mobile communication system and method for selecting and connecting a mobile device profile / imsi

专利摘要:
According to at least one example embodiment, the present disclosure can be implemented in the form of a method or system for carrying out data traffic inspections and selecting an IMSI according to a connection logic. The example embodiment can include a data inspection module (107) configured to inspect data requests from a mobile device (150) assigned to a first IMSI. The data inspection module (107) can be further configured to determine data usage information from the mobile device (150) from the inspected data requests. The example embodiment additionally includes a connection logic module (109) communicatively coupled to the data inspection module (107). The connection logic module (109) is configured to select a second IMSI associated with a second mobile network to assign to the mobile device (150), the selection of the second IMSI being at least partially based on the data service being requested by the mobile device ( 150).
公开号:BR112019027114A2
申请号:R112019027114-7
申请日:2018-06-27
公开日:2020-07-07
发明作者:Richard H. Xu；Vitaliy G. YURCHENKO；Ajay Joseph；Richard M. Pellegrini
申请人:Ibasis, Inc.；
IPC主号:

专利说明:

[0001] [0001] This application is a continuation of and claims U.S. Application No. 15 / 634,692, filed June 27, 2017. The total teachings of the above application are hereby incorporated by reference. BACKGROUND
[0002] [0002] Wired communication systems, such as the Long-Term Evolution (LTE) mobile communication system, also referred to as the Evolved Package System (EPS) or the 4th Generation System (4G), the System Global Mobile (GSM) for communications, or Mobile Broadband Code Division Multiple Access (W-CDMA) communication system, typically use a subscriber identification module (SIM) card to identify and authenticate subscribers. on mobile network devices (for example, mobile phones, computers, Internet of Things (loT) devices, and any device capable of a mobile network data connection). A SIM card is an integrated circuit that stores an international mobile subscriber identity number (IMSI) and its related keys.
[0003] [0003] Mobile network operators of such wireless communications systems identify and authenticate mobile devices connected to your network using the information provided by the SIM card of the mobile device (for example, the IMSI of the mobile device). Mobile network operators also typically implement different features based on a subscriber's identity and profile stored by the network operator, for example, billing features, quality of service (QoS) features, etc. to control the services offered and the corresponding use by subscribers.
[0004] [0004] In order to expand the geographical coverage of services offered beyond the network coverage of each service provider, network operators typically engage in interworking and roaming arrangements. The interworking and roaming arrangements between different network operators are made possible through interconnection between service providers. For example, when a mobile network subscriber connects to a visited mobile network, the visited mobile network identifies the mobile subscriber's home network through the mobile subscriber's IMSI. With the mobile subscriber's IMSI, the visited mobile network is able to authenticate the mobile subscriber with its home network and provide service to the mobile subscriber based on the roaming arrangements between the two networks. SUMMARY
[0005] [0005] A recently developed type of SIM card is a built-in SIM (eSIM) or embedded (eUlCC) universal integrated circuit card. ESIM can not only take the form of a traditional removable or interchangeable SIM card, but can also be realized as a built-in non-replaceable chip. An eSIlIM has the ability to be provisioned, either remotely or locally, with different subscriber profiles or identities. This allows a mobile device equipped with an eSIM to dynamically change its subscriber ID, which in turn allows the mobile device to change the mobile network or service provider to which the mobile device is currently subscribed. For example, an embedded UICC (eUIlICC) can store a SIM profile for a local mobile network operator (MNO) and another SIM profile for an international MNO.
[0006] [0006] The GSM Association (GSMA) developed the “Remote Provisioning Architecture for Embedded UICC Technical Specification,” Version 3.1 (May 31, 2016) (referred to here as “GSMA eSIM” Specification and incorporated by reference), “RSP Technical Specification , ”
[0007] [0007] Such downloading of a SIM profile and connection to another MNO with the recently downloaded profile usually depends on the sending messages, via the short message service protocol (SMS) of a remote SIM provisioning platform (RSP) to the targeted eSIM card, via your current SIM profile and current fixed cellular network (for example, GSM, 3G, or LTE network). Once receiving a command, via the RSP SMS, the eSIM card can perform a few actions per the GSMA eSIM Specification, such as downloading a new SIM profile, connecting to another SIM profile, deactivating / deleting a downloaded profiles, etc. Once the action is performed, the eSIM card (via the device) sends a confirmation to the RSP via SMS regarding the action taken. For example, after connecting to another profile, and the device is attached to a new cellular network with the new profile, eSIM usually sends a confirmation message, via SMS from the new network to the RSP where the status prior action is updated.
[0008] [0008] The training of mobile devices to be provisioned with different subscriber identities allows for numerous improvements in how mobile services are provided. For example,
[0009] [0009] Another application of eSIM technology is the creation of a global mobile service provider network that maintains mobile service arrangements with many different mobile network operators around the globe. The global mobile service provider network can maintain a subscriber profile with numerous mobile network operators and provision a mobile device with a specific subscriber identity (profile) associated with a chosen mobile network operator depending on any number of factors ( eg country / location, mobile network operator, cost, regulations, type of service, data usage, quality of service (QoS), real-time data requests, etc.). The global mobile service provider network can select the mobile operator operator from a mobile device (or connect the mobile device's mobile network operator) based on a set of link logic. For example, if the mobile device changes locations, the global mobile service provider network may use link logic that causes the mobile device to be provisioned with (or assigned) a subscriber identity associated with a subscriber profile of a local mobile network operator at the current location of the mobile device.
[0010] [0010] The embodiments of the present disclosure enhance an ability of the global mobile service provider's network to provide service to mobile devices around the globe based on arrangements with many different mobile network operators. The embodiments of this disclosure are particularly applicable to Internet of Things (loT) devices (also known as machine-to-machine (M2M) devices). LoT devices benefit from the global interoperability that the global service provider network is capable of providing. The embodiments of the present disclosure enable loT devices to be transported anywhere around the globe and receive mobile data services. Additionally, by directing data traffic through the global service provider network, the global service provider achieves real-time visibility into the data traffic of each of its mobile subscribers regardless of the current mobile network, profile or IMSI that the loT device is using. The global service provider network can also exercise increased control over the data usage of each loT device through the use of a policy control platform. For example, manufacturers of loT devices (which may be direct customers of the global service provider) can instruct the global service provider network to limit data access from loT devices to specific data services that loT devices have been intended to use. Additionally, manufacturers of loT devices can instruct the global service provider network to direct data traffic from loT devices to the private network of the manufacturer regardless of the current mobile network, profile or IMSI that the mobile device is using. For example, manufacturers of loT devices can instruct the global service provider network to limit the amount of data (or quota) that a loT device is allowed to consume.
[0011] [0011] According to some embodiments, each mobile network operator that operates with the global mobile service provider network allocates a plurality of subscriber profiles to the global service provider network. The global service provider network maintains the subscriber profile for each of the mobile network operators and can provision a mobile device with an IMSI associated with a subscriber profile for any mobile network operator. This effectively gives the global service provider network control over the mobile network that the mobile device receives service.
[0012] [0012] The systems and methods of the present disclosure provide powerful technological tools that leverage the capacity of the global service provider network to control and connect the IMSI assigned from a mobile device to enable a highly customizable global mobile service for mobile devices equipped with eSIM chips or removable eUICC cards. In some embodiments, the global service provider network may use real-time visibility into mobile device data traffic as they pass through the global service provider's network to determine which IMSI to assign to the mobile device. Additionally, the global service provider network has the ability to monitor a plurality of data traffic from mobile devices on a mobile network, and based on information determined from data traffic, the service provider network can measure or derive network performance metrics from the mobile network.
[0013] [0013] According to at least one example embodiment, the present disclosure can be implemented in the form of a corresponding method or device for carrying out data traffic inspections and selecting an IMSI according to a connection logic. The at least one example embodiment may include a connection logic module configured to receive user information
[0014] [0014] Some embodiments may include a data inspection module (and / or a policy control module) configured to inspect data requests from a mobile device assigned to a first IMSI | associated with a first mobile network. In some embodiments, the data inspection module uses deep packet inspection to inspect the data request from the mobile device. The data inspection module can be further configured to determine data usage information from the mobile device from the inspected data requests, the data usage information including a data service being requested by the mobile device. The at least one example embodiment additionally includes a connection logic module communicatively coupled to the data inspection module. According to another aspect of the example embodiment, the connection logic module is configured to select a second IMSI associated with a second mobile network to assign to the mobile device, the selection of the second IMSI at least partially based on the data being requested by the mobile device. The connection logic module is additionally configured to assign the second IMSI to the mobile device.
[0015] [0015] According to some embodiments, the data inspection module is additionally configured to determine metrics.
[0016] [0016] According to another aspect of the example embodiment, the data usage information can include any of: condition of the mobile network, type of data that the mobile device is requesting, and amount of data that the consumed mobile device.
[0017] [0017] According to some embodiments, the connection logic module is configured to select the second IMSI based on a charge rate from the second mobile network for the data service requested by the mobile device.
[0018] [0018] According to some embodiments, the data inspection module is additionally configured to track a quantity of data used by a plurality of mobile devices over a given period of time, each mobile device being assigned to an IMSI associated with the first mobile network. The linker module being additionally configured to select different IMSIs to assign to at least some of the plurality of mobile devices, each different IMSI being associated with a network other than the first mobile network, and the selection being at least partially based on the amount of data used by the plurality of mobile devices over the given period of time. After selection, the connection logic module is additionally configured to assign the selected selected IMSIs to at least some of the plurality of mobile devices.
[0019] [0019] According to some embodiments, the data inspection module can include policy control functionality, and be configured to deny, allow, or modify an inspected data request based on a data policy associated with an IMSI currently assigned from the mobile device. In some embodiments, the data inspection module is configured to deny, allow, or modify an inspected data request based on a type of mobile device.
[0020] [0020] In some embodiments, the selection of the second IMSI is additionally based on any one or more of the following: country of the first mobile network or the second mobile network, location of the mobile device, operator of the first mobile network or the second network mobile, data rate cost of the first mobile network or the second mobile network, and quality of service of the first mobile network or the second mobile network. BRIEF DESCRIPTION OF THE DRAWINGS
[0021] [0021] The precedent will be apparent from the following more particular description of the embodiment of examples of the invention, as illustrated in the accompanying drawings in which similar reference characters refer to the same parts through all different views. The drawings are not necessarily to scale, emphasis instead being placed on the illustrative embodiments of the present invention.
[0022] [0022] FIG. 1A is a diagram illustrating an example communication system architecture that empowers a global service provider network to control remote provisioning of a mobile device.
[0023] [0023] FIG. 1B is a flow chart illustrating an example method for selecting and connecting a mobile device / IMSI profile.
[0024] [0024] FIG. 2A - 2C illustrate an example connection logic of the connection logic module according to some embodiments.
[0025] [0025] FIG. 3 is a high-level block diagram of a data inspection module that includes a policy control platform, according to some embodiments of the present disclosure.
[0026] [0026] FIG. 4 illustrates an example communication system architecture that enables a global service provider network to control remote provisioning of a mobile device.
[0027] [0027] FIG. 5 is a block diagram of the internal structure of a computer in which various embodiments of the present invention can be implemented. DETAILED DESCRIPTION
[0028] [0028] A description of the exemplary embodiments of the invention follows.
[0029] [0029] The teachings of all patents, published applications and references cited here are incorporated by reference in their entirety.
[0030] [0030] FIG.1A illustrates an example communication system architecture that enables a global service provider network 100 to control remote provisioning of a mobile device
[0031] [0031] According to some embodiments, MN 151 recognizes that the profile of subscriber A associated with IMSI currently provisioned to the mobile device 150 was previously allocated by MN 151 to the global service provider network 100. In some con- mobile operators (for example, MN 151 and 152 mobile network operators) have allocated a plurality of subscriber profiles to the global service provider network 100. Mobile network operators can associate all allocated profiles with global service provider network 100, such that all usage and billing information tracked by mobile operators is attributed to the global service provider network, and not necessarily the owner / user of the sporadically provisioned mobile devices with any of the allocated profiles (or IMSIs associated with the profiles).
[0032] [0032] According to some embodiments, the global service provider network 100 can provision or cause mobile devices to be provisioned with any of the subscriber's profiles. In some embodiments, the global service provider network 100 tracks the use of data associated with each mobile device and each subscriber profile. By tracking data usage on a mobile device, the global service provider network 100 is able to charge the owner / user of each mobile device or any other part associated with each mobile device.
[0033] [0033] Referring back to FIG. 1A, MN 151 can route data traffic from mobile device 150 to data inspection module 107 located on global service provider network 100. In some embodiments, MNO 151 uses an access point name ( APN) to establish a data connection 156 directly with the P-GW 157 on the global service provider network 100, and the established data connection is used to direct all of the data traffic from the mobile device to the provider network global service provider 100. In some embodiments, data connection
[0034] [0034] According to some embodiments, the data traffic is directed to the data inspection control module 107 which monitors the use of data from the mobile device 150. The data inspection module 107 can be an independent service element , or be part of functions integrated in the P-GW 157. In addition, data inspection module 107 may include policy control functionality to control mobile device data usage based on data policies. Data policies can be predefined or dynamically created. In some embodiments, the data policy can be associated with the mobile device, the subscriber's profile (or IMSI), or a combination of both. The policy control functionality of data inspection module 107 is defined in more detail below, and in copending U.S. Patent Application No. 15 / 260,897, incorporated herein by reference.
[0035] [0035] In some embodiments, the data inspection module 107 inspects data requests from the mobile device 150 using deep packet inspection. The data inspection module 107 can then determine data usage information from the mobile device 150 of the inspected data requests. According to some embodiments, the data usage information may include information related to the data service (for example, application, web browsing, etc.) being requested by the mobile device 150. The data inspection module 107 communicates the information of use of data to the connection logic module 109.
[0036] [0036] According to some embodiments, the connection logic module 109 receives control instructions and rules from a service provisioning element 113 for mobile devices associated with the global service provider network 100. The connection logic module connection 109, based on predefined rules, decides which subscriber profile and IMSI is assigned to the mobile device 150. Connection logic module 109 bases its decision on a plurality of entries and connection logic. The plurality of entries may include the data usage information determined by the data inspection module 107 (shown as entry 114).
[0037] [0037] In addition to the input of the data inspection module 107, the connection logic module 109 can receive input from one or more additional elements on the global service provider network 100 including multi-IMSI home subscriber server. (HSS) 110 (shown as entry 132), IMSI 112 inventory database (shown as entry 129), service provision module 113 (shown as entry 125), OCS / Offline loading 116 (shown as input 115), network monitoring system 117 (shown as input 118), and one or more customer service networks 180 (shown as input 122).
[0038] [0038] According to the example embodiment illustrated in FIG. 1A, the connection logic module 109 selects a different IMSI associated with the Local MN Profile Z Profile 152 to assign to the mobile device 150 based on the internal connection logic and one or more of the plurality of inputs (114, 115, 118, 122 132, 125 and / or 129) received by the connection logic module 109. In some embodiments, the
[0039] [0039] According to this example embodiment, the connection logic module 109 makes the remote provisioning of the eSIM system (SM-DP, SM-SR or SM-DP +) 120 mobile device 150 provisionally remotely with the associated IMSI with Z Profile on MN 152. The remote provisioning system eSlIM 120 can remotely provision the mobile device via Short Message Service (SMS), Bearer Independent Protocol (BIP), or Hypertext Transfer Protocol Protection (HTTPS) 140. This causes the mobile device 150 to detach from the MN 151 and then attach to the MN 152. The MN 152 now provides service to the mobile device 150. The eSIlIM 120 remote provisioning system can operate as described in the Remote Provisioning Architecture for Embedded UICC Technical Specification, ”Version 2.1 (November 1, 2015) incorporated herein by reference. In addition, the eSIM 120 remote provisioning system may operate as described in copending U.S. Order No. 62 / 479,093 incorporated herein by reference.
[0040] [0040] In some embodiments, MN 152 establishes a data connection 160 with global service provider network 100. The global service provider network 100 directs data traffic from the mobile device 150 through the data inspection module. Dice
[0041] [0041] FIG. 1B is a flowchart illustrating an example method for selecting and connecting a profile / IMSI of the mobile device. According to the example method, data inspection module 107 can inspect 191 data requests from a mobile device assigned to a first IMSI using deep package inspection, the first IMSI being associated with a first mobile network , and determine 192 mobile device data usage information from the inspected data requests, the data usage information including a data service being requested by the mobile device. According to the example method, the connection logic module 109 can be coupled to the data inspection module 107 and configured to select 194 a second IMSI associated with a second mobile network to assign to the mobile device, the selection of the second IMSI being at least partially based on the data service being requested by the mobile device, and assigns 195 the second IMSI to the mobile device.
[0042] [0042] According to the embodiments of the present disclosure, the connection logic module 109 is programmed with connection logic to automatically select and assign a Profile / IMSI to the mobile devices (for example, mobile device 150) that are part of the global service provider network 100. Figures 2A - 2C illustrate an example connection logic of connection logic module 109 according to some embodiments. As mentioned above, connection logic module 109 selects a different IMSI associated with local MN 152 to assign mobile device 150 based on an internal connection logic and the plurality of entries (114, 115, 118, 122 132 , 125 and / or 129) received by the connection logic module 109.
[0043] [0043] FIG. 2A is a flowchart of an example link logic that selects a profile / IMSI for provisioning a mobile device based on inputs for link logic module 109. According to some embodiments, link logic module 109 can receive Information Update Location of mobile device 150, via entry 132, starting from 110. Location Update Information 211 may include information related to MCC / MNC, IMSI, IMEI, LAC, CelllD Visitors, or other information related to the location and / or identity of the mobile device 150. In some embodiments, the connection logic module 109 can receive Location Update Information 210 from the mobile device 150, via input 133, from DRA 302. This Location information can be in addition to, or in lieu of, the location information received from the HSS 110. Similarly, the location information received from the DA 104 (as shown in FIG. 4) can include information - Information related to MCC / MNC, IMSI, IMEI Visitors, or other information related to the location and / or identity of the mobile device
[0044] [0044] According to some embodiments, the connection logic module 109 aggregates Location Update Information 210 and 211 together, and extracts information 222 to identify mobile device 150 and its eSIM card status. The extracted information 222 can include information related to the identity of the mobile device 150, for example, IMSI Device Type, MCC / MNC, etc.
[0045] [0045] According to the example embodiment of FIG. 2A, the connection logic module 109 can receive one or more notifications 212, via input 115, from the OCS / Offline Loading System 116. In some embodiments, the connection logic module 109 can generate actions for each IMSI for the one received one or more notifications from the OCS / Offline 116 Loading System. The actions generated 221 can include block or redirect to domain / portal designated in the profile, etc.
[0046] [0046] According to the example embodiment of FIG. 2A, the connection logic module 109 can receive one or more business rules, via entry 125, from the service provisioning system 113. The service provisioning system 113 can also receive input from a portal / web interface 124. Business rules can be rules and policies for each profile that depend on the contractual conditions between the global service provider network and the operator of the mobile network associated with each profile. For example, a subscriber profile allocated to the global service provider network 100 by MN 151 may have an application-dependent data rate that requests data on the mobile device 150, a data rate based on the time of day / week, Service Level Agreement, a quality of service (QoS) limit, a fee based on the type of device, a limit on the volume of loading data, a limit on the volume of downloading, applications that are allowed, protocols that are allowed , MNC / MCC that are allowed, regulation rules by MCC, lack of control, among other contractual conditions. In some embodiments, the business rules for each subscriber profile are stored in a database of rules and policies 216.
[0047] [0047] According to the example embodiment of FIG. 2A, the connection logic module 109 can receive 213 information in real time about the mobile device 150, the use of data from the mobile device, the condition of the mobile device of the mobile network 150 is fixed to, or any other information received from the data inspection module 107, via input 114. In some embodiments, connection logic module 109 can receive, via input 118, historical network performance metrics 214 from the network monitoring system
[0048] [0048] In some embodiments, the connection logic module 109 can aggregate the information in real time that it receives from multiple mobile devices operating on the same mobile network. The connection logic module 109 can use the aggregated real-time information to determine one or more metrics of network performance of the mobile network that the multiple mobile devices are operating. This gives the connection logic module 109 access to real-time information related to the current operation of the mobile networks. According to some embodiments, the connection logic module 109 can generate a list of mobile networks (and / or profiles belonging to those mobile networks) to avoid. Linking module 109 can use this list to prevent mobile devices from being provisioned with IMSIs or profiles associated with mobile networks currently (and / or historically) experiencing performance problems. Profiles, IMSI | or mobile networks can be added to the list of profiles / IMSIs to avoid any number of reasons in addition to current network performance problems.
[0049] [0049] According to some embodiments, link logic 109 aggregates real-time information 213 and historical network performance metrics 214 together, and extracts information 217 from received real-time measurements 213 and historical network performance 214 In some embodiments, the network profiles are associated with the extracted information 217. According to some embodiments, the connection logic module 109 can access the database of rules and policies 216, and can generate a list prevention profile 218 (that is, a list of profiles that should not be assigned to users).
[0050] [0050] According to the example embodiment of FIG. 2A, the connection logic module 109 can compile or access 225 the extracted information 222 that identifies the mobile device 150 and its eSIM card status, the Rules and Policies from the Rules and Policy Database 216, the generated action list 221 and profile prevention list 220 for connection and control decision processes 230, as shown in FIG. 2B.
[0051] [0051] FIG. 2B is a flow chart of an example 230 connection and control decision process. Decision process 230 can be used to determine whether an IMSI assigned to a mobile device (for example, mobile device 150) should be linked to another IMSI associated with another profile.
[0052] [0052] According to some embodiments, the decision process 230 uses the extracted information compiled or accessed that identifies the mobile device 150 and its eSIM card status, the Rules and Policies from the Database of rules and policies 216, generated action list 221 and profile prevention list 220 to determine whether or not to turn on the mobile device's IMSI 150. If the mobile device's IMSI should be turned on, the decision process 230 must
[0053] [0053] According to the decision process 230 of the example shown in FIG. 2B, the connection logic module 109 can determine 231 whether the current IMSI assigned to the mobile device should be blocked based on the generated action list 221 and / or the profile prevention list 220. In some embodiments, if the connection logic module 109 determines 231 that the IMSI should be blocked, the connection logic module 109 causes the data inspection module 107 (via interface 130) to block the traffic of that IMSI. The connection logic module 109 can also cause the mobile device 150 to connect 232 to another IMSI.
[0054] [0054] According to the decision process 230 for example, the connection logic module 109 can determine 233 if the current IMSI assigned to the mobile device to be redirected based on the generated action list 221. In some embodiments, if the logic module link 109 determines 233 that the IMSI should be redirected, the link logic module 109 determines 234 whether there is a profile for the IMSI reset. If not, the connection logic module 109 causes the data inspection module (via interface 130) to redirect traffic to that IMSI. If an IMSI redirection profile exists, the connection logic module 109 can determine 236 if the given redirection profile is in the prevention list 220. If the given redirection profile is not in the prevention list 220, in then the connection logic module 109 causes the mobile device to connect 235 to a new IMSI, and causes the data inspection module (via interface 130) to redirect traffic to that IMSI. If the given redirection profile is in the prevention list 220, then the connection logic module 109 causes the mobile device to connect 238 to the fault IMSI, and causes the data inspection module (via interface 130) redirect traffic to that IMSI.
[0055] [0055] According to the decision process 230 for example, if the connection logic module 109 determines 233 that the IMSI should not be redirected based on the prevention list 221, then the connection logic module 109 determines 239 if the IMSI / Device type is set first. If the connection logic module 109 determines 239 that the IMSI / Device type is not first fixed, the connection logic module 109 determines that the device has been fixed and can perform an application check and the Data base. rules and policies 216 to determine 245 a new profile for the mobile device
[0056] [0056] According to some embodiments, after the connection logic module 109 selects the new profile / IMSI for the mobile device 150, the connection logic module 109 determines 247 whether the selected profile is in the profile prevention list 220. The connection logic module 109 then connects 249 to the selected profile / IMSI, unless 250 is in the profile prevention list 220.
[0057] [0057] According to some embodiments, if the connection logic module 109 determines 239 that the IMSI / Device type is first set, the connection logic module 109 then selects 240 one or more new profiles for the MCC / MNC based in Rules and Policies from the Rules and Policies Database 216. If there are no profiles selected, the connection logic module 109 connects to the profile of the mobile device 150 to the fault profile / IMSI. If there are one or more selected profiles 241, then the connection logic module 109 connects 243 to the first selected profile of the one or more selected profiles that is not in the prevention list 220. If all of the one or more profiles selected are in the prevention list 220, the connection logic module 109 connects 243 to the mobile device 150 to the fault profile.
[0058] [0058] FIG. 2C is a flowchart showing what an example connection logic module process 109 can use to get a mobile device to connect to profiles / IMSIs. According to the example process in FIG. 2C, the connection logic module 109 causes the mobile device 150 to connect to a new profile / IMSI. Link logic module 109 can identify 251 the EID of the current IMSI | from the IMSI inventory database 112 (via interface 129). The connection logic module 109 can then access 252 the status of the current profile / IMSI and check the profile signal 253. If the profile signal is set to one, the profile / IMSI has been downloaded and deactivated 254, and the connection logic module 109 can send 255 Capable Profile API call (IMSI, ICCID, EID, etc.) 123 to the provisioning system eSIM 255 remote. In some embodiments, the connection logic module 109 can receive a handling response from the eSIM 255 remote provisioning system and then update the profile status in the IMS Inventory Database 258 ! 112.
[0059] [0059] According to some embodiments, the profile signal can be set to zero, this indicates 256 to the connection logic module 109 that the profile / IMSI has not been unloaded. The connection logic module 109 can then send 257 a downloaded Profile API call 123 to the eSIM 255 remote provisioning system. In some embodiments, the connection logic module 109 can receive a handling response from of the eSIM 255 remote provisioning system and then update the profile status 258 in the IMSI 112 inventory database.
[0060] [0060] FIG. 3 is a high-level block diagram of data inspection including a policy control platform in accordance with some embodiments of the present disclosure. According to one less example embodiment, the mobile device 150 associated with the global service provider network 100, is fixed to and receiving data service from the local MN 152. The mobile device 150 communicates traffic from data between local MN 152 and global service provider network 100 via data interface 160. Similarly, mobile device 150 can communicate data traffic between local MN 151 and global service provider network 100 via information - data interface 156. According to some embodiments, the global service provider network 100 may include a data inspection module 107 having policy control functionality in which the data traffic is directed. The data inspection module 107 can include a data policy rule engine (DPRE) 354 that includes a data policy database 355 configured to store an identifier associated with the mobile device profile / IMSI 150, and / or a data policy for this profile / IMSI. The data policy can be an individualized data policy customizable for this specific profile / IMSI or mobile device. Alternatively, the data policy can be applied to a plurality of
[0061] [0061] According to some embodiments, the data policy for the profile / IMSI can indicate the specific data services (for example, applications using data, web browser, specific websites, etc.) available, adjust limits on the amount of usable data, adjust limits on the data per data service, as well as other features detailed in the embodiments below. In some embodiments, the data policy is fully customizable, and can be changed in real time by the mobile subscriber, the global service provider network 100, an entity other than the mobile subscriber responsible for the mobile device (for example, the manufacturer of the device), and / or the operator of the MN 151 or 152 mobile network.
[0062] [0062] According to some embodiments, the data inspection module 107 contains a GTP-based traffic execution and detection module (GTEM) 352. The GTEM 352 can be configured to identify a data request (for example, GTP data packet) being sent from the mobile device 150 (or the profile / IMSI assigned to the mobile device 150) by reading the identifier in the data request, and denies or allows the data request based in the data policy for perfiVIMS |. GTEM 352 can determine whether to deny or allow the request for access to the data policy database 355 in DPRE 354, and can determine the data policy for the specific profile / IMSI.
[0063] [0063] In some embodiments, the GTEM 352 is an inline device with a bypass mechanism that does not affect the network topology and data transmission if the GTEM 352 ceases operation.
[0064] [0064] According to some embodiments, the GTEM 352 can access the GTP control plan and the GTP data plan (ie, user plan) to inspect control messages, signaling, and / or data being streamed from the mobile device
[0065] [0065] In some embodiments, GTEM 352 uses deep packet inspection (DPI) to examine and inspect GTP data traffic as it passes through data inspection module 107. GTEM 352 is not only capable of determining the mobile device 150 to send or receive the data packet / request, but it is also able to identify the data service (eg, application, website, etc.) being used. According to the example embodiment illustrated in FIG. 3, data traffic passes through data inspection module 107 to VPN Gate 108. Data traffic can also pass through data inspection module 107 to P-GW 157. However, in other embodiments - tions, data traffic can pass through the data inspection module 107 to any other destination, including the Internet 181, or a Client 180 intranet network.
[0066] [0066] According to some embodiments, GTEM 352 inspects data packages for data service subscriptions, and compares the data package subscription for known subscriptions to data services stored in a subscription database to determine the data service being used or requested by the data package. In some embodiments, GTEM 352 uses a finite state machine to minimize false positive signatures. In some embodiments, GTEM 352 uses a multipath signature analysis designed to identify signatures for polymorphic applications.
[0067] [0067] In some embodiments, for each mobile device data packet 150, the GTEM 352 can transmit the amount of data and the data service to the DPRE 354. The DPRE 354 can receive this information and store (or update an account) ) the total amount of data used per data service for the mobile device 150 (or the profile / IMSI assigned to the mobile device 150). The DPRE 354 is then able to maintain an execution count of the data used by each mobile device and profile / IMSI associated with the global service provider network 100 on a per service basis. According to some embodiments, once the data limit is reached, GTEM 352 will take the appropriate action for any national data package. This enables the GTEM 352 to apply any data limits set in the mobile device's data policy (or the profile / IMSI assigned to the mobile device 150).
[0068] [0068] According to some embodiments, GTEM 352 filters data traffic (packets and requests) based on information extracted from data traffic and the data policy of the original mobile device or the profile / IMSI assigned to the mobile device . While filtering data traffic, the GTEM 352 can act as a transparent “wall of fire” that filters data packets and connections. In some embodiments, once the GTEM 352 accepts a connection, all of the data packets transferred on the data connection or path are subsequently inspected to comply with the respective data policy.
[0069] [0069] For a non-limiting example, GTEM 352 can filter data and connection packets in the following ways: (1) accept the connection based on the pre-defined criterion; (2) reject the connection, terminate the flow by sending a TCP RST packet (reset), or an unreachable Internet Control Message Protocol (ICMP) destination message to peers (for example, the mobile device and targeted designation); (3) falling silently from the package and discarding the flow; (4) inject the packet with a false server response and send it to the source user's network device based on the inject rule data (for example, inject HTTP traffic); (5) bypassing the connection by selectively ignoring parts of the data traffic; or (6) separate the package or connection.
[0070] [0070] According to some embodiments, the GTEM 352 can separate data packets or connections by directing them to or through modules or devices that can perform additional functions not supported by the GTEM 352. These modules or devices can perform services added value, such as memorization, HTML redesign, video optimization, security functions, etc.
[0071] [0071] In some embodiments, the GTEM 352 can be configured to trigger actions when a certain user is defined (for example, the mobile subscriber, the global service provider network 100, an entity other than the responsible mobile subscriber by the mobile device (for example, the manufacturer), and / or the local MNO 152, etc.), criteria are found. User-defined criteria can be based on counters or limits that can be customized to perform complex operations. For example, the GTEM 352 can trigger a message (for example, an email, text, voice message,
[0072] [0072] Referring back to FIG. 3, according to some embodiments, the data inspection module 107 includes an intelligent real-time analysis and record module (RIAR) 356 that provides real-time visibility of GTP signaling / data and other data loads from IP inspected by GTEM 352. In some embodiments, the RIAR 356 provides a real-time view of the quality of experience metrics (QoE) from the mobile device 150 for the mobile subscriber, the global service provider network 100, an entity other than the than the mobile subscriber responsible for the mobile device (for example, the manufacturer), and / or the local MNO 152 or 151. QoE metrics can be stored locally by RIAR 356 and / or exported to external systems or modules (for example, connection logic module 109, service provision module 113, etc.).
[0073] [0073] According to some embodiments, the DPRE 254 can be configured to interface (via 130) with the connection logic module 109 of the global service provider network 100. This enables the connection logic module 109 to directly control and configure the data policy of the mobile device 150 or the profile / IMSI assigned to the mobile device 150 by using GTEM 352 in the data inspection module 107. This can be beneficial as data packets can be denied, modified, redirected, etc., on the global service provider network 100 before they reach their respective destination. In this way, giving the global service provider network 100 control over the mobile device or the profile / IMSI assigned to the mobile device 150, use of data even before the data / request packages reach their respective destination.
[0074] [0074] According to some embodiments, the RIAR 356 can be configured to interface (via 114) with the connection logic module 109 of the global service provider network 100. This enables the connection logic module 109 to directly access real-time visibility in GTP signaling / data and other loads of IP data inspected by GTEM 352. As described above with reference to FIG. 2A, connection logic module 109 can use this information as an input to determine whether to connect the current profile of the mobile device / IMS |, and to determine which other profile / IMSI provides the mobile device 150.
[0075] [0075] According to some embodiments, the RPRE 354 can be configured to (or at least interface with) access in the Online Charging System (OCS) / Offline Charging System 116 of the global service provider network 100 In some embodiments, the DPRE 354 can interface with the OCS 116, via a Gy / GZ 131 interface, providing DPRE 354 real-time access to the rating plans for rating, loading, and monitoring credit. prepaid mobile subscribers. In this way, if a prepaid mobile subscriber used all of his prepaid credit (for example, a quantity of data, dollar amount, etc.), the GTEM 352 can block data access from the mobile subscriber prepaid before any more data is used.
[0076] [0076] FIG. 4 illustrates an example communication system architecture that enables a global service provider network 100 to control remote mobile device provisioning 150. According to
[0077] [0077] According to this example, the mobile device 150 is first provisioned with Profile (A) and attached to the mobile network 151. The mobile network 151 can provide data service to the mobile device 150, via a residential roaming model, with data traffic 156 and diameter signaling 153 being routed through an internetwork Packet Exchange (IPX) 111 network. In some embodiments, IPX 111 includes a diameter targeting agent (DRA) 103 that is configured to route diameter signaling to a diameter 104 agent on the global service provider network 100. Diameter 104 agent can communicate diameter signaling to HSS 110 (via interface 158) and to the connection 109 (via interface 133). In some embodiments, the connection logic module 109 can use the diameter signaling as an input to the connection logic.
[0078] [0078] According to this example, the mobile device 150 is then provisioned with a profile (Z) and attached to the mobile network 152. The mobile network 152 can provide data service to the mobile device 150, via the leak of the location or model axis leak roaming, with data traffic 160 being directed directly to data inspection module 107, and signaling diameter 154 being routed through the IPX 111 network. In some embodiments, DRA 103 is configured to add diameter signaling that directs diameter signaling 159 to an agent of diameter 104 in the global service provider network 100.
[0079] [0079] FIG. 5 is a block diagram of the internal structure of a computer 550 in which various embodiments of the present invention can be implemented. Computer 550 contains a 579 bus system, where the bus is a set of hardware lines used to transfer data between the components of a computer system or processing system. The 579 bus is essentially a shared conduit that connects different elements of a computer system (for example, processor, disk storage, memory, input / output ports, network ports, etc.) that enables the transfer of data. information between the elements. Attached to the 579 bus system is the 582 1 / O device interface for connecting various input and output devices (for example, keyboard, mouse, display, printers, speakers, etc.) to the 550 computer. 586 network interface allows computer 550 to connect to several other devices attached to a network. Memory 590 provides volatile storage for computer software instructions 592 and data 594 used to implement an embodiment of the present disclosure. Disk storage 595 provides non-volatile storage for instructions from computer software 592 and data 594 used to implement an embodiment of the present invention. The central processing unit 584 is also attached to the 579 bus system and provides the execution of computer instructions.
[0080] [0080] In one embodiment, the processor routines 592 and data 594 are a computer program product (usually referenced 592), including a computer-readable medium (for example, a removable storage medium such as one or more DVD- ROMs, CD-ROMs, floppy disks, tapes, etc.) that provide at least a portion of the software instructions for the invention system. The 592 computer program product can be installed by any suitable software installation procedure, as is well known in the art.
[0081] [0081] In another embodiment, at least a portion of the software instructions can also be downloaded over a cable, communication and / or wireless connection.
[0082] [0082] Additionally, the present invention can be implemented in a variety of computer architectures. The computer of FIG. 5 is for the purpose of illustrating and not limiting the present invention.
[0083] [0083] While the realization of examples has been particularly shown and described, it will be understood by those skilled in the art that various changes in form and details can be made in these without departing from the scope involved by the attached claims.
[0084] [0084] It should be understood that the example embodiment described above can be implemented in many different ways. In some examples, the various methods and machines described here can each be implemented by a general purpose computer, virtual or hybrid, having a central processor, memory, disk or other mass storage, communication interface (s), positive input / output (1 / O), and other peripherals. The general purpose computer is transformed into the machines that execute the methods described above, for example, by loading software instructions into a data processor, and then causing the instructions to be executed to perform the functions described here.
[0085] [0085] As is known in the art, such a computer may contain a barreathing system, where a barrearea is a set of hardware lines used for transferring data between the components of a computer system or processing system. The barrearea or barreareas are essentially shared conduit (s) that connect different elements of the computer system, for example, processor, disk storage, memory, input / output ports, network ports, etc., which enables the transfer of information between the elements. One or more central processing units are attached to the bus system, and provide the execution of computer instructions. Also attached to the bus system are typically I / O device interfaces for connecting the various input and output devices, for example, keyboard, mouse, displays, printers, speakers, etc., to the computer. The network interface (s) allows the computer to connect to several other devices attached to a network. Memory provides volatile storage for computer software instructions and data used to implement an embodiment. Disk or other mass storage provides non-volatile storage for computer software instructions and data used to implement, for example, the various procedures described here.
[0086] [0086] The embodiments can, therefore, typically be implemented in hardware, firmware, software, or any combination of these.
[0087] [0087] In certain embodiments, the procedures, devices, and processes described herein constitute a computer program product, including a non-transitory computer-readable medium, for example, a removable storage medium such as one or more DVD-ROMs , CD-ROMs, diskettes, tapes, etc., which provide at least a portion of the software instructions for the system. Such a computer program product may be installed by any suitable software installation procedure, as is known in the art. In another embodiment, at least a portion of the software instructions can also be downloaded over a cable, communication and / or wireless connection.
[0088] [0088] Additionally, firmware, software, routines, or instructions can be described here as performing certain actions and / or functions of the data processors. However, it should be appreciated that such descriptions contained herein are for convenience only, and that such actions do in fact result from computing devices, processors, controllers, or other devices that execute firmware, software, routines, instructions, etc.
[0089] [0089] It should also be understood that the flow diagrams, block diagrams, and network diagrams can include more or less elements, be arranged differently, or be represented differently. But in addition it must be understood that certain implementations may represent the block and network diagrams and the number of block and network diagrams that illustrate the execution of the embodiments to be implemented in a particular way.
[0090] [0090] Consequently, additional embodiments can also be implemented in a variety of computer architectures, physical, virtual, cloud computers, and / or some combination of these, and thus the data processors described here are intended for the proposal of illustration only and not as a limitation of the achievements.
While this invention has been particularly shown and described with reference to the embodiment of examples thereof, it will be understood by those skilled in the art that various changes in shape and details can be made therein without departing from the scope of the invention involved by the appended claims.

权利要求:
Claims (24)
[1]
1. System, characterized by the fact that it comprises: a connection logic module (109) configured to: receive data usage data associated with a mobile device (150) assigned to a first IMSI associated with a first mobile network (151), the data usage information including an indication of a data service being requested by the mobile device (150), select a second IMSI associated with a second mobile network (152) to assign to the mobile device (150), referred to selecting the second IMSI at least partially based on the data service requested by the mobile device (150), and assigning the second IMSI to the mobile device (150).
[2]
2. System according to claim 1, characterized by the fact that the connection logic module (109) is additionally configured to determine that the second IMSI is not included in a list of IMSIs to avoid before assigning the second IMSI to the device mobile (150).
[3]
3. System according to claim 1, characterized in that it additionally comprises a data inspection module (107) communicatively coupled to the connection logic module (109), the data inspection module (107) configured to: inspect requisitions data from the mobile device (150), determine the data usage information associated with the mobile device (150) from the inspected data requests, and send the data usage information to the link logic module (109) .
[4]
4. System according to claim 3, characterized by the fact that the data inspection module (107) is configured to use deep package inspection to inspect the data requirements of the mobile device (150).
[5]
5. System according to claim 1, characterized by the fact that the connection logic module (109) is configured to select the second IMSI based on a charge rate of the second mobile network (152) for the data service required by the mobile device (150).
[6]
6. System according to claim 1, characterized by the fact that the data usage information includes any of: condition of the first or second mobile network (151, 152), type of data that the mobile device (150) is requesting, and amount of data requested by the mobile device (150).
[7]
7. System according to claim 3, characterized by the fact that the data inspection module (107) is additionally configured to: track a quantity of data used by a plurality of mobile devices over a given period of time, each mobile device (150) assigned to an IMSI associated with the first mobile network (151); and the connection logic module (109) is additionally configured to: select different IMSIs to assign to at least some of the plurality of mobile devices, each different IMSI associated with a network other than the first mobile network ( 151), and said selection of at least partially based on the amount of data used by the plurality of mobile devices over the given period of time, and assigning the different IMSIs selected to at least some of the plurality of mobile devices.
[8]
8. System according to claim 3, characterized by the fact that the data inspection module (107) is additionally configured to determine network performance metrics for a given mobile network (151, 152) based on traffic. inspection data from a plurality of mobile devices (150), each of the plurality of mobile devices (150) assigned to an IMSI associated with the given mobile network (151, 152).
[9]
9. System according to claim 3, characterized by the fact that the data inspection module (107) is additionally configured to deny, allow, or modify an inspected data request based on a data policy associated with a IMSI currently assigned from the mobile device (150).
[10]
10. System according to claim 3, characterized by the fact that the data inspection module (107) is additionally configured to deny, allow, or modify an inspected data request based on a type of the mobile device (150 ).
[11]
11. System according to claim 1, characterized by the fact that said selection of the second IMSI is additionally based on any one or more of the following: country of the first mobile network (151) or the second mobile network (152), location of the mobile device (150), operator of the first mobile network or the second mobile network (151, 152), data rate cost of the first mobile network or the second mobile network (151, 152), and quality of service the first mobile network or the second mobile network (151, 152).
[12]
12. System according to claim 3, characterized by the fact that the mobile device (150) is roaming on the first mobile network (151) before the mobile device (150) is assigned to the second IMSI.
[13]
13. Method, characterized by the fact of understanding: collecting data usage data from a mobile device (150) assigned to a first IMSI | associated with a first mobile network (151), data usage information including an indication of a data service being requested by the mobile device (150); selecting a second IMSI associated with a second mobile network (152) to assign to the mobile device (150), the selection of the second IMSI at least partially based on the data service requested by the mobile device (150); and assigning the second IMSI to the mobile device (150).
[14]
14. The method according to claim 13, characterized by the fact that it further comprises determining that the second IMSI is not included in a list of IMSIs to avoid before assigning the second IMSI to the mobile device (150).
[15]
15. Method according to claim 13, characterized by the fact that the collection of data usage information includes inspecting data requests from the mobile device (150) assigned to the first IMSI, and determining the information of data usage associated with the mobile device (150) from the inspected data requests.
[16]
16. Method according to claim 15, characterized by the fact that data requests are inspected using deep packet inspection.
[17]
17. Method according to claim 13, characterized by the fact that the selection of the second IMSI is based on a charge rate from the second mobile network (152) for the data service requested by the mobile device (150).
[18]
18. Method according to claim 13, characterized by the fact that the data usage information includes any of: condition of the first or second mobile network (152), type of data that the mobile device (150) is requesting, and amount of data requested by the mobile device (150).
[19]
19. Method according to claim 15, characterized in that it additionally comprises: tracking a quantity of data used by a plurality of mobile devices over a given period of time, each mobile device (150) assigned to an IMSI associated with the first mobile network (151); select different IMSIs to assign to at least some of the plurality of mobile devices, each different IMSI associated with a network other than the first mobile network (151), and the selection of at least partially based on the amount of data used by the plurality of mobile devices (150) over the given period of time; and assign the selected different IMSIs to at least some of the plurality of mobile devices (150).
[20]
20. Method according to claim 15, characterized by the fact that it additionally comprises denying, allowing, or modifying an inspected data request based on a data policy associated with an IMSI currently assigned from the mobile device (150).
[21]
21. Method according to claim 15, characterized in that it additionally comprises determining network performance metrics for a given mobile network (151, 152) based on inspection data traffic from a plurality of mobile devices (150) , each of the plurality of mobile devices (150) assigned to an IMSI associated with the given mobile network (151, 152).
[22]
22. Method according to claim 15, characterized by the fact that it additionally comprises denying, allowing, or modifying an inspected data request based on a type of the mobile device (150).
[23]
23. Method according to claim 13, characterized by the fact that said selection of the second IMSI is additionally based on any one or more of the following: country of the first mobile network or the second mobile network (151, 152) , location of the mobile device (150), operator of the first mobile network or the second mobile network (151, 152), data rate cost of the first mobile network or the second mobile network (151, 152), and data quality service of the first mobile network or the second mobile network (151, 152).
[24]
24. Method according to claim 15, characterized by the fact that the mobile device (150) is roaming on the first mobile network (151) before the mobile device (150) is assigned to the second IMSI.
8 - 2 dE XX = oo $ sº El A z sE = oz = 6 use == 3 One sec = nu SÉ o wu PES: O os 28 Ss Ss 3324 z E <xT o É uu as oo DS DS uu ZE O = EE ã 2 o: + 5 5 2 O> õ Séos 2 É SSEGM o T - acata 582 3 E o 300 2Z = uz SE Z & o = 9s the E Ss of the v8 x the om E & = é W Es 2 8 leave <”Ss N Sal É =" | 18 O <SEDG & SsHS5 | SA 20 = 2 =, "oa" | / | [/ 282 oO: ZsOZSÃO eo É O Par a ua [mic era = & ô | Fr = ZpOçgu <uu ZpB3o E e) s2 = 729 S 3 Top & 8 oE = n 88, a = si EN oaePokr = yours = & 2EoEZ = Ss = ToCAu ES Es ZzS8 BÍ <ns = Z ão XQONSS gu <<X <sSºzZ oE o = <oO <= 23 E $ S o S2> 2EPR ss DEL REEX <Ss w <u 8 or22 sZ2 Au Z wSTX ”= | 4 o << <2 O) SS Sa TZ se le So SE 2 3 AND SIE 2 = »Io] = o) is DE: SÍ S Wu 8 o Cam! Ag cs E) O) ESC VOL R <Ni, À <N õo nn ç = q === 585 80 38 .. l / ovóvan 3 2 529 BZ E; 2 ... El OT ez 2 E 2 ÃO E) mu up 22 SNL Eu É 12 ess Es e.
They will be 1 and s Lecsssressedescessesscesstsesscesssescersss

类似技术:

---

公开号 | 公开日 | 专利标题

---

BR112019027114A2|2020-07-07|mobile communication system and method for selecting and connecting a mobile device profile / imsi

---

AU2019200685B2|2020-05-28|Method and system for hub breakout roaming

---

US10979890B2|2021-04-13|Policy control framework

---

CN107534563B|2021-01-01|Enhanced redirection processing from policy server

---

CA2785837C|2018-12-11|Local access to data while roaming with a mobile telephony device

---

CN103430487B|2016-11-23|For detecting the method, apparatus and system of the service data that grouped data connects

---

US10244463B2|2019-03-26|System and method for application based selection of a radio network

---

US10271244B2|2019-04-23|System and method for managing traffic detection

---

US20160073328A1|2016-03-10|Method and apparatus for determining pcrf

---

KR20140003409A|2014-01-09|Adapting network policies based on device service processor configuration

---

US9942780B2|2018-04-10|Automated action based on roaming satisfaction indicator

---

KR20130108328A|2013-10-02|Wireless network service interfaces

---

JP7009519B2|2022-01-25|Internet of Things Service Architecture

---

OA18002A|2018-03-23|Application based selection of a radio network for toll-free applications.

同族专利:

---

公开号 | 公开日

---

KR20200023421A|2020-03-04|

---

EP3646627A1|2020-05-06|

---

AU2018292539A1|2020-01-23|

---

CA3066940A1|2019-01-03|

---

US20200068388A1|2020-02-27|

---

CN110999348A|2020-04-10|

---

US10524116B2|2019-12-31|

---

WO2019005970A1|2019-01-03|

---

SG11201911969YA|2020-01-30|

---

US10917782B2|2021-02-09|

---

US20180376325A1|2018-12-27|

---

JP2020526115A|2020-08-27|

引用文献:

---

公开号 | 申请日 | 公开日 | 申请人 | 专利标题

---

---

JP2877199B2|1996-06-21|1999-03-31|日本電気株式会社|Roaming method|

---

US6157636A|1997-03-06|2000-12-05|Bell Atlantic Network Services, Inc.|Network session management with gateway-directory services and authorization control|

---

US6839340B1|1997-09-16|2005-01-04|Bell Atlantic Network Services|Network session management|

---

US6085084A|1997-09-24|2000-07-04|Christmas; Christian|Automated creation of a list of disallowed network points for use in connection blocking|

---

US6735190B1|1998-10-21|2004-05-11|Lucent Technologies Inc.|Packet transport method device utilizing header removal fields|

---

US6788647B1|1999-11-19|2004-09-07|Cisco Technology, Inc.|Automatically applying bi-directional quality of service treatment to network data flows|

---

US6658458B1|2000-06-22|2003-12-02|Cisco Technology, Inc.|Cascading associative memory arrangement|

---

TW507437B|2000-10-30|2002-10-21|Ind Tech Res Inst|Packet tunneling method for mobile communication network|

---

KR100752927B1|2000-11-23|2007-08-29|주식회사 케이티|Method for Global roaming service using Gateway Location Register in IMT-2000 Network|

---

US6920326B2|2000-12-05|2005-07-19|Lucent Technologies Inc.|Method and apparatus for restricting call terminations when a mobile unit is roaming|

---

US7184764B2|2001-02-08|2007-02-27|Starhome Gmbh|Method and apparatus for supporting cellular data communication to roaming mobile telephony devices|

---

US8751647B1|2001-06-30|2014-06-10|Extreme Networks|Method and apparatus for network login authorization|

---

US20040162058A1|2002-12-23|2004-08-19|Dorron Mottes|Multi MVNO and service provider platform and management|

---

JP4341413B2|2003-07-11|2009-10-07|株式会社日立製作所|PACKET TRANSFER APPARATUS HAVING STATISTICS COLLECTION APPARATUS AND STATISTICS COLLECTION METHOD|

---

US7978655B2|2003-07-22|2011-07-12|Toshiba America Research Inc.|Secure and seamless WAN-LAN roaming|

---

US20050152275A1|2004-01-14|2005-07-14|Nokia Corporation|Method, system, and network element for monitoring of both session content and signalling information in networks|

---

US20080049621A1|2004-12-31|2008-02-28|Mcguire Alan|Connection-Oriented Communications Scheme For Connection-Less Communications Traffic|

---

JP4394590B2|2005-02-22|2010-01-06|株式会社日立コミュニケーションテクノロジー|Packet relay apparatus and communication bandwidth control method|

---

US8867575B2|2005-04-29|2014-10-21|Jasper Technologies, Inc.|Method for enabling a wireless device for geographically preferential services|

---

US8818331B2|2005-04-29|2014-08-26|Jasper Technologies, Inc.|Method for enabling a wireless device for geographically preferential services|

---

US8478238B2|2005-04-29|2013-07-02|Jasper Wireless, Inc.|Global platform for managing subscriber identity modules|

---

US9307397B2|2005-04-29|2016-04-05|Jasper Technologies, Inc.|Method for enabling a wireless device with customer-specific services|

---

WO2007047479A2|2005-10-12|2007-04-26|Hammerhead Systems|Control plane to data plane binding|

---

CN101379757B|2006-02-07|2011-12-07|思科技术公司|Methods and systems for providing telephony services and enforcing policies in a communication network|

---

US8537695B2|2006-08-22|2013-09-17|Centurylink Intellectual Property Llc|System and method for establishing a call being received by a trunk on a packet network|

---

US8095124B2|2006-10-20|2012-01-10|Verizon Patent And Licensing Inc.|Systems and methods for managing and monitoring mobile data, content, access, and usage|

---

US20080125114A1|2006-11-27|2008-05-29|Motorola, Inc.|Method and system for registering multiple addresses of record for a mobile station|

---

US8072894B2|2007-11-07|2011-12-06|Juniper Networks, Inc.|Systems and methods for flow monitoring|

---

US9955332B2|2009-01-28|2018-04-24|Headwater Research Llc|Method for child wireless device activation to subscriber account of a master wireless device|

---

US9557889B2|2009-01-28|2017-01-31|Headwater Partners I Llc|Service plan design, user interfaces, application programming interfaces, and device management|

---

US8159941B2|2008-08-28|2012-04-17|Alcatel Lucent|In-band DPI media reservation modifications to RFC 3313|

---

KR101152958B1|2008-12-19|2012-06-08|한국전자통신연구원|apparatus and method for hierarchical packet inspection|

---

US8589541B2|2009-01-28|2013-11-19|Headwater Partners I Llc|Device-assisted services for protecting network capacity|

---

WO2013112642A2|2012-01-23|2013-08-01|Headwater Partners I Llc|Service plan design, user interfaces, application programming interfaces, and device management|

---

US11134102B2|2009-01-28|2021-09-28|Headwater Research Llc|Verifiable device assisted service usage monitoring with reporting, synchronization, and notification|

---

US8577329B2|2009-05-04|2013-11-05|Bridgewater Systems Corp.|System and methods for carrier-centric mobile device data communications cost monitoring and control|

---

US20100311402A1|2009-06-08|2010-12-09|Prasanna Srinivasan|Method and apparatus for performing soft switch of virtual sim service contracts|

---

US8811969B2|2009-06-08|2014-08-19|Qualcomm Incorporated|Virtual SIM card for mobile handsets|

---

GB0916582D0|2009-09-22|2009-10-28|Software Cellular Network Ltd|Subscriber identification management broker for fixed/mobile networks|

---

US9197714B2|2009-10-06|2015-11-24|Telefonaktiebolaget L M Ericsson |User interest and identity control on internet|

---

EP2493128A1|2009-10-19|2012-08-29|Nec Corporation|Communication system, flow control apparatus, flow table updating method and program|

---

US9015283B2|2009-12-18|2015-04-21|Microsoft Technology|Roaming profiles and application compatibility in multi-user systems|

---

US8520615B2|2010-03-26|2013-08-27|Juniper Networks, Inc.|Breakout gateway for mobile data traffic|

---

CN102859952B|2010-04-19|2016-05-11|日本电气株式会社|Switch and stream table control method|

---

FR2959086B1|2010-04-20|2012-12-28|Eads Defence & Security Sys|METHOD FOR CONFIGURING IDENTIFICATION MODULES OF USERS OF A TELECOMMUNICATION NETWORK|

---

US8620309B2|2010-08-03|2013-12-31|At&T Intellectual Property I, L.P.|Policy enabled roaming gateway in a communication network|

---

US8606921B2|2010-08-10|2013-12-10|Verizon Patent And Licensing Inc.|Load balancing based on deep packet inspection|

---

ES2564667T3|2010-08-17|2016-03-28|Nec Corporation|Communication device, communication system, communication method and recording medium|

---

US20120108206A1|2010-10-28|2012-05-03|Haggerty David T|Methods and apparatus for access control client assisted roaming|

---

US8924715B2|2010-10-28|2014-12-30|Stephan V. Schell|Methods and apparatus for storage and execution of access control clients|

---

US9723481B2|2010-10-29|2017-08-01|Apple Inc.|Access data provisioning apparatus and methods|

---

US20120275442A1|2011-04-26|2012-11-01|Rawllin International Inc.|Dynamic provisioning of mobile device profiles in a roaming network|

---

EP2530884B1|2011-06-03|2018-04-25|Deutsche Telekom AG|Method, apparatus and system for triggering and/or enabling qos support for selected applications in ip based networks|

---

US8671204B2|2011-06-29|2014-03-11|Qualcomm Incorporated|Cooperative sharing of subscriptions to a subscriber-based network among M2M devices|

---

KR20130006258A|2011-07-08|2013-01-16|주식회사 케이티|Method for changing mno of embedded sim based on dynamic key generation, embedded sim and recording medium for the same|

---

EP2737733A4|2011-07-27|2015-09-09|Seven Networks Inc|Parental control of mobile content on a mobile device|

---

US8515488B2|2011-07-29|2013-08-20|Mitel Networks Corporation|System for dynamic assignment of mobile subscriber identities and methods thereof|

---

US8762501B2|2011-08-29|2014-06-24|Telefonaktiebolaget L M Ericsson |Implementing a 3G packet core in a cloud computer with openflow data and control planes|

---

KR101954450B1|2011-09-05|2019-05-31|주식회사 케이티|Method for Verification of Embedded UICC using eUICC Certificate, Method for Provisioning and MNO Switching, eUICC, MNO System and recording medium for the same|

---

KR101792885B1|2011-09-05|2017-11-02|주식회사 케이티|Method and Apparatus for managing key information of Embedded UICC, MNO System, Provisioning Method and MNO-Changing Method using the same|

---

US8593958B2|2011-09-14|2013-11-26|Telefonaktiebologet L M Ericsson |Network-wide flow monitoring in split architecture networks|

---

US8989806B2|2011-09-16|2015-03-24|Alcatel Lucent|Network operator-neutral provisioning of mobile devices|

---

US9060263B1|2011-09-21|2015-06-16|Cellco Partnership|Inbound LTE roaming footprint control|

---

WO2013044956A1|2011-09-28|2013-04-04|Telefonaktiebolaget L M Ericsson |Centralized data plane flow control|

---

EP2575395B1|2011-09-30|2017-11-08|Alcatel Lucent|Multimode mobile telephone terminal allowing a telephone call transfer from one wireless network to another|

---

US20130100819A1|2011-10-19|2013-04-25|Qualcomm Incorporated|Selectively acquiring and advertising a connection between a user equipment and a wireless local area network|

---

US9565120B2|2012-01-30|2017-02-07|Broadcom Corporation|Method and system for performing distributed deep-packet inspection|

---

CN103548323B|2012-02-03|2017-02-01|华为技术有限公司|Flow identification method, device, and system|

---

KR101716743B1|2012-02-14|2017-03-15|애플 인크.|Mobile apparatus supporting a plurality of access control clients, and corresponding methods|

---

US8705536B2|2012-03-05|2014-04-22|Telefonaktiebolaget L M Ericsson |Methods of operating forwarding elements including shadow tables and related forwarding elements|

---

US9882950B2|2012-06-13|2018-01-30|All Purpose Networks LLC|Methods and systems of an all purpose broadband network|

---

US8953451B2|2012-06-14|2015-02-10|The Boeing Company|Apparatus, methods, and systems for character set surveying of network traffic|

---

US9137656B2|2012-06-27|2015-09-15|Rogers Communications Inc.|System and method for remote provisioning of embedded universal integrated circuit cards|

---

US9674880B1|2014-11-04|2017-06-06|Dell Products, Lp|Method and apparatus for a smart vehicle gateway with connection context aware radio communication management and multi-radio technology|

---

CN103702377B|2012-09-27|2017-04-12|华为终端有限公司|Network switch method and equipment|

---

US9338657B2|2012-10-16|2016-05-10|Mcafee, Inc.|System and method for correlating security events with subscriber information in a mobile network environment|

---

JP5373956B1|2012-10-26|2013-12-18|楽天株式会社|Information processing apparatus, information processing method, and information processing program|

---

US8805323B2|2012-11-06|2014-08-12|Tracfone Wireless, Inc.|Hybrid network based metering server and tracking client for wireless services|

---

KR102144430B1|2012-12-11|2020-08-13|삼성전자 주식회사|Method for selecting mobile network operator using provisioning profile and apparatus using the method|

---

US9788188B2|2012-12-14|2017-10-10|Ibasis, Inc.|Method and system for hub breakout roaming|

---

AU2014213662A1|2013-02-05|2015-09-24|Knowroaming Ltd|Method and device for authenticating a mobile station on an alternative communications network|

---

US9253035B2|2013-02-21|2016-02-02|International Business Machines Corporation|Reducing switch state size in flow-based networks|

---

US20140259012A1|2013-03-06|2014-09-11|Telefonaktiebolaget L M Ericsson |Virtual machine mobility with evolved packet core|

---

US9374700B2|2013-03-14|2016-06-21|Tyntec Limited|Global local SIM|

---

US9104643B2|2013-03-15|2015-08-11|International Business Machines Corporation|OpenFlow controller master-slave initialization protocol|

---

US9118984B2|2013-03-15|2015-08-25|International Business Machines Corporation|Control plane for integrated switch wavelength division multiplexing|

---

EP2963968A4|2013-04-11|2016-03-23|Huawei Tech Co Ltd|Method and device for congestion control|

---

US20140357219A1|2013-06-02|2014-12-04|Ginness, Llc|Method and System of Handling Mobile Roaming|

---

MX352498B|2013-06-28|2017-11-28|Ericsson Telefon Ab L M|Changing of subscriber identity at a mobile terminal using a cancel location message.|

---

WO2015010294A1|2013-07-25|2015-01-29|华为技术有限公司|Method for dynamically changing mobile networks, subscription data manager and user equipment|

---

EP2835995A1|2013-08-09|2015-02-11|Giesecke & Devrient GmbH|Methods and devices for performing a mobile network switch|

---

ES2633351T3|2013-08-09|2017-09-20|Giesecke+Devrient Mobile Security Gmbh|Procedures and devices to make a mobile network change|

---

EP2835996B1|2013-08-09|2018-03-28|Giesecke+Devrient Mobile Security GmbH|Methods and devices for performing a mobile network switch|

---

US9191803B2|2013-09-04|2015-11-17|Cellco Partnership|Connection state-based long term evolution steering of roaming|

---

US9137140B2|2013-09-10|2015-09-15|Cisco Technology, Inc.|Auto tunneling in software defined network for seamless roaming|

---

US9350550B2|2013-09-10|2016-05-24|M2M And Iot Technologies, Llc|Power management and security for wireless modules in “machine-to-machine” communications|

---

US20150081421A1|2013-09-18|2015-03-19|Verizon Patent And Licensing Inc.|Advertising unit view area|

---

US10154403B2|2013-11-12|2018-12-11|Knowroaming Ltd|Method of and system for providing a multi-IMSI solution in an operating mobile network|

---

US9288750B2|2013-12-09|2016-03-15|Cellco Partnership|Inbound roaming controls in a shared network|

---

US9591560B2|2013-12-10|2017-03-07|Verizon Patent And Licensing Inc.|Temporary credential assignment when connecting to roaming wireless networks|

---

EP2887702B1|2013-12-17|2016-11-02|Giesecke & Devrient GmbH|Method and device for providing a secure element with a subscription profile|

---

US10263903B2|2014-02-05|2019-04-16|Ibasis, Inc.|Method and apparatus for managing communication flow in an inter-network system|

---

US9629018B2|2014-02-05|2017-04-18|Ibasis, Inc.|Method and apparatus for triggering management of communication flow in an inter-network system|

---

WO2015117271A1|2014-02-08|2015-08-13|华为技术有限公司|Identification interaction method and device|

---

CN104869057B|2014-02-21|2019-03-01|中兴通讯股份有限公司|Open flow switch Graceful Restart processing method, device and open flow controller|

---

WO2015156717A1|2014-04-10|2015-10-15|Telefonaktiebolaget L M Ericsson |Subscription fall-back in a radio communication network|

---

WO2015157933A1|2014-04-16|2015-10-22|Qualcomm Incorporated|System and methods for dynamic sim provisioning on a dual-sim wireless communication device|

---

US9730072B2|2014-05-23|2017-08-08|Apple Inc.|Electronic subscriber identity module provisioning|

---

US9198022B1|2014-05-27|2015-11-24|Verizon Patent And Licensing Inc.|Managing roaming policies using a centralized storage device|

---

US9635486B2|2014-06-10|2017-04-25|Microsoft Technology Licensing, Llc|Network selection for a given application or context|

---

KR102231948B1|2014-07-17|2021-03-25|삼성전자 주식회사|A method and apparatus for updating profile managing server|

---

KR102191017B1|2014-07-19|2020-12-15|삼성전자주식회사|Method and server device for provisioning an embedded SIM|

---

KR102311027B1|2014-08-14|2021-10-08|삼성전자 주식회사|A method and apparatus for profile downloading of group devices|

---

KR102329824B1|2014-09-16|2021-11-23|삼성전자주식회사|Method for providing network service and electronic device|

---

KR20160099396A|2015-02-12|2016-08-22|삼성전자주식회사|Using method for communication service and electronic device supporting the same|

---

WO2016145121A2|2015-03-09|2016-09-15|Device Cloud Networks|Methods and systems for mobile device profile management|

---

US20160295544A1|2015-03-31|2016-10-06|Globetouch, Inc.|Enhanced cloud sim|

---

ITUB20151246A1|2015-05-27|2016-11-27|St Microelectronics Srl|PROCEDURE FOR MANAGING A PLURALITY OF PROFILES IN THE SIM MODULE, AND THE CORRESPONDING SIM MODULE AND IT PRODUCT|

---

US9955353B2|2015-08-14|2018-04-24|Microsoft Technology Licensing, Llc|Delegated profile and policy management|

---

US9801045B2|2016-02-04|2017-10-24|Taisys Technologies Co. Ltd.|System for providing multiple services over mobile network using multiple IMSIs|

---

US10158733B2|2016-04-01|2018-12-18|App Annie Inc.|Automated DPI process|

---

EP3456090B1|2016-05-12|2021-03-31|Convida Wireless, Llc|Connecting to virtualized mobile core networks|

---

US10979890B2|2016-09-09|2021-04-13|Ibasis, Inc.|Policy control framework|

---

US10070407B2|2016-12-01|2018-09-04|At&T Intellectual Property I, L.P.|Method and apparatus for using active and inactive mobile subscriber identification information in a device to provide services for a limited time period|

---

US10231204B2|2016-12-05|2019-03-12|At&T Intellectual Property I, L.P.|Methods, systems, and devices for registering a communication device utilizing a virtual network|

---

US10820190B2|2017-03-30|2020-10-27|Ibasis, Inc.|eSIM profile switching without SMS|

---

US10524116B2|2017-06-27|2019-12-31|Ibasis, Inc.|Internet of things services architecture|WO2014179235A1|2013-04-29|2014-11-06|Oceus Networks Inc.|Mobile cellular network backhaul|

---

US9924427B2|2016-07-07|2018-03-20|Oceus Networks Inc.|Network backhaul access|

---

US10979890B2|2016-09-09|2021-04-13|Ibasis, Inc.|Policy control framework|

---

US9913143B1|2016-11-28|2018-03-06|Amazon Technologies, Inc.|Auto-provisioning device|

---

US10820190B2|2017-03-30|2020-10-27|Ibasis, Inc.|eSIM profile switching without SMS|

---

US10172078B2|2017-03-31|2019-01-01|Oceus Networks Inc.|Targeted user equipment-base station communication link|

---

US10524116B2|2017-06-27|2019-12-31|Ibasis, Inc.|Internet of things services architecture|

---

US10944753B2|2017-08-17|2021-03-09|Verizon Patent And Licensing Inc.|IoT devices wireless network connectivity policy management|

---

US10659954B2|2018-05-09|2020-05-19|Teal Communications, Inc.|ESIM subscription management system|

---

US11246031B2|2018-08-15|2022-02-08|Oceus Networks, Llc|Disguising UE communications in a cellular network|

---

US11190933B2|2019-02-01|2021-11-30|Teal Communications, Inc.|ESIM management platform configured to be polled by an eSIM card|

---

WO2020204585A1|2019-04-05|2020-10-08|Samsung Electronics Co., Ltd.|Method and apparatus for providing network connectivity in a wireless communication system|

---

US10826684B1|2019-06-06|2020-11-03|Syniverse Technologies, Llc|System and method of validating Internet of Thingsdevices|

---

US11039296B2|2019-07-08|2021-06-15|Motorola Mobility Llc|Method and apparatus for disabling a carrier eSIM profile|

---

US11026081B2|2019-09-13|2021-06-01|T-Mobile Usa, Inc.|RSP platform selection for ESIM profile procurement|

---

US10939268B1|2019-09-13|2021-03-02|T-Mobile Usa, Inc.|Meta RSP interface platform for eSIM profile distribution|

---

US11032239B1|2019-12-05|2021-06-08|AT&T Intellectual Propety I, L.P.|Methods and systems for providing global internet protocoladdresses|

---

US11190985B1|2020-05-28|2021-11-30|Sprint Communications Company L.P.|Internet of thingsdevices wireless communication service management platform|

---

CN112383642B|2021-01-16|2021-04-09|广州技象科技有限公司|Internet of things equipment data interaction method and device|

法律状态:
2021-11-03| B350| Update of information on the portal [chapter 15.35 patent gazette]|

---

2021-11-23| B15K| Others concerning applications: alteration of classification|Free format text: AS CLASSIFICACOES ANTERIORES ERAM: H04W 8/18 , H04W 8/00 Ipc: H04W 8/18 (2009.01), H04W 36/14 (2009.01) |

---

2021-11-23| B06A| Patent application procedure suspended [chapter 6.1 patent gazette]|

---

2022-03-03| B09A| Decision: intention to grant [chapter 9.1 patent gazette]|

优先权:

---

申请号 | 申请日 | 专利标题

---

US15/634,692|2017-06-27|

---

US15/634,692|US10524116B2|2017-06-27|2017-06-27|Internet of things services architecture|

---

PCT/US2018/039759|WO2019005970A1|2017-06-27|2018-06-27|Internet of things services architecture|

---