FORM 2
THE PATENTS ACT, 1970 (39 of 1970) THE PATENTS RULES, 2003
COMPLETE SPECIFICATION
MESSAGES
APPLICANT
380006, Gujarat, India; Nationality : India
The following specification particularly describes
the invention and the manner in which
it is to be performed

RESERVATION OF RIGHTS
[0001] A portion of the disclosure of this patent document contains
material, which is subject to intellectual property rights such as, but are not limited to, copyright, design, trademark, Integrated Circuit (IC) layout design, and/or trade dress protection, belonging to Jio Platforms Limited (JPL) or its affiliates (hereinafter referred as owner). The owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure, as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all rights whatsoever. All rights to such intellectual property are fully reserved by the owner.
FIELD OF DISCLOSURE
[0002] The embodiments of the present disclosure generally relate to
communication networks. In particular, the present disclosure relates to a system and a method for handling Authentication-Authorization messages in a network.
BACKGROUND OF DISCLOSURE
[0003] The following description of related art is intended to provide
background information pertaining to the field of the disclosure. This section may include certain aspects of the art that may be related to various features of the present disclosure. However, it should be appreciated that this section be used only to enhance the understanding of the reader with respect to the present disclosure, and not as admissions of prior art.
[0004] Network entities of a network may interact with each other using
Authentication authorization Requests (AARs). The AARs may be used to initiate
an authentication and authorization process for creating communication sessions
between the network and user equipment (UE) requesting services therefrom.
[0005] For instance, to create such a session, an Application Function
(AF) may open an Rx Diameter session with a Policy and Charging Rules Function (PCRF) or a Policy Control Function (PCF) for transmitting AARs. If an

Rx Diameter session already exists for the AF session, the AF uses the existing Rx Diameter session. The AF then provides Internet Protocol (IP) address of the UE using either Framed-IP-Address Attribute Value Pairs (AVPs) or Framed-Ipv6-Prefix AVP, and the corresponding Service Information within Media-Component-Description AVPs. The AF may also indicate to the PCRF as part of the Media-Component-Description whether the media IP flow(s) should be enabled or disabled by providing a Flow-Status AVP. Flow-Status AVP values can take any one value from ‘ENABLED-UPLINK’, ‘ENABLED-DOWNLINK’, ‘ENABLED’, ‘DISABLED’, or ‘REMOVED’.
[0006] PCRF or PCF may receive an AAR messages (Rx-Request-Type
attribute-value pair (AVP) = INITIAL_REQUEST) from the AF, or a proxy Call State Call Function (P-CSCF) for example, with Flow-Status AVP value being ‘REMOVED’, or receives an AAR message (Rx-Request-Type AVP = UPDATE_REQUEST) from a P-CSCF/AF with Flow-Status AVP as ‘REMOVED’, the PCRF or PCF determines if a corresponding policy or charging rules are provisioned or installed at a Policy and Charging Enforcement Function (PCEF) via Gx interface, and there are no dynamic Policy and Charging Control (PCC) rules provisioned or installed to the PCEF via the Gx interface, the PCRF/PCF can respond with a successful AAA (Authentication, Authorization, and Accounting) Diameter message to the AF/P-CSCF. This implies that the PCRF/PCF acknowledges the request and can create or maintain the Rx session, even if unnecessary application resources are occupied. Resultantly, PCF and AF may also maintain inconsistent states of the sessions. Further, the PCF does not have protocols to resolve the inconsistency in states. Other network entities may also begin malfunctioning while providing services to UEs due to inconsistency in states, leading to inefficiencies in the network.
[0007] There is, therefore, a need in the art to provide a method and a
system that can overcome the shortcomings of the existing prior arts.
OBJECTS OF THE PRESENT DISCLOSURE

[0008] Some of the objects of the present disclosure, which at least one
embodiment herein satisfies are as listed herein below.
[0009] An object of the present disclosure is to provide a system and a
method for handling Authentication-Authorization (AA) messages.
[0010] Another object of the present disclosure is to provide a system and
a method that conditionally creates Rx sessions.
[0011] Another object of the present disclosure is to provide a system and
a method that removes existing sessions having no dynamic Policy Charging
Control rules available in a Gx/N7 interface.
[0012] Another object of the present disclosure is to provide a system and
a method that sends an error code to network entities one removing sessions.
[0013] Another object of the present disclosure is to provide a system, and
a method to improve the efficiency of the network.
SUMMARY
[0014] In an exemplary embodiment, a system for handling authentication-
authorization request (AAR) diameter messages over an interface in a network is
described. The system comprises a first network entity and a second network
entity. The first network entity comprises a receiving unit configured to receive a
request from a transmitting unit of the second network entity. A processing unit is
configured to extract a number of information from the received request. The
number of information includes at least one or more of attribute-value pairs
(AVPs) of a request type and a flow-status. The processing unit is configured to
determine a type of the request type AVP and a type of the flow status AVP of the
received request and compare the determined the request type AVP and the
determined flow status AVP with a predetermined set of prohibited types
corresponding to each determined AVP. Based on the comparison, a transmitting
unit is configured to send an error message to the second network entity.
[0015] In some embodiments, the request is an authentication
authorization request (AAR). The error message is a diameter error code.

[0016] In some embodiments, on detecting the determined the request type
AVP and the determined flow status AV P match with one of prohibited type in the
predetermined set, the processing unit is configured to decline the received
request. On detecting the determined the request type AVP and the determined
flow status AVP do not match with one of prohibited type in the predetermined
set, the processing unit is configured to accept the received request.
[0017] In some embodiments, the request type is an initial request or an
update request.
[0018] In some embodiments, the flow-status is an enabled-uplink status,
an enabled-downlink status, an enabled status, a disabled status, or a removed status.
[0019] In some embodiments, the predetermined set of prohibited types
includes the initial request and the update request corresponding to the request
type AVP and the removed status corresponding to the flow status AVP.
[0020] In some embodiments, the first network entity is a Policy and
Charging Rules Function (PCRF), or a Policy Control Function (PCF) and the second network entity is a proxy Call State Call Function (P-CSCF) or an Application Function (AF).
[0021] In another exemplary embodiment, a method of handling
authentication-authorization request diameter messages over an interface in a network is described. The method comprises receiving, by a first network entity, a request from a second network entity and extracting, by the first network entity, a number of information from the received request. The number of information includes at least one or more of attribute-value pairs (AVPs) of a request type and a flow-status. The method further comprises determining, by the first network entity, a type of the request-type AVP and a type of the flow-status AVP of the received request and comparing, by the first network entity, the determined type of the request type AVP and the determined type of flow-status AVP with a predetermined set of prohibited types corresponding to each determined AVP. The method comprises sending, by the first network entity, an error message to the second network entity, based on the comparison.

[0022] In some embodiments, the request is an authentication
authorization request (AAR). The error message is a diameter error code.
[0023] In some embodiments, on detecting the determined the request type
AVP and the determined flow status AV P match with one of prohibited type in the predetermined set, the first network entity is configured to decline the received request, wherein on detecting the determined the request type AVP and the determined flow status AV P do not match with one of prohibited type in the predetermined set, the first network entity is configured to accept the received request.
[0024] In some embodiments, the request-type AV P is an initial request or
an update request.
[0025] In some embodiments, the flow-status AVP is an enabled-uplink
status, an enabled-downlink status, an enabled status, a disabled status, or a removed status.
[0026] In some embodiments, the predetermined set of prohibited types
includes the initial request and the update request corresponding to the request-
type AVP and the removed status corresponding to the flow-status AVP.
[0027] In some embodiments, the first network entity is a Policy and
Charging Rules Function (PCRF), or a Policy Control Function (PCF) and the second network entity is a proxy Call State Call Function (P-CSCF) or an Application Function (AF).
[0028] In some embodiments, a user equipment is communicatively
coupled with a system. The coupling comprises steps of receiving, by the system, a connection request and sending, by the system, an acknowledgment of the connection request to the UE. The coupling further comprises transmitting a plurality of signals in response to the connection request. The system is configured for handling authentication-authorization request (AAR) diameter messages in a network.
BRIEF DESCRIPTION OF DRAWINGS

[0029] The accompanying drawings, which are incorporated herein, and
constitute a part of this disclosure, illustrate exemplary embodiments of the
disclosed methods and systems in which like reference numerals refer to the same
parts throughout the different drawings. Components in the drawings are not
necessarily to scale, emphasis instead being placed upon clearly illustrating the
principles of the present disclosure. Some drawings may indicate the components
using block diagrams and may not represent the internal circuitry of each
component. It will be appreciated by those skilled in the art that disclosure of such
drawings includes the disclosure of electrical components, electronic components
or circuitry commonly used to implement such components.
[0030] FIG. 1 illustrates an exemplary network architecture for
implementing a system for handling authentication-authorization request (AAR)
diameter messages in a network, in accordance with embodiments of the present
disclosure.
[0031] FIG. 2A illustrates a block diagram of the system, in accordance
with embodiments of the present disclosure.
[0032] FIG. 2B illustrates block diagrams of a network entity 1 and a
network entity 2, in accordance with embodiments of the present disclosure.
[0033] FIG. 3A illustrates an exemplary flow diagram/method for
handling Authentication-Authorization Request (AAR) diameter messages over a
Rx interface in the network, in accordance with embodiments of the present
disclosure.
[0034] FIG. 3B illustrates an exemplary flow diagram/method for handling
AAR diameter messages over the Rx interface in the network, in accordance with
embodiments of the present disclosure.
[0035] FIG. 4 illustrates an exemplary representation of a policy control
function (PCF) and a policy and charging rules function (PCRF) for handling
AAR diameter messages over the interface in the network, in accordance with an
embodiment of the disclosure.

[0036] FIG. 5 illustrates an exemplary computer system in which or with
which the system may be implemented, in accordance with an embodiment of the present disclosure.
[0037] The foregoing shall be more apparent from the following more
detailed description of the disclosure.
LIST OF REFERENCE NUMERALS
100 – Network Architecture
102-1, 102-2…102-N – User
104-1, 104-2…104-N – User Equipments
106 – Network
108 – System
110-1 – Network Entity 1/First Network Entity
110-2 – Network Entity 2/Second Network Entity
112 – Base Stations
114 – Memory
116 – Processing Unit
202 – One or more processor(s)
204 – Memory
206 – A Plurality of Interfaces
208 – Processing Engine
210 – Database

212 – Processing Unit
214 – Receiving Unit
216 – Transmitting unit
218 – Database
222 – Processing Unit
224 – Transmitting Unit
226 – Receiving Unit
228 - Database
300A – Flow Diagram
302 – Step
304 – Step
306 - Step
300B - Flow Diagram
312 – Step
314 – Step
316 – Step
318 – Step
320 - Step
402 – Deep Packet Inspection (DPI)
404 – Session management function (SMF)

406 – Charging Function (CHF)
408 – Binding Support Function (BSF)
410 – Network Repository Function (NRF)
412 – Access and Mobility Management Function (AMF)
414 – Application Function (AF)
416 – Online Charging System (OCS)
418 – Packet Data Network Gateway (PGW)
420 – Network Management System (NMS)
422 – Subscriber Profile Repository (SPR)
424 – Policy Control Function (PCF)/ Policy and Charging Rules Function (PCRF)
500 – Computer System
510 – External Storage Device
520 – Bus
530 – Main Memory
540 – Read Only Memory
550 – Mass Storage Device
560 – Communication Port
570 – Processor
DETAILED DESCRIPTION

[0038] In the following description, for the purposes of explanation,
various specific details are set forth in order to provide a thorough understanding of embodiments of the present disclosure. It will be apparent, however, that embodiments of the present disclosure may be practiced without these specific details. Several features described hereafter can each be used independently of one another or with any combination of other features. An individual feature may not address any of the problems discussed above or might address only some of the problems discussed above. Some of the problems discussed above might not be fully addressed by any of the features described herein. Example embodiments of the present disclosure are described below, as illustrated in various drawings in which like reference numerals refer to the same parts throughout the different drawings.
[0039] The ensuing description provides exemplary embodiments only,
and is not intended to limit the scope, applicability, or configuration of the disclosure. Rather, the ensuing description of the exemplary embodiments will provide those skilled in the art with an enabling description for implementing an exemplary embodiment. It should be understood that various changes may be made in the function and arrangement of elements without departing from the spirit and scope of the disclosure as set forth.
[0040] Specific details are given in the following description to provide a
thorough understanding of the embodiments. However, it will be understood by
one of ordinary skill in the art that the embodiments may be practiced without
these specific details. For example, circuits, systems, networks, processes, and
other components may be shown as components in block diagram form in order
not to obscure the embodiments in unnecessary detail. In other instances, well-
known circuits, processes, algorithms, structures, and techniques may be shown
without unnecessary detail in order to avoid obscuring the embodiments.
[0041] Also, it is noted that individual embodiments may be described as a
process that is depicted as a flowchart, a flow diagram, a data flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in

parallel or concurrently. In addition, the order of the operations may be re-arranged. A process is terminated when its operations are completed but could have additional steps not included in a figure. A process may correspond to a method, a function, a procedure, a subroutine, a subprogram, etc. When a process corresponds to a function, its termination can correspond to a return of the function to the calling function or the main function.
[0042] The word “exemplary” and/or “demonstrative” is used herein to
mean serving as an example, instance, or illustration. For the avoidance of doubt, the subject matter disclosed herein is not limited by such examples. In addition, any aspect or design described herein as “exemplary” and/or “demonstrative” is not necessarily to be construed as preferred or advantageous over other aspects or designs, nor is it meant to preclude equivalent exemplary structures and techniques known to those of ordinary skill in the art. Furthermore, to the extent that the terms “includes,” “has,” “contains,” and other similar words are used in either the detailed description or the claims, such terms are intended to be inclusive like the term “comprising” as an open transition word without precluding any additional or other elements.
[0043] Reference throughout this specification to “one embodiment” or
“an embodiment” or “an instance” or “one instance” means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present disclosure. Thus, the appearances of the phrases “in one embodiment” or “in an embodiment” in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
[0044] The terminology used herein is to describe particular embodiments
only and is not intended to be limiting the disclosure. As used herein, the singular forms “a”, “an”, and “the” are intended to include the plural forms as well, unless the context indicates otherwise. It will be further understood that the terms “comprises” and/or “comprising,” when used in this specification, specify the

presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. As used herein, the term “and/or” includes any combinations of one or more of 5 the associated listed items. It should be noted that the terms “mobile device”, “user equipment”, “user device”, “communication device”, “device” and similar terms are used interchangeably for the purpose of describing the invention. These terms are not intended to limit the scope of the invention or imply any specific functionality or limitations on the described embodiments. The use of these terms
10 is solely for convenience and clarity of description. The invention is not limited to
any particular type of device or equipment, and it should be understood that other
equivalent terms or variations thereof may be used interchangeably without
departing from the scope of the invention as defined herein.
[0045] As used herein, an “electronic device”, or “portable electronic
15 device”, or “user device” or “communication device” or “user equipment” or “device” refers to any electrical, electronic, electromechanical, and computing device. The user device is capable of receiving and/or transmitting one or parameters, performing function/s, communicating with other user devices, and transmitting data to the other user devices. The user equipment may have a
20 processor, a display, a memory, a battery, and an input-means such as a hard keypad and/or a soft keypad. The user equipment may be capable of operating on any radio access technology including but not limited to IP-enabled communication, Zig Bee, Bluetooth, Bluetooth Low Energy, Near Field Communication, Z-Wave, Wi-Fi, Wi-Fi direct, etc. For instance, the user
25 equipment may include, but not limited to, a mobile phone, smartphone, virtual reality (VR) devices, augmented reality (AR) devices, laptop, a general-purpose computer, desktop, personal digital assistant, tablet computer, mainframe computer, or any other device as may be obvious to a person skilled in the art for implementation of the features of the present disclosure.
30 [0046] Further, the user device may also comprise a “processor” or
“processing unit” includes processing unit, wherein processor refers to any logic
13

circuitry for processing instructions. The processor may be a general-purpose processor, a special purpose processor, a conventional processor, a digital signal processor, a plurality of microprocessors, one or more microprocessors in association with a DSP core, a controller, a microcontroller, Application Specific 5 Integrated Circuits, Field Programmable Gate Array circuits, any other type of integrated circuits, etc. The processor may perform signal coding data processing, input/output processing, and/or any other functionality that enables the working of the system according to the present disclosure. More specifically, the processor is a hardware processor.
10 [0047] As portable electronic devices and wireless technologies continue
to improve and grow in popularity, the advancing wireless technologies for data transfer are also expected to evolve and replace the older generations of technologies. In the field of wireless data communications, the dynamic advancement of various generations of cellular technology are also seen. The
15 development, in this respect, has been incremental in the order of second
generation (2G), third generation (3G), fourth generation (4G), and now fifth
generation (5G), and more such generations are expected to continue in the
forthcoming time.
[0048] Radio Access Technology (RAT) refers to the technology used by
20 mobile devices/ user equipment (UE) to connect to a cellular network. It refers to the specific protocol and standards that govern the way devices communicate with base stations, which are responsible for providing the wireless connection. Further, each RAT has its own set of protocols and standards for communication, which define the frequency bands, modulation techniques, and other parameters
25 used for transmitting and receiving data. Examples of RATs include GSM (Global System for Mobile Communications), CDMA (Code Division Multiple Access), UMTS (Universal Mobile Telecommunications System), LTE (Long-Term Evolution), and 5G. The choice of RAT depends on a variety of factors, including the network infrastructure, the available spectrum, and the mobile
30 device's/device's capabilities. Mobile devices often support multiple RATs,
14

allowing them to connect to different types of networks and provide optimal performance based on the available network resources.
[0049] While considerable emphasis has been placed herein on the
components and component parts of the preferred embodiments, it will be 5 appreciated that many embodiments can be made and that many changes can be made in the preferred embodiments without departing from the principles of the disclosure. These and other changes in the preferred embodiment as well as other embodiments of the disclosure will be apparent to those skilled in the art from the disclosure herein, whereby it is to be distinctly understood that the foregoing
10 descriptive matter is to be interpreted merely as illustrative of the disclosure and not as a limitation.
[0050] The present disclosure relates to a system and a method for
handling Authentication-Authorization Request (AAR) diameter messages over an interface (e.g., Rx interface). In an aspect, the Rx interface is used to exchange
15 flow-based charging control information between the Policy and Charging Rules Function (PCRF) and the Application Function (AF). The system receives Authentication authorization Request (AAR) diameter messages having a set of Attribute-Value Pairs (AVPs) from a network entity of a network. The system compares values of a request type attribute and a flow-status attribute from the set
20 of AVPs with a predetermined set of prohibited types. The set of prohibited types may be a set of a combination values of one or more attribute in the set of AVPs that are categorized as prohibited. The system transmits an authentication authorization answer with an error code message when the flow-status attribute and the request type attribute correspond to one or more of the set of prohibited
25 types.
[0051] The various embodiments throughout the disclosure will be
explained in more detail with reference to FIG. 1- FIG. 5.
[0052] FIG. 1 illustrates an exemplary network architecture (100) for
implementing a system (108) for handling authentication-authorization request
30 (AAR) diameter messages in a network (106), in accordance with embodiments of the present disclosure.
15

[0053] Referring to FIG. 1, the network architecture (100) includes one or
more computing devices or user equipments (104-1, 104-2…104-N) associated with one or more users (102-1, 102-2…102-N) in an environment. A person of ordinary skill in the art will understand that one or more users (102-1, 102-5 2…102-N) may be individually referred to as the user (102) and collectively referred to as the users (102). Similarly, a person of ordinary skill in the art will understand that one or more user equipments (104-1, 104-2…104-N) may be individually referred to as the user equipment (104) and collectively referred to as the user equipment (104). A person of ordinary skill in the art will appreciate that
10 the terms “computing device(s)” and “user equipment” may be used interchangeably throughout the disclosure. Although two user equipments (104) are depicted in FIG. 1, however any number of the user equipments (104) may be included without departing from the scope of the ongoing description. In an embodiment, each of the user equipment (104) may have a first unique identifier
15 attribute associated therewith. In an embodiment, the first unique identifier attribute may be indicative of Mobile Station International Subscriber Directory Number (MSISDN), International Mobile Equipment Identity (IMEI) number, International Mobile Subscriber Identity (IMSI), Subscriber Permanent Identifier (SUPI) and the like.
20 [0054] In an embodiment, the user equipment (104) may include, but is
not limited to, a handheld wireless communication device (e.g., a mobile phone, a smart phone, a phablet device, and so on), a wearable computer device(e.g., a head-mounted display computer device, a head-mounted camera device, a wristwatch computer device, and so on), a Global Positioning System (GPS)
25 device, a laptop computer, a tablet computer, or another type of portable computer, a media playing device, a portable gaming system, and/or any other type of computer device with wireless communication capabilities, and the like. In an embodiment, the user equipment (104) may include, but is not limited to, any electrical, electronic, electro-mechanical, or an equipment, or a combination of
30 one or more of the above devices such as virtual reality (VR) devices, augmented reality (AR) devices, laptop, a general-purpose computer, desktop, personal
16

digital assistant, tablet computer, mainframe computer, or any other computing
device, wherein the user equipment (104) may include one or more in-built or
externally coupled accessories including, but not limited to, a visual aid device
such as a camera, an audio aid, a microphone, a keyboard, and input devices for
5 receiving input from the user (102) or the entity such as touchpad, touch enabled
screen, electronic pen, and the like. A person of ordinary skill in the art will
appreciate that the user equipment (104) may not be restricted to the mentioned
devices and various other devices may be used.
[0055] Referring to FIG. 1, the user equipment (104) is configured to
10 communicate with the system (108) via the network (106). In an embodiment, the network (106) may include at least one of a Fifth Generation (4G) network, 6G network, or the like. The network (106) may enable the user equipment (104) to communicate with other devices in the network architecture (100) and/or with the system (108). The network (106) may include a wireless card or some other
15 transceiver connection to facilitate this communication. In another embodiment, the network (106) may be implemented as, or include any of a variety of different communication technologies such as a wide area network (WAN), a local area network (LAN), a wireless network, a mobile network, a Virtual Private Network (VPN), the Internet, the Public Switched Telephone Network (PSTN), or the like.
20 In an embodiment, the network (106) includes one or more base stations (112) for
facilitating communication between the one or more UEs (104). The network
(106) may be formed by a set of base stations (112) communicatively coupled to
enable telecommunication exchanges between one or more UEs (104).
[0056] The base station (112) is a network infrastructure that provides
25 wireless access to one or more terminals associated therewith. The base station (112) may have coverage defined to be a predetermined geographic area based on the distance over which a signal may be transmitted. The base station (112) may include, but not be limited to, wireless access point, evolved NodeB (eNodeB), 5G node or next generation NodeB (gNB), wireless point, transmission and
30 reception point (TRP), and the like. In an embodiment, the base station (112) may include one or more operational units that enable telecommunication between two
17

or more UEs (104). In an embodiment, the one or more operational units may
include, but not be limited to, transceivers, baseband unit (BBU), remote radio
unit (RRU), antennae, mobile switching centres, radio network control units, one
or more processors associated thereto.
5 [0057] In an embodiment, the network (106) may include one or more
network entities (110) depicted by a network entity 1 (110-1) and a network entity 2 (110-2) in FIG. 1. The network entity 1 (110-1) may refer as a first network entity and the network entity 2 (110-2) may refer as a second network entity. A person of ordinary skill in the art will appreciate that the terms “Network entity 1”
10 and “First network entity” may be used interchangeably throughout the disclosure. Similarly, the terms “Network entity 2” and “Second network entity” may be used interchangeably throughout the disclosure.
[0058] In an embodiment, the network entities (110) may include, but not
limited to, proxy-Call State Call Function (p-CSCF), Serving Gateway (SGW),
15 Packet Data Network (PDN) Gateway (PGW), Mobility Management Entity (MME), and the like. In an embodiment, the network (106) may further include a user plane, and a control plane having network entities (110) such as Application Function (AF), Access and Mobility Management Function (AMF) unit, Session Management Function (SMF) unit, and Network Exposure Function (NEF) units,
20 but not limited thereto. In an embodiment, the network entities (110) forming the network (106) may be implemented as a hardware component, software component, or any combination thereof.
[0059] In an embodiment, the user equipment (104) is communicatively
coupled with the system (108). The system (108) may receive a connection
25 request from the UE (104). The system (108) may send an acknowledgment of the connection request to the UE (104). The UE (104) may transmit a plurality of signals in response to the connection request. The system (108) may be configured for handling authentication-authorization request (AAR) diameter messages in the network (106).
30 [0060] In accordance with embodiments of the present disclosure, the
system (108) is designed and configured for handling authentication-authorization
18

request (AAR) diameter messages. In an embodiment, the system (108) is configured to optimize the number of sessions maintained to fulfil requests for service from the UEs (104).
[0061] In an embodiment, the system includes the first network entity
5 (110-1) and the second network entity (110-2). The first network entity (110-1) is a Policy and Charging Rules Function (PCRF) or a Policy Control Function (PCF). The second network entity (110-2) is a proxy Call State Call Function (P-CSCF) or an Application Function (AF). The first network entity (110-1) is configured to receive a request (e.g., authentication authorization request (AAR)
10 diameter message) from the second network entity (110-2) of the network (106). In an example, the first network entity communicates with the second network entity via a Gx interface and vice versa.
[0062] In an aspect, the Gx interface is located between the Policy and
Charging Enforcement Function (PCEF) and the Policy and Charging Rules
15 Function (PCRF) The Gx interface is used for provisioning and removal of PCC
rules from the PCRF to the PCEF and the transmission of traffic plane events
from the PCEF to the PCRF. The Gx interface can be used for charging control,
policy control, or both by applying AVPs relevant to the application.
[0063] In an example, the first network entity is a Policy and Charging
20 Rules Function (PCRF) or a Policy Control Function (PCF). In an example, the second network entity is a proxy Call State Call Function (P-CSCF) or an Application Function (AF). The system (108) includes a memory (114) and a processing unit (116). The memory (114) is configured to store a set of processing rules and the received AAR diameter message. The processing unit (116) is
25 configured to extract a number of information from the received AAR diameter message. The number of information includes at least one or more attribute-value pairs (AVPs) of a request-type and a flow-status. In an example, the AVPs of the request-type is an initial request or an update request (i.e., attribute = request, value = initial or update). The AVPs of the flow-status is an enabled-uplink status,
30 an enabled-downlink status, an enabled status, a disabled status, or a removed
19

status (i.e., attribute = flow status, value = enabled-uplink, enabled-downlink, enabled, disabled, removed).
[0064] In an embodiment, the authentication authorization request (AAR)
is a Diameter message. The AAR consists of headers and list of AVPs. The AAR 5 is analysed to extract values from AVPs.
[0065] The processing unit (116) is configured to determine type of the
request-type AVP and the flow-status AVP of the received request. The extracted information of the request is analysed to determine type of request-type AVP and the flow-status AVP of the received request.
10 [0066] The processing unit (116) is configured to compare the determined
type of the request-type AVP and the determined type of flow-status AVP with a predetermined set of prohibited types corresponding to each determined AVP. In an example, the predetermined set of prohibited types includes the initial request and the update request corresponding to the request-type AVP and the removed
15 status corresponding to the flow-status AVP.
[0067] The processing unit (116) is configured to send an error message to
the second network entity based on the comparison. In an example, the error message is a diameter error code 5061. In an embodiment, on detecting the determined the request type AVP and the determined flow status AVP match with
20 one of prohibited type in the predetermined set, the system (108) is configured to decline the received request. On detecting the determined the request type AVP and the determined flow status AVP do not match with one of prohibited type in the predetermined set, the system (108) is configured to accept the received request.
25 [0068] In an embodiment, the system (108) does not create a Rx session
when the request type is the initial request. The system (108) closes the Rx session when the request type is the update request.
[0069] In an embodiment, the system (108) may be embedded with a
network entity (110) indicative of Policy and Charging Rules Function (PCRF) or
30 Policy Control Function (PCF), or a combination thereof. In an embodiment, the PCRF, having the system, is configured to conditionally handle AA messages for
20

maintaining network sessions. FIG. 2A illustrates a block diagram (200A) of the
system (108), in accordance with embodiments of the present disclosure.
[0070] In an aspect, the system (108) includes one or more processor(s)
(202). The one or more processor(s) (202) may be implemented as one or more 5 microprocessors, microcomputers, microcontrollers, edge or fog microcontrollers, digital signal processors, central processing units, logic circuitries, and/or any devices that process data based on operational instructions. Among other capabilities, the one or more processor(s) (202) may be configured to fetch and execute computer-readable instructions stored in a memory (204) of the system
10 (108). The memory (204) is configured to store one or more computer-readable instructions or routines in a non-transitory computer readable storage medium, which are fetched and executed to create or share data packets over a network service. The memory (204) may include any non-transitory storage device including, for example, volatile memory such as Random Access Memory
15 (RAM), or non-volatile memory such as Erasable Programmable Read-Only Memory (EPROM), flash memory, and the like.
[0071] Referring to FIG. 2A, the system (108) may include an interface(s)
(206). The interface(s) (206) may include a variety of interfaces, for example, interfaces for data input and output devices, referred to as I/O devices, storage
20 devices, and the like. The interface(s) (206) may facilitate communication to/from the system (108). The interface(s) (206) may also provide a communication pathway for one or more components of the system (108). Examples of such components include, but are not limited to, processing unit/engine(s) (208) and a database (210).
25 [0072] In an embodiment, the processing unit/engine(s) (208) are
implemented as a combination of hardware and programming (for example, programmable instructions) to implement one or more functionalities of the processing engine(s) (208). In examples described herein, such combinations of hardware and programming may be implemented in several different ways. For
30 example, the programming for the processing engine(s) (208) may be processor-executable instructions stored on a non-transitory machine-readable storage
21

medium and the hardware for the processing engine(s) (208) may include a processing resource (for example, one or more processors), to execute such instructions. In the present examples, the machine-readable storage medium may store instructions that, when executed by the processing resource, implement the 5 processing engine(s) (208). In such examples, the system (108) may include the machine-readable storage medium storing the instructions and the processing resource to execute the instructions, or the machine-readable storage medium may be separate but accessible to the system (108) and the processing resource. In other examples, the processing engine(s) (208) may be implemented by electronic
10 circuitry.
[0073] In an embodiment, the database (210) may include data that may be
either stored or generated as a result of functionalities implemented by any of the components of the processor (202) or the processing engines (208). In an embodiment, the database (210) may be separate from the system (108). In an
15 embodiment, the database (210) may be indicative of including, but not limited to,
a relational database, a distributed database, a cloud-based database, or the like.
[0074] In an exemplary embodiment, the processing engine (208) may
include one or more engines having functions that may include, but are not limited to, testing, storage, and peripheral functions, such as wireless communication unit
20 for remote operation, audio unit for alerts and the like.
[0075] In an embodiment, the processing engine (208) is configured to
receive a request (e.g., AAR) having a set of AVPs from the network entities (110) of the network (106). In an aspect, the received request is the Authentication Authorization Request (AAR). The AAR is a specific type of message used in
25 network authentication and authorization procedures. The AAR is associated with
the Diameter protocol. Diameter is a protocol used in telecommunications and
networking for secure and reliable communication between network elements.
[0076] In an embodiment, the set of AVPs includes, but not be limited to,
a flow-status attribute, a request type attribute, and the like. In an embodiment, the
30 flow-status attribute may take values including, but not limited to, ‘ENABLED-UPLINK’, ‘ENABLED-DOWNLINK’, ‘ENABLED’, ‘DISABLED’, or
22

‘REMOVED’. In an embodiment, the request type attribute takes values including, but not be limited to, ‘INITIAL_REQUEST’, ‘UPDATE_REQUEST’, ‘RE_AUTH_REQUEST’, and the like.
[0077] In an embodiment, the processing engine (208) is configured to
5 compare types/values of a request type attribute and a flow-status attribute from the set of AVPs with a predetermined set of prohibited types. The set of prohibited types/values is a set of a combination values of one or more attribute in the set of AVPs that are categorized as prohibited. In an example, the set of prohibited types may include request type attribute being ‘INITIAL_REQUEST’
10 or ‘UPDATE_REQUEST’ and flow-status attribute being ‘REMOVED’, or any combinations thereof. In such examples, the any combination of such attributes is configured to categorized as prohibited. In an embodiment, the processing engine (208) is configured to determine if the set of AVPs correspond to any of the set of prohibited types. In an embodiment, the processing engine (208) is configured to
15 also identify any sessions maintained by the system (108) that may be associated with the set of AVPs. In such embodiments, the processing engine (208) is configured to remove the identified sessions.
[0078] In an embodiment, the processing engine (208) is configured to
also compare the set of AVPs with a set of acceptable values. The set of
20 acceptable values is mutually exclusive with the set of prohibited types. In an
embodiment, the processing engine (208) is configured to create a session to
facilitate communication between the network entity (110) and the system (108).
[0079] In an embodiment, the processing engine (208) is configured to
transmit an Authentication, Authorization, and Accounting (AAA) with an error
25 code message when the flow-status attribute and the request type attribute correspond to one or more of the set of prohibited types. In an embodiment, the error code message may be indicative of ‘5061’ error. In an embodiment, AAA refers to Authentication (to prove identity), Authorization (to give permission) and Accounting (to log an audit trail). The AAA is a framework used to control
30 and track access within the network.
23

[0080] It may be appreciated by those skilled in the art that values for the
set of AVPs in aforementioned disclosure are provided for exemplary or
illustrative purposes and may be suitably adapted without delineating from the
scope of the disclosure.
5 [0081] FIG. 2B illustrates block diagrams (200B) of the network entity 1
(i.e., PCF/PCRF) (110-1) and the network entity 2 (i.e., P-CSCF/AF) (110-2), in accordance with embodiments of the present disclosure.
[0082] As shown in FIG. 2B, the PCF/PCRF (110-1) comprises a
processing unit (212), a receiving unit (214), a transmitting unit (216) and a
10 database (218).
[0083] The receiving unit (214) is configured to receive an authentication
authorization request (AAR) from the network entity 2 (110-2) (e.g., P-
CSCF/AF).
[0084] The database (218) is configured to store the received AAR.
15 [0085] The processing unit (212) is configured to extract a number of
information from the received AAR. The number of information includes at least one or more attribute-value pair (AVP) of a request-type and a flow-status. In an example, the AVPs of the request-type is an initial request or an update request (i.e., attribute = request, value = initial or update). The AVPs of the flow-status is
20 an enabled-uplink status, an enabled-downlink status, an enabled status, a disabled status, or a removed status (i.e., attribute = flow status, value = enabled-uplink, enabled-downlink, enabled, disabled, removed).
[0086] The processing unit (212) is configured to determine a type of the
request-type AVP and a type of the flow-status AVP. The extracted information
25 from the AAR is analyzed. The type of the request-type AVP and the type of the flow-status AVP is determined.
[0087] The processing unit (212) is configured to compare the determined
type of the request-type AVP and the determined type of flow-status AVP with a predetermined set of prohibited types corresponding to each determined AVP.
30 The predetermined set of prohibited types includes the initial request and the
24

update request corresponding to the request-type AVP and the removed status corresponding to the flow-status AVP.
[0088] Based on the comparison, if the determined type of the request-type
AVP and the determined type of flow-status AVP is matched with one of the
5 prohibited type of the predetermined set, the transmitting unit (216) is configured
to send an error message to the second network entity (e.g., P-CSCF/AF) (110-2).
[0089] In an aspect, the error message may be a diameter error code 5061.
The diameter error code 5061 is used to indicate that invalid service information was received from the P-CSCF/AF. The diameter error code 5061 describes that
10 the PCRF rejects new or modified service information when the service information provided by the AF is invalid /insufficient for the server to perform the requested action.
[0090] In an embodiment, on detecting the determined the request type
AVP and the determined flow status AV P match with one of prohibited type in the
15 predetermined set, the PCF/PCRF (110-1) is configured to decline the AAR. The PCF/PCRF (110-1) is configured to do not create a Rx session in case of the request type is initial request. The PCF/PCRF (110-1) closes the Rx session in case of the request type is update request. Further, on detecting the determined the request type AVP and the determined flow status AVP do not match with one of
20 prohibited type in the predetermined set, the PCF/PCRF (110-1) is configured to accept the received AAR.
[0091] As shown in FIG. 2B, the network entity 2 (e.g., P-CSCF/AF)
(110-2) comprises a processing unit (222), a transmitting unit (224), a receiving unit (226) and a database (228).
25 [0092] The receiving unit (226) is configured to receive a request for
accessing services. In an aspect, a user or subscriber initiates a session, such as establishing a data connection, making a voice call, or accessing a service (e.g., video streaming), the P-CSCF/AF may send an AAR message to the PCF/PCRF. The AAR message requests authorization to allow the session to proceed and
30 begins accounting to track the usage of network resources during the session.
25

[0093] The transmitting unit (224) is configured to send the AAR to the
network entity 1 (110-1).
[0094] The receiving unit (226) is configured to receive response
messages from the network entity 1 (110-1). The response message may include 5 error messages or request acceptance responses.
[0095] The database (228) is configured to store the received responses.
[0096] Further, in an aspect, on receiving the response for the request, the
processing unit (222) is configured to perform corresponding actions for the request. The corresponding actions may includes serving the request or declining
10 the request.
[0097] FIG. 3A illustrates an exemplary flow diagram/method (300A) for
handling Authentication-Authorization Request (AAR) diameter messages over an interface (e.g., Rx interface) in the network (106), in accordance with embodiments of the present disclosure.
15 [0098] As illustrates in FIG. 3A, at step (302), the method (300A) includes
receiving, by the network entity 1 (110-1) (e.g., PCF/PCRF), an AAR having a set of AVPs from the network entity-2 (110-2) (e.g., P-CSCF/AF) of the network, such as the network entities (110) and the network (106) of FIG. 1. The method includes comparing, by the network entity 1 (110-1), types of a request type
20 attribute-value pair (AVP) and a flow-status AVP from the set of AVPs with a
predetermined set of prohibited types. The set of prohibited types is a set of a
combination values of one or more attribute in the set of AVPs that are
categorized as prohibited.
[0099] At step (304), the method (300A) includes if types of the request
25 type attribute and the flow-status attribute match with the predetermined set of prohibited types, the network entity 1 (110-1) declines the request. The network entity 1 (110-1) does not create a Rx session.
[00100] At step (306), the method (300A) includes transmitting, by the
network entity 1 (110-1), Authentication, Authorization, and Accounting (AAA)
30 messages with an error code message when the flow-status attribute and the
26

request type attribute correspond to one or more of the set of prohibited types. In
an embodiment, the error code message may be indicative of ‘5061’ error.
[00101] FIG. 3B illustrates an exemplary flow diagram/ method (300B) for
handling authentication-authorization request (AAR) diameter messages in the 5 network (106), in accordance with embodiments of the present disclosure.
[00102] At step (312), the method (300B) includes receiving, by a first
network entity, a request from a second network entity. The request is an
authentication authorization request (AAR).
[00103] At step (314), the method (300B) includes extracting, by the first
10 network entity, a number of information from the received request. The number of information includes at least one or more of attribute-value pairs (AVPs) of a request type and a flow-status. The request type is an initial request or an update request. The flow-status is an enabled-uplink status, an enabled-downlink status, an enabled status, a disabled status, or a removed status. In the AVPs of the
15 request type, the attribute is request and the value is initial or update. In the AVPs of the flow status, the attribute is flow status, and the value is enabled-uplink, enabled-downlink, enabled, disabled, and removed.
[00104] At step (316), the method (300B) includes determining, by the first
network entity, a type of the request-type AVP and a type of the flow-status AVP
20 of the received request.
[00105] At step (318), the method (300B) includes comparing, by the first
network entity, the determined type of the request type AVP and the determined type of flow-status AVP with a predetermined set of prohibited types corresponding to each determined AVP. The predetermined set of prohibited
25 types includes the initial request and the update request corresponding to the request type AVP and the removed status corresponding to the flow status AVP. For example, for the received request, the determined type of the request type AVP is an initial request, and the determined type of the flow status is a removed status. The predetermined set of prohibited types comprises the prohibited type 1
30 in which the request type - initial request, the flow status – removed and the prohibited type 2 in which the request type – update request, the flow status –
27

removed. The determined type of the request type AVP and the flow status AVP is compared with the predetermined set of prohibited types. The determined type of the request type AVP and the determined type of flow-status AVP is matched with the prohibited type 1 of the predetermined set of prohibited types. The first 5 network entity rejects the received request based on the comparison.
[00106] At step (320), the method (300B) includes based on the comparison
(i.e., if the determined type of the request type AVP and the determined type of flow-status AVP is matched with the one of prohibited type of the predetermined set), sending, by the first network entity, an error message to the second network
10 entity. Further, on detecting the determined the request type AVP and the determined flow status AVP match with one of prohibited type in the predetermined set, the first network entity is configured to decline the received request. On detecting the determined the request type AVP and the determined flow status AVP do not match with one of prohibited type in the predetermined
15 set, the first network entity (110-1) is configured to accept the received request.
[00107] FIG. 4 illustrates an exemplary representation (400) of a policy
control function (PCF) + a policy and charging rules function (PCRF) (424) for handling authentication-authorization request (AAR) diameter messages in the network (106), in accordance with an embodiment of the disclosure. FIG. 4
20 illustrates a connectivity diagram of various connections/interfaces between the PCF+PCRF (424) and other modules (functions) in a 5G network. In an embodiment, the PCF+PCRF (424) provides an additional support of the extended dual connectivity on the Gx interface, in accordance with an embodiment of the disclosure.
25 [00108] As shown in FIG. 4, the PCF and the PCRF (424) may
communicate with the plurality of network functions through a plurality of interfaces.
[00109] The plurality of network functions (NFs) comprises a deep packet
inspection (DPI) (402), a session management function (SMF) (404), a charging
30 function (CHF) (406), a binding support function (BSF) (408), a network repository function (NRF) (410), an access and mobility management function
28

(AMF) (412), an application function (AF) (414), an online charging system
(OCS) (416), a packet data network gateway (PGW) (418), a network
management system (NMS) (420), and a subscriber profile repository (SPR)
(422).
5 [00110] The AMF (412) may communicate with the PCF and the PCRF
(424) via a N15 interface. The DPI (402) may communicate with the PCF and the PCRF (424) via a Sd interface. The SMF (404) may communicate with the PCF and the PCRF (424) via a N7 interface. The CHF (406) may communicate with the PCF and the PCRF (424) via a N28 interface. The BSF (408) may
10 communicate with the PCF and the PCRF (424) via a Nbsf interface. The NRF (410) may communicate with the PCF and the PCRF (424) via a Nnrf interface. The AF (414) may communicate with the PCF and the PCRF (424) via a Rx interface. The PGW (418) may communicate with the PCF and the PCRF (424) via a Gx interface. The OCS (416) may communicate with the PCF and the PCRF
15 (424) via a Sy interface.
[00111] The deep packet inspection (DPI) (402) examines and analyses the
content of data packets as they pass through the network. The deep packet inspection (DPI) (402) enables traffic management, network security, and application optimization by inspecting and classifying data packets based on
20 content.
[00112] The session management function (SMF) (404) manages and
controls user sessions in the 5G network. The session management function (SMF) (404) facilitates the establishment, modification, and termination of user sessions, ensuring efficient and secure communication.
25 [00113] The charging function (CHF) (406) manages charging and billing
aspects for subscriber services. The charging function (CHF) (406) handles
charging and billing information related to data usage, ensuring accurate billing
for the provided services.
[00114] The binding support function (BSF) (408) supports the binding of
30 the user plane to the user's data session. The binding support function (BSF) (408)
29

assists in establishing and maintaining connections between the user plane and
user's data session, contributing to seamless data communication.
[00115] The network repository function (NRF) (410) supports the service
discovery function and maintains the NF profile and available NF instances. The 5 network repository function (NRF) (410) supports the network in discovering and selecting appropriate network functions and instances to optimize service delivery.
[00116] The access and mobility management function (AMF) (412)
manages access and mobility aspects for user devices in the 5G network. The
10 access and mobility management function (AMF) (412) handles access control,
mobility management, and connection establishment for user devices.
[00117] The application function (AF) (414) manages and optimizes
application-level functions and services. The application function (AF) (414) supports service-specific functionalities and optimizations for various applications
15 running on the 5G network.
[00118] The online charging system (OCS) (416) handles real-time
charging and credit management for subscriber services. The online charging system (OCS) (416) enables real-time monitoring and charging for data usage and services, ensuring accurate billing and credit management.
20 [00119] The packet data network gateway (PGW) (418) connects the 5G
network to external data networks. The packet data network gateway (PGW)
(418) acts as a gateway for data traffic, providing connectivity between the 5G
network and external data networks, including the internet.
[00120] The network management system (NMS) (420) manages and
25 monitors the overall performance of the 5G network. The network management
system (NMS) (420) facilitates the configuration, monitoring, and maintenance of
network elements to ensure efficient and reliable network operation.
[00121] The subscriber profile repository (SPR) (422) stores and manages
subscriber profiles and subscription-related information. The subscriber profile
30 repository (SPR) (422) provides a centralized repository for subscriber data, supporting authentication and authorization processes.
30

[00122] The PCF+ PCRF (424) enforces policies and rules related to
network resource usage, quality of service, and charging. The PCF+PCRF (424)
ensures the efficient allocation of network resources, enforces quality of service
policies, and facilitates dynamic charging based on service usage.
5 [00123] The disclosed system and method facilitate to efficiently manage
network resources by allocating and controlling the maximum data transfer rate. Further, it prevents network congestion/outages and smoothers overall network experience. In addition, a re-attach to the network is not required when the user comes out of a throttled location to experience basic data transfer rate.
10 furthermore, this ensures not to affect the other network services like audio or video calls.
[00124] FIG. 5 illustrates an exemplary computer system (500) in which or
with which embodiments of the present disclosure may be implemented. As shown in FIG. 5, the computer system (500) may include an external storage
15 device (510), a bus (520), a main memory (530), a read only memory (540), a mass storage device (550), a communication port (560), and a processor (570). A person skilled in the art will appreciate that the computer system (500) may include more than one processor (570) and communication ports (560). Processor (570) may include various modules associated with embodiments of the present
20 disclosure.
[00125] In an embodiment, the communication port (560) may be any of an
RS-232 port for use with a modem-based dialup connection, a 10/100 Ethernet port, a Gigabit or 10 Gigabit port using copper or fiber, a serial port, a parallel port, or other existing or future ports. The communication port (560) may be
25 chosen depending on a network, such a Local Area Network (LAN), Wide Area
Network (WAN), or any network to which the computer system (500) connects.
[00126] In an embodiment, the main memory (530) may be Random Access
Memory (RAM), or any other dynamic storage device commonly known in the art. Read-only memory (540) may be any static storage device(s) e.g., but not
30 limited to, a Programmable Read Only Memory (PROM) chips for storing static
31

information e.g., start-up or Basic Input/Output System (BIOS) instructions for the processor (570).
[00127] In an embodiment, the mass storage (550) may be any current or
future mass storage solution, which may be used to store information and/or 5 instructions. Exemplary mass storage solutions include, but are not limited to, Parallel Advanced Technology Attachment (PATA) or Serial Advanced Technology Attachment (SATA) hard disk drives or solid-state drives (internal or external, e.g., having Universal Serial Bus (USB) and/or Firewire interfaces), one or more optical discs, Redundant Array of Independent Disks (RAID) storage,
10 e.g., an array of disks (e.g., SATA arrays).
[00128] In an embodiment, the bus (520) communicatively couples the
processor(s) (570) with the other memory, storage, and communication blocks. The bus (520) may be, e.g., a Peripheral Component Interconnect (PCI)/PCI Extended (PCI-X) bus, Small Computer System Interface (SCSI), Universal Serial
15 Bus (USB) or the like, for connecting expansion cards, drives and other subsystems as well as other buses, such a front side bus (FSB), which connects the processor (570) to the computer system (500).
[00129] Optionally, operator and administrative interfaces, e.g., a display,
keyboard, joystick, and a cursor control device, may also be coupled to the bus
20 (520) to support direct operator interaction with the computer system (500). Other operator and administrative interfaces may be provided through network connections connected through the communication port (560). Components described above are meant only to exemplify various possibilities. In no way should the aforementioned exemplary computer system (500) limit the scope of
25 the present disclosure.
[00130] The present system is configured to handle a scenario where the
PCRF+PCF receives an AAR request (Rx-Request-Type AVP = initial request) from P-CSCF/AF with flow-status AVP as removed OR PCRF+PCF receives an AAR request (Rx-Request-Type AVP = update request) from P-CSCF/AF with
30 Flow-Status AVP as remove. In such case, the system is configured to decline to start a new Rx session. The present disclosure avoids creating unnecessary
32

application resources, thereby optimizing network resources. In 5G NSA
deployments, PCRF is crucial for IP-CAN session establishment or modification.
For network resources optimization, PCRF needs to support different AVPs.
These AVPs provide information about available or allocated bandwidth, enabling
5 PCRF to enforce policies related to QoS and charging. This ensures an optimized
user experience and efficient network resource utilization.
[00131] The method and system of the present disclosure may be
implemented in a number of ways. For example, the methods and systems of the present disclosure may be implemented by software, hardware, firmware, or any
10 combination of software, hardware, and firmware. The above-described order for the steps of the method is for illustration only, and the steps of the method of the present disclosure are not limited to the order specifically described above unless specifically stated otherwise. Further, in some embodiments, the present disclosure may also be embodied as programs recorded in a recording medium,
15 the programs including machine-readable instructions for implementing the
methods according to the present disclosure. Thus, the present disclosure also
covers a recording medium storing a program for executing the method according
to the present disclosure.
[00132] While considerable emphasis has been placed herein on the
20 preferred embodiments, it will be appreciated that many embodiments can be made and that many changes can be made in the preferred embodiments without departing from the principles of the disclosure. These and other changes in the preferred embodiments of the disclosure will be apparent to those skilled in the art from the disclosure herein, whereby it is to be distinctly understood that the
25 foregoing descriptive matter is to be implemented merely as illustrative of the disclosure and not as a limitation.
[00133] The present disclosure provides technical advancement related to
Rx session. This advancement addresses the limitations of existing solutions by handling authentication-authorization request (AAR) diameter messages over a
30 Rx interface. The disclosure involves determining attribute-value pair (AVP) of request type and flow status of the request and comparing the determined the
33

request type AVP and the determined flow status AVP with a predetermined set
of prohibited types, which in accepting or declining the request. This offers
significant improvements in conditionally creating the Rx sessions. The disclosed
invention improves efficiency of the network. 5
ADVANTAGES OF THE INVENTION
[00134] The present disclosure provides a system and a method for
handling Authentication-Authorization Request (AAR) diameter messages.
[00135] The present disclosure provides a system and a method that
10 conditionally creates Rx sessions.
[00136] The present disclosure provides a system, and a method removes
existing sessions having no dynamic policy and charging control rules available in
a Gx/N7 interface.
[00137] The present disclosure provides a system, and a method sends an
15 error code to network entities one removing sessions.
[00138] The present disclosure provides a system, and a method is to
improve efficiency of the network.
34

We Claim:
1. A system (108) for handling authentication-authorization request (AAR)
diameter messages over an interface in a network (106), the system (108)
comprising a first network entity (110-1) and a second network entity
(110-2), the first network entity (110-1) comprising:
a receiving unit (214) configured to receive a request from a transmitting unit (224) of the second network entity (110-2);
a processing unit (212) configured to:
extract a number of information from the received request, wherein the number of information includes at least one or more of
attribute-value pairs (AVPs) of a request type and a flow-status;
determine a type of the request type AVP and a type of the flow status AV P of the received request;
compare the determined the request type AV P and the determined flow status AVP with a predetermined set of prohibited
types corresponding to each determined AVP; and
based on the comparison, a transmitting unit (216) is configured to send an error message to the second network entity (110-2).
2. The system (108) as claimed in claim 1, wherein the request is an authentication authorization request (AAR), wherein the error message is a
diameter error code.
3. The system (108) as claimed in claim 1, wherein on detecting the
determined the request type AV P and the determined flow status AV P
match with one of prohibited type in the predetermined set, the processing
unit (212) is configured to decline the received request, wherein on
detecting the determined the request type AV P and the determined flow
35

status AVP do not match with one of prohibited type in the predetermined set, the processing unit (212) is configured to accept the received request.
4. The system (108) as claimed in claim 1, wherein the request type is an initial request or an update request.
5. The system (108) as claimed in claim 1, wherein the flow-status is an
enabled-uplink status, an enabled-downlink status, an enabled status, a disabled status, or a removed status.
6. The system (108) as claimed in claim 1, wherein the predetermined set of
prohibited types includes the initial request and the update request
corresponding to the request type AV P and the removed status
corresponding to the flow status AVP.
7. The system (108) as claimed in claim 1, wherein the first network entity
(110-1) is a Policy and Charging Rules Function (PCRF), or a Policy
Control Function (PCF) and the second network entity (110-2) is a proxy
Call State Call Function (P-CSCF) or an Application Function (AF).
8. A method (300B) of handling authentication-authorization request (AAR)
diameter messages over an interface in a network (106), the method
(300B) comprising:
receiving (312), by a first network entity (110-1), a request from a second network entity (110-2);
extracting (314), by the first network entity (110-1), a number of information from the received request, wherein the number of information includes at least one or more of attribute-value pairs (AVPs) of a request type and a flow-status;
36

determining (316), by the first network entity (110-1), a type of the request-type AV P and a type of the flow-status AVP of the received request;
comparing (318), by the first network entity (110-1), the determined type of the request type AV P and the determined type of flow-
status AV P with a predetermined set of prohibited types corresponding to each determined AVP; and
sending (320), by the first network entity (110-1), an error message to the second network entity (110-2), based on the comparison.
9. The method (300B) as claimed in claim 8, wherein the request is an
authentication authorization request (AAR), wherein the error message is a diameter error code.
10. The method (300B) as claimed in claim 8, wherein on detecting the
determined the request type AV P and the determined flow status AV P
match with one of prohibited type in the predetermined set, the first
network entity (110-1) is configured to decline the received request, wherein on detecting the determined the request type AVP and the determined flow status AVP do not match with one of prohibited type in the predetermined set, the first network entity (110-1) is configured to
accept the received request.
11. The method (300B) as claimed in claim 8, wherein the request-type AVP is an initial request or an update request.
12. The method (300B) as claimed in claim 8, wherein the flow-status AV P is an enabled-uplink status, an enabled-downlink status, an enabled status, a
disabled status, or a removed status.
13. The method (300B) as claimed in claim 8, wherein the predetermined set
of prohibited types includes the initial request and the update request
37

corresponding to the request-type AVP and the removed status corresponding to the flow-status AVP.
14. The method (300B) as claimed in claim 8, wherein the first network entity
(110-1) is a Policy and Charging Rules Function (PCRF) or a Policy
Control Function (PCF) and the second network entity (110-2) is a proxy
Call State Call Function (P-CSCF) or an Application Function (AF).
15. A user equipment (104) communicatively coupled with a system (108), the
coupling comprises steps of:
receiving, by the system (108), a connection request;
sending, by the system (108), an acknowledgment of the
connection request to the UE (104); and
transmitting a plurality of signals in response to the connection
request, wherein the system (108) is configured for handling
authentication-authorization request (AAR) diameter messages via an interface in a network (106) as claimed in claim 1.