[go: up one dir, main page]

WO2008148357A1 - Communication system and method, household base station gateway and household base station server - Google Patents

Communication system and method, household base station gateway and household base station server Download PDF

Info

Publication number
WO2008148357A1
WO2008148357A1 PCT/CN2008/071211 CN2008071211W WO2008148357A1 WO 2008148357 A1 WO2008148357 A1 WO 2008148357A1 CN 2008071211 W CN2008071211 W CN 2008071211W WO 2008148357 A1 WO2008148357 A1 WO 2008148357A1
Authority
WO
WIPO (PCT)
Prior art keywords
base station
home base
gateway
address
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2008/071211
Other languages
French (fr)
Chinese (zh)
Inventor
Yong Qiu
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of WO2008148357A1 publication Critical patent/WO2008148357A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/08Access point devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support

Definitions

  • the embodiments of the present invention relate to the field of communications technologies, and in particular, to a communication system and method, a home base station gateway, and a home base station server. Background technique
  • a home base station refers to a small, small base station for home or office. It may be completely private. It can also be opened to the public for use with different priorities and permissions. Its ownership is private, not government or The operator; its use may be a small range of users, but also a wide range of users. ⁇ Using home base stations to achieve wireless access, can better utilize existing network resources, save more network equipment operators' costs, and combine the advantages of mobile access networks and fixed access networks.
  • the evolution network is also called SAE (System Architecture Evolution). (Evolution) / LTE (Long Term Evolution) network, the access network of the evolved network is called E-UTRAN (Evolved UMTS Territorial Radio Access Network), evolved UMTS (Universal Mobile Telecommunications System) Radio Access Network
  • SAE System Architecture Evolution
  • LTE Long Term Evolution
  • E-UTRAN Evolved UMTS Territorial Radio Access Network
  • evolved UMTS Universal Mobile Telecommunications System
  • the core network of the evolved network architecture includes a Mobility Management Entity (MME), a Serving GW, and a Home Subscriber Server (HSS).
  • MME Mobility Management Entity
  • HSS Home Subscriber Server
  • the MME is responsible for the mobility management of the control plane, including user context and mobility state management, assigning user temporary identity, etc., corresponding to current GPRS (General Packet Radio Service) / UMTS (Universal Mobile Telecommunication System) System)
  • the control plane part of the internal SGSN (Serving GPRS Support Node) of the system
  • the Serving GW is responsible for initiating paging for downlink data in idle state, managing and storing IP bearer parameters and routing information within the network, corresponding to the current GPRS / UMTS system internal SGSN and GGSN (Gateway GPRS Support Node) data plane part
  • HSS is used to store user subscription information.
  • the home base station Since the home base station has not been introduced into the E-UTRAN and has not been introduced into other networks (such as the UMTS network), the advantages of the home base station cannot be reflected in the communication network (such as the SAE/LTE network, the UMTS network), thus, Limit the development of home base stations. Summary of the invention
  • Embodiments of the present invention provide a communication system and method, a home base station gateway, and a home base station server to implement the introduction of a home base station in a communication system.
  • Embodiments of the present invention provide a communication system including a home base station, a third party network, and a home base station gateway.
  • the home base station is configured to communicate with the home base station gateway by using a first address, and determine the home base station in the third-party network according to the first address;
  • the third-party network is configured to connect the home base station and the home base station gateway; the home base station gateway is configured to enable the home base station to communicate with other nodes in the communication network by using a second address, according to the The two addresses determine the home base station in a communication network.
  • An embodiment of the present invention further provides a home base station gateway, including:
  • a storage unit including a first storage unit, configured to store a home base station user identifier, a first address, and a second address;
  • a receiving unit configured to receive a first data packet sent by the home base station to other nodes in the communication network, and/or a second data packet sent by the other node in the communication network to the home base station, where the first data packet is sent to the home base station
  • the uplink data packet of the other node; the second data packet is a downlink data packet sent by another node received by the home base station.
  • a processing unit configured to convert the first address into a second address according to the content stored by the storage unit and the address of the data packet received by the receiving unit, and convert the second address into a first address
  • a sending unit configured to send a data packet processed by the processing unit.
  • the embodiment of the present invention further provides a home base station server, including: a receiving unit, configured to receive an authentication information request message and a service request message, where the authentication information request message or the service request message includes a home base station user identifier;
  • a storage unit including a first storage unit, configured to store a home base station user identifier and a security context corresponding to the home base station user identifier;
  • the authentication unit is configured to authenticate the home base station according to the home base station user identifier received by the receiving unit and the security context corresponding to the home base station user identifier.
  • An embodiment of the present invention further provides a communication method, including:
  • the home base station and the home base station gateway communicate using the first address, and the first address is used to uniquely determine the home base station in the third party network;
  • the home base station gateway causes the home base station to communicate with other nodes in the communication network using a second address for uniquely determining a home base station in the communication network.
  • the embodiment of the present invention describes a case where a home base station accesses a communication system, and the role of the home base station can be fully utilized.
  • FIG. 1A is a schematic structural diagram of a SAE/LTE communication network according to Embodiment 1 of the present invention.
  • FIG. 1B is a schematic structural diagram of a UMTS communication network according to Embodiment 1 of the present invention
  • FIG. 2A is a diagram showing a home base station gateway according to Embodiment 1 of the present invention
  • FIG. 2B shows a home base station gateway according to Embodiment 1 of the present invention
  • FIG. 2C shows a home base station server according to Embodiment 1 of the present invention
  • FIG. 3 shows a communication method according to Embodiment 2 of the present invention
  • FIG. 4 is a diagram showing an authentication process of a home base station in Embodiment 4 of the present invention.
  • FIG. 5 shows a process of assigning an IP address (IP2) according to Embodiment 5 of the present invention
  • FIG. 7 is a flowchart showing a process of synchronizing a home base station with a home base station server according to Embodiment 7 of the present invention
  • FIG. 8 is a diagram showing a process of synchronizing a home base station server and a home base station according to Embodiment 7 of the present invention.
  • FIG. 9 is a diagram showing a protocol stack after a security association is established according to an embodiment of the present invention.
  • FIG. 10 shows a protocol stack of a control plane according to an embodiment of the present invention
  • FIG. 11 shows a protocol stack of a service control function according to an embodiment of the present invention
  • FIG. 12 is a diagram showing a network management function protocol stack when the Logic OAM mode is used in the embodiment of the present invention.
  • FIG. 13 is a diagram showing a network management function protocol stack in an ordinary manner of the embodiment of the present invention.
  • Figure 14 shows a user plane protocol stack in accordance with an embodiment of the present invention. detailed description
  • the communication system of the present invention is described by taking an SAE/LTE network as an example. System and method.
  • this embodiment provides an S AE/LTE communication system with a home base station.
  • This embodiment describes a communication system of the present invention, which includes a User Equipment (UE), a Home Base Station (HNB), a third party network, a Home Base Station Gateway (HNBGW), a Home Base Station Server, a Mobility Management Entity (MME), and A node such as a Serving GW, wherein the above-mentioned home base station server may be a separate entity in the network, or may be combined with a home subscriber server HSs in the network.
  • UE User Equipment
  • HNBGW Home Base Station Gateway
  • MME Mobility Management Entity
  • a node such as a Serving GW
  • the user equipment is configured to access the core network through the home base station and the home base station gateway to communicate with other network nodes.
  • the home base station is configured to communicate with a home base station gateway by using a first address (ie, IP1 hereinafter), according to which the home base station can be uniquely determined in a third-party network (such as the Internet).
  • the home base station is further configured to store a home base station user identifier (HNB ID), a security context (including a basic key, an authentication algorithm, an encryption algorithm, a digital certificate, and the like) and a user list, and provide air interface access.
  • HNB ID home base station user identifier
  • the function and the access restriction function are used to connect the user equipment to the home base station through a wireless link, and the access restriction function can be implemented by using an access restriction list, that is, a user list, that is, in the user list.
  • the listed users can access, and users in the user list are not allowed to access.
  • the link between the home base station and the home base station gateway may be provided by a third party, such as xDSL provided by a third party (xDSL is a collective term for DSL (Digital Subscriber Line), ie, digital subscriber line) line, Ethernet (Ethernet), etc. .
  • xDSL is a collective term for DSL (Digital Subscriber Line), ie, digital subscriber line) line, Ethernet (Ethernet), etc.
  • the home base station can be linked to the network node such as the MME, the serving gateway, the OAM, and the HSS through the home base station gateway.
  • the third-party network is used to connect a home base station and a home base station gateway, and the third-party network may be an Internet.
  • the home base station gateway is configured to enable the home base station to use the second address (ie, IP2 in the following) and other nodes in the communication network (eg, mobility management entity, service gateway, HSS) And communicating, according to which the home base station can be uniquely determined in the communication network. In this way, the home base station gateway can communicate with the other nodes in the communication network by the home base station through the first address and the second address.
  • An interface exists between the home base station gateway and the MME, the serving gateway, the home base station server, and the OAM, wherein the interface between the home base station gateway and the MME is mainly used to transmit some UE-related control information; between the home base station gateway and the serving gateway
  • the interface is mainly the data transmission of the user plane.
  • the interface between the home base station gateway and the home base station server is mainly that the home base station gateway needs to obtain some service control information about the home base station from the home base station server; the interface between the home base station gateway and the OAM Used to provide management functions for home base stations. Through these interfaces, the home base station gateway can implement management of the home base station.
  • the communication system and method, the home base station gateway, and the home base station server are also applicable to other communication systems.
  • an interface exists between the home base station gateway and the SGSN, the home base station server, and the OAM.
  • the interface between the home base station gateway and the SGSN is mainly used to transmit some UE-related control information and user plane.
  • the interface between the home base station gateway and the home base station server is mainly that the home base station gateway needs to obtain some service control information about the home base station from the home base station server; the interface between the home base station gateway and the OAM is used to provide management for the home base station.
  • the home base station gateway can implement management of the home base station.
  • the home base station gateway includes: a storage unit 11 that includes a first storage unit, configured to store a home base station user identifier, a first address, a second address, and a possible access restriction list, and the like.
  • the access restriction list is a user list;
  • the receiving unit 12 is configured to receive a first data packet sent by the home base station to other nodes in the communication network, and/or a second data packet sent by the other node in the communication network to the home base station, where the The source address of a data packet is the address of the home base station in the third-party network, that is, the first address, and the destination address of the second data packet is the address of the home base station in the communication network, that is, the second address;
  • the processing unit 14 is configured to: Converting the first address to a second address and converting the second address to a first address according to the content stored by the storage unit 11 and the address of the data packet received by the receiving unit 12; the sending unit 14, Used to send data packets processed by the processing unit
  • the processing unit 14 includes: a determining unit 141, configured to determine, received by the receiving unit a data packet; an obtaining unit 142, configured to: when the data packet determined by the determining unit 141 is a first data packet, obtain a second address according to the content stored by the storage unit 11 and the first address; when the determining When the data packet determined by the unit 141 is the second data packet, the first address is obtained according to the content stored by the storage unit 11 and the second address; the setting unit 143, and, as shown in FIG. 2B, the home base station gateway Also includes:
  • the initial access unit 15 is configured to connect the home base station to other nodes in the communication network after the home base station selects the home base station gateway according to a DNS (Domain Name System) of the home base station gateway or a fixed address.
  • DNS Domain Name System
  • the SCTP aggregation unit 16 is configured to link the SCTP between the home base station gateway and the home base station to the SCTP link between the home base station gateway and the MME.
  • the service control unit 17 is configured to perform corresponding management on the services of the home base station. For example, the mutual authentication between the network side and the home base station is implemented. For example, when the service request message of the home base station is received, the interaction and processing of the service request message between the network side and the home base station is implemented.
  • the service request message may be a user adding, modifying, deleting an access restriction list, etc., through the unit, the synchronization of the access restriction list between the network side and the home base station may be implemented.
  • the management unit 18 is configured to manage the home base station, and the management includes management by using a Logic OAM method or management by an ordinary manner.
  • the primary access unit 15, the SCTP aggregation unit 16, the service control unit 17, and the management unit 18 provide a function for the home base station gateway to manage the home base station.
  • the home base station server is configured to save a home base station user identifier, a subscription information corresponding to the home base station user identifier, a user list corresponding to the home base station user identifier, and a security context corresponding to the home base station user identifier (including a basic key, Weight algorithm, encryption algorithm, digital certificate, etc.).
  • the device identifier of the home base station and the vendor information, the home base station gateway address linked to the home base station, etc. when the home base station accesses the network, the home base station server needs to authenticate the home base station, in this case, the home base station
  • the server acts as a AAA Server.
  • the home base station server can be the same service as the server used to save the user subscription information in the original E-UTRAN network.
  • the home base station server includes: a receiving unit 21, configured to receive an authentication information request message, where the authentication information request message includes a home base station user identifier; and the storage unit 22 includes a first storage unit 221 And storing a home base station user identifier and a security context corresponding to the home base station user identifier, the second storage unit 222, configured to store subscription information of the home base station user, and a user list included in the user group, so that other network nodes use the The subscription information of the home base station user and the user list included in the user group control the communication of the home base station; the authentication unit 23 is configured to: according to the home base station user identifier received by the receiving unit and the home base station user identifier The base key authenticates the home base station; the first processing unit 24 and/or the second processing unit 25.
  • the first processing unit 24 is configured to modify the information stored by the second storage unit 222 (for example, modify a user list), and synchronize the modification result to the user list of the home base station.
  • the second processing unit 25 is configured to receive a service request message (eg, modify a user list request), and modify data stored by the second storage unit 222 according to the request.
  • the MME is configured to perform mobility management, authentication and key management of user equipment, encryption of signaling, integrity protection, management, and allocation of temporary mobile subscriber identity.
  • the MME is further configured to store a UE (User Equipment) control plane context, where the UE control plane context includes a UEID (User Equipment Identity), a User Equipment Status (including activation, standby), a tracking area where the user equipment is located, and the like.
  • UE User Equipment
  • the service gateway is responsible for user plane processing, and the user plane processing includes routing and forwarding of data, storing UE user plane context, user plane support when the home base station is switched, and downlink data triggering/initiating paging when LTE-IDLE.
  • the UE user plane context includes basic IP bearer information, routing information, and the like.
  • the OAM (operation, management, and maintenance entity) is mainly responsible for network management functions.
  • Embodiment 2
  • this embodiment describes the communication method of the present invention.
  • the communication of the present invention will be described below in accordance with the process of establishing a link between a home base station and a network and performing data transmission.
  • Step 31 After the home base station is powered on, obtain the first address (IP1) and pass the home The domain name of the base station gateway or other manner (for example, the address of the gateway is directly configured in the base station). The address of the home base station gateway is determined. After determining the address of the home base station gateway, the home base station can access the home base station gateway, according to the first address. The home base station is uniquely identified in the third party network.
  • Step 32 After the home base station accesses the home base station gateway, the home base station registers and authenticates with the network. After the authentication succeeds, a secure tunnel is established between the home base station gateway and the home base station.
  • Step 33 After the security tunnel is established, the DHCP (Dynamic Host Configuration Protocol) server allocates a second address (IP2) to the home base station, where the second address is an internal IP address of the communication network, and is in the communication network. The only one home base station is identified.
  • IP2 Dynamic Host Configuration Protocol
  • the above steps 32 and 33 can be combined in one step.
  • the authentication process and the secure tunnel establishment process in the foregoing steps 32 and 33 can be performed simultaneously, and the IP address allocation process and the secure tunnel establishment process can also be performed simultaneously.
  • the IP address allocation mode includes but is not limited to the DHCP method.
  • Step 34 Before starting the data transmission, each home base station can establish a limited SCTP (Stream Control Transmission Protocol) link with the home base station gateway, and a small amount of SCTP is also established between the home base station gateway and the MME. Linking, the home base station gateway can aggregate the SCTP link between the home base station gateway and the home base station into an SCTP link between the home base station gateway and the MME.
  • SCTP Stream Control Transmission Protocol
  • the network side can control the service of the network to the home base station through the home base station server, and complete the synchronization of the service information between the network side and the home base station.
  • the network side can also provide network management functions for the home base station through 0 AM.
  • This embodiment describes a process in which a home base station accesses a home base station gateway (step 31).
  • the third-party network such as the xDSL network in the Internet
  • IP1 IP1
  • the home base station can link with the home base station gateway, and the home base station determines the home base station gateway.
  • IP1 IP1
  • the domain name of the home base station gateway can be provided as a parameter in the BSIM (Base Station Identifier Module) card to the home base station.
  • BSIM Base Station Identifier Module
  • the domain name of the home base station gateway can be placed in the third party's DHCP server.
  • the DHCP server returns a DHCP response to the home base station, the domain name of the home base station gateway is sent to the home base station.
  • the home base station After obtaining the domain name of the home base station gateway, the home base station then uses the domain name to resolve the IP address of the home base station gateway through the domain name server, and accesses the home base station gateway through the IP address.
  • This embodiment describes an authentication process of a home base station (step 32). After the home base station accesses the home base station gateway, it also needs to register and authenticate to the core network to identify the legitimacy of the home base station. As shown in FIG. 4, the authentication process of the home base station will be described in detail below.
  • Step 41 After the home base station is powered on, send a registration request message (Register) to the home base station gateway, where the registration request message includes a home base station user identifier (HNB ID), so as to send the home base station user identifier to the home base station gateway, where
  • the home base station user identity is obtained by the user who uses the base station at the time of registration, and may be a BSIM ID (Home Base Station Identity) or a Home Base Station Device Identity.
  • Step 42 After obtaining the registration request message, the home base station gateway sets the home base station user identifier in the registration request message in the authentication information request message (AuthlnfoReq), and sends the authentication information request message to the home base station server.
  • the home base station gateway sets the home base station user identifier in the registration request message in the authentication information request message (AuthlnfoReq), and sends the authentication information request message to the home base station server.
  • Step 43 After receiving the authentication information request message, the home base station server finds the basic key corresponding to the HNB ID according to the HNB ID in the authentication information request message, and generates a random number, using the basic key and the random number as parameters. Performing an authentication algorithm to generate an authentication result (Resultl); at the same time, the home base station server may also generate a derived key according to the basic key, the random number, and a specific key generation algorithm, and then the home base station server sends the authentication to the home base station gateway.
  • An information response message (AuthlnfoResp), the authentication information response message including an authentication result (Resultl), a random number, and a derived key, so as to be used for the authentication result ( Resultl ), random number and derived key are sent to the home base station gateway.
  • Step 44 After receiving the authentication information response message, the home base station gateway sets the random number in the authentication information response message in an authentication request message (AuthChallenge), and sends the authentication request to the home base station.
  • AuthChallenge an authentication request message
  • Step 45 After receiving the authentication request, the home base station generates an authentication result (Result2) according to the random number in the authentication request and the basic key stored in the home base station, using the same authentication algorithm as in step 43. The key and the random number are generated using the same key generation algorithm as in step 43. Next, the home base station sets the authentication result (Result2) in the authentication response message, and sends the authentication response message to the home base station gateway.
  • the derived key generated in step 43 and step 45 can be used as a pre-shared key of IKE in IPSec, which is used to generate a security association (SA) in IPSec, and the derived key can also be used for transmission between the home base station and the network.
  • SA security association
  • Step 46 The home base station gateway compares the authentication result (Result2) with the authentication result (Resultl) transmitted by the home base station server. If the authentication fails, the authentication fails. Otherwise, the authentication succeeds, and the user who uses the home base station is legal. The user, the home base station gateway will send a registration confirmation message (RegisterAck) to the home base station.
  • Result2 the authentication result
  • Resultl the authentication result transmitted by the home base station server.
  • secure tunnel communication can be used between the home base station gateway and the home base station.
  • security tunnels such as IPSec security tunnels and L2TP (Layer 2 Tunneling Protocol) tunnels.
  • the secure tunnel is an IPSec secure tunnel.
  • IPSec requires a Security Association (SA), which can be dynamically established by using IKE (Internet Key Exchange) using pre-shared keys, digital signatures, or public key encryption.
  • SA Security Association
  • the home base station gateway After the IPSec secure tunnel is established between the home base station gateway and the home base station, the home base station gateway functions as a security gateway.
  • the control plane data transmission mode between the home base station and the home base station gateway will adopt the IPSec tunnel mode.
  • the destination IP address of the IP layer uses the IP address (IP2) assigned by the communication network to the home base station, and the data packet is first routed to the home base station gateway, and then the home base station gateway.
  • IP2 IP address assigned by the communication network to the home base station
  • the IP packet is encapsulated in IPSec as it is.
  • IP1 assigned to the home base station by the third-party network (for example, xDSL network) is used in the outer IP of the IPSec, and can be searched on the home base station gateway.
  • the home base station address mapping relationship obtains IP1 corresponding to IP2.
  • the internal IP address uses the IP address (IP2) assigned by the communication network to the home base station, and the external IP address is used by a third party.
  • IP1 assigned to the home base station.
  • Figure 9 shows the protocol stack after the security association is established.
  • the uppermost layer of the protocol stack is the application layer between the network node and the home base station. It can be any application layer protocol, and may be RANAP (Radio Access Network Application Part, wireless access).
  • the network application sub-) protocol is used for the MME to control the HNB, and may also be a user plane protocol; the transport layer below the application layer may be SCTP, UDP or other protocols; below the transport layer is the IP layer, the network node and the home base station gateway, and the home User data and signaling between the base station gateway and the home base station are routed through the IP layer.
  • the data packet between the home base station gateway and the home base station is encapsulated by IPSec and uses the IP address IP1 assigned by the third party to the home base station (IP1 corresponding to IP2 can be obtained by looking up the home base station address mapping relationship on the home base station gateway). ) as the outer IP of IPSec.
  • the lower two layers of the protocol stack, the network node and the home base station gateway, and the L1 and L2 layers between the home base station gateway and the home base station are physical layer and data link layer, and any technology capable of carrying the IP protocol can be used, for example, It is Ethernet, ATM or Token Ring.
  • This embodiment describes a process in which a communication network allocates an internal IP address to a home base station.
  • the DHCP server needs to allocate the internal IP address (IP2) of the communication network to the home base station.
  • IP2 IP address
  • other network nodes in the communication network can use the home base station as a node in the communication network to be routed by using the internal IP address (IP2), so that communication with the home base station can be conveniently performed.
  • the home base station gateway After the assignment of the internal IP address (IP2) of the home base station is completed, the home base station gateway has obtained the external IP address of the home base station (IP1, and the third party assigns the home base station) IP address), home base station internal IP address (IP2) and home base station user ID (HNB ID), the home base station gateway needs to establish a home base station user identification HNB ID, home base station external IP address (IP1) and home base station A home base station address mapping relationship table between internal IP addresses (IP2), such that when the home base station gateway and the home base station perform user data and signaling routing through the IP layer, the home base station gateway can use the home base station address mapping relationship.
  • IP2 home base station address mapping relationship table between internal IP addresses (IP2), such that when the home base station gateway and the home base station perform user data and signaling routing through the IP layer, the home base station gateway can use the home base station address mapping relationship.
  • IP2 home base station address mapping relationship table between internal IP addresses (IP2), such that when the home base station gateway and the home
  • the DHCP server that allocates the home base station internal IP address (IP2) may be placed on the home base station gateway or may be a separate network node; when the DHCP server is a separate network node, the home base station gateway needs to assume DHCP. Relay (DHCP relay) function. After the DHCP server assigns an IP address (IP2) to the home base station, the IP address (IP2) is sent to the home base station.
  • IP2 IP address
  • IP3 IP address
  • the IP address of the OAM server needs to be sent to the home base station.
  • Logic OAM Logical Network Management
  • Fig. 5 shows the process of assigning an IP address (IP2), and the process of assigning an IP address (IP2) will be described below with reference to FIG.
  • Step 51 The home base station sends an address service request message to the DHCP server of the user plane, requesting obtaining an IP address (IP2) in the communication network, where the address service request message includes the home base station user identifier; if the home base station and the DHCP server are not located On the same network segment, the home base station gateway needs to assume the function of relaying, and forwards the message to the DHCP server;
  • IP2 IP address
  • Step 52 After receiving the address service request message of the home base station, the DHCP server allocates an IP address (IP2) to the home base station according to the identity of the home base station itself.
  • IP2 IP address
  • Step 53 DHCP sends an address service response message to the home base station, where the address service The response message contains the IP address (IP2) of the home base station.
  • IP2 IP address
  • Fig. 6 shows the process of assigning the IP address (IP3) of the network management plane, and the process of assigning the IP address (IP3) of the network management plane will be described below with reference to FIG.
  • Step 61 The home base station sends an address service request message to the DHCP server on the network management plane, requesting to obtain an IP address of the network management plane, where the address service request message includes the home base station user identifier; if the home base station is not in the same network segment as the DHCP server , the home base station gateway needs to assume the function of the DHCP relay, and forwards the message to the DHCP server;
  • Step 62 After receiving the address service request message of the home base station, the DHCP server allocates the IP address IP3 of the user plane to the home base station according to the identifier of the home base station, and determines the address of the OAM.
  • Step 63 The DHCP returns a home base station address service response message, where the address service response message includes an IP address (IP3) of the home base station and an address of the OAM server.
  • IP3 IP address of the home base station
  • OAM server an address of the OAM server.
  • This embodiment describes the S C TP link aggregation function of the home base station gateway (see step 34).
  • the method of establishing has the following three steps:
  • Each home base station can establish a limited SCTP link with the home base station gateway, such as four SCTP links.
  • a small number of SCTP links are also established between the home base station gateway and the MME. Since there are a large number of home base stations under the home base station gateway, the home base station gateway needs to aggregate all the SCTPs to the home base stations to between the small number and the MME. Go to the SCTP link.
  • the home base station gateway needs to transfer the SCTP of a certain home base station to a different MME.
  • the destination IP address of the data packet is the IP address of the home base station gateway, and the identifier of the destination home base station is carried in the packet header of the data packet, where the home base station
  • the user ID can be identified by the PPI (Postload Protocol Identifier) in the SCTP header.
  • the home base station gateway is handed over to the SCTP layer, and the SCTP parses the SCTP Service Data Unit (SCTP Service Data Unit), and then re-encapsulates the SCTP SDU into an SCTP link of a home base station.
  • SCTP Service Data Unit SCTP Service Data Unit
  • the home base station gateway determines to forward the data packet to the home base station according to the home base station user identifier in the SCTP packet header, and then finds the identifier of the SCTP link of the home base station, etc., encapsulates the SCTP SDU, and then adds the home base station.
  • the IP address, and then the IP packet is encapsulated in IPSec and sent to the home base station.
  • the home base station may be connected to multiple MMEs.
  • an MME can be selected according to the load condition of the MME, and there are two options:
  • the home base station selects the MME, and after the home base station selects the MME, the home base station gateway is notified of the result of the selection, and the home base station gateway transfers the corresponding SCTP link to the corresponding MME according to the MME selected by the home base station; For this case, the home base station needs to know the load information of each MME and select the corresponding MME accordingly.
  • the interaction of the load information between the MME and the home base station can be performed through the RANAP layer.
  • the home base station gateway selects the MME, and the home base station gateway can select the corresponding MME according to the load information of the MME.
  • the home base station may be based on the TMSI (Temporary Mobile Subscriber Identity) of the UE. ) to choose MME.
  • the selected MME is notified to the home base station gateway, so that the home base station gateway transfers the SCTP link of the home base station to the home base station gateway to the SCTP of the MME; similarly, the home base station and the Home base station gateway
  • the identifier of the target MME is carried in the SCTP packet header to provide a home base station gateway selection; the identifier can be placed in the PPI of the SCTP packet header to be sent to the home base station gateway.
  • Figure 10 shows the protocol stack of the control plane when the SCTP is aggregated.
  • the upper layer of the protocol stack is the application layer between the MME and the home base station, which may be the RANAP protocol or the S1AP protocol, and is used by the MME to control the HNB.
  • the application layer is carried on the SCTP, the SCTP layer is divided into two segments, a SCTP between the MME and the home base station gateway, and another SCTP between the home base station gateway and the home base station, and the two SCTPs are in the home base station gateway.
  • Below the SCTP layer is the IP layer. User data and signaling between the MME and the home base station gateway and the home base station gateway and the home base station are routed through the IP layer.
  • the data packet between the home base station gateway and the home base station is encapsulated by IPSec and uses the IP address IP1 assigned by the third party to the home base station (IP1 corresponding to IP2 can be obtained by looking up the home base station address mapping relationship on the home base station gateway). ) as the outer IP of IPSec.
  • IP1 corresponding to IP2 can be obtained by looking up the home base station address mapping relationship on the home base station gateway).
  • the lowermost two layers of the protocol stack, the MME and the home base station gateway, and the L1 and L2 layers between the home base station gateway and the home base station are physical layer and data link layer, and any technology capable of carrying the IP protocol can be used, for example, Ethernet, ATM or Token Ring.
  • the home base station gateway is transparent to the application layer of the control plane, which can reduce the complexity of the home base station gateway processing and the processing delay of the Fallier.
  • This embodiment describes a service control function.
  • the home base station is a network node, and the network side may need to manage its services accordingly, such as managing the list of users allowed to access on the home base station or the location information of the user. If a list of users allowed to access is set on the home base station, these service lists need to be synchronized to the network. In turn, some network parameters may be set on the network side, and these service parameters also need to be transmitted to the home base station. From this perspective, there is a network control function for the home base station.
  • the home base station server can serve as a service control node of the home base station, and all related service information of the home base station is stored thereon, and the network can control the home base station through an interface between the home base station server and the home base station gateway.
  • An application layer protocol needs to be established between the gateway and the home base station for the home base station gateway to control the home base station.
  • the Application layer can be carried on the TCP or on the SCTP. Considering that there is an SCTP link between the home base station gateway and the home base station, the Application bearer is better on the SCTP.
  • Figure 11 shows the protocol stack of the service control function.
  • the uppermost layer of the protocol stack is the application layer, which is used for the home base station server to control the home base station through the home base station gateway.
  • the application layer protocol between the home base station server and the home base station gateway may use a MAP (Mobile Application Part) protocol or other possible protocols for the home base station server to control the home base station gateway; at the home base station gateway and the home
  • the application layer protocol between the base stations may be a RANAP protocol for the home base station gateway to control the home base station.
  • the transport layer protocol between the home base station server and the home base station gateway below the application layer may be SCTP or SCCP, and the transport layer protocol between the home base station gateway and the home base station may be SCTP or TCP.
  • Below the transport layer is the IP layer.
  • IP1 IP1 corresponding to IP2 can be obtained by looking up the home base station address mapping relationship on the home base station gateway) ) as the outer IP of IPSec.
  • IP1 IP1 corresponding to IP2 can be obtained by looking up the home base station address mapping relationship on the home base station gateway) ) as the outer IP of IPSec.
  • the lowermost two layers of the protocol stack, the home base station server node and the home base station gateway, and the L1 and L2 layers between the home base station gateway and the home base station are physical layer and data link layer, and any technology capable of carrying the IP protocol can be used. For example, it can be Ethernet, ATM or Token Ring.
  • the following describes the synchronization process of the user access list as an embodiment of the service control function.
  • the home base station server After the user access list of the home base station is modified, it needs to be synchronized to the home base station server, so that the home base station server adjusts the charging policy for these users. As shown in FIG. 7, the following describes the process of synchronizing the access list of the home base station and the home base station server.
  • Step 71 The home base station sends a user list modification request message to the home base station gateway, where
  • the user list modification request message includes operation parameters (such as addition, deletion), the addition is to add a user to the user list, and the deletion is to delete the user from the user list.
  • Step 72 After receiving the user list modification request message, the home base station gateway sends the user list modification request message to the home base station server.
  • Step 73 The home base station server modifies the request message according to the received user list, adds a user to the user list according to the operation parameter, or deletes the user from the list, and sends a modify user list response message to the home base station gateway.
  • Step 74 The home base station gateway sends a modify user list response message to the home base station, and after receiving the message, the home base station allows or restricts some users from accessing the home base station.
  • the user access list on the home base station server may be modified first. After the user access list of the home base station in the home base station server is modified, it needs to be synchronized to the home base station, so that the home base station server adjusts the charging policy for these users. As shown in Fig. 8, the following describes the process of synchronizing the home base station server with the home base station.
  • Step 81 The home base station server sends a user list modification request message to the home base station gateway, where the user list modification request message includes operation parameters (such as adding, deleting), and the adding is adding a user to the user list, and the deleting is The user is deleted from the user list.
  • operation parameters such as adding, deleting
  • Step 82 After receiving the user list modification request message, the home base station gateway sends the user list modification request message to the home base station.
  • Step 83 The home base station modifies the request message according to the received user list, adds a user to the user list according to the operation parameter, or deletes the user from the list, and sends a modify user list response message to the home base station gateway.
  • Step 84 The home base station gateway sends a modify user list response message to the home base station server, and after receiving the message, the home base station server allows or restricts some users from accessing the home base station.
  • This embodiment describes the network management control function.
  • Network management functions There are two ways to manage the network:
  • OAM actually only has an interface with the home base station gateway, and uses Logic OAM between the home base station gateway and the home base station.
  • the application layer can be reused with the application layer of the service control function; considering that the interface between the home base station and the OAM may be open, the interface between the OAM and the home base station gateway may be open.
  • Figure 12 shows the network management function protocol stack when using the Logic OAM mode.
  • the uppermost layer of the protocol stack is the application layer, which is used by OAM to control the home base station through the home base station gateway.
  • the transport layer protocol between the home base station gateway and the home base station may be SCTP or TCP.
  • Below the transport layer is the IP layer.
  • User data and signaling between the OAM and the home base station gateway and the home base station gateway and the home base station are routed through the IP layer.
  • the data packet between the home base station gateway and the home base station is encapsulated by IPSec and uses the IP address IP1 assigned by the third party to the home base station (IP1 corresponding to IP2 can be obtained by looking up the home base station address mapping relationship on the home base station gateway).
  • the lower two layers of the protocol stack, the L1 and L2 layers between the OAM and the home base station gateway, and the home base station gateway and the home base station are the physical layer and the data link layer, and any technology capable of carrying the IP protocol can be used, for example, Ethernet, ATM or Token Ring.
  • the home base station gateway only provides the function of the security gateway at this time; the structure of the protocol stack is as shown in FIG.
  • Figure 13 shows the network management function protocol stack when the normal mode is used.
  • the protocol stack structure there is a direct application layer and a transport layer between the OAM and the home base station, and the OAM directly controls the home base station.
  • the IP layer Below the transport layer is the IP layer.
  • the data packet between the home base station gateway and the home base station is encapsulated by IPSec and uses the IP address IP1 assigned by the third party to the home base station (IP1 corresponding to IP2 can be obtained by looking up the home base station address mapping relationship on the home base station gateway).
  • M ⁇ is the outer IP of IPSec.
  • the bottom two layers of this protocol stack OAM and home base station gateways and home base
  • the L1 and L2 layers between the station gateway and the home base station are physical layer and data link layer, and any technology capable of carrying the IP protocol can be used, for example, Ethernet, ATM or Token Ring.
  • This embodiment provides a user plane function.
  • the home base station gateway is just a security gateway.
  • the serving gateway uses the IP address (IP2) of the home base station and the TEID (Tunnel End Point Identifier) assigned by the home base station to establish a downlink bearer, and the home base station uses the IP address and service of the serving gateway.
  • IP2 IP2
  • TEID Traffic End Point Identifier
  • the TEID assigned by the gateway establishes an uplink bearer. That is to say, the home base station gateway does not participate in any tunnel establishment, release, and modification work.
  • the GTP-U (User Plane GPRS Tunneling Protocol) data packet is a transparent data packet for the home base station gateway, so that for the user plane, A home base station gateway is equivalent to a router. The advantage of this is that there are fewer intermediate nodes and less latency.
  • Figure 14 shows the user plane protocol stack.
  • the top three layers of the protocol stack (application layer, TCP/UDP layer and IP layer) are peer-to-peer protocols between the UE and the network server, and encapsulate the packets of the UE.
  • the GTP-U layer is a peer-to-peer protocol between the serving gateway and the home base station, and is used for establishing a tunnel between the serving gateway and the home base station to transmit the upper layer packet data, and the GTP-U is implemented by the lower layer UDP protocol.
  • the IP layer below the UDP layer is used to route user data between the serving gateway and the home base station gateway and the home base station gateway and the home base station.
  • the data packet between the home base station gateway and the home base station is encapsulated by IPSec and uses the IP address (IP1) assigned by the third-party network protocol to the home base station as the outer IP of the IPSec.
  • IP1 IP address assigned by the third-party network protocol to the home base station as the outer IP of the IPSec.
  • the lower two layers of the protocol stack, the service gateway and the home base station gateway, and the LI and L2 layers between the home base station gateway and the home base station are the physical layer and the data link layer, and any technology capable of carrying the IP protocol can be used, for example, It is Ethernet, ATM or Token Ring.
  • the home base station can be accessed into SAE/LTE.
  • the home base station can also access other networks (such as a UMTS network), so that the role of the home base station can be fully utilized.
  • the home base station gateway and the communication method described in the embodiments of the present invention can be applied to other communication systems in addition to the SAE/LTE system. Such as UMTS, CDMA, etc.
  • Non-volatile storage medium which can be a CD-ROM, a USB flash drive, a mobile hard disk, etc.
  • a computer device may It is a personal computer, a server, or a network device, etc. that performs the methods described in various embodiments of the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A communication system and method, a household base station gateway and a household base station server are provided, and the problem is solved that the household base station is not led in a current communication system. The communication system includes a household base station, a third party network and a household base station gateway. The household base station is used for communicating with the household base station gateway using a first address, and the first address is used for determining the household base station in the third party network uniquely; the third party network is used for connecting with the household base station and the household base station gateway; the household base station gateway is used for making the household base station communicate with other nodes in the communication system using a second address, and the second address is used for determining the household base station in the communication system uniquely. The scheme describes a situation that a household base station accesses to a packet data network, and can make a sufficient use of the household base station.

Description

一种通信系统和方法、 家用基站网关及家用基站服务器 技术领域  Communication system and method, home base station gateway and home base station server

本发明实施例涉及通信技术领域, 尤其涉及一种通信系统和方 法、 家用基站网关及家用基站服务器。 背景技术  The embodiments of the present invention relate to the field of communications technologies, and in particular, to a communication system and method, a home base station gateway, and a home base station server. Background technique

随着 Internet (互联网 )业务的蓬勃发展, 以及宽带接入网络和无 线网络的广泛应用, 高速、 便捷地接入网络是人们追求的目标。 为了 更好的利用现有网络的资源,保护网络设备运营商的成本, 3GPP( 3rd Generation Partnership Project, 第三代移动通信标准化组织) 引入了 Home NB (家用基站)的概念。 家用基站是指小型化的、 家庭或者办 公室用的小基站, 可能是完全私有的, 也可以在设置不同优先级、 权 限的情况下, 开放给大众使用, 其所有权归私人, 而不是归政府或者 运营商;其使用对象则可能是小范围的用户,也可能是大范围的用户。 釆用家用基站来实现无线接入, 能够更好的利用现有网络资源, 更多 的节约网络设备运营商的成本,融合移动接入网络和固定接入网络的 各自优点。  With the rapid development of Internet (Internet) services and the wide application of broadband access networks and wireless networks, high-speed and convenient access to the network is the goal pursued by people. In order to better utilize the resources of existing networks and protect the cost of network equipment operators, 3GPP (3rd Generation Partnership Project) introduced the concept of Home NB (Home Base Station). A home base station refers to a small, small base station for home or office. It may be completely private. It can also be opened to the public for use with different priorities and permissions. Its ownership is private, not government or The operator; its use may be a small range of users, but also a wide range of users.家用Using home base stations to achieve wireless access, can better utilize existing network resources, save more network equipment operators' costs, and combine the advantages of mobile access networks and fixed access networks.

考虑到未来网络的竟争能力, 3GPP正在研究一种全新的演进网 络架构以满足未来十年甚至更长时间内移动网络的应用需求,所述演 进网络也称作 SAE ( System Architecture Evolution, 系统架构演进) /LTE ( Long Term Evolution, 长期演进) 网络, 所述演进网络的接入 网称为 E-UTRAN ( Evolved UMTS Territorial Radio Access Network, 演进的 UMTS ( Universal Mobile Telecommunications System, 通用移 动通信系统)陆地无线接入网。 网络演进的目标是希望提供一种低时 延、 高数据速率、 高系统容量和覆盖、 低成本、 完全基于 IP的网络。  Considering the competitiveness of the future network, 3GPP is studying a new evolutionary network architecture to meet the application requirements of mobile networks for the next ten years or more. The evolution network is also called SAE (System Architecture Evolution). (Evolution) / LTE (Long Term Evolution) network, the access network of the evolved network is called E-UTRAN (Evolved UMTS Territorial Radio Access Network), evolved UMTS (Universal Mobile Telecommunications System) Radio Access Network The goal of network evolution is to provide a low latency, high data rate, high system capacity and coverage, low cost, fully IP based network.

演进网络架构的核心网包括移动性管理实体 ( Mobility Management Entity, MME ) 、 月良务网关 (Serving GW ) 以及归属网 络服务器 (Home Subscriber Server, HSS )等功能实体。 其中, 所述 MME负责控制面的移动性管理, 包括用户上下文和移动状态管理, 分配用户临时身份标识等, 对应于当前 GPRS ( General Packet Radio Service , 通用 分组无线业务 ) /UMTS ( Universal Mobile Telecommunication System , 通用移动通信系统) 系统内部 SGSN ( Serving GPRS Support Node, 服务 GPRS支持节点) 的控制平面部 分; Serving GW负责空闲状态下为下行数据发起寻呼, 管理保存 IP承 载参数和网络内路由信息等,对应于当前 GPRS/UMTS系统内部 SGSN 和 GGSN ( Gateway GPRS Support Node, 网关 GPRS支持节点) 的数 据平面部分; HSS用于存储用户签约信息。 The core network of the evolved network architecture includes a Mobility Management Entity (MME), a Serving GW, and a Home Subscriber Server (HSS). Wherein The MME is responsible for the mobility management of the control plane, including user context and mobility state management, assigning user temporary identity, etc., corresponding to current GPRS (General Packet Radio Service) / UMTS (Universal Mobile Telecommunication System) System) The control plane part of the internal SGSN (Serving GPRS Support Node) of the system; the Serving GW is responsible for initiating paging for downlink data in idle state, managing and storing IP bearer parameters and routing information within the network, corresponding to the current GPRS / UMTS system internal SGSN and GGSN (Gateway GPRS Support Node) data plane part; HSS is used to store user subscription information.

在实现本发明的过程中, 发明人发现现有技术至少存在以下问 题:  In carrying out the process of the present invention, the inventors have found that the prior art has at least the following problems:

由于家用基站还没有被引入 E-UTRAN中, 也没有被引入其它网 络(如 UMTS网络) 中, 使得家用基站的优点不能在通信网络(如 SAE/LTE网络、 UMTS网络) 中体现, 这样, 严重限制了家用基站的 发展。 发明内容  Since the home base station has not been introduced into the E-UTRAN and has not been introduced into other networks (such as the UMTS network), the advantages of the home base station cannot be reflected in the communication network (such as the SAE/LTE network, the UMTS network), thus, Limit the development of home base stations. Summary of the invention

本发明的实施例提供了一种通信系统和方法、家用基站网关及家 用基站服务器, 以实现在通信系统中引入家用基站。  Embodiments of the present invention provide a communication system and method, a home base station gateway, and a home base station server to implement the introduction of a home base station in a communication system.

本发明的实施例提供了一种通信系统, 包括家用基站、 第三方网 络和家用基站网关。  Embodiments of the present invention provide a communication system including a home base station, a third party network, and a home base station gateway.

所述家用基站, 用于通过第一地址与所述家用基站网关进行通 信, 根据所述第一地址在所述第三方网络中确定所述家用基站;  The home base station is configured to communicate with the home base station gateway by using a first address, and determine the home base station in the third-party network according to the first address;

所述第三方网络, 用于连接所述家用基站和所述家用基站网关; 所述家用基站网关,用于使所述家用基站使用第二地址与通信网 络中其它节点进行通信,根据所述第二地址在通信网络中确定所述家 用基站。 本发明的实施例还提供了一种家用基站网关, 包括: The third-party network is configured to connect the home base station and the home base station gateway; the home base station gateway is configured to enable the home base station to communicate with other nodes in the communication network by using a second address, according to the The two addresses determine the home base station in a communication network. An embodiment of the present invention further provides a home base station gateway, including:

存储单元, 其包括第一存储单元, 用于存储家用基站用户标识、 第一地址、 第二地址;  a storage unit, including a first storage unit, configured to store a home base station user identifier, a first address, and a second address;

接收单元,用于接收家用基站发送通信网络中其它节点的第一数 据包和 /或通信网络中其它节点发给家用基站的第二数据包, 所述第 一数据包为所述家用基站发送给其他节点的上行数据包;所述第二数 据包为所述家用基站接收的其他节点发送的下行数据包。  a receiving unit, configured to receive a first data packet sent by the home base station to other nodes in the communication network, and/or a second data packet sent by the other node in the communication network to the home base station, where the first data packet is sent to the home base station The uplink data packet of the other node; the second data packet is a downlink data packet sent by another node received by the home base station.

处理单元,用于根据所述存储单元存储的内容和所述接收单元接 收的数据包的地址, 将所述第一地址转换为第二地址, 将所述第二地 址转换为第一地址;  a processing unit, configured to convert the first address into a second address according to the content stored by the storage unit and the address of the data packet received by the receiving unit, and convert the second address into a first address;

发送单元, 用于发送所述处理单元处理的数据包。 本发明的实施例还提供了一种家用基站服务器, 包括: 接收单元, 用于接收鉴权信息请求消息和业务请求消息, 所述鉴 权信息请求消息或业务请求消息包括家用基站用户标识;  And a sending unit, configured to send a data packet processed by the processing unit. The embodiment of the present invention further provides a home base station server, including: a receiving unit, configured to receive an authentication information request message and a service request message, where the authentication information request message or the service request message includes a home base station user identifier;

存储单元, 其包括第一存储单元, 用于存储家用基站用户标识、 与家用基站用户标识对应的安全上下文;  a storage unit, including a first storage unit, configured to store a home base station user identifier and a security context corresponding to the home base station user identifier;

鉴权单元,用于根据所述接收单元接收的家用基站用户标识和所 述家用基站用户标识对应的安全上下文对家用基站进行鉴权。 本发明的实施例还提供了一种通信方法, 包括:  The authentication unit is configured to authenticate the home base station according to the home base station user identifier received by the receiving unit and the security context corresponding to the home base station user identifier. An embodiment of the present invention further provides a communication method, including:

家用基站与家用基站网关使用第一地址进行通信,所述第一地址 用于在第三方网络中唯一确定所述家用基站;  The home base station and the home base station gateway communicate using the first address, and the first address is used to uniquely determine the home base station in the third party network;

所述家用基站网关使所述家用基站使用第二地址与通信网络中 其它节点进行通信,所述第二地址用于在通信网络中唯一确定家用基 站。  The home base station gateway causes the home base station to communicate with other nodes in the communication network using a second address for uniquely determining a home base station in the communication network.

与现有技术相比,本发明实施例描述了家用基站接入到通信系统 的情况, 可充分发挥家用基站的作用。 附图说明 Compared with the prior art, the embodiment of the present invention describes a case where a home base station accesses a communication system, and the role of the home base station can be fully utilized. DRAWINGS

图 1 A示出了本发明实施例一的 SAE/LTE通信网络的结构示意 图;  1A is a schematic structural diagram of a SAE/LTE communication network according to Embodiment 1 of the present invention;

图 1B示出了本发明实施例一的 UMTS通信网络的结构示意图; 图 2A示出了本发明实施例一的家用基站网关;  1B is a schematic structural diagram of a UMTS communication network according to Embodiment 1 of the present invention; FIG. 2A is a diagram showing a home base station gateway according to Embodiment 1 of the present invention;

图 2B示出了本发明实施例一的家用基站网关;  2B shows a home base station gateway according to Embodiment 1 of the present invention;

图 2C示出了本发明实施例一的家用基站服务器;  2C shows a home base station server according to Embodiment 1 of the present invention;

图 3示出了本发明实施例二的通信方法;  FIG. 3 shows a communication method according to Embodiment 2 of the present invention;

图 4示出了本发明实施例四中家用基站的鉴权过程;  FIG. 4 is a diagram showing an authentication process of a home base station in Embodiment 4 of the present invention;

图 5示出了本发明实施例五的分配的 IP地址( IP2 ) 的过程; 图 7示出了本发明实施例七的家用基站与家用基站服务器同步的 过程;  5 shows a process of assigning an IP address (IP2) according to Embodiment 5 of the present invention; FIG. 7 is a flowchart showing a process of synchronizing a home base station with a home base station server according to Embodiment 7 of the present invention;

图 8示出了本发明实施例七的家用基站服务器与家用基站同步的 过程;  8 is a diagram showing a process of synchronizing a home base station server and a home base station according to Embodiment 7 of the present invention;

图 9示出了本发明实施例的安全关联建立后的协议栈;  FIG. 9 is a diagram showing a protocol stack after a security association is established according to an embodiment of the present invention;

图 10示出了本发明实施例的控制面的协议栈;  FIG. 10 shows a protocol stack of a control plane according to an embodiment of the present invention; FIG.

图 11示出了本发明实施例的业务控制功能的协议栈;  FIG. 11 shows a protocol stack of a service control function according to an embodiment of the present invention;

图 12示出了本发明实施例的釆用 Logic OAM方式时的网络管理 功能协议栈;  FIG. 12 is a diagram showing a network management function protocol stack when the Logic OAM mode is used in the embodiment of the present invention;

图 13示出了本发明实施例的釆用普通方式时的网络管理功能协 议栈;  FIG. 13 is a diagram showing a network management function protocol stack in an ordinary manner of the embodiment of the present invention;

图 14示出了本发明实施例的用户面协议栈。 具体实施方式  Figure 14 shows a user plane protocol stack in accordance with an embodiment of the present invention. detailed description

为了便于本领域一般技术人员理解和实现本发明 ,现结合附图描 述本发明的实施例。  In order to facilitate a person skilled in the art to understand and implement the present invention, the embodiments of the present invention are described in conjunction with the accompanying drawings.

在下面的实施例中,以 SAE/LTE网络为例来描述本发明的通信系 统和方法。 In the following embodiments, the communication system of the present invention is described by taking an SAE/LTE network as an example. System and method.

实施例一  Embodiment 1

如图 1 A所示, 本实施例提供了一种带有家用基站的 S AE/LTE通 信系统。  As shown in FIG. 1A, this embodiment provides an S AE/LTE communication system with a home base station.

本实施例描述本发明的通信系统, 所述通信系统包括用户设备 ( UE )、家用基站(HNB )、第三方网络、家用基站网关(HNBGW )、 家用基站服务器、移动性管理实体( MME )和服务网关( Serving GW ) 等节点, 其中上述家用基站服务器可以为网络中的单独实体, 也可以 与网络中的归属用户服务器 HS S合设。 下面分别介绍本实施例通信系 统的各个部分。  This embodiment describes a communication system of the present invention, which includes a User Equipment (UE), a Home Base Station (HNB), a third party network, a Home Base Station Gateway (HNBGW), a Home Base Station Server, a Mobility Management Entity (MME), and A node such as a Serving GW, wherein the above-mentioned home base station server may be a separate entity in the network, or may be combined with a home subscriber server HSs in the network. The various parts of the communication system of this embodiment are separately described below.

所述用户设备用于通过所述家用基站和家用基站网关接入核心 网, 以便与其它网络节点通信。  The user equipment is configured to access the core network through the home base station and the home base station gateway to communicate with other network nodes.

所述家用基站用于通过第一地址(即下文中的 IP1 ) 与家用基站 网关进行通信, 根据该第一地址可以在第三方网络(如 Internet )中唯 一确定家用基站。所述家用基站还用于存储使用该基站的家用基站用 户标识(HNB ID ) 、 安全上下文(包括基本密钥、 鉴权算法、 加密 算法、 数字证书等)以及用户列表等, 并提供空口接入功能和接入限 制功能 ,所述空口接入功能用于将用户设备通过无线链路与家用基站 相连, 所述接入限制功能可通过接入限制列表即用户列表来实现, 即 在用户列表中列出的用户可以接入,而不在用户列表中的用户不允许 接入。 家用基站和家用基站网关之间的链路可由第三方提供, 比如釆 用第三方提供的 xDSL ( xDSL是 DSL(Digital Subscriber Line)的统称, 即数字用户线路) 线路、 Ethernet (以太网)等等。 家用基站可以通 过家用基站网关和 MME、 服务网关、 OAM、 HSS等网络节点相链接。 所述第三方网络用于连接家用基站和家用基站网关,所述第三方 网络可以是 Internet  The home base station is configured to communicate with a home base station gateway by using a first address (ie, IP1 hereinafter), according to which the home base station can be uniquely determined in a third-party network (such as the Internet). The home base station is further configured to store a home base station user identifier (HNB ID), a security context (including a basic key, an authentication algorithm, an encryption algorithm, a digital certificate, and the like) and a user list, and provide air interface access. The function and the access restriction function are used to connect the user equipment to the home base station through a wireless link, and the access restriction function can be implemented by using an access restriction list, that is, a user list, that is, in the user list. The listed users can access, and users in the user list are not allowed to access. The link between the home base station and the home base station gateway may be provided by a third party, such as xDSL provided by a third party (xDSL is a collective term for DSL (Digital Subscriber Line), ie, digital subscriber line) line, Ethernet (Ethernet), etc. . The home base station can be linked to the network node such as the MME, the serving gateway, the OAM, and the HSS through the home base station gateway. The third-party network is used to connect a home base station and a home base station gateway, and the third-party network may be an Internet.

所述家用基站网关用于使家用基站使用第二地址 (即下文中的 IP2 ) 与通信网络中其它节点 (如移动性管理实体、 服务网关、 HSS 等)进行通信,根据该第二地址可以在通信网络中唯一确定家用基站。 这样 ,家用基站网关可将家用基站通过第一地址和第二地址与通信网 络中其它节点进行通信。 家用基站网关和 MME、 服务网关、 家用基 站服务器、 OAM之间存在接口, 其中家用基站网关与 MME之间的接 口主要是用来传递一些 UE相关的控制信息; 家用基站网关与服务网 关之间的接口主要是用户面的数据传输,家用基站网关与家用基站服 务器之间的接口主要是家用基站网关需要从家用基站服务器处获取 一些关于家用基站的业务控制信息; 家用基站网关与 OAM之间的接 口用于对家用基站提供管理功能。 通过这些接口, 家用基站网关可以 实现对家用基站的管理。 The home base station gateway is configured to enable the home base station to use the second address (ie, IP2 in the following) and other nodes in the communication network (eg, mobility management entity, service gateway, HSS) And communicating, according to which the home base station can be uniquely determined in the communication network. In this way, the home base station gateway can communicate with the other nodes in the communication network by the home base station through the first address and the second address. An interface exists between the home base station gateway and the MME, the serving gateway, the home base station server, and the OAM, wherein the interface between the home base station gateway and the MME is mainly used to transmit some UE-related control information; between the home base station gateway and the serving gateway The interface is mainly the data transmission of the user plane. The interface between the home base station gateway and the home base station server is mainly that the home base station gateway needs to obtain some service control information about the home base station from the home base station server; the interface between the home base station gateway and the OAM Used to provide management functions for home base stations. Through these interfaces, the home base station gateway can implement management of the home base station.

本通信系统和方法、家用基站网关及家用基站服务器同样适用于 其它通讯系统。对于 UMTS系统,如图 1B所示,家用基站网关和 SGSN、 家用基站服务器、 OAM之间存在接口, 其中家用基站网关与 SGSN之 间的接口主要是用来传递一些 UE相关的控制信息和用户面数据; 家 用基站网关与家用基站服务器之间的接口主要是家用基站网关需要 从家用基站服务器处获取一些关于家用基站的业务控制信息; 家用基 站网关与 OAM之间的接口用于对家用基站提供管理功能。 通过这些 接口, 家用基站网关可以实现对家用基站的管理。  The communication system and method, the home base station gateway, and the home base station server are also applicable to other communication systems. For the UMTS system, as shown in FIG. 1B, an interface exists between the home base station gateway and the SGSN, the home base station server, and the OAM. The interface between the home base station gateway and the SGSN is mainly used to transmit some UE-related control information and user plane. The interface between the home base station gateway and the home base station server is mainly that the home base station gateway needs to obtain some service control information about the home base station from the home base station server; the interface between the home base station gateway and the OAM is used to provide management for the home base station. Features. Through these interfaces, the home base station gateway can implement management of the home base station.

如图 2A所示, 所述家用基站网关包括: 存储单元 11 , 其包括第 一存储单元, 用于存储家用基站用户标识、 第一地址、 第二地址, 以 及可能的接入限制列表等等, 该接入限制列表即用户列表; 接收单元 12 , 用于接收家用基站向通信网络中其它节点发送的第一数据包和 / 或通信网络中其它节点发给家用基站的第二数据包,该第一数据包的 源地址为家用基站在第三方网络中的地址即第一地址,所述第二数据 包的目的地址为家用基站在通信网络中的地址即第二地址;处理单元 14,用于根据所述存储单元 11存储的内容和所述接收单元 12接收的数 据包的地址, 将所述第一地址转换为第二地址, 将所述第二地址转换 为第一地址; 发送单元 14, 用于发送所述处理单元 14处理的数据包。 所述处理单元 14包括: 确定单元 141 , 用于确定所述接收单元接收的 数据包; 获得单元 142, 用于当所述确定单元 141确定的数据包为第一 数据包时,根据所述存储单元 11存储的内容和所述第一地址获得第二 地址; 当所述确定单元 141确定的数据包为第二数据包时, 根据所述 存储单元 11存储的内容和所述第二地址获得第一地址;设置单元 143 , 另外, 如图 2B所示, 所述家用基站网关还包括: As shown in FIG. 2A, the home base station gateway includes: a storage unit 11 that includes a first storage unit, configured to store a home base station user identifier, a first address, a second address, and a possible access restriction list, and the like. The access restriction list is a user list; the receiving unit 12 is configured to receive a first data packet sent by the home base station to other nodes in the communication network, and/or a second data packet sent by the other node in the communication network to the home base station, where the The source address of a data packet is the address of the home base station in the third-party network, that is, the first address, and the destination address of the second data packet is the address of the home base station in the communication network, that is, the second address; the processing unit 14 is configured to: Converting the first address to a second address and converting the second address to a first address according to the content stored by the storage unit 11 and the address of the data packet received by the receiving unit 12; the sending unit 14, Used to send data packets processed by the processing unit 14. The processing unit 14 includes: a determining unit 141, configured to determine, received by the receiving unit a data packet; an obtaining unit 142, configured to: when the data packet determined by the determining unit 141 is a first data packet, obtain a second address according to the content stored by the storage unit 11 and the first address; when the determining When the data packet determined by the unit 141 is the second data packet, the first address is obtained according to the content stored by the storage unit 11 and the second address; the setting unit 143, and, as shown in FIG. 2B, the home base station gateway Also includes:

初始接入单元 15 , 用于当家用基站根据家用基站网关的 DNS ( Domain Name System, 域名系统)或者固定的地址选择到家用基站 网关后, 将家用基站通过连接到通信网络中的其它节点。  The initial access unit 15 is configured to connect the home base station to other nodes in the communication network after the home base station selects the home base station gateway according to a DNS (Domain Name System) of the home base station gateway or a fixed address.

SCTP汇聚单元 16, 用于将家用基站网关和家用基站之间的 SCTP 链接、 汇聚到家用基站网关和 MME之间的 SCTP链接中。  The SCTP aggregation unit 16 is configured to link the SCTP between the home base station gateway and the home base station to the SCTP link between the home base station gateway and the MME.

业务控制单元 17 ,用于对家用基站的业务进行相应的管理。例如, 实现网络侧与家用基站间的互鉴权; 再例如,接收到家用基站的业务 请求消息时, 实现网络侧与家用基站间业务请求消息的交互与处理。 该业务请求消息可能是用户增加、 修改、 删除接入限制列表等等, 通 过该单元, 可以实现网络侧与家用基站间接入限制列表的同步等功 The service control unit 17 is configured to perform corresponding management on the services of the home base station. For example, the mutual authentication between the network side and the home base station is implemented. For example, when the service request message of the home base station is received, the interaction and processing of the service request message between the network side and the home base station is implemented. The service request message may be a user adding, modifying, deleting an access restriction list, etc., through the unit, the synchronization of the access restriction list between the network side and the home base station may be implemented.

•6匕 •6匕

匕。  dagger.

管理单元 18, 用于对家用基站进行管理, 该管理包括通过 Logic OAM方式进行的管理、 或通过普通方式进行的管理。  The management unit 18 is configured to manage the home base station, and the management includes management by using a Logic OAM method or management by an ordinary manner.

通过上述初始接入单元 15、 SCTP汇聚单元 16、 业务控制单元 17 以及管理单元 18, 提供了家用基站网关对家用基站进行管理的功能。  The primary access unit 15, the SCTP aggregation unit 16, the service control unit 17, and the management unit 18 provide a function for the home base station gateway to manage the home base station.

所述家用基站服务器用来保存家用基站用户标识、该家用基站用 户标识对应的签约信息、 该家用基站用户标识对应的用户列表、 该家 用基站用户标识所对应的安全上下文(包括基本密钥、 鉴权算法、 加 密算法、 数字证书等)。 该家用基站的设备标识以及厂商信息、 与家 用基站相链接的家用基站网关地址等, 当家用基站接入到网络时, 家 用基站服务器需要对家用基站进行鉴权, 在这种情况下, 家用基站服 务器充当了 AAA Server的功能。 该家用基站服务器可以与原来的 E-UTRAN网络中的用来保存用户签约信息的服务器是同一个服务 器, 也可以是一个新的服务器。 如图 2C所示, 所述家用基站服务器包 括: 接收单元 21 , 用于接收鉴权信息请求消息, 所述鉴权信息请求消 息包括家用基站用户标识; 存储单元 22, 其包括第一存储单元 221 , 用于存储家用基站用户标识和与家用基站用户标识对应的安全上下 文, 第二存储单元 222, 用于存储家用基站用户的签约信息、 用户群 组所包括的用户列表,以便其它网络节点利用所述家用基站用户的签 约信息、 用户群组所包括的用户列表对家用基站的通信进行控制; 鉴 权单元 23 ,用于根据所述接收单元接收的家用基站用户标识和该家用 基站用户标识对应的基本密钥对家用基站进行鉴权;第一处理单元 24 和 /或第二处理单元 25。 所述第一处理单元 24用于对所述第二存储单 元 222存储的信息进行修改(例如修改用户列表) , 并将修改结果同 步到家用基站的用户列表中。所述第二处理单元 25用于接收业务请求 消息(例如修改用户列表请求), 并根据该请求对所述第二存储单元 222存储的数据进行修改。 The home base station server is configured to save a home base station user identifier, a subscription information corresponding to the home base station user identifier, a user list corresponding to the home base station user identifier, and a security context corresponding to the home base station user identifier (including a basic key, Weight algorithm, encryption algorithm, digital certificate, etc.). The device identifier of the home base station and the vendor information, the home base station gateway address linked to the home base station, etc., when the home base station accesses the network, the home base station server needs to authenticate the home base station, in this case, the home base station The server acts as a AAA Server. The home base station server can be the same service as the server used to save the user subscription information in the original E-UTRAN network. Or a new server. As shown in FIG. 2C, the home base station server includes: a receiving unit 21, configured to receive an authentication information request message, where the authentication information request message includes a home base station user identifier; and the storage unit 22 includes a first storage unit 221 And storing a home base station user identifier and a security context corresponding to the home base station user identifier, the second storage unit 222, configured to store subscription information of the home base station user, and a user list included in the user group, so that other network nodes use the The subscription information of the home base station user and the user list included in the user group control the communication of the home base station; the authentication unit 23 is configured to: according to the home base station user identifier received by the receiving unit and the home base station user identifier The base key authenticates the home base station; the first processing unit 24 and/or the second processing unit 25. The first processing unit 24 is configured to modify the information stored by the second storage unit 222 (for example, modify a user list), and synchronize the modification result to the user list of the home base station. The second processing unit 25 is configured to receive a service request message (eg, modify a user list request), and modify data stored by the second storage unit 222 according to the request.

所述 MME用于进行移动性管理、 用户设备的鉴权和密钥管理、 信令的加密、完整性保护、管理和分配临时移动用户标识。所述 MME 还用于存储 UE (用户设备)控制面上下文, 所述 UE控制面上下文包 括 UEID (用户设备标识) 、 用户设备状态 (包括激活, 待机) 、 用 户设备所在的跟踪区等。  The MME is configured to perform mobility management, authentication and key management of user equipment, encryption of signaling, integrity protection, management, and allocation of temporary mobile subscriber identity. The MME is further configured to store a UE (User Equipment) control plane context, where the UE control plane context includes a UEID (User Equipment Identity), a User Equipment Status (including activation, standby), a tracking area where the user equipment is located, and the like.

所述服务网关负责用户面处理,所述用户面处理包括数据的路由 和转发、 存储 UE用户面上下文、 家用基站切换时用户面支持、 LTE— IDLE时下行数据触发 /发起寻呼。 所述 UE用户面上下文包括基 本 IP承载信息、 路由信息等。  The service gateway is responsible for user plane processing, and the user plane processing includes routing and forwarding of data, storing UE user plane context, user plane support when the home base station is switched, and downlink data triggering/initiating paging when LTE-IDLE. The UE user plane context includes basic IP bearer information, routing information, and the like.

所述 OAM (操作、 管理、 维护实体)主要负责网管功能。 实施例二  The OAM (operation, management, and maintenance entity) is mainly responsible for network management functions. Embodiment 2

如图 3所示, 本实施例描述本发明的通信方法。 下面按照家用基 站与网络之间建立链接并进行数据传输的过程来说明本发明的通信。  As shown in Fig. 3, this embodiment describes the communication method of the present invention. The communication of the present invention will be described below in accordance with the process of establishing a link between a home base station and a network and performing data transmission.

步骤 31、 家用基站上电后, 获得第一地址(IP1 ) , 并通过家用 基站网关的域名或其它方式(例如将网关的地址直接配置在基站里) 确定家用基站网关的地址, 当确定家用基站网关的地址后, 家用基站 可接入到家用基站网关,根据第一地址可以在第三方网络中唯一确定 家用基站。 Step 31: After the home base station is powered on, obtain the first address (IP1) and pass the home The domain name of the base station gateway or other manner (for example, the address of the gateway is directly configured in the base station). The address of the home base station gateway is determined. After determining the address of the home base station gateway, the home base station can access the home base station gateway, according to the first address. The home base station is uniquely identified in the third party network.

步骤 32、 家用基站接入到家用基站网关后, 家用基站向网络进行 登记注册和鉴权, 鉴权成功后, 在家用基站网关和家用基站之间建立 安全隧道。  Step 32: After the home base station accesses the home base station gateway, the home base station registers and authenticates with the network. After the authentication succeeds, a secure tunnel is established between the home base station gateway and the home base station.

步骤 33、 安全隧道建立完成后, DHCP ( Dynamic Host Configuration Protocol, 动态主机配置协议)服务器为家用基站分配 第二地址(IP2 ) , 所述第二地址为通信网络的内部 IP地址, 在通信 网络中唯一确定一个家用基站。  Step 33: After the security tunnel is established, the DHCP (Dynamic Host Configuration Protocol) server allocates a second address (IP2) to the home base station, where the second address is an internal IP address of the communication network, and is in the communication network. The only one home base station is identified.

需要说明的是, 上述步骤 32与步骤 33可以融合在一个步骤中完 成。例如将上述步骤 32与步骤 33中的鉴权过程和安全隧道建立过程可 以同时进行, IP地址分配过程和安全隧道建立过程也可以同时进行, IP地址的分配方式包括但不限于 DHCP的方法。  It should be noted that the above steps 32 and 33 can be combined in one step. For example, the authentication process and the secure tunnel establishment process in the foregoing steps 32 and 33 can be performed simultaneously, and the IP address allocation process and the secure tunnel establishment process can also be performed simultaneously. The IP address allocation mode includes but is not limited to the DHCP method.

步骤 34、 在开始进行数据传输前, 每一个家用基站可以和家用基 站网关之间建立有限的 SCTP ( Stream Control Transmission Protocol , 流控制传输协议)链接, 家用基站网关和 MME之间也建立少量的 SCTP链接, 家用基站网关可以将家用基站网关和家用基站之间 SCTP 链接汇聚到家用基站网关和 MME之间的 SCTP链接中。  Step 34: Before starting the data transmission, each home base station can establish a limited SCTP (Stream Control Transmission Protocol) link with the home base station gateway, and a small amount of SCTP is also established between the home base station gateway and the MME. Linking, the home base station gateway can aggregate the SCTP link between the home base station gateway and the home base station into an SCTP link between the home base station gateway and the MME.

网络侧可以通过家用基站服务器实现网络对家用基站的业务的 控制, 完成网络侧与家用基站之间业务信息的同步。  The network side can control the service of the network to the home base station through the home base station server, and complete the synchronization of the service information between the network side and the home base station.

网络侧还可通过 0 AM对家用基站提供网络管理功能。  The network side can also provide network management functions for the home base station through 0 AM.

下面通过实施例三至实施例九分别描述上述各个通信步骤。  The above respective communication steps are respectively described by the third embodiment to the ninth embodiment.

实施例三  Embodiment 3

本实施例描述家用基站接入家用基站网关的过程 (步骤 31 )。 当 家用基站上电后, 第三方网络(例如 Internet中的 xDSL网络)会给该 家用基站分配一个 IP地址(如 IP1 ) , 家用基站可使用 IP1和家用基站 网关相链接, 家用基站确定家用基站网关地址的方法有三种。 1、 将家用基站网关的域名或固定地址手动输入家用基站中。This embodiment describes a process in which a home base station accesses a home base station gateway (step 31). After the home base station is powered on, the third-party network (such as the xDSL network in the Internet) will assign an IP address (such as IP1) to the home base station, the home base station can link with the home base station gateway, and the home base station determines the home base station gateway. There are three ways to address. 1. Manually input the domain name or fixed address of the home base station gateway into the home base station.

2、 当家用基站釆用机卡分离方案时, 可以将家用基站网关的域 名作为一个参数放在 BSIM ( Base Station Identifier Module , 基站身份 模块)卡中提供给家用基站。 2. When the home base station uses the card separation scheme, the domain name of the home base station gateway can be provided as a parameter in the BSIM (Base Station Identifier Module) card to the home base station.

3、可以将家用基站网关的域名放在第三方的 DHCP服务器中, 当 DHCP服务器给家用基站回 DHCP响应时, 将家用基站网关的域名发 送给家用基站。  3. The domain name of the home base station gateway can be placed in the third party's DHCP server. When the DHCP server returns a DHCP response to the home base station, the domain name of the home base station gateway is sent to the home base station.

家用基站在获得家用基站网关的域名后,然后使用该域名通过域 名服务器解析出家用基站网关的 IP地址, 通过该 IP地址接入家用基站 网关。  After obtaining the domain name of the home base station gateway, the home base station then uses the domain name to resolve the IP address of the home base station gateway through the domain name server, and accesses the home base station gateway through the IP address.

实施例四  Embodiment 4

本实施例描述家用基站的鉴权过程(步骤 32 )。 家用基站接入家 用基站网关后, 还需要向核心网进行登记和鉴权, 以鉴别家用基站的 合法性。 如图 4所示, 下面详细描述家用基站的鉴权过程。  This embodiment describes an authentication process of a home base station (step 32). After the home base station accesses the home base station gateway, it also needs to register and authenticate to the core network to identify the legitimacy of the home base station. As shown in FIG. 4, the authentication process of the home base station will be described in detail below.

步骤 41、 家用基站在开机后, 向家用基站网关发送登记请求消息 ( Register ) , 所述登记请求消息包括家用基站用户标识( HNB ID ) , 以便将家用基站用户标识发送给家用基站网关,所述家用基站用户标 识是由使用该基站的用户在登记时获得的, 其可以是 BSIM ID (家用 基站身份标识) , 也可以是家用基站设备标识。  Step 41: After the home base station is powered on, send a registration request message (Register) to the home base station gateway, where the registration request message includes a home base station user identifier (HNB ID), so as to send the home base station user identifier to the home base station gateway, where The home base station user identity is obtained by the user who uses the base station at the time of registration, and may be a BSIM ID (Home Base Station Identity) or a Home Base Station Device Identity.

步骤 42、 家用基站网关获得登记请求消息后, 将登记请求消息中 的家用基站用户标识设置在鉴权信息请求消息 ( AuthlnfoReq ) 中, 并将鉴权信息请求消息发给家用基站服务器。  Step 42: After obtaining the registration request message, the home base station gateway sets the home base station user identifier in the registration request message in the authentication information request message (AuthlnfoReq), and sends the authentication information request message to the home base station server.

步骤 43、 家用基站服务器收到鉴权信息请求消息后, 根据鉴权信 息请求消息中的 HNB ID找到与该 HNB ID相应的基本密钥, 并产生随 机数, 以基本密钥和随机数为参数, 执行鉴权算法, 产生鉴权结果 ( Resultl ); 同时家用基站服务器也可以根据基本密钥、 随机数和特 定的密钥产生算法生成衍生密钥,然后家用基站服务器向家用基站网 关发送鉴权信息响应消息 ( AuthlnfoResp ) , 所述鉴权信息响应消息 包括鉴权结果 (Resultl ) 、 随机数和衍生密钥, 以便将鉴权结果 ( Resultl ) 、 随机数和衍生密钥发送给家用基站网关。 Step 43: After receiving the authentication information request message, the home base station server finds the basic key corresponding to the HNB ID according to the HNB ID in the authentication information request message, and generates a random number, using the basic key and the random number as parameters. Performing an authentication algorithm to generate an authentication result (Resultl); at the same time, the home base station server may also generate a derived key according to the basic key, the random number, and a specific key generation algorithm, and then the home base station server sends the authentication to the home base station gateway. An information response message (AuthlnfoResp), the authentication information response message including an authentication result (Resultl), a random number, and a derived key, so as to be used for the authentication result ( Resultl ), random number and derived key are sent to the home base station gateway.

步骤 44、 家用基站网关接收到鉴权信息响应消息后, 将鉴权信息 响应消息中的随机数设置在鉴权请求消息( AuthChallenge )中, 并将 该鉴权请求发给家用基站。  Step 44: After receiving the authentication information response message, the home base station gateway sets the random number in the authentication information response message in an authentication request message (AuthChallenge), and sends the authentication request to the home base station.

步骤 45、 家用基站接收到鉴权请求后, 根据鉴权请求中的随机数 和家用基站中存储的基本密钥,使用与步骤 43中相同的鉴权算法产生 鉴权结果(Result2 ) , 根据基本密钥和随机数使用与步骤 43中相同的 密钥产生算法生成衍生密钥。 接着, 家用基站将鉴权结果(Result2 ) 设置在鉴权响应消息中, 并向家用基站网关发送该鉴权响应消息。  Step 45: After receiving the authentication request, the home base station generates an authentication result (Result2) according to the random number in the authentication request and the basic key stored in the home base station, using the same authentication algorithm as in step 43. The key and the random number are generated using the same key generation algorithm as in step 43. Next, the home base station sets the authentication result (Result2) in the authentication response message, and sends the authentication response message to the home base station gateway.

步骤 43和步骤 45中生成的衍生密钥可以用作 IPSec中 IKE的预共 享密钥, 用来生成 IPSec中的安全关联(SA ) , 该衍生密钥也可以用 作对家用基站和网络之间传输数据进行保护的密钥。  The derived key generated in step 43 and step 45 can be used as a pre-shared key of IKE in IPSec, which is used to generate a security association (SA) in IPSec, and the derived key can also be used for transmission between the home base station and the network. The key to protect the data.

步骤 46、 家用基站网关将该鉴权结果(Result2 )与家用基站服务 器传送过来的鉴权结果(Resultl )相比较, 如果不同则鉴权失败, 否 则鉴权成功, 使用该家用基站的用户为合法的用户, 家用基站网关将 向家用基站发送登记确认消息 ( RegisterAck ) 。  Step 46: The home base station gateway compares the authentication result (Result2) with the authentication result (Resultl) transmitted by the home base station server. If the authentication fails, the authentication fails. Otherwise, the authentication succeeds, and the user who uses the home base station is legal. The user, the home base station gateway will send a registration confirmation message (RegisterAck) to the home base station.

在鉴权通过后,为了保证家用基站网关和家用基站之间的通讯安 全, 在家用基站网关和家用基站之间可以釆用安全隧道方式通信。 安 全隧道方式有多种, 如 IPSec安全隧道、 L2TP ( Layer 2 Tunneling Protocol, 第二层隧道协议)安全隧道。 在发明实施例中, 安全隧道 为 IPSec安全隧道。 IPSec需要一个安全关联(SA ) , 这个安全关联可 以通过釆用 IKE ( Internet Key Exchange , 密钥交换)使用预共享密钥、 数字签名或者公钥加密等方式来动态建立。  After the authentication is passed, in order to ensure communication security between the home base station gateway and the home base station, secure tunnel communication can be used between the home base station gateway and the home base station. There are several types of security tunnels, such as IPSec security tunnels and L2TP (Layer 2 Tunneling Protocol) tunnels. In an embodiment of the invention, the secure tunnel is an IPSec secure tunnel. IPSec requires a Security Association (SA), which can be dynamically established by using IKE (Internet Key Exchange) using pre-shared keys, digital signatures, or public key encryption.

当在家用基站网关和家用基站之间建立了 IPSec安全隧道之后, 家用基站网关起着一个安全网关的作用。  After the IPSec secure tunnel is established between the home base station gateway and the home base station, the home base station gateway functions as a security gateway.

安全关联建好后,家用基站和家用基站网关之间的控制面数据的 传输方式将釆用 IPSec隧道的方式。 当 MME需要给家用基站发送数据 时, 其 IP层的目的 IP地址使用的是通信网络给家用基站分配的 IP地址 ( IP2 ) , 该数据包首先被路由到家用基站网关, 然后家用基站网关 将该 IP包原封不动的用 IPSec进行封装, 在 IPSec的外层 IP釆用的是第 三方网络(例如 xDSL网络)给家用基站分配的 IP地址(IP1 ) , 可以 在家用基站网关上通过查找家用基站地址映射关系得到与 IP2相对应 的 IP1。 反过来, 当家用基站向 MME发送数据时也釆用同样的方式, 其内部的 IP地址釆用的是通信网络给家用基站分配的 IP地址(IP2 ) , 其外部 IP地址釆用的是第三方给家用基站分配的 IP地址(IP1 ) 。 图 9示出了安全关联建立后的协议栈, 协议栈的最上层是网络节 点和家用基站之间的应用层,可以是任意应用层协议,可能是 RANAP ( Radio Access Network Application Part , 无线接入网应用 分)协议 用于 MME控制 HNB , 也可能是用户面协议等; 应用层下面的传输层 可能 SCTP、 UDP或者其它的协议等; 传输层下面是 IP层, 网络节点 和家用基站网关以及家用基站网关和家用基站之间的用户数据和信 令都是通过 IP层进行路由的。 家用基站网关和家用基站之间的数据包 是用 IPSec进行封装并釆用第三方给家用基站分配的 IP地址 IP1 (可以 在家用基站网关上通过查找家用基站地址映射关系得到与 IP2相对应 的 IP1 )作为 IPSec的外层 IP。 本协议栈的最下两层, 网络节点和家用 基站网关以及家用基站网关和家用基站之间 Ll、 L2层是物理层和数 据链路层, 可以釆用任意能承载 IP协议的技术, 例如可以是以太网、 ATM或者令牌环等。 After the security association is established, the control plane data transmission mode between the home base station and the home base station gateway will adopt the IPSec tunnel mode. When the MME needs to send data to the home base station, the destination IP address of the IP layer uses the IP address (IP2) assigned by the communication network to the home base station, and the data packet is first routed to the home base station gateway, and then the home base station gateway. The IP packet is encapsulated in IPSec as it is. The IP address (IP1) assigned to the home base station by the third-party network (for example, xDSL network) is used in the outer IP of the IPSec, and can be searched on the home base station gateway. The home base station address mapping relationship obtains IP1 corresponding to IP2. Conversely, when the home base station sends data to the MME, the same method is used. The internal IP address uses the IP address (IP2) assigned by the communication network to the home base station, and the external IP address is used by a third party. The IP address (IP1) assigned to the home base station. Figure 9 shows the protocol stack after the security association is established. The uppermost layer of the protocol stack is the application layer between the network node and the home base station. It can be any application layer protocol, and may be RANAP (Radio Access Network Application Part, wireless access). The network application sub-) protocol is used for the MME to control the HNB, and may also be a user plane protocol; the transport layer below the application layer may be SCTP, UDP or other protocols; below the transport layer is the IP layer, the network node and the home base station gateway, and the home User data and signaling between the base station gateway and the home base station are routed through the IP layer. The data packet between the home base station gateway and the home base station is encapsulated by IPSec and uses the IP address IP1 assigned by the third party to the home base station (IP1 corresponding to IP2 can be obtained by looking up the home base station address mapping relationship on the home base station gateway). ) as the outer IP of IPSec. The lower two layers of the protocol stack, the network node and the home base station gateway, and the L1 and L2 layers between the home base station gateway and the home base station are physical layer and data link layer, and any technology capable of carrying the IP protocol can be used, for example, It is Ethernet, ATM or Token Ring.

实施例五  Embodiment 5

本实施例描述通信网络为家用基站分配内部 IP地址的过程。  This embodiment describes a process in which a communication network allocates an internal IP address to a home base station.

当家用基站接入到家用基站网关, 并鉴权成功后, 为了使家用基 站与通信网络中的其它节点进行通信, DHCP服务器需要为家用基站 分配一个通信网络的内部 IP地址( IP2 ) 。 这样, 通信网络中的其它 网络节点可将该家用基站作为通信网络内的一个节点,以便利用该内 部 IP地址( IP2 ) 进行路由, 从而可以方便地和该家用基站之间进行 通讯。 在完成了家用基站的内部 IP地址 (IP2 ) 的分配后, 此时家用 基站网关已获得家用基站外部 IP地址 (IP1 , 第三方给家用基站分配 的 IP地址) 、 家用基站内部 IP地址 (IP2 ) 以及家用基站的用户标识 ( HNB ID ) ,家用基站网关上需要建立一个家用基站的用户标识 HNB ID、 家用基站外部 IP地址(IP1 )和家用基站内部 IP地址(IP2 )之间 的家用基站地址映射关系表,这样当家用基站网关和家用基站之间通 过 IP层进行用户数据和信令路由时, 家用基站网关可以使用这张家用 基站地址映射关系表找到与家用基站的外部 IP地址 (IP2 )对应的家 用基站的内部 IP地址(IP1 ) 。 为了和网管面的其他节点通讯, 网管 面的 DHCP服务器通常需要给家用基站分配另一个 IP地址(IP3 ) 。 After the home base station accesses the home base station gateway and the authentication succeeds, in order for the home base station to communicate with other nodes in the communication network, the DHCP server needs to allocate the internal IP address (IP2) of the communication network to the home base station. In this way, other network nodes in the communication network can use the home base station as a node in the communication network to be routed by using the internal IP address (IP2), so that communication with the home base station can be conveniently performed. After the assignment of the internal IP address (IP2) of the home base station is completed, the home base station gateway has obtained the external IP address of the home base station (IP1, and the third party assigns the home base station) IP address), home base station internal IP address (IP2) and home base station user ID (HNB ID), the home base station gateway needs to establish a home base station user identification HNB ID, home base station external IP address (IP1) and home base station A home base station address mapping relationship table between internal IP addresses (IP2), such that when the home base station gateway and the home base station perform user data and signaling routing through the IP layer, the home base station gateway can use the home base station address mapping relationship. The table finds the internal IP address (IP1) of the home base station corresponding to the external IP address (IP2) of the home base station. In order to communicate with other nodes on the network management plane, the DHCP server on the network management plane usually needs to assign another IP address (IP3) to the home base station.

所述分配家用基站内部 IP地址(IP2 )的 DHCP服务器可以放在家 用基站网关上, 也可以是一个单独的网络节点; 当 DHCP服务器为一 个单独的网络节点时, 家用基站网关就需要承担起 DHCP Relay ( DHCP中继)的功能。 在 DHCP服务器为家用基站分配 IP地址(IP2 ) 之后, 将 IP地址(IP2 )发给家用基站。  The DHCP server that allocates the home base station internal IP address (IP2) may be placed on the home base station gateway or may be a separate network node; when the DHCP server is a separate network node, the home base station gateway needs to assume DHCP. Relay (DHCP relay) function. After the DHCP server assigns an IP address (IP2) to the home base station, the IP address (IP2) is sent to the home base station.

网管面的 DHCP服务器为家用基站分配 IP地址( IP3 )之后, 除了 将 IP地址(IP3 )发给家用基站之外, 还需要将 OAM服务器的 IP地址 发给家用基站。 当使用 Logic OAM (逻辑网管) 时, 因为 OAM与家 用基站之间并没有直接的接口, 只是在 OAM和家用基站网关之间存 在接口, 可以通过家用基站网关实现对家用基站的管理, 就不需要对 家用基站分配这个 IP地址了。  After the DHCP server of the network management plane assigns an IP address (IP3) to the home base station, in addition to sending the IP address (IP3) to the home base station, the IP address of the OAM server needs to be sent to the home base station. When using Logic OAM (Logical Network Management), since there is no direct interface between the OAM and the home base station, there is only an interface between the OAM and the home base station gateway, and the home base station gateway can be managed by the home base station gateway. Assign this IP address to the home base station.

图 5示出了分配 IP地址( IP2 ) 的过程, 下面参照图 5描述分配 IP 地址(IP2 ) 的过程。  Fig. 5 shows the process of assigning an IP address (IP2), and the process of assigning an IP address (IP2) will be described below with reference to FIG.

步骤 51、 家用基站向用户面的 DHCP服务器发送一个地址服务请 求消息, 要求获得一个通信网络中的 IP地址(IP2 ) , 所述地址服务 请求消息包含家用基站用户标识; 如果家用基站与 DHCP服务器不在 同一个网段, 则家用基站网关就需要承担中继的功能, 向 DHCP服务 器转发这条消息;  Step 51: The home base station sends an address service request message to the DHCP server of the user plane, requesting obtaining an IP address (IP2) in the communication network, where the address service request message includes the home base station user identifier; if the home base station and the DHCP server are not located On the same network segment, the home base station gateway needs to assume the function of relaying, and forwards the message to the DHCP server;

步骤 52、 DHCP服务器在收到家用基站的地址服务请求消息之后, 根据家用基站自身的标识为该家用基站分配 IP地址(IP2 ) 。  Step 52: After receiving the address service request message of the home base station, the DHCP server allocates an IP address (IP2) to the home base station according to the identity of the home base station itself.

步骤 53、 DHCP向家用基站发送地址服务响应消息, 所述地址服 务响应消息包含家用基站的 IP地址(IP2 ) 。 Step 53: DHCP sends an address service response message to the home base station, where the address service The response message contains the IP address (IP2) of the home base station.

图 6示出了分配网管面的 IP地址 (IP3 ) 的过程, 下面参照图 6描 述分配网管面的 IP地址( IP3 ) 的过程。  Fig. 6 shows the process of assigning the IP address (IP3) of the network management plane, and the process of assigning the IP address (IP3) of the network management plane will be described below with reference to FIG.

步骤 61、 家用基站向网管面的 DHCP服务器发送一个地址服务请 求消息, 要求获得一个网管面的 IP地址, 所述地址服务请求消息包含 家用基站用户标识; 如果家用基站与 DHCP服务器不在同一个网段, 则家用基站网关就需要承担 DHCP Relay的功能, 向 DHCP服务器转发 这条消息;  Step 61: The home base station sends an address service request message to the DHCP server on the network management plane, requesting to obtain an IP address of the network management plane, where the address service request message includes the home base station user identifier; if the home base station is not in the same network segment as the DHCP server , the home base station gateway needs to assume the function of the DHCP relay, and forwards the message to the DHCP server;

步骤 62、 DHCP服务器在收到家用基站的地址服务请求消息之后, 根据家用基站自身的标识为该家用基站分配用户面的 IP地址 IP3 , 并 确定 OAM的地址。  Step 62: After receiving the address service request message of the home base station, the DHCP server allocates the IP address IP3 of the user plane to the home base station according to the identifier of the home base station, and determines the address of the OAM.

步骤 63、 DHCP返回给家用基站地址服务响应消息, 所述地址服 务响应消息包括家用基站的 IP地址(IP3 ) 、 OAM服务器的地址。 实施例六  Step 63: The DHCP returns a home base station address service response message, where the address service response message includes an IP address (IP3) of the home base station and an address of the OAM server. Embodiment 6

本实施例描述家用基站网关的 S C TP链接汇聚功能 (参见步骤 34 ) 。  This embodiment describes the S C TP link aggregation function of the home base station gateway (see step 34).

考虑到在通信网络中有成千上万的家用基站的存在,而每一个家 用基站的都需要建立到 MME的 SCTP的链接, 建立的方法有以下三步 骤:  Considering the existence of tens of thousands of home base stations in the communication network, and each home base station needs to establish a link to the SCTP of the MME, the method of establishing has the following three steps:

1、每一个家用基站可以和家用基站网关之间建立有限的 SCTP链 接, 比如说 4个 SCTP链接。  1. Each home base station can establish a limited SCTP link with the home base station gateway, such as four SCTP links.

2、 家用基站网关和 MME之间也建立少量的 SCTP链接, 由于家 用基站网关下有大量的家用基站,所以家用基站网关需要将所有的到 这些家用基站的 SCTP汇聚到这少量的和 MME之间的 SCTP链接中去。  2. A small number of SCTP links are also established between the home base station gateway and the MME. Since there are a large number of home base stations under the home base station gateway, the home base station gateway needs to aggregate all the SCTPs to the home base stations to between the small number and the MME. Go to the SCTP link.

3、 考虑到一个家用基站可以和多个 MME相链接, 所以家用基站 网关需要将某一个家用基站的 SCTP转接到不同的 MME上去。  3. Considering that a home base station can be linked with multiple MMEs, the home base station gateway needs to transfer the SCTP of a certain home base station to a different MME.

当在 MME和家用基站之间存在 SCTP转接时 ,此时在 MME和家用 基站网关之间存在一段 SCTP, 在家用基站网关和家用基站之间存在 另外一段 SCTP, 这两段 SCTP在家用基站网关上进行转接。 When there is an SCTP switch between the MME and the home base station, there is a SCTP between the MME and the home base station gateway, and there exists between the home base station gateway and the home base station. In another SCTP, the two SCTPs are transferred on the home base station gateway.

对于下行, 当 MME需要向家用基站发送数据包的时候, 该数据 包的目的 IP地址是家用基站网关的 IP地址, 并在该数据包的包头中带 上目的家用基站的标识, 所述家用基站用户标识可以通过 SCTP包头 中的 PPI ( Payload Protocol Identifier, 负荷协议标识) 来标识。 家用 基站网关收到该数据包后, 交由 SCTP层处理, SCTP解析出 SCTP SDU ( SCTP Service Data Unit, SCTP业务数据单元), 然后将该 SCTP SDU重新封装到某一个家用基站的 SCTP链接中发送出去; 家用基站 网关将根据 SCTP包头中的家用基站用户标识来确定将该数据包转发 到家用基站, 然后找到该家用基站的 SCTP链接的标识等, 对 SCTP SDU进行封包, 接着再添上该家用基站的 IP地址, 然后再将这个该 IP 包封在 IPSec中发送给家用基站。  For the downlink, when the MME needs to send a data packet to the home base station, the destination IP address of the data packet is the IP address of the home base station gateway, and the identifier of the destination home base station is carried in the packet header of the data packet, where the home base station The user ID can be identified by the PPI (Postload Protocol Identifier) in the SCTP header. After receiving the data packet, the home base station gateway is handed over to the SCTP layer, and the SCTP parses the SCTP Service Data Unit (SCTP Service Data Unit), and then re-encapsulates the SCTP SDU into an SCTP link of a home base station. Going out; the home base station gateway determines to forward the data packet to the home base station according to the home base station user identifier in the SCTP packet header, and then finds the identifier of the SCTP link of the home base station, etc., encapsulates the SCTP SDU, and then adds the home base station. The IP address, and then the IP packet is encapsulated in IPSec and sent to the home base station.

对于上行, 由于家用基站可能会连接到多个 MME。 当 UE初始附 着 (Attach ) 时, 可根据 MME的负荷情况来选择一个 MME, 有两种 选择方法:  For the uplink, the home base station may be connected to multiple MMEs. When the UE initially attaches (Attach), an MME can be selected according to the load condition of the MME, and there are two options:

1、 家用基站来选择 MME, 当家用基站选择好 MME后, 将该选 择的结果告诉家用基站网关, 家用基站网关根据家用基站选择的 MME ,将相应的 SCTP的链接转接到相应的 MME上去;对于这种情况 , 家用基站需要知道各个 MME的负载信息, 并据此选择相应的 MME。 MME和家用基站之间的负载信息的交互可通过 RANAP层进行。  1. The home base station selects the MME, and after the home base station selects the MME, the home base station gateway is notified of the result of the selection, and the home base station gateway transfers the corresponding SCTP link to the corresponding MME according to the MME selected by the home base station; For this case, the home base station needs to know the load information of each MME and select the corresponding MME accordingly. The interaction of the load information between the MME and the home base station can be performed through the RANAP layer.

2、 家用基站网关选择 MME, 家用基站网关可根据 MME的负载 信息选择相应的 MME。  2. The home base station gateway selects the MME, and the home base station gateway can select the corresponding MME according to the load information of the MME.

当 UE在附着后的其他建链过程中 , 比如进行 TAU ( Tracking Area Update, 跟踪区更新)过程或者进行业务请求过程; 家用基站可以根 据 UE带上的 TMSI ( Temporary Mobile Subscriber Identity, 临时移动 用户标识)来选择 MME。  When the UE is in the other link-building process after the attachment, for example, performing a TAU (Tracking Area Update) process or performing a service request process; the home base station may be based on the TMSI (Temporary Mobile Subscriber Identity) of the UE. ) to choose MME.

当家用基站选择 MME时, 将选择的 MME告诉家用基站网关, 以 便于家用基站网关将其与该家用基站的 SCTP链接转接到家用基站网 关到 MME的 SCTP上去; 同样道理, 可以在家用基站和家用基站网关 之间的 SCTP包头中将目标 MME的标识带上, 以提供家用基站网关选 择; 该标识可以放在 SCTP包头的 PPI中带给家用基站网关。 When the home base station selects the MME, the selected MME is notified to the home base station gateway, so that the home base station gateway transfers the SCTP link of the home base station to the home base station gateway to the SCTP of the MME; similarly, the home base station and the Home base station gateway The identifier of the target MME is carried in the SCTP packet header to provide a home base station gateway selection; the identifier can be placed in the PPI of the SCTP packet header to be sent to the home base station gateway.

图 10示出了釆用 SCTP汇聚时的控制面的协议栈, 协议栈的最上 层是 MME和家用基站之间的应用层, 可能是 RANAP协议, 也可能是 S1AP协议,用于 MME控制 HNB,该应用层是承载在 SCTP上的, SCTP 层被分为两段, MME和家用基站网关之间的一段 SCTP以及家用基站 网关和家用基站之间的另外一段 SCTP, 这两段 SCTP在家用基站网关 上进行转接。 SCTP层下面是 IP层, MME和家用基站网关以及家用基 站网关和家用基站之间的用户数据和信令都是通过 IP层进行路由的。 家用基站网关和家用基站之间的数据包是用 IPSec进行封装并釆用第 三方给家用基站分配的 IP地址 IP1 (可以在家用基站网关上通过查找 家用基站地址映射关系得到与 IP2相对应的 IP1 )作为 IPSec的外层 IP。 本协议栈的最下两层, MME和家用基站网关以及家用基站网关和家 用基站之间 Ll、 L2层是物理层和数据链路层,可以釆用任意能承载 IP 协议的技术, 例如可以是以太网、 ATM或者令牌环等。  Figure 10 shows the protocol stack of the control plane when the SCTP is aggregated. The upper layer of the protocol stack is the application layer between the MME and the home base station, which may be the RANAP protocol or the S1AP protocol, and is used by the MME to control the HNB. The application layer is carried on the SCTP, the SCTP layer is divided into two segments, a SCTP between the MME and the home base station gateway, and another SCTP between the home base station gateway and the home base station, and the two SCTPs are in the home base station gateway. Transfer on. Below the SCTP layer is the IP layer. User data and signaling between the MME and the home base station gateway and the home base station gateway and the home base station are routed through the IP layer. The data packet between the home base station gateway and the home base station is encapsulated by IPSec and uses the IP address IP1 assigned by the third party to the home base station (IP1 corresponding to IP2 can be obtained by looking up the home base station address mapping relationship on the home base station gateway). ) as the outer IP of IPSec. The lowermost two layers of the protocol stack, the MME and the home base station gateway, and the L1 and L2 layers between the home base station gateway and the home base station are physical layer and data link layer, and any technology capable of carrying the IP protocol can be used, for example, Ethernet, ATM or Token Ring.

从图 10中可以看出, 当釆用 SCTP汇聚之后, 家用基站网关对于 控制面的应用层是透明的,这可以降低家用基站网关处理的复杂程度 以及降氏处理时延。  As can be seen from Fig. 10, after the SCTP convergence is used, the home base station gateway is transparent to the application layer of the control plane, which can reduce the complexity of the home base station gateway processing and the processing delay of the Fallier.

实施例七  Example 7

本实施例描述业务控制功能。  This embodiment describes a service control function.

家用基站是一个网络节点,网络侧可能需要对其业务进行相应的 管理,比如对家用基站上允许接入的用户列表或者用户的位置信息等 进行管理。 如果在家用基站上设置允许接入的用户列表, 这些业务列 表需要同步到网络中去, 反过来网络侧也可能设置一些业务参数, 这 些业务参数也需要传递到家用基站上。 从这个角度看, 就存在着网络 对家用基站的业务的控制功能。  The home base station is a network node, and the network side may need to manage its services accordingly, such as managing the list of users allowed to access on the home base station or the location information of the user. If a list of users allowed to access is set on the home base station, these service lists need to be synchronized to the network. In turn, some network parameters may be set on the network side, and these service parameters also need to be transmitted to the home base station. From this perspective, there is a network control function for the home base station.

在本实施例中, 家用基站服务器可作为家用基站的业务控制节 点, 其上保存着家用基站的所有相关的业务信息, 网络可以通过家用 基站服务器和家用基站网关之间的接口来控制家用基站。在家用基站 网关和家用基站之间需要建立一个应用层协议,用于家用基站网关控 制家用基站。 该 Application层可以承载在 TCP上, 也可以承载在 SCTP 上, 考虑到在家用基站网关和家用基站之间存在 SCTP链接, 所以 Application承载在 SCTP上更好一些。通过上述接口和应用层协议, 实 现了家用基站网关对家用基站的管理。 图 11示出了业务控制功能的协议栈, 协议栈的最上层是应用层, 用于家用基站服务器通过家用基站网关对家用基站进行控制。在家用 基站服务器和家用基站网关之间的应用层协议可以釆用 MAP( Mobile Application Part, 移动应用部分)协议或其他可能的协议, 用于家用 基站服务器控制家用基站网关;在家用基站网关和家用基站之间的应 用层协议可能是 RANAP协议, 用于家用基站网关控制家用基站。 应 用层下面的家用基站服务器和家用基站网关之间的传输层协议可能 是 SCTP或者 SCCP, 在家用基站网关和家用基站之间的传输层协议可 能是 SCTP或者 TCP。传输层下面是 IP层, 家用基站服务器和家用基站 网关以及家用基站网关和家用基站之间的用户数据和信令都是通过 IP层进行路由的。 家用基站网关和家用基站之间的数据包是用 IPSec 进行封装并釆用第三方给家用基站分配的 IP地址 IPl (可以在家用基 站网关上通过查找家用基站地址映射关系得到与 IP2相对应的 IP1 )作 为 IPSec的外层 IP。 本协议栈的最下两层, 家用基站服务器节点和家 用基站网关以及家用基站网关和家用基站之间 L 1、 L2层是物理层和 数据链路层,可以釆用任意能承载 IP协议的技术,例如可以是以太网、 ATM或者令牌环等。 In this embodiment, the home base station server can serve as a service control node of the home base station, and all related service information of the home base station is stored thereon, and the network can control the home base station through an interface between the home base station server and the home base station gateway. At home base station An application layer protocol needs to be established between the gateway and the home base station for the home base station gateway to control the home base station. The Application layer can be carried on the TCP or on the SCTP. Considering that there is an SCTP link between the home base station gateway and the home base station, the Application bearer is better on the SCTP. Through the above interface and application layer protocol, the management of the home base station by the home base station gateway is realized. Figure 11 shows the protocol stack of the service control function. The uppermost layer of the protocol stack is the application layer, which is used for the home base station server to control the home base station through the home base station gateway. The application layer protocol between the home base station server and the home base station gateway may use a MAP (Mobile Application Part) protocol or other possible protocols for the home base station server to control the home base station gateway; at the home base station gateway and the home The application layer protocol between the base stations may be a RANAP protocol for the home base station gateway to control the home base station. The transport layer protocol between the home base station server and the home base station gateway below the application layer may be SCTP or SCCP, and the transport layer protocol between the home base station gateway and the home base station may be SCTP or TCP. Below the transport layer is the IP layer. User data and signaling between the home base station server and the home base station gateway and the home base station gateway and the home base station are routed through the IP layer. The data packet between the home base station gateway and the home base station is encapsulated by IPSec and uses the IP address assigned by the third party to the home base station IP1 (IP1 corresponding to IP2 can be obtained by looking up the home base station address mapping relationship on the home base station gateway) ) as the outer IP of IPSec. The lowermost two layers of the protocol stack, the home base station server node and the home base station gateway, and the L1 and L2 layers between the home base station gateway and the home base station are physical layer and data link layer, and any technology capable of carrying the IP protocol can be used. For example, it can be Ethernet, ATM or Token Ring.

下面以用户接入列表的同步过程作为业务控制功能的一个实施 例进行具体的描述。  The following describes the synchronization process of the user access list as an embodiment of the service control function.

当家用基站的用户接入列表被修改后,需要同步到家用基站服务 器, 以便于家用基站服务器调整对这些用户的计费策略。 如图 7所示, 下面描述家用基站与家用基站服务器的接入列表同步的过程。  After the user access list of the home base station is modified, it needs to be synchronized to the home base station server, so that the home base station server adjusts the charging policy for these users. As shown in FIG. 7, the following describes the process of synchronizing the access list of the home base station and the home base station server.

步骤 71、 家用基站向家用基站网关发送用户列表修改请求消息, 所述用户列表修改请求消息包括操作参数(如增加、 删除), 所述增 加为向用户列表中增加用户, 所述删除为从用户列表中删除用户。 Step 71: The home base station sends a user list modification request message to the home base station gateway, where The user list modification request message includes operation parameters (such as addition, deletion), the addition is to add a user to the user list, and the deletion is to delete the user from the user list.

步骤 72、 家用基站网关接收到用户列表修改请求消息后, 将用户 列表修改请求消息发给家用基站服务器。  Step 72: After receiving the user list modification request message, the home base station gateway sends the user list modification request message to the home base station server.

步骤 73、 家用基站服务器根据收到的用户列表修改请求消息, 根 据操作参数向用户列表中增加用户, 或者从列表中删除用户, 并向家 用基站网关发送修改用户列表响应消息。  Step 73: The home base station server modifies the request message according to the received user list, adds a user to the user list according to the operation parameter, or deletes the user from the list, and sends a modify user list response message to the home base station gateway.

步骤 74、 家用基站网关向家用基站发送修改用户列表响应消息, 家用基站接收到此消息后, 允许或者限制某些用户接入该家用基站。  Step 74: The home base station gateway sends a modify user list response message to the home base station, and after receiving the message, the home base station allows or restricts some users from accessing the home base station.

当家用基站的所有人通过手机终端、 internet等方式修改接入限制 列表时, 首先可能修改的是家用基站服务器上的用户接入列表。 当家 用基站服务器中家用基站的用户接入列表被修改后,需要同步到家用 基站, 以便于家用基站服务器调整对这些用户的计费策略。 如图 8所 示, 下面描述家用基站服务器与家用基站同步的过程。  When the owner of the home base station modifies the access restriction list through the mobile terminal, the internet, etc., the user access list on the home base station server may be modified first. After the user access list of the home base station in the home base station server is modified, it needs to be synchronized to the home base station, so that the home base station server adjusts the charging policy for these users. As shown in Fig. 8, the following describes the process of synchronizing the home base station server with the home base station.

步骤 81、家用基站服务器向家用基站网关发送用户列表修改请求 消息, 所述用户列表修改请求消息包括操作参数 (如增加、 删除) , 所述增加为向用户列表中增加用户,所述删除为从用户列表中删除用 户。  Step 81: The home base station server sends a user list modification request message to the home base station gateway, where the user list modification request message includes operation parameters (such as adding, deleting), and the adding is adding a user to the user list, and the deleting is The user is deleted from the user list.

步骤 82、 家用基站网关接收到用户列表修改请求消息后, 并将用 户列表修改请求消息发给家用基站。  Step 82: After receiving the user list modification request message, the home base station gateway sends the user list modification request message to the home base station.

步骤 83、 家用基站根据收到的用户列表修改请求消息, 根据操作 参数向用户列表中增加用户, 或者从列表中删除用户, 并向家用基站 网关发送修改用户列表响应消息。  Step 83: The home base station modifies the request message according to the received user list, adds a user to the user list according to the operation parameter, or deletes the user from the list, and sends a modify user list response message to the home base station gateway.

步骤 84、家用基站网关向家用基站服务器发送修改用户列表响应 消息, 家用基站服务器接收到此消息后, 允许或者限制某些用户接入 该家用基站。  Step 84: The home base station gateway sends a modify user list response message to the home base station server, and after receiving the message, the home base station server allows or restricts some users from accessing the home base station.

实施例八  Example eight

本实施例描述网管控制功能。  This embodiment describes the network management control function.

当把家用基站作为一个网络节点时,网络侧需要对该节点提供网 络管理功能; 网管的方式有两种: When the home base station is used as a network node, the network side needs to provide a network to the node. Network management functions; There are two ways to manage the network:

1、 Logic OAM方式:  1, Logic OAM mode:

对于 Logic OAM方式, OAM实际上只是和家用基站网关之间存 在接口, 在家用基站网关和家用基站之间釆用 Logic OAM的方式。 釆 用 Logic OAM时应用层可以和业务控制功能的应用层重用; 考虑到家 用基站和 OAM之间的接口可能开放, 在 OAM和家用基站网关之间的 接口也就可能开放。  For the Logic OAM mode, OAM actually only has an interface with the home base station gateway, and uses Logic OAM between the home base station gateway and the home base station.应用 When using Logic OAM, the application layer can be reused with the application layer of the service control function; considering that the interface between the home base station and the OAM may be open, the interface between the OAM and the home base station gateway may be open.

图 12示出了釆用 Logic OAM方式时的网络管理功能协议栈。协议 栈的最上层是应用层, 用于 OAM通过家用基站网关对家用基站进行 控制。 在家用基站网关和家用基站之间的传输层协议可能是 SCTP或 者 TCP。传输层下面是 IP层, OAM和家用基站网关以及家用基站网关 和家用基站之间的用户数据和信令都是通过 IP层进行路由的。 家用基 站网关和家用基站之间的数据包是用 IPSec进行封装并釆用第三方给 家用基站分配的 IP地址 IP1 (可以在家用基站网关上通过查找家用基 站地址映射关系得到与 IP2相对应的 IP1 )作为 IPSec的外层 IP。 本协议 栈的最下两层, OAM和家用基站网关以及家用基站网关和家用基站 之间 Ll、 L2层是物理层和数据链路层, 可以釆用任意能承载 IP协议的 技术, 例如可以是以太网、 ATM或者令牌环等。  Figure 12 shows the network management function protocol stack when using the Logic OAM mode. The uppermost layer of the protocol stack is the application layer, which is used by OAM to control the home base station through the home base station gateway. The transport layer protocol between the home base station gateway and the home base station may be SCTP or TCP. Below the transport layer is the IP layer. User data and signaling between the OAM and the home base station gateway and the home base station gateway and the home base station are routed through the IP layer. The data packet between the home base station gateway and the home base station is encapsulated by IPSec and uses the IP address IP1 assigned by the third party to the home base station (IP1 corresponding to IP2 can be obtained by looking up the home base station address mapping relationship on the home base station gateway). ) as the outer IP of IPSec. The lower two layers of the protocol stack, the L1 and L2 layers between the OAM and the home base station gateway, and the home base station gateway and the home base station are the physical layer and the data link layer, and any technology capable of carrying the IP protocol can be used, for example, Ethernet, ATM or Token Ring.

2、 普通方式:  2, the ordinary way:

对于普通方式, OAM和家用基站之间有直接接口, 家用基站网 关此时仅仅提供安全网关的功能; 其协议栈的结构如图 12所示。  For the normal mode, there is a direct interface between the OAM and the home base station, and the home base station gateway only provides the function of the security gateway at this time; the structure of the protocol stack is as shown in FIG.

图 13示出了釆用普通方式时的网络管理功能协议栈。在该协议栈 结构中在 OAM和家用基站之间有直接的应用层和传输层, OAM直接 对家用基站进行控制。 传输层下面是 IP层, OAM和家用基站网关以 及家用基站网关和家用基站之间的用户数据和信令都是通过 IP层进 行路由的。 家用基站网关和家用基站之间的数据包是用 IPSec进行封 装并釆用第三方给家用基站分配的 IP地址 IP1 (可以在家用基站网关 上通过查找家用基站地址映射关系得到与 IP2相对应的 IP1 M乍为 IPSec 的外层 IP。 本协议栈的最下两层, OAM和家用基站网关以及家用基 站网关和家用基站之间 Ll、 L2层是物理层和数据链路层, 可以釆用 任意能承载 IP协议的技术, 例如可以是以太网、 ATM或者令牌环等。 Figure 13 shows the network management function protocol stack when the normal mode is used. In the protocol stack structure, there is a direct application layer and a transport layer between the OAM and the home base station, and the OAM directly controls the home base station. Below the transport layer is the IP layer. User data and signaling between the OAM and the home base station gateway and the home base station gateway and the home base station are routed through the IP layer. The data packet between the home base station gateway and the home base station is encapsulated by IPSec and uses the IP address IP1 assigned by the third party to the home base station (IP1 corresponding to IP2 can be obtained by looking up the home base station address mapping relationship on the home base station gateway). M乍 is the outer IP of IPSec. The bottom two layers of this protocol stack, OAM and home base station gateways and home base The L1 and L2 layers between the station gateway and the home base station are physical layer and data link layer, and any technology capable of carrying the IP protocol can be used, for example, Ethernet, ATM or Token Ring.

实施例九  Example nine

本实施例提供用户面功能。  This embodiment provides a user plane function.

对于用户面来说, 家用基站网关仅仅是一个安全网关。 在用户面 承载建立的时候, 服务网关使用家用基站的 IP地址 (IP2 ) 以及家用 基站分配的 TEID ( Tunnel End Point Identifier, 隧道端点标识)来建 立下行承载, 家用基站使用服务网关的 IP地址以及服务网关分配的 TEID来建立上行承载。 就是说家用基站网关不参与任何的隧道建立、 释放、 修改工作, GTP-U (用户面的 GPRS隧道协议)数据包对于家 用基站网关来说就是一个透明的数据包, 这样对于用户面来说, 家用 基站网关就相当于一个路由器。 这样做的好处是中间节点比较少, 时 延较小。  For the user side, the home base station gateway is just a security gateway. When the user plane bearer is established, the serving gateway uses the IP address (IP2) of the home base station and the TEID (Tunnel End Point Identifier) assigned by the home base station to establish a downlink bearer, and the home base station uses the IP address and service of the serving gateway. The TEID assigned by the gateway establishes an uplink bearer. That is to say, the home base station gateway does not participate in any tunnel establishment, release, and modification work. The GTP-U (User Plane GPRS Tunneling Protocol) data packet is a transparent data packet for the home base station gateway, so that for the user plane, A home base station gateway is equivalent to a router. The advantage of this is that there are fewer intermediate nodes and less latency.

图 14示出了用户面协议栈, 该协议栈最上面三层 (应用层、 TCP/UDP层和 IP层)是 UE和网络服务器之间的对等协议, 封装的是 UE的数据包。 GTP-U层是服务网关和家用基站之间的对等协议, 用 于在服务网关和家用基站之间建立隧道来对上层的分组数据进行传 输, GTP-U是依靠下层的 UDP协议来实现的。 UDP层下面的 IP层, 用 于对服务网关和家用基站网关以及家用基站网关和家用基站之间的 用户数据进行路由。 家用基站网关和家用基站之间的数据包是用 IPSec进行封装并釆用第三方网络协议给家用基站分配的 IP地址(IP1 ) 作为 IPSec的外层 IP。 本协议栈的最下两层, 服务网关和家用基站网 关以及家用基站网关和家用基站之间 LI、 L2层是物理层和数据链路 层, 可以釆用任意能承载 IP协议的技术, 例如可以是以太网、 ATM或 者令牌环等。  Figure 14 shows the user plane protocol stack. The top three layers of the protocol stack (application layer, TCP/UDP layer and IP layer) are peer-to-peer protocols between the UE and the network server, and encapsulate the packets of the UE. The GTP-U layer is a peer-to-peer protocol between the serving gateway and the home base station, and is used for establishing a tunnel between the serving gateway and the home base station to transmit the upper layer packet data, and the GTP-U is implemented by the lower layer UDP protocol. . The IP layer below the UDP layer is used to route user data between the serving gateway and the home base station gateway and the home base station gateway and the home base station. The data packet between the home base station gateway and the home base station is encapsulated by IPSec and uses the IP address (IP1) assigned by the third-party network protocol to the home base station as the outer IP of the IPSec. The lower two layers of the protocol stack, the service gateway and the home base station gateway, and the LI and L2 layers between the home base station gateway and the home base station are the physical layer and the data link layer, and any technology capable of carrying the IP protocol can be used, for example, It is Ethernet, ATM or Token Ring.

上面描述了可使家用基站接入到 SAE/LTE中。 根据本发明实施 例, 家用基站同样可以接入到其它网络(如 UMTS网络) 中, 这样, 可充分发挥家用基站的作用。 另外, 本发明实施例描述的家用基站网 关以及通信方法除适用于 SAE/LTE系统外 ,还可以适用于其它通信系 统如 UMTS、 CDMA等。 通过以上的实施方式的描述,本领域的技术人员可以清楚地了解 到本发明可以通过硬件实现,也可以可借助软件加必要的通用硬件平 台的方式来实现基于这样的理解,本发明的技术方案可以以软件产品 的形式体现出来, 该软件产品可以存储在一个非易失性存储介质(可 以是 CD-ROM, U盘, 移动硬盘等) 中, 包括若干指令用以使得一台 计算机设备(可以是个人计算机, 服务器, 或者网络设备等)执行本 发明各个实施例所述的方法。 It is described above that the home base station can be accessed into SAE/LTE. According to the embodiment of the present invention, the home base station can also access other networks (such as a UMTS network), so that the role of the home base station can be fully utilized. In addition, the home base station gateway and the communication method described in the embodiments of the present invention can be applied to other communication systems in addition to the SAE/LTE system. Such as UMTS, CDMA, etc. Through the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be implemented by hardware, or can be implemented by means of software plus necessary general hardware platform, and the technical solution of the present invention. It can be embodied in the form of a software product that can be stored in a non-volatile storage medium (which can be a CD-ROM, a USB flash drive, a mobile hard disk, etc.), including a number of instructions for making a computer device (may It is a personal computer, a server, or a network device, etc.) that performs the methods described in various embodiments of the present invention.

虽然通过实施例描绘了本发明, 但本领域普通技术人员知道, 在 不脱离本发明的精神和实质的情况下,就可使本发明有许多变形和变 化, 本发明的范围由所附的权利要求来限定。  While the invention has been described by the embodiments of the invention, the invention Request to limit.

Claims

权利要求 Rights request 1、 一种通信系统, 其特征在于, 包括家用基站、 第三方网络和 家用基站网关, A communication system, comprising: a home base station, a third party network, and a home base station gateway, 所述家用基站, 用于通过第一地址与所述家用基站网关进行通 信, 根据所述第一地址在所述第三方网络中确定所述家用基站; 所述第三方网络, 用于连接所述家用基站和所述家用基站网关; 所述家用基站网关,用于使所述家用基站使用第二地址与通信网 络中其它节点进行通信,根据所述第二地址在通信网络中确定所述家 用基站。  The home base station is configured to communicate with the home base station gateway by using a first address, determine the home base station in the third-party network according to the first address, and use the third-party network to connect the a home base station and the home base station gateway; the home base station gateway is configured to enable the home base station to communicate with other nodes in the communication network by using a second address, and determine the home base station in the communication network according to the second address . 2、 根据权利要求 1所述的通信系统, 其特征在于, 所述系统还包 括家用基站服务器; 所述家用基站服务器包括:  2. The communication system according to claim 1, wherein the system further comprises a home base station server; and the home base station server comprises: 接收单元, 用于接收鉴权信息请求消息和业务请求信息, 所述鉴 权信息请求消息或业务请求信息中包括家用基站用户标识;  a receiving unit, configured to receive an authentication information request message and service request information, where the authentication information request message or the service request information includes a home base station user identifier; 存储单元, 其包括第一存储单元, 用于存储所述家用基站用户标 识、 与所述家用基站用户标识对应的安全上下文。  And a storage unit, configured to include a first storage unit, configured to store the home base station user identifier, and a security context corresponding to the home base station user identifier. 3、 根据权利要求 2所述的通信系统, 其特征在于, 所述家用基站 服务器还包括:  The communication system according to claim 2, wherein the home base station server further comprises: 鉴权单元, 用于根据所述接收单元接收的家用基站用户标识、 和 与所述家用基站用户标识对应的安全上下文对所述家用基站进行鉴 权。  The authentication unit is configured to authenticate the home base station according to the home base station user identifier received by the receiving unit and the security context corresponding to the home base station user identifier. 4、 根据权利要求 2所述的通信系统, 其特征在于, 所述存储单元 还包括: 第二存储单元, 用于存储家用基站用户的签约信息、 用户列 表;  The communication system according to claim 2, wherein the storage unit further comprises: a second storage unit, configured to store subscription information and a user list of the user of the home base station; 所述家用基站服务器还包括第一处理单元和 /或第二处理单元, 所述第一处理单元,用于对所述第二存储单元存储的签约信息进 行修改, 并将修改结果同步到家用基站中;  The home base station server further includes a first processing unit and/or a second processing unit, where the first processing unit is configured to modify the subscription information stored by the second storage unit, and synchronize the modification result to the home base station. Medium 所述第二处理单元, 用于接收修改业务请求信息, 并根据业务请 求信息做相应处理。 The second processing unit is configured to receive the modified service request information, and perform corresponding processing according to the service request information. 5、 根据权利要求 1至 4其中之一所述的通信系统, 其特征在于, 所述系统还包括操作、 管理、 维护实体, 用于进行网络管理。 The communication system according to any one of claims 1 to 4, characterized in that the system further comprises an operation, management and maintenance entity for performing network management. 6、 一种家用基站网关, 其特征在于, 包括:  6. A home base station gateway, comprising: 存储单元, 其包括第一存储单元, 用于存储家用基站用户标识、 第一地址、 第二地址;  a storage unit, including a first storage unit, configured to store a home base station user identifier, a first address, and a second address; 接收单元,用于接收家用基站发送通信网络中其它节点的第一数 据包和 /或通信网络中其它节点发给家用基站的第二数据包, 所述第 一数据包为所述家用基站发送给其他节点的上行数据包;所述第二数 据包为所述家用基站接收的其他节点发送的下行数据包。  a receiving unit, configured to receive a first data packet sent by the home base station to other nodes in the communication network, and/or a second data packet sent by the other node in the communication network to the home base station, where the first data packet is sent to the home base station The uplink data packet of the other node; the second data packet is a downlink data packet sent by another node received by the home base station. 处理单元,用于根据所述存储单元存储的内容和所述接收单元接 收的数据包的地址, 将所述第一地址转换为第二地址, 将所述第二地 址转换为第一地址;  a processing unit, configured to convert the first address into a second address according to the content stored by the storage unit and the address of the data packet received by the receiving unit, and convert the second address into a first address; 发送单元, 用于发送所述处理单元处理的数据包。  And a sending unit, configured to send a data packet processed by the processing unit. 7、 根据权利要求 6所述的家用基站网关, 其特征在于, 所述处理 单元包括:  The home base station gateway according to claim 6, wherein the processing unit comprises: 确定单元, 用于确定所述接收单元接收的数据包;  a determining unit, configured to determine a data packet received by the receiving unit; 获得单元, 用于当所述确定单元确定的数据包为第一数据包时, 根据所述存储单元存储的内容和所述第一地址获得第二地址; 当所述 确定单元确定的数据包为第二数据包时时,根据所述存储单元存储的 内容和所述第二地址获得第一地址; 址。  And an obtaining unit, configured to: when the data packet determined by the determining unit is the first data packet, obtain a second address according to the content stored by the storage unit and the first address; when the data packet determined by the determining unit is The second data packet is timed, and the first address is obtained according to the content stored by the storage unit and the second address; 8、 根据权利要求 6所述的家用基站网关, 其特征在于, 所述家用 基站网关还包括:  The home base station gateway according to claim 6, wherein the home base station gateway further comprises: 初始接入单元, 用于当所述家用基站选择家用基站网关后, 将所 述家用基站与网络中其它节点相连。  And an initial access unit, configured to connect the home base station to other nodes in the network after the home base station selects the home base station gateway. 9、 根据权利要求 6所述的家用基站网关, 其特征在于, 所述家用 基站网关还包括:  The home base station gateway according to claim 6, wherein the home base station gateway further comprises: SCTP汇聚单元, 用于将所述家用基站网关和家用基站之间的 SCTP链接、 汇聚到所述家用基站网关和移动性管理实体之间的 SCTP 链接中。 An SCTP convergence unit, configured to connect the home base station gateway and the home base station The SCTP link is aggregated into an SCTP link between the home base station gateway and the mobility management entity. 10、 根据权利要求 6所述的家用基站网关, 其特征在于, 所述家 用基站网关还包括: 业务控制单元, 用于对家用基站的业务进行相应 的管理。  The home base station gateway according to claim 6, wherein the home base station gateway further comprises: a service control unit, configured to perform corresponding management on the services of the home base station. 11、 根据权利要求 6所述的家用基站网关, 其特征在于, 所述家 用基站网关还包括: 管理单元, 用于对所述家用基站进行管理, 所述 管理包括通过 Logic OAM方式进行的管理、或通过普通方式进行的管 理。  The home base station gateway according to claim 6, wherein the home base station gateway further includes: a management unit, configured to manage the home base station, where the management includes management by using a Logic OAM method, Or management by ordinary means. 12、 根据权利要求 6至 11中任一项所述的家用基站网关, 其特征 在于,所述家用基站网关对控制面和用户面的应用层内容不进行处理 而直接透传。  The home base station gateway according to any one of claims 6 to 11, wherein the home base station gateway directly transmits the content of the application layer of the control plane and the user plane without processing. 13、 一种家用基站服务器, 其特征在于, 包括:  13. A home base station server, comprising: 接收单元, 用于接收鉴权信息请求消息和业务请求消息, 所述鉴 权信息请求消息或业务请求消息包括家用基站用户标识;  a receiving unit, configured to receive an authentication information request message and a service request message, where the authentication information request message or the service request message includes a home base station user identifier; 存储单元, 其包括第一存储单元, 用于存储家用基站用户标识、 与家用基站用户标识对应的安全上下文;  a storage unit, including a first storage unit, configured to store a home base station user identifier and a security context corresponding to the home base station user identifier; 14、 如权利要求 13所述的家用基站服务器, 其特征在于, 包括: 鉴权单元,用于根据所述接收单元接收的家用基站用户标识和所 述家用基站用户标识对应的安全上下文对家用基站进行鉴权。  The home base station server according to claim 13, comprising: an authentication unit, configured to: according to the home base station user identifier received by the receiving unit and the security context corresponding to the home base station user identifier, the home base station Perform authentication. 15、 根据权利要求 13所述的家用基站服务器, 其特征在于, 所述 存储单元还包括:第二存储单元,用于存储家用基站用户的签约信息、 用户列表;  The home base station server according to claim 13, wherein the storage unit further comprises: a second storage unit, configured to store subscription information and a user list of the user of the home base station; 所述家用基站服务器还包括第一处理单元和 /或第二处理单元, 所述第一处理单元,用于对所述第二存储单元存储的用户列表进 行修改, 并将修改结果同步到家用基站的用户列表中;  The home base station server further includes a first processing unit and/or a second processing unit, where the first processing unit is configured to modify a user list stored by the second storage unit, and synchronize the modification result to the home base station. In the user list; 所述第二处理单元, 用于接收修改用户列表请求, 并根据修改用 户列表请求对所述第二存储单元存储的用户列表进行修改。  The second processing unit is configured to receive a modify user list request, and modify the user list stored by the second storage unit according to the modified user list request. 16、 一种通信方法, 其特征在于, 包括: 家用基站与家用基站网关使用第一地址进行通信,所述第一地址 用于在第三方网络中唯一确定所述家用基站; 16. A communication method, comprising: The home base station and the home base station gateway communicate by using a first address, where the first address is used to uniquely determine the home base station in a third-party network; 所述家用基站网关使所述家用基站使用第二地址与通信网络中 其它节点进行通信,所述第二地址用于在通信网络中唯一确定家用基 站。  The home base station gateway causes the home base station to communicate with other nodes in the communication network using a second address for uniquely determining a home base station in the communication network. 17、 根据权利要求 16所述的方法, 其特征在于, 在所述家用基站 与家用基站网关使用第一地址进行通信之前, 所述方法还包括: 所述家用基站获得第一地址, 并确定家用基站网关地址; 所述家用基站根据所述第一地址、所述家用基站网关地址接入家 用基站网关。  The method according to claim 16, wherein before the home base station and the home base station gateway use the first address for communication, the method further includes: the home base station obtaining the first address, and determining the home The base station gateway address; the home base station accesses the home base station gateway according to the first address and the home base station gateway address. 18、 根据权利要求 16或 17所述的方法, 其特征在于, 在所述家用 基站接入家用基站网关之后, 所述方法还包括: 所述家用基站向通信 网络进行鉴权, 鉴权成功后, 在所述家用基站网关和所述家用基站之 间建立安全隧道。  The method according to claim 16 or 17, wherein after the home base station accesses the home base station gateway, the method further includes: the home base station performing authentication on the communication network, after the authentication succeeds Establishing a secure tunnel between the home base station gateway and the home base station. 19、 根据权利要求 18所述的方法, 其特征在于, 所述家用基站向 通信网络进行鉴权具体包括:  The method according to claim 18, wherein the authenticating, by the home base station, the communication network comprises: 所述家用基站网关从家用基站服务器获得第一鉴权结果,从家用 基站获得第二鉴权结果,并根据所述第二鉴权结果和所述第一鉴权结 果进行鉴权。  The home base station gateway obtains a first authentication result from the home base station server, obtains a second authentication result from the home base station, and performs authentication according to the second authentication result and the first authentication result. 20、 根据权利要求 19所述的方法, 其特征在于, 所述家用基站网 关从家用基站服务器获得第一鉴权结果具体包括:  The method according to claim 19, wherein the obtaining, by the home base station, the first authentication result from the home base station server comprises: 所述家用基站网关接收所述家用基站发送的登记请求消息,所述 登记请求消息包括家用基站用户标识;  The home base station gateway receives a registration request message sent by the home base station, where the registration request message includes a home base station user identifier; 所述家用基站网关将登记请求消息中的家用基站用户标识通过 鉴权信息请求消息发给家用基站服务器;  The home base station gateway sends the home base station user identifier in the registration request message to the home base station server by using an authentication information request message; 所述家用基站网关接收所述家用基站服务器发送的鉴权信息响 应消息, 所述鉴权信息响应消息包括第一鉴权结果、 随机数, 其中, 所述第一鉴权结果由所述家用基站服务器根据基本密钥和随机数为 参数通过执行鉴权算法而产生,所述随机数根据鉴权信息请求消息中 的家用基站用户标识和与所述家用基站用户标识相应的基本密钥而 产生。 The home base station gateway receives the authentication information response message sent by the home base station server, where the authentication information response message includes a first authentication result, a random number, where the first authentication result is used by the home base station The server generates, by using an authentication algorithm according to the basic key and the random number as parameters, the random number is requested according to the authentication information. The home base station user identity is generated and the base key corresponding to the home base station user identity. 21、 根据权利要求 20所述的方法, 其特征在于, 所述家用基站网 关从家用基站获得第二鉴权结果具体包括:  The method according to claim 20, wherein the obtaining, by the home base station, the second authentication result from the home base station comprises: 所述家用基站网关将鉴权信息响应消息中的随机数通过鉴权请 求消息发给所述家用基站;  The home base station gateway sends the random number in the authentication information response message to the home base station by using an authentication request message; 所述家用基站网关接收所述家用基站发送的鉴权响应消息,所述 鉴权响应消息包括第二鉴权结果,所述第二鉴权结果由所述家用基站 根据鉴权请求中的随机数和家用基站中存储的基本密钥执行所述鉴 权算法而产生。  Receiving, by the home base station, an authentication response message sent by the home base station, where the authentication response message includes a second authentication result, where the second authentication result is used by the home base station according to a random number in the authentication request The base key stored in the home base station is generated by executing the authentication algorithm. 22、 根据权利要求 21所述的方法, 其特征在于, 当所述家用基站 网关根据第二鉴权结果和第一鉴权结果进行鉴权之后, 鉴权成功时, 则在家用基站网关和家用基站之间建立一个安全隧道。  The method according to claim 21, wherein, after the home base station gateway performs authentication according to the second authentication result and the first authentication result, when the authentication succeeds, the home base station gateway and the home A secure tunnel is established between the base stations. 23、 根据权利要求 16所述的方法, 其特征在于, 在所述家用基站 获得第一地址之后, 所述方法还包括: 所述家用基站获得第二地址。  The method according to claim 16, wherein after the home base station obtains the first address, the method further comprises: the home base station obtaining the second address. 24、 根据权利要求 16所述的方法, 其特征在于, 在所述家用基站 获得第一地址之后, 所述方法还包括: 所述家用基站获得第三地址, 所述第三地址用于在通信网络中网管面唯一确定所述家用基站。  The method according to claim 16, wherein after the home base station obtains the first address, the method further includes: the home base station obtaining a third address, where the third address is used for communication The network management plane in the network uniquely determines the home base station. 25、 根据权利要求 23所述的方法, 其特征在于, 在所述家用基站 获得第二地址之后,在所述家用基站与通信网络中其它节点之间进行 通信之前, 所述方法还包括: 将所述家用基站与家用基站网关之间的 链接汇聚到所述家用基站网关与移动性管理实体之间的链接。  The method according to claim 23, wherein after the home base station obtains the second address, before the home base station communicates with other nodes in the communication network, the method further includes: A link between the home base station and the home base station gateway is aggregated to a link between the home base station gateway and the mobility management entity. 26、根据权利要求 16所述的方法,其特征在于,所述方法还包括: 所述家用基站网关将自身域名 DNS提供给家用基站。  The method according to claim 16, wherein the method further comprises: the home base station gateway providing its own domain name DNS to the home base station. 27、根据权利要求 26所述的方法,其特征在于,所述方法还包括: 所述家用基站网关将自身域名 DNS提供给家用基站包括:  The method according to claim 26, wherein the method further comprises: providing, by the home base station gateway, the home domain name DNS to the home base station, including: 将所述自身域名 DNS配置在所述家用基站网关; 或  Configuring the own domain name DNS at the home base station gateway; or 将所述自身域名 DNS放置在 BSIM卡中提供给所述家用基站网 关; 或 将所述自身域名 DNS放置在第三方的 DHCP服务器中, 以在 DHCP响应中将所述 DNS提供给所述家用基站。 Placing the own domain name DNS in a BSIM card for the home base station gateway; or The own domain name DNS is placed in a third party's DHCP server to provide the DNS to the home base station in a DHCP response. 28、根据权利要求 16所述的方法,其特征在于,所述方法还包括: 通过家用基站服务器对家用基站的业务进行控制。  The method according to claim 16, wherein the method further comprises: controlling, by the home base station server, the service of the home base station. 29、 根据权利要求 28所述的方法, 其特征在于, 所述通过家用 基站服务器对家用基站的业务进行控制包括:  The method according to claim 28, wherein the controlling the service of the home base station by the home base station server comprises: 控制网络侧和所述家用基站之间的互鉴权;  Controlling mutual authentication between the network side and the home base station; 控制所述网络侧和所述家用基站之间的接入限制列表同步。  Controlling access restriction list synchronization between the network side and the home base station. 30、 根据权利要求 16所述的方法, 其特征在于, 所述方法还包 括: 操作、 维护和管理实体对所述家用基站进行管理。  The method according to claim 16, wherein the method further comprises: operating, maintaining, and managing an entity to manage the home base station. 31、 根据权利要求 30所述的方法, 其特征在于, 所述对家用基 站进行管理包括:  31. The method of claim 30, wherein the managing the home base station comprises: 通过逻辑 Logic OAM方式、 或普通方式, 对所述家用基站进行 管理。  The home base station is managed by a logical Logic OAM method or a normal manner.
PCT/CN2008/071211 2007-06-05 2008-06-05 Communication system and method, household base station gateway and household base station server Ceased WO2008148357A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200710112323XA CN101321383B (en) 2007-06-05 2007-06-05 Communication system and method, home base station gateway and home user server
CN200710112323.X 2007-06-05

Publications (1)

Publication Number Publication Date
WO2008148357A1 true WO2008148357A1 (en) 2008-12-11

Family

ID=40093200

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2008/071211 Ceased WO2008148357A1 (en) 2007-06-05 2008-06-05 Communication system and method, household base station gateway and household base station server

Country Status (2)

Country Link
CN (1) CN101321383B (en)
WO (1) WO2008148357A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120416846A (en) * 2025-05-30 2025-08-01 北京佰才邦技术股份有限公司 Base station activation method, communication device and storage medium

Families Citing this family (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101784133B (en) * 2009-01-20 2012-07-18 中国移动通信集团上海有限公司 HNB information providing method and HNB gateway device
CN101790221B (en) * 2009-01-22 2015-05-06 中兴通讯股份有限公司 Method and system for controlling access of network during switching of Home Node B
CN102077523B (en) * 2009-02-27 2013-02-27 华为技术有限公司 Wireless backhaul IP address configuration method and device
CN101841841B (en) * 2009-03-16 2012-07-25 中国移动通信集团公司 Method for monitoring quality of link between HNB (Home Node Base station) and HNB GW (Home Node Gateway) as well as system thereof
KR101446011B1 (en) 2009-04-23 2014-09-29 닛본 덴끼 가부시끼가이샤 Wireless communication system in which base station apparatus broadcasts identification information of relay apparatus
CN101730186B (en) * 2009-04-28 2012-10-10 中兴通讯股份有限公司 Subscriber access mode reporting method and home base-station gateway
CN101730187A (en) * 2009-05-13 2010-06-09 中兴通讯股份有限公司 Method and system for realizing local access control of home base station
CN101730007A (en) * 2009-05-19 2010-06-09 中兴通讯股份有限公司 Method and system for forwarding message to home base station from home base station network gate
BRPI0924588B1 (en) * 2009-05-21 2021-11-30 Huawei Technologies Co., Ltd METHOD TO CONFIGURE DOMESTIC B-NODE, DOMESTIC B-NODE AND COMMUNICATION SYSTEM FUNCTIONS
CN101932123B (en) * 2009-06-23 2013-05-08 财团法人资讯工业策进会 Relay station and backhaul connection method thereof
CN101588580A (en) * 2009-06-30 2009-11-25 华为技术有限公司 User access control method, home base station gateway and system
CN101938736A (en) * 2009-06-30 2011-01-05 中兴通讯股份有限公司 Report method and system for local internet protocol network access capability of home base station
CN102026312A (en) * 2009-09-15 2011-04-20 中兴通讯股份有限公司 Method and device for obtaining route mapping relationship
CN101699885B (en) * 2009-10-28 2012-08-29 华为技术有限公司 Method, device and system for allocating and querying service gateway
CN102065565B (en) * 2009-11-11 2015-04-01 中兴通讯股份有限公司 Method for reporting information required by the establishment of inter-home node B direct interface and home node B
CN102149067B (en) * 2010-02-09 2015-04-01 中兴通讯股份有限公司 Method for managing local IP data and mobile communication system
CN102196435B (en) * 2010-03-11 2016-06-15 中兴通讯股份有限公司 Home eNodeB is linked into the method and system accessing gateway
CN102202378B (en) * 2010-03-23 2015-07-22 中兴通讯股份有限公司 User message send method, device and system based on enhanced interface for supporting local IP access
CN102316534B (en) * 2010-07-09 2016-03-02 中兴通讯股份有限公司 The control method of base station from home access and system
CN102316530B (en) 2010-07-09 2016-08-03 中兴通讯股份有限公司 The control method of base station from home access and system
CN102387490B (en) * 2010-09-03 2015-08-12 中兴通讯股份有限公司 A kind of method and system inquiring about local gateway
CN102404823B (en) * 2010-09-16 2016-03-30 中兴通讯股份有限公司 Identify the method and system of ultimate access node
CN102571524B (en) * 2012-02-10 2015-01-07 浙江宇视科技有限公司 Method for traversing and assisting to transverse network isolation equipment in IP (Internet Protocol) monitoring system and node
CN103391544B (en) * 2012-05-10 2017-04-26 华为技术有限公司 base station access control method, corresponding device and system
CN105264869B (en) * 2013-06-26 2019-05-03 华为技术有限公司 A system and method for IP address allocation
CN103501202B (en) * 2013-10-28 2016-08-17 中国人民解放军91388部队 Wireless network communications system based on submarine target locating and tracking and method
CN108307391B (en) * 2016-09-22 2020-10-09 大唐移动通信设备有限公司 Terminal access method and system
CN112040423A (en) * 2019-06-03 2020-12-04 普天信息技术有限公司 A method for realizing fusion of core network and broadband and narrowband fusion services

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1930865A (en) * 2004-03-12 2007-03-14 日本电气株式会社 Communication charge system, ultra-small radio base station, communication charge method, and program
EP1786222A1 (en) * 2005-11-15 2007-05-16 Nortel Networks Limited Access network, gateway and management server for a cellular wireless communication system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100414933B1 (en) * 1999-01-26 2004-01-13 삼성전자주식회사 Handoff control method for home zone service in cellular system
DE202005021930U1 (en) * 2005-08-01 2011-08-08 Corning Cable Systems Llc Fiber optic decoupling cables and pre-connected assemblies with toning parts

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1930865A (en) * 2004-03-12 2007-03-14 日本电气株式会社 Communication charge system, ultra-small radio base station, communication charge method, and program
EP1786222A1 (en) * 2005-11-15 2007-05-16 Nortel Networks Limited Access network, gateway and management server for a cellular wireless communication system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120416846A (en) * 2025-05-30 2025-08-01 北京佰才邦技术股份有限公司 Base station activation method, communication device and storage medium

Also Published As

Publication number Publication date
CN101321383B (en) 2012-07-11
CN101321383A (en) 2008-12-10

Similar Documents

Publication Publication Date Title
WO2008148357A1 (en) Communication system and method, household base station gateway and household base station server
US12464323B2 (en) Wireless device request for protocol data unit session
CN102349350B (en) Local breakout with optimized interface
JP5192047B2 (en) Communication control system, communication system, and communication control method
WO2004077754A1 (en) Service in wlan inter-working, address management system, and method
EP1881660B1 (en) A method, apparatus and system for wireless access
JP2012524424A (en) Local device access management apparatus in a mobile communication system
CN102598604A (en) Correlation ID for local IP access
WO2011041967A1 (en) Method for anonymous communication, method for registration, method and system for trasmitting and receiving information
CN101645814B (en) A method, device and system for accessing a mobile core network by an access point
WO2009129707A1 (en) A method, apparatus and communication system for sending and receiving information between local area networks
JPWO2011048768A1 (en) Communication system, communication terminal and communication node
CN102014039B (en) Data transmission method and access point
CN103906055B (en) Business datum shunt method and system
CN116233953A (en) Data transmission method, device, equipment and storage medium
CN101272315B (en) Packet data package transmission method, system and network appliance
WO2012088882A1 (en) Method and system for data transmission, and access gateway
WO2011050676A1 (en) Anonymous communication method, registration and cancellation method, and access node
CN105681268B (en) Data transferring method and device
WO2009140902A1 (en) Method, system and femto gateway for implementing communication between femto cell network and macro network
WO2011032417A1 (en) Method and system for initiating forwarding of communicaiton, information and data message and for routing configuration
WO2010009678A1 (en) Method, intercommunicating gateway, access point and system for processing lan data
WO2013082987A1 (en) Method and system for performing resource control on local offload data
WO2011044807A1 (en) Method for registration and communication of anonymous communication and transceiver system for data message
WO2012003781A1 (en) Method and system for controlling service admission

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08757622

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08757622

Country of ref document: EP

Kind code of ref document: A1