CN100544255C - The method of positioning describing data function entity among the NASS - Google Patents
The method of positioning describing data function entity among the NASS Download PDFInfo
- Publication number
- CN100544255C CN100544255C CNB2005101147767A CN200510114776A CN100544255C CN 100544255 C CN100544255 C CN 100544255C CN B2005101147767 A CNB2005101147767 A CN B2005101147767A CN 200510114776 A CN200510114776 A CN 200510114776A CN 100544255 C CN100544255 C CN 100544255C
- Authority
- CN
- China
- Prior art keywords
- user
- function entity
- entity
- authentication
- home domain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses the method for positioning describing data function entity among a kind of NASS, subordinate's generation network mobile communication technology field.For positioning existing problem and shortage, the difficult PDBF to user's correspondence of solution UAAF proposes.The method of positioning describing data function entity is specially among the NASS of the present invention, be between the UAAF of home domain and SLF to have additional interface, and described SLF internal memory contains the identifier information of PDBF; The UAAF of described home domain is after the network configuration authentication and authentication information request of the inquiring user that receives requesting party's transmission, send the request of the identifier information of the PDBF that obtains user's correspondence to described SLF by described interface, described SLF searches the identifier information of the PDBF that this user registers according to user profile, and this identifier information responded UAAF to home domain, thereby realize location to PDBF.
Description
Technical field
The present invention relates to next generation network (NGN, Next Generation Network) mobile communication technology field, relate in particular in the NGN architectural framework, user access authorization function entity (UAAF, User AccessAuthorization Function) method of identification data of description functional entity (PDBF, Profile Data Base Function).
Background technology
At present, with the Internet new technology of representative just conventional telecommunication network in profound influence notion and system, next generation network is one of wherein the most noticeable bright spot.In current a kind of NGN architectural framework, the major function of Network Attachment Subsystem as shown in Figure 1 (NASS, Network Attachment Subsystem) be dynamic assignment Internet Protocol (IP) address and other-end configuration parameter, during the IP address assignment program or before occur in IP layer user's authentication and authentication, according to the network insertion mandate of customer service inventory (Profile), according to the Access Network configuration of customer service inventory (Profile), occur in the location management of IP layer etc.
In numerous functional entitys that NASS comprises, comprising network access configuration function entity (NACF, Network Access Configuration Function), access management function entity (AMF, AccessManagement Function), connection session location and memory function entity (CLF, Connectivity SessionLocation and Repository Function), UAAF, PDBF, user's configuration feature entity (CPECF, CPE Configuration Function).Described PDBF is used for storing with user network and inserts configuration relevant authentication and authentication information, comprise user identifier (User Identity), support mandate approach inventory (List of SupportedAuthentication Methods), key material authorization data information such as (Key Material).
UAAF obtains from PDBF with interface between the PDBF by UAAF and user network inserts configuration relevant authentication and authentication information.PDBF can be positioned in user's service describing functional entity (UPSF, UserProfile Server Function), also can occur as a functional entity separately.Usually UPSF has a plurality ofly in an area, so UAAF is difficult for knowing which PDBF from which UPSF be, obtains and user network inserts configuration relevant authentication and authentication information.
Summary of the invention
The objective of the invention is to solve UAAF and be difficult for the data of description functional entity of user's correspondence is positioned existing problem and shortage, a kind of convenience, the method for positioning describing data function entity among the NASS efficiently are provided.
For addressing the above problem, the present invention adopts following technical scheme: the method for positioning describing data function entity comprises among this NASS, the user access authorization function entity and the Subscription Locator Function inter-entity that are in home domain have additional interface, and described Subscription Locator Function physical memory contains the identifier information of data of description functional entity; The user access authorization function entity of described home domain is after the network configuration authentication and authentication information request of the inquiring user that receives requesting party's transmission, send the request of the identifier information of the data of description functional entity that obtains user's correspondence to described Subscription Locator Function entity by described interface, described Subscription Locator Function entity is searched the identifier information of the data of description functional entity that this user registers according to user profile, and the response message of this identifier information is sent to the user access authorization function entity of home domain, thereby realize location to the data of description functional entity.
According to the invention described above technical scheme, by the interface of setting up in the user access authorization function entity and the Subscription Locator Function inter-entity of home domain, and in the storage of described Subscription Locator Function physical memory can be by the identifier information of visit of the user access authorization function entity of home domain and the data of description functional entity that obtains, can make the user access authorization function entity of home domain convenient by the identifier information of this data of description functional entity, identify the data of description functional entity of user's correspondence efficiently, thereby obtain to insert configuration relevant authentication and authentication information with user network, as User Identity, List of Supported Authentication Methods, authorization data information such as Key Material.
Description of drawings
Fig. 1 is in a kind of NGN architectural framework, a kind of scene graph of original NASS;
Fig. 2 be in the method for positioning describing data function entity among the NASS of the present invention after the user access authorization function entity of home domain and Subscription Locator Function inter-entity are set up interface, the another kind of scene graph of NASS;
Fig. 3 is the signaling flow of UAAF visit Subscription Locator Function entity in the method for positioning describing data function entity among the NASS of the present invention;
Fig. 4 be in the method for positioning describing data function entity among the NASS of the present invention UAAF by the signaling flow of Subscription Locator Function entities access PDBF;
Fig. 5 is that the UAAF of home domain was by the signaling flow of Subscription Locator Function entities access PDBF when the user was in the visit territory in the method for positioning describing data function entity among the NASS of the present invention;
Embodiment
Referring to Fig. 2 and Fig. 3, the method of positioning describing data function entity among the NASS of the present invention, be specially, be in the user access authorization function entity and the Subscription Locator Function entity (SLF of home domain, SubscriptionLocator Function) have additional interface between, and this Subscription Locator Function physical memory contains the identifier information of data of description functional entity; The user access authorization function entity of described home domain is after the network configuration authentication and authentication information request of the inquiring user that receives requesting party's transmission, send the request of the identifier information of the data of description functional entity that obtains user's correspondence to described Subscription Locator Function entity by described interface, described Subscription Locator Function entity is searched the identifier information of the data of description functional entity that this user registers according to user profile, and this identifier information responded user access authorization function entity to home domain, thereby realize location to the data of description functional entity.
Wherein, the identifier information of this data of description functional entity includes the name information or the address information of data of description functional entity; The agreement of the interface that described user access authorization functional network entity and Subscription Locator Function inter-entity are set up can be Diameter, remote dial access service authentication protocol (RADIUS, RemoteAuthentication Dial in User Service) or public open policy service protocol agreement (COPS, Common OpenPolicy Service), also can realize by other related protocol.
Below in conjunction with accompanying drawing and two specific embodiments, further specify technical characterictic of the present invention and function characteristics, purpose is that the present invention can be described better, but is not to be used for limiting protection scope of the present invention.
Execution mode one:
Referring to Fig. 2, Fig. 3 and Fig. 4, embodiments of the present invention one can be sketched and be: when the user is in the home domain of network, by increasing title and the address that request between the interface of the user access authorization function entity of home domain and Subscription Locator Function inter-entity and response message obtain the data of description functional entity newly, thereby realize location to the data of description functional entity.
If the user is in the home domain of network, the method by positioning describing data function entity among the NASS of the present invention positions the data of description functional entity, comprises the steps:
(1) UAAF of home domain receives the network configuration authentication of the inquiring user that sends from AMF and the request of authentication information;
(2) UAAF of home domain sends the title of the data of description functional entity that obtains user's correspondence or the request (SLF_Query) of address to the Subscription Locator Function entity after receiving this request;
(3) title of the data of description functional entity that obtains user's correspondence that sends of the UAAF of Subscription Locator Function entity handles home domain or the request of address, and the title and the address of searching the data of description functional entity that this user registers according to user profile;
(4) the Subscription Locator Function entity returns the title that comprises the data of description functional entity or the response message (SLF_RESP) of address to the UAAF of home domain;
(5) UAAF of home domain indicated data of description functional entity in response message sends the network configuration authentication and the authentication information request (Query) of inquiring user;
(6) the data of description functional entity is after receiving this request, returns the response message (RESP) of relevant informations such as the network configuration authentication that includes the user and authentication to the UAAF of home domain;
(7) UAAF of home domain is to relevant informations such as access management function entity response user's network configuration authentication and authentications, and finishes authentication to the user by the access management function entity.
Execution mode two:
Referring to Fig. 2, Fig. 3 and Fig. 5, embodiments of the present invention two can be sketched and be: when the user is in the visit territory of network, by increasing title and the address that request between the interface of the user access authorization function entity of home domain and Subscription Locator Function inter-entity and response message obtain the data of description functional entity newly, thereby realize location to the data of description functional entity.
If the user is in the visit territory of network, the method by positioning describing data function entity among the NASS of the present invention positions the data of description functional entity, comprises the steps:
(1) UAAF (serving as UAAF-Proxy) in visit territory receives the network configuration authentication of the inquiring user that sends from AMF and the request of authentication information;
(2) UAAF-Proxy should ask (Query) to be forwarded to UAAF (serving as UAAF-Server) after the request of network configuration authentication that receives inquiring user and authentication information;
(3) UAAF-Server sends the title of the data of description functional entity that obtains user's correspondence or the request (SLF_Query) of address to the Subscription Locator Function entity after receiving this request;
(4) title of the data of description functional entity that obtains user's correspondence that sends of Subscription Locator Function entity handles UAAF-Server or the request of address, and the title and the address of searching the data of description functional entity that this user registers according to user profile;
(5) the Subscription Locator Function entity returns the title that includes the data of description functional entity or the response (SLF_RESP) of address to UAAF-Server;
(6) UAAF-Server indicated data of description functional entity in response message sends the network configuration authentication and the authentication information request (Query) of inquiring user;
(7) the data of description functional entity is after receiving this request, returns the response (RESP) of relevant informations such as the network configuration authentication that includes the user and authentication to UAAF-Server;
(8) UAAF-Server transmits the response (RESP) of relevant informations such as the network configuration authentication comprise the user and authentication to UAAF-Proxy;
(9) UAAF-Proxy is to relevant informations such as access management function entity response user's network configuration authentication and authentications, and finishes authentication to the user by the access management function entity.
Above-mentioned embodiment describes the present invention with preferred embodiment, but the example of this visualization of just lifting for the ease of understanding should not be considered to be limitation of the scope of the invention.Equally, according to the description of technical scheme of the present invention and preferred embodiment thereof, can make various possible being equal to and change or replacement, and all these changes or replacement all should belong to the protection range of claim of the present invention.
Claims (6)
1. the method for positioning describing data function entity in the Network Attachment Subsystem, it is characterized in that, this method comprises, the user access authorization function entity and the Subscription Locator Function inter-entity that are in home domain have additional interface, and described Subscription Locator Function physical memory contains the identifier information of data of description functional entity; The user access authorization function entity of described home domain is after the network configuration authentication and authentication information request of the inquiring user that receives requesting party's transmission, send the request of the identifier information of the data of description functional entity that obtains user's correspondence to described Subscription Locator Function entity by described interface, described Subscription Locator Function entity is searched the identifier information of the data of description functional entity that this user registers according to user profile, and the response message of this identifier information is sent to the user access authorization function entity of home domain, thereby realize location to the data of description functional entity.
2. the method for positioning describing data function entity in the Network Attachment Subsystem as claimed in claim 1, it is characterized in that, described request side is that the user access authorization function entity in access management function entity or visit territory comprises: if the user is in home domain, then the requesting party is the access management function entity, directly the authentication of the network configuration of inquiring user and authentication information request is sent to the user access authorization function entity of home domain by this access management function entity; If the user is in the visit territory, then the requesting party is the user access authorization function entity in visit territory, the user access authorization function entity in this visit territory is forwarded to this request the user access authorization functional network entity of home domain after the network configuration authentication and authentication information request that receive from the inquiring user of access management function entity.
3. the method for positioning describing data function entity in the Network Attachment Subsystem as claimed in claim 2, it is characterized in that, this method also comprises, the user access authorization function entity of described home domain obtains user's network configuration authentication and authentication information from the indicated data of description functional entity of described identifier information, and the response message of authentication of this user's network configuration and authentication information is sent to the requesting party, and finally finish authentication to the user by the access management function entity.
4. the method for positioning describing data function entity in the Network Attachment Subsystem as claimed in claim 3, it is characterized in that, the user access authorization function entity of described home domain is sent to the requesting party with the response message of authentication of user's network configuration and authentication information and comprises, if the user is in home domain, then the user access authorization function entity of described home domain directly is sent to described access management function entity with user's the network configuration authentication and the response message of authentication information; If the user is in the visit territory, the user access authorization function entity of the described home domain user access authorization function entity that earlier user's network configuration authentication and authentication information is forwarded to described visit territory then is sent to the access management function entity by the user access authorization function entity in visit territory with this user's network configuration authentication and authentication information again.
5. as the method for positioning describing data function entity in the described Network Attachment Subsystem of arbitrary claim in the claim 1 to 4, it is characterized in that the identifier information of described data of description functional entity includes the name information or the address information of data of description functional entity.
6. as the method for positioning describing data function entity in the described Network Attachment Subsystem of arbitrary claim in the claim 1 to 4, it is characterized in that the agreement of the interface that described user access authorization functional network entity and Subscription Locator Function inter-entity are set up is Diameter, remote dial access service authentication protocol or public open policy service protocol agreement.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2005101147767A CN100544255C (en) | 2005-10-27 | 2005-10-27 | The method of positioning describing data function entity among the NASS |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2005101147767A CN100544255C (en) | 2005-10-27 | 2005-10-27 | The method of positioning describing data function entity among the NASS |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1956377A CN1956377A (en) | 2007-05-02 |
CN100544255C true CN100544255C (en) | 2009-09-23 |
Family
ID=38063495
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2005101147767A Expired - Fee Related CN100544255C (en) | 2005-10-27 | 2005-10-27 | The method of positioning describing data function entity among the NASS |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN100544255C (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101345723B (en) * | 2007-07-11 | 2011-04-06 | 华为技术有限公司 | Management authentication method and system of client gateway |
CN104137485B (en) * | 2012-10-12 | 2017-11-17 | 华为技术有限公司 | The method and announcement server of the network information are provided for terminal |
CN104137581B (en) | 2012-12-21 | 2018-03-09 | 华为技术有限公司 | A kind of determination methods and device of repeatedly networking user |
-
2005
- 2005-10-27 CN CNB2005101147767A patent/CN100544255C/en not_active Expired - Fee Related
Non-Patent Citations (2)
Title |
---|
下一代网络(NGN)的框架结构. 续合元.电信工程技术与标准化. 2005 |
下一代网络(NGN)的框架结构. 续合元.电信工程技术与标准化. 2005 * |
Also Published As
Publication number | Publication date |
---|---|
CN1956377A (en) | 2007-05-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9179289B2 (en) | Method and system for remotely accessing | |
CN102695167B (en) | Mobile subscriber identity management method and apparatus thereof | |
CN103167444B (en) | Website obtains the method for subscriber phone number, system, client and server | |
CN102714791A (en) | Terminal identifiers in a communications network | |
CN100442920C (en) | Method for user accessing information in next generation network | |
RU2007105979A (en) | REGISTRATION OF USERS IN THE COMMUNICATION SYSTEM | |
CN111107171B (en) | Security defense method and device for DNS (Domain name Server), communication equipment and medium | |
WO2014183260A1 (en) | Method, device and system for processing data service under roaming scenario | |
US8958792B2 (en) | Method and system for selecting mobility management entity of terminal group | |
US20060146742A1 (en) | Mobile router, position management server, mobile network management system, and mobile network management method | |
CN104519551B (en) | WiFi network DHCP negotiation method and client | |
CN112217653B (en) | Strategy issuing method, device and system | |
CN100544255C (en) | The method of positioning describing data function entity among the NASS | |
CN101513091A (en) | Policy control structure containing independent identification supplier | |
CN100488137C (en) | Correlation method, system and apparatus of user relative information in network attached sub-system | |
WO2010081438A1 (en) | Method and system for identifying an access network | |
CN100544256C (en) | The method of positioning user access authorization function entity among the NASS | |
CN100550732C (en) | The method of positioning describing data function entity among the NASS | |
CN101567879A (en) | Method, server, equipment and system for treating terminal request | |
CN1972225A (en) | Method for interacting user information between different sub-systems in next generation network | |
CN102209011A (en) | Method for establishing connection with multi-homed terminal and system thereof | |
CN102457829A (en) | Authentication and session management (ASM), and method for using roaming local network service | |
CN102868539A (en) | Method and system for managing nationwide billing identification gateways | |
CN101640701A (en) | Method for inquiring telephone number mapping domain name server Enumdns | |
CN101179842A (en) | Method and system to obtain access information of subscriber terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090923 Termination date: 20191027 |
|
CF01 | Termination of patent right due to non-payment of annual fee |