CN1956378A - Method of positioning describing function entity in NASS - Google Patents
Method of positioning describing function entity in NASS Download PDFInfo
- Publication number
- CN1956378A CN1956378A CN 200510116727 CN200510116727A CN1956378A CN 1956378 A CN1956378 A CN 1956378A CN 200510116727 CN200510116727 CN 200510116727 CN 200510116727 A CN200510116727 A CN 200510116727A CN 1956378 A CN1956378 A CN 1956378A
- Authority
- CN
- China
- Prior art keywords
- user
- function entity
- entity
- authentication
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
This invention discloses a method for describing data function entities in NASS including: UAAF of a domain ownership is connected with at least one new added UPLF via an interface and said UPLF stores the ID information of the PDBF and the information describing the corresponding relation of the user descriptor and PDBF ID information, after the UAAF of the domain ownership receives the request for inquiring network configuration authentication of a user and authority authentication request sent by a request party, it sends the request for obtaining corresponding PDBF ID information to said UPLF via an interface, which looks up the corresponding PDBF ID information and responds said information to the UAAF to realize location to PDBF.
Description
Technical field
The present invention relates to next generation network (NGN, Next Generation Network) mobile communication technology field, relate in particular in the NGN architectural framework, user access authorization function entity (UAAF, User AccessAuthorization Function) method of identification data of description functional entity (PDBF, Profile Data Base Function).
Background technology
At present, with the Internet new technology of representative just conventional telecommunication network in profound influence notion and system, next generation network is one of wherein the most noticeable bright spot.In current a kind of NGN architectural framework, the major function of Network Attachment Subsystem as shown in Figure 1 (NASS, Network Attachment Subsystem) be dynamic assignment Internet protocol (IP) address and other-end configuration parameter, during the IP address assignment program or before occur in IP layer user's authentication and authentication, according to the network insertion mandate of customer service inventory (Profile), according to the Access Network configuration of customer service inventory (Profile), occur in the location management of IP layer etc.
In numerous functional entitys that NASS comprises, comprising network access configuration function entity (NACF, Network Access Configuration Function), access management function entity (AMF, AccessManagement Function), connection session location and memory function entity (CLF, Connectivity SessionLocation and Repository Function), UAAF, PDBF, user's configuration feature entity (CPECF, CPE Configuration Function).Described PDBF is used for storing with user network and inserts configuration relevant authentication and authentication information, comprise user identifier (User Identity), support mandate approach inventory (List of SupportedAuthentication Methods), key material authorization data information such as (Key Material).
UAAF obtains from PDBF with interface between the PDBF by UAAF and user network inserts configuration relevant authentication and authentication information.PDBF can be positioned in user's service describing functional entity (UPSF, User ProfileServer Function), also can occur as a functional entity separately.Usually UPSF has a plurality ofly in an area, so UAAF is difficult for knowing which PDBF from which UPSF be, obtains and user network inserts configuration relevant authentication and authentication information.
Summary of the invention
The objective of the invention is to solve UAAF and be difficult for the data of description functional entity of user's correspondence is positioned existing problem and shortage, a kind of convenience, the method for positioning describing data function entity among the NASS efficiently are provided.
For addressing the above problem, the present invention adopts following technical scheme: the method for positioning describing data function entity among this NASS, be specially, in Network Attachment Subsystem, the user access authorization function entity of home domain is described the positioning function entity by interface with one or more users that newly establish and is linked to each other, and described user describe the positioning function physical memory contain the identifier information of data of description functional entity and user descriptors is described and data of description functional entity identifier information between the information of corresponding relation; The user access authorization function entity of described home domain is after the network configuration authentication and authentication information request of the inquiring user that receives requesting party's transmission, to described user the request that the positioning function entity sends the identifier information of the data of description functional entity that obtains user's correspondence is described by described interface, described user describes the identifier information that the positioning function entity is searched the corresponding data of description functional entity of this user according to corresponding relation between the user descriptors in this request and data of description functional entity identifier information, and with the user access authorization function entity of this identifier information response to described home domain, thereby realization is to the location of data of description functional entity.
According to the invention described above technical scheme, by user access authorization function entity and user the interface that the positioning function inter-entity is set up is described at home domain, and the identifier information of describing the data of description functional entity that to be visited and to obtain by the user access authorization function entity of home domain of positioning function physical memory storage described user, can make the user access authorization function entity of home domain convenient by the identifier information of this data of description functional entity, identify the data of description functional entity of user's correspondence efficiently, thereby obtain to insert configuration relevant authentication and authentication information with user network, as User Identity, List of Supported Authentication Methods, authorization data information such as Key Material.
Description of drawings
Fig. 1 is in a kind of NGN architectural framework, a kind of scene graph of original NASS;
Fig. 2 be in the method for positioning describing data function entity among the NASS of the present invention after the user access authorization function entity of home domain and the user who newly establishes describe the positioning function inter-entity interface are set, the another kind of scene graph of NASS;
Fig. 3 is the signaling flow that the UAAF calling party is described the positioning function entity in the method for positioning describing data function entity among the NASS of the present invention;
Fig. 4 be in the method for positioning describing data function entity among the NASS of the present invention UAAF by the identifier information of describing the positioning function entity from the user and obtaining PDBF after, the signaling flow of visiting this PDBF;
Fig. 5 is when the user is in the visit territory in the method for positioning describing data function entity among the NASS of the present invention, the UAAF of home domain by the identifier information of describing the positioning function entity from the user and obtaining PDBF after, the signaling flow of visiting this PDBF.
Embodiment
Referring to Fig. 2, Fig. 3, Fig. 4 and Fig. 5, the method of positioning describing data function entity among the NASS of the present invention, be specially, in Network Attachment Subsystem, the user access authorization function entity of home domain is described positioning function entity (UPLF by interface with one or more users that newly establish, User Profile Locator Function) link to each other, and described user describe that the positioning function physical memory contains can be by the identifier information of the data of description functional entity of the user access authorization function entity of home domain visit and the information of describing corresponding relation between user descriptors and data of description functional entity identifier information; The user access authorization function entity of described home domain is after the network configuration authentication and authentication information request of the inquiring user that receives requesting party's transmission, to described user the request that the positioning function entity sends the identifier information of the data of description functional entity that obtains user's correspondence is described by described interface, described user describes the identifier information that the positioning function entity is searched the corresponding data of description functional entity of this user according to corresponding relation between the user descriptors in this request and data of description functional entity identifier information, and with the user access authorization function entity of this identifier information response to described home domain, thereby realization is to the location of data of description functional entity.
Wherein, the identifier information of this data of description functional entity includes the name information or the address information of data of description functional entity; The agreement that described user access authorization functional network entity and user describe the interface that the positioning function inter-entity sets up can be Diameter, remote dial access service authentication protocol (RADIUS, RemoteAuthentication Dial in User Service) or public open policy service protocol agreement (COPS, Common OpenPolicy Service), also can realize by other related protocol.
Referring to Fig. 3, the interface that is provided with between this UAAF and UPLF is mainly finished following function:
(1) UAAF of home domain sends the request (UPLF_Query) of the identifier information of the PDBF that obtains user's correspondence to UPLF by this interface;
(2) UPLF finds the identifier information of the corresponding PDBF of this user according to corresponding relation between the user descriptors in this request and PDBF identifier information, and this identifier information is responded UAAF (UPLF_RESP) to home domain by interface.
Below in conjunction with accompanying drawing and two specific embodiments, further specify technical characterictic of the present invention and function characteristics, purpose is that the present invention can be described better, but is not to be used for limiting protection scope of the present invention.
Execution mode one:
Referring to Fig. 2, Fig. 3 and Fig. 4, embodiments of the present invention one can be sketched and be: when the user is in the home domain of network, user access authorization function entity by home domain and one or more users that newly establish describe request between the interface of positioning function inter-entity setting and response message obtains the data of description functional entity title and address information, thus realize location to the data of description functional entity.
If the user is in the home domain of network, the method by positioning describing data function entity among the NASS of the present invention positions the data of description functional entity, comprises the steps:
(1) UAAF of home domain receives the network configuration authentication of the inquiring user that sends from AMF and the request of authentication information;
(2) UAAF of home domain describes the positioning function entity to the user and sends the title of the data of description functional entity that obtains user's correspondence or the request (UPLF_Query) of address information after receiving this request;
(3) user describes the title of the data of description functional entity that obtains user's correspondence that the UAAF of positioning function entity handles home domain sends or the request of address information, and the title or the address information of searching the corresponding data of description functional entity of this user according to the user descriptors in this request and the title or the corresponding relation between address information of data of description functional entity;
(4) user describes the positioning function entity and returns the title that comprises the data of description functional entity or the response message (UPLF_RESP) of address information to the UAAF of home domain;
(5) UAAF of home domain indicated data of description functional entity in response message sends the network configuration authentication and the authentication information request (Query) of inquiring user;
(6) the data of description functional entity is after receiving this request, returns the response message (RESP) of relevant informations such as the network configuration authentication that includes the user and authentication to the UAAF of home domain;
(7) UAAF of home domain is to relevant informations such as access management function entity response user's network configuration authentication and authentications, and finally finishes authentication and Authorized operation to the user by the access management function entity.
Execution mode two:
Referring to Fig. 2, Fig. 3 and Fig. 5, embodiments of the present invention two can be sketched and be: when the user is in the visit territory of network, visit the user access authorization function entity of home domain by the user access authorization function entity in visit territory, describe request between the interface of positioning function inter-entity setting by the user access authorization function entity of home domain and one or more users of newly establishing again and title and address information that response message obtains the data of description functional entity, thereby realize location the data of description functional entity.
If the user is in the visit territory of network, the method by positioning describing data function entity among the NASS of the present invention positions the data of description functional entity, comprises the steps:
(1) UAAF (serving as UAAF-Proxy) in visit territory receives the network configuration authentication of the inquiring user that sends from AMF and the request of authentication information;
(2) UAAF-Proxy will ask (Query) to be forwarded to the UAAF (serving as UAAF-Server) of home domain after the request of network configuration authentication that receives inquiring user and authentication information;
(3) UAAF-Server describes the positioning function entity to the user and sends the title of the data of description functional entity that obtains user's correspondence or the request (UPLF_Query) of address information after receiving this request;
(4) user describes the title of the data of description functional entity that obtains user's correspondence that positioning function entity handles UAAF-Server sends or the request of address information, and the title or the address information of searching the corresponding data of description functional entity of this user according to the user descriptors in this request and the title or the corresponding relation between address information of data of description functional entity;
(5) user describes the positioning function entity and returns the title that includes the data of description functional entity or the response message (UPLF_RESP) of address information to UAAF-Server;
(6) UAAF-Server indicated data of description functional entity in response message sends the network configuration authentication and the authentication information request (Query) of inquiring user;
(7) the data of description functional entity is after receiving this request, returns the response message (RESP) of relevant informations such as the network configuration authentication that includes the user and authentication to UAAF-Server;
(8) UAAF-Server transmits the response (RESP) of relevant informations such as the network configuration authentication comprise the user and authentication to UAAF-Proxy;
(9) UAAF-Proxy is to relevant informations such as access management function entity response user's network configuration authentication and authentications, and finally finishes authentication and Authorized operation to the user by the access management function entity.
Above-mentioned embodiment describes the present invention with preferred embodiment, but the example of this visualization of just lifting for the ease of understanding should not be considered to be limitation of the scope of the invention.Equally, according to the description of technical scheme of the present invention and preferred embodiment thereof, can make various possible being equal to and change or replacement, and all these changes or replacement all should belong to the protection range of claim of the present invention.
Claims (6)
1. the method for positioning describing data function entity among the NASS, it is characterized in that, in Network Attachment Subsystem, the user access authorization function entity of home domain is described the positioning function entity by interface with one or more users that newly establish and is linked to each other, and described user describe the positioning function physical memory contain the identifier information of data of description functional entity and user descriptors is described and data of description functional entity identifier information between the information of corresponding relation; The user access authorization function entity of described home domain is after the network configuration authentication and authentication information request of the inquiring user that receives requesting party's transmission, to described user the request that the positioning function entity sends the identifier information of the data of description functional entity that obtains user's correspondence is described by described interface, described user describes the identifier information that the positioning function entity is searched the corresponding data of description functional entity of this user according to corresponding relation between the user descriptors in this request and data of description functional entity identifier information, and with the user access authorization function entity of this identifier information response to described home domain, thereby realization is to the location of data of description functional entity.
2. the method for positioning describing data function entity among the NASS as claimed in claim 1, it is characterized in that, described request side is the user access authorization function entity in access management function entity or visit territory, be specially: if the user is in home domain, then the requesting party is the access management function entity, directly the authentication of the network configuration of inquiring user and authentication information request is sent to the user access authorization function entity of home domain by this access management function entity; If the user is in the visit territory, then the requesting party is the user access authorization function entity in visit territory, the user access authorization function entity in this visit territory is forwarded to this request the user access authorization functional network entity of home domain after the network configuration authentication and authentication information request that receive from the inquiring user of access management function entity.
3. the method for positioning describing data function entity among the NASS as claimed in claim 2, it is characterized in that, this method also comprises, the user access authorization function entity of described home domain obtains user's network configuration authentication and authentication information from the indicated data of description functional entity of described identifier information, and authentication of this user's network configuration and authentication information responded to the requesting party, and finally finish authentication and Authorized operation to the user by the access management function entity.
4. the method for positioning describing data function entity among the NASS as claimed in claim 3, it is characterized in that, the user access authorization function entity of described home domain responds user's network configuration authentication and authentication information to the requesting party, be specially, if the user is in home domain, then the user access authorization function entity of described home domain directly responds user's network configuration authentication and authentication information to described access management function entity; If the user is in the visit territory, the user access authorization function entity of the described home domain user access authorization function entity that earlier user's network configuration authentication and authentication information is forwarded to described visit territory then is sent to the access management function entity by the user access authorization function entity in visit territory with this user's network configuration authentication and authentication information again.
5. as the method for positioning describing data function entity among the described NASS of arbitrary claim in the claim 1 to 4, it is characterized in that the identifier information of described data of description functional entity includes the name information or the address information of data of description functional entity.
6. as the method for positioning describing data function entity among the described NASS of arbitrary claim in the claim 1 to 4, it is characterized in that the agreement of the interface that described user access authorization functional network entity and Subscription Locator Function inter-entity are set up is Diameter, remote dial access service authentication protocol or public open policy service protocol agreement.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2005101167277A CN100550732C (en) | 2005-10-28 | 2005-10-28 | The method of positioning describing data function entity among the NASS |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2005101167277A CN100550732C (en) | 2005-10-28 | 2005-10-28 | The method of positioning describing data function entity among the NASS |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1956378A true CN1956378A (en) | 2007-05-02 |
CN100550732C CN100550732C (en) | 2009-10-14 |
Family
ID=38063496
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2005101167277A Expired - Fee Related CN100550732C (en) | 2005-10-28 | 2005-10-28 | The method of positioning describing data function entity among the NASS |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN100550732C (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014056202A1 (en) * | 2012-10-12 | 2014-04-17 | 华为技术有限公司 | Method and advertisement server for providing network information for terminal |
US9398441B2 (en) | 2012-12-21 | 2016-07-19 | Huawei Technologies Co., Ltd. | Method and apparatus for identifying re-subscribed user |
-
2005
- 2005-10-28 CN CNB2005101167277A patent/CN100550732C/en not_active Expired - Fee Related
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014056202A1 (en) * | 2012-10-12 | 2014-04-17 | 华为技术有限公司 | Method and advertisement server for providing network information for terminal |
CN104137485A (en) * | 2012-10-12 | 2014-11-05 | 华为技术有限公司 | Method and advertisement server for providing network information for terminal |
CN104137485B (en) * | 2012-10-12 | 2017-11-17 | 华为技术有限公司 | The method and announcement server of the network information are provided for terminal |
US9398441B2 (en) | 2012-12-21 | 2016-07-19 | Huawei Technologies Co., Ltd. | Method and apparatus for identifying re-subscribed user |
Also Published As
Publication number | Publication date |
---|---|
CN100550732C (en) | 2009-10-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9179289B2 (en) | Method and system for remotely accessing | |
CN1855820A (en) | Method for providing business according to its type | |
US20070127495A1 (en) | Single sign-on for users of a packet radio network roaming in a multinational operator network | |
RU2007105979A (en) | REGISTRATION OF USERS IN THE COMMUNICATION SYSTEM | |
CN100442920C (en) | Method for user accessing information in next generation network | |
CN1811774A (en) | Automated integration of content from multiple information stores using a mobile communication device | |
CN1314254C (en) | System and method of controlling application level access of subscriber to network | |
CN1578487A (en) | Method for mobile terminal switching in packet network | |
CN1672393A (en) | Mobile terminal identity protection through home location register modification | |
CN1968507A (en) | Mobile terminal positioning method and system | |
CN112217653B (en) | Strategy issuing method, device and system | |
CN104519551B (en) | WiFi network DHCP negotiation method and client | |
CN100544255C (en) | The method of positioning describing data function entity among the NASS | |
CN101035383A (en) | Method and device for confirming the service time in the communication service | |
CN100488137C (en) | Correlation method, system and apparatus of user relative information in network attached sub-system | |
CN1956378A (en) | Method of positioning describing function entity in NASS | |
CN1956379A (en) | Method of positioning user access authorization function entity in NASS | |
CN102457829A (en) | Authentication and session management (ASM), and method for using roaming local network service | |
CN102209011A (en) | Method for establishing connection with multi-homed terminal and system thereof | |
CN1764273A (en) | Camera device based on Internet | |
CN1604555A (en) | Method for implementing intercommunication between WLAN and GSM/GPRS system | |
CN1852293A (en) | Method and system for requsting to read user registration state | |
KR20020044823A (en) | Apparatus and Method for Providing communication service based on personal identifier in Internet network | |
CN1604547A (en) | Management method for wireless LAN service usage by mobile subscriber | |
CN100426934C (en) | Method, system and network element for obtaining GGSN address of user ascription area |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20091014 Termination date: 20171028 |
|
CF01 | Termination of patent right due to non-payment of annual fee |