[go: up one dir, main page]

WO2014035851A2 - Provisioning of a service provider network interface - Google Patents

Provisioning of a service provider network interface Download PDF

Info

Publication number
WO2014035851A2
WO2014035851A2 PCT/US2013/056555 US2013056555W WO2014035851A2 WO 2014035851 A2 WO2014035851 A2 WO 2014035851A2 US 2013056555 W US2013056555 W US 2013056555W WO 2014035851 A2 WO2014035851 A2 WO 2014035851A2
Authority
WO
WIPO (PCT)
Prior art keywords
interface
network
service provider
provider network
provisioning
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/US2013/056555
Other languages
French (fr)
Other versions
WO2014035851A3 (en
Inventor
Carl W. Werner
Ajay Sahai
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Rambus Inc
Original Assignee
Rambus Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Rambus Inc filed Critical Rambus Inc
Publication of WO2014035851A2 publication Critical patent/WO2014035851A2/en
Publication of WO2014035851A3 publication Critical patent/WO2014035851A3/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0806Configuration setting for initial configuration or provisioning, e.g. plug-and-play
    • H04L41/0809Plug-and-play configuration

Definitions

  • the disclosure generally relates to provisioning network interfaces for service provider networks, and more particularly to systems and methods for provisioning first service provider network interface via a second network interface or executable program.
  • cellular data devices must be purchased preconfigured to operate over preselected owned networks; or in some cases the devices will be provisioned by the operators or their agents by the programming of an "identity module” (e.g.: SIM, UIM, RUIM, MEID, EIN, smartcard, etc.) in the device.
  • an identity module e.g.: SIM, UIM, RUIM, MEID, EIN, smartcard, etc.
  • cellular data devices can be provisioned at point-of-sale by an authorized agent who accesses a service provider's billing system to provision the cellular data device and associate the device with particular services.
  • the cellular service and device can alternately be provisioned by a retail agent or Data as a Service (DAAS) provider, such as amazon.com.
  • DAAS Data as a Service
  • cellular devices must be provisioned by the service provider or their agent.
  • provisioning may require that a physical device, such as a CDMA phone from Sprint or Verizon, be present and attached to a programmer.
  • a user identity module such as a Subscriber Identity Module (SIM) may be programmed by the service provider or agent for the specific provider network and inserted into the device.
  • SIM Subscriber Identity Module
  • Figure 1 illustrates a mobile device connecting to a provider network and local network in accordance with certain embodiments of the invention.
  • Figure 2 illustrates a mobile device connecting to a provider network and local network in accordance with certain embodiments of the invention.
  • Figure 3 illustrates a device with multiple network interfaces in accordance with certain embodiments of the invention.
  • Figure 4 illustrates a device with multiple network interfaces in accordance with certain embodiments of the invention.
  • Figure 5 illustrates a wireless access point in accordance with certain embodiments of the invention.
  • a subscription based private network interface may be provisioned and/or configured through a second communication connection connected to a second network.
  • a subscription based private network interface may be provisioned and/or configured through a second communication connection connected to a second network.
  • a method for provisioning a communications interface in a device comprising: establishing a connection to a network service provider via a first interface; sending a request to the network service provider to provision a second interface to connect to a service provider network; receiving authorization via the first interface from the network services provider to provision the second interface to connect to the service provider network; and subsequent to said receipt of authorization, provisioning the second interface to connect to the service provider network.
  • the first interface may use a billing relationship
  • the second interface (cellular) may be added to that relationship.
  • Provisioning the second interface may comprise: establishing or modifying at least one of an identity, subscription, and billing relationship with the network service provider.
  • Provisioning the second interface may comprise: configuring at least one of a physical layer parameter, a baseband processor parameter, and a user identity module to permit the second interface to connect to the service provider network.
  • the physical layer parameter may comprise at least one of an RF frequency parameter and a channel parameter.
  • Provisioning may comprise modifying a secure element to permit connection to the service provider network.
  • the secure element may comprise a user identity module which may comprise a SIM.
  • the first interface may comprise a selected one of a wireless local area network interface, an Ethernet connection, or a USB connection.
  • the second interface may comprise a cellular network interface.
  • a device comprising: a first interface; a second interface; a control layer for providing access to the second interface via the first interface so as to provision the second interface to communicate with a service provider network.
  • the second interface may be configured to be provisioned for one of a plurality of service provider networks.
  • the second interface may be configured to be provisioned for a second service provider network after being provisioned for a first service provider network.
  • the first interface may comprise a selected one of a wireless local area network interface, an Ethernet connection, and a USB connection.
  • the second interface may comprise a cellular network interface.
  • the second interface may be configured to be provisioned by configuring at least one of a physical layer parameter, a baseband processor, and a user identity module to permit the second interface to connect to the service provider network.
  • the physical layer parameter may comprise at least one of an RF frequency parameter and a channel parameter.
  • the control layer may be configured to permit a network service provider to access the second interface via the first interface.
  • the second interface may comprise a secure element that must be configured in order for the second interface to connect to the service provider network.
  • the secure element may comprise a user identity module.
  • a device is disclosed with multiple communications interfaces where a subscription based private network interface (e.g., 3GPP) may be provisioned and/or configured through a second communication port (e.g., WLAN, USB) connected to a second network when user connects the device to a network through the second interface.
  • a subscription based private network interface e.g., 3GPP
  • a second communication port e.g., WLAN, USB
  • Machine-to-machine (M2M) communications and Device as a Service (DAAS) business models both increasingly rely on private networks to carry traffic.
  • Machine -to-machine models include building control, security, industrial control and services that happen without user interaction.
  • DAAS includes devices such where merchandise or content is paid but the price of network access and data traffic is implicit in the cost of the transaction.
  • the choice of network interface may be driven not by a consumer's network choice but by the device provider or availability of a network. This choice may vary by geography or other factors secondary to the device operation, and may not be known until the device is put into service.
  • a user may move from a region where a first service provider network has excellent reception and coverage to a region where the first service provider has inferior coverage compared to a second service provider network.
  • the user may want to continue to use a device that was previously provisioned for the first service provider network.
  • the user thus may desire to reprovision the device for the second service provider network.
  • a user may purchase a used car comprising a device provisioned for a first service provider network and may desire to reprovision that device for a second service provider network.
  • Reasons to reprovision a device may include without limitation superior coverage or reception, a better price, or to add a device to a preexisting or new multi-device plan on the second service provider network.
  • Cellular chipsets have reached a very high level of integration including RF transceiver functions, baseband signal processing, application processors, and bridge functions for managing multiple secondary interfaces (USB, GMII, IIC, WLAN etc.).
  • RF transceiver functions including RF transceiver functions, baseband signal processing, application processors, and bridge functions for managing multiple secondary interfaces (USB, GMII, IIC, WLAN etc.).
  • Present levels of integration and software defined radio support having a RF front-end and transceiver combination that support multiple service operators and access networks. Consumer devices that require connectivity may be assembled and sold with minimal knowledge of the networks on which they will be deployed.
  • the foregoing developments have the potential to simplify manufacturer supply chain and retail distribution of connected devices to consumers, avoiding the current need for maintaining separate inventories of the same device, each preconfigured for a different provider network.
  • a device with multiple communications interfaces where a subscription based private network interface may include without limitation an interface compliant with 3GPP, GPRS, 1XRTT, EVDO, LTE, Wi-Max, ALTE, HSPA, HSPA+, WCDMA Wireless - Wi-Fi (also including TV white spaces and other unregulated bands), a wireless network interface operating in any of 2.4, 3.6, 5, 60 Ghz bands), may be provisioned and/or configured through a second communication port (e.g. WLAN, LAN, USB) connected to a second network when the user connects the device to a network through the second interface.
  • the terminal may establish a connection to a server in the provider network through the second communication port on the terminal.
  • the server may communicate through the second communication port to configure at least a circuit or parameter in the private network interface. At least one of an RF circuit, a baseband circuit, or an identity module may be configured through the second communication port or interface. In certain embodiments, an RF circuit or a baseband circuit or an identity module may be configured through the second communication port or interface. In certain embodiments, an RF circuit or a baseband circuit and an identity module may be configured through the second communication port or interface.
  • the second communication port or interface may comprise a WLAN, Ethernet or other connection known to those of ordinary skill in the art for connecting to a second host which connects to the server on the service provider network.
  • the provisioning process may write or program a secure element required by the service provider network.
  • the secure element may comprise a user identity module, which can comprise hardware or software and may be removable from the user device or attached to the user device.
  • the user interface module may comprise a SIM, UIM, RUIM, MEID, EIN, smartcard or other form of user identity module known to those of ordinary skill in the art.
  • the user may initiate the process through a GUI or a setup executable.
  • the device may connect securely through a public network, which may include without limitation the Internet, to an agent of the private network, which may include without limitation a carrier network.
  • the private network agent can access parameters and configuration data on the private network interface by communicating through the public network. Once the private network connection is provisioned, the device may be connected to the private network directly, or through roaming arrangements, or through offloaded connections via public networks.
  • a terminal device with multiple interfaces may be delivered to a subscriber or user with at least one unprovisioned interface.
  • a terminal device 100 may comprise an Application/UI Layer 110 and a control layer 120. The control layer may be located above the MAC layer or near the physical layer.
  • the terminal device 100 may include a user interface module 130.
  • the terminal device 100 may include a configuration module 140.
  • the terminal device 100 may include a first interface 145, which may comprise a first MAC address 150 and a first physical address 160.
  • the terminal device 100 may include a second interface 165, which may comprise a second MAC address 170 and a second physical address 180.
  • the control layer 120 may provide access to second interface 165 via first interface 145 so as to provision second interface 165 to communicate with a service provider network.
  • Second interface 165 may be configured to be provisioned for one of a plurality of service provider networks.
  • second interface 165 may be configured to be provisioned for a second service provider network after being provisioned for a first service provider network.
  • UI layer 110 may initiate a communication session 155 with a network service provider via first interface 145.
  • the first network interface may comprise a selected one of a wireless local area network interface, an Ethernet connection, or a USB connection.
  • the service provider may message to control layer 120 to query and gain access to second interface 165.
  • a user may authorize the provisioning of second interface 165 by establishing an identity, subscription or billing relationship with the service provider or by reusing a preexisting identity, subscription or billing relationship with the service provider.
  • the second interface may comprise a cellular network interface, a satellite network interface or another service provider network interface known to those of ordinary skill in the art.
  • the cellular network interface may comprise a 3GPP interface.
  • the service provider may access the device through first interface 145 to provision second interface 165.
  • Provisioning may include configuring of RF parameters, a baseband processor or user identity module 130 associated with terminal device 100.
  • Provisioning may comprise configuring a physical layer parameter, wherein the physical layer parameter may comprise at least one of an RF frequency parameter and a channel parameter.
  • Provisioning may comprise modifying a secure element to permit connection to the service provider network.
  • the secure element may comprise a user identity module which may comprise a SIM, UIM, RUIM, MEID, EIN, smartcard or other form of user identity module known to those of ordinary skill in the art.
  • Connection messages may be passed through first interface 145 to second interface 165 to establish trust and verification for the service provider.
  • Connection messages may be passed through first interface 145 to user interface 130 to establish trust and verification for the service provider. Trust may be established via the device or via the user. Once trust and verification is established, the foregoing initial setup connection using first interface 145 may be torn down. Once provisioned, applications may use second interface 165 to connect 175 to a service provider network.
  • the terminal device or user equipment (UE) 100 may use provisioned interface 165 to connect to a service provider network.
  • UE 100 may use first interface 145 to connect to a second network, which may not be connected to the service provider network.
  • the first interface 165 may be used to connect to a local area network via a Wi-Fi connection, an Ethernet connection, or other network connection known to those of ordinary skill in the art.
  • UE 210 may utilize first interface 145 to connect to WLAN AP 350.
  • first interface 145 and second interface 165 provide considerable flexibility to connect UE 100 to the provider network and the local network.
  • first interface 145 can be used to connect to a service provider network.
  • second interface 165 can be used to connect to the service provider network.
  • first interface 145 may be used to connect to a local area network.
  • Each connection can be created by obtaining an IP address from the respective network.
  • Control layer 120 may be configured to create and manage multiple network connections for a single UE 100.
  • control layer 120 may be configured to permit UE 100 to connect to a cellular provider network using a cellular network interface and a local network interface.
  • control layer 120 may be configured to permit UE 100 to establish a first connection to a cellular provider network using a cellular network interface, second connection to the cellular provider network using a local network interface and a third connection to a local area network using a second network interface, which may comprises without limitation a wireless interface, an Ethernet interface, or other network interface known to those of ordinary skill in the art.
  • the control layer 120 may be configured to maintain two or more of the first connection, the second connection and the third connection simultaneously.
  • Each of the first, the second and the third connections may be created by obtaining an IP address from the target network for the connection.
  • either the first interface 145 or the second interface may be used to obtain an IP address from the service provider network to enable UE 100 to access Operator IP Services 330 associated with the service provider network.
  • the first interface 145 may be used to obtain a first IP address from the service provider network and a second IP address from the local area network to enable the UE 100 to access Operator IP Services 330 associated with the service provider network and Local IP Services 370 via first interface 145.
  • the first interface 145 may be used to obtain a first IP address from the local area network and second interface 165 may be used to obtain a second IP address from the service provider network.
  • control layer 120 may be used to maintain multiple connections by enabling a single UE 100 to simultaneously have multiple IP addresses associated with multiple networks or multiple connections to the same network via multiple network interfaces.
  • the control layer 120 may be configured to establish a first connection to a cellular provider network and a second connection to a wireless local area network, whereby the device is simultaneously connected to the cellular provider network and the wireless local area network.
  • the first and second connections may be established via a wireless network interface.
  • the first and second connections may be established via a cellular network interface.
  • the first connection may be established via a cellular network interface and the second connection may be established via a wireless network interface.
  • the local area network may be accessed via the cellular provider network.
  • the cellular provider network may be accessed via the wireless network interface.
  • at least one networked device connected to the wireless local area network may be accessed via the cellular network interface.
  • a terminal device may be delivered to a subscriber or user with at least one unprovisioned interface 165.
  • a terminal device 200 may comprise an Application/UI Layer 110 and a control layer 120.
  • the terminal device 200 may include a user interface module 130.
  • the terminal device 100 may include a configuration module 140.
  • the terminal device 100 may include an unprovisioned interface 165, which may comprise a first MAC address 170 and a first physical address 180.
  • the unprovisioned interface 165 may comprise a cellular network interface, a satellite network interface or another service provider network interface known to those of ordinary skill in the art.
  • the cellular network interface may comprise a 3GPP network interface.
  • the control layer 120 may provide access to interface 165 via an executable program so as to provision interface 165 to communicate with a service provider network.
  • Interface 165 may be configured to be provisioned for one of a plurality of service provider networks.
  • interface 165 may be configured to be provisioned for a second service provider network after being provisioned for a first service provider network.
  • UI layer 110 may initiate a communication session with an executable program, which may reside in storage 210.
  • Storage 210 may comprise internal storage or external storage. Storage 210 may be directly attached to terminal device 100 or attached through a network.
  • the executable program may message to control layer 120 to query and gain access to interface 165.
  • a user may authorize the provisioning of first interface 145 by providing identity, subscription or billing information associated with the service provider.
  • the executable program may then provision interface 165.
  • Provisioning may include provisioning of RF parameters, a baseband processor or user identity module 130 associated with terminal device 200. Provisioning may comprise configuring a physical layer parameter, wherein the physical layer parameter may comprise at least one of an RF frequency parameter and a channel parameter.
  • Provisioning may comprise modifying a secure element to permit connection to the service provider network.
  • the secure element may comprise a user identity module which may comprise a SIM, UIM, RUIM, MEID, EIN, smartcard or other form of user identity module known to those of ordinary skill in the art.
  • Connection messages may be passed by the executable program to interface 165 to establish trust and verification for the service provider. Connection messages may be passed through first interface 145 to user interface 130 to establish trust and verification for the service provider. Trust may be established via the device or via the user. Once provisioned, applications may use interface 165 to connect to a service provider network.
  • Provisioning may be initiated by user action through a software interface, an executable instruction stored on the terminal, or an executable instruction stored on a media or storage device coupled to the device.
  • a home network appliance e.g. home router with Wi-Fi access point
  • local IP resources e.g. printers, displays, storage
  • a local services gateway running as a software or firmware module in the home network appliance maintains a tunnel to a 3 GPP service provider gateway (S-GW). This local gateway obtains an address from the service gateway.
  • S-GW 3 GPP service provider gateway
  • a UE using the WLAN AP may access services either in the local network or the operator's network.
  • the WLAN AP also may allow the UE to access local services from the operator network.
  • Certain embodiments have the further benefit of exposing fewer exceptions to a security policy. Certain embodiments alleviate the need for multiple UEs to expose multiple ports through the home LAN and for the local resources to require their own ports making them vulnerable. In certain embodiments, a local service gateway will expose only itself through the home LAN, and handle traffic to multiple UEs using this access.
  • a local network may comprise a local services gateway.
  • the local services gateway may be disposed in a WLAN access point and may expose mobile capable devices to services in the local network while the mobile devices are using non-cellular or cellular access networks.
  • the local service gateway may maintain a tunnel from and/or to a cellular gateway.
  • a UE may access local network services while connected to any of a home mobile network, a visited mobile network, and a second LAN.
  • Certain embodiments provide local IP access service (LIPA) by turning an untrusted access point into a trusted device on a cellular provider network.
  • the access point may be established as a trusted Home Node B (HNB) or Home (e) Node B (HeNB) device on the provider network to permit access to services in the local network by UEs connected to the cellular provider network.
  • the local Packet Gateway/Gateway GPRS Support Node may obtain an IP address from a local DHCP server and maintain a tunnel with the cellular provider network Serving Gateway/Serving GPRS Support Node (S-GW/SGSN) to enable access to local services on the local area network by devices connected to the cellular provider network.
  • the local P- GW/GGSN may obtain an IP address from the local DHCP server to provide local access to authenticated terminals using non-cellular protocols.
  • authenticated devices may connect to local services via a Wi-Fi connection.
  • a UE 310 may be able to access Operator IP Services 330, the Internet 380, and Local IP Services 370.
  • the UE 310 may connect to Operator IP Services 330 and the Internet 380 via (e) Node B (eNB) 315, Serving Gateway (S- GW) 320, and Packet Gateway (P-GW) 325, which may reside in a service provider network.
  • eNB Node B
  • S- GW Serving Gateway
  • P-GW Packet Gateway
  • UE 310 may alternately or additionally connect to Local IP Services 370 via eNB 315, S-GW 320, WLAN AP 350 and L-P-GW 360.
  • the WLAN AP 350 may comprise Local Packet Gateway (L-P-GW) 360.
  • the WLAN AP 350 may also comprise DHCP 355.
  • L-P-GW 360 may be separate from but coupled to WLAN AP 350.
  • the local packet gateway 360 may create a connection to S-GW 320 which may be located in the operator gateway to permit UE 310 to connect to Local IP Services 370 from the provider network.
  • Local IP Services 370 may include one or more local network devices comprising one or more of a printer, a network attached storage device, a laptop computer, a desktop computer, a mobile device, an audio speaker, a media player, a television, and a security camera.
  • L-P-GW 360 may act as a portal into the entire private network including Local IP Services 370, thus avoiding the necessity for a client on each local network device.
  • L-P-GW 360 may act as a portal into the entire private network including Local IP Services 370, thus avoiding the necessity for a client on each local network device.
  • One of ordinary skill in the art will recognize that the type of connectivity between store and operator backend systems including ultimately a billing system is not limited to the configuration shown in Figure 3 and that a variety of configurations, including without limitation connection via the Internet with or without use of a Virtual Private Network (VPN), without departing from the scope of the present invention.
  • VPN Virtual Private Network
  • UE 310 may connect to Wireless Access Point 350.
  • the UE 310 may gain access to Local IP Services 370 via Wireless Access Point 350 and L-P-GW 360.
  • Wireless Access Point 350 may also or alternately connect to the provider network via S-GW 320.
  • a SaMOG capable access point as identified in 3GPP TR 23.852 connects to the packet core. Connection to the packet core may be via a connection between access point 350 in the local network to S-GW 320 in the provider network. Once access point 350 is connected to S-GW 320, the connection can be used to permit a UE 310 to access Operator IP Services 330, the Internet 380, and Local IP Services 370 through a connection between the UE 310 and access point 350 without the need for a direct connection between the UE 310 and the operator network. Such an access point 350 may also provide connectivity to the Internet. In certain embodiments a UE that can connect to both networks simultaneously (without a VPN client) may be used.
  • a UE enables simultaneous access by - the addition of a control layer within the UE that coordinates communication between the 3 GPP radio interface and WLAN interface on a 3GPP UE enables the authorization of trusted communication between the UE and the 3 GPP service gateway over the WLAN interface.
  • the control layer may exist above the MAC layer or it may exist near the physical layer.
  • the WLAN interface can establish connection to the 3 GPP S-GW or P-GW and establish connection to operator services or the internet.
  • the layer which controls the WLAN interface from the 3 GPP interface is important in that the 3GPP can establish trust with the UE and authorize the UE to connect to the service provider's network over the LAN using any security means required.
  • This mechanism would allow for authentication to (1) both an operator hotspot and access to the service gateway or (2) access to the service gateway through an established Wi-Fi connection such as the subscriber's home AP. If the WLAN interface supports multiple SSID connections, or if the UE has multiple WLAN interfaces, this invention allows a UE using the WLAN to access services local network over the second interface. The UE would be able to, for example, access a local printer or display, while connected to an operator service.
  • the 3 GPP network could control the use or access of that port to apps or services, for example permission only to print to a local printer, from an operator provided service.
  • WLAN AP 350 may comprise a SIDE A 510, a SIDE B 520 and service layer 530.
  • SIDE A 510 may comprise certain in home interfaces.
  • SIDE A may comprise a physical layer, a MAC Layer, and IP layer and a service layer.
  • the SIDE A physical layer may include without limitation an Ethernet interface or an 802.11 wireless interface, with corresponding MAC addresses in the MAC Layer for SIDE A 510, and corresponding IP addresses in the SIDE A 510 IP Layer.
  • the Service Layer 530 for SIDE A 510 may comprise without limitation Routing, DHCP, (No firewall), DNS server (or proxy).
  • SIDE B 520 may comprise certain broadband interfaces.
  • SIDE B may comprise a physical layer, a MAC Layer, and IP layer and a service layer.
  • the SIDE B physical layer may include without limitation one or more of a DSL interface, a Cable interface, a Fiber interface, or Wireless Broadband interface, with corresponding MAC addresses in the MAC Layer for SIDE B 520, and corresponding IP addresses in the SIDE B 520 IP Layer.
  • the Service Layer 530 for SIDE B 520 may comprise without limitation, a security firewall , NAT service, routing service, DHCP client, DNS client, and Management service
  • the WLAN AP 350 may comprise in between sides A and B, one or more of a Physical layer, which may be shared with Side A, a MAC layer, an EAP supplicant layer, an IP/IPSec Layer, a GTP tunnel, and an AAA layer.
  • the EAP Supplicant layer may talk to AAA 345, which may then talk to the provider network to authorize the WLAN AP 350 over the SIM.
  • the GTP tunnel may be used to VPN into the service provider core via IP/IPSec layer and via Side B.
  • the AAA layer may include an externally forwarding entity which may takes data from the 802.11 layer and forward it externally to Side B, thereby becoming an APN destination.
  • the AAA layer includes an internally forwarding entity to forward data to side A, a management layer, and a DHCP client.
  • the DHCP client may talk to side A, e.g., to a printer on side A.
  • the WLAN AP 350 may comprise a wireless network interface, a local services gateway for controlling connections using the wireless network interface to a remote network and a local network.
  • the wireless network interface may comprise Wi-Fi 33,
  • the remote network may comprise, without limitation, any of the service provider networks described above.
  • the local network may include any of the local area networks described above.
  • a downlink channel may be used for accessing a service on the local network, for example, by accessing the external service directly by connecting over the remote network.
  • an uplink channel may be used for accessing a service offered by the remote network.
  • the local network may be network address translated with an address assigned by DHCP authority within WLAN AP 350, thus providing a locally addressable address to UE 100 for accessing the local network.
  • the address to a gateway in the remote network may be assigned by the remote network's DHCP authority or equivalent.
  • WLAN AP 350 may be configured for connecting to a service provider network and a local area network simultaneously.
  • WLAN AP 350 may comprise a first cellular network interface for connecting to a second cellular network interface in a mobile device.
  • the first and second cellular network interfaces may comprise, without limitation, a core (including EPC, HSPA packet core, etc.), a 3gpp2 core, or a Wi-Max network interface.
  • the WLAN AP 350 may comprise a local services gateway for connecting WLAN AP 350 to a cellular provider network and a local area network simultaneously.
  • the local services gateway may be configured for obtaining a cellular network address from a services gateway in the cellular provider network.
  • the local services gateway may be configured to provide access to one or more local network devices from the cellular provider network.
  • the one or more local network devices may comprise at least one of a printer, a network attached storage device, a laptop computer, a desktop computer, a mobile device and a security camera, a tablet, TV, game console or any media player, home security system, home gateway appliance (e.g., a connected refrigerator, oven, etc.).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Description

PROVISIONING OF A SERVICE PROVIDER NETWORK INTERFACE
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application claims priority of United States Patent Application Number 61/693,450, entitled "Provisioning of a Service Provider Network Interface," and filed August 27, 2012. The entirety of the foregoing patent application is incorporated by reference herein.
BACKGROUND OF THE DISCLOSURE
1. Field of the Disclosure
[0002] The disclosure generally relates to provisioning network interfaces for service provider networks, and more particularly to systems and methods for provisioning first service provider network interface via a second network interface or executable program.
2. General Background
[0003] Presently, cellular data devices must be purchased preconfigured to operate over preselected owned networks; or in some cases the devices will be provisioned by the operators or their agents by the programming of an "identity module" (e.g.: SIM, UIM, RUIM, MEID, EIN, smartcard, etc.) in the device.
[0004] Alternately, cellular data devices can be provisioned at point-of-sale by an authorized agent who accesses a service provider's billing system to provision the cellular data device and associate the device with particular services. The cellular service and device can alternately be provisioned by a retail agent or Data as a Service (DAAS) provider, such as amazon.com. In the foregoing use cases, cellular devices must be provisioned by the service provider or their agent. For example, provisioning may require that a physical device, such as a CDMA phone from Sprint or Verizon, be present and attached to a programmer. Alternately a user identity module, such as a Subscriber Identity Module (SIM) may be programmed by the service provider or agent for the specific provider network and inserted into the device.
[0005] It is desirable to be able to provision and re-provision a subscription based private network interface through a second communication port or interface connected to a second network without requiring a priori selection of provider network or physical presence of the device at a retail location or connection to the provider network.
BRIEF DESCRIPTION OF THE DRAWINGS
[0006] By way of example, reference will now be made to the accompanying drawings.
[0007] Figure 1 illustrates a mobile device connecting to a provider network and local network in accordance with certain embodiments of the invention.
[0008] Figure 2 illustrates a mobile device connecting to a provider network and local network in accordance with certain embodiments of the invention.
[0009] Figure 3 illustrates a device with multiple network interfaces in accordance with certain embodiments of the invention.
[0010] Figure 4 illustrates a device with multiple network interfaces in accordance with certain embodiments of the invention.
[0011] Figure 5 illustrates a wireless access point in accordance with certain embodiments of the invention.
DETAILED DESCRIPTION
[0012] Certain embodiments of methods and systems are disclosed for simultaneously connecting to two or more networks.
[0013] Certain embodiments of methods and systems are disclosed for provisioning a device with multiple communications interfaces. In certain embodiments, a subscription based private network interface may be provisioned and/or configured through a second communication connection connected to a second network.
[0014] Certain embodiments of methods and systems are disclosed for provisioning a device with multiple communications interfaces. In certain embodiments, a subscription based private network interface may be provisioned and/or configured through a second communication connection connected to a second network.
[0015] A method for provisioning a communications interface in a device is disclosed comprising: establishing a connection to a network service provider via a first interface; sending a request to the network service provider to provision a second interface to connect to a service provider network; receiving authorization via the first interface from the network services provider to provision the second interface to connect to the service provider network; and subsequent to said receipt of authorization, provisioning the second interface to connect to the service provider network. In certain embodiments, the first interface may use a billing relationship, and the second interface (cellular) may be added to that relationship. Provisioning the second interface may comprise: establishing or modifying at least one of an identity, subscription, and billing relationship with the network service provider. Provisioning the second interface may comprise: configuring at least one of a physical layer parameter, a baseband processor parameter, and a user identity module to permit the second interface to connect to the service provider network. The physical layer parameter may comprise at least one of an RF frequency parameter and a channel parameter. Provisioning may comprise modifying a secure element to permit connection to the service provider network. The secure element may comprise a user identity module which may comprise a SIM. The first interface may comprise a selected one of a wireless local area network interface, an Ethernet connection, or a USB connection. The second interface may comprise a cellular network interface.
[0016] A device is disclosed comprising: a first interface; a second interface; a control layer for providing access to the second interface via the first interface so as to provision the second interface to communicate with a service provider network. The second interface may be configured to be provisioned for one of a plurality of service provider networks. The second interface may be configured to be provisioned for a second service provider network after being provisioned for a first service provider network. The first interface may comprise a selected one of a wireless local area network interface, an Ethernet connection, and a USB connection. The second interface may comprise a cellular network interface. The second interface may be configured to be provisioned by configuring at least one of a physical layer parameter, a baseband processor, and a user identity module to permit the second interface to connect to the service provider network. The physical layer parameter may comprise at least one of an RF frequency parameter and a channel parameter. The control layer may be configured to permit a network service provider to access the second interface via the first interface. The second interface may comprise a secure element that must be configured in order for the second interface to connect to the service provider network. The secure element may comprise a user identity module.
[0017] A device is disclosed with multiple communications interfaces where a subscription based private network interface (e.g., 3GPP) may be provisioned and/or configured through a second communication port (e.g., WLAN, USB) connected to a second network when user connects the device to a network through the second interface.
[0018] Machine-to-machine (M2M) communications and Device as a Service (DAAS) business models both increasingly rely on private networks to carry traffic. Machine -to-machine models include building control, security, industrial control and services that happen without user interaction. DAAS includes devices such where merchandise or content is paid but the price of network access and data traffic is implicit in the cost of the transaction. In these scenarios, the choice of network interface may be driven not by a consumer's network choice but by the device provider or availability of a network. This choice may vary by geography or other factors secondary to the device operation, and may not be known until the device is put into service. For example, a user may move from a region where a first service provider network has excellent reception and coverage to a region where the first service provider has inferior coverage compared to a second service provider network. In such circumstances, the user may want to continue to use a device that was previously provisioned for the first service provider network. The user thus may desire to reprovision the device for the second service provider network. In another embodiment, a user may purchase a used car comprising a device provisioned for a first service provider network and may desire to reprovision that device for a second service provider network. Reasons to reprovision a device may include without limitation superior coverage or reception, a better price, or to add a device to a preexisting or new multi-device plan on the second service provider network.
[0019] It is desirable to provide a device that can be provisioned for one of a plurality of service provider networks without preconfiguring a service provider network interface in the device to connect with the service provider network.
[0020] Cellular chipsets have reached a very high level of integration including RF transceiver functions, baseband signal processing, application processors, and bridge functions for managing multiple secondary interfaces (USB, GMII, IIC, WLAN etc.). Present levels of integration and software defined radio support having a RF front-end and transceiver combination that support multiple service operators and access networks. Consumer devices that require connectivity may be assembled and sold with minimal knowledge of the networks on which they will be deployed. The foregoing developments have the potential to simplify manufacturer supply chain and retail distribution of connected devices to consumers, avoiding the current need for maintaining separate inventories of the same device, each preconfigured for a different provider network.
[0021] A device with multiple communications interfaces where a subscription based private network interface, which may include without limitation an interface compliant with 3GPP, GPRS, 1XRTT, EVDO, LTE, Wi-Max, ALTE, HSPA, HSPA+, WCDMA Wireless - Wi-Fi (also including TV white spaces and other unregulated bands), a wireless network interface operating in any of 2.4, 3.6, 5, 60 Ghz bands), may be provisioned and/or configured through a second communication port (e.g. WLAN, LAN, USB) connected to a second network when the user connects the device to a network through the second interface. The terminal may establish a connection to a server in the provider network through the second communication port on the terminal. The server may communicate through the second communication port to configure at least a circuit or parameter in the private network interface. At least one of an RF circuit, a baseband circuit, or an identity module may be configured through the second communication port or interface. In certain embodiments, an RF circuit or a baseband circuit or an identity module may be configured through the second communication port or interface. In certain embodiments, an RF circuit or a baseband circuit and an identity module may be configured through the second communication port or interface. The second communication port or interface may comprise a WLAN, Ethernet or other connection known to those of ordinary skill in the art for connecting to a second host which connects to the server on the service provider network. The provisioning process may write or program a secure element required by the service provider network. The secure element may comprise a user identity module, which can comprise hardware or software and may be removable from the user device or attached to the user device. The user interface module may comprise a SIM, UIM, RUIM, MEID, EIN, smartcard or other form of user identity module known to those of ordinary skill in the art. [0022] The user may initiate the process through a GUI or a setup executable. The device may connect securely through a public network, which may include without limitation the Internet, to an agent of the private network, which may include without limitation a carrier network. The private network agent can access parameters and configuration data on the private network interface by communicating through the public network. Once the private network connection is provisioned, the device may be connected to the private network directly, or through roaming arrangements, or through offloaded connections via public networks.
[0023] In certain embodiments as shown in Figure 1, a terminal device with multiple interfaces may be delivered to a subscriber or user with at least one unprovisioned interface. In certain embodiments, a terminal device 100 may comprise an Application/UI Layer 110 and a control layer 120. The control layer may be located above the MAC layer or near the physical layer. The terminal device 100 may include a user interface module 130. The terminal device 100 may include a configuration module 140. The terminal device 100 may include a first interface 145, which may comprise a first MAC address 150 and a first physical address 160. The terminal device 100 may include a second interface 165, which may comprise a second MAC address 170 and a second physical address 180.
[0024] The control layer 120 may provide access to second interface 165 via first interface 145 so as to provision second interface 165 to communicate with a service provider network. Second interface 165 may be configured to be provisioned for one of a plurality of service provider networks. In certain embodiments, second interface 165 may be configured to be provisioned for a second service provider network after being provisioned for a first service provider network.
[0025] In certain embodiments, UI layer 110 may initiate a communication session 155 with a network service provider via first interface 145. The first network interface may comprise a selected one of a wireless local area network interface, an Ethernet connection, or a USB connection. The service provider may message to control layer 120 to query and gain access to second interface 165. A user may authorize the provisioning of second interface 165 by establishing an identity, subscription or billing relationship with the service provider or by reusing a preexisting identity, subscription or billing relationship with the service provider. The second interface may comprise a cellular network interface, a satellite network interface or another service provider network interface known to those of ordinary skill in the art. The cellular network interface may comprise a 3GPP interface. The service provider may access the device through first interface 145 to provision second interface 165. Provisioning may include configuring of RF parameters, a baseband processor or user identity module 130 associated with terminal device 100. Provisioning may comprise configuring a physical layer parameter, wherein the physical layer parameter may comprise at least one of an RF frequency parameter and a channel parameter. Provisioning may comprise modifying a secure element to permit connection to the service provider network. The secure element may comprise a user identity module which may comprise a SIM, UIM, RUIM, MEID, EIN, smartcard or other form of user identity module known to those of ordinary skill in the art. Connection messages may be passed through first interface 145 to second interface 165 to establish trust and verification for the service provider. Connection messages may be passed through first interface 145 to user interface 130 to establish trust and verification for the service provider. Trust may be established via the device or via the user. Once trust and verification is established, the foregoing initial setup connection using first interface 145 may be torn down. Once provisioned, applications may use second interface 165 to connect 175 to a service provider network.
[0026] Once provisioning, either by the methods of certain embodiments of the present invention or by other methods known to those of ordinary skill in the art, is complete, the terminal device or user equipment (UE) 100 may use provisioned interface 165 to connect to a service provider network. UE 100 may use first interface 145 to connect to a second network, which may not be connected to the service provider network. The first interface 165 may be used to connect to a local area network via a Wi-Fi connection, an Ethernet connection, or other network connection known to those of ordinary skill in the art. As shown in Figure 4 and described in detail below, UE 210 may utilize first interface 145 to connect to WLAN AP 350.
[0027] In certain embodiments, the presence of first interface 145 and second interface 165 provide considerable flexibility to connect UE 100 to the provider network and the local network. For example, first interface 145 can be used to connect to a service provider network. Alternately, second interface 165 can be used to connect to the service provider network. In certain embodiments, first interface 145 may be used to connect to a local area network. Each connection can be created by obtaining an IP address from the respective network. Control layer 120 may be configured to create and manage multiple network connections for a single UE 100. For example, control layer 120 may be configured to permit UE 100 to connect to a cellular provider network using a cellular network interface and a local network interface. In certain embodiments, the control layer 120 may be configured to permit UE 100 to establish a first connection to a cellular provider network using a cellular network interface, second connection to the cellular provider network using a local network interface and a third connection to a local area network using a second network interface, which may comprises without limitation a wireless interface, an Ethernet interface, or other network interface known to those of ordinary skill in the art.
[0028] In certain embodiments, the control layer 120 may be configured to maintain two or more of the first connection, the second connection and the third connection simultaneously. Each of the first, the second and the third connections may be created by obtaining an IP address from the target network for the connection. For example, either the first interface 145 or the second interface may be used to obtain an IP address from the service provider network to enable UE 100 to access Operator IP Services 330 associated with the service provider network. In certain embodiments, the first interface 145 may be used to obtain a first IP address from the service provider network and a second IP address from the local area network to enable the UE 100 to access Operator IP Services 330 associated with the service provider network and Local IP Services 370 via first interface 145. In certain embodiments, the first interface 145 may be used to obtain a first IP address from the local area network and second interface 165 may be used to obtain a second IP address from the service provider network. In certain embodiments, control layer 120 may be used to maintain multiple connections by enabling a single UE 100 to simultaneously have multiple IP addresses associated with multiple networks or multiple connections to the same network via multiple network interfaces. In certain embodiments, the control layer 120 may be configured to establish a first connection to a cellular provider network and a second connection to a wireless local area network, whereby the device is simultaneously connected to the cellular provider network and the wireless local area network. The first and second connections may be established via a wireless network interface. The first and second connections may be established via a cellular network interface. The first connection may be established via a cellular network interface and the second connection may be established via a wireless network interface. [0029] In certain embodiments, the local area network may be accessed via the cellular provider network. In some embodiments, the cellular provider network may be accessed via the wireless network interface. In certain embodiments at least one networked device connected to the wireless local area network may be accessed via the cellular network interface.
[0030] In certain embodiments as shown in Figure 2, a terminal device may be delivered to a subscriber or user with at least one unprovisioned interface 165. In certain embodiments, a terminal device 200 may comprise an Application/UI Layer 110 and a control layer 120. The terminal device 200 may include a user interface module 130. The terminal device 100 may include a configuration module 140. The terminal device 100 may include an unprovisioned interface 165, which may comprise a first MAC address 170 and a first physical address 180. The unprovisioned interface 165 may comprise a cellular network interface, a satellite network interface or another service provider network interface known to those of ordinary skill in the art. The cellular network interface may comprise a 3GPP network interface.
[0031] The control layer 120 may provide access to interface 165 via an executable program so as to provision interface 165 to communicate with a service provider network. Interface 165 may be configured to be provisioned for one of a plurality of service provider networks. In certain embodiments, interface 165 may be configured to be provisioned for a second service provider network after being provisioned for a first service provider network.
[0032] In certain embodiments, UI layer 110 may initiate a communication session with an executable program, which may reside in storage 210. Storage 210 may comprise internal storage or external storage. Storage 210 may be directly attached to terminal device 100 or attached through a network. The executable program may message to control layer 120 to query and gain access to interface 165. A user may authorize the provisioning of first interface 145 by providing identity, subscription or billing information associated with the service provider. The executable program may then provision interface 165. Provisioning may include provisioning of RF parameters, a baseband processor or user identity module 130 associated with terminal device 200. Provisioning may comprise configuring a physical layer parameter, wherein the physical layer parameter may comprise at least one of an RF frequency parameter and a channel parameter. Provisioning may comprise modifying a secure element to permit connection to the service provider network. The secure element may comprise a user identity module which may comprise a SIM, UIM, RUIM, MEID, EIN, smartcard or other form of user identity module known to those of ordinary skill in the art. Connection messages may be passed by the executable program to interface 165 to establish trust and verification for the service provider. Connection messages may be passed through first interface 145 to user interface 130 to establish trust and verification for the service provider. Trust may be established via the device or via the user. Once provisioned, applications may use interface 165 to connect to a service provider network.
[0033] Provisioning may be initiated by user action through a software interface, an executable instruction stored on the terminal, or an executable instruction stored on a media or storage device coupled to the device.
[0034] In certain embodiments, a home network appliance (e.g. home router with Wi-Fi access point) provides access to local IP resources (e.g. printers, displays, storage) and connects these resources to a subscriber's internet gateway. A local services gateway running as a software or firmware module in the home network appliance maintains a tunnel to a 3 GPP service provider gateway (S-GW). This local gateway obtains an address from the service gateway. Once the 3GPP UE is authenticated to the S-GW (over either the 3GPP network, or through the Local gateway), the device can be made known to the local gateway and access the subscriber's home network through either network connection.
[0035] In certain embodiments, a UE using the WLAN AP may access services either in the local network or the operator's network. The WLAN AP also may allow the UE to access local services from the operator network.
[0036] Certain embodiments have the further benefit of exposing fewer exceptions to a security policy. Certain embodiments alleviate the need for multiple UEs to expose multiple ports through the home LAN and for the local resources to require their own ports making them vulnerable. In certain embodiments, a local service gateway will expose only itself through the home LAN, and handle traffic to multiple UEs using this access.
[0037] Certain embodiments enable addressability of these terminals across disparate networks with separate address hosting (Dynamic Host Configuration Protocol (DHCP) or similar) authorities. [0038] In certain embodiments, a local network may comprise a local services gateway. The local services gateway may be disposed in a WLAN access point and may expose mobile capable devices to services in the local network while the mobile devices are using non-cellular or cellular access networks. The local service gateway may maintain a tunnel from and/or to a cellular gateway. In such embodiments, a UE may access local network services while connected to any of a home mobile network, a visited mobile network, and a second LAN.
[0039] Certain embodiments provide local IP access service (LIPA) by turning an untrusted access point into a trusted device on a cellular provider network. For example and without limitation, the access point may be established as a trusted Home Node B (HNB) or Home (e) Node B (HeNB) device on the provider network to permit access to services in the local network by UEs connected to the cellular provider network. In certain embodiments, the local Packet Gateway/Gateway GPRS Support Node (P-GW/GGSN) may obtain an IP address from a local DHCP server and maintain a tunnel with the cellular provider network Serving Gateway/Serving GPRS Support Node (S-GW/SGSN) to enable access to local services on the local area network by devices connected to the cellular provider network. In certain embodiments, the local P- GW/GGSN may obtain an IP address from the local DHCP server to provide local access to authenticated terminals using non-cellular protocols. For example and without limitation, authenticated devices may connect to local services via a Wi-Fi connection.
[0040] As shown in Figure 3, in certain embodiments, a UE 310 may be able to access Operator IP Services 330, the Internet 380, and Local IP Services 370. The UE 310 may connect to Operator IP Services 330 and the Internet 380 via (e) Node B (eNB) 315, Serving Gateway (S- GW) 320, and Packet Gateway (P-GW) 325, which may reside in a service provider network. In certain embodiments, UE 310 may alternately or additionally connect to Local IP Services 370 via eNB 315, S-GW 320, WLAN AP 350 and L-P-GW 360. In certain embodiments, the WLAN AP 350 may comprise Local Packet Gateway (L-P-GW) 360. The WLAN AP 350 may also comprise DHCP 355. In certain embodiments, L-P-GW 360 may be separate from but coupled to WLAN AP 350. The local packet gateway 360 may create a connection to S-GW 320 which may be located in the operator gateway to permit UE 310 to connect to Local IP Services 370 from the provider network. [0041] Local IP Services 370 may include one or more local network devices comprising one or more of a printer, a network attached storage device, a laptop computer, a desktop computer, a mobile device, an audio speaker, a media player, a television, and a security camera.
[0042] In certain embodiments, L-P-GW 360 may act as a portal into the entire private network including Local IP Services 370, thus avoiding the necessity for a client on each local network device. One of ordinary skill in the art will recognize that the type of connectivity between store and operator backend systems including ultimately a billing system is not limited to the configuration shown in Figure 3 and that a variety of configurations, including without limitation connection via the Internet with or without use of a Virtual Private Network (VPN), without departing from the scope of the present invention.
[0043] As shown in Figure 4, UE 310 may connect to Wireless Access Point 350. The UE 310 may gain access to Local IP Services 370 via Wireless Access Point 350 and L-P-GW 360. Wireless Access Point 350 may also or alternately connect to the provider network via S-GW 320.
[0044] In certain embodiments, a SaMOG capable access point as identified in 3GPP TR 23.852 connects to the packet core. Connection to the packet core may be via a connection between access point 350 in the local network to S-GW 320 in the provider network. Once access point 350 is connected to S-GW 320, the connection can be used to permit a UE 310 to access Operator IP Services 330, the Internet 380, and Local IP Services 370 through a connection between the UE 310 and access point 350 without the need for a direct connection between the UE 310 and the operator network. Such an access point 350 may also provide connectivity to the Internet. In certain embodiments a UE that can connect to both networks simultaneously (without a VPN client) may be used. In certain embodiments, a UE enables simultaneous access by - the addition of a control layer within the UE that coordinates communication between the 3 GPP radio interface and WLAN interface on a 3GPP UE enables the authorization of trusted communication between the UE and the 3 GPP service gateway over the WLAN interface. The control layer may exist above the MAC layer or it may exist near the physical layer. Directed by either the user, or the 3 GPP network, the WLAN interface can establish connection to the 3 GPP S-GW or P-GW and establish connection to operator services or the internet. [0045] The layer which controls the WLAN interface from the 3 GPP interface is important in that the 3GPP can establish trust with the UE and authorize the UE to connect to the service provider's network over the LAN using any security means required. This mechanism would allow for authentication to (1) both an operator hotspot and access to the service gateway or (2) access to the service gateway through an established Wi-Fi connection such as the subscriber's home AP. If the WLAN interface supports multiple SSID connections, or if the UE has multiple WLAN interfaces, this invention allows a UE using the WLAN to access services local network over the second interface. The UE would be able to, for example, access a local printer or display, while connected to an operator service.
[0046] Even if the UE only had one WLAN interface, the 3 GPP network could control the use or access of that port to apps or services, for example permission only to print to a local printer, from an operator provided service.
[0047] As shown in Figure 5, in certain embodiments, WLAN AP 350 may comprise a SIDE A 510, a SIDE B 520 and service layer 530. SIDE A 510 may comprise certain in home interfaces. SIDE A may comprise a physical layer, a MAC Layer, and IP layer and a service layer. The SIDE A physical layer may include without limitation an Ethernet interface or an 802.11 wireless interface, with corresponding MAC addresses in the MAC Layer for SIDE A 510, and corresponding IP addresses in the SIDE A 510 IP Layer. The Service Layer 530 for SIDE A 510 may comprise without limitation Routing, DHCP, (No firewall), DNS server (or proxy).
[0048] SIDE B 520 may comprise certain broadband interfaces. SIDE B may comprise a physical layer, a MAC Layer, and IP layer and a service layer. The SIDE B physical layer may include without limitation one or more of a DSL interface, a Cable interface, a Fiber interface, or Wireless Broadband interface, with corresponding MAC addresses in the MAC Layer for SIDE B 520, and corresponding IP addresses in the SIDE B 520 IP Layer. The Service Layer 530 for SIDE B 520 may comprise without limitation, a security firewall , NAT service, routing service, DHCP client, DNS client, and Management service
[0049] In certain embodiments, the WLAN AP 350 may comprise in between sides A and B, one or more of a Physical layer, which may be shared with Side A, a MAC layer, an EAP supplicant layer, an IP/IPSec Layer, a GTP tunnel, and an AAA layer. The EAP Supplicant layer may talk to AAA 345, which may then talk to the provider network to authorize the WLAN AP 350 over the SIM. The GTP tunnel may be used to VPN into the service provider core via IP/IPSec layer and via Side B. in certain embodiments, the AAA layer may include an externally forwarding entity which may takes data from the 802.11 layer and forward it externally to Side B, thereby becoming an APN destination. In certain embodiments, the AAA layer includes an internally forwarding entity to forward data to side A, a management layer, and a DHCP client. In certain embodiments, the DHCP client may talk to side A, e.g., to a printer on side A.
[0050] In certain embodiments, the WLAN AP 350 may comprise a wireless network interface, a local services gateway for controlling connections using the wireless network interface to a remote network and a local network. The wireless network interface may comprise Wi-Fi 33,
Ethernet, cellular, telecom based broadband services such as DSL, broadband services over coax such as DOCSIS. The remote network may comprise, without limitation, any of the service provider networks described above. The local network may include any of the local area networks described above. When WLAN AP 350 is connected to the remote network, a downlink channel may be used for accessing a service on the local network, for example, by accessing the external service directly by connecting over the remote network. When WLAN AP 350 is connected to the local network, an uplink channel may be used for accessing a service offered by the remote network. The local network may be network address translated with an address assigned by DHCP authority within WLAN AP 350, thus providing a locally addressable address to UE 100 for accessing the local network. In certain embodiments, the address to a gateway in the remote network may be assigned by the remote network's DHCP authority or equivalent.
[0051] In certain embodiments, WLAN AP 350 may be configured for connecting to a service provider network and a local area network simultaneously. In certain embodiments, WLAN AP 350 may comprise a first cellular network interface for connecting to a second cellular network interface in a mobile device. The first and second cellular network interfaces may comprise, without limitation, a core (including EPC, HSPA packet core, etc.), a 3gpp2 core, or a Wi-Max network interface. The WLAN AP 350 may comprise a local services gateway for connecting WLAN AP 350 to a cellular provider network and a local area network simultaneously. The local services gateway may be configured for obtaining a cellular network address from a services gateway in the cellular provider network. The local services gateway may be configured to provide access to one or more local network devices from the cellular provider network. The one or more local network devices may comprise at least one of a printer, a network attached storage device, a laptop computer, a desktop computer, a mobile device and a security camera, a tablet, TV, game console or any media player, home security system, home gateway appliance (e.g., a connected refrigerator, oven, etc.).
[0052] While the above description contains many specifics, these should not be construed as limitations on the scope of the invention, but rather as an exemplification of preferred embodiments thereof. The invention includes any combination or subcombination of the elements from the different species and/or embodiments disclosed herein. One skilled in the art will recognize that these features, and thus the scope of the present invention, should be interpreted in light of the following claims and any equivalents thereto.

Claims

WE CLAIM:
1. A method for provisioning a communications interface in a device comprising: establishing a connection to a network service provider via a first interface; sending a request to the network service provider to provision a second interface to connect to a service provider network; receiving authorization via the first interface from the network services provider to provision the second interface to connect to the service provider network; and subsequent to said receipt of authorization, provisioning the second interface to connect to the service provider network.
2. The method of claim 1, wherein provisioning the second interface comprises: establishing at least one of an identity, subscription, and billing relationship with the network service provider.
3. The method of claim 1, wherein provisioning the second interface comprises: modifying at least one of an identity, a subscription, and a billing relationship with the network service provider.
4. The method of claim 1, wherein provisioning the second interface comprises: configuring at least one of a physical layer parameter, a baseband processor, and a user identity module to permit the second interface to connect to the service provider network.
5. The method of claim 4, wherein the physical layer parameter comprises at least one of an RF frequency parameter and a channel parameter.
6. The method of claim 1, wherein the step of provisioning comprises modifying a secure element to permit connection to the service provider network.
7. The method of claim 6, wherein the secure element comprises a user identity module.
8. The method of claim 1, wherein the first interface comprises a selected one of a wireless local area network interface, an Ethernet connection, or a USB connection.
9. The method of claim 1, wherein the second interface comprises a cellular network interface.
10. A device comprising : a first interface; a second interface; a control layer for providing access to the second interface via the first interface so as to provision the second interface to communicate with a service provider network.
11. The system of claim 10, wherein the second interface is configured to be provisioned for one of a plurality of service provider networks.
12. The system of claim 10, wherein the second interface is configured to be provisioned for a second service provider network after being provisioned for a first service provider network.
13. The system of claim 10, wherein the first interface comprises a selected one of a wireless local area network interface, an Ethernet connection, and a USB connection.
14. The system of claim 10, wherein the second interface comprises a cellular network interface.
15. The system of claim 10, wherein the second interface is configured to be provisioned by configuring at least one of a physical layer parameter, a baseband processor, and a user identity module to permit the second interface to connect to the service provider network.
16. The system of claim 15, wherein the physical layer parameter comprises at least one of an RF frequency parameter and a channel parameter.
17. The system of claim 10, wherein the control layer is configured to permit a network service provider to access the second interface via the first interface.
18. The system of claim 10, wherein second interface comprises a secure element that must be configured in order for the second interface to connect to the service provider network.
19. The system of claim 18, wherein the secure element comprises a user identity module.
PCT/US2013/056555 2012-08-27 2013-08-26 Provisioning of a service provider network interface Ceased WO2014035851A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201261693450P 2012-08-27 2012-08-27
US61/693,450 2012-08-27

Publications (2)

Publication Number Publication Date
WO2014035851A2 true WO2014035851A2 (en) 2014-03-06
WO2014035851A3 WO2014035851A3 (en) 2014-05-22

Family

ID=50184591

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2013/056555 Ceased WO2014035851A2 (en) 2012-08-27 2013-08-26 Provisioning of a service provider network interface

Country Status (1)

Country Link
WO (1) WO2014035851A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10999264B2 (en) 2014-08-28 2021-05-04 Cryptography Research, Inc. Generating a device identification key from a base key for authentication with a network
AU2021101064B4 (en) * 2019-03-18 2021-10-14 Apple Inc. User interfaces for subscription applications
US11381674B2 (en) 2019-03-18 2022-07-05 Apple Inc. User interfaces for subscription applications

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ATE366022T1 (en) * 2003-05-30 2007-07-15 Research In Motion Ltd SYSTEM AND METHOD FOR PROVIDING A SERVICE FOR A COMMUNICATIONS DEVICE
US7035630B2 (en) * 2003-09-16 2006-04-25 Research In Motion Limited Demand-based provisioning for a mobile communication device
EP2437530B1 (en) * 2010-10-01 2019-01-30 Giesecke+Devrient Mobile Security GmbH Method for provisioning of a network access for a mobile communication device

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10999264B2 (en) 2014-08-28 2021-05-04 Cryptography Research, Inc. Generating a device identification key from a base key for authentication with a network
US11882102B2 (en) 2014-08-28 2024-01-23 Cryptography Research, Inc. Generating a device identification key from a base key for authentication with a network
AU2021101064B4 (en) * 2019-03-18 2021-10-14 Apple Inc. User interfaces for subscription applications
US11381674B2 (en) 2019-03-18 2022-07-05 Apple Inc. User interfaces for subscription applications
US11399089B2 (en) 2019-03-18 2022-07-26 Apple Inc. User interfaces for subscription applications

Also Published As

Publication number Publication date
WO2014035851A3 (en) 2014-05-22

Similar Documents

Publication Publication Date Title
CN115460570B (en) Provisioning an electronic subscriber identity module to a mobile wireless device
US9577984B2 (en) Network initiated alerts to devices using a local connection
JP6564022B2 (en) Effective user equipment identification information for heterogeneous networks
US8917651B2 (en) Associating wi-fi stations with an access point in a multi-access point infrastructure network
CN102884819B (en) System and method for WLAN roaming traffic authentication
US10432632B2 (en) Method for establishing network connection, gateway, and terminal
KR20200109303A (en) Enhanced NEF functionality, MEC and 5G integration
US11711691B2 (en) Applying network policies on a per-user basis
CN106105381B (en) Method of controlling wireless access gateway, wireless access gateway and wireless network
CN103781073B (en) The cut-in method and system of mobile subscriber's fixed network
US11778468B2 (en) Open access in neutral host network environments
US8619674B1 (en) Delivery of wireless access point information
US11889305B2 (en) System and method for service provider specific remote access via neutral host networks
WO2014035851A2 (en) Provisioning of a service provider network interface
US20240155705A1 (en) Communication method and apparatus
WO2014025829A2 (en) Systems and methods for connecting to local services from wan and lan
WO2013023591A1 (en) Method and device for selecting policy server
CN104640111A (en) Network access processing method, device and system
EP2897417A1 (en) Pdn service realizing method, system and network element
US20250267502A1 (en) Device identification behind a residential gateway (rg)
US12089044B2 (en) Content service accessibility for unauthenticated users
KR20140081497A (en) System and method for providing mobility in heterogeneous network
EP4584980A1 (en) Methods, apparatuses, and a network for providing connectivity to a wireless device
WO2024105650A1 (en) Providing information about provisioning servers to user equipment (ue) during onboarding procedures
US20150215780A1 (en) Method and device for transmitting data

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13832371

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 13832371

Country of ref document: EP

Kind code of ref document: A2