HOME BASE STATION

US 20080305772A1
Filed: 06/03/2008
Published: 12/11/2008
Est. Priority Date: 06/07/2007
Status: Active Grant

First Claim

Patent Images

1. A method that effectuates establishment of a IPSec tunnel for utilization in a wireless communication environment, comprising:

utilizing IPSec establishment procedures on a home base station to establish the IPSec tunnel between the home base station and a packet data interworking function component, the IPSec establishment procedures based at least in part on a user, across all users, or based on a quality of service (QoS);

employing at least one of a high rate packet data (HRDP) point-to-point protocol (PPP) challenge-handshake authentication protocol (CHAP) or non-access stratum (NAS) based support directed through the IPSec tunnel to authenticate an access terminal associated with the home base station;

utilizing an international mobile subscriber identity (IMSI) associated with the access terminal to identify or select a packet data serving node with which to establish communications between the home base station and the packet data serving node; and

employing A11 signaling to establish an A10 connection with the packet data serving node.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methodologies are described that effectuate establishment of an IPSec tunnel for utilization in a wireless communication environment. IPSec establishment procedures on home base stations can be used to establish IPSec tunnels between home base stations situated on open access sectors of wireless communication environments and packet data interworking function components positioned at the contiguity of secured segments of the wireless communication environments. Moreover, high rate packet data point-to-point protocol challenge-handshake authentication protocols can be directed through the IPSec tunnels to facilitate authentication of access terminals associated with the home base stations in order to facilitate further communications with components dispersed within secure areas of wireless communication environments. Further, international mobile subscriber identities (IMSI) affiliated with access terminals associated with home base stations can be used to identify packet data serving nodes with which to establish communications between home base stations and packet data serving nodes.

58 Citations

View as Search Results

54 Claims

1. A method that effectuates establishment of a IPSec tunnel for utilization in a wireless communication environment, comprising:
- utilizing IPSec establishment procedures on a home base station to establish the IPSec tunnel between the home base station and a packet data interworking function component, the IPSec establishment procedures based at least in part on a user, across all users, or based on a quality of service (QoS);
  
  employing at least one of a high rate packet data (HRDP) point-to-point protocol (PPP) challenge-handshake authentication protocol (CHAP) or non-access stratum (NAS) based support directed through the IPSec tunnel to authenticate an access terminal associated with the home base station;
  
  utilizing an international mobile subscriber identity (IMSI) associated with the access terminal to identify or select a packet data serving node with which to establish communications between the home base station and the packet data serving node; and
  
  employing A11 signaling to establish an A10 connection with the packet data serving node.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, further comprising utilizing the established IPSec tunnel to transport remote authentication dial in user service (RADIUS) messages.
  - 3. The method of claim 1, further comprising employing an access, authentication, and accounting service situated within a secure segment of the wireless communication environment to authenticate the access terminal associated with the home base station.
  - 4. The method of claim 1, wherein the IPSec tunnel pierces an access barrier extant between a secure segment of the wireless communication environment and an unguarded sector of the wireless communication environment.
  - 5. The method of claim 1, wherein the packet data interworking function component is situated at an intersection between a secure segment of the wireless communication environment and an unguarded sector of the wireless communication environment.
  - 6. The method of claim 1, wherein the packet serving node is positioned on a secure segment of the wireless communication environment.
  - 7. The method of claim 1, wherein the utilizing IPSec establishment procedures further comprising consulting a persisted list of network address identifiers (NAIs), the persisted list of network address identifiers (NAIs) including a network address identifier associated with the access terminal in communication with the home base station.
  - 8. The method of claim 1, further comprising maintaining connectivity with a macro base transceiver station during transition from the macro base transceiver station to the home base station until currently executing services on the access terminal terminate.
  - 9. The method of claim 1, further comprising determining the packet data serving node with which to establish communications based at least in part on utilizing an international mobile subscriber identity (IMSI) modulo N algorithm, where N represents a number of potential packet data serving nodes extant in the wireless communication environment.
  - 10. The method of claim 1, wherein the employing A11 signaling to establish the A10 connection further comprising establishing general routing encapsulation (GRE) tunneling between the packet data serving node and the home base station.
  - 11. The method of claim 1, wherein the home base station performs accounting functionalities and forwards accounting records to the packet data serving node via an A11 airlink record.
  - 12. The method of claim 1, wherein the home base station communicates with an A11 concentrator interposed between the home base station and the packet data serving node.
  - 13. The method of claim 12, wherein the A11 concentrator communicates with the packet data serving node via a single A11 connection.
  - 14. The method of claim 12, wherein the home base station establishes a plurality of A11/A10 interfaces with the A11 concentrator, each of the plurality of A11/A10 interfaces established based at least in part on an additional access terminal initiating access to the home base station.
  - 15. The method of claim 12, wherein the A11 concentrator maintains a mapping between A11 and A10 connections with one or more home base stations and A10 and A11 interactions between the one or more home base stations, the mapping utilized to route packets to or from the A11 concentrator.
  - 16. The method of claim 15, wherein the mapping is dynamically updated based at least in part on a time horizon as to when the home base station established an A10 connection with the A11 concentrator.
  - 17. The method of claim 1, wherein the home base station is situated in an unguarded segment of the wireless communication environment, the unguarded segment further including a wired and wireless home or small business environment.
  - 18. The method of claim 17, wherein the wired and wireless home or small business environment employs an IEEE 802 communication paradigm.
  - 19. The method of claim 1, wherein the access terminal is wirelessly inaccessible to the wireless communication environment.
  - 20. The method of claim 1, further comprising from the access terminal utilizing the IPSec tunnel established between the home base station and the packet data interworking function component to communicate directly with the packet data serving node situated in a protected segment of the wireless communication environment.

21. A wireless communication apparatus that establishes an IPSec tunnel utilized in a wireless communication environment, the apparatus comprising:
- means for utilizing an IPSec establishment procedure on a means for establishing the IPSec tunnel between the means for establishing the IPSec tunnel and a means for intermediating communication between a secure sector of the wireless communication environment and an unguarded sector of the wireless communication environment, the IPSec establishment procedure based at least in part on a user, across all users, or based on a quality of service (QoS);
  
  means for employing one or more of a high rate packet data (HRDP) point-to-point protocol (PPP) challenge-handshake authentication protocol (CHAP) or non-access stratum (NAS) based support directed through the IPSec tunnel to authenticate a means for mobile communicating associated with the means for establishing the IPSec tunnel;
  
  means for utilizing an international mobile subscriber identity (IMSI) associated with the means for mobile communicating to identify or select a means for serving packet data with which to establish communications between the means for establishing the IPSec tunnel and the means for serving packet data; and
  
  means for employing A11 signaling to establish an A10 connection with the means for serving packet data.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 22. The wireless communications apparatus of claim 21, wherein the tunnel is utilized to transport remote authentication dial in user service (RADIUS) messages.
  - 23. The wireless communications apparatus of claim 21, further comprising means for authentication positioned in the secure sector of the wireless communication environment.
  - 24. The wireless communications apparatus of claim 21, wherein the IPSec tunnel penetrates a boundary implemented between the secure sector of the wireless communication environment and the unguarded sector of the wireless communication environment.
  - 25. The wireless communications apparatus of claim 21, wherein the means for intermediating communication are positioned at the periphery of each of the secure sector of the wireless communication environment and the unguarded sector of the wireless communication environment.
  - 26. The wireless communications apparatus of claim 21, wherein the means for serving packet data are situated within the secure sector of the wireless communication environment.
  - 27. The wireless communications apparatus of claim 21, wherein the means for establishing the IPSec tunnel reference a list of network address identifiers (NAIs) stored on a means for persisting, the list of network address identifiers including a network address identifier associated with the means for mobile communicating initiating contact with the means for establishing the IPSec tunnel.
  - 28. The wireless communications apparatus of claim 21, wherein the means for mobile communicating maintain communication with a means for transceiving associated with the secure sector of the wireless communication environment until services executing on the means for mobile communicating conclude.
  - 29. The wireless communications apparatus of claim 21, wherein the means for employing the IPSec establishment procedure determine the means for serving packet data based at least in part on employment of an international mobile subscriber identity (IMSI) modulo N algorithm, where N represents a number of possible means for serving packet data available in the secure sector of the wireless communication environment.
  - 30. The wireless communications apparatus of claim 21, wherein the means for employing A11 signaling include means for establishing general routing encapsulation (GRE) tunneling between the means for establishing the IPSec tunnel and the means for serving packet data.
  - 31. The wireless communications apparatus of claim 21, wherein the means for establishing the IP Sec tunnel communicate with means for concentrating A11 interfaces, the means for concentrating A11 interfaces being disposed between the means of establishing the IPSec tunnel and the means for serving packet data.
  - 32. The wireless communications apparatus of claim 31, wherein the means for concentrating A11 interfaces interchange data with the means for serving packet data via a single A11 connection.
  - 33. The wireless communications apparatus of claim 31, wherein the means for establishing the IPSec tunnel utilize a plurality of A11/A10 interfaces with the means for concentrating A11 interfaces, wherein each of the plurality of A11/A10 interfaces is established based at least in part on additional means for mobile communicating requesting association with the means for establishing the IPSec tunnel.
  - 34. The wireless communications apparatus of claim 31, wherein the means for concentrating A11 interfaces maintain mappings between A11 and A10 connections with more than one means for establishing the IPSec tunnel and A10 and A11 interactions between the more than one means for establishing the IPSec tunnel, the mappings employed to direct packets from or to the means for concentrating A11 interfaces.
  - 35. The wireless communications apparatus of claim 21, wherein the means for establishing the IPSec tunnel is positioned on the unguarded sector of the wireless communication environment, the unguarded sector of the wireless communication environment including a wired or wireless home or small business environment.
  - 36. The wireless communications apparatus of claim 21, wherein the means for mobile communicating utilize the IPSec tunnel maintained by the means for establishing the IPSec tunnel to establish direct communications with the means for serving packet data situated on the secure sector of the wireless communication environment.

37. A wireless communications apparatus, comprising:
- a memory that retains instructions related to using IPSec establishment procedures to establish an IPSec tunnel extending from a home base station to a packet data interworking function, directing high rate packet data (HRDP) point-to-point protocol (PPP) challenge-handshake authentication protocol (CHAP) through the IPSec tunnel to authenticate an access terminal associated with the home base station with a secure wireless communication environment, identifying a packet data serving node based at least in part on an international mobile subscriber identity (IMSI) associated with the access terminal, establishing dynamic data interchange between the packet data serving node and the home base station, and establishing an A10 connection with the packet data serving node using A11 signaling; and
  
  a processor, coupled to the memory, configured to execute the instructions retained in the memory.
- View Dependent Claims (38, 39, 40, 41, 42)
- - 38. The wireless communication apparatus of claim 37, wherein the memory further retains instructions related to transporting remote authentication dial in user service (RADIUS) messages, and employing an authentication service to authenticate the access terminal with the home base station.
  - 39. The wireless communication apparatus of claim 37, wherein the IPSec tunnel extending from the home base station to the packet data interworking function perforates a security barrier interjected between the home base station and the packet data serving node.
  - 40. The wireless communication apparatus of claim 37, wherein the packet data interworking function is positioned at the juncture between the secured wireless communication environment and exposed aspects of a wired or wireless communication environment.
  - 41. The wireless communication apparatus of claim 37, wherein the memory further retains instructions related to referring to a list of network address identifiers (NAIs) to locate a network address identifier (NAI) associated with the access terminal requesting communication with the home base station, maintaining connectivity with a macro base transceiver station while transitioning from the macro base transceiver station to the home base station until all executing services running on the access terminal become idle, and determining the packet data serving node with which to establish communications based on an IMSI modulo N algorithm, where N represents a number of potential packet data serving nodes that exist in the secure wireless communication environment.
  - 42. The wireless communications apparatus of claim 37, wherein the home base station includes functionalities associated with a base transceiver station (BTS) aspect, a base station controller (BSC) aspect, and a packet control function (PCF) aspect.

43. A computer program product comprising:
- a computer-readable medium comprising;
  
  code for causing a computer to utilize IPSec establishment procedures on a home base station to establish an IPSec tunnel between a home base station and a packet data interworking function component, the IPSec establishment procedures based at least in part on a user, across all users, or quality of service (QoS) attributes;
  
  code for causing a computer to employ at least one of a high rate packet data (HRDP) point-to-point protocol (PPP) challenge-handshake authentication protocol (CHAP) or non-access stratum (NAS) based support directed through the IPSec tunnel to authenticate an access terminal associated with the home base station;
  
  code for causing a computer to utilize an international mobile subscriber identity (IMSI) associated with the access terminal to identify or select a packet data serving node with which to establish communications between the home base station and the packet data serving node; and
  
  code for causing a computer to employ A11 signaling to establish an A10 connection with the packet data serving node.
- View Dependent Claims (44, 45, 46, 47)
- - 44. The computer program product of claim 43, wherein the home base station includes instrumentalities associated with a base transceiver station (BTS) capability, a base station controller (BSC) capability, a packet control function (PCF) capability, and a packet data serving capability.
  - 45. The computer program product of claim 44, wherein the packet data serving capability ensures that the access terminal is incapable of distinguishing between communication with the home base station or a macro base transceiver station.
  - 46. The computer program product of claim 43, wherein the home base station includes functionalities associated with a base transceiver station (BTS) capability, a base station controller (BSC) capability, and a packet control function (PCF) capability, the home base station employing the packet data serving node situated with a protected segment of a wireless communication environment to provide packet data serving capabilities to ensure that the access terminal is incapable of distinguishing between communication with the home base station or a macro base transceiver station.
  - 47. The computer program product of claim 46, wherein the protected segment of a wireless communication environment includes a cellular mobile communications network.

48. In a wireless communications system, an apparatus comprising:
- a processor configured to;
  
  utilize IPSec establishment procedures on a home base station to establish an IPSec tunnel between a home base station and a packet data interworking function component wherein the IPSec establishment procedures based in part on a user, across a plurality of users, or a quality of service (QoS) attribute;
  
  employ one or more of a high rate packet data (HRDP) point-to-point protocol (PPP) challenge-handshake authentication protocol (CHAP) or non-access stratum (NAS) based support directed through the IPSec tunnel to authenticate an access terminal associated with the home base station;
  
  utilize an international mobile subscriber identity (IMSI) associated with the access terminal to identify or select a packet data serving node with which to establish communications between the home base station and the packet data serving node; and
  
  employ A11 signaling to establish an A10 connection with the packet data serving node.
- View Dependent Claims (49, 50, 51, 52, 53, 54)
- - 49. The wireless communications system of claim 48, wherein the processor is further configured to employ, via a concentrator component, A13 signaling between a source access node and a target access node for dormant state session transfer.
  - 50. The wireless communications system of claim 48, wherein the processor is further configured to employ, via a concentrator component, A16 signaling between a source access node and a target access node to effectuate high rate packet data inter-access node connected state session transfer.
  - 51. The wireless communications system of claim 48, wherein the processor is further configured to direct, via a concentrator component, A17 signaling information between a source access node and a target access node to manage resources in support of inter-access node cross-connectivity.
  - 52. The wireless communications system of claim 48, wherein the processor is further configured to transport, via a concentrator component, A18 traffic associated with an access node between a source access node and a target remote transmitter during cross-connectivity.
  - 53. The wireless communications system of claim 48, wherein the processor is further configured to interchange, via a concentrator component, A19 remote transmitter-specific bearer-related cross-connectivity control messages for an access terminal between the access node and a target remote transmitter.
  - 54. The wireless communications system of claim 48, wherein the processor is further configured to intercommunicate, via a concentrator component, A21 signaling information between a high rate packet data access node and an indoor wireless system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Shahidi, Reza, Balasubramanian, Srinivasan, Hsu, Raymond Tah-Sheng

Granted Patent

US 8,345,604 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/164   at the network layer

H04W 12/062   Pre-authentication

H04W 72/04   Wireless resource allocation

H04W 84/045   using private Base Stations...

H04W 88/08   Access point devices

HOME BASE STATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

58 Citations

54 Claims

Specification

Solutions

Use Cases

Quick Links

HOME BASE STATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

54 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links