized the internet service based on the geolocation of the CPE.

6. The CPE of claim 5, wherein the one or more geolocating parameter comprises a Received Signal Strength Indicator (RSSI) of the transceiver relative to a gateway in the Long Rang WAN; and at least three RSSIs of the LR transceiver are obtained by at least three gateways in the Long Rang WAN, respectively, and forwarded to the authorization system.

7. The CPE of claim 5, further comprising a geolocating device that is configured to obtain the one or more geolocating parameter.

8. The CPE of claim 4 or 7, wherein the geolocating device comprises at least one selected from a Global Navigation Satellite System (GNSS) receiver that is capable of computing the CPE geolocation and a GNSS scanner a GNSS seamier that is capable of capturing GNSS satellite pseudo-ranges.

9. The CPE of claim 1 , wherein the LR transceiver is configured to provide the access link through at least one of Low-power Wide-area Network (LPWAN), Wi-Fi, and Long Range Wi-Fi.

10. The CPE of claim 9, wherein the LR transceiver is configured to provide the access link through LoRaWan or Sigfox.

11. The CPE of any one of claims 1-10, wherein the telecommunication comprises at least one selected from a cellular modem and a communication port.

12. A cellular data network management system, comprising: a cellular data network; a Long Rang WAN; an authorization system; at least one customer premise equipment (CPE) according to any one of claims 1-

11

13. The cellular data network management system of claim 12, wherein the authorization system comprises a database storing a correspondence of the internet service and a service area, the service area indicating a geographic area in which the CPE is to be placed in to be authorized the internet service; and if it is determined that the geolocation of the CPE is in a service area, the authorization system authorizes the internet service corresponding to the service area.

14. The cellular data network management system of claim 12, wherein both the cellular data network and the Long Rang Wan cover the service area, and the authorization system is configured to receive the geolocation of the CPE through the LR transceiver, or compute the geolocation of the CPE with one or more geolocating parameters that is received from the gateways in the Long Range WAN.

15. The cellular data network management system of claim 12, wherein the database of the authorization system further stores a permanent service location corresponding to the CPE, the permanent service location is predetermined or obtained from the CPE when the CPE is set up; after the CPE is set up, the authorization system obtains the geolocation of the CPE, and determines if the CPE has been displaced out of the corresponding service area or moved away from the permanent service location by comparing the obtained geolocation of the CPE with the permanent service location; and the CPE obtains the geolocation of the CPE before and after the internet service has been established over the cellular data connection provided by the cellular modem.

16. The cellular data network management system of claim 12, wherein the authorization system implements a first listening network socket that is reachable by the CPE via the cellular link and a second listening network socket that is reachable by the CPE via the access link; the authorization system further includes at least one CPE identification database, a geolocation solver module, and an authorization agent module which is configured to determine the action related to an authorization of internet service for the CPE; and the action comprises at least one from the group comprising: activating an authorization policy, activating an access control policy, altering an authorization of the CPE within the cellular network or within an external appliance if the cellular data network is used as transport or within the authorization system in case the latter is acting as an authorization system or proxy.

17. The cellular data network management system of claim 12, wherein the authorization system is configured to send an authorization message to the CPE via the cellular link; the CPE is configured to, in response to the authorization message, create an opt-in message based on the authorization message and transmit the opt-in message to the authorization system via the access link; the opt-in message is constructed by a CPE operational software on the assumption that the authorization system is able to relate the opt-in message to an original authorization message; the authorization system is configured to, after receiving the opt-in message on a dedicated socket different from a socket used to send the authorization message, use one or more geolocating parameter to compute the geolocation of the CPE, wherein the geolocating parameter is obtained by at least one of reading an extra metadata in the opt-in message or extracting from an opt-in message payload that is collected and written by the CPE, and a combination thereof.

18. The cellular data network management system of claim 17, wherein the authorization system further delivers a set of instructions including terms of service and related queries to the CPE via the cellular link; the CPE is configured to attach a response of the CPE operational software to the instructions and queries into the opt-in message payload before sending the opt-in message via the access link.