CN113038467B - Event information reporting method and communication device - Google Patents

Event information reporting method and communication device Download PDF

Info

Publication number
CN113038467B
CN113038467B CN201911242878.5A CN201911242878A CN113038467B CN 113038467 B CN113038467 B CN 113038467B CN 201911242878 A CN201911242878 A CN 201911242878A CN 113038467 B CN113038467 B CN 113038467B
Authority
CN
China
Prior art keywords
entity
identifier
upf
event
nef
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911242878.5A
Other languages
Chinese (zh)
Other versions
CN113038467A (en
Inventor
李飞
张博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201911242878.5A priority Critical patent/CN113038467B/en
Priority to PCT/CN2020/133531 priority patent/WO2021110084A1/en
Publication of CN113038467A publication Critical patent/CN113038467A/en
Application granted granted Critical
Publication of CN113038467B publication Critical patent/CN113038467B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0433Key management protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the application discloses an event information reporting method, which comprises the following steps: an Application Function (AF) entity receives first information sent by a User Plane Function (UPF) entity, wherein the first information carries an identifier of terminal equipment, an event identifier, an identifier of the UPF entity and event information; and the AF entity determines whether to accept the event information reported by the UPF entity or not based on the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity. Based on the method described in the present application, it is advantageous for the AF entity to identify the authenticity of the received event information.

Description

Event information reporting method and communication device
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method and a communications device for reporting event information.
Background
The network capability is open, which can bring experience optimization to users. The network capability opening means that an interface is provided to the outside through a unified capability opening platform, so that unified call of a third party Application Function (AF) entity to a network Function is realized. The network capability opening includes the opening of functions such as user position, session state, qoS, network load and charging. The capability openness procedure defined by 3GPP can be as shown in fig. 1. Wherein:
step 101, an Application Function (AF) entity sends a first event subscription request to a Network open Function (NEF) entity.
Step 102, after receiving the first event subscription request, the NEF entity sends a second event subscription request to an Access and Mobility Management Function (AMF) entity.
Step 103, after receiving the second event subscription request, the AMF entity sends a second subscription response corresponding to the second event subscription request to the NEF entity.
And step 104, after receiving the second subscription response, the NEF entity sends a first subscription response corresponding to the first event subscription request to the AF entity.
Step 105, when the subscription event is triggered, the AMF entity sends the event information to the NEF entity.
And step 106, after receiving the event information, the NEF entity forwards the event information to the AF entity.
In the capability openness procedure, since the AF entity and the NEF entity have mutually authenticated and established TLS link before the first step, the AF can determine that the event information received in the sixth step is authentic. However, in a Mobile Edge Computing (MEC) scenario, in order to reduce the time delay of the AF entity receiving the event information and avoid the situation that the core network element reports the event information and needs to forward the event information from the NEF entity to the AF entity, the event information may be directly reported to the AF entity through a User Plane Function (UPF) entity deployed at the Edge. Therefore, the time delay for reporting the event information can be greatly reduced. However, when reporting the event information through the UPF entity, the AF entity cannot determine the authenticity of the event information reported by the UPF entity.
Disclosure of Invention
The application provides an event information reporting method and a communication device, which are beneficial to identifying the authenticity of event information reported by a UPF entity.
In a first aspect, the present application provides a method for reporting event information, where the method includes:
an Application Function (AF) entity receives first information sent by a User Plane Function (UPF) entity, wherein the first information carries an identifier of terminal equipment, an event identifier, an identifier of the UPF entity and event information; and the AF entity determines whether to accept the event information reported by the UPF entity or not based on the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity. Based on the method described in the first aspect, it is advantageous for the AF entity to identify the authenticity of the received event information.
In one possible implementation, the AF entity may further perform the following steps: an AF entity sends a first request to a NEF entity, wherein the first request carries an identifier of terminal equipment and an event identifier; an AF entity receives first response information corresponding to a first request sent by an NEF entity, wherein the first response information carries an identifier of a UPF entity; the AF entity stores the corresponding relation between the identification of the UPF entity and the identification of the terminal equipment and the event identification;
the specific implementation manner of determining whether to accept the event information reported by the UPF entity by the AF entity based on the identifier of the terminal device, the event identifier, and the identifier of the UPF entity is as follows: and the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity.
Based on the possible implementation manner, whether to accept the event information reported by the UPF entity can be determined based on the pre-stored correspondence between the identifier of the UPF entity and the identifier of the terminal device and the event identifier, the identifier of the terminal device, the event identifier and the identifier of the UPF entity, which is beneficial for the AF entity to accurately identify the authenticity of the received event information.
In a possible implementation, the first information further carries a first message authentication code MAC; the AF entity may also verify the first MAC upon determining to accept the event information reported by the UPF entity. Based on the possible implementation mode, the integrity protection can be performed on the information reported by the UPF entity, and the information reported by the UPF entity can be prevented from being tampered in the transmission process.
In one possible implementation, the AF entity may further determine the first key based on a shared key between the AF entity and the NEF entity; the specific implementation manner of the AF entity verifying the first MAC is as follows: the AF entity verifies the first MAC with the first key. Based on the possible implementation manner, the UPF entity can use the first key to perform integrity protection on the information reported by the UPF entity.
In one possible implementation, the shared key is a pre-shared key PSK used for establishing a Transport Layer Security (TLS) connection between the AF entity and the NEF entity, or the shared key is a session master key of the TLS connection between the AF entity and the NEF entity, or the shared key is a key negotiated in advance between the AF entity and the NEF entity. The second to fifth aspects are the same, and will not be described in detail later.
In one possible implementation, the specific implementation of the AF entity determining the first key based on the shared key between the AF and the NEF is as follows: the AF entity determines a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter includes at least one of an identifier of an AF entity, an identifier of a terminal device, an identifier of a UPF entity, or an event identifier. And the first key is determined by combining the first parameter and the shared key, so that the key strength of the first key is improved.
In a second aspect, the present application provides a method for reporting event information, where the method includes: a network open function (NEF) entity receives a first request sent by an Application Function (AF) entity, wherein the first request carries an identifier of terminal equipment and an event identifier; the NEF entity sends a second request to the SMF entity of the session management function, wherein the second request carries the identification of the AF entity, the identification of the terminal equipment and the event identification; the NEF entity receives second response information corresponding to a second request sent by the SMF entity, wherein the second response information carries an identifier of a User Plane Function (UPF) entity; and the NEF entity sends first response information corresponding to the first request to the AF entity, wherein the first response information carries the identifier of the UPF entity.
In one possible implementation, the NEF entity may also send a shared key between the AF entity and the NEF entity to the SMF entity.
In one possible implementation, the NEF entity may further determine the first key based on a shared key between the AF entity and the NEF entity; the NEF entity may also send the first key to the SMF entity.
In one possible implementation, the specific implementation of the NEF entity determining the first key based on the shared key between the AF entity and the NEF entity is as follows: the NEF entity determines a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter includes at least one of an identifier of the AF entity, an identifier of the terminal device, an identifier of the UPF entity, or an event identifier.
In a third aspect, the present application provides a method for reporting event information, where the method includes: a Session Management Function (SMF) entity receives a second request sent by a network open function (NEF) entity, wherein the second request carries an identifier of an AF entity, an identifier of a terminal device and an event identifier; the SMF entity sends second response information corresponding to the second request to the NEF entity, wherein the second response information carries the identification of the UPF entity; and the SMF entity sends second information to the UPF entity, wherein the second information carries the identification of the AF entity, the identification of the terminal equipment and the event identification.
In one possible implementation, the SMF entity may further perform the steps of: the SMF entity receives a shared key between the AF entity and the NEF entity; the SMF entity determines a first key based on the shared key; the SMF entity sends the first key to the UPF entity.
In a possible implementation, a specific implementation manner of the SMF entity determining the first key based on the shared key is as follows: the SMF entity determines a first key through the first parameter set and the shared key; wherein the first parameter set comprises at least one of an identity of an AF entity, an identity of a terminal device, an identity of a UPF entity, or an event identity.
In one possible implementation, the SMF entity may further perform the steps of: the SMF entity receives a first secret key sent by the NEF entity; the SMF entity sends the first key to the UPF entity.
In a fourth aspect, the present application provides a method for reporting event information, where the method includes: and when detecting or receiving the identifier of the terminal equipment and the event information corresponding to the event identifier, the UPF entity sends first information to the AF entity, wherein the first information carries the identifier of the terminal equipment, the event identifier, the identifier of the UPF and the event information.
In one possible implementation, the first information further carries a first message authentication code MAC.
In one possible implementation, the UPF entity may further receive a first key sent by the SMF entity; and when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains a first message authentication code MAC based on the first key.
In a fifth aspect, a method for reporting event information is provided, where the method includes: when a User Plane Function (UPF) entity detects or receives an identifier of a terminal device and event information corresponding to the event identifier, sending first information to an Application Function (AF) entity, wherein the first information carries the identifier of the terminal device, the event identifier, the identifier of the UPF entity and the event information; and the AF entity determines whether to accept the event information reported by the UPF entity or not based on the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity.
In one possible implementation, the method further comprises: an AF entity sends a first request to a NEF entity of a network open function, wherein the first request carries an identifier of terminal equipment and an event identifier; the NEF entity sends a second request to the SMF entity of the session management function, wherein the second request carries the identification of the AF entity, the identification of the terminal equipment and the event identification; the SMF entity sends second response information corresponding to the second request to the NEF entity and sends the second information to the UPF entity, wherein the second response information carries the identification of the UPF entity, and the second information carries the identification of the AF entity, the identification of the terminal equipment and the event identification; the NEF entity sends first response information corresponding to the first request to the AF entity, wherein the first response information carries the identification of the UPF entity; the AF entity stores the corresponding relation between the identification of the UPF entity and the identification of the terminal equipment and the event identification; the specific implementation manner of determining whether to accept the event information reported by the UPF entity by the AF entity based on the identifier of the terminal device, the event identifier, and the identifier of the UPF entity is as follows: and the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity.
In a possible implementation, the first information further carries a first message authentication code MAC; and under the condition of determining to accept the event information reported by the UPF entity, the AF entity verifies the first MAC.
In one possible implementation, the method further comprises: the NEF entity sends a shared key between the AF entity and the NEF entity to the SMF entity; the SMF entity determines a first key based on the shared key; the SMF entity sends a first key to the UPF entity; when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains a first MAC based on a first key; the AF entity determines a first key based on a shared key between the AF entity and the NEF entity;
the specific implementation manner of the AF entity verifying the first MAC is as follows: the AF entity verifies the first MAC with the first key.
In one possible implementation, the method further comprises: the NEF entity determines a first key based on a shared key between the AF entity and the NEF entity; the NEF entity sends a first key to the SMF entity; the SMF entity sends a first key to the UPF entity; when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains a first MAC based on a first key; the AF entity determines a first key based on a shared key between the AF entity and the NEF entity;
the specific implementation manner of the AF entity verifying the first MAC is as follows: the AF entity verifies the first MAC with the first key.
In one possible implementation, the specific implementation of the AF entity determining the first key based on the shared key between the AF and the NEF is as follows: the AF entity determines a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein, the first parameter comprises at least one item of identification of AF entity, identification of terminal equipment, identification of UPF entity or event identification; the specific implementation manner of the SMF entity determining the first key based on the shared key is as follows: the SMF entity determines a first key by the first parameter and the shared key.
In one possible implementation, the specific implementation of the AF entity determining the first key based on the shared key between the AF and the NEF is as follows: the AF entity determines a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein, the first parameter comprises at least one item of identification of AF entity, identification of terminal equipment, identification of UPF entity or event identification; the specific implementation manner of the NEF entity determining the first key based on the shared key between the AF entity and the NEF entity is as follows: the NEF entity determines a first key based on the first parameter and a shared key between the AF entity and the NEF entity.
The beneficial effects of the second to fifth aspects can be seen from the beneficial effects of the first aspect, and are not described herein in detail.
In a sixth aspect, the present application provides a method for reporting event information, where the method includes: an Application Function (AF) entity receives first information sent by a User Plane Function (UPF) entity, wherein the first information carries an identifier of terminal equipment, an event identifier, token information and event information; and the AF entity determines whether to accept the event information reported by the UPF entity based on the identifier of the terminal equipment, the event identifier and the token information. Based on the method described in the first aspect, it is advantageous for the AF entity to identify the authenticity of the received event information.
In one possible implementation, the AF entity may further perform the following steps: the AF entity stores the corresponding relation between the token information and the identifier of the terminal equipment and the event identifier; an AF entity sends a first request to a NEF entity of a network open function, wherein the first request carries an identifier of a terminal device, an event identifier and token information; the AF entity receives first response information corresponding to a first request sent by the NEF entity; the specific implementation manner of determining whether to accept the event information reported by the UPF entity by the AF entity based on the identifier of the terminal device, the event identifier and the token information is as follows: and the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the token information.
Based on the possible implementation manner, whether the event information reported by the UPF entity is accepted or not can be determined based on the corresponding relation between the pre-stored token information and the identifier and the event identifier of the terminal equipment, the event identifier and the token information. It is advantageous for the AF entity to accurately recognize the authenticity of the received event information.
In a possible implementation, the first information further carries a first message authentication code MAC; the AF entity may also verify the first MAC upon determining to accept the event information reported by the UPF entity. Based on the possible implementation mode, the integrity protection can be performed on the information reported by the UPF entity, and the information reported by the UPF entity can be prevented from being tampered in the transmission process.
In one possible implementation, the AF entity may further determine the first key based on a shared key between the AF entity and the NEF entity; the specific implementation manner of the AF entity verifying the first MAC is as follows: the AF entity verifies the first MAC with the first key. Based on the possible implementation manner, the UPF entity can use the first key to perform integrity protection on the information reported by the UPF entity.
In one possible implementation, the shared key is a pre-shared key PSK used for establishing a Transport Layer Security (TLS) connection between the AF entity and the NEF entity, or the shared key is a session master key of the TLS connection between the AF entity and the NEF entity, or the shared key is a key negotiated in advance between the AF entity and the NEF entity. The seventh to tenth aspects are the same, and will not be described in detail later.
In one possible implementation, the specific implementation of determining, by the AF entity, the first key based on the shared key between the AF and the NEF is as follows: the AF entity determines a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter includes at least one of an identifier of the AF entity, an identifier of the terminal device, an identifier of the UPF entity, or an event identifier. And the first key is determined by combining the first parameter and the shared key, so that the key strength of the first key is improved.
In a seventh aspect, the present application provides a method for reporting event information, where the method includes: a network open function (NEF) entity receives a first request sent by an Application Function (AF) entity, wherein the first request carries an identifier of terminal equipment, an event identifier and token information; the NEF entity sends a second request to the SMF entity of the session management function, wherein the second request carries the identification of the AF entity, the identification of the terminal equipment, the event identification and the token information; the NEF entity receives second response information corresponding to the second request sent by the SMF entity; and the NEF entity sends first response information corresponding to the first request to the AF entity.
In one possible implementation, the NEF entity may also send a shared key between the AF entity and the NEF entity to the SMF entity.
In one possible implementation, the NEF entity may further determine the first key based on a shared key between the AF entity and the NEF entity; the NEF entity may also send the first key to the SMF entity.
In one possible implementation, the specific implementation of the NEF entity determining the first key based on the shared key between the AF entity and the NEF entity is as follows: the NEF entity determines a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter includes at least one of an identifier of the AF entity, an identifier of the terminal device, an identifier of the UPF entity, or an event identifier.
In an eighth aspect, the present application provides a method for reporting event information, where the method includes: a Session Management Function (SMF) entity receives a second request sent by a network open function (NEF) entity, wherein the second request carries an identifier of an AF entity, an identifier of a terminal device, an event identifier and token information; the SMF entity sends second response information corresponding to the second request to the NEF entity; and the SMF entity sends second information to the UPF entity, wherein the second information carries the identification of the AF entity, the identification of the terminal equipment, the event identification and the token information.
In one possible implementation, the SMF entity may further perform the steps of: the SMF entity receives a shared key between the AF entity and the NEF entity; the SMF entity determines a first key based on the shared key; the SMF entity sends the first key to the UPF entity.
In a possible implementation, a specific implementation manner of the SMF entity determining the first key based on the shared key is as follows: the SMF entity determines a first key through the first parameter set and the shared key; wherein the first parameter set comprises at least one of an identity of an AF entity, an identity of a terminal device, an identity of a UPF entity, or an event identity.
In one possible implementation, the SMF entity may further perform the steps of: the SMF entity receives a first key sent by the NEF entity; the SMF entity sends the first key to the UPF entity.
In a ninth aspect, the present application provides a method for reporting event information, where the method includes: and when detecting or receiving the identifier of the terminal equipment and the event information corresponding to the event identifier, the UPF entity sends first information to the AF entity, wherein the first information carries the identifier of the terminal equipment, the event identifier, the token information and the event information.
In one possible implementation, the first information further carries a first message authentication code MAC.
In one possible implementation, the UPF entity may further receive a first key sent by the SMF entity; and when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains a first message authentication code MAC based on the first key.
In a tenth aspect, the present application provides a method for reporting event information, where the method includes: when detecting or receiving an identifier of a terminal device and event information corresponding to the event identifier, a User Plane Function (UPF) entity sends first information to an Application Function (AF) entity, wherein the first information carries the identifier of the terminal device, the event identifier, token information and the event information; and the AF entity determines whether to accept the event information reported by the UPF entity or not based on the identifier of the terminal equipment, the event identifier and the token information.
In one possible implementation, the method further comprises: the AF entity stores the corresponding relation between the token information and the identifier of the terminal equipment and the event identifier; an AF entity sends a first request to a NEF entity of a network open function, wherein the first request carries an identifier of a terminal device, an event identifier and token information; the NEF entity sends a second request to the SMF entity of the session management function, wherein the second request carries the identification of the AF entity, the identification of the terminal equipment, the event identification and the token information; the SMF entity sends second response information corresponding to the second request to the NEF entity and sends second information to the UPF entity, wherein the second information carries the identification of the AF entity, the identification of the terminal equipment, the event identification and the token information; the NEF entity sends first response information corresponding to the first request to the AF entity; the specific implementation manner of determining whether to accept the event information reported by the UPF entity by the AF entity based on the identifier of the terminal device, the event identifier and the token information is as follows: and the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the token information.
In a possible implementation, the first information further carries a first message authentication code MAC; and under the condition of determining to accept the event information reported by the UPF entity, the AF entity verifies the first MAC.
In one possible implementation, the method further comprises: the NEF entity sends a shared key between the AF entity and the NEF entity to the SMF entity; the SMF entity determines a first key based on the shared key; the SMF entity sends a first key to the UPF entity; when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains a first MAC based on a first key; the AF entity determines a first key based on a shared key between the AF entity and the NEF entity;
the specific implementation of the AF entity verifying the first MAC is as follows: the AF entity verifies the first MAC with the first key.
In one possible implementation, the method further comprises: the NEF entity determines a first key based on a shared key between the AF entity and the NEF entity; the NEF entity sends a first key to the SMF entity; the SMF entity sends a first key to the UPF entity; when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains a first MAC based on the first key; the AF entity determines a first key based on a shared key between the AF entity and the NEF entity;
the specific implementation manner of the AF entity verifying the first MAC is as follows: the AF entity verifies the first MAC with the first key.
In one possible implementation, the specific implementation of the AF entity determining the first key based on the shared key between the AF and the NEF is as follows: the AF entity determines a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein, the first parameter comprises at least one item of identification of AF entity, identification of terminal equipment, identification of UPF entity or event identification;
the specific implementation manner of the SMF entity determining the first key based on the shared key is as follows: the SMF entity determines the first key by means of the first parameter and the shared key.
In one possible implementation, the specific implementation of the AF entity determining the first key based on the shared key between the AF and the NEF is as follows: the AF entity determines a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein, the first parameter comprises at least one item of identification of AF entity, identification of terminal equipment, identification of UPF entity or event identification;
the specific implementation manner of the NEF entity determining the first key based on the shared key between the AF entity and the NEF entity is as follows: the NEF entity determines a first key based on the first parameters and a shared key between the AF entity and the NEF entity.
The advantageous effects of the seventh to tenth aspects can be seen from the advantageous effects of the first aspect, and are not described herein in detail.
In an eleventh aspect, a communication apparatus is provided, which may be an AF entity, an apparatus in the AF entity, or an apparatus capable of being used with the AF entity. Wherein, the communication device can also be a chip system. The communication device may perform the method of the first or sixth aspect. The functions of the communication device can be realized by hardware, and can also be realized by hardware executing corresponding software. The hardware or software includes one or more units corresponding to the above functions. The unit may be software and/or hardware. The operations and advantageous effects performed by the communication device may refer to the methods and advantageous effects described in the first aspect or the sixth aspect, and repeated details are not repeated.
In a twelfth aspect, a communication apparatus is provided, which may be a NEF entity, an apparatus in the NEF entity, or an apparatus capable of being used with the NEF entity. Wherein, the communication device can also be a chip system. The communication device may perform the method of the second or seventh aspect. The functions of the communication device can be realized by hardware, and can also be realized by executing corresponding software by hardware. The hardware or software includes one or more units corresponding to the above functions. The unit may be software and/or hardware. The operations and advantageous effects performed by the communication device may refer to the methods and advantageous effects described in the second aspect or the seventh aspect, and repeated details are omitted.
In a thirteenth aspect, a communication apparatus is provided, which may be an SMF entity, an apparatus in an SMF entity, or an apparatus capable of being used with an SMF entity. The communication device can also be a chip system. The communication device may perform the method of the third or eighth aspect. The functions of the communication device can be realized by hardware, and can also be realized by executing corresponding software by hardware. The hardware or software includes one or more units corresponding to the above functions. The unit may be software and/or hardware. The operations and advantageous effects performed by the communication device may refer to the methods and advantageous effects described in the third aspect or the eighth aspect, and repeated details are not repeated.
In a fourteenth aspect, a communication device is provided, which may be a UPF entity, a device in the UPF entity, or a device capable of being used with the UPF entity. Wherein, the communication device can also be a chip system. The communication device may perform the method of the fourth or ninth aspect. The functions of the communication device can be realized by hardware, and can also be realized by hardware executing corresponding software. The hardware or software includes one or more units corresponding to the above functions. The unit may be software and/or hardware. The operations and advantageous effects performed by the communication device may refer to the methods and advantageous effects described in the fourth aspect or the ninth aspect, and repeated details are not repeated.
In a fifteenth aspect, the present application provides a communication device comprising a processor, wherein the method performed by the AF entity in the method of the first or sixth aspect is performed when the processor invokes a computer program in a memory.
In a sixteenth aspect, the present application provides a communication device comprising a processor, wherein the method performed by the NEF entity in the method according to the second or seventh aspect is performed when the processor invokes a computer program in a memory.
In a seventeenth aspect, the present application provides a communication device comprising a processor, wherein the method performed by the SMF entity in the method according to the third or eighth aspect is performed when the processor invokes a computer program in a memory.
In an eighteenth aspect, the present application provides a communication device comprising a processor, wherein the method performed by the UPF entity in the method according to the fourth or ninth aspect is performed when the processor invokes a computer program in a memory.
In a nineteenth aspect, the present application provides a communication device comprising a processor and a memory for storing computer-executable instructions; the processor is configured to execute computer-executable instructions stored by the memory to cause the communication device to perform a method as performed by the AF entity in the method of the first or sixth aspect.
In a twentieth aspect, the present application provides a communication device comprising a processor and a memory for storing computer-executable instructions; the processor is configured to execute the computer executable instructions stored by the memory to cause the communication device to perform the method performed by the NEF entity in the method of the second or seventh aspect.
In a twenty-first aspect, the present application provides a communication device comprising a processor and a memory for storing computer-executable instructions; the processor is configured to execute the computer-executable instructions stored in the memory to cause the communication device to perform the method performed by the SMF entity in the method of the third aspect or the eighth aspect.
In a twenty-second aspect, the present application provides a communication device comprising a processor and a memory for storing computer-executable instructions; the processor is configured to execute the computer executable instructions stored by the memory to cause the communication device to perform the method performed by the UPF entity in the method of the fourth or ninth aspect.
In a twenty-third aspect, the present application provides a communication device comprising a processor, a memory, and a transceiver for receiving signals or transmitting signals; the memory for storing program code; the processor is configured to invoke the program code from the memory to execute the method performed by the AF entity in the method according to the first aspect or the sixth aspect.
In a twenty-fourth aspect, the present application provides a communication device comprising a processor, a memory, and a transceiver for receiving signals or transmitting signals; the memory for storing program code; the processor is configured to call the program code from the memory to execute a method performed by a NEF entity in the method according to the second aspect or the seventh aspect.
In a twenty-fifth aspect, the present application provides a communication device comprising a processor, a memory, and a transceiver for receiving a signal or transmitting a signal; the memory for storing program code; the processor is configured to call the program code from the memory to execute a method performed by an SMF entity in the method according to the third aspect or the eighth aspect.
In a twenty-sixth aspect, the present application provides a communication device comprising a processor, a memory, and a transceiver for receiving a signal or transmitting a signal; the memory for storing program code; the processor is configured to call the program code from the memory to execute the method performed by the UPF entity in the method according to the fourth aspect or the ninth aspect.
In a twenty-seventh aspect, the present application provides a communication device comprising a processor and an interface circuit configured to receive code instructions and transmit the code instructions to the processor; the processor executes the code instructions to perform the method as performed by the AF entity in the method of the first or sixth aspect.
In a twenty-eighth aspect, the present application provides a communication device comprising a processor and an interface circuit, the interface circuit configured to receive code instructions and transmit the code instructions to the processor; the processor executes the code instructions to perform a method as performed by the NEF entity in the method of the second or seventh aspect.
In a twenty-ninth aspect, the present application provides a communications device comprising a processor and an interface circuit, the interface circuit configured to receive code instructions and transmit the code instructions to the processor; the processor executes the code instructions to perform the method performed by the SMF entity in the method according to the third or eighth aspect.
In a thirty-first aspect, the present application provides a communications device comprising a processor and an interface circuit for receiving code instructions and transmitting the code instructions to the processor; the processor executes the code instructions to perform the method performed by the UPF entity in the method according to the fourth or ninth aspect.
In a thirty-first aspect, the present application provides a computer-readable storage medium for storing instructions that, when executed, cause the method performed by an AF entity in the method of the first or sixth aspect to be implemented.
In a thirty-second aspect, the present application provides a computer-readable storage medium for storing instructions that, when executed, cause the method performed by the NEF entity in the method according to the second or seventh aspect to be implemented.
In a thirty-third aspect, the present application provides a computer-readable storage medium for storing instructions that, when executed, cause a method performed by an SMF entity in the method according to the third or eighth aspect to be implemented.
In a thirty-fourth aspect, the present application provides a computer-readable storage medium for storing instructions that, when executed, cause the method performed by the UPF entity in the method according to the fourth or ninth aspect to be implemented.
A thirty-fifth aspect provides a computer program product comprising instructions that, when executed, cause a method performed by an AF entity in the method of the first or sixth aspect to be implemented.
In a sixteenth aspect, the present application provides a computer program product comprising instructions that, when executed, cause the method performed by the NEF entity in the method according to the second or seventh aspect to be implemented.
In a thirty-seventh aspect, the present application provides a computer program product comprising instructions that, when executed, cause a method performed by an SMF entity in the method according to the third or eighth aspect to be implemented.
In a thirty-eighth aspect, the present application provides a computer program product comprising instructions that, when executed, cause the method performed by the UPF entity in the method according to the fourth or ninth aspect to be implemented.
A thirty-ninth aspect of the present application provides a communication system including the communication apparatus according to the eleventh to fourteenth aspects, or the communication apparatus according to the fifteenth to eighteenth aspects, or the communication apparatus according to the nineteenth to twenty-second aspects, or the communication apparatus according to the twenty-third to twenty-sixth aspects, or the communication apparatus according to the twenty-seventh to thirty aspects.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic flow chart of a prior art capability development;
FIG. 2 is a diagram illustrating a system architecture according to an embodiment of the present application;
fig. 3 is a schematic flow chart of a method for reporting event information according to an embodiment of the present application;
fig. 4 is a schematic flow chart of a method for reporting event information according to an embodiment of the present application;
fig. 5 is a schematic flow chart of a method for reporting event information according to an embodiment of the present application;
fig. 6 is a schematic flow chart of a method for reporting event information according to an embodiment of the present application;
fig. 7 is a schematic flow chart of a method for reporting event information according to an embodiment of the present application;
fig. 8 is a schematic flow chart of a method for reporting event information according to an embodiment of the present application;
fig. 9 is a schematic flow chart of a method for reporting event information according to an embodiment of the present application;
fig. 10 is a schematic flow chart of a method for reporting event information according to an embodiment of the present application;
fig. 11 is a flowchart illustrating an event information reporting method according to an embodiment of the present application;
fig. 12 is a schematic flowchart of a method for reporting event information according to an embodiment of the present application;
fig. 13 is a schematic structural diagram of a communication device according to an embodiment of the present application;
fig. 14 is a schematic structural diagram of another communication device according to an embodiment of the present application.
Detailed Description
The terms "first," "second," "third," and "fourth," etc. in the description and claims of the invention and in the accompanying drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the invention. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
"plurality" means two or more. "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship.
For the purpose of understanding the embodiments of the present application, the following describes the system architecture of the embodiments of the present application:
referring to fig. 2, fig. 2 is a system architecture diagram according to an embodiment of the present disclosure. As shown in fig. 2, the system architecture may include an Application Function (AF), a network open function (NEF) entity, a Session Management Function (SMF), and a User Plane Function (UPF). Optionally, the system architecture may further include a network storage function (NRF), a Policy Control Function (PCF), a Unified Data Management (UDM) network element, an authentication server function (AUSF), an access and mobility management function (AMF), and the like.
The application function AF (which may also be referred to as an AF network function or AF entity) is used to interact with the 3GPP core network to provide services.
The session management function SMF (which may also be referred to as an SMF network function or an SMF entity) is a control plane network function provided by an operator network and is responsible for managing a Protocol Data Unit (PDU) session of a terminal device. A PDU session is a channel for transmitting PDUs, which the terminal device needs to communicate with the data network DN via the PDU session. The PDU session is responsible for establishment, maintenance, deletion, etc. by the SMF entity. The SMF entity includes session management (such as session establishment, modification and release, including tunnel maintenance between a user plane function UPF and AN access network AN), selection and control of UPF entity, service and Session Continuity (SSC) mode selection, roaming, and other session related functions.
The user plane function UPF (which may also be referred to as a UPF network function or UPF entity) is a gateway provided by the operator, which is a gateway for the operator's network to communicate with the data network DN. The UPF network functions include user plane related functions such as packet routing and transmission, packet detection, service usage reporting, quality of service (QoS) processing, lawful interception, uplink packet detection, downlink packet storage, and the like.
The network open function NEF (which may also be referred to as NEF network function or NEF entity) is the operator-provided control plane function. The NEF entity opens the external interface of the operator network to the third party in a secure manner. When the SMF entity needs to communicate with a network function of a third party, the NEF entity may act as a relay for the SMF entity to communicate with the network entity of the third party. When the NEF entity acts as a relay, it can act as a translation of the identification information of the subscriber and a translation of the identification information of the network function of the third party. For example, when the NEF entity sends the SUPI of the subscriber from the carrier network to the third party, the SUPI may be translated into its corresponding external Identity (ID). Conversely, when the NEF entity sends an external ID (a third party's network entity ID) to the carrier network, it can be translated to SUPI.
In fig. 2, nnef, nausf, nrf, npcf, numm, naf, namf, nsmf, N1, N2, N3, N4, and N6 are interface serial numbers. The meaning of these interface sequence numbers can be referred to as that defined in the 3GPP standard protocol, and is not limited herein. The functions of other network elements not introduced in fig. 2 may refer to the functions defined in the 3GPP standard protocol, which are not described herein again. It should be noted that the interface name between the network functions in fig. 2 is also only an example, and in a specific implementation, the interface name of the system architecture may also be other names, which is not specifically limited in this embodiment of the present application.
Mobile Edge Computing (MEC) is a key technology for 5G network architecture evolution, and by sinking the capability to the network Edge, IT provides IT services, environment and cloud Computing capability at a position close to the Mobile user, and can meet the requirements of the system for various aspects such as throughput, delay, network scalability and intelligence. In the MEC scenario, UPF entities may be deployed at the edge. The UPF entity deployed at the edge may also be referred to as a local UPF entity. In the existing capacity openflow, in order to avoid the situation that the event information reported by the AMF entity needs to be forwarded from the NEF entity to the AF entity, the event information can be directly reported to the AF entity through the UPF entity deployed at the edge. Therefore, the time delay for reporting the event information can be greatly reduced. However, when reporting the event information through the UPF entity, the AF entity cannot determine the authenticity of the event information reported by the UPF entity.
In order to solve the problem that an AF entity cannot judge the authenticity of event information reported by a UPF entity, embodiments of the present application provide an event information reporting method and a communication device. The event information reporting method and the communication device provided by the present application are further introduced as follows:
referring to fig. 3, fig. 3 is a schematic flow chart of an event information reporting method according to an embodiment of the present disclosure. As shown in fig. 3, the method for reporting event information includes the following steps 301 and 302. The method execution subjects shown in fig. 3 may be a UPF entity and an AF entity. Or the method execution subjects shown in fig. 3 may be a chip in the UPF entity and a chip in the AF entity. Fig. 3 illustrates a UPF entity and an AF entity as examples. Wherein:
301. and when the UPF entity detects or receives the identifier of the terminal equipment and the event information corresponding to the event identifier, the UPF entity sends first information to the AF entity. The first information carries the identifier of the terminal device, the event identifier, the identifier of the UPF entity and the event information.
In this embodiment, the identifier of the terminal device is an ID (identity) or an IP address (internet protocol address) of the terminal device. The identity of the UPF entity may be an ID or an IP address or a Uniform Resource Identifier (URI) of the UPF entity. The event identification may be an event ID. The event information may also be referred to as event content. For example, the event information may be user location information, session state information, qoS information, network load information, and charging information.
The UPF entity may be an edge-deployed UPF entity. The UPF entity deployed at the edge may also be referred to as a local UPF entity.
In one possible implementation, the first information carries event information. The identity of the UPF entity and the identity of the terminal device and the event identity may not be carried in the first information. After receiving the first information, the AF entity may determine the identifier of the UPF entity and the identifier of the terminal device and the event identifier corresponding to the event information in other manners. For example, the identification of the UPF entity may be obtained by the AF entity reading the network address of the UPF entity. The AF entity may determine the identifier of the terminal device and the event identifier corresponding to the event information based on the event subscription ID sent by the UPF entity.
302. And the AF entity determines whether to accept the event information reported by the UPF entity or not based on the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity.
In the embodiment of the application, after receiving the first information, the AF entity determines whether to accept the event information reported by the UPF entity based on the identifier of the terminal device, the event identifier, and the identifier of the UPF entity. Or, determining whether to accept the event information reported by the UPF entity based on the identifier of the terminal device, the event identifier, and the identifier of the UPF entity may also be expressed as: and determining whether the UPF entity is the UPF entity which allows the event information to be reported or not based on the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity. Or, determining whether to accept the event information reported by the UPF entity based on the identifier of the terminal device, the event identifier, and the identifier of the UPF entity may also be expressed as: and determining whether the event information allows the UPF entity to report or not based on the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity.
In the embodiment of the application, after receiving the first information sent by any one UPF entity, the AF entity determines whether to accept the event information reported by the UPF entity based on the identifier of the terminal device, the event identifier, and the identifier of the UPF entity in the first information. For example, after receiving the first information, the AF entity may search the stored identifier of the terminal device and the identifier of the UPF entity corresponding to the event identifier, and if the found identifier of the UPF entity is the same as the identifier of the UPF entity carried in the first information, the AF entity determines to receive the event information reported by the UPF entity. Otherwise, the AF entity determines not to accept the event information reported by the UPF entity. If the AF entity determines to receive the event information reported by the UPF entity, the UPF entity is the UPF entity which is appointed by the SMF and used for reporting the event information, and the source of the event information is real. And if the AF entity determines that the event information reported by the UPF entity is not accepted, the UPF entity is not the UPF entity which is appointed by the SMF and used for reporting the event information, the source of the event information is not true, and the event information is not true.
Thus, by implementing the method described in fig. 3, it is advantageous for the AF entity to identify the authenticity of the received event information.
Referring to fig. 4, fig. 4 is a flowchart illustrating an event information reporting method according to an embodiment of the present application. As shown in fig. 4, the method for reporting event information includes the following steps 401 to 408. The method execution subjects shown in fig. 4 may be a UPF entity, an AF entity, a NEF entity, and an SMF entity. Or the method execution subject shown in fig. 4 may be a chip in a UPF entity, a chip in an AF entity, a chip in a NEF entity, or a chip in an SMF entity. Fig. 4 illustrates UPF entities, AF entities, NEF entities, and SMF entities as examples. Wherein:
401. the AF entity sends a first request to the NEF entity. The first request carries the identifier of the terminal device and the event identifier.
The first request may be an event open subscription request (event open subscription request). For the identifier of the terminal device and the event identifier, reference may be made to the foregoing description, which is not described herein in detail.
402. The NEF entity sends a second request to the SMF entity. The second request carries the identifier of the AF entity, the identifier of the terminal equipment and the event identifier.
In the embodiment of the application, after receiving a first request sent by an AF entity, a NEF entity sends a second request to an SMF entity. The second request may be an event open subscription request (event expose subscription request). The identity of the AF entity may be the ID or IP of the AF entity.
In one possible implementation, the NEF entity may send the second request to the PCF entity before the PCF entity sends the second request to the SMF entity.
403. And the SMF entity sends second response information corresponding to the second request to the NEF entity. The second response information carries the identity of the UPF entity.
In this embodiment of the application, after receiving the second request, the SMF entity selects one UPF entity from the UPF entities managed by the SMF entity to report the identifier of the terminal device and the event information corresponding to the event identifier. Optionally, the UPF entity selected by the SMF entity may be an edge-deployed UPF entity. And after the SMF entity selects the UPF entity, sending second response information corresponding to the second request to the NEF entity, wherein the second response information carries the selected UPF entity. For example, the SMF entity has a UPF entity 1, a UPF entity 2, and a UPF entity 3 below it. And the SMF entity selects the UPF entity 3 to report the identifier of the terminal equipment and the event information corresponding to the event identifier. And the SMF entity sends second response information corresponding to the second request to the NEF entity, wherein the second response information carries the identifier of the UPF entity 3.
In one possible implementation, the SMF entity may first send the second response message to the PCF entity, which sends the second response message to the NEF entity.
404. And the NEF entity sends first response information corresponding to the first request to the AF entity. The first response information carries the identification of the UPF entity.
In this embodiment of the application, after receiving the second response message, the NEF entity sends a first response message corresponding to the first request to the AF entity.
In one possible implementation, the identity of the UPF entity may not be carried in the second response information and the first response information. The SMF entity may transmit the identification of the UPF entity to the NEF entity through other information than the second response information. After the NEF entity receives the identity of the UPF entity, the identity of the UPF entity may also be sent to the AF entity through other information in addition to the first response information.
405. And the AF entity stores the corresponding relation between the identification of the UPF entity and the identification of the terminal equipment and the event identification.
In the embodiment of the application, after receiving the identifier of the UPF entity, the AF entity stores the correspondence between the identifier of the UPF entity and the identifier of the terminal device and the event identifier.
For example, the AF entity stores therein the correspondence shown in table 1 below. The identifier of the UPF entity 1 corresponds to the identifier of the terminal device 1 and the event identifier 1. The identity of the UPF entity 2 corresponds to the identity of the terminal device 2 and the event identity 2. The AF entity sends a first request to the NEF entity, the first request requesting the identity of the terminal device 3 and the event identity 3. The NEF entity sends a second request to the SMF entity, where the second request carries the identifier of the AF entity, the identifier of the terminal device 3, and the event identifier 3. And the SMF entity sends second response information to the NEF entity, wherein the second response information carries the identifier of the UPF entity 3. The NEF entity sends first response information to the AF entity, and the first response information carries the identifier of the UPF entity 3. After receiving the first response information, the AF entity stores the correspondence between the identifier of the UPF entity 3 and the terminal device 3 and the event identifier 3. After the AF entity stores the correspondence between the identifier of the UPF entity 3 and the terminal device 3 and the event identifier 3, the correspondence stored in the AF entity may be as shown in table 2 below.
TABLE 1
Identification of UPF entities Identification of terminal equipment and event identification
Identification of UPF entity 1 Identification of terminal device 1 and event identification 1
Identification of UPF entity 2 Identification of terminal device 2 and event identification 2
TABLE 2
Identification of UPF entities Identification of terminal equipment and event identification
Identification of UPF entity 1 Identification of terminal device 1 and event identification 1
Identification of UPF entity 2 Identification of terminal device 2 and event identification 2
Identification of UPF entity 3 Identification of terminal device 3 and event identification 3
406. The SMF entity sends the second information to the UPF entity. The second information carries the identifier of the AF entity, the identifier of the terminal equipment and the event identifier.
In the embodiment of the application, after the SMF entity selects the UPF entity, the SMF entity sends the second information to the selected UPF entity.
The steps 406 and 403 may not be executed in sequence. Step 403 may be performed before step 406, or step 403 may be performed after step 406, or step 403 may be performed simultaneously with step 406.
The steps 401 to 406 belong to the process of event subscription. The following steps 407 and 408 belong to the event reporting process. The process of event subscription may be performed only once. The process of reporting the event can be executed for many times, and the process of reporting the event can be executed each time the UPF entity detects or receives the identifier of the terminal equipment and the event information corresponding to the event identifier.
407. And when the UPF entity detects or receives the identifier of the terminal equipment and the event information corresponding to the event identifier, the UPF entity sends first information to the AF entity. The first information carries the identifier of the terminal device, the event identifier, the identifier of the UPF entity and the event information.
In this embodiment of the application, after receiving the second message, the UPF entity detects the identifier of the terminal device and event information corresponding to the event identifier. And when detecting the identifier of the terminal equipment and the event information corresponding to the event identifier, sending first information to an AF entity. Or after receiving the second message, the UPF entity sends the first message to the AF entity when receiving the identifier of the terminal device and the event information corresponding to the event identifier.
408. And the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity.
In the embodiment of the application, after receiving the first information, the AF entity determines whether to accept the event information reported by the UPF entity based on the correspondence, the identifier of the terminal device, the event identifier, and the identifier of the UPF entity. The AF entity may first find the stored correspondence through the identifier of the terminal device and the event identifier carried in the first information, and then determine whether the identifier of the UPF entity in the correspondence is the same as the identifier of the UPF entity in the first information. And if the event information is the same as the event information, determining to accept the event information reported by the UPF entity. Otherwise, determining that the event information reported by the UPF entity is not accepted.
For example, the correspondence stored in the AF entity is as shown in table 2 above. The AF entity receives first information sent by the UPF entity 3, where the first information carries an identifier of the terminal device 3, the event identifier 3, and an identifier of the UPF entity 3. The AF entity searches the identifier of the terminal device 3 and the identifier of the UPF entity corresponding to the event identifier 3 in the stored correspondence. As shown in table 2 above, the identifier of the terminal device 3 and the identifier of the UPF entity corresponding to the event identifier 3 are identifiers of the UPF entity 3. Therefore, the AF entity determines to accept the event information reported by the UPF entity 3.
For another example, if the AF entity receives the first information sent by the UPF entity 4, the first information carries the identifier of the terminal device 3, the event identifier 3, and the identifier of the UPF entity 4. The AF entity also searches the identifier of the terminal device 3 and the identifier of the UPF entity corresponding to the event identifier 3 in the stored correspondence. The AF entity finds out in the stored correspondence that the identifier of the terminal device 3 and the identifier of the UPF entity corresponding to the event identifier 3 are not identifiers of the UPF entity 4. Therefore, the AF entity determines not to accept the event information reported by the UPF entity 4.
It can be seen that by implementing the method described in fig. 4, it is advantageous for the AF entity to accurately identify the authenticity of the received event information.
As shown in fig. 5, fig. 5 is a schematic flow chart of another event information reporting method according to an embodiment of the present application. The method for reporting the event information comprises the following steps 501 to 509. The specific implementation manners of steps 501 to 508 are the same as those of steps 501 to 508, and are not described herein. In the event information reporting method shown in fig. 5, the first information also carries a first message authentication code MAC; in step 509, the AF entity verifies the first MAC if it is determined to accept the event information reported by the UPF entity.
Wherein the first MAC is used for integrity protection. The first MAC may be a MAC of important information in the first information, and the first MAC is used for integrity protection of the important information. For example, the first MAC may be a MAC of the event information, and the first MAC is used to integrity protect the event information. Alternatively, the first MAC may be a MAC of the event information and the target information, and the first MAC is used for integrity protection of the event information and the target information. The target information includes one or more of a timestamp, data network information, public land mobile network (PLMN ID) identification, and the like.
In a possible implementation, when the identifier of the UPF entity is carried in the first information, the AF entity further needs to check whether the identifier of the UPF entity is the same as the identifier of the UPF entity that sent the first information. Optionally, after the first MAC is checked, the AF entity may check whether the identity of the UPF entity is the same as the identity of the UPF entity that sent the first information. This enables further verification of the authenticity of the source of the event information. And if the identification of the UPF entity is the same as that of the UPF entity sending the first information, the source of the event information is proved to be true. And if the identification of the UPF entity is not identical to the identification of the UPF entity sending the first information, the source of the event information is proved to be not true.
For two specific implementation manners of verifying the first MAC by the AF entity, reference may be made to the descriptions corresponding to fig. 6 and fig. 7, which are not described herein again.
By implementing the method described in fig. 5, integrity protection can be performed on the information reported by the UPF entity, and the information reported by the UPF entity can be prevented from being tampered in the transmission process.
Referring to fig. 6, fig. 6 is a schematic flowchart of another event information reporting method according to an embodiment of the present application. As shown in fig. 6, the method for reporting event information includes the following steps 601 to 614. Wherein:
601. the AF entity sends a first request to the NEF entity. The first request carries the identifier of the terminal device and the event identifier.
602. The NEF entity sends a second request to the SMF entity. The second request carries the identifier of the AF entity, the identifier of the terminal equipment and the event identifier.
603. The NEF entity sends the SMF entity a shared key between the AF entity and the NEF entity.
Wherein, the shared key between the AF entity and the NEF entity can be carried in the second request for transmission. Alternatively, the shared key and the second request may be sent separately. When the shared key is sent separately from the second request, step 603 and step 602 may be performed simultaneously. Alternatively, step 602 is performed before step 603. Alternatively, step 602 is performed after step 603.
In one possible implementation, the shared key is a pre-shared key PSK used for establishing a Transport Layer Security (TLS) connection between the AF entity and the NEF entity, or the shared key is a session master key of the TLS connection between the AF entity and the NEF entity, or the shared key is a key negotiated in advance between the AF entity and the NEF entity.
604. And the SMF entity sends second response information corresponding to the second request to the NEF entity. The second response information carries the identity of the UPF entity.
605. And the NEF entity sends first response information corresponding to the first request to the AF entity. The first response information carries the identification of the UPF entity.
606. And the AF entity stores the corresponding relation between the identification of the UPF entity and the identification of the terminal equipment and the event identification.
607. The AF entity determines a first key based on a shared key between the AF entity and the NEF entity.
Wherein step 607 is performed before step 614. Fig. 6 is a flowchart illustrating an example of the process performed after step 606 and before step 614 in step 607.
In one possible implementation, the specific implementation of the AF entity determining the first key based on the shared key between the AF and the NEF is as follows: the AF entity determines a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter includes at least one of an identifier of the AF entity, an identifier of the terminal device, an identifier of the UPF entity, or an event identifier. If the first parameter comprises a UPF entity, step 607 is performed before step 614 and after step 605. And the first key is determined by combining the first parameter and the shared key, so that the key strength of the first key is improved.
In a possible implementation, after determining the first key, the AF entity may further store a corresponding relationship between the first key and the identifier of the terminal device and the event identifier, so that the AF entity may find the first key based on the identifier of the terminal device and the event identifier.
608. The SMF entity determines a first key based on the shared key.
In the embodiment of the application, after receiving the shared key, the SMF entity determines the first key based on the shared key.
In a possible implementation manner, the specific implementation manner of the SMF entity determining the first key based on the shared key is: the SMF entity determines the first key by means of the first parameter and the shared key. Wherein the first parameter includes at least one of an identifier of the AF entity, an identifier of the terminal device, an identifier of the UPF entity, or an event identifier.
609. The SMF entity sends the second information to the UPF entity. The second information carries the identifier of the AF entity, the identifier of the terminal equipment and the event identifier.
610. The SMF entity sends the first key to the UPF entity.
In this embodiment of the application, the first key may be carried in the second information and sent to the UPF entity. Alternatively, the first key may be sent separately from the second information. If the first key is not carried in the second information for transmission, the SMF entity may further send the identifier of the AF entity, the identifier of the terminal device, and the event identifier when sending the first key, so as to indicate the identifier of the AF entity, the identifier of the terminal device, and the event identifier corresponding to the first key to the UPF entity.
611. And when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains a first MAC based on the first key.
In the embodiment of the application, after the UPF entity receives the first key, when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains the first MAC based on the first key. For example, the first MAC is taken as the first MAC of the event information. And when the UPF entity detects or receives event information corresponding to the event identifier, the first key and the event information are used as the input of an integrity protection algorithm to generate a first MAC.
612. The UPF entity sends the first information to the AF entity. The first information carries the identifier of the terminal device, the event identifier, the identifier of the UPF entity, the event information and the first MAC.
613. And the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity.
614. And under the condition of determining to accept the event information reported by the UPF entity, the AF entity verifies the first MAC through the first secret key.
For example, the first MAC is taken as the event information. And under the condition of determining to receive the event information reported by the UPF entity, the AF entity adopts an integrity protection algorithm the same as that of the UPF entity, and takes the first key and the received event information as the input of the integrity protection algorithm to generate a second MAC. If the first MAC is identical to the second MAC, the first MAC is verified. If the first MAC is not the same as the second MAC, the first MAC is not verified.
Specific embodiments of some steps in fig. 6 are not described in detail, and reference may be made to corresponding descriptions in the embodiment corresponding to fig. 4, which are not described herein again.
By implementing the method described in fig. 6, the UPF entity may use the first key to perform integrity protection on the information reported by the UPF entity.
Referring to fig. 7, fig. 7 is a flowchart illustrating an event information reporting method according to an embodiment of the present application. As shown in fig. 7, the method for reporting event information includes the following steps 701 to 714. The method shown in fig. 7 differs from the method shown in fig. 6 in that the NEF entity determines the first key in the method shown in fig. 7, and the SMF entity determines the first key in the scheme shown in fig. 6. Wherein:
701. the AF entity sends a first request to the NEF entity. The first request carries the identifier of the terminal device and the event identifier.
702. The NEF entity sends a second request to the SMF entity. The second request carries the identifier of the AF entity, the identifier of the terminal equipment and the event identifier.
703. And the SMF entity sends second response information corresponding to the second request to the NEF entity. The second response information carries the identity of the UPF entity.
704. And the NEF entity sends first response information corresponding to the first request to the AF entity. The first response information carries the identification of the UPF entity.
705. And the AF entity stores the corresponding relation between the identification of the UPF entity and the identification of the terminal equipment and the event identification.
706. The AF entity determines a first key based on a shared key between the AF entity and the NEF entity.
In one possible implementation, the specific implementation of the AF entity determining the first key based on the shared key between the AF and the NEF is as follows: the AF entity determines a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter includes at least one of an identifier of the AF entity, an identifier of the terminal device, an identifier of the UPF entity, or an event identifier.
707. The NEF entity determines the first key based on a shared key between the AF entity and the NEF entity.
Wherein step 707 can be executed before step 704, or step 707 can be executed after step 704
In one possible implementation, the specific implementation of the NEF entity determining the first key based on the shared key between the AF entity and the NEF entity is as follows: the NEF entity determines a first key based on the first parameters and a shared key between the AF entity and the NEF entity. Wherein the first parameter includes at least one of an identifier of the AF entity, an identifier of the terminal device, an identifier of the UPF entity, or an event identifier.
708. The NEF entity sends the first key to the SMF entity.
In the embodiment of the present application, after determining the first key, the NEF entity sends the first key to the SMF entity.
If step 707 is performed before step 702, the first key may be sent in a second request. Alternatively, the first key may be sent separately from the second request if step 707 is performed before step 702. If the first key is sent separately from the second request, the NEF entity also needs to send the identifier of the AF entity, the identifier of the terminal device, and the event identifier when sending the first key.
If step 707 is executed after step 702, when the NEF entity sends the first key to the SMF entity, the identity of the AF entity, the identity of the terminal device, and the event identity are also sent.
709. The SMF entity sends the second information to the UPF entity. The second information carries the identifier of the AF entity, the identifier of the terminal equipment and the event identifier.
710. The SMF entity sends the first key to the UPF entity.
711. And when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains a first MAC based on the first key.
712. The UPF entity sends the first information to the AF entity.
713. And the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity.
714. And under the condition of determining to accept the event information reported by the UPF entity, the AF entity verifies the first MAC through the first secret key.
Specific embodiments of some steps in fig. 7 are not described in detail, and reference may be made to corresponding descriptions in the embodiments corresponding to fig. 4 and fig. 6, which are not repeated herein.
By implementing the method described in fig. 7, the UPF entity may use the first key to perform integrity protection on the information reported by the UPF entity.
In one possible implementation, the NEF entity may also interact directly with the UPF entity. For example, the SMF entity in fig. 7 may be removed. After the NEF entity side receives the first request, a UPF entity is selected by the NEF entity. And after the NEF entity selects the UPF entity, sending first response information of the first request to the AF entity, wherein the response information carries the identification of the selected UPF entity. The NEF entity determines a first key based on a shared key between the AF entity and the NEF entity and sends the first key and second information to the selected UPF entity. The operations performed by the UPF entity and the AF entity are unchanged, as described with reference to fig. 7.
Please refer to fig. 8, fig. 8 is a flowchart illustrating another method for reporting event information according to an embodiment of the present application. As shown in fig. 8, the method for reporting event information includes the following steps 801 and 802. The method execution subjects shown in fig. 8 may be a UPF entity and an AF entity. Or the method execution subjects shown in fig. 8 may be a chip in the UPF entity and a chip in the AF entity. Fig. 8 illustrates a UPF entity and an AF entity as examples. Wherein:
801. and when the UPF entity detects or receives the identifier of the terminal equipment and the event information corresponding to the event identifier, the UPF entity sends first information to the AF entity. The first information carries the identifier of the terminal device, the event identifier, the token information and the event information.
The Token information may also be referred to as Token, among others. For the description of the identifier of the terminal device, the event identifier and the event information, reference may be made to the corresponding description above, which is not described herein again.
In one possible implementation, the first information carries token information and event information. The identifier of the terminal device and the event identifier may not be carried in the first information. After receiving the first information, the AF entity may determine the identifier of the terminal device and the event identifier corresponding to the event information in other manners. For example, the AF entity may determine the identifier of the terminal device and the event identifier corresponding to the event information based on the event subscription ID sent by the UPF entity.
802. And the AF entity determines whether to accept the event information reported by the UPF entity based on the identifier of the terminal equipment, the event identifier and the token information.
For example, the AF entity may look up stored token information corresponding to the identifier of the terminal device and the identifier of the event. And if the found token information is the same as the token information carried in the first information, the AF entity determines to receive the event information reported by the UPF entity.
Thus, by implementing the method described in fig. 8, it is advantageous for the AF entity to identify the authenticity of the received event information.
Please refer to fig. 9, fig. 9 is a flowchart illustrating an event information reporting method according to an embodiment of the present application. As shown in fig. 9, the method for reporting event information includes the following steps 901 to 908. The method execution subjects shown in fig. 9 may be a UPF entity, an AF entity, a NEF entity, and an SMF entity. Or the method execution subject shown in fig. 9 may be a chip in a UPF entity, a chip in an AF entity, a chip in a NEF entity, or a chip in an SMF entity. Fig. 9 illustrates a UPF entity, an AF entity, a NEF entity, and an SMF entity as examples. Wherein:
901. the AF entity stores the correspondence of token information with the identity of the terminal device and the event identity.
902. The AF entity sends a first request to the NEF entity. The first request carries the identifier of the terminal device, the event identifier and the token information.
Wherein step 901 may be performed after or before step 902. Alternatively, the token information may not be carried in the first request, and the AF entity may separately send the first request and the token information. If the AF entity separately sends the first request and the token information, the AF entity needs to send the identifier of the terminal device and the event identifier when sending the token information.
903. The NEF entity sends a second request to the SMF entity. The second request carries the identifier of the AF entity, the identifier of the terminal equipment, the event identifier and the token information.
Optionally, the token information may not be carried in the second request, and the NEF entity may separately send the second request and the token information. If the NEF entity separately sends the second request and the token information, the NEF entity needs to send the identifier of the AF entity, the identifier of the terminal device, and the event identifier when sending the token information.
904. And the SMF entity sends second response information corresponding to the second request to the NEF entity.
905. And the NEF entity sends first response information corresponding to the first request to the AF entity.
906. The SMF entity sends the second information to the UPF entity. The second information carries the identifier of the AF entity, the identifier of the terminal equipment, the event identifier and the token information.
In this embodiment of the application, after receiving the second request, the SMF entity selects the UPF entity. The SMF entity sends the second information to the selected UPF entity.
Optionally, the token information may not be carried in the second information, and the SMF entity may separately send the second information and the token information. If the SMF entity separately sends the second information and the token information, the SMF entity needs to send the identifier of the AF entity, the identifier of the terminal device, and the event identifier when sending the token information.
The steps 901 to 906 belong to the process of event subscription. The following steps 907 and 908 belong to the event reporting process. The process of event subscription may be performed only once. The process of reporting the event can be executed for many times, and the process of reporting the event can be executed each time the UPF entity detects or receives the identifier of the terminal equipment and the event information corresponding to the event identifier.
907. And when detecting or receiving the identifier of the terminal equipment and the event information corresponding to the event identifier, the UPF entity sends first information to the AF entity. The first information carries the identifier of the terminal device, the event identifier, the token information and the event information.
908. And the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the token information.
For example, the correspondence stored in the AF entity is as shown in table 3 below. The AF entity receives first information sent by the UPF entity 3, where the first information carries the identifier of the terminal device 3, the event identifier 3, and the token information 3. The AF entity searches the token information corresponding to the identifier of the terminal device 3 and the event identifier 3 in the stored correspondence. As shown in table 3 below, the token information corresponding to the identifier of the terminal device 3 and the event identifier 3 is the token information 3. Therefore, the AF entity determines to accept the event information reported by the UPF entity 3.
For another example, if the AF entity receives the first information sent by the UPF entity 4, the first information carries the identifier of the terminal device 3, the event identifier 3, and the token information 4. The AF entity also searches the stored correspondence for the token information corresponding to the identifier of the terminal device 3 and the event identifier 3. The AF entity finds out in the stored correspondence that the token information corresponding to the identifier of the terminal device 3 and the event identifier 3 is not the token information 4. Therefore, the AF entity determines not to accept the event information reported by the UPF entity 4.
TABLE 3
Token information Identification of terminal equipment and event identification
Token information 1 Identification of terminal device 1 and event identification 1
Token information 2 Identification of terminal device 2 and event identification 2
Token information 3 Identification of terminal device 3 and event identification 3
Specific embodiments of some steps in fig. 9 are not described in detail, and reference may be made to corresponding descriptions in the foregoing embodiments, which are not repeated herein.
It can be seen that by implementing the method described in fig. 9, it is advantageous for the AF entity to accurately identify the authenticity of the received event information.
As shown in fig. 10, fig. 10 is a schematic flowchart of another event information reporting method provided in the embodiment of the present application. The method for reporting the event information comprises the following steps 1001 to 1009. The specific implementation manners of steps 1001 to 1008 are the same as those of steps 901 to 908, and are not described herein. In the event information reporting method shown in fig. 10, the first information also carries a first message authentication code MAC; in step 1009, the AF entity verifies the first MAC if it is determined to accept the event information reported by the UPF entity.
Wherein the first MAC is used for integrity protection. The first MAC may be a MAC of important information in the first information, and the first MAC is used for integrity protection of the important information. For example, the first MAC may be a MAC of the event information, and the first MAC is used to integrity protect the event information. Alternatively, the first MAC may be a MAC of the event information and the target information, and the first MAC is used for integrity protection of the event information and the target information. The target information includes one or more of a timestamp, data network information, public land mobile network (PLMN ID) identification, and the like.
In a possible implementation, when the identifier of the UPF entity is carried in the first information, the AF entity further needs to check whether the identifier of the UPF entity is the same as the identifier of the UPF entity that sent the first information. Optionally, after the first MAC is checked, the AF entity may check whether the identity of the UPF entity is the same as the identity of the UPF entity that sent the first information. This enables further verification of the authenticity of the source of the event information. And if the identification of the UPF entity is the same as that of the UPF entity sending the first information, the source of the event information is proved to be true. And if the identification of the UPF entity is not identical to the identification of the UPF entity sending the first information, the source of the event information is proved to be not true.
By implementing the method described in fig. 10, integrity protection can be performed on the information reported by the UPF entity, and the information reported by the UPF entity can be prevented from being tampered in the transmission process.
Referring to fig. 11, fig. 11 is a schematic flowchart of another event information reporting method according to an embodiment of the present application. As shown in fig. 11, the method for reporting event information includes the following steps 1101 to 1114. Wherein:
1101. the AF entity stores the correspondence between the token information and the identifier of the terminal device and the event identifier.
1102. The AF entity sends a first request to the NEF entity. The first request carries the identifier of the terminal device, the event identifier and the token information.
1103. The NEF entity sends a second request to the SMF entity. The second request carries the identifier of the AF entity, the identifier of the terminal equipment, the event identifier and the token information.
1104. The NEF entity sends the SMF entity a shared key between the AF entity and the NEF entity.
1105. And the SMF entity sends second response information corresponding to the second request to the NEF entity.
1106. And the NEF entity sends first response information corresponding to the first request to the AF entity.
1107. The AF entity determines a first key based on a shared key between the AF entity and the NEF entity.
1108. The SMF entity determines a first key based on the shared key.
1109. The SMF entity sends the second information to the UPF entity. The second information carries the identifier of the AF entity, the identifier of the terminal equipment, the event identifier and the token information.
1110. The SMF entity sends the first key to the UPF entity.
1111. And when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains a first MAC based on the first key.
1112. The UPF entity sends the first information to the AF entity. The first information carries the identifier of the terminal device, the event identifier, the token information, the event information and the first MAC.
1113. And the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the token information.
1114. And under the condition of determining to accept the event information reported by the UPF entity, the AF entity verifies the first MAC through the first secret key.
The specific implementation manners of step 1104, step 1107, step 1108, step 1110, step 1111, and step 1114 may refer to the descriptions of the corresponding steps in fig. 6, which are not described herein again.
Referring to fig. 12, fig. 12 is a schematic flowchart of another event information reporting method according to an embodiment of the present application. As shown in fig. 12, the method for reporting event information includes the following steps 1201 to 1214. Wherein:
1201. the AF entity stores the correspondence between the token information and the identifier of the terminal device and the event identifier.
1202. The AF entity sends a first request to the NEF entity. The first request carries the identifier of the terminal device, the event identifier and the token information.
1203. The NEF entity sends a second request to the SMF entity. The second request carries the identifier of the AF entity, the identifier of the terminal equipment, the event identifier and the token information.
1204. And the SMF entity sends second response information corresponding to the second request to the NEF entity.
1205. And the NEF entity sends first response information corresponding to the first request to the AF entity.
1206. The AF entity determines a first key based on a shared key between the AF entity and the NEF entity.
1207. The NEF entity determines the first key based on a shared key between the AF entity and the NEF entity.
1208. The NEF entity sends the first key to the SMF entity.
1209. The SMF entity sends the second information to the UPF entity. The second information carries the identifier of the AF entity, the identifier of the terminal equipment, the event identifier and the token information.
1210. The SMF entity sends the first key to the UPF entity.
1211. And when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains a first MAC based on the first key.
1212. The UPF entity sends the first information to the AF entity. The first information carries the identifier of the terminal device, the event identifier, the token information, the event information and the first MAC.
1213. And the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the token information.
1214. And under the condition of determining to accept the event information reported by the UPF entity, the AF entity verifies the first MAC through the first secret key.
The specific implementation manners of step 1206, step 1207, step 1208, step 1210, step 1211, and step 1214 may refer to the descriptions of the corresponding steps in fig. 7, which are not described herein again.
In one possible implementation, the NEF entity may also interact directly with the UPF entity. For example, the SMF entity in fig. 12 may be removed. After the NEF entity side receives the first request, a UPF entity is selected by the NEF entity. And after the NEF entity selects the UPF entity, sending first response information of the first request to the AF entity, wherein the response information carries the identification of the selected UPF entity. The NEF entity determines a first key based on a shared key between the AF entity and the NEF entity and sends the first key and second information to the selected UPF entity. The operations performed by the UPF entity and the AF entity are unchanged, as described with reference to fig. 12.
Referring to fig. 13, fig. 13 is a schematic structural diagram of a communication device according to an embodiment of the present application. The communication apparatus shown in fig. 13 may be used to implement part or all of the functions of the AF entity in the embodiment corresponding to the method for determining downlink positioning information. The communication apparatus shown in fig. 13 may be used to implement part or all of the functions of the AF entity in the method embodiments described in fig. 3 to 7. The apparatus may be an AF entity, an apparatus in the AF entity, or an apparatus capable of being used in cooperation with the AF entity. Wherein, the communication device can also be a chip system. The communication apparatus shown in fig. 13 may include a communication unit 1301 and a processing unit 1302. Wherein:
a communication unit 1301, configured to receive first information sent by a user plane function UPF entity, where the first information carries an identifier of a terminal device, an event identifier, an identifier of the UPF entity, and event information; a processing unit 1302, configured to determine whether to accept the event information reported by the UPF entity based on the identifier of the terminal device, the event identifier, and the identifier of the UPF entity.
In a possible implementation, the communication unit 1301 is further configured to send a first request to a network open function NEF entity, where the first request carries an identifier of a terminal device and an event identifier; the communication unit 1301 is further configured to receive first response information corresponding to the first request sent by the NEF entity, where the first response information carries an identifier of the UPF entity; the processing unit 1302 is further configured to store a corresponding relationship between the identifier of the UPF entity and the identifier of the terminal device and the event identifier; the way for the processing unit 1302 to determine whether to accept the event information reported by the UPF entity based on the identifier of the terminal device, the event identifier, and the identifier of the UPF entity is specifically as follows: and determining whether to accept the event information reported by the UPF entity based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity.
In one possible implementation, the first information further carries a first message authentication code MAC; the processing unit 1302 is further configured to verify the first MAC when it is determined to receive the event information reported by the UPF entity.
In a possible implementation, the processing unit 1302 is further configured to determine a first key based on a shared key between the AF entity and the NEF entity; the way for the processing unit 1302 to verify the first MAC specifically is: the first MAC is authenticated by the first key.
In one possible implementation, the way for the processing unit 1302 to determine the first key based on the shared key between the AF and the NEF is specifically: determining a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter comprises at least one of an identifier of the AF entity, an identifier of the terminal device, an identifier of the UPF entity, or an event identifier.
The embodiment of the application also provides a communication device. The communication device can be used for realizing part or all of functions of the NEF entity in the embodiment corresponding to the determination method of the uplink positioning information. The communication device may be configured to perform some or all of the functions of the NEF entity in the method embodiments described above with reference to fig. 3 to 7. The apparatus may be a NEF entity, an apparatus in the NEF entity, or an apparatus capable of being used in cooperation with the NEF entity. Wherein, the communication device can also be a chip system. The communication device may comprise a communication unit. Wherein:
the communication unit is used for receiving a first request sent by an Application Function (AF) entity, wherein the first request carries an identifier of terminal equipment and an event identifier; the communication unit is further configured to send a second request to the session management function SMF entity, where the second request carries an identifier of the AF entity, an identifier of the terminal device, and an event identifier; the communication unit is further configured to receive second response information corresponding to the second request sent by the SMF entity, where the second response information carries an identifier of a user plane function UPF entity; and the communication unit is further configured to send first response information corresponding to the first request to the AF entity, where the first response information carries an identifier of the UPF entity.
In a possible implementation, the communication unit is further configured to send the shared key between the AF entity and the NEF entity to the SMF entity.
In one possible implementation, the communication apparatus further includes a processing unit, the processing unit being further configured to determine a first key based on a shared key between the AF entity and the NEF entity; the communication unit is further used for sending the first key to the SMF entity.
In a possible implementation, the way for the processing unit to determine the first key based on the shared key between the AF entity and the NEF entity is specifically: determining a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter comprises at least one of an identifier of the AF entity, an identifier of the terminal device, an identifier of the UPF entity, or an event identifier.
The embodiment of the application also provides a communication device. The communication device can be used for realizing part or all of functions of the SMF entity in the embodiment corresponding to the determination method of the uplink positioning information. The communication device may be configured to perform some or all of the functions of the SMF entity in the method embodiments described in fig. 3 to 7. The apparatus may be an SMF entity, an apparatus in the SMF entity, or an apparatus capable of being used in cooperation with the SMF entity. The communication device can also be a chip system. The communication device may comprise a communication unit. Wherein:
a communication unit, configured to receive a second request sent by a network open function NEF entity, where the second request carries an identifier of an AF entity, an identifier of a terminal device, and an event identifier; the communication unit is further configured to send second response information corresponding to the second request to the NEF entity, where the second response information carries an identifier of a user plane function UPF entity; and the communication unit is further configured to send second information to the UPF entity, where the second information carries the identifier of the AF entity, the identifier of the terminal device, and the event identifier.
In one possible implementation, the communication device further comprises a processing unit, wherein: a communication unit, further configured to receive a shared key between the AF entity and the NEF entity; a processing unit for determining a first key based on a shared key; and the communication unit is also used for sending the first key to the UPF entity.
In a possible implementation, the way for the processing unit to determine the first key based on the shared key is specifically: determining a first key through a first parameter set and a shared key; wherein the first parameter set comprises at least one of an identity of an AF entity, an identity of a terminal device, an identity of a UPF entity, or an event identity.
In a possible implementation, the communication unit is further configured to receive a first key sent by the NEF entity; the SMF entity sends the first key to the UPF entity.
The embodiment of the application also provides a communication device. The communication device can be used for realizing part or all of functions of the UPF entity in the embodiment corresponding to the method for determining the uplink positioning information. The communication device may be used to perform some or all of the functions of the UPF entity in the method embodiments described above with reference to fig. 3-7. The device may be a UPF entity, a device in the UPF entity, or a device capable of being used with the UPF entity. The communication device can also be a chip system. The communication device may comprise a communication unit. Wherein:
and the communication unit is used for sending first information to the AF entity when detecting or receiving the identifier of the terminal equipment and event information corresponding to the event identifier, wherein the first information carries the identifier of the terminal equipment, the event identifier, the identifier of the UPF and the event information.
In one possible implementation, the first information also carries a first message authentication code MAC.
In one possible implementation, the communication device further comprises a processing unit, wherein: the communication unit is also used for receiving a first key sent by the SMF entity; and the processing unit is further used for obtaining a first message authentication code MAC based on the first key when the communication unit detects or receives event information corresponding to the event identifier.
Referring to fig. 13, fig. 13 is a schematic structural diagram of a communication device according to an embodiment of the present application. The communication apparatus shown in fig. 13 may be used to implement part or all of the functions of the AF entity in the embodiment corresponding to the method for determining downlink positioning information. The communication apparatus shown in fig. 13 may be used to implement part or all of the functions of the AF entity in the method embodiments described in fig. 8 to 12 above. The apparatus may be an AF entity, an apparatus in the AF entity, or an apparatus capable of being used in cooperation with the AF entity. Wherein, the communication device can also be a chip system. The communication apparatus shown in fig. 13 may include a communication unit 1301 and a processing unit 1302. Wherein:
a communication unit 1301, configured to receive first information sent by a user plane function UPF entity, where the first information carries an identifier of a terminal device, an event identifier, token information, and event information; a processing unit 1302, configured to determine whether to accept the event information reported by the UPF entity based on the identifier of the terminal device, the event identifier, and the token information.
In a possible implementation, the processing unit 1302 is further configured to store a corresponding relationship between the token information and the identifier of the terminal device and the event identifier; the communication unit 1301 is further configured to send a first request to the NEF entity, where the first request carries an identifier of the terminal device, an event identifier, and token information; a communication unit 1301, further configured to receive first response information corresponding to the first request sent by the NEF entity; the specific implementation manner of the processing unit 1302 determining whether to accept the event information reported by the UPF entity based on the identifier of the terminal device, the event identifier, and the token information is as follows: and the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the token information.
In a possible implementation, the first information further carries a first message authentication code MAC; the processing unit 1302 is further configured to verify the first MAC if it is determined to accept the event information reported by the UPF entity.
In one possible implementation, the processing unit 1302 may also determine the first key based on a shared key between the AF entity and the NEF entity; the specific implementation of the processing unit 1302 to verify the first MAC is as follows: the first MAC is authenticated by the first key.
In one possible implementation, the shared key is a pre-shared key PSK used for establishing a Transport Layer Security (TLS) connection between the AF entity and the NEF entity, or the shared key is a session master key of the TLS connection between the AF entity and the NEF entity, or the shared key is a key negotiated in advance between the AF entity and the NEF entity. The seventh to tenth aspects are the same, and will not be described in detail later.
In one possible implementation, the specific implementation of the processing unit 1302 to determine the first key based on the shared key between the AF and the NEF is as follows: determining a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter includes at least one of an identifier of an AF entity, an identifier of a terminal device, an identifier of a UPF entity, or an event identifier.
The embodiment of the application also provides a communication device. The communication device can be used for realizing part or all of functions of the NEF entity in the embodiment corresponding to the method for determining the uplink positioning information. The communication device may be configured to perform some or all of the functions of the NEF entity in the method embodiments described above with reference to fig. 8-12. The apparatus may be a NEF entity, an apparatus in the NEF entity, or an apparatus capable of being used in cooperation with the NEF entity. Wherein, the communication device can also be a chip system. The communication device may comprise a communication unit. Wherein:
the communication unit is used for receiving a first request sent by an Application Function (AF) entity, wherein the first request carries an identifier of terminal equipment, an event identifier and token information; the communication unit is further configured to send a second request to the session management function SMF entity, where the second request carries an identifier of the AF entity, an identifier of the terminal device, an event identifier, and token information; the NEF entity receives second response information corresponding to the second request sent by the SMF entity; and the communication unit is further used for sending first response information corresponding to the first request to the AF entity.
In a possible implementation, the communication unit is further configured to send the shared key between the AF entity and the NEF entity to the SMF entity.
In one possible implementation, the communication device further comprises a processing unit: a processing unit for determining a first key based on a shared key between the AF entity and the NEF entity; a communication unit, further configured to send the first key to the SMF entity.
In one possible implementation, the specific implementation of the processing unit determining the first key based on the shared key between the AF entity and the NEF entity is as follows: determining a first key based on the first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter includes at least one of an identifier of the AF entity, an identifier of the terminal device, an identifier of the UPF entity, or an event identifier.
The embodiment of the application also provides a communication device. The communication device can be used for realizing part or all of functions of the SMF entity in the embodiment corresponding to the determination method of the uplink positioning information. The communication device may be configured to perform some or all of the functions of the SMF entity in the method embodiments described in fig. 8 to 12 above. The apparatus may be an SMF entity, an apparatus in the SMF entity, or an apparatus capable of being used in cooperation with the SMF entity. The communication device can also be a chip system. The communication device may include a communication unit. Wherein:
a communication unit, configured to receive a second request sent by a network open function NEF entity, where the second request carries an identifier of an AF entity, an identifier of a terminal device, an event identifier, and token information; the communication unit is further used for sending second response information corresponding to the second request to the NEF entity; and the communication unit is further used for sending second information to the UPF entity, wherein the second information carries the identifier of the AF entity, the identifier of the terminal equipment, the event identifier and the token information.
In one possible implementation, the communication device further comprises a processing unit, wherein: a communication unit, further configured to receive a shared key between the AF entity and the NEF entity; a processing unit for determining a first key based on a shared key; the SMF entity sends the first key to the UPF entity.
In a possible implementation, the specific implementation manner of the processing unit determining the first key based on the shared key is as follows: determining a first key by the first parameter set and the shared key; wherein the first parameter set comprises at least one of an identity of an AF entity, an identity of a terminal device, an identity of a UPF entity, or an event identity.
In a possible implementation, the communication unit is further configured to receive a first key sent by the NEF entity; and the communication unit is also used for sending the first key to the UPF entity.
Fig. 14 shows a communication apparatus 140 according to an embodiment of the present application, configured to implement the functions of the AF entity, the NEF entity, the SMF entity, or the UPF entity in the foregoing method embodiments. The apparatus may be an apparatus of an AF entity, a NEF entity, an SMF entity, or a UPF entity. The means for the AF entity, NEF entity, SMF entity, or UPF entity may be a chip system or chip within the AF entity, NEF entity, SMF entity, or UPF entity. The chip system may be formed by a chip, and may also include a chip and other discrete devices.
The communication device 140 includes at least one processor 1420 configured to implement the data processing function of the AF entity, the NEF entity, the SMF entity, or the UPF entity in the method provided by the embodiment of the present application. The apparatus 140 may further include a communication interface 1410, configured to implement transceiving operations of an AF entity, a NEF entity, an SMF entity, or a UPF entity in the method provided in the embodiment of the present application. In embodiments of the present application, the communication interface may be a transceiver, circuit, bus, module, or other type of communication interface for communicating with other devices over a transmission medium. For example, communication interface 1410 provides that an apparatus in apparatus 140 may communicate with other devices. Processor 1420 utilizes communication interface 1410 to send and receive data and is configured to implement the methods described in the method embodiments above.
The apparatus 140 may also include at least one memory 1430 for storing program instructions and/or data. A memory 1430 is coupled to the processor 1420. The coupling in the embodiments of the present application is an indirect coupling or a communication connection between devices, units or modules, and may be an electrical, mechanical or other form for information interaction between the devices, units or modules. The processor 1420 may operate in conjunction with the memory 1430. Processor 1420 may execute program instructions stored in memory 1430. At least one of the at least one memory may be included in the processor.
The specific connection medium between the communication interface 1410, the processor 1420 and the memory 1430 is not limited in this embodiment. In fig. 14, the memory 1430, the communication interface 1414 and the communication interface 1410 are connected by a bus 1440, the bus is shown by a thick line in fig. 14, and the connection manner between other components is only for illustrative purpose and is not limited thereto. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown in FIG. 14, but this is not intended to represent only one bus or type of bus.
Where apparatus 140 is embodied as an apparatus for an end device or a positioning device or an access network device, such as where apparatus 140 is embodied as a chip or chip system, then baseband signals may be output or received by communication interface 1410. Where apparatus 140 is embodied as a terminal device or a positioning device or an access network device, communication interface 1410 may output or receive radio frequency signals. In the embodiments of the present application, the processor may be a general-purpose processor, a digital signal processor, an application specific integrated circuit, a field programmable gate array or other programmable logic device, a discrete gate or transistor logic device, or a discrete hardware component, and may implement or execute the methods, steps, and logic blocks disclosed in the embodiments of the present application. A general purpose processor may be a microprocessor or any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present application may be directly implemented by a hardware processor, or may be implemented by a combination of hardware and software modules in a processor.
Embodiments of the present application further provide a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are executed on a processor, the computer-readable storage medium is configured to perform the method performed by the AF entity in the foregoing method embodiments.
Embodiments of the present application further provide a computer-readable storage medium, in which instructions are stored, and when the computer-readable storage medium is executed on a processor, the computer-readable storage medium is configured to perform the method performed by the NEF entity in the above method embodiments.
Embodiments of the present application further provide a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are executed on a processor, the computer-readable storage medium is configured to perform the method performed by the SMF entity in the foregoing method embodiments.
The embodiment of the present application further provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are executed on a processor, the computer-readable storage medium is configured to perform the method performed by the UPF entity in the foregoing method embodiment.
Embodiments of the present application further provide a computer program product, when the computer program product runs on a processor, for executing the method performed by the AF entity in the above method embodiments.
Embodiments of the present application further provide a computer program product, when running on a processor, for executing the method performed by the NEF entity in the above method embodiments.
Embodiments of the present application further provide a computer program product, when the computer program product runs on a processor, configured to execute the method performed by the SMF entity in the foregoing method embodiments.
The embodiment of the present application further provides a computer program product, which is configured to, when running on a processor, execute the method performed by the UPF entity in the foregoing method embodiment.
The embodiment of the present application further provides a communication system, which includes an AF entity, a NEF entity, an SMF entity, and a UPF entity. The AF entity is configured to perform the method performed by the AF entity in fig. 3 to 7 in the above method embodiment. The NEF entity is configured to perform the method performed by the NEF entity in fig. 3 to 7 in the above method embodiment. The SMF entity is configured to perform the method performed by the SMF entity in fig. 3 to 7 in the above method embodiment. The UPF entity is configured to perform the method performed by the UPF entity in fig. 3 to fig. 7 in the foregoing method embodiment. Alternatively, the AF entity is configured to perform the methods performed by the AF entity in fig. 8 to 12 in the method embodiments described above. The NEF entity is configured to perform the method performed by the NEF entity in fig. 8 to fig. 12 in the above method embodiment. The SMF entity is configured to perform the method performed by the SMF entity in fig. 8 to 12 in the above method embodiment. The UPF entity is used for executing the method executed by the UPF entity in fig. 8 to 12 in the above method embodiment.
It should be noted that, for simplicity of description, the above-mentioned method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present invention is not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the invention. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required by the invention.
In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus may be implemented in other manners. For example, the above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one type of division of logical functions, and there may be other divisions when actually implementing, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not implemented. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of some interfaces, devices or units, and may be an electric or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit may be implemented in the form of hardware, or may also be implemented in the form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable memory. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a memory and includes several instructions for causing a computer device (which may be a personal computer, a server, a network device, or the like) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned memory comprises: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable memory, which may include: flash Memory disks, read-Only memories (ROMs), random Access Memories (RAMs), magnetic or optical disks, and the like.
The above embodiments of the present invention are described in detail, and the principle and the implementation of the present invention are explained by applying specific embodiments, and the above description of the embodiments is only used to help understanding the method of the present invention and the core idea thereof; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in view of the above, the content of the present specification should not be construed as a limitation to the present invention.

Claims (22)

1. A method for reporting event information is characterized in that the method comprises the following steps:
an AF entity sends a first request to a NEF entity, wherein the first request carries an identifier of terminal equipment and an event identifier;
the AF entity receives first response information corresponding to the first request sent by the NEF entity, wherein the first response information carries the identifier of the UPF entity;
the AF entity stores the corresponding relation between the identifier of the UPF entity and the identifiers of the terminal equipment and the event identifier;
an Application Function (AF) entity receives first information sent by a User Plane Function (UPF) entity, wherein the first information carries an identifier of terminal equipment, an event identifier, an identifier of the UPF entity and event information;
and the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity.
2. The method of claim 1, wherein the first information further carries a first Message Authentication Code (MAC); the method further comprises the following steps:
and under the condition that the event information reported by the UPF entity is determined to be accepted, the AF entity verifies the first MAC.
3. The method of claim 2, further comprising:
the AF entity determining a first key based on a shared key between the AF entity and the NEF entity;
the AF entity verifying the first MAC, comprising:
the AF entity verifies the first MAC through the first key.
4. The method of claim 3, wherein the AF entity determines the first key based on a shared key between the AF and NEF, comprising:
the AF entity determining a first key based on a first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter includes at least one of an identifier of the AF entity, an identifier of the terminal device, an identifier of the UPF entity, or the event identifier.
5. A method for reporting event information is characterized in that the method comprises the following steps:
a network open function (NEF) entity receives a first request sent by an Application Function (AF) entity, wherein the first request carries an identifier of terminal equipment and an event identifier;
the NEF entity sends a second request to a Session Management Function (SMF) entity, wherein the second request carries the identifier of the AF entity, the identifier of the terminal equipment and the event identifier;
the NEF entity receives second response information corresponding to the second request sent by the SMF entity, wherein the second response information carries an identifier of a User Plane Function (UPF) entity;
and the NEF entity sends first response information corresponding to the first request to the AF entity, wherein the first response information carries the identifier of the UPF entity, and the identifier of the UPF entity is used for the AF entity to store the corresponding relation between the identifier of the UPF entity and the identifier of the terminal equipment and the event identifier, and determining whether to accept the event information reported by the UPF entity based on the corresponding relation.
6. The method of claim 5, further comprising:
and the NEF entity sends the shared key between the AF entity and the NEF entity to the SMF entity.
7. The method of claim 5, further comprising:
the NEF entity determining a first key based on a shared key between the AF entity and the NEF entity;
the NEF entity sends the first key to the SMF entity.
8. The method of claim 7, wherein the NEF entity determines the first key based on a shared key between the AF entity and the NEF entity, comprising:
the NEF entity determining a first key based on a first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter includes at least one of an identifier of the AF entity, an identifier of the terminal equipment, an identifier of the UPF entity or the event identifier.
9. A method for reporting event information is characterized in that the method comprises the following steps:
an AF entity sends a first request to a NEF entity, wherein the first request carries an identifier of terminal equipment and an event identifier;
the NEF entity sends a second request to a Session Management Function (SMF) entity, wherein the second request carries the identifier of the AF entity, the identifier of the terminal equipment and the event identifier;
the SMF entity sends second response information corresponding to the second request to the NEF entity, and sends second information to the UPF entity, wherein the second response information carries the identifier of the UPF entity, and the second information carries the identifier of the AF entity, the identifier of the terminal equipment and the event identifier;
the NEF entity sends first response information corresponding to the first request to the AF entity, wherein the first response information carries the identification of the UPF entity;
the AF entity stores the corresponding relation between the identifier of the UPF entity and the identifiers of the terminal equipment and the event identifier;
when a User Plane Function (UPF) entity detects or receives an identifier of a terminal device and event information corresponding to the event identifier, sending first information to an Application Function (AF) entity, wherein the first information carries the identifier of the terminal device, the event identifier, the identifier of the UPF entity and the event information;
and the AF entity determines whether to accept the event information reported by the UPF entity or not based on the corresponding relation, the identifier of the terminal equipment, the event identifier and the identifier of the UPF entity.
10. The method of claim 9, wherein the first information further carries a first Message Authentication Code (MAC); the method further comprises the following steps:
and under the condition that the event information reported by the UPF entity is determined to be accepted, the AF entity verifies the first MAC.
11. The method of claim 10, further comprising:
the NEF entity sends a shared key between the AF entity and the NEF entity to the SMF entity;
the SMF entity determines a first key based on the shared key;
the SMF entity sends the first key to the UPF entity;
when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains the first MAC based on the first key;
the AF entity determining a first key based on a shared key between the AF entity and the NEF entity;
the AF entity verifying the first MAC, comprising:
the AF entity verifies the first MAC by the first key.
12. The method of claim 10, further comprising:
the NEF entity determining a first key based on a shared key between the AF entity and the NEF entity;
the NEF entity sends the first key to the SMF entity;
the SMF entity sends the first key to the UPF entity;
when the UPF entity detects or receives event information corresponding to the event identifier, the UPF entity obtains the first MAC based on the first key;
the AF entity determining a first key based on a shared key between the AF entity and the NEF entity;
the AF entity verifying the first MAC, comprising:
the AF entity verifies the first MAC by the first key.
13. The method of claim 11, wherein the AF entity determines the first key based on a shared key between the AF and NEF, comprising:
the AF entity determining a first key based on a first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter comprises at least one of an identifier of the AF entity, an identifier of the terminal equipment, an identifier of the UPF entity or the event identifier;
the SMF entity determining a first key based on the shared key, including:
the SMF entity determines a first key by the first parameter and the shared key.
14. The method of claim 12, wherein the AF entity determines the first key based on a shared key between the AF and NEF, comprising:
the AF entity determining a first key based on a first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter comprises at least one of an identifier of the AF entity, an identifier of the terminal equipment, an identifier of the UPF entity or the event identifier;
the NEF entity determines a first key based on a shared key between the AF entity and the NEF entity, including:
the NEF entity determines a first key based on the first parameters and a shared key between the AF entity and the NEF entity.
15. A communication apparatus, characterized in that the communication apparatus comprises:
a communication unit, configured to send a first request to a network open function NEF entity, where the first request carries an identifier of a terminal device and an event identifier;
the communication unit is further configured to receive first response information corresponding to the first request sent by the NEF entity, where the first response information carries an identifier of a UPF entity;
the processing unit is used for storing the corresponding relation between the identifier of the UPF entity and the identifiers of the terminal equipment and the event identifiers;
the communication unit is further configured to receive first information sent by a User Plane Function (UPF) entity, where the first information carries an identifier of a terminal device, an event identifier, and an identifier and event information of the UPF entity;
the processing unit is further configured to determine whether to accept the event information reported by the UPF entity based on the correspondence, the identifier of the terminal device, the event identifier, and the identifier of the UPF entity.
16. The communication apparatus according to claim 15, wherein the first information further carries a first message authentication code MAC;
the processing unit is further configured to verify the first MAC when the event information reported by the UPF entity is determined to be accepted.
17. The communication device of claim 16,
the processing unit is further configured to determine a first key based on a shared key between an AF entity and the NEF entity;
the way for the processing unit to verify the first MAC specifically is:
the first MAC is authenticated by the first key.
18. The communications apparatus according to claim 17, wherein the processing unit determines the first key based on the shared key between the AF and the NEF by:
determining a first key based on a first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter includes at least one of an identifier of the AF entity, an identifier of the terminal equipment, an identifier of the UPF entity or the event identifier.
19. A communication apparatus, applied to a NEF entity, the communication apparatus comprising:
a communication unit, configured to receive a first request sent by an application function AF entity, where the first request carries an identifier of a terminal device and an event identifier;
the communication unit is further configured to send a second request to a session management function SMF entity, where the second request carries an identifier of the AF entity, an identifier of the terminal device, and the event identifier;
the communication unit is further configured to receive second response information corresponding to the second request sent by the SMF entity, where the second response information carries an identifier of a user plane function UPF entity;
the communication unit is further configured to send first response information corresponding to the first request to the AF entity, where the first response information carries an identifier of the UPF entity, and the identifier of the UPF entity is used for the AF entity to store a corresponding relationship between the identifier of the UPF entity and the identifier of the terminal device and the event identifier, and determine whether to accept the event information reported by the UPF entity based on the corresponding relationship.
20. The communication device of claim 19,
the communication unit is further configured to send, to the SMF entity, a shared key between the AF entity and the NEF entity.
21. The communication device of claim 19, further comprising a processing unit,
the processing unit is further configured to determine a first key based on a shared key between the AF entity and the NEF entity;
the communication unit is further configured to send the first key to the SMF entity.
22. The communications apparatus according to claim 21, wherein the processing unit determines the first key based on the shared key between the AF entity and the NEF entity by:
determining a first key based on a first parameter and a shared key between the AF entity and the NEF entity; wherein the first parameter includes at least one of an identifier of the AF entity, an identifier of the terminal device, an identifier of the UPF entity, or the event identifier.
CN201911242878.5A 2019-12-06 2019-12-06 Event information reporting method and communication device Active CN113038467B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201911242878.5A CN113038467B (en) 2019-12-06 2019-12-06 Event information reporting method and communication device
PCT/CN2020/133531 WO2021110084A1 (en) 2019-12-06 2020-12-03 Event information reporting method and communication apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911242878.5A CN113038467B (en) 2019-12-06 2019-12-06 Event information reporting method and communication device

Publications (2)

Publication Number Publication Date
CN113038467A CN113038467A (en) 2021-06-25
CN113038467B true CN113038467B (en) 2022-12-02

Family

ID=76221127

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911242878.5A Active CN113038467B (en) 2019-12-06 2019-12-06 Event information reporting method and communication device

Country Status (2)

Country Link
CN (1) CN113038467B (en)
WO (1) WO2021110084A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116528216A (en) * 2022-01-20 2023-08-01 华为技术有限公司 Communication method, device and system
CN117560716A (en) * 2022-08-04 2024-02-13 华为技术有限公司 Communication method and communication device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110049070A (en) * 2018-01-15 2019-07-23 华为技术有限公司 Event notification method and relevant device
CN110536282A (en) * 2019-03-28 2019-12-03 中兴通讯股份有限公司 A kind of event notification method and device

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019139752A1 (en) * 2018-01-11 2019-07-18 Ofinno, Llc Monitoring and reporting service performance
CN110120878B (en) * 2018-02-05 2020-10-23 华为技术有限公司 Method and device for acquiring link quality
US10986528B2 (en) * 2018-02-15 2021-04-20 Huawei Technologies Co., Ltd. Tracking QoS violated events
CN109951824B (en) * 2018-04-09 2022-04-05 华为技术有限公司 Communication method and device
WO2019197426A1 (en) * 2018-04-10 2019-10-17 NEC Laboratories Europe GmbH System and method of application function influence on traffic routing in enhanced topology of smf and upf in 5g networks
CN110519750B (en) * 2018-05-21 2021-04-20 华为技术有限公司 Message processing method, device and system
US10285155B1 (en) * 2018-09-24 2019-05-07 Cisco Technology, Inc. Providing user equipment location information indication on user plane

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110049070A (en) * 2018-01-15 2019-07-23 华为技术有限公司 Event notification method and relevant device
CN110536282A (en) * 2019-03-28 2019-12-03 中兴通讯股份有限公司 A kind of event notification method and device

Also Published As

Publication number Publication date
WO2021110084A1 (en) 2021-06-10
CN113038467A (en) 2021-06-25

Similar Documents

Publication Publication Date Title
CN111865598B (en) Identity verification method and related device for network function service
WO2021037175A1 (en) Network slice management method and related device
US11057766B2 (en) Security management in disaggregated base station in communication system
US11871223B2 (en) Authentication method and apparatus and device
CN113206814A (en) Network event processing method and device and readable storage medium
CN113038467B (en) Event information reporting method and communication device
CN113676904B (en) Slice authentication method and device
US11789803B2 (en) Error handling framework for security management in a communication system
EP4135376A1 (en) Method and device for secure communication
US20230292131A1 (en) Rogue network function re-authorization in a communication network
CN116746181A (en) Method for generating key identifier and related device
AU2010329814B2 (en) Smart card security feature profile in home subscriber server
EP3821562A1 (en) Security management for unauthorized requests in communication system with service-based architecture
CN113453222B (en) Communication method and device
CN114205819A (en) QoS calling method and device based on hybrid networking, and electronic equipment
CN115918113A (en) User equipment contact strategy
CN111372250A (en) Base station determination method and apparatus, storage medium, and electronic apparatus
CN113904781B (en) Slice authentication method and system
EP4346258A1 (en) Secure user equipment policy data in a communication network environment
EP4156741A1 (en) Slice service verification method and apparatus
US20240163670A1 (en) Wireless communication method and apparatus
CN116530119A (en) Method, device and system for protecting serial numbers in wireless network
CN115843028A (en) Network authentication method and device
CN117319999A (en) Communication device identification method, communication system and electronic device
CN116471590A (en) Terminal access method, device and authentication service function network element

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant