CN103731830A

CN103731830A - Device-to-device communication management and check method, device and system

Info

Publication number: CN103731830A
Application number: CN201210387229.6A
Authority: CN
Inventors: 梁爽; 甘露; 宗在峰; 朱春晖
Original assignee: ZTE Corp
Current assignee: ZTE Corp
Priority date: 2012-10-12
Filing date: 2012-10-12
Publication date: 2014-04-16
Also published as: WO2014056449A1

Abstract

The invention discloses a D2D communication management and check method, device and system. The management method includes the steps that a D2D server acquires a real ID and/or an application layer ID of a terminal and a D2D communication restriction list of the terminal, wherein the D2D server is used for D2D finding check; the D2D communication restriction list of the terminal and the real ID and/or the application layer ID are managed by the D2D server. Through the D2D communication management and check method, device and system, the problem that in relevant technologies, identification existing in the D2D service cannot be managed by the network side, and the capacity for managing the D2D communication service by the network side is improved.

Description

The management of device-to-device communication and method of calibration, Apparatus and system

Technical field

The present invention relates to the communications field, the management of communicating by letter in particular to a kind of device-to-device (Device to Device, referred to as D2D) and method of calibration, Apparatus and system.

Background technology

In order to keep 3-G (Generation Three mobile communication system) in the competitiveness of the communications field, for user provides, speed is faster, lower, the more personalized Mobile Communication Service of time delay, simultaneously, reduce the operation cost of operator, third generation partner program (3rd Generation Partnership Project, referred to as 3GPP) standard operation group is just being devoted to the research of evolved packet system (Evolved Packet System, referred to as EPS).Fig. 1 is according to the configuration diagram of the evolution grouping domain system of correlation technique, and as shown in Figure 1, whole EPS system is divided into wireless access network and core net two parts.In core net, comprised home subscriber server (Home Subscriber Server, referred to as HSS), Mobility Management Entity (Mobility Management Entity, referred to as MME), service general grouping service wireless (General Packet Radio Service, referred to as GPRS) support node (Serving GPRS Support Node, referred to as SGSN), policy charging rule function (Policy and Charging Rule Function, referred to as PCRF), gateway (Serving Gateway, referred to as S-GW), packet data gateway (PDN Gateway, referred to as P-GW) and packet data network (Packet Data Network, referred to as PDN).Below detailed functions:

Home subscriber server (HSS), all functions that comprised attaching position register (Home Location Register, referred to as HLR), are the permanent storage places of user contracting data, are positioned at the signing home network of user.

Mobility Management Entity, be user contracting data at the storage place of current network, be responsible for the Non-Access Stratum signaling management of terminal to network, the mobile management of the safety verification function of terminal, terminal, the tracking under user's idle pulley and paging management function and bearer management.

Serving GPRS Support Node (Serving GPRS Support Node, referred to as SGSN), be the business support point of GERAN and UTRAN user access core network network, similar with Mobility Management Entity in function, be responsible for user's the functions such as position renewal, paging management and bearer management.

Gateway, is the gateway that core net arrives wireless system, is responsible for terminal to the user plane bearer of core net, the data buffer storage under terminal idle pulley, function, Lawful Interception and packet routing and the forwarding capability of network side initiating business request; Gateway is responsible for the situation that counting user terminal is used wireless network, and produces the ticket that terminal is used wireless network, sends charging gateway to.

Packet data gateway, it is the gateway of evolution system and this system external packet data network, it is connected on internet and packet data network, the functions such as Internet protocol (Internet Protocol, referred to as the IP) address assignment of responsible terminal, billing function, grouping packet filtering, policy control.

GGSN (Gateway GPRS Support Node; referred to as GGSN); the edge routing function of supporting GPRS network, GGSN is responsible for the data of GPRS network to carry out routing forwarding, and by fire compartment wall and filtering function, protects the integrality of GPRS network data.GGSN also has billing function.

The repertoire that PGW has comprised GGSN, can think that GGSN, as a subfunction of PGW, is embedded in PGW.Therefore SGSN can directly be connected with PGW, uses Gn/Gp interface.

Packet data network, is the IP operation network of operator, and this network is served for user provides IP by the core net of operator.

Policy charging rule functional entity is the server of being responsible for providing charging control, online credit control, thresholding control, service quality (Quality of Service, referred to as QoS) tactful aspect rule in evolution system.

Wireless access network, by evolution base station (E-UTRAN NodeB, referred to as eNB) and 3G radio network controller (Radio Network Control, referred to as RNC) form, it is mainly responsible for the transmitting-receiving of wireless signal, by air interface and terminal, contact Radio Resource, scheduling of resource, the access control of management air interface.

When two terminals communicate by EPS network, two terminals need to be distinguished EPS and set up carrying.But consider the fast development of intelligent terminal and various mobile Internet businesss, a lot of business wish can find the friend who closes on and communicate, and have therefore expedited the emergence of D2D(Device to Device) business.Fig. 2 is the schematic diagram communicating according to the terminal of the support D2D function of correlation technique, as shown in Figure 2, when two terminal locations approach, two terminals can direct communication, the data path of its connection can not rap around to core net, reduce the roundabout of data route on the one hand, also reduced on the other hand network data load, therefore obtained the attention of a lot of operators.

In the middle of D2D business is used, the user of not all close together can communicate mutually, user can be by setting some rules, guarantee the privacy of oneself, for example user can set oneself whether can be found by other people, whether can be found by specific user,, whether can find specific user etc.And these checkings need to identify to assist terminal to complete based on some at network side.And in D2D business, have multiple different sign, and in D2D communication, these signs can't be passed through network side, therefore how network side is managed these different signs and according to which user ID, terminal is carried out to verification and management, all indefinite in correlation technique.

For network side in correlation technique, cannot manage the problem of the sign existing in D2D business, not yet propose at present effective solution.

Summary of the invention

For network side in correlation technique, cannot manage the problem of the sign existing in D2D business, the invention provides a kind of management and checkschema of D2D communication, at least to address the above problem.

According to an aspect of the present invention, provide a kind of management method of D2D communication, having comprised: D2D server obtains true ID and/or the application layer ID of terminal, and the D2D of described terminal communication restriction list, wherein, described D2D server is found checking for D2D; The D2D communication restriction list of described D2D server to described terminal, and true ID and/or application layer ID manage.

Preferably, the D2D communication restriction list that D2D server obtains described terminal comprises: described D2D server obtains the D2D communication restriction list of described terminal according to described true ID and/or application layer ID.

Preferably, the D2D communication restriction list that described D2D server obtains described terminal according to described true ID and/or application layer ID comprises: described D2D server obtains described true ID and/or D2D communication restriction list corresponding to application layer ID from the MME of described terminal; Or described D2D server is downloaded described user's subscription data according to described true ID and/or application layer ID to HSS/HLR, wherein, in described subscription data, comprise the D2D communication restriction list of described terminal; Or described D2D server is downloaded described user's D2D communication restriction list according to described true ID and/or application layer ID to application server.

Preferably, download described user's D2D communication restriction list to application server according to described true ID and/or application layer ID at described D2D server before, also comprise: described D2D server, according to the D2D communication restriction list that whether allows to download to described application server described terminal in subscription data, judges whether to download to described application server the D2D communication restriction list of described terminal.

Preferably, D2D server obtains terminal true ID and/or application layer ID comprise: described true ID and/or application layer ID that described D2D server obtains described terminal from MME or the PGW of described terminal.

Preferably, described true ID and/or application layer ID that described D2D server obtains described terminal from the MME of described terminal comprise: described D2D server receives the registration request from described MME, wherein, in described registration request, carry described true ID and/or the application layer ID of described terminal.

Preferably, described true ID and/or application layer ID that described D2D server obtains described terminal from the MME of described terminal comprise: described D2D server is initiated identification request message according to the temporary mark of described terminal to the serving MME of described terminal, wherein, described temporary mark is that described MME is the GUTI of described terminal distribution; Described D2D server receives the identification response message from described MME, wherein, carries described true ID and/or the application layer ID of described terminal in described identification response message.

Preferably, described D2D server obtains described terminal from the PGW of described terminal described true ID and/or application layer ID comprise: described D2D server is initiated identification request message according to the IP address of described terminal to the PGW of described terminal; Described D2D server receives the identification response message from described PGW, wherein, carries described true ID and/or the application layer ID of described terminal in described identification response message.

Preferably, described method also comprises: described D2D server obtains the discovery ID of described terminal, and wherein, described discovery ID is for the D2D communication restriction list in terminal described in described D2D whois lookup; Described D2D server manages described discovery ID.

Preferably, the discovery ID of described terminal comprise following one of at least: described terminal is filled complete discovery ID; Described terminal is filled the discovery ID of base station assigns, and by base station, in repeating process, is filled ID or the current place of the described UE community ID of described base station; Complete discovery ID is filled in described base station.

According to a further aspect in the invention, a kind of method of calibration of D2D communication is provided, comprise: the 2nd D2D server receives the first checking request, wherein, in described the first checking request, carry true ID and/or the application layer ID of first terminal, and the discovery ID of the second terminal, in described the 2nd D2D server, preserve the context of described the second terminal; Described the 2nd D2D server is inquired about the D2D communication restriction list of described the second terminal according to the discovery ID of described the second terminal; Described the 2nd D2D server verifies according to the D2D communication restriction list of described the second terminal and true ID and/or the application layer ID of described first terminal whether described the second terminal allows to find described first terminal or found by described first terminal; Described the 2nd D2D server returns to the first auth response, wherein carries described the 2nd D2D server authentication result.

Preferably, before the 2nd D2D server receives the first checking request, also comprise: a D2D server receives the second checking request, wherein, in described the second checking request, carry the discovery ID of first terminal, in a described D2D server, preserve the context of described first terminal; A described D2D server is inquired about true ID and/or the application layer ID of described first terminal according to the discovery ID of described first terminal; A described D2D server is filled true ID and/or the application layer ID of first terminal in described the first checking request, and described the first checking request is sent to described the 2nd D2D server.

Preferably, a described D2D server receives second and verifies that request comprises: a described D2D server receives the second checking request from the serving BS/PGW/MME of described first terminal or the second terminal.

Preferably, after the 2nd D2D server receives the first checking request, also comprise: described the 2nd D2D server is inquired about true ID and/or the application layer ID of described the second terminal according to the discovery ID of described the second terminal; Described the 2nd D2D server sends the first auth response to a described D2D server, wherein carries true ID and/or the application layer ID of described the second terminal; A described D2D server verifies according to the D2D communication restriction list of first terminal and true ID and/or the application layer ID of described the second terminal whether described first terminal allows to find described the second terminal or found by described the second terminal.

Preferably, after judging according to the true ID of the D2D communication restriction list of first terminal and described the second terminal and/or application layer ID at a described D2D server whether described first terminal allows to find described the second terminal or found by described the second terminal, also comprise: a described D2D server returns to the second auth response to the initiator of described the second checking request, wherein, in described the second auth response, carry described the 2nd D2D server authentication result and/or a D2D server authentication result.

Preferably, a described D2D server returns to the second auth response to the initiator of described the second checking request and comprises: a described D2D server to described first or the serving BS of the second terminal return to described the second auth response; Or a described D2D server returns to described the second auth response by PGW to first terminal; Or a described D2D server returns to described the second auth response by MME to the serving BS of described first terminal.

Preferably, a described D2D server returns to the second auth response to the serving BS of described first terminal or the second terminal, also comprises: described base station sends discovery list according to described the second auth response to described first terminal and/or the second terminal.

In accordance with a further aspect of the present invention, the management devices that a kind of D2D communication is provided, is arranged in the D2D server of finding checking for D2D, comprising: acquisition module, for obtaining true ID and/or the application layer ID of terminal, and the D2D of described terminal communication restriction list; Administration module, for the D2D communication restriction list to described terminal, and true ID and/or application layer ID manage.

In accordance with a further aspect of the present invention, a kind of calibration equipment of D2D communication is also provided, be arranged in the 2nd D2D server, comprise: the first receiver module, be used for receiving the first checking request, wherein, in described the first checking request, carry true ID and/or the application layer ID of first terminal, and the discovery ID of the second terminal, in described the 2nd D2D server, preserve the context of described the second terminal; The first enquiry module, for inquiring about the D2D communication restriction list of described the second terminal according to the discovery ID of described the second terminal; The first authentication module, for verifying according to the D2D communication restriction list of described the second terminal and true ID and/or the application layer ID of described first terminal whether described the second terminal allows to find described first terminal or found by described first terminal; The first respond module, for returning to the first auth response, wherein carries described the 2nd D2D server authentication result.

According to also one side of the present invention, a kind of check system of D2D communication is provided, comprise the above-mentioned calibration equipment that is positioned at the 2nd D2D server, also comprise the calibration equipment that is positioned at a D2D server, wherein, the calibration equipment of a described D2D server comprises: the second receiver module, be used for receiving the second checking request, wherein, in described the second checking request, carry the discovery ID of first terminal, in a described D2D server, preserve the context of described first terminal; The second enquiry module, for inquiring about true ID and/or the application layer ID of described first terminal according to the discovery ID of described first terminal; The first sending module, for fill true ID and/or the application layer ID of first terminal in described the first checking request, and sends to described the 2nd D2D server by described the first checking request.

Preferably, described in be positioned at the 2nd D2D server calibration equipment also comprise: the 3rd enquiry module, for inquire about true ID and/or the application layer ID of described the second terminal according to the discovery ID of described the second terminal; The second sending module, for sending the first auth response to a described D2D server, wherein carries true ID and/or the application layer ID of described the second terminal; The described calibration equipment that is positioned at a D2D server also comprises: the 3rd receiver module, for receiving described the first auth response; The second authentication module, for verifying according to the D2D communication restriction list of first terminal and true ID and/or the application layer ID of described the second terminal whether described first terminal allows to find described the second terminal or found by described the second terminal.

Preferably, the described calibration equipment that is positioned at a D2D server also comprises: the second respond module, for the initiator to described the second checking request, return to the second auth response, wherein, in described the second auth response, carry described the 2nd D2D server authentication result and/or a D2D server authentication result.

By the present invention, employing D2D server obtains true ID and/or the application layer ID of terminal, and the D2D of terminal communication restriction list, and wherein, this D2D server is found to verify for D2D; The D2D communication restriction list of D2D server to terminal, and the mode that manages of true ID and/or application layer ID, solve network side in correlation technique and cannot manage the problem of the sign existing in D2D business, promoted the managerial ability of network side to D2D communication service.

Accompanying drawing explanation

Accompanying drawing described herein is used to provide a further understanding of the present invention, forms the application's a part, and schematic description and description of the present invention is used for explaining the present invention, does not form inappropriate limitation of the present invention.In the accompanying drawings:

Fig. 1 is according to the configuration diagram of the evolution grouping domain system of correlation technique;

Fig. 2 is the schematic diagram communicating according to the terminal of the support D2D function of correlation technique;

Fig. 3 is according to the flow chart of the management method of the D2D communication of the embodiment of the present invention;

Fig. 4 is according to the structured flowchart of the management devices of the D2D communication of the embodiment of the present invention;

Fig. 5 is according to the flow chart of the method for calibration of the D2D communication of the embodiment of the present invention;

Fig. 6 is according to the structured flowchart of the calibration equipment of the D2D communication of the embodiment of the present invention;

Fig. 7 is according to the structured flowchart of the check system of the D2D communication of the embodiment of the present invention;

Fig. 8 is according to the preferred structure block diagram one of the check system of the D2D communication of the embodiment of the present invention;

Fig. 9 is according to the preferred structure block diagram two of the check system of the D2D communication of the embodiment of the present invention;

Figure 10 is the schematic diagram of the execution mode registered by eNB according to the D2D user of the embodiment of the present invention one;

Figure 11 is the schematic diagram of the execution mode registered by PGW according to the D2D user of the embodiment of the present invention two;

Figure 12 is the schematic diagram of the execution mode registered by MME according to the D2D user of the embodiment of the present invention three;

Figure 13 is the schematic diagram of one of execution mode of verifying by eNB according to the D2D user of the embodiment of the present invention four;

Figure 14 is two schematic diagram of the execution mode verified by eNB according to the D2D user of the embodiment of the present invention five;

Figure 15 is the schematic diagram of one of execution mode of verifying by PGW according to the D2D user of the embodiment of the present invention six;

Figure 16 is two schematic diagram of the execution mode verified by PGW according to the D2D user of the embodiment of the present invention seven;

Figure 17 is the schematic diagram of one of execution mode of verifying by MME according to the D2D user of the embodiment of the present invention eight;

Figure 18 is two schematic diagram of the execution mode verified by MME according to the D2D user of the embodiment of the present invention nine.

Embodiment

Hereinafter with reference to accompanying drawing, also describe the present invention in detail in conjunction with the embodiments.It should be noted that, in the situation that not conflicting, embodiment and the feature in embodiment in the application can combine mutually.

In the present embodiment, provide a kind of management method of D2D communication, Fig. 3 is that as shown in Figure 3, the method comprises the steps: according to the flow chart of the management method of the D2D communication of the embodiment of the present invention

Step S302, D2D server obtains true identity (ID) and/or the application layer ID of terminal, and the D2D of terminal communication restriction list, and wherein, this D2D server is found checking for D2D;

Step S304, the D2D communication restriction list of D2D server to terminal, and true ID and/or application layer ID manage.

The present embodiment passes through above-mentioned steps, at network side, be provided with the D2D server of finding checking for D2D, the true ID(that gets terminal at D2D server for example, IMSI/MSISDN number) and/or application layer ID, and after the D2D of terminal communication restriction list, D2D server is to the above-mentioned true ID of terminal and/or application layer ID, and the D2D of terminal communication restriction list manages, because the identity management that D2D business is existed is on the D2D of network side server, make network side in D2D communication process, can realize the centralized management to sign, solve network side in correlation technique and cannot manage the problem of the sign that exists in D2D business, promoted the managerial ability of network side to D2D communication service.

As a kind of preferred implementation, D2D server can obtain according to above-mentioned true ID and/or application layer ID the D2D communication restriction list of terminal.For example, D2D server can obtain true ID and/or D2D communication restriction list corresponding to application layer ID from the MME of terminal; Or, D2D server also can be according to true ID and/or application layer ID the subscription data to HSS/HLR download user, wherein, in this subscription data, comprise the D2D communication restriction list of terminal; Or D2D server can also be downloaded this user's D2D communication restriction list according to true ID and/or application layer ID to application server.In this way, promoted the flexibility that D2D server obtains the D2D communication restriction list of terminal.

Preferably, at D2D server according to true ID and/or application layer ID to before the D2D communication restriction list of application server download user, D2D server can be according to the D2D communication restriction list whether allowing in subscription data to application server download terminal, judging whether need to be to the D2D communication restriction list of application server download terminal, for example, in the situation that allow the D2D communication restriction list to application server download terminal in subscription data, can download to application server, otherwise, can to application server, not download, but adopt other modes.

Preferably, D2D server can obtain terminal from MME or the PGW of terminal true ID and/or application layer ID.Wherein, application layer ID is added by UE, and the path transmission by MME or PGW is to D2D server, or may be also that MME or PGW add voluntarily.

Preferably, from the MME of terminal, obtain the true ID of terminal and/or the mode of application layer ID can be: D2D server receives the registration request from MME, wherein, the true ID of carried terminal and/or application layer ID in this registration request.Or, can be also: D2D server is initiated identification request message according to the temporary mark of terminal to the serving MME of terminal, and wherein, this temporary mark is that MME is the global unique temporary identity (GUTI) of terminal distribution; D2D server receives the identification response message from MME, wherein, carries true ID and/or the application layer ID of terminal in this identification response message.

Preferably, from the PGW of terminal, obtain the true ID of terminal and/or the mode of application layer ID can be: D2D server is initiated identification request message according to the IP address of terminal to the PGW of terminal; D2D server receives the identification response message from PGW, wherein, carries true ID and/or the application layer ID of terminal in this identification response message.

As a kind of preferred implementation, D2D server can also obtain the discovery ID of terminal, and this discovery ID is managed, and wherein, this finds that ID is for the D2D communication restriction list in D2D whois lookup terminal.Certainly, also can search with true ID and/or application layer ID the D2D communication restriction list of terminal.

Preferably, the discovery ID of terminal directly fills complete by terminal; Or, also can be filled by terminal the discovery ID of base station assigns, and by base station, in repeating process, be filled the ID of base station or the ID of community, the current place of UE; Or, can also directly fill complete by base station.

Management method corresponding to above-mentioned D2D communication, a kind of management devices of device-to-device D2D communication is provided in the present embodiment, be arranged in the D2D server of finding checking for D2D, this device is used for realizing above-described embodiment and preferred implementation, has carried out repeating no more of explanation.As used below, the combination of software and/or the hardware of predetermined function can be realized in term " module ".Although the described device of following examples is preferably realized with software, hardware, or the realization of the combination of software and hardware also may and be conceived.

Fig. 4 is that as shown in Figure 4, this device comprises: acquisition module 42 and administration module 44, be elaborated to modules below according to the structured flowchart of the management devices of the D2D communication of the embodiment of the present invention.

Acquisition module 42, for obtaining true ID and/or the application layer ID of terminal, and the D2D of terminal communication restriction list; Administration module 44, is connected with acquisition module 42, and for the D2D communication restriction list of terminal that acquisition module 42 is got, and true ID and/or application layer ID manage.

The present embodiment is by above-mentioned module, at network side, be provided with the D2D server of finding checking for D2D, the true ID(that gets terminal at the acquisition module 42 of D2D server for example, IMSI/MSISDN number) and/or application layer ID, and after the D2D of terminal communication restriction list, above-mentioned true ID and/or the application layer ID of 44 pairs of terminals of administration module of D2D server, and the D2D of terminal communication restriction list manages, because the identity management that D2D business is existed is on the D2D of network side server, make network side in D2D communication process, can realize the centralized management to sign, solve network side in correlation technique and cannot manage the problem of the sign that exists in D2D business, promoted the managerial ability of network side to D2D communication service.

A kind of method of calibration of device-to-device D2D communication is also provided in the present embodiment, and Fig. 5 is that as shown in Figure 5, the method comprises the steps: according to the flow chart of the method for calibration of the D2D communication of the embodiment of the present invention

Step S502, the 2nd D2D server receives the first checking request, wherein, carries true ID and/or the application layer ID of first terminal in the first checking request, and the discovery ID of the second terminal, preserves the context of the second terminal in the 2nd D2D server;

Step S504, the 2nd D2D server is inquired about the D2D communication restriction list of the second terminal according to the discovery ID of the second terminal;

Step S506, the 2nd D2D server verifies according to the D2D communication restriction list of the second terminal and true ID and/or the application layer ID of first terminal whether the second terminal allows to find first terminal or found by first terminal;

Step S508, the 2nd D2D server returns to the first auth response, wherein carries the 2nd D2D server authentication result.

The present embodiment passes through above-mentioned steps, the 2nd D2D server of network side receives after the first checking request, according to the discovery ID of the second terminal wherein, inquire about the D2D communication restriction list of the second terminal, and verify according to the D2D communication restriction list of the second terminal and true ID and/or the application layer ID of first terminal whether the second terminal allows to find first terminal or found by first terminal, the 2nd D2D server returns to the result of above-mentioned checking again by the first auth response, because the identity management that D2D business is existed is on the D2D of network side server, make network side can find that proof procedure manages concentratedly to D2D in D2D communication process, having solved network side in correlation technique cannot manage the sign existing in D2D business and carry out according to this sign the problem that D2D finds checking, promoted the managerial ability of network side to D2D communication service.

Preferably, the first checking request can send to the 2nd D2D server by a D2D server, and for example, a D2D server receives the second checking request, in this second checking request, carry the discovery ID of first terminal, wherein in a D2D server, preserve the context of first terminal; The one D2D server is according to true ID and/or the application layer ID of the discovery ID inquiry first terminal of first terminal; The one D2D server is filled true ID and/or the application layer ID of first terminal in the first checking request, and the first checking request is sent to the 2nd D2D server." first " " second " herein, only for describing conveniently, do not comprise other particular meanings or the restriction of conduct to order.And a D2D server and the 2nd D2D server herein can be same servers, can be also different servers, can be the distinct devices of physical separation, can be also in Same Physical equipment.

Preferably, the second checking request that a D2D server receives can be from the serving BS/PGW/MME of first terminal or the second terminal.

Preferably, after the 2nd D2D server receives the first checking request, the 2nd D2D server can be inquired about according to the discovery ID of the second terminal true ID and/or the application layer ID of the second terminal, and Query Result is sent to a D2D server by the first auth response; Whether the one D2D server allows to find the second terminal or is found by the second terminal according to the true ID of the D2D communication restriction list of first terminal and the second terminal and/or application layer ID checking first terminal.

Preferably, whether a D2D server can allow first terminal to find the second terminal or the result of being found by the second terminal, and/or the 2nd D2D server authentication result, returns to the initiator of the second checking request by the second auth response.

Preferably, the mode that a D2D server returns to the second auth response to the initiator of the second checking request can be: a D2D server returns to the second auth response to the serving BS of the first or second terminal; Or a D2D server returns to the second auth response by PGW to first terminal; Or a D2D server returns to the second auth response by MME to the serving BS of first terminal.

Preferably, in the situation that a D2D server returns to the second auth response to the serving BS of first terminal or the second terminal, base station can also send and find list to first terminal and/or the second terminal according to the second auth response.

Method of calibration corresponding to above-mentioned D2D communication, a kind of calibration equipment of D2D communication is also provided in the present embodiment, be arranged in contextual the 2nd D2D server of preserving the second terminal, this device is used for realizing above-described embodiment and preferred implementation, has carried out repeating no more of explanation.As used below, the combination of software and/or the hardware of predetermined function can be realized in term " module ".Although the described device of following examples is preferably realized with software, hardware, or the realization of the combination of software and hardware also may and be conceived.

Fig. 6 is according to the structured flowchart of the calibration equipment of the D2D communication of the embodiment of the present invention, as shown in Figure 6, this device comprises: the first receiver module 62, the first enquiry module 64, the first authentication module 66 and the first respond module 68, be elaborated to modules below.

The first receiver module 62, for receiving the first checking request, wherein, carries true ID and/or the application layer ID of first terminal in this first checking request, and the discovery ID of the second terminal; The first enquiry module 64, is connected with the first receiver module 62, for inquire about the D2D communication restriction list of the second terminal according to the discovery ID of the second terminal; The first authentication module 66, be connected with the first enquiry module 64 with the first receiver module 62, for verifying according to the D2D communication restriction list of the second terminal and true ID and/or the application layer ID of first terminal whether the second terminal allows to find first terminal or found by first terminal; The first respond module 68, is connected with the first authentication module 66, for returning to the first auth response, wherein carries the 2nd D2D server authentication result.

The present embodiment is by above-mentioned module, the first receiver module 62 of the 2nd D2D server of network side receives after the first checking request, the discovery ID of the first enquiry module 64 bases the second terminal wherein inquires about the D2D communication restriction list of the second terminal, the first authentication module 66 verifies according to the D2D communication restriction list of the second terminal and true ID and/or the application layer ID of first terminal whether the second terminal allows to find first terminal or found by first terminal, the first respond module 68 of the 2nd D2D service is returned to the result again by the first auth response, because the identity management that D2D business is existed is on the D2D of network side server, make network side can find that proof procedure manages concentratedly to D2D in D2D communication process, having solved network side in correlation technique cannot manage the sign existing in D2D business and carry out according to this sign the problem that D2D finds checking, promoted the managerial ability of network side to D2D communication service.

A kind of check system of D2D communication is also provided in the present embodiment, Fig. 7 is according to the structured flowchart of the check system of the D2D communication of the embodiment of the present invention, as shown in Figure 7, this system comprises the calibration equipment that is positioned at the 2nd D2D server 60 as shown in Figure 6, also comprise the calibration equipment 70 that is positioned at a contextual D2D server of preserving first terminal, wherein, the calibration equipment 70 of the one D2D server comprises: the second receiver module 72, be used for receiving the second checking request, in this second checking request, carry the discovery ID of first terminal; The second enquiry module 74, is connected with the second receiver module 72, for inquire about true ID and/or the application layer ID of first terminal according to the discovery ID of first terminal; The first sending module 76, is connected with the first receiver module 62 with the second enquiry module 74, for fill true ID and/or the application layer ID of first terminal in the first checking request, and the first checking request is sent to the 2nd D2D server.

Fig. 8 is according to the preferred structure block diagram one of the check system of the D2D communication of the embodiment of the present invention, as shown in Figure 8, the calibration equipment 60 that is positioned at the 2nd D2D server can also comprise: the 3rd enquiry module 82, be connected with the first receiver module 62, for inquire about true ID and/or the application layer ID of the second terminal according to the discovery ID of the second terminal; The second sending module 84, is connected with the 3rd enquiry module 82, for sending the first auth response to a D2D server, wherein carries true ID and/or the application layer ID of the second terminal; The calibration equipment 70 that is positioned at a D2D server can also comprise: the 3rd receiver module 86, is connected with the second sending module 84, for receiving the first auth response; The second authentication module 88, is connected with the 3rd receiver module 86, for whether allowing to find the second terminal or found by the second terminal according to the true ID of the D2D communication restriction list of first terminal and the second terminal and/or application layer ID checking first terminal.

Fig. 9 is according to the preferred structure block diagram two of the check system of the D2D communication of the embodiment of the present invention, as shown in Figure 9, the calibration equipment 70 that is positioned at a D2D server can also comprise: the second respond module 92, can be connected with the second authentication module 88, for the initiator to the second checking request, return to the second auth response, wherein, in the second auth response, carry the 2nd D2D server authentication result and/or a D2D server authentication result.

Below in conjunction with preferred embodiment, describe, following preferred embodiment combines above-described embodiment and preferred implementation thereof.

In following preferred embodiment, proposed a kind of method of multiple sign of leading subscriber, and provide network side according to the method for different identification completing user verification.

In following preferred embodiment, in network, increased a network element newly, i.e. D2D server.The function of this server includes but not limited to be responsible for the multiple sign of maintenance terminal, obtains the restriction list that terminal is carried out D2D discovery or communication, according to restriction list, found terminal is carried out to verification.

This function network element may have interface from different network elements in different execution modes, includes but not limited to eNB, MME, PGW and HSS, and the D2D server of other networks.

Wherein to obtain restriction list with the major function of the interface of HSS.But it is relevant to obtain the list of preserving with content and HSS.If the restriction list of HSS comprises the true ID sign with user, i.e. the IMSI/MSISDN number of other UE that can communicate by letter or find, D2D server can obtain this information.If further the restriction list of HSS has also comprised the restriction list of different application, other can communicate by letter or find the application layer ID of UE, and D2D server also can obtain this information.If the present list of HSS does not comprise the restriction list of different application, D2D server also can directly configure by backstage, or mutual from different application servers, obtains this information.While adopting the latter, optional, D2D server can also be downloaded and whether allows D2D server and the mutual sign of other AS and/or which AS can carry out mutual sign with from HSS.While adopting the latter, the mode of the restriction list of obtaining different application that D2D server and HSS are concrete is not described in the present invention.

Preferably, above-mentioned restriction list, can comprise which other UE UE can be found by, or which UE UE allows to find.

The data of this interface and transmission are all general for different execution modes, specified otherwise no longer in each embodiment.

In addition, other different interface functions and mutual parameter are carried out part description in following different preferred embodiment.

If D2D business is follow-up, can expand in 2G/3G network, following execution mode also goes for other accesses, but related network elements is replaced to some extent, the eNB wherein mentioning in following embodiment can replace with the wireless access network element of 2G/3G, MME can replace with SGSN, PGW can replace with GGSN, and HSS can replace with HLR.The function that D2D carries out, the parameter of interface transmission is all similarly, does not repeat here.

Embodiment mono-

Figure 10 is the schematic diagram of the execution mode registered by eNB according to the D2D user of the embodiment of the present invention one, as shown in figure 10, this execution mode goes for different terminals and completes the process that is attached to network separately, and eNB and D2D server have in the scene of interface.

Step S1002, UE initiates registration request by eNB to D2D server.The registration request that UE sends to eNB can comprise the temporary mark of UE, and (this is designated global unique temporary identity (the Globally Unique Temporary ID that MME is its distribution, referred to as GUTI)), the application layer sign of UE is (if the business with D2D is wished in a plurality of application, may carry a plurality of application layer signs), application layer ID can directly come from UE(and forward via eNB, D2D server obtained before obtaining true identity), or also can come from MME and add voluntarily.In this message, optionally can also carry the discovery sign of UE, this sign is carried out D2D discovery procedure sign oneself for UE.This sign is the unique information in eNB that eNB distributes, but the uniqueness in order to guarantee to find that sign is wider, except above-mentioned information can also add the sign of eNB or the cell information at the current place of UE.Follow-up described discovery sign is all complete discovery sign.And this carrying mode being identified in the message of step S1002 has several as follows:

1. terminal is filled complete discovery sign, after eNB receives, does not need special processing, is directly transmitted to D2D server.

2. terminal is filled the discovery sign that eNB distributes, and adds the sign of eNB after eNB receives in forwarding this message, or the cell information at the current place of UE.

3. terminal is not filled and is found sign, fills complete discovery sign after eNB receives in forwarding this message.

Step S1004, the temporary mark that D2D server provides according to UE, finds the MME into its service.

Step S1006, D2D server is initiated identification request message to the MME of UE, wherein carries the temporary mark of UE.

Step S1008, MME returns to identification response message to D2D server, wherein carries the true identity of UE.

Step S1010 ~ S1012, D2D server is the subscription data to HSS download user according to the true identity of UE.HSS finds the subscription data of UE according to the true identity of UE, subscription data comprises the information such as D2D communication restriction list of UE.

Step S1014, D2D server completes obtaining of UE sign, completes registration process, and to returning to registration reply message by eNB to terminal.Complete after registration, the ID of D2D server maintenance includes but not limited to:

The discovery sign of 1.UE

The true identity of 2.UE

The temporary mark of 3.UE

The application identities of 4.UE

The D2D communication restriction list of 5.UE1

The terminal of other support D2D is carried out respectively similar process at D2D server registration separately.

In this embodiment, if MME has obtained restriction list from HSS, can, in step S1008, send to D2D server.Now step S1010 ~ S1012 can omit.

Embodiment bis-

Figure 11 is the schematic diagram of the execution mode registered by PGW according to the D2D user of the embodiment of the present invention two, as shown in figure 11, this execution mode goes for different terminals and completes the process that is attached to network separately, and UE has set up and can be connected with the PDN of D2D server communication.

Step S1102, UE initiates registration request to D2D server on data path.This message directly sends in the mode of packet at UE and PGW, wherein the IP address of carried terminal.If PGW has realized nat feature, PGW can will wherein carry the private net address of IP, replaces with the public network address of UE.

Step S1104, server finds the PGW of UE according to the IP address of UE.

Step S1106, D2D server is initiated identification request message, the IP address of wherein carrying UE to the PGW of UE.

Step S1108, PGW returns to identification response message to D2D server, wherein carries the true identity of UE.

Step S1110 ~ S1112, D2D server is the subscription data to HSS download user according to the true identity of UE.HSS finds the subscription data of UE according to the true identity of UE, subscription data comprises the information such as D2D communication restriction list of UE.

Step S1114, D2D server completes obtaining of UE sign, completes registration process, and to returning to registration reply message by PGW to terminal.Complete after registration, the ID of D2D server maintenance includes but not limited to:

The discovery sign of 1.UE

The true identity of 2.UE

The IP address of 3.UE

The application identities of 4.UE, application layer ID can directly come from UE(and forward via PGW, D2D server obtained before obtaining true identity), or also can come from PGW and add voluntarily.

The D2D communication restriction list of 5.UE

Embodiment tri-

Figure 12 is the schematic diagram of the execution mode registered by MME according to the D2D user of the embodiment of the present invention three, as shown in figure 12, this execution mode goes for different terminals and completes the process that is attached to network separately, and MME and D2D server have in the scene of interface.

Step S1202, UE initiates registration request by eNB.Wherein can comprise that the application layer sign of UE is (if the business with D2D is wished in a plurality of application, may carry a plurality of application layer signs), in this execution mode, application layer ID can come from terminal, through MME, forward, or also can come from MME and add voluntarily.In this message, optionally can also carry the discovery sign of UE, this sign is carried out D2D discovery procedure sign oneself for UE.This sign is the unique information in eNB that eNB distributes, but the uniqueness in order to guarantee to find that sign is wider, except above-mentioned information can also add the sign of eNB or the cell information at the current place of UE.Follow-up described discovery sign is all complete discovery sign.And this carrying mode being identified in the message of step S1202 has several as follows:

1. terminal is filled complete discovery sign, does not carry out special processing after eNB receives, is directly transmitted to D2D server.

ENB finds the MME of UE registration, and forwards the request message of UE to it.

Step S1204, MME finds the true identity of the UE preserving in the context of UE.

Step S1206, MME initiates registration request to D2D server, the true identity of wherein carrying UE, application layer sign.If carried in step S1202, find sign, in this message, also comprise this sign.

Step S1208 ~ S1210, D2D server is the subscription data to HSS download user according to the true identity of UE.HSS finds the subscription data of UE according to the true identity of UE, subscription data comprises the information such as D2D communication restriction list of UE.

Step S1212 ~ S1214, D2D server completes obtaining of UE sign, completes registration process, and to returning to registration reply message by MME to terminal.If the follow-up needs of eNB are direct and D2D server contact, in the message of step S1214, can also carry the D2D server address of UE registration.After receiving, preserves eNB this information.

Complete after registration, the ID of D2D server maintenance includes but not limited to:

The discovery sign of 1.UE

The true identity of 2.UE

The application identities of 3.UE

The D2D communication restriction list of 4.U1

In this embodiment, if MME has obtained restriction list from HSS, can, in step S1206, send to D2D server.Now step S1208 ~ S1210 can omit.

Embodiment tetra-

Figure 13 is the schematic diagram of one of execution mode of verifying by eNB according to the D2D user of the embodiment of the present invention four, as shown in figure 13, present embodiment goes for D2D user and has completed D2D registration process, by and eNB and D2D server have the mode of interface.Wherein registration process can be to be undertaken by the mode of Figure 10 or Figure 12.

Step S1302, UE1 sends D2D and finds report to base station, wherein carry the discovery sign of the UE2 of its discovery.

Step S1304, base station, according to the discovery sign of UE2, is retrieved as the D2D server 2 of UE2 service, and sends checking request to D2D server, wherein carries the discovery ID of UE1, the discovery sign of UE2.

Step S1306, the D2D server 1 that D2D server 2 is UE1 service according to the discovery sign inquiry of the UE1 carrying in request, and according to the context of the discovery sign inquiry UE2 of UE2.

Step S1308, D2D server 2 sends checking request to D2D server 1, wherein carries the discovery sign of UE1, the true identity of UE2, the application identities of UE2.

Step S1310, D2D server 1 finds the context of UE1 according to the discovery ID of UE1, and according to the true identity of UE2 and or application identities check its whether the permission of UE1 find or found list in.

Step S1312, whether D2D server 1 returns to the result to D2D server 2, wherein carry UE1 and allow to find UE2 or found by UE2.Can also carry the true identity of UE1, the application identities of UE1.

Step S1314, D2D server 2 inquires the context of UE2, and according to the true identity of UE1 and/or application identities check its whether the permission of UE2 find or found list in.

Step S1316, whether D2D server 2 returns to the result to base station, wherein carry UE1 and allow to find UE2 or found by UE2, and whether UE2 allows to find UE1 or found by UE1.

Wherein, in step S1304 ~ step S1316, base station also can be selected to initiate checking request to the D2D server of UE1, and after this D2D server 1 is being initiated check request to D2D server 2.Process and this is similar, in this course, request only need to be initiated to a D2D server in base station.

Step S1318, base station sends checking report to two terminals respectively according to the result, and notice is found by another terminal, or whether is allowed to find another terminal.For unallowed situation, this message also can be omitted, and does not notify.

This process can be that a terminal sends D2D discovery report triggering, can be also that two terminals send respectively discovery report triggering.It is to take UE1 triggering as example here that a terminal triggers, and it is also similar process that UE2 triggers.

Embodiment five

Figure 14 is two schematic diagram of the execution mode verified by eNB according to the D2D user of the embodiment of the present invention five, as shown in figure 14, present embodiment goes for D2D user and has completed D2D registration process, by and eNB and D2D server have the mode of interface.Wherein registration process can be to be undertaken by the mode of Figure 10 or Figure 12.

Step S1402, UE2 sends D2D and finds report to base station, wherein carry the discovery sign of the UE1 of its discovery.

Step S1404 ~ step S1410 and step S1304 ~ step S1310 are similar, do not repeat.

Step S1412, whether D2D server 1 returns to the result to D2D server 2, wherein carry UE1 and allow to find UE2 or found by UE2.

Step S1414, whether D2D server 2 returns to the result to base station, wherein carry UE1 and allow to find UE2 or found by UE2.

This process can be that a terminal sends D2D discovery report triggering, can be also that two terminals send respectively discovery report triggering.It is to take UE2 triggering as example here that a terminal triggers, and it is also similar process that UE1 triggers.If a terminal triggers, base station can also go D2D server 1 to initiate checking so, D2D server 1 can go D2D server 2 to initiate checking, and obtains UE2 and whether allow to find UE1 or the result of being found by UE1, and S1404 ~ S1414 is similar with above-mentioned steps.

Step S1416, base station sends checking report to two terminals respectively according to the result, and notice is found by another terminal, or whether is allowed to find another terminal.For unallowed situation, this message also can be omitted, and does not notify.

Embodiment six

Figure 15 is the schematic diagram of one of execution mode of verifying by PGW according to the D2D user of the embodiment of the present invention six, as shown in figure 15, present embodiment goes for D2D user and has completed D2D registration process, by and PGW and D2D server have the mode of interface.Wherein registration process can be to be undertaken by the mode of Figure 11.

Step S1502, UE1 initiates checking request to D2D server on data path, wherein carries the discovery sign of UE2, and the IP address of UE1 or discovery sign or application identities.The latter is mainly used for as index, searches the contextual information of UE1.

This message directly sends in the mode of packet at UE and PGW.If PGW has realized the IP address that nat feature and above-mentioned message have been carried UE1, PGW need to will wherein carry the private net address of IP, replaces with the public network address of UE1.

Step S1504, D2D server 1 is the D2D server 2 of UE2 service according to the discovery sign inquiry of the UE2 carrying in request, and according to the context of the IP address of UE1 or discovery sign or application identities inquiry UE1.

Step S1506, D2D server 1 sends checking request to D2D server 2, wherein carries the discovery sign of UE2, the true identity of UE1, the application identities of UE1.

Step S1508, D2D server 1 finds the context of UE2 according to the discovery ID of UE2, and according to the true identity of UE1 and/or application identities check its whether the permission of UE2 find or found list in.

Step S1510, whether D2D server 2 returns to the result to D2D server 1, wherein carry UE2 and allow to find UE1 or found by UE1.Can also carry the true identity of UE2, the application identities of UE2.

Step S1512, D2D server 1 inquires the context of UE1, and according to the true identity of UE2 and or application identities check its whether the permission of UE1 find or found list in.

Step S1514, D2D server 1 returns to the result by data path to UE1, UE2 whether the permission of UE1 find or found list in.

Step S1516, D2D server 2 returns to the result by data path to UE2, UE1 whether the permission of UE2 find or found list in.

Embodiment seven

Figure 16 is two schematic diagram of the execution mode verified by PGW according to the D2D user of the embodiment of the present invention seven, as shown in figure 16, present embodiment goes for D2D user and has completed D2D registration process, by and PGW and D2D server have the mode of interface.Wherein registration process can be to be undertaken by the mode of Figure 11.

Step S1602 ~ step S1608 and step S1502 ~ step S1508 are similar, do not repeat.

Step S1610, whether D2D server 2 returns to the result to D2D server 1, wherein carry UE2 and allow to find UE1 or found by UE1.

Step S1612, D2D server 1 returns to the result by data path to UE1, UE2 whether the permission of UE1 find or found list in.

This process need is that two terminals send respectively discovery report triggering.Here be to take UE1 triggering as example, it is also similar process that UE2 triggers.The proof procedure of follow-up UE2, needs UE2 to be initiated to D2D server 2, and D2D server 2 removes the proof procedure of D2D server 1, thereby obtain UE1, whether allows to find UE2 or the result of being found by UE2, and S1602 ~ S1612 is similar with above-mentioned steps.

Embodiment eight

Figure 17 is the schematic diagram of one of execution mode of verifying by MME according to the D2D user of the embodiment of the present invention eight, as shown in figure 17, present embodiment goes for D2D user and has completed D2D registration process, by and MME and D2D server have the mode of interface.Wherein registration process can be to be undertaken by the mode of Figure 12.

Step S1702, UE1 sends D2D and finds report to base station, wherein carry the discovery sign of the UE2 of its discovery.

Step S1704, base station sends checking request to the MME1 of UE1, wherein carries the discovery sign of the UE2 of its discovery.

Step S1706, MME1 sends checking request to the D2D server 1 of UE1.Wherein carry the true identity of UE1 or find sign, and UE2 finds sign.

Step S1708, D2D server 1 is the D2D server 2 of UE2 service according to the discovery sign inquiry of the UE2 carrying in request, and according to the context of the true identity of UE1 or discovery sign inquiry UE1.

Step S1710, D2D server 1 sends checking request to D2D server 2, wherein carries the discovery sign of UE2, the true identity of UE1, the application identities of UE1.

Step S1712, D2D server 1 finds the context of UE2 according to the discovery ID of UE2, and according to the true identity of UE1 and or application identities check its whether the permission of UE2 find or found list in.

Step S1714, whether D2D server 2 returns to the result to D2D server 1, wherein carry UE2 and allow to find UE1 or found by UE1.Can also carry the true identity of UE2, the application identities of UE2.

Step S1716, D2D server 1 inquires the context of UE1, and according to the true identity of UE2 and or application identities check its whether the permission of UE1 find or found list in.

Step S1718, whether D2D server 1 returns to auth response by MME1 to base station, wherein carry UE1 and allow to find UE2 or found by UE2, and whether UE2 allows to find UE1 or found by UE1.

Wherein, in step S1704 ~ step S1718, base station also can be selected to initiate checking request to the MME2 of UE2, and after this MME2 initiates checking request to D2D server 2, and D2D server 2 is being initiated check request to D2D server 1.Process and this is similar, in this course, request only need to be initiated to a D2D server in base station.

Step S1720, base station sends checking report to two terminals respectively according to the result, and notice is found by another terminal, or whether is allowed to find another terminal.For unallowed situation, this message also can be omitted, and does not notify.

Embodiment nine

Figure 18 is two schematic diagram of the execution mode verified by MME according to the D2D user of the embodiment of the present invention nine, as shown in figure 18, present embodiment goes for D2D user and has completed D2D registration process, by and MME and D2D server have the mode of interface.Wherein registration process can be to be undertaken by the mode of Figure 12.

Step S1802 ~ step S1812 and step S1702 ~ step S1712 are similar, do not repeat.

Step S1814, whether D2D server 2 returns to the result to D2D server 1, wherein carry UE2 and allow to find UE1 or found by UE1.

Step S1816, D2D server 1 returns to auth response by MME1 to base station, and wherein whether UE2 allows to find UE1 or found by UE1.

This process can be that a terminal sends D2D discovery report triggering, can be also that two terminals send respectively discovery report triggering.It is to take UE1 triggering as example here that a terminal triggers, and it is also similar process that UE2 triggers.If a terminal triggers, base station also needs to go D2D server 2 to initiate checking by MME2 so, D2D server 2 need to go D2D server 1 to initiate checking, and obtains UE1 and whether allow to find UE2 or the result of being found by UE2, and S1804 ~ S1816 is similar with above-mentioned steps.

Step S1818, base station sends checking report to two terminals respectively according to the result, and notice is found by another terminal, or whether is allowed to find another terminal.For unallowed situation, this message also can be omitted, and does not notify.

In another embodiment, also provide a kind of software, the technical scheme that this software is described for carrying out above-described embodiment and preferred embodiment.

In another embodiment, also provide a kind of storage medium, stored above-mentioned software in this storage medium, this storage medium includes but not limited to CD, floppy disk, hard disk, scratch pad memory etc.

Obviously, those skilled in the art should be understood that, above-mentioned each module of the present invention or each step can realize with general calculation element, they can concentrate on single calculation element, or be distributed on the network that a plurality of calculation elements form, alternatively, they can be realized with the executable program code of calculation element, thereby, they can be stored in storage device and be carried out by calculation element, and in some cases, can carry out shown or described step with the order being different from herein, or they are made into respectively to each integrated circuit modules, or a plurality of modules in them or step are made into single integrated circuit module to be realized.Like this, the present invention is not restricted to any specific hardware and software combination.

The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations.Within the spirit and principles in the present invention all, any modification of doing, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.

Claims

1. a management method for device-to-device D2D communication, is characterized in that, comprising:

D2D server obtains true identity ID and/or the application layer ID of terminal, and the D2D of described terminal communication restriction list, and wherein, described D2D server is found checking for D2D;

The D2D communication restriction list of described D2D server to described terminal, and true ID and/or application layer ID manage.

2. method according to claim 1, is characterized in that, the D2D communication restriction list that D2D server obtains described terminal comprises:

Described D2D server obtains the D2D communication restriction list of described terminal according to described true ID and/or application layer ID.

3. method according to claim 2, is characterized in that, the D2D communication restriction list that described D2D server obtains described terminal according to described true ID and/or application layer ID comprises:

Described D2D server obtains described true ID and/or D2D communication restriction list corresponding to application layer ID from the Mobility Management Entity MME of described terminal; Or,

Described D2D server is downloaded described user's subscription data according to described true ID and/or application layer ID to home subscriber server HSS/ attaching position register HLR, wherein, comprises the D2D communication restriction list of described terminal in described subscription data; Or,

Described D2D server is downloaded described user's D2D communication restriction list according to described true ID and/or application layer ID to application server.

4. according to the method described in claim 3, it is characterized in that, download described user's D2D communication restriction list to application server according to described true ID and/or application layer ID at described D2D server before, also comprise:

Described D2D server, according to the D2D communication restriction list that whether allows to download to described application server described terminal in subscription data, judges whether to download to described application server the D2D communication restriction list of described terminal.

5. according to the method described in any one in claim 1 to 4, it is characterized in that, true ID and/or application layer ID that D2D server obtains terminal comprise:

Described true ID and/or application layer ID that described D2D server obtains described terminal from MME or the packet data gateway PGW of described terminal.

6. method according to claim 5, is characterized in that, described true ID and/or application layer ID that described D2D server obtains described terminal from the MME of described terminal comprise:

Described D2D server receives the registration request from described MME, wherein, carries described true ID and/or the application layer ID of described terminal in described registration request.

7. method according to claim 5, is characterized in that, described true ID and/or application layer ID that described D2D server obtains described terminal from the MME of described terminal comprise:

Described D2D server is initiated identification request message according to the temporary mark of described terminal to the serving MME of described terminal, and wherein, described temporary mark is that described MME is the global unique temporary identity GUTI of described terminal distribution;

Described D2D server receives the identification response message from described MME, wherein, carries described true ID and/or the application layer ID of described terminal in described identification response message.

8. method according to claim 5, is characterized in that, described true ID and/or application layer ID that described D2D server obtains described terminal from the PGW of described terminal comprise:

Described D2D server is the PGW initiation identification request message to described terminal according to the IP address of described terminal;

Described D2D server receives the identification response message from described PGW, wherein, carries described true ID and/or the application layer ID of described terminal in described identification response message.

9. according to the method described in any one in claim 1 to 8, it is characterized in that, described method also comprises: described D2D server obtains the discovery ID of described terminal, and wherein, described discovery ID is for the D2D communication restriction list in terminal described in described D2D whois lookup;

Described D2D server manages described discovery ID.

10. method according to claim 9, is characterized in that, the discovery ID of described terminal comprise following one of at least: described terminal is filled complete discovery ID;

Described terminal is filled the discovery ID of base station assigns, and by base station, in repeating process, is filled ID or the current place of the described UE community ID of described base station;

Complete discovery ID is filled in described base station.

The method of calibration of 11. 1 kinds of device-to-device D2D communications, is characterized in that, comprising:

The 2nd D2D server receives the first checking request, wherein, carries true identity ID and/or the application layer ID of first terminal in described the first checking request, and the discovery ID of the second terminal, preserves the context of described the second terminal in described the 2nd D2D server;

Described the 2nd D2D server is inquired about the D2D communication restriction list of described the second terminal according to the discovery ID of described the second terminal;

Described the 2nd D2D server verifies according to the D2D communication restriction list of described the second terminal and true ID and/or the application layer ID of described first terminal whether described the second terminal allows to find described first terminal or found by described first terminal;

Described the 2nd D2D server returns to the first auth response, wherein carries described the 2nd D2D server authentication result.

12. methods according to claim 11, is characterized in that, before the 2nd D2D server receives the first checking request, also comprise:

The one D2D server receives the second checking request, wherein, carries the discovery ID of first terminal in described the second checking request, preserves the context of described first terminal in a described D2D server;

A described D2D server is inquired about true ID and/or the application layer ID of described first terminal according to the discovery ID of described first terminal;

A described D2D server is filled true ID and/or the application layer ID of first terminal in described the first checking request, and described the first checking request is sent to described the 2nd D2D server.

13. methods according to claim 12, it is characterized in that, a described D2D server receives the second checking request and comprises: a described D2D server receives the second checking request from serving BS/packet data gateway PGW/ Mobility Management Entity MME of described first terminal or the second terminal.

14. according to the method described in any one in claim 12 or 13, it is characterized in that, after the 2nd D2D server receives the first checking request, also comprises:

Described the 2nd D2D server is inquired about true ID and/or the application layer ID of described the second terminal according to the discovery ID of described the second terminal;

Described the 2nd D2D server sends the first auth response to a described D2D server, wherein carries true ID and/or the application layer ID of described the second terminal;

A described D2D server verifies according to the D2D communication restriction list of first terminal and true ID and/or the application layer ID of described the second terminal whether described first terminal allows to find described the second terminal or found by described the second terminal.

15. methods according to claim 14, it is characterized in that, the true ID of restriction list and described the second terminal of communicating by letter according to the D2D of first terminal at a described D2D server and/or application layer ID judge whether described first terminal allows to find described the second terminal or by after described the second terminal discovery, also comprise:

A described D2D server returns to the second auth response to the initiator of described the second checking request, wherein, carries described the 2nd D2D server authentication result and/or a D2D server authentication result in described the second auth response.

16. methods according to claim 15, is characterized in that, the initiator that a described D2D server is asked to described the second checking returns to the second auth response and comprises:

A described D2D server to described first or the serving BS of the second terminal return to described the second auth response; Or,

A described D2D server returns to described the second auth response by PGW to first terminal; Or,

A described D2D server returns to described the second auth response by MME to the serving BS of described first terminal.

17. methods according to claim 16, is characterized in that, a described D2D server returns to the second auth response to the serving BS of described first terminal or the second terminal, also comprises:

Described base station sends discovery list according to described the second auth response to described first terminal and/or the second terminal.

The management devices of 18. 1 kinds of device-to-device D2D communications, is characterized in that, is arranged in the D2D server of finding checking for D2D, comprising:

Acquisition module, for obtaining true identity ID and/or the application layer ID of terminal, and the D2D of described terminal communication restriction list;

Administration module, for the D2D communication restriction list to described terminal, and true ID and/or application layer ID manage.

The calibration equipment of 19. 1 kinds of device-to-device D2D communications, is characterized in that, is arranged in the 2nd D2D server, comprising:

The first receiver module, be used for receiving the first checking request, wherein, in described the first checking request, carry true identity ID and/or the application layer ID of first terminal, and the discovery ID of the second terminal, in described the 2nd D2D server, preserve the context of described the second terminal;

The first enquiry module, for inquiring about the D2D communication restriction list of described the second terminal according to the discovery ID of described the second terminal;

The first authentication module, for verifying according to the D2D communication restriction list of described the second terminal and true ID and/or the application layer ID of described first terminal whether described the second terminal allows to find described first terminal or found by described first terminal;

The first respond module, for returning to the first auth response, wherein carries described the 2nd D2D server authentication result.

The check system of 20. 1 kinds of device-to-device D2D communications, it is characterized in that, comprise the calibration equipment that is positioned at the 2nd D2D server as claimed in claim 19, also comprise the calibration equipment that is positioned at a D2D server, wherein, the calibration equipment of a described D2D server comprises:

The second receiver module, for receiving the second checking request, wherein, carries the discovery ID of first terminal in described the second checking request, preserve the context of described first terminal in a described D2D server;

The second enquiry module, for inquiring about true ID and/or the application layer ID of described first terminal according to the discovery ID of described first terminal;

The first sending module, for fill true ID and/or the application layer ID of first terminal in described the first checking request, and sends to described the 2nd D2D server by described the first checking request.

21. systems according to claim 20, is characterized in that,

The described calibration equipment that is positioned at the 2nd D2D server also comprises: the 3rd enquiry module, for inquire about true ID and/or the application layer ID of described the second terminal according to the discovery ID of described the second terminal; The second sending module, for sending the first auth response to a described D2D server, wherein carries true ID and/or the application layer ID of described the second terminal;

The described calibration equipment that is positioned at a D2D server also comprises: the 3rd receiver module, for receiving described the first auth response; The second authentication module, for verifying according to the D2D communication restriction list of first terminal and true ID and/or the application layer ID of described the second terminal whether described first terminal allows to find described the second terminal or found by described the second terminal.

22. systems according to claim 21, it is characterized in that, the described calibration equipment that is positioned at a D2D server also comprises: the second respond module, for the initiator to described the second checking request, return to the second auth response, wherein, in described the second auth response, carry described the 2nd D2D server authentication result and/or a D2D server authentication result.