CN101009944A - A method for restricting the access of the user terminal in the 3G network - Google Patents
A method for restricting the access of the user terminal in the 3G network Download PDFInfo
- Publication number
- CN101009944A CN101009944A CNA2007100730358A CN200710073035A CN101009944A CN 101009944 A CN101009944 A CN 101009944A CN A2007100730358 A CNA2007100730358 A CN A2007100730358A CN 200710073035 A CN200710073035 A CN 200710073035A CN 101009944 A CN101009944 A CN 101009944A
- Authority
- CN
- China
- Prior art keywords
- user side
- subscriber identity
- mobile subscriber
- network controller
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The disclosed access-limit method for 3G network UE comprises: UE sends request message to RNC for RRC connection, and RNC decides whether the UE should access current network; if the UE has a right to access, according to said UE IMSI or known UE TMSI or relation between p-TMSI and its IMSI, the said RNC decides whether the UE access, yes the RNC sends building RRC connection message to UE, and UE sends finish message to RNC when completing access; or else RNC sends rejection message to UE. This scheme applies UE IMSI to decide its access.
Description
Technical field
The present invention relates in a kind of 3G network the method that the access to user side limits.
Background technology
In the time of UE (User Equipment, user side) access network, can carry out authentication to UE.This authentication is primarily aimed at the legitimacy of UE itself, by mutual authentication 5 tuples that obtain UE of core net and attaching position register, compares to judge the legitimacy of UE with it with from the information that UE obtains.But in particular application, operator can require the sub-district that UE inserts is limited, and promptly certain sub-district may only allow some UE to insert use, and other UE can be rejected, and can reach the purpose of control of authority like this.And existing authentication techniques generally can only limit the network that UE inserts, and can not limit the sub-district that UE inserts.
Summary of the invention
The technical problem to be solved in the present invention provides in a kind of 3G network carries out method for limiting to the sub-district of the access of user side.
The technical solution adopted for the present invention to solve the technical problems is:
The method that in a kind of 3G network the access of user side is limited comprises the normal flow of setting up the Radio Resource control connection, and the described normal flow of setting up the Radio Resource control connection comprises:
1.1 user side is initiated wireless resource control connection request message to radio network controller, described radio network controller is judged whether this access current network of described user side;
1.2 if described user side has the right to insert, then described radio network controller sends to described user side and sets up utran radio resource control connecting messages in umts user, described user side is finished and is inserted the back and send to described radio network controller and set up the Radio Resource control connection message that finishes; Otherwise described radio network controller sends refusal to described user side and sets up utran radio resource control connecting messages in umts user;
Further comprising the steps of between described step 1.1 and the step 1.2:
If described user side has the right to insert current network, described radio network controller is judged whether this access current area of described user side according to the international mobile subscriber identity of described user side.
In the such scheme, the international mobile subscriber identity of described user side is included in the described connection request message and sends to described radio network controller.
In the such scheme, to be described radio network controller obtain according to the temporary mobile subscriber identity or the grouping-temporary mobile subscriber identity of the user side that comprises in the described connection request message international mobile subscriber identity of described user side.
In the such scheme, the corresponding relation of the temporary mobile subscriber identity of described user side or grouping-temporary mobile subscriber identity and described international mobile subscriber identity is that described radio network controller is known.
In the such scheme, the corresponding relation of the temporary mobile subscriber identity of described user side or grouping-temporary mobile subscriber identity and described international mobile subscriber identity is that described radio network controller obtains by following steps:
5.1 carry out the Radio Resource establishment of connection according to the described normal flow of setting up the Radio Resource control connection, if connecting, can normally set up described Radio Resource, then enter step 5.2;
5.2 described radio network controller sends the international mobile subscriber identity request message to described user side;
5.3 described user side receive the described world move support identity request message after, send the response message of the international mobile subscriber identity that comprises oneself to described radio network controller;
5.4 described radio network controller obtains the corresponding relation of the temporary mobile subscriber identity of described user side or grouping-temporary mobile subscriber identity and described international mobile subscriber identity after according to the international mobile subscriber identity of the described user side that receives and judges whether described user side should insert described sub-district, if have no right to insert, then discharge described Radio Resource control connection; Otherwise, keep current Radio Resource control connection.
In the such scheme, the corresponding relation of the temporary mobile subscriber identity of described user side or grouping-temporary mobile subscriber identity and described international mobile subscriber identity is the heavy assigning process acquisition that receives the temporary mobile subscriber identity of monitoring described user side behind the international mobile subscriber identity of described user side or grouping-temporary mobile subscriber identity by described radio network controller.
Beneficial effect of the present invention mainly shows: (the Radio Network Controller of RNC in the technical scheme provided by the invention, radio network controller) can be according to IMSI (the International Mobile Subscriber Identity of UE, international mobile subscriber identity) determines whether this UE can insert designated cell, only need to revise RNC in the scheme, for UE and core net without any influence.
Description of drawings
Fig. 1 is a flow chart of setting up Radio Resource control connection normal flow;
Fig. 2 is the flow chart of one embodiment of the invention;
Fig. 3 is the flow chart of another embodiment of the present invention.
Embodiment
The invention will be further described below in conjunction with accompanying drawing.
The normal flow of setting up RRC (Radio Resource Control, Radio Resource control) connection is:
UE initiates RRC connection request message to RNC, and RNC judges whether this access current network of described UE; Have the right to insert as if described UE, then described RNC sends to described UE and sets up the RRC connection message, sets up RRC to described RNC transmission after described UE finishes and inserts and connects the message that finishes; Otherwise described RNC sends refusal to described UE and sets up the RRC connection message.But the situation of UE that be that illustrates among Fig. 1 through the authentication access network.
When UE has carried TMSI (the Temporary Mobile Subscriber Identity that carries UE in the IMSI information of UE or the request message in RRC request, temporary mobile subscriber identity) or p-TMSI (packet-Temporary Mobile Subscriber Identity, grouping-interim moving supported identification code) and RNC known the TMSI of UE and the corresponding relation between p-TMSI and its IMSI, then set up the flow process that RRC is connected and be with designated cell:
UE initiates RRC connection request message to RNC, and RNC judges whether this access current network of described UE; If described UE has the right to insert current network, described RNC judges whether this access current area of described UE according to the IMSI of described UE or according to the IMSI that TMSI or the corresponding relation between p-TMSI and its IMSI of known UE obtains; Have the right to insert as if described UE, then described RNC sends to described UE and sets up the RRC connection message, sets up RRC to described RNC transmission after described UE finishes and inserts and connects the message that finishes; Otherwise described RNC sends refusal to described UE and sets up the RRC connection message.What illustrate among Fig. 2 is UE can insert the sub-district through authentication situation.
If UE does not carry IMSI information in RRC request, only carry the TMSI of UE or p-TMSI and RNC and also do not known the TMSI of UE and the corresponding relation of p-TMSI and IMSI, then set up the flow process that RRC is connected and be with designated cell:
At first, the RRC that sets up between UE and the RNC by the normal flow of setting up the RRC connection connects, and connects if successfully set up RRC, and then described RNC sends the IMSI request message to described UE; After described UE receives described IMSI request message, send the response message of the IMSI that comprises oneself to described RNC; Described RNC monitors the TMSI of described UE or p-TMSI according to the IMSI of the described UE that receives heavy assigning process is with the TMSI that obtains described UE and the corresponding relation between p-TMSI and its IMSI, and judge according to the IMSI that receives whether described UE should insert described sub-district, insert if having no right, then discharge described RRC connection, otherwise keep the connection of current foundation.When described UE initiates the RRC connection request when inserting this sub-district to described RNC once more, the UE when having carried the TMSI of UE or p-TMSI and RNC known the TMSI of UE and the corresponding relation between p-TMSI and its IMSI in the RRC request according to UE and designated cell are set up the flow process that RRC is connected and are handled.What illustrate among Fig. 3 is UE can not insert the sub-district through authentication situation.
Claims (6)
1, the method that in a kind of 3G network the access of user side is limited comprises the normal flow of setting up the Radio Resource control connection, and the described normal flow of setting up the Radio Resource control connection comprises:
1.1 user side is initiated wireless resource control connection request message to radio network controller, described radio network controller is judged whether this access current network of described user side;
1.2 have the right to insert if state user side, then described radio network controller sends to described user side and sets up utran radio resource control connecting messages in umts user, described user side is finished and is inserted the back and send to described radio network controller and set up the Radio Resource control connection message that finishes; Otherwise described radio network controller sends refusal to described user side and sets up utran radio resource control connecting messages in umts user;
Described method feature is, and is further comprising the steps of between described step 1.1 and the step 1.2:
If described user side has the right to insert current network, described radio network controller is judged whether this access current area of described user side according to the international mobile subscriber identity of described user side.
2, the method that in the 3G network as claimed in claim 1 the access of user side is limited, it is characterized in that: the international mobile subscriber identity of described user side is included in the described connection request message and sends to described radio network controller.
3, the method that in the 3G network as claimed in claim 1 the access of user side is limited is characterized in that: to be described radio network controller obtain according to the temporary mobile subscriber identity or the grouping-temporary mobile subscriber identity of the user side that comprises in the described connection request message international mobile subscriber identity of described user side.
4, the method that in the 3G network as claimed in claim 3 the access of user side is limited, it is characterized in that: the corresponding relation of the temporary mobile subscriber identity of described user side or grouping-temporary mobile subscriber identity and described international mobile subscriber identity is that described radio network controller is known.
5, the method that in the 3G network as claimed in claim 3 the access of user side is limited, it is characterized in that: the corresponding relation of the temporary mobile subscriber identity of described user side or grouping-temporary mobile subscriber identity and described international mobile subscriber identity is that described radio network controller obtains by following steps:
5.1 carry out the Radio Resource establishment of connection according to the described normal flow of setting up the Radio Resource control connection, if connecting, can normally set up described Radio Resource, then enter step 5.2;
5.2 described radio network controller sends the international mobile subscriber identity request message to described user side;
5.3 after described user side receives described international mobile subscriber identity request message, send the response message of the international mobile subscriber identity that comprises oneself to described radio network controller;
5.4 described radio network controller obtains the corresponding relation of the temporary mobile subscriber identity of described user side or grouping-temporary mobile subscriber identity and described international mobile subscriber identity after according to the international mobile subscriber identity of the described user side that receives and judges whether described user side should insert described sub-district, if have no right to insert, then discharge described Radio Resource control connection; Otherwise, keep current Radio Resource control connection.
6, the method that in the 3G network as claimed in claim 5 the access of user side is limited is characterized in that: the corresponding relation of the temporary mobile subscriber identity of described user side or grouping-temporary mobile subscriber identity and described international mobile subscriber identity is the heavy assigning process acquisition that receives the temporary mobile subscriber identity of monitoring described user side behind the international mobile subscriber identity of described user side or grouping-temporary mobile subscriber identity by described radio network controller.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2007100730358A CN100488314C (en) | 2007-01-24 | 2007-01-24 | A method for restricting the access of the user terminal in the 3G network |
PCT/CN2007/002019 WO2008092317A1 (en) | 2007-01-24 | 2007-06-28 | Net connecting method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2007100730358A CN100488314C (en) | 2007-01-24 | 2007-01-24 | A method for restricting the access of the user terminal in the 3G network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101009944A true CN101009944A (en) | 2007-08-01 |
CN100488314C CN100488314C (en) | 2009-05-13 |
Family
ID=38697986
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2007100730358A Expired - Fee Related CN100488314C (en) | 2007-01-24 | 2007-01-24 | A method for restricting the access of the user terminal in the 3G network |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN100488314C (en) |
WO (1) | WO2008092317A1 (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101931975A (en) * | 2010-09-17 | 2010-12-29 | 中国联合网络通信集团有限公司 | System and method for preventing user terminal at current network from accessing into test carrier cell |
CN101141818B (en) * | 2007-10-16 | 2011-08-10 | 华为技术有限公司 | Network cell dwelling and converting method, device and subscriber terminal |
CN102438292A (en) * | 2010-09-29 | 2012-05-02 | 中兴通讯股份有限公司 | Radio resource control method and system |
WO2012055093A1 (en) * | 2010-10-26 | 2012-05-03 | 华为技术有限公司 | Calling processing method and device in mobile switching center pool |
WO2016145575A1 (en) * | 2015-03-13 | 2016-09-22 | 华为技术有限公司 | Service processing method, related device and system |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115484598A (en) * | 2021-06-15 | 2022-12-16 | 华为技术有限公司 | Communication method and device |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0929986A2 (en) * | 1996-09-30 | 1999-07-21 | Siemens Aktiengesellschaft | Process for controlling access for a communication terminal |
US8160580B2 (en) * | 2003-09-15 | 2012-04-17 | Qualcomm Incorporated | Systems and methods for home carrier determination using a centralized server |
CN100387092C (en) * | 2004-02-23 | 2008-05-07 | 华为技术有限公司 | Method for testing identification of intermational mobile device |
CN100397942C (en) * | 2004-03-26 | 2008-06-25 | 华为技术有限公司 | Method for switching in user attaching network server in universal right discriminating frame |
JP4288199B2 (en) * | 2004-03-31 | 2009-07-01 | 株式会社エヌ・ティ・ティ・ドコモ | Mobile communication method, mobile station, and radio control apparatus |
CN100550728C (en) * | 2004-06-08 | 2009-10-14 | 华为技术有限公司 | 2G user inserts the method for IP-based IP multimedia subsystem, IMS |
SE529376C3 (en) * | 2004-12-30 | 2007-08-21 | Teliasonera Ab | Method and system for controlling service access in shared networks |
CN100499900C (en) * | 2005-12-02 | 2009-06-10 | 华为技术有限公司 | Method for authentication of access of wireless communication terminal |
-
2007
- 2007-01-24 CN CNB2007100730358A patent/CN100488314C/en not_active Expired - Fee Related
- 2007-06-28 WO PCT/CN2007/002019 patent/WO2008092317A1/en active Application Filing
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101141818B (en) * | 2007-10-16 | 2011-08-10 | 华为技术有限公司 | Network cell dwelling and converting method, device and subscriber terminal |
CN101931975A (en) * | 2010-09-17 | 2010-12-29 | 中国联合网络通信集团有限公司 | System and method for preventing user terminal at current network from accessing into test carrier cell |
CN102438292A (en) * | 2010-09-29 | 2012-05-02 | 中兴通讯股份有限公司 | Radio resource control method and system |
CN102438292B (en) * | 2010-09-29 | 2015-06-10 | 中兴通讯股份有限公司 | Radio resource control method and system |
WO2012055093A1 (en) * | 2010-10-26 | 2012-05-03 | 华为技术有限公司 | Calling processing method and device in mobile switching center pool |
WO2016145575A1 (en) * | 2015-03-13 | 2016-09-22 | 华为技术有限公司 | Service processing method, related device and system |
US10517121B2 (en) | 2015-03-13 | 2019-12-24 | Huawei Technologies Co., Ltd. | Service processing method, related apparatus, and system |
Also Published As
Publication number | Publication date |
---|---|
CN100488314C (en) | 2009-05-13 |
WO2008092317A1 (en) | 2008-08-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108632915B (en) | Method, device and equipment for moving terminal between 4G network and 5G network | |
EP2341737B1 (en) | Method of setting radio access capability in a wireless communications system and related communication device | |
US9642068B2 (en) | Method, network device, and user equipment for controlling access to core network | |
CN100488314C (en) | A method for restricting the access of the user terminal in the 3G network | |
EP2515583A1 (en) | Method and system for controlling machine type communication equipment to access network | |
CN112492653B (en) | Communication method, access network equipment and terminal | |
US20140171061A1 (en) | Network access delay for eab-configured ues and/or group-based addressed ues | |
US20090122727A1 (en) | Method for triggering tracking area update in packet switched wireless system | |
EP3136800A1 (en) | Method for updating rplmn information, and user equipment | |
CN101568194A (en) | Method and system for adjusting polling timer | |
EP2387275B1 (en) | Access control method, device, and system for access point cells | |
CN101222768A (en) | Method for user's set acquiring access point name, grouping domain system | |
CN101572864A (en) | Method, system and device for notifying user information | |
CN102857897A (en) | Method, device and system for managing MTC (machine type communication) devices | |
US10104639B2 (en) | Method and nodes for paging in a radio access network | |
CN101932026A (en) | Business processing method, communication equipment and communication system | |
CN103716774A (en) | Public land mobile network selection method, equipment and system | |
CN103517325A (en) | Method and system for selecting network priority | |
EP2323436A1 (en) | Load re-distribution with communications network control | |
EP2613589A1 (en) | Method and apparatus for controlling network access of machine terminal | |
CN101998575B (en) | Method, device and system for access control | |
WO2004043025A1 (en) | Method for mbms radio access bearer establishment | |
CN101064932B (en) | Method for paging a plurality of users | |
CN104244247A (en) | Non-access layer safe algorithm processing method, access layer safe algorithm processing method and equipment thereof | |
CN101159986B (en) | Method of determining call priority |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090513 Termination date: 20170124 |
|
CF01 | Termination of patent right due to non-payment of annual fee |