WO2023138335A1 - Differentiated control method and apparatus for user terminal, and related device - Google Patents

Differentiated control method and apparatus for user terminal, and related device Download PDF

Info

Publication number
WO2023138335A1
WO2023138335A1 PCT/CN2022/142966 CN2022142966W WO2023138335A1 WO 2023138335 A1 WO2023138335 A1 WO 2023138335A1 CN 2022142966 W CN2022142966 W CN 2022142966W WO 2023138335 A1 WO2023138335 A1 WO 2023138335A1
Authority
WO
WIPO (PCT)
Prior art keywords
user terminal
home gateway
virtual
differentiated control
physical address
Prior art date
Application number
PCT/CN2022/142966
Other languages
French (fr)
Chinese (zh)
Inventor
沈骁
邵震
钮颖彬
纪同军
黄国瑾
Original Assignee
中国电信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中国电信股份有限公司 filed Critical 中国电信股份有限公司
Publication of WO2023138335A1 publication Critical patent/WO2023138335A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2803Home automation networks
    • H04L12/2807Exchanging configuration information on appliance services in a home automation network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information

Definitions

  • the present disclosure relates to the field of communication technologies, and in particular to a user terminal differential control method, device, equipment, storage and computer program product.
  • Wired access refers to the manufacturer that inserts a 5G Subscriber Identity Module (SIM, Subscriber Identity Module) gateway to access 5GC.
  • SIM Subscriber Identity Module
  • the gateway of the 5G subscriber identity card acts as a separate user, and the 5GC performs access control on it.
  • 5GC does not consider the policy control of user terminals connected to the gateway, and cannot perform differentiated control and management of user terminals connected to the gateway.
  • the residential gateway (RG, Residential Gateway) used by the library needs to provide high quality of service (QoS, Quality of Service) guarantees for administrators and low quality of service guarantees for tourists, and for example, the home gateway provides high service quality guarantees for family members and low service quality guarantees for visitors.
  • QoS Quality of Service
  • the present disclosure provides a user terminal differentiated control method, device, device, storage and computer program product, which overcomes at least to a certain extent the problem in the related art that the mobile core network cannot perform differentiated control and management of user terminals accessing gateways.
  • a differentiated control method for user terminals including: when a home gateway receives an attachment request from one or more user terminals, apply for a virtual ID for each user terminal; associate and store the physical addresses and corresponding virtual IDs of each user terminal in the home gateway; perform differentiated control on each user terminal under the home gateway according to the physical addresses and corresponding virtual IDs of each user terminal associated and stored in the home gateway.
  • applying for a virtual ID for each user terminal includes: when the home gateway receives attachment requests from one or more user terminals, initiate a virtual ID application request for each user terminal to the home gateway virtual ID management RVIM platform through the home gateway, wherein multiple virtual IDs are pre-deployed in the RVIM platform, and the virtual ID application request includes: the gateway ID of the home gateway and the physical address of each user terminal; receiving the response from the RVIM platform through the home gateway
  • the virtual identification of each user terminal, wherein the RVIM platform is also used to associate and store the physical address, virtual identification and gateway identification of each user terminal, and synchronize them to the core network.
  • performing differentiated control on each user terminal under the home gateway according to the physical addresses and corresponding virtual identities of each user terminal associated and stored in the home gateway includes: when the home gateway receives a service request initiated by one or more user terminals, obtaining the corresponding virtual identities according to the physical addresses of each user terminal; and initiating a session establishment request to the core network according to the virtual identities of each user terminal.
  • a differentiated control method for a user terminal including: receiving a virtual ID application request from a home gateway, wherein the virtual ID application request is used to apply for a corresponding virtual ID for one or more user terminals attached to the home gateway, the virtual ID application request includes: the gateway ID of the home gateway and the physical address of each user terminal; according to the virtual ID application request, returning the virtual ID of each user terminal to the home gateway, wherein the home gateway associates and stores the physical address of each user terminal and the corresponding virtual ID to the home gateway Differentiated control is performed on each user terminal under the network.
  • the method further includes: associating and storing the physical address of each user terminal, the virtual ID and the gateway ID.
  • a differentiated control system for user terminals which is characterized in that it includes: a core network, a home gateway virtual identity management RVIM platform, a home gateway, and one or more user terminals attached to the home gateway; wherein the home gateway is configured to initiate a virtual identity application request for each user terminal to the RVIM platform when receiving an attachment request from one or more user terminals; the RVIM platform is configured to allocate a virtual identity for each user terminal according to the received virtual identity application request, and return to the home gateway;
  • the network communicates with the home gateway, and is used for performing differentiated control on each user terminal under the home gateway according to the physical address and the corresponding virtual identifier of each user terminal under the home gateway.
  • an electronic device including: a processor; and a memory configured to store executable instructions of the processor; wherein the processor is configured to execute the above-mentioned differentiated control method for a user terminal by executing the executable instructions.
  • a computer-readable storage medium on which a computer program is stored, and when the computer program is executed by a processor, the above-mentioned differentiated control method for a user terminal is implemented.
  • a computer program product including a computer program, and when the computer program is executed by a processor, any one of the above-mentioned differentiated control methods for a user terminal is implemented.
  • the user terminal differentiated control method, device, equipment, storage and computer program product provided by the embodiments of the present disclosure apply for a virtual identifier for each user terminal, associate the physical address of each user terminal with the corresponding virtual identifier, and then perform differentiated control on each user terminal according to the difference in the virtual identifier.
  • the mobile core network can distinguish the user terminal accessing the gateway, thereby facilitating differentiated control and management of the user terminal.
  • FIG. 1 shows a schematic diagram of a differentiated control system structure of a user terminal in an embodiment of the present disclosure
  • FIG. 2 shows a flowchart of a differentiated control method for a user terminal in an embodiment of the present disclosure
  • FIG. 3 shows a flowchart of another differentiated control method for user terminals in an embodiment of the present disclosure
  • FIG. 4 shows a schematic diagram of a differentiated control system for a user terminal in an embodiment of the present disclosure
  • FIG. 5 shows a schematic diagram of a differentiated control system architecture of a user terminal in an embodiment of the present disclosure
  • FIG. 6 shows an operation flow chart of a differentiated control system for a user terminal in an embodiment of the present disclosure
  • FIG. 7 shows a home gateway authentication process in a differentiated control method for user terminals in an embodiment of the present disclosure
  • FIG. 8 shows a user terminal authentication process in a user terminal differentiated control method in an embodiment of the present disclosure
  • FIG. 9 shows a schematic diagram of a differentiated control device for a user terminal in an embodiment of the present disclosure.
  • FIG. 10 shows a schematic diagram of another differentiated control device for a user terminal in an embodiment of the present disclosure
  • FIG. 11 shows a structural block diagram of an electronic device in an embodiment of the present disclosure
  • FIG. 12 shows a schematic diagram of a computer-readable storage medium in an embodiment of the present disclosure.
  • Example embodiments will now be described more fully with reference to the accompanying drawings.
  • Example embodiments may, however, be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art.
  • the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
  • Home gateway Residential Gateway, RG.
  • Residential Gateway Virtual Identity Management Residential Gateway Virtual-IMSI Management, RVIM.
  • IMSI International Mobile Subscriber Identity
  • IMSI International Mobile Subscriber Identity
  • User equipment User Equipment, UE.
  • Physical address Media Access Control, MAC, the storage unit in the physical address memory of the network card corresponds to the actual address, called the physical address, which corresponds to the logical address.
  • Wireless access network gateway function Wireline Access Gateway Function, W-AGF.
  • User Plane Function User Plane Function, UPF, as a 5GC network user plane network element, mainly supports UE service data routing and forwarding, data and service identification, action and policy execution, etc.
  • Unified data storage and management equipment unified data manager, UDM.
  • Authentication server Authentication Server Function, AUSF.
  • Extensible Authentication Protocol is a commonly used authentication framework protocol that supports multiple authentication methods, mainly used for network access authentication. EAP can be applied to wireless and wired networks.
  • Wi-Fi which is the trademark of the Wi-Fi Alliance manufacturer as a product brand certification, is used to connect network-connectable devices to each other wirelessly.
  • the third generation partnership project 3rd Generation Partnership Project, 3GPP.
  • Quality of Service refers to a network that can use various basic technologies to provide better service capabilities for specified network communications. It is a security mechanism of the network and a technology used to solve problems such as network delay and congestion.
  • Protocol data unit Protocol Data Unit, PDU.
  • Protocol Data Unit Session is a new abstract concept in the 5G system, providing a service for PDU transfer between UE and DN.
  • Data network Data Network, such as operator business, Internet or third-party business, etc.
  • FIG. 1 shows a schematic diagram of an exemplary system architecture of a differentiated control method for a user terminal or an apparatus for a differentiated control method for a user terminal that can be applied to an embodiment of the present disclosure.
  • a system architecture 100 may include a terminal device 101 , a network 102 and a server 103 .
  • the terminal device 101 sends an attach request to the server 103 through the network 102 .
  • server 103 receives the attachment request of one or more terminal equipments, apply for a virtual identification for each terminal equipment;
  • Server 103 stores the physical address and corresponding virtual identification of each terminal equipment in association with server 103;
  • the above-mentioned server 103 is also used for: when the server receives the attachment request of one or more terminal devices, the server 103 initiates a virtual identification application request for each terminal device to the home gateway virtual identification management RVIM platform, wherein the RVIM platform is pre-deployed with a plurality of virtual identifications, and the virtual identification application request includes: the gateway identification of the server 103 and the physical address of each terminal device; the virtual identification of each terminal device returned by the RVIM platform is received by the server 103, wherein the RVIM platform is also used for each terminal
  • the physical address, virtual ID and gateway ID of the device are stored in association and synchronized to the core network.
  • the server 103 is further configured to: when the server receives a service request initiated by each terminal device, obtain a corresponding virtual ID according to the physical address of each terminal device; initiate a session establishment request to the core network according to the virtual ID of each terminal device.
  • the medium used by the above-mentioned network 102 to provide a communication link between the terminal device 101 and the server 103 may be a wired network or a wireless network.
  • the aforementioned wireless network or wired network uses standard communication technologies and/or protocols.
  • the network is usually the Internet, but can also be any network, including but not limited to Local Area Network (LAN), Metropolitan Area Network (MAN), Wide Area Network (Wide Area Network, WAN), mobile, wired or wireless network, private network or any combination of virtual private network).
  • LAN Local Area Network
  • MAN Metropolitan Area Network
  • WAN Wide Area Network
  • mobile wired or wireless network
  • data exchanged over a network is represented using technologies and/or formats including Hyper Text Mark-up Language (HTML), Extensible Markup Language (XML), and the like.
  • HTML Hyper Text Mark-up Language
  • XML Extensible Markup Language
  • Secure Socket Layer Secure Socket Layer
  • Transport Layer Security Transport Layer Security
  • TLS Transport Layer Security
  • Virtual Private Network Virtual Private Network
  • VPN Virtual Private Network
  • IPsec Internet Protocol Security
  • customized and/or dedicated data communication technologies may also be used to replace or supplement the above data communication technologies.
  • the terminal device 101 may be various electronic devices, including but not limited to smartphones, tablet computers, laptop computers, desktop computers, wearable devices, augmented reality devices, virtual reality devices, and the like.
  • clients of application programs installed on different terminal devices 101 are the same, or clients of the same type of application programs based on different operating systems.
  • the specific form of the client of the application program may also be different, for example, the client of the application program may be a mobile phone client, a PC client, and the like.
  • the server 103 may be a server that provides various services, for example, a background management server that provides support for devices operated by the user using the terminal device 101 .
  • the background management server can analyze and process the received data such as requests, and feed back the processing results to the terminal device.
  • the server can be an independent physical server, a residential gateway (Residential Gateway, RG), or a server cluster or distributed system composed of multiple physical servers, or a cloud server that provides basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communications, middleware services, domain name services, security services, CDN (Content Delivery Network, content distribution network), and big data and artificial intelligence platforms.
  • the terminal may be a smart phone, a tablet computer, a laptop computer, a desktop computer, a smart speaker, a smart watch, etc., but is not limited thereto.
  • the terminal and the server may be connected directly or indirectly through wired or wireless communication, which is not limited in this application.
  • FIG. 1 the numbers of terminal devices, networks and servers in FIG. 1 are only illustrative, and there may be any number of terminal devices, networks and servers according to actual needs. The embodiment of the present disclosure does not limit this.
  • Embodiments of the present disclosure provide a differentiated control method for a user terminal, and the method may be executed by any electronic device capable of computing and processing.
  • FIG. 2 shows a flowchart of a differentiated control method for a user terminal in an embodiment of the present disclosure.
  • the differentiated control method for a user terminal provided in an embodiment of the present disclosure includes the following steps:
  • the above-mentioned home gateway RG is a device that allows a local area network (Local Area Network, LAN) to connect to a wide area network (Wide Area Network, WAN) in a telecommunications network.
  • the aforementioned user terminal may be a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, etc., but is not limited thereto.
  • the English name of the above attachment request is Attach Request, which is a kind of NAS (Non Access Stratum, non-access stratum) signaling.
  • Attach Request which is a kind of NAS (Non Access Stratum, non-access stratum) signaling.
  • NAS Non Access Stratum, non-access stratum
  • the aforementioned virtual identifier may be a string of characters, marking different user terminals and used to distinguish user terminals.
  • applying for a virtual ID for each user terminal may include: when the home gateway receives attachment requests from one or more user terminals, initiate a virtual ID application request for each user terminal to the home gateway virtual ID management RVIM platform through the home gateway, wherein multiple virtual IDs are pre-deployed in the RVIM platform, and the virtual ID application request includes: the gateway ID of the home gateway and the physical address of each user terminal; receiving the ID of each user terminal returned by the RVIM platform through the home gateway Virtual ID, wherein the RVIM platform is also used to associate and store the physical address, virtual ID and gateway ID of each user terminal, and synchronize them to the core network.
  • the RG when the user terminal UE registers, the RG applies for a virtual identity from the RVIM.
  • the RG identifies whether the identity of the online user terminal is an administrator or a visitor (for example, the RG maintains a database in which the MAC address of the administrator device is stored. If the MAC address of the online user terminal is not in the database, it is identified as a tourist). In this way, when the RG applies for a virtual ID, it can carry a label indicating the quality of service.
  • the administrator device applies for a high-QOS virtual ID, and the tourist device applies for a low-QOS virtual ID.
  • the virtual identifier itself can represent different QoS through a different bit, so that when the subsequent user terminal UE performs data services, the 5GC can directly judge whether to provide high QOS or low QOS for the user terminal UE according to the virtual identifier.
  • the above-mentioned user terminal may be a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, etc., but is not limited thereto.
  • the above physical address may be a MAC address, which is the address of the host computer of the user terminal that sends data when transmitting data.
  • the above corresponding virtual identifier is a string of characters assigned to each user terminal, and is used to distinguish different user terminals.
  • the above-mentioned home gateway is a device that allows a local area network (Local Area Network, LAN) to connect to a wide area network (Wide Area Network, WAN) in a telecommunications network.
  • the aforementioned user terminal may be a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, etc., but is not limited thereto.
  • the above physical address may be a MAC address, which is the address of the host computer of the user terminal that sends data when transmitting data.
  • the above corresponding virtual identifier is a string of characters assigned to each user terminal, and is used to distinguish different user terminals.
  • the above differentiated control means that different user terminals can be managed differently according to the virtual identifiers corresponding to the user terminals.
  • the differentiated control of each user terminal under the home gateway according to the physical address of each user terminal and the corresponding virtual ID stored in the home gateway may include: when the home gateway receives a service request initiated by each user terminal, obtain the corresponding virtual ID according to the physical address of each user terminal; initiate a session establishment request to the core network according to the virtual ID of each user terminal.
  • the mobile phone of the librarian (equivalent to the above-mentioned user terminal) needs a high QS, and a number with the sixth digit of the IMSI (equivalent to the above-mentioned virtual identity) is assigned.
  • the library visitor’s mobile phone needs a low QS, so a number with the sixth digit of the IMSI is assigned, so as to differentiate between the administrator’s mobile phone and the visitor’s mobile phone (equivalent to the above-mentioned user terminals) under the RG.
  • the mobile core network can perform differentiated control and management on the user terminals accessing the gateway through the physical addresses and corresponding virtual identities of each user terminal associated and stored in the home gateway.
  • the embodiment of the present disclosure also provides a differentiated control method for a user terminal, including the following steps:
  • S302. Receive a virtual identity application request from the home gateway, where the virtual identity application request is used to apply for a corresponding virtual identity for one or more user terminals attached to the home gateway, and the virtual identity application request includes: the gateway identity of the home gateway and the physical address of each user terminal.
  • the above-mentioned home gateway is a device that allows a local area network to connect to a wide area network in a telecommunications network.
  • the aforementioned virtual identifier may be a string of characters, marking different user terminals and used to distinguish user terminals.
  • the aforementioned user terminal may be a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, etc., but is not limited thereto.
  • the gateway identified above is IMSI.
  • the above-mentioned physical address is a MAC address, which is the address of the user terminal that sends data when transmitting data.
  • different user terminals are distinguished by using virtual identifiers, thereby facilitating differentiated control and management of user terminals.
  • S304 According to the virtual identity application request, return the virtual identity of one or more user terminals to the home gateway, wherein the home gateway associates and stores the physical address of each user terminal with the corresponding virtual identity, so as to perform differential control on each user terminal under the home gateway.
  • the aforementioned virtual identifier may be a string of characters, marking different user terminals and used to distinguish user terminals.
  • the aforementioned residential gateway in a telecommunications network, is a device that allows a local area network to connect to a wide area network.
  • the mobile core network can control and manage the user terminals accessing the gateway in a differentiated manner by associating and storing the physical addresses and corresponding virtual identities of each user terminal in the home gateway.
  • the embodiment of the present disclosure also provides a schematic diagram of a differentiated control system for user terminals, including a core network 401, a home gateway virtual identity management RVIM platform 402, a home gateway 403, and one or more user terminals 404 attached to the home gateway.
  • the home gateway is used to initiate a virtual identification application request of each user terminal to the RVIM platform when receiving the attachment request of one or more user terminals;
  • the RVIM platform is used to assign a virtual identity to each user terminal according to the received virtual identity application request, and return it to the home gateway;
  • the core network communicates with the home gateway, and is used to control each user terminal under the home gateway in a differentiated manner according to the physical address and the corresponding virtual identifier of each user terminal under the home gateway.
  • the mobile core network can control and manage the user terminals accessing the gateway in a differentiated manner by associating and storing the physical addresses and corresponding virtual identities of each user terminal in the home gateway.
  • the embodiment of the present disclosure also provides a schematic diagram of a differentiated control system architecture of a user terminal, which includes:
  • 5G RG502 is connected with UE501, RVIM503 and W-AGF504 respectively, W-AGF is connected with AMF505 and UPF506 respectively, RVIM is connected with UDM507, UDM is connected with AUSF508, and AUSF is connected with AMF.
  • RVIM503 is used to set up a certain number of temporary number (IMSI) pools and synchronize them to UDM in real time.
  • IMSI temporary number
  • UDM needs to notify the RVIM platform that the RG has been accessed through New Interface1.
  • RVIM saves a list of currently authenticated numbers and updates them in real time.
  • the UE/Device attaches to the 5G-RG through the Y1 interface
  • the 5G-RG applies to the RVIM for a virtual identity (carrying, carrying 5 GRG's IMSI and UE/Device's MAC address).
  • the RVIM is used to allocate a temporary number (equivalent to the above-mentioned virtual identity) to the above-mentioned UE/Device, and save the binding relationship between the temporary number and the MAC address of the device.
  • 5G-RG is used for when UE/Device attaches to 5G-RG through Y1 interface, 5G-RG applies for a virtual identity (carrying IMSI of 5G RG and MAC address of UE/Device) to RVIM through New Interface1. After obtaining the temporary number from RVIM, 5G-RG also establishes a binding relationship between the temporary number and the MAC address of the device. 5G-RG supports the ability to initiate multiple authentications to W-AGF with multiple IMSIs and establish multiple PDU Sessions.
  • UDM is used to synchronize all temporary numbers in RVIM in real time, and notify the RVIM platform that the 5G-RG has been accessed after the 5G-RG authentication is successful.
  • the UDM when the registration is successful, the UDM notifies the RVIM that the RG has been authenticated, and the RVIM should save a list of currently authenticated numbers and update it in real time.
  • the 5G-RG applies to the RVIM for a virtual identity (carrying the IMSI of the 5G RG and the MAC address of the UE/Device) through the New Interface1.
  • RVIM assigns a temporary number to the UE/Device, and saves the binding relationship between the temporary number and the MAC address of the device.
  • the RG After the RG obtains the temporary number, it also establishes a binding relationship between the temporary number and the MAC address of the device. Subsequently, the RG initiates registration with the W-AGF again with the temporary number.
  • the 5G-RG uses the PDU Session initiated to the W-AGF to establish.
  • FIG. 6 is a flow chart of the operation of a differentiated control system for user terminals, including:
  • 5G RG (equivalent to the above-mentioned home gateway RG) goes online, and executes the RG certification process;
  • the Device attaches to the 5G RG, executes the Device authentication process, and the 5G RG binds the Device MAC address (equivalent to the physical address of the above-mentioned user terminal) with the temporary number (equivalent to the above-mentioned virtual identity);
  • the Device initiates a data service, and the 5G RG uses the temporary number to initiate a session establishment process to the W-AGF. After the session is established, the data service can be transmitted in the session;
  • the RG allocates different temporary numbers to each Device and establishes different sessions, so as to implement differentiated management of different Devices.
  • the Device MAC address is bound to the temporary number through the 5G RG, so that the RGC can perform differentiated control and management on different Devices that access the gateway.
  • the embodiment of the present disclosure also provides an RG authentication process in a user terminal differentiated control method, including the following steps:
  • 5G RG has been certified by W-AGF and AUSF to implement the standard EAP;
  • AMF and AUSF exchange user subscription information (specific service information ordered by the user when activating the service);
  • the AMF sends the EAP authentication success to the W-AGF;
  • W-AGF sends EAP authentication success to 5G RG
  • 5G RG has been certified by W-AGF and AMF to implement standard NAS;
  • 5G RG has been certified by the standard NAS between W-AGF and AUSF;
  • 5G RG is certified by standard NAS between W-AGF and UDM;
  • the UDM notifies the RVIM of the authentication result of the 5G RG, and the RVIM obtains the message that the RG has completed the authentication.
  • S702 to S708, 5G RG is certified by standard EAP between W-AGF and AMF/AUSF/UDM.
  • 5G RG is certified by standard NAS between W-AGF and AMF/AUSF/UDM.
  • the embodiment of the present disclosure also provides a user terminal authentication process in a user terminal differentiated control method, including the following steps:
  • the Device is successfully attached to the 5G RG; the 5G RG carries the Device MAC address and the RG IMSI to apply for a temporary number from the RVIM; the RVIM queries the stored RG authentication results, allocates a temporary number to the 5G RG, and saves the binding relationship between the RG IMSI, Device MAC address and the temporary number; AGF initiates authentication again.
  • embodiments of the present disclosure also provide a differentiated control device for user terminals, as described in the following embodiments. Since the problem-solving principle of this device embodiment is similar to that of the above-mentioned method embodiment, the implementation of this device embodiment can refer to the implementation of the above-mentioned method embodiment, and repeated descriptions will not be repeated.
  • FIG. 9 shows a schematic diagram of a differentiated control device for a user terminal in an embodiment of the present disclosure. As shown in FIG. 9, the device includes:
  • the number application module 901 is configured to apply for a virtual ID for each user terminal when the home gateway receives an attachment request from one or more user terminals;
  • the number association module 902 is configured to associate and store the physical address of each user terminal and the corresponding virtual identification in the home gateway;
  • the differentiated control module 903 is configured to perform differentiated control on each user terminal under the home gateway according to the physical addresses and corresponding virtual identities of each user terminal associated and stored in the home gateway.
  • the number application module 901 is specifically configured to: when the home gateway receives an attachment request from one or more user terminals, initiate a virtual identity application request for each user terminal to the home gateway virtual identity management RVIM platform through the home gateway, wherein multiple virtual identities are pre-deployed in the RVIM platform, and the virtual identity application request includes: the gateway identity of the home gateway and the physical address of each user terminal; receive the virtual identity of each user terminal returned by the RVIM platform through the home gateway, wherein the RVIM platform is also used to apply the physical address of each user terminal Addresses, virtual IDs, and gateway IDs are stored in association and synchronized to the core network.
  • the differentiation control module 903 is specifically configured to: when the home gateway receives a service request initiated by each user terminal, obtain a corresponding virtual identifier according to the physical address of each user terminal; initiate a session establishment request to the core network according to the virtual identifier of each user terminal.
  • FIG. 10 shows a schematic diagram of another differentiated control device for user terminals in an embodiment of the present disclosure. As shown in FIG. 10 , the device includes:
  • the request receiving module 1001 is configured to receive a virtual identity application request from a home gateway, wherein the virtual identity application request is used to apply for a corresponding virtual identity for one or more user terminals attached to the home gateway, and the virtual identity application request includes: the gateway identity of the home gateway and the physical address of each user terminal;
  • the response module 1002 is configured to return the virtual ID of each user terminal to the home gateway according to the virtual ID application request, wherein the home gateway associates and stores the physical address of each user terminal with the corresponding virtual ID, so as to perform differential control on each user terminal under the home gateway.
  • the device further includes: an associated storage module 1003 configured to associate and store the physical address, virtual identifier and gateway identifier of each user terminal.
  • FIG. 11 An electronic device 1100 according to this embodiment of the present disclosure is described below with reference to FIG. 11 .
  • the electronic device 1100 shown in FIG. 11 is only an example, and should not limit the functions and scope of use of the embodiments of the present disclosure.
  • electronic device 1100 takes the form of a general-purpose computing device.
  • Components of the electronic device 1100 may include, but are not limited to: at least one processing unit 1110, at least one storage unit 1120, and a bus 1130 connecting different system components (including the storage unit 1120 and the processing unit 1110).
  • the storage unit stores program codes, and the program codes can be executed by the processing unit 1110, so that the processing unit 1110 executes the steps according to various exemplary embodiments of the present disclosure described in the “Exemplary Method” section above.
  • the processing unit 1110 may perform the following steps in the above method embodiment: when the home gateway receives an attachment request from one or more user terminals, apply for a virtual identifier for each user terminal; associate and store the physical addresses of each user terminal and the corresponding virtual identifiers in the home gateway; perform differentiated control on each user terminal under the home gateway according to the physical addresses and corresponding virtual identifiers of each user terminal associated and stored in the home gateway.
  • the processing unit 1110 executes the step of applying for a virtual identity for each user terminal when the home gateway receives the attachment request of one or more user terminals, it may also include: when the home gateway receives the attachment request of one or more user terminals, initiate a virtual identity application request for each user terminal to the home gateway virtual identity management RVIM platform through the home gateway.
  • the processing unit 1110 executes the step of performing differentiated control on each user terminal under the home gateway according to the physical address of each user terminal associated and stored in the home gateway and the corresponding virtual identifier, it may further include: when the home gateway receives a service request initiated by each user terminal, obtain the corresponding virtual identifier according to the physical address of each user terminal; initiate a session establishment request to the core network according to the virtual identifier of each user terminal.
  • the processing unit 1110 may perform the following steps in the above method embodiment: receiving a virtual ID application request from the home gateway, wherein the virtual ID application request is used to apply for a corresponding virtual ID for one or more user terminals attached to the home gateway, and the virtual ID application request includes: the gateway ID of the home gateway and the physical address of each user terminal; according to the virtual ID application request, return the virtual ID of one or more user terminals to the home gateway, wherein the home gateway associates and stores the physical address of each user terminal and the corresponding virtual ID, so that each user terminal under the home gateway Differential control.
  • the processing unit 1110 may further include: associating and storing the physical address of each user terminal, the virtual ID and the gateway ID.
  • the storage unit 1120 may include a readable medium in the form of a volatile storage unit, such as a random access storage unit (RAM) 11201 and/or a cache storage unit 11202 , and may further include a read-only storage unit (ROM) 11203 .
  • RAM random access storage unit
  • ROM read-only storage unit
  • Storage unit 1120 may also include a program/utility 11204 having a set (at least one) of program modules 11205, such program modules 11205 including but not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include the implementation of a network environment.
  • program modules 11205 including but not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include the implementation of a network environment.
  • Bus 1130 may represent one or more of several types of bus structures, including a memory cell bus or memory cell controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus structures.
  • the electronic device 1100 may also communicate with one or more external devices 1140 (e.g., keyboards, pointing devices, Bluetooth devices, etc.), and with one or more devices that enable a user to interact with the electronic device 1100, and/or with any device that enables the electronic device 1100 to communicate with one or more other computing devices (e.g., routers, modems, etc.). Such communication may occur through input/output (I/O) interface 1150 .
  • the electronic device 1100 can also communicate with one or more networks (such as a local area network (LAN), a wide area network (WAN) and/or a public network such as the Internet) through the network adapter 1160 .
  • networks such as a local area network (LAN), a wide area network (WAN) and/or a public network such as the Internet
  • the network adapter 1160 communicates with other modules of the electronic device 1100 through the bus 1130 .
  • other hardware and/or software modules may be used in conjunction with the electronic device 1100, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
  • the technical solution according to the embodiments of the present disclosure can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, a U disk, a mobile hard disk, etc.) or on a network, and includes several instructions so that a computing device (which can be a personal computer, a server, a terminal device, or a network device, etc.) executes the method according to the embodiments of the present disclosure.
  • a non-volatile storage medium which can be a CD-ROM, a U disk, a mobile hard disk, etc.
  • a computing device which can be a personal computer, a server, a terminal device, or a network device, etc.
  • the process described above with reference to the flowchart can be implemented as a computer program product, and the computer program product includes: a computer program, when the computer program is executed by a processor, the above-mentioned differentiated control method for a user terminal is implemented.
  • a computer-readable storage medium is also provided, and the computer-readable storage medium may be a readable signal medium or a readable storage medium.
  • FIG. 12 shows a schematic diagram of a computer-readable storage medium in an embodiment of the present disclosure.
  • the computer-readable storage medium 1200 stores a program product capable of implementing the above method of the present disclosure.
  • various aspects of the present disclosure may also be implemented in the form of a program product, which includes program code, and when the program product is run on a terminal device, the program code is used to cause the terminal device to execute the steps according to various exemplary embodiments of the present disclosure described in the above "Exemplary Method" section of this specification.
  • the home gateway receives an attachment request from one or more user terminals, apply for a virtual ID for each user terminal; associate and store the physical addresses of each user terminal and the corresponding virtual IDs in the home gateway; perform differentiated control on each user terminal under the home gateway according to the physical addresses and corresponding virtual IDs of each user terminal associated and stored in the home gateway.
  • the home gateway when the program product in the embodiments of the present disclosure is executed by the processor, the following steps can also be implemented: when the home gateway receives an attachment request from one or more user terminals, the home gateway initiates a virtual identity application request for each user terminal to the home gateway virtual identity management RVIM platform, wherein, the RVIM platform is pre-deployed with multiple virtual identities, and the virtual identity application request includes: the gateway identity of the home gateway and the physical address of each user terminal; receiving the virtual identity of each user terminal returned by the RVIM platform through the home gateway, wherein, the RV The IM platform is also used to associate and store the physical address, virtual ID and gateway ID of each user terminal, and synchronize them to the core network.
  • the following steps can also be implemented: when the home gateway receives a service request initiated by each user terminal, obtain the corresponding virtual identifier according to the physical address of each user terminal; initiate a session establishment request to the core network according to the virtual identifier of each user terminal.
  • the following steps can also be implemented: receiving a virtual ID application request from a home gateway, wherein the virtual ID application request is used to apply for a corresponding virtual ID for one or more user terminals attached to the home gateway, and the virtual ID application request includes: the gateway ID of the home gateway and the physical address of each user terminal; according to the virtual ID application request, return the virtual ID of one or more user terminals to the home gateway, wherein the home gateway associates and stores the physical address of each user terminal and the corresponding virtual ID to the home gateway Differentiated control is performed on each user terminal under the network.
  • the following steps can also be implemented: after one or more virtual identities are returned to the home gateway according to the virtual id application request, the physical address of each user terminal, the virtual identities, and the gateway identities are associated and stored.
  • a computer-readable storage medium in the present disclosure may include, but are not limited to, an electrical connection with one or more wires, a portable computer disk, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
  • RAM random access memory
  • ROM read-only memory
  • EPROM or flash memory erasable programmable read-only memory
  • CD-ROM compact disk read-only memory
  • CD-ROM compact disk read-only memory
  • magnetic storage device or any suitable combination of the foregoing.
  • a computer-readable storage medium may include a data signal carrying readable program code in baseband or as part of a carrier wave traveling as a data signal. Such propagated data signals may take many forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination of the foregoing.
  • a readable signal medium may also be any readable medium other than a readable storage medium that can transmit, propagate, or transport a program for use by or in conjunction with an instruction execution system, apparatus, or device.
  • program code embodied on a computer readable storage medium may be transmitted using any suitable medium, including but not limited to wireless, wireline, optical cable, RF, etc., or any suitable combination of the above.
  • the program code for performing the operations of the present disclosure may be written in any combination of one or more programming languages, including object-oriented programming languages—such as Java, C++, etc., and conventional procedural programming languages—such as “C” language or similar programming languages.
  • the program code may execute entirely on the user computing device, partly on the user device, as a stand-alone software package, partly on the user computing device and partly on a remote computing device, or entirely on the remote computing device or server.
  • the remote computing device may be connected to the user computing device through any kind of network, including a local area network (LAN) or a wide area network (WAN), or alternatively, may be connected to an external computing device (e.g., via the Internet using an Internet service provider).
  • LAN local area network
  • WAN wide area network
  • an Internet service provider e.g., via the Internet using an Internet service provider
  • steps of the methods of the present disclosure are depicted in a particular order in the figures, there is no requirement or implication that the steps must be performed in that particular order, or that all illustrated steps must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps may be combined into one step for execution, and/or one step may be decomposed into multiple steps for execution, etc.
  • the technical solution according to the embodiments of the present disclosure can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, a U disk, a mobile hard disk, etc.) or on a network, and includes several instructions so that a computing device (which can be a personal computer, a server, a mobile terminal, or a network device, etc.) executes the method according to the embodiments of the present disclosure.
  • a non-volatile storage medium which can be a CD-ROM, a U disk, a mobile hard disk, etc.
  • a computing device which can be a personal computer, a server, a mobile terminal, or a network device, etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Automation & Control Theory (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present disclosure relates to the technical field of communications. Provided are a differentiated control method and apparatus for a user terminal, and a device, a storage and a computer program product. The method comprises: when a residential gateway receives an attachment request from one or more user terminals, applying for a virtual identifier for each user terminal; storing the physical address of each user terminal and a corresponding virtual identifier in the residential gateway in an associated manner; and performing differentiated control on each user terminal under the residential gateway according to the physical address of each user terminal and the corresponding virtual identifier, which are stored in the residential gateway in the associated manner. In the present disclosure, the physical address of a user terminal is associated with a corresponding virtual identifier, such that a mobile core network can distinguish a user terminal which accesses a gateway, thereby facilitating differentiated control and management of the user terminal.

Description

用户终端的差异化控制方法、装置及相关设备User terminal differentiated control method, device and related equipment
相关申请的交叉引用Cross References to Related Applications
本公开要求于2022年01月21日提交的申请号为202210069544.8、名称为“用户终端的差异化控制方法及装置、设备及存储”的中国专利申请的优先权,该中国专利申请的全部内容通过引用全部并入本文。This disclosure claims the priority of the Chinese patent application with application number 202210069544.8 and titled "Differential control method and device, equipment and storage for user terminals" filed on January 21, 2022. The entire content of the Chinese patent application is incorporated herein by reference.
技术领域technical field
本公开涉及通信技术领域,尤其涉及一种用户终端的差异化控制方法、装置、设备、存储及计算机程序产品。The present disclosure relates to the field of communication technologies, and in particular to a user terminal differential control method, device, equipment, storage and computer program product.
背景技术Background technique
现有技术中,非第三代合作伙伴计划(3GPP,3rd GenerationPartnership Project)接入第五代移动通信技术核心网(5G核心网,5th Generation Mobile Communication Technology Core Network)的方案,可以采用有线接入接入的方式。有线接入是指插入了5G用户识别卡(SIM,Subscriber Identity Module)的网关接入5GC的厂家。In the prior art, the non-3rd Generation Partnership Project (3GPP, 3rd Generation Partnership Project) access to the fifth generation mobile communication technology core network (5G core network, 5th Generation Mobile Communication Technology Core Network) scheme can use wired access. Wired access refers to the manufacturer that inserts a 5G Subscriber Identity Module (SIM, Subscriber Identity Module) gateway to access 5GC.
在现有技术有线接入方案中,5G用户识别卡的网关作为一个单独的用户,由5GC对其进行接入控制。但5GC未考虑网关下接入的用户终端的策略控制,无法对接入网关的用户终端进行差异化的控制和管理。而在实际应用中,有很多场景需要对单独用户进行差异化的策略控制,比如例如图书馆使用的的家庭网关(RG,Residential Gateway)需给予管理员高服务质量(QoS,Quality of Service)保障,给与游客低服务质量保障,又如家用的家庭网关给予家庭成员高服务质量保障,给与访客低服务质量保障。In the prior art wired access solution, the gateway of the 5G subscriber identity card acts as a separate user, and the 5GC performs access control on it. However, 5GC does not consider the policy control of user terminals connected to the gateway, and cannot perform differentiated control and management of user terminals connected to the gateway. In practical applications, there are many scenarios that require differentiated policy control for individual users. For example, the residential gateway (RG, Residential Gateway) used by the library needs to provide high quality of service (QoS, Quality of Service) guarantees for administrators and low quality of service guarantees for tourists, and for example, the home gateway provides high service quality guarantees for family members and low service quality guarantees for visitors.
需要说明的是,在上述背景技术部分公开的信息仅用于加强对本公开的背景的理解,因此可以包括不构成对本领域普通技术人员已知的现有技术的信息。It should be noted that the information disclosed in the above background section is only for enhancing the understanding of the background of the present disclosure, and therefore may include information that does not constitute the prior art known to those of ordinary skill in the art.
发明内容Contents of the invention
本公开提供一种用户终端的差异化控制方法、装置、设备、存储及计算机程序产品,至少在一定程度上克服相关技术中移动核心网无法对接入网关的用户终端进行差异化控制和管理的问题。The present disclosure provides a user terminal differentiated control method, device, device, storage and computer program product, which overcomes at least to a certain extent the problem in the related art that the mobile core network cannot perform differentiated control and management of user terminals accessing gateways.
本公开的其他特性和优点将通过下面的详细描述变得显然,或部分地通过本公开的实 践而习得。Other features and advantages of the present disclosure will become apparent from the following detailed description, or in part, be learned by practice of the present disclosure.
根据本公开的一个方面,提供了一种用户终端的差异化控制方法,包括:当家庭网关接收到一个或多个用户终端的附着请求时,为每个用户终端申请一个虚拟标识;将各个用户终端的物理地址和对应的虚拟标识,关联存储到所述家庭网关;根据所述家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,对所述家庭网关下的各个用户终端进行差异化控制。According to one aspect of the present disclosure, a differentiated control method for user terminals is provided, including: when a home gateway receives an attachment request from one or more user terminals, apply for a virtual ID for each user terminal; associate and store the physical addresses and corresponding virtual IDs of each user terminal in the home gateway; perform differentiated control on each user terminal under the home gateway according to the physical addresses and corresponding virtual IDs of each user terminal associated and stored in the home gateway.
在本公开的一个实施例中,当家庭网关接收到一个或多个用户终端的附着请求时,为每个用户终端申请一个虚拟标识,包括:当家庭网关接收到一个或多个用户终端的附着请求时,通过所述家庭网关向家庭网关虚拟标识管理RVIM平台发起各个用户终端的虚拟标识申请请求,其中,所述RVIM平台中预先部署有多个虚拟标识,所述虚拟标识申请请求中包含:所述家庭网关的网关标识和各个用户终端的物理地址;通过所述家庭网关接收所述RVIM平台返回的各个用户终端的虚拟标识,其中,所述RVIM平台还用于将每个用户终端的物理地址、虚拟标识和网关标识关联存储,并同步至核心网。In one embodiment of the present disclosure, when the home gateway receives attachment requests from one or more user terminals, applying for a virtual ID for each user terminal includes: when the home gateway receives attachment requests from one or more user terminals, initiate a virtual ID application request for each user terminal to the home gateway virtual ID management RVIM platform through the home gateway, wherein multiple virtual IDs are pre-deployed in the RVIM platform, and the virtual ID application request includes: the gateway ID of the home gateway and the physical address of each user terminal; receiving the response from the RVIM platform through the home gateway The virtual identification of each user terminal, wherein the RVIM platform is also used to associate and store the physical address, virtual identification and gateway identification of each user terminal, and synchronize them to the core network.
在本公开的一个实施例中,根据所述家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,对所述家庭网关下的各个用户终端进行差异化控制,包括:当所述家庭网关接收到一个或多个用户终端发起的业务请求时,根据各个用户终端的物理地址获取对应的虚拟标识;根据各个用户终端的虚拟标识向核心网发起会话建立请求。In an embodiment of the present disclosure, performing differentiated control on each user terminal under the home gateway according to the physical addresses and corresponding virtual identities of each user terminal associated and stored in the home gateway includes: when the home gateway receives a service request initiated by one or more user terminals, obtaining the corresponding virtual identities according to the physical addresses of each user terminal; and initiating a session establishment request to the core network according to the virtual identities of each user terminal.
根据本公开的另一个方面,提供一种用户终端的差异化控制方法,包括:接收来自家庭网关的虚拟标识申请请求,其中,所述虚拟标识申请请求用于为附着到所述家庭网关的一个或多个用户终端申请对应的虚拟标识,所述虚拟标识申请请求中包含:所述家庭网关的网关标识和各个用户终端的物理地址;根据所述虚拟标识申请请求,向所述家庭网关返回各个用户终端的虚拟标识,其中,所述家庭网关将各个用户终端的物理地址和对应的虚拟标识进行关联存储,以对所述家庭网关下的各个用户终端进行差异化控制。According to another aspect of the present disclosure, a differentiated control method for a user terminal is provided, including: receiving a virtual ID application request from a home gateway, wherein the virtual ID application request is used to apply for a corresponding virtual ID for one or more user terminals attached to the home gateway, the virtual ID application request includes: the gateway ID of the home gateway and the physical address of each user terminal; according to the virtual ID application request, returning the virtual ID of each user terminal to the home gateway, wherein the home gateway associates and stores the physical address of each user terminal and the corresponding virtual ID to the home gateway Differentiated control is performed on each user terminal under the network.
在本公开的一个实施例中,在根据所述虚拟标识申请请求,向所述家庭网关返回一个或多个虚拟标识之后,所述方法还包括:将每个用户终端的物理地址、虚拟标识和网关标识关联存储。In an embodiment of the present disclosure, after returning one or more virtual IDs to the home gateway according to the virtual ID application request, the method further includes: associating and storing the physical address of each user terminal, the virtual ID and the gateway ID.
在本公开的一个实施例中,提供一种用户终端的差异化控制系统,其特征在于,包括:核心网、家庭网关虚拟标识管理RVIM平台、家庭网关及附着到所述家庭网关的一个或多个用户终端;其中,所述家庭网关用于在接收到一个或多个用户终端的附着请求时,向所述RVIM平台发起各个用户终端的虚拟标识申请请求;所述RVIM平台,用于根据接收到的虚拟标识申请请求,为各个用户终端分配一个虚拟标识,并返回至所述家庭网关;所述核心网,与所述家庭网关通信,用于根据所述家庭网关下各个用户终端的物理地址和对应的虚拟标识,对所述家庭网关下的各个用户终端进行差异化控制。In one embodiment of the present disclosure, a differentiated control system for user terminals is provided, which is characterized in that it includes: a core network, a home gateway virtual identity management RVIM platform, a home gateway, and one or more user terminals attached to the home gateway; wherein the home gateway is configured to initiate a virtual identity application request for each user terminal to the RVIM platform when receiving an attachment request from one or more user terminals; the RVIM platform is configured to allocate a virtual identity for each user terminal according to the received virtual identity application request, and return to the home gateway; The network communicates with the home gateway, and is used for performing differentiated control on each user terminal under the home gateway according to the physical address and the corresponding virtual identifier of each user terminal under the home gateway.
根据本公开的再一个方面,提供一种电子设备,包括:处理器;以及存储器,用于存储所述处理器的可执行指令;其中,所述处理器配置为经由执行所述可执行指令来执行上 述的用户终端的差异化控制方法。According to another aspect of the present disclosure, there is provided an electronic device, including: a processor; and a memory configured to store executable instructions of the processor; wherein the processor is configured to execute the above-mentioned differentiated control method for a user terminal by executing the executable instructions.
根据本公开的又一个方面,提供一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现上述的用户终端的差异化控制方法。According to yet another aspect of the present disclosure, a computer-readable storage medium is provided, on which a computer program is stored, and when the computer program is executed by a processor, the above-mentioned differentiated control method for a user terminal is implemented.
根据本公开的另一个方面,还提供了一种计算机程序产品,包括计算机程序,所述计算机程序被处理器执行时实现上述任意一项的用户终端的差异化控制方法。According to another aspect of the present disclosure, there is also provided a computer program product, including a computer program, and when the computer program is executed by a processor, any one of the above-mentioned differentiated control methods for a user terminal is implemented.
本公开的实施例所提供的用户终端的差异化控制方法、装置、设备、存储及计算机程序产品,通过为每个用户终端申请一个虚拟标识,将各个用户终端的物理地址和对应的虚拟标识相关联,进而根据虚拟标识的不同,对各个用户终端进行差异化控制。本公开实施例中,由于用户终端的物理地址和对应的虚拟标识相关联,使得移动核心网能够对接入网关的用户终端进行区分,从而有助于对用户终端进行差异化控制和管理。The user terminal differentiated control method, device, equipment, storage and computer program product provided by the embodiments of the present disclosure apply for a virtual identifier for each user terminal, associate the physical address of each user terminal with the corresponding virtual identifier, and then perform differentiated control on each user terminal according to the difference in the virtual identifier. In the embodiment of the present disclosure, since the physical address of the user terminal is associated with the corresponding virtual identifier, the mobile core network can distinguish the user terminal accessing the gateway, thereby facilitating differentiated control and management of the user terminal.
应当理解的是,以上的一般描述和后文的细节描述仅是示例性和解释性的,并不能限制本公开。It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the present disclosure.
附图说明Description of drawings
此处的附图被并入说明书中并构成本说明书的一部分,示出了符合本公开的实施例,并与说明书一起用于解释本公开的原理。显而易见地,下面描述中的附图仅仅是本公开的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description serve to explain the principles of the disclosure. Apparently, the drawings in the following description are only some embodiments of the present disclosure, and those skilled in the art can obtain other drawings according to these drawings without creative efforts.
图1示出本公开实施例中一种用户终端的差异化控制系统结构的示意图;FIG. 1 shows a schematic diagram of a differentiated control system structure of a user terminal in an embodiment of the present disclosure;
图2示出本公开实施例中一种用户终端的差异化控制方法流程图;FIG. 2 shows a flowchart of a differentiated control method for a user terminal in an embodiment of the present disclosure;
图3示出本公开实施例中另一种用户终端的差异化控制方法流程图;FIG. 3 shows a flowchart of another differentiated control method for user terminals in an embodiment of the present disclosure;
图4示出本公开实施例中一种用户终端的差异化控制系统的示意图;FIG. 4 shows a schematic diagram of a differentiated control system for a user terminal in an embodiment of the present disclosure;
图5示出本公开实施例中一种用户终端的差异化控制系统架构示意图;FIG. 5 shows a schematic diagram of a differentiated control system architecture of a user terminal in an embodiment of the present disclosure;
图6示出本公开实施例中一种用户终端的差异化控制系统运行流程图;FIG. 6 shows an operation flow chart of a differentiated control system for a user terminal in an embodiment of the present disclosure;
图7示出本公开实施例中一种用户终端的差异化控制方法中家庭网关认证流程;FIG. 7 shows a home gateway authentication process in a differentiated control method for user terminals in an embodiment of the present disclosure;
图8示出本公开实施例中一种用户终端的差异化控制方法中用户终端认证流程;FIG. 8 shows a user terminal authentication process in a user terminal differentiated control method in an embodiment of the present disclosure;
图9示出本公开实施例中一种用户终端的差异化控制装置示意图;FIG. 9 shows a schematic diagram of a differentiated control device for a user terminal in an embodiment of the present disclosure;
图10示出本公开实施例中另一种用户终端的差异化控制装置示意图;FIG. 10 shows a schematic diagram of another differentiated control device for a user terminal in an embodiment of the present disclosure;
图11示出本公开实施例中一种电子设备的结构框图;FIG. 11 shows a structural block diagram of an electronic device in an embodiment of the present disclosure;
图12示出本公开实施例中一种计算机可读存储介质的示意图。FIG. 12 shows a schematic diagram of a computer-readable storage medium in an embodiment of the present disclosure.
具体实施方式Detailed ways
现在将参考附图更全面地描述示例实施方式。然而,示例实施方式能够以多种形式实施,且不应被理解为限于在此阐述的范例;相反,提供这些实施方式使得本公开 将更加全面和完整,并将示例实施方式的构思全面地传达给本领域的技术人员。所描述的特征、结构或特性可以以任何合适的方式结合在一个或更多实施方式中。Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
此外,附图仅为本公开的示意性图解,并非一定是按比例绘制。图中相同的附图标记表示相同或类似的部分,因而将省略对它们的重复描述。附图中所示的一些方框图是功能实体,不一定必须与物理或逻辑上独立的实体相对应。可以采用软件形式来实现这些功能实体,或在一个或多个硬件模块或集成电路中实现这些功能实体,或在不同网络和/或处理器装置和/或微控制器装置中实现这些功能实体。Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus repeated descriptions thereof will be omitted. Some of the block diagrams shown in the drawings are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in software, or in one or more hardware modules or integrated circuits, or in different network and/or processor means and/or microcontroller means.
为便于理解,在介绍本公开实施例之前,首先对本公开实施例中涉及到的几个名词进行解释如下:For ease of understanding, before introducing the embodiments of the present disclosure, several nouns involved in the embodiments of the present disclosure are explained as follows:
家庭网关:Residential Gateway,RG。Home gateway: Residential Gateway, RG.
家庭网关虚拟标识管理:Residential Gateway Virtual-IMSI Management,RVIM。Residential Gateway Virtual Identity Management: Residential Gateway Virtual-IMSI Management, RVIM.
国际移动用户识别码:IMSI,International Mobile Subscriber Identity,是用于区分蜂窝网络中不同用户的、在所有蜂窝网络中不重复的识别码。International Mobile Subscriber Identity: IMSI, International Mobile Subscriber Identity, is an identification code used to distinguish different users in a cellular network that is not repeated in all cellular networks.
用户设备:User Equipment,UE。User equipment: User Equipment, UE.
物理地址:Media Access Control,MAC,网卡物理地址存储器中存储单元对应实际地址,称物理地址,与逻辑地址相对应。Physical address: Media Access Control, MAC, the storage unit in the physical address memory of the network card corresponds to the actual address, called the physical address, which corresponds to the logical address.
无线接入网网关功能:Wireline Access Gateway Function,W-AGF。Wireless access network gateway function: Wireline Access Gateway Function, W-AGF.
用户面功能:User Plane Function,UPF,作为5GC网络用户面网元,主要支持UE业务数据的路由和转发、数据和业务识别、动作和策略执行等。User plane function: User Plane Function, UPF, as a 5GC network user plane network element, mainly supports UE service data routing and forwarding, data and service identification, action and policy execution, etc.
数据统一存储和管理设备:unifieddata manager,UDM。Unified data storage and management equipment: unified data manager, UDM.
认证服务器:Authentication Server Function,AUSF。Authentication server: Authentication Server Function, AUSF.
可扩展认证协议:ExtensibleAuthentication Protocol,EAP,是一种普遍使用的支持多种认证方法的认证框架协议,主要用于网络接入认证。EAP可应用于无线、有线网络中。Extensible Authentication Protocol: Extensible Authentication Protocol, EAP, is a commonly used authentication framework protocol that supports multiple authentication methods, mainly used for network access authentication. EAP can be applied to wireless and wired networks.
无线网络通信技术:Wi-Fi,是Wi-Fi联盟制造商的商标做为产品的品牌认证,用于将可连接网络设备以无线方式互相连接。Wireless network communication technology: Wi-Fi, which is the trademark of the Wi-Fi Alliance manufacturer as a product brand certification, is used to connect network-connectable devices to each other wirelessly.
第三代合作伙伴计划:3rd GenerationPartnership Project,3GPP。The third generation partnership project: 3rd Generation Partnership Project, 3GPP.
服务质量:Quality of Service,QoS,指一个网络能够利用各种基础技术,为指定的网络通信提供更好的服务能力,是网络的一种安全机制,是用来解决网络延迟和阻塞等问题的一种技术。Quality of Service: Quality of Service, QoS, refers to a network that can use various basic technologies to provide better service capabilities for specified network communications. It is a security mechanism of the network and a technology used to solve problems such as network delay and congestion.
协议数据单元:Protocol Data Unit,PDU。Protocol data unit: Protocol Data Unit, PDU.
协议数据单元会话:Protocol Data Unit Session,是5G系统中的一个新的抽象概念,提供一种服务用于UE和DN之间的PDU传递。Protocol Data Unit Session: Protocol Data Unit Session is a new abstract concept in the 5G system, providing a service for PDU transfer between UE and DN.
数据网络:Data Network,比如运营商业务,互联网或者第三方业务等。Data network: Data Network, such as operator business, Internet or third-party business, etc.
下面结合附图及实施例对本示例实施方式进行详细说明。The exemplary implementation manner will be described in detail below in conjunction with the accompanying drawings and embodiments.
首先,图1示出了可以应用于本公开实施例的用户终端的差异化控制方法或用户终端的差异化控制方法装置的示例性系统架构的示意图。First, FIG. 1 shows a schematic diagram of an exemplary system architecture of a differentiated control method for a user terminal or an apparatus for a differentiated control method for a user terminal that can be applied to an embodiment of the present disclosure.
如图1所示,系统架构100可以包括终端设备101,网络102和服务器103。As shown in FIG. 1 , a system architecture 100 may include a terminal device 101 , a network 102 and a server 103 .
其中,终端设备101通过网络102向服务器103发送附着请求。服务器103接收到一个或多个终端设备的附着请求时,为每个终端设备申请一个虚拟标识;服务器103将各个终端设备的物理地址和对应的虚拟标识,关联存储到服务器103;根据服务器103中关联存储的各个终端设备的物理地址和对应的虚拟标识,对服务器103下的各个终端设备进行差异化控制。Wherein, the terminal device 101 sends an attach request to the server 103 through the network 102 . When server 103 receives the attachment request of one or more terminal equipments, apply for a virtual identification for each terminal equipment; Server 103 stores the physical address and corresponding virtual identification of each terminal equipment in association with server 103;
在本公开的一个实施例中,上述服务器103还用于:当服务器接收到一个或多个终端设备的附着请求时,通过服务器103向家庭网关虚拟标识管理RVIM平台发起各个终端设备的虚拟标识申请请求,其中,RVIM平台中预先部署有多个虚拟标识,虚拟标识申请请求中包含:服务器103的网关标识和各个终端设备的物理地址;通过服务器103接收RVIM平台返回的各个终端设备的虚拟标识,其中,RVIM平台还用于将每个终端设备的物理地址、虚拟标识和网关标识关联存储,并同步至核心网。In an embodiment of the present disclosure, the above-mentioned server 103 is also used for: when the server receives the attachment request of one or more terminal devices, the server 103 initiates a virtual identification application request for each terminal device to the home gateway virtual identification management RVIM platform, wherein the RVIM platform is pre-deployed with a plurality of virtual identifications, and the virtual identification application request includes: the gateway identification of the server 103 and the physical address of each terminal device; the virtual identification of each terminal device returned by the RVIM platform is received by the server 103, wherein the RVIM platform is also used for each terminal The physical address, virtual ID and gateway ID of the device are stored in association and synchronized to the core network.
在本公开的一个实施例中,上述服务器103还用于:当服务器接收到各个终端设备发起的业务请求时,根据各个终端设备的物理地址获取对应的虚拟标识;根据各个终端设备的虚拟标识向核心网发起会话建立请求。In an embodiment of the present disclosure, the server 103 is further configured to: when the server receives a service request initiated by each terminal device, obtain a corresponding virtual ID according to the physical address of each terminal device; initiate a session establishment request to the core network according to the virtual ID of each terminal device.
需要注意的是,上述的网络102用以在终端设备101和服务器103之间提供通信链路的介质,可以是有线网络,也可以是无线网络。It should be noted that the medium used by the above-mentioned network 102 to provide a communication link between the terminal device 101 and the server 103 may be a wired network or a wireless network.
可选地,上述的无线网络或有线网络使用标准通信技术和/或协议。网络通常为因特网、但也可以是任何网络,包括但不限于局域网(Local Area Network,LAN)、城域网(Metropolitan Area Network,MAN)、广域网(Wide Area Network,WAN)、移动、有线或者无线网络、专用网络或者虚拟专用网络的任何组合)。在一些实施例中,使用包括超文本标记语言(Hyper Text Mark-up Language,HTML)、可扩展标记语言(Extensible MarkupLanguage,XML)等的技术和/或格式来代表通过网络交换的数据。此外还可以使用诸如安全套接字层(Secure Socket Layer,SSL)、传输层安全(Transport Layer Security,TLS)、虚拟专用网络(Virtual Private Network,VPN)、网际协议安全(Internet ProtocolSecurity,IPsec)等常规加密技术来加密所有或者一些链路。在另一些实施例中,还可以使用定制和/或专用数据通信技术取代或者补充上述数据通信技术。Optionally, the aforementioned wireless network or wired network uses standard communication technologies and/or protocols. The network is usually the Internet, but can also be any network, including but not limited to Local Area Network (LAN), Metropolitan Area Network (MAN), Wide Area Network (Wide Area Network, WAN), mobile, wired or wireless network, private network or any combination of virtual private network). In some embodiments, data exchanged over a network is represented using technologies and/or formats including Hyper Text Mark-up Language (HTML), Extensible Markup Language (XML), and the like. In addition, conventional encryption technologies such as Secure Socket Layer (Secure Socket Layer, SSL), Transport Layer Security (Transport Layer Security, TLS), Virtual Private Network (Virtual Private Network, VPN), Internet Protocol Security (Internet Protocol Security, IPsec) can be used to encrypt all or some links. In some other embodiments, customized and/or dedicated data communication technologies may also be used to replace or supplement the above data communication technologies.
终端设备101可以是各种电子设备,包括但不限于智能手机、平板电脑、膝上型便携计算机、台式计算机、可穿戴设备、增强现实设备、虚拟现实设备等。The terminal device 101 may be various electronic devices, including but not limited to smartphones, tablet computers, laptop computers, desktop computers, wearable devices, augmented reality devices, virtual reality devices, and the like.
在一些实施例中,不同的终端设备101安装的应用程序的客户端是相同的,或基于不同操作系统的同一类型应用程序的客户端。基于终端平台的不同,该应用程序的客户端的具体形态也可以不同,比如,该应用程序客户端可以是手机客户端、PC客户端等。In some embodiments, clients of application programs installed on different terminal devices 101 are the same, or clients of the same type of application programs based on different operating systems. Based on different terminal platforms, the specific form of the client of the application program may also be different, for example, the client of the application program may be a mobile phone client, a PC client, and the like.
服务器103可以是提供各种服务的服务器,例如对用户利用终端设备101所进行操作的装置提供支持的后台管理服务器。后台管理服务器可以对接收到的请求等数据进行分析等处理,并将处理结果反馈给终端设备。The server 103 may be a server that provides various services, for example, a background management server that provides support for devices operated by the user using the terminal device 101 . The background management server can analyze and process the received data such as requests, and feed back the processing results to the terminal device.
在一些实施例中,服务器可以是独立的物理服务器、家庭网关(Residential Gateway,RG),也可以是多个物理服务器构成的服务器集群或者分布式系统,还可以是提供云服务、云数据库、云计算、云函数、云存储、网络服务、云通信、中间件服务、域名服务、安全服务、CDN(Content Delivery Network,内容分发网络)、以及大数据和人工智能平台等基础云计算服务的云服务器。终端可以是智能手机、平板电脑、笔记本电脑、台式计算机、智能音箱、智能手表等,但并不局限于此。终端以及服务器可以通过有线或无线通信方式进行直接或间接地连接,本申请在此不做限制。In some embodiments, the server can be an independent physical server, a residential gateway (Residential Gateway, RG), or a server cluster or distributed system composed of multiple physical servers, or a cloud server that provides basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communications, middleware services, domain name services, security services, CDN (Content Delivery Network, content distribution network), and big data and artificial intelligence platforms. The terminal may be a smart phone, a tablet computer, a laptop computer, a desktop computer, a smart speaker, a smart watch, etc., but is not limited thereto. The terminal and the server may be connected directly or indirectly through wired or wireless communication, which is not limited in this application.
本领域技术人员可以知晓,图1中的终端设备、网络和服务器的数量仅仅是示意性的,根据实际需要,可以具有任意数目的终端设备、网络和服务器。本公开实施例对此不作限定。Those skilled in the art may know that the numbers of terminal devices, networks and servers in FIG. 1 are only illustrative, and there may be any number of terminal devices, networks and servers according to actual needs. The embodiment of the present disclosure does not limit this.
本公开实施例中提供了一种用户终端的差异化控制方法,该方法可以由任意具备计算处理能力的电子设备执行。Embodiments of the present disclosure provide a differentiated control method for a user terminal, and the method may be executed by any electronic device capable of computing and processing.
图2示出本公开实施例中一种用户终端的差异化控制方法流程图,如图2所示,本公开实施例中提供的用户终端的差异化控制方法包括如下步骤:FIG. 2 shows a flowchart of a differentiated control method for a user terminal in an embodiment of the present disclosure. As shown in FIG. 2 , the differentiated control method for a user terminal provided in an embodiment of the present disclosure includes the following steps:
S202,当家庭网关接收到一个或多个用户终端的附着请求时,为每个用户终端申请一个虚拟标识。S202. When the home gateway receives attachment requests from one or more user terminals, apply for a virtual identity for each user terminal.
需要说明的是,上述家庭网关RG,在电信网络中,是允许局域网(Local Area Network,LAN)连接到广域网(Wide Area Network,WAN)的设备。上述用户终端可以是智能手机、平板电脑、笔记本电脑、台式计算机、智能音箱、智能手表等,但并不局限于此。上述附着请求英文名称为Attach Request,是一种NAS(Non Access Stratum,非接入层)信令,家庭网关在没有建立默认承载时,通过NAS信令与用户终端进行数据传输。上述虚拟标识可以是一串字符,为不同用户终端做标记,用于区别用户终端。It should be noted that the above-mentioned home gateway RG is a device that allows a local area network (Local Area Network, LAN) to connect to a wide area network (Wide Area Network, WAN) in a telecommunications network. The aforementioned user terminal may be a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, etc., but is not limited thereto. The English name of the above attachment request is Attach Request, which is a kind of NAS (Non Access Stratum, non-access stratum) signaling. When the home gateway does not establish a default bearer, it transmits data with the user terminal through the NAS signaling. The aforementioned virtual identifier may be a string of characters, marking different user terminals and used to distinguish user terminals.
在本公开的一个实施例中,当家庭网关接收到一个或多个用户终端的附着请求时,为每个用户终端申请一个虚拟标识,可以包括:当家庭网关接收到一个或多个用户终端的附着请求时,通过家庭网关向家庭网关虚拟标识管理RVIM平台发起各个用户终端的虚拟标识申请请求,其中,RVIM平台中预先部署有多个虚拟标识,虚拟标识申请请求中包含:家庭网关的网关标识和各个用户终端的物理地址;通过家庭网关接收RVIM平台返回的各个用户终端的虚拟标识,其中,RVIM平台还用于将每个用户终端的物理地址、虚拟标识和网关标识关联存储,并同步至核心网。In one embodiment of the present disclosure, when the home gateway receives attachment requests from one or more user terminals, applying for a virtual ID for each user terminal may include: when the home gateway receives attachment requests from one or more user terminals, initiate a virtual ID application request for each user terminal to the home gateway virtual ID management RVIM platform through the home gateway, wherein multiple virtual IDs are pre-deployed in the RVIM platform, and the virtual ID application request includes: the gateway ID of the home gateway and the physical address of each user terminal; receiving the ID of each user terminal returned by the RVIM platform through the home gateway Virtual ID, wherein the RVIM platform is also used to associate and store the physical address, virtual ID and gateway ID of each user terminal, and synchronize them to the core network.
例如,在一个实例中,在用户终端UE注册的时候,RG向RVIM申请虚拟标识。首先,RG对上线的用户终端的身份是管理员还是游客进行识别(例如,RG保存有一 个数据库,数据库中存储有管理员设备MAC地址,若上线的用户终端的MAC地址不在数据库中,就判别为游客),这样RG去申请虚拟标识的时候,可以带一个表示服务质量的标签,管理员设备就申请一个高QOS的虚拟标识,游客设备就申请一个低qos的虚拟标识。这个虚拟标识本身可以通过某一位的不同代表不同QoS,这样后续用户终端UE进行数据业务的时候,5GC就可以根据虚拟标识直接判断为用户终端UE提供高QOS还是低QOS。For example, in one example, when the user terminal UE registers, the RG applies for a virtual identity from the RVIM. First, the RG identifies whether the identity of the online user terminal is an administrator or a visitor (for example, the RG maintains a database in which the MAC address of the administrator device is stored. If the MAC address of the online user terminal is not in the database, it is identified as a tourist). In this way, when the RG applies for a virtual ID, it can carry a label indicating the quality of service. The administrator device applies for a high-QOS virtual ID, and the tourist device applies for a low-QOS virtual ID. The virtual identifier itself can represent different QoS through a different bit, so that when the subsequent user terminal UE performs data services, the 5GC can directly judge whether to provide high QOS or low QOS for the user terminal UE according to the virtual identifier.
本公开实施例中,通过对用户终端分配虚拟标识,利用虚拟标识区分了不同的用户终端,从而有助于对用户终端进行差异化控制和管理。In the embodiments of the present disclosure, by assigning virtual identifiers to user terminals, different user terminals are distinguished by using the virtual identifiers, thereby facilitating differentiated control and management of user terminals.
S204,将各个用户终端的物理地址和对应的虚拟标识,关联存储到家庭网关。S204. Associate and store the physical address of each user terminal and the corresponding virtual identifier in the home gateway.
需要说明的是,上述用户终端可以是智能手机、平板电脑、笔记本电脑、台式计算机、智能音箱、智能手表等,但并不局限于此。上述物理地址可以是MAC地址,是传输数据时发出数据的用户终端的主机的地址。上述对应的虚拟标识是为每个用户终端分配的一串字符,用于区别不同的用户终端。It should be noted that the above-mentioned user terminal may be a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, etc., but is not limited thereto. The above physical address may be a MAC address, which is the address of the host computer of the user terminal that sends data when transmitting data. The above corresponding virtual identifier is a string of characters assigned to each user terminal, and is used to distinguish different user terminals.
本公开实施例中,通过将各个用户终端的物理地址和对应的虚拟标识的关联关系存储到家庭网关,从而有助于在家庭网关建立会话时对用户终端进行差异化控制和管理。In the embodiments of the present disclosure, by storing the association relationship between the physical address of each user terminal and the corresponding virtual ID in the home gateway, it is helpful to perform differentiated control and management on the user terminal when the home gateway establishes a session.
S206,根据家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,对家庭网关下的各个用户终端进行差异化控制。S206. Perform differentiated control on each user terminal under the home gateway according to the physical address and the corresponding virtual identifier of each user terminal associated and stored in the home gateway.
需要说明的是,上述家庭网关在电信网络中,是允许局域网(Local Area Network,LAN)连接到广域网(Wide Area Network,WAN)的设备。上述用户终端可以是智能手机、平板电脑、笔记本电脑、台式计算机、智能音箱、智能手表等,但并不局限于此。上述物理地址可以是MAC地址,是传输数据时发出数据的用户终端的主机的地址。上述对应的虚拟标识是为每个用户终端分配的一串字符,用于区别不同的用户终端。上述差异化控制是指对不同的用户终端,根据用户终端对应的虚拟标识,可以进行区别管理。It should be noted that the above-mentioned home gateway is a device that allows a local area network (Local Area Network, LAN) to connect to a wide area network (Wide Area Network, WAN) in a telecommunications network. The aforementioned user terminal may be a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, etc., but is not limited thereto. The above physical address may be a MAC address, which is the address of the host computer of the user terminal that sends data when transmitting data. The above corresponding virtual identifier is a string of characters assigned to each user terminal, and is used to distinguish different user terminals. The above differentiated control means that different user terminals can be managed differently according to the virtual identifiers corresponding to the user terminals.
在本公开的一个实施例中,根据家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,对家庭网关下的各个用户终端进行差异化控制,可以包括:当家庭网关接收到各个用户终端发起的业务请求时,根据各个用户终端的物理地址获取对应的虚拟标识;根据各个用户终端的虚拟标识向核心网发起会话建立请求。In an embodiment of the present disclosure, the differentiated control of each user terminal under the home gateway according to the physical address of each user terminal and the corresponding virtual ID stored in the home gateway may include: when the home gateway receives a service request initiated by each user terminal, obtain the corresponding virtual ID according to the physical address of each user terminal; initiate a session establishment request to the core network according to the virtual ID of each user terminal.
例如,在一个图书馆的5GC场景中,会有很多用户从Wi-Fi接到这个5GC的RG上面,其中,图书馆管理员的手机(相当于上述用户终端)需要高的QS,分配一个IMSI(相当于上述虚拟标识)的第六位为二的号码,图书馆的访客的手机需要低的QS,就分配一个IMSI的第六位为一的号码,以此来对RG下的管理员的手机与访客的手机(相当于上述各个用户终端)进行差异化控制。For example, in a 5GC scenario in a library, many users will connect to the RG of the 5GC through Wi-Fi. Among them, the mobile phone of the librarian (equivalent to the above-mentioned user terminal) needs a high QS, and a number with the sixth digit of the IMSI (equivalent to the above-mentioned virtual identity) is assigned. The library visitor’s mobile phone needs a low QS, so a number with the sixth digit of the IMSI is assigned, so as to differentiate between the administrator’s mobile phone and the visitor’s mobile phone (equivalent to the above-mentioned user terminals) under the RG.
本公开实施例中,通过家庭网关中关联存储的各个用户终端的物理地址和对应的 虚拟标识,使得移动核心网能够对接入网关的用户终端进行差异化控制和管理。In the embodiment of the present disclosure, the mobile core network can perform differentiated control and management on the user terminals accessing the gateway through the physical addresses and corresponding virtual identities of each user terminal associated and stored in the home gateway.
在本公开的一个实施例中,如图3所示,本公开实施例中还提供一种用户终端的差异化控制方法,包括如下步骤:In an embodiment of the present disclosure, as shown in FIG. 3 , the embodiment of the present disclosure also provides a differentiated control method for a user terminal, including the following steps:
S302,接收来自家庭网关的虚拟标识申请请求,其中,虚拟标识申请请求用于为附着到家庭网关的一个或多个用户终端申请对应的虚拟标识,虚拟标识申请请求中包含:家庭网关的网关标识和各个用户终端的物理地址。S302. Receive a virtual identity application request from the home gateway, where the virtual identity application request is used to apply for a corresponding virtual identity for one or more user terminals attached to the home gateway, and the virtual identity application request includes: the gateway identity of the home gateway and the physical address of each user terminal.
需要说明的是,上述家庭网关,在电信网络中,是允许局域网连接到广域网的设备。上述虚拟标识可以是一串字符,为不同用户终端做标记,用于区别用户终端。上述用户终端可以是智能手机、平板电脑、笔记本电脑、台式计算机、智能音箱、智能手表等,但并不局限于此。上述网关标识为IMSI。上述物理地址是MAC地址,是传输数据时发出数据的用户终端的地址。It should be noted that the above-mentioned home gateway is a device that allows a local area network to connect to a wide area network in a telecommunications network. The aforementioned virtual identifier may be a string of characters, marking different user terminals and used to distinguish user terminals. The aforementioned user terminal may be a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, etc., but is not limited thereto. The gateway identified above is IMSI. The above-mentioned physical address is a MAC address, which is the address of the user terminal that sends data when transmitting data.
本公开实施例中,通过利用虚拟标识区分了不同的用户终端,从而有助于对用户终端进行差异化控制和管理。In the embodiment of the present disclosure, different user terminals are distinguished by using virtual identifiers, thereby facilitating differentiated control and management of user terminals.
S304,根据虚拟标识申请请求,向家庭网关返回一个或多个用户终端的虚拟标识,其中,家庭网关将各个用户终端的物理地址和对应的虚拟标识进行关联存储,以对家庭网关下的各个用户终端进行差异化控制。S304. According to the virtual identity application request, return the virtual identity of one or more user terminals to the home gateway, wherein the home gateway associates and stores the physical address of each user terminal with the corresponding virtual identity, so as to perform differential control on each user terminal under the home gateway.
需要说明的是,上述虚拟标识可以是一串字符,为不同用户终端做标记,用于区别用户终端。上述家庭网关,在电信网络中,是允许局域网连接到广域网的设备。It should be noted that the aforementioned virtual identifier may be a string of characters, marking different user terminals and used to distinguish user terminals. The aforementioned residential gateway, in a telecommunications network, is a device that allows a local area network to connect to a wide area network.
本公开实施例中,通过家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,使得移动核心网能够对接入网关的用户终端进行差异化控制和管理。In the embodiments of the present disclosure, the mobile core network can control and manage the user terminals accessing the gateway in a differentiated manner by associating and storing the physical addresses and corresponding virtual identities of each user terminal in the home gateway.
在本公开的一个实施例中,如图4所示,本公开实施例中还提供一种用户终端的差异化控制系统的示意图,包括核心网401、家庭网关虚拟标识管理RVIM平台402、家庭网关403及附着到家庭网关的一个或多个用户终端404。In an embodiment of the present disclosure, as shown in FIG. 4 , the embodiment of the present disclosure also provides a schematic diagram of a differentiated control system for user terminals, including a core network 401, a home gateway virtual identity management RVIM platform 402, a home gateway 403, and one or more user terminals 404 attached to the home gateway.
其中,家庭网关用于在接收到一个或多个用户终端的附着请求时,向RVIM平台发起各个用户终端的虚拟标识申请请求;Wherein, the home gateway is used to initiate a virtual identification application request of each user terminal to the RVIM platform when receiving the attachment request of one or more user terminals;
RVIM平台,用于根据接收到的虚拟标识申请请求,为各个用户终端分配一个虚拟标识,并返回至家庭网关;The RVIM platform is used to assign a virtual identity to each user terminal according to the received virtual identity application request, and return it to the home gateway;
核心网,与家庭网关通信,用于根据家庭网关下各个用户终端的物理地址和对应的虚拟标识,对家庭网关下的各个用户终端进行差异化控制。The core network communicates with the home gateway, and is used to control each user terminal under the home gateway in a differentiated manner according to the physical address and the corresponding virtual identifier of each user terminal under the home gateway.
本公开实施例中,通过家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,使得移动核心网能够对接入网关的用户终端进行差异化控制和管理。In the embodiments of the present disclosure, the mobile core network can control and manage the user terminals accessing the gateway in a differentiated manner by associating and storing the physical addresses and corresponding virtual identities of each user terminal in the home gateway.
在本公开的一个实施例中,如图5所示,本公开实施例中还提供一种用户终端的差异化控制系统架构示意图,其中包括:In an embodiment of the present disclosure, as shown in FIG. 5 , the embodiment of the present disclosure also provides a schematic diagram of a differentiated control system architecture of a user terminal, which includes:
5G RG502分别与UE501、RVIM503和W-AGF504连接,W-AGF分别与AMF505和UPF506连接,RVIM与UDM507连接,UDM与AUSF508连接,AUSF与AMF连 接。5G RG502 is connected with UE501, RVIM503 and W-AGF504 respectively, W-AGF is connected with AMF505 and UPF506 respectively, RVIM is connected with UDM507, UDM is connected with AUSF508, and AUSF is connected with AMF.
RVIM503用于设置一定数量的临时号码(IMSI)池,并实时同步给UDM,在RG注册流程中,当注册成功后,UDM需通过New Interface1通知RVIM平台该RG已接入,RVIM保存一张当前认证通过的号码列表,并实时更新,当UE/Device(相当于上述用户终端)通过Y1接口附着5G-RG后,5G-RG通过New Interface1向RVIM申请一个虚拟标识(携、带5G RG的IMSI和UE/Device的MAC地址)。RVIM用于对上述UE/Device分配一个临时号码(相当于上述虚拟标识),并保存临时号码与设备MAC地址的绑定关系。RVIM503 is used to set up a certain number of temporary number (IMSI) pools and synchronize them to UDM in real time. In the RG registration process, when the registration is successful, UDM needs to notify the RVIM platform that the RG has been accessed through New Interface1. RVIM saves a list of currently authenticated numbers and updates them in real time. When the UE/Device (equivalent to the above user terminal) attaches to the 5G-RG through the Y1 interface, the 5G-RG applies to the RVIM for a virtual identity (carrying, carrying 5 GRG's IMSI and UE/Device's MAC address). The RVIM is used to allocate a temporary number (equivalent to the above-mentioned virtual identity) to the above-mentioned UE/Device, and save the binding relationship between the temporary number and the MAC address of the device.
5G-RG用于当UE/Device通过Y1接口附着5G-RG后,5G-RG通过New Interface1向RVIM申请一个虚拟标识(携带5G RG的IMSI和UE/Device的MAC地址)。从RVIM获取临时号码后,5G-RG也建立一张临时号码与设备MAC地址的绑定关系。5G-RG支持以多个IMSI向W-AGF发起多个认证、建立多个PDU Session的能力。5G-RG is used for when UE/Device attaches to 5G-RG through Y1 interface, 5G-RG applies for a virtual identity (carrying IMSI of 5G RG and MAC address of UE/Device) to RVIM through New Interface1. After obtaining the temporary number from RVIM, 5G-RG also establishes a binding relationship between the temporary number and the MAC address of the device. 5G-RG supports the ability to initiate multiple authentications to W-AGF with multiple IMSIs and establish multiple PDU Sessions.
UDM用于实时同步RVIM中的所有临时号码,并在5G-RG认证成功后,通知RVIM平台该5G-RG已接入。UDM is used to synchronize all temporary numbers in RVIM in real time, and notify the RVIM platform that the 5G-RG has been accessed after the 5G-RG authentication is successful.
在一个实施例中,在5G RG注册流程中,当注册成功后,UDM通知RVIM该RG已认证通过,RVIM应保存一张当前认证通过的号码列表,并实时更新,当UE/Device通过Y1接口附着5G-RG后,5G-RG通过New Interface1向RVIM申请一个虚拟标识(携带5G RG的IMSI和UE/Device的MAC地址)。RVIM给该UE/Device分配一个临时号码,并保存临时号码与设备MAC地址的绑定关系。RG获取临时号码后,也建立一张临时号码与设备MAC地址的绑定关系。随后,RG以该临时号码向再次向W-AGF发起注册,当UE/Device通过Y1接口发起数据业务时,5G-RG使用向W-AGF发起PDU Session建立。In one embodiment, in the 5G RG registration process, when the registration is successful, the UDM notifies the RVIM that the RG has been authenticated, and the RVIM should save a list of currently authenticated numbers and update it in real time. When the UE/Device attaches to the 5G-RG through the Y1 interface, the 5G-RG applies to the RVIM for a virtual identity (carrying the IMSI of the 5G RG and the MAC address of the UE/Device) through the New Interface1. RVIM assigns a temporary number to the UE/Device, and saves the binding relationship between the temporary number and the MAC address of the device. After the RG obtains the temporary number, it also establishes a binding relationship between the temporary number and the MAC address of the device. Subsequently, the RG initiates registration with the W-AGF again with the temporary number. When the UE/Device initiates a data service through the Y1 interface, the 5G-RG uses the PDU Session initiated to the W-AGF to establish.
在本公开的一个实施例中,如图6所示,本公开实施例中还提供图6为一种用户终端的差异化控制系统运行流程图,包括:In an embodiment of the present disclosure, as shown in FIG. 6 , the embodiment of the present disclosure also provides FIG. 6 , which is a flow chart of the operation of a differentiated control system for user terminals, including:
S601,RVIM与UDM实时同步临时号码信息;S601, RVIM and UDM synchronize temporary number information in real time;
S602,5G RG(相当于上述家庭网关RG)上线,执行RG认证流程;S602, 5G RG (equivalent to the above-mentioned home gateway RG) goes online, and executes the RG certification process;
S603,Device(相当于上述用户终端)向5G RG附着,执行Device认证流程,5G RG将Device MAC地址(相当于上述用户终端的物理地址)与临时号码(相当于上述虚拟标识)绑定;S603, the Device (equivalent to the above-mentioned user terminal) attaches to the 5G RG, executes the Device authentication process, and the 5G RG binds the Device MAC address (equivalent to the physical address of the above-mentioned user terminal) with the temporary number (equivalent to the above-mentioned virtual identity);
S604,Device发起数据业务,由5G RG使用临时号码向W-AGF发起会话建立流程,会话建立完成后数据业务可以在会话中传输;S604. The Device initiates a data service, and the 5G RG uses the temporary number to initiate a session establishment process to the W-AGF. After the session is established, the data service can be transmitted in the session;
S605,多个Device发起数据业务时,RG会为每个Device分配不同的临时号码,建立不同的会话,以实现对不同Device的差异化管理。S605. When multiple Devices initiate data services, the RG allocates different temporary numbers to each Device and establishes different sessions, so as to implement differentiated management of different Devices.
本公开实施例中,通过5G RG将Device MAC地址与临时号码绑定,使得RGC能够对接入网关的不同Device进行差异化控制和管理。In the embodiment of the present disclosure, the Device MAC address is bound to the temporary number through the 5G RG, so that the RGC can perform differentiated control and management on different Devices that access the gateway.
在本公开的一个实施例中,如图7所示,本公开实施例中还提供一种用户终端的差异化控制方法中RG认证流程,包括如下步骤:In an embodiment of the present disclosure, as shown in FIG. 7 , the embodiment of the present disclosure also provides an RG authentication process in a user terminal differentiated control method, including the following steps:
S701,5G RG上线,与W-AGF建立连接;S701, 5G RG goes online and establishes connection with W-AGF;
S702,5G RG与W-AGF执行标准的EAP认证;S702, 5G RG and W-AGF implement standard EAP authentication;
S703,5G RG经W-AGF与AMF执行标准的EAP认证;S703, 5G RG has been certified by W-AGF and AMF to implement the standard EAP;
S704,5G RG经W-AGF与AUSF执行标准的EAP认证;S704, 5G RG has been certified by W-AGF and AUSF to implement the standard EAP;
S705,AMF与AUSF交互用户订购信息(用户开通业务时订购的具体业务信息);S705, AMF and AUSF exchange user subscription information (specific service information ordered by the user when activating the service);
S706,AUSF向AMF发送EAP认证成功;S706, AUSF sends EAP authentication success to AMF;
S707,AMF向W-AGF发送EAP认证成功;S707, the AMF sends the EAP authentication success to the W-AGF;
S708,W-AGF向5G RG发送EAP认证成功;S708, W-AGF sends EAP authentication success to 5G RG;
S709,5G RG与W-AGF执行标准的NAS认证;S709, 5G RG and W-AGF implement standard NAS certification;
S710,5G RG经W-AGF与AMF执行标准的NAS认证;S710, 5G RG has been certified by W-AGF and AMF to implement standard NAS;
S711,5G RG经W-AGF与AUSF间执行标准的NAS认证;S711, 5G RG has been certified by the standard NAS between W-AGF and AUSF;
S712,5G RG经W-AGF与UDM间执行标准的NAS认证;S712, 5G RG is certified by standard NAS between W-AGF and UDM;
S713,UDM将5G RG的认证结果通知RVIM,RVIM获取到RG已完成认证的消息。S713. The UDM notifies the RVIM of the authentication result of the 5G RG, and the RVIM obtains the message that the RG has completed the authentication.
其中S702到S708,5G RG经W-AGF与AMF/AUSF/UDM间执行标准的EAP认证。Among them, S702 to S708, 5G RG is certified by standard EAP between W-AGF and AMF/AUSF/UDM.
S709到S712,5G RG经W-AGF与AMF/AUSF/UDM间执行标准的NAS认证。From S709 to S712, 5G RG is certified by standard NAS between W-AGF and AMF/AUSF/UDM.
在本公开的一个实施例中,如图8所示,本公开实施例中还提供一种用户终端的差异化控制方法中用户终端认证流程,包括如下步骤:In an embodiment of the present disclosure, as shown in FIG. 8 , the embodiment of the present disclosure also provides a user terminal authentication process in a user terminal differentiated control method, including the following steps:
S801,802.1x用户附着;S801, 802.1x user attachment;
S802,请求分配临时号码(携带Device MAC地址、RG IMSI);S802, requesting to assign a temporary number (carrying Device MAC address, RG IMSI);
S803,RG认证结果;S803, RG certification result;
S804,分配临时号码;S804, assigning a temporary number;
S805,保存RG IMSI、Device MAC地址与临时号码的绑定关系;S805, storing the binding relationship between RG IMSI, Device MAC address and temporary number;
S806,保存RG IMSI、Device MAC地址与临时号码的绑定关系;S806, saving the binding relationship between RG IMSI, Device MAC address and temporary number;
S807,使用临时号码再次进行认证。S807. Perform authentication again by using the temporary number.
例如,在本公开的一个实施例中,Device在5G RG附着成功;5G RG携带携带Device MAC地址、RG IMSI向RVIM申请临时号码;RVIM查询保存的RG认证结果,向5G RG分配临时号码,同时保存RG IMSI、Device MAC地址与临时号码的绑定关系;RVIM保存RG IMSI、Device MAC地址与临时号码的绑定关系,随后使用临时号码向W-AGF再次发起认证。For example, in one embodiment of the present disclosure, the Device is successfully attached to the 5G RG; the 5G RG carries the Device MAC address and the RG IMSI to apply for a temporary number from the RVIM; the RVIM queries the stored RG authentication results, allocates a temporary number to the 5G RG, and saves the binding relationship between the RG IMSI, Device MAC address and the temporary number; AGF initiates authentication again.
基于同一发明构思,本公开实施例中还提供了一种用户终端的差异化控制装置,如下面的实施例所述。由于该装置实施例解决问题的原理与上述方法实施例相似,因 此该装置实施例的实施可以参见上述方法实施例的实施,重复之处不再赘述。Based on the same inventive concept, embodiments of the present disclosure also provide a differentiated control device for user terminals, as described in the following embodiments. Since the problem-solving principle of this device embodiment is similar to that of the above-mentioned method embodiment, the implementation of this device embodiment can refer to the implementation of the above-mentioned method embodiment, and repeated descriptions will not be repeated.
图9示出本公开实施例中一种用户终端的差异化控制装置示意图,如图9所示,该装置包括:FIG. 9 shows a schematic diagram of a differentiated control device for a user terminal in an embodiment of the present disclosure. As shown in FIG. 9, the device includes:
号码申请模块901,设置为当家庭网关接收到一个或多个用户终端的附着请求时,为每个用户终端申请一个虚拟标识;The number application module 901 is configured to apply for a virtual ID for each user terminal when the home gateway receives an attachment request from one or more user terminals;
号码关联模块902,设置为将各个用户终端的物理地址和对应的虚拟标识,关联存储到家庭网关;The number association module 902 is configured to associate and store the physical address of each user terminal and the corresponding virtual identification in the home gateway;
差异化控制模块903,设置为根据家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,对家庭网关下的各个用户终端进行差异化控制。The differentiated control module 903 is configured to perform differentiated control on each user terminal under the home gateway according to the physical addresses and corresponding virtual identities of each user terminal associated and stored in the home gateway.
在本公开的一个实施例中,号码申请模块901具体设置为:当家庭网关接收到一个或多个用户终端的附着请求时,通过家庭网关向家庭网关虚拟标识管理RVIM平台发起各个用户终端的虚拟标识申请请求,其中,RVIM平台中预先部署有多个虚拟标识,虚拟标识申请请求中包含:家庭网关的网关标识和各个用户终端的物理地址;通过家庭网关接收RVIM平台返回的各个用户终端的虚拟标识,其中,RVIM平台还用于将每个用户终端的物理地址、虚拟标识和网关标识关联存储,并同步至核心网。In an embodiment of the present disclosure, the number application module 901 is specifically configured to: when the home gateway receives an attachment request from one or more user terminals, initiate a virtual identity application request for each user terminal to the home gateway virtual identity management RVIM platform through the home gateway, wherein multiple virtual identities are pre-deployed in the RVIM platform, and the virtual identity application request includes: the gateway identity of the home gateway and the physical address of each user terminal; receive the virtual identity of each user terminal returned by the RVIM platform through the home gateway, wherein the RVIM platform is also used to apply the physical address of each user terminal Addresses, virtual IDs, and gateway IDs are stored in association and synchronized to the core network.
在本公开的一个实施例中,差异化控制模块903具体设置为:当家庭网关接收到各个用户终端发起的业务请求时,根据各个用户终端的物理地址获取对应的虚拟标识;根据各个用户终端的虚拟标识向核心网发起会话建立请求。In an embodiment of the present disclosure, the differentiation control module 903 is specifically configured to: when the home gateway receives a service request initiated by each user terminal, obtain a corresponding virtual identifier according to the physical address of each user terminal; initiate a session establishment request to the core network according to the virtual identifier of each user terminal.
图10示出本公开实施例中另一种用户终端的差异化控制装置示意图,如图10所示,该装置包括:FIG. 10 shows a schematic diagram of another differentiated control device for user terminals in an embodiment of the present disclosure. As shown in FIG. 10 , the device includes:
请求接收模块1001,设置为接收来自家庭网关的虚拟标识申请请求,其中,虚拟标识申请请求用于为附着到家庭网关的一个或多个用户终端申请对应的虚拟标识,虚拟标识申请请求中包含:家庭网关的网关标识和各个用户终端的物理地址;The request receiving module 1001 is configured to receive a virtual identity application request from a home gateway, wherein the virtual identity application request is used to apply for a corresponding virtual identity for one or more user terminals attached to the home gateway, and the virtual identity application request includes: the gateway identity of the home gateway and the physical address of each user terminal;
响应模块1002,设置为根据虚拟标识申请请求,向家庭网关返回各个用户终端的虚拟标识,其中,家庭网关将各个用户终端的物理地址和对应的虚拟标识进行关联存储,以对家庭网关下的各个用户终端进行差异化控制。The response module 1002 is configured to return the virtual ID of each user terminal to the home gateway according to the virtual ID application request, wherein the home gateway associates and stores the physical address of each user terminal with the corresponding virtual ID, so as to perform differential control on each user terminal under the home gateway.
在一个实施例中,该装置还包括:关联存储模块1003,设置为将每个用户终端的物理地址、虚拟标识和网关标识关联存储。In one embodiment, the device further includes: an associated storage module 1003 configured to associate and store the physical address, virtual identifier and gateway identifier of each user terminal.
所属技术领域的技术人员能够理解,本公开的各个方面可以实现为系统、方法或程序产品。因此,本公开的各个方面可以具体实现为以下形式,即:完全的硬件实施方式、完全的软件实施方式(包括固件、微代码等),或硬件和软件方面结合的实施方式,这里可以统称为“电路”、“模块”或“系统”。Those skilled in the art can understand that various aspects of the present disclosure can be implemented as a system, method or program product. Therefore, various aspects of the present disclosure can be embodied in the following forms, that is: a complete hardware implementation, a complete software implementation (including firmware, microcode, etc.), or a combination of hardware and software implementations, which can be collectively referred to as "circuits", "modules" or "systems" herein.
下面参照图11来描述根据本公开的这种实施方式的电子设备1100。图11显示的电子设备1100仅仅是一个示例,不应对本公开实施例的功能和使用范围带来任何限制。An electronic device 1100 according to this embodiment of the present disclosure is described below with reference to FIG. 11 . The electronic device 1100 shown in FIG. 11 is only an example, and should not limit the functions and scope of use of the embodiments of the present disclosure.
如图11所示,电子设备1100以通用计算设备的形式表现。电子设备1100的组件可以包括但不限于:上述至少一个处理单元1110、上述至少一个存储单元1120、连接不同系统组件(包括存储单元1120和处理单元1110)的总线1130。As shown in FIG. 11 , electronic device 1100 takes the form of a general-purpose computing device. Components of the electronic device 1100 may include, but are not limited to: at least one processing unit 1110, at least one storage unit 1120, and a bus 1130 connecting different system components (including the storage unit 1120 and the processing unit 1110).
其中,所述存储单元存储有程序代码,所述程序代码可以被所述处理单元1110执行,使得所述处理单元1110执行本说明书上述“示例性方法”部分中描述的根据本公开各种示例性实施方式的步骤。Wherein, the storage unit stores program codes, and the program codes can be executed by the processing unit 1110, so that the processing unit 1110 executes the steps according to various exemplary embodiments of the present disclosure described in the “Exemplary Method” section above.
例如,所述处理单元1110可以执行上述方法实施例的如下步骤:当家庭网关接收到一个或多个用户终端的附着请求时,为每个用户终端申请一个虚拟标识;将各个用户终端的物理地址和对应的虚拟标识,关联存储到家庭网关;根据家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,对家庭网关下的各个用户终端进行差异化控制。For example, the processing unit 1110 may perform the following steps in the above method embodiment: when the home gateway receives an attachment request from one or more user terminals, apply for a virtual identifier for each user terminal; associate and store the physical addresses of each user terminal and the corresponding virtual identifiers in the home gateway; perform differentiated control on each user terminal under the home gateway according to the physical addresses and corresponding virtual identifiers of each user terminal associated and stored in the home gateway.
例如,所述处理单元1110在执行当家庭网关接收到一个或多个用户终端的附着请求时,为每个用户终端申请一个虚拟标识步骤时,还可以包括:当家庭网关接收到一个或多个用户终端的附着请求时,通过家庭网关向家庭网关虚拟标识管理RVIM平台发起各个用户终端的虚拟标识申请请求,其中,RVIM平台中预先部署有多个虚拟标识,虚拟标识申请请求中包含:家庭网关的网关标识和各个用户终端的物理地址;通过家庭网关接收RVIM平台返回的各个用户终端的虚拟标识,其中,RVIM平台还用于将每个用户终端的物理地址、虚拟标识和网关标识关联存储,并同步至核心网。For example, when the processing unit 1110 executes the step of applying for a virtual identity for each user terminal when the home gateway receives the attachment request of one or more user terminals, it may also include: when the home gateway receives the attachment request of one or more user terminals, initiate a virtual identity application request for each user terminal to the home gateway virtual identity management RVIM platform through the home gateway. The virtual identification of each user terminal, wherein the RVIM platform is also used to associate and store the physical address, virtual identification and gateway identification of each user terminal, and synchronize them to the core network.
例如,所述处理单元1110在执行根据家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,对家庭网关下的各个用户终端进行差异化控制步骤时,还可以包括:当家庭网关接收到各个用户终端发起的业务请求时,根据各个用户终端的物理地址获取对应的虚拟标识;根据各个用户终端的虚拟标识向核心网发起会话建立请求。For example, when the processing unit 1110 executes the step of performing differentiated control on each user terminal under the home gateway according to the physical address of each user terminal associated and stored in the home gateway and the corresponding virtual identifier, it may further include: when the home gateway receives a service request initiated by each user terminal, obtain the corresponding virtual identifier according to the physical address of each user terminal; initiate a session establishment request to the core network according to the virtual identifier of each user terminal.
例如,所述处理单元1110可以执行上述方法实施例的如下步骤:接收来自家庭网关的虚拟标识申请请求,其中,虚拟标识申请请求用于为附着到家庭网关的一个或多个用户终端申请对应的虚拟标识,虚拟标识申请请求中包含:家庭网关的网关标识和各个用户终端的物理地址;根据虚拟标识申请请求,向家庭网关返回一个或多个用户终端的虚拟标识,其中,家庭网关将各个用户终端的物理地址和对应的虚拟标识进行关联存储,以对家庭网关下的各个用户终端进行差异化控制。For example, the processing unit 1110 may perform the following steps in the above method embodiment: receiving a virtual ID application request from the home gateway, wherein the virtual ID application request is used to apply for a corresponding virtual ID for one or more user terminals attached to the home gateway, and the virtual ID application request includes: the gateway ID of the home gateway and the physical address of each user terminal; according to the virtual ID application request, return the virtual ID of one or more user terminals to the home gateway, wherein the home gateway associates and stores the physical address of each user terminal and the corresponding virtual ID, so that each user terminal under the home gateway Differential control.
例如,所述处理单元1110在执行在根据虚拟标识申请请求,向家庭网关返回一个或多个虚拟标识步骤之后,还可以包括:将每个用户终端的物理地址、虚拟标识和网关标识关联存储。For example, after the processing unit 1110 executes the step of returning one or more virtual IDs to the home gateway according to the virtual ID application request, it may further include: associating and storing the physical address of each user terminal, the virtual ID and the gateway ID.
存储单元1120可以包括易失性存储单元形式的可读介质,例如随机存取存储单元(RAM)11201和/或高速缓存存储单元11202,还可以进一步包括只读存储单元(ROM)11203。The storage unit 1120 may include a readable medium in the form of a volatile storage unit, such as a random access storage unit (RAM) 11201 and/or a cache storage unit 11202 , and may further include a read-only storage unit (ROM) 11203 .
存储单元1120还可以包括具有一组(至少一个)程序模块11205的程序/实用工具11204,这样的程序模块11205包括但不限于:操作系统、一个或者多个应用程序、其它程序模块以及程序数据,这些示例中的每一个或某种组合中可能包括网络环境的实现。 Storage unit 1120 may also include a program/utility 11204 having a set (at least one) of program modules 11205, such program modules 11205 including but not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include the implementation of a network environment.
总线1130可以为表示几类总线结构中的一种或多种,包括存储单元总线或者存储单元控制器、外围总线、图形加速端口、处理单元或者使用多种总线结构中的任意总线结构的局域总线。 Bus 1130 may represent one or more of several types of bus structures, including a memory cell bus or memory cell controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus structures.
电子设备1100也可以与一个或多个外部设备1140(例如键盘、指向设备、蓝牙设备等)通信,还可与一个或者多个使得用户能与该电子设备1100交互的设备通信,和/或与使得该电子设备1100能与一个或多个其它计算设备进行通信的任何设备(例如路由器、调制解调器等等)通信。这种通信可以通过输入/输出(I/O)接口1150进行。并且,电子设备1100还可以通过网络适配器1160与一个或者多个网络(例如局域网(LAN),广域网(WAN)和/或公共网络,例如因特网)通信。如图所示,网络适配器1160通过总线1130与电子设备1100的其它模块通信。应当明白,尽管图中未示出,可以结合电子设备1100使用其它硬件和/或软件模块,包括但不限于:微代码、设备驱动器、冗余处理单元、外部磁盘驱动阵列、RAID系统、磁带驱动器以及数据备份存储系统等。The electronic device 1100 may also communicate with one or more external devices 1140 (e.g., keyboards, pointing devices, Bluetooth devices, etc.), and with one or more devices that enable a user to interact with the electronic device 1100, and/or with any device that enables the electronic device 1100 to communicate with one or more other computing devices (e.g., routers, modems, etc.). Such communication may occur through input/output (I/O) interface 1150 . Moreover, the electronic device 1100 can also communicate with one or more networks (such as a local area network (LAN), a wide area network (WAN) and/or a public network such as the Internet) through the network adapter 1160 . As shown, the network adapter 1160 communicates with other modules of the electronic device 1100 through the bus 1130 . It should be understood that although not shown in the figure, other hardware and/or software modules may be used in conjunction with the electronic device 1100, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
通过以上的实施方式的描述,本领域的技术人员易于理解,这里描述的示例实施方式可以通过软件实现,也可以通过软件结合必要的硬件的方式来实现。因此,根据本公开实施方式的技术方案可以以软件产品的形式体现出来,该软件产品可以存储在一个非易失性存储介质(可以是CD-ROM,U盘,移动硬盘等)中或网络上,包括若干指令以使得一台计算设备(可以是个人计算机、服务器、终端装置、或者网络设备等)执行根据本公开实施方式的方法。Through the description of the above implementations, those skilled in the art can easily understand that the example implementations described here can be implemented by software, or by combining software with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, a U disk, a mobile hard disk, etc.) or on a network, and includes several instructions so that a computing device (which can be a personal computer, a server, a terminal device, or a network device, etc.) executes the method according to the embodiments of the present disclosure.
特别地,根据本公开的实施例,上文参考流程图描述的过程可以被实现为计算机程序产品,该计算机程序产品包括:计算机程序,所述计算机程序被处理器执行时实现上述的用户终端的差异化控制方法。In particular, according to an embodiment of the present disclosure, the process described above with reference to the flowchart can be implemented as a computer program product, and the computer program product includes: a computer program, when the computer program is executed by a processor, the above-mentioned differentiated control method for a user terminal is implemented.
在本公开的示例性实施例中,还提供了一种计算机可读存储介质,该计算机可读存储介质可以是可读信号介质或者可读存储介质。图12示出本公开实施例中一种计算机可读存储介质的示意图,如图12所示,该计算机可读存储介质1200上存储有能够实现本公开上述方法的程序产品。在一些可能的实施方式中,本公开的各个方面还可以实现为一种程序产品的形式,其包括程序代码,当所述程序产品在终端设备上运行时,所述程序代码用于使所述终端设备执行本说明书上述“示例性方法”部分中描述的根据本公开各种示例性实施方式的步骤。In an exemplary embodiment of the present disclosure, a computer-readable storage medium is also provided, and the computer-readable storage medium may be a readable signal medium or a readable storage medium. FIG. 12 shows a schematic diagram of a computer-readable storage medium in an embodiment of the present disclosure. As shown in FIG. 12 , the computer-readable storage medium 1200 stores a program product capable of implementing the above method of the present disclosure. In some possible implementation manners, various aspects of the present disclosure may also be implemented in the form of a program product, which includes program code, and when the program product is run on a terminal device, the program code is used to cause the terminal device to execute the steps according to various exemplary embodiments of the present disclosure described in the above "Exemplary Method" section of this specification.
例如,本公开实施例中的程序产品被处理器执行时实现如下步骤的方法:当家庭网关接收到一个或多个用户终端的附着请求时,为每个用户终端申请一个虚拟标识; 将各个用户终端的物理地址和对应的虚拟标识,关联存储到家庭网关;根据家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,对家庭网关下的各个用户终端进行差异化控制。For example, when the program product in the embodiment of the present disclosure is executed by the processor, the following steps are implemented: when the home gateway receives an attachment request from one or more user terminals, apply for a virtual ID for each user terminal; associate and store the physical addresses of each user terminal and the corresponding virtual IDs in the home gateway; perform differentiated control on each user terminal under the home gateway according to the physical addresses and corresponding virtual IDs of each user terminal associated and stored in the home gateway.
进一步的,在一些实施例中,本公开实施例中的程序产品被处理器执行时还可实现如下步骤的方法:当家庭网关接收到一个或多个用户终端的附着请求时,通过家庭网关向家庭网关虚拟标识管理RVIM平台发起各个用户终端的虚拟标识申请请求,其中,RVIM平台中预先部署有多个虚拟标识,虚拟标识申请请求中包含:家庭网关的网关标识和各个用户终端的物理地址;通过家庭网关接收RVIM平台返回的各个用户终端的虚拟标识,其中,RVIM平台还用于将每个用户终端的物理地址、虚拟标识和网关标识关联存储,并同步至核心网。Further, in some embodiments, when the program product in the embodiments of the present disclosure is executed by the processor, the following steps can also be implemented: when the home gateway receives an attachment request from one or more user terminals, the home gateway initiates a virtual identity application request for each user terminal to the home gateway virtual identity management RVIM platform, wherein, the RVIM platform is pre-deployed with multiple virtual identities, and the virtual identity application request includes: the gateway identity of the home gateway and the physical address of each user terminal; receiving the virtual identity of each user terminal returned by the RVIM platform through the home gateway, wherein, the RV The IM platform is also used to associate and store the physical address, virtual ID and gateway ID of each user terminal, and synchronize them to the core network.
进一步的,在一些实施例中,本公开实施例中的程序产品被处理器执行时还可实现如下步骤的方法:当家庭网关接收到各个用户终端发起的业务请求时,根据各个用户终端的物理地址获取对应的虚拟标识;根据各个用户终端的虚拟标识向核心网发起会话建立请求。Further, in some embodiments, when the program product in the embodiment of the present disclosure is executed by the processor, the following steps can also be implemented: when the home gateway receives a service request initiated by each user terminal, obtain the corresponding virtual identifier according to the physical address of each user terminal; initiate a session establishment request to the core network according to the virtual identifier of each user terminal.
在一些实施例中,本公开实施例中的程序产品被处理器执行时还可实现如下步骤的方法:接收来自家庭网关的虚拟标识申请请求,其中,虚拟标识申请请求用于为附着到家庭网关的一个或多个用户终端申请对应的虚拟标识,虚拟标识申请请求中包含:家庭网关的网关标识和各个用户终端的物理地址;根据虚拟标识申请请求,向家庭网关返回一个或多个用户终端的虚拟标识,其中,家庭网关将各个用户终端的物理地址和对应的虚拟标识进行关联存储,以对家庭网关下的各个用户终端进行差异化控制。In some embodiments, when the program product in the embodiment of the present disclosure is executed by the processor, the following steps can also be implemented: receiving a virtual ID application request from a home gateway, wherein the virtual ID application request is used to apply for a corresponding virtual ID for one or more user terminals attached to the home gateway, and the virtual ID application request includes: the gateway ID of the home gateway and the physical address of each user terminal; according to the virtual ID application request, return the virtual ID of one or more user terminals to the home gateway, wherein the home gateway associates and stores the physical address of each user terminal and the corresponding virtual ID to the home gateway Differentiated control is performed on each user terminal under the network.
进一步的,在一些实施例中,本公开实施例中的程序产品被处理器执行时还可实现如下步骤的方法:在根据虚拟标识申请请求,向家庭网关返回一个或多个虚拟标识之后,将每个用户终端的物理地址、虚拟标识和网关标识关联存储。Further, in some embodiments, when the program product in the embodiment of the present disclosure is executed by the processor, the following steps can also be implemented: after one or more virtual identities are returned to the home gateway according to the virtual id application request, the physical address of each user terminal, the virtual identities, and the gateway identities are associated and stored.
本公开中的计算机可读存储介质的更具体的例子可以包括但不限于:具有一个或多个导线的电连接、便携式计算机磁盘、硬盘、随机访问存储器(RAM)、只读存储器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、光纤、便携式紧凑磁盘只读存储器(CD-ROM)、光存储器件、磁存储器件、或者上述的任意合适的组合。More specific examples of a computer-readable storage medium in the present disclosure may include, but are not limited to, an electrical connection with one or more wires, a portable computer disk, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
在本公开中,计算机可读存储介质可以包括在基带中或者作为载波一部分传播的数据信号,其中承载了可读程序代码。这种传播的数据信号可以采用多种形式,包括但不限于电磁信号、光信号或上述的任意合适的组合。可读信号介质还可以是可读存储介质以外的任何可读介质,该可读介质可以发送、传播或者传输用于由指令执行系统、装置或者器件使用或者与其结合使用的程序。In the present disclosure, a computer-readable storage medium may include a data signal carrying readable program code in baseband or as part of a carrier wave traveling as a data signal. Such propagated data signals may take many forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium other than a readable storage medium that can transmit, propagate, or transport a program for use by or in conjunction with an instruction execution system, apparatus, or device.
在一些实施例中,计算机可读存储介质上包含的程序代码可以用任何适当的介质传输,包括但不限于无线、有线、光缆、RF等等,或者上述的任意合适的组合。In some embodiments, program code embodied on a computer readable storage medium may be transmitted using any suitable medium, including but not limited to wireless, wireline, optical cable, RF, etc., or any suitable combination of the above.
在具体实施时,可以以一种或多种程序设计语言的任意组合来编写用于执行本公 开操作的程序代码,所述程序设计语言包括面向对象的程序设计语言—诸如Java、C++等,还包括常规的过程式程序设计语言—诸如“C”语言或类似的程序设计语言。程序代码可以完全地在用户计算设备上执行、部分地在用户设备上执行、作为一个独立的软件包执行、部分在用户计算设备上部分在远程计算设备上执行、或者完全在远程计算设备或服务器上执行。在涉及远程计算设备的情形中,远程计算设备可以通过任意种类的网络,包括局域网(LAN)或广域网(WAN),连接到用户计算设备,或者,可以连接到外部计算设备(例如利用因特网服务提供商来通过因特网连接)。In practice, the program code for performing the operations of the present disclosure may be written in any combination of one or more programming languages, including object-oriented programming languages—such as Java, C++, etc., and conventional procedural programming languages—such as “C” language or similar programming languages. The program code may execute entirely on the user computing device, partly on the user device, as a stand-alone software package, partly on the user computing device and partly on a remote computing device, or entirely on the remote computing device or server. In cases involving a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a local area network (LAN) or a wide area network (WAN), or alternatively, may be connected to an external computing device (e.g., via the Internet using an Internet service provider).
应当注意,尽管在上文详细描述中提及了用于动作执行的设备的若干模块或者单元,但是这种划分并非强制性的。实际上,根据本公开的实施方式,上文描述的两个或更多模块或者单元的特征和功能可以在一个模块或者单元中具体化。反之,上文描述的一个模块或者单元的特征和功能可以进一步划分为由多个模块或者单元来具体化。It should be noted that although several modules or units of the device for action execution are mentioned in the above detailed description, this division is not mandatory. Actually, according to the embodiment of the present disclosure, the features and functions of two or more modules or units described above may be embodied in one module or unit. Conversely, the features and functions of one module or unit described above can be further divided to be embodied by a plurality of modules or units.
此外,尽管在附图中以特定顺序描述了本公开中方法的各个步骤,但是,这并非要求或者暗示必须按照该特定顺序来执行这些步骤,或是必须执行全部所示的步骤才能实现期望的结果。附加的或备选的,可以省略某些步骤,将多个步骤合并为一个步骤执行,以及/或者将一个步骤分解为多个步骤执行等。In addition, while steps of the methods of the present disclosure are depicted in a particular order in the figures, there is no requirement or implication that the steps must be performed in that particular order, or that all illustrated steps must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps may be combined into one step for execution, and/or one step may be decomposed into multiple steps for execution, etc.
通过以上实施方式的描述,本领域的技术人员易于理解,这里描述的示例实施方式可以通过软件实现,也可以通过软件结合必要的硬件的方式来实现。因此,根据本公开实施方式的技术方案可以以软件产品的形式体现出来,该软件产品可以存储在一个非易失性存储介质(可以是CD-ROM,U盘,移动硬盘等)中或网络上,包括若干指令以使得一台计算设备(可以是个人计算机、服务器、移动终端、或者网络设备等)执行根据本公开实施方式的方法。Through the description of the above embodiments, those skilled in the art can easily understand that the example embodiments described here can be implemented by software, or by combining software with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, a U disk, a mobile hard disk, etc.) or on a network, and includes several instructions so that a computing device (which can be a personal computer, a server, a mobile terminal, or a network device, etc.) executes the method according to the embodiments of the present disclosure.
本领域技术人员在考虑说明书及实践这里公开的发明后,将容易想到本公开的其它实施方案。本公开旨在涵盖本公开的任何变型、用途或者适应性变化,这些变型、用途或者适应性变化遵循本公开的一般性原理并包括本公开未公开的本技术领域中的公知常识或惯用技术手段。说明书和实施例仅被视为示例性的,本公开的真正范围和精神由所附的权利要求指出。Other embodiments of the present disclosure will be readily apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. The present disclosure is intended to cover any modification, use or adaptation of the present disclosure, which follow the general principles of the present disclosure and include common knowledge or conventional technical means in the technical field not disclosed in the present disclosure. The specification and examples are to be considered exemplary only, with the true scope and spirit of the disclosure indicated by the appended claims.

Claims (11)

  1. 一种用户终端的差异化控制方法,包括:A differentiated control method for a user terminal, comprising:
    当家庭网关接收到一个或多个用户终端的附着请求时,为每个用户终端申请一个虚拟标识;When the home gateway receives attachment requests from one or more user terminals, apply for a virtual identity for each user terminal;
    将各个用户终端的物理地址和对应的虚拟标识,关联存储到所述家庭网关;Associating and storing the physical address of each user terminal and the corresponding virtual ID in the home gateway;
    根据所述家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,对所述家庭网关下的各个用户终端进行差异化控制。Differentiated control is performed on each user terminal under the home gateway according to the physical address and the corresponding virtual identifier of each user terminal associated and stored in the home gateway.
  2. 根据权利要求1所述的用户终端的差异化控制方法,其中,当家庭网关接收到一个或多个用户终端的附着请求时,为每个用户终端申请一个虚拟标识,包括:The differentiated control method for user terminals according to claim 1, wherein, when the home gateway receives attachment requests from one or more user terminals, applying for a virtual identity for each user terminal includes:
    当家庭网关接收到一个或多个用户终端的附着请求时,通过所述家庭网关向家庭网关虚拟标识管理RVIM平台发起各个用户终端的虚拟标识申请请求,其中,所述RVIM平台中预先部署有多个虚拟标识,所述虚拟标识申请请求中包含:所述家庭网关的网关标识和各个用户终端的物理地址;When the home gateway receives an attachment request from one or more user terminals, the home gateway initiates a virtual identity application request for each user terminal to the home gateway virtual identity management RVIM platform, wherein a plurality of virtual identities are pre-deployed in the RVIM platform, and the virtual identity application request includes: the gateway identity of the home gateway and the physical address of each user terminal;
    通过所述家庭网关接收所述RVIM平台返回的各个用户终端的虚拟标识,其中,所述RVIM平台还用于将每个用户终端的物理地址、虚拟标识和网关标识关联存储,并同步至核心网。The virtual identifier of each user terminal returned by the RVIM platform is received through the home gateway, wherein the RVIM platform is also used to associate and store the physical address, virtual identifier and gateway identifier of each user terminal, and synchronize them to the core network.
  3. 根据权利要求1所述的用户终端的差异化控制方法,其中,根据所述家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,对所述家庭网关下的各个用户终端进行差异化控制,包括:The differentiated control method for user terminals according to claim 1, wherein, according to the physical addresses and corresponding virtual identities of each user terminal associated and stored in the home gateway, performing differentiated control on each user terminal under the home gateway includes:
    当所述家庭网关接收到各个用户终端发起的业务请求时,根据各个用户终端的物理地址获取对应的虚拟标识;When the home gateway receives a service request initiated by each user terminal, it acquires a corresponding virtual identifier according to the physical address of each user terminal;
    根据各个用户终端的虚拟标识向核心网发起会话建立请求。Initiate a session establishment request to the core network according to the virtual identifier of each user terminal.
  4. 一种用户终端的差异化控制方法,其中,包括:A differentiated control method for user terminals, including:
    接收来自家庭网关的虚拟标识申请请求,其中,所述虚拟标识申请请求用于为附着到所述家庭网关的一个或多个用户终端申请对应的虚拟标识,所述虚拟标识申请请求中包含:所述家庭网关的网关标识和各个用户终端的物理地址;Receive a virtual identity application request from a home gateway, wherein the virtual identity application request is used to apply for a corresponding virtual identity for one or more user terminals attached to the home gateway, and the virtual identity application request includes: the gateway identity of the home gateway and the physical address of each user terminal;
    根据所述虚拟标识申请请求,向所述家庭网关返回一个或多个用户终端的虚拟标识,其中,所述家庭网关将各个用户终端的物理地址和对应的虚拟标识进行关联存储,以对所述家庭网关下的各个用户终端进行差异化控制。According to the virtual identity application request, return the virtual identity of one or more user terminals to the home gateway, wherein the home gateway associates and stores the physical address of each user terminal with the corresponding virtual identity, so as to perform differentiated control on each user terminal under the home gateway.
  5. 根据权利要求4所述的用户终端的差异化控制方法,其中,在根据所述虚拟标识申请请求,向所述家庭网关返回一个或多个虚拟标识之后,所述方法还包括:The differentiated control method for user terminals according to claim 4, wherein, after returning one or more virtual identities to the home gateway according to the virtual id application request, the method further comprises:
    将每个用户终端的物理地址、虚拟标识和网关标识关联存储。The physical address, virtual ID and gateway ID of each user terminal are associated and stored.
  6. 一种用户终端的差异化控制系统,其中,包括:核心网、家庭网关虚拟标识管理 RVIM平台、家庭网关及附着到所述家庭网关的一个或多个用户终端;A differentiated control system for user terminals, including: a core network, a home gateway virtual identity management RVIM platform, a home gateway, and one or more user terminals attached to the home gateway;
    其中,所述家庭网关用于在接收到一个或多个用户终端的附着请求时,向所述RVIM平台发起各个用户终端的虚拟标识申请请求;Wherein, the home gateway is configured to initiate a virtual identity application request for each user terminal to the RVIM platform when receiving an attachment request from one or more user terminals;
    所述RVIM平台,用于根据接收到的虚拟标识申请请求,为各个用户终端分配一个虚拟标识,并返回至所述家庭网关;The RVIM platform is configured to assign a virtual identity to each user terminal according to the received virtual identity application request, and return it to the home gateway;
    所述核心网,与所述家庭网关通信,用于根据所述家庭网关下各个用户终端的物理地址和对应的虚拟标识,对所述家庭网关下的各个用户终端进行差异化控制。The core network communicates with the home gateway, and is configured to perform differentiated control on each user terminal under the home gateway according to the physical addresses and corresponding virtual identities of each user terminal under the home gateway.
  7. 一种用户终端的差异化控制装置,包括:A differentiated control device for a user terminal, comprising:
    号码申请模块,用于当家庭网关接收到一个或多个用户终端的附着请求时,为每个用户终端申请一个虚拟标识;The number application module is used to apply for a virtual ID for each user terminal when the home gateway receives an attachment request from one or more user terminals;
    号码关联模块,用于将各个用户终端的物理地址和对应的虚拟标识,关联存储到所述家庭网关;A number association module, configured to associate and store the physical address of each user terminal and the corresponding virtual ID in the home gateway;
    差异化控制模块,用于根据所述家庭网关中关联存储的各个用户终端的物理地址和对应的虚拟标识,对所述家庭网关下的各个用户终端进行差异化控制。A differentiated control module, configured to perform differentiated control on each user terminal under the home gateway according to the physical address and the corresponding virtual identifier of each user terminal associated and stored in the home gateway.
  8. 一种用户终端的差异化控制装置,包括:A differentiated control device for a user terminal, comprising:
    请求接收模块,用于接收来自家庭网关的虚拟标识申请请求,其中,所述虚拟标识申请请求用于为附着到所述家庭网关的一个或多个用户终端申请对应的虚拟标识,所述虚拟标识申请请求中包含:所述家庭网关的网关标识和各个用户终端的物理地址;The request receiving module is configured to receive a virtual identity application request from a home gateway, wherein the virtual identity application request is used to apply for a corresponding virtual identity for one or more user terminals attached to the home gateway, and the virtual identity application request includes: the gateway identity of the home gateway and the physical address of each user terminal;
    响应模块,用于根据所述虚拟标识申请请求,向所述家庭网关返回各个用户终端的虚拟标识,其中,所述家庭网关将各个用户终端的物理地址和对应的虚拟标识进行关联存储,以对所述家庭网关下的各个用户终端进行差异化控制。The response module is configured to return the virtual ID of each user terminal to the home gateway according to the virtual ID application request, wherein the home gateway associates and stores the physical address of each user terminal with the corresponding virtual ID, so as to perform differentiated control on each user terminal under the home gateway.
  9. 一种电子设备,包括:An electronic device comprising:
    处理器;以及processor; and
    存储器,用于存储所述处理器的可执行指令;a memory for storing executable instructions of the processor;
    其中,所述处理器配置为经由执行所述可执行指令来执行权利要求1~5中任意一项所述用户终端的差异化控制方法。Wherein, the processor is configured to execute the user terminal differentiated control method according to any one of claims 1-5 by executing the executable instruction.
  10. 一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现权利要求1~5中任意一项所述的用户终端的差异化控制方法。A computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the differentiated control method for a user terminal according to any one of claims 1-5 is implemented.
  11. 一种计算机程序产品,包括计算机程序,所述计算机程序被处理器执行时实现权利要求1~5中任意一项所述的用户终端的差异化控制方法。A computer program product, comprising a computer program, when the computer program is executed by a processor, the differentiated control method for a user terminal according to any one of claims 1-5 is implemented.
PCT/CN2022/142966 2022-01-21 2022-12-28 Differentiated control method and apparatus for user terminal, and related device WO2023138335A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210069544.8 2022-01-21
CN202210069544.8A CN116527733A (en) 2022-01-21 2022-01-21 Differentiated control method, device, equipment and storage of user terminal

Publications (1)

Publication Number Publication Date
WO2023138335A1 true WO2023138335A1 (en) 2023-07-27

Family

ID=87347750

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/142966 WO2023138335A1 (en) 2022-01-21 2022-12-28 Differentiated control method and apparatus for user terminal, and related device

Country Status (2)

Country Link
CN (1) CN116527733A (en)
WO (1) WO2023138335A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117008490A (en) * 2023-08-10 2023-11-07 深圳市华拓科技有限公司 Equipment cloud control system, equipment and medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101645887A (en) * 2009-04-23 2010-02-10 中国科学院声学研究所 Protocol conversion module and inter-network calling method between IMS network and family network
CN106856511A (en) * 2015-12-08 2017-06-16 中国电信股份有限公司 Method, gateway, PCRF network elements and system for dynamic assignment IP address pond
CN110417840A (en) * 2018-04-28 2019-11-05 华为技术有限公司 A kind of information processing method and device
CN110536481A (en) * 2019-07-03 2019-12-03 中兴通讯股份有限公司 Data transmission link method for building up, device and computer readable storage medium
US20200092795A1 (en) * 2015-04-21 2020-03-19 Parallel Wireless, Inc. SIM Whitelisting and Multi-Operator Core Networks

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101645887A (en) * 2009-04-23 2010-02-10 中国科学院声学研究所 Protocol conversion module and inter-network calling method between IMS network and family network
US20200092795A1 (en) * 2015-04-21 2020-03-19 Parallel Wireless, Inc. SIM Whitelisting and Multi-Operator Core Networks
CN106856511A (en) * 2015-12-08 2017-06-16 中国电信股份有限公司 Method, gateway, PCRF network elements and system for dynamic assignment IP address pond
CN110417840A (en) * 2018-04-28 2019-11-05 华为技术有限公司 A kind of information processing method and device
CN110536481A (en) * 2019-07-03 2019-12-03 中兴通讯股份有限公司 Data transmission link method for building up, device and computer readable storage medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117008490A (en) * 2023-08-10 2023-11-07 深圳市华拓科技有限公司 Equipment cloud control system, equipment and medium

Also Published As

Publication number Publication date
CN116527733A (en) 2023-08-01

Similar Documents

Publication Publication Date Title
US20210297410A1 (en) Mec platform deployment method and apparatus
WO2019085803A1 (en) Method, device and system for internet of things communication
JP5885834B2 (en) Method and apparatus for remotely delivering a managed USB service via a mobile computing device
US11871479B2 (en) Techniques for decoupling authentication and subscription management from a home subscriber server
WO2022242507A1 (en) Communication method, apparatus, computer-readable medium electronic device, and program product
CN103973785B (en) A kind of log read system and method based on P2P
US11019032B2 (en) Virtual private networks without software requirements
CN103812900A (en) Data synchronization method, device and system
US20230254286A1 (en) Vpn deep packet inspection
WO2023138335A1 (en) Differentiated control method and apparatus for user terminal, and related device
JP2021184308A (en) Device and method for remotely managing apparatus, and program therefor
WO2023103367A1 (en) Data transmission method and related device
CN103684958A (en) Method and system for providing flexible VPN (virtual private network) service and VPN service center
CN114025009B (en) Method, system, proxy server and device for forwarding request
CN112565372B (en) Communication method and system for virtual machine and client during network isolation
WO2023011107A1 (en) Session policy control method, network element, storage medium, and electronic device
WO2024001086A1 (en) Data communication method and apparatus based on shared key, device, and medium
CN116782345A (en) Communication method, communication device, storage medium, and electronic apparatus
WO2023273799A1 (en) Communication method and apparatus for external devices, electronic device, and storage medium
CN115022178A (en) Network card switching method and device, electronic equipment and readable storage medium
CN111181904B (en) Network access method, device and medium
JP2023541662A (en) Data steering method and device
CN116545777B (en) User category switching method and device, storage medium and electronic equipment
WO2024022400A1 (en) Cloud resource configuration method and related device
WO2024093534A1 (en) Npn identification method and apparatus, and related device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22921755

Country of ref document: EP

Kind code of ref document: A1