WO2022001964A1 - Communication method, terminal device, and radio access network device - Google Patents

Abstract

Provided in the present application are a communication method, a terminal device, and a radio access network (RAN) device. In the method, when a terminal device initially accesses a V-SNPN, information needs to be added to an access message so as to notify a RAN device that the terminal device accesses the V-SNPN by means of home network authentication, and the RAN device then selects an AMF on the basis of the added information, and then authenticates the terminal device. The method comprises: a terminal device sends an access message to a RAN device, the access message comprising first information, and the first information being used to notify the RAN device that the terminal device accesses a V-SNPN by means of home network authentication; and a first message sent by the RAN device is received, the first message being used to indicate that the authentication on the terminal device has succeeded or failed.

Description

A communication method, terminal device and wireless access network device

This application claims the priority of the Chinese patent application filed on June 30, 2020 with the application number of 202010617674.1 and the application title of "a communication method, terminal equipment and wireless access network equipment", the entire contents of which are approved by Reference is incorporated in this application.

technical field

The present application relates to the field of communication, and more particularly, to a communication method, terminal device and wireless access network device.

Background technique

Non-public networks (NPN) is a network introduced in the 3rd Generation Partnership Project Release 16 (3rd Generation Partnership Project Release 16, 3GPP R16) standard. Different from traditional cellular networks, NPN networks only allow Access by certain users with specific privileges. 3GPP defines two NPN deployment modes: Stand-alone non-public networks (SNPN) and non-stand-alone NPN. In 3GPP R17, the way for UE to access SNPN network is introduced: there is a visited network (visited network), the visited network can be SNPN (Visited-SNPN, V-SNPN), there is another home network (home network), the home network belongs to the service Provider (Service Provider, SP) deployment, there are at least Unified Data Management (Unified Data Management, UDM) and Authentication Server Function (Authentication Server Function, AUSF) network elements in the home network. When the terminal device (User Equipment, UE) accesses the V-SNPN, it accesses the Access and Mobility Management Function (AMF) of the V-SNPN, and the AMF then connects to the UDM and AUSF of the SP to authenticate the UE , to verify whether the UE has access rights.

In a multi-operator core network (MOCN) architecture, access network (RAN) devices are shared by multiple networks. When a terminal device needs to access the SNPN network, how the wireless access network device selects the AMF to authenticate it is an urgent problem to be solved.

SUMMARY OF THE INVENTION

The present application provides a communication method, a terminal device and a wireless access network device. In the communication method, when the terminal device initially accesses a V-SNPN, it needs to add information to an access message to inform the wireless access network device of the terminal. The device accesses the V-SNPN through home network authentication, and the wireless access network device further selects the AMF based on the added information, and then authenticates the terminal device.

A first aspect provides a communication method, the method is applied to a terminal device, the terminal device accesses and visits an independent non-public network V-SNPN, the method includes: sending an access message to a wireless access network device, The access message includes first information, and the first information is used to inform the wireless access network device that the terminal device is authenticated by the home network to access the V-SNPN; receiving the wireless access network The first message sent by the device, where the first message is used to indicate whether the authentication of the terminal device succeeds or fails.

Therefore, when the terminal device accesses and visits the independent non-public network V-SNPN, it sends an access message to the wireless access network device in the V-SNPN, where the access message includes first information, and the first The information is used to inform the wireless access network device that the terminal device accesses the V-SNPN through home network authentication, so that the wireless access network device to which it belongs can select the AMF for authentication according to the first information, Then, the terminal device is authenticated.

With reference to the first aspect, in some implementations of the first aspect, the first information includes one or more of the following parameters: an independent non-public network identifier (Stand-alone non-public networks identifier, SNPN ID), an attribution Network identifier SP ID, roaming group identifier Roaming Group ID, or first indication information, where the first indication information is used to indicate the SNPN ID, the SP ID, or the Roaming Group ID; or, the first information includes SNPN ID and priority information of the network that the terminal device needs to authenticate.

With reference to the first aspect, in some implementations of the first aspect, the access message is a radio resource control RRC setup complete or RRC setup request message.

With reference to the first aspect, in some implementations of the first aspect, the first message is used to indicate that the terminal device is successfully authenticated, and the first message includes one or more of the following parameters: second indication information , the first home network identification SP ID, the first roaming group identification Roaming Group ID, a plurality of externally authenticated SP IDs supported by the terminal device and a plurality of externally authenticated Roaming Group IDs supported by the terminal device , wherein the second indication information is used to indicate that the terminal device accesses the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN. The home network SP available to the V-SNPN.

With reference to the first aspect, in some implementations of the first aspect, the first message further includes context information of the terminal device.

At this time, the first message includes the context information of the terminal device, and when the terminal device receives the first message, the terminal device can make the terminal device correctly perform operations such as cell reselection and handover.

With reference to the first aspect, in some implementations of the first aspect, the first message is an RRC reconfiguration message or a downlink information forwarding message.

With reference to the first aspect, in some implementations of the first aspect, the first message is used to indicate that the authentication of the terminal device fails, and the first message includes third indication information, and the third indication information Used to indicate that the terminal device fails to access the external authentication of the V-SNPN; the terminal device deletes at least one or more of the following locally stored parameters according to the first message: SNPN ID, SP ID or Roaming Group ID .

With reference to the first aspect, in some implementations of the first aspect, the first message is an RRC release message.

With reference to the first aspect, in some implementations of the first aspect, the method further includes: sending an initial terminal equipment UE message or an uplink non-access stratum NAS transmission to the access and mobility management function V-AMF in the visited network message, the initial UE message or the uplink NAS transmission message includes one or more of the following parameters: fourth indication information, the first home network identifier SP ID, the first roaming group identifier Roaming Group ID, the external data supported by the terminal device Multiple authenticated SP IDs and multiple externally authenticated Roaming Group IDs supported by the terminal device, wherein the fourth indication information is used to indicate that the terminal device successfully accesses the V-SNPN for external authentication , the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the available home network SP of the V-SNPN.

In a second aspect, a communication method is provided, and the method is applied to a wireless access network device, where the wireless access network device is both a wireless access network device that visits an independent non-public network V-SNPN and a wireless access network device of a home network. An access network device, characterized in that it includes: receiving an access message sent by a terminal device, where the access message includes first information, and the first information is used to inform the wireless access network device that the terminal device has passed the The home network authenticates the access to the V-SNPN; according to the first information, selects the access and mobility management function AMF, and the selected AMF is the V-AMF in the visiting independent non-public network or the H of the home network -AMF; receive a first message sent by H-AMF, where the first message is used to indicate success or failure of authentication to the terminal device; send a second message to the terminal device according to the first message, the The second message is used to inform the terminal device that the authentication succeeds or fails.

In conjunction with the second aspect, in some implementations of the second aspect, the first information includes one or more of the following parameters: independent non-public network identifier SNPN ID, home network identifier SP ID, roaming group identifier Roaming Group ID or first indication information, where the first indication information is used to indicate the independent non-public network identity, the home network identity or the roaming group identity; or, the first information includes an independent non-public network identity and the priority information of the network that the terminal device needs to authenticate.

With reference to the second aspect, in some implementations of the second aspect, the selecting an access and mobility management function according to the first information includes: when the first information only includes the SNPN ID, selecting The access and mobility management function V-AMF in the non-public network V-SNPN independent of the visited network; or, when the first information includes at least one of the SNPN ID, the SP ID and the Roaming Group ID parameter, select the access and mobility management function H-AMF in the home network; or, when the first information includes at least one parameter in the SP ID and the Roaming Group ID, select the access and mobility management function in the home network. Access and mobility management function H-AMF; or, when the first information includes an independent non-public network identifier and the priority information of the network for which the terminal device needs to be authenticated, according to the V-AMF and H-AMF supported Priority information of the network, select access and mobility management functions.

With reference to the second aspect, in some implementations of the second aspect, after selecting the access and mobility management function V-AMF in the non-public network V-SNPN independent of the visited network, the method further includes: receiving The third message sent by the V-AMF, where the third message is used to instruct the wireless access network device to reselect the H-AMF; and select the H-AMF according to the third message.

With reference to the second aspect, in some implementations of the second aspect, the first message is used to indicate that the terminal device is authenticated successfully, and the first message includes one or more of the following parameters: second indication information , the first home network identification SP ID, the first roaming group identification Roaming Group ID, a plurality of externally authenticated SP IDs supported by the terminal device and a plurality of externally authenticated Roaming Group IDs supported by the terminal device , wherein the second indication information is used to indicate that the terminal device accesses the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN. The home network SP available to the V-SNPN.

With reference to the second aspect, in some implementations of the second aspect, the first message further includes context information of the terminal device.

With reference to the second aspect, in some implementations of the second aspect, the first message is an initial context establishment request or a downlink NAS transmission message.

With reference to the second aspect, in some implementations of the second aspect, the second message is used to inform the terminal device that the authentication is successful, and the second message includes at least one or more of the following parameters: second indication information , the first home network identification SP ID, the first roaming group identification Roaming Group ID, a plurality of externally authenticated SP IDs supported by the terminal device and a plurality of externally authenticated Roaming Group IDs supported by the terminal device , wherein the second indication information is used to indicate that the terminal device accesses the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN. The home network SP available to the V-SNPN.

With reference to the second aspect, in some implementations of the second aspect, the second message further includes context information of the terminal device.

With reference to the second aspect, in some implementations of the second aspect, the second message is an RRC reconfiguration message or a downlink information forwarding message.

With reference to the second aspect, in some implementations of the second aspect, the first message is used to indicate that the authentication of the terminal device fails; the first message includes third indication information, and the third indication information It is used to indicate that the terminal equipment fails to access the external authentication of the V-SNPN; the wireless access network equipment releases the connection with the terminal equipment according to the first message.

With reference to the second aspect, in some implementations of the second aspect, the second message is used to inform the terminal device that authentication fails, the second message includes the third indication information, and the third indication The information is used to indicate that the terminal device fails to access the external authentication of the V-SNPN.

With reference to the second aspect, in some implementations of the second aspect, the authentication failure message is an RRC release message.

In conjunction with the second aspect, in some implementations of the second aspect, the method further includes:

Send an initial UE message or uplink NAS transmission message to the V-AMF, where the initial UE message or uplink NAS transmission message includes one or more of the following parameters: fourth indication information, first home network identifier SP ID, first roaming group identifier Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device, and multiple externally authenticated SP IDs supported by the terminal device Roaming Group ID, wherein the fourth indication information is used to indicate the The external authentication of the terminal device accessing the V-SNPN is successful, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the available home network SP of the V-SNPN.

With reference to the second aspect, in some implementations of the second aspect, the initial UE message or the uplink NAS transmission message further includes context information of the terminal device.

With reference to the second aspect, in some implementations of the second aspect, before the receiving the access message sent by the terminal device, the method further includes: receiving the V-AMF and/or the H-AMF sending The NG setup request response message or the RAN configuration update response message, the NG setup request response message or the RAN configuration update response message includes:

The SNPN ID and the fifth indication information, the fifth indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication; or, the SNPN ID and one or more of the following parameters: The SP ID or the Roaming Group ID, the SP ID or the Roaming Group ID indicate that the SNPN identified by the SNPN ID can be accessed by performing external authentication through the network corresponding to the SP ID or the Roaming Group ID; or, At least one of the following parameters: SP ID, or Roaming Group ID, the SP ID, or the Roaming Group ID indicates the SP ID or Roaming Group ID supported by the V-AMF and/or H-AMF; or, all The priority information of any one or more parameters in the SNPN ID, the SP ID and the Roaming Group ID.

With reference to the second aspect, in some implementations of the second aspect, the method further includes: sending the sent NG setup request message or RAN configuration update message to the V-AMF and/or the H-AMF, where The NG setup request message or the RAN configuration update message includes: an SNPN ID and fifth indication information, where the fifth indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication; or, the SNPN ID and at least one of the following parameters: SP ID, or Roaming Group ID, the SP ID, or the Roaming Group ID indicates that the SNPN ID can be accessed by performing external authentication through the network corresponding to the SP ID or the Roaming Group ID. SNPN; or, at least one of the following parameters: SP ID, or Roaming Group ID, the SP ID, or the Roaming Group ID indicates the SP ID or Roaming Group ID supported by the V-AMF and/or H-AMF .

A third aspect provides a communication method, the method is applied to an access and mobility management function AMF, where the AMF is a V-AMF that visits an independent non-public network V-SNPN, characterized in that it includes: determining all The terminal device needs to perform external authentication; send an initial context establishment request message or an error indication message to the wireless access network device, and the initial context establishment request message or the error indication message includes at least one or more of the following parameters: cause value , the externally authenticated home network identification SP IDs supported by the selected V-SNPN ID, or the externally authenticated roaming group identification Roaming Group IDs supported by the selected V-SNPN ID, wherein the cause value indicates that the terminal The V-SNPN that the device requests to access requires external authentication. The externally authenticated SP IDs or Roaming Group IDs supported by the selected V-SNPN ID are used to indicate the redirected home access and mobility management functions supported by H-AMF. SP IDs or Roaming Group IDs.

With reference to the third aspect, in some implementations of the third aspect, before it is determined that the terminal device needs to perform external authentication, the method further includes: communicating with a home network or an operation management and maintenance system (Operation, Administration and Aaintenance , OAM) interaction to obtain the SP or Roaming Group supported by the H-AMF.

With reference to the third aspect, in some implementations of the third aspect, the method further includes: receiving an initial UE message or an uplink NAS transmission message sent by a radio access network device, where the initial UE message or uplink NAS transmission message includes At least one or more of the following parameters: fourth indication information, first home network identifier SP ID, first roaming group identifier Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device, and the terminal device Supported multiple Roaming Group IDs that can be externally authenticated, wherein the fourth indication information is used to indicate that the terminal device accesses the V-SNPN externally authenticated successfully, and the first SP ID and the first The Roaming Group ID is used to instruct the terminal device to access the available home network SP of the V-SNPN.

With reference to the third aspect, in some implementations of the third aspect, the initial UE message or the uplink NAS transmission message further includes context information of the terminal device.

A fourth aspect provides a communication method, the method is applied to an access and mobility management function AMF, the AMF is an access and mobility management function H-AMF of a home network, and is characterized in that: Perform authentication; send a first message to the wireless access network device, where the first message is used to indicate whether the authentication of the terminal device succeeds or fails.

With reference to the fourth aspect, in some implementations of the fourth aspect, the first message includes at least one or more of the following parameters: second indication information, first home network identifier SP ID, first roaming group identifier Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device, and multiple externally authenticated SP IDs supported by the terminal device Roaming Group ID, wherein the second indication information is used to indicate the terminal The external authentication of the device accessing the V-SNPN is successful, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the available home network SP of the V-SNPN.

With reference to the fourth aspect, in some implementations of the fourth aspect, the first message further includes context information of the terminal device.

With reference to the fourth aspect, in some implementations of the fourth aspect, the authentication success message is an initial context establishment request or a downlink NAS transmission message.

With reference to the fourth aspect, in some implementations of the fourth aspect, the first message includes third indication information, and the third indication information is used to indicate that the terminal device fails to access the external authentication of the V-SNPN .

In a fifth aspect, a terminal device is provided, the terminal device accesses an independent non-public network V-SNPN, the terminal device includes: a sending unit, configured to send an access message to a wireless access network device, the The access message includes first information, and the first information is used to inform the wireless access network device that the terminal device accesses the V-SNPN through home network authentication; a receiving unit is configured to receive the wireless access network. The first message sent by the access network device, where the first message is used to indicate whether the authentication of the terminal device succeeds or fails.

In conjunction with the fifth aspect, in some implementations of the fifth aspect, the first information includes one or more of the following parameters: independent non-public network identifier SNPN ID, home network identifier SP ID, roaming group identifier Roaming Group ID Or the first indication information, where the first indication information is used to indicate the SNPN ID, the SP ID or the Roaming Group ID; or, the first information includes an independent non-public network identifier and the terminal device Priority information of the network that needs to be authenticated.

With reference to the fifth aspect, in some implementations of the fifth aspect, the access message is a radio resource control RRC setup complete or RRC setup request message.

With reference to the fifth aspect, in some implementations of the fifth aspect, the first message is used to indicate that the terminal device is authenticated successfully, and the first message includes one or more of the following parameters: second indication information , the first home network identification SP ID, the first roaming group identification Roaming Group ID, a plurality of externally authenticated SP IDs supported by the terminal device and a plurality of externally authenticated Roaming Group IDs supported by the terminal device , wherein the second indication information is used to indicate that the terminal equipment accesses the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to indicate that the terminal equipment is available for access the home network SP.

With reference to the fifth aspect, in some implementations of the fifth aspect, the first message further includes context information of the terminal device.

With reference to the fifth aspect, in some implementations of the fifth aspect, the first message is an RRC reconfiguration message or a downlink information forwarding message.

With reference to the fifth aspect, in some implementations of the fifth aspect, the first message is used to indicate that the authentication of the terminal device fails, and the first message includes third indication information, and the third indication information Used to indicate that the terminal device fails to access the external authentication of the V-SNPN; the terminal device further includes a processing unit, configured to delete one or more of the following parameters stored locally according to the first message: Public network identifier SNPN ID, home network identifier SP ID, or Roaming Group ID.

With reference to the fifth aspect, in some implementations of the fifth aspect, the first message is an RRC release message.

With reference to the fifth aspect, in some implementations of the fifth aspect, the sending unit is further configured to send an initial UE message or an uplink NAS transmission message to the access and mobility management function V-AMF in the visited network, the initial The UE message or the uplink NAS transmission message includes one or more of the following parameters: fourth indication information, the first home network identifier SP ID, the first roaming group identifier Roaming Group ID, a plurality of externally authenticated identifiers supported by the terminal device SP ID and multiple Roaming Group IDs supported by the terminal device that can be externally authenticated, wherein the fourth indication information is used to indicate that the terminal device successfully accesses the V-SNPN for external authentication, and the first The SP ID and the first Roaming Group ID are used to instruct the terminal device to access the available home network SP of the V-SNPN.

In a sixth aspect, a wireless access network device is provided, the wireless access network device is both a wireless access network device visiting an independent non-public network V-SNPN and a wireless access network device of a home network, including: receiving a unit, configured to receive an access message sent by a terminal device, where the access message includes first information, and the first information is used to inform the wireless access network device that the terminal device accesses the wireless access network through home network authentication. the V-SNPN; the processing unit is configured to select the access and mobility management function AMF according to the first information, and the selected AMF is the V-AMF in the visited independent non-public network or the H-AMF of the home network ; The receiving unit is also used to receive the first message sent by the H-AMF, and the first message is used to indicate that the authentication of the terminal equipment succeeds or fails; the sending unit is used to, according to the first message, to The terminal device sends a second message, where the second message is used to inform the terminal device that authentication succeeds or fails.

In conjunction with the sixth aspect, in some implementations of the sixth aspect, the first information includes one or more of the following parameters: independent non-public network identifier SNPN ID, home network identifier SP ID, roaming group identifier Roaming Group ID Or the first indication information, the first indication information is used to indicate the SNPN ID, the SP ID or the Roaming Group ID; or, the first information includes the SNPN ID and the terminal device needs to be authenticated network priority information.

With reference to the sixth aspect, in some implementations of the sixth aspect, the processing unit is specifically configured to: when the first information only includes the SNPN ID, select a non-public network V-SNPN independent of the visited network The access and mobility management function V-AMF; or, when the first information includes the SNPN ID and the SP ID and at least one parameter in the Roaming Group ID, select the access and mobility in the home network and mobility management function H-AMF; or, when the first information includes at least one parameter in the SP ID and the Roaming Group ID, select the access and mobility management function H-AMF in the home network; or, When the first information includes the independent non-public network identifier and the priority information of the network to be authenticated by the terminal device, according to the priority information of the network supported by the V-AMF and the H-AMF, select access and Mobile management functions.

With reference to the sixth aspect, in some implementations of the sixth aspect, after selecting the access and mobility management function V-AMF in the non-public network V-SNPN independent of the visited network, the receiving unit is further configured to: Receive a third message sent by the V-AMF, where the third message is used to instruct the wireless access network device to reselect the H-AMF; the processing unit is further configured to select the H-AMF according to the third message The H-AMF.

With reference to the sixth aspect, in some implementations of the sixth aspect, the first message is used to indicate that the terminal device is authenticated successfully, and the first message includes one or more of the following parameters: second indication information , the first home network identification SP ID, the first roaming group identification Roaming Group ID, a plurality of externally authenticated SP IDs supported by the terminal device and a plurality of externally authenticated Roaming Group IDs supported by the terminal device , wherein the second indication information is used to indicate that the terminal device accesses the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN. The home network SP available to the V-SNPN.

With reference to the sixth aspect, in some implementations of the sixth aspect, the first message further includes context information of the terminal device.

With reference to the sixth aspect, in some implementations of the sixth aspect, the first message is an initial context establishment request or a downlink NAS transmission message.

With reference to the sixth aspect, in some implementations of the sixth aspect, the second message is used to inform the terminal device that the authentication is successful, and the second message includes one or more of the following parameters: second indication information, the first home network identifier SP ID, the first roaming group identifier Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device and multiple externally authenticated Roaming Group IDs supported by the terminal device, Wherein, the second indication information is used to instruct the terminal device to access the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN Home network SP available for the V-SNPN.

With reference to the sixth aspect, in some implementations of the sixth aspect, the second message further includes context information of the terminal device.

With reference to the sixth aspect, in some implementation manners of the sixth aspect, the second message is an RRC reconfiguration message or a downlink information forwarding message.

With reference to the sixth aspect, in some implementations of the sixth aspect, the first message is used to indicate that the authentication of the terminal device fails; the first message includes third indication information, and the third indication information It is used to indicate that the terminal device fails to access the external authentication of the V-SNPN; the processing unit is further configured to release the connection with the terminal device according to the first message.

With reference to the sixth aspect, in some implementations of the sixth aspect, the second message is used to inform the terminal device that authentication fails, the second message includes the third indication information, and the third indication The information is used to indicate that the terminal device fails to access the external authentication of the V-SNPN.

With reference to the sixth aspect, in some implementation manners of the sixth aspect, the authentication failure message is an RRC release message.

With reference to the sixth aspect, in some implementations of the sixth aspect, the sending unit is further configured to: send an initial UE message or an uplink NAS transmission message to the V-AMF, where the initial UE message or uplink NAS transmission message includes the following One or more parameters: fourth indication information, first home network identification SP ID, first roaming group identification Roaming Group ID, multiple SP IDs supported by the terminal device that can be externally authenticated, and multiple SP IDs supported by the terminal device. Multiple Roaming Group IDs that can be authenticated externally, wherein the fourth indication information is used to indicate that the terminal device accesses the V-SNPN externally authenticated successfully, and the first SP ID and the first Roaming Group The ID is used to instruct the terminal device to access the home network SP available for the V-SNPN.

With reference to the sixth aspect, in some implementation manners of the sixth aspect, the initial UE message or the uplink NAS transmission message further includes context information of the terminal device.

With reference to the sixth aspect, in some implementations of the sixth aspect, before the receiving the access message sent by the terminal device, the receiving unit is further configured to: receive the V-AMF and/or the H-AMF The NG setup request response message or the RAN configuration update response message sent by the AMF, the NG setup request response message or the RAN configuration update response message includes:

The SNPN ID and fifth indication information, where the fifth indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication; or, the SNPN ID and one or more of the following parameters: The SP ID or the Roaming Group ID, the SP ID or the Roaming Group ID indicate that the SNPN identified by the SNPN ID can be accessed by performing external authentication through the network corresponding to the SP ID or the Roaming Group ID; or, the following One or more parameters: SP ID, or Roaming Group ID, the SP ID, or the Roaming Group ID indicates the SP ID or Roaming Group ID supported by the V-AMF and/or H-AMF; or, all The priority information of any one or more parameters in the SNPN ID, the SP ID and the Roaming Group ID.

With reference to the sixth aspect, in some implementations of the sixth aspect, the sending unit is further configured to: send an NG setup request message or a RAN configuration update message to the V-AMF and/or the H-AMF, The NG setup request message or the RAN configuration update message includes: an SNPN ID and fifth indication information, where the fifth indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication; or, SNPN ID and one or more of the following parameters: SP ID or Roaming Group ID, the SP ID or the Roaming Group ID indicates that the network identified by the SP ID or Roaming Group ID can be accessed through external authentication through the network corresponding to the SP ID or Roaming Group ID. SNPN; or, one or more of the following parameters: SP ID or Roaming Group ID, which indicates the SP ID or Roaming Group ID supported by the V-AMF and/or H-AMF .

A seventh aspect provides an access and mobility management function AMF, the AMF is a V-AMF that visits an independent non-public network V-SNPN, comprising: a processing unit for determining that the terminal device needs to perform external authentication a sending unit, configured to send an initial context establishment request message or an error indication message to the wireless access network device, where the initial context establishment request message or the error indication message includes one or more of the following parameters: cause value, selected The externally authenticated SP IDs supported by the V-SNPN ID, or the externally authenticated Roaming Group IDs supported by the selected V-SNPN ID, wherein the cause value indicates that the V-SNPN requested by the terminal device requires access External authentication, the externally authenticated SP IDs or Roaming Group IDs supported by the selected V-SNPN ID are used to indicate the SP IDs or Roaming Group IDs supported by the redirected H-AMF.

With reference to the seventh aspect, in some implementations of the seventh aspect, before determining that the terminal device needs to perform external authentication, the method further includes: interacting with a home network or an operation management and maintenance system OAM to obtain the SP or Roaming Group supported by H-AMF.

With reference to the seventh aspect, in some implementations of the seventh aspect, the AMF further includes a receiving unit configured to receive an initial UE message or an uplink NAS transmission message sent by a radio access network device, the initial UE message or uplink NAS transmission message. The NAS transmission message includes one or more of the following parameters: fourth indication information, the first home network identifier SP ID, the first roaming group identifier Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device, and all Multiple Roaming Group IDs that can be authenticated externally supported by the terminal device, wherein the fourth indication information is used to indicate that the terminal device accesses the V-SNPN externally authenticated successfully, and the first SP ID and/or Or the first Roaming Group ID is used to instruct the terminal device to access the available home network SP of the V-SNPN.

With reference to the seventh aspect, in some implementation manners of the seventh aspect, the initial UE message or the uplink NAS transmission message further includes context information of the terminal device.

In an eighth aspect, an access and mobility management function AMF is provided, the AMF is an H-AMF in a home network, and includes: a processing unit for authenticating terminal equipment; a sending unit for sending wireless access The network access device sends a first message, where the first message is used to indicate whether the authentication of the terminal device succeeds or fails.

With reference to the eighth aspect, in some implementations of the eighth aspect, the first message includes one or more of the following parameters: second indication information, first home network identifier SP ID, first roaming group identifier Roaming Group ID , multiple externally authenticated SP IDs supported by the terminal device and multiple externally authenticated Roaming Group IDs supported by the terminal device, wherein the second indication information is used to indicate that the terminal device accesses The external authentication of the V-SNPN is successful, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the available home network SP of the V-SNPN.

With reference to the eighth aspect, in some implementation manners of the eighth aspect, the first message further includes context information of the terminal device.

With reference to the eighth aspect, in some implementation manners of the eighth aspect, the authentication success message is an initial context establishment request or a downlink NAS transmission message.

With reference to the eighth aspect, in some implementations of the eighth aspect, the first message includes third indication information, and the third indication information is used to indicate that the terminal device fails to access the V-SNPN external authentication .

In a ninth aspect, a communication device is provided, comprising a processor, the processor is connected to a memory, the memory is used for storing a computer program, and the processor is used for executing the computer program stored in the memory, so that all The apparatus performs the above-mentioned first aspect or the method in any possible implementation manner of the first aspect, or the second aspect or the method in any possible implementation manner of the second aspect, or the third aspect or any possible implementation manner of the third aspect A method in an implementation manner of the fourth aspect, or a method in the fourth aspect or any possible implementation manner of the fourth aspect.

A tenth aspect provides a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, and when the computer program is executed, the first aspect or any possible implementation manner of the first aspect is implemented or the second aspect or any possible implementation of the second aspect, or the third aspect or any possible implementation of the third aspect, or the fourth or any possible implementation of the fourth aspect methods in possible implementations.

In an eleventh aspect, a chip is provided, characterized in that it includes a processor and an interface; the processor is configured to read an instruction to execute the method in the first aspect or any possible implementation manner of the first aspect, or The second aspect or the method in any possible implementation of the second aspect, or the third aspect or any possible implementation of the third aspect, or the fourth aspect or any possible implementation of the fourth aspect Methods.

Optionally, the chip may further include a memory in which instructions are stored, and the processor is configured to execute the instructions stored in the memory or other instructions.

A twelfth aspect provides a communication system, the system includes a device having functions for implementing the methods and various possible designs of the above-mentioned first aspect, and a device having functions for implementing the various methods and various possible designs of the above-mentioned second aspect A functional apparatus, an apparatus having functions for implementing the methods and various possible designs of the above-mentioned third aspect, and an apparatus having functions for implementing various methods and various possible designs of the above-mentioned fourth aspect.

Description of drawings

1 is a schematic diagram of an application scenario of an embodiment of the present application;

FIG. 2 is a schematic diagram of an application scenario of an embodiment of the present application;

3 is a schematic diagram of an application scenario of an embodiment of the present application;

4 is a schematic flowchart of a communication method according to an embodiment of the present application;

FIG. 5 is a schematic flowchart of a communication method according to an embodiment of the present application;

6 is a schematic flowchart of a communication method according to an embodiment of the present application;

FIG. 7 shows a schematic block diagram of a communication apparatus according to an embodiment of the present application;

FIG. 8 is a schematic structural diagram of a terminal device provided by the present application;

FIG. 9 is a schematic structural diagram of a wireless access network device according to an embodiment of the present application.

detailed description

The technical solutions in the present application will be described below with reference to the accompanying drawings.

The technical solutions of the embodiments of the present application can be applied to various communication systems, for example: global system for mobile communications (GSM) system, code division multiple access (CDMA) system, wideband code division multiple access (wideband code division multiple access, WCDMA) system, general packet radio service (general packet radio service, GPRS), long term evolution (long term evolution, LTE) system, LTE frequency division duplex (frequency division duplex, FDD) system, LTE Time division duplex (TDD), universal mobile telecommunication system (UMTS), worldwide interoperability for microwave access (WiMAX) communication system, 5th generation (5G) system or new radio (NR), in addition, it can also be applied to use subsequent evolution systems, such as the sixth-generation 6G communication system, or even the more advanced seventh-generation 7G communication system.

The terminal equipment in the embodiments of the present application may also be referred to as: user equipment (user equipment, UE), mobile station (mobile station, MS), mobile terminal (mobile terminal, MT), access terminal, subscriber unit, subscriber station, Mobile station, mobile station, remote station, remote terminal, mobile device, user terminal, terminal, wireless communication device, user agent or user equipment, etc.

The terminal device can be a wireless terminal or a wired terminal, and the wireless terminal can be a device that provides voice and/or other service data connectivity to the user, a handheld device with wireless connection function, or other processing device connected to a wireless modem. A wireless terminal may communicate with one or more core networks via a Radio Access Network (RAN), and the wireless terminal may be a mobile terminal such as a mobile phone (or "cellular" phone) and a computer with a mobile terminal Mobile devices, which may be portable, pocket-sized, hand-held, computer-embedded, or vehicle-mounted, for example, exchange language and/or data with the wireless access network. For example, Personal Communication Service (PCS) phones, cordless phones, Session Initiation Protocol (SIP) phones, Wireless Local Loop (WLL) stations, Personal Digital Assistants (Personal Digital Assistants), PDA) and other devices. A wireless terminal may also be referred to as a system, a subscriber unit, a subscriber station, a mobile station, a mobile station, a remote station, a remote terminal, a connection Access Terminal, User Terminal, User Agent, User Device or User Equipment, mobile internet device (MID), wearable device, virtual reality (virtual reality) reality, VR) equipment, augmented reality (AR) equipment, wireless terminals in industrial control, wireless terminals in self-driving, wireless terminals in remote medical surgery , wireless terminal in smart grid, wireless terminal in transportation safety, wireless terminal in smart city, wireless terminal in smart home, in-vehicle equipment, wearable equipment, terminal equipment in a 5G network, or terminal equipment in a future evolved public land mobile network (public land mobile network, PLMN), etc., which are not limited in the embodiments of the present application.

As an example and not a limitation, in the embodiments of this application, a wearable device may also be referred to as a wearable smart device, which is a general term for intelligently designing daily wearable devices and developing wearable devices using wearable technology, such as glasses, Gloves, watches, clothing and shoes, etc. A wearable device is a portable device that is worn directly on the body or integrated into the user's clothing or accessories. Wearable device is not only a hardware device, but also realizes powerful functions through software support, data interaction, and cloud interaction. In a broad sense, wearable smart devices include full-featured, large-scale, complete or partial functions without relying on smart phones, such as smart watches or smart glasses, and only focus on a certain type of application function, which needs to cooperate with other devices such as smart phones. Use, such as all kinds of smart bracelets, smart jewelry, etc. for physical sign monitoring.

In addition, in the embodiments of the present application, the terminal device may also be a terminal device in an Internet of Things (IoT) system. IoT is an important part of the future development of information technology, and its main technical feature is that items pass through communication technology Connect with the network, so as to realize the intelligent network of human-machine interconnection and interconnection of things.

The various terminal devices described above, if they are located on the vehicle (for example, placed in the vehicle or installed in the vehicle), can be considered as on-board terminal equipment. For example, the on-board terminal equipment is also called on-board unit (OBU). ).

In this embodiment of the present application, the terminal device may further include a relay (relay). Alternatively, it can be understood that any device capable of data communication with the base station can be regarded as a terminal device.

The wireless access network device in this embodiment of the present application may be a device used for communicating with terminal devices, may be a base station, an access point, or a network device, or may refer to an access network that communicates with a terminal device through an air interface or a network device. A device in which multiple sectors communicate with wireless terminals. The network equipment may be used to interconvert received air frames and IP packets, acting as a router between the wireless terminal and the rest of the access network, which may include an Internet Protocol (IP) network. The network devices may also coordinate attribute management for the air interface. For example, the radio access network equipment may be a base station (Base Transceiver Station, BTS) in Global System of Mobile communication (GSM) or Code Division Multiple Access (Code Division Multiple Access, CDMA), or a wideband code A base station (NodeB, NB) in Wideband Code Division Multiple Access (WCDMA), an evolved base station (evolved NodeB, eNB or eNodeB) in an LTE system, or a cloud wireless access network (cloud The wireless controller in the radio access network, CRAN) scenario, or the access device can be a relay station, an access point, an in-vehicle device, a wearable device, an access device in a 5G network, or a network device in a future evolved PLMN network etc., it may be an access point (access point, AP) in a WLAN, or it may be a gNB in a new radio system (new radio, NR) system. This embodiment of the present application is not limited. It should be noted that, for the 5G system, under a base station, there may be one or more Transmission Reception Points (TRPs), all TRPs belong to the same cell, and each TRP and terminal can use this The measurement reporting method described in the application embodiment is provided. In another scenario, the network device may also be divided into a control unit (Control Unit, CU) and a data unit (Data Unit, DU). Under one CU, there may be multiple DUs, where each DU and the terminal are The measurement reporting method described in the embodiments of the present application may be used. The difference between the CU-DU separation scenario and the multi-TRP scenario is that the TRP is just a radio unit or an antenna device, while the protocol stack function can be implemented in the DU, for example, the physical layer function can be implemented in the DU.

In addition, in the embodiments of the present application, the radio access network device is a device in an access network (radio access network, RAN), or in other words, a RAN node that accesses a terminal device to a wireless network. For example, as an example and not a limitation, as a radio access network device, there can be listed: gNB, transmission reception point (TRP), evolved Node B (evolved Node B, eNB), radio network controller (radio network) controller, RNC), Node B (Node B, NB), base station controller (BSC), base transceiver station (base transceiver station, BTS), home base station (for example, home evolved NodeB, or home Node B, HNB), base band unit (base band unit, BBU), or wireless fidelity (wireless fidelity, Wifi) access point (access point, AP), etc.

The radio access network device provides services for the cell, and the terminal device communicates with the radio access network device through the transmission resources (for example, frequency domain resources, or spectrum resources) used by the cell, and the cell may be a radio access network device A cell corresponding to a cell (such as a base station), the cell may belong to a macro base station, or it may belong to a base station corresponding to a small cell. The small cell here may include: urban cell (metro cell), micro cell (micro cell), pico cell (pico cell), femto cell (femto cell), etc. These small cells have the characteristics of small coverage and low transmission power, and are suitable for providing high-speed data transmission services.

An application scenario of an embodiment of the present application is introduced below. FIG. 1 shows a schematic diagram of an application scenario 100 of an embodiment of the present application.

As shown in FIG. 1 , the communication system 100 mainly includes a terminal device (User Equipment, UE) 101, an access network (Access Network, AN) device 102, an access and mobility management function (Access and Mobility Management Function, AMF) entity 103, session management function (Session Management Function, SMF) entity 104, user plane function (User Plane Function, UPF) entity 105, policy control function (Policy Control function, vPCF) entity 106 of the visited network, unified data management (Unified Data Management, UDM) entity 107, data network (Data Network, DN) 108, application function (Application Function, AF) entity 109, authentication server function (Authentication Server Function, AUSF) entity 110, network slice selection function (Network Slice) Selection Function, NSSF) entity 111, and a policy control function (Policy Control function, hPCF) entity 112 of the home network.

In the communication system 100, the UDM entity 107 is the subscription database in the core network, stores the subscription data of the user in the 5G network, and is responsible for the user's authentication and authentication related functions, specifically: authentication credential processing, user identity processing, subscription Information management, access authorization, etc. The AMF entity 103 provides mobility management functions in the core network and is mainly responsible for access and mobility control, including registration management (RM) and connection management (CM), access authentication and access authorization, Reachability management and mobility management, etc. The SMF entity 104 is a session management function in the core network, and the AMF entity 103 is responsible for forwarding the relevant messages from the session management between the UE 101 and the SMF entity 104 in addition to the mobility management for the UE 101. The PCF entity 106 is a policy management function in the core network, and is responsible for formulating policies related to mobility management, session management, and charging of the UE 101. The UPF entity 105 is the user plane function in the core network. It performs data transmission with the external data network through the N6 interface, and performs data transmission with the AN device 102 through the N3 interface. It mainly provides user plane support, including PDU sessions and data network connection points, Packet routing and forwarding, packet inspection and user plane policy enforcement, handling of QoS for the user plane, downlink packet buffering and triggering of downlink data notifications, etc. After the UE 101 accesses the 5G network through the Uu port, it records the protocol data unit (Protocol Data Unit, PDU) session data connection from the UE 101 to the UPF entity 105 under the control of the SMF entity 104, so as to perform data transmission. The AMF entity 103 and the SMF entity 104 obtain user subscription data from the UDM entity 107 through the N8 and N10 interfaces, respectively, and obtain policy data from the PCF entity 106 through the N15 and N7 interfaces. AUSF110 is mainly responsible for providing security-related functions, such as: authentication, authentication, etc.

In the communication system 100, the UE 101 performs an access stratum connection with the AN device 102 through the Uu interface to exchange access stratum messages and wireless data transmission, and the UE 101 communicates with the AMF entity 103 through the N1 interface for non-access stratum (Non-Access stratum (Non-Access stratum)). Stratum, NAS) connection to exchange NAS messages; AN device 102 is connected to AMF entity 103 through N2 interface, and AN device 102 is connected to UPF entity 105 through N3 interface; multiple UPF entities 105 are connected through N9 interface, UPF entity 105 is connected with DN 108 through N6 interface, and at the same time, UPF entity 105 is connected with SMF entity 104 through N4 interface; SMF entity 104 is connected with PCF entity 106 through N7 interface, SMF entity 104 is connected with UDM entity 107 through N10 interface, SMF entity 104 The UPF entity 105 is controlled through the N4 interface, and at the same time, the SMF entity 104 is connected to the AMF entity 103 through the N11 interface; multiple AMF entities 103 are connected through the N14 interface, the AMF entity 103 is connected to the UDM entity 107 through the N8 interface, and the AMF entity 103 is connected through the N8 interface. The N12 interface is connected to the AUSF entity 110, the AMF entity 103 is connected to the NSSF entity 111 through the N22 interface, and at the same time, the AMF entity 103 is connected to the PCF entity 106 through the N15 interface; the PCF entity 106 is connected to the AF entity 109 through the N5 interface; The N13 interface is connected to the UDM entity 107; the policy control function (Policy Control function, vPCF) entity 106 of the visited network is connected to the policy control function (Policy Control function, hPCF) entity 112 of the home network through the N24 interface, wherein the access network ( Access Network, AN) device 102, AMF entity 103, SMF entity 104, UPF entity 105, vPCF 106, DN108, AF entity 109, NSSF entity 111 are the network elements of the visited network accessed by the terminal device UE101, and the visited network is SNPN Network: The UDM entity 107, the AUSF entity 110 and the hPCF entity 112 are network elements of the home network of the terminal device UE101, and the home network is the SNPN network or the PLMN network.

In order to understand this application more clearly, the SNPN network is introduced below.

Non-public networks (NPN) is a network introduced in the 3GPP R16 standard. Different from traditional cellular networks, NPN networks only allow certain users with specific permissions to access. 3GPP defines two NPN deployment modes: Stand-alone non-public networks (SNPN) and non-stand-alone NPN (non-stand-alone NPN). Non-stand-alone NPN networks are also It is called Public Network Integrated NPN (Public Network Integrated NPN, PNI-NPN).

As shown in Figure 2, in the NPN independent networking, the SNPN network and the public land mobile network PLMN network have independent core networks, and the SNPN can have an independent RAN or share the RAN with the PLMN. In an independent network, a SNPN network is identified by a public land mobile network (Public Land Mobile Network, PLMN ID) and a network identifier (NID), where the PLMN ID is the operator approved by the government or it, which is the public A network identity established and operated for the purpose of providing land mobile communication services. The PLMN mobile device country code (Mobile Country Code, MCC part) is a specific value or the PLMN ID of the mobile operator that deploys the SNPN; the NID can be allocated globally or locally. A cell of a RAN node of an SNPN can broadcast the following parameters: one or more PLMN IDs and one or more NID lists corresponding to each PLMN ID; a user-readable network name (human-readable name) to support manual selection by the user. network; an indication that other UEs that do not support SNPN are prohibited from accessing.

In a public network integrated NPN network (Public Network Integrated NPN, PNI-NPN), the NPN and the PLMN share the core network and/or access network, and the NPN relies on the PLMN for deployment, and the PLMN ID can be used to identify the PNI-NPN network. The NPN can be a specific slice in the PLMN, and the UE has the subscription data of the PLMN. According to the agreement between the mobile operator and the NPN service provider, the NPN can only be deployed in the range of certain tracking areas (Tracking Area, TA). When the UE moves out of this range, the network may indicate that the UE cannot continue to use the current slice resources in the new registration area.

In order to prevent unauthorized UEs from accessing PNI-NPN cells, the concept of Closed Access Group (CAG) is defined. A CAG represents a group of users who can access a CAG cell (PNI-NPN cell). It is represented by a CAG ID and is unique within a PLMN. In the non-independent networking, the PNI-NPN network can be deployed with the support of the public network. The cell of the PNI-NPN not only broadcasts the cell identifier, but also broadcasts the closed access group identifier (CAG ID), The CAG ID is used to identify a group of users who are allowed to access one or more cells associated with the CAG, preventing terminal equipment that is not allowed to access the PNI-NPN through the cell associated with the CAG from automatically selecting and accessing the cell. A PNI-NPN cell can broadcast one or more CAG identifiers; it can also broadcast the human-readable network name (HRNN) corresponding to the CAG identifier for the user to manually select. For the convenience of description, this application regards both the PLMN ID and the CAG ID as the network identification information of the PNI-NPN network.

In 3GPP R16, SNPN has an independent core network. The core network includes a complete set of core network elements such as AMF, UPF, SMF, DUM, and AUSF. When UE accesses SNPN, it passes through the core network elements AMF and UDM of this SNPN. , AUSF, etc. to perform authentication to verify whether the UE has the right to access the SNPN. As shown in Figure 1, 3GPP R17 introduces the following methods for UE to access SNPN network: there is a visited network (visited network), the visited network can be SNPN (Visited-SNPN, V-SNPN), there is another home network (home network), the home network belongs to the service provider (Service Provider, SP) deployment, the service provider can be the PLMN public network or another SNPN, and there are at least UDM and AUSF network elements in the home network. When the UE accesses the V-SNPN, it accesses the AMF of the V-SNPN. The AMF then connects to the UDM and AUSF of the SP to authenticate the UE and verify whether the UE has access rights. For example, if the terminal device is a smart phone and a Unicom card is installed, when the mobile phone is connected to the mobile network, the mobile network is the visited network, and the Unicom network is the home network. Authentication, the mobile network can be accessed only after the authentication is passed; for another example, the terminal device is an in-vehicle computer, and the home network of the in-vehicle computer is the network 1 constructed by a third-party operator. When accessing network 2 constructed by a third-party operator, the third-party operator constructing network 1 is different from the third-party operator constructing network 2. When the on-board computer accesses network 2, it needs to be authenticated in network 1. After passing, you can access network 2.

The following describes how the UE accesses the radio access network equipment of the V-SNPN.

The V-SNPN wireless access network device can broadcast the roaming group ID (Roaming Group ID). The roaming group contains several home SPs, that is, several home networks. The V-SNPN can be accessed by the credentials of any one of the home SPs. Assuming that the UE is configured with one or more roaming groups by the home SP, and the home SP is a part of the roaming group, the UE can select a V-SNPN that supports the roaming group configured by the UE. The advantage of defining a Roaming Group is that the V-SNPN does not need to broadcast the identities of all Home SPs belonging to the Roaming Group, but only needs to broadcast the Roaming Group ID.

The following is the V-SNPN RAN broadcast and UE configuration:

Method 1: The V-SNPN RAN system information broadcasts the SNPN ID of the V-SNPN it supports. If the RAN is shared by the SNPN network and the PLMN network public network, the RAN system information packs the SNPN ID and PLMN ID; the UE locally stores (for example, The UE is pre-configured when it leaves the factory, or an account is opened later) It authenticates the accessible V-SNPN through the Home SP, where the Home SP is identified by the SP ID, and the SP ID can be the PLMN ID, or the SNPN ID, etc., and the V-SNPN uses the SNPN ID Identification. The SNPN ID used to identify the home network is different from the SNPN ID used to identify the visited network. For example, the SNPN ID used to identify the home network is SNPN ID1, and the SNPN ID used to identify the visited network is SNPN ID2. The SNPN ID can be Composed of PLMN ID and NID.

The above-mentioned stored information of the UE may be included in the UE's local "equivalent home service provider Equivalent Home Service Provider" list or "Service Provider Controlled Network Service Provider Controlled Network" list. When the UE accesses the network, it first reads the SNPN ID broadcasted by the V-SNPN system information, and judges whether it has the right to access the V-SNPN according to the SNPN ID and SP ID stored locally by the UE, and if so, initiates an access to the V-SNPN. The SP ID indicates that the SNPN ID stored locally by the UE needs to be authenticated and put into the home network.

Mode 2: The V-SNPN RAN system information broadcasts the SNPN ID it supports, and broadcasts at least one of the following home networks that can be accessed through the SNPN: Home SP ID, Roaming Group ID, or indication (Indication) information.

The UE locally stores at least one of the following: its accessible Home SP ID, or Roaming Group ID. When the UE accesses the network, it first reads the SNPN ID, Home SP ID, Roaming Group ID, or indication information broadcast by the V-SNPN system information, and judges whether it has the right to access the SP ID or Roaming Group ID stored locally by the UE. The V-SNPN, if authorized, initiates access to the V-SNPN, connects to the AMF of the V-SNPN, the UDM of the SP, and the AUSF of the SP for authentication and other processes.

In addition, there is also a Network Exposure Function (NEF) entity in the communication system 100, which is used to interface with a third-party application server and perform information transfer between the core network node and the third-party application.

It should be understood that the names of the interfaces between the network elements in this application are only exemplary, and the interfaces between the network elements may also have other names, and the names of the interfaces are not limited in this application.

It should be understood that FIG. 1 is only an exemplary architecture diagram, in addition to the functional units shown in FIG. 1 , the network architecture may further include other functional units or functional network elements, which are not limited in this embodiment of the present application.

It should also be understood that the above-mentioned functional units of the core network can work independently, or can be combined together to implement some control functions, such as: AMF, SMF and PCF can be combined together as a management device for completing the access authentication of the terminal device. , security encryption, location registration and other access control and mobility management functions, as well as session management functions such as recording, releasing, and changing user plane transmission paths, as well as analyzing some slice-related data (such as congestion), terminal device-related data As a gateway device, UPF mainly completes functions such as routing and forwarding of user plane data, such as: responsible for data packet filtering, data transmission/forwarding, rate control, and generation of billing information for terminal devices.

The radio access network device in FIG. 1 is, for example, a base station. The radio access network device corresponds to different devices in different systems, for example, in a 4G system, it may correspond to an eNB, and in a 5G system, it corresponds to a radio access network device in 5G, such as a gNB. The technical solutions provided in the embodiments of the present application can also be applied to future mobile communication systems, so the radio access network device in FIG. 1 can also correspond to the radio access network device in the future mobile communication system. FIG. 1 takes the radio access network device as a base station as an example. In fact, the radio access network device may refer to the foregoing introduction.

It should be understood that the communication system shown in FIG. 1 may further include more network nodes, such as other terminal devices or radio access network devices, and the radio access network devices or terminal devices included in the communication system shown in FIG. 1 may It is the wireless access network equipment or terminal equipment in various forms mentioned above. The embodiments of the present application are not shown one by one in the drawings.

FIG. 3 shows a schematic diagram of an application scenario 200 of an embodiment of the present application. The 5GC in FIG. 3 is the core network of the V-SNPN, and the network elements included in it are the same as those in FIG. 1 (that is, the network elements of the core network in FIG. 1 correspond to the 5GC in FIG. 3 ), and the 5GC and the wireless access network equipment 202 are V-SNPN, in Fig. 3, there is also a home network, the home network also includes a complete set of core network network elements, the network elements in the home network include radio access network equipment 202, access and mobility management functional entities 203. Session management functional entity 204, user plane functional entity 205, policy control functional entity of visited network 206, unified data management entity 207, data network 208, application functional entity 209, authentication server functional entity 210, network slice selection functional entity 211. For the connection mode between each network element, reference may be made to the corresponding description in the application scenario 100, and details are not repeated here. The home network can be an SNPN or a PLMN.

Figure 3 shows the multi-operator core network (MOCN) architecture, that is, the RAN is shared by two networks, for example, the RAN is both the radio access network device of the visited network and the radio access network device of the home network. At this point, the RAN is connected to two AMFs.

The problem faced in the prior art is when a terminal device needs to access the SNPN network, how does the wireless access network device select the AMF to perform subsequent operations such as authentication, and how does the terminal device access the access network of the SNPN network? Inform the wireless access network device whether it needs to perform external authentication to access the SNPN network.

Therefore, in view of the above problems, the present application provides a communication method. In this method, when the UE initially accesses the V-SNPN, it needs to add information to the initial access related message to inform the V-SNPN of the network to be accessed, the V-SNPN The SNPN then selects the AMF based on the relevant information, and then authenticates the UE.

The following describes a communication method provided by the present application in detail with reference to FIG. 4 . FIG. 4 is a schematic flowchart of a communication method 300 according to an embodiment of the present application. The method 300 may be applied in the scenario shown in FIG. 1 or FIG. 3 . , of course, it can also be applied in other communication scenarios, which is not limited in this embodiment of the present application.

It should also be understood that, in the embodiments of the present application, the method is described by taking a terminal device, a wireless access network device, and a core network network element device as an example for executing the method. As an example but not a limitation, the execution subject of the execution method may also be a chip, a chip system, or a processor or the like applied to a terminal device, a wireless access network device, and a core network element device.

As shown in FIG. 4 , the method 300 shown in FIG. 4 may include S301 to S308. Each step in the method 300 will be described in detail below with reference to FIG. 4 .

S301, the RAN sends an NG setup request message (NG setup request) or a RAN configuration update (RAN configuration update) message to the V-AMF, and the V-AMF sends an NG setup request response message (NG setup response) or a RAN configuration update message to the RAN Response (RAN configuration update acknowledge) message.

Wherein, the NG setup request message or the RAN configuration update message may carry the following information:

SNPN ID and first indication information, the first indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication, and the SNPN ID is the SNPN network supported by the RAN; or

SNPN ID and one or more of the following parameters: SP ID or Roaming Group ID, the SNPN identified by the SNPN ID can be accessed by performing external authentication through the network corresponding to the SP ID or the Roaming Group ID. The ID or Roaming Group ID is the SP or Roaming Group supported by the RAN, and the SNPN ID identifies the SNPN network supported by the RAN; or

One or more of the following parameters: SP ID or Roaming Group ID, to indicate the SP ID or Roaming Group ID supported by the radio access network device RAN of the AMF, where the SP ID or Roaming Group ID is supported by the RAN SP or Roaming Group.

The above information sent by the RAN to the H-AMF indicates that the RAN supports access to the network identified by the SNPN ID through the sent SP ID and Roaming Group ID; or indicates that the RAN supports the sent SP ID Authenticate with the Roaming Group ID.

Optionally, the information carried above may indicate a TA, a cell, an AMF, or an SP ID or Roaming Group ID supported by an SNPN configured under the wireless access network device of the AMF.

It should be understood that the RAN may send a broadcast message (eg, broadcast in a System Information Block (System Information Block 1, SIB1)) to indicate a TA, a cell, an AMF, or an SNPN configured under the radio access network device Supported SP ID or Roaming Group ID.

It should also be understood that the information carried in the NG setup request message or the RAN configuration update message may also be carried in the setup and update messages of the Xn, F1, and E1 interfaces, for example, in the Xn setup request message Xn setup request, NG-RAN node configuration update message NG-RAN node configuration update, F1 setup request message F1 setup request, gNB-distributed unit (DU) configuration update message gNB-DU configuration update, gNB-central unit (central unit, CU) )-user plane (user plane, UP) E1 setup request message gNB-CU-UP E1 setup request, gNB-CU-control plane (control plane, CP) E1 setup request message gNB-CU-CP E1 setup request message, etc.

The NG setup request response message or the RAN configuration update response message may carry the following information:

SNPN ID and first indication information, the first indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication, and the SNPN ID is used to identify the access through external authentication supported by the V-AMF. an SNPN network to which the right is accessible; or

SNPN ID and one or more of the following parameters: SP ID or Roaming Group ID, to indicate that the SNPN identified by the SNPN ID can be accessed through authentication by the home network corresponding to the SP ID or Roaming Group ID, the SP ID or Roaming Group ID The Group ID is the SP or Roaming Group supported by the V-AMF, and the SNPN ID identifies the SNPN network that the V-AMF can access through external authentication through the network identified by the SP ID or the Roaming Group ID; or

One or more of the following parameters: SP ID or Roaming Group ID, to indicate the SP ID or Roaming Group ID supported by the RAN, where the SP ID or Roaming Group ID is the SP or Roaming Group supported by the RAN.

The above information sent by the V-AMF to the RAN indicates that the V-AMF tells the RAN which SP IDs and Roaming Group IDs it can use for external authentication to access the network identified by the SNPN ID; The V-AMF tells the RAN which SP IDs and Roaming Group IDs it can use for external authentication.

The information carried above may indicate the SP ID or Roaming Group ID supported by a TA, a cell, a RAN, or a SNPN configured under the V-AMF described in the RAN.

It should be understood that the information carried in the NG setup request response message or the RAN configuration update response message may also be carried in the setup and update messages of the Xn, F1, and E1 interfaces, for example, in the Xn setup request message Xn setup request , NG-RAN node configuration update message NG-RAN node configuration update, F1 setup request message F1 setup request, gNB-DU configuration update message gNB-DU configuration update, gNB-CU-UP E1 setup request message gNB-CU-UP E1 setup request, gNB-CU-CP E1 setup request message gNB-CU-CP E1 setup request message, etc.

It should also be understood that S301 is also applicable to the scenario 100 .

S302, the RAN sends an NG setup request message (NG setup request) or a RAN configuration update (RAN configuration update) message to the H-AMF, and the H-AMF sends an NG setup request response message (NG setup response) or a RAN configuration update message to the RAN Response (RAN configuration update acknowledge) message.

The NG setup request message or the RAN configuration update message sent by the RAN to the H-AMF is the same as the NG setup request message or the RAN configuration update message sent by the RAN to the V-AMF. You can refer to the NG setup request message sent by the RAN to the V-AMF. message or RAN configuration update message for understanding, and will not be repeated here.

Wherein, the NG setup request response message or the RAN configuration update response message sent by the H-AMF to the RAN may carry the following information:

The SNPN ID and the first indication information, the first indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication, and the SNPN ID is used to identify that the SNPN can be accessed through H-AMF authentication. Accessed SNPN network; or SNPN ID and one or more of the following parameters: SP ID, or Roaming Group ID, to indicate that the SNPN identified by the SNPN ID can be accessed through the authentication of the home network corresponding to the SP ID or Roaming Group ID , the SP ID and Roaming Group ID are the SP or Roaming Group supported by the RAN, and the SNPN ID is used to identify the SNPN that can be accessed through authentication by the SP ID or Roaming Group ID supported by the H-AMF network; or one or more of the following parameters: SP ID or Roaming Group ID, to indicate the SP ID and Roaming Group ID supported by the RAN, where the SP ID or Roaming Group ID is the SP or Roaming Group supported by the RAN.

The above information sent by the H-AMF to the RAN indicates that the H-AMF tells the RAN which SP IDs and Roaming Group IDs it supports for partial authentication to access the network identified by the SNPN ID; or indicates that the The H-AMF tells the RAN which SP IDs and Roaming Group IDs it supports for authentication.

The information carried above may indicate the SP ID or Roaming Group ID supported by a TA, a cell, a RAN, or a SNPN configured under the H-AMF described in the RAN.

It should be understood that the information carried in the NG setup request response message or the RAN configuration update response message may also be carried in the setup and update messages of the Xn, F1, and E1 interfaces, for example, in the Xn setup request message Xn setup request , NG-RAN node configuration update message NG-RAN node configuration update, F1 setup request message F1 setup request, gNB-DU configuration update message gNB-DU configuration update, gNB-CU-UP E1 setup request message gNB-CU-UP E1 setup request, gNB-CU-CP E1 setup request message gNB-CU-CP E1 setup request message, etc.

The above information sent by the V-AMF to the RAN indicates that the V-AMF tells the RAN which SP IDs or Roaming Group IDs it can use for external authentication to access the network identified by the SNPN ID; The V-AMF tells the RAN which SP IDs or Roaming Group IDs it can use for external authentication.

The information carried above may indicate the SP ID or Roaming Group ID supported by a TA, a cell, a RAN, or a SNPN configured under the AMF described in the RAN.

It should be understood that the information carried in the NG setup request response message or the RAN configuration update response message may also be carried in the setup and update messages of the Xn, F1, and E1 interfaces, for example, in the Xn setup request message Xn setup request , NG-RAN node configuration update message NG-RAN node configuration update, F1 setup request message F1 setup request, gNB-DU configuration update message gNB-DU configuration update, gNB-CU-UP E1 setup request message gNB-CU-UP E1 setup request, gNB-CU-CP E1 setup request message gNB-CU-CP E1 setup request message, etc.

It should be understood that S302 is also applicable to the scenario 100 .

It should be understood that in the above steps S301 and S302, the RAN sends an NG setup request message or a RAN configuration to the AMF (the AMF may be the AMF (V-AMF) of the visited network or the AMF (H-AMF) of the home network) The SNPN ID carried in the update message can be a plurality of different SNPN IDs, when carrying the plurality of different SNPN IDs, each SNPN ID in the plurality of different SNPN IDs corresponds to its associated SP ID or SNPN ID. Roaming Group ID.

It should also be understood that the AMF (the AMF may be the AMF (V-AMF) of the visited network or the AMF (H-AMF) of the home network) sends the NG setup request message response or the RAN configuration update message response to the sending RAN and carries The SNPN ID can be multiple different SNPN IDs, when carrying the multiple different SNPN IDs, each SNPN ID in the multiple different SNPN IDs corresponds to its associated SP ID or Roaming Group ID.

It should also be understood that when the NG interface is established, the AMF cannot be differentiated into H-AMF or V-AMF, and the RAN sends an NG establishment request message or a RAN configuration update message to all AMFs that can establish an NG interface, and the AMF receives the After the NG setup request message or the RAN configuration update message is sent, the NG setup request message response or the RAN configuration update message response is sent to the RAN.

It should also be understood that the RAN sends the SNPN ID, SP ID or Roaming Group ID included in the NG setup request message or the RAN configuration update message to the V-AMF or the H-AMF, and the NG setup request response message sent by the V-AMF to the RAN or The SNPN ID, SP ID or Roaming Group ID included in the RAN configuration update response message, the NG setup request response message sent by the H-AMF to the RAN or the SNPN ID, SP ID or Roaming Group ID included in the RAN configuration update response message. The SNPN ID, SP ID or Roaming Group ID may or may not be the same.

Through the above steps S301 and S302, the RAN and the AMF exchange the SP ID and Roaming Group ID supported by each other through the establishment or update message of the NG interface, so that the network element can know the information supported by the peer network element, so as to execute the subsequent user Access, resource scheduling, handover and other processes.

It should also be understood that the RAN and AMF can also implicitly exchange the externally authenticated SP ID or Roaming Group ID supported by each other. If the SNPN ID or PLMN ID is only supported by one party (AMF or RAN) and the other party does not support it, it is considered to be an externally authenticated SNPN ID or PLMN ID supported by the other party, wherein the SNPN ID or PLMN ID is convenient for Defaults to an externally authenticated SP ID or Roaming Group ID. For example, the SNPN IDs supported by RAN are 1, 2, and the PLMN IDs supported are 3, 4; the SNPN IDs supported by AMF are 2, 5, and the PLMN IDs supported are 3, 6; then the SNPN ID can be considered as 1 on the AMF side and PLMN ID of 4 is the SP ID or Roaming Group ID that the RAN can perform external authentication.

S303: The UE sends an access message to the RAN, where the access message includes first information, where the first information is used to inform the wireless access network device that the terminal device accesses the V-SNPN through home network authentication.

The access message includes at least one or more of the following parameters: SP ID, Roaming Group ID, or second indication information, where the second indication information is used to indicate the home network identifier or the roaming group identifier, such as The association relationship between the second indication information and the SP ID and the Roaming Group ID can be established. For example, the second indication information corresponding to the SP ID1 is 1, the second indication information corresponding to the SP ID2 is 2, and the second indication information corresponding to the Roaming Group ID1 is 2. The second indication information is 3. For another example, the access information includes an index (index) value of the SP ID. The SP ID, the Roaming Group ID and the second indication information are used to inform the RAN that the UE chooses to access the externally authenticated SP.

At the same time, the access message may also include the SNPN ID of the V-SNPN, and the SNPN ID is used to inform the RAN that the UE accesses the V-SNPN by performing external authentication through the SP. Wherein, the SNPN ID may also be reported in the form of indication information. Wherein, the second indication information can also be the cause value Cause value, for example, the cause value can be that the home network has the subscription information subscription owned by home network, and the third party network has the subscription information subscription owned by third party network.

Optionally, the access message may be an RRC setup complete (RRC setup complete) message or an RRC setup request (RRC setup request) message, and the SP ID and Roaming Group ID in the message may be included in the RRC setup complete message. The RegisteredAMF of the message is registered in the AMF information element IE.

It should be understood that S303 is also applicable to the scenario 100 .

S304, the RAN selects an AMF based on the parameters reported by the UE in step S203 (the AMF may be the AMF (V-AMF) of the visited network, or the AMF (H-AMF) of the home network).

Optionally, when the first information only includes the SNPN ID, the RAN selects the access and mobility management function V-AMF in the non-public network V-SNPN independent of the visited network. At this time, the authentication of the external network for the UE does not need to be performed.

Optionally, when the first information includes at least one parameter in the SNPN ID, the SP ID and the Roaming Group ID, select the access and mobility management function H-AMF in the home network.

Optionally, when the first information includes at least one parameter in the SP ID and the Roaming Group ID, the access and mobility management function H-AMF in the home network is selected.

The RAN sends an initial UE message Initial UE message to the H-AMF, and the initial UE message carries at least one or more of the following parameters: SP ID, Roaming Group ID, the second indication information, the logical cell that the UE accesses At least one of the SP ID list and the Roaming Group ID list supported by the SNPN selected by the UE to access, to inform the H-AMF that the UE selects to access the externally authenticated SP.

It should be understood that S304 is also applicable to the scenario 100 .

S305, the H-AMF contacts the network elements such as the UDM and AUSF of the home network to authenticate the UE, and sends a first message to the RAN according to the authentication result, where the first message is used to indicate that the terminal equipment Authentication succeeded or failed.

Optionally, if the authentication is successful, the first message is used to indicate that the authentication of the terminal device is successful, and the first message includes at least one or more of the following parameters: third indication information, first home network identifier SP ID, the first roaming group identifier Roaming Group ID, multiple SP IDs supported by the terminal device that can be externally authenticated, and multiple Roaming Group IDs supported by the terminal device that can be externally authenticated, wherein the first roaming group ID The three indication information is used to indicate that the terminal device accesses the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN available Home network SP.

It should be understood that the first SP ID and/or the first Roaming Group ID may also be a list of SP IDs and/or a list of Roaming Group IDs, identifying the SP list available for this visit, wherein the indication information #2 may also be Cause value.

It should be understood that when the H-AMF is authenticated, it can obtain at least one of the multiple SP IDs and multiple Roaming Group IDs supported by the UE and related to the V-SNPN of this visit that can be externally authenticated through the UDM of the home network. One, the information can be included in the Mobility Restriction List for the RAN to switch the UE to another RAN later in the V-SNPN.

Optionally, the first message may carry one or more parameters of the following UE context message: encryption information, UE identification information such as TMSI, and the like.

The core network side UE context message is forwarded to the RAN through the H-AMF, and the RAN forwards the core network side UE context message to the V-AMF, so that the information between the H-AMF and the V-AMF can be transferred through the RAN.

Optionally, the first message is an initial context setup request or a Downlink NAS Transport message, and the parameters and information included in the first message can be application protocol layer) information, may also be included in the non-access stratum (Non-Access Stratum, NAS) information of the above message, or included in the information transmitted from the H-AMF to the V-AMF in the above message.

Optionally, if the authentication fails, the first message is used to indicate that the authentication of the terminal device fails; the first message includes fourth indication information, and the fourth indication information is used to indicate the terminal device Access to the V-SNPN external authentication fails; the wireless access network device releases the connection with the terminal device according to the first message.

Optionally, if the authentication fails, the first message may be an error indication (error indication) message, and the error indication (error indication) message carries the fourth indication information to indicate that the external authentication of the terminal device fails. .

Optionally, the fourth indication information may also be a cause value.

It should be understood that S305 is also applicable to the scenario 100 .

S306: The RAN sends a second message to the UE according to the first message, where the second message is used to inform the terminal device that the authentication succeeds or fails.

Optionally, if the authentication is successful, the second message is used to inform the terminal device that the authentication is successful, and the second message includes one or more of the following parameters: the third indication information, the first home network identifier SP ID, the first roaming group identifier Roaming Group ID, multiple SP IDs supported by the terminal device that can be externally authenticated, and multiple Roaming Group IDs supported by the terminal device that can be externally authenticated, wherein the first roaming group ID The three indication information is used to indicate that the terminal device accesses the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN available Home network SP.

It should be understood that the SP ID and/or the Roaming Group ID indicate the available SPs for the UE to access this time, and may also be the SP ID list and/or the Roaming Group ID list, which identifies the available SP list for the current access.

The message carries multiple externally authenticated SP ID lists and/or multiple Roaming Group ID lists supported by the UE to update the externally authenticated list information stored by the UE for subsequent handover, cell reselection, or cell selection.

Optionally, the foregoing information may be carried in the AS message of the foregoing message, or may be included in the NAS information of the foregoing message.

Optionally, the second message may carry one or more parameters of the following UE context message: encryption information, UE identification information such as TMSI, and the like.

Optionally, the second message may be an RRC reconfiguration (RRC Reconfiguration) message or a downlink information transfer (DL Information transfer) message.

Optionally, if the authentication fails, the second message is used to inform the terminal device that the authentication fails, and the second message includes the fourth indication information, and the fourth indication information is used to indicate the terminal The device fails to access the external authentication of the V-SNPN.

Optionally, the second message is an RRC release (RRC release) message.

Optionally, after receiving the second message, the UE deletes the SP ID, Roaming Group ID, or SNPN ID that requests access this time but the authentication fails in the locally stored information, for example, updates the UE's local ID. "Equivalent Home Service Provider" list or "Service Provider Controlled Network" list for user configuration update (UE configuration update, UCU).

S307, if the authentication succeeds, the RAN sends an initial UE message (Initial UE Message) or an uplink NAS transport (Uplink NAS Transport) message to the V-AMF, where the initial UE message or the uplink NAS transport message includes at least one or more of the following parameters : fifth indication information, first home network identification SP ID, first roaming group identification Roaming Group ID, multiple SP IDs supported by the terminal device that can be externally authenticated, externally authenticated SP IDs supported by the terminal device Multiple Roaming Group IDs, wherein the fifth indication information is used to indicate that the terminal device accesses the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to indicate that the The terminal device accesses the home network SP available to the V-SNPN.

It should be understood that the first SP ID and the first Roaming Group ID indicate the available SPs for the UE to visit this time, and may also be the SP ID list and the Roaming Group ID list, identifying the available SPs and Roaming Groups for this visit.

Optionally, the fifth indication information may also be a Cause value.

Optionally, the initial UE message or the uplink NAS transmission message may carry all externally authenticated SP ID lists and/or Roaming Group ID lists related to the V-SNPN of this visit supported by the UE, and the information may be Included in the Mobility Restriction List (Mobility Restriction List) for the V-AMF to subsequently perform the handover procedure for the UE in this V-SNPN.

The initial UE message or the uplink NAS transmission message may carry at least one of the following UE context messages received by the RAN in step S205: encryption information, UE identification information such as TMSI, and the like.

The RAN forwards the UE context message on the core network side to the V-AMF, so that the V-AMF performs NAS layer encryption and the like.

The above-mentioned information may be carried in the NGAP message of the above-mentioned message, may also be included in the NAS information of the above-mentioned message, or contained in the message that the H-AMF of the above-mentioned message transparently transmits to the V-AMF.

S308, the UE sends a NAS message to the V-AMF, where the NAS message includes at least one or more of the following parameters: fifth indication information, the first home network identifier SP ID, the first roaming group identifier Roaming Group ID, the terminal device Supported multiple externally authenticated SP IDs and multiple externally authenticated Roaming Group IDs supported by the terminal device, wherein the fifth indication information is used to instruct the terminal device to access the V-SNPN If the external authentication is successful, the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the available home network SP of the V-SNPN.

It should be understood that the first SP ID and the first Roaming Group ID indicate the available SPs for the UE to access this time, and may also be the SP ID list and the Roaming Group ID list, which identify the available SP list and Roaming Group for this access.

Optionally, the fifth indication information may also be a Cause value.

Optionally, the NAS message can carry all the externally authenticated SP ID lists and/or Roaming Group ID lists related to the V-SNPN of this visit supported by the UE, and this information can be included in the mobility restriction list. (Mobility Restriction List) for the V-AMF to perform the handover procedure for the UE in the V-SNPN subsequently.

The NAS message may carry at least one item of the UE context message received by the RAN in step S205: encryption information, UE identification information such as TMSI, and the like.

The UE forwards the core network side UE context message to the V-AMF, so that the V-AMF performs NAS layer encryption and the like.

In the embodiment of the present application, when the UE accesses the network, the selected access network and the home network that needs to be authenticated are reported, so that the RAN can accurately select the AMF.

It should be understood that step S307 and step S308 are parallel steps, and only S307 or S308 may be performed, or S307 and S308 may be performed simultaneously.

The following describes a communication method provided by the present application in detail with reference to FIG. 5 . FIG. 5 is a schematic flowchart of a communication method 400 according to an embodiment of the present application. The method 400 may be applied in the scenario shown in FIG. 1 or FIG. 3 . , of course, it can also be applied in other communication scenarios, which is not limited in this embodiment of the present application.

It should also be understood that, in the embodiments of the present application, the method is described by taking a terminal device, a wireless access network device, and a core network network element device as an example for executing the method. As an example but not a limitation, the execution subject of the execution method may also be a chip, a chip system, or a processor or the like applied to a terminal device, a wireless access network device, and a core network element device.

As shown in FIG. 5 , the method 400 shown in FIG. 5 may include S401 to S410. Each step in the method 400 will be described in detail below with reference to FIG. 5 .

S401, the V-AMF negotiates with the home network or OAM in advance, and negotiates the SNPN ID that the H-AMF can support and at least one of the following: SP ID, or Roaming Group ID, to indicate that the network corresponding to the SP ID or Roaming Group ID is used Authentication can access the SNPN identified by the SNPN ID.

S402, the H-AMF sends an NG setup request response message (NG setup response) or a RAN configuration update response (RAN configuration update acknowledge) message to the RAN, and the message may carry the following information:

The SNPN ID and the first indication information, the first indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication, and the SNPN ID is used to identify that the SNPN can be accessed through H-AMF authentication. Accessed SNPN network; or

SNPN ID and one or more of the following parameters: SP ID, or Roaming Group ID, to indicate that the SNPN identified by the SNPN ID can be accessed through the authentication of the network corresponding to the SP ID or Roaming Group ID, and the SP ID and Roaming Group ID The ID is the SP or Roaming Group supported by the H-AMF, and the SNPN ID is used to identify the SNPN network that can be accessed through the authentication of the SP ID or the Roaming Group ID supported by the H-AMF; or

One or more of the following parameters: SP ID, Roaming Group ID, to indicate the SP ID and Roaming Group ID supported by the RAN, and the SP ID or Roaming Group ID is the SP or Roaming Group supported by the RAN.

The information carried above may indicate the SP ID or Roaming Group ID supported by a TA, a cell, a RAN, or a SNPN configured under the AMF described in the RAN.

It should be understood that the information carried in the NG setup request response message or the RAN configuration update response message may also be carried in the setup and update messages of the Xn, F1, and E1 interfaces, for example, in the Xn setup request message Xn setup request , NG-RAN node configuration update message NG-RAN node configuration update, F1 setup request message F1 setup request, gNB-DU configuration update message gNB-DU configuration update, gNB-CU-UP E1 setup request message gNB-CU-UP E1 setup request, gNB-CU-CP E1 setup request message gNB-CU-CP E1 setup request message, etc.

Optionally, before the step S402, the RAN may send an NG setup request message (NG setup request) or a RAN configuration update (RAN configuration update) message to the H-AMF, and the RAN may send an NG setup request message ( For the NG setup request) or RAN configuration update (RAN configuration update) message, reference may be made to step S302 in the method, which will not be repeated here.

S403, the UE sends an access message to the RAN, where the access message carries the identification SNPN ID of the V-SNPN to inform the RAN that the UE chooses to access the V-SNPN.

S404, the RAN selects a V-AMF based on the V-SNPN ID reported by the UE in step S403, and sends an Initial UE message to the V-AMF, and the message carries the V-SNPN ID.

S405, the V-AMF is based on the V-SNPN ID and the information previously communicated with the home network or OAM at the V-AMF (for example, if the V-AMF fails to authenticate successfully in the V-UDM based on the V-SNPN ID, it can know that the UE External authentication is required), redirect the UE to the H-AMF, send an initial context setup request or an error indication message to the RAN, and the message carries at least one of the following: cause value, selected Externally authenticated SP IDs supported by the V-SNPN ID, or externally authenticated Roaming Group IDs supported by the selected V-SNPN ID. The Cause value indicates that the V-SNPN that the UE requests to access requires external authentication, and the UE needs to be redirected to another AMF. The externally authenticated SP IDs or Roaming Group IDs supported by the selected V-SNPN ID are used to indicate the SP IDs or Roaming Group IDs supported by the redirected AMF.

S406, the RAN reselects the H-AMF based on steps S402 and S405. Specifically, in step S402, the RAN can learn which SP IDs or Roaming Group IDs supported by the H-AMF can be used for external authentication to access the networks identified by the SNPN IDs. In step S405, the RAN can learn that external authentication is required. The authenticated SP ID or Roaming Group ID or SNPN ID, select the H-AMF according to S405 and S402.

The RAN sends an initial UE message (initial UE message) to the H-AMF, and the message carries at least one of the following: the selected SNPN ID, SP ID, or Roaming Group ID selected by the UE to access.

S407, the H-AMF contacts the network elements such as UDM and AUSF of the home network to authenticate the UE, and sends a first message to the RAN according to the authentication result, where the first message is used to indicate the Authentication succeeded or failed.

Optionally, if the authentication is successful, the first message is used to indicate that the terminal device is authenticated successfully, and the first message includes one or more of the following parameters: third indication information, first home network identifier SP ID, the first roaming group identifier Roaming Group ID, multiple SP IDs supported by the terminal device that can be externally authenticated, and multiple Roaming Group IDs supported by the terminal device that can be externally authenticated, wherein the third The indication information is used to indicate that the terminal device accesses the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the available attribution of the V-SNPN Network SP.

It should be understood that the first SP ID and/or the first Roaming Group ID may also be a list of SP IDs and/or a list of Roaming Group IDs, identifying the SP list available for this visit, wherein the indication information #2 may also be Cause value.

It should be understood that when the H-AMF is authenticated, it can obtain all the externally authenticated SP IDs and/or Roaming Group IDs supported by the UE and related to the V-SNPN of this visit through the UDM of the home network, and this information can be Included in the Mobility Restriction List (Mobility Restriction List) for the RAN to subsequently handover the UE to another RAN in this V-SNPN.

Optionally, the first message may carry at least one of the following UE context messages: encryption information, UE identification information such as TMSI, and the like.

The core network side UE context message is forwarded to the RAN through the H-AMF, and the RAN forwards the core network side UE context message to the V-AMF, so that the information between the H-AMF and the V-AMF can be transferred through the RAN.

The above-mentioned information may be carried in the NGAP message of the above-mentioned message, may also be included in the NAS information of the above-mentioned message, or contained in the message that the H-AMF of the above-mentioned message transparently transmits to the V-AMF.

Optionally, the first message is an initial context setup request (initial context setup request) or a downlink NAS transmission Downlink NAS Transport message,

Optionally, if the authentication fails, the first message is used to indicate that the authentication of the terminal device fails; the first message includes fourth indication information, and the fourth indication information is used to indicate the terminal device Access to the V-SNPN external authentication fails; the wireless access network device releases the connection with the terminal device according to the first message.

Optionally, if the authentication fails, the first message may be an error indication (error indication) message, and the error indication (error indication) message carries the fourth indication information to indicate that the external authentication of the terminal device fails. .

Optionally, the fourth indication information may also be a cause value.

S408: The RAN sends a second message to the UE according to the first message, where the second message is used to inform the terminal device that the authentication succeeds or fails.

Optionally, if the authentication is successful, the second message is used to inform the terminal device that the authentication is successful, and the second message includes at least one or more of the following parameters: the third indication information, the first home network Identification SP ID, first roaming group identification Roaming Group ID, multiple SP IDs supported by the terminal device that can be externally authenticated, multiple Roaming Group IDs supported by the terminal device that can be externally authenticated, wherein the The third indication information is used to indicate that the external authentication of the terminal device to access the V-SNPN is successful, and the first SP ID and the first Roaming Group ID are used to indicate that the terminal device is available to access the V-SNPN the home network SP.

It should be understood that the SP ID and/or the Roaming Group ID indicate the available SPs for the UE to access this time, and may also be the SP ID list and/or the Roaming Group ID list, which identifies the available SP list for the current access.

The message carries all externally authenticated SP ID lists and/or Roaming Group ID lists supported by the UE to update the externally authenticated list information stored by the UE for subsequent handover, cell reselection, or cell selection by the UE .

Optionally, the above information may be carried in the AS message of the above message, or may be included in the NAS information of the above message.

Optionally, the second message may carry at least one of the following UE context messages: encryption information, UE identification information such as TMSI, and the like.

Optionally, the second message may be an RRC reconfiguration (RRC Reconfiguration) message or a downlink information transfer (DL Information transfer) message.

Optionally, if the authentication fails, the second message is used to inform the terminal device that the authentication fails, and the second message includes the fourth indication information, and the fourth indication information is used to indicate the terminal The device fails to access the external authentication of the V-SNPN.

Optionally, the second message is an RRC release (RRC release) message.

Optionally, after receiving the second message, the UE deletes the SP ID, Roaming Group ID, or SNPN ID that requests access this time but the authentication fails in the locally stored information, for example, updates the UE's local ID. "Equivalent Home Service Provider" list or "Service Provider Controlled Network" list for user configuration update (UE configuration update, UCU).

S409, if the authentication succeeds, the RAN sends an initial UE message (Initial UE Message) or an uplink NAS transport (Uplink NAS Transport) to the V-AMF, where the initial UE message or the uplink NAS transport message includes at least one or more of the following parameters: Fifth indication information, the first home network identification SP ID, the first roaming group identification Roaming Group ID, multiple SP IDs supported by the terminal device that can be externally authenticated, and multiple externally authenticated SP IDs supported by the terminal device. Roaming Group IDs, wherein the fifth indication information is used to indicate that the terminal device successfully accesses the V-SNPN external authentication, and the first SP ID and the first Roaming Group ID are used to indicate that the The terminal device accesses the home network SP available to the V-SNPN.

It should be understood that the SP ID and/or the Roaming Group ID indicate the available SPs for the UE to access this time, and may also be the SP ID list and/or the Roaming Group ID list, identifying the available SP list for the current access.

Optionally, the fifth indication information may also be a Cause value.

Optionally, the initial UE message or the uplink NAS transmission message may carry multiple externally authenticated SP IDs supported by the UE and related to the V-SNPN visited this time, and externally authenticated supported by the terminal device. A list of multiple Roaming Group IDs, the information may be included in the Mobility Restriction List for the V-AMF to subsequently perform a handover procedure for the UE in the V-SNPN.

The initial UE message or the uplink NAS transmission message may carry at least one of the following UE context messages received by the RAN in step S205: encryption information, UE identification information such as TMSI, and the like.

The RAN forwards the UE context message on the core network side to the V-AMF, so that the V-AMF performs NAS layer encryption and the like.

The above-mentioned information may be carried in the NGAP message of the above-mentioned message, may also be included in the NAS information of the above-mentioned message, or contained in the message that the H-AMF of the above-mentioned message transparently transmits to the V-AMF.

S410, the UE sends a NAS message to the V-AMF, where the NAS message includes at least one or more of the following parameters: fifth indication information, the first home network identifier SP ID, the first roaming group identifier Roaming Group ID, the terminal equipment Supported multiple externally authenticated SP IDs and multiple externally authenticated Roaming Group IDs supported by the terminal device, wherein the fifth indication information is used to instruct the terminal device to access the V-SNPN If the external authentication is successful, the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the available home network SP of the V-SNPN.

It should be understood that the SP ID and/or the Roaming Group ID indicate the available SPs for the UE to access this time, and may also be the SP ID list and the Roaming Group ID list, which identify the available SPs and Roaming Groups for this access.

Optionally, the fifth indication information may also be a Cause value.

Optionally, the NAS message can carry all the externally authenticated SP ID lists and/or Roaming Group ID lists related to the V-SNPN of this visit supported by the UE, and this information can be included in the mobility restriction list. (Mobility Restriction List) for the V-AMF to perform the handover procedure for the UE in the V-SNPN subsequently.

The NAS message may carry at least one of the following UE context messages received by the RAN in step S205: encryption information, UE identification information such as TMSI, and the like.

The UE forwards the core network side UE context message to the V-AMF, so that the V-AMF performs NAS layer encryption and the like.

It should be understood that step S409 and step S410 are parallel steps, and only S409 or S410 may be performed, or S409 and S410 may be performed simultaneously.

In the embodiment of this application, the V-AMF interacts with the home network or OAM in advance to learn the SP ID or Roaming Group ID supported by the H-AMF; the RAN selects the V-AMF by default, and the V-AMF redirects the UE and informs RAN, RAN re-selects H-AMF for authentication.

The following describes a communication method provided by the present application in detail with reference to FIG. 6 . FIG. 6 is a schematic flowchart of a communication method 500 according to an embodiment of the present application. The method 500 may be applied in the scenario shown in FIG. 1 or FIG. 3 . , of course, it can also be applied in other communication scenarios, which is not limited in this embodiment of the present application.

It should also be understood that, in the embodiments of the present application, the method is described by taking a terminal device, a wireless access network device, and a core network network element device as an example for executing the method. As an example but not a limitation, the execution subject of the execution method may also be a chip, a chip system, or a processor or the like applied to a terminal device, a wireless access network device, and a core network element device.

As shown in FIG. 6, the method 500 shown in FIG. 6 may include S501 to S508. Each step in the method 500 will be described in detail below with reference to FIG. 6 .

S501, the V-AMF sends an NG setup request response message (NG setup response) or a RAN configuration update response (RAN configuration update acknowledge) message to the RAN, and the message may carry the following information:

SNPN ID, priority information of the SNPN ID and the first indication information, the first indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication, and the SNPN ID is used to Identifies the SNPN network supported by the V-AMF and accessible through external authentication; or

The SNPN ID, the priority information of the SNPN ID and at least one of the following parameters and the priority information of the parameter: the priority information of the SP ID and the SP ID, or the priority of the Roaming Group ID and the Roaming Group ID level information to indicate that the SNPN identified by the SNPN ID can be accessed by performing external authentication through the network corresponding to the SP ID or Roaming Group ID, where the SP ID or Roaming Group ID is the SP or Roaming Group supported by the RAN, and the The SNPN ID is used to identify the SNPN network that the V-AMF can access through external authentication through the network identified by the SP ID or Roaming Group ID; or

At least one of the following parameters and priority information of said parameters: SP ID and priority information of said SP ID, or priority information of Roaming Group ID and said Roaming Group ID, SP ID and Roaming Group ID to indicate the RAN Supported SP ID and Roaming Group ID, the SP ID or Roaming Group ID is the SP or Roaming Group supported by the RAN.

The information carried above may indicate the SP ID or Roaming Group ID supported by a TA, a cell, a RAN, or a SNPN configured under the AMF described in the RAN.

It should be understood that the information carried in the NG setup request response message or the RAN configuration update response message may also be carried in the setup and update messages of the Xn, F1, and E1 interfaces, for example, in the Xn setup request message Xn setup request , NG-RAN node configuration update message NG-RAN node configuration update, F1 setup request message F1 setup request, gNB-DU configuration update message gNB-DU configuration update, gNB-CU-UP E1 setup request message gNB-CU-UP E1 setup request, gNB-CU-CP E1 setup request message gNB-CU-CP E1 setup request message, etc.

S502, the H-AMF sends an NG setup request response message (NG setup response) or a RAN configuration update response (RAN configuration update acknowledge) message to the RAN. The specific message content may refer to S401, which will not be repeated here.

It should be understood that before step S501 and step S502, the RAN may send an NG setup request message (NG setup request) or a RAN configuration update (RAN configuration update) message to the V-AMF, and the RAN may send an NG to the H-AMF For a setup request message (NG setup request) or a RAN configuration update (RAN configuration update) message, reference may be made to the relevant steps in method 300 for this step, which will not be repeated here.

S503: The UE sends an access message to the RAN, where the access message includes first information, where the first information is used to inform the radio access network device that the terminal device accesses the V-SNPN through home network authentication. The first information is the SNPN ID and the priority information corresponding to the SNPN ID.

S504, the RAN selects an AMF (taking H-AMF as an example) based on the SNPN ID, priority and other information reported by the UE in S503, and the network information supported by each AMF received in steps S501 and S502, and sends the The H-AMF sends an Initial UE message, which carries one or more of the following parameters: V-SNPN ID, SP ID, Roaming Group ID, or priority information.

Specifically, if the priority of the SNPN to be accessed by the UE is consistent with the priority of the network supported by the H-AMF, the H-AMF is selected; if the priority of the SNPN to be accessed by the UE is the same as the priority of the network supported by the V-AMF If the priorities of the networks are the same, V-AMF is selected. For example, the priority of the SNPN to be accessed by the UE is 1, the priority of the network supported by H-AMF is 1, and the priority of the network supported by V-AMF is 2, then H-AMF is selected for authentication.

S505, the H-AMF contacts network elements such as H-UDM, H-AUSF, etc. to authenticate the UE, and sends a first message to the RAN according to the authentication result, where the first message is used to indicate that the terminal Device authentication succeeded or failed.

Optionally, if the authentication is successful, the first message is used to indicate that the authentication of the terminal device is successful, and the first message includes at least one or more of the following parameters: third indication information, first home network identifier SP ID, the first roaming group identifier Roaming Group ID, multiple SP IDs supported by the terminal device that can be externally authenticated, and multiple Roaming Group IDs supported by the terminal device that can be externally authenticated, wherein the first roaming group ID The three indication information is used to indicate that the terminal device accesses the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN available Home network SP.

It should be understood that the first SP ID and/or the first Roaming Group ID may also be a list of SP IDs and/or a list of Roaming Group IDs, identifying the SP list available for this visit, wherein the indication information #2 may also be Cause value.

It should be understood that when the H-AMF is authenticated, it can obtain, through the UDM of the home network, a plurality of externally authenticated SP IDs supported by the UE and related to the V-SNPN of the current visit, and externally authenticated SP IDs supported by the terminal device. Multiple Roaming Group IDs authenticated, the information can be included in the Mobility Restriction List for the RAN to switch the UE to another RAN later in the V-SNPN.

Optionally, the first message may carry at least one of the following UE context messages: encryption information, UE identification information such as TMSI, and the like.

The core network side UE context message is forwarded to the RAN through the H-AMF, and the RAN forwards the core network side UE context message to the V-AMF, so that the information between the H-AMF and the V-AMF can be transferred through the RAN.

The above-mentioned information may be carried in the NGAP message of the above-mentioned message, may also be included in the NAS information of the above-mentioned message, or contained in the message that the H-AMF of the above-mentioned message transparently transmits to the V-AMF.

Optionally, the first message is an initial context setup request (initial context setup request) or a downlink NAS transmission Downlink NAS Transport message,

Optionally, if the authentication fails, the first message is used to indicate that the authentication of the terminal device fails; the first message includes fourth indication information, and the fourth indication information is used to indicate the terminal device Access to the V-SNPN external authentication fails; the wireless access network device releases the connection with the terminal device according to the first message.

Optionally, if the authentication fails, the first message may be an error indication (error indication) message, and the error indication (error indication) message carries the fourth indication information to indicate that the external authentication of the terminal device fails. .

Optionally, the fourth indication information may also be a cause value.

S506, if the authentication fails, the RAN reselects another AMF (taking V-AMF as an example) based on steps S504 and S505, and sends an initial UE message (initial UE message) to the V-AMF, and the message carries at least one of the following: The selected SNPN ID, SP ID, Roaming Group ID, or priority information that the UE selects to access. If the authentication fails, the RAN will re-select the third AMF, and so on, until it succeeds.

It should be understood that S504 and S506 can be sent at the same time, that is, the RAN sends messages to multiple AMFs in parallel, so that the multiple AMFs can authenticate the UE synchronously, so as to reduce the delay caused by serially contacting the AMFs.

It should also be understood that, when the authentication succeeds, the AMF for the incoming authentication may send a first message to the RAN, and the first message may refer to the description in the method 300 and the method 300, which will not be repeated here.

It should also be understood that when the RAN receives the first message sent by the AMF, the RAN sends a second message to the UE based on the first message. For the second message, reference may be made to the descriptions in the method 300 and the method 400, which are not repeated here. Repeat.

In the embodiment of the present application, each AMF informs the RAN of information such as SP ID, Roaming Group ID, and priority that it supports; the RAN selects the AMF based on the information notified by the AMF and the information reported by the UE.

A communication method according to an embodiment of the present application has been described in detail above with reference to FIG. 1 to FIG. 6 . The communication device according to the embodiment of the present application will be described in detail below with reference to FIG. 7 to FIG. 9 .

FIG. 7 shows a schematic block diagram of a communication apparatus 600 according to an embodiment of the present application.

In some embodiments, the apparatus 600 may be a terminal device, or may be a chip or a circuit, for example, a chip or a circuit that can be provided in the terminal device.

In some embodiments, the apparatus 600 may be a wireless access network device, or may be a chip or a circuit, for example, a chip or a circuit that may be provided in a wireless access network device.

In a possible manner, the apparatus 600 may include a processing unit 610 (ie, an example of a processor) and a transceiving unit 630, and the transceiving unit 630 may implement the functions of a receiving unit and a transmitting unit. In some possible implementations, the processing unit 610 may also be referred to as a determination unit. In some possible implementations, the transceiver unit 630 may include a receiving unit and a sending unit.

In an implementation manner, the transceiver unit 630 may be implemented by a transceiver or a transceiver-related circuit or an interface circuit.

In one implementation, the apparatus may further include a storage unit 620 . In a possible manner, the storage unit 620 is used to store instructions. In one implementation, the storage unit may also be used to store data or information. The storage unit 620 may be implemented by a memory.

In some possible designs, the processing unit 610 is configured to execute the instructions stored in the storage unit 620, so that the apparatus 600 implements the steps performed by the terminal device in the above method. Alternatively, the processing unit 610 may be configured to call the data of the storage unit 620, so that the apparatus 600 implements the steps performed by the terminal device in the above method.

In some possible designs, the processing unit 610 is configured to execute the instructions stored in the storage unit 620, so that the apparatus 600 implements the steps performed by the radio access network device in the above method. Alternatively, the processing unit 610 may be configured to call the data of the storage unit 620, so that the apparatus 600 implements the steps performed by the radio access network device in the above method.

For example, the processing unit 610, the storage unit 620, and the transceiver unit 630 can communicate with each other through an internal connection path to transmit control and/or data signals. For example, the storage unit 620 is used to store a computer program, and the processing unit 610 can be used to call and run the computer program from the storage unit 620 to control the transceiver unit 630 to receive signals and/or send signals, and complete the above method. Steps for terminal equipment or radio access network equipment. The storage unit 620 may be integrated in the processing unit 610 , or may be provided separately from the processing unit 610 .

Optionally, if the apparatus 600 is a communication device (for example, a terminal device, or a wireless access network device), the transceiver unit 630 includes a receiver and a transmitter. The receiver and the transmitter may be the same or different physical entities. When they are the same physical entity, they can be collectively referred to as transceivers.

When the apparatus 600 is a terminal device or the apparatus is a wireless access network device or a core network device, the transceiver unit 630 may be a sending unit or a transmitter when sending information, and the transceiver unit 630 may be a receiving unit or a receiving unit when receiving information The transceiver, the transceiver unit can be a transceiver, the transceiver, the transmitter or the receiver can be a radio frequency circuit, when the device includes a storage unit, the storage unit is used to store computer instructions, the processor is communicatively connected to the memory, the processor The computer instructions stored in the memory are executed to cause the apparatus to perform the method 200, the method 500 or the method 600. The processor may be a general-purpose central processing unit (CPU), a microprocessor, or an application specific integrated circuit (ASIC).

Optionally, if the device 600 is a chip or a circuit, the transceiver unit 630 includes an input interface and an output interface.

When the device 600 is a chip, the transceiver unit 630 may be an input and/or output interface, a pin or a circuit, or the like. The processing unit 610 can execute computer-executable instructions stored in the storage unit, so that the apparatus can perform the method 200 , the method 500 or the method 600 . Optionally, the storage unit is a storage unit in the chip, such as a register, a cache, etc., and the storage unit may also be a storage unit in the terminal located outside the chip, such as a read-only memory (Read Only Memory). Only Memory, ROM) or other types of static storage devices that can store static information and instructions, random access memory (Random Access Memory, RAM), etc.

As an implementation manner, the function of the transceiver unit 630 may be implemented by a transceiver circuit or a dedicated chip for transceiver. The processing unit 610 can be considered to be implemented by a dedicated processing chip, a processing circuit, a processing unit or a general-purpose chip.

As another implementation manner, a general-purpose computer may be used to implement the communication device (for example, a terminal device, or a wireless access network device) provided in this embodiment of the present application. The program codes that will implement the functions of the processing unit 610 and the transceiver unit 630 are stored in the storage unit 620 , and the general processing unit implements the functions of the processing unit 610 and the transceiver unit 630 by executing the codes in the storage unit 620 .

In some embodiments, the apparatus 600 may be a terminal device, or a chip or circuit provided in the terminal device. When the apparatus 600 is a terminal device, or a chip or circuit provided in the terminal device, the transceiver unit 630 is configured to send an access message to the wireless access network device, where the access message includes first information, and the first information is used for To inform the wireless access network device that the terminal device accesses the V-SNPN through home network authentication; the receiving unit 630 is further configured to receive a first message sent by the wireless access network device, the first message The message is used to indicate success or failure of authentication to the terminal device.

In an implementation manner, the first information includes at least one or more of the following parameters: an independent non-public network identifier SNPN ID, a home network identifier SP ID, a roaming group identifier Roaming Group ID, or first indication information, the The first indication information is used to indicate the SNPN ID, the SP ID or the Roaming Group ID; or, the first information includes the SNPN ID and the priority information of the network that the terminal device needs to authenticate.

In an implementation manner, the access message is a radio resource control RRC setup complete or RRC setup request message.

In an implementation manner, the first message is used to indicate that the terminal device is successfully authenticated, and the first message includes one or more of the following parameters: second indication information, first SP ID, first Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device, and multiple externally authenticated Roaming Group IDs supported by the terminal device, wherein the second indication information is used to indicate the terminal The external authentication of the device accessing the V-SNPN is successful, and the first SP ID and/or the first Roaming Group ID are used to instruct the terminal device to access an available home network SP.

In an implementation manner, the first message further includes context information of the terminal device.

In an implementation manner, the first message is an RRC reconfiguration message or a downlink information forwarding message.

In an implementation manner, the first message is used to indicate that the authentication of the terminal device fails, and the first message includes third indication information, and the third indication information is used to instruct the terminal device to access the The V-SNPN external authentication fails; the terminal device also includes a processing unit for deleting the following one or more parameters stored locally according to the first message: independent non-public network identifier SNPN ID, home network identifier SP ID or Roaming Group ID.

In an implementation manner, the first message is an RRC release message.

In an implementation manner, the sending unit 630 is further configured to send an initial UE message or an uplink NAS transmission message to the access and mobility management function V-AMF in the visited network, where the initial UE message or the uplink NAS transmission message includes One or more of the following parameters: fourth indication information, first home network identifier SP ID, first roaming group identifier Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device and supported by the terminal device multiple Roaming Group IDs that can be externally authenticated, wherein the fourth indication information is used to indicate that the terminal device accesses the V-SNPN externally authenticated successfully, and the first SP ID and/or the first SP ID and/or the third A Roaming Group ID is used to instruct the terminal device to access the available home network SP of the V-SNPN.

When the apparatus 600 is configured in or is itself a terminal device, each module or unit in the apparatus 600 can be used to perform various actions or processing procedures performed by the terminal device in the above method.

In some embodiments, the apparatus 600 may be a wireless access network device, or a chip or circuit provided in the wireless access network device. When the apparatus 600 is a wireless access network device, or a chip or circuit provided in the wireless access network device, the transceiver unit 630 is configured to receive an access message sent by the terminal device, where the access message includes the first information, the The first information is used to inform the wireless access network device that the terminal device accesses the V-SNPN through home network authentication; the processing unit 610 is configured to select the access and mobility management function AMF according to the first information , the selected AMF is the V-AMF in the visited independent non-public network or the H-AMF of the home network; the transceiver unit 630 is further configured to receive the first message sent by the H-AMF, and the first message uses to indicate success or failure of authentication to the terminal device; the transceiver unit 630 is configured to send a second message to the terminal device according to the first message, where the second message is used to inform the terminal device of authentication success or failure.

In an implementation manner, the first information includes one or more of the following parameters: an independent non-public network identifier SNPN ID, a home network identifier SP ID, a roaming group identifier Roaming Group ID, or first indication information, the first An indication information is used to indicate the SNPN ID, the SP ID or the Roaming Group ID; or, the first information includes the SNPN ID and the priority information of the network that the terminal device needs to authenticate.

In an implementation manner, the processing unit 610 is specifically configured to: when the first information only includes the SNPN ID, select the access and mobility management function V in the non-public network V-SNPN independent of the visited network -AMF; or, when the first information includes at least one parameter in the SNPN ID and the SP ID and the Roaming Group ID, select the access and mobility management function H-AMF in the home network; or , when the first information includes the SP ID and/or the Roaming Group ID, select the access and mobility management function H-AMF in the home network; or, when the first information includes an independent non-public The network identifier and the priority information of the network that the terminal device needs to authenticate, and the access and mobility management functions are selected according to the priority information of the network supported by the V-AMF and the H-AMF.

In an implementation manner, after selecting the access and mobility management function V-AMF in the non-public V-SNPN independent of the visited network, the transceiver unit 630 is further configured to receive the V-AMF sent by the V-AMF. The third message is used to instruct the wireless access network device to reselect the H-AMF; the processing unit 610 is further configured to select the H-AMF according to the third message.

In an implementation manner, the first message is used to indicate that the terminal device is successfully authenticated, and the first message includes one or more of the following parameters: second indication information, first home network identifier SP ID, The first roaming group identifier Roaming Group ID, a plurality of externally authenticated SP IDs supported by the terminal device, and a plurality of externally authenticated Roaming Group IDs supported by the terminal device, wherein the second indication information Used to indicate that the terminal equipment accesses the V-SNPN external authentication successfully, and the first SP ID and/or the first Roaming Group ID is used to indicate that the terminal equipment accesses the available attribution of the V-SNPN Network SP.

In an implementation manner, the first message further includes context information of the terminal device.

With reference to the sixth aspect, in some implementations of the sixth aspect, the first message is an initial context establishment request or a downlink NAS transmission message.

In an implementation manner, the second message is used to inform the terminal device that the authentication is successful, and the second message includes one or more of the following parameters: second indication information, the first home network identifier SP ID, the first A roaming group ID, a plurality of externally authenticated SP IDs supported by the terminal device, and a plurality of externally authenticated Roaming Group IDs supported by the terminal device, wherein the second indication information uses To indicate that the terminal device accesses the V-SNPN external authentication successfully, the first SP ID and/or the first Roaming Group ID is used to instruct the terminal device to access the available home network of the V-SNPN SP.

In an implementation manner, the second message further includes context information of the terminal device.

In an implementation manner, the second message is an RRC reconfiguration message or a downlink information forwarding message.

In an implementation manner, the first message is used to indicate that the authentication of the terminal device fails; the first message includes third indication information, and the third indication information is used to instruct the terminal device to access the The V-SNPN external authentication fails; the processing unit is further configured to release the connection with the terminal device according to the first message.

In an implementation manner, the second message is used to inform the terminal device that authentication fails, and the second message includes the third indication information, and the third indication information is used to instruct the terminal device to access The external authentication of the V-SNPN fails.

In an implementation manner, the authentication failure message is an RRC release message.

In an implementation manner, the transceiver unit 630 is further configured to: send an initial UE message or an uplink NAS transmission message to the V-AMF, where the initial UE message or uplink NAS transmission message includes one or more of the following parameters: fourth Indication information, the first home network identifier SP ID, the first roaming group identifier Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device, and multiple externally authenticated Roaming supported by the terminal device Group ID, wherein the fourth indication information is used to indicate that the terminal device accesses the V-SNPN external authentication successfully, and the first SP ID and/or the first Roaming Group ID is used to indicate the The terminal device accesses the home network SP available to the V-SNPN.

In an implementation manner, the initial UE message or the uplink NAS transmission message further includes context information of the terminal device.

In an implementation manner, before receiving the access message sent by the terminal device, the transceiver unit 630 is further configured to: receive an NG setup request response message sent by the V-AMF and/or the H-AMF or a RAN configuration update response message, the NG setup request response message or the RAN configuration update response message includes:

The SNPN ID and fifth indication information, the fifth indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication; or, the SNPN ID and one of the following parameters: the SP ID or the Roaming Group ID, the SP ID or the Roaming Group ID indicates that the SNPN identified by the SNPN ID can be accessed by performing external authentication through the network corresponding to the SP ID or the Roaming Group ID; Item parameter: SP ID or Roaming Group ID, the SP ID or the Roaming Group ID indicates the SP ID or Roaming Group ID supported by the V-AMF and/or H-AMF; or, the SNPN ID , the priority information of any one or more parameters in the SP ID and the Roaming Group ID.

In an implementation manner, the transceiver unit 630 is further configured to: send an NG setup request message or a RAN configuration update message to the V-AMF and/or the H-AMF, the NG setup request message or all The RAN configuration update message includes: an SNPN ID and fifth indication information, where the fifth indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication; or, the SNPN ID and one of the following parameters: SP ID or Roaming Group ID, the SP ID or the Roaming Group ID indicates that the SNPN identified by the SNPN ID can be accessed by performing external authentication through the network corresponding to the SP ID or the Roaming Group ID; or, one of the following parameters : SP ID or Roaming Group ID, the SP ID or the Roaming Group ID indicates the SP ID or Roaming Group ID supported by the V-AMF and/or the H-AMF.

When the apparatus 600 is configured in or itself is a wireless access network device, each module or unit in the apparatus 600 can be used to perform various actions or processing procedures performed by the wireless access network device in the above method. Here, in order to avoid repeated descriptions , and the detailed description thereof is omitted.

FIG. 8 is a schematic structural diagram of a terminal device 700 provided by this application. The terminal device 700 may perform the actions performed by the terminal device in the foregoing method embodiments.

For convenience of explanation, FIG. 8 only shows the main components of the terminal device. As shown in FIG. 8 , the terminal device 700 includes a processor, a memory, a control circuit, an antenna, and an input and output device.

The processor is mainly used to process communication protocols and communication data, and to control the entire terminal device, execute software programs, and process data of the software programs, for example, for supporting the terminal device to execute the above-mentioned transmission precoding matrix instruction method embodiment. the described action. The memory is mainly used to store software programs and data, such as the codebook described in the above embodiments. The control circuit is mainly used for the conversion of the baseband signal and the radio frequency signal and the processing of the radio frequency signal. The control circuit together with the antenna can also be called a transceiver, which is mainly used to send and receive radio frequency signals in the form of electromagnetic waves. Input and output devices, such as touch screens, display screens, keyboards, etc., are mainly used to receive data input by users and output data to users.

When the terminal device is powered on, the processor can read the software program in the storage unit, interpret and execute the instructions of the software program, and process the data of the software program. When data needs to be sent wirelessly, the processor performs baseband processing on the data to be sent, and outputs the baseband signal to the radio frequency circuit. The radio frequency circuit performs radio frequency processing on the baseband signal and sends the radio frequency signal through the antenna in the form of electromagnetic waves. When data is sent to the terminal device, the radio frequency circuit receives the radio frequency signal through the antenna, converts the radio frequency signal into a baseband signal, and outputs the baseband signal to the processor, which converts the baseband signal into data and processes the data.

Those skilled in the art can understand that, for the convenience of description, FIG. 8 only shows one memory and a processor. In an actual terminal device, there may be multiple processors and memories. The memory may also be referred to as a storage medium or a storage device, etc., which is not limited in this embodiment of the present application.

For example, the processor may include a baseband processor and a central processing unit. The baseband processor is mainly used to process communication protocols and communication data. The central processing unit is mainly used to control the entire terminal device, execute software programs, and process software programs. data. The processor in FIG. 8 integrates the functions of the baseband processor and the central processing unit. Those skilled in the art can understand that the baseband processor and the central processing unit may also be independent processors, interconnected by technologies such as a bus. Those skilled in the art can understand that a terminal device may include multiple baseband processors to adapt to different network standards, a terminal device may include multiple central processors to enhance its processing capability, and various components of the terminal device may be connected through various buses. The baseband processor may also be expressed as a baseband processing circuit or a baseband processing chip. The central processing unit can also be expressed as a central processing circuit or a central processing chip. The function of processing the communication protocol and communication data may be built in the processor, or may be stored in the storage unit in the form of a software program, and the processor executes the software program to realize the baseband processing function.

Exemplarily, in this embodiment of the present application, an antenna and a control circuit with a transceiver function may be regarded as the transceiver unit 710 of the terminal device 700 , and a processor with a processing function may be regarded as the processing unit 820 of the terminal device 700 . As shown in FIG. 8 , the terminal device 700 includes a transceiver unit 710 and a processing unit 720 . The transceiving unit may also be referred to as a transceiver, a transceiver, a transceiving device, or the like. Optionally, the device for implementing the receiving function in the transceiver unit 710 may be regarded as a receiving unit, and the device for implementing the transmitting function in the transceiver unit 710 may be regarded as a transmitting unit, that is, the transceiver unit includes a receiving unit and a transmitting unit. Exemplarily, the receiving unit may also be referred to as a receiver, a receiver, a receiving circuit, and the like, and the transmitting unit may be referred to as a transmitter, a transmitter, or a transmitting circuit, or the like.

FIG. 9 is a schematic structural diagram of a wireless access network device 800 according to an embodiment of the present application, which can be used to implement the functions of the access device in the foregoing method. The radio access network device 800 includes one or more radio frequency units, such as a remote radio unit (remote radio unit, RRU) 810 and one or more baseband units (baseband unit, BBU) (also referred to as digital units, digital units) , DU)820. The RRU 810 may be referred to as a transceiver unit, a transceiver, a transceiver circuit, or a transceiver, etc., and may include at least one antenna 811 and a radio frequency unit 812 . The RRU810 part is mainly used for receiving and sending radio frequency signals and converting radio frequency signals to baseband signals, for example, for sending the signaling messages described in the above embodiments to terminal equipment. The part of the BBU820 is mainly used to perform baseband processing, control the base station, and so on. The RRU 810 and the BBU 820 may be physically set together or physically separated, that is, a distributed base station.

The BBU820 is the control center of the base station, which may also be called a processing unit, and is mainly used to complete baseband processing functions, such as channel coding, multiplexing, modulation, and spread spectrum. For example, the BBU (processing unit) 820 may be used to control the base station to perform the operation procedures related to the network device in the above method embodiments.

In an example, the BBU820 may be composed of one or more single boards, and the multiple single boards may jointly support a wireless access network of a single access standard (such as an LTE system or a 5G system), or may support different access modes respectively. into the standard wireless access network. The BBU 820 also includes a memory 821 and a processor 822 . The memory 821 is used to store necessary instructions and data. For example, the memory 821 stores the codebook and the like in the above-described embodiments. The processor 822 is configured to control the base station to perform necessary actions, for example, to control the base station to perform the operation procedure of the network device in the foregoing method embodiments. The memory 821 and processor 822 may serve one or more single boards. That is to say, the memory and processor can be provided separately on each single board. It can also be that multiple boards share the same memory and processor. In addition, necessary circuits may also be provided on each single board.

In a possible implementation, with the development of system-on-chip (SoC) technology, all or part of the functions of the 820 part and the 810 part can be realized by the SoC technology, for example, a base station function chip Implementation, the base station function chip integrates a processor, a memory, an antenna interface and other devices, the program of the base station related functions is stored in the memory, and the processor executes the program to realize the related functions of the base station. Optionally, the base station function chip can also read the external memory of the chip to realize the related functions of the base station.

It should be understood that the structure of the radio access network device illustrated in FIG. 9 is only a possible form, and should not constitute any limitation to the embodiments of the present application. This application does not exclude the possibility of other forms of base station structures that may appear in the future.

It should be understood that, in this embodiment of the present application, the processor may be a central processing unit (central processing unit, CPU), and the processor may also be other general-purpose processors, digital signal processors (digital signal processors, DSP), dedicated integrated Circuit (application specific integrated circuit, ASIC), off-the-shelf programmable gate array (field programmable gate array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.

It should also be understood that the memory in the embodiments of the present application may be volatile memory or non-volatile memory, or may include both volatile and non-volatile memory. The non-volatile memory may be read-only memory (ROM), programmable read-only memory (PROM), erasable programmable read-only memory (EPROM), electrically programmable Erase programmable read-only memory (electrically EPROM, EEPROM) or flash memory. Volatile memory may be random access memory (RAM), which acts as an external cache. By way of example and not limitation, many forms of random access memory (RAM) are available, such as static random access memory (SRAM), dynamic random access memory (DRAM), synchronous dynamic random access memory (DRAM) Access memory (synchronous DRAM, SDRAM), double data rate synchronous dynamic random access memory (double data rate SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (enhanced SDRAM, ESDRAM), synchronous connection dynamic random access memory Fetch memory (synchlink DRAM, SLDRAM) and direct memory bus random access memory (direct rambus RAM, DR RAM).

The above embodiments may be implemented in whole or in part by software, hardware, firmware or any other combination. When implemented in software, the above-described embodiments may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions or computer programs. When the computer instructions or computer programs are loaded or executed on a computer, all or part of the processes or functions described in the embodiments of the present application are generated. The computer may be a general purpose computer, special purpose computer, computer network, or other programmable device. The computer instructions may be stored in or transmitted from one computer readable storage medium to another computer readable storage medium, for example, the computer instructions may be downloaded from a website site, computer, server or data center Transmission to another website site, computer, server or data center by wire (eg, infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device such as a server, a data center, or the like that contains one or more sets of available media. The usable media may be magnetic media (eg, floppy disks, hard disks, magnetic tapes), optical media (eg, DVDs), or semiconductor media. The semiconductor medium may be a solid state drive.

Embodiments of the present application further provide a computer-readable medium on which a computer program is stored, and when the computer program is executed by a computer, implements the steps performed by the terminal device in any of the foregoing embodiments, or the first wireless access network device The steps performed, or the steps performed by the second radio access network device, or the steps performed by the core network device.

Embodiments of the present application further provide a computer program product, which, when executed by a computer, implements the steps performed by the terminal device in any of the foregoing embodiments, or the steps performed by the first wireless access network device, or the first step performed by the wireless access network device. 2. The steps performed by the radio access network equipment, or the steps performed by the core network equipment.

An embodiment of the present application also provides a system chip, where the system chip includes: a communication unit and a processing unit. The processing unit may, for example, be a processor. The communication unit may be, for example, a communication interface, an input/output interface, a pin or a circuit, or the like. The processing unit can execute computer instructions, so that the chip in the communication apparatus executes the steps executed by the terminal device provided in the above embodiments of the present application, or the steps executed by the wireless access network device.

Optionally, the computer instructions are stored in a storage unit.

According to the method provided by the embodiment of the present application, the embodiment of the present application further provides a communication system, which includes the aforementioned wireless access network device and terminal device.

Each embodiment in this application can be used independently or in combination, which is not limited here.

Additionally, various aspects or features of the present application may be implemented as a method, apparatus, or article of manufacture using standard programming and/or engineering techniques. The term "article of manufacture" as used in this application encompasses a computer program accessible from any computer readable device, carrier or medium. For example, computer readable media may include, but are not limited to: magnetic storage devices (eg, hard disks, floppy disks, or magnetic tapes, etc.), optical disks (eg, compact discs (CDs), digital versatile discs (DVDs) etc.), smart cards and flash memory devices (eg, erasable programmable read-only memory (EPROM), card, stick or key drives, etc.). Additionally, various storage media described herein can represent one or more devices and/or other machine-readable media for storing information. The term "machine-readable medium" may include, but is not limited to, wireless channels and various other media capable of storing, containing, and/or carrying instructions and/or data.

It should be understood that "and/or", which describes the association relationship between associated objects, means that there can be three kinds of relationships, for example, A and/or B, which can mean: the existence of A alone, the existence of A and B at the same time, the existence of B alone. condition. The character "/" generally indicates that the associated objects are an "or" relationship. "At least one" refers to one or more than one; "at least one of A and B", similar to "A and/or B", describes the association relationship of associated objects, indicating that there can be three kinds of relationships, for example, A and B At least one of the three cases can represent: A exists alone, A and B exist simultaneously, and B exists alone.

Those of ordinary skill in the art can realize that the units and algorithm steps of each example described in conjunction with the embodiments disclosed herein can be implemented in electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the technical solution. Skilled artisans may implement the described functionality using different methods for each particular application, but such implementations should not be considered beyond the scope of this application.

Those skilled in the art can clearly understand that, for the convenience and brevity of description, the specific working process of the above-described systems, devices and units may refer to the corresponding processes in the foregoing method embodiments, which will not be repeated here.

In the several embodiments provided in this application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored, or not implemented. On the other hand, the shown or discussed mutual coupling or direct coupling or communication connection may be through some interfaces, indirect coupling or communication connection of devices or units, and may be in electrical, mechanical or other forms.

The units described as separate components may or may not be physically separated, and components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution in this embodiment.

In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically alone, or two or more units may be integrated into one unit.

The functions, if implemented in the form of software functional units and sold or used as independent products, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application can be embodied in the form of a software product in essence, or the part that contributes to the prior art or the part of the technical solution. The computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk and other media that can store program codes .

The above are only specific embodiments of the present application, but the protection scope of the present application is not limited to this. should be covered within the scope of protection of this application. Therefore, the protection scope of the present application should be subject to the protection scope of the claims.

Claims (35)

A communication method, the method is applied to a terminal device, and the terminal device accesses and visits an independent non-public network V-SNPN, characterized by comprising: Sending an access message to a wireless access network device, where the access message includes first information, where the first information is used to instruct the terminal device to access the V-SNPN through home network authentication; Receive a first message sent by the wireless access network device, where the first message is used to indicate success or failure of authentication to the terminal device. The method of claim 1, wherein: The first information includes one or more of the following parameters: an independent non-public network identifier SNPN ID, a home network identifier SP ID, a roaming group identifier Roaming Group ID, or first indication information, where the first indication information is used to indicate the the SNPN ID, the SP ID or the Roaming Group ID; or, The first information includes the SNPN ID and the priority information of the network that the terminal device needs to authenticate. The method according to claim 1 or 2, wherein the first message is used to indicate that the terminal device is authenticated successfully, and the first message includes one or more of the following parameters: second indication information, the first SP ID, the first Roaming Group ID, multiple SP IDs supported by the terminal device that can be authenticated externally, and multiple Roaming Group IDs supported by the terminal device that can be authenticated externally, Wherein, the second indication information is used to instruct the terminal device to access the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN Home network SP available for the V-SNPN. The method according to claim 1 or 2, wherein the first message is used to indicate that authentication of the terminal device fails, the first message includes third indication information, and the third indication information is used for Instructing the terminal device to access the V-SNPN external authentication failure; The terminal device deletes one or more of the following parameters stored locally according to the first message: Independent non-public network identification SNPN ID, home network identification SP ID or roaming group identification Roaming Group ID. The method according to any one of claims 1 to 3, wherein the method further comprises: Send an initial terminal equipment UE message or an uplink non-access stratum NAS transmission message to the access and mobility management function V-AMF in the visited network, where the initial UE message or the uplink NAS transmission message includes one or more of the following parameters: the fourth indication information, the first SP ID, the first Roaming Group ID, a plurality of externally authenticated SP IDs supported by the terminal device, and a plurality of externally authenticated Roaming Group IDs supported by the terminal device, Wherein, the fourth indication information is used to instruct the terminal device to access the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN Home network SP available for the V-SNPN. A communication method, the method is applied to a wireless access network device, the wireless access network device is both a wireless access network device visiting an independent non-public network V-SNPN and a wireless access network device of a home network, wherein Features include: receiving an access message sent by a terminal device, where the access message includes first information, where the first information is used for the terminal device to authenticate to the home network to access the V-SNPN; According to the first information, the access and mobility management function AMF is selected, and the selected AMF is the V-AMF in the visited independent non-public network or the H-AMF in the home network; receiving a first message sent by the H-AMF, where the first message is used to indicate success or failure of authentication to the terminal device; According to the first message, a second message is sent to the terminal device, where the second message is used to inform the terminal device that authentication succeeds or fails. The method of claim 6, wherein: The first information includes one or more of the following parameters: an independent non-public network identifier SNPN ID, a home network identifier SP ID, a roaming group identifier Roaming Group ID, or first indication information, where the first indication information is used to indicate the the SNPN ID, the SP ID or the Roaming Group ID; or, The first information includes the SNPN ID and the priority information of the network that the terminal device needs to authenticate. The method according to claim 7, wherein the selecting an access and mobility management function according to the first information comprises: When the first information only includes the SNPN ID, select the access and mobility management function V-AMF in the non-public network V-SNPN independent of the visited network; or, When the first information includes the SNPN ID, and at least one parameter in the SP ID and the Roaming Group ID, select the access and mobility management function H-AMF in the home network; or, When the first information includes at least one parameter in the SP ID and the Roaming Group ID, select the access and mobility management function H-AMF in the home network; or, When the first information includes the independent non-public network identifier and the priority information of the network to be authenticated by the terminal device, according to the priority information of the network supported by the V-AMF and the H-AMF, select access and Mobile management functions. The method according to claim 8, wherein after selecting the access and mobility management function V-AMF in the non-public network V-SNPN independent of the visited network, the method further comprises: receiving a third message sent by the V-AMF, where the third message is used to instruct the wireless access network device to reselect the H-AMF; According to the third message, the H-AMF is selected. The method according to any one of claims 6 to 9, wherein the first message is used to indicate that the terminal device is authenticated successfully, and the first message includes at least one or more of the following parameters: the second indication information, the first SP ID, the first Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device and multiple externally authenticated Roaming Group IDs supported by the terminal device, Wherein, the second indication information is used to instruct the terminal device to access the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN Home network SP available for the V-SNPN. The method according to any one of claims 6 to 10, wherein the second message is used to inform the terminal device that authentication is successful, and the second message includes at least one or more of the following parameters: the second indication information, the first SP ID, the first Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device and multiple externally authenticated Roaming Group IDs supported by the terminal device, Wherein, the second indication information is used to instruct the terminal device to access the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN Home network SP available for the V-SNPN. The method according to any one of claims 6 to 9, wherein the first message is used to indicate a failure to authenticate the terminal device; the first message includes third indication information, the first message Three indication information is used to indicate that the terminal device fails to access the external authentication of the V-SNPN; The radio access network device releases the connection with the terminal device according to the first message. The method according to claim 12, wherein the second message is used to inform the terminal device that authentication fails, the second message includes the third indication information, and the third indication information is used for Indicates that the terminal device fails to access the external authentication of the V-SNPN. The method according to any one of claims 6 to 11, wherein the method further comprises: Send an initial terminal equipment UE message or an uplink non-access stratum NAS transmission message to the V-AMF, where the initial UE message or uplink NAS transmission message includes at least one or more of the following parameters: the fourth indication information, the first SP ID, the first Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device and multiple externally authenticated Roaming Group IDs supported by the terminal device, Wherein, the fourth indication information is used to instruct the terminal device to access the V-SNPN external authentication successfully, the first SP ID, the first Roaming Group ID is used to instruct the terminal device to access the V-SNPN Home network SP available for the V-SNPN. The method according to any one of claims 6 to 14, wherein before the receiving the access message sent by the terminal device, the method further comprises: Receive an NG setup request response message or an access network device RAN configuration update response message sent by the H-AMF, where the NG setup request response message or the RAN configuration update response message includes: The SNPN ID and the fifth indication information, the fifth indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication; or, The SNPN ID and one or more of the following parameters: the SP ID, the Roaming Group ID, the SP ID and the Roaming Group ID indicate that external authentication is performed through the network corresponding to the SP ID or the Roaming Group ID The SNPN identified by the accessible SNPN ID; or, The following next one or more parameters: SP ID or Roaming Group ID, the SP ID and the Roaming Group ID indicate the SP ID or Roaming Group ID supported by the H-AMF; or, The priority information of any one or more parameters in the SNPN ID, the SP ID and the Roaming Group ID. The method of claim 15, wherein the method further comprises: The NG setup request message or the RAN configuration update message sent to the H-AMF, where the NG setup request message or the RAN configuration update message includes: SNPN ID and fifth indication information, where the fifth indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication; or, SNPN ID and one or more of the following parameters: SP ID or Roaming Group ID, the SP ID or the Roaming Group ID indicates that the network identified by the SP ID or Roaming Group ID can be accessed by performing external authentication through the network corresponding to the SP ID or Roaming Group ID. SNPN; or, One or more of the following parameters: SP ID or Roaming Group ID, the SP ID or the Roaming Group ID indicates the SP ID or Roaming Group ID supported by the H-AMF. A terminal device, the terminal device accesses an independent non-public network V-SNPN, characterized in that it includes: a sending unit, configured to send an access message to a wireless access network device, where the access message includes first information, and the first information is used to inform the wireless access network device that the terminal device is authenticated by the home network to access the V-SNPN; A receiving unit, configured to receive a first message sent by the wireless access network device, where the first message is used to indicate success or failure of authentication to the terminal device. The terminal device according to claim 17, wherein, The first information includes one or more of the following parameters: Independent non-public network identification SNPN ID, home network identification SP ID, roaming group identification Roaming Group ID or first indication information, the first indication information is used to indicate the SNPN ID, the SP ID or the Roaming Group ID; or, The first information includes the SNPN ID and the priority information of the network that the terminal device needs to authenticate. The terminal device according to claim 17 or 18, wherein the first message is used to indicate that the terminal device is authenticated successfully, and the first message includes one or more of the following parameters: the second indication information, the first home SP ID, the first Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device and multiple externally authenticated Roaming Group IDs supported by the terminal device, Wherein, the second indication information is used to instruct the terminal device to access the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN Home network SP available for the V-SNPN. The terminal device according to claim 17 or 18, wherein the first message is used to indicate that authentication of the terminal device fails, and the first message includes third indication information, and the third indication information used to indicate that the terminal device fails to access the external authentication of the V-SNPN; The terminal device further includes a processing unit configured to delete one or more of the following parameters stored locally according to the first message: SNPN ID, SP ID, or Roaming Group ID. The terminal device according to any one of claims 17 to 20, wherein the sending unit is further configured to: Send an initial terminal equipment UE message or an uplink non-access stratum NAS transmission message to the access and mobility management function V-AMF in the visited network, where the initial UE message or uplink NAS transmission message includes one or more of the following parameters: the fourth indication information, the first SP ID, the first Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device and multiple externally authenticated Roaming Group IDs supported by the terminal device, Wherein, the fourth indication information is used to instruct the terminal device to access the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN Home network SP available for the V-SNPN. A wireless access network device, which is both a wireless access network device visiting an independent non-public network V-SNPN and a wireless access network device of a home network, characterized in that it includes: A receiving unit, configured to receive an access message sent by a terminal device, where the access message includes first information, and the first information is used to inform the wireless access network device that the terminal device is authenticated by the home network to receive access into the V-SNPN; a processing unit, configured to select an access and mobility management function AMF according to the first information, where the selected AMF is a V-AMF in a visited independent non-public network or an H-AMF in a home network; The receiving unit is further configured to receive a first message sent by the H-AMF, where the first message is used to indicate success or failure of authentication to the terminal device; A sending unit, configured to send a second message to the terminal device according to the first message, where the second message is used to inform the terminal device that authentication succeeds or fails. The wireless access network device according to claim 22, wherein, The first information includes one or more of the following parameters: an independent non-public network identifier SNPN ID, a home network identifier SP ID, a roaming group identifier Roaming Group ID, or first indication information, where the first indication information is used to indicate the the SNPN ID, the SP ID or the Roaming Group ID; or, The first information includes the independent SNPN ID and the priority information of the network that the terminal device needs to authenticate. The wireless access network device according to claim 23, wherein the selecting an access and mobility management function according to the first information comprises: When the first information only includes the SNPN ID, select the access and mobility management function V-AMF in the non-public network V-SNPN independent of the visited network; or, When the first information includes at least one parameter in the SNPN ID and the SP ID and the Roaming Group ID, select the access and mobility management function H-AMF in the home network; or, When the first information includes at least one parameter in the SP ID and the Roaming Group ID, select the access and mobility management function H-AMF in the home network; or, When the first information includes the independent non-public network identifier and the priority information of the network to be authenticated by the terminal device, according to the priority information of the network supported by the V-AMF and the H-AMF, select access and Mobile management functions. The wireless access network device according to claim 24, wherein: The receiving unit is further configured to: receive a third message sent by the V-AMF, where the third message is used to instruct the wireless access network device to reselect the H-AMF; The processing unit is further configured to: select the H-AMF according to the third message. The wireless access network device according to any one of claims 22 to 25, wherein the first message is used to indicate that the terminal device is authenticated successfully, and the first message includes one or more of the following parameters: the second indication information, the first SP ID, the first Roaming Group ID, a plurality of externally authenticated SP IDs supported by the terminal device, and a plurality of externally authenticated Roaming Group IDs supported by the terminal device, Wherein, the second indication information is used to instruct the terminal device to access the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN Home network SP available for the V-SNPN. The wireless access network device according to any one of claims 22 to 26, wherein the second message is used to inform the terminal device that authentication is successful, and the second message includes one or more of the following parameter: the second indication information, the first SP ID, the first Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device and multiple externally authenticated Roaming Group IDs supported by the terminal device, Wherein, the second indication information is used to instruct the terminal device to access the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN Home network SP available for the V-SNPN. The wireless access network device according to any one of claims 22 to 25, wherein the first message is used to indicate a failure to authenticate the terminal device; the first message includes third indication information , the third indication information is used to indicate that the terminal device fails to access the external authentication of the V-SNPN; The processing unit is further configured to release the connection with the terminal device according to the first message. The wireless access network device according to claim 28, wherein the second message is used to inform the terminal device that authentication fails, the second message includes the third indication information, and the third The indication information is used to indicate that the terminal device fails to access the external authentication of the V-SNPN. The wireless access network device according to any one of claims 22 to 27, wherein the wireless access network device further comprises: Send an initial terminal equipment UE message or an uplink non-access stratum NAS transmission message to the V-AMF, where the initial UE message or uplink NAS transmission message includes at least one or more of the following parameters: the fourth indication information, the first SP ID, the first Roaming Group ID, multiple externally authenticated SP IDs supported by the terminal device and multiple externally authenticated Roaming Group IDs supported by the terminal device, Wherein, the fourth indication information is used to instruct the terminal device to access the V-SNPN external authentication successfully, and the first SP ID and the first Roaming Group ID are used to instruct the terminal device to access the V-SNPN Home network SP available for the V-SNPN. The wireless access network device according to any one of claims 22 to 30, wherein the receiving unit is further configured to: Receive an NG setup request response message or a radio access network device RAN configuration update response message sent by the H-AMF, where the NG setup request response message or the RAN configuration update response message includes: The SNPN ID and the fifth indication information, the fifth indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication; or, The SNPN ID and one or more of the following parameters: the SP ID or the Roaming Group ID, the SP ID or the Roaming Group ID indicates that external authentication is performed through the network corresponding to the SP ID or the Roaming Group ID. access to the SNPN identified by the SNPN ID; or, One or more of the following parameters: SP ID or Roaming Group ID, which indicates the SP ID or Roaming Group ID supported by the H-AMF; or, The priority information of any one or more parameters in the SNPN ID, the SP ID and the Roaming Group ID. The wireless access network device according to claim 31, wherein the sending unit is further configured to: An NG setup request message or a RAN configuration update message sent to the H-AMF, where the NG setup request message or the RAN configuration update message includes: SNPN ID and fifth indication information, where the fifth indication information is used to indicate whether the SNPN identified by the SNPN ID supports access through external authentication; or, SNPN ID and one or more of the following parameters: SP ID or Roaming Group ID, the SP ID or the Roaming Group ID indicates that the network identified by the SP ID or Roaming Group ID can be accessed through external authentication through the network corresponding to the SP ID or Roaming Group ID. SNPN; or, One or more of the following parameters: SP ID or Roaming Group ID, the SP ID or the Roaming Group ID indicates the SP ID or Roaming Group ID supported by the H-AMF. A communication device comprising a processor connected to a memory for storing a computer program, the processor for executing the computer program stored in the memory to cause the device to perform as claimed in the claims The method of any one of 1 to 5, or the method of any one of 6 to 16. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program, when the computer program is executed, the method according to any one of claims 1 to 5 is implemented, or The method of any one of 6 to 16. A chip, characterized in that it includes a processor and an interface; The processor is adapted to read instructions to perform the method of any one of claims 1 to 5, or the method of any one of 6 to 16.

Images