Title:
Communications service providing system, and mobile terminal device, address server device, and router device for use therewith
Document Type and Number:
Kind Code:
A1

Abstract:
A mobile node stores a binding update message and an AMR message in the header of an IPv6 packet, and transmits the packet to a home agent. This packet is once transferred to an AAAH. The AAAH authenticates the mobile node according to the AMR message, stores the binding update message and a service profile of the mobile node in the header of the IPv6 packet, and transmits the packet to the home agent. The home agent registers the location of the mobile node, stores the service profile in the header of the IPv6 packet, and transmits the packet to the mobile node.
Inventors:
Kakemizu, Mitsuaki (Kawasaki, JP)
Murata, Kazunori (Fukuoka, JP)
Igarashi, Yoichiro (Kawasaki, JP)
Yamamura, Shinya (Fukuoka, JP)
Wakamoto, Masaaki (Kawasaki, JP)
Takeshita, Fusayuki (Kawasaki, JP)
      Plaque It!

Sponsored by:
Flash of Genius
Application Number:
09/799924
Publication Date:
01/17/2002
Filing Date:
03/05/2001
View Patent Images:
Images are available in PDF form when logged in. To view PDFs, Login  or  Create Account (Free!)
Referenced by:
View patents that cite this patent
Export Citation:
Click for automatic bibliography generation
Primary Class:
370/401
Other Classes:
370/329, 370/352
International Classes:
(IPC1-7): H04L012/66; H04L012/56; H04L012/28
Attorney, Agent or Firm:
ROSENMAN & COLIN LLP (575 MADISON AVENUE, NEW YORK, NY, 10022-2585, US)
Claims:

What is claimed is:



1. A method for providing a communications service in a communications system where a location of a mobile node is registered in a home agent by transmitting location registration request information from the mobile node to the home agent through an authentication server, and returning location registration reply information corresponding to the location registration request information from the home agent to the mobile node through the authentication server, comprising: transmitting the location registration request information and the location registration reply information using a header of a packet, respectively; storing service control information for use in providing a communications service requested by the mobile node in a header of a packet for transfer of the location registration reply information from the authentication server to the mobile node, thereby distributing the service control information to the mobile node; and controlling a packet to be transmitted or received by the mobile node according to the service control information.

2. A method for providing a communications service in a communications system where a location of a mobile node is registered in a home agent by transmitting location registration request information from the mobile node to the home agent through a router device accommodating the mobile node and an authentication server, and returning location registration reply information corresponding to the location registration request information from the home agent to the mobile node through the authentication server and the router device, comprising: transmitting the location registration request information and the location registration reply information using a header of a packet, respectively; storing service control information for use in providing a communications service requested by the mobile node in a header of a packet for transfer of the location registration reply information from the authentication server to the router device, thereby distributing the service control information to the router device; and controlling a packet to be transmitted or received by the mobile node according to the service control information.

3. The method according to claim 1, wherein an area other than the header of the packet storing the location registration request information or the location registration reply information is encrypted by a predetermined algorithm.

4. The method according to claim 1, wherein the location registration request information, the location registration reply information, and the service control information are stored in an option area of a header of an IPv6 packet.

5. The method according to claim 1, wherein: a predetermined communications node is registered in the home agent; the service control information is stored in the header of the packet for transfer of the location registration request information from the authentication server to the home agent, thereby distributing the service control information to the home agent; the service control information is transferred from the home agent to the communications node registered in the home agent; and communications between the mobile node and the registered communications node are controlled according to the service control information.

6. The method according to claim 5, wherein the location registration request information is transmitted from the mobile node when the mobile node is activated.

7. The method according to claim 5, wherein the location registration request information is transmitted from the mobile node when the mobile node moves from a communications area of a router device to a communications area of another router device.

8. The method according to claim 1, wherein: service control information for use in providing a communications service requested by the mobile node is stored in a header of a packet for transfer of the location registration request information from the authentication server to the home agent, thereby distributing the service control information to the home agent; upon receipt of a packet addressed to the mobile node from a communications node, said home agent transmits the service control information together with the packet to the mobile node; the mobile node transmits the location registration request information and the service control information received from the home agent to the communications node; and communications between the mobile node and the communications node are controlled according to the service control information.

9. The method according to claim 8, wherein: upon receipt of a packet addressed to the mobile node from a communications node, said home agent registers the communications node in a communications node list, and notifies the mobile node of a communications node which has been registered in the communications node list; and the mobile node transmits the location registration request information and the service control information received from the home agent to the communications node notified by the home agent.

10. The method according to claim 1, wherein: upon receipt of a packet from a communications node, the mobile node returns the location registration request information and the service control information received from the authentication server to the communications node; and communications between the mobile node and the communications node are controlled according to the service control information.

11. The method according to claim 10, wherein upon receipt of a packet from a communications node, the mobile node first registers the communications node in a communications node list, and then transmits the location registration request information and the service control information received from the authentication server to the communications node which has been registered in the communications node list.

12. The method according to claim 2, wherein: upon receipt of a packet addressed to the mobile node from a communications node, the router device transmits the packet to the mobile node; the mobile node returns the location registration request information to the router device; the router device transmits to the communications node the location registration request information received from the mobile node and the service control information received from the authentication server; and communications between the mobile node and the communications node are controlled according to the service control information.

13. The method according to claim 12, wherein upon receipt of a packet addressed to the mobile node from a communications node, the router device first registers the communications node in a communications node list, and transmits the location registration request information and the service control information to the communications node which has been registered in the communications node list.

14. The method according to claim 1, wherein: a predetermined communications node has been registered in the mobile node; and upon receipt of a packet from the registered communications node, the mobile node does not transmit the location registration request information to the registered communications node.

15. A communications service providing system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, comprising: a first unit, provided in the mobile node, storing location registration request information in a header of a packet, and transmitting the location registration request information to the authentication server; a second unit, provided in the authentication server, extracting service control information corresponding to the mobile node from the database; a third unit, provided in the authentication server, storing the location registration request information in a header of a packet, and transmitting the location registration request information to a home agent of the mobile node; a fourth unit, provided in the home agent, registering a location of the mobile node according to the location registration request information, storing location registration reply information corresponding to the location registration request information in a header of a packet, and returning the information to the authentication server; and a fifth unit, provided in the authentication server, transmitting a packet containing in a header the location registration reply information and the service control information to the mobile node, wherein a packet to be transmitted or received by the mobile node is controlled according to the service control information.

16. A communications service providing system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, comprising: a first unit, provided in a router device accommodating the mobile node, storing location registration request information generated by the mobile node in a header of a packet, and transmitting the location registration request information to the authentication server; a second unit, provided in the authentication server, extracting service control information corresponding to the mobile node from the database; a third unit, provided in the authentication server, storing the location registration request information in a header of a packet, and transmitting the location registration request information to a home agent of the mobile node; a fourth unit, provided in the home agent, registering a location of the mobile node according to the location registration request information, storing location registration reply information corresponding to the location registration request information in a header of a packet, and returning the location registration reply information to the authentication server; and a fifth unit, provided in the authentication server, transmitting a packet containing in a header the location registration reply information and the service control information to the router device, wherein a packet to be transmitted or received by the mobile node is controlled according to the service control information distributed to the router device.

17. A mobile terminal device for use in a packet network in which location information about the mobile terminal device is registered in a home agent, comprising: a transmission unit storing location registration request information about the mobile terminal device in a header of a packet, and transmitting the location registration request information to the home agent, when an advertisement message is received; an obtaining unit obtaining location registration reply information corresponding to the location registration request information and service control information corresponding to the mobile terminal device from a header of a received packet; and a controller controlling a transmission packet or a received packet according to the obtained service control information.

18. A mobile terminal device for use in a packet network provided with an authentication device for authenticating the mobile terminal device, comprising: a transmission unit storing authentication request information about the mobile terminal device in a header of a packet, and transmitting the information to the authentication device, when an advertisement message is received; an obtaining unit obtaining authentication reply information corresponding to the authentication request information and service control information corresponding to the mobile terminal device from a header of a received packet; and a controller controlling a transmission packet or a received packet according to the obtained service control information.

19. A router device for use in a packet network in which location information about a mobile node is registered in a home agent, comprising: a transfer unit transferring a packet to the home agent upon receipt of the packet storing location registration request information about the mobile node in a header when an advertisement message is transmitted to the mobile node; an obtaining unit obtaining location registration reply information corresponding to the location registration request information and service control information corresponding to the mobile node; and a controller controlling a packet transmitted or received by the mobile node according to the obtained service control information.

20. A router device for use in a packet network provided with an authentication device for authenticating a mobile node, comprising: a transfer unit transferring a packet to the authentication device upon receipt of the packet storing authentication request information about the mobile node in a header; an obtaining unit obtaining authentication reply information corresponding to the authentication request information and service control information corresponding to the mobile node; and a controller controlling a packet transmitted or received by the mobile node according to the obtained service control information.

21. A communications service providing method used in a communications system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, wherein: an address server which receives an address request from the mobile node transmits an authentication request about the mobile node to the authentication server; the authentication server which receives the authentication request extracts service control information corresponding to the mobile node from the database, and transmits an authentication reply corresponding to the authentication request and the service control information to the address server; the address server which receives the authentication reply and the service control information transmits an address reply corresponding to the address request and the service control information to the mobile node; and a packet to be transmitted or received by the mobile node is controlled according to the service control information.

22. The method according to claim 21, wherein: the mobile node transmits the service control information to a home agent for managing a home address and a location of the mobile node; and the home agent controls a packet addressed to the mobile node according to the service control information.

23. The method according to claim 22, wherein the service control information is stored in an option header of an IPv6 packet together with a binding update message about the mobile node, and transferred from the mobile node to the home agent.

24. The method according to claim 21, wherein the service control information is transmitted from the mobile node to a communications node connected to the communications system; and the communications node controls a packet addressed to the mobile node according to the service control information.

25. The method according to claim 24, wherein the service control information is stored in the option header of an IPv6 packet together with the binding update message about the mobile node, and transferred from the mobile node to the communications node.

26. A communications service providing method used in a communications system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, wherein: an address server which receives an address request from the mobile node transmits an authentication request about the mobile node to the authentication server; the authentication server which receives the authentication request extracts service control information corresponding to the mobile node from the database, and transmits an authentication reply corresponding to the authentication request and the service control information to the address server; a router device accommodating the mobile node obtains the service control information transmitted from the authentication server to the address server; the address server which receives the authentication reply transmits an address reply corresponding to the address request to the mobile node; and a packet to be transmitted or received by the mobile node is controlled according to the service control information.

27. The method according to claim 26, wherein the router device stores the service control information in a packet transmitted from the mobile node to a home agent which manages a home address and a location of the mobile node; and the home agent controls a packet addressed to the mobile node according to the received service control information.

28. The method according to claim 27, wherein the mobile node stores a binding update message about the mobile node in an option header of an IPv6 packet, and transmits the message to the home agent; and the router device adds the service control information into the option header of the IPv6 packet.

29. The method according to claim 26, wherein the router device stores the service control information in a packet transmitted from the mobile node to a communications node connected to the system; and the communications node controls a packet addressed to the mobile node according to the received service control information.

30. The method according to claim 29, wherein the mobile node stores a binding update message about the mobile node in an option header of an IPv6 packet, and transmits the message to the communications node; and the router device adds the service control information into the option header of the IPv6 packet.

31. A communications service providing method used in a communications system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, wherein: an address server which receives an address request from a mobile node transmits a request message corresponding to the address request to a router device accommodating the address server; the router device receiving the request message transmits an authentication request about the mobile node to the authentication server; the authentication server receiving the authentication request extracts service control information corresponding to the mobile node from the database, and transmits an authentication reply corresponding to the authentication request and the service control information to the address server; the router device obtains the service control information transmitted from the authentication server to the address server, and transmits a reply message corresponding to the request message to the address server based on the authentication reply transmitted from the authentication server to the address server; the address server receiving the reply message transmits an address reply corresponding to the address request to the mobile node; and a packet to be transmitted or received by the mobile node is controlled according to the service control information.

32. A communications service providing method used in a communications system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, wherein: a router device accommodating a mobile node transmits an authentication request about the mobile node to the authentication server when an address request is received from the mobile node; the authentication server receiving the authentication request extracts service control information corresponding to the mobile node from the database, and transmits an authentication reply corresponding to the authentication request and the service control information to the router device; the router device receiving the authentication reply and the service control information transmits an address reply corresponding to the address request and the service control information to the mobile node; and a packet to be transmitted or received by the mobile node is controlled according to the service control information.

33. A communications service providing method used in a communications system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, wherein: a router device accommodating a mobile node transmits an authentication request about the mobile node to the authentication server when an address request is received from the mobile node; the authentication server receiving the authentication request extracts service control information corresponding to the mobile node from the database, and transmits an authentication reply corresponding to the authentication request and the service control information to the router device; the router device receiving the authentication reply and the service control information obtains the service control information, and transmits an address reply corresponding to the address request to the mobile node; and a packet to be transmitted or received by the mobile node is controlled according to the service control information.

34. A communications service providing system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, comprising: a first unit, provided in an address server, transmitting an authentication request about the mobile node to the authentication server when an address request is received from the mobile node; a second unit, provided in the authentication server, extracting service control information corresponding to the mobile node from the database when the authentication request is received, and transmitting an authentication reply corresponding to the authentication request and the service control information to the address server; and a third unit, provided in the address server, transmitting an address reply corresponding to the address request and the service control information to the mobile node when the authentication reply and the service control information are received, wherein a packet to be transmitted or received by the mobile node is controlled according to the service control information.

35. A communications service providing system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, comprising: a first unit, provided in an address server, transmitting an authentication request about the mobile node to the authentication server when an address request is received from the mobile node; a second unit, provided in the authentication server, extracting service control information corresponding to the mobile node from the database when the authentication request is received, and transmitting an authentication reply corresponding to the authentication request and the service control information to the address server; a third unit, provided in a router device accommodating the mobile node, obtaining service control information transmitted from the authentication server to the address server; and a fourth unit, provided in the address server, transmitting an address reply corresponding to the address request to the mobile node when the authentication reply is received, wherein a packet to be transmitted or received by the mobile node is controlled according to the service control information.

36. A communications service providing system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, comprising: a first unit, provided in an address server, transmitting a request message corresponding to an address request to a router device accommodating the address server when the address request is received from the mobile node; a second unit, provided in the router device, transmitting an authentication request about the mobile node to the authentication server when the request message is received; a third unit, provided in the authentication server, extracting service control information corresponding to the mobile node from the database when the authentication request is received, and transmitting an authentication reply corresponding to the authentication request and the service control information to the address server; a fourth unit, provided in the router device, obtaining the service control information transmitted from the authentication server to the address server, and transmitting a reply message corresponding to the request message to the address server based on the authentication reply transmitted from the authentication server to the address server; and a fifth unit, provided in the address server, transmitting an address reply corresponding to the address request to the mobile node when the reply message is received, wherein a packet to be transmitted or received by the mobile node is controlled according to the service control information.

37. A communications service providing system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, comprising: a first unit, provided in a router device accommodating a mobile node, transmitting an authentication request about the mobile node to the authentication server when an address request is received from the mobile node; a second unit, provided in the authentication server, extracting service control information corresponding to the mobile node from the database when the authentication request is received, and transmitting an authentication reply corresponding to the authentication request and the service control information to the router device; and a third unit, provided in the router device, transmitting an address reply corresponding to the address request and the service control information to the mobile node when the authentication reply and the service control information are received, wherein a packet to be transmitted or received by the mobile node is controlled according to the service control information.

38. A communications service providing system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, comprising: a first unit, provided in a router device accommodating a mobile node, transmitting an authentication request about the mobile node to the authentication server when an address request is received from the mobile node; a second unit, provided in the authentication server, extracting service control information corresponding to the mobile node from the database when the authentication request is received, and transmitting an authentication reply corresponding to the authentication request and the service control information to the router device; and a third unit, provided in the router device, obtaining the service control information and transmitting an address reply corresponding to the address request to the mobile node when the authentication reply and the service control information are received, wherein a packet to be transmitted or received by the mobile node is controlled according to the service control information.

39. An address server device used in a communications service providing system which has an authentication server for authenticating a mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, comprising: a first unit transmitting an authentication request about the mobile node to the authentication server when an address request is received from the mobile node; and a second unit transmitting to the mobile node an address reply corresponding to the address request and the service control information when an authentication reply corresponding to the authentication request and the service control information corresponding to the mobile node extracted from the database are received from the authentication server.

40. A router device accommodating a mobile node used in a communications service providing system which has an authentication server for authenticating the mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, comprising: a first unit transmitting an authentication request about the mobile node to the authentication server when an address request is received from the mobile node; and a second unit transmitting to the mobile node an address reply corresponding to the address request and the service control information when an authentication reply corresponding to the authentication request and the service control information corresponding to the mobile node extracted from the database are received from the authentication server.

41. A router device accommodating a mobile node used in a communications service providing system which has an authentication server for authenticating the mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node according to the service control information, comprising: a first unit transmitting an authentication request about the mobile node to the authentication server when an address request is received from the mobile node; a second unit transmitting an address reply corresponding to the address request to the mobile node when an authentication reply corresponding to the authentication request and the service control information corresponding to the mobile node extracted from the database are received from the authentication server; and a third unit controlling a packet to be transmitted or received by the mobile node according to the service control information.

42. A mobile terminal device used in a packet network in which the mobile terminal device obtains an address from an address server, comprising: a requesting unit requesting an address server to issue an address of the mobile terminal device when an advertisement message is received; an obtaining unit obtaining service control information corresponding to the mobile terminal device together with an address reply corresponding to the address request; and a controller controlling a transmission packet or a received packet according to the obtained service control information.

43. The device according to claim 42, further comprising a transmission unit transmitting location registration request information and the service control information to a home agent.

44. The device according to claim 42, further comprising a transmission unit transmitting location registration request information and the service control information to a communications node when a packet is received from the communications node.

Description:

BACKGROUND OF THE INVENTION

[0001] 1. Field of the Invention

[0002] The present invention relates to a system and method for providing a mobile communications service in a network using an IP, and more specifically to a system, a method, a mobile terminal device, and a router device for providing a mobile communications service in a network supporting an IPv6.

[0003] 2. Description of the Related Art

[0004] Recently, with the remarkable progress of Internet, the IP packet traffic has largely increased. In addition, with an increasing number of portable telephones, IMT-2000 (International Mobile Telecommunications 2000) has been standardized, and it is expected that a high-speed IP communications service and a value added service will be popularized in a mobile environment.

[0005] However, when a communications service is provided for a mobile node in a mobile environment, it is basically necessary to set predetermined information in a communications appliance (for example, a router device) which accommodates the mobile node. Especially, when a value added service is provided for a mobile node, specific information has to be set for each mobile node. However, since a mobile node tends to move to an arbitrary location, there are a large number of communications appliances which can accommodate mobile nodes. That is, when a communications service is provided for in a mobile environment, it is necessary to set specific information in each mobile node for an enormously large number of communications appliances.

[0006] Under such situation, the Applicant of the present invention has suggested a method for solving the above mentioned problems. The method suggested to solve the above mentioned problems is described below by referring to FIGS. 1 and 2 .

[0007] FIG. 1 shows the configuration of an existing common mobile IP network. In the network shown in FIG. 1, a home network 1 managed by a service provider of a mobile node (MN) 11 and foreign networks 2 through 4 managed by another service provider are interconnected through an IP network 5 .

[0008] With the above mentioned configuration, the necessary information (service control information or service profile) for use in providing a communications service for the mobile node 11 is stored in a database 13 (SPDB) accessible by an AAAH (authentication, authorization, and accounting home) server 12 . When the mobile node 11 moves from the communications area of the foreign network 2 to the communications area of the foreign network 3 , the AAAH server 12 extracts the service control information corresponding to the mobile node 11 from the database 13 , and sends it to a foreign agent (FA) 14 . Afterwards, a communications service is provided for the mobile node 11 according to the service control information.

[0009] FIG. 2 shows the location registration sequence of a mobile node in an existing system. This sequence is executed when, for example, the mobile node 11 enters the communications area of the foreign agent 14 as shown in FIG. 1 . The mobile IP protocol is used between the mobile node 11 and the foreign agent 14 . In addition, the DIAMETER protocol, which is known as one of the AAA protocols, is used among the foreign agent 14 , an AAAF 15 , the AAAH server 12 , and a home agent 16 .

[0010] When the mobile node 11 receives an advertisement message periodically output from the foreign agent 14 , it transmits a registration request message to the foreign agent 14 . When the foreign agent 14 receives the registration request message, it transmits an AMR (AA-mobile-node-request) message to the AAAF (authentication, authorization, and accounting foreign) server 15 . The AAAF 15 performs authenticating, authorizing, and accounting processes for the user in contract with a service provider for managing the foreign network 3 . That is, the AAAF 15 cannot perform the authenticating, authorizing, and accounting processes for the mobile node 11 . Therefore, when the AAAF 15 receives the AMR message from the foreign agent 14 , it transfers the message to the AAAH server 12 .

[0011] When the AAAH server 12 receives the AMR message, it performs the authenticating, authorizing, and accounting processes for the mobile node 11 , and extracts the service control information corresponding to the mobile node 11 from the database 13 . Then, the AAAH server 12 transmits an HAR (home-agent-MIP-request) message to the home agent (HA) 16 . At this time, the HAR message stores the service control information extracted from the database 13 . Thus, the service control information corresponding to the mobile node 11 is distributed to the home agent 16 . Then, after the home agent 16 registers the location about the mobile node 11 , it returns a HAA (home-agent-MIP-answer) message to the AAAH server 12 .

[0012] When the AAAH server 12 receives the HAA message, it transmits an AMA (AA-mobile-node-answer) message to the AAAF 15 . At this time, the AMA message stores the service control information corresponding to the mobile node 11 . In addition, when the AAAF 15 receives the AMA message, it transfers the message to the foreign agent 14 . As a result, the service control information corresponding to the mobile node 11 is distributed to the AAAF 15 and the AAAH server 12 . Then, a registration reply message is returned from the foreign agent 14 to the mobile node 11 , thereby terminating the location registration sequence.

[0013] Thus, in the method suggested by the Applicant of the present invention, the service control information about the mobile node is automatically distributed to a predetermined communications appliance during the location registration procedure. As a result, the corresponding service control information can be set for the minimal communications appliances.

[0014] With the popularization of Internet, the available addresses are running short in the IPv4 (IP version 4). Therefore, in the IP communications at present, the IPv4 is being switched to the IPv6 (IP version 6). However, up to now, the technology of providing a value added service using the IPv6 has not been sufficiently studied, and there are a number of problems to be solved.

[0015] For example, although it is necessary to support an IPsec (IP security protocol) in the IPv6, the sequence described above by referring to FIG. 2 cannot be followed in the network in which the IPsec is supported. This problem is described below by referring to FIGS. 3 and 4 . The IPsec contains an authentication protocol and an encryption protocol, and functions as a protocol for guaranteeing the security in the IP layer.

[0016] FIG. 3 shows a packet transmitted in the location registration sequence shown in FIG. 2 . As shown in FIG. 3 , the information transmitted through the IP network is basically stored in an IP packet. The IP packet includes an IP header and an IP payload storing a UDP packet. The UDP packet includes a UDP header and a UDP payload, and the UDP payload stores information relating to the location registration sequence. Here, in FIG. 3 , the “Mobile IP” corresponds to, for example, a registration request message, a registration reply message, etc. The “AAA” corresponds to, for example, an AMR message, an AMA message, an HAR message, an HAA message, etc. Therefore, a foreign agent (FA), an AAAF server, an AAAH server, and a home agent (HA) extract necessary information from the UDP payload stored in the received IP packet, and perform the process relating to the location registration sequence.

[0017] However, in a system which supports the IPsec, each IP packet is encrypted and transmitted as shown in FIG. 4 . Practically, an IP payload is encrypted. At this time, it is obvious that the information relating to the location registration sequence stored in the UDP packet is also encrypted. Therefore, the foreign agent (FA), the AAAF server, the AAAH server, and the home agent (HA) cannot decode the information relating to the location registration sequence. As a result, the sequence shown in FIG. 2 cannot be executed.

[0018] Furthermore, although the conventional mobile IP network has been configured based on the function entity defined as a foreign agent, the mobile IP network designed for use with an IPv6 does not have the above mentioned function entity (or concept). Therefore, when the IPv6 is installed in the system configured based on the foreign agent, an amendment is to be made to the current specification or design.

SUMMARY OF THE INVENTION

[0019] The present invention aims at providing a system and a method for efficiently distributing to a corresponding communications appliance the information for use in providing a communications service for a mobile node in a mobile IP network. Especially, in the mobile IP network for supporting the IPv6.

[0020] The communications service providing system according to the present invention includes an authentication server for authenticating a mobile node, and a database storing service control information for use in providing a communications service requested by the mobile node, and provides the communications service to the mobile node according to the service control information. The system includes: a first unit, provided in a mobile node, for storing location registration request information in the header of a packet and transmitting it to the authentication server; a second unit, provided in the authentication server, for extracting the service control information corresponding to the mobile node from the database; a third unit, provided in the authentication server, for storing the location registration request information in the header of the packet and transmitting it to the home agent of the mobile node, a fourth unit, provided in the home agent, for registering the location of the mobile node according to the location registration request information, storing the location registration reply information corresponding to the location registration request information in the header of the packet, and returning it to the authentication server; and a fifth unit, provided in the authentication server, for transmitting to the mobile node a packet containing in the head the location registration reply information and the service control information. With the configuration, a packet transmitted or received by the mobile node is controlled according to the service control information.

[0021] In this system, within a procedure of registering the location of a mobile node, the service control information about the mobile node is distributed to the mobile node. At this time, the information relating to the location registration of a mobile node is transmitted after being stored in the header of a packet. Therefore, in a network in which the payload of each packet is encrypted, each communications appliance can decode and process the information relating to the location registration of the mobile node.

[0022] The communications service providing system according to another aspect of the present invention includes: a first unit, provided in a router device accommodating a mobile node, for storing location registration request information generated by the mobile node in the header of a packet and transmitting it to the authentication server; a second unit, provided in the authentication server, for extracting the service control information corresponding to the mobile node from the database; a third unit, provided in the authentication server, for storing the location registration request information in the header of the packet and transmitting it to the home agent of the mobile node, a fourth unit, provided in the home agent, for registering the location of the mobile node according to the location registration request information, storing the location registration reply information corresponding to the location registration request information in the header of the packet, and returning it to the authentication server; and a fifth unit, provided in the authentication server, for transmitting to the router device a packet containing in the head the location registration reply information and the service control information. With the configuration, a packet transmitted or received by the mobile node is controlled according to the service control information distributed to the router device.

[0023] In this system, the service control information about the mobile node is distributed to the router device accommodating the mobile node within the procedure of registering the location of the mobile node. Then, the router device provides a communications service according to the service control information, thereby reducing the load of the mobile node.

[0024] The communications service providing system according to a further aspect of the present invention includes: a first unit, provided in an address server, for transmitting an authentication request about a mobile node to the authentication server when it receives an address request from the mobile node; a second unit, provided in the authentication server, for extracting the service control information corresponding to the mobile node from the database when it receives the authentication request, and transmitting an authentication reply corresponding to the authentication request and the service control information to the address server; and a third unit, provided in the address server, for transmitting an address reply corresponding to the address request and the service control information to the mobile node when it receives the authentication reply and the service control information. According to the service control information, a packet transmitted or received by the mobile node is controlled.

[0025] With the system, the service control information about the mobile node is distributed to the mobile node in a procedure in which the mobile node obtains an address from the address server.

[0026] The communications service providing system according to a further aspect of the present invention includes: a first unit, provided in an address server, for transmitting an authentication request about a mobile node to the authentication server when it receives an address request from the mobile node; a second unit, provided in the authentication server, for extracting the service control information corresponding to the mobile node from the database when it receives the authentication request, and transmitting an authentication reply corresponding to the authentication request and the service control information to the address server; a third unit, provided in a router device accommodating the mobile node, for obtaining the service control information transmitted from the authentication server to the address server; and a fourth unit, provided in the address server, for transmitting an address reply corresponding to the address request to the mobile node when it receives the authentication reply. A packet transmitted and received by the mobile node is controlled according to the service control information.

[0027] With the system, the service control information about the mobile node is distributed to the router device accommodating the mobile node in a procedure in which the mobile node obtains the address from the address server. Then, the router device provides a communications service according to the service control information, thereby reducing the load of the mobile node.

[0028] The communications service providing system according to a further aspect of the present invention includes: a first unit, provided in an address server, for transmitting a request message corresponding to an address request to a router device accommodating the address server when it receives the address request from a mobile node; a second unit, provided in the router device, for transmitting an authentication request about the mobile node to the authentication server when it receives the request message; a third unit, provided in the authentication server, for extracting service control information corresponding to the mobile node from the database when it receives the authentication request, and transmitting an authentication reply corresponding to the authentication request and the service control information to the address server; a fourth unit, provided in the router device, for obtaining the service control information transmitted from the authentication server to the address server, and transmitting to the address server an reply message corresponding to the request message according to the authentication reply transmitted from the authentication server to the address server; and a fifth unit, provided in the address server, for transmitting to the mobile node an address reply corresponding to the address request when it receives the reply message. A packet transmitted or received by the mobile node is controlled according to the service control information.

[0029] In this system, the address server does not process the authentication request about the mobile node or a corresponding authentication reply, thereby configuring a simple address server, and reducing the load of the address server.

[0030] The communications service providing system according to a further aspect of the present invention includes: a first unit, provided in a router device accommodating a mobile node, for transmitting to an authentication server an authentication request about the mobile node when it receives an address request from the mobile node; a second unit, provided in the authentication server, for extracting service control information corresponding to the mobile node from a database when it receives the authentication request, and transmitting to the router device an authentication reply corresponding to the authentication request and the service control information; and a third unit, provided in the router device, for transmitting to the mobile node an address reply corresponding to the address request and the service control information when it receives the authentication reply and the service control information. A packet transmitted and received by the mobile node is controlled according to the service control information.

[0031] In the system, the router device has the function of an address server, and the mobile node inquires an address of the router device. Therefore, a simple system configuration is realized, and the amount of information transmitted and received through a network is reduced.

[0032] The communications service providing system according to a further aspect of the present invention includes: a first unit, provided in a router device accommodating a mobile node, for transmitting to an authentication server an authentication request about the mobile node when it receives an address request from the mobile node; a second unit, provided in the authentication server, for extracting service control information corresponding to the mobile node from a database when it receives the authentication request, and transmitting to the router device an authentication reply corresponding to the authentication request and the service control information; and a third unit, provided in the router device, for obtaining the service control information and transmitting to the mobile node an address reply corresponding to the address request when it receives the authentication reply and the service control information. A packet transmitted and received by the mobile node is controlled according to the service control information.

[0033] In the system, the router device accommodating the mobile node provides a communications service according to the service control information, thereby reducing the load of the mobile node.

[0034] The address server device according to the present invention is provided for the communications service providing system which includes an authentication server authenticating the mobile node and a database storing service control information for use in providing a communications service requested by a mobile node, and provides a communications service for the mobile node. The address server device includes: a first unit for transmitting an authentication request about the mobile node to the authentication server when it receives an address request from the mobile node; and a second unit for transmitting to the mobile node an address reply corresponding to the address request and the service control information when it receives from the authentication server an authentication reply corresponding to the authentication request and the service control information corresponding to the mobile node extracted from the database.

[0035] According to the address server device, the process of assigning an address to a mobile node and the process of authenticating the mobile node are simultaneously performed.

[0036] The router device according to the present invention accommodates a mobile node in the communications service providing system which includes an authentication server authenticating the mobile node and a database storing service control information for use in providing a communications service requested by the mobile node, and provides a communications service for the mobile node. The router device includes: a first unit for transmitting an authentication request about the mobile node to the authentication server when it receives an address request from the mobile node; and a second unit for transmitting to the mobile node an address reply corresponding to the address request and the service control information when it receives from the authentication server an authentication reply corresponding to the authentication request and the service control information corresponding to the mobile node extracted from the database.

[0037] According to the router device, the process of assigning an address to a mobile node and the process of authenticating the mobile node are simultaneously performed. In addition, since the router device has the function of an address server, the system configuration is simple, and the amount of information transmitted and received through a network is reduced.

[0038] The router device according to another aspect of the present invention includes: a first unit for transmitting an authentication request about the mobile node to the authentication server when it receives an address request from the mobile node; a second unit for transmitting an address reply corresponding to the address request to the mobile node when it receives from the authentication server an authentication reply corresponding to the authentication request and the service control information corresponding to the mobile node extracted from the database; and a third unit for controlling a packet transmitted or received by the mobile node according to the service control information.

[0039] According to the router device, the process of assigning an address to a mobile node and the process of authenticating the mobile node are simultaneously performed. In addition, since the router device provides a communications service using the service control information, the load of the mobile node can be reduced.

BRIEF DESCRIPTION OF THE DRAWINGS

[0040] FIG. 1 shows the configuration of an existing common mobile IP network;

[0041] FIG. 2 shows the location registration sequence of the mobile node in the existing system;

[0042] FIG. 3 shows the configuration of a packet transmitted in the location registration sequence shown in FIG. 2 ;

[0043] FIG. 4 shows the configuration of a packet processed according to the IPsec;

[0044] FIG. 5 shows the configuration of the network of the communications service providing system according to the first embodiment of the present invention;

[0045] FIG. 6 shows the configuration of the main devices of the communications service providing system according to the first embodiment;

[0046] FIG. 7 shows the configuration of the network of the communications service providing system according to the second embodiment of the present invention;

[0047] FIG. 8 shows the configuration of the central devices of the communications service providing system according to the second embodiment;

[0048] FIG. 9 shows the packet used in the procedure of registering the location of a mobile node;

[0049] FIG. 10 is a block diagram of a mobile node, a proxy foreign agent, a home agent, and a communications node;

[0050] FIGS. 11A and 11B show an example of a session transaction held by a mobile node, a proxy foreign agent, and a home agent;

[0051] FIGS. 12A, 12B , and 12 C respectively show examples of a visitor list, mobility binding, and binding cache;

[0052] FIGS. 13A and 13B show examples of communications node list;

[0053] FIG. 14 is a block diagram of an AAAF and an AAAH;

[0054] FIG. 15 shows an example of a session transaction held by an AAAF;

[0055] FIG. 16 shows an example of a session transaction held by an AAAH;

[0056] FIG. 17 shows the information stored in a database (SPDB);

[0057] FIG. 18 shows a practical example of band control;

[0058] FIG. 19 shows an example of a service profile stored in service profile cache;

[0059] FIG. 20 is a flowchart ( 1 ) of the operations performed when a packet is received;

[0060] FIG. 21 is a flowchart ( 2 ) of the operations performed when a packet is received;

[0061] FIG. 22 is a flowchart of the operations of a mobile node according to the first embodiment of the present invention;

[0062] FIG. 23 is a flowchart of the process of registering a communications node in a communications node list in a mobile node;

[0063] FIG. 24 is a flowchart of the operations of a mobile node according to the second embodiment of the present invention;

[0064] FIG. 25 is a flowchart of the operations of a proxy foreign agent;

[0065] FIG. 26 is a flowchart of the process of registering a communications node in a communications node list in a proxy foreign agent;

[0066] FIG. 27 is a flowchart of the operations of a home agent;

[0067] FIG. 28 is a flowchart of the process of registering a communications node in a communications node list in a home agent;

[0068] FIG. 29 is a flowchart of the operations of an AAAF;

[0069] FIG. 30 is a flowchart of the operations of an AAAH;

[0070] FIG. 31 is a flowchart of the operations of an communications node;

[0071] FIG. 32 shows the location registration sequence in the system according to the first embodiment of the present invention;

[0072] FIG. 33 shows the location registration sequence in the system according to the second embodiment of the present invention;

[0073] FIG. 34 shows the sequence of setting binding cache in a communications node from which a packet is transmitted to a mobile node (when a communications node list is generated in a home agent);

[0074] FIG. 35 shows the sequence of setting binding cache in a communications node from which a packet is transmitted to a mobile node (when a communications node list is generated in a mobile node);

[0075] FIG. 36 shows the sequence of setting binding cache in a communications node from which a packet is transmitted to a mobile node (when a communications node list is generated in a proxy foreign agent);

[0076] FIG. 37 shows the configuration of the network of the communications service providing system according to the third and fourth embodiments of the present invention;

[0077] FIG. 38 shows the configuration of the main devices of the communications service providing system according to the third embodiment of the present invention;

[0078] FIG. 39 shows the configuration of the main devices of the communications service providing system according to the fourth embodiment of the present invention;

[0079] FIG. 40 is a flowchart of the operations of the mobile node according to the third embodiment of the present invention;

[0080] FIG. 41 is a flowchart of the operations of the mobile node according to the fourth embodiment of the present invention;

[0081] FIG. 42 is a flowchart ( 1 ) of the operations of the proxy foreign agent;

[0082] FIG. 43 is a flowchart ( 2 ) of the operations of the proxy foreign agent;

[0083] FIG. 44 is a flowchart of the operations of the DHCP server (when an FDR or an FDA is not used);

[0084] FIG. 45 is a flowchart of the operations of the DHCP server (when an FDR or an FDA is used);

[0085] FIG. 46 is a flowchart of the operations of the home agent;

[0086] FIG. 47 is a flowchart of the operations of an AAAF;

[0087] FIG. 48 is a flowchart of the operations of an AAAH;

[0088] FIG. 49 is a flowchart of the operations of the communications node;

[0089] FIG. 50 shows the sequence of the DHCP-AAA cooperative operations according to the third embodiment of the present invention;

[0090] FIG. 51 shows the sequence of the DHCP-AAA cooperative operations according to the fourth embodiment of the present invention;

[0091] FIG. 52 shows the sequence of the DHCP-AAA cooperative operations when an FDR and an FDA are used;

[0092] FIG. 53 shows the configuration of the network of the communications service providing system according to the fifth embodiment of the present invention;

[0093] FIG. 54 shows the configuration of the main devices of the communications service providing system according to the fifth embodiment of the present invention;

[0094] FIG. 55 is a flowchart of the router device according to the fifth embodiment of the present invention;

[0095] FIG. 56 shows the sequence of the DHCP-AAA cooperative operations according to the fifth embodiment of the present invention;

[0096] FIG. 57 shows the configuration of the network of the communications service providing system according to the sixth embodiment of the present invention;

[0097] FIG. 58 shows the configuration of the main devices of the communications service providing system according to the sixth embodiment of the present invention;

[0098] FIG. 59 is a flowchart ( 1 ) of the operations of the proxy foreign agent according to the sixth embodiment of the present invention;

[0099] FIG. 60 is a flowchart ( 2 ) of the operations of the proxy foreign agent according to the sixth embodiment of the present invention;

[0100] FIG. 61 shows the sequence of the DHCP-AAA cooperative operations according to the sixth embodiment of the present invention;

[0101] FIG. 62 shows the format of the IPv6 packet;

[0102] FIG. 63 shows the format of the standard header of the IPv6 packet;

[0103] FIGS. 64A through 64E show the information stored in the option header of the IPv6 packet;

[0104] FIGS. 65A and 65B show the format of the IPsec header;

[0105] FIG. 66 shows the format of the AAA option;

[0106] FIGS. 67A through 67C show the information stored in the sub-option area of the AAA option shown in FIG. 66 ;

[0107] FIGS. 68A and 68B show an example of a service profile option;

[0108] FIG. 69 shows the method of encapsulating the IPv6 packet;

[0109] FIG. 70 shows the format of the IPv6 packet storing a DHCP message;

[0110] FIGS. 71A through 71C show the format of the information relating to a DHCP request;

[0111] FIGS. 72A through 72C show the format of the information relating to a DHCP reply;

[0112] FIG. 73 shows the format of the IPv6 storing the information relating to DIAMETER;

[0113] FIG. 74 shows the format of the UDP header

[0114] FIG. 75 shows the format of the DIAMETER common header;

[0115] FIGS. 76A through 76C show the format of the AVP group;

[0116] FIGS. 77A through 77D show the format of the DIAMETER message used in the system according to the third and fourth embodiments of the present invention; and

[0117] FIGS. 78A through 78C show the format of the service profile cache AVP.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

[0118] The embodiments of the present invention are described below by referring to the attached drawings.

[0119] 1. Outline of the first and second embodiments

[0120] FIG. 5 shows the configuration of the network of the communications service providing system according to the first embodiment of the present invention. In the network according to the first embodiment shown in FIG. 5 , the home network 1 managed by the service provider of the mobile node (MN) and the foreign networks 2 through 4 managed by other service providers are interconnected through the IP network 5 . The IP network 5 supports the IPv6.

[0121] The mobile IP protocol used in the system according to the present embodiment is based on the IPv6. The protocol is hereinafter referred to as a “mobile IPv6”, or a “MIPv6”. The specification of the mobile IPv6 can be obtained from, for example, <draft-ietf-mobileip-ipv6-10.txt> as an Internet draft by the IETF (Internet engineering task force).

[0122] The home network 1 is provided with a home agent (HA) 21 and an AAAH (authentication, authorization, and accounting home) server 22 . The home agent 21 is a function entity defined by the RFC2002 and the MIPv6, and can be realized by the router device. In addition, the home agent 21 holds and manages the home address assigned for the mobile node, and manages the location of the mobile node. On the other hand, the AAAH server 22 is a server device (authentication server) for performing the authenticating, authorizing, and accounting processes on a mobile node. The AAAH is the name used in the IETF.

[0123] The home network 1 is provided with one or more AAAHs, and one or more home agents. Furthermore, a plurality of home agents can be connected to each AAAH.

[0124] A database (SPDB) 23 stores necessary service control information (which can be referred to as a “service profile”) for use in providing a communications service for each mobile node. The database 23 can be accessed only by the AAAH server 22 . The AAAH server 22 and the home agent 21 are provided with a service profile cache (SPC). The service profile cache temporarily stores a service profile read from the database 23 . The retrieval protocol of the database 23 is not specifically limited, but can be, for example, an LDAP (light weight directory access protocol).

[0125] Furthermore, a base station 24 is connected to each home agent 21 . The base station 24 is provided with a radio interface, and establishes a radio transmission path to a terminal device (including a mobile node). A radio access system can be, for example, MC-CDMA (multicarrier-code division multiple access), DS-CDMA (direct spread-code division multiple access), etc.

[0126] The foreign networks 2 through 4 are provided with router devices 31 ( 31 - 1 , 31 - 2 ), AAAF (authentication, authorization, and accounting foreign) servers 32 ( 32 - 1 , 32 - 2 ), and base stations 33 ( 33 - 1 , 33 - 2 ). Each router device 31 transfers a packet according to the destination address, etc. set in the header of each packet. Each router device 31 provides the function of a home agent for the mobile node in which the home address is held and managed by the router device. For example, the router device 31 - 1 operates as a home agent of a mobile node in contract with the foreign network 2 .

[0127] As the AAAH server 22 , the AAAF server 32 is a server device for performing the authenticating, authorizing, and accounting processes on a mobile node. However, each AAA device (including an AAAH and an AAAF) performs the authenticating, authorizing, and accounting processes only on the mobile node to be managed. Therefore, when each AAA device receives an access request from a mobile node which is not to be managed by the AAA device, it requests an AAA device which manages the mobile node to perform the process according to the request. Then, the requested AAA device processes the access request. At this time, the requesting AAA device is an AAAF for the mobile node, and the requested AAA device is an AAAH for the mobile node.

[0128] A mobile node (mobile terminal device) 41 is accommodated in the home agent 21 or any router device 31 , and communicates with other terminal devices. In this example, the terminal device communicating with the mobile node 41 is referred to as a communications node (CN) 42 . When the mobile node 41 establishes communications through a radio transmission path, it is accommodated by the router device 31 through the base station 33 . In this case, the radio access system can be, for example, MC-CDMA, DS-CDMA, etc. The mobile node 41 can be connected to a radio LAN, or to the router device 31 through metal cable or optical fiber.

[0129] Thus, in the network according to the first embodiment, there is no foreign agent unlike the existing network shown in FIG. 1 .

[0130] FIG. 6 shows the configuration of the main devices of the communications service providing system according to the first embodiment of the present invention. In this system, it is assumed that DIAMETER is used as a protocol for performing the authenticating, authorizing, and accounting processes on a mobile node. The prescriptions of the DIAMETER protocol as a draft by the IETF can be obtained from, for example, <draft-calhoun-diameter-12.txt> and <draft-calhoun-diameter-mobileip-07.txt>.

[0131] In the communications service providing system according to the first embodiment of the present invention, each of the home agent 21 , the AAAH server 22 , the AAAF server 32 , the mobile node 41 , and the communications node 42 is provided with a packet control unit, a protocol control unit, a service management unit or a service control unit, and service profile cache. The router device 31 is provided with a packet control unit. Each of the home agent 21 , the mobile node 41 , and the communications node 42 is provided with a transfer control unit. The configurations and the operations of the packet control unit, the protocol control unit, the service management unit or the service control unit, the service profile cache, and the transfer control unit are described later.

[0132] The router device 31 can function as a home agent for a mobile node in contract with the foreign network 2 or 3 . In this case, the router device 31 is provided with the protocol control unit, the service control unit, the transfer control unit, the service profile cache (SPC), the function of the DIAMETER client described later, and the function of the mobile IP server described later.

[0133] Each of the mobile node 41 and the communications node 42 is provided with a mobile IP client function (MCF) for requesting another communications appliance to perform a process prescribed by the mobile IP. On the other hand, the home agent 21 is provided with a mobile IP server function (MSF) for accepting a request relating to the process prescribed by the mobile IP. Each of the mobile node 41 and the home agent 21 is provided with a DIAMETER client function (DCF) for requesting another communications appliance to perform the process prescribed by the DIAMETER protocol. On the other hand, each of the AAAH server 22 and the AAAF server 32 is provided with a DIAMETER server function (DSF) for accepting a request relating to the process prescribed by the DIAMETER protocol. Since these functions are known technologies, the detailed explanation is omitted here.

[0134] FIG. 7 shows the configuration of the network of the communications service providing system according to the second embodiment of the present invention. FIG. 8 shows the configuration of the main devices of the according to the second embodiment of the present invention. In the system according to the second embodiment, the communications appliance for accommodating a mobile node 51 functions as a proxy foreign agent (proxy FA) 52 . The proxy foreign agent 52 is a communications appliance practically having the equivalent function of the foreign agent prescribed in the mobile IPv4, and can be realized by adding that function to the router device. That is, the proxy foreign agent 52 comprises not only a packet control unit, but also a protocol control unit, a service control unit, a transfer control unit, service profile cache (SPC) to realize the above mentioned function. The protocol control unit of the proxy foreign agent 52 comprises a mobile IP server function (MSF) and a DIAMETER client function (DCF).

[0135] Unlike the mobile node 41 , the mobile node 51 does not comprise a service control unit, a transfer control unit, or service profile cache (SPC). In addition, in the system according to the second embodiment, a DIAMETER protocol is supported by the proxy foreign agent 52 . As a result, the protocol control unit of the mobile node 51 is not necessarily provided with the DIAMETER client function (DCF).

[0136] In the system according to the first or second embodiment of the present invention, the location of a mobile node is registered in the following procedure.

[0137] (1) The router device 31 or the mobile node 51 announce an advertisement message.

[0138] (2) Upon receipt of the advertisement message, the mobile nodes 41 and 51 transmits a location registration request message to the router device 31 or the proxy foreign agent 52 . At this time, the mobile nodes 41 and 51 also transmit an AMR (AA-mobile-node-request) message.

[0139] (3) Upon receipt of a location registration message, the router device 31 or the proxy foreign agent 52 transmits the AMR message to the AAAF server 32 .

[0140] (4) Upon receipt of the AMR message, the AAAF server 32 transfers it to the AAAH server 22 .

[0141] (5) Upon receipt of the AMR message, the AAAH server 22 performs the authenticating, authorizing, and accounting processes on the mobile nodes 41 or 51 , and transmits an HAR (home-agent-MIP-request) message to the home agent 21 .

[0142] (6) Upon receipt of the HAR message, the home agent 21 registers the locations of the mobile nodes 41 or 51 , and returns an HAA (home-agent-MIP-answer) message to the AAAH server 22 .

[0143] (7) Upon receipt of the HAA message, the AAAH server 22 transmits an AMA (AA-mobile-node-answer) message to the AAAF server 32 .

[0144] (8) Upon receipt of the AMA message, the AAAF server 32 transfers it to the router device 31 or the proxy foreign agent 52 .

[0145] (9) Upon receipt of the AMA message, the router device 31 or the proxy foreign agent 52 transmits a location registration reply message to the mobiles nodes 41 or 51 . At this time, the router device 31 or the proxy foreign agent 52 can transmit the AMA message to the mobile nodes 41 or 51 .

[0146] (10) When the mobile nodes 41 or 51 receives the location registration reply message, the location registration procedure terminates.

[0147] In the communications service providing method according to the present invention, the service control information (hereinafter referred to as a “service profile”) corresponding to the mobile nodes 41 and 51 is distributed to a corresponding communications appliance in the above mentioned location registration procedure. Practically, the service profile corresponding to the mobile nodes 41 and 51 is extracted from the database 23 by the AAAH server 22 . The service profile is distributed together with the HAR message to the home agent 21 , and is distributed together with the AMA message to the AAAF server 32 . Furthermore, the service profile is distributed to the mobile node 41 together with the AMA message according to the first embodiment, and is distributed together with the AMA message to the proxy foreign agent 52 according to the second embodiment. At this time, the distributed service profile is stored in service profile cache (SPC).

[0148] The above mentioned information (containing various messages, service profiles, etc.) is basically stored in an IPv6 packet and transmitted. Described below is the configuration of a packet transmitted and received in the system according to the first and second embodiments.

[0149] FIG. 62 shows the format of an IPv6 packet. An IPv6 packet comprises an IP header and an IP payload. In the IPv6, the IP header comprises a standard header and an option header. In the IP payload, a UDP packet is stored. The specification, etc. of the IPv6 is described in detail in the RFC2469 of the IETF.

[0150] In the IPv6, it is necessary to support an IPsec (IP security protocol). The IPsec contains an encryption protocol for encrypting the option header and the payload of the IP packet. It is determined depending on the setting of the C flag in the IP header as to whether or not the option header is to be encrypted.

[0151] FIG. 63 shows the format of the standard header of the IPv6 packet. The standard header comprises version information, a traffic class, a flow label, a payload length, a next header, the number of hop restrictions, a source address, and a destination address. Since the format of the standard header is well known, the detailed explanation is omitted here.

[0152] FIGS. 64A through 64E show the information stored in the option header of the IPv6 packet. FIG. 64A shows the format of an end point option. The end point option stores the information referred to by a terminal (including a mobile node, a home agent, a communications node).

[0153] FIG. 64B shows the format of a relay point option. The relay point option stores the information referred to by a relay device (including an AAA server, a home agent, a router device). The above mentioned C flag is provided in, for example, the option area of the relay point option.

[0154] FIG. 64C shows the format of a binding update option. The binding update option stores a binding update message generated by a mobile node. An A-bit indicates whether or not the device which has received the binding update message has to return the binding acknowledge message. An H-bit indicates whether or not home registration is to be performed on a mobile node. The mobile node sets the H-bit depending on whether or not the source of the received advertisement message matches the source of the previously received advertisement message in the environment in which, for example, a router device or a proxy foreign agent periodically transmits an advertisement message. At this time, when the sources of the above mentioned two messages match each other, the mobile node is assumed to have been registered in the home agent 21 . If they do not match, a current location of the mobile node has not been registered in the home agent 21 .

[0155] FIG. 64D shows the format of a binding acknowledge option. The binding acknowledge option stores a binding acknowledge message generated by the device which has received the binding update message.

[0156] The binding update option and the binding acknowledge option can be stored in, for example, the option area of the end point option shown in FIG. 64A .

[0157] FIG. 64E shows the format of a home address option. The home address option stores the home address of a mobile node.

[0158] FIGS. 65A and 65B show the format of the IPsec header. In the system according to the present embodiment, an authentication header (AH: authentication header) protocol or an ESP (encapsulating security payload) protocol is used to realize the IPsec.

[0159] FIG. 65A shows the format of an IP authentication header. The IP authentication header contains a next header, a payload length, an SPI (security parameters Index), and authentication data. FIG. 65B shows the format of an ESP header. The ESP header contains a next header, a payload length, an SPI, and encrypted data. These IPsec headers are stored in the option header of the IPv6 packet. The specification of the authentication header and the ESP is described in detail respectively in the RFC 2402 and the RFC 2406 of the IETF.

[0160] FIG. 66 shows the format of an AAA option. The AAA option contains a command code identifying the DIAMETER message. Practically, the command code identifies the AMR message, the AMA message, the HAR message, and the HAA message. The AAA option is stored in the option header of the IPv6 packet. Practically, the AAA option can be stored in, for example, the option area of the relay point option shown in FIG. 64B . In addition, the AAA option can also be stored in the option area of the end point option shown in FIG. 64A .

[0161] FIGS. 67A through 67C show the information stored in the sub-option area of the AAA option shown in FIG. 66 . FIG. 67A shows an example of an MN-NAI extension sub-option. The MN-NAI extension sub-option stores the NAI (network access identifier) of a mobile node. Each mobile node is uniquely identified by the NAI.

[0162] FIG. 67B shows an example of an MN-AAA authentication extension sub-option. The MN-AAA authentication extension sub-option stores an SPI and an authentication data for authenticating a mobile node.

[0163] FIG. 67C shows an example of a session ID option. The session ID option stores a session ID. The session ID is identification information for correlating a plurality of messages used in the location registration sequence of each mobile node.

[0164] FIG. 68A shows the format of a service profile option. The service profile option contains a vendor ID, a session ID, a service profile group, etc. The service profile option is stored in the option header of an IPv6 packet. Practically, the service profile option can be stored in, for example, the option area of the relay point option shown in FIG. 64B or the option area of the end point option shown in FIG. 64A .

[0165] FIG. 68B shows an example of a service profile group stored in the service profile option shown in FIG. 68A . The service profile group comprises one or more service profiles for providing communications services for corresponding mobile node. The service profile of corresponding mobile node is extracted from the database (SPDB) 23 shown in FIGS. 5 through 8 .

[0166] FIG. 69 shows the method of encapsulating an IPv6 packet. The encapsulation of a packet (tunnel transfer) is performed when an original packet is transferred to a destination other than a final destination of the original packet. In this case, a tunnel packet can be generated by assigning a header in which the other destination is set in the original packet. That is, the original packet is stored in the payload of the tunnel packet. The method of encapsulating the IPv6 packet is described in detail in the RFC 2473 of the IETF.

[0167] FIG. 9 shows a packet used in the location registration procedure of a mobile node. In this example, the packet according to the second embodiment in FIGS. 7 and 8 is shown.

[0168] The location registration is started by the mobile node 51 issuing a location registration request. Since the location registration request is practically a message requesting to update a mobility binding table provided in the home agent 21 , the location registration request is hereinafter referred to as “binding update”. A mobility binding table is a table for use by the home agent 21 in managing the location of the mobile node 51 .

[0169] The binding update request transmitted by the mobile node 51 and the related information are stored in the option header of the IPv6 packet. Practically, the option header of the IPv6 packet transmitted from the mobile node 51 is assigned the relay point option shown in FIG. 64 B, the AAA option shown in FIG. 66 , the end point option shown in FIG. 64 A, the binding update option shown in FIG. 64 C, and the authentication header/ESP option shown in FIG. 65A or 65 B. In this example, the AMR message is set in the AAA option. The sub-option of the AAA option stores the MN-AAA authentication extension sub-option shown in FIG. 67B . The IPv6 packet is transmitted to the proxy foreign agent 52 .

[0170] Upon receipt of the IPv6 packet from the mobile node 51 , the proxy foreign agent 52 encapsulates and transmits it to the AAAF server 32 . At this time, a session ID option is set in the AAA option stored in the option header of the IPv6 packet.

[0171] Upon receipt of the IPv6 packet from the proxy foreign agent 52 , the AAAF server 32 transfers it to the AAAH server 22 . Then, the AAAH server 22 decapsulates the received IPv6 packet, and transfers it to the home agent 21 . At this time, instead of the AMR message the HAR message is set in the AAA option of the IPv6 packet. In addition, the service profile option shown in FIGS. 68A and 68B is added to the option header of the IPv6 packet.

[0172] Upon receipt of the IPv6 packet, the home agent 21 obtains necessary information from the binding update option in the option header, updates the mobility binding table, and obtains the service profile of the of the mobile node 51 from the service profile option. Then, the binding acknowledge message is returned from the home agent 21 to the mobile node 51 , but the detailed explanation of the procedure is omitted here. The home agent 21 notifies the communications node 42 of the binding update message and the service profile of the mobile node 51 as necessary.

[0173] The configuration of a packet is basically the same as in the first embodiment. However, in the first embodiment, the mobile node 41 assigns a session ID option.

[0174] Thus, the necessary information in the location registration procedure (including the procedure of authenticating a mobile node) of the mobile nodes 41 and 51 , and the service profile of the mobile node are stored in the option header of the IPv6 packet, and is then transferred. Generally, the IPv6 packet is encrypted by the IPsec. However, in the IPv6, it can be selected whether or not the option header of the IPv6 packet is to be encrypted. Practically, for example, it can be selected whether or not the option header is to be encrypted using the C flag set in the above mentioned relay point option. In the system according to the first and second embodiment, the option header is not encrypted. Therefore, the proxy foreign agent 52 , the AAAF server 32 , and the AAAH server 22 can obtain necessary information (especially DIAMETER message, etc.) for the location registration of the mobile nodes 41 and 51 from the IPv6 packet transferred in the location registration procedure.

[0175] 2. Configuration of each device

[0176] 2.1 Mobile Node, Proxy Foreign Agent, Home Agent, and Communication Node

[0177] FIG. 10 is a block diagram of the mobile node, the proxy foreign agent, the home agent, and a communications node. The mobile node, the proxy foreign agent, the home agent, and a communications node have basically the same function block. However, the mobile node 51 according to the second embodiment does not have to be provided with a service control unit or a transfer control unit.

[0178] A packet control unit 101 has a filtering function, and classifies packets based on the header of each packet into data packets and protocol packets. The packet control unit 101 edits the packets and transmits them according to the instructions from a service control unit 103 and a transfer control unit 104 .

[0179] A protocol control unit 102 performs a process based on the mobile IP, an AAA protocol (DIAMETER), and a DHCP (dynamic host configuration protocol) The protocol control unit 102 holds a session transaction for managing an AAA session. An example of the session transaction is shown in FIGS. 11A and 11B . FIG. 11A shows an example of the session transaction held by the mobile node 41 or the proxy foreign agent 52 . FIG. 11B shows an example of the session transaction held by the home agent 21 .

[0180] The service control unit 103 is provided with service profile cache, and holds a service profile extracted from the database (SPDB) 23 .

[0181] The transfer control unit 104 manages the control information relating to packet transfer. A visitor list is held by the proxy foreign agent 52 . As shown in FIG. 12 A, the visitor list stores a home address (originally assigned IP address) of a mobile node, a link layer address (for example, a MAC address) of a mobile node, an address of the home agent managing a mobile node, information for authentication of a mobile node, etc.

[0182] The mobility binding is held by the home agent 21 . As shown in FIG. 12 B, the mobility binding stores a home address of a mobile node, an address currently assigned to a mobile node when the mobile node exits its home network, information for authentication of a mobile node, etc.

[0183] The binding cache is held by the communications node 42 . The configuration of the binding cache is similar to that of the mobility binding. However, the binding cache stores the information for indicating a method of encapsulating a packet as shown in FIG. 12C .

[0184] A communications node list is held by a proxy foreign agent, a home agent, or a mobile node. The address of a communications node to which a binding update message has ever been transmitted is registered in the communications node list as shown in FIG. 13A . The address of the communications node registered in the communications node list is deleted after a period prescribed by “lifetime” has passed. In addition, as shown in FIG. 13 B, the address of a communications node to which no binding update message is to be transmitted can be registered.

[0185] The routing table stores information for indicating the destination of a transferred packet although it is not shown in the attached drawings.

[0186] Described below are the basic operations of a mobile node, a proxy for