100 likes | 225 Views
3GPP/WLAN Interworking Architecture as Paradigm for NGN Access Independence. Rainer Liebhart, Bernhard Pfeil Siemens m obile Networks ETSI TISPAN – 3GPP workshop June 22 nd – 23 rd , 2004. Abstract. Access independence is one of the central requirements in NGN standardization
E N D
3GPP/WLAN Interworking Architecture as Paradigm for NGN Access Independence Rainer Liebhart, Bernhard Pfeil Siemens mobile Networks ETSI TISPAN – 3GPP workshop June 22nd – 23rd, 2004
Abstract • Access independence is one of the central requirements in NGN standardization • True access independence requires a generic approach, which decouples NGN core network components and procedures as much as possible from the subtleties of access technologies • 3GPP is on the way to standardize with Release 6 WLAN/3GPP interworking that allows 3GPP terminals to access a 3GPP IMS via WLAN • The concepts of WLAN/3GPP interworking do not rely on the specifics of the WLAN access network • The proposal presented in this contribution is to adopt the concepts of WLAN/3GPP interworking as the basis to achieve true access independence in NGN TISPAN - 3GPP workshop, June 22nd-23rd 2004
Overview • We show in the first five slides the goals, concepts and architecture of the 3GPP/WLAN Interworking and explain how IMS services are accessed by a 3GPP WLAN terminal: • Goals and Concepts of 3GPP/WLAN Interworking • Reference Architecture for 3GPP/WLAN Interworking • WLAN access to 3GPP IMS • IMS Registration through WLAN • The remaining slides demonstrate how this Interworking architecture can be used to access TISPAN-IMS services from any access network capable to transport IP frames (e.g. xDSL): • Access to TISPAN-IMS through generic access networks • 3GPP/WLAN Interworking architecture as paradigm for NGN access independence TISPAN - 3GPP workshop, June 22nd-23rd 2004
3GPP/WLAN Interworking: goals … • WLAN access authentication and authorization through the mobile core network (AAA server, HSS) • Direct Internet access from WLAN still possible • Common charging and billing • Reference to standard IETF RFCs whereever possible • (U)SIM based secure access to packet based services within the mobile network, e.g. to the IMS, through a Packet Data Gateway (PDG) used for: • service authentication and authorization • IP address allocation • policy enforcement and charging • Roaming capable architecture TISPAN - 3GPP workshop, June 22nd-23rd 2004
… and concepts • No dependencies on the access technology, therefore easily applicable to other technologies like xDSL • Minimal requirements on the access network (e.g. 802.1x capable for access authentication based on EAP-SIM/EAP-AKA) • Accessauthentication is independent from service authentication: the method used for the first one does not influence the solution for the second one • Terminal uses standard DNS mechanisms to select appropriate PDG (resolve PDG name or application specific name to IP address) and establishes directly a VPN tunnel (IPSec) but can be re-directed by the network to another PDG, if applicable (load sharing) • VPN tunnel acts as a bridge between different address spaces (WLAN access network, mobile core network) • WLAN specific subscription data stored in the HSS TISPAN - 3GPP workshop, June 22nd-23rd 2004
3GPP/WLAN Interworking Architecture from 3GPP TS 23.234 • WLAN Access Gateway (WAG): policy enforcement and charging in the visited (roaming) network • Packet Data Gateway(PDG): access to packet based services, VPN concentrator, charging, service authorization, IP address allocation • Wa, Wd: access authentication (AAA protocols) • Wu: VPN tunnel between terminal and PDG • Wi: interface to Packet Data Networks TISPAN - 3GPP workshop, June 22nd-23rd 2004
WLAN access to 3GPP IMS PSTN PLMN AAA MRF MGW DHCP DHCP MGCF Internet Intranet CSCF GGSN WLAN AP WLAN AP CS domain 2G 3G MSC 2G 3G MSC BSC BTS TDM GERAN IP-Network (PS domain) RNC HSS(HLR) Node B UTRAN 2G 3G SGSN 3GPP IMS WLAN WAG PDG Access Router IP address allocation, P-CSCF discovery Service authentication and authorization IMS signaling TISPAN - 3GPP workshop, June 22nd-23rd 2004
IMS Registration through WLAN HSS HSS PDG AP DHCP DHCP AAA S-CSCF P-CSCF DNS DNS WLAN access network Mobile core network UE 1. WLAN association at L1/2 2. Access Authentication at AAA server 3. Obtain local IP address from WLAN 4. Retrieve PDG address 5. Establish tunnel to PDG 6. Obtain remote IP address and discover P-CSCF 7. Set-up security association between UE and P-CSCF 8. IMS registration and session set-up TISPAN - 3GPP workshop, June 22nd-23rd 2004
Access to TISPAN-IMS through generic access networks (e.g. xDSL) PSTN PLMN AAA MRF MGW DHCP DHCP MGCF Internet Intranet CSCF Access Network (e.g. xDSL, WLAN) (local address range) Access Router NGN Terminal IP Core HSS PDG TISPAN-IMS IP address allocation, P-CSCF discovery Service authentication and authorization IMS signaling TISPAN - 3GPP workshop, June 22nd-23rd 2004
3GPP/WLAN Interworking architecture as paradigm for NGN access independence • NGN access authentication by a generic procedure, e.g. EAP based (available for many L2 technologies) • Access Network allocates local IP address: private or public, IPv4 or IPv6 • Access to the NGN core network is provided through the Packet Data Gateway: • NGN terminal determines PDG name (application specific or a generic one) • NGN terminal resolves name to IP address by standard DNS means • NGN terminal establishes VPN tunnel (IPSec) to PDG • Mutual authentication and authorization of NGN terminal and PDG during tunnel establishment • Assignment of remote IP address to UE by the NGN core network • Remote address is used to perform registration in the TISPAN-IMS • Authentication and authorization is based on NGN specific subscription data stored in the HSS • Most preferred solution will rely on a (U)SIM like security solution TISPAN - 3GPP workshop, June 22nd-23rd 2004