[go: up one dir, main page]

WO2016155298A1 - Procédé et appareil de contrôle d'accès d'un ue de relais - Google Patents

Procédé et appareil de contrôle d'accès d'un ue de relais Download PDF

Info

Publication number
WO2016155298A1
WO2016155298A1 PCT/CN2015/092853 CN2015092853W WO2016155298A1 WO 2016155298 A1 WO2016155298 A1 WO 2016155298A1 CN 2015092853 W CN2015092853 W CN 2015092853W WO 2016155298 A1 WO2016155298 A1 WO 2016155298A1
Authority
WO
WIPO (PCT)
Prior art keywords
remote
relay
information
access
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2015/092853
Other languages
English (en)
Chinese (zh)
Inventor
梁爽
朱进国
卢飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Publication of WO2016155298A1 publication Critical patent/WO2016155298A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/02Access restriction performed under specific conditions
    • H04W48/04Access restriction performed under specific conditions based on user or terminal location or mobility data, e.g. moving direction, speed
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W72/00Local resource management
    • H04W72/12Wireless traffic scheduling

Definitions

  • the embodiments of the present invention relate to, but are not limited to, a distance-based service (Prose) application technology, and in particular, a relay UE access control method and apparatus.
  • Prose distance-based service
  • Figure 1 is a schematic diagram of the architecture of the network after the introduction of the Prose function in the related technology. As shown in Figure 1, after the introduction of Prose, some network elements and interfaces are added to support this function:
  • Terminal A and terminal B (UEA/UEB) supporting the Prose function can discover and communicate with each other after obtaining authorization from the network side;
  • ProSe application application is installed on both terminal A and terminal B.
  • the Prose Function entity is used to support the introduction of Prose, and is mainly used to complete the authorization and matching of UE discovery and discovery. In some solutions, the Prose Function entity is also responsible for protocol UEs discovering each other;
  • EUTRAN Evolved Universal Terrestrial Radio Access Network
  • the Evolved Packet Core Network includes a Mobility Management Entity (MME) and a Serving Gateway (PGW, Packet Data Network Gateway). These network elements provide the underlying access for the terminal accessing the Prose Function entity;
  • MME Mobility Management Entity
  • PGW Packet Data Network Gateway
  • the Home Subscriber Server which contains all the functions of the Home Location Register (HLR), is the permanent storage location for the subscriber's subscription data and is located at the home network to which the subscriber is contracted. After the introduction of the Prose function, the HSS needs to store the subscription data related to Prose;
  • SLP Secure User Plane Location Platform
  • the relay UE When the terminal moves out of the coverage of the network, the relay UE can be used to access the network to obtain related information.
  • the architecture diagram supporting the relay terminal is shown in Figure 2, where the network element definition is as follows:
  • the remote terminal (Remote UE) is not in the coverage of the network, and obtains information about the network through the relay terminal.
  • the relay UE can provide services for the remote terminal within the coverage of the network.
  • the Public Security Server is one of the application servers that the Remote UE may use, and is used to send information to the Relay UE and the Remote UE.
  • the Remote UE needs to discover the relay UE and establish communication through the process shown in FIG. 3, which generally includes the following steps:
  • Step 300 The relay UE acquires a relay UE ID (ProSe Relay UE ID) of the distance-based service from the network side by using Authorization, and information about whether the relay operation is allowed to be performed;
  • a relay UE ID ProSe Relay UE ID
  • Step 301 The Relay UE is allowed to perform a Relay operation during the authorization process, and announces its own ProSe Relay UE ID.
  • Step 302 The Remote UE around the Relay UE wants to discover the Relay UE by listening to the broadcast through the Remote UE of the relay access network;
  • Step 303 The Remote UE initiates unicast communication with the Relay UE.
  • Relay UE When the Relay UE provides services for the Remote UE, multiple Remote UEs may wish to access the Relay UE. Since the access capability of the Relay UE is limited, how to implement scheduling of multiple Remote UE accesses so that limited resources are effectively allocated needs to be solved. There is no related technical solution for the implementation of Relay UE access control in the related art.
  • the embodiments of the present invention provide a relay UE access control method and apparatus, which can implement access scheduling for a Remote UE, so that limited resources are effectively allocated.
  • An embodiment of the present invention provides a relay terminal UE access control method, including:
  • the relaying UE performs the authorization verification on the remote UE by using the access information of the remote UE, and the remote UE allows the access information to be used to indicate whether the remote UE is allowed to access.
  • the relay UE determines whether to allow the remote UE to access according to the verification result.
  • the relaying the UE to perform the authorization verification on the remote UE by using the remote UE to allow the access information includes:
  • the relay UE receives a request initiated by a remote UE, where the request carries priority information
  • the relay UE performs authorization on the remote UE according to the access information allowed by the remote UE, where the access information of the remote UE includes the level of the access control of the relay UE and the carried in the request. Priority information.
  • the request initiated by the remote UE is a request for establishing a communication
  • the priority information carried in the request is the priority information of the remote UE.
  • the method further includes:
  • the remote UE obtains the priority information of the remote UE by using a pre-authorization process, or pre-configures the priority information of the remote UE locally.
  • the relaying the UE to perform the authorization verification on the remote UE by using the remote UE to allow the access information includes:
  • the relay UE receives a request initiated by a remote UE, where the request carries information of a remote UE;
  • the relaying UE searches for the distance-based service Prose function entity of the remote UE that requests the request, and obtains the priority information of the remote UE according to the information of the remote UE that is carried in the request;
  • the relaying UE performs authorization on the remote UE that initiates the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
  • the relaying UE searches for the distance-based service Prose function entity of the remote UE that initiates the request according to the information of the remote UE that is carried in the request, and obtains the priority information of the remote UE, including :
  • the Prose function entity of the relaying UE searches for the Prose functional entity of the remote UE according to the received information of the remote UE, and acquires priority information of the remote UE;
  • the Prose function entity of the relay UE returns priority information of the remote UE to the relay UE.
  • the relaying the UE to perform the authorization verification on the remote UE by using the remote UE to allow the access information includes:
  • the relay UE obtains a level of access control, and uses a level of the relay UE access control as the access information allowed by the remote UE, and broadcasts through a broadcast message;
  • the remote UE monitors the broadcast message, and determines that the priority information of the remote UE matches the level of the access UE's own access control carried in the broadcast message, and is authorized by the relay UE.
  • the method further includes: obtaining, by the pre-authorization process, the level of the relay UE access control by using the pre-authorization process;
  • the level of the relay UE access control is pre-configured by operating, maintaining, managing the OAM system configuration or locally at the relay UE.
  • the performing, by the remote UE, the access authentication information of the remote UE by using the remote UE includes:
  • the relay UE receives a request initiated by a remote UE
  • the relay UE requests its own distance-based service Prose function entity to perform authorization verification on the remote UE that initiates the request according to the remote UE's allowed access information, and receives the authorization result of the Prose functional entity from the relay UE. ;
  • the authorization result is that the authorization is successful.
  • the request initiated by the remote UE is a broadcast message indicating that the UE is desired to access the network by using the relay UE, or establishing a communication request;
  • the method further includes: obtaining, by the ProSe functional entity of the relay UE, the access information of the remote UE from the application layer or from a home subscriber server HSS of the remote UE.
  • the remote UE allows the access information to be the information of the remote UE that is allowed to access.
  • the remote UE allows the access information to be information of the remote UE that is allowed to access
  • the method further includes: the relay UE receives a request initiated by a remote UE; or the relay UE receives a request initiated by a remote UE, and the ProSe functional entity of the relay UE does not include Information of the remote UE that is allowed to access;
  • the ProSe functional entity of the relay UE performs authorization verification to the ProSe functional entity of the remote UE.
  • the performing the authorization verification by the ProSe functional entity of the relay UE to the ProSe functional entity of the remote UE includes:
  • the relay UE finds a ProSe functional entity of the remote UE corresponding to the remote UE according to the ProSe UE ID of the remote UE that initiates the request, and sends an authorization request to the relay UE, where the authorization request carries the ProSe of the relay UE.
  • Relay UE ID ;
  • the ProSe function entity of the remote UE determines whether the corresponding remote UE can listen to the broadcast information of the relay UE carried in the authorization request or establish a communication request according to the obtained information of the remote UE that is allowed to access.
  • the method further includes: obtaining, by the ProSe functional entity of the remote UE, the information and/or priority information of the remote UE that is allowed to access from the application layer, or acquiring the HSS from the remote UE Information and/or priority information of the remote UE that is allowed to access.
  • the performing, by the remote UE, the access authentication information of the remote UE by using the remote UE includes:
  • the relay UE receives a setup communication request initiated by the remote UE, where the request carries the ProSe UE ID of the remote UE that initiated the request;
  • the relay UE acquires an international mobile subscriber identity IMSI of the remote UE;
  • the relay UE carries the obtained IMSI of the remote UE in an authorization request and sends it to the mobility management entity MME of the own UE. If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, the The authorization result received by the relay UE is that the authorization is successful.
  • the method further includes:
  • the Prose function entity of the relay UE acquires the level of the relay UE's own access control and/or the priority information of the remote UE accessing the relay UE, or the received information comes from The Prose function entity of the remote UE following the authorization request of the ProSe functional entity of the UE acquires the level of the relay UE's own access control and/or the priority information of the remote UE's access to the relay UE;
  • the level of the relay UE access control and/or the priority information of the remote UE accessing the relay UE is used to limit the level of the remote UE that triggers the broadcast, or the level of the relay UE access control. And/or the priority information of the remote UE accessing the relay UE is used to limit the level of the remote UE that communicates with the relay UE.
  • An embodiment of the present invention further provides a relay UE access control apparatus, including a control unit and a processing unit, where
  • control unit configured to perform authorization verification on the remote UE by using the access information of the remote UE, where the remote UE allows the access information to be used to indicate whether the remote UE is allowed to access;
  • the processing unit is configured to determine, according to the verification result, whether the remote UE is allowed to access.
  • control unit is configured to: receive a request initiated by the remote UE; and authorize the remote UE according to the remote UE allowing access information, where the remote end
  • the UE allowed access information includes a level of the relay UE access control and priority information carried in the request.
  • control unit is configured to: receive a request initiated by the remote UE, and search for a Prose functional entity of the remote UE that initiates the request according to the information of the remote UE carried in the request, Obtaining the priority information of the remote UE; and authorizing the remote UE that initiates the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
  • control unit is configured to: receive a request initiated by the remote UE; send a request to a Prose functional entity of the relay UE, where the information of the remote UE is carried;
  • the Prose function entity of the relay UE acquires the priority information of the remote UE; and performs the requesting remote UE according to the level of the relay UE access control and the obtained priority information of the remote UE.
  • Authorization is configured to: receive a request initiated by the remote UE; send a request to a Prose functional entity of the relay UE, where the information of the remote UE is carried;
  • the Prose function entity of the relay UE acquires the priority information of the remote UE; and performs the requesting remote UE according to the level of the relay UE access control and the obtained priority information of the remote UE.
  • control unit is configured to: obtain a level of its own access control, and use the obtained level of the self-access control as the remote UE grant access information to be broadcast by using a broadcast message.
  • control unit is configured to: receive a request initiated by the remote UE; and request a Prose function entity of its own to perform authorization verification on the remote UE that initiates the request according to the access information allowed by the remote UE. And receiving the authorization result of the Prose functional entity from the relay UE.
  • the remote UE allows the access information to be the information of the remote UE that is allowed to access;
  • the authorization result is that the authorization is successful.
  • control unit is configured to: receive a setup communication request initiated by the remote UE; acquire an IMSI of the remote UE by using an authentication process or a separate process of the remote UE; The obtained IMSI of the remote UE is carried in the authorization request and sent to the MME to which it belongs. If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, the authorization result received is the authorization success.
  • the control unit when the remote UE allows the access information to be the information of the remote UE that is allowed to access, if the ProSe functional entity of the relay UE where the control unit is located does not include the remote UE that is allowed to access Information, the control unit is also set to:
  • the ProSe function entity of the remote UE determines, according to the obtained information of the remote UE that is allowed to access, that the corresponding remote UE can listen to the broadcast information of the relay UE carried in the authorization request, or establish a communication request, Receiving authorization success information of the ProSe functional entity from the remote UE.
  • control unit when the authorization result is displayed as the authorization is successful, the control unit is further configured to:
  • the technical solution of the embodiment of the present application includes: the relay UE performs the authorization verification on the remote UE by allowing the remote UE to access the remote UE, and the relay UE determines whether to allow the verification according to the verification result.
  • the remote UE accesses.
  • access scheduling for the remote UE is implemented, so that limited resources are effectively allocated.
  • FIG. 1 is a schematic structural diagram of a network after a related technology introduces a Prose function
  • FIG. 2 is a schematic structural diagram of a related art supporting a relay terminal
  • FIG. 3 is a schematic diagram of a process in which a related UE discovers a relay UE and establishes a communication
  • FIG. 4 is a flowchart of a method for controlling access of a relay UE according to an embodiment of the present invention
  • FIG. 5 is a schematic structural diagram of a structure of a relay UE access control apparatus according to an embodiment of the present invention.
  • FIG. 6 is a schematic flowchart diagram of Embodiment 1 of an application example of the present invention.
  • FIG. 7 is a schematic flowchart of a second embodiment of application of the present invention.
  • FIG. 8 is a schematic flowchart of a third embodiment of application of the present invention.
  • FIG. 9 is a schematic flowchart of a fourth embodiment of application of the present invention.
  • FIG. 10 is a schematic flowchart diagram of Embodiment 5 of the present application.
  • FIG. 11 is a schematic flowchart diagram of Embodiment 6 of the application of the present invention.
  • FIG. 4 is a flowchart of a method for controlling access of a relay UE according to an embodiment of the present invention. As shown in FIG. 4, the method includes:
  • Step 400 The relay UE performs authorization verification on the remote UE by allowing the remote UE to allow the remote UE to access the access information.
  • step 400 may include:
  • the relay UE receives the request initiated by the remote UE, where the request may be a communication request, and the priority information carried in the request is the priority information of the remote UE; the remote UE may pass the pre-authorization process. Obtaining priority information, or locally pre-configuring the priority information at the remote UE;
  • the relay UE matches the level of the access control with the priority information carried in the request, and determines whether to allow the remote UE to access according to the matching result. among them,
  • the access control level can be used when resources are limited, or because the operator specifically limits the access control when only some remote UEs are allowed to access, or other situations where the number of accesses needs to be controlled.
  • the matching policy may be: authorizing a remote UE that is higher than the level of access control learned by the relay UE, or authorizing only the remote UE of the same level; if not, rejecting the remote UE The request ends the process.
  • the matching policy can be set by the operator.
  • step 400 may include:
  • the relaying UE receives the request from the remote UE, and searches for the Prose functional entity of the remote UE according to the information of the remote UE carried in the request, and obtains the priority information of the remote UE;
  • the UE access control level and the obtained priority information of the remote UE are used to authorize the remote UE.
  • the relay UE receives the request from the remote UE, and the relay UE sends a request to the Prose function entity of the relay UE, where the information of the remote UE is carried;
  • the information of the terminal UE is used to find the Prose function entity of the remote UE, and obtain the priority information of the remote UE.
  • the Prose function of the relay UE returns the obtained priority information of the remote UE to the relay UE.
  • the relay UE will authorize the remote UE according to the level of the relay UE access control and the priority information of the remote UE.
  • the ProSe functional entity of the remote UE may obtain the priority information from the application layer or obtain the information from the HSS of the remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • the access control level may be used when the resource is limited, or the access control may be allowed only when some remote UEs are allowed to access, or other situations in which the number of accesses needs to be controlled.
  • the matching policy may be: authorizing a remote UE that is higher than the level of access control learned by the relay UE, or authorizing only the remote UE of the same level; if not, rejecting the remote UE The request ends the process.
  • the matching policy can be set by the operator.
  • step 400 may include:
  • the relay UE After obtaining the access control level, the relay UE directly broadcasts the access control level as the remote UE allowed access information by using a broadcast message;
  • the remote UE After the remote UE monitors the broadcast message, it determines that the priority information of the relay UE is authorized by the relay UE when it matches the level of the relay UE access control carried in the broadcast message; if not, the request of the remote UE is rejected, and the end is terminated. This process.
  • Access control level which can be used when resources are limited, or because the carrier is special It is limited to allow access control only when some remote UEs are allowed to access, or other situations where the number of accesses needs to be controlled.
  • the matching policy may be: authorizing a remote UE that is higher than the level of access control learned by the relay UE, or authorizing only the remote UE of the same level; if not, rejecting the remote UE The request ends the process.
  • the matching policy can be set by the operator.
  • the priority information of the remote UE may be obtained by the remote UE through a pre-authorization process, or locally pre-configured by the remote UE, or by the relay UE from the ProSe functional entity of the remote UE through its own Prose functional entity. Get in.
  • the relay UE may obtain the level of access control in the case that the resource is limited by the pre-authorization process; or may be configured, operated, maintained, managed, or locally pre-configured by the relay UE.
  • step 400 may include:
  • the relay UE receives the request initiated by the remote UE; wherein the request may be a broadcast message indicating that the UE is to be accessed by the relay UE, or a communication request is established, where the request carries the ProSe UE ID of the remote UE that initiated the request;
  • the relay UE requests its own Prose function entity to perform authorization verification on the remote UE that initiates the request according to the allowed access information of the remote UE, and receives the authorization result of the Prose functional entity from the relay UE.
  • the authorization result is that the authorization is successful; if not, the request of the remote UE is rejected, and the process ends.
  • the relay UE receives the setup communication request initiated by the remote UE, where the request carries the ProSe UE ID of the remote UE that initiated the request;
  • the relay UE obtains the IMSI (International Mobile Subscriber Identification Number) of the remote UE by the authentication process or the separate process of the remote UE.
  • IMSI International Mobile Subscriber Identification Number
  • the relay UE obtains the IMSI (International Mobile Subscriber Identification Number) of the remote UE by the authentication process or the separate process of the remote UE.
  • IMSI International Mobile Subscriber Identification Number
  • the relay UE carries the obtained IMSI of the remote UE in the authorization request and sends it to the MME to which it belongs. If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, The authorization result received by the relay UE is the authorization success; if not, the received authorization result is the request to reject the remote UE, and the process ends.
  • the Prose function entity of the relaying UE may obtain the access information of the remote UE from the context of the relay UE that is stored by itself.
  • the ProSe functional entity of the relaying UE may obtain the foregoing authorization information, that is, the remote UE grant access information, from the application layer or from the HSS of the remote UE. If it is obtained from the HSS, it may be obtained in the pre-authorization process of the remote UE accessing the network. If not yet obtained, the remote UE may obtain the access information by initiating an authorization request to the HSS.
  • the remote UE allows the access information to be information of the remote UE that is allowed to access
  • the relay UE receives the request initiated by the remote UE; or the relay UE receives the request initiated by the remote UE.
  • the ProSe functional entity of the relaying UE does not include the information of the remote UE that is allowed to access, and then the ProSe functional entity of the relaying UE performs the authorization verification to the ProSe functional entity of the Remote UE, including:
  • the relay UE finds the ProSe functional entity of the remote UE corresponding to the remote UE according to the ProSe UE ID of the remote UE that initiates the request, and sends an authorization request to the remote UE, where the authorization request carries the ProSe Relay UE of the relay UE. ID;
  • the ProSe function entity of the remote UE determines whether the corresponding remote UE can listen to the broadcast information of the relay UE carried in the authorization request or establish a communication request according to the obtained authorization information, that is, the information of the remote UE that is allowed to access. If the authorization is successful, the authorization result returned to the Prose function entity of the relay UE corresponding to the relay UE is the authorization success; if not, the authorization result is rejected.
  • the ProSe functional entity of the remote UE may obtain the information from the application layer or obtain the information from the HSS of the remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • the method further includes: in a case where the resource is limited, the Prose functional entity of the relay UE acquires a level of the relay UE access control and/or the remote UE access relay The priority information of the UE, or the Prose function entity of the remote UE that receives the authorization request from the ProSe functional entity of the relay UE acquires the level and/or the remote end of the relay UE's own access control.
  • the UE accesses the priority information of the relaying UE, where the level of the self-access control and/or the priority information of the remote UE accessing the relaying UE is used to limit the level of the remote UE that triggers the broadcast, or the middle
  • the level of UE access control and/or the priority information of the remote UE accessing the relay UE is used to limit the level of the remote UE communicating with the relay UE.
  • the priority information of the remote UE access is such that, in case of limited resources, the low-priority remote UE is prevented from triggering the broadcast or communicating with the relay UE.
  • Step 401 The relay UE determines, according to the verification result, whether to allow the remote UE to access.
  • the UE may access the broadcast message of the network by relaying the UE or establish a communication request with the relay UE.
  • FIG. 5 is a schematic structural diagram of a relay UE access control apparatus according to an embodiment of the present invention, which may be set in a relay UE or may be an independent entity. As shown in FIG. 5, at least a control unit 501 and a processing unit 502 are included;
  • the control unit 501 is configured to perform authorization verification on the remote UE by using the access information of the remote UE, where the remote UE allows the access information to be used to indicate whether the remote UE is allowed to access;
  • the processing unit 502 is configured to determine, according to the verification result, whether to allow the remote UE to access.
  • the control unit 501 is configured to: receive a request initiated by the remote UE; according to the level of access control of the relay UE that is the access information allowed by the remote UE, and the priority information carried in the request, The remote UE performs authorization.
  • control unit 501 is configured to: receive a request initiated by the remote UE, and search for a Prose function entity of the remote UE that initiates the request according to the information of the remote UE that is carried in the request, to obtain the remote UE. Priority information; and authorizing the remote UE that initiated the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
  • control unit 501 is configured to: receive a request initiated by the remote UE; send a request to a Prose functional entity of the relay UE, where the information of the remote UE is carried; and from the relay UE
  • the Prose function entity acquires the priority information of the remote UE, and authorizes the remote UE that initiates the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
  • control unit 501 is configured to: obtain the level of its own access control, and directly broadcast the obtained level of the access UE's own access control as the remote UE grant access information by using a broadcast message.
  • control unit 501 is configured to: receive a request initiated by the remote UE; request the own Prose function entity to perform authorization verification on the remote UE that initiates the request according to the access information of the remote UE, and receive the relay from the relay UE.
  • the authorization result of the Prose functional entity The remote UE allows the access information to be the information of the remote UE that is allowed to access.
  • the authorization result is that the authorization is successful.
  • control unit 501 is configured to: receive a setup communication request initiated by the remote UE; acquire an IMSI of the remote UE by using an authentication process or a separate procedure of the remote UE; and obtain an IMSI of the remote UE obtained If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, the authorization result is that the authorization is successful.
  • control unit is also set to:
  • the control unit 501 sets for:
  • the ProSe function entity of the remote UE determines, according to the obtained authorization information, that is, the information of the remote UE that is allowed to access, the corresponding remote UE can monitor the broadcast information of the relay UE carried in the authorization request, or establish a communication request. Then, the authorization success information of the ProSe functional entity from the remote UE is received.
  • the control unit is further configured to: when the resource is limited, receive the level of the relay UE's own access control and/or the remote UE from the Prose functional entity of the relay UE.
  • Priority information of accessing the relay UE, or receiving the level of the relay UE's own access control from the Prose functional entity of the remote UE and/or the priority information of the remote UE accessing the relay UE is a Prose functional entity of the remote UE that receives the authorization request from the ProSe functional entity of the relay UE, for example, the priority of the remote UE access Level information,
  • FIG. 6 is a schematic diagram of a process for implementing access control by a relay UE according to an embodiment of the present invention. As shown in FIG. 6 , this embodiment is an implementation manner in which a relay UE performs access control during a communication establishment process by a remote UE, including:
  • Step 600 The Relay UE obtains the level of access control from its own ProSe functional entity through pre-authorization or other network authorization process; for example, what level of remote UE is allowed to access the network if its own resources are limited or Since the operator specifically limits the access control only when some remote UEs are allowed to access; or, if other users need to control the number of accesses, what level of remote UEs are allowed to access the network;
  • the Relay UE may also be configured with an access control level in the case of resource limitation through the OAM system or locally. If the configuration is adopted, the step 600 may be omitted.
  • Step 601 The Remote UE obtains its own priority parameter from the network through a pre-authorization process, that is, which level of the user the Remote UE belongs to;
  • the priority parameters of the Remote UE itself may also be configured locally.
  • Step 602 The Remote UE initiates a request, where it carries its own priority parameter, and the request message may be a setup communication request.
  • Step 603 The Relay UE receives the request, and determines whether the request initiated by the Remote UE can be accepted according to its own level of access control when the resource is limited.
  • the Relay UE is set to a user whose access control level is higher than level 3 when the resource is limited, the user request lower than the priority may be rejected.
  • the Relay UE is set to allow only users with a priority of 2 to access, other users' requests may be rejected; the matching rule may be set by the operator.
  • Step 604 The Relay UE accepts or rejects the request initiated by the Remote UE according to the result of the judgment. If the request is rejected, the Relay UE may return the corresponding reason value to the Remote UE that initiated the request, so that the Remote UE decides whether to re-initiate the subsequent request. The request, for example if If the Relay UE changes the broadcast parameters, it may re-initiate the request.
  • FIG. 7 is a schematic diagram of a process for implementing access control by a relay UE according to Embodiment 2, and as shown in FIG. 7 , this embodiment is an implementation manner of the Remote UE determining whether to initiate access according to the broadcast of the Relay UE, including:
  • steps 700 to 701 is the same as the steps 600 to 601 in the first embodiment, and is not described here.
  • Step 702 The Relay UE carries its own level information of the access control in the case where the resource is restricted, and broadcasts the broadcast information in the broadcast message;
  • the level information of the Relay UE's own access control in the case where the resource is limited may be: the user whose access control level is higher than the level 3 in the case where the resource is limited.
  • Step 703 After listening to the broadcast message, the Remote UE determines, according to its own level information, whether the current Relay UE can receive its own request.
  • the level information of the access control of the Relay UE itself in the broadcast message of the Relay UE is limited to only the user whose priority is higher than 3, or the relay UE is set to allow only the priority. Access for 2 users. Then, the Remote UE that does not match the level does not initiate a communication request.
  • the matching strategy can be set by the operator.
  • FIG. 8 is a schematic diagram of a process of implementing access control by a relay UE according to the second embodiment of the present invention. As shown in FIG. 8 , in this embodiment, the implementation manner of the relay UE performing the access control in the process of discovering the relay UE by the remote UE in the trigger mode is performed. . With the technical solution provided in this embodiment, it is avoided that a UE that does not have access to access triggers excessive broadcast messages. include:
  • Step 800 The Remote UE finds that it enters the uncovered area, and hopes to access the network through the Relay UE.
  • the Remote UE initiates a broadcast inquiry to check whether there is a Relay UE available, and the broadcast message carries the ProSe ID of the Remote UE, that is, the ProSe UE ID.
  • Steps 801a to 801b In this embodiment, it is assumed that the surrounding Relay UE1 and the Relay UE2 are aware that the Remote UE wants to access by listening to the broadcast message, and then verifying the requested Remote UE, including: Relay UE1 and Relay UE2 respectively
  • the ProSe functional entity sends an authorization request, and carries the ProSe Relay UE ID and the ProSe UE ID in the authorization request.
  • the information of the remote UE may be determined according to the information, whether the remote UE is allowed to access; if the context of the Relay UE does not include the information of the Remote UE, such as the ProSe UE ID, the process is not allowed; if the context of the Relay UE is The information including the Remote UE, such as the ProSe UE ID, is allowed to go to step 804a and step 804b.
  • the ProSe functional entity of the relaying UE may obtain the foregoing authorization information, that is, the remote UE grant access information, from the application layer or from the HSS of the remote UE. If it is obtained from the HSS, it may be obtained in the pre-authorization process of the remote UE accessing the network. If not yet obtained, the remote UE may obtain the access information by initiating an authorization request to the HSS.
  • the ProSe function of the Relay UE does not include the information of the Remote UE that is allowed to access, the ProSe function of the Relay UE needs to go to the ProSe function of the Remote UE for authorization verification, including:
  • Steps 802a to 802b The Relay UE1 and the Relay UE2 respectively learn the ProSe function entity of the Remote UE according to the ProSe UE ID of the Remote UE, and respectively send an authorization request to the ProSe function entity of the Remote UE, where each of the two Relay UEs respectively carries the ProSe.
  • Step 803a to step 803b The ProSe function entity of the Remote UE determines, according to the obtained authorization information, whether the remote UE can listen to the broadcast information of the corresponding Relay UE. If yes, the authorization succeeds. If not, the device fails. In this embodiment, the relay is assumed. UE1 allows access, and Relay UE2 does not allow access. Then, the ProSe functional entity of the Remote UE returns the authentication result to the ProSe functional entities of the two Relay UEs respectively.
  • the ProSe functional entity of the Remote UE may obtain the information from the application layer or obtain the information from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • the ProSe functional entity of the Relay UE obtains the priority information of the Remote UE access, so that the authentication result returned in the step 804a and the step 804b also carries the access priority information of the Remote UE, so that the resource is limited, or other Specific need to control the number of access or the situation of the user Next, the broadcast will not be triggered by the low priority remote UE.
  • the ProSe function entity of the Remote UE obtains the priority information of the remote UE access, so that the authentication result returned by the step 803a and the step 803b further carries the access priority information of the Remote UE, so that the resource is limited. In this case, the broadcast will not be triggered by the low priority remote UE.
  • the priority information of the Remote UE access may also be obtained from the application layer or obtained from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • Steps 804a to 804b the ProSe function entity of Relay UE1 and the ProSe function entity of Relay UE2 respectively return the received authorization result to Relay UE1 and Relay UE2;
  • Step 805 The Relay UE receives the authentication success message, and the Relay UE1 in this embodiment starts to broadcast its own information, so that the corresponding Remote UE can discover itself and complete the subsequent access process.
  • FIG. 9 is a schematic diagram of a process for implementing access control by a relay UE according to an embodiment of the present invention. As shown in FIG. 9 , this embodiment is an implementation manner in which a relay UE performs access control during a communication process between a Remote UE and a relay UE, including :
  • Step 900 The Remote UE initiates a setup communication request to the Relay UE, where the ProSe ID, that is, the ProSe UE ID of the Remote UE, is carried in the setup communication request.
  • Step 901 The Relay UE sends an authorization request to the ProSe functional entity, where the ProSe Relay UE ID of the Relay UE and the ProSe ID of the Remote UE, that is, the ProSe UE ID;
  • the context of the Relay UE in the ProSe function of the Relay UE includes the information of the Remote UE that is allowed to access, it may be determined according to the information whether the Remote UE is allowed to access. If the information of the Remote UE is not included in the context of the Relay UE, such as the ProSe UE ID, the authorization response may be returned to notify the Remote UE that the access is not allowed; if the context of the Relay UE includes the information of the Remote UE, such as ProSe The UE ID is allowed, and at this time, the process proceeds to step 904.
  • the ProSe functional entity of the Relay UE can be obtained from the application layer or from the HSS of the remote UE.
  • the above authorization information is taken, that is, the remote UE allows access information. If it is obtained from the HSS, it may be obtained in the pre-authorization process of the remote UE accessing the network. If not yet obtained, the remote UE may obtain the access information by initiating an authorization request to the HSS.
  • the ProSe function of the Relay UE does not include the information of the Remote UE that is allowed to access, the ProSe function of the Relay UE needs to go to the ProSe function of the Remote UE for authorization verification, including:
  • Step 902 The ProSe function of the Relay UE finds the ProSe functional entity of the Remote UE according to the ProSe UE ID of the Remote UE, and sends an authorization request to the Relay UE, where the ProSe Relay UE ID and the ProSe UE ID of the Relay UE are carried.
  • Step 903 The ProSe function entity of the Remote UE determines, according to the obtained authorization information, that the Remote UE is allowed to access from the Relay UE. If yes, the authorization succeeds, and if not, the failure occurs; in this embodiment, if the Relay UE allows access, then The ProSe functional entity of the Remote UE returns an authorization response to the ProSe functional entity of the Relay UE as permission;
  • the ProSe functional entity of the Remote UE may obtain the information from the application layer or obtain the information from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • the priority information can also be obtained in the process, and may also include:
  • the ProSe function of the Relay UE can obtain the priority information of the Remote UE access, and the authorization response returned in the step 904 also carries the access priority information of the Remote UE. In order to serve higher priority remote UEs in case of limited resources.
  • the ProSe function entity of the Remote UE can obtain the priority information of the Remote UE access, so that the authentication result returned in step 903 also carries the access priority information of the Remote UE, so that the resource is limited, or other A higher priority remote UE is served if the number of accesses or users needs to be controlled.
  • the priority information of the Remote UE access may also be obtained from the application layer or obtained from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet available, you can initiate a grant to the HSS Request for permission to obtain this information from the HSS.
  • Step 904 The ProSe function entity of the Relay UE returns the authentication result to the Relay UE. In this embodiment, it is allowed. If the priority information of the Remote UE access is included in step 903, it is also returned to the Relay UE.
  • Step 905 The Relay UE performs other authentication and address allocation processes to establish communication with the Remote UE.
  • FIG. 10 is a schematic flowchart of implementing access control by the fifth relay UE according to the fifth embodiment of the present invention. As shown in FIG. 10, this embodiment is another implementation of the relay UE performing access control during the establishment of communication between the Remote UE and the Relay UE. Ways, including:
  • Step 1000 The Remote UE initiates a setup communication request to the Relay UE, and carries the ProSe ID of the Remote UE, that is, the ProSe UE ID, in the setup communication request.
  • Step 1001 After receiving the request, the Relay UE acquires the IMSI of the Remote UE by using an authentication process or a separate process for the remote UE.
  • Step 1002 The relay UE sends an authorization request to the MME to which it belongs, where the IMSI of the Remote UE is the Remote UE IMSI. If the context of the MME of the Relay UE includes the information of the Remote UE that is allowed to access, the information may be determined according to the information. The remote UE accesses, if the information of the remote UE that is allowed to access includes the IMSI of the remote UE that currently initiates the request, if the access is allowed, the process proceeds to step 1004.
  • the MME may obtain the IMSI list of the Remote UE that is allowed to access when the Relay UE accesses the network. If not, the MME of the Relay UE does not include the information of the Remote UE that is allowed to access.
  • the method further includes a step 1003: obtaining, from the HSS, a list of Remote UEs that the Relay UE allows to access;
  • Step 1004 The MME of the Relay UE returns an authorization response to the Relay UE.
  • the authorization response is allowed to be accessed. If the priority information of the Remote UE access is included in step 1003, the MME is also returned to the Relay UE.
  • Step 1005 The Relay UE performs other authentication and address configuration processes to establish communication with the remote UE.
  • FIG. 11 is a schematic flowchart of implementing the access control by the relay UE in the sixth embodiment, as shown in FIG. 11
  • the embodiment is an implementation manner in which the Relay UE performs access control when the Remote UE performs the interception request, and includes:
  • Step 1100 The Remote UE initiates a setup communication request to the Relay UE, and carries the ProSe ID of the Remote UE, that is, the ProSe UE ID, in the setup communication request.
  • Step 1101 The Relay UE finds the ProSe functional entity of the Remote UE according to the ProSe UE ID of the Remote UE, and sends an authorization request to the same, which carries the ProSe UE ID.
  • Step 1102 The ProSe functional entity of the Remote UE determines, according to the obtained authorization information, that the Remote UE is allowed to access from the Relay UE, and if yes, the authorization succeeds, and if not, fails;
  • the ProSe functional entity of the Remote UE if the Relay UE allows access, the ProSe functional entity of the Remote UE returns an authorization response to the ProSe functional entity of the Relay UE as permission.
  • the ProSe functional entity of the Remote UE may obtain the information from the application layer or obtain the information from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • Priority information can also be obtained during this process, including:
  • the ProSe function entity of the remote UE obtains the priority information of the remote UE access, so that the authentication result returned in step 1102 carries the access priority information of the Remote UE, so as to control access in the resource limited or other specific needs. In the case of quantity or user, it serves the higher priority remote UE.
  • the priority information of the Remote UE access may also be obtained from the application layer or obtained from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • Step 1103 The Relay UE performs other authentication and address allocation processes to establish communication with the Remote UE.
  • the technical solution of the embodiment of the present application includes: the relay UE performs the authorization verification on the remote UE by allowing the remote UE to access the remote UE, and the relay UE determines whether to allow the verification according to the verification result.
  • the remote UE accesses.
  • access scheduling for the remote UE is implemented, so that limited resources are effectively allocated.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un appareil et un procédé de contrôle d'accès d'un équipement utilisateur (UE) de relais, comprenant les étapes suivantes : un UE de relais effectue une vérification d'autorité sur un UE distant par l'intermédiaire d'informations d'autorisation d'accès de l'UE distant, les informations d'autorisation d'accès de l'UE distant étant utilisées pour indiquer si l'UE distant est autorisé à avoir accès ou non ; et l'UE de relais évalue si l'UE distant est autorisé à avoir accès ou non selon un résultat de vérification.
PCT/CN2015/092853 2015-04-02 2015-10-26 Procédé et appareil de contrôle d'accès d'un ue de relais Ceased WO2016155298A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510154573.4A CN106162803A (zh) 2015-04-02 2015-04-02 一种中继ue接入控制方法及装置
CN201510154573.4 2015-04-02

Publications (1)

Publication Number Publication Date
WO2016155298A1 true WO2016155298A1 (fr) 2016-10-06

Family

ID=57003878

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/092853 Ceased WO2016155298A1 (fr) 2015-04-02 2015-10-26 Procédé et appareil de contrôle d'accès d'un ue de relais

Country Status (2)

Country Link
CN (1) CN106162803A (fr)
WO (1) WO2016155298A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3557898A4 (fr) * 2017-01-06 2019-10-30 Huawei Technologies Co., Ltd. Procédé et appareil de vérification d'autorisation
WO2021004606A1 (fr) * 2019-07-05 2021-01-14 Nokia Technologies Oy Appareil, procédé et programme d'ordinateur destinés à la vérification d'accès avec un réseau cellulaire

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10292087B2 (en) * 2017-02-01 2019-05-14 Futurewei Technologies, Inc. System and method for access barring
CN112911583A (zh) 2017-07-11 2021-06-04 华为技术有限公司 设备接入方法、设备及系统
CN109257705B (zh) 2017-07-14 2023-04-18 华为技术有限公司 数据传输方法、装置和系统
US20190223017A1 (en) * 2018-01-15 2019-07-18 Industrial Technology Research Institute Hierarchical registration method for connect ue to 5g network and related apparatuses using the same
CN110012517B (zh) * 2019-04-01 2021-03-12 Oppo广东移动通信有限公司 中继传输方法、装置、移动终端及存储介质
WO2021031010A1 (fr) 2019-08-16 2021-02-25 Oppo广东移动通信有限公司 Procédé de communication, dispositif terminal et dispositif de réseau
CN113596789A (zh) * 2020-04-30 2021-11-02 维沃移动通信有限公司 设备交互方法及核心网设备
CN113709902B (zh) * 2020-05-21 2024-09-24 华为技术有限公司 中继链接建立、配置信息发送方法、装置和可读存储介质
CN113873613B (zh) * 2020-06-30 2025-01-07 华为技术有限公司 接入控制方法及相关装置
KR102826696B1 (ko) 2020-07-15 2025-07-01 엘지전자 주식회사 릴레이 통신
CN114339748B (zh) * 2020-09-30 2025-07-04 华为技术有限公司 一种鉴权方法及其装置
CN114650537B (zh) * 2020-12-17 2024-11-15 维沃移动通信有限公司 授信中继通信方法、装置、终端及网络侧设备
CN114979953A (zh) * 2022-05-19 2022-08-30 中国电信股份有限公司 一种近域通信的服务区域限制系统、方法及装置

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014179294A2 (fr) * 2013-05-02 2014-11-06 Qualcomm Incorporated Procédé et appareil pour sélectionner un relais de dispositif à dispositif
CN104159221A (zh) * 2013-05-13 2014-11-19 中兴通讯股份有限公司 公共安全通信处理方法及系统
US20150029866A1 (en) * 2013-07-29 2015-01-29 Htc Corporation Method of relay discovery and communication in a wireless communications system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014179294A2 (fr) * 2013-05-02 2014-11-06 Qualcomm Incorporated Procédé et appareil pour sélectionner un relais de dispositif à dispositif
US20140329535A1 (en) * 2013-05-02 2014-11-06 Qualcomm Incorporated Method and apparatus for device to device relay selection
CN104159221A (zh) * 2013-05-13 2014-11-19 中兴通讯股份有限公司 公共安全通信处理方法及系统
US20150029866A1 (en) * 2013-07-29 2015-01-29 Htc Corporation Method of relay discovery and communication in a wireless communications system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
HUAWEI TECHNOLOGIES CO., LTD. ET AL.: "3GPP, S 2-133843 , The ProSe UE-to-network Relay with the Network Authorization", 3GPP, SA WG2 MEETING #99, 23 September 2013 (2013-09-23), XP050727137 *
HUAWEI TECHNOLOGIES CO., LTD. ET AL.: "3GPP, S 2-140177 , Discussion on UE-to-network Relay", 3GPP, SA WG2 MEETING #101, 20 January 2014 (2014-01-20), XP050744512 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3557898A4 (fr) * 2017-01-06 2019-10-30 Huawei Technologies Co., Ltd. Procédé et appareil de vérification d'autorisation
EP3849227A1 (fr) * 2017-01-06 2021-07-14 Huawei Technologies Co., Ltd. Appareil et procédé d'autorisation et de vérification
WO2021004606A1 (fr) * 2019-07-05 2021-01-14 Nokia Technologies Oy Appareil, procédé et programme d'ordinateur destinés à la vérification d'accès avec un réseau cellulaire

Also Published As

Publication number Publication date
CN106162803A (zh) 2016-11-23

Similar Documents

Publication Publication Date Title
WO2016155298A1 (fr) Procédé et appareil de contrôle d'accès d'un ue de relais
US20240406857A1 (en) Multimedia Priority Service for Wireless Devices
EP4082290B1 (fr) Gestion des sessions pour l'informatique périphérique
CN115735371B (zh) 网络切片特定认证和授权
EP2982084B1 (fr) Procédé et appareil d'acheminement de message de service basé sur la proximité dans un système de communication sans fil
TWI748952B (zh) 利用單個連線性上下文支援多個併發服務上下文
CN111373782B (zh) 针对直接发现的申请的授权
EP2950499B1 (fr) Procédé, dispositif, et système de maintien de session d'accès 802.1x
US8914867B2 (en) Method and apparatus for redirecting data traffic
JP6671527B2 (ja) 端末デバイスが別の端末デバイスを発見するための方法および装置
WO2014146474A1 (fr) Procédé d'enregistrement de terminal, procédé de découverte de terminal, terminal et dispositif
KR20110091305A (ko) Mocn에서 긴급 호를 위한 plmn 선택 방법 및 장치
EP4304248B1 (fr) Procédé de transmission de contexte, et dispositif de communication
WO2011054251A1 (fr) Procédé, système et terminal pour empêcher l'accès à partir de terminaux non autorisés
CN116438824A (zh) 用于无线网络中核心网装置重分配的方法、装置及系统
CN105848083A (zh) 一种实现通信的方法、终端及系统
US20250126470A1 (en) Communication method and apparatus
US10219309B2 (en) D2D service authorizing method and device and home near field communication server
US20140024370A1 (en) Method and apparatus for establishing a communication connection
CN116210252B (zh) 接收用于边缘计算的用户同意的方法和处理器
CN104980912B (zh) ProSe临时标识的通知与更新方法和装置
US11606303B1 (en) Device initiated quality of service
WO2016023282A1 (fr) Procédé, appareil et système de découverte de communication en champ proche
WO2022027529A1 (fr) Procédé et appareil d'authentification de tranche
KR102739752B1 (ko) 5g 비공중망 접속 제어를 수행하는 인증 서버, 접속 제어 방법 및 단말의 접속 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15887252

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15887252

Country of ref document: EP

Kind code of ref document: A1