Handling of authorization requests for a packet-based service in a mobile network

US 9,350,737 B2
Filed: 01/19/2012
Issued: 05/24/2016
Est. Priority Date: 01/19/2012
Status: Active Grant

First Claim

Patent Images

1. A method of handling an authorization request, the method comprising:

a policy controller receiving an authorization request transmitted by an application function (AF) network node in response to signaling received from an end user device for initiating a service provided by the AF network node; and

in response to receiving the authorization request transmitted by said AF network node in response to the signaling received from the end user device for initiating a service provided by the AF network node, the policy controller;

performing a first authorization check to determine a first authorization status of the service;

sending an authorization response to the AF network node, said authorization response indicating the first authorization status of the service;

performing a second authorization check to determine a second authorization status of the service;

determining whether the second authorization status is different than the first authorization status; and

sending to the AF network node a message indicating that the authorization status of the service has changed in response to determining that the second authorization status is different than the first authorization status, whereinperforming the first authorization check comprises the policy controller obtaining from a subscriber database, at a first point in time, first subscription data associated with the end user device and using the obtained first subscription data to determine the first authorization status; and

performing the second authorization check comprises the policy controller receiving from a subscriber database, at a later point in time, second subscription data associated with the end user device and using the obtained second subscription data to determine the second authorization status.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A policy controller (30) of a mobile network receives an authorization request (302) for a packet-based service from a node (80). In response to receiving the authorization request (302), the policy controller performs an authorization check (305) to determine an authorization status of the service and sends an authorization response (306) to the node (80). The authorization response (306) indicates the authorization status of the service. In response to the same authorization request (302), the policy controller (30) performs at least one further authorization check to redetermine the authorization status of the service. If the further authorization check indicates that the authorization status of the service has changed, the policy controller (30) sends a status change message (311) to the node. The status change message (311) indicates to the node (80) that the authorization status of the service has changed.

21 Citations

View as Search Results

16 Claims

1. A method of handling an authorization request, the method comprising:
- a policy controller receiving an authorization request transmitted by an application function (AF) network node in response to signaling received from an end user device for initiating a service provided by the AF network node; and
  
  in response to receiving the authorization request transmitted by said AF network node in response to the signaling received from the end user device for initiating a service provided by the AF network node, the policy controller;
  
  performing a first authorization check to determine a first authorization status of the service;
  
  sending an authorization response to the AF network node, said authorization response indicating the first authorization status of the service;
  
  performing a second authorization check to determine a second authorization status of the service;
  
  determining whether the second authorization status is different than the first authorization status; and
  
  sending to the AF network node a message indicating that the authorization status of the service has changed in response to determining that the second authorization status is different than the first authorization status, whereinperforming the first authorization check comprises the policy controller obtaining from a subscriber database, at a first point in time, first subscription data associated with the end user device and using the obtained first subscription data to determine the first authorization status; and
  
  performing the second authorization check comprises the policy controller receiving from a subscriber database, at a later point in time, second subscription data associated with the end user device and using the obtained second subscription data to determine the second authorization status.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method according to claim 1, wherein the authorization response indicates that the service is temporarily not authorized.
  - 3. The method according to claim 1, wherein the authorization response indicates a component of the service which is not authorized.
  - 4. The method according to claim 1, further comprising:
    - the policy controller controlling resources for conveying data packets of the service.
  - 5. The method according to claim 1, wherein the authorization request comprises an indication that the AF network node is to be informed if the authorization status of the session changes.

6. A authorization method, the authorization method comprising:
- an application function (AF) network node receiving a message related to a service provided by the AF network node, wherein the message was transmitted by an end user device;
  
  the AF network node, in response to receiving the message transmitted by the end user device, sending an authorization request to a policy controller of a mobile network;
  
  the AF network node receiving a first authorization message from the policy controller, said first authorization message indicating an authorization status of the service as determined by the policy controller;
  
  the AF network node controlling its operation in relation to the service depending on the authorization status indicated by the first authorization message;
  
  the AF network node receiving a second authorization message from the policy controller, said second authorization message indicating that the authorization status of the service has changed;
  
  the AF network node changing its operation in relation to the service based on the second authorization message indicating that the authorization status of the service has changed; and
  
  if the first authorization message indicates that the service is temporarily not authorized, the AF network node stopping at least one activity with respect to components of the service which are not authorized until receiving the second authorization message indicating that the authorization status of the service has changed.
- View Dependent Claims (7, 8, 9, 10, 11, 12)
- - 7. The method according to claim 6, wherein the first authorization message indicates that the service is temporarily not authorized.
  - 8. The method according to claim 6, wherein the first authorization message indicates a component of the service which is not authorized.
  - 9. The method according to claim 8, further comprising:
    - after receiving the first authorization message, the AF network node continuing at least one activity with respect to an authorized component of the service.
  - 10. The method according to claim 6, further comprising:
    - if the first authorization message indicates that the service is temporarily not authorized, the AF network node sending no further authorization requests for the service until receiving the second authorization message indicating that the authorization status of the service has changed.
  - 11. The method according to claim 6, further comprising:
    - if the first authorization message indicates that the session is authorized, the AF network node stopping at least one activity with respect to the service in response to receiving the second authorization message indicating that the authorization status of the session has changed.
  - 12. The method according to claim 6, wherein the authorization request comprises an indication that the AF network node is to be informed if the authorization status of the service changes.

13. A policy controller for controlling resources in a mobile network, comprising:
- an interface for communication with an application function (AF) network node; and
  
  a processor,wherein the processor is configured to;
  
  receive via the interface an authorization request for a packet-based service in the mobile network, wherein the authorization request is transmitted by the AF network node in response to signaling received from an end user device; and
  
  in response to receiving the authorization request transmitted by the AF network node in response to signaling received from an end user device;
  
  perform, at a first point in time, a first authorization check to determine a first authorization status of the service;
  
  send via the interface an authorization response to the AF network node, said authorization response indicating the first authorization status of the service;
  
  perform, at a later point in time, a second authorization check to determine a second authorization status of the service; and
  
  if the second authorization status is different than the first authorization status, send via the interface a message to the AF network node, said message indicating that the authorization status of the service has changed, whereinthe policy controller is configured to perform the first authorization check by obtaining from a subscriber database, at a first point in time, first subscription data associated with the end user device and using the obtained first subscription data to determine the first authorization status; and
  
  the policy controller is configured to perform the second authorization check by obtaining from a subscriber database, at a later point in time, second subscription data associated with the end user device and using the obtained second subscription data to determine the second authorization status.
- View Dependent Claims (14, 15)
- - 14. The policy controller according to claim 13, further comprising:
    - a further interface for communicating with a subscriber database of the mobile network, wherein the processor is configured to receive subscription data via the further interface from the subscriber database and to perform the first authorization check and/or the second authorization check on the basis of the received subscription data.
  - 15. The policy controller according to claim 13, further comprising:
    - a control interface for controlling resources for conveying data packets of the service.

16. An application function (AF) network node, comprising:
- a receiver;
  
  a transmitter; and
  
  one or more processor coupled to the receiver and the transmitter, wherein the AF network node is configured to;
  
  employ the transmitter to send an authorization request to a policy controller of a mobile network in response to receiving a message for initiating a service that was transmitted by an end user device;
  
  control its operation in relation to the service depending on an authorization status of the service indicated by a first authorization message received from the policy controller; and
  
  change its operation in relation to the service based on a second authorization message received from the policy controller and indicating that the authorization status of the service has changed, whereinthe AF network node is further configured such that, if the first authorization message indicates that the service is temporarily not authorized, the AF network node stops at least one activity with respect to components of the service which are not authorized until receiving the second authorization message indicating that the authorization status of the service has changed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Fernandez Alonso, Susana, Ludwig, Reiner
Primary Examiner(s)
CHEN, SHIN HON

Application Number

US14/372,321
Publication Number

US 20150222634A1
Time in Patent Office

1,587 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

H04W 12/088   using filters or firewalls

Handling of authorization requests for a packet-based service in a mobile network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

21 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Handling of authorization requests for a packet-based service in a mobile network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links