HK1086148A - Method and apparatus for performing inter-technology handoff from wlan to cellular network - Google Patents

Description

Method and apparatus for performing an inter-technology handoff from a WLAN to a cellular network

Cross Reference to Related Applications

This application claims priority to U.S. provisional patent application No.60/425,801, filed 11/13/2002, the entire contents of which are hereby incorporated by reference.

Technical Field

The present invention relates generally to wireless communication systems and methods, and more particularly to techniques for handing off a Mobile Node (MN) between wireless network providers operating in different technologies, such as Wireless Local Area Networks (WLANs) and cellular networks.

Background

Cellular radio technologies, such as cdma2000 and Universal Mobile Telecommunications System (UMTS), are expected to provide high-speed wireless internet connectivity to mobile users over a wide coverage area. Meanwhile, WLAN technologies, such as IEEE 802.11 and european HiperLAN, are becoming more and more popular because they provide a low-cost and high-speed wireless access scheme for localized "hot spots". In light of a forecast of the future of mobile networks, wide area cellular networks and WLANs will complement each other to provide ubiquitous high-speed wireless internet connectivity for mobile users. In such an environment, the mobile user can expect to experience a need for seamless handoff between the WLAN and the cellular network, even during an ongoing internet session.

Soon, mobile terminals, also referred to herein as mobile nodes, will be available that combine different radio interfaces, e.g. cellular networks and WLANs, in one device. Furthermore, the development of internet protocols with mobility awareness has increased in recent years. These and other factors will combine convergence in the near future to provide enhanced mobile user features and connectivity. However, this would require handling and solving the problem of inter-technology handovers, such as inter-technology handovers from WLAN to cellular networks. In particular, as the mobile node moves from the WLAN to the cellular network coverage area, it is found that the WLAN signal degrades rapidly. As a result, the time and signal margin available for performing a handover or handoff procedure is small.

The Internet Engineering Task Force (IETF) has developed a mobile IP protocol to enable IP layer handoffs during ongoing internet sessions. In order to minimize the disruption of the mobile node's internet connection during such handoffs, protocols such as Fast Handoff (Fast Handoff) and Context Transfer (Context Transfer) are also being developed. While these protocols provide a core framework for seamless inter-technology handoff, applying them to a particular environment requires additional effort. Moreover, these protocols assume that there is a "trust" relationship between the source (e.g., WLAN) and target (e.g., cdma2000) access networks, but this is not suitable in all cases.

Disclosure of Invention

The foregoing and other problems are overcome, and other advantages are realized, in accordance with the presently preferred embodiments of this invention.

The present invention provides a method for inter-technology handoff of a mobile node from a WLAN to a cellular network in a preferred, but not limiting, environment. The present handover procedure enhances the basic IP layer handover technique in the following fields: (i) rapidly establishing an access network bearer in a cellular access network; and (ii) dynamically authenticate and authorize with the cellular network at handover.

The advantage of this approach is that no significant modifications to the existing cellular network protocol architecture are required. In addition, the method is suitable for the switching technology of an IP layer, such as low-delay mobile IPv4 and fast mobile IPv 6.

A method, system, and computer program for performing a low latency inter-technology handoff from a WLAN to a MN of a cellular network. The method comprises the steps of sending a Bearer Context (Bearer Context) from the MN for the cellular network to use, wherein the Bearer Context comprises information required for establishing an access network Bearer for an ongoing Internet session of the MN in the cellular network; and responding to the bearer context with a router advertisement (RouterAdvertisement), which is forwarded towards the MN. The bearer context may be piggybacked on another message or sent as a separate message. The bearer context includes information to express: (a) QoS requirements of one or more applications of the MN on-going; (b) a unique identification of the MN that is identifiable by the cellular network; (c) parameters that facilitate the creation of a peer-to-peer protocol state in a cellular network; and (d) parameters that enable establishment of a packet filter in the cellular network. The method also includes authentication and authorization with the target cellular network for the purpose of performing handover.

Drawings

The foregoing and other aspects of the invention will become more apparent upon reading the following detailed description of the preferred embodiments in conjunction with the accompanying drawings, in which:

FIG. 1 is a simplified block diagram of a first, most preferred, embodiment with reference to a network architecture and illustrating one suitable type of multi-technology wireless system architecture in which the present invention may be advantageously deployed;

FIG. 2 is a simplified block diagram of a second, less preferred, embodiment with reference to a network architecture and illustrating another suitable type of multi-technology wireless system architecture in which the present invention may be advantageously deployed;

figure 3 illustrates a typical indoor WLAN environment located within the coverage area of a cellular network; and

fig. 4 is a message diagram illustrating the flow of handoff signals between the MN, WLAN and cellular technologies in accordance with an aspect of the present invention.

Detailed Description

Those skilled in the art will appreciate that the following disclosure contains information relevant to the present invention and may be incorporated in whole or in part into this patent application where appropriate: IETF mobile IP working group (www.ietf.org): low latency mobile IPv4 and fast mobile IPv6 specifications; IETF Seamody working group (www.ietf.org): context (context) transfer framework specification; 3GPP2 specifications: "wireless IP architecture based on IETF protocol" (3GPP2# p.r0001) and "wireless IP network standard (3GPP2# p.s0001-A v 3.0.0)", www.3gpp2.org; 3GPP2 specifications: "Access network interface interoperability Specification", Revision A (3G-IOSv4.1), 3GPP2# A.S0001-A, www.3gpp2.org; 3GPP specification: "QoS concept and architecture", TS 23.107, www.3gpp.org; and 3GPP specifications: "general packet radio service: service description ", TS 03.60, www.3gpp.org.

Fig. 1 shows a reference network deployment embodiment, also called standalone AAA (authentication, authorization, accounting) embodiment. For purposes of illustration, and not by way of limitation, the cdma2000 specification is used in figure 1 as representative of the cellular network 2 architecture. In the architecture of fig. 1, access to the WLAN1 and access to the cdma2000 network 2 are managed independently, and it is assumed that there is no peering relationship (e.g., common ownership or roaming agreement) between the two. A non-limiting example of such an arrangement is a WLAN hotspot (hotspot) in a bookstore, which charges an account for the identity of the user reader for access. Another example is a WLAN of an enterprise, which is only authorized for access by employees of the enterprise (i.e., there is no access fee for the employees). Alternatively, in some cases, WLAN access at a hotspot may be free, and thus, no local AAA functions are needed at the WLAN. This is the case, for example, for WLAN hotspots in a small restaurant. Cdma2000 cellular access, on the other hand, is typically charged by the (home) cellular operator for the subscriber's subscription account.

In the illustrated example, there are multiple domains 5 in each of the WLAN1 and cdma2000 networks 2. For example, the WLAN1 comprises a home agent domain 6, and a WLAN AAA function 7, the WLAN AAA function 7 being connected to a WLAN access point 9 via an Access Router (AR) 8. The cdma2000 Network 2 may include an AAA function 10 located in a Home Operator Network (Home Operator Network) and a local AAA function 11 in the visited cdma2000 Network, the local AAA function 11 being connected to the IMT-2000 wireless Network 13 by a PDSN (packet data support node) 12. Assume that the MN 3 hands off from the WLAN1 to the cdma2000 network 2 through the WLAN access point 9 and the IMT-2000 wireless network 13.

Fig. 2 illustrates another network deployment embodiment, referred to as a shared AAA architecture. Here, it is assumed that there is a trust relationship between the WLAN1 and the cdma2000 network 2. Note the overlapping domains 5A and 5B in this embodiment. This embodiment may exist, for example, if WLAN hotspot access is operated by a cdma2000 operator. Alternatively, a roaming agreement exists between the WLAN1 operator and the cdma2000 network 2 operator. Thus, the authentication and authorization performed by the WLAN1 can also be reused for cdma2000 network 2 access at inter-technology handover. In addition, a security association 5C may exist between the AR 8 in the WLAN1 and the PDSN 12 in the cdma2000 network 2. For completeness, outside the interworking WLAN/cellular network arrangement, another operator 14 is shown, which operator 14 has an access router 15 connected to the WLAN access point 9.

Of most interest to the present invention is the independent network architecture shown in fig. 1. It should be noted, however, that the handoff method of the present invention is equally applicable to the shared deployment model of fig. 2.

Referring again to fig. 1, consider a handoff from a WLAN network 1 to a cdma2000 network 2. In such an environment, it is assumed that the mobile user initiates an Internet (Internet)4 session from the WLAN1, such as a voice over IP (VoIP) call or a multimedia conference call, and subsequently leaves the WLAN hotspot coverage area. Before attempting an inter-technology handoff from the WLAN1 to the wide area cdma2000 network 2, the MN 3 should first perform authentication and authorization procedures with the cdma2000 network 2. Note that the home agent 6 for MN 3 may be located in the same area as WLAN1 (e.g., in the case of a business), or in the same area as home operator network 2, or in a completely different area (e.g., in a bookstore or in the case of free access).

In addition, before the MN 3 can exchange IP packets with the Internet 4 through the cdma2000 access network 2, a plurality of procedures including procedures for IP access and quality of service (QoS) setting should be performed. These include procedures for establishing a PPP (point-to-point protocol) connection with the PDSN 12, mobile IP procedures, and procedures for establishing an access network bearer with appropriate QoS characteristics in the cdma2000 network 2.

The delay in performing these procedures should be minimized to avoid service interruption when handing over from WLAN1 to cdma2000 network 2, such as a handoff that occurs during an ongoing session, e.g., a VoIP session, or a multimedia streaming session, or a competition session. The present invention provides a technique for efficiently and quickly performing an inter-technology handoff that avoids the problems inherent in the prior art.

In general, the performance of the handover can be considered to be considerably improved if at least some of the handover messages are performed proactively, i.e. while the MN 3 can still see a strong signal from the WLAN access point 9. These actively performed steps may include, for example, fast handoff signaling, authentication with the cellular network 2, and notification to the cellular network 2 of QoS and other requirements currently applied by the MN 3. Then, once the WLAN signal strength is reduced, the MN 3 is caused to send a final trigger to the cellular network 2 to complete the handover procedure (i.e., actually allocate radio resources, arrange rerouting of packets, and perform any other necessary procedures to complete the handover).

It should be noted that it is generally not possible to reliably perform this task based solely on MN 3 signal strength measurements. For example, if the active handoff procedure is initiated after the WLAN signal strength begins to drop significantly, the MN 3 internet connection may be interrupted before these steps are completed. On the other hand, if the handover procedure is initiated prematurely (while the WLAN signal is still strong), a large number of false starts may occur. In other words, even if the active handoff step has already started, the mobile user does not in fact leave the coverage area of WLAN1 at all. This may impose an unnecessary signalling burden on the cellular network 2.

Referring to fig. 3, an exemplary WLAN/cellular network environment is shown, such as may be encountered in a hotel or other type of building. In fig. 3, it can be seen that a cellular network (e.g., a cdma2000 network) base station coverage area (footprint)20 includes a fabric 22, the fabric 22 containing a plurality of WLAN Access Point (AP) coverage areas (footprints) 24.

The present invention provides an inter-technology handover technique that can be clearly divided into active and passive steps, and in addition to this, the present invention provides a method that anticipates the need for a handover from the WLAN1 to the cellular network 2 so that there is sufficient time to perform the active handover step. In this regard, a handover trigger mechanism is required for initiating phase 1 and phase 2 aspects of the handover technique (the phase 1 and phase 2 operations will be described in detail below).

Wherein the signal strength criterion can be used to generate a handover trigger and the signal strength criterion can be used to generate a final handover trigger. However, in a handoff from WLAN to cdma2000 environment, this approach may result in spurious handoff triggers. For further explanation, consider the handoff scenario depicted in fig. 3, fig. 3 shows a WLAN coverage area in a hotspot, which in this case is an indoor environment, such as a hotel (structure 22). Areas 24A and 24B represent areas of strong signal coverage for different WLAN APs located in hot spots. It is typically the case that the geographic coverage area of WLAN1 is contained within the geographic coverage area of cdma2000 network 2. Assume that a mobile user with a multiradio (e.g., dual mode WLAN and cdma2000) MN 3 initiates an internet session over WLAN access and then walks along path 26. Along path 26, when the user reaches a particular area and the WLAN signal strength drops due to local factors such as metal objects, walls, etc., MN 3 detects the drop in WLAN signal strength, but is still able to detect a strong cellular signal. In such a case, the MN 3 will attempt to initiate a handover from the WLAN1 to the cellular network 2. However, seconds or moments later the MN 3 again detects a strong signal from the WLAN1 and therefore needs to initiate a handover back to the WLAN network 1. Such a ping-pong effect is undesirable because it causes unnecessary signaling traffic and may cause more disruption to user traffic than would otherwise be caused by the momentary loss of WLAN signals. Of course, after the WLAN signal is lost, the MN 3 may wait a short period of time before initiating a handover to the cellular network 2. However, this approach reduces the (latency) performance of the handover when the user actually leaves the structure 22 through the door 22A and thus actually loses the connection to the WLAN network 1.

Thus, while the signal strength criteria are employed to initiate an inter-technology handoff and to generate a final WLAN/cellular network handoff, those skilled in the art will recognize that other considerations and criteria, such as packet error rate and/or the number of retransmission requests generated per unit time, as well as other signal quality related parameters, may be employed instead of or in conjunction with the use of the received signal strength at the MN 3.

Another technique for performing active handover control that is currently preferred relies on the use of "border bits", i.e. information provided by border access nodes, providing geographical coverage or area information for controlling the initiation of a handover from one technology network to another by a mobile node. This is referred to in U.S. provisional patent application No.60/426,385, entitled "Smart Inter-Technology handover control," filed by h.

Now to be described is a handoff procedure, particularly related to cdma2000 network 2 architecture, which operates in accordance with the present invention.

First described is a handover procedure that is suitable for low-latency mobile IPv4(IETF mobile IP working group: "low-latency mobile IPv4 and fast mobile IPv6 specification", www.ietf.org) in "pre-registration" mode. This mode is useful since mobile IPv4 has been introduced into the cdma2000 specification. The corresponding signaling scheme is shown in fig. 4. The basic idea of the invention as it applies to fast mobile IPv6 (in "predictive handover" mode) is similar and a description of this embodiment is also given below.

Referring now also to fig. 4, after the MN 3 decides to initiate an inter-technology handoff from the WLAN1 to the cdma2000 network 2 (based on employing any suitable parameters such as signal strength and/or signal quality and/or use of boundary bits), it sends a proxy router solicitation (ProxyRtSol) over the wireless connection to the AR 8, which in turn sends the router solicitation to the PDSN 12 via the internet 4. In addition, the MN 3 arranges to transfer a message called "bearer context" to the PDSN 12 via the AR 8. The bearer context message contains parameters for establishing an access network bearer in the cdma2000 network 2 for the ongoing internet session of the MN 3. The bearer context message may be piggybacked on a ProxyRtSol or other message sent from MN 3 to AR 8, or it may be sent as a separate message. From the AR 8 to the PDSN 12, the bearer context message may be piggybacked on the router solicitation message, or it may be sent as a separate message. The bearer context message includes at least one or more of similar or comparable information:

QoS requirements of the applications the MN is currently engaged in, such as one or more of required bandwidth, reliability and delay characteristics,

MSID: a mobile station identity, which can be recognized by the cdma2000 network 2, for example, the IMSI (international mobile subscriber identity) of the MN 3,

LCP (link control protocol) configuration parameters, such as MRU (maximum receive unit),

ACCM (asynchronous control character mapping) and a link quality monitoring protocol to be used, to facilitate the creation of PPP states in the PDSN 12,

TFT (traffic flow template) to enable the establishment of packet filters in the PDSN 12, and any other required service parameters, such as the requested security level.

The aforementioned parameters that make up the bearer context message are not to be seen as a limiting eye. Other parameters requesting resources from the cellular network 2, such as location tracking services and/or transcoding services for a specific packet session, may also be provided within the scope of the invention, for example, or instead of one of the aforementioned parameters.

The PDSN 12 responds to the bearer context message with a router advertisement message that is forwarded to the MN 3 via the internet 4 and the AR 8 (as a proxy router advertisement or ProxyRtAdv). Where ProxyRtAdv includes a challenge (e.g., a mobile node-foreign agent (MN-FA) challenge extension) for authentication and authorization purposes.

The MN 3 sends a registration request (RegReq) message to the PDSN 12 via the AR 8 to respond (as shown in step 2 in figure 4). Wherein the message contains a MN 3 network address identifier (MN-NAI) identifying the home AAA of the MN 3, authentication data to be used for registration with the home agent 6, and a response (MN-Radius extension) computed from the MN-FA challenge received in the ProxyRtAdv for authentication and service authorization purposes with the cdma2000 network 2. It should be noted that if the bearer context message has not been sent before, it may be piggybacked on the message.

Upon receiving the registration request, the PDSN 12 uses the NAI extension to determine the home AAA realm of the MN 3 and issues a query to the identified home AAA 10 of the MN 3. In the preferred embodiment, the PDSN 12 actually queries the home (visited) AAA 11 in the cdma2000 network 2. The visited AAA 11 then forwards the query to the home AAA 10 of the MN 3, possibly via one or more intermediary transit AAAs. The PDSN 12 provides the home AAA 10 with the challenge issued by the PDSN 12 in the MN-FA challenge extension, and the response to the challenge for the MN 3 obtained in the MN-Radius extension. The PDSN 12 also provides the home agent AAA 10 with a description (e.g., QoS) of the access service requested by the MN 3. Once successful authentication and service authorization is obtained, the home agent AAA 10 sends a success indication to the PDSN 12 (the response would typically follow the same path as the query, but in the opposite direction) to authorize access through the MN 3. The home agent AAA 10 also sends "tickets" to the PDSN 12 in clear text as well as in encrypted form. The ticket is encrypted using a secret shared between the home AAA 10 and the MN 3. These processes are shown in step 3 of fig. 4.

The PDSN 12 stores the ticket in clear text and sends an encrypted copy to the MN 3 via the AR, as shown in step 4. The PDSN 12 also sends all configuration parameters for the MN 3 in this message. At this point, it can be considered that the first phase (phase 1) of the inter-technology handover procedure is completed.

The second phase of the inter-technology handoff process (stage 2) begins when the MN 3 sends an Acknowledgement (ACK) to the PDSN 12 via the AR 8 and the ACK includes a ticket in clear text (step 5 of fig. 4) to prove to the PDSN 12 that the ACK indeed originated from the MN 3. This is a security measure that helps to avoid denial of service (DOS) attacks where a malicious node spoofs an ACK, thereby burdening the erroneous bearer established on the cdma2000 network 2.

It should be noted that there may be a time delay between the completion of phase 1 and the start of phase 2. This situation may arise if the MN 3 starts phase 1 with a WLAN signal that is still quite strong (but fading) and wants to complete phase 1 before losing connectivity to the internet 4. Phase 2 will typically start when the MN 3 is about to leave the WLAN coverage area 24. After sending the ACK, the MN 3 simply waits to collect information from the cdma2000 network 2.

While the MN 3 waits, the cdma2000 network 2 performs a10/A8/a1 bearer establishment (step 6 of fig. 4), as described in the "network initiated bearer establishment" chapter of cdma2000 specification, 3GPP2 access network interface interoperability specification (3G-IOS v4.0.1) Release a (1999) Release 0, 3GPP2# a.s 0001-0.1. Further, the PDSN 12 performs registration with the HA 6 of the MN 3 in step 7. Upon receiving the registration reply (RegRep) from the HA 6, the PDSN 12 forwards it to the MN 3 over one of the established access bearers.

As another embodiment of the process in step 4 of fig. 4, the home AAA 10 may generate a session key and forward it to the PDSN 12 as clear text as well as in encrypted form (e.g., using a secret shared between the MN 3 and the home AAA 10). The PDSN 12 stores the clear text key and forwards the encrypted version to the MN 3 (via the PDSN 12 and AR 8). The MN 3 may then use the key to authenticate or encrypt future message traffic (e.g., ACKs) with the PDSN 12.

Described now is a technique that adapts the foregoing handoff embodiments to the fast mobile IPv6 environment (IETF mobile IP working group: "low latency mobile IPv4 and fast mobile IPv6 specification", www.ietf.org). In this method, the communication between the AR 8 and the PDSN 12 in step 1 of fig. 4 is performed by a HI/HACK (handover initiate/handover ACK) message exchange, and in this embodiment, the bearer context message and the MN-FA challenge are piggybacked on the HI and HACK messages, respectively. In this case, a new message may be used to perform step 2, in which the MN 3 sends a response for authentication and authorization of the cdma2000 network 2. Such a message has not been included in the fast mobile IPv6 protocol because the protocol was designed assuming a strong security association between the AR 8 and the PDSN 12. In step 4 another new message can be used to send the ticket to MN 3, while the ACK in step 5 can be sent to AR 8, using an F-BU (fast binding update) message and having the ticket piggybacked on it. Another new message can be used to send an indication to the PDSN 12 for the AR 8 to initiate step 6. In step 6, the PDSN 12 does not perform registration with the HA 6. In addition, a temporary tunnel is preferably established between the AR 8 and the PDSN 12 until the MN 3 performs a binding update.

While the foregoing has been described in connection with certain presently preferred embodiments, it will be understood that the invention is not limited to those embodiments. For example, the bearer context can be sent by the MN 3 with context transfer signaling. As another example, and as noted above, other service specification parameters may be included in the bearer context message in addition to those noted above, such as location tracking services and transcoding services for a particular packet session. As another example, the bearer context message may be encrypted using a shared secret between the MN 3 and the home AAA 10. This may help prevent leakage of secrets through the AR 8 to PDSN 12 path. When the PDSN 12 receives the encrypted bearer context, it passes the encrypted bearer context to the home AAA 10 in a query fashion. The home AAA 10 deciphers the encrypted bearer context and sends it to the PDSN 12 in response.

It should also be understood that the present invention encompasses computer program code embodied in tangible media for directing one or more data processors to carry out the various steps of the methods described above. These data processors may reside at least in the MN 3 and PDSN 12, or in equivalent cellular network nodes and functions.

Although described in conjunction with a WLAN/cdma2000 cellular network, it should be understood that the teachings of the present invention are also applicable to other types of wireless systems, e.g., digital TDMA and FDMA systems. Further, while described in connection with various specific messages, message names, and message types, it should be recognized that these are exemplary and should not be construed as limitations on the practice of the invention. For example, messages sent from MN 3 are referred to as context bearer messages for convenience, but may be referred to by another name.

Claims (41)

1. A method for performing a low-latency inter-technology handoff of a Mobile Node (MN) from a Wireless Local Area Network (WLAN) to a cellular network, the method comprising:

sending a bearer context message from the MN for the cellular network, the bearer context message comprising information for establishing at least one access bearer in the cellular network for an ongoing packet data session of the MN; and

responding to the received bearer context message with a router advertisement message, which is forwarded towards the MN.

2. The method of claim 1, wherein the bearer context message is piggybacked on another message.

3. A method as claimed in claim 1, wherein the bearer context message comprises information to express QoS requirements of one or more applications of the MN that are ongoing.

4. A method as in claim 1, where the bearer context message comprises information expressing a unique identity of the MN that is recognizable by the cellular network.

5. A method as in claim 1, where the bearer context message comprises information to express parameters that facilitate creation of a peer-to-peer protocol state in the cellular network.

6. A method as in claim 1, where the bearer context message comprises information expressing parameters that enable establishment of a packet filter in the cellular network.

7. A method as claimed in claim 1, wherein the bearer context message is piggybacked on a router solicitation message sent from an Access Router (AR) in response to receiving a proxy solicitation request message from the MN.

8. The method of claim 7 wherein the router advertisement is sent to the AR in response to which the AR sends a proxy router advertisement to the MN.

9. The method of claim 8, wherein the router advertisement includes a challenge for authentication and authorization purposes.

10. A method as in claim 8, where the MN responds to the proxy router advertisement by sending a registration request message to the cellular network.

11. A method as in claim 10, where the proxy router advertisement includes a challenge for authentication and authorization purposes, and where the registration request message includes information identifying a home authentication, authorization, accounting (AAA) feature of the MN in the cellular network, and a response to the challenge received in the proxy router advertisement.

12. A method as in claim 11, where sending a query to the home AAA of the MN is performed in response to receiving the registration request message.

13. The method of claim 12, wherein the query is sent directly via the visited AAA or via at least one intermediary AAA.

14. A method as recited in claim 12, wherein the query sent to the home AAA includes information indicative of the challenge sent to the MN and the response to the challenge received from the MN for use in authenticating the MN by the home AAA.

15. A method as in claim 14, where the query sent to the home AAA comprises information indicating the access service requested by the MN.

16. A method as in claim 14, further comprising, in response to successfully authenticating the MN, sending a success indication from the home AAA for authorizing access by the MN.

17. A method as in claim 16, where the success indication further comprises a ticket sent in clear text and encrypted using a secret shared between the home AAA and the MN.

18. The method of claim 17, wherein the plain-text form of the ticket is stored in a cellular network node, and wherein the encrypted ticket is sent to the MN via the AR.

19. A method as in claim 18, further comprising sending an Acknowledgement (ACK) from the MN to the cellular network, the ACK comprising the clear text ticket.

20. A method as in claim 19, further comprising performing access bearer establishment in the cellular network for establishing at least one access bearer for the MN in response to receiving the clear text ticket from the MN.

21. A method as in claim 20, further registering the MN with the HA in response to receiving the clear text ticket from the MN, and upon receiving a registration reply from the HA, forwarding the registration reply from the cellular network to the MN over the established access bearer.

22. A method as in claim 17, further comprising generating a session key at the home AAA in clear text and encrypted using a secret shared between the MN and the home AAA, storing the clear text session key in a cellular network node, and forwarding the encrypted form of the session key to the MN for use by the MN in at least one of authenticating and encrypting future message transactions with the cellular network.

23. A method as in claim 1, where the bearer context is sent by the MN using a form of secret encryption shared between the MN and a Home authentication, authorization, accounting (AAA) feature of the MN in the cellular network.

24. A method as in claim 1, where the communication between the MN and the cellular network comprises a HI/HACK (handover initiate/handover ACK) message exchange, and where the bearer context message is piggybacked on the HI message.

25. A method as in claim 24, where the cellular network responds to receiving the bearer context message with a mobile node-foreign agent (MN-FA) challenge extension piggybacked on the HACK message.

26. A method as in claim 1, where the MN sends the bearer context message in response to a change in at least one of signal strength, signal quality, and other information, such as geographic coverage area information, associated with the wlan.

27. A data communication system comprising a Mobile Node (MN), a Wireless Local Area Network (WLAN) and a cellular network, the system further comprising:

a transmitter for sending a bearer context message from the MN to the cellular network, the bearer context message comprising information for establishing an access bearer in the cellular network for an ongoing packet data session of the MN; and

responding to the received bearer context message with a router advertisement message, which is forwarded towards the MN.

28. The system of claim 27, wherein the bearer context message is piggybacked on another message.

29. A system as in claim 28, where the bearer context message is piggybacked on a router solicitation message sent from an Access Router (AR) in response to receiving a proxy solicitation request message from the MN.

30. A system as in claim 28, where communications between the MN and the cellular network comprise an HI/HACK (handover initiate/handover ACK) message exchange, where the bearer context message is piggybacked on an HI message, and where the cellular network is responsive to receiving the bearer context message to a mobile node-foreign agent (MN-FA) challenge extension piggybacked on a HACK message.

31. The system of claim 27, wherein the bearer context message includes information to express at least one of: QoS requirements of at least one ongoing application of the MN, a unique identification of the MN that is recognizable by the cellular network, parameters that facilitate point-to-point protocol state creation in the cellular network, and parameters that enable packet filters to be established in the cellular network.

32. The system of claim 27, wherein the bearer context message is received by a Packet Data Support Node (PDSN).

33. A computer program for controlling the operation of a Mobile Node (MN) operable with a Wireless Local Area Network (WLAN) or a cellular network, said computer program being responsive to a change in at least one of received WLAN signal strength and signal quality to send a bearer context message from said MN to said cellular network, the bearer context message including information for establishing at least one access bearer in said cellular network for an ongoing packet data session of said MN.

34. The computer program of claim 33, wherein the bearer context message is piggybacked on another message.

35. A computer program as in claim 34, where the bearer context message is piggybacked on a router solicitation message sent from an Access Router (AR) in response to receiving a proxy solicitation request message from the MN.

36. A computer program as in claim 34, where communications between the MN and the cellular network comprise a HI/HACK (handover initiate/handover ACK) message exchange, where the bearer context message is piggybacked on a HI message, and where the cellular network is responsive to receiving the bearer context message to a mobile node-foreign agent (MN-FA) challenge extension piggybacked on a HACK message.

37. The computer program of claim 33, wherein the bearer context message includes information to express at least one of: QoS requirements of at least one ongoing application of the MN, a unique identification of the MN that is recognizable by the cellular network, parameters that facilitate point-to-point protocol state creation in the cellular network, and parameters that enable packet filters to be established in the cellular network.

38. A computer program for controlling operation of a network node of a cellular network, the computer program being responsive to receipt of a bearer context message from a Mobile Node (MN) currently wirelessly connected to a Wireless Local Area Network (WLAN) to initiate establishment of a cellular network access bearer for the MN, the bearer context message including information for establishing at least one access bearer in the cellular network for an ongoing packet data session of the MN.

39. A computer program as in claim 38, where the cellular network node comprises a Packet Data Support Node (PDSN).

40. A computer program as in claim 39, where said cellular network comprises a cdma2000 cellular network.

41. A computer program as in claim 38, where said cellular network node responds to receipt of said bearer context message by sending a router advertisement message to said MN, the router advertisement message comprising a mobile node-foreign agent challenge extension message.