The present invention relates to correlation of application detection and policy and charging control. More specifically, the present invention exemplarily relates to measures (including methods, apparatuses and computer program products) for realizing correlation of application detection and policy and charging control.

Background

The present specification generally relates to implementation of control rules for controlling processing of data traffic (i.e. user plane traffic) in network deployments. More particular the present specification relates to policy and charging control (PCC) and application detection and control (ADC) over the Gx reference point between the policy and charging control function (PCRF) and the policy and charging enforcement function (PCEF) of a 3 ^rd Generation Partnership Project (3GPP) network deployment.

3GPP specifications specify PCC over the Gx reference point between the PCRF and the PCEF, wherein the PCEF handles user plane traffic according to the instructions received from the PCRF. The PCRF can provide several kinds of instructions to the PCEF, e.g.

PCC rules (where service data flows are detected via internet protocol (IP) level filtering) and ADC rules (where application related traffic is detected via specific extended or deep packet inspection). PCC rules allow the PCRF to instruct the PCEF to:

- detect received user plane IP packets belonging to a certain service data flow, i.e.

IP packets passed between provided IP addresses and ports, and with provided IP-level protocol such as user datagram protocol (UDP) or transmission control protocol (TCP),

- collect charging information for a certain service data flow,

interact with an online charging system (OCS) for online charging of a certain service data flow, perform control of used quality of service (QoS) class and bandwidth for a certain service data flow,

reserve transport resources (I P connectivity access network (I P-CAN) bearers) with suitable QoS class and bandwidth for a certain service data flow,

- select an I P-CAN bearer with a suitable QoS class for a certain downlink service data flow,

pass or discard packets belonging to a certain service data flow, which is also known as gating, and to

provide usage monitoring for an entire group of PCC rules.

ADC rules allow the PCRF to instruct the PCEF to:

- detect received user plane I P packets belonging to a certain application (i.e. IP packets identified via specific extended or deep packet inspection for that application within the PCEF)

- perform control of used bandwidth for a certain application,

pass or discard packets belonging to a certain application, which is also known as gating,

report detected application traffic to the PCEF, and to

redirect application related traffic to another destination.

Hence, the problem arises that some functionality is only available via PCC rules. In particular, reserving transport resources (IP CAN bearers) with suitable QoS class and bandwidth, selecting an I P-CAN bearer with a suitable QoS class for a downlink service data flow, and charging related functionality is not implemented with ADC rules. Thus, this functionality can only be performed on a per-service-data-flow granularity, but not on a per-application granularity.

In this regard it is noted that an application such as web-browsing may use several service data flows, and information about these service data flows such as the related I P addresses and ports may only become known via extended packet inspection once application related traffic starts.

Further, as originally envisioned, it is supported by the current PCC functionality that the PCRF obtains a notification containing information about related service data flows when an application is detected via extended packet inspection, and then causes installation of PCC rules matching those service data flows. Consequently, such behaviour results in additional load on the PCRF and its signalling interface with the PCEF.

Hence, the further problem arises that such an approach is not suitable for applications using many short-lived service data flows (typically for short-lived TCP connections). For instance, for web browsing or hypertext transfer protocol (HTTP) based video streaming, the resulting load on the PCRF and the signalling interface with the PCEF would become too high which might influence the further operation of the PCRF and/or PCEF. Further, in such scenario it might become necessary to perform IP CAN bearer modification to pass related filter information to an involved user equipment (UE).

Further, so-called static PCC rules can implement extended packet inspection instead of filtering for service data flows. Static PCC rules are provided via configuration to the PCEF, and are either always active or can only be activated or deactivated by the PCRF. Such configuration is performed by addressing the respective PCC rule by a name configured at both the PCRF and the PCEF. Consequently, such static PCC rules can detect (by the extended packet inspection) applications rather than service data flows. However, certain functionality of an ADC rule such as reporting detected application traffic to the PCEF and redirecting application related traffic to another destination is not available. Further, a static PCC rule is not well suited for applications with higher QoS demands, i.e. requiring a guaranteed reserved bandwidth, since such a bandwidth would always be reserved when the respective static PCC rule is activated. In addition, application detection might require inspecting and correlating uplink and downlink user plane traffic (e.g. HTTP requests and responses), but for uplink a PCC rules is only applied to traffic received within the single IP CAN bearer to which the PCC rule is assigned, such that relevant uplink traffic (received via a further IP CAN bearer to which the PCC rule is not assigned to) might not be inspected by a PCC rule.

Hence, the further problem arises that some desired functionality is not available, that bandwidth is unnecessarily reserved but unused, and that relevant uplink traffic might not be considered.

Hence, there is a need to provide for correlation of application detection and policy and charging control. Summary

Various exemplary embodiments of the present invention aim at addressing at least part of the above issues and/or problems and drawbacks.

Various aspects of exemplary embodiments of the present invention are set out in the appended claims.

According to an exemplary aspect of the present invention, there is provided a method, comprising, applying an application detection rule comprising a filter enabling an application-based detection of data packets, applying a specific policy and charging rule, wherein said specific policy and charging rule is bound to said filter of said application detection rule, receiving a data packet, matching said data packet with said filter of said application detection rule, and processing said data packet using said specific policy and charging rule based on a matching result.

According to an exemplary aspect of the present invention, there is provided a method, comprising managing application of an application detection rule comprising a filter enabling an application-based detection of data packets, and managing application of a specific policy and charging rule, wherein said specific policy and charging rule is bound to said filter of said application detection rule.

According to an exemplary aspect of the present invention, there is provided an apparatus, comprising a control module configured to apply an application detection rule comprising a filter enabling an application-based detection of data packets, and to apply a specific policy and charging rule, wherein said specific policy and charging rule is bound to said filter of said application detection rule, a communication module having a packet reception module configured to receive a data packet, an application detection module configured to match said data packet with said filter of said application detection rule, and a policy and charging module configured to process said data packet using said specific policy and charging rule based on a matching result.

According to an exemplary aspect of the present invention, there is provided an apparatus, comprising a control module configured to manage application of an application detection rule comprising a filter enabling an application-based detection of data packets, and to manage application of a specific policy and charging rule, and a communication module configured to communicate in a network, wherein said specific policy and charging rule is bound to said filter of said application detection rule. According to an exemplary aspect of the present invention, there is provided a computer program product comprising computer-executable computer program code which, when the program is run on a computer (e.g. a computer of an apparatus according to any one of the aforementioned apparatus-related exemplary aspects of the present invention), is configured to cause the computer to carry out the method according to any one of the aforementioned method-related exemplary aspects of the present invention.

Such computer program product may comprise (or be embodied) a (tangible) computer- readable (storage) medium or the like on which the computer-executable computer program code is stored, and/or the program may be directly loadable into an internal memory of the computer or a processor thereof.

Any one of the above aspects enables an efficient combination of the advantages of both the PCC rules and the ADC rules to thereby solve at least part of the problems and drawbacks identified in relation to the prior art.

By way of exemplary embodiments of the present invention, there is provided correlation of application detection and policy and charging control. More specifically, by way of exemplary embodiments of the present invention, there are provided measures and mechanisms for realizing correlation of application detection and policy and charging control.

Thus, improvement is achieved by methods, apparatuses and computer program products enabling/realizing correlation of application detection and policy and charging control. Brief description of the drawings

In the following, the present invention will be described in greater detail by way of non- limiting examples with reference to the accompanying drawings, in which Figure 1 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention,

Figure 2 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention,

Figure 3 is a schematic diagram of a procedure according to exemplary embodiments of the present invention, Figure 4 is a schematic diagram of a procedure according to exemplary embodiments of the present invention, and

Figure 5 is a block diagram alternatively illustrating apparatuses according to exemplary embodiments of the present invention.

Detailed description of drawings and embodiments of the present invention

The present invention is described herein with reference to particular non-limiting examples and to what are presently considered to be conceivable embodiments of the present invention. A person skilled in the art will appreciate that the invention is by no means limited to these examples, and may be more broadly applied.

It is to be noted that the following description of the present invention and its embodiments mainly refers to specifications being used as non-limiting examples for certain exemplary network configurations and deployments. Namely, the present invention and its embodiments are mainly described in relation to 3GPP specifications being used as non- limiting examples for certain exemplary network configurations and deployments. In particular, charging related control mechanisms between the PCRF and the PCEF are used as non-limiting examples for the applicability of thus described exemplary embodiments. As such, the description of exemplary embodiments given herein specifically refers to terminology which is directly related thereto. Such terminology is only used in the context of the presented non-limiting examples, and does naturally not limit the invention in any way. Rather, any other communication or communication related system deployment, etc. may also be utilized as long as compliant with the features described herein. Hereinafter, various embodiments and implementations of the present invention and its aspects or embodiments are described using several variants and/or alternatives. It is generally noted that, according to certain needs and constraints, all of the described variants and/or alternatives may be provided alone or in any conceivable combination (also including combinations of individual features of the various variants and/or alternatives).

According to exemplary embodiments of the present invention, in general terms, there are provided measures and mechanisms for (enabling/realizing) correlation of application detection and policy and charging control.

Figure 1 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention.

As shown in Figure 1 , according to exemplary embodiments of the present invention, the apparatus is a network node 10 comprising a control module 1 1 , a communication module 12 having a packet reception module 12a, an application detection module 13, and a policy and charging module 14. The control module 1 1 applies an application detection rule comprising a filter enabling an application-based detection of data packets. The control module 1 1 further applies a specific policy and charging rule. The specific policy and charging rule is bound to the filter of said application detection rule. That is, a specific PCC rule is applied to the user plane traffic that is identified by the extended packet inspection of one or several ADC rule(s). Extended packet inspection involves inspecting information in protocol layers within IP and can also involve correlating information from several IP packets flowing in the same and/or opposite direction(s). The PCC rule thus uses one or several ADC rule(s) as filter to select user plane traffic instead of its own filtering using IP address and port information. The packet reception module 12a (of the communication module 12) receives a data packet. The application detection module 13 matches the data packet with the filter of said application detection rule.

Subsequently, the policy and charging module 14 processes said data packet using said specific policy and charging rule based on a matching result. According to exemplary embodiments of the present invention, the application of said application detection rule can be performed in several ways. As one option, the control module 1 1 activates a pre-installed application detection rule initially as said application detection rule.

As another option the communication module 12 receives an activation command including an identification of a pre-installed application detection rule. Subsequently, the control module 1 1 activates the pre-installed application detection rule as said application detection rule based on said identification.

According to exemplary embodiments of the present invention, the application of said specific policy and charging rule can be performed in several ways.

As one option, the control module 1 1 activates a pre-installed specific policy and charging rule initially as said specific policy and charging rule.

As another option, the communication module 12 receives an activation command including an identification of a pre-installed specific policy and charging rule. Subsequently, the control module 1 1 activates said pre-installed specific policy and charging rule as said specific policy and charging rule based on said identification.

As a further option, the communication module 12 receives an installation command including said specific policy and charging rule. Subsequently, the control module 1 1 installs the specific policy and charging rule, and activates said specific policy and charging rule thereafter.

According to further exemplary embodiments of the present invention, the specific policy and charging rule further comprises a reference to said application detection rule. That is, the ADC rule(s) to be used as filter for the specific PCC rule is identified by an addition of one or more reference(s) to those ADC rule(s) within the specific PCC rule. Such reference may for instance be implemented within a Diameter ADC-Rule-Name attribute value pair (AVP) added to the Charging-Rule-Definition AVP of the respective PCC rule. A PCRF can provide those reference(s) to the ADC rule(s) to the PCEF when installing (causing the installation of) the corresponding specific PCC rule.

According to still further embodiments of the present invention, the application detection rule further comprises a reference to said specific policy and charging rule. That is, the ADC rule(s) to be used as filter for the specific PCC are identified by an addition of a reference to this specific PCC rule within the ADC rule(s). Such reference may for instance be implemented within a Diameter Charging-Rule-Name AVP added to the ADC- Rule-Definition AVP of the respective AVP rule. A PCRF can provide these reference(s) to the specific PCC rule to a PCEF when activating the corresponding ADC rule(s).

According to still further embodiments of the present invention, the control module 1 1 applies a (one or more) higher priority policy and charging rule(s) comprising a filter enabling a service data flow based detection of data packets. The policy and charging module 14 matches the (received) data packet with said filter of said higher priority policy and charging rule. If the data packet matches said filter of said higher priority policy and charging rule, the policy and charging module 14 handles said data packet using said higher priority policy and charging rule. In addition, the control module 1 1 inhibits performing said matching with said filter of said application detection rule and said processing using said specific policy and charging rule based on a matching result with said filter of said application detection rule. Otherwise, if said data packet does not match said filter of said higher priority policy and charging rule, the application detection module 13 handles said data packet using said specific policy and charging rule based on a matching result with said filter of said application detection rule.

That is, the filters (or corresponding ADC rules) of any PCC rules with higher priority are checked for the respective I P packet and if the filter of such a PCC rule matches, the I P packet is processed according to the rule(s) of that PCC rule instead of the rule(s) of the specific PCC rule. Consequently, in this case the I P packet is only processed according to the rules of the specific PCC rule, if no filter of a PCC rule with higher priority matches.

Since only PCC rules but no ADC rules have a priority order of processing, it might be open what processing is performed if several ADC rules match for an IP packet. An advantage of the above stated implementation is that the priority order of PCC rules can be exploited. As an alternative, when an IP packet matches the extended packet inspection filtering of the ADC rule (i.e. the ADC rule bound with a specific PCC rule), the IP packet is always processed according to the rules of that specific PCC rule regardless of any priority.

According to exemplary embodiments of the present invention, the application of said higher priority policy and charging rule can be performed in several ways.

As one option, the control module 1 1 activates a pre-installed higher priority policy and charging rule initially as said higher priority policy and charging rule.

As another option, the communication module 12 receives an activation command including an identification of a pre-installed higher priority policy and charging rule. Subsequently, the control module 1 1 activates said pre-installed higher priority policy and charging rule as said higher priority policy and charging rule based on said identification.

As a further option, the communication module 12 receives an installation command including said higher priority policy and charging rule. Subsequently, the control module 1 1 installs the higher priority policy and charging rule, and activates said higher priority policy and charging rule thereafter.

According to still further embodiments of the present invention, the specific policy and charging rule and the higher priority policy and charging rule include a required bandwidth and a required quality of service class.

As part of the processing of the data packet using said specific policy and charging rule or said higher priority policy and charging rule, the control module 1 1 may collect charging related information, and communicates with a charging system. Alternatively, the control module 1 1 may forward (control forwarding of) said data packet in a bearer providing said required bandwidth and said required quality of service class. As a further option, the control module may set up and/or to configure a bearer providing said required bandwidth and said required quality of service class when the first said data packet matching said filter is received. Namely, the processing according to the rules of the PCC rule can include collecting charging related information and interacting with an OCS, and can further include - for downlink packets - selecting an I P-CAN bearer with a suitable QoS class by forwarding packets using the I P CAN bearer the PCC rule is assigned to. The processing can also include binding a PCC rule to a suitable I P CAN bearer, and allocating bandwidth by modifying the IP CAN bearer or setting up a suitable IP CAN bearer only when the first packets for the corresponding PCC rule are received.

The above stated implementations are preferable (well suited) to handle downlink traffic towards the UE. This downlink traffic of course constitutes the largest part of internet related traffic.

However, for uplink traffic, according to current standards, a PCC rule only inspects received IP packets within the I P CAN bearer the PCC rule is assigned to. ADC rules, however, inspect traffic received in all IP CAN bearers. Further, uplink traffic is directed to I P CAN bearers at the UE by network-supplied traffic flow templates (TFT). TFTs are filters on I P address and port information. The network side supplies TFTs based on corresponding information within PCC rules. Traffic not matching specific TFTs is assigned to the default IP CAN bearer.

Consequently, a specific PCC rule that uses one or several ADC rule(s) as filter is thus preferably assigned to the default I P CAN bearer.

That is, according to still further embodiments of the present invention, the control module 1 1 assigns said specific policy and charging rule to a default bearer.

According to still further embodiments of the present invention, the packet reception module 12a obtains a bearer on which a respective data packet is received, if said data packet is an uplink data packet and matches said filter of said application detection rule. Subsequently, the control module 1 1 assigns the specific policy and charging rule to said bearer. In other words, the I P CAN bearer to which a specific PCC rule that uses one or several ADC rule(s) as filter is assigned to is only selected once the first uplink packet(s) are received that match the ADC rule filtering, and the specific PCC rule is then assigned to the I P CAN bearer in which those uplink packets were received. Figure 2 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention.

As shown in Figure 2, according to exemplary embodiments of the present invention, the apparatus is a network node 20 comprising a control module 21 and a communication module 22. The control module 21 manages application of an application detection rule comprising a filter enabling an application-based detection of data packets. Further, the control module 21 manages application of a specific policy and charging rule. The communication module 22 may communicate in a network. The specific policy and charging rule is bound to the filter of the application detection rule.

According to exemplary embodiments of the present invention, the management of application of an application detection rule can be performed in several ways. As one option, the control module 21 generates an activation command including an identification of a pre-installed application detection rule. Subsequently, the communication module 22 transmits said activation command.

According to exemplary embodiments of the present invention, the management of application of a specific policy and charging rule can be performed in several ways.

As one option, the control module 21 generates an activation command including an identification of a pre-installed specific policy and charging rule. Subsequently, the communication module 22 transmits said activation command.

As another option, the control module 21 generates an installation command including said specific policy and charging rule. Subsequently, the communication module 22 transmits said installation command. According to further embodiments of the present invention, the specific policy and charging rule further comprises a reference to said application detection rule. In other words, the PCRF provides reference(s) to ADC rule(s) (e.g. within Diameter ADC-Rule- Name AVPs added to the Charging-Rule-Definition AVP of the specific PCC rule) to the PCEF when installing the corresponding specific PCC rule. According to still further embodiments of the present invention, the application detection rule further comprises a reference to said specific policy and charging rule. In other words, The PCRF provides reference(s) to the specific PCC rule (e.g. within a Diameter Charging-Rule-Name AVP added to the ADC-Rule-Definition AVP of the respective ADC rule(s)) to the PCEF when installing the corresponding ADC rule(s).

According to still further embodiments of the present invention, the control module 21 manages application of a higher priority policy and charging rule comprising a filter enabling a service data flow based detection of data packets.

According to exemplary embodiments of the present invention, the management of application of a higher priority policy and charging rule can be performed in several ways.

As one option, the control module 21 generates an activation command including an identification of a pre-installed higher priority policy and charging rule. Subsequently, the communication module 22 transmits said activation command.

As another option, the control module 21 generates an installation command including said higher priority policy and charging rule. Subsequently, the communication module 22 transmits said installation command.

According to still further embodiments of the present invention, the specific policy and charging rule and said higher priority policy and charging rule include a required bandwidth and a required quality of service class.

Figure 3 is a schematic diagram of a procedure according to exemplary embodiments of the present invention.

As shown in Figure 3, a procedure according to exemplary embodiments of the present invention comprises an operation of applying an application detection rule comprising a filter enabling an application-based detection of data packets, an operation of applying a specific policy and charging rule, wherein said specific policy and charging rule is bound to said filter of said application detection rule, an operation of receiving a data packet, an operation of matching said data packet with said filter of said application detection rule, and an operation of processing said data packet using said specific policy and charging rule based on a matching result.

According to a variation of the procedure shown in Figure 3, exemplary details of the applying operation (the application detection rule) are given, which are inherently independent from each other as such.

The exemplary applying operation according to exemplary embodiments of the present invention may comprise an operation of initially activating a pre-installed application detection rule as said application detection rule, or an operation of receiving an activation command including an identification of a pre-installed application detection rule and an operation of activating said pre-installed application detection rule as said application detection rule based on said identification (initially activating OR (receiving AND activating)).

According to a variation of the procedure shown in Figure 3, exemplary details of the applying operation (the specific policy and charging rule) are given, which are inherently independent from each other as such. The exemplary applying operation according to exemplary embodiments of the present invention may comprise an operation of initially activating a pre-installed specific policy and charging rule as said specific policy and charging rule, or an operation of receiving an activation command including an identification of a pre-installed specific policy and charging rule and an operation of activating said pre-installed specific policy and charging rule as said specific policy and charging rule based on said identification, or an operation of receiving an installation command including said specific policy and charging rule, an operation of installing said specific policy and charging rule and an operation of activating said specific policy and charging rule (initially activating OR (receiving AND activating) OR (receiving, installing AND activating)).

According to further exemplary embodiments of the present invention, said specific policy and charging rule further comprises a reference to said application detection rule.

According to still further exemplary embodiments of the present invention, said application detection rule further comprises a reference to said specific policy and charging rule. According to a variation of the procedure shown in Figure 3, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may further comprise an operation of applying a higher priority policy and charging rule comprising a filter enabling a service data flow based detection of data packets, an operation of matching said data packet with said filter of said higher priority policy and charging rule. Further, if said data packet matches said filter of said higher priority policy and charging rule, the exemplary method further comprises an operation of handling said data packet using said higher priority policy and charging rule, and an operation of inhibiting performing said matching with said filter of said application detection rule and said processing using said specific policy and charging rule based on a matching result with said filter of said application detection rule. Further, if said data packet does not match said filter of said higher priority policy and charging rule, the exemplary method comprises an operation of handling said data packet using said specific policy and charging rule based on a matching result with said filter of said application detection rule. According to a variation of the procedure shown in Figure 3, exemplary details of the applying operation (the higher priority policy and charging rule) are given, which are inherently independent from each other as such.

The exemplary applying operation according to exemplary embodiments of the present invention may comprise an operation of initially activating a pre-installed higher priority policy and charging rule as said higher priority policy and charging rule, or an operation of receiving an activation command including an identification of a pre-installed higher priority policy and charging rule and an operation of activating said pre-installed higher priority policy and charging rule as said higher priority policy and charging rule based on said identification, or an operation of receiving an installation command including said higher priority policy and charging rule, an operation of installing said higher priority policy and charging rule and an operation of activating said higher priority policy and charging rule (initially activating OR (receiving AND activating) OR (receiving, installing AND activating)). According to still further exemplary embodiments of the present invention, said specific policy and charging rule and said higher priority policy and charging rule include a required bandwidth and a required quality of service class. Further, exemplary details of the processing operation (the data packet using said specific policy and charging rule or said higher priority policy and charging rule) are given, which are inherently independent from each other as such.

The exemplary processing operation according to exemplary embodiments of the present invention may comprise an operation of collecting charging related information and communicating with a charging system, and/or an operation of forwarding said data packet in a bearer providing said required bandwidth and said required quality of service class, and/or an operation of setting up and/or configuring a bearer providing said required bandwidth and said required quality of service class when the first said data packet matching said filter is received.

According to a variation of the procedure shown in Figure 3, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of assigning said specific policy and charging rule to a default bearer.

According to a variation of the procedure shown in Figure 3, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of obtaining a bearer on which said data packet is received, if said data packet is an uplink data packet and matches said filter of said application detection rule, and an operation of assigning said specific policy and charging rule to said bearer.

Figure 4 is a schematic diagram of a procedure according to exemplary embodiments of the present invention.

As shown in Figure 4, a procedure according to exemplary embodiments of the present invention comprises an operation of managing application of an application detection rule comprising a filter enabling an application-based detection of data packets, and an operation of managing application of a specific policy and charging rule. The specific policy and charging rule is bound to said filter of said application detection rule. According to a variation of the procedure shown in Figure 4, exemplary details of the managing operation (of the application of an application detection rule) are given, which are inherently independent from each other as such.

The exemplary managing operation according to exemplary embodiments of the present invention may comprise an operation of generating an activation command including an identification of a pre-installed application detection rule, and an operation of transmitting said activation command.

According to a variation of the procedure shown in Figure 4, exemplary details of the managing operation (of the application of the specific policy and charging rule) are given, which are inherently independent from each other as such.

The exemplary managing operation according to exemplary embodiments of the present invention may comprise an operation of generating an activation command including an identification of a pre-installed specific policy and charging rule and an operation of transmitting said activation command, or an operation of generating an installation command including said specific policy and charging rule and an operation of transmitting said installation command ((generating AND transmitting) OR (generating AND transmitting)).

According to further exemplary embodiments of the present invention, said specific policy and charging rule further comprises a reference to said application detection rule.

According to further exemplary embodiments of the present invention, said application detection rule further comprises a reference to said specific policy and charging rule.

According to a variation of the procedure shown in Figure 4, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of managing application of a higher priority policy and charging rule comprising a filter enabling a service data flow based detection of data packets.

The exemplary managing operation according to exemplary embodiments of the present invention may comprise an operation of generating an activation command including an identification of a pre-installed higher priority policy and charging rule and an operation of transmitting said activation command, or an operation of generating an installation command including said higher priority policy and charging rule and an operation of transmitting said installation command ((generating AND transmitting) OR (generating AND transmitting)).

According to further exemplary embodiments of the present invention, said specific policy and charging rule and said higher priority policy and charging rule include a required bandwidth and a required quality of service class. The above-described procedures and functions may be implemented by respective functional elements, processors, or the like, as described below.

In the foregoing exemplary description of the network entity, only the units that are relevant for understanding the principles of the invention have been described using functional blocks. The network entity may comprise further units that are necessary for its respective operation. However, a description of these units is omitted in this specification. The arrangement of the functional blocks of the devices is not construed to limit the invention, and the functions may be performed by one block or further split into sub- blocks.

When in the foregoing description it is stated that the apparatus, i.e. network node (or some other means) is configured to perform some function, this is to be construed to be equivalent to a description stating that a (i.e. at least one) processor or corresponding circuitry, potentially in cooperation with computer program code stored in the memory of the respective apparatus, is configured to cause the apparatus to perform at least the thus mentioned function. Also, such function is to be construed to be equivalently implementable by specifically configured circuitry or means for performing the respective function (i.e. the expression "unit configured to" is construed to be equivalent to an expression such as "means for"). In Figure 5, an alternative illustration of apparatuses according to exemplary embodiments of the present invention is depicted. As indicated in Figure 5, according to exemplary embodiments of the present invention, the apparatus (network node) 10' (corresponding to the network node 10) comprises a processor 51 , a memory 52 and an interface 53, which are connected by a bus 54 or the like. Further, according to exemplary embodiments of the present invention, the apparatus (network node) 20' (corresponding to the network node 20) comprises a processor 55, a memory 56 and an interface 57, which are connected by a bus 58 or the like, and the apparatuses may be connected via link 59, respectively.

The processor 51/55 and/or the interface 53/57 may also include a modem or the like to facilitate communication over a (hardwire or wireless) link, respectively. The interface 53/57 may include a suitable transceiver coupled to one or more antennas or communication means for (hardwire or wireless) communications with the linked or connected device(s), respectively. The interface 53/57 is generally configured to communicate with at least one other apparatus, i.e. the interface thereof.

The memory 52/56 may store respective programs assumed to include program instructions or computer program code that, when executed by the respective processor, enables the respective electronic device or apparatus to operate in accordance with the exemplary embodiments of the present invention.

In general terms, the respective devices/apparatuses (and/or parts thereof) may represent means for performing respective operations and/or exhibiting respective functionalities, and/or the respective devices (and/or parts thereof) may have functions for performing respective operations and/or exhibiting respective functionalities.

When in the subsequent description it is stated that the processor (or some other means) is configured to perform some function, this is to be construed to be equivalent to a description stating that at least one processor, potentially in cooperation with computer program code stored in the memory of the respective apparatus, is configured to cause the apparatus to perform at least the thus mentioned function. Also, such function is to be construed to be equivalently implementable by specifically configured means for performing the respective function (i.e. the expression "processor configured to [cause the apparatus to] perform xxx-ing" is construed to be equivalent to an expression such as "means for xxx-ing"). According to exemplary embodiments of the present invention, an apparatus representing the network node 10 comprises at least one processor 51 , at least one memory 52 including computer program code, and at least one interface 53 configured for communication with at least another apparatus. The processor (i.e. the at least one processor 51 , with the at least one memory 52 and the computer program code) is configured to perform applying an application detection rule comprising a filter enabling an application-based detection of data packets, to perform applying a specific policy and charging rule, wherein said specific policy and charging rule is bound to said filter of said application detection rule (thus the apparatus comprising corresponding means for applying), wherein said specific policy and charging rule is bound to said filter of said application detection rule, to perform receiving a data packet (thus the apparatus comprising corresponding means for receiving), to perform matching said data packet with said filter of said application detection rule (thus the apparatus comprising corresponding means for matching), and to perform processing said data packet using said specific policy and charging rule based on a result of said matching (thus the apparatus comprising corresponding means for processing).

Further, according to exemplary embodiments of the present invention, an apparatus representing the network node 20 comprises at least one processor 55, at least one memory 56 including computer program code, and at least one interface 57 configured for communication with at least another apparatus. The processor (i.e. the at least one processor 55, with the at least one memory 56 and the computer program code) is configured to perform managing application of an application detection rule comprising a filter enabling an application-based detection of data packets, and to perform managing application of a specific policy and charging rule (thus the apparatus comprising corresponding means for managing) wherein said specific policy and charging rule is bound to said filter of said application detection rule.

For further details regarding the operability/functionality of the individual apparatuses, reference is made to the above description in connection with any one of Figures 1 to 4, respectively.

For the purpose of the present invention as described herein above, it should be noted that - method steps likely to be implemented as software code portions and being run using a processor at a network server or network entity (as examples of devices, apparatuses and/or modules thereof, or as examples of entities including apparatuses and/or modules therefore), are software code independent and can be specified using any known or future developed programming language as long as the functionality defined by the method steps is preserved;

- generally, any method step is suitable to be implemented as software or by hardware without changing the idea of the embodiments and its modification in terms of the functionality implemented;

- method steps and/or devices, units or means likely to be implemented as hardware components at the above-defined apparatuses, or any module(s) thereof, (e.g., devices carrying out the functions of the apparatuses according to the embodiments as described above) are hardware independent and can be implemented using any known or future developed hardware technology or any hybrids of these, such as MOS (Metal Oxide Semiconductor), CMOS (Complementary MOS), BiMOS (Bipolar MOS), BiCMOS (Bipolar CMOS), ECL (Emitter Coupled Logic), TTL (Transistor-Transistor Logic), etc., using for example ASIC (Application Specific IC (Integrated Circuit)) components, FPGA (Field- programmable Gate Arrays) components, CPLD (Complex Programmable Logic Device) components or DSP (Digital Signal Processor) components;

- devices, units or means (e.g. the above-defined network entity or network register, or any one of their respective units/means) can be implemented as individual devices, units or means, but this does not exclude that they are implemented in a distributed fashion throughout the system, as long as the functionality of the device, unit or means is preserved;

- an apparatus like the user equipment and the network entity /network register may be represented by a semiconductor chip, a chipset, or a (hardware) module comprising such chip or chipset; this, however, does not exclude the possibility that a functionality of an apparatus or module, instead of being hardware implemented, be implemented as software in a (software) module such as a computer program or a computer program product comprising executable software code portions for execution/being run on a processor;

- a device may be regarded as an apparatus or as an assembly of more than one apparatus, whether functionally in cooperation with each other or functionally independently of each other but in a same device housing, for example. In general, it is to be noted that respective functional blocks or elements according to above-described aspects can be implemented by any known means, either in hardware and/or software, respectively, if it is only adapted to perform the described functions of the respective parts. The mentioned method steps can be realized in individual functional blocks or by individual devices, or one or more of the method steps can be realized in a single functional block or by a single device.

Generally, any method step is suitable to be implemented as software or by hardware without changing the idea of the present invention. Devices and means can be implemented as individual devices, but this does not exclude that they are implemented in a distributed fashion throughout the system, as long as the functionality of the device is preserved. Such and similar principles are to be considered as known to a skilled person.

Software in the sense of the present description comprises software code as such comprising code means or portions or a computer program or a computer program product for performing the respective functions, as well as software (or a computer program or a computer program product) embodied on a tangible medium such as a computer-readable (storage) medium having stored thereon a respective data structure or code means/portions or embodied in a signal or in a chip, potentially during processing thereof.

The present invention also covers any conceivable combination of method steps and operations described above, and any conceivable combination of nodes, apparatuses, modules or elements described above, as long as the above-described concepts of methodology and structural arrangement are applicable.

In view of the above, there are provided measures for correlation of application detection and policy and charging control. Such measures exemplarily comprise applying an application detection rule comprising a filter enabling an application-based detection of data packets, applying a specific policy and charging rule, wherein said specific policy and charging rule is bound to said filter of said application detection rule, receiving a data packet, matching said data packet with said filter of said application detection rule, and processing said data packet using said specific policy and charging rule based on a matching result. Even though the invention is described above with reference to the examples according to the accompanying drawings, it is to be understood that the invention is not restricted thereto. Rather, it is apparent to those skilled in the art that the present invention can be modified in many ways without departing from the scope of the inventive idea as disclosed herein.

List of acronyms and abbreviations

3GPP 3 ^m Generation Partnership Project ADC application detection and control

AVP attribute value pair

HTTP hypertext transfer protocol

IP-CAN IP connectivity access network

IP internet protocol OCS online charging system

PCC policy and charging control

PCEF policy and charging enforcement function

PCRF policy and charging control function

QoS quality of service TCP transmission control protocol

TFT traffic flow template

UDP user datagram protocol

UE user equipment