CN110839231B - Method and equipment for acquiring terminal identification - Google Patents

Method and equipment for acquiring terminal identification Download PDF

Info

Publication number
CN110839231B
CN110839231B CN201810929046.XA CN201810929046A CN110839231B CN 110839231 B CN110839231 B CN 110839231B CN 201810929046 A CN201810929046 A CN 201810929046A CN 110839231 B CN110839231 B CN 110839231B
Authority
CN
China
Prior art keywords
terminal
mec
identification
authentication platform
unified authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810929046.XA
Other languages
Chinese (zh)
Other versions
CN110839231A (en
Inventor
张龙
闫渊
吴彤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Communications Ltd Research Institute filed Critical China Mobile Communications Group Co Ltd
Priority to CN201810929046.XA priority Critical patent/CN110839231B/en
Publication of CN110839231A publication Critical patent/CN110839231A/en
Application granted granted Critical
Publication of CN110839231B publication Critical patent/CN110839231B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/183Processing at user equipment or user record carrier
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • H04W8/205Transfer to or from user equipment or user record carrier
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • H04W8/24Transfer of terminal data

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a method and equipment for acquiring a terminal identifier, which are used for solving the problem that an MEC (mobile Internet center) in the prior art cannot effectively acquire identity information of an access user. In the application, an MEC sends a terminal identification query message to a network side device through an identification query interface; and the network side equipment feeds back the identification information of the terminal to the MEC after receiving the terminal identification query message through the identification response interface. Compared with the method that the terminal identifier is obtained through the analysis of the NAS message of the core network reported by the terminal, the MEC in the embodiment of the invention can directly send the terminal identifier query message to the network side equipment, so that the required terminal identifier is directly obtained from the network side equipment containing the user identity information, the condition that the terminal identifier information cannot be obtained because the NAS message reported by the terminal is encrypted is avoided, the MEC can effectively obtain the identity information of the access user, and the position service type service of part of MEC application is further improved.

Description

Method and equipment for acquiring terminal identification
Technical Field
The present invention relates to the field of wireless communications technologies, and in particular, to a method and a device for acquiring a terminal identifier.
Background
Mobile Edge Computing (MEC) platforms are typically located in the access network, have the characteristics of time delay reduction, bandwidth saving, content localization, etc., and are an advantageous hand of the 4G (the 4th Generation Mobile communication technology, fourth Generation Mobile communication technology) and 5G (the 5th Generation Mobile communication technology, fifth Generation Mobile communication technology) operators' ability to open and expand new services. Part of the MEC applications, mainly location services, generally need to acquire the identity of the access user, such as a Mobile phone Number, an IMSI (International Mobile Subscriber identity Number), and the like. For example, in a chemical plant safety production application based on MEC indoor positioning capability, it is necessary to know not only the number of people in a dangerous area, where the people in the dangerous area are distributed, but also the specific identity of the people in the dangerous area. At this time, the MEC is required to acquire the identity of the access user, such as a mobile phone number and an IMSI. The IMSI is a unique identifier of the terminal in the network, and can identify a user identity.
Generally, a terminal reports an IMSI of the terminal to a core network in a Non-access stratum (NAS) message in an initial attach procedure, and at this time, in an NAS signaling interaction procedure, a network may trigger the terminal to report the IMSI through an Identity Request procedure. In addition, if the NAS message is not encrypted, the MEC may also obtain the IMSI by parsing the NAS message.
However, in the prior art, if the NAS message enables the encryption algorithm, the MEC will not be able to acquire the IMSI. In addition, the terminal only reports the IMSI actively in the initial attach procedure, and the Identity Request procedure is rarely triggered by the network under normal conditions, so the scheme has no wide applicability. And although the MEC can simulate the core network to issue the Identity Request message, the integrity protection of the NAS message is opened by default, and after the NAS security is activated, the message issued by the MEC in a simulated mode is discarded on the terminal side because the message does not pass the integrity protection check. Therefore, the current network verification shows that the scheme is invalid for the connected terminal and only valid for the idle terminal, and the possibility of acquisition failure exists.
To sum up, in the prior art, the MEC cannot effectively acquire the identity information of the access user.
Disclosure of Invention
The invention provides a method and equipment for acquiring a terminal identifier, which are used for solving the problem that an MEC (mobile communication center) in the prior art cannot effectively acquire identity information of an access user.
In a first aspect, an embodiment of the present invention provides a method for acquiring a terminal identifier, where the method includes:
the MEC sends a terminal identification query message to the network side equipment through an identification query interface; and then the MEC receives the identification information of the terminal returned by the network side equipment.
In the embodiment of the invention, the MEC sends the terminal identification query message to the network side equipment through the identification query interface, then the network side equipment receives the terminal identification query message sent by the MEC through the identification response interface, and sends the queried terminal identification information to the MEC after receiving the terminal identification query message sent by the MEC. Compared with the prior art, the embodiment of the invention does not need to analyze the NAS message reported by the terminal to obtain the terminal identification information, but the MEC directly requests the network side equipment, so that the condition that the terminal identification information cannot be obtained because the NAS message reported by the terminal is encrypted is avoided, the MEC can effectively obtain the identity information of the access user, and further, the position service type service applied by part of the MEC is perfected.
In a possible implementation, the network side device is a core network;
the MEC sends a terminal identification query message to the network side equipment through an identification query interface, and the method comprises the following steps:
the MEC sends a terminal identification query message to the core network by using a Stream Control Transmission Protocol (SCTP) link between the MEC and the core network through an identification query interface;
The MEC receives the identification information of the terminal returned by the network side equipment, and the identification information comprises the following information:
and the MEC receives an identification response message which is returned by the core network and contains the identification information of the terminal by using an SCTP link between the MEC and the core network through an identification query interface.
In the foregoing manner, when the network-side device is a core network, the MEC sends a terminal identifier query message to the core network through the identifier query interface by using the SCTP link with the core network, and receives an identifier response message including identifier information of the terminal, which is returned by the core network, through the identifier query interface by using the SCTP link with the core network, so that the identifier information of the terminal can be obtained by analyzing the identifier response message.
In a possible implementation, before the MEC sends the query message to the core network through the identified query interface using the SCTP link with the core network, the method further includes:
the MEC adds at least one of a private network IP address (Internet Protocol, Protocol for interconnection between networks), a GTP-U (General Packet Radio Service tunneling Protocol ) tunnel ID (unique code) and an S1AP-UE-ID (S1Application Protocol User Equipment Identity, S1 link Application Protocol User unique code) of the terminal to the terminal identification query message.
In the method, the MEC adds at least one of the IP address of the private network of the terminal, the GTP-U tunnel ID and the S1AP-UE-ID into the terminal identification query message, and then sends the query message to the core network by using the SCTP link between the identification query interface and the core network. Therefore, the core network analyzes the terminal identification query message and acquires the information carried by the terminal identification query message, and determines the terminal of the MEC needing to acquire the identification information according to the information carried by the terminal identification query message, so as to query and return the identification information of the terminal.
In a possible implementation manner, the network side device is a unified authentication platform;
the MEC sends a terminal identification query message to the network side equipment through an identification query interface, and the method comprises the following steps:
the MEC sends a terminal identification query message to the unified authentication platform through an identification query interface by using a GTP (General Packet Radio Service tunneling Protocol) tunnel between the MEC and the unified authentication platform;
the MEC receives the identification information of the terminal returned by the network side equipment, and the identification information comprises the following information:
and the MEC receives the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.
When the network side equipment is a unified authentication platform, the MEC sends a terminal identification query message to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface, and then receives identification information of the terminal returned by the network side equipment by using the GTP tunnel between the MEC and the unified authentication platform through the identification query interface. Thus, the MEC can send the terminal identification query message through the existing GTP tunnel, so that the unified authentication platform returns the identification information of the terminal according to the terminal identification query message sent by the GTP tunnel, and further determines the identification information of the terminal.
In a possible implementation, the MEC adds the private network IP address and/or GTP-U tunnel ID of the terminal to the terminal identity query message, and then sends the terminal identity query message to the unified authentication platform through the identity query interface using a GTP tunnel with the unified authentication platform.
In the method, after the MEC adds the private network IP address and/or GTP-U tunnel ID of the terminal to the terminal identifier query message, the MEC sends the terminal identifier query message to the unified authentication platform through the identifier query interface by using the GTP tunnel between the MEC and the unified authentication platform, and the unified authentication platform can determine the terminal to be queried for the identifier information by analyzing the terminal identifier query message.
In a possible implementation manner, the MEC sends a terminal identifier query message to a network side device through an identifier query interface by using a GTP tunnel with the unified authentication platform, including:
the MEC sends a Ks (Key session, session Key) negotiation request message after GTP encapsulation to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;
after receiving the Ks negotiation response message returned by the unified authentication platform, the MEC sends a token verification request message to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;
the MEC receives the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface, and the identification information comprises the following steps:
and the MEC receives a token verification response message which is returned by the network side equipment and contains the identification information of the terminal by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.
In the method, the MEC authenticates the token through the unified authentication platform by simulating the existing terminal authentication process so as to determine the identification information of the terminal. So that the MEC can determine terminal-specific identity information.
In a possible implementation manner, the MEC sends a terminal identifier query message to a network side device through an identifier query interface by using a GTP tunnel with the unified authentication platform, including:
the MEC sends a terminal identification request message to network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;
the MEC receives the identification information of the terminal returned by the network side equipment, and the identification information comprises the following information:
and the MEC receives a terminal identification response message which is returned by the network side equipment and contains the identification information of the terminal by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.
When the network side equipment is a unified authentication platform, the MEC sends a terminal identification request message to the network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification inquiry interface, and receives an identification information terminal identification response message which is returned by the network side equipment and contains the terminal by using the GTP tunnel between the MEC and the unified authentication platform through the identification inquiry interface. Therefore, the MEC can directly send the terminal identification request message to the unified authentication platform and receive the query result returned by the unified authentication platform to determine the identification information of the terminal.
In a second aspect, an embodiment of the present invention provides a method for acquiring a terminal identifier, where the method includes:
the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface;
and the network side equipment sends the inquired identification information of the terminal to the MEC.
In the method, the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface; and transmits the identification information of the inquired terminal to the MEC. Therefore, the MEC can directly determine the identification information of the terminal through the query result fed back by the network side, and does not need to analyze the NAS message reported by the terminal to obtain the identification information of the terminal, so that the condition that the NAS message reported by the terminal is encrypted and the identification information of the terminal cannot be obtained is avoided, the MEC can effectively obtain the identity information of the access user, and further the position service type service applied by part of the MEC is perfected.
In a possible implementation, the network side device is a core network;
the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface, and the method comprises the following steps:
the core network receives a terminal identification query message sent by using an SCTP link between the core network and the MEC through an identification response interface;
The network side device sends the queried identification information of the terminal to the MEC, and the method comprises the following steps:
and the core network sends the inquired identification information of the terminal to the MEC through an identification response interface by utilizing an SCTP link between the core network and the MEC.
In the method, when the network side device is a core network, the core network receives a terminal identifier query message sent by using an SCTP link between the core network and the MEC through an identifier response interface; and sending the identification information of the inquired terminal to the MEC through an identification response interface by utilizing an SCTP link between the MEC and the MEC. Because the core network directly contains the identification information of the terminal, the core network can feed back the identification information of the inquired terminal after receiving the terminal identification inquiry message of the MEC, so that the MEC can effectively acquire the identification information of the terminal required to be determined.
In a possible implementation manner, after receiving, by the core network through the identifier response interface, the terminal identifier query message sent using the SCTP link with the MEC, and before receiving, through the identifier response interface, the terminal identifier query message sent using the SCTP link with the MEC, the method further includes:
the core network determines a terminal to be queried through part or all of the following information carried in the terminal identification query message, and determines identification information of the terminal to be queried;
Wherein, the terminal identification inquiry message carries part or all of the following information:
the private network IP address of the terminal, GTP-U tunnel ID and S1 AP-UE-ID.
In the method, after the core network receives the terminal identification query message sent by using the SCTP link between the core network and the MEC through the identification response interface, the core network determines the terminal to be queried through part or all of the private network IP address, GTP-U tunnel ID and S1AP-UE-ID of the terminal carried in the terminal identification query message so as to query according to the determined terminal and further determine the identification information of the terminal.
In a possible implementation manner, the network side device is a unified authentication platform;
the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface, and the method comprises the following steps:
the unified authentication platform receives a terminal identification query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;
the network side device sends the queried identification information of the terminal to the MEC, and the method comprises the following steps:
and the unified authentication platform sends the inquired identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface.
In the method, the network side device is a unified authentication platform; the unified authentication platform receives a terminal identification query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface; and sending the inquired identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface. Therefore, after the unified authentication platform determines the identification information of the terminal according to the terminal identification query message, the identification information can be fed back to the MEC, and the MEC can acquire the identification information of the terminal needing to determine the identity information.
In a possible implementation manner, after the unified authentication platform receives, through the identity response interface, the terminal identity query message sent by using the GTP tunnel between the MEC, and before sending, through the identity response interface, the queried identity information of the terminal to the MEC by using the GTP tunnel between the MEC and the unified authentication platform, the unified authentication platform further includes:
and the unified authentication platform determines the terminal to be inquired according to the private network IP address and/or GTP-U tunnel ID of the terminal carried in the terminal identification inquiry message, and determines the identification information of the terminal to be inquired.
In the method, after receiving a terminal identification query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, the unified authentication platform determines a terminal to be queried through a private network IP address, a GTP-U tunnel ID, a private network IP address and a GTP-U tunnel ID of the terminal carried in the terminal identification query message, and further determines identification information of the terminal to be queried according to the determined terminal. The determined identification information of the terminal may then be fed back to the MEC, so that the MEC obtains the identification information of the terminal for which the identity information needs to be determined.
In one possible implementation, the receiving, by the unified authentication platform, a terminal identity query message sent by using a GTP tunnel with the MEC through an identity response interface includes:
the unified authentication platform receives a Ks negotiation request message which is sent by using a GTP tunnel between the unified authentication platform and the MEC and is subjected to GTP encapsulation through an identification response interface;
the unified authentication platform receives a token verification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;
the unified authentication platform sends the inquired identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, and the identification information comprises the following steps:
after receiving the Ks negotiation request message, the unified authentication platform sends a Ks negotiation response message to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC;
and after receiving the token verification request message, the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the MEC and an identification response interface.
In the method, the MEC simulates the interaction between the user terminal and the unified authentication platform, and the identification information of the terminal is obtained through the process of authenticating the token by the unified authentication platform.
In one possible implementation, the receiving, by the unified authentication platform, a terminal identity query message sent by using a GTP tunnel with the MEC through an identity response interface includes:
the unified authentication platform receives a terminal identification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;
the unified authentication platform sends the inquired identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, and the identification information comprises the following steps:
and the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface.
In the method, the unified authentication platform receives a terminal identification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, and sends a terminal identification response message containing identification information of the terminal to the MEC through the identification response interface by using the GTP tunnel between the unified authentication platform and the MEC after inquiring the identification information of the terminal. So that the MEC may acquire the identification information of the terminal included in the message by parsing the terminal identification response message.
In a third aspect, an embodiment of the present invention further provides an MEC for acquiring a terminal identifier, including: a processor and a transceiver, the device having functionality to implement the embodiments of the first aspect described above.
In a fourth aspect, an embodiment of the present invention further provides a network device for acquiring a terminal identifier, where the network device includes: a processor and a transceiver, the device having functionality to implement embodiments of the second aspect described above.
In a fifth aspect, an embodiment of the present invention further provides an MEC for acquiring a terminal identifier, where the MEC includes at least one processor and at least one memory, and the device has functions of implementing the embodiments of the first aspect.
In a sixth aspect, an embodiment of the present invention further provides a network side device for acquiring a terminal identifier, where the network side device includes at least one processor and at least one memory, and the device has a function of implementing each embodiment of the second aspect.
In a seventh aspect, a computer-storable medium has stored thereon a computer program which, when being executed by a processor, carries out the steps of the above-mentioned method.
In addition, for technical effects brought by any one implementation manner of the third aspect to the seventh aspect, reference may be made to technical effects brought by different implementation manners of the first aspect to the second aspect, and details are not described here again.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings required to be used in the description of the embodiments will be briefly introduced below, and it is apparent that the drawings in the description below are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings may be obtained according to the drawings without inventive labor.
Fig. 1 is a schematic structural diagram of a system for acquiring a terminal identifier according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a first example of a system for acquiring a terminal identifier according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a second example of a system for acquiring a terminal identifier according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of a second example of a system for acquiring a terminal identifier according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a third example of a system for acquiring a terminal identifier according to an embodiment of the present invention;
fig. 6 is a schematic view of a complete flow of a first example of a system for acquiring a terminal identifier according to an embodiment of the present invention;
fig. 7 is a schematic timing diagram illustrating a second example of a system for acquiring a terminal identifier according to an embodiment of the present invention;
Fig. 8 is a schematic view of a complete flow of a third example of a system for acquiring a terminal identifier according to an embodiment of the present invention;
fig. 9 is a schematic flowchart of a first method for acquiring a terminal identifier according to an embodiment of the present invention;
fig. 10 is a flowchart illustrating a second method for acquiring a terminal identifier according to an embodiment of the present invention;
fig. 11 is a schematic structural diagram of a first MEC for acquiring a terminal identifier according to an embodiment of the present disclosure;
fig. 12 is a schematic structural diagram of a first network device for acquiring a terminal identifier according to an embodiment of the present invention;
fig. 13 is a schematic structural diagram of a second MEC for acquiring a terminal identifier according to an embodiment of the present disclosure;
fig. 14 is a schematic structural diagram of a second network device for acquiring a terminal identifier according to an embodiment of the present invention.
Detailed Description
The embodiment of the invention relates to a method for acquiring a terminal identifier, wherein the related equipment in the method comprises an MEC and network side equipment. In specific implementation, the MEC sends a terminal identification query message to the network side equipment through an identification query interface; and then the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface, and sends the queried identification information of the terminal to the MEC. Thus, the MEC may obtain the identification information of the terminal by sending a terminal identification query message to the network side device.
At present, in a normal user access process, a core network (MME/AMF, HSS, etc.) authenticates a user based on an IMSI reported by the user, and a PGW/UPF generates a ticket and the like, and needs to implement association between a user service transmission channel (such as a private network IP address and a tunnel ID of a GTP-U) and information such as the IMSI and a user mobile phone number, so that the core network naturally has identity information of the user.
In addition, in the basic service flow of the unified authentication platform, firstly, the unified authentication platform identifies a user through a path (such as a GTP-U tunnel ID) used when an authentication key token message is transmitted in a mobile communication network, generates the authentication key token and returns the authentication key token through middleware; then the service platform receives the token sent by the APP and forwards the token to the unified authentication platform for authentication, the unified authentication platform authenticates the token, if the authentication is successful, the service platform is informed, and user identity information such as a user mobile phone number and the like can be returned in a response message; and the service platform determines whether to allow the user to log in according to the authentication result. Therefore, the unified authentication platform also comprises the identity information of the user.
In conclusion, the core network and the unified authentication platform are arranged on the network side equipment which knows the user identity information.
Therefore, the network side device in the embodiment of the invention can be a core network or a unified authentication platform.
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.
As shown in fig. 1, an embodiment of the present invention provides a system for acquiring a terminal identifier, where the system includes:
the MEC100 is configured to send a terminal identifier query message to the network side device through the identifier query interface; and receiving the identification information of the terminal returned by the network side equipment.
The network side device 101 is configured to receive a terminal identifier query message sent by the MEC through an identifier response interface; and sending the identification information of the inquired terminal to the MEC.
In the embodiment of the invention, the MEC sends the terminal identification query message to the network side equipment through the identification query interface, then the network side equipment receives the terminal identification query message sent by the MEC through the identification response interface, and sends the queried terminal identification information to the MEC after receiving the terminal identification query message sent by the MEC. Compared with the prior art, the embodiment of the invention does not need to analyze the NAS message reported by the terminal to obtain the terminal identification information, but the MEC directly requests the network side equipment, so that the condition that the terminal identification information cannot be obtained because the NAS message reported by the terminal is encrypted is avoided, the MEC can effectively obtain the identity information of the access user, and further, the position service type service applied by part of the MEC is perfected.
In the embodiment of the present invention, three methods for acquiring terminal identification information by MEC are all involved, which will be described below separately.
In the first mode, an STCP link is established between the MEC and the core network, and the inquiry is directly carried out.
As shown in fig. 2, in a specific implementation, an STCP link is first established between an MEC and a core network, and connection is implemented through an identifier query interface of the MEC and an identifier response interface of the core network.
And the identification query interface of the MEC end and the identification response interface of the core network are newly-established data transmission interfaces.
Subsequently, the MEC needs to add the identification information for determining the terminal needing to query the identity information to the terminal identification query message, so that the core network can accurately determine the terminal needing to return the identification information after receiving the terminal identification query message.
Specifically, the MEC adds at least one of the following information of the terminal to the terminal identification query message. Wherein, the terminal identification inquiry message carries part or all of the following information: the private network IP address of the terminal, GTP-U tunnel ID and S1 AP-UE-ID.
In specific implementation, the MEC marks the terminal needing to query the identification information by adding at least one of the private network IP address of the terminal, the GTP-U tunnel ID and the S1AP-UE-ID to the terminal identification query message, and the subsequent core network determines the terminal querying the identification information through the address information in the terminal identification query message after receiving the terminal identification query message.
For example:
the core network side includes personal information of 3 terminals:
Figure GDA0003520509840000121
Figure GDA0003520509840000131
1. when the MEC needs to acquire the identity information of the UE2, the MEC may add the private network IP address (198.5.5.0) of the UE2 to the terminal identifier query message to form a data packet, and then send the terminal identifier query message including the private network IP address of the UE2 to the core network through the SCTP link, so that the subsequent core network determines, by analyzing the data packet including the private network IP address of the UE2, that the terminal that needs to acquire the identification information of the user is the UE2, and further queries the identification information of the UE 2.
2. When the MEC needs to acquire the identity information of the UE2, the MEC may further add a GTP-U tunnel ID (25) and a private network IP address (198.5.5.0) for data transmission of the UE2 to the terminal identifier query message to form a data packet, and then send the terminal identifier query message including the GTP-U tunnel ID and the private network IP address to the core network through the SCTP link, so that the subsequent core network determines, by analyzing the data packet including the GTP-U tunnel ID and the private network IP address, that the terminal that needs to acquire the identifier information of the user is the UE2, and further queries the identifier information of the UE 2.
3. When the MEC needs to acquire the identity information of the UE2, the MEC may further add a GTP-U tunnel ID (25), a private network IP address (198.5.5.0), and an S1AP-UE-ID (25) of data transmission of the UE2 to the terminal identification query message to form a data packet, and then send the terminal identification query message including the GTP-U tunnel ID, the private network IP address, and the S1AP-UE-ID to the core network through the SCTP link, so that the subsequent core network determines, by parsing the data packet including the GTP-U tunnel ID, the private network IP address, and the S1AP-UE-ID, that the terminal that needs to acquire the identification information of the user is the UE2, and further queries the identification information of the UE 2.
In addition, the terminal identifier query message carries part or all of the following information: the process of adding at least one of the private network IP address, GTP-U tunnel ID, S1AP-UE-ID of the terminal to the terminal identity query message by the MEC may be referred to the above example.
After adding the identification information of the terminal to the terminal identification query message, the MEC sends the terminal identification query message to the core network through the established SCTP link.
Specifically, the MEC sends a terminal identifier query message to the core network through an identifier query interface by using an SCTP link with the core network;
correspondingly, the core network receives a terminal identifier query message sent by using the SCTP link with the MEC through an identifier response interface.
In the method, an MEC sends a terminal identification query message to a core network by using an SCTP link between the MEC and the core network through an identification query interface; and then the core network receives a terminal identification query message sent by using the SCTP link between the core network and the MEC through an identification response interface. Thus, the MEC can directly send the terminal identifier query message to the core network, and the core network receives the terminal identifier query message to trigger the core network to query the identifier information of the terminal, and feed back the identifier information to the MEC.
Subsequently, the core network parses the received terminal identifier query message to determine the terminal requested by the MEC.
Specifically, after receiving a terminal identifier query message sent by using an SCTP link with the MEC through an identifier response interface, the core network determines a terminal to be queried through part or all of the following information carried in the terminal identifier query message, determines identifier information of the terminal to be queried, and then receives, through the identifier response interface, the terminal identifier query message sent by using the SCTP link with the MEC.
In the method, the core network analyzes the received terminal identification query message, acquires the terminal identification message carried in the terminal identification query message, and further determines the terminal needing to query the identification information.
And then, the core network inquires the identification information of the determined terminal needing to inquire the identification information, and feeds the inquired identification information back to the MEC.
For example:
the core network side includes information of 3 terminals:
Figure GDA0003520509840000141
Figure GDA0003520509840000151
taking the private network IP address as an example, if the MEC determines that the identity information of the UE2 needs to be acquired, the MEC adds the private network IP address (198.5.5.0) of the UE2 to the terminal identification query message to form a data packet, and then sends the terminal identification query message containing the private network IP address of the UE2 to the core network through the SCTP link. Then the core network receives the terminal identification query message sent by using the SCTP link between the core network and the MEC through an identification response interface, further analyzes the data packet of the received terminal identification query message to obtain the private network IP address of the terminal as 198.5.5.0, further determines that the terminal needing to query the identification information is UE2, then queries the identification information of UE2, and determines that the identification information of the UE needing to query is: the IMSI is 45264562323; the cell phone number is 12453533542.
Specifically, the core network sends the identification information of the inquired terminal to the MEC through an identification response interface by using an SCTP link with the MEC.
Correspondingly, the MEC receives an identification response message which is returned by the core network and contains the identification information of the terminal through an identification query interface by using the SCTP link between the MEC and the core network.
In the method, the core network feeds back the inquired identification information of the terminal to the MEC, so that the MEC can effectively acquire the identity information of the access user, and further, the position service type service applied by part of the MEC is perfected.
For example:
1. the core network side includes information of 3 terminals:
Figure GDA0003520509840000152
taking the private network IP address as an example, if the MEC determines that the identity information of the UE2 needs to be acquired, the MEC adds the private network IP address (198.5.5.0) of the UE2 to the terminal identification query message to form a data packet, and then sends the terminal identification query message containing the private network IP address of the UE2 to the core network through the SCTP link. Analyzing a terminal identification query message data packet received by the core network through the identification response interface to determine that a terminal needing to query identification information is UE2, querying the identification information of UE2, and determining that the identification information of UE2 needing to query is: the IMSI is 45264562323; the cell phone number is 12453533542. The identification information (IMSI 45264562323; cell phone number 12453533542) of the UE2 is inserted into the identification response message, so that after receiving the identification response message, the MEC can obtain the identification information of the UE2 by parsing the identification response message as follows: the IMSI is 45264562323; the cell phone number is 12453533542.
Secondly, the MEC establishes an identification query interface to send a terminal identification query message to the unified authentication platform; and the current interface of the multiplexing unified authentication platform receives the terminal identification query message and returns a query result.
As shown in fig. 3, in a specific implementation, the MEC first needs to establish an identifier query interface, insert a terminal identifier query message into a GTP tunnel through the interface, and then send the terminal identifier query message to the unified authentication platform, and then the unified authentication platform reuses an existing interface of the unified authentication platform to receive the terminal identifier query message.
And the identification query interface of the MEC and the identification response interface of the core network are newly-established data transmission interfaces.
Specifically, the MEC sends a terminal identifier query message to a network side device through an identifier query interface by using a GTP tunnel between the MEC and the unified authentication platform;
correspondingly, the unified authentication platform receives a terminal identifier query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identifier response interface.
After the MEC sends the terminal identifier query message to the unified authentication platform, the unified authentication platform further needs to determine the terminal that needs to query the identifier information according to the terminal identifier query message.
After the unified authentication platform receives a terminal identification query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, the unified authentication platform determines a terminal to be queried through a GTP-U tunnel ID carried in the terminal identification query message, and determines identification information of the terminal to be queried.
In the method, after receiving a terminal identifier query message sent by using a GTP tunnel between the MEC and the unified authentication platform through an identifier response interface, the unified authentication platform determines a terminal to be queried according to a GTP-U tunnel ID carried in the terminal identifier query message, determines identifier information of the terminal to be queried, and further sends the queried identifier information of the terminal to the MEC through the GTP tunnel between the identifier response interface and the MEC. Therefore, the unified authentication platform can send the identification information of the terminal to be acquired by the MEC to the MEC, so that the MEC can effectively acquire the identity information of the access user, and further the position service type service applied by part of the MEC is perfected.
And then, after inquiring the representation information of the terminal, the unified authentication platform returns a terminal identification response message containing the identification information of the terminal to the MEC.
Specifically, the unified authentication platform sends the queried identification information of the terminal to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC;
correspondingly, the MEC receives the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.
Through the method, the MEC sends the terminal identification query message to the unified authentication platform through the identification query interface via the GTP tunnel so that the unified authentication platform queries the identification information of the terminal and further determines the identification information of the terminal required to be determined by the MEC.
In a specific implementation, as shown in fig. 4, the MEC and the unified authentication platform will determine the terminal identification message through the following steps.
Step 400, the MEC sends a Ks negotiation request message after GTP encapsulation to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification inquiry interface;
step 401, the unified authentication platform receives a Ks negotiation request message, which is sent by using a GTP tunnel between the unified authentication platform and the MEC and is subjected to GTP encapsulation, through an identifier response interface;
step 402, after receiving the Ks negotiation request message, the unified authentication platform sends a Ks negotiation response message to the MEC through an identifier response interface by using a GTP tunnel between the unified authentication platform and the MEC;
Step 403, after receiving the Ks negotiation response message returned by the unified authentication platform, the MEC sends a token verification request message to the unified authentication platform through an identifier query interface by using a GTP tunnel between the MEC and the unified authentication platform;
step 404, the unified authentication platform receives a token verification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;
step 405, after receiving the token verification request message, the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC;
and 406, the MEC receives a token verification response message which is returned by the network side device and contains the identification information of the terminal by using a GTP tunnel between the MEC and the unified authentication platform through the identification query interface.
In the method, the MEC simulates the interaction between the user terminal and the unified authentication platform, and the identification information of the terminal is obtained through the process of authenticating the token by the unified authentication platform.
Thirdly, an MEC end establishes an identification query interface to send a terminal identification query message to the unified authentication platform; the unified authentication platform receives the terminal identification query message through the identification query response interface and returns a query result.
As shown in fig. 5, in a specific implementation, first, the MEC needs to establish an identifier query interface, and the unified authentication platform needs to establish an identifier response interface. And then the MEC inserts the terminal identification query message into a GTP tunnel through the identification query interface and further sends the terminal identification query message to the unified authentication platform, and then the unified authentication platform receives the terminal identification query message through the established identification response interface.
And the identification query interface of the MEC and the identification response interface of the unified authentication platform are newly-established data transmission interfaces.
After the establishment of the identifier query interface of the MEC and the identifier response interface of the unified authentication platform is completed, the MEC sends a terminal identifier request message to the unified authentication platform to prompt the unified authentication platform to query the identifier information of the terminal determined in the terminal identifier request message.
Specifically, after adding at least one of the private network IP address, GTP-U tunnel ID, and S1AP-UE-ID of the terminal to the terminal identification query message, the MEC sends the query message to the core network through the identification query interface using the SCTP link with the core network.
For example:
the core network side contains personal information of 3 terminals, which are respectively:
User IMSI Mobile phone number Private network IP address GTP-U tunnel ID
UE1 86123456789 13254834567 198.6.5.0 156
UE2 45264562323 12453533542 198.5.5.0 25
UE3 85512453154 14256486585 198.4.5.1 220
1. When the MEC needs to acquire the identity information of the UE3, the MEC may add the private network IP address (198.4.5.1) of the UE3 to the terminal identity query message to perform GTP encapsulation to form a data packet, and then insert the data packet into a GTP tunnel of the UE3 to send the terminal identity query message including the private network IP address of the UE3 to the unified authentication platform, so that the subsequent unified authentication platform determines, by analyzing the data packet including the private network IP address of the UE3, that the terminal that needs to acquire the identity information of the user is the UE3, and further queries the identity information of the UE 3.
2. When the MEC needs to acquire the identity information of the UE3, the MEC may add the data transmission GTP-U tunnel ID (220) of the UE3 to the terminal identity query message, and then send the terminal identity query message including the GTP-U tunnel ID of the UE3 to the unified authentication platform through the GTP tunnel to the UE3, so that the subsequent unified authentication platform determines, by analyzing the data packet including the GTP-U tunnel ID of the UE3, that the terminal that needs to acquire the identity information of the user is the UE3, and further queries the identity information of the UE 3.
3. When the MEC needs to acquire the identity information of the UE3, the MEC may add the private network IP address (198.4.5.1) of the UE3 and the GTP-U tunnel ID (220) to the terminal identity query message to perform GTP encapsulation to form a data packet, then insert the data packet into the GTP tunnel of the UE3, send the terminal identity query message including the private network IP address of the UE3 and the GTP-U tunnel ID to the unified authentication platform, so that the subsequent unified authentication platform determines that the terminal that needs to acquire the identity information of the user is the UE3 by analyzing the data packet including the private network IP address of the UE3 and the GTP-U tunnel ID, and further queries the identity information of the UE 3.
Specifically, the MEC sends a terminal identifier query message to the network side device through an identifier query interface by using a GTP tunnel between the MEC and the unified authentication platform.
Correspondingly, the unified authentication platform receives a terminal identifier query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identifier response interface.
In the method, the MEC sends the terminal identification query message to the unified authentication platform, so that the unified authentication platform receives the terminal identification query message sent by using a GTP tunnel between the MEC and the unified authentication platform through the identification response interface and queries the identification information of the terminal determined according to the terminal identification query message.
After the unified authentication platform receives the terminal identification query message, the terminal identification query message is analyzed to determine the terminal needing to query the identification information.
Specifically, after receiving a terminal identifier query message sent by using a GTP tunnel between the terminal and the MEC through an identifier response interface, the unified authentication platform determines a terminal to be queried through part or all of the following information carried in the terminal identifier query message, and determines identifier information of the terminal to be queried; and further sending the inquired identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.
Wherein, the terminal identification inquiry message carries part or all of the following information:
the private network IP address of the terminal and the GTP-U tunnel ID.
For example:
the core network side includes personal information of 3 terminals:
user IMSI Mobile phone number Private network IP address GTP-U tunnel ID
UE1 86123456789 13254834567 198.6.5.0 156
UE2 45264562323 12453533542 198.5.5.0 25
UE3 85512453154 14256486585 198.4.5.1 220
Taking the private network IP address as an example, if the MEC determines that the identity information of the UE3 needs to be acquired, the MEC adds the private network IP address (198.4.5.1) of the UE3 to the terminal identification query message to perform GTP encapsulation to form a data packet, and then inserts the data packet into a GTP tunnel of the UE3 to send the terminal identification query message containing the private network IP address of the UE3 to the unified authentication platform. The unified authentication platform analyzes the terminal identification query message data packet received by the identification response interface to determine that the terminal needing to query the identification information is UE3, queries the identification information of UE3, and further determines that the identification information of the UE3 needing to query is: the IMSI is 85512453154; the cell phone number is 14256486585. The identification information (IMSI 85512453154; cell phone number 14256486585) of the UE3 is inserted into the identification response message, so that after receiving the identification response message, the MEC can obtain the identification information of the UE3 by parsing the identification response message as follows: the IMSI is 85512453154; the cell phone number is 14256486585.
And the same authentication platform inquires the determined identification information of the terminal according to the information of the determined terminal carried in the terminal identification inquiry message, and then feeds the information back to the MEC.
Then, specifically, the unified authentication platform sends the queried identification information of the terminal to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC;
correspondingly, the MEC receives the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.
In the method, after determining the identification information of the terminal, the unified authentication platform sends the inquired identification information of the terminal to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC; and then, the MEC receives the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface. Thus, the MEC can acquire the identification information of the terminal needing to acquire the identification information. Further, the terminal can be positioned more accurately.
In specific implementation, the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC; and the MEC receives an identification response message which is returned by the network side equipment and contains the identification information of the terminal by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.
That is, the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC; and the MEC receives a terminal identification response message which is returned by the unified authentication platform and contains the identification information of the terminal, analyzes the terminal identification response message and obtains the identification information of the terminal from the terminal identification response message.
For example:
1. the core network side includes personal information of 3 terminals:
Figure GDA0003520509840000211
Figure GDA0003520509840000221
taking a private network IP address as an example, if the MEC determines that the identity information of the UE3 needs to be acquired, the MEC adds the private network IP address (198.4.5.1) of the UE3 to the terminal identification query message to perform GTP encapsulation to form a data packet, and then inserts the data packet into a GTP tunnel of the UE3 to send the terminal identification query message containing the private network IP address of the UE3 to the unified authentication platform. Analyzing a terminal identification query message data packet received by the unified authentication platform through the identification response interface to determine that a terminal needing to query identification information is UE3, querying identification information of UE3, and determining that identification information of UE3 needing to query is: the IMSI is 85512453154; the cell phone number is 14256486585. The identification information (IMSI 85512453154; cell phone number 14256486585) of the UE3 is inserted into the identification response message, so that after receiving the identification response message, the MEC can obtain the identification information of the UE3 by parsing the identification response message as follows: the IMSI is 85512453154; the cell phone number is 14256486585.
In the method, the unified authentication platform receives a terminal identification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, and sends a terminal identification response message containing identification information of the terminal to the MEC through the identification response interface by using the GTP tunnel between the unified authentication platform and the MEC after inquiring the identification information of the terminal. So that the MEC may acquire the identification information of the terminal included in the message by parsing the terminal identification response message.
As shown in fig. 6, an embodiment of the present invention provides a detailed flowchart of a first method for acquiring a terminal identifier.
Step 600, the MEC determines a terminal needing to acquire identity information;
step 601, adding at least one of a private network IP address, a GTP-U tunnel ID and an S1AP-UE-ID of a terminal which needs to acquire identity information into the terminal identification query message by the MEC;
step 602, the MEC sends the terminal identification query message to the core network through the identification query interface by using the SCTP link with the core network;
step 603, the core network receives the terminal identification query message through the identification response interface by using the SCTP link between the core network and the MEC;
step 604, the core network determines the terminal needing to query the identification information by analyzing the terminal identification query message;
Step 605, the core network inquires the identification information of the terminal according to the determined terminal;
step 606, the core network uses the SCTP link between the core network and the MEC to return the identification response message containing the identification information of the terminal to the MEC through the identification response interface;
step 607, MEC receives the identifier response message containing the identifier information of the terminal returned by the core network through the identifier query interface by using the SCTP link with the core network;
step 608, the MEC determines the identification information of the terminal that needs to acquire the identity information according to the identification response message that includes the identification information of the terminal and is returned by the core network.
As shown in fig. 7, an embodiment of the present invention provides a detailed timing chart of a second method for acquiring a terminal identifier. The user identification acquisition module on the MEC platform consists of a client simulation unit, a service server simulation unit and a data packet encapsulation analysis unit.
Step 700, after accessing the network, the customer simulation unit of the MEC calls the SDK to apply for the authentication key token;
step 701, a client simulation unit of the MEC sends a Ks negotiation request to a data packet parsing and encapsulating module of the MEC;
step 702, the data packet parsing and encapsulating module of the MEC performs GTP encapsulation on the received Ks negotiation request, inserts the GTP encapsulation request into the GTP tunnel of the user, and monitors the response message;
Step 703, the data packet parsing and encapsulating module of the MEC terminates the response message and sends the Ks negotiation request inserted into the GTP tunnel of the user to the unified authentication platform;
step 704, the unified authentication platform returns a Ks negotiation response to the data packet parsing and packaging module of the MEC;
step 705, the data packet parsing and encapsulating module of the MEC performs GTP decapsulation on the Ks negotiation response sent back by the received unified authentication platform;
step 706, the data packet parsing and encapsulating module of the MEC feeds back the unsealed Ks negotiation response to the client simulation unit of the MEC;
step 707, the customer simulation unit of the MEC determines an authentication key token according to the received decapsulated Ks negotiation response;
step 708, the customer simulation unit of the MEC sends the authentication key token to the service platform simulation unit of the MEC;
step 709, the service platform simulation unit of the MEC verifies the received authentication key token through the external network link application token;
step 710, a service platform simulation unit of the MEC sends a token verification request to a unified authentication platform;
step 711, the service platform simulation unit of the MEC receives a token verification success response containing the user identifier returned by the unified authentication platform.
As shown in fig. 8, an embodiment of the present invention provides a detailed flowchart of a third method for acquiring a terminal identifier.
Step 800, the MEC determines a terminal needing to acquire identity information;
step 801, adding at least one of a private network IP address and a GTP-U tunnel ID of a terminal which needs to acquire identity information into the terminal identification query message by the MEC;
step 802, the MEC sends the terminal identification query message to the unified authentication platform through an identification query interface by using a GTP tunnel between the MEC and the unified authentication platform;
step 803, the unified authentication platform receives the terminal identifier query message through an identifier response interface by using a GTP tunnel between the unified authentication platform and the MEC;
step 804, the unified authentication platform determines the terminal which needs to query the identification information by analyzing the terminal identification query message;
step 805, the unified authentication platform queries the identification information of the terminal according to the determined terminal;
step 806, the unified authentication platform uses a GTP tunnel between the MEC and the unified authentication platform to send an identifier response message containing the identifier information of the terminal back to the MEC through the identifier response interface;
step 807, the MEC receives an identification response message which is returned by a core network and contains the identification information of the terminal through an identification query interface by using a GTP tunnel between the MEC and the unified authentication platform;
Step 808, the MEC determines the identification information of the terminal needing to acquire the identity information according to the identification response message which is returned by the unified authentication platform and contains the identification information of the terminal.
Based on the same inventive concept, the embodiment of the present invention further provides a method for acquiring a terminal identifier, and since the MEC and the network side device in the method are the MEC and the network side device in the system in the embodiment of the present invention, and the principle of solving the problem in the method is similar to that in the system, the implementation of the method may refer to the implementation of the system, and the repeated parts are not described again.
As shown in fig. 9, an embodiment of the present invention provides a method for acquiring a terminal identifier, where the method includes:
step 900, the MEC sends a terminal identification query message to the network side device through the identification query interface;
step 901, the MEC receives the identifier information of the terminal returned by the network side device.
Optionally, the network side device is a core network;
the MEC sends a terminal identification query message to the network side equipment through an identification query interface, and the method comprises the following steps:
the MEC sends a terminal identification query message to the core network by using an SCTP link between the MEC and the core network through an identification query interface;
The MEC receives the identification information of the terminal returned by the network side equipment, and the identification information comprises the following information:
and the MEC receives an identification response message which is returned by the core network and contains the identification information of the terminal by utilizing an SCTP link between the MEC and the core network through an identification query interface.
Optionally, before the MEC sends the query message to the core network through the identification query interface using the SCTP link with the core network, the method further includes:
and the MEC adds at least one of the private network IP address, the GTP-U tunnel ID and the S1AP-UE-ID of the terminal into the terminal identification query message.
Optionally, the network side device is a unified authentication platform;
the MEC sends a terminal identification query message to the network side equipment through an identification query interface, and the method comprises the following steps:
the MEC sends a terminal identification query message to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;
the MEC receives the identification information of the terminal returned by the network side equipment, and the identification information comprises:
and the MEC receives the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.
Optionally, before the MEC sends the terminal identifier query message to the unified authentication platform through the identifier query interface by using a GTP tunnel between the MEC and the unified authentication platform, the method further includes:
and the MEC adds the private network IP address and/or GTP-U tunnel ID of the terminal into the terminal identification query message.
Optionally, the MEC sends a terminal identifier query message to the network side device through an identifier query interface by using a GTP tunnel between the MEC and the unified authentication platform, including:
the MEC sends a Ks negotiation request message after GTP encapsulation to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;
after receiving the Ks negotiation response message returned by the unified authentication platform, the MEC sends a token verification request message to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;
the MEC receives the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface, and the identification information comprises the following steps:
and the MEC receives a token verification response message which is returned by the network side equipment and contains the identification information of the terminal by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.
Optionally, the MEC sends a terminal identifier query message to the network side device through an identifier query interface by using a GTP tunnel between the MEC and the unified authentication platform, including:
the MEC sends a terminal identification request message to network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;
the MEC receives the identification information of the terminal returned by the network side equipment, and the identification information comprises the following information:
and the MEC receives a terminal identification response message which is returned by the network side equipment and contains the identification information of the terminal by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.
As shown in fig. 10, an embodiment of the present invention provides a method for acquiring a terminal identifier, where the method includes:
step 1000, the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface;
step 1001, the network side device sends the queried identification information of the terminal to the MEC.
Optionally, the network side device is a core network;
the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface, and the method comprises the following steps:
the core network receives a terminal identification query message sent by using an SCTP link between the core network and the MEC through an identification response interface;
The network side device sends the queried identification information of the terminal to the MEC, and the method comprises the following steps:
and the core network sends the inquired identification information of the terminal to the MEC through an identification response interface by utilizing an SCTP link between the core network and the MEC.
Optionally, after the core network receives, through the identifier response interface, the terminal identifier query message sent using the SCTP link with the MEC, and before the core network receives, through the identifier response interface, the terminal identifier query message sent using the SCTP link with the MEC, the method further includes:
the core network determines a terminal to be queried through part or all of the following information carried in the terminal identification query message, and determines identification information of the terminal to be queried;
wherein, the terminal identification inquiry message carries part or all of the following information:
the private network IP address of the terminal, GTP-U tunnel ID and S1 AP-UE-ID.
Optionally, the network side device is a unified authentication platform;
the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface, and the method comprises the following steps:
the unified authentication platform receives a terminal identification query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;
The network side device sends the queried identification information of the terminal to the MEC, and the method comprises the following steps:
and the unified authentication platform sends the inquired identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface.
Optionally, after the unified authentication platform receives, through the identity response interface, the terminal identity query message sent by using the GTP tunnel between the MEC, and before the unified authentication platform sends, to the MEC, the queried identity information of the terminal by using the GTP tunnel between the MEC and the identity response interface, the unified authentication platform further includes:
and the unified authentication platform determines the terminal to be inquired according to the private network IP address and/or GTP-U tunnel ID of the terminal carried in the terminal identification inquiry message, and determines the identification information of the terminal to be inquired.
Optionally, the receiving, by the unified authentication platform through an identifier response interface, a terminal identifier query message sent by using a GTP tunnel between the unified authentication platform and the MEC includes:
the unified authentication platform receives a Ks negotiation request message which is sent by using a GTP tunnel between the unified authentication platform and the MEC and is subjected to GTP encapsulation through an identification response interface;
the unified authentication platform receives a token verification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;
The unified authentication platform sends the inquired identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, and the identification information comprises the following steps:
after receiving the Ks negotiation request message, the unified authentication platform sends a Ks negotiation response message to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC;
and after receiving the token verification request message, the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the MEC and an identification response interface.
Optionally, the receiving, by the unified authentication platform through an identifier response interface, a terminal identifier query message sent by using a GTP tunnel between the unified authentication platform and the MEC includes:
the unified authentication platform receives a terminal identification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;
the unified authentication platform sends the inquired identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, and the identification information comprises the following steps:
and the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface.
As shown in fig. 11, an embodiment of the present invention provides an MEC for acquiring a terminal identifier, where the MEC includes: a processor and a transceiver:
the processor is used for transmitting data through the transceiver and sending a terminal identification query message to the network side equipment through the identification query interface; and receiving the identification information of the terminal returned by the network side equipment.
Optionally, the network side device is a core network; the processor 1100 is specifically configured to:
sending a terminal identification query message to the core network by utilizing an SCTP link between the identification query interface and the core network; and receiving an identification response message which is returned by the core network and contains the identification information of the terminal by utilizing an SCTP link between the identification query interface and the core network.
Optionally, the processor 1100 is further configured to:
and after adding at least one of the IP address of the private network of the terminal, the GTP-U tunnel ID and the S1AP-UE-ID into the terminal identification query message, sending the query message to the core network by using an SCTP link between the identification query interface and the core network.
Optionally, the network side device is a unified authentication platform; the processor 1100 is specifically configured to:
Sending a terminal identification query message to the unified authentication platform by using a GTP tunnel between the identification query interface and the unified authentication platform; and receiving the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the identification inquiry interface and the unified authentication platform.
Optionally, the processor 1100 is further configured to:
and after the private network IP address and/or the GTP-U tunnel ID of the terminal are/is added into the terminal identification query message, the terminal identification query message is sent to the unified authentication platform by using a GTP tunnel between the terminal and the unified authentication platform through an identification query interface.
Optionally, the processor 1100 is specifically configured to:
sending the Ks negotiation request message after GTP encapsulation to the unified authentication platform by using a GTP tunnel between the unified authentication platform and an identification query interface; after receiving a Ks negotiation response message returned by the unified authentication platform, sending a token verification request message to the unified authentication platform by using a GTP tunnel between the unified authentication platform and an identification inquiry interface; and receiving a token verification response message which is returned by the network side equipment and contains the identification information of the terminal by using a GTP tunnel between the identification inquiry interface and the unified authentication platform.
Optionally, the processor 1100 is specifically configured to:
sending a terminal identification request message to network side equipment by using a GTP tunnel between the identification inquiry interface and the unified authentication platform; and receiving a terminal identification response message containing the identification information of the terminal, which is returned by the network side equipment, by using a GTP tunnel between the identification inquiry interface and the unified authentication platform.
As shown in fig. 12, an embodiment of the present invention provides a network device for acquiring a terminal identifier, where the network device includes: a processor and a transceiver:
the processor is used for transmitting data through the transceiver and receiving a terminal identification query message sent by the MEC through the identification response interface; and sending the identification information of the inquired terminal to the MEC.
Optionally, the network side device is a core network; the processor 1200 is specifically configured to:
receiving a terminal identification query message sent by using an SCTP link between the MEC and the MEC through an identification response interface; and sending the inquired identification information of the terminal to the MEC by using the SCTP link between the MEC and the identification response interface.
Optionally, the processor 1200 is specifically configured to:
after receiving a terminal identification query message sent by using an SCTP link between the MEC and the MEC through an identification response interface, determining a terminal to be queried through part or all of the following information carried in the terminal identification query message, and determining identification information of the terminal to be queried; receiving a terminal identification query message sent by using an SCTP link between the MEC and the MEC through an identification response interface;
Wherein, the terminal identification inquiry message carries part or all of the following information:
the private network IP address of the terminal, GTP-U tunnel ID and S1 AP-UE-ID.
Optionally, the network side device is a unified authentication platform; the processor 1200 is specifically configured to:
receiving a terminal identification query message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface; and sending the inquired identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.
Optionally, the processor 1200 is further configured to:
after receiving a terminal identification query message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface, determining a terminal to be queried through a private network IP address of the terminal and/or a GTP-U tunnel ID carried in the terminal identification query message, and determining identification information of the terminal to be queried; and sending the inquired identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.
Optionally, the processor 1200 is specifically configured to:
receiving a Ks negotiation request message which is sent by using a GTP tunnel between the MEC and is subjected to GTP encapsulation through an identification response interface; receiving a token verification request message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface; after receiving the Ks negotiation request message, sending a Ks negotiation response message to the MEC by using a GTP tunnel between the MEC and the identification response interface; and after receiving the token verification request message, sending a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the MEC and an identification response interface.
Optionally, the processor 1200 is specifically configured to:
receiving a terminal identification request message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface; and sending a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.
As shown in fig. 13, an embodiment of the present invention provides an MEC for acquiring a terminal identifier, where the MEC includes:
at least one processor 1300 and at least one memory 1301, wherein the memory 1301 stores program code, which when executed by the processor 1300, causes the processor 1300 to perform the following:
sending a terminal identification query message to network side equipment through an identification query interface; and receiving the identification information of the terminal returned by the network side equipment.
Optionally, the network side device is a core network; the processor 1300 is specifically configured to:
sending a terminal identification query message to the core network by using an SCTP link between the identification query interface and the core network; and receiving an identification response message which is returned by the core network and contains the identification information of the terminal by using the SCTP link between the identification query interface and the core network.
Optionally, the processor 1300 is further configured to:
and after adding at least one of the IP address of the private network of the terminal, the GTP-U tunnel ID and the S1AP-UE-ID into the terminal identification query message, sending the query message to the core network by using an SCTP link between the identification query interface and the core network.
Optionally, the network side device is a unified authentication platform; the processor 1300 is specifically configured to:
sending a terminal identification query message to the unified authentication platform by using a GTP tunnel between the terminal identification query interface and the unified authentication platform; and receiving the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the identification inquiry interface and the unified authentication platform.
Optionally, the processor 1300 is further configured to:
and after the private network IP address and/or the GTP-U tunnel ID of the terminal are/is added into the terminal identification query message, the terminal identification query message is sent to the unified authentication platform by using a GTP tunnel between the terminal and the unified authentication platform through an identification query interface.
Optionally, the processor 1300 is specifically configured to:
sending the Ks negotiation request message after GTP encapsulation to the unified authentication platform by using a GTP tunnel between the unified authentication platform and an identification query interface; after receiving a Ks negotiation response message returned by the unified authentication platform, sending a token verification request message to the unified authentication platform by using a GTP tunnel between the unified authentication platform and an identification query interface; and receiving a token verification response message which is returned by the network side equipment and contains the identification information of the terminal by using a GTP tunnel between the identification query interface and the unified authentication platform.
Optionally, the processor 1300 is specifically configured to:
sending a terminal identification request message to network side equipment by using a GTP tunnel between the identification query interface and the unified authentication platform; and receiving a terminal identification response message containing the identification information of the terminal, which is returned by the network side equipment, by using a GTP tunnel between the identification inquiry interface and the unified authentication platform.
As shown in fig. 14, an embodiment of the present invention provides a network device for acquiring a terminal identifier, where the network device includes:
at least one processor 1400 and at least one memory 1401, wherein said memory 1401 stores program code which, when executed by said processor 1400, causes said processor 1400 to perform the following:
receiving a terminal identification query message sent by an MEC (message center) through an identification response interface; and sending the identification information of the inquired terminal to the MEC.
Optionally, the network side device is a core network; the processor 1400 is specifically configured to:
receiving a terminal identification query message sent by using an SCTP link between the MEC and the MEC through an identification response interface; and sending the inquired identification information of the terminal to the MEC by using the SCTP link between the MEC and the identification response interface.
Optionally, the processor 1400 is specifically configured to:
after receiving a terminal identification query message sent by using an SCTP link between the MEC and the MEC through an identification response interface, determining a terminal to be queried through part or all of the following information carried in the terminal identification query message, and determining identification information of the terminal to be queried; receiving a terminal identification query message sent by using an SCTP link between the MEC and the MEC through an identification response interface;
wherein, the terminal identification inquiry message carries part or all of the following information:
the private network IP address of the terminal, GTP-U tunnel ID and S1 AP-UE-ID.
Optionally, the network side device is a unified authentication platform; the processor 1400 is specifically configured to:
receiving a terminal identification query message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface; and sending the inquired identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.
Optionally, the processor 1400 is further configured to:
after receiving a terminal identification query message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface, determining a terminal to be queried through a private network IP address of the terminal and/or a GTP-U tunnel ID carried in the terminal identification query message, and determining identification information of the terminal to be queried; and sending the inquired identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.
Optionally, the processor 1400 is specifically configured to:
receiving a Ks negotiation request message which is sent by using a GTP tunnel between the MEC and is subjected to GTP encapsulation through an identification response interface; receiving a token verification request message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface; after receiving the Ks negotiation request message, sending a Ks negotiation response message to the MEC by using a GTP tunnel between the MEC and the identification response interface; and after receiving the token verification request message, sending a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the MEC and an identification response interface.
Optionally, the processor 1400 is specifically configured to:
receiving a terminal identification request message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface; and sending a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.
The embodiment of the invention also provides a readable storage medium of the computing equipment aiming at the method for acquiring the terminal identifier, namely, the content is not lost after the power is cut off. The storage medium stores therein a software program comprising program code which, when executed on a computing device, when read and executed by one or more processors, implements any of the above aspects of embodiments of the present invention in obtaining a terminal identification.
The present application is described above with reference to block diagrams and/or flowchart illustrations of methods, apparatus (systems) and/or computer program products according to embodiments of the application. It will be understood that one block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, and/or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer and/or other programmable data processing apparatus, create means for implementing the functions/acts specified in the block diagrams and/or flowchart block or blocks.
Accordingly, the present application may also be embodied in hardware and/or in software (including firmware, resident software, micro-code, etc.). Furthermore, the application may take the form of a computer program product on a computer-usable or computer-readable storage medium having computer-usable or computer-readable program code embodied in the medium for use by or in connection with an instruction execution system. In the context of this application, a computer-usable or computer-readable medium may be any medium that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims (30)

1. A method for acquiring a terminal identifier is characterized in that the method comprises the following steps:
the mobile edge computing platform MEC sends a terminal identification query message to the network side equipment through an identification query interface;
the MEC receives the identification information of the terminal returned by the network side equipment;
the network side device is a core network, and the terminal identifier query message carries part or all of the following information: the IP address of the protocol interconnected among the private network of the terminal, the GTP-U tunnel unique code ID of the general packet radio service technology tunnel protocol at the user level, and the S1 link application protocol user unique code S1 AP-UE-ID; or
The network side equipment is a unified authentication platform, and the terminal identification query message carries part or all of the following information: the private network IP address of the terminal and the GTP-U tunnel ID.
2. The method of claim 1, wherein the network-side device is the core network;
The MEC sends a terminal identification query message to the network side equipment through an identification query interface, and the method comprises the following steps:
the MEC sends a terminal identification query message to the core network through an identification query interface by utilizing a Stream Control Transmission Protocol (SCTP) link between the MEC and the core network;
the MEC receives the identification information of the terminal returned by the network side equipment, and the identification information comprises the following information:
and the MEC receives an identification response message which is returned by the core network and contains the identification information of the terminal by utilizing an SCTP link between the MEC and the core network through an identification query interface.
3. The method of claim 2, wherein prior to the MEC sending a query message to the core network using an SCTP link with the core network via the identified query interface, further comprising:
and the MEC adds at least one of a protocol IP address interconnected among private network networks of the terminal, a general packet radio service technology tunnel protocol GTP-U tunnel unique code ID of a user plane and an S1 link application protocol user unique code S1AP-UE-ID into the terminal identification query message.
4. The method of claim 1, wherein the network-side device is the unified authentication platform;
The MEC sends a terminal identification query message to the network side equipment through an identification query interface, and the method comprises the following steps:
the MEC sends a terminal identification query message to the unified authentication platform by using a general data transmission platform GTP tunnel between the MEC and the unified authentication platform through an identification query interface;
the MEC receives the identification information of the terminal returned by the network side equipment, and the identification information comprises the following information:
and the MEC receives the identification information of the terminal returned by the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.
5. The method of claim 4, wherein prior to the MEC sending a terminal identity query message to a unified authentication platform via an identity query interface using a GTP tunnel with the unified authentication platform, further comprising:
and the MEC adds the private network IP address and/or GTP-U tunnel ID of the terminal into the terminal identification query message.
6. The method of claim 4, wherein the MEC sends a terminal identity query message to the unified authentication platform over an identity query interface using a GTP tunnel with the unified authentication platform, comprising:
The MEC sends a session key Ks negotiation request message after GTP encapsulation to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification inquiry interface;
after receiving the Ks negotiation response message returned by the unified authentication platform, the MEC sends a token verification request message to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification inquiry interface;
the MEC receives the identification information of the terminal returned by the unified authentication platform through an identification inquiry interface by using a GTP tunnel between the MEC and the unified authentication platform, and the identification information comprises the following steps:
and the MEC receives a token verification response message which is returned by the unified authentication platform and contains the identification information of the terminal by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.
7. The method of claim 4, wherein the MEC sends a terminal identity query message to the unified authentication platform over an identity query interface using a GTP tunnel with the unified authentication platform, comprising:
the MEC sends a terminal identification request message to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;
The MEC receives the identification information of the terminal returned by the network side equipment, and the identification information comprises the following information:
and the MEC receives a terminal identification response message which is returned by the unified authentication platform and contains the identification information of the terminal by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.
8. A method for acquiring a terminal identifier is characterized in that the method comprises the following steps:
the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface;
the network side equipment sends the inquired identification information of the terminal to the MEC;
the network side device is a core network, and the terminal identifier query message carries part or all of the following information: the IP address of the protocol interconnected among the private network of the terminal, the GTP-U tunnel unique code ID of the general packet radio service technology tunnel protocol on the user plane, and the S1 link application protocol user unique code S1 AP-UE-ID; or
The network side equipment is a unified authentication platform, and the terminal identification query message carries part or all of the following information: the private network IP address of the terminal and the GTP-U tunnel ID.
9. The method of claim 8, wherein the network-side device is the core network;
The network side equipment receives a terminal identification query message sent by the MEC through an identification response interface, and the method comprises the following steps:
the core network receives a terminal identification query message sent by using an SCTP link between the core network and the MEC through an identification response interface;
the network side device sends the queried identification information of the terminal to the MEC, and the method comprises the following steps:
and the core network sends the inquired identification information of the terminal to the MEC through an identification response interface by utilizing an SCTP link between the core network and the MEC.
10. The method as claimed in claim 9, wherein after receiving the terminal identification query message transmitted via the SCTP link with the MEC via the identification response interface, and before receiving the terminal identification query message transmitted via the SCTP link with the MEC via the identification response interface, the method further comprises:
the core network determines a terminal to be queried through part or all of the following information carried in the terminal identification query message, and determines identification information of the terminal to be queried;
wherein, the terminal identification inquiry message carries part or all of the following information:
the private network IP address of the terminal, GTP-U tunnel ID and S1 AP-UE-ID.
11. The method of claim 8, wherein the network-side device is the unified authentication platform;
the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface, and the method comprises the following steps:
the unified authentication platform receives a terminal identification query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;
the network side device sends the queried identification information of the terminal to the MEC, and the method comprises the following steps:
and the unified authentication platform sends the inquired identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface.
12. The method of claim 11, wherein the unified authentication platform further comprises, after receiving the terminal identity query message transmitted using the GTP tunnel with the MEC through the identity response interface, before transmitting the queried identity information of the terminal to the MEC using the GTP tunnel with the MEC through the identity response interface, before:
and the unified authentication platform determines the terminal to be inquired according to the private network IP address of the terminal and/or the GTP-U tunnel ID carried in the terminal identification inquiry message, and determines the identification information of the terminal to be inquired.
13. The method of claim 11, wherein the unified authentication platform receives a terminal identity query message sent using a GTP tunnel with the MEC over an identity response interface, comprising:
the unified authentication platform receives a Ks negotiation request message which is sent by using a GTP tunnel between the unified authentication platform and the MEC and is subjected to GTP encapsulation through an identification response interface;
the unified authentication platform receives a token verification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;
the unified authentication platform sends the inquired identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, and the identification information comprises the following steps:
after receiving the Ks negotiation request message, the unified authentication platform sends a Ks negotiation response message to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC;
and after receiving the token verification request message, the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the MEC and an identification response interface.
14. The method of claim 11, wherein the unified authentication platform receives a terminal identity query message sent using a GTP tunnel with the MEC over an identity response interface, comprising:
The unified authentication platform receives a terminal identification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;
the unified authentication platform sends the inquired identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, and the identification information comprises the following steps:
and the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface.
15. An MEC for acquiring a terminal identifier, comprising: a processor and a transceiver:
the processor is used for transmitting data through the transceiver and sending a terminal identification query message to the network side equipment through the identification query interface; receiving the identification information of the terminal returned by the network side equipment;
wherein, the network side device is a core network, and the terminal identifier query message carries part or all of the following information: the IP address of the protocol interconnected among the private network of the terminal, the GTP-U tunnel unique code ID of the general packet radio service technology tunnel protocol on the user plane, and the S1 link application protocol user unique code S1 AP-UE-ID; or
The network side equipment is a unified authentication platform, and the terminal identification query message carries part or all of the following information: the private network IP address of the terminal and the GTP-U tunnel ID.
16. The MEC of claim 15, wherein the network-side device is the core network; the processor is specifically configured to:
sending a terminal identification query message to the core network by utilizing an SCTP link between the identification query interface and the core network; and receiving an identification response message which is returned by the core network and contains the identification information of the terminal by utilizing an SCTP link between the identification query interface and the core network.
17. The MEC of claim 16, wherein the processor is further to:
and after adding at least one of the IP address of the private network of the terminal, the GTP-U tunnel ID and the S1AP-UE-ID into the terminal identification query message, sending the query message to the core network by using an SCTP link between the identification query interface and the core network.
18. The MEC of claim 15, wherein the network-side device is the unified authentication platform; the processor is specifically configured to:
sending a terminal identification query message to the unified authentication platform by using a GTP tunnel between the terminal identification query interface and the unified authentication platform; and receiving the identification information of the terminal returned by the unified authentication platform by using a GTP tunnel between the unified authentication platform and an identification query interface.
19. The MEC of claim 18, wherein the processor is further to:
and after the private network IP address and/or the GTP-U tunnel ID of the terminal are/is added into the terminal identification query message, the terminal identification query message is sent to the unified authentication platform by using a GTP tunnel between the terminal and the unified authentication platform through an identification query interface.
20. The MEC of claim 18, wherein the processor is specifically to:
sending the Ks negotiation request message subjected to GTP encapsulation to the unified authentication platform by using a GTP tunnel between the identification inquiry interface and the unified authentication platform; after receiving a Ks negotiation response message returned by the unified authentication platform, sending a token verification request message to the unified authentication platform by using a GTP tunnel between the unified authentication platform and an identification inquiry interface; and receiving a token verification response message which is returned by the unified authentication platform and contains the identification information of the terminal by using a GTP tunnel between the unified authentication platform and an identification inquiry interface.
21. The MEC of claim 18, wherein the processor is specifically to:
sending a terminal identification request message to network side equipment by using a GTP tunnel between the identification inquiry interface and the unified authentication platform; and receiving a terminal identification response message which is returned by the unified authentication platform and contains the identification information of the terminal by using a GTP tunnel between the unified authentication platform and the identification inquiry interface.
22. A network side device for acquiring a terminal identifier, comprising: a processor and a transceiver:
the processor is used for transmitting data through the transceiver and receiving a terminal identification query message sent by the MEC through the identification response interface; sending the identification information of the inquired terminal to the MEC;
the network side device is a core network, and the terminal identifier query message carries part or all of the following information: the IP address of the protocol interconnected among the private network of the terminal, the GTP-U tunnel unique code ID of the general packet radio service technology tunnel protocol at the user level, and the S1 link application protocol user unique code S1 AP-UE-ID; or
The network side equipment is a unified authentication platform, and the terminal identification query message carries part or all of the following information: the private network IP address of the terminal and the GTP-U tunnel ID.
23. The network-side device of claim 22, wherein the network-side device is the core network; the processor is specifically configured to:
receiving a terminal identification query message sent by using an SCTP link between the MEC and the MEC through an identification response interface; and sending the inquired identification information of the terminal to the MEC by using the SCTP link between the MEC and the identification response interface.
24. The network-side device of claim 23, wherein the processor is specifically configured to:
after receiving a terminal identification query message sent by using an SCTP link between the MEC and the MEC through an identification response interface, determining a terminal to be queried through part or all of the following information carried in the terminal identification query message, and determining identification information of the terminal to be queried; receiving a terminal identification query message sent by using an SCTP link between the MEC and the MEC through an identification response interface;
wherein, the terminal identification inquiry message carries part or all of the following information:
the private network IP address of the terminal, the GTP-U tunnel ID and the S1 AP-UE-ID.
25. The network-side device of claim 23, wherein the network-side device is the unified authentication platform; the processor is specifically configured to:
receiving a terminal identification query message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface; and sending the inquired identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.
26. The network-side device of claim 25, wherein the processor is further configured to:
After receiving a terminal identification query message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface, determining a terminal to be queried through a private network IP address of the terminal and/or a GTP-U tunnel ID carried in the terminal identification query message, and determining identification information of the terminal to be queried; and sending the inquired identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.
27. The network-side device of claim 25, wherein the processor is specifically configured to:
receiving a Ks negotiation request message which is sent by using a GTP tunnel between the MEC and is subjected to GTP encapsulation through an identification response interface; receiving a token verification request message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface; after receiving the Ks negotiation request message, sending a Ks negotiation response message to the MEC by using a GTP tunnel between the MEC and the identification response interface; and after receiving the token verification request message, sending a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the MEC and an identification response interface.
28. The network-side device of claim 25, wherein the processor is specifically configured to:
receiving a terminal identification request message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface; and sending a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.
29. An apparatus for acquiring a terminal identifier, the apparatus comprising: at least one processor and at least one memory, wherein the memory stores program code which, when executed by the processor, causes the processor to perform the steps of the method of any of claims 1 to 7 or the steps of the method of any of claims 8 to 14.
30. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 7 or the steps of the method according to any one of claims 8 to 14.
CN201810929046.XA 2018-08-15 2018-08-15 Method and equipment for acquiring terminal identification Active CN110839231B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810929046.XA CN110839231B (en) 2018-08-15 2018-08-15 Method and equipment for acquiring terminal identification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810929046.XA CN110839231B (en) 2018-08-15 2018-08-15 Method and equipment for acquiring terminal identification

Publications (2)

Publication Number Publication Date
CN110839231A CN110839231A (en) 2020-02-25
CN110839231B true CN110839231B (en) 2022-07-15

Family

ID=69572994

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810929046.XA Active CN110839231B (en) 2018-08-15 2018-08-15 Method and equipment for acquiring terminal identification

Country Status (1)

Country Link
CN (1) CN110839231B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114339816A (en) * 2020-09-30 2022-04-12 华为技术有限公司 Edge calculation method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107018534A (en) * 2016-01-28 2017-08-04 中兴通讯股份有限公司 A kind of method for realizing mobile edge calculations service, apparatus and system
CN108029053A (en) * 2015-10-29 2018-05-11 华为技术有限公司 Mobile edge platform determines the method and device of carrying
WO2018133956A1 (en) * 2017-01-18 2018-07-26 Nokia Solutions And Networks Oy Control mechanism for supporting services in mobile edge computing environment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108029053A (en) * 2015-10-29 2018-05-11 华为技术有限公司 Mobile edge platform determines the method and device of carrying
CN107018534A (en) * 2016-01-28 2017-08-04 中兴通讯股份有限公司 A kind of method for realizing mobile edge calculations service, apparatus and system
WO2018133956A1 (en) * 2017-01-18 2018-07-26 Nokia Solutions And Networks Oy Control mechanism for supporting services in mobile edge computing environment

Also Published As

Publication number Publication date
CN110839231A (en) 2020-02-25

Similar Documents

Publication Publication Date Title
US20120166803A1 (en) Verification method, apparatus, and system for resource access control
CN107086979B (en) User terminal verification login method and device
CN106209726B (en) Mobile application single sign-on method and device
US11233817B2 (en) Methods and apparatus for end device discovering another end device
CN112217771B (en) Data forwarding method and data forwarding device based on tenant information
CN105828413B (en) Safety method, terminal and system for D2D mode B discovery
CN104967595A (en) Method and apparatus for registering devices on Internet of things platform
US10277586B1 (en) Mobile authentication with URL-redirect
CN107889194B (en) Obtain, provide method, equipment and the medium of wireless access point access information
CN107508822A (en) Access control method and device
CN105611533A (en) Message integrity check MIC inspection method and MIC inspection device
CN106454814A (en) GTP tunnel communication system and method
CN110839231B (en) Method and equipment for acquiring terminal identification
WO2013189398A2 (en) Application data push method, device, and system
CN102685746A (en) Method, device and system for verifying mobile equipment
CN113038467B (en) Event information reporting method and communication device
CN107342994A (en) Intelligent sound authentication method, intelligent sound, terminal device and system
US10028141B2 (en) Method and system for determining that a SIM and a SIP client are co-located in the same mobile equipment
CN113079565B (en) LTE edge user network access method and device
CN112788738A (en) Code number processing method and device for public and private network convergence system
CN103108316A (en) Authentication method, device and system for aerial card writing
CN106162645B (en) A kind of the quick of Mobile solution reconnects method for authenticating and system
CN102918878B (en) File transmitting method and device
WO2017157255A1 (en) Local breakout-based data interception method and device
CN113873491A (en) Communication apparatus, system, and computer-readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant