Abstract – Policy and Charging Rules Function (PCRF) not too old concept introduced in last quarter of year 2007 when standards for the 3GPP Policy Charging Control (PCC) architecture were published. According to the 3GPP standard architecture up to Release 9, a Charging System was not supposed to interact directly with a Policy Server. The Charging System; responsible for rating and charging, while the Policy Server is responsible for determining the right policy depending on the kind of traffic. In reality, it appears that the decision about the right policy might be influenced by some real-time subscriber information, which might also be relevant for charging, and therefore stored in the Charging System. PCRF or a policy server or a Policy Decision Function (PDF) is the part of the Evolved Packet Core (EPC) that supports service data flow detection, policy enforcement and flow-based charging. The PCRF function is part of the larger PCC architecture, which also includes the Proxy Call Session Control Function (P-CSCF) and the Policy and Charging Enforcement Function.

An intelligent policy and charging control solution helps assure the proper allocation of network resources based on what subscribers have purchased and what the network can deliver. In this context, a direct interface between the Charging System and the Policy Server might be required. The goal of this post is to understand and take feedback for learning on what such an interface would look like, based on an actual implementation. Learn a scenario where the policy should change in real-time during a data session because a volume threshold crossed.

Introduction – Mobile Network Operators are facing two challenges (thanks to the deployment of 3G/LTE/4G cellular networks VoLTE is around the corner like christmas gift) how to optimize and monetize their networks as voice revenue continues on a south bound journey with excellent speed. As per the Google research, mobile broadband traffic is projected to increase by up to 35 times by end 2015/2016, the response to these two issues could mean the difference between significantly growing business over the next five years or falling behind the competition. As mentioned before many of the MNOs have, in search of revenue actually cannibalised their own voice revenue by encouraging revenue share based VAS services from VAS service providers as usage on the network remain the same at 1 to 10 USD on average. Under PCRF new revenue creation and monetization of network is easily driven with ability to dynamically change the quality of service (QoS) for an individual subscriber who creates incremental revenue i.e Tiered Plans and etc.

Diameter interface is defined for signalling between many core network nodes and services. Overload on these interfaces can lead to server congestion or even collapse. The impact to services can be – Denial of services, persistent access restriction, loss of IMS and broadband services, loss of location information for emergency services and lawful intercept, loss of ability to use policy control to provide service personalization, loss of ability to use policy control to optimize network resources and Billing errors and loss of revenue. An analysis table for these interfaces and service impact is shown in in the following slides. (Source: 3GPP S2-122906)

Main story – Worldwide predictions on Mobile Data usage are hinting towards data tsunami. The demand for mobile device data is many folds higher compared old days of desktop or laptop driven data which clearly proves mobile broadband traffic is increasing. Mobile network operators (MNOs) have no choice but to provide more data , more speed but sadly with much less cost. Packet cores needs to deliver innovative, faster & high revenue-generating services to remain in business. PCRF does excellent network resource management as traffic can be prioritized to meet customer service expectations and SLAs; eg: bandwidth congestion. Also personalization of services are super easy by value of network assets maximization by offering services that meet the individual needs of subscribers; eg: high bandwidth for a time period

Diameter interfaces provide connection among Diameter nodes to enable essential service provider network functions such as authentication, online and offline billing, and policy and charging. PCRF – Dedicated policy equipment standardize in 3GPP that enables the policy function for bandwidth and charging on multimedia networks. Functional element that comprises flow based charging control and policy control decision functionalities. The PCRF stipulates network control regarding the service data flow detection; gating, QoS and flow based charging (except credit management) towards the PCEF. PCRF receives session and media related information from the application function and informs application function for data traffic. The PCEF is the functional element that encompasses policy enforcement and follows based charging functionalities.

The PCRF interfaces with the main packet gateway and takes charging enforcement decisions on its behalf. The centralized device can act as a policy decision point (PDP) for the wireless operator and gets as granular as individual subscribers. Gx and Gy are two main and key interfaces in existence for different purposes. Every service has unique bandwidth requirements. Policy control within the PCRF and PCEF ensures that appropriate amounts of bandwidth are dynamically allocated to each service in real time, thus making the most efficient use of network resources. Prior to launching a new service like VoLTE, mno’s need to test and validate their policy rules within the PCRF and PCEF to ensure the services are delivered with integrity and to ensure that there is sufficient capacity to provide the requested services.   Charging rules are very similar and also must be validated. MNO or data service provider may needs to implement a multitude of charging rules for each service; and these rules may differ based on a variety of conditions, for example: Customer Service Level Agreement, time of day, or network conditions.

Gx interface between PCRF and PCEF. PCRF generates PCC rules and send the generated PCC rules towards PGW/PCEF to enforce the PCC rules at PGW for an end User. Gy interface between PCEF to OCS. It is used for transfer data uses report from PGW/PCEF to OCS. So both the interfaces achieve different objectives. For example, service providers can use PCRF to charge subscribers based on their volume of usage of high-bandwidth applications, charge extra for QoS guarantees, limit app usage while a user is roaming, or lower the bandwidth of wireless subscribers using heavy-bandwidth apps during peak usage times.

In the very beginning of Gx/Gy specification (Release 6) it was meant to allow a simple solution, i.e. by letting the OCS to control some PCC stuff, i.e. including QoS bearer modification (e.g. fair usage policy use case). No extra Gx/PCRF etc. were needed in that case. This option as standards solution was immediately ceased in further 3GPP releases as PCC got more complex (Gx, PCRF functions, LTE concepts, etc.). However when credit authorization(Gy) and charging rule provision(Gx) are required simultaneously, then it will use Gx over Gy application such that it will avoid signalling load on Network. If we do not use this mechanism then we have to send Gx and Gy message separately. DPI and PCRF helps to ensure security & revenue leakage. Attackers are usually looking for ways to obtain free mobile data services. Without a doubt these worms do exist and always find loopholes in the charging policy.

It make good sense when the same endpoint for both PCRF and OCS functionality in same box to use Gx over Gy that reduces signalling load over network. OFCS and OCS are now more up-to date with interfaces that are being used to exchange signaling data. Gx interface which is responsible for ofcs and its reference point is for provisioning and removal of policy and charging control rules from the PCRF to the PCEF and the transmission of traffic plane events from the PCEF to the PCRF. The Gx reference point can also be used for charging-control, policy-control or both by applying AVPs relevant to the application. In most cases PCEF is based inside PDNGW (Packed Data Network Gateway). Gy interface allows online credit control for service data flow based charging. HSS is combination of HLR and AuC in 2G/3G network, used to keep & update subscribers’ information and authentication. SPR is used to keep subscribers’ profiles/policies – for PCRF via Sp interface. Both SPR and HSS are databases keeping the subscribers’ information but both playing different roles in 3GPP LTE architecture. HSS basically plays its main function of authenticate the LTE subscribers with IMSI as primary key for SAE-HSS and IMPU ( IMS Public ID ) + IMPI ( IMS Private ID ) for IMS VoLTE authentication. SPR is the repository keeping the subscribers policies & profiles for QoS management. Both HSS and SPR are the front end element whereas the back end element i.e. UDR is the databases keeping all information. Some vendors do provides both in a single box.

Operators allow free data service for certain data flow, but usually forget or do-not enforce that the transmitted packets indeed belong to the designated free flow. Even worse, no effective mechanism is implemented to limit the traffic volume going through this free ride. Consequently, these loopholes can be exploited to enable any form of mobile data services for free. The 3G standards offer the operators flexibility to define their own charging policies. Unfortunately, in some of MNO cases their policies and implementations may contain serious flaws. The PCRF, PCEF and the Charging Functions in the IMS and EPC core networks drive policy and charging rules.  These elements provide MNO’s with the ability to differentiate services while maximizing revenue. To validate policy, simulation of PCRF and PCEF, the application functions (AF) and the Charging Functions is required. By simulating these elements with the appropriate tools, testing of network elements for rules implementation, error handling, and the ability to perform under stress conditions can be observed well.

Conclusion:  PCRF – DPI Compatibility Matrix and PCRF supporting Mobile data; in a big way supports the need of time as the Internet is going wireless and mobile. Two driving forces for this trend have been the explosive growth of smartphones and the rapid deployment of 3G/4G infrastructure. Unlike the wired Internet, cellular networks have implemented usage-based charging, rather than the simpler flat charging. The 3G/4G standards stipulate the accounting architecture; yet provide freedom for the MNO to define their own charging policy. In this work, if we conduct experiments on operational 3G networks to study the security implication of such an architecture and practice. Investing in the validation of policy and charging elements ensures that equipment vendors software applications perform in accordance with mno’s desired and installed policies. Testing also ensures that network elements are engineered for peaks in capacity, so mno’s need to have correct and required tools that can drive the expected maximum loads of traffic and ensure zero revenue leakage.

We can surely discover loopholes and simple attacks, which can be validated by experiments over operational networks. Enables real-time management of network resources in-sync with subscribers and applications. Comply with 3GPP policy and charging rules function and other industry standards. Provides real-time, in-session policy decisions. Open towards any PCEF. The PCRF and PCEF are key to service integrity for our customers. We must be sure of our policy and charging rules before we launch new services. PCRF is an important part of IMS architectures, although it is not exclusive to the 3GPP-based network in which it was certified. It works across wireless networks and can come pre-integrated in a standard IT servers. Ultimately, the testing and monitoring of policy and charging functions guarantee services can be delivered appropriately, which leads to customer satisfaction and a guaranteed revenue stream.