Search

US-12627979-B2 - Method for license-based access network access control independent of subscriber data in a telecommunications network and telecommunications network thereof

US12627979B2US 12627979 B2US12627979 B2US 12627979B2US-12627979-B2

Abstract

A method for license-based Access Network (AN) access control independent of subscriber data in a telecommunications network includes: sending, by a user equipment (UE) to an AN, an AN resource request to use one or more AN resources; obtaining, by the AN from an AN license validator, validity information, the validity information indicating whether at least one AN license information element or at least one AN license derived information element is valid for an AN resource to which the UE is trying to attach; and based on an AN license information element or an AN license derived information element being valid for the AN resource to which the UE is trying to attach, allowing, by the AN, the UE to access the requested AN resource.

Inventors

  • Josep Colom Ikuno

Assignees

  • DEUTSCHE TELEKOM AG

Dates

Publication Date
20260512
Application Date
20220405
Priority Date
20210406

Claims (20)

  1. 1 . A method for license-based access network (AN) access control independent of subscriber data in a telecommunications network comprising an AN and a core network (CN), the method comprising: sending, by a user equipment (UE) to the AN, an AN resource request to use one or more AN resources, wherein the UE comprises one or more AN license information elements and subscriber information associated with a subscriber, wherein the one or more AN license information elements contain information for allowing access to the one or more AN resources independently from the subscriber information, and wherein: the AN resource request comprises the one or more AN license information elements; or the AN resource request is followed by an exchange between the UE and the AN of one or more AN license derived information elements; obtaining, by the AN from an AN license validator of the telecommunications network, validity information of the one or more AN license information elements or the one or more AN license derived information elements, the validity information indicating whether at least one AN license information element or at least one AN license derived information element is valid for an AN resource to which the UE is trying to attach; and based on an AN license information element or an AN license derived information element being valid for the AN resource to which the UE is trying to attach, allowing, by the AN, the UE to access the AN resource to which the UE is trying to attach, wherein the AN allows the UE to access the AN resource to which the UE is trying to attach independently from the subscriber information such that the access is allowed based on the valid AN license information element or the valid AN license derived information element and not based on any subscriber information of the UE, and wherein the AN is configured to allow the UE to access specific AN resources of the AN, including specifically accessing all of the following: one or more cell identities (IDs) of the AN; a tracking area of the AN; a public land mobile network (PLMN) identifier of the AN; a slice identifier of the AN; and specific frequencies of the AN; wherein the AN is a radio access network (RAN) operated by a RAN operator (RANO); wherein access to the telecommunications network is provided to the UE by a first network operator (NO); wherein the subscriber information is owned by the first NO, and the RANO does not have access to the subscriber information.
  2. 2 . The method of claim 1 , wherein the method further comprises: receiving, by the CN from an AN license provider, the one or more AN license information elements or the one or more AN license derived information elements; provisioning, by the CN to the UE, the one or more AN license information elements or the one or more AN license derived information elements; and/or revoking, by the CN, one or more AN licenses, wherein the revoking comprises notifying the UE or the AN that the one or more AN license information elements or the one or more AN license derived information elements are not valid anymore and/or indicating to the UE that the one or more AN licenses are to be deleted.
  3. 3 . The method of claim 1 , further comprising: storing, by the UE, the one or more AN license information elements or the one or more AN license derived information elements in a Universal Subscriber Identity Module (USIM) element.
  4. 4 . The method of claim 1 , wherein the AN resource request is a UE network registration to a specific PLMN.
  5. 5 . The method of claim 1 , wherein the RAN comprises RAN nodes, and the AN resource to which the UE is trying to attach further comprises one or more of the following: specific locations; a geographic area; or an expiry timer for indicating a time duration for which the one or more AN license information elements or the one or more AN license derived information elements is valid.
  6. 6 . The method of claim 1 , wherein the AN license validator is located in a third-party entity of the telecommunications network or in the AN.
  7. 7 . The method of claim 1 , wherein the telecommunications network further comprises a second NO; wherein the first NO has a valid AN license information element or a valid AN license derived information element stored therein; and wherein the method further comprises: exchanging ownership of the valid AN license information element or the valid AN license derived information element to the second NO by: registering the ownership change with a third-party entity of the telecommunications network; revoking, by the third-party entity, the validity of the AN license information element or the AN license derived information element of the first NO; and provisioning an AN license information element or an AN license derived information element to the second NO allowing access to the same AN resources as the AN license information element or the AN license derived information element originally owned by the first NO.
  8. 8 . The method of claim 1 , wherein the AN license validator is a distributed ledger (DL) comprising AN resources ownership information stored therein, and wherein the method further comprises: providing, by the DL to the UE, AN and/or CN, validated AN resources ownership information upon request.
  9. 9 . The method of claim 1 , further comprising: based on a respective AN license not being valid and the UE being denied access to a respective AN resource, notifying, by the AN or the CN, the UE that access has been denied by the AN.
  10. 10 . A method for license-based access network (AN) access control independent of subscriber data in a telecommunications network comprising an AN and a core network (CN), the method comprising: sending, by a user equipment (UE) to the AN, an AN resource request to use one or more AN resources, wherein the UE comprises subscriber information associated with a subscriber; sending, by the AN, a request to the CN, wherein the CN comprises one or more AN license information elements, wherein the one or more AN license information elements contain information for allowing access to the one or more AN resources independently from the subscriber information, and wherein the request to the CN is for the CN to: send, to the AN, the one or more AN license information elements related to the AN resource request of the UE; or initiate an exchange of one or more AN license derived information elements; obtaining, by the AN from an AN license validator of the telecommunications network, validity information of the one or more AN license information elements or the one or more AN license derived information elements, the validity information indicating whether at least one AN license information element or at least one AN license derived information element is valid for an AN resource to which the UE is trying to attach; and based on an AN license information element or an AN license derived information element being valid for the AN resource to which the UE is trying to attach, allowing, by the AN, the UE to access the AN resource to which the UE is trying to attach, wherein the AN allows the UE to access the AN resource to which the UE is trying to attach independently from the subscriber information such that the access is allowed based on the valid AN license information element or the valid AN license derived information element and not based on any subscriber information of the UE, and wherein the AN is configured to allow the UE to access specific AN resources of the AN, including specifically accessing all of the following: one or more cell identities (IDs) of the AN; a tracking area of the AN; a public land mobile network (PLMN) identifier of the AN; a slice identifier of the AN; and specific frequencies of the AN; wherein the AN is a radio access network (RAN) operated by a RAN operator (RANO); wherein access to the telecommunications network is provided to the UE by a first network operator (NO); wherein the subscriber information is owned by the first NO, and the RANO does not have access to the subscriber information.
  11. 11 . The method of claim 10 , further comprising: receiving, by the CN from an AN license provider, the one or more AN license information elements or the one or more AN license derived information elements; and revoking, by the CN, one or more AN licenses, wherein the revoking comprises indicating that the one or more AN license information elements or the one or more AN license derived information elements are not valid anymore and/or deleting the one or more AN licenses.
  12. 12 . The method of claim 10 , wherein the AN resource request is a UE network registration to a specific PLMN.
  13. 13 . The method of claim 10 , wherein the RAN comprises RAN nodes, and the AN resource to which the UE is trying to attach further comprises one or more of the following: specific locations; a geographic area; or an expiry timer for indicating a time duration for which the one or more AN license information elements or the one or more AN license derived information elements is valid.
  14. 14 . The method of claim 10 , wherein the telecommunications network further comprises a third-party entity.
  15. 15 . The method of claim 14 , wherein the AN license validator is located in the third-party entity or in the AN.
  16. 16 . The method of claim 15 , wherein the telecommunications network further comprises a second NO; wherein the first NO has a valid AN license information element or a valid AN license derived information element stored therein; and wherein the method further comprises: exchanging ownership of the valid AN license information element or the valid AN license derived information element to the second NO by: registering the ownership change with the third-party entity; revoking, by the third-party entity, the validity of the AN license information element or the AN license derived information element of the first NO; and provisioning an AN license information element or an AN license derived information element to the second NO allowing access to the same AN resources as the AN license information element or the AN license derived information element originally owned by the first NO.
  17. 17 . The method of claim 10 , wherein the AN license validator is a distributed ledger (DL) comprising AN resources ownership information stored therein, and wherein the method further comprises: providing, by the DL to the UE, AN and/or CN, validated AN resources ownership information upon request.
  18. 18 . The method of claim 10 , further comprising: based on a respective AN license not being valid and the UE being denied access to a respective AN resource, notifying, by the AN or the CN, the UE that access has been denied by the AN.
  19. 19 . A telecommunications network for performing license-based access network (AN) access control independent of subscriber data, the telecommunications network comprising: a user equipment (UE); an AN comprising AN resources; an AN license validator; and a core network (CN); wherein the UE comprises one or more AN license information elements and subscriber information associated with a subscriber, wherein AN license information elements contain information for allowing access to one or more AN resources independently from subscriber information; wherein the UE is configured to send, to the AN, an AN resource request to use one or more AN resources, wherein the AN resource request comprises the one or more AN license information elements, or wherein the AN resource request is to be followed by an exchange between the UE and the AN of one or more AN license derived information elements; wherein the AN is configured to: obtain, from the AN license validator, validity information of the one or more AN license information elements or the one or more AN license derived information elements, the validity information indicating whether at least one AN license information element or at least one AN license derived information element is valid for an AN resource to which the UE is trying to attach; and based on an AN license information element or an AN license derived information element being valid for the AN resource to which the UE is trying to attach, allow the UE to access the AN resource to which the UE is trying to attach, wherein the AN allows the UE to access the AN resource to which the UE is trying to attach independently from the subscriber information such that the access is allowed based on the valid AN license information element or the valid AN license derived information element and not based on any subscriber information of the UE; wherein the AN is configured to allow the UE to access specific AN resources of the AN, including specifically accessing all of the following: one or more cell identities (IDs) of the AN; a tracking area of the AN; a public land mobile network (PLMN) identifier of the AN; a slice identifier of the AN; and specific frequencies of the AN; wherein the AN is a radio access network (RAN) operated by a RAN operator (RANO); wherein access to the telecommunications network is provided to the UE by a network operator (NO); wherein the subscriber information is owned by the NO, and the RANO does not have access to the subscriber information.
  20. 20 . A telecommunications network for performing license-based access network (AN) access control independent of subscriber data, the telecommunications network comprising: a user equipment (UE); an AN comprising AN resources; an AN license validator; and a core network (CN); wherein the UE comprises subscriber information associated with a subscriber; wherein the CN comprises one or more AN license information elements, wherein the one or more AN license information elements contain information for allowing access to one or more AN resources independently from subscriber information; wherein the UE is configured to send, to the AN, an AN resource request to use the one or more AN resources; wherein the AN is configured to send a request to the CN to: send, to the AN, the one or more AN license information elements; or initiate an exchange of one or more AN license derived information elements; wherein the AN is configured to: obtain, from the AN license validator, validity information of the one or more AN license information elements or the one or more AN license derived information elements, the validity information indicating whether at least one AN license information element or at least one AN license derived information element is valid for an AN resource to which the UE is trying to attach; and based on an AN license information element or an AN license derived information element being valid for the AN resource to which the UE is trying to attach, allow the UE to access the AN resource to which the UE is trying to attach, wherein the AN allows the UE to access the AN resource to which the UE is trying to attach independently from the subscriber information such that the access is allowed based on the valid AN license information element or the valid AN license derived information element and not based on any subscriber information of the UE; wherein the AN is configured to allow the UE to access specific AN resources of the AN, including specifically accessing all of the following: one or more cell identities (IDs) of the AN; a tracking area of the AN; a public land mobile network (PLMN) identifier of the AN; a slice identifier of the AN; and specific frequencies of the AN; wherein the AN is a radio access network (RAN) operated by a RAN operator (RANO); wherein access to the telecommunications network is provided to the UE by a network operator (NO); wherein the subscriber information is owned by the NO, and the RANO does not have access to the subscriber information.

Description

CROSS-REFERENCE TO PRIOR APPLICATIONS This application claims benefit to European Patent Application No. EP 21 166 923.9, filed on Apr. 6, 2021, which is hereby incorporated by reference herein. FIELD This invention relates to a method for license-based Access Network (AN) access control independent of subscriber data in a telecommunications network and a telecommunications network thereof. BACKGROUND The use of frequencies for non-operator use (e.g. in Germany were introduced in the 3.7 GHz to 3.8 GHz frequency range) allow the deployment of mobile networks for non-operator use. In recent years, the trend seems to go towards a more flexible use of frequency blocks compared to the traditional model where only a few operators own all of the spectrum usage rights. Additionally, most operators also setup their physical infrastructure in “TowerCos”, which manage the physical infrastructure of the radio sites. However, currently the radio equipment (i.e. the base stations) is owned and managed by the telecommunications operator. Within the telecommunications operator, the trend emerges of introducing a separation between the Radio Access Network (RAN) and the rest of the telecommunications operator. The RAN part, out of this separation, will be referred to as RAN operator (RANO), which would have access to physical sites, RAN equipment and use and/or own frequency license(s) allowing them to use certain parts of the spectrum within some frame (e.g. constrained to a specific time frame/geographic area). While the following description of the background and the invention often assumes a Radio Access Network, the same principles are applicable to Access Networks (ANs) using access mediums other than radio. On the other side of the above-mentioned separation, Network Operators (NOs) then offer connectivity services to customers by using the services of RANOs. NOs, analogously to current operators, are assumed to know who each customer is and what has each customer contracted (e.g. speed, level of service, etc.). FIG. 1 illustrates an example of how current mobile telecommunications systems are functionally split (exemplified for the case of a 5G system (5GS)). A User Equipment (UE) 1 is connected to a Data Network (DN) 4 via a Core Network (CN) 3 and an Access Network (AN) 2. Whether the UE 1 is allowed to access the AN 2 and/or the DN 4 is decided by the CN 3 based on the subscription data 30 in the given UE 1. The subscription data 30 is tied to a given subscriber, which e.g. is charged different amounts for access to different services. The Access Node (ANs) 2 referred to in the following specification may be Radio Access Networks (RANs), which are the ANs that are based on radio technologies (e.g. 5G New Radio, 5G NR). Both the RAN 2 and the CN 3 are composed of several functional components. In the case of 5G, the RAN 2 is composed of gNBs and the CN 3 of Network Functions (NFs). This is exemplarily illustrated in FIG. 2. FIG. 2 illustrates an example of a RAN and CN decomposition. FIG. 2 illustrates the several relevant interfaces between the following components as named within a 5G system: gNB-gNB: Xn interface; UE-gNB: Uu interface; and gNB-NF: NG interface. As shown in FIG. 2, the CN 3 is composed of NFs which are connected to the gNBs of the RAN 2 through NG interfaces. The gNBs are also interconnected between them through the Xn interfaces. Finally, the UEs 1 are connected to the gNBs through Uu interfaces. In order for a UE to attach (i.e. connect) to a 5G network, 3GPP Technical Specification (TS) 23.501 specifies the following procedure (shown in FIG. 3). FIG. 3 illustrates a simplified overview of the UE attach procedure. In FIG. 3, the following steps are performed. In step S1, the UE 1 sends a registration request to the RAN 2. In step S2, the RAN, based on the parameters included in the request or other known parameters (e.g. OAM, local configuration) selects an Access and Mobility Management Function (AMF) and forwards, in step S3, the request to a NF tasked with access control (e.g. AMF in the case of a 5GS). In step S4, the Access AMF, performs an authentication/security check with a subscriber NF. In step S5, the Access AMF gets subscriber information from the subscriber NF. In steps S6 and S7, based on the obtained subscriber information accessible via the subscriber NF (e.g. UDM in 5GS), the Access AMF accepts, rejects or redirects the registration request by forwarding a registration response to the UE 1 through the RAN 2. Finally, in step S8, the UE 1 is registered in the CN 3. In the current state of the art the RAN is not configured to perform any kind of credential-based access control. Typically, a telecom regulator, which is referred to in this specification as a Frequency Owner (FO) awards each network operator (NO) what frequencies each NO is allowed to operate, e.g. via a frequency auction or other method. FIG. 4 illustrates a simplified overview of the mechanism of frequency a