Abstract: A technique of configuring a core network domain of a wireless communication network for detection of service traffic that is to be trustfully handled in accordance with traffic handling information stored in a blockchain is provided. A method implementation of this technique comprises receiving, from a service provider, traffic detection information for service traffic that is to be handled in accordance with the traffic handling information. The method further comprises triggering an association, in the blockchain, of the received traffic detection information with the traffic handling information, and providing the traffic detection information to the core network domain for detecting the service traffic that is to be handled in accordance with the traffic handling information.

Abstract: The invention relates to a method for operating a network exposure entity (100) in a cellular network, the method comprising receiving (S30) a first request from an application entity requesting vehicle related information, the vehicle related information comprising a vehicle identifier and at least one vehicle related parameter of a vehicle. A subscription request is transmitted to a collecting entity (200, 700) configured to collect the vehicle related information for the vehicle, the transmitted subscription request comprising the at least one vehicle related parameter. A first notification is received from the collecting entity in response to the subscription, the response comprising information related to the at least one vehicle related parameter, and a second notification is transmitted to the application entity comprising the vehicle identifier and the information related to the at least one vehicle related parameter.

Abstract: A method (700) in a policy control function, PCF, of moving a session from a service function chain, SFC, to a new SFC, wherein the SFC comprises a first SF that modifies packets in the session. The method comprises determining (702) to update a second SF in the SFC for the session, determining (704) a new SFC for the session comprising new SFs, wherein the new SFs are selected based on the determined update to the second SF and information related to the packet modification performed by the first SF and (706) sending a first message to a session management function, SMF, comprising updated policy control rules for the session, wherein the updated policy control rules comprise an indication of the new SFC for the session.

Abstract: A method, an operator network (101) and nodes (120, 140, 160) for managing trafficare disclosed. The network exposure node (160) receives (A010) a Packet Flow Description (PFD) rule for a server application (190). The PFD rule comprises one or more protocol parameters for classification of traffic using a protocol related to said one or more protocol parameters. The one or more protocol parameters comprise for example an indication relating to common names (CNS), an indication relating to a domain name system (DNS) domain name, a server name indication (SNI), an indication relating to fraud prevention, an indication relating to a server IP address. The network exposure node (160)transmits (A020) the PFD rule to the session node (140), which transmits (A040), towards the user data node (120), a management request comprising the PFD rule. The user data node (120) receives (A080), from the client application (115), traffic destined to the server application (190).

Abstract: A method and apparatus for device authentication and authorisation, wherein the method comprises: receiving, at an authentication and authorisation node, a device authorisation request comprising identity information for an application executed by a device and a first application specific container containing application specific information; identifying, using the device authorisation request, the application to which the request relates, and checking the authorisation status of the application; if the application is for use, transmitting an authorisation approval, the authorisation approval comprising the first application specific container containing application specific information.

Abstract: A method for over-the-top (OTT) management in a communication network is presented. The method is performed in an application client. The method comprises sending a request for activation of a policy for an application network interaction protocol (ANIP) service to a packet data network gateway (PGW) wherein the request indicates an address to a local ANIP server; receiving a set of rules related to the requested activation of the policy from the PGW, wherein the set of rules are defined for a packet data network (PDN) session applicable for the ANIP service; and communicating over the communication network based on the received set of rules. Methods, application clients, PGWs, ANIP servers, computer programs, and a computer program for OTT management in a communication network are also presented.

Abstract: A method for over-the-top, OTT, management in a communication network is presented. The method is performed in a packet data network gateway, PGW. The method comprises receiving (S200) a request for an application network interaction protocol, ANIP, service from an application client, sending (S210) the received request to a global ANIP server, wherein the request is extended with a public land mobile network, PLMN, identity, receiving (S220) an address to a local ANIP server from the global ANIP server, and sending (S230) the received address to the local ANIP server to the Send request for application client. Methods, a PGW, an application client, an ANIP server, computer programs, and a ANIP service computer program product for OTT management in a communication network are also presented.

Abstract: The use of multipath enabled mobile entities accessing a service outside the network in a multipath connection. The invention relates to a method for operating an application server (100) providing a service to a multipath enabled mobile entity (10) connected to the application server with a first bearer of a first access network of a first mobile communications network, wherein the application server is external to the mobile communications network, whereas the method comprises the steps of receiving an indication that the mobile entity (10) has an option to use another bearer not belonging to the first mobile communications network for accessing the application server, and of transmitting a request message towards a policy control entity (50) of the first mobile communications network requesting the policy control entity to disconnect the first bearer.

Abstract: The present invention faces the issue of a user ignoring an alternative second service usable instead of a first service that the user is using, and which is a service subscribed by the user. To solve this issue, the present invention provides for associating a first service identifier and a second service identifier with a same service category at a subscription repository; upon detecting at a policy enforcer the first service is used by the user, notifying a policy controller of the first service identifier; obtaining, by the policy controller from the subscription repository, the second service identifier associated with the same service category as the first service identifier; offering the user, either directly from the policy controller or via the policy enforcer, to accept using the second service instead of the used first service; and, upon user accepting to use the second service, enforcing control rules for the second service at the policy enforcer.

Abstract: The present invention faces the issue of a user ignoring an alternative second service usable instead of a first service that the user is using, and which is a service subscribed by the user. To solve this issue, the present invention provides for associating a first service identifier and a second service identifier with a same service category at a subscription repository; upon detecting at a policy enforcer the first service is used by the user, notifying a policy controller of the first service identifier; obtaining, by the policy controller from the subscription repository, the second service identifier associated with the same service category as the first service identifier; offering the user, either directly from the policy controller or via the policy enforcer, to accept using the second service instead of the used first service; and, upon user accepting to use the second service, enforcing control rules for the second service at the policy enforcer.

Abstract: A method for classifying packets includes determining an execution indication indicating at least one amongst a service and application being executed on a user terminal and generating uplink packets; determining a marker on the basis of PCC rules available at the user terminal and at least one execution indication, the marker for identifying at least one of a service and an application associated to uplink packets; transmitting the marker and the uplink packets, to a PCEF network entity; determining an uplink classification, at the PCEF network entity, for received uplink packets based on the marker; storing, at said PCEF network entity, an association between information related to an uplink flow corresponding to the uplink packets and uplink classification; receiving, at said PCEF network entity, downlink packets corresponding to the uplink packets; determining a downlink classification, at the PCEF network entity, for received downlink packets based on the stored association.

Abstract: In a mobile network comprising a gateway for establishing a packet data connection with a user equipment, user communication is implemented on the basis of a client interface script to be executed in a browser application of the user equipment. For this purpose, the gateway receives data destined to the browser application of the user equipment. The gateway modifies the received data to provide the user equipment with the client interface script, e.g., by including an identifier of the client interface script in to the data. The gateway sends the modified data to the user equipment, thereby enabling the browser application of the user equipment to execute the client interface script. Execution of the client interface script in the browser application may for example implement a user dialog for customizing functions of the mobile network.

Abstract: A method for classifying packets includes determining an execution indication indicating at least one amongst a service and application being executed on a user terminal and generating uplink packets; determining a marker on the basis of PCC rules available at the user terminal and at least one execution indication, the marker for identifying at least one of a service and an application associated to uplink packets; transmitting the marker and the uplink packets, to a PCEF network entity; determining an uplink classification, at the PCEF network entity, for received uplink packets based on the marker; storing, at said PCEF network entity, an association between information related to an uplink flow corresponding to the uplink packets and uplink classification; receiving, at said PCEF network entity, downlink packets corresponding to the uplink packets; determining a downlink classification, at the PCEF network entity, for received downlink packets based on the stored association.

Abstract: A technique for generating or updating a user profile based on a packet flow in a communications network from a user terminal to a destination address is described. A method implementation of this technique comprises receiving, by a Policy Control and Charging Rules Function (PCRF) from a Policy and Charging Enforcement Function (PCEF), at least one item of information indicative of at least one of the destination address and a service provided at the destination address to the user terminal. Based on this item of information, a user profile for a user associated with the user terminal is generated or updated.

Abstract: A policy and charging control method enables a privileged user of a multiple-user subscription of a telecommunication network to cause a change to a policy or charging applicable to a non-privileged user of the subscription. The method comprises: (i) accessing (s10), by a communication terminal of the non-privileged user, an authorization control manager (ACM) function, to request a change of policy or charging applicable to the non-privileged user; (ii) transmitting (s20), by the ACM function to a PCRF, the requested change; (iii) notifying (s30) a communication terminal of the privileged user, by the PCRF, of the requested change; and (iv) indicating (s40), by the communication terminal of the privileged user, to the ACM function, at least one of: (a) whether the requested change is approved, and (b) to which extent the requested change is approved. The invention also relates to network nodes, computer programs, and computer program products.

Abstract: The present invention relates to the implementation of policy and/or charging control for an IP Connectivity Access Network session established for a user, that enables the user to select one of several Quality or Service levels, and an associated charging rate, that can be provided to the user for an identified traffic type that is being sent over the IP-CAN session. A set of Policy and Charging Control rules that apply the selected QoS level and the associated charging rate are then generated and applied to traffic of the identified type that is sent over the IP-CAN session.

Abstract: A Policy and Charging Rules Function server (PCRF) of a Policy and Charging Control (PCC) Architecture for deciding control rules applicable to user traffic flows to be inspected, in accordance with applicable telecommunication protocols for each traffic flow, by a Policy and Charging Enforcement Function server with Deep Packet inspection capabilities (PCEF-DPI) of the PCC Architecture. The PCRF includes a database having a list of protocols used in the user tialYtc flow s The PCRF includes an interface unit which receives a query from the PCEF-DPI about applicable control rules for an IP Connectivity Access Network (IP-CAN) session established for a user at the PCEF-DPI The PCRF includes a processing unit which sends the applicable control rules for the IP-CAN session and the list of protocols through the interface unit to the PCEF-DPI. A Policy and Charging Enforcement Function, server having Deep Packet Inspection capabilities (PCEF-DPI) of a Policy and Charging Control (PCC) Architecture.

Abstract: A method for classifying packets includes determining an execution indication indicating at least one amongst a service and application being executed on a user terminal and generating uplink packets; determining a marker on the basis of PCC rules available at the user terminal and at least one execution indication, the marker for identifying at least one of a service and an application associated to uplink packets; transmitting the marker and the uplink packets, to a PCEF network entity; determining an uplink classification, at the PCEF network entity, for received uplink packets based on the marker; storing, at said PCEF network entity, an association between information related to an uplink flow corresponding to the uplink packets and uplink classification; receiving, at said PCEF network entity, downlink packets corresponding to the uplink packets; determining a downlink classification, at the PCEF network entity, for received downlink packets based on the stored association.

Abstract: A policy and charging control method enables a privileged user of a multiple-user subscription of a telecommunication network to cause a change to a policy or charging applicable to a non-privileged user of the subscription. The method comprises: (i) accessing (s10), by a communication terminal of the non-privileged user, an authorization control manager (ACM) function, to request a change of policy or charging applicable to the non-privileged user; (ii) transmitting (s20), by the ACM function to a PCRF, the requested change; (iii) notifying (s30) a communication terminal of the privileged user, by the PCRF, of the requested change; and (iv) indicating (s40), by the communication terminal of the privileged user, to the ACM function, at least one of: (a) whether the requested change is approved, and (b) to which extent the requested change is approved. The invention also relates to network nodes, computer programs, and computer program products.

Abstract: A Parental Control Manager “PCM” server of a Policy and Charging Control “PCC” architecture with the Parental Control Manager “PCM” server, a Policy Control Enforcement Function device with Deep Packet Inspection capabilities “PCEF-DPI device”, and a Policy Control Rules Function “PCRF” server. The PCM server includes a user interface unit for receiving a logon from a user, and for receiving from the user monitoring criteria on Internet traffic types to be monitored for the user, and corresponding actions to be carried out when any monitoring criteria fit a given Internet traffic type. The PCM server includes a network interface unit for submitting the monitoring criteria and corresponding actions received from the user to a PCRF server. A PCRF server of a PCC architecture with a PCM server, a PCEF-DPI device, and the PCRF server. A PCEF-DPI device of a PCC architecture with a PCM server, the PCEF-DPI device, and a PCRF server.