[go: up one dir, main page]

WO2019120546A1 - Methods, apparatus and computer programs for providing virtual networks - Google Patents

Methods, apparatus and computer programs for providing virtual networks Download PDF

Info

Publication number
WO2019120546A1
WO2019120546A1 PCT/EP2017/084122 EP2017084122W WO2019120546A1 WO 2019120546 A1 WO2019120546 A1 WO 2019120546A1 EP 2017084122 W EP2017084122 W EP 2017084122W WO 2019120546 A1 WO2019120546 A1 WO 2019120546A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
virtual
resources
wireless communication
management node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/EP2017/084122
Other languages
French (fr)
Inventor
Jari Arkko
Jimmy KJÄLLMAN
Ari KERÄNEN
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Telefonaktiebolaget LM Ericsson AB
Original Assignee
Telefonaktiebolaget LM Ericsson AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget LM Ericsson AB filed Critical Telefonaktiebolaget LM Ericsson AB
Priority to PCT/EP2017/084122 priority Critical patent/WO2019120546A1/en
Publication of WO2019120546A1 publication Critical patent/WO2019120546A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0895Configuration of virtualised networks or elements, e.g. virtualised network function or OpenFlow elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0896Bandwidth or capacity management, i.e. automatically increasing or decreasing capacities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • H04L41/122Discovery or management of network topologies of virtualised topologies, e.g. software-defined networks [SDN] or network function virtualisation [NFV]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/40Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using virtualisation of network functions or resources, e.g. SDN or NFV entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing

Definitions

  • Embodiments of the disclosure relate to communication networks, and particularly to methods, apparatus and computer programs for providing or establishing virtual networks over communication networks.
  • Cloud services today provide mechanisms for the creation of computing, networking, and storage resources at chosen locations around the world. Companies such as Amazon (RTM), Linode (RTM), and others provide interfaces to manage services in this manner. These services are based on technologies such as virtualization, software-defined networking, large data centres with inexpensive individual resources, and various networking, management, and user interface tools.
  • Virtual networks are well known, representing the combination of hardware and software network resources and network functionality into a single, software-based administrative entity.
  • network slices have been proposed as a solution to the many disparate use cases expected of future networks, and particularly the 5 th generation mobile networks being developed by the 3 rd Generation Partnership Project (3GPP).
  • 3GPP 3 rd Generation Partnership Project
  • Network slicing allows multiple virtual networks to be created on top of a common shared physical infrastructure.
  • Each virtual network may be implemented to provide a respective set of parameters, such as a particular quality of service, etc.
  • network slices or other virtual networks must be established by network infrastructure owners, in communication with a particular user requesting the establishment of the network slice or virtual network.
  • This conventional approach may therefore be relatively inflexible, both for users and infrastructure owners. For example, users may be unable to configure or re-configure a virtual network without significant renegotiation of service level agreements, etc. Owners of network infrastructure may have spare unused capacity in their networks.
  • Embodiments of the disclosure seek to address these and other problems.
  • One aspect of the disclosure provides a method executed in a management node for a cloud service provider coupled to a wireless communication network.
  • the method comprises: receiving, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third- party virtual networks; receiving, from a user device, a request to establish a virtual network; and initiating a process to establish the virtual network using the indicated available resources in the wireless communication network.
  • Embodiments of the disclosure also provide apparatus configured to perform the method recited above and the methods described herein.
  • a management node may be provided, configured to perform any of the methods described herein.
  • the management node comprises processing circuitry and a non-transitory machine- readable medium storing instructions which, when executed by the processing circuitry, cause the management node to: receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks; receive, from a user device, a request to establish a virtual network; and initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
  • the management node may be implemented in one or more modules.
  • the management node may comprise a first module configured to receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks; a second module configured to receive, from a user device, a request to establish a virtual network; and a third module configured to initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
  • the modules are implemented purely in hardware.
  • the modules are implemented purely in software.
  • the modules are implemented in a combination of both hardware and software.
  • a further aspect provides a computer program comprising computer code which, when executed by processing circuitry of a management node, causes the management node to: receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks; receive, from a user device, a request to establish a virtual network; and initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
  • a further aspect of the disclosure provides a computer program product comprising a non-transitory machine-readable medium storing code which, when executed by processing circuitry of a management node, causes the management node to: receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks; receive, from a user device, a request to establish a virtual network; and initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
  • Figure 1 is a signalling diagram showing establishment of a virtual network according to embodiments of the disclosure
  • Figure 2 is a schematic diagram of a system according to embodiments of the disclosure
  • Figure 3 is a flowchart of a method according to embodiments of the disclosure.
  • FIG. 4 is a schematic diagram of a management node according to embodiments of the disclosure.
  • Embodiments of the present disclosure provide methods, apparatus and computer programs in a cloud service provider, which enable end users to build and request establishment of a virtual access network according to their requirements. Conversely, the methods, apparatus and computer programs enable network infrastructure owners to register access network resources (particularly unused access network resources) with the cloud service provider for the establishment of such virtual networks by the end users.
  • Embodiments of the disclosure thus relate to a service provided by a cloud service provider of enabling spare, unused access network resources to be matched to end users for the establishment of virtual access networks as required.
  • Figure 1 is a signalling diagram showing establishment of a virtual network according to embodiments of the disclosure.
  • the signalling is provided between a node 100 in access network infrastructure; a cloud service provider 102 (e.g. a management node of the cloud service provider 102); a service 104 of the cloud service provider; and a user device 106.
  • a cloud service provider 102 e.g. a management node of the cloud service provider 102
  • a service 104 of the cloud service provider e.g. a user device 106.
  • the node 100 in the access network infrastructure may correspond to a management node of the access network infrastructure, or any other suitable network node for the access network infrastructure.
  • the access network may be any wireless access network, utilizing any of various different access protocols.
  • the wireless access network may be a wireless local area network (WLAN), implementing IEEE 802.1 1x protocols; alternatively, the wireless access network may be a radio access network for a cellular network, implementing any of the numerous cellular network standards currently developed or to be developed, e.g. Long Term Evolution (LTE), Universal Mobile Telecommunications System Terrestrial Radio Access (UTRA), Evolved UTRA (E-UTRA), New Radio (NR), etc.
  • LTE Long Term Evolution
  • UTRA Universal Mobile Telecommunications System Terrestrial Radio Access
  • E-UTRA Evolved UTRA
  • NR New Radio
  • the management node in the cloud service provider 102 may be any suitable node capable of communicating with the access network infrastructure node 100 and the end user 106.
  • One suitable implementation for the management node is described below with respect to Figure 4.
  • the cloud service provider 102 may make a service or software management tool 104 available to end users for the establishment of virtual networks as described herein.
  • the service may be made available via any suitable mechanism.
  • the software management tool 104 may be web-based, and accessible by the end user via an Internet or web browser.
  • the software management tool 104 may be installed partially or totally on the user device 106 itself.
  • the software management tool 104 may communicate with the user device 106 and/or the management node via one or more application programming interfaces (APIs), for example.
  • APIs application programming interfaces
  • the user device 106 is any device which is suitable for communicating with the cloud service provider management node, e.g., via the software management tool 104.
  • the user device 106 may comprise any computing device, such as a computer (desktop, laptop, etc) or a mobile device.
  • the end user in the context of this application is unlikely to be an individual user, but rather may be an entity seeking to establish a virtual network for the benefit of multiple individual users.
  • the end user may be a building owner, a company, or a municipal body, for example. Such end users may require a virtual network for the benefit of the individuals in a given area (i.e. the occupants or visitors to a particular building or geographical area, etc).
  • the signalling begins in step 108, in which the network infrastructure node 100 registers one or more network resources with the cloud service provider 102, as being available for use in third-party virtual networks.
  • the registration of the network resources may be acknowledged by the cloud service provider 102 in a return acknowledgement message.
  • the signalling in step 108, and in each of the following steps, may be authenticated with cryptographic signatures to ensure that the process is secure and not subject to “man-in-the-middle” attacks from malicious parties.
  • the signalled messages may be authenticated with transport layer security (TLS) certificates and transmitted using the HTTPS protocol (or HTTP/2 with TLS).
  • TLS transport layer security
  • Step 108 thus comprises the registration of one or more network resources with the cloud service provider.
  • the registration may comprise the infrastructure node 100 communicating to the cloud service provider an indication of the type of network resources which are being made available (e.g. the type of physical infrastructure, etc), and their geographical location.
  • the infrastructure node 100 may further communicate to the cloud service provider 102 an identity of the resources and/or a logical address of the resources (e.g. an IP address).
  • the registration of resources may be standalone, or form part of another process. In the latter case, for example, resources may be registered as available upon registering a node of the network infrastructure with the cloud service provider for another purpose, such as registering the node to a computer cluster.
  • the resources which are registered may comprise access network resources, such as physical access network infrastructure or equipment (e.g. access points (enabled for IEEE 802.11x or 802.15.4 standards, LoRa (RTM), Bluetooth (RTM) or any other wireless standard), base stations, etc), which have spare capacity for the establishment of one or more third-party networks.
  • access network resources such as physical access network infrastructure or equipment (e.g. access points (enabled for IEEE 802.11x or 802.15.4 standards, LoRa (RTM), Bluetooth (RTM) or any other wireless standard), base stations, etc), which have spare capacity for the establishment of one or more third-party networks.
  • the network infrastructure or equipment may comprise a wireless terminal device (e.g. a UE) configured to act as an access point.
  • Third-party networks are networks established by end users in accordance with embodiments of the disclosure.
  • step 108 may be repeated with multiple network infrastructure owners, such that the cloud service provider 102 (e.g., the management node thereof) can formulate a catalogue or list of available network resources in one or multiple access networks. According to embodiments of the disclosure, this list is made available to end users via the software management tool 104.
  • the cloud service provider 102 e.g., the management node thereof
  • this list is made available to end users via the software management tool 104.
  • step 1 10 the user device 106, in communication with the software management tool 104, builds a virtual network (e.g., utilizing resources selected from the list of available resources) and submits a request for the establishment of the virtual network.
  • the software management tool 104 then forwards the request to the cloud service provider 102 in step 112.
  • the user device 106 selects resources from the list of available resources in order to build a virtual network meeting the user’s requirements. For example, the user may select resources in a particular geographical location (e.g. corresponding to a location of the user), or having a particular bandwidth.
  • the user device 106 may request establishment of a virtual network in a particular geographical area and having one or more particular characteristics. For example, the user may specify the quality of service to be provided by the virtual network, the method of network access (e.g. which access protocols are to be used, etc), or any other characteristic.
  • the software management tool 104 may then be configured to suggest suitable network resources, selected from the list of available resources, which meet the user’s requirements. For example, the software management tool 104 may select access network resources which are available in the requested geographical area, and which have the capacity to provide the requested bandwidth, etc. In the illustrated example, the resources registered in step 108 are selected for use in the virtual network requested by the user device 106.
  • the cloud service provider 102 thus receives the request to establish a virtual network and, in step 1 14, initiates a process to establish the requested virtual network using the resources of the access network infrastructure. For example, in the illustrated example, this step involves the transmission of a request for the virtual network resource to the node 100 of the access network.
  • the network infrastructure authorises the use of the requested network resource(s), and configures the network infrastructure to implement and/or establish the requested virtual network.
  • the access network infrastructure e.g., access points, base stations, etc
  • SSIDs service set identifiers
  • MVNOs mobile virtual network operator
  • the virtual network may be supported by a switch within the access network, such as a virtual local access network (VLAN) capable switch or a software-defined networking (SDN) switch.
  • the switch may be configured to handle all traffic belonging to the virtual network (and identified by the identifier associated with the virtual network) in a particular way, e.g.
  • the network infrastructure node 100 may transmit an acknowledgement message to the cloud service provider 102, and this acknowledgement may be repeated and transmitted back to the user device 106 by the cloud service provider 102 (e.g. via the software management tool).
  • the acknowledgement message may comprise an indication that the process of establishing the virtual network is complete, and/or that the virtual network is now available for use.
  • the resources of the network infrastructure are used by end users for the virtual network.
  • step 120 accounting information concerning the use is provided by the network infrastructure node 100 to the cloud service provider 102.
  • the accounting information may comprise an indication of the amount of traffic transmitted via the virtual network, the number of accesses of the network by user devices, the number of user devices which accessed the network, etc.
  • the cloud service provider 102 may then transmit further accounting information to the user device 106, comprising a financial cost of the virtual network.
  • the functions of a single node described herein may, in alternative embodiments, be distributed across more than one node.
  • the cloud service provider may comprise separate management nodes configured to communicate with the network infrastructure and the end users, rather than the single node shown in Figure 1.
  • some of the steps shown in Figure 1 as a single step may comprise the transmission and/or reception of more than one signal between the two illustrated entities.
  • FIG. 1 is a schematic diagram of a system 200 according to embodiments of the disclosure, in which a virtual network is established.
  • the system 200 comprises an access network 202, a cloud service provider network 206, and a communication network 204 linking the access network 202 to the cloud service provider network 206 (e.g. the Internet).
  • the cloud service provider network 206 comprises a management system or node 208, which may correspond to the management node of the cloud service provider 102 described above with respect to Figure 1.
  • the access network 202 comprises an agent node 210, which may correspond to the network infrastructure node 100 described above with respect to Figure 1.
  • the cloud service provider network 206 additionally comprises an agent node 212.
  • the management node 208 additionally performs the functions of the agent node 212.
  • the management node 208 is communicatively coupled to both agent nodes 210 and 212.
  • the access network 202 is operative to support a virtual access network 214, which in this instance is a virtual local area network (VLAN), i.e. a network supporting access via the IEEE 802.1 1x protocols. In other instances, different virtual access networks may be provided.
  • VLAN virtual local area network
  • the access network 202 comprises one or more access points, which are operative to create one or more identifiers associated with the virtual network (e.g. SSIDs, MVNOs, etc).
  • the user device 106 may request the creation of a particular identifier (or more than one particular identifier) as part of a request to establish the virtual network.
  • the requested identifier may be subject to one or more checks (to ensure that the identifier is not in use for other networks, or confusingly similar to identifiers in use for other networks, for example).
  • the access points may then create the requested identifier and advertise the virtual network using the identifier.
  • one or more identifiers may be assigned to the virtual network upon its creation by the management node 208.
  • the access network 202 further comprises a switch, such as a VLAN-capable switch or an SDN switch. Traffic associated with the virtual network (and the one or more identifiers) may be routed to the switch and handled according to a set of rules established for the virtual network. For example, the switch may be operative to apply a certain quality of service requested of the virtual network.
  • a switch such as a VLAN-capable switch or an SDN switch.
  • the switch is operative to route traffic associated with the virtual network (and the identifier) through a virtual tunnel 216 established via the communication network 204.
  • the tunnel 216 may be, for example, an Internet Protocol Security (IPSec) or other virtual private network (VPN) tunnel.
  • IPSec Internet Protocol Security
  • VPN virtual private network
  • the tunnel 216 may provide a secure link to a virtual sub-network 218 residing in the cloud 206.
  • the virtual network comprises a virtual local access network 214 established on local access network physical infrastructure, and a remainder of the virtual network 216 in the cloud 206.
  • Communications within the virtual local access network 214 may be implemented using a virtual switched environment (e.g. one or more VLAN-capable switches or SDN switches).
  • Servers or services for the virtual network may be established in the sub-network 216 residing in the cloud 206.
  • DHCP dynamic host configuration protocol
  • the management node 208 may communicate with the agent nodes 210, 212 to establish the virtual access network 214 and the cloud-based virtual network 216 respectively (e.g. as described above with respect to Figure 1 ), and to monitor the usage of those resources once the network is established.
  • FIG 3 is a flowchart of a method according to embodiments of the disclosure. The method may be carried out in a management node for a cloud service provider, such as the management node of the cloud service provider 102 or the management node 208 described above with respect to Figures 1 and 2 respectively.
  • a management node for a cloud service provider such as the management node of the cloud service provider 102 or the management node 208 described above with respect to Figures 1 and 2 respectively.
  • the method begins in step 300, in which the management node receives one or more indications of resources which are available in one or more wireless communication networks for the establishment of third-party virtual networks.
  • the indications may be received from nodes of the respective wireless communication networks.
  • Step 300 may thus form part of a process of registering available access network resources with the cloud service provider.
  • the indications may comprise one or more of: an indication of the type of network resources which are being made available (e.g. the type of physical infrastructure, etc); the geographical location of the resources; the identity of the resources; an indication of financial cost related to using the resources; and a logical address of the resources (e.g. an IP address).
  • the registration of resources may be standalone, or form part of another process. In the latter case, for example, resources may be registered as available upon registering a node of the network infrastructure with the cloud service provider for another purpose, such as registering the node to a computer cluster.
  • the management node provides a software management tool to a user or user device.
  • the software management tool may be web-based, and accessible by the end user via an Internet or web browser.
  • the software management tool may be installed partially or totally on the user device itself.
  • the software management tool may communicate with the user device and/or the management node via one or more application programming interfaces (APIs), for example.
  • APIs application programming interfaces
  • the software management tool may display a list of the available resources to the user.
  • the management node receives a request for a virtual network from the user device.
  • the request may be received via the software management tool provided in step 302.
  • the user device selects resources from the list of available resources in order to build a virtual network meeting the user’s requirements. For example, the user may select resources in a particular geographical location (e.g. corresponding to a location of the user), or having a particular bandwidth. Alternatively, the user device may request establishment of a virtual network in a particular geographical area and/or having one or more particular characteristics. For example, the user may specify the quality of service to be provided by the virtual network, the method of network access (e.g. which access protocols are to be used, etc), or any other characteristic.
  • the software management tool may then be configured to suggest suitable network resources, selected from the list of available resources, which meet the user’s requirements. For example, the software management tool may select access network resources which are available in the requested geographical area, and which have the capacity to provide the requested bandwidth, etc.
  • step 306 the management node determines resources for the virtual network according to the request 304. Where the user specifies the resources in the request to the software management tool, this step may simply comprise identifying the resources which are indicated in the request received in step 304. Where the user specifies only particular requirements of a virtual network, however, step 306 may comprise determining the resources based on the particular requirements.
  • step 308 the management node initiates a process to establish the requested virtual network using the resources of the access network infrastructure. For example, this step may involve the transmission of a request for the virtual network resource to a node of the access network. Further detail regarding the establishment of the virtual network is provided above with respect to Figure 2.
  • the management node may receive an acknowledgement message from the access network and, in step 310, the management node confirms the establishment of the virtual network to the user device. For example, an acknowledgement message may be transmitted comprising an indication that the process of establishing the virtual network is complete, and/or that the virtual network is now available for use.
  • the management node receives accounting information concerning the use from the network infrastructure (e.g. from the node 100 or the agent node 210).
  • the accounting information may comprise an indication of the amount of traffic transmitted via the virtual network, the number of accesses of the network by user devices, the number of user devices which accessed the network, etc.
  • the management node determines an appropriate financial cost of the virtual network and, in step 314, transmits further accounting information to the user device, comprising a financial cost of the virtual network.
  • FIG 4 is a schematic diagram of a management node 400 according to embodiments of the disclosure.
  • the management node 400 may be operative to perform the method described above with respect to Figure 3, for example.
  • the management node 400 may correspond to the management node of the cloud service provider 102 or the management node 208 described above with respect to Figures 1 and 2.
  • the management node 400 may belong to a cloud service provider, which is coupled to a wireless communication network.
  • the management node 400 comprises processing circuitry 402 and a non-transitory machine-readable medium 404 (such as memory).
  • the medium 404 stores instructions (e.g. in the form of computer code) which, when executed by the processing circuitry, cause the management node 400 to: receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks; receive, from a user device, a request to establish a virtual network; and initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
  • the management node 400 may be implemented in one or more modules.
  • the management node may comprise a first module configured to receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third- party virtual networks; a second module configured to receive, from a user device, a request to establish a virtual network; and a third module configured to initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
  • the modules are implemented purely in hardware.
  • the modules are implemented purely in software.
  • the modules are implemented in a combination of both hardware and software.
  • the management node 400 may provide a software management tool to the user device for building a virtual network using the indicated available resources.
  • the software management tool may be configured to display a list of the indicated available resources for use in building the virtual network.
  • the indicated available resources may correspond, for example, to resources which are available in a geographical area in which the virtual network is to be established.
  • the request to establish the virtual network may be received via the software management tool.
  • the request to establish the virtual network may comprise an indication of one or more required network configuration parameters.
  • the management node 400 may be further caused to determine resources from the indicated available resources that may be utilized to provide the required network configuration parameters. The process can then be initiated to establish the virtual network using the determined resources.
  • the virtual network may have or be associated with a network identity, with traffic associated with the network identity being confined within the virtual network.
  • the management agent may be configured to instruct a switch within the wireless communication network to handle or process traffic associated with the network identity according to a defined set of rules for the virtual network.
  • the switch may apply a defined quality of service for the virtual network to traffic which is associated with the network identity.
  • the switch may transmit traffic associated with the network identity to a cloud-based portion of the virtual network.
  • the traffic may be transmitted via a virtual tunnel, for example.
  • the management node may be further caused to receive, from one or more further wireless communication networks, indications of respective resources which are available for use in third-party virtual networks.
  • the list of available resources may comprise resources from the plurality of wireless communication networks.
  • the management node 400 may be caused to initiate a process to establish the virtual network by transmitting a request message to a management agent in the wireless communication network to establish the virtual network.
  • the virtual network may comprise one or more of: a virtual radio access network, established using the indicated available resources; a virtual switched environment; a virtual tunnel; and a virtual sub-network established in the cloud, coupled to the virtual radio access network via the virtual tunnel.
  • the management node 400 may be further caused to receive accounting information from the wireless communication network in respect of the virtual network; and provide accounting information to the user device in respect of the virtual network.
  • the management node 400 may further comprise one or more interfaces 406, providing interfaces for the transmission and/or reception of signals via any suitable modality.
  • the interfaces 406 may comprise circuitry suitable for the transmission and/or reception of electrical, wireless or optical signals, and thus may comprise circuitry such as optical transmitters and receivers, wireless or radio transceiver circuitry and/or antennas, and digital processing circuitry for the transmission of electrical signals.
  • the processing circuitry 402, machine-readable medium 404 and interfaces 406 may be coupled to each other in any suitable manner.
  • Figure 4 shows the components coupled together in series, it will be understood by those skilled in the art that the components may be coupled together in an alternative manner, such as via a bus.
  • the present disclosure thus provides methods, apparatus and computer program products for establishing a virtual network as requested by a user, and for utilizing spare capacity in access networks.
  • processor control code for example on a non-volatile carrier medium such as a disk, CD- or DVD-ROM, programmed memory such as read only memory (Firmware), or on a data carrier such as an optical or electrical signal carrier.
  • a non-volatile carrier medium such as a disk, CD- or DVD-ROM
  • programmed memory such as read only memory (Firmware)
  • a data carrier such as an optical or electrical signal carrier.
  • DSP Digital Signal Processor
  • ASIC Application Specific Integrated Circuit
  • FPGA Field Programmable Gate Array
  • the code may comprise conventional program code or microcode or, for example code for setting up or controlling an ASIC or FPGA.
  • the code may also comprise code for dynamically configuring re-configurable apparatus such as re-programmable logic gate arrays.
  • the code may comprise code for a hardware description language such as Verilog TM or VHDL (Very high speed integrated circuit Hardware Description Language).
  • Verilog TM or VHDL Very high speed integrated circuit Hardware Description Language
  • the code may be distributed between a plurality of coupled components in communication with one another.
  • the embodiments may also be implemented using code running on a field-(re)programmable analogue array or similar device in order to configure analogue hardware.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Embodiments of the disclosure provides methods, apparatus and computer programs for providing virtual networks. One aspect of the disclosure provides a method executed in a management node for a cloud service provider coupled to a wireless communication network. The method comprises: receiving, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks; receiving, from a user device, a request to establish a virtual network; and initiating a process to establish the virtual network using the indicated available resources in the wireless communication network.

Description

METHODS, APPARATUS AND COMPUTER PROGRAMS FOR PROVIDING
VIRTUAL NETWORKS
Technical Field
Embodiments of the disclosure relate to communication networks, and particularly to methods, apparatus and computer programs for providing or establishing virtual networks over communication networks.
Background
Cloud services today provide mechanisms for the creation of computing, networking, and storage resources at chosen locations around the world. Companies such as Amazon (RTM), Linode (RTM), and others provide interfaces to manage services in this manner. These services are based on technologies such as virtualization, software-defined networking, large data centres with inexpensive individual resources, and various networking, management, and user interface tools.
Current cloud technology and management tools focus on core computing, storage, and networking resources. The technology also focuses primarily on resources under the control of the cloud service providers. That is, an Amazon (RTM) cloud service can only control resources in Amazon (RTM) data centres, not elsewhere.
Virtual networks are well known, representing the combination of hardware and software network resources and network functionality into a single, software-based administrative entity. For example, network slices have been proposed as a solution to the many disparate use cases expected of future networks, and particularly the 5th generation mobile networks being developed by the 3rd Generation Partnership Project (3GPP). Network slicing allows multiple virtual networks to be created on top of a common shared physical infrastructure. Each virtual network may be implemented to provide a respective set of parameters, such as a particular quality of service, etc.
However, network slices or other virtual networks must be established by network infrastructure owners, in communication with a particular user requesting the establishment of the network slice or virtual network. This conventional approach may therefore be relatively inflexible, both for users and infrastructure owners. For example, users may be unable to configure or re-configure a virtual network without significant renegotiation of service level agreements, etc. Owners of network infrastructure may have spare unused capacity in their networks.
Embodiments of the disclosure seek to address these and other problems.
Summary
One thing that cannot be done with current cloud service platforms is setting up network access at a given location. However, this would provide flexibility to owners and users of network infrastructure, enabling virtual networks to be established upon request by users, and spare capacity in the network infrastructure to be utilized.
One aspect of the disclosure provides a method executed in a management node for a cloud service provider coupled to a wireless communication network. The method comprises: receiving, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third- party virtual networks; receiving, from a user device, a request to establish a virtual network; and initiating a process to establish the virtual network using the indicated available resources in the wireless communication network.
Embodiments of the disclosure also provide apparatus configured to perform the method recited above and the methods described herein. For example, a management node may be provided, configured to perform any of the methods described herein.
One aspect provides a management node for a cloud service provider, the cloud service provider being coupled to a wireless communication network. The management node comprises processing circuitry and a non-transitory machine- readable medium storing instructions which, when executed by the processing circuitry, cause the management node to: receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks; receive, from a user device, a request to establish a virtual network; and initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
In an alternative aspect, the management node may be implemented in one or more modules. For example, the management node may comprise a first module configured to receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks; a second module configured to receive, from a user device, a request to establish a virtual network; and a third module configured to initiate a process to establish the virtual network using the indicated available resources in the wireless communication network. In one embodiment, the modules are implemented purely in hardware. In another embodiment, the modules are implemented purely in software. In further embodiments, the modules are implemented in a combination of both hardware and software.
A further aspect provides a computer program comprising computer code which, when executed by processing circuitry of a management node, causes the management node to: receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks; receive, from a user device, a request to establish a virtual network; and initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
A further aspect of the disclosure provides a computer program product comprising a non-transitory machine-readable medium storing code which, when executed by processing circuitry of a management node, causes the management node to: receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks; receive, from a user device, a request to establish a virtual network; and initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
Brief description of the drawings
For a better understanding of examples of the present disclosure, and to show more clearly how the examples may be carried into effect, reference will now be made, by way of example only, to the following drawings in which:
Figure 1 is a signalling diagram showing establishment of a virtual network according to embodiments of the disclosure;
Figure 2 is a schematic diagram of a system according to embodiments of the disclosure; Figure 3 is a flowchart of a method according to embodiments of the disclosure; and
Figure 4 is a schematic diagram of a management node according to embodiments of the disclosure.
Detailed description
Embodiments of the present disclosure provide methods, apparatus and computer programs in a cloud service provider, which enable end users to build and request establishment of a virtual access network according to their requirements. Conversely, the methods, apparatus and computer programs enable network infrastructure owners to register access network resources (particularly unused access network resources) with the cloud service provider for the establishment of such virtual networks by the end users. Embodiments of the disclosure thus relate to a service provided by a cloud service provider of enabling spare, unused access network resources to be matched to end users for the establishment of virtual access networks as required.
Figure 1 is a signalling diagram showing establishment of a virtual network according to embodiments of the disclosure. The signalling is provided between a node 100 in access network infrastructure; a cloud service provider 102 (e.g. a management node of the cloud service provider 102); a service 104 of the cloud service provider; and a user device 106.
The node 100 in the access network infrastructure may correspond to a management node of the access network infrastructure, or any other suitable network node for the access network infrastructure. The access network may be any wireless access network, utilizing any of various different access protocols. For example, the wireless access network may be a wireless local area network (WLAN), implementing IEEE 802.1 1x protocols; alternatively, the wireless access network may be a radio access network for a cellular network, implementing any of the numerous cellular network standards currently developed or to be developed, e.g. Long Term Evolution (LTE), Universal Mobile Telecommunications System Terrestrial Radio Access (UTRA), Evolved UTRA (E-UTRA), New Radio (NR), etc.
The management node in the cloud service provider 102 may be any suitable node capable of communicating with the access network infrastructure node 100 and the end user 106. One suitable implementation for the management node is described below with respect to Figure 4.
The cloud service provider 102 may make a service or software management tool 104 available to end users for the establishment of virtual networks as described herein. The service may be made available via any suitable mechanism. For example, the software management tool 104 may be web-based, and accessible by the end user via an Internet or web browser. Alternatively, the software management tool 104 may be installed partially or totally on the user device 106 itself. The software management tool 104 may communicate with the user device 106 and/or the management node via one or more application programming interfaces (APIs), for example.
The user device 106 is any device which is suitable for communicating with the cloud service provider management node, e.g., via the software management tool 104. The user device 106 may comprise any computing device, such as a computer (desktop, laptop, etc) or a mobile device. The end user in the context of this application is unlikely to be an individual user, but rather may be an entity seeking to establish a virtual network for the benefit of multiple individual users. The end user may be a building owner, a company, or a municipal body, for example. Such end users may require a virtual network for the benefit of the individuals in a given area (i.e. the occupants or visitors to a particular building or geographical area, etc).
The signalling begins in step 108, in which the network infrastructure node 100 registers one or more network resources with the cloud service provider 102, as being available for use in third-party virtual networks. The registration of the network resources may be acknowledged by the cloud service provider 102 in a return acknowledgement message.
The signalling in step 108, and in each of the following steps, may be authenticated with cryptographic signatures to ensure that the process is secure and not subject to “man-in-the-middle” attacks from malicious parties. For example, the signalled messages may be authenticated with transport layer security (TLS) certificates and transmitted using the HTTPS protocol (or HTTP/2 with TLS).
Step 108 thus comprises the registration of one or more network resources with the cloud service provider. The registration may comprise the infrastructure node 100 communicating to the cloud service provider an indication of the type of network resources which are being made available (e.g. the type of physical infrastructure, etc), and their geographical location. The infrastructure node 100 may further communicate to the cloud service provider 102 an identity of the resources and/or a logical address of the resources (e.g. an IP address).
The registration of resources may be standalone, or form part of another process. In the latter case, for example, resources may be registered as available upon registering a node of the network infrastructure with the cloud service provider for another purpose, such as registering the node to a computer cluster.
The resources which are registered may comprise access network resources, such as physical access network infrastructure or equipment (e.g. access points (enabled for IEEE 802.11x or 802.15.4 standards, LoRa (RTM), Bluetooth (RTM) or any other wireless standard), base stations, etc), which have spare capacity for the establishment of one or more third-party networks. In this context, it is assumed that the resources of the network infrastructure are already utilized by one or more service providers or mobile network operators for conventional network functions. Infrastructure or equipment has spare capacity if the infrastructure or equipment is not utilized to its full extent by these conventional network functions. In one embodiment, the network infrastructure or equipment may comprise a wireless terminal device (e.g. a UE) configured to act as an access point. Third-party networks are networks established by end users in accordance with embodiments of the disclosure.
It will be noted that the registration process described above with respect to step 108 may be repeated with multiple network infrastructure owners, such that the cloud service provider 102 (e.g., the management node thereof) can formulate a catalogue or list of available network resources in one or multiple access networks. According to embodiments of the disclosure, this list is made available to end users via the software management tool 104.
In step 1 10, the user device 106, in communication with the software management tool 104, builds a virtual network (e.g., utilizing resources selected from the list of available resources) and submits a request for the establishment of the virtual network. The software management tool 104 then forwards the request to the cloud service provider 102 in step 112. In one embodiment, the user device 106 selects resources from the list of available resources in order to build a virtual network meeting the user’s requirements. For example, the user may select resources in a particular geographical location (e.g. corresponding to a location of the user), or having a particular bandwidth.
Alternatively, the user device 106 may request establishment of a virtual network in a particular geographical area and having one or more particular characteristics. For example, the user may specify the quality of service to be provided by the virtual network, the method of network access (e.g. which access protocols are to be used, etc), or any other characteristic. The software management tool 104 may then be configured to suggest suitable network resources, selected from the list of available resources, which meet the user’s requirements. For example, the software management tool 104 may select access network resources which are available in the requested geographical area, and which have the capacity to provide the requested bandwidth, etc. In the illustrated example, the resources registered in step 108 are selected for use in the virtual network requested by the user device 106.
The cloud service provider 102 thus receives the request to establish a virtual network and, in step 1 14, initiates a process to establish the requested virtual network using the resources of the access network infrastructure. For example, in the illustrated example, this step involves the transmission of a request for the virtual network resource to the node 100 of the access network.
In step 1 16, the network infrastructure authorises the use of the requested network resource(s), and configures the network infrastructure to implement and/or establish the requested virtual network. For example, the access network infrastructure (e.g., access points, base stations, etc) may be instructed to create new identifiers for use with the virtual network, such as service set identifiers (SSIDs) or mobile virtual network operator (MVNOs) or similar. The virtual network may be supported by a switch within the access network, such as a virtual local access network (VLAN) capable switch or a software-defined networking (SDN) switch. The switch may be configured to handle all traffic belonging to the virtual network (and identified by the identifier associated with the virtual network) in a particular way, e.g. transmitting the traffic to the cloud for further processing. The traffic belonging to a particular user thus resides entirely within the particular SSID or MVNO belonging to the virtual network. In one embodiment, the virtual network is a network slice. Further detail regarding the establishment of the virtual network is provided below with respect to Figure 2. Once the virtual network is established, the network infrastructure node 100 may transmit an acknowledgement message to the cloud service provider 102, and this acknowledgement may be repeated and transmitted back to the user device 106 by the cloud service provider 102 (e.g. via the software management tool). For example, the acknowledgement message may comprise an indication that the process of establishing the virtual network is complete, and/or that the virtual network is now available for use. In step 118, the resources of the network infrastructure are used by end users for the virtual network. In step 120, accounting information concerning the use is provided by the network infrastructure node 100 to the cloud service provider 102. For example, the accounting information may comprise an indication of the amount of traffic transmitted via the virtual network, the number of accesses of the network by user devices, the number of user devices which accessed the network, etc. Based on this information, the cloud service provider 102 may then transmit further accounting information to the user device 106, comprising a financial cost of the virtual network.
It will be understood by those skilled in the art that the functions of a single node described herein may, in alternative embodiments, be distributed across more than one node. For example, the cloud service provider may comprise separate management nodes configured to communicate with the network infrastructure and the end users, rather than the single node shown in Figure 1. It will further be understood that some of the steps shown in Figure 1 as a single step may comprise the transmission and/or reception of more than one signal between the two illustrated entities.
It will also be noted that one or more of the entities in the signalling diagram of Figure 1 may be the same. For example, the network infrastructure owner may be the same legal entity as the cloud service provider, or the end user. This may affect the accounting information for use of network resources (e.g. if the end user owns some of the network infrastructure used by the virtual network, it may be charged less for using that network infrastructure); however, according to one embodiment of the disclosure, the signalling set out in Figure 1 is unaffected. Thus, the network infrastructure owner may still register resources with the cloud service provider, etc. Figure 2 is a schematic diagram of a system 200 according to embodiments of the disclosure, in which a virtual network is established. The system 200 comprises an access network 202, a cloud service provider network 206, and a communication network 204 linking the access network 202 to the cloud service provider network 206 (e.g. the Internet).
The cloud service provider network 206 comprises a management system or node 208, which may correspond to the management node of the cloud service provider 102 described above with respect to Figure 1. The access network 202 comprises an agent node 210, which may correspond to the network infrastructure node 100 described above with respect to Figure 1. In the illustrated embodiment, the cloud service provider network 206 additionally comprises an agent node 212. However, in alternative embodiments, the management node 208 additionally performs the functions of the agent node 212. The management node 208 is communicatively coupled to both agent nodes 210 and 212.
The access network 202 is operative to support a virtual access network 214, which in this instance is a virtual local area network (VLAN), i.e. a network supporting access via the IEEE 802.1 1x protocols. In other instances, different virtual access networks may be provided.
In particular, the access network 202 comprises one or more access points, which are operative to create one or more identifiers associated with the virtual network (e.g. SSIDs, MVNOs, etc). For example, the user device 106 may request the creation of a particular identifier (or more than one particular identifier) as part of a request to establish the virtual network. The requested identifier may be subject to one or more checks (to ensure that the identifier is not in use for other networks, or confusingly similar to identifiers in use for other networks, for example). The access points may then create the requested identifier and advertise the virtual network using the identifier. Alternatively or additionally, one or more identifiers may be assigned to the virtual network upon its creation by the management node 208. The access network 202 further comprises a switch, such as a VLAN-capable switch or an SDN switch. Traffic associated with the virtual network (and the one or more identifiers) may be routed to the switch and handled according to a set of rules established for the virtual network. For example, the switch may be operative to apply a certain quality of service requested of the virtual network.
In the illustrated embodiment, the switch is operative to route traffic associated with the virtual network (and the identifier) through a virtual tunnel 216 established via the communication network 204. The tunnel 216 may be, for example, an Internet Protocol Security (IPSec) or other virtual private network (VPN) tunnel.
The tunnel 216 may provide a secure link to a virtual sub-network 218 residing in the cloud 206. Thus, in the illustrated embodiment, the virtual network comprises a virtual local access network 214 established on local access network physical infrastructure, and a remainder of the virtual network 216 in the cloud 206. Communications within the virtual local access network 214 may be implemented using a virtual switched environment (e.g. one or more VLAN-capable switches or SDN switches). Servers or services for the virtual network may be established in the sub-network 216 residing in the cloud 206. For example, a dynamic host configuration protocol (DHCP) service for the virtual network represented by the identifier may be established in the sub-network 216.
The management node 208 may communicate with the agent nodes 210, 212 to establish the virtual access network 214 and the cloud-based virtual network 216 respectively (e.g. as described above with respect to Figure 1 ), and to monitor the usage of those resources once the network is established.
Figure 3 is a flowchart of a method according to embodiments of the disclosure. The method may be carried out in a management node for a cloud service provider, such as the management node of the cloud service provider 102 or the management node 208 described above with respect to Figures 1 and 2 respectively.
The method begins in step 300, in which the management node receives one or more indications of resources which are available in one or more wireless communication networks for the establishment of third-party virtual networks. The indications may be received from nodes of the respective wireless communication networks. Step 300 may thus form part of a process of registering available access network resources with the cloud service provider. The indications may comprise one or more of: an indication of the type of network resources which are being made available (e.g. the type of physical infrastructure, etc); the geographical location of the resources; the identity of the resources; an indication of financial cost related to using the resources; and a logical address of the resources (e.g. an IP address).
The registration of resources may be standalone, or form part of another process. In the latter case, for example, resources may be registered as available upon registering a node of the network infrastructure with the cloud service provider for another purpose, such as registering the node to a computer cluster.
In step 302, the management node provides a software management tool to a user or user device. For example, the software management tool may be web-based, and accessible by the end user via an Internet or web browser. Alternatively, the software management tool may be installed partially or totally on the user device itself. The software management tool may communicate with the user device and/or the management node via one or more application programming interfaces (APIs), for example. In some embodiments of the disclosure, the software management tool may display a list of the available resources to the user.
In step 304, the management node receives a request for a virtual network from the user device. The request may be received via the software management tool provided in step 302.
In one embodiment, the user device selects resources from the list of available resources in order to build a virtual network meeting the user’s requirements. For example, the user may select resources in a particular geographical location (e.g. corresponding to a location of the user), or having a particular bandwidth. Alternatively, the user device may request establishment of a virtual network in a particular geographical area and/or having one or more particular characteristics. For example, the user may specify the quality of service to be provided by the virtual network, the method of network access (e.g. which access protocols are to be used, etc), or any other characteristic. The software management tool may then be configured to suggest suitable network resources, selected from the list of available resources, which meet the user’s requirements. For example, the software management tool may select access network resources which are available in the requested geographical area, and which have the capacity to provide the requested bandwidth, etc.
In step 306, the management node determines resources for the virtual network according to the request 304. Where the user specifies the resources in the request to the software management tool, this step may simply comprise identifying the resources which are indicated in the request received in step 304. Where the user specifies only particular requirements of a virtual network, however, step 306 may comprise determining the resources based on the particular requirements.
In step 308, the management node initiates a process to establish the requested virtual network using the resources of the access network infrastructure. For example, this step may involve the transmission of a request for the virtual network resource to a node of the access network. Further detail regarding the establishment of the virtual network is provided above with respect to Figure 2.
Once the virtual network is established, the management node may receive an acknowledgement message from the access network and, in step 310, the management node confirms the establishment of the virtual network to the user device. For example, an acknowledgement message may be transmitted comprising an indication that the process of establishing the virtual network is complete, and/or that the virtual network is now available for use.
In step 312, the management node receives accounting information concerning the use from the network infrastructure (e.g. from the node 100 or the agent node 210). For example, the accounting information may comprise an indication of the amount of traffic transmitted via the virtual network, the number of accesses of the network by user devices, the number of user devices which accessed the network, etc. Based on this information, the management node determines an appropriate financial cost of the virtual network and, in step 314, transmits further accounting information to the user device, comprising a financial cost of the virtual network.
Figure 4 is a schematic diagram of a management node 400 according to embodiments of the disclosure. The management node 400 may be operative to perform the method described above with respect to Figure 3, for example. Alternatively, or additionally, the management node 400 may correspond to the management node of the cloud service provider 102 or the management node 208 described above with respect to Figures 1 and 2.
The management node 400 may belong to a cloud service provider, which is coupled to a wireless communication network. The management node 400 comprises processing circuitry 402 and a non-transitory machine-readable medium 404 (such as memory). The medium 404 stores instructions (e.g. in the form of computer code) which, when executed by the processing circuitry, cause the management node 400 to: receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks; receive, from a user device, a request to establish a virtual network; and initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
In alternative embodiments, the management node 400 may be implemented in one or more modules. For example, the management node may comprise a first module configured to receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third- party virtual networks; a second module configured to receive, from a user device, a request to establish a virtual network; and a third module configured to initiate a process to establish the virtual network using the indicated available resources in the wireless communication network. In one embodiment, the modules are implemented purely in hardware. In another embodiment, the modules are implemented purely in software. In further embodiments, the modules are implemented in a combination of both hardware and software.
In further embodiments, the management node 400 may provide a software management tool to the user device for building a virtual network using the indicated available resources. The software management tool may be configured to display a list of the indicated available resources for use in building the virtual network. The indicated available resources may correspond, for example, to resources which are available in a geographical area in which the virtual network is to be established. The request to establish the virtual network may be received via the software management tool. The request to establish the virtual network may comprise an indication of one or more required network configuration parameters. In such embodiments, the management node 400 may be further caused to determine resources from the indicated available resources that may be utilized to provide the required network configuration parameters. The process can then be initiated to establish the virtual network using the determined resources.
The virtual network may have or be associated with a network identity, with traffic associated with the network identity being confined within the virtual network. In that case, the management agent may be configured to instruct a switch within the wireless communication network to handle or process traffic associated with the network identity according to a defined set of rules for the virtual network. For example, the switch may apply a defined quality of service for the virtual network to traffic which is associated with the network identity. For example, the switch may transmit traffic associated with the network identity to a cloud-based portion of the virtual network. The traffic may be transmitted via a virtual tunnel, for example.
The management node may be further caused to receive, from one or more further wireless communication networks, indications of respective resources which are available for use in third-party virtual networks. In that case, the list of available resources may comprise resources from the plurality of wireless communication networks.
The management node 400 may be caused to initiate a process to establish the virtual network by transmitting a request message to a management agent in the wireless communication network to establish the virtual network.
The virtual network may comprise one or more of: a virtual radio access network, established using the indicated available resources; a virtual switched environment; a virtual tunnel; and a virtual sub-network established in the cloud, coupled to the virtual radio access network via the virtual tunnel.
The management node 400 may be further caused to receive accounting information from the wireless communication network in respect of the virtual network; and provide accounting information to the user device in respect of the virtual network. The management node 400 may further comprise one or more interfaces 406, providing interfaces for the transmission and/or reception of signals via any suitable modality. For example, the interfaces 406 may comprise circuitry suitable for the transmission and/or reception of electrical, wireless or optical signals, and thus may comprise circuitry such as optical transmitters and receivers, wireless or radio transceiver circuitry and/or antennas, and digital processing circuitry for the transmission of electrical signals.
The processing circuitry 402, machine-readable medium 404 and interfaces 406 may be coupled to each other in any suitable manner. For example, although Figure 4 shows the components coupled together in series, it will be understood by those skilled in the art that the components may be coupled together in an alternative manner, such as via a bus.
The present disclosure thus provides methods, apparatus and computer program products for establishing a virtual network as requested by a user, and for utilizing spare capacity in access networks.
The skilled person will recognise that some aspects of the above-described apparatus and methods, for example the actions performed by the processor, may be embodied as processor control code, for example on a non-volatile carrier medium such as a disk, CD- or DVD-ROM, programmed memory such as read only memory (Firmware), or on a data carrier such as an optical or electrical signal carrier. For many applications embodiments of the disclosure will be implemented on a DSP (Digital Signal Processor), ASIC (Application Specific Integrated Circuit) or FPGA (Field Programmable Gate Array). Thus the code may comprise conventional program code or microcode or, for example code for setting up or controlling an ASIC or FPGA. The code may also comprise code for dynamically configuring re-configurable apparatus such as re-programmable logic gate arrays. Similarly the code may comprise code for a hardware description language such as Verilog ™ or VHDL (Very high speed integrated circuit Hardware Description Language). As the skilled person will appreciate, the code may be distributed between a plurality of coupled components in communication with one another. Where appropriate, the embodiments may also be implemented using code running on a field-(re)programmable analogue array or similar device in order to configure analogue hardware. It should be noted that the above-mentioned embodiments illustrate rather than limit the disclosure, and that those skilled in the art will be able to design many alternative embodiments without departing from the scope of the appended claims. The word “comprising” does not exclude the presence of elements or steps other than those listed in a claim,“a” or“an” does not exclude a plurality, and a single feature or other unit may fulfil the functions of several units recited in the claims. Any reference signs in the claims shall not be construed so as to limit their scope.

Claims

1.A method executed in a management node (208, 400) for a cloud service provider (102) coupled to a wireless communication network, the method comprising:
receiving (108, 300), from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks;
receiving (1 12, 304), from a user device (106), a request to establish a virtual network; and
initiating (1 14, 308) a process to establish the virtual network using the indicated available resources in the wireless communication network.
2. The method according to claim 1 , further comprising:
providing (302) a software management tool (104) to the user device for building a virtual network using the indicated available resources.
3. The method according to claim 2, wherein the software management tool (104) is configured to display a list of the indicated available resources for use in building the virtual network.
4. The method according to claim 3, wherein the indicated available resources correspond to resources which are available in a geographical area in which the virtual network is to be established.
5. The method according to any one of claims 2 to 4, wherein the request to establish the virtual network is received via the software management tool (104).
6. The method according to any one of the preceding claims, wherein the request to establish the virtual network comprises an indication of one or more required network configuration parameters.
7. The method according to claim 6, further comprising:
determining (306) resources from the indicated available resources that may be utilized to provide the required network configuration parameters, and wherein the process is initiated to establish the virtual network using the determined resources.
8. The method according to any one of the preceding claims, wherein the virtual network has a network identity, and wherein traffic associated with the network identity is confined within the virtual network.
9. The method according to claim 8, wherein the wireless communication network comprises a switch configured to process traffic associated with the network identity according to a defined set of rules for the virtual network.
10. The method according to any one of the preceding claims, further comprising receiving (300), from one or more further wireless communication networks, indications of respective resources which are available for use in third-party virtual networks.
1 1. The method according to any one of the preceding claims, wherein the step of initiating a process to establish the virtual network comprises:
transmitting (308) a request message to a management agent in the wireless communication network to establish the virtual network.
12. The method according to any one of the preceding claims, wherein the virtual network comprises:
a virtual radio access network (214), established using the indicated available resources;
a virtual tunnel (216); and
a virtual sub-network (218) established in the cloud, coupled to the virtual radio access network via the virtual tunnel.
13. The method according to any one of the preceding claims, further comprising: receiving (312) accounting information from the wireless communication network in respect of the virtual network; and
providing (314) accounting information to the user device in respect of the virtual network.
14. A management node (400) for a cloud service provider (102), the cloud service provider being coupled to a wireless communication network, the management node comprising processing circuitry (402) and a non-transitory machine- readable medium (404) storing instructions which, when executed by the processing circuitry, cause the management node to:
receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks;
receive, from a user device, a request to establish a virtual network; and initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
15. The management node according to claim 14, wherein the management node is further caused to:
provide a software management tool to the user device for building a virtual network using the indicated available resources.
16. The management node according to claim 15, wherein the software management tool is configured to display a list of the indicated available resources for use in building the virtual network.
17. The management node according to claim 16, wherein the indicated available resources correspond to resources which are available in a geographical area in which the virtual network is to be established.
18. The management node according to any one of claims 15 to 17, wherein the request to establish the virtual network is received via the software management tool.
19. The management node according to any one of claims 14 to 18, wherein the request to establish the virtual network comprises an indication of one or more required network configuration parameters.
20. The management node according to claim 19, wherein the management node is further caused to:
determine resources from the indicated available resources that may be utilized to provide the required network configuration parameters,
and wherein the process is initiated to establish the virtual network using the determined resources.
21. The management node according to any one of claims 14 to 20, wherein the virtual network has a network identity, and wherein traffic associated with the network identity is confined within the virtual network.
22. The management node according to claim 21 , wherein the wireless communication network comprises a switch configured to process traffic associated with the network identity according to a defined set of rules for the virtual network.
23. The management node according to any one of claims 14 to 22, wherein the management node is further caused to receive, from one or more further wireless communication networks, indications of respective resources which are available for use in third-party virtual networks.
24. The management node according to any one of claims 14 to 23, wherein the management node is caused to initiate a process to establish the virtual network by:
transmitting a request message to a management agent in the wireless communication network to establish the virtual network.
25. The management node according to any one of claims 14 to 24, wherein the virtual network comprises:
a virtual radio access network, established using the indicated available resources;
a virtual switched environment;
a virtual tunnel; and
a virtual sub-network established in the cloud, coupled to the virtual radio access network via the virtual tunnel.
26. The management node according to any one of claims 14 to 25, wherein the management node is further caused to:
receive accounting information from the wireless communication network in respect of the virtual network; and
provide accounting information to the user device in respect of the virtual network.
27. A computer program comprising computer code which, when executed by processing circuitry of a management node, causes the management node to: receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks;
receive, from a user device, a request to establish a virtual network; and initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
28. A computer program product comprising a non-transitory machine-readable medium storing code which, when executed by processing circuitry of a management node, causes the management node to:
receive, from the wireless communication network, an indication of resources in the wireless communication network which are available for use in third-party virtual networks;
receive, from a user device, a request to establish a virtual network; and initiate a process to establish the virtual network using the indicated available resources in the wireless communication network.
PCT/EP2017/084122 2017-12-21 2017-12-21 Methods, apparatus and computer programs for providing virtual networks Ceased WO2019120546A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2017/084122 WO2019120546A1 (en) 2017-12-21 2017-12-21 Methods, apparatus and computer programs for providing virtual networks

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2017/084122 WO2019120546A1 (en) 2017-12-21 2017-12-21 Methods, apparatus and computer programs for providing virtual networks

Publications (1)

Publication Number Publication Date
WO2019120546A1 true WO2019120546A1 (en) 2019-06-27

Family

ID=60935845

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2017/084122 Ceased WO2019120546A1 (en) 2017-12-21 2017-12-21 Methods, apparatus and computer programs for providing virtual networks

Country Status (1)

Country Link
WO (1) WO2019120546A1 (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150341230A1 (en) * 2013-03-15 2015-11-26 Gravitant, Inc Advanced discovery of cloud resources

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150341230A1 (en) * 2013-03-15 2015-11-26 Gravitant, Inc Advanced discovery of cloud resources

Similar Documents

Publication Publication Date Title
EP3868134B1 (en) Methods and apparatus for selecting network resources for lie sessions based on locations of multi-access edge computing (mec) resources and applications
US10904950B2 (en) Proxy based network access
US9247489B2 (en) System and method for ANDSF enhancement with ANQP server capability
US11659621B2 (en) Selection of IP version
KR102469973B1 (en) Communication method and device
WO2022159725A1 (en) Federated identity management in fifth generation (5g) system
JP6122951B2 (en) Dynamic control of network selection
KR20230141914A (en) Efficient discovery of edge computing servers
JP7043631B2 (en) Methods and devices for determining SSC mode
WO2023280121A1 (en) Method and apparatus for obtaining edge service
US12021827B2 (en) Apparatus, method and computer program to influence 3GPP terminals on preferences between multiple recursive DNS servers
CN107925957A (en) Power cellular network is waited to connect by cell
CN111512653B (en) Techniques for routing registration requests for roaming user equipment through bridging entities
US11129092B2 (en) Application specific location discovery
EP4451715A1 (en) Communication method and apparatus
US20240283791A1 (en) Authorization of a User Equipment to Access a Resource
WO2019120546A1 (en) Methods, apparatus and computer programs for providing virtual networks
US20240205813A1 (en) Method and apparatus to access core networks via gateway functions
WO2024065503A1 (en) Negotiation of authentication procedures in edge computing
EP4322581A1 (en) Method and apparatus to control network slices requested by a user equipment
WO2024235111A1 (en) Communication method and communication apparatus
HK40106706A (en) Method and apparatus to access core networks via gateway functions
WO2025203095A1 (en) System and method for identifying a network slice in a wireless communication network
CN120380786A (en) Methods and apparatus for mediation of VPLMN-conveyed traffic offload policies for home routing sessions

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17825523

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17825523

Country of ref document: EP

Kind code of ref document: A1