CN101330761B - WIMAX system and access method thereof - Google Patents
WIMAX system and access method thereof Download PDFInfo
- Publication number
- CN101330761B CN101330761B CN2008101425304A CN200810142530A CN101330761B CN 101330761 B CN101330761 B CN 101330761B CN 2008101425304 A CN2008101425304 A CN 2008101425304A CN 200810142530 A CN200810142530 A CN 200810142530A CN 101330761 B CN101330761 B CN 101330761B
- Authority
- CN
- China
- Prior art keywords
- access
- authentication
- message
- default
- agw
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention relates to a WIMAX system and an access method thereof. The WIMAX system comprises an access service network gateway and a home authentication, authorization, and accounting server; the method comprises the following steps: a default network service provider option is configured in the access service network gateway of the WIMAX system; during the initialization access, if a network accessing identification message received by the access service network gateway is abnormal, the access service network gateway directly transmits an access request message to the home authentication, authorization, and accounting server corresponding to a default network service provider to perform authentication; according to an access response message returned by the home authentication, authorization, and accounting server, whether the home authentication, authorization, and accounting server supports default access is judged; if the home authentication, authorization, and accounting server supports the default access, the access is permitted. The WIMAX system supports a user to use the access of the default network service provider, thereby enhancing the access rate of the user.
Description
Technical field
The present invention relates to the communications field, relate in particular to a kind of WIMAX system and cut-in method thereof.
Background technology
Along with portable terminal (Mobile subscriber Station, MS) extensive use of the development of demand and wireless technology, inserting of microwave whole world interoperability (Worldwide Interoperability for MicrowaveAccess, WIMAX) development of technology is more and swifter and more violent, and prospect is more and more wide.
As shown in Figure 1, be the structure system schematic diagram of existing WIMAX system, the WIMAX system mainly is made of three partial logic entities, is respectively: MS, access service network (Access Service Network, ASN), connection service network (Connectivity Service Network, CSN).
Wherein, mainly comprise among the ASN base station (Base Station, BS) and access service network gateway (AccessService Network GateWay, ASN-GW are called for short AGW); Functions such as BS mainly provides RRM, power measurement and control, the compression of the data of eating dishes without rice or wine and encryption; AGW mainly provide assist to set up between high level and the MS three layers be connected, charging, tunnel management, location management, mobile management and transmit functions such as MS authentication, authorization message; Mainly comprise home agent (Home Agent among the CSN, HA), DHCP (Dynamic Host Configuration Protocol, DHCP) server and attribution authentication mandate charging (Authentication-Authorization-Accounting, AAA) server mainly provides functions such as charging, authentication, mandate, distributing IP address, internet service access.
When user's initialization inserts the WIMAX system, must carry NAI (Network Access Identifier, network access Identifier) message, the structure of NAI message is as follows:
...! ] { WiMAX-decoration}usernamerealm wherein, [RoutingRealm] part is optionally, is used for doing network selecting, and when not needing to carry out network selecting, this field does not need to carry; { the WiMAX-decoration} part also is an option, is used to show the different ability of MS; Username is a user ID; The realm of " " symbol back is the sign of the message access zone network that need be forwarded to, the i.e. NSP that disposes among the AGW (Network Service Provider, Internet Service Provider).
Under the normal condition, AGW must at first obtain the NSP information of carrying in the user NAI message in authentication, and this NSP must dispose in AGW, AGW just can find corresponding ownership aaa server that the user is carried out authentication like this, must guarantee that promptly the NSP that disposes among NSP that the user carries and the AGW is consistent.When the user carries unusual NAI message when inserting the WIMAX system, will cause the AGW can't authentication and to insert the WIMAX system unsuccessful.The situation that NAI is unusual can be divided into following several situation:
1.NAI do not carry NSP in the message;
2.NAI the NSP in the message does not have corresponding NSP configuration information in AGW, promptly do not have the NSP in the NAI message among the AGW.
Existing WIMAX system is in service, and terminal can't be obtained NSP information automatically, needs manual configuration, so just might go wrong.
Summary of the invention
Technical problem to be solved by this invention is, a kind of WIMAX system and cut-in method thereof are provided, even the invention enables under the controlled situation of network, the user also can insert the WIMAX system, thereby has improved user's access success rate.
A kind of method that inserts the WIMAX system, described method comprises:
The default NSP option of configuration in AGW;
When initialization inserts, if the NAI message that AGW receives is unusual, then AGW carries out authentication by the ownership aaa server transmission access request message to described default NSP correspondence, and judge according to the access response message that returns of ownership aaa server whether the ownership aaa server supports default access, if then allow to insert.
Described access request message carries default NSP access capability field, and described default NSP access capability field has unique identifier.
Carry default NSP access capability field in the described access response message, described default NSP access capability field has unique identifier.
Described method further comprises: if described ownership aaa server is supported default access, then AGW sends the authentication success message to MS, and sends successful key updating notification message to BS.
In this method, if described ownership aaa server is not supported default access, then AGW sends failed authentication message to MS, sends the key updating notification message simultaneously to BS.
In this method,, think that then it does not support default access if do not carry default NSP access capability field in the access response message that described ownership aaa server returns.
A kind of method that inserts the WIMAX system, described method comprises:
The default NSP option of configuration in AGW;
When initialization inserted, if the NAI message that AGW receives is unusual, the ownership aaa server that then AGW is corresponding with default NSP carried out authentication, the authentication success, and then initialization inserts successfully, otherwise, the initialization access failure.
If described authentication success, then AGW sends the authentication success message to MS, sends successful key updating notification message simultaneously to BS; If described failed authentication, then AGW sends failed authentication message to MS, sends the key updating notification message simultaneously to BS.
A kind of WIMAX system, comprise AGW and ownership aaa server, described AGW is used to dispose default NSP option, judge whether the NAI message that receives is unusual, ownership aaa server transmission access request message to described default NSP correspondence carries out authentication, and judges according to the access response message that described ownership aaa server returns whether described ownership aaa server supports default access; Described ownership aaa server is used to receive the access request message that described AGW sends, and according to described access request message described AGW is carried out authentication.
The present invention supports the user to use default NSP to insert under the controlled situation of network, has improved user's access rate.
Description of drawings
Fig. 1 is the structure system schematic diagram of existing WIMAX system;
Fig. 2 is the access authentication flow chart of the embodiment one of the method for the invention;
Fig. 3 is the access authentication flow chart of the embodiment two of the method for the invention.
Embodiment
Below in conjunction with accompanying drawing, preferred embodiment of the present invention is described in further detail.
WIMAX of the present invention system comprises: AGW and ownership aaa server, described AGW is used to dispose default NSP option, judge whether the NAI message that receives is unusual, ownership aaa server transmission access request message to described default NSP correspondence carries out authentication, and judges according to the access response message that described ownership aaa server returns whether described ownership aaa server supports default access; Described ownership aaa server is used to receive the access request message that described AGW sends, and according to described access request message described AGW is carried out authentication.
The present invention realizes that by two kinds of methods MS insert the WIMAX systems, below by drawings and Examples two kinds of methods is described in detail respectively.
As shown in Figure 2, be the access authentication flow chart of the embodiment one of the method for the invention; The described method of present embodiment is by being provided with default NSP and adding default NSP access capability field in message in AGW, when MS carries unusual NAI access, the ownership aaa server that AGW is corresponding with default NSP is held consultation, reach and under controlled situation, support the user to use default NSP to insert, in the present embodiment, AGW sends to the access request message of ownership aaa server and ownership aaa server and returns in the access response message of AGW and all have default NSP access capability field, and described default NSP access capability field has unique identifier, specifically may further comprise the steps:
Step S201: default NSP option is set in AGW;
Step S202: authentication capability is consulted, and specifically comprises:
1:MS initiates pre-Attach Request message by BS to AGW and carries out the authentication capability negotiation;
The response message that adheres in advance that 2:AGW replys is successfully given BS;
3:BS replys and adheres to acknowledge message in advance to AGW, and the affirmation authentication capability is consulted successfully;
4:AGW sends EAP (extended authentication agreement) authentication-id request message to MS after receiving the successful affirmation message of authentication capability negotiation, begins to carry out authentication;
Step S203:AGW obtains the NSP parameter among the NAI from EAP authentication-id response message of receiving;
Step S204:AGW analyzes this NSP, if this legal NSP does not exist in AGW, perhaps NAI does not carry NSP, be that NSP is unusual, then the ownership aaa server that points to default NSP of AGW sends and carries the access request message that is designated 5 default NSP access capability field, and execution in step S205;
In the present embodiment, described default NSP access capability field is added in the WIMAXCapability attribute that inserts request message, and the existing field that agreement is clear and definite in this attribute has following 4:
1=WIMAX Release--WIMAX version
2=Accounting Capabilities--charging ability
3=Hotl ining Capabilities--hot line ability
4=Idle Mode Notification Capabilities--idle mode notification ability
So in the present embodiment, increasing a field in WIMAX Capability is the default NSP access capability of 5=Default NSPAccess Capabilities--, the identifier of this field is 5, length is 3 bytes, send in the access request message of ownership aaa server and the access response message that returns of ownership aaa server and all carry this field, in the interaction message of HA server and ownership aaa server, can carry, this field has two value: 0x00 to represent not support default NSP to insert, and 0x01 expresses support for default NSP and inserts.
Step S205:AGW judges according to the access response message that returns of ownership aaa server whether the ownership aaa server supports default NSP to insert, if, execution in step S206 then; Otherwise, execution in step S207; This step specifically comprises:
1), the ownership aaa server carries out the EAP authentication, and returns authentication and insert response message to AGW;
2), AGW parses WiMAXCapability from the authentication access response message that the ownership aaa server returns;
3), if being designated 5 default NSP access capability field value in the WiMAX Capability attribute is 0x01, execution in step S206 then; Be 0x00 or do not carry default NSP access capability field, then execution in step S207 as if the default NSP access capability field value that is designated 5 in the WiMAX Capability attribute;
Step S206:AGW sends the authentication success message to MS, and sends successful key updating notification message to BS, shows that this inserts successfully;
Step S207:AGW sends EAP failed authentication message and issues MS, the EAP Payload attribute of described EAP failed authentication message is designated as failure, send the key updating notification message simultaneously and send to BS, the Failure Indication attribute of described key updating notification message is 49 indication failed authentications, shows this access failure.
As shown in Figure 3, be the access authentication flow chart of the embodiment two of the method for the invention; This method realizes that by dispose default NSP at AGW default NSP inserts, and compares with said method, and AGW need not to consult with belonging to aaa server in this method, specifically may further comprise the steps:
Step S301: default NSP option is set in AGW;
Step S302: authentication capability is consulted, and specifically comprises:
A:MS initiates pre-Attach Request message by BS to AGW and carries out the authentication capability negotiation;
The response message that adheres in advance that B:AGW replys is successfully given BS;
C:BS replys and adheres to acknowledge message in advance to AGW, and the affirmation authentication capability is consulted successfully;
D:AGW sends EAP (extended authentication agreement) authentication-id request message to MS after receiving the successful affirmation message of authentication capability negotiation, begins to carry out authentication;
Step S303: after AGW receives EAP authentication-id response message, from this message, obtain the NSP parameter among the NAI;
Step S304:AGW analyzes this NSP, if this legal NSP does not exist in AGW, does not perhaps carry NSP among the NAI, and promptly NSP is unusual, and then AGW inserts request message, execution in step S305 to the ownership aaa server transmission that default NSP points to;
Step S305: the ownership aaa server carries out the EAP authentication, authentication success, execution in step S306 then, otherwise execution in step S307;
Step S306:AGW sends the authentication success message to MS, and sends successful key updating notification message and send to BS, shows that this inserts successfully;
Step S307:AGW sends EAP failed authentication message and issues MS, the EAP Payload attribute of described EAP failed authentication message is designated as failure, send the key updating notification message simultaneously and send to BS, the Failure Indication attribute of described key updating notification message is 49 indication failed authentications, shows this access failure.
More than comparatively detailed at the description of preferred embodiment; but can not therefore think limitation of the present invention; all and disclosed principle is similarly implemented, and all in protection scope of the present invention, protection scope of the present invention should be as the criterion with claims.
Claims (6)
1. a method that inserts the WIMAX system is characterized in that, described method comprises:
The default Internet Service Provider's option of configuration in access service network gateway;
When initialization inserts, if the network access Identifier message that access service network gateway receives is unusual, then access service network gateway carries out authentication by the attribution authentication mandate accounting server transmission access request message to described default Internet Service Provider's correspondence, and judge according to the access response message that attribution authentication mandate accounting server returns whether attribution authentication mandate accounting server supports default access, if then allow to insert; Described access request message carries default Internet Service Provider's access capability field, and described default Internet Service Provider's access capability field has unique identifier; Carry default Internet Service Provider's access capability field in the described access response message, described default Internet Service Provider's access capability field has unique identifier.
2. the method that inserts the WIMAX system as claimed in claim 1, it is characterized in that, described method further comprises: if described attribution authentication mandate accounting server is supported default access, then access service network gateway sends the authentication success message to portable terminal, and sends successful key updating notification message to the base station.
3. the method that inserts the WIMAX system as claimed in claim 2, it is characterized in that, in this method, if described attribution authentication mandate accounting server is not supported default access, then access service network gateway sends failed authentication message to portable terminal, sends the key updating notification message simultaneously to the base station.
4. the method that inserts the WIMAX system as claimed in claim 1, it is characterized in that, in this method,, think that then it does not support default access if do not carry default Internet Service Provider's access capability field in the access response message that described attribution authentication mandate accounting server returns.
5. a method that inserts the WIMAX system is characterized in that, described method comprises:
The default Internet Service Provider's option of configuration in access service network gateway;
When initialization inserted, if the network access Identifier message that access service network gateway receives is unusual, the attribution authentication mandate accounting server that then access service network gateway is corresponding with default Internet Service Provider carried out authentication, the authentication success, then initialization inserts successfully, otherwise, the initialization access failure; Specifically comprise:
Step S301: default NSP option is set in AGW;
Step S302: authentication capability is consulted, and specifically comprises:
A:MS initiates pre-Attach Request message by BS to AGW and carries out the authentication capability negotiation;
The response message that adheres in advance that B:AGW replys is successfully given BS;
C:BS replys and adheres to acknowledge message in advance to AGW, and the affirmation authentication capability is consulted successfully;
D:AGW sends EAP authentication-id request message to MS after receiving the successful affirmation message of authentication capability negotiation, begins to carry out authentication;
Step S303: after AGW receives EAP authentication-id response message, from this message, obtain the NSP parameter among the NAI;
Step S304:AGW analyzes this NSP, if this legal NSP does not exist in AGW, does not perhaps carry NSP among the NAI, and promptly NSP is unusual, and then AGW inserts request message, execution in step S305 to the ownership aaa server transmission that default NSP points to;
Step S305: the ownership aaa server carries out the EAP authentication, authentication success, execution in step S306 then, otherwise execution in step S307;
Step S306:AGW sends the authentication success message to MS, and sends successful key updating notification message to BS, shows that this inserts successfully;
Step S307:AGW sends EAP failed authentication message and issues MS, the EAP Payload attribute of described EAP failed authentication message is designated as failure, send the key updating notification message simultaneously to BS, the Failure Indication attribute of described key updating notification message is 49 indication failed authentications, shows this access failure.
6. a WIMAX system comprises access service network gateway and attribution authentication mandate accounting server, it is characterized in that,
Described access service network gateway is used to dispose default Internet Service Provider's option, judge whether the network access Identifier message that receives is unusual, attribution authentication mandate accounting server transmission access request message to described default Internet Service Provider's correspondence carries out authentication, and judges according to the access response message that described attribution authentication mandate accounting server returns whether described attribution authentication mandate accounting server supports default access; Described access request message carries default Internet Service Provider's access capability field, and described default Internet Service Provider's access capability field has unique identifier; Carry default Internet Service Provider's access capability field in the described access response message, described default Internet Service Provider's access capability field has unique identifier;
Described attribution authentication mandate accounting server is used to receive the access request message that described access service network gateway sends, and according to described access request message described access service network gateway is carried out authentication.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101425304A CN101330761B (en) | 2008-07-25 | 2008-07-25 | WIMAX system and access method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101425304A CN101330761B (en) | 2008-07-25 | 2008-07-25 | WIMAX system and access method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101330761A CN101330761A (en) | 2008-12-24 |
| CN101330761B true CN101330761B (en) | 2011-12-28 |
Family
ID=40206293
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008101425304A Expired - Fee Related CN101330761B (en) | 2008-07-25 | 2008-07-25 | WIMAX system and access method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101330761B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102571729A (en) * | 2010-12-27 | 2012-07-11 | 方正宽带网络服务股份有限公司 | Internet protocol version (IPV)6 network access authentication method, device and system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007131883A1 (en) * | 2006-05-12 | 2007-11-22 | Siemens Aktiengesellschaft | Method and device for diversion of messages on a mobile terminal |
| CN101184338A (en) * | 2007-12-17 | 2008-05-21 | 华为技术有限公司 | User access method and gateway equipment in WIMAX system |
-
2008
- 2008-07-25 CN CN2008101425304A patent/CN101330761B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007131883A1 (en) * | 2006-05-12 | 2007-11-22 | Siemens Aktiengesellschaft | Method and device for diversion of messages on a mobile terminal |
| CN101184338A (en) * | 2007-12-17 | 2008-05-21 | 华为技术有限公司 | User access method and gateway equipment in WIMAX system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101330761A (en) | 2008-12-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3629613B1 (en) | Network verification method, and relevant device and system | |
| CN102017677B (en) | Access through non-3GPP access networks | |
| JP5629788B2 (en) | Facilitating authentication of access terminal identification information | |
| CN101843145B (en) | A system and method for reselection of a packet data network gateway when establishing connectivity | |
| CN112020869B (en) | Unified subscription identifier management in a communication system | |
| US9730056B2 (en) | System, method, and apparatus for facilitating selection of a serving node | |
| US9473877B2 (en) | Uplink/downlink transmission method for small amount of data, and corresponding terminal and mobility management unit | |
| EP3614741A1 (en) | Processing apparatus for terminal access to 3gpp network and communication system | |
| EP2712141A1 (en) | Method, system and device for authenticating ip phone and negotiating voice field | |
| US20170155650A1 (en) | Method, Device and System for Obtaining Local Domain Name | |
| CN112003912A (en) | Method for authenticating NF (network node protocol) by SEPP (session initiation protocol) in 5G core network | |
| US11109219B2 (en) | Mobile terminal, network node server, method and computer program | |
| CN101330761B (en) | WIMAX system and access method thereof | |
| CN102056168A (en) | Access method and device | |
| US8953636B2 (en) | End-to-end feature support signaling | |
| CN101472261B (en) | Method for customer equipment to access business network | |
| CN101800968B (en) | Establishing method of data path actively launched by mobile terminal and ASN | |
| CN106060030A (en) | Wireless hotspot connection verification method and mobile terminal | |
| KR101291183B1 (en) | Methods and apparatus for service provisioning in wireless communication networks | |
| EP4346258A1 (en) | Secure user equipment policy data in a communication network environment | |
| CN101483634B (en) | Method and apparatus for triggering reidentification | |
| CN101640877B (en) | Switch method and switch device for WiMAX system | |
| CN101472257B (en) | Method ,system and device for triggering authentication | |
| CN104185303A (en) | Methods and systems for establishing channel in fixed and mobile network convergence case | |
| CN109219041A (en) | Connection control method and mobile management entity |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20111228 Termination date: 20190725 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |