1. Patent Search
  2. Details

METHOD FOR SUPPORTING AUTHENTICATION OF A USER EQUIPMENT

20220408251 · 2022-12-22

    Inventors

    Cpc classification

    International classification

    Abstract

    A method for supporting authentication of a User Equipment, UE, in an Internet Protocol, IP, Multimedia Subsystem, IMS, telecommunication network, by interfacing a Service Based Architecture, SBA, telecommunication network, the method including receiving, by a Unified Data Management, UDM, in the SBA telecommunication network, from a Session Management Function, SMF, in the SBA telecommunication network, binding information, wherein the binding information is used to identify the UE in the IMS telecommunication network; receiving, by the UDM in the SBA telecommunication network, from a Home Subscriber Server, in the IMS telecommunication network, a request for providing the binding information, and providing, by the UDM in the SBA telecommunication network, to the HSS in the IMS telecommunication network the binding information, thereby supporting authentication of the UE. Complementary methods and corresponding nodes are also presented herein.

    Claims

    1. A method for supporting authentication of a User Equipment, UE, in an Internet Protocol, IP, Multimedia Subsystem, IMS, telecommunication network, by interfacing a Service Based Architecture, SBA, telecommunication network, the method comprising the steps of: receiving, by a Unified Data Management, UDM, in the SBA telecommunication network, from a Session Management Function, SMF, in the SBA telecommunication network, binding information, the binding information being used to identify the UE in the IMS telecommunication network; receiving, by the UDM in the SBA telecommunication network, from a Home Subscriber Server, in the IMS telecommunication network, a request for providing the binding information; and providing, by the UDM in the SBA telecommunication network, to the HSS in the IMS telecommunication network the binding information, thereby supporting authentication of the UE in the IMS telecommunication network.

    2. The method according to claim 1, wherein the binding information is provided over a service operation of the Nudm service.

    3. The method according to claim 1, wherein the binding information comprises at least one of: UE IP address; and a timestamp of a Protocol Data Unit, PDU, session registration.

    4. The method according to claim 3, wherein the UDM uses the timestamp to select the binding information to be provided to the HSS.

    5. The method according to claim 1, further comprising the step of: providing, by the UDM, to the SMF, information regarding the Data Network Names, DNNs, that will require reporting of the UE IP address to the UDM.

    6. The method according to claim 1, wherein the step of receiving the binding information comprises: requesting, by the UDM, from the SMF, the binding information triggered by the receiving, from the HSS, the request for providing the binding information; and receiving, by the UDM, the binding information from the SMF.

    7. The method according to claim 6, wherein the binding information comprises a timestamp indicting a time when the binding information was generated.

    8. A method for supporting authentication of a User Equipment, UE, in an Internet Protocol, IP, Multimedia Subsystem, IMS, telecommunication network, by interfacing a Service Based Architecture, SBA, telecommunication network, the method comprising the steps of: sending, by a Home Subscriber server, HSS, in the IMS telecommunication network, to a Unified Data Management, UDM, in the SBA telecommunication network, a request for providing binding information, the binding information being used to identify the UE in the IMS telecommunication network; receiving, by the HSS in the IMS telecommunication network, from the UDM in the SBA telecommunication network, the requested binding information; and sending, by the HSS in the IMS telecommunication network, to a Service Call/Session Control Function, S-CSCF, in the IMS telecommunication network, the binding information, thereby supporting authentication of the UE.

    9. The method according to claim 8, wherein the binding information is received over a service operation of the Nudm service.

    10. The method according to claim 8, wherein the binding information comprises at least: UE IP address; and a timestamp of a Protocol Data Unit, PDU, session registration.

    11. (canceled)

    12. (canceled)

    13. A Unified Data Management, UDM, node in a Service Based Architecture, SBA, telecommunication network, arranged for supporting authentication of a User Equipment, UE, in an Internet Protocol, IP, Multimedia Subsystem, IMS, telecommunication network, by interfacing the SBA telecommunication network, the UDM node comprising: receive equipment configured to: receive, from a Session Management Function, SMF, in the SBA telecommunication network, binding information, the binding information being used to identify the UE in the IMS telecommunication network; and receive, from a Home Subscriber Server, in the IMS telecommunication network, a request for providing the binding information; and transmit equipment configured to provide, to the HSS in the IMS telecommunication network the binding information.

    14. The UDM according to claim 13, wherein the binding information is arranged to be provided over an operation of the Nudm service.

    15. The UDM according to claim 13, wherein the binding information comprises at least: UE IP address; and a timestamp of a Protocol Data Unit, PDU, session registration.

    16. The UDM according to claim 13, wherein the UDM further comprises select equipment configured to select binding information to be provided to the HSS based on the timestamp.

    17. The UDM according to claim 13, wherein the transmit equipment is further configured to provide, to the SMF, information regarding the Data Network Names, DNNs, that will require reporting of the UE IP address to the UDM.

    18. The UDM according to claim 13, wherein the transmit equipment is further configured to request, from the SMF, the binding information triggered by the receiving, from the HSS, the request for providing the binding information, and the receive equipment is further configured to receive, by the UDM, the binding information from the SMF.

    19. The UDM according to claim 18, wherein the binding information comprises a timestamp indicting a time when the binding information was generated.

    20. A Home Subscriber Server, HSS, node in an Internet Protocol, IP, Multimedia Subsystem, IMS, telecommunication network, arranged for supporting authentication of a User Equipment, UE, in the IMS telecommunication network, by interfacing a Service Based Architecture, SBA, telecommunication network, the HSS node comprising: transmit equipment configured to send, to a Unified Data Management, UDM, in the SBA telecommunication network, a request for providing binding information, the binding information being used to identify the UE in the IMS telecommunication network; and receive equipment configured to receive, from the UDM in the SBA telecommunication network, the requested binding information.

    21. The HSS node according to claim 20, in the IMS telecommunication network wherein the binding information comprises at least: UE IP address; and a timestamp of a Protocol Data Unit, PDU, session registration.

    22.-24. (canceled)

    Description

    BRIEF DESCRIPTION OF THE DRAWINGS

    [0063] FIG. 1 schematically illustrates a message sequence for early Internet Protocol Multimedia Subsystem, IMS, security according to prior art.

    [0064] FIG. 2 schematically illustrates a signalling sequence for General Packet Radio Service, GPRS IMS Bundled Authentication, GIBA, support in a Fifth Generation Core, 5GC, Network.

    [0065] FIG. 3 schematically illustrates a signalling sequence for supporting 5GIBA for UE authentication in an IMS-Application Server, IMS-AS.

    [0066] FIGS. 4-6 schematically illustrate a method according to the present disclosure.

    [0067] FIG. 7 schematically illustrates a Unified Data Management, UDM, according to the present disclosure.

    [0068] FIG. 8 schematically illustrates a Home Subscriber Server, HSS, according to the present disclosure.

    [0069] FIG. 9 schematically illustrates a Session Management Function, SMF, according to the present disclosure.

    [0070] FIG. 10 schematically illustrates a method according to the present disclosure.

    DETAILED DESCRIPTION

    [0071] Some of the examples contemplated herein will now be described more fully with reference to the accompanying drawings. Other examples, however, are contained within the scope of the subject matter disclosed herein, the disclosed subject matter should not be construed as limited to only the examples set forth herein; rather, these examples are provided by way of example to convey the scope of the subject matter to those skilled in the art.

    [0072] Some possible steps of the GIBA procedure in the context of the present disclosure are highlighted below:

    [0073] The UE 2 starts by setting up a PDP context as shown in steps 10-15. The GPRS Gateway Support Node, GGSN, 4 acting as a RADIUS Client provides the user's IP address assigned to the UE 2, IMSI and MSISDN to a RADIUS server in the HSS 7 over the Gi interface when a Packet Data Protocol, PDP, context is activated towards the IP Multimedia Subsystem, IMS.

    [0074] When a PDP context has been successfully set up, the UE 2 sends a Session Initiation Protocol, SIP, REGISTER request 16, 17. The REGISTER request contains the IP address allocated to this UE 2 and its IMS Public Identifier, IMPU, of the UE 2.

    [0075] The GGSN 4 verifies 18 that the IP address provided in the REGISTER request matches the IP address allocated to the UE 2 when the PDP context was set up. When the IP address has been verified, the GGSN 4 forwards 19, 20 the REGISTER request to the Proxy Call Session Control Function, P-CSCF, 5.

    [0076] The P-CSCF 5 verifies 21 the source IP address against the IP address in the Via header of the REGISTER request. If the source IP address differs from the IP address in the Via header, the P-CSCF 5 adds the source IP address to a received parameter in the Via header. The P-CSCF 5 then forwards 22, 23 the REGISTER request to the Interrogating CSCF, I-CSCF, 6 in the home network.

    [0077] The I-CSCF 6 contacts 24 the HSS 7 to authorize access to the IMS to this UE 2. The HSS 7 responds 25 that the UE 2 is authorized, and the I-CSCF 6 forwards 27 the SIP REGISTER request to the Serving CSCF, S-CSCF, 8 chosen to serve the UE 2.

    [0078] The S-CSCF 8 contacts 28 the HSS 7 and indicates that GIBA is used to authenticate the UE. The HSS 7 returns 30 the stored IP address to the S-CSCF 8. The S-CSCF 8 then verifies 31 if the IP address returned by the HSS 7 matches the IP address obtained in the REGISTER request. If present, the received by parameter shall be used. If there is a match, the user is authenticated and authorized to register in IMS.

    [0079] The S-CSCF 8 sends a message 32 to the HSS 7, informing that this S-CSCF 8 is going to serve the UE 2, and the HSS 7 responds 33 with a message providing information that the S-CSCF 8 needs for serving the UE 2.

    [0080] The S-CSCF 8 returns 34 a SIP 200 OK response to the UE 2, indicating that the registration is successfully completed.

    [0081] An authentication mechanism for enabling access to the IMS domain to UEs which do not support AKA-based identifiers and credentials when using 5GC access based on principles used in GIBA; hereinafter referred to as 5G IMS Bundled Authentication, 5GIBA.

    [0082] An idea of the present disclosure gravitates around the SMF providing the UDM with binding information such as IP address, SUPI/GPSI over the existing Nudm_UEContextManagement_Registration service operation and for the HSS retrieving binding information from UDM during authentication of IMS registrations.

    [0083] For registering the binding information in 5GC, an extension to the existing Nudm_UEContextManagement_Registration service operation over the standardized Nudm interface as defined in 3GPP TS 29.503. Therefore, the information that the SMF registers in UDM is extended with the UE IP Address and the SMF registration timestamp within the UE context in SMF data as follows

    TABLE-US-00001 UE context in SMF data SUPI Key PDU Session Id(s) List of PDU Session Id(s) for the UE For emergency PDU Session Id: Emergency Information The PGW-C + SMF FQDN for emergency session used for interworking with EPC. For each non-emergency PDU Session Id: DNN DNN for the PDU Session. SMF Allocated SMF for the PDU Session. Includes SMF IP Address and SMF NF Id. PGW-C + SMF FQDN The S5/S8 PGW-C + SMF FQDN used for interworking with EPS (see NOTE 5). UE IP address Indicates the IP address assigned to the UE for the DNN. SMF registration Indicates the time of the SMF registration in timestamp UDM

    [0084] This invention proposes that the UE context in SMF is also possible to be requested filtering by SUPI/DNN as follows.

    TABLE-US-00002 Subscription Data Types Data Key Data Sub Key Access and Mobility Subscription data SUPI — SMF Selection Subscription data SUPI — UE context in SMF data SUPI S-NSSAI or DNN

    [0085] FIG. 2 schematically illustrates a signalling sequence 40 for General Packet Radio Service, GPRS IMS Bundled Authentication, GIBA, support in a Fifth Generation Core, 5GC, Network.

    [0086] The UE 2 authenticates and registers 51 in 5GC. Such an authentication process is known in the prior art. The SUPI and credentials used by the UE 2 may not be based on International Mobile Subscriber Identity/Authentication and Key Agreement, IMSI/AKA.

    [0087] In step 52 the UE 2 establishes a PDU session for the Data Network Name, DNN, IMS. An SMF 41 suitable to establish PDU sessions for the DNN IMS is selected.

    [0088] In steps 53, 54, The SMF 41 registers the PDU session in UDM 42 using the existing Nudm_UEContextManagement_Registration service operation as defined in 3GPP TS 23.502 and 3GPP TS 29.503. The SMF 41 includes the IP address assigned to the UE 2 and that the UDM 42 stores it as “UE Context in SMF data”. Additionally, the SMF 41 may include a timestamp for the PDU session registration. This timestamp can be of assistance for the UDM 42 to determine the most recent SMF 41 for the DNN in case UDM 42 keeps stall information regarding old SMFs.

    [0089] The SMF 41 may be configured to include the UE IP address only for the IMS DNN or do that for all DNNs. In another embodiment the UDM 42 may inform the SMF 41 about which DNNs will require reporting of the UE IP Address to UDM when the SMF requests subscription data for the SUPI/DNN to the UDM using Nudm_SDM_Get as depicted in step 53 of FIG. 2.

    [0090] The PDU session establishment for the DNN IMS is completed in step 55. In subsequent step 56, the UE 2 sends the SIP REGISTER request to IMS. The SIP REGISTER request includes the UE's IMPI/IMPU and the IP address allocated to the UE 2 in 5GC. The IMPI/IMPU used by the UE 2 to register in IMS are based on the UE's SUPI used to register in 5GC. Note that the SUPI may contain a NAI used as an IMPI.

    [0091] In step 57, The S-CSCF in the IMS Core 43 contacts the HSS 7 and indicates that GIBA is used to authenticate the UE 2. The HSS 7 may try to find 58 Binding information provided by GGSN/PDN-GW to the HSS using Gi. In the absence of Binding information from GPRS/EPS domain or in additionally, the HSS-IMS 7 checks binding information from 5GC as well.

    [0092] In the context of UDICOM defined by 3GPP in TS 23.632 and where the HSS and the UDM are deployed as separate NFs, the HSS-IMS requests binding information (i.e. “UE context in SMF data” for the SUPI and IMS DNN) from UDM using the existing Nudm_SDM_Get service operation.

    [0093] The HSS 7 creates a SUPI based on the IMPI received in the Authentication request from the S-CSCF in step 7. The UDM 42 provides the “UE context in SMF data” to the HSS 7.

    [0094] In another embodiment, in the presence of multiple SMFs managing the DNN IMS, UDM may use the timestamps included in the “UE context in SMF data” to select the latest binding information from 5GC domain to be provided to the HSS.

    [0095] In step 59, The HSS 7 returns the stored IP address to the S-CSCF 43. In the presence of Binding information from 5GC and GPRS/EPC domains, the HSS 7 decides which IP address to provide to the S-CSCF, for example also based on timestamps of binding information from GPRS/EPC. The S-CSCF 43 then matches the IP address returned by the HSS against the IP address obtained in the SIP REGISTER request.

    [0096] In step 60, the IMS Registration procedure proceeds accordingly, for example, successfully if the IP address provided by the HSS is the same than the one provided by the UE to the S-CSCF in the SIP REGISTER message.

    [0097] The same principles can be used for supporting 5GIBA for UE authentication in an IMS-AS as shown in the signalling diagram 70 in FIG. 3:

    [0098] In this case, the secure binding information stored in UDM during UE registration in 5GC is requested in steps 73-74 by HSS 7 at reception of a request typically from an Authentication/Aggregation Proxy or an IMS AS 44 for IP Address Secure Binding Information in steps 77-79. If the Secure Binding information provided by HSS 7 is the same as the one provided by the UE in step 76, the IMS service continues or is stopped 80. The remaining steps are identical to the steps presented and described in connection with FIG. 2, i.e. step 71 in FIG. 3 corresponds to Step 51 in FIG. 2, and so on.

    [0099] A mechanism to support authentication for access to the IMS domain to UEs which do not support AKA-based identifiers and credentials when using 5GC access. The proposed mechanism is based on principles used in GIBA. This will enable a simple authentication mechanism for access to the IMS domain to UEs which do not support AKA-based identifiers and credentials.

    [0100] FIG. 4 shows a method 100 for supporting authentication of a User Equipment, UE, in an Internet Protocol, IP, Multimedia Subsystem, IMS, telecommunication network, by interfacing a Service Based Architecture, SBA, telecommunication network. The method comprises the steps of receiving 101, by a Unified Data Management, UDM, in said SBA telecommunication network, from a Session Management Function, SMF, in said SBA telecommunication network, binding information, wherein said binding information is used to identify said UE in said IMS telecommunication network. In a subsequent step 102, the UDM receives from a Home Subscriber Server, in said IMS telecommunication network, a request for providing said binding information, and subsequently provides 103 to said HSS in said IMS telecommunication network said binding information, thereby supporting authentication of said UE.

    [0101] The method 100 may also comprise an additional step of providing 104, by said UDM, to said SMF, information regarding the Data Network Names, DNNs, that will require reporting of the UE IP address to said UDM.

    [0102] FIG. 5 illustrates a method 110 for supporting authentication of a User Equipment, UE, in an Internet Protocol, IP, Multimedia Subsystem, IMS, telecommunication network, by interfacing a Service Based Architecture, SBA, telecommunication network. The method comprises the steps of sending 111, by a Home Subscriber server, HSS, in said IMS telecommunication network, to a Unified Data Management, UDM, in said SBA telecommunication network, a request for providing binding information, wherein said binding information is used to identify said UE in said IMS telecommunication network. The HSS receives 112 from said UDM in said SBA telecommunication network, said requested binding information, and sends 113 to a Service Call/Session Control Function, S-CSCF, in said IMS telecommunication network, said binding information, thereby supporting authentication of said UE.

    [0103] FIG. 6 schematically illustrates a method 120 for supporting authentication of a User Equipment, UE, in an Internet Protocol, IP, Multimedia Subsystem, IMS, telecommunication network, by interfacing a Service Based Architecture, SBA, telecommunication network. The method 120 comprises the steps of, receiving 121, by a Session Management Function, SMF, from a Unified Data Management, UDM, a message requesting binding information for Data Network Names, DNN, and sending 122, by said SMF, to said UDM, binding information for the DNNs requested by said UDM.

    [0104] FIG. 7 schematically illustrates a Unified Data Management, UDM, node 42 in a Service Based Architecture, SBA, telecommunication network, arranged for supporting authentication of a User Equipment, UE, in an Internet Protocol, IP, Multimedia Subsystem, IMS, telecommunication network, by interfacing said SBA telecommunication network. The UDM node 42 comprises receive equipment 131, 132 arranged for receiving, from a Session Management Function, SMF, in said SBA telecommunication network, binding information, wherein said binding information is used to identify said UE in said IMS telecommunication network. The receive equipment 131, 132 is further arranged for receiving, from a Home Subscriber Server, in said IMS telecommunication network, a request for providing said binding information.

    [0105] The UDM node 42 also comprises transmit equipment 133, 134 arranged for providing, to said HSS in said IMS telecommunication network said binding information. The UDM node may also additionally comprise select equipment 135 arranged to select binding information to be provided to said HSS based on said timestamp.

    [0106] The UDM node 42 also comprises memory 137 which is arranged to store a set of computer readable instructions which when executed by the processor 136 cause the UDM node 42 to perform a method according to the present disclosure. The internal components communicate with one another using the internal bus 138.

    [0107] FIG. 8 schematically illustrates a Home Subscriber Server, HSS, node 7 in an Internet Protocol, IP, Multimedia Subsystem, IMS, telecommunication network, arranged for supporting authentication of a User Equipment, UE, in said IMS telecommunication network, by interfacing a Service Based Architecture, SBA, telecommunication network. The HSS node 7 comprises transmit equipment 143, 144 arranged for sending, to a Unified Data Management, UDM, in said SBA telecommunication network, a request for providing binding information, wherein said binding information is used to identify said UE in said IMS telecommunication network, and receive equipment 141, 142 arranged for receiving, from said UDM in said SBA telecommunication network, said requested binding information.

    [0108] The HSS node 7 also comprises memory 146 which is arranged to store a set of computer readable instructions which when executed by the processor 145 cause the HSS node to perform a method according to the present disclosure. The internal components communicate with one another using the internal bus 147.

    [0109] FIG. 9 schematically illustrates a Session Management Function, SMF, node 41 in a Service Based Architecture, SBA, telecommunication network, arranged for supporting authentication of a User Equipment, UE, in an Internet Protocol, IP, Multimedia Subsystem, IMS, telecommunication network, by interfacing said SBA telecommunication network. The SMF node 41 comprises receive equipment 151, 152 arranged for receiving, from a Unified Data Management, UDM, a message requesting binding information for Data Network Names, DNNs, and transmit equipment 153, 154 arranged for sending, by said SMF, to said UDM, binding information for the DNNs requested by said UDM.

    [0110] The SMF node 41 also comprises memory 156 which is arranged to store a set of computer readable instructions which when executed by the processor 155 cause the SMF node 41 to perform a method according to the present disclosure. The internal components communicate with one another using the internal bus 157. FIG. 10 schematically illustrates a method according to the present disclosure.

    [0111] The method illustrates a signalling sequence 201 for General Packet Radio Service, GPRS IMS Bundled Authentication, GIBA, support in a Fifth Generation Core, 5GC, Network.

    [0112] The UE 2 authenticates and registers 51 in 5GC, just like the situation sketched with reference to FIG. 2. In step 52 the UE 2 establishes a PDU session for the Data Network Name, DNN, IMS. An SMF 41 suitable to establish PDU sessions for the DNN IMS is selected.

    [0113] In steps 202, 203, The SMF 41 registers the PDU session in UDM 42 using, for example, the existing Nudm_UEContextManagement_Registration service operation as defined in 3GPP TS 23.502 and 3GPP TS 29.503. Here, the SMF 41 does not include the IP address assigned to the UE 2 as compared to the situation described with reference to FIG. 2.

    [0114] The PDU session establishment for the DNN IMS is completed in step 55. In subsequent step 56, the UE 2 sends the SIP REGISTER request to IMS. The SIP REGISTER request includes the UE's IMPI/IMPU and the IP address allocated to the UE 2 in 5GC. The IMPI/IMPU used by the UE 2 to register in IMS are based on the UE's SUPI used to register in 5GC. Note that the SUPI may contain a NAI used as an IMPI.

    [0115] In step 204, The S-CSCF in the IMS Core 43 contacts the HSS 7 and indicates that GIBA is used to authenticate the UE 2. The HSS 7 may try to find Binding information provided by GGSN/PDN-GW to the HSS using Gi. In the absence of Binding information from GPRS/EPS domain or in additionally, the HSS-IMS checks binding information from 5GC as well.

    [0116] In the context of UDICOM defined by 3GPP in TS 23.632 and where the HSS and the UDM are deployed as separate NFs, the HSS-IMS requests binding information (i.e. “UE context in SMF data” for the SUPI and IMS DNN) from UDM using the existing Nudm_SDM_Get service operation.

    [0117] In this particular case, the HSS 7 requests 205 the UDM 42 to provide the IP address of the UE 2. This may be implemented using, for example, an event called Nudm_Event_Exposure_Notifyservice, i.e. a one time notification of UE IP address with immediate reporting.

    [0118] In step 206, the UDM 42 fetches the UE IP address using, for example, the service Nsmf_EventExposure with immediate reply. The SMF 41 then provides the UE IP Address to UDM 42 in an Nsmf_Event_Exposure_Notify operation. The existing service operations offered by SMF as defined except that in the notification the SMF 41 may include the timestamp of the time when the UE IP address was generated.

    [0119] In step 207, the UDM 42 returns to the HSS 7, the UE IP address together with the timestamp in a Nudm_EventExposure_Notify operation. Finally, in step 208, the HSS 7 returns the IP address to the S-CSCF 43. In the presence of Binding information from 5GC and GPRS/EPC domains, the HSS 7 decides which IP address to provide to the S-CSCF, for example also based on timestamps of binding information from GPRS/EPC. The S-CSCF 43 then matches the IP address returned by the HSS against the IP address obtained in the SIP REGISTER request.

    [0120] In step 60, the IMS Registration procedure proceeds accordingly, for example, successfully if the IP address provided by the HSS is the same than the one provided by the UE to the S-CSCF in the SIP REGISTER message.

    [0121] Within the scope of the present disclosure, the steps performed by a User Data Management, UDM, node may be performed by any other Data Management node in the telecommunication network. The steps performed by a Session Management Function, SMF, may be performed by any other node in the telecommunication network that is designed to manage sessions.

    [0122] Other variations to the disclosed examples can be understood and effected by those skilled in the art in practicing the claimed disclosure, from a study of the drawings, the disclosure and the appended claims. In the claims, the word “comprising” does not exclude other elements or steps, and the indefinite article “a” or “an” does not exclude a plurality. A single processor or other unit may fulfil the functions of several items recited in the claims. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage. A computer program may be stored/distributed on a suitable medium, such as an optical storage medium or a solid state medium supplied together with or as part of other hardware, but may also be distributed in other forms, such as via the internet or wired or wireless telecommunication systems. Any reference signs in the claims should not be construed as limiting the scope thereof.

    [0123] The present disclosure is not limited to the examples as disclosed above, and can be modified and enhanced by those skilled in the art beyond the scope of the present disclosure as disclosed in the appended claims without having to apply inventive skills.