WO2009112381A1 - Method and apparatus for controlling access to a cellular communication network - Google Patents

A network element for providing access to a cellular communication network via a communication cell. The network element comprising signal processing logic arranged to receive (410) a message from a wireless communication unit, and determine (420) whether to permit the wireless communication unit access to the cellular communication network via the communication cell, based on at least an identity of the wireless communication unit contained in the message. If it is determined not to permit the wireless communication unit access to the cellular communication network via the communication cell, the signal processing unit is arranged to generate (430) an access barred message for transmission (440) to the wireless communication unit, the access barred message comprises an indication that a cause of the rejection is at least partly due to cellular access control.

METHOD AND APPARATUS FOR CONTROLLING ACCESS TO A CELLULAR

COMMUNICATION NETWORK Field of the invention The field of the invention relates to a method and apparatus for controlling access to a cellular communication network, and more particularly to a method and apparatus for controlling access to a cellular communication network on a cellular level.

Background of the Invention Wireless communication systems, such as the 3^rd Generation (3G) of mobile telephone standards and technology, are well known. An example of such 3G standards and technology is the Universal Mobile Telecommunications System (UMTS), developed by the 3^rd Generation Partnership Project (3GPP) (www.3qpp.org).

Typically, wireless subscriber communication units, or User Equipment (UE) as they are often referred to in 3G parlance, communicate with a Core Network (CN) of the 3G wireless communication system via a Radio Network Subsystem (RNS). A wireless communication system typically comprises a plurality of radio network subsystems, each radio network subsystem comprising one or more cells to which UEs may attach, and thereby connect to the network. The 3^rd generation of wireless communications has been developed for macro-cell mobile phone communications. Such macro cells utilise high power base stations (NodeBs in 3GPP parlance) to communicate with UEs within a relatively large coverage area.

Lower power (and therefore smaller coverage area) femto cells or pico-cells are a recent development within the field of wireless cellular communication systems. Femto cells or pico-cells (with the term femto cells being used hereafter to encompass pico-cells or similar) are effectively communication coverage areas supported by low power base stations (otherwise referred to as Access Points (APs)). These femto cells are intended to be able to be piggy-backed onto the more widely used macro-cellular network and support communications to UEs in a restricted, for example 'in-building', environment. In this regard, a femto cell that is intended to support communications according to the 3GPP standard will hereinafter be referred to as a 3G femto cell. Similarly, an access controller intended to support communications with a low power base station in a femto cell according to the 3GPP standard will hereinafter be referred to as a 3^rd generation access controller (3G AC). Similarly, an Access Point intended to support communications in a femto cell according to the 3GPP standard will hereinafter be referred to as a 3^rd Generation Access Point (3G AP).

Typical applications for such 3G femto cell APs include, by way of example, residential and commercial (e.g. office) locations, 'hotspots', etc, whereby an AP can be connected to a core network via, for example, the Internet using a broadband connection or the like. In this manner, femto cells can be provided in a simple, scalable deployment in specific in-building locations where, for example, network congestion at the macro-cell level may be problematic.

Typically, each 3G femto cell AP is owned by a member of the public, as opposed to a Network Operator, and the owner of the 3G AP pays for the network resources, such as Digital Subscriber Line (DSL) bandwidth, used through the femto cell. As a result, it is undesirable for unauthorised UEs to use the femto cell as it will result in the owner paying for the network resources utilised. Accordingly, it is desirable for access control to be provided on a cellular level, enabling an owner of, for example, a femto cell AP to be able to control which UEs are able to access the network via the femto cell.

In a traditional macro-cellular network, since base stations (Node Bs) are generally owned and operated by the Network Operator, it has not been necessary to provide cell level access control. Instead, access control is provided on a network level basis.

For example, a UMTS network utilises a Radio Resource Control (RRC) protocol. The RRC protocol is defined in the Universal Mobile Telecommunications System (UMTS) Radio Resource Control (RRC) Protocol specification (3GPP TS 25.331 ), and forms part of the network layer between the UE and the UMTS Terrestrial Radio Access Network (UTRAN). The RRC protocol comprises connection management procedures with which a UE is able to request a connection to be established between the UE and the cell. Also provided within the RRC protocol is an RRC Connection Reject message, which allows the macro cell radio network sub-system (RNS) to reject a connection with a UE. Upon receipt of such an RRC Connection Reject message, the UE will treat the RRC connection reject as a 'temporary' rejection. As a result, the UE will attempt to connect to the cell again.

FIG. 1 illustrates an example of a message sequence chart 100 of a known RRC connection reject procedure. The message sequence chart illustrates a sequence of messages between a UE 110 and a Radio Network Controller (RNC) 130, via a Node-B 120.

The message sequence starts with the UE 110 transmitting an RRC Connection Request message 140a to the RNC 130. As illustrated, the RNC rejects the connection, and transmits an RRC Connection Reject message 150a back to the UE 110. As previously mentioned, the UE treats the RRC connection reject as being a temporary connection block. For example, the RNC may use an RRC connection reject message when the RNC is congested. In this manner, the UE will reattempt to connect once the RNC has had a chance to become less congested. Consequently, the UE 110 waits, 160a, before transmitting another RRC Connection Request message 140b. Once again, the RNC 130 rejects the connection request, and transmits another RRC Connection Reject message 150b back to the UE 110. Again, the UE 110 waits, 160b, before transmitting a still further RRC Connection Request message 140c. The RNC 130 once again responds by transmitting a RRC Connection Reject message 150c back to the UE 110.

As will be appreciated, for traditional uses of the RRC Connection Reject message, the continued attempts by the UE to connect to the network do not create a significant problem. However, this is not appropriate, or indeed suitable, if the RNC 130 is rejecting the connection requests from the UE 1 10 on the basis of access control, for example because the UE is not authorised to access the network via that particular cell, the RNC 130 will continue to reject the connection requests. In particular, the continued retransmission of connection request messages by the UE 110 is not, in effect, only pointless, since the rejection is not a temporary rejection, but is also wasteful of resources, both for the UE 110 and for the RNC 130.

In this manner, the existing RRC connection reject mechanism is not appropriate for access control to a communication cell. As known by a skilled artisan, each cell within a UMTS network is assigned a

Location Area Code (LAC), and each time a UE moves to a new cell comprising a different LAC to that of the cell from which it has moved from, the UE sends a Location Update Request message to the core network. Consequently, the network could use a Location Update Reject message to prevent a UE from accessing a particular location area, and in this manner provide some form of access control.

However, this only provides a coarse mechanism for access control, since a location area typically corresponds to a geographical area covering multiple cells. Consequently, the Location Update Reject mechanism is not appropriate for cellular level access control. In particular, this method could not realistically be scaled to provide cell level access control for individual cells, such as femto cells, since the number of femto cells (potentially in the region of millions) will significantly exceed the number of available location area codes (65,535).

Support of Localised Service Area (SoLSA) was developed by 3GPP to provide cell level access control. However, SoLSA required modifications to be made at many levels within the network, including within the core network and the access network, as well as within UEs themselves. Accordingly, SoLSA has not been adopted by the manufacturers of

UEs of network elements.

Thus, there exists a need for a method and apparatus for improved access control to a cellular communication network.

Summary of the Invention

Accordingly, the invention seeks to mitigate, alleviate or eliminate one or more of the abovementioned disadvantages, singly or in any combination.

According to a first aspect of the invention, there is provided a network element for providing access to a cellular communication network via a communication cell. The network element comprises transceiver circuitry arranged to enable a connection to be established with at least one wireless communication unit located within the communication cell, and signal processing logic. The signal processing logic is arranged to: receive a message from a wireless communication unit wherein the message indicates an identity of the wireless communication unit; determine whether to permit the wireless communication unit access to the cellular communication network via the communication cell, based on at least the identity - A - of the wireless communication unit. If it is determined not to permit the wireless communication unit access to the cellular communication network via the communication cell, the network element transmits an access barred message to the wireless communication unit, the access barred message comprising an indication that the cause of the rejection is at least partly due to cellular access control.

In this manner, the indication that the cause of the rejection is at least partly due to cellular access control enables the wireless communication unit to differentiate between a connection being rejected on the basis of, for example, the network element being congested, and a connection being rejected on the basis of denied access. As a result, a wireless communication unit is able to make a decision as to whether to wait and reattempt to establish a connection with the network element, or to attempt to connect to an alternative communication cell. Accordingly, when the network element rejects the connection on the basis of denied access, the wireless communication unit recognises that the rejection is not 'temporary', and does not attempt to reconnect, and thus does not waste resources, either of the wireless communication unit or of the network element.

According to a second aspect of the invention, there is provided a method for controlling access to a cellular communication network via a communication cell. The method comprises receiving a message from a wireless communication unit wherein the message indicates an identity of the wireless communication unit; and determining whether to permit the wireless communication unit access to the cellular communication network via the communication cell, based on at least the identity of the wireless communication unit. If it is determined not to permit the wireless communication unit access to the cellular communication network via the communication cell, the method further comprises transmitting an access barred message to the wireless communication unit, the access barred message comprising an indication that the cause of the rejection is at least partly due to cellular access control.

According to a third aspect of the invention, there is provided a wireless communication system adapted to support the abovementioned method for controlling access to a cellular communication network via a communication cell. According to a fourth aspect of the invention there is provided a wireless communication unit comprising transceiver circuitry arranged to receive signals broadcast by a network element of a communication cell within a cellular communication network, and signal processing logic. The signal processing logic is arranged to transmit a connection request message to a network element of a communication cell; receive a response to the connection request message; and in response thereto determine whether the response to the connection request message comprises an access barred message comprising an indication that the cause of the rejection is at least partly due to cellular access control. If the response to the connection request message comprises an access barred message comprising an indication that the cause of the rejection is at least partly due to cellular access control, to designate the communication cell as blocked. According to a fifth aspect of the invention there is provided a method for attempting to access a cellular communication network via a communication cell. The method comprises, at a wireless communication unit, transmitting a connection request message to a network element of a communication cell; receiving a response to the connection request message; determining whether the response to the connection request message comprises an access barred message comprising an indication that a cause of the rejection is at least partly due to cellular access control; and in response thereto designating the communication cell as blocked. According to a respective sixth and seventh aspect of the invention there is provided a computer-readable storage element having computer-readable code stored thereon for programming signal processing logic to perform a method for controlling access to a cellular communication network via a communication cell and attempting access to a cellular communication network via a communication cell. The computer-readable code comprises the steps of the aforementioned second and fifth aspects respectively.

These and other aspects, features and advantages of the invention will be apparent from, and elucidated with reference to, the embodiments described hereinafter.

Brief Description of the Drawings FIG. 1 illustrates an example of a message sequence chart of a known connect reject procedure.

Embodiments of the invention will be described, by way of example only, with reference to the accompanying drawings, in which:

FIG. 2 illustrates an example of part of a cellular communications network adapted in accordance with some embodiments of the invention.

FIG. 3 illustrates an example of a message sequence between a wireless communication unit and a network element according to some embodiments of the invention.

FIG. 4 illustrates a simplified flowchart of a method for controlling access to a cellular communication network according to some embodiments of the invention. FIG. 5 illustrates a simplified flowchart of a method for establishing a connection with a cellular communication network according to some embodiments of the invention.

FIG. 6 illustrates a typical computing system that may be employed to implement signal processing functionality in embodiments of the invention.

Detailed Description of Embodiments of the Invention

Referring now to the drawings, and in particular FIG. 2, an example of part of a 3GPP network, adapted in accordance with an embodiment of the invention, is illustrated and indicated generally at 200. In particular, FIG. 2 illustrates an example of a cellular communication system 200 that comprises a combination of a macro cell 285 and a plurality of femto cells 250 in accordance with one embodiment of the invention. For the embodiment illustrated in FIG. 2, the cellular communication system 200 comprises two distinct radio network sub-system (RNS) architectures to handle the respective macro cell and femto cell communications. In the macro cell scenario, the RNS comprises an RNC 236 having, inter alia, signal processing logic 238. The RNC 236 is operably coupled to a Node B 224 for providing a macro cell. The RNC 236 is further operably coupled to a core network element 242, such as a serving GPRS support node (SGSN )/mobile switching centre (MSC), as known.

In a femto cell scenario, an RNS 210 comprises a network element in a form of a 3G Access Point (3G AP) 230, performing a number of functions generally associated with a base station, and a controller in a form of a 3G Access controller (3G AC) 240. As will be appreciated by a skilled artisan, a 3G Access Point (3G AP) 230 is a communication element that provides access to a cellular communication network via a communication cell, such as a 3G femto cell 250. One envisaged application is that a 3G AP 230 may be purchased by a member of the public and installed in their home. The 3G AP 230 may then be connected to a 3G AC 240 over the owner's broadband internet connection 260.

Thus, a 3G AP 230 may be considered as encompassing a scalable, multi-channel, two-way communication device that may be provided within, say, residential and commercial (e.g. office) locations, 'hotspots' etc, to extend or improve upon network coverage within those locations. Although there are no standard criteria for the functional components of a 3G AP, an example of a typical 3G AP for use within a 3GPP system may comprise Node-B functionality and some aspects of radio network controller (RNC) 236 functionality. The 3G AP 230 further comprises radio frequency (RF) transceiver circuitry 255 arranged to enable a connection to be established with one or more wireless communication units located within the communication cell 250;, such as User Equipment (UE) 214, via a wireless interface (Uu). The 3G AC 240 may be coupled to the core network (CN) 242 via an Iu interface as shown. In this manner, the 3G AP 230 is able to provide voice and data services to a cellular handset, such as UE 214, in a femto cell in the same way as a conventional Node-B, but with the deployment simplicity of, for example, a Wireless Local Area Network (WLAN) access point. As would be appreciated by a skilled person, 3G AP 230 comprises numerous other functional and logical elements to support wireless communications and functionality and which will not be described further herein.

The UE 214 is a wireless communication unit comprising transceiver circuitry 216 arranged to transmit and receive signals, and signal processing logic 218. As would be appreciated by a skilled person, UE 214 comprises numerous other functional and logical elements to support wireless communications and functionality and which will not be described further herein.

As previously mentioned, a femto cell AP, such as 3G AP 230 is typically owned by a member of the public, as opposed to a Network Operator, and the owner of the femto cell AP pays for the network resources, such as Digital Subscriber Line (DSL) bandwidth, used by the femto cell. As a result, it is undesirable for unauthorised UEs to use the femto cell as it will result in the owner paying for the resources utilised. Therefore, it is desirable for an owner of the femto cell AP to be able to control which UEs are able to access the network via the AP. In order for access control to be provided on a cellular level, a mechanism is required with which a connection between a UE and a cell may be rejected. Referring now to FIG. 3, there is illustrated an example of a message sequence between the UE 214 and 3G access point 230 of FIG. 2, according to some embodiments of the invention. The signal processing logic 265 of 3G AP 230 is arranged to receive a message 310 from a wireless communication unit, such as UE 214, and to determine whether to permit the UE 214 access to the cellular communication network 200 via the communication cell 250, based on at least an identity of the wireless communication unit contained in the message 310. If it is determined not to permit the UE 214 access to the cellular communication network 200 via the communication cell 250, as illustrated in box 320, the signal processing logic 265 is further arranged to transmit an access barred message to the UE 214, which for the illustrated embodiment comprises a connection reject message 330, the connection reject message 330 comprising an indication that the cause of the rejection is at least partly due to cellular access control.

The indication that the cause of the rejection is at least partly due to cellular access control enables the UE 214 to differentiate from a connection being rejected on the basis of, for example, the 3G access point 230 being congested, and a connection being rejected on the basis of denied access. As a result, a UE 214 is able to make a decision as to whether to wait and re-attempt to establish a connection with the 3G AP 230, or to attempt to connect to an alternative communication cell, as illustrated in box 340. Accordingly, when the 3G AP 230 rejects the connection on the basis of denied access, the UE 214 recognises that the rejection is not temporary, and does not attempt to reconnect, and thus does not waste resources, either of the UE 214 or of the 3G AP 230.

Furthermore, since by providing the access control within the RNS, namely within the 3G AP 230 for the embodiment described above, the access control can be provided on a cellular level, as opposed to, for example, a location area level.

Although for the various embodiments described herein, the invention is described in terms of a 3G AP 230 supporting communication in a 3G femto cell, it is contemplated that the invention may equally be implemented within other forms of network element providing access to a cellular communication network via a communication cell, such as Node-B 224 supporting communication in a macro-cell 285.

In accordance with some embodiments of the invention, and as illustrated in FIG. 3, the message received from the UE 214 may comprise a Radio Resource Control (RRC) Connection Request message 310. In this manner, whenever a wireless communication unit, such as UE 214, attempts to connect to the network 200 via the 3G femto cell 250, the 3G AP 230 may perform an access control procedure to determine whether to permit the UE 214 access to the network 200. Accordingly, and as also illustrated in FIG. 3, the access barred message may comprise an RRC connection reject message 330. In this manner, and as appreciated by a skilled artisan, the RRC Connection Reject message may comprise a 'Rejection cause' Information Element (IE) within which an indication of the cause of the rejection may be provided.

The 3G AP 230 may determine whether to permit the UE 214 access to the network 200 via the 3G femto cell 250, based on at least an identity of the UE 214, in any suitable manner. For example, the determination may be based on an International Mobile Subscriber Identity (IMSI), a Temporary Mobile Subscriber Identity (TMSI) or an International Mobile Equipment Identity (IMEI) of the UE 214, or a value cryptographically derived, say from one of these. A specific procedure for determining whether to permit the UE 214 access to the network 200 is outside the scope of the invention. However, the Applicant's co-pending patent application GB0803877.0 filed on 3^rd March 2008 discloses a method and apparatus for providing access to a cellular communication network comprising determining whether to permit access to the communication network based on an identity of the wireless communication unit, and for completeness is incorporated herein.

Referring now to FIG. 4, there is illustrated a simplified flowchart 400 of a method for controlling access to a cellular communication network, according to some embodiments of the invention. For example, the method of FIG. 4 may be implemented by the signal processing logic 265 of 3G AP 230 in FIG. 2. The method starts at step 410 with a receipt of a message from a wireless communication unit. By way of example, the message received from the wireless communication unit may comprise an RRC Connection Request message.

Next, in step 420, the method comprises determining whether to permit the wireless communication unit access to the cellular communication network via the communication cell, based on at least an identity of the wireless communication unit. For example, the determination may be based on an IMSI, TMSI or IMEI of the wireless communication unit, or a value cryptographically derived, say, from one of these.

If it is determined not to permit the wireless communication unit access to the cellular communication network via the communication cell, the method comprises generating an access barred message in step 430 and transmitting the message to the wireless communication unit, in step 440. The access barred message may comprise an indication that the cause of the rejection is at least partly due to cellular access control. The method then ends at step 450.

Referring back to step 420, if it is determined to permit the wireless communication unit access to the cellular communication network, via the communication cell, the method moves to step 460, where access is allowed. The method then ends at step 450.

Referring now to FIG. 5, there is illustrated a simplified flowchart 500 of a method for establishing a connection with a cellular communication network in accordance with some embodiments of the invention. For example, the method of FIG. 5 may be implemented by signal processing logic of a wireless communication unit such as the signal processing logic 218 of the UE 214 of FIG. 2.

The method starts at step 510, and moves to step 520, where a connection request message, for example an RRC Connection Request message, is transmitted to a network element of a communication cell within the cellular communication network, such as 3G AP 230 or Node-B 224.

Next, in step 530, a response to the connection request message is received, and in step 540 it is determined whether the response to the connection request message comprises an access barred message. If the response to the connection request message does not comprise an access barred message, in step 540, the method moves on to step 550, with the configuration of a connection setup. Next, in step 560, a connection setup complete message is transmitted, and the method ends at step 590.

Referring back to step 540, if the response to the connection request message does comprise an access barred message, for example an RRC Connection Reject message, the method moves on to step 570, where it determines whether the cause of the connection rejection is at least partly due to cellular access control. For example, the response to the connection request message may comprise an RRC Connection Reject message, and the RRC Connection Reject message may comprise a 'Rejection cause' Information Element (IE) for indicating the cause of the rejection.

If it is determined that the cause of the rejection is at least partly due to cellular access control, the method moves on to step 580, where the communication cell is designated as blocked, and the method ends at step 590.

Referring back to step 570, if it is determined that the cause of the rejection is not due to cellular access control, the method comprises an intermission 585, before returning to step 520, and retransmitting a connection request message. For example, the 'Rejection cause' IE within the RRC Connection Reject message may indicate a cause other than access control for the rejection of the connection, such as the network element being congested, and the intermission 585 may comprise awaiting the expiry of a timer, or the occurrence of an event. Alternatively, the access barred message may comprise no indication as to the cause of the rejection. In this case, the cause may be assumed not to be due to access control. In this manner, a wireless communication unit arranged or adapted to implement the method of FIG. 5 remains functionally compatible with known network elements.

Referring back to FIG. 1 , and in accordance with some embodiments of the invention, upon designating the communication cell as blocked, the signal processing logic 218 of the UE 214 may be further arranged to attempt to connect to an alternative communication cell. Furthermore, upon designating the communication cell as blocked, and if no alternative communication cell is available, the signal processing logic 218 of the UE 214 may be arranged to use the blocked communication cell for emergency calls. For the various embodiments illustrated in the drawings and hereinbefore described, an access barred message has been described comprising a connection reject message, and more particularly an RRC Connection Reject message. In this manner, access control may be performed during an initial connection establishment procedure, for example following receipt of a connection request message.

In accordance with alternative embodiments of the invention, an access barred message may comprise a connection release message, for example an RRC Connection Release message. In this manner, even after a connection has been established, a network element is able to release an existing connection with a particular wireless communication unit, and to bar access for that wireless communication unit to a cell, even if a connection has already been established.

Referring now to FIG. 6, there is illustrated a typical computing system 600 that may be employed to implement signal processing functionality in embodiments of the invention. Computing systems of this type may be used in access points and wireless communication units. Those skilled in the relevant art will also recognize how to implement the invention using other computer systems or architectures. Computing system 600 may represent, for example, a desktop, laptop or notebook computer, hand-held computing device (PDA, cell phone, palmtop, etc.), mainframe, server, client, or any other type of special or general purpose computing device as may be desirable or appropriate for a given application or environment. Computing system 600 can include one or more processors, such as a processor 604. Processor 604 can be implemented using a general or special-purpose processing engine such as, for example, a microprocessor, microcontroller or other control logic. In this example, processor 604 is connected to a bus 602 or other communications medium. Computing system 600 can also include a main memory 608, such as random access memory (RAM) or other dynamic memory, for storing information and instructions to be executed by processor 604. Main memory 608 also may be used for storing temporary variables or other intermediate information during execution of instructions to be executed by processor 604. Computing system 600 may likewise include a read only memory (ROM) or other static storage device coupled to bus 602 for storing static information and instructions for processor 604.

The computing system 600 may also include information storage system 610, which may include, for example, a media drive 612 and a removable storage interface 620. The media drive 612 may include a drive or other mechanism to support fixed or removable storage media, such as a hard disk drive, a floppy disk drive, a magnetic tape drive, an optical disk drive, a compact disc (CD) or digital video drive (DVD) read or write drive (R or RW), or other removable or fixed media drive. Storage media 618 may include, for example, a hard disk, floppy disk, magnetic tape, optical disk, CD or DVD, or other fixed or removable medium that is read by and written to by media drive 612. As these examples illustrate, the storage media 618 may include a computer-readable storage medium having particular computer software or data stored therein.

In alternative embodiments, information storage system 610 may include other similar components for allowing computer programs or other instructions or data to be loaded into computing system 600. Such components may include, for example, a removable storage unit 622 and an interface 620, such as a program cartridge and cartridge interface, a removable memory (for example, a flash memory or other removable memory module) and memory slot, and other removable storage units 622 and interfaces 620 that allow software and data to be transferred from the removable storage unit 618 to computing system 600. Computing system 600 can also include a communications interface 624.

Communications interface 624 can be used to allow software and data to be transferred between computing system 600 and external devices. Examples of communications interface 624 can include a modem, a network interface (such as an Ethernet or other NIC card), a communications port (such as for example, a universal serial bus (USB) port), a PCMCIA slot and card, etc. Software and data transferred via communications interface 624 are in the form of signals which can be electronic, electromagnetic, and optical or other signals capable of being received by communications interface 624. These signals are provided to communications interface 624 via a channel 628. This channel 628 may carry signals and may be implemented using a wireless medium, wire or cable, fiber optics, or other communications medium. Some examples of a channel include a phone line, a cellular phone link, an RF link, a network interface, a local or wide area network, and other communications channels.

In this document, the terms 'computer program product' 'computer-readable medium' and the like may be used generally to refer to media such as, for example, memory 608, storage device 618, or storage unit 622. These and other forms of computer-readable media may store one or more instructions for use by processor 604, to cause the processor to perform specified operations. Such instructions, generally referred to as 'computer program code' (which may be grouped in the form of computer programs or other groupings), when executed, enable the computing system 600 to perform functions of embodiments of the present invention. Note that the code may directly cause the processor to perform specified operations, be compiled to do so, and/or be combined with other software, hardware, and/or firmware elements (e.g., libraries for performing standard functions) to do so.

In an embodiment where the elements are implemented using software, the software may be stored in a computer-readable medium and loaded into computing system 600 using, for example, removable storage drive 622, drive 612 or communications interface 624. The control logic (in this example, software instructions or computer program code), when executed by the processor 604, causes the processor 604 to perform the functions of the invention as described herein.

It will be appreciated that, for clarity purposes, the above description has described embodiments of the invention with reference to different functional elements and processors. However, it will be apparent that any suitable distribution of functionality between different functional elements or processors, for example with respect to the access point or controller, may be used without detracting from the invention. For example, it is envisaged that functionality illustrated to be performed by separate processors or controllers may be performed by the same processor or controller. Hence, references to specific functional units are only to be seen as references to suitable means for providing the described functionality, rather than indicative of a strict logical or physical structure or organization.

Aspects of the invention may be implemented in any suitable form including hardware, software, firmware or any combination of these. The invention may optionally be implemented, at least partly, as computer software running on one or more data processors and/or digital signal processors. Thus, the elements and components of an embodiment of the invention may be physically, functionally and logically implemented in any suitable way. Indeed, the functionality may be implemented in a single unit, in a plurality of units or as part of other functional units. Although one embodiment of the invention describes an access point for a UMTS network, it is envisaged that the inventive concept is not restricted to this embodiment.

It is envisaged that the aforementioned inventive concept aims to provide at least one or more of the following advantages:

(i) The provision of an indication that the cause of a rejection is at least partly due to cellular access control, enables a wireless communication unit to differentiate between a connection being rejected on the basis of, for example, the network element being congested, and a connection being rejected on the basis of denied access;

(ii) A wireless communication unit being able to make a decision as to whether a connection rejection is temporary, and to wait and re-attempt to establish a connection with a communication cell. Alternatively, a decision may be made as to whether the connection rejection is due to access control, and thus permanent, and therefore the wireless communication unit needs to attempt to connect to an alternative communication cell; and

(iii) Enabling more efficient use of resources when implementing access control on a cellular basis. Although the invention has been described in connection with some embodiments, it is not intended to be limited to the specific form set forth herein. Rather, the scope of the present invention is limited only by the accompanying claims. Additionally, although a feature may appear to be described in connection with particular embodiments, one skilled in the art would recognize that various features of the described embodiments may be combined in accordance with the invention. In the claims, the term 'comprising' does not exclude the presence of other elements or steps.

Moreover, an embodiment can be implemented as a computer-readable storage element having computer readable code stored thereon for programming a computer (e.g., comprising a signal processing device) to perform a method as described and claimed herein. Examples of such computer-readable storage elements include, but are not limited to, a hard disk, a CD-ROM, an optical storage device, a magnetic storage device, a ROM (Read Only

Memory), a PROM (Programmable Read Only Memory), an EPROM (Erasable

Programmable Read Only Memory), an EEPROM (Electrically Erasable Programmable Read

Only Memory) and a Flash memory. Further, it is expected that one of ordinary skill, notwithstanding possibly significant effort and many design choices motivated by, for example, available time, current technology, and economic considerations, when guided by the concepts and principles disclosed herein will be readily capable of generating such software instructions and programs and integrated circuits (ICs) with minimal experimentation.

Furthermore, although individually listed, a plurality of means, elements or method steps may be implemented by, for example, a single unit or processor. Additionally, although individual features may be included in different claims, these may possibly be advantageously combined, and the inclusion in different claims does not imply that a combination of features is not feasible and/or advantageous. Also, the inclusion of a feature in one category of claims does not imply a limitation to this category, but rather indicates that the feature is equally applicable to other claim categories, as appropriate.

Furthermore, the order of features in the claims does not imply any specific order in which the features must be performed and in particular the order of individual steps in a method claim does not imply that the steps must be performed in this order. Rather, the steps may be performed in any suitable order. In addition, singular references do not exclude a plurality. Thus, references to 'a', 'an', 'first', 'second' etc. do not preclude a plurality.

Thus, a method and apparatus for controlling access to a cellular communication network have been described, which substantially addresses at least some of the shortcomings of past and present access control techniques and/or mechanisms.

1. A network element for providing access to a cellular communication network via a communication cell, the network element comprising: transceiver circuitry arranged to enable a connection to be established with at least one wireless communication unit located within the communication cell; and signal processing logic, wherein the signal processing logic is arranged to: receive a message from a wireless communication unit that indicates an identity of the wireless communication unit; determine whether to permit the wireless communication unit access to the cellular communication network via the communication cell, based on at least an identity of the wireless communication unit contained in the message; and if it is determined not to permit the wireless communication unit access to the cellular communication network via the communication cell, the signal processing logic generates an access barred message for transmission to the wireless communication unit, wherein the access barred message comprises an indication that a cause of the rejection is at least partly due to cellular access control.

2. The network element of Claim 1 wherein the message received from the wireless communication unit comprises a Radio Resource Control (RRC) Connection Request message.

3. The network element of Claim 1 wherein the access barred message comprises an RRC Connection Reject message.

4. The network element of Claim 1 wherein the access barred message comprises an RRC Connection Release message.

5. The network element of Claim 3 or Claim 4 wherein the access barred message comprises a rejection cause Information Element (IE) for indicating the cause of the rejection.

6. The network element of any preceding Claim wherein the network element comprises an access point (AP), and the communication cell comprises a femto cell.

7. The network element of any of Claims 1 to 5 wherein the network element comprises a Node-B, and the communication cell comprises a macro-cell.

8. The network element of any preceding Claim wherein the cellular communication network comprises a Universal Mobile Telecommunications System (UMTS) network.

9. A method for controlling access to a cellular communication network via a communication cell, wherein the method comprises: receiving a message from a wireless communication unit that indicates an identity of the wireless communication unit; determining whether to permit the wireless communication unit access to the cellular communication network via the communication cell, based on at least an identity of the wireless communication unit contained in the message; and if it is determined not to permit the wireless communication unit access to the cellular communication network via the communication cell, transmitting an access barred message to the wireless communication unit, the connection reject message comprises an indication that a cause of the rejection is at least partly due to cellular access control.

10. A wireless communication system adapted to support the method for controlling access to a cellular communication network via a communication cell of Claim 8.

11. A wireless communication unit comprising transceiver circuitry arranged to receive messages from a network element of a communication cell within a cellular communication network, and signal processing logic, wherein the signal processing logic is arranged to: transmit a connection request message to a network element of a communication cell; receive a response to the connection request message; determine whether the response to the connection request message comprises an access barred message comprising an indication that a cause of the rejection is at least partly due to cellular access control and in response thereto designate the communication cell as blocked.

12. The wireless communication unit of Claim 10 wherein the signal processing logic is further arranged, upon designating the communication cell as blocked, to attempt to connect to an alternative communication cell.

13. The wireless communication unit of Claim 11 wherein, the signal processing logic is further arranged, upon designating the communication cell as blocked, and if no alternative communication cell is available, to use the communication cell designated as blocked for emergency calls.

14. The wireless communication unit of any one of Claims 10 to 12 wherein, if a connection reject message is received comprising no indication as to the cause of the rejection, the signal processing logic is arranged to assume the cause not to be due to cellular access control, and to retransmit a connection request message.

15. A method for attempting to access a cellular communication network via a communication cell, wherein the method comprises at a wireless communication unit: transmitting a connection request message to a network element of a communication cell; receiving a response to the connection request message; determining whether the response to the connection request message comprises an access barred message comprising an indication that a cause of the rejection is at least partly due to cellular access control; and in response thereto designating the communication cell as blocked.

16. A computer-readable storage element having computer-readable code stored thereon for programming signal processing logic to perform a method for attempting to access a cellular communication network via a communication cell, the computer-readable storage element (270) comprising code for: transmitting a connection request message to a network element of a communication cell; receiving a response to the connection request message; determining whether the response to the connection request message comprises an access barred message comprising an indication that a cause of the rejection is at least partly due to cellular access control; and in response thereto designating the communication cell as blocked.

17. A computer-readable storage element having computer-readable code stored thereon for programming signal processing logic to perform a method for controlling access to a cellular communication network via a communication cell, the computer-readable storage element (270) comprising code for: receiving a message from a wireless communication unit that indicates an identity of the wireless communication unit; determining whether to permit the wireless communication unit access to the cellular communication network via the communication cell, based on at least an identity of the wireless communication unit contained in the message; and if it is determined not to permit the wireless communication unit access to the cellular communication network via the communication cell, transmitting an access barred message to the wireless communication unit, the access barred message comprises an indication that a cause of the rejection is at least partly due to cellular access control.

18. The computer-readable storage element of Claim 15 or Claim 16, wherein the computer readable storage medium comprises at least one of a hard disk, a CD-ROM, an optical storage device, a magnetic storage device, a ROM (Read Only Memory), a PROM (Programmable Read Only Memory), a EPROM (Erasable Programmable Read Only Memory), a EEPROM (Electrically Erasable Programmable Read Only Memory) and a Flash memory.