CN101150467B - Method for adding multicast and broadcast service into communication system and terminal - Google Patents
Method for adding multicast and broadcast service into communication system and terminal Download PDFInfo
- Publication number
- CN101150467B CN101150467B CN2006101594303A CN200610159430A CN101150467B CN 101150467 B CN101150467 B CN 101150467B CN 2006101594303 A CN2006101594303 A CN 2006101594303A CN 200610159430 A CN200610159430 A CN 200610159430A CN 101150467 B CN101150467 B CN 101150467B
- Authority
- CN
- China
- Prior art keywords
- mbs
- terminal
- multicast
- service
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention relates to the field of communications, which discloses a method for a communications system and a terminal to join a multicast broadcast service, which ensures that the terminal can be smoothly joined MBS business in order to receive the MBS business data. In the invention, the terminal acquires the MBS authorization key from an MBS service network then acquires the MBS multicast parameters and/or a multicast security key from the loading network in order to join the corresponding MBS business. Through the processes, the terminal can successfully receive the corresponding MBS business parameters based on the loading indicated by the multicast parameters, according to MBS security key that is generated by the MBS authorization key and the multicast security key. Before the MBS authorization key is issued, the MBS service network needs to certify the terminal and does not issue the MBS key to the terminal unless the certification is passed. The process that the terminal acquires the MBS multicast parameters and the multicast security key for joining the MBS business, from the loading network can be started either from the side of the network or directly from the terminal.
Description
Technical field
The present invention relates to the communications field, particularly the multicast and broadcast technology.
Background technology
IEEE802.16 is (the Institute of Electrical andElectronics Engineers of Institute of Electrical and Electronics Engineers, be called for short " IEEE ") in promulgation in December calendar year 2001, the standard that provides last kilometer WiMAX to insert at metropolitan area network is provided.
Micro-wave access to global intercommunication (Worldwide Interoperability for Microwave Access, be called for short " WiMAX ") be to wireless MAN access technology according to present industry based on IEEE 802.16 series standards, its elementary object provides a kind of under some multivendor environment to multiple spot of metropolitan area network, effectively the broadband wireless access means of interoperability.
Specifically, 802.16 series standards have been stipulated the air interface part protocol layer of WiMAX system, mainly comprise physical layer (PHY), and medium access control (Medium Access Control is called for short " MAC ") layer.Wherein, the PHY layer is finished physically to operations such as the modulation of signal and encoding and decoding, and the MAC layer is mainly finished the medium access control function of WiMAX system.
Fig. 1 illustrates the end-to-end reference model of WiMAX.Wherein the R1 interface is a wireless air interface, is mainly defined by IEEE802.16d/e.All the other interfaces are wireline interface.
As can be seen, WiMAX mainly comprises travelling carriage (Mobile Station, be called for short " MS ")/subscriber station (Subscribe Station, abbreviation " SS "), access service network (Access ServiceNetwork, be called for short " ASN ") and connectivity serving network (Connectivity Service Network is called for short " CSN ").
ASN is defined as the network function set that the wireless access service is provided for the WiMAX user terminal, and ASN has comprised BS and ASN gateway (ASN GateWay is called for short " ASN-GW ") network element, and an ASN may be shared by a plurality of CSN.
The major function of ASN comprises the function of BS and the function of ASN-GW.Wherein, the function of BS has: provide that BS is connected with the L2 of subscriber station SS/MS, the compression and the encryption of RRM, measurement and the power control and the data of eating dishes without rice or wine.The function of ASN-GW has: for SS/MS authentication function provides agency (proxy) function; Support the network of NSP to find and selection; For SS provides relaying (Relay) function of L3 information, as IP address assignment.
CSN is defined as to the WiMAX user terminal IP is provided Connection Service.CSN mainly provides the IP address assignment of following function: SS/MS, Internet inserts, checking, mandate, charging protocol (Authentication, Authorization, Account, be called for short " AAA ") agency (proxy) or service (server), authorization control based on the user, ASN is to the tunnel of CSN, WiMAX user's charging and the clearing between the operator, tunnel under the roaming condition between the CSN, switching between the ASN and various WiMAX service (as location-based business, multi-medium multi-packet broadcasting and broadcasting service, IP Multimedia System business).
MS/SS is (moving) terminal, and the user uses this terminal to insert the WiMAX network.
More than WiMAX and network architecture thereof are illustrated, below to Multimedia Broadcast Multicast Service (Multicast; Broadcast Service is called for short " MBS ") simply introduce.
Fast development along with Internet (internet), people no longer content just to phone and messaging service to the demand of mobile communication, a large amount of multimedia services emerge, the some of them applied business requires a plurality of users can receive identical data simultaneously, as video request program, television broadcasting, video conference, online education, interactive game etc.On cable network, can adopt internetworking agreement (Internet Protocol at present, abbreviation " IP ") multicast and broadcast technology realize, but these business are transplanted on the mobile network, compare with general data, characteristics such as data volume is big because these business have, longer duration, delay sensitive, and mobile network has particular network structure, functional entity and wave point etc., and existing IP multicast and broadcast technology can not be directly applied for mobile network.
In order to effectively utilize mobile network resource, WiMAX has defined the MBS business, and the MBS business is that the point-to-multipoint service of a data source to a plurality of users send data is provided in the mobile network, realizes that Internet resources are shared, improve utilization rate of network resource, especially air interface resource.The MBS of WiMAX definition can not only realize the classes of messages multicast and the broadcasting of plain text low rate, and can also realize the multicast and the broadcasting of high-speed multimedia business, and this has complied with the trend of following mobile data development undoubtedly.
In the MBS business, some service flow can be carried to the broadcast or multicast information of a plurality of terminals, and these service flow comprise service quality (Quality of Service is called for short " QoS ") parameter, in order to improve service security, can also encrypt it with data encryption key.
Two kinds of access modules of MBS business support based on the WiMAX network: single base station is inserted and many base stations are inserted.Under the access module of many base stations, a MBS district (is MBS Zone, identify with MBS_zone ID) in all base stations organize Security Association (MBSGroup Security Association with identical Multicast CID and MBS, be called for short " MBS GSA "), send the content of same MBS Business Stream, the terminal of having registered the MBS service can receive the MBS business datum by a plurality of base stations in this MBS district, and when the terminal that is in Idle state moves in interior span base station, MBS district, need not rebuild connection, can impregnable reception MBS business, realize the seamless switching of MBS business.It is a kind of special case that MBS are inserted in many base stations that MBS is inserted in single base station, and MBS district scope is defined as in the base station range, and all users of this MBS of reception use same multicast connection identifier in MBS district.
In the WiMAX network, by traffic stream identifier (Service Flow Identifier, be called for short " SFID "), identify different one-way traffic flows, identify different connections by CID, all Business Streams transmit in the connection of eating dishes without rice or wine by media interviews control (Medium Access Control is called for short " MAC ") layer, by shining upon, Business Stream is transmitted in the connection of correspondence between the SFID of Business Stream and the CID that the MAC layer is connected.Based on WiMAX network MBS business on the basis of above-mentioned sign, also identifying multicast specially by multicast connection identifier (Multicast CID) connects, identify a multicast content by multicast content sign (MBS Contents ID), the protocol Data Unit of transmission on Mulicast CID (Protocol Data Unit is called for short " PDU ") can comprise one or more MBS contents.
In the WiMAX network, for unicast service, the scope of application of SFID only limits in the ASN, in the cross neutralization CSN of ASN and CSN, uses traffic identifier (FID:Flow ID) to come identification service stream.The two shines upon on anchor point service flow authorization person (Service Flow Authorization is called for short " SFA ").The service flow authorization person is responsible for authorizing to corresponding business stream, and this functive is present among the ASN.
In cordless communication network, in order to guarantee the wireless multicast communication security, the multicast packet of eating dishes without rice or wine to transmit is all encrypted with multicast key, only allows the user of signatory this multicast service could receive this multicast service to guarantee network.With the wireless communication system based on the realization of 802.16 agreements is example, and its encryption of carrying out multicast packet need be adopted three keys, is respectively: MAK (MBS authorization key), MGTEK (MBS group key encryption key), MTK (MBS business cipher key).In IEEE 802.16-2005 agreement, the generation of MAK and transmission are defined by application layer, MGTEK passes to terminal after encrypting with KEK (key-encrypting key) or GKEK (group key encryption key), MAK and MGTEK calculate MTK through certain algorithm (as the Dot16KDF algorithm), and MTK is directly used in the encryption and decryption multicast packet.
Below introduced professional relevant network element and function thereof with MBS:
(1) content supplier: i.e. multicast broadcast service supplier as the supplier of MBS program, is used to the MBS business tine that provides concrete;
(2) MBS server: be used to control the MBS program that content supplier is provided and be transmitted to corresponding M BS agency;
(3) MBS agency:, be used to control and MBS server MBS program that send or that content supplier sends is sent to corresponding M BS carry out point as the Centroid of MBS business at network side;
(4) MBS carries out point: the MBS as a MBS district carries out entity, is used for providing MBS program according to the MBS program of receiving for user terminal.
In the existing WiMAX network of realizing based on the IEEE802.16e agreement, the specific implementation process that the still undefined corresponding M BS network architecture and MBS business are carried out.That is to say also do not have a kind of good technical scheme can in network, realize the MBS business at present.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of communication system and terminal to add the method for multicast broadcast service, makes terminal can add the MBS business smoothly, receives the MBS business datum.
For achieving the above object, the invention provides the method for terminal adding multicast broadcast service in a kind of communication system, comprise following steps:
The described terminal of A is obtained the MBS authorization key from multicast broadcast service MBS service network;
The described terminal of B is obtained multicast parameters and/or the security of multicast key of described MBS from bearer network;
The described terminal of C receives the MBS of correspondence according to the MBS business cipher key of described MBS authorization key and the generation of described security of multicast key in the carrying of described multicast parameters indication;
Described steps A, B carry out with random order.
Wherein, described MBS service network is in the request of receiving terminal or satisfy when pre-conditioned, issues described MBS authorization key to described terminal.
In this external described method, described MBS service network also issues the contextual information of MBS service identification and/or described MBS authorization key when issuing described MBS authorization key.
In this external described method, described MBS service network authenticated described terminal before issuing described MBS authorization key, after authentication is passed through, issued described MBS authorization key to described terminal.
In this external described method, describedly pre-conditionedly be: terminal networks; Or network side is finished the layoutprocedure of MBS business; Or be subjected to the triggering of bearer network.
In this external described method, in the time period that the MBS authorization key upgrades, described terminal is safeguarded the MBS authorization key after former MBS authorization key and the renewal simultaneously, when described former MBS authorization key decoding is failed, and/or the MBS authorization key after upgrading is when decoding successfully, and described new MBS authorization key comes into force.
In this external described method, described terminal is obtained described MBS multicast parameters and security of multicast key by the process that adds the MBS business from described bearer network, and described terminal adds the process of MBS business to be initiated by network side, or is initiated by terminal.
In this external described method, the flow process of the adding MBS business that described terminal is initiated comprises following steps:
Terminal is carried the MBS service identification by the process of DSA-REQ message initiation adding MBS business in the described message;
Described bearer network is handed down to described terminal by DSA-RSP message with multicast parameters.
In this external described method, the flow process that the terminal that described network side is initiated adds the MBS business is:
Described bearer network or MBS service network issue the MBS message that joins request to the terminal by the MBS business authentication, and it is added the MBS business;
Described bearer network is handed down to this terminal by the dynamic service flow process of adding with described multicast parameters.
In this external described method, described MBS service identification is one of following or its combination in any:
Multicast ip address and port numbers, MBS content identification, authorization token, MBS district sign.
In this external described method, bearer network and/or MBS service network are carried out MBS business authentication and/or authentification of user to terminal after terminal is initiated to add the process of MBS business.
In this external described method, described MBS service authentication method is: bearer network and/or MBS service network are carried out strategy according to the MBS service profile of described terminal and/or the MBS service authentication result of this terminal.
In this external described method, after described authorization terminal passes through, if also need the security of multicast key, then network side issues described security of multicast key to described terminal, and described security of multicast key comprises MBS group key encryption key and context and/or group key encryption key and context thereof.
In this external described method, described bearer network is handed down to described security of multicast key and context thereof before the described terminal, at first notifies the safety alliance information of this MBS correspondence of described terminal.
In this external described method, the multicast parameters of described MBS comprises one of following or its combination in any: MBS content identification, MBS district sign, traffic stream identifier, multicast connection identifier, MBS group Security Association sign, QoS parameter.
In this external described method, after bearer network and/or MBS service network determine that described terminal is passed through the MBS business authentication,, then at first initiate the resource distribution process of described MBS business network side if the Internet resources of described MBS also dispose.
The present invention also provides a kind of communication system, comprises:
The MBS service network is used for issuing the MBS authorization key to terminal;
Bearer network, be used for issuing multicast parameters and the security of multicast key of described MBS to terminal, indicate described terminal in the carrying of described multicast parameters indication, receive the MBS of correspondence according to the MBS business cipher key of described MBS authorization key and the generation of described security of multicast key.
Wherein, described MBS service network is in the request of receiving terminal or satisfy when pre-conditioned, issues described MBS authorization key to described terminal.
In this external described system, described MBS service network also was used for before issuing described MBS authorization key, and the MBS business of described terminal is authenticated, and after authentication is passed through, issued described MBS authorization key to described terminal.
In this external described system, described bearer network issues multicast parameters and the security of multicast key of described MBS in the process of terminal adding MBS business;
Described terminal adds the process of MBS business to be initiated by terminal, or is triggered by network side.
In this external described system, described bearer network also is used for before multicast parameters that issues described MBS and security of multicast key described terminal being authenticated, and after authentication is passed through, issues multicast parameters and the security of multicast key of described MBS to described terminal.
In this external described system, described MBS service network is made up of one of following or its combination in any:
Roaming MBS server, local MBS server, roaming authentication mandate accounting server, local authentication and authorization charging server, content supplier, third party's application server;
Described MBS service network and described bearer network independently exist, or integrate;
Described bearer network is made up of one of following or its combination in any:
Access service network, roaming connectivity serving network, local connectivity serving network.
By relatively finding, the main distinction of technical scheme of the present invention and prior art is, terminal is obtained the MBS authorization key from the MBS service network, obtain the multicast parameters and the security of multicast key of MBS business from bearer network, the information of passing through to be obtained can be successfully in the carrying of multicast parameters indication, according to MBS business cipher key (MTK) the reception corresponding MBS business of MBS authorization key and the generation of other security of multicast key.
MBS service network and bearer network can integrate, or independent respectively the existence, and form is comparatively flexible.
The MBS service network authenticated terminal before issuing the MBS authorization key, after authentication is passed through, issued the MBS authorization key to terminal.By authentication, guarantee to have only the terminal of signatory this MBS business could obtain the MBS authorization key.
The MBS service network is in the request of receiving terminal or satisfy when pre-conditioned, issues the MBS authorization key to this terminal.Thereby terminal can by active request, in time be obtained corresponding M BS authorization key when needed, and network side can be according to its actual conditions, and when terminal networks, or network side is when finishing the layoutprocedure of MBS business, the proactive notification terminal receives corresponding information, is adapted to different scenes.
The MBS authorization key is when network side upgrades, and the MBS service network is the MBS authorization key after terminal issues renewal in time, or the MBS authorization key after issuing renewal after the key updating request of receiving terminal.By this mode, feasible network side under normal circumstances can in time issue the MBS authorization key after the renewal, if the accidental mistake that exists, network side fails correctly to send or terminal fails correctly to receive, then terminal can initiatively require the key after network side issues renewal, thereby by two aspects operations, guarantee the terminal MBS authorization key that can upgrade in time, it is unaffected when professional to guarantee that terminal receives MBS.
Bearer network and MBS service network are carried out alternately, have obtained the mandate of MBS service network with the MBS business of confirming terminal request.If by authorizing, then add message and key request, key answer message the Security Association of MBS and safe key and context thereof are handed down to terminal by Security Association, thereby guarantee security of key transmission, avoid key to be intercepted, destroy or obtained by other illegal terminal, guarantee the interests of validated user, make the MBS authorization key that validated user can issue according to this safe key and MBS service network, the corresponding MBS business that successfully receives and decode is obtained business tine.
After bearer network and MBS service network confirm that alternately the MBS business of terminal request has obtained the mandate of MBS service network, if the Internet resources of MBS business are not configuration also, then at first initiate the resource distribution process of MBS business network side, after the Internet resources configuration is finished, configuring condition according to reality issues corresponding multicast parameters, makes this method more thorough.
Description of drawings
Fig. 1 is the schematic network structure of WiMAX in the prior art;
Fig. 2 is the schematic diagram that terminal adds terminal request MAK in the method for multicast broadcast service in the communication system of the present invention;
Fig. 3 is that terminal adds the schematic diagram that MBS service network in the method for multicast broadcast service initiatively issues MAK in the communication system of the present invention;
Fig. 4 is that terminal adds the schematic diagram that terminal request in the method for multicast broadcast service adds MBS in the communication system of the present invention;
Fig. 5 is that terminal adds the schematic diagram that bearer network requesting terminal in the method for multicast broadcast service adds MBS in the communication system of the present invention;
Fig. 6 is the method flow diagram that adds multicast broadcast service according to terminal in the communication system of first embodiment of the invention;
Fig. 7 is the method flow diagram that adds multicast broadcast service according to terminal in the communication system of second embodiment of the invention;
Fig. 8 is the method flow diagram that adds multicast broadcast service according to terminal in the communication system of third embodiment of the invention;
Fig. 9 is the method flow diagram that adds multicast broadcast service according to terminal in the communication system of four embodiment of the invention;
Figure 10 is the flow chart that upgrades according to MAK in the method for terminal adding multicast broadcast service in the communication system of fifth embodiment of the invention;
Figure 11 is the schematic network structure of separating with bearer network according to MBS service network in the sixth embodiment of the invention mobile communications network;
Figure 12 is the schematic network structure according to MBS service network and bearer network unification in the sixth embodiment of the invention mobile communications network.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with accompanying drawing.
Among the present invention, terminal is obtained MBS authorization key (MBS AuthorizationKey from the MBS service network, be called for short " MAK ") and context, obtain the multicast parameters and the security of multicast key of MBS business from bearer network, the information of passing through to be obtained can be successfully in the carrying of multicast parameters indication, and the MBS business cipher key (MTK) that generates by MBS authorization key and security of multicast key receives corresponding MBS business.Wherein, terminal does not have fixing sequencing from the step of MBS service network with from the step that bearer network obtains, can obtain from bearer network again from the MBS service network earlier, also can be earlier obtain again from the MBS service network, can also obtain from MBS service network and bearer network concomitantly from bearer network.
Specifically, the method that terminal is obtained MAK and context and/or MBS service identification from the MBS service network has two kinds, the one, issue MAK and context and/or MBS service identification by terminal active request MBS service network, or when satisfying condition, trigger the MBS service network automatically and issue MAK and context and/or MBS service identification.
Such as if when terminal networks, network side has been finished the layoutprocedure of this MBS business, can directly trigger the MBS service network after then terminal networks and issue MAK and context and/or MBS service identification.If when terminal networks, network side is not also finished the resource distribution process of MBS business, then after terminal networks, after network side is finished the resource distribution process of this MBS business, triggers the MBS service network and issues MAK and context and/or MBS service identification.
Terminal request issues MAK and context and/or MBS service identification process thereof as shown in Figure 2.
In step 201, terminal sends the MBS request message to the MBS service network, and wherein MBS request and response message can be carried on the http agreement.
Then enter step 202, after service network was received this request, the MBS business that terminal is asked authenticated, if the authentication by issue MAK and context and/or MBS service identification.The MBS business can identify by following information: multicast ip address and/or port numbers, and/or MBSContents ID (MBS content ID), and/or Authorization Token (authorization token), and/or MBS Zone ID (MBS district ID).Described authorization token is the sign that application layer is given certain MBS traffic assignments, can identify professional and its qos parameter of a MBS, is used to authorize the application layer Business Stream to create or the QoS of one or more IP streams that modification process generates.
The process that the MBS service network initiatively issues MAK and context and/or MBS service identification as shown in Figure 3.
The MBS service network is finished the resource distribution process of MBS business as terminal networking or network side, or is subjected to the triggering of bearer network when satisfying preset condition, triggers step 301 automatically.
In step 301, the MBS service network issues MAK and context and/or MBS service identification to terminal, authorizes this terminal to add the MBS business.Wherein terminal must be the terminal by the MBS business authentication.
Terminal can add the process of MBS business by request, or in the process of network side requesting terminal adding MBS, obtains the multicast parameters and the security of multicast key of MBS business from bearer network.
The process of terminal active request adding MBS business as shown in Figure 4, in step 401, terminal is added the professional adition process of (Dynamic Service Addition is called for short " DSA ") request message initiation MBS by send dynamic service flow to the base station, carries the MBS service identification.This MBS service identification can be one of following or its combination in any: multicast ip address and/or port numbers, MBS Contents ID, Authorization Token (authorization token), MBS Zone ID (MBS district ID).MBS service identification terminal can obtain in obtaining the process of MAK.
Then enter step 402 and/or step 403, step 402 authenticates by the MBS business of different modes to terminal with step 403, can only carry out one of them step, also can carry out two steps, repeatedly authenticates.
In step 402 and/or step 403, bearer network and/or MBS service network authenticate terminal.This authentication comprises authentification of user and/or MBS business authentication.In step 403, bearer network can also be by confirming alternately with the MBS service network whether the MBS business of terminal request has obtained the mandate of MBS service network.MBS business authentication mode can be: bearer network and/or MBS service network are carried out strategy according to the MBS service profile of this terminal and/or the MBS service authentication result of this terminal.In this process, MBS service network and/or bearer network add the multicast user groups of corresponding multicast service with this terminal, and/or write down the MBS activation of service situation of this terminal after finishing the MBS of terminal being authorized.
Through step 402 and/or step 403, pass through if determine the MBS business authentication of terminal, or authorized, then enter step 404.
In step 404, bearer network also needs Security Association (Security Association in terminal, be called for short " SA ") etc. under the situation of supplementary, this supplementary comprises MBS group Security Association (Group Security Association, be called for short " MBS GSA ") and MBS cryptographic-key used for encrypting group service (MBS GroupTraffic Encryption Key, be called for short " MGTEK ") and context, and/or group key encryption key (Group Key Encryption Key, be called for short " GKEK ") and context etc., above information obtained by SA process and PKM process.This process can be passed through SA-Addition (Security Association interpolation), and Key-Request (key request) and Key-Reply (key is replied) process are set up, and adopts the PKM related news in this process, specifically can be with reference to 802.16 standards.
Then enter step 405, bearer network and terminal continue the DSA process, finish the professional foundation of MBS.In this process, bearer network is thought the user multicast parameters of the MBS business that receives sends to portable terminal.The multicast parameters of MBS business comprises: MBS Contents ID (MBS content ID), MBS ZoneIdentifier (MBS district sign), traffic stream identifier (Service Flow Identifier, be called for short " SFID "), Multicast CID (multicast connection identifier), MBS GSA ID (MBS group Security Association ID), qos parameter etc.In this process, bearer network can add this terminal the multicast user groups of corresponding multicast service, and/or writes down the MBS activation of service situation of this terminal.
In the present invention, bearer network also can the active request terminal add the MBS business.Wherein, the terminal of bearer network active request adding MBS business must be to have passed through the terminal of MBS business authentication.
Specifically as shown in Figure 5, in step 501, in advance by (if words of this MBS service needed authentication) under the prerequisite of MBS business authentication, the active request terminal adds the MBS business in terminal for bearer network or MBS service network.
Then enter step 502, bearer network also needs Security Association (Security Association in terminal, be called for short " SA ") and the situation of supplementary such as security of multicast key under, this supplementary comprises MBS group Security Association (Group Security Association, be called for short " MBS GSA ") and MBS cryptographic-key used for encrypting group service (MBS Group Traffic Encryption Key, be called for short " MGTEK ") and context, and/or group key encryption key (Group Key Encryption Key, be called for short " GKEK ") and context etc., above information obtained by SA and PKM process.This process can be passed through SA-Addition (Security Association interpolation), and Key-Request (key request) and Key-Reply (key is replied) process are set up, and adopts the PKM related news in this process, specifically can be with reference to 802.16 standards.
Then enter step 503, bearer network allows terminal add this MBS business by the DSA process.In this process, bearer network is thought the user multicast parameters of the MBS business that receives sends to portable terminal.In this process, bearer network can add this terminal the multicast user groups of corresponding multicast service, and/or writes down the MBS activation of service situation of this terminal.
If in the step 501, be the process that adds the MBS business by MBS service network triggering terminal, then enter step 504, bearer network reports that to the MBS service network MBS business of this terminal sets up the result alternatively.The MBS service network can also add this terminal the multicast user groups of corresponding multicast service, and/or writes down the MBS activation of service situation of this terminal.If terminal also lacks application layer messages such as MAK, then then enter step 505, terminal MBS service network application MAK and context thereof, more than done detailed introduction, seldom do explanation at this.
In the present invention, bearer network can further comprise ASN, roaming connectivity serving network (V-CSN), local connectivity serving network (H-CSN); The MBS service network can further comprise roaming MBS server (V-MBS Server), local MBS server (H-MBS Server), roaming aaa server, hometown AAA server, content supplier (Content Provider) and/or third party's application server.
First embodiment of the invention is described in conjunction with concrete network element according to inventive principle below, first embodiment of the invention relates to the method for terminal adding multicast broadcast service in the communication system, as shown in Figure 6.
In step 601, terminal is eating dishes without rice or wine to send DSA-REQ message to BS, and request adds the MBS business.Carry parameter in this message: the MBS multicast service identifier of request, and/or MBS Service.This MBS multicast service identifier can be multicast ip address/port numbers, and/or MBS Contents ID, and/or Authorization token, and/or MBS Zone ID etc.
Then enter step 602, BS carries authentication after receiving DSA-REQ.BS sends the MBS message that joins request and acts on behalf of to MBS, and this message is carried parameter: user identifier (as Termination ID), the MBS multicast service identifier of request, and/or multicast indication.If BS has been known the terminal authentication result of this MBS business, then can directly carry out step 607, for roaming scence, also need execution in step 605 '.
Then enter step 603, after the MBS agency receives request, send MBS and join request message, carry parameter in this message: user identifier (as NAI), the MBS multicast service identifier of request to the V-MBS server.If MBS agency has been known the MBS service authentication result of this terminal, then can directly enter step 606, for roaming scence, also need execution in step 605 '.
Then enter step 604, after the V-MBS server is received request, can be by mutual with aaa server, the MBS business of this terminal is authenticated and/or authentification of user, or the MBS business of confirming this terminal request is by authorizing.If authenticated/authorized is passed through, aaa server can be provided with this MBS activation of service indication of terminal.If there has been the MBS service authentication result of terminal at MBS server place, then can directly carry out step 605.
Then enter step 605, the V-MBS server is made a strategic decision according to the MBS service authentication result of this terminal, sends MBS adding response message then and acts on behalf of to MBS.This message is carried parameter: user identifier (as NAI), Policy Result, MBS service identification.Pass through if authorize, the MBS server can add this terminal the multicast user groups of corresponding multicast service.
For roaming scence, then enter step 605 ', the MBS that BS or MBS agency or V-MBS server can be alternatively send this terminal to H-MBS server and/or H-AAA server adds report message, inform that H-MBS server and/or this terminal of H-AAA server add this multicast service, support to be used for chargeing etc.If can not direct communication, then pass through the transfer of V-AAA server and H-AAA server possibly between V-MBS server and the H-MBS server.
Then enter step 606, the MBS agency sends MBS to BS and adds response message.This message is carried parameter: user identifier (as Termination ID), Policy Result, MBS service identification etc.
Then enter step 607, it (is SA-Addition that BS sends PKMv2-RSP message, be used to notify terminal employed MBS GSA) to terminal, inform the professional corresponding SA information of this MBS of terminal, the parameter of carrying comprises: MBS GSA ID, SA-type (SA type), SA Service type (SA COS), Cryptographic-Suite etc.Then enter step 608.
If when terminal networked, network side had been finished the network side resource distribution process of this MBS multicast service, then the parameter of transmitting in the step 607 also can be handed down to terminal in PKMv2-RSP (SA-TEK-Challenge) message that terminal initial networks.At this moment, can omit step 607, step 608 can be carried out in any time after terminal is through the MBS authentication.
In step 608, BS and terminal be in mutual " PKMv2 Key Req "/" PKMv2KeyReply " message of eating dishes without rice or wine, and MBS safe key (MGTEK, and/or GKEK etc.) and context thereof are informed terminal.
Then enter step 609, BS sends DSA-RSP message to terminal, this user is wanted the parameter of the MBS business that receives send to terminal.The parameter of carrying comprises: MBS Contents ID, MBSZone Identifier, SFID, Multicast CID, qos parameter etc.In this process, bearer network can add this terminal the multicast user groups of corresponding multicast service, and/or writes down the MBS activation of service situation of this terminal.
Then enter step 610, terminal sends DSA-ACK message to BS.
So far, terminal is successfully obtained the MBS multicast parameters, if terminal has been obtained application layer messages such as MAK and context thereof, then can receive corresponding MBS business according to MBS service identification, MAK, safe key etc. in the carrying of multicast parameters indication.If terminal is not obtained MAK and context thereof as yet, then can send request to the MBS service network, obtain MAK and context thereof.
In the present embodiment, MBS server and MBS agency can merge into the MBS server, promptly the MBS server be positioned at ASN GW on or at ASN as stand-alone network elements, step 603, step 605 can be omitted at this moment.Corresponding step 605 ' can carry out between ASN and H-MBS server or H-AAA server is perhaps carried out between V-PF and H-MBS server or H-AAA server.
In addition, the bang path of MBS request and response message also can be in the present embodiment: terminal<-BS<-ASN GW<-PF<-the MBS server (<-aaa server).
Second embodiment of the invention relates to the method for terminal adding multicast broadcast service in the communication system, roughly the same with first execution mode, its difference only is that terminal request adds network element different with bang path of MBS service message and corresponding response message process.In the present embodiment, ASN and policing feature (PF) replace BS and the MBS agency in first execution mode.
Specifically as shown in Figure 7, in step 701, terminal is eating dishes without rice or wine to send DSA-REQ message to ASN, and request adds the MBS business.Carry parameter in this message: the MBS multicast service identifier of request.This MBS multicast service identifier can be multicast ip address/port numbers, and/or MBS Contents ID, and/or Authorization token, and/or MBS Zone ID, and/or MBS Service etc.
Then enter step 702, ASN carries authentication after receiving DSA-REQ.ASN sends MBS and joins request message to PF, and this message is carried parameter: user identifier (as Termination ID), the MBS multicast service identifier of request, and/or multicast indication.If ASN has been known the terminal authentication result of this MBS business, then can directly carry out step 707, for roaming scence, also need execution in step 705 '.
Then enter step 703, after PF receives request, send MBS and join request message, carry parameter in this message: user identifier (as NAI), the MBS multicast service identifier of request to the V-MBS server.The MBS service authentication result of this terminal then can directly enter step 707 if PF has been known, for roaming scence, also need execution in step 705 '.
Then enter step 704, after the V-MBS server is received request, can be by mutual with aaa server, the MBS business of this terminal is authenticated and/or authentification of user, or the MBS business of confirming this terminal request is by authorizing.If authenticated/authorized is passed through, aaa server can be provided with this MBS activation of service indication of terminal.If there has been the MBS service authentication result of terminal at MBS server place, then can directly carry out step 705.
Then enter step 705, the V-MBS server is made a strategic decision according to the MBS service authentication result of this terminal, sends MBS then and adds response message to PF.This message is carried parameter: user identifier (as NAI), Policy Result, MBS service identification.Pass through if authorize, the MBS server can add this terminal the multicast user groups of corresponding multicast service.
For roaming scence, then enter step 705 ', the MBS that ASN or PF or V-MBS server can be alternatively send this terminal to H-MBS server and/or H-AAA server adds report message, inform that H-MBS server and/or this terminal of H-AAA server add this multicast service, support to be used for chargeing etc.If can not direct communication, then pass through the transfer of V-AAA server and H-AAA server possibly between V-MBS server and the H-MBS server.
Then enter step 706, PF sends MBS to ASN and adds response message.This message is carried parameter: user identifier (as Termination ID), Policy Result, MBS service identification etc.
Then enter step 707, it (is SA-Addition that ASN sends PKMv2-RSP message, be used to notify terminal employed SA) to terminal, inform the professional corresponding SA information of this MBS of terminal, the parameter of carrying comprises: MBS GSA ID, SA-type (SA type), SA Service type (SA COS), Cryptographic-Suite etc.Then enter step 708.
If when terminal networked, network side had been finished the network side resource distribution process of this MBS multicast service, then the parameter of transmitting in the step 707 also can be handed down to terminal in PKMv2-RSP (SA-TEK-Chanllenge) message that terminal initial networks.At this moment, can omit step 707, step 708 can be carried out in any time after terminal is through the MBS authentication.
In step 708, ASN and terminal be in mutual " PKMv2 Key Req "/" PKMv2 KeyReply " message of eating dishes without rice or wine, and MBS safe key (MGTEK, and/or GKEK etc.) and context thereof are informed terminal.
Then enter step 709, ASN sends DSA-RSP message to terminal, this user is wanted the parameter of the MBS business that receives send to terminal.The parameter of carrying comprises: MBS Contents ID, MBSZone Identifier, SFID, Multicast CID, qos parameter etc.In this process, bearer network can add this terminal the multicast user groups of corresponding multicast service, and/or writes down the MBS activation of service situation of this terminal.
Then enter step 710, terminal sends DSA-ACK message to ASN.
So far, terminal is successfully obtained the MBS multicast parameters, if terminal has been obtained application layer messages such as MAK and context thereof, then can receive corresponding MBS business according to MBS service identification, MAK, safe key etc. in the carrying of multicast parameters indication.If terminal is not obtained MAK and context thereof as yet, then can send request to the MBS service network, obtain MAK and context thereof.
In addition, in the present embodiment, also comprise BS, service SFA, anchor point SFA among the ASN, the bang path of message between each functional entity is: BS<-service SFA<-anchor point SFA.
Below third embodiment of the invention is described.Third embodiment of the invention relates to the method for terminal adding multicast broadcast service in the communication system, as shown in Figure 8.In the present embodiment, network side active request terminal adds the MBS business, and request adds the terminal of MBS must pass through the MBS service safety authentication.
If the MBS authentication result and/or the MBS CAMEL-Subscription-Information of terminal are arranged in the ASN, then can directly enter step 803; Perhaps, if V-PF has the MBS authentication result and/or the MBS CAMEL-Subscription-Information of terminal, then can directly enter step 802; If there are the MBS authentication result and/or the MBS CAMEL-Subscription-Information of terminal in V-MBS server place, then enter step 801.
In step 801, the V-MBS server sends the MBS business message that joins request to PF, and this message is carried parameter: user identifier (as NAI), the MBS multicast service identifier of request, and/or multicast indication.This request also can be by aaa server or PF or the transmission of ASN triggering MBS server.
Then enter step 802, PF sends the MBS business message that joins request to ASN then, and this message is carried parameter equally: user identifier (as NAI), the MBS multicast service identifier of request, and/or multicast indication.Also comprise BS, service SFA, anchor point SFA among this ASN, the bang path of request message between each functional entity is: anchor point SFA-〉service SFA-〉BS.Then enter step 803.
Step 803 is similar to step 710 to step 806 and step 707, does not repeat them here.Wherein, step 803-804 and step 805-806 can determine not have fixedly sequencing arbitrarily on execution sequence.
After ASN receives the response message of terminal, then enter step 807, ASN sends the professional response message that adds of MBS to PF, and this message is carried parameter: user identifier (as NAI), terminal adds the result, MBS multicast service identifier, and/or multicast indication.
Then enter step 808, PF sends the professional response message that adds of MBS to the V-MBS server, and this message is carried parameter: user identifier (as NAI), terminal adds the result, MBS multicast service identifier, and/or multicast indication.
For roaming scence, then enter step 809, ASN or PF or V-MBS server add report message to the MBS that H-MBS server and/or H-AAA server send this terminal alternatively, inform that H-MBS server and/or this terminal of H-AAA server add this multicast service, support to be used for chargeing etc.If can not direct communication, then pass through the transfer of V-AAA server and H-AAA server possibly between V-MBS server and the H-MBS server.
So far, terminal is successfully obtained the MBS multicast parameters, if terminal has been obtained application layer messages such as MAK and context thereof, then can be in the carrying of multicast parameters indication, according to the corresponding MBS business of reception such as MBS business cipher key of MBS service identification, MAK and the generation of security of multicast key.If terminal is not obtained MAK and context thereof as yet, then can send request to the MBS service network, obtain MAK and context thereof.
In addition, the MBS business joins request and the bang path of response message also can be in the present embodiment: the MBS server<-the MBS agency<-BS<-terminal.
In the present embodiment, MBS server and MBS agency can merge into the MBS server equally, promptly the MBS server be positioned at ASN GW on or at ASN as stand-alone network elements, step 801, step 808 can be omitted at this moment.More than each execution mode all be to finish under the prerequisite of MBS resource distribution at network side, operate accordingly, in four embodiment of the invention, when terminal request adds the MBS business, network side does not carry out the MBS resource distribution as yet, carries out corresponding M BS resource distribution at the trigger flow network side of present embodiment.Four embodiment of the invention relates to the method for terminal adding multicast broadcast service in the communication system equally, specifically as shown in Figure 9.
In step 901, terminal is eating dishes without rice or wine to send DSA-REQ message to BS.Carry parameter in this message: the MBS multicast service identifier of request, and/or MBS Service.Wherein, the MBS multicast service identifier can be multicast ip address/port numbers, and/or MBS Contents ID, and/or Authorization token, and/or MBS Zone ID etc.
Then enter step 902, after BS receives message, send the MBS message that joins request and act on behalf of to MBS, this message is carried parameter: user identifier (as MSID), the MBS multicast service identifier of request, and/or multicast indication.
Then enter step 903, after the MBS agency receives this message, send MBS and join request message, carry parameter in this message: user identifier (as NAI), the MBS multicast service identifier of request to the MBS server.
Then enter step 904, after the MBS server is received request, can be by mutual with aaa server, the MBS business of this terminal is authenticated and/or authentification of user, or the MBS business of confirming this terminal request is by authorizing.If there has been the MBS service authentication result of terminal at MBS server place, then can directly carry out step 905.
If terminal is by authenticated/authorized, and the MBS server confirms that this terminal wants the also configuration of MBS business network that adds, and enters step 905, and all BS in MBS server and MBS agency, the MBS district carry out the layoutprocedure of network side MBS business.The layoutprocedure of MBS business not within the scope of the invention, so locate to repeat no more.By this process, network side is this MBS traffic assignments parameter, and reserved resource is set up carrying.
The MBS server enters step 906 when receiving that the network side resource has been set up successful triggering indication, the MBS server sends MBS to the MBS agency and adds response message.This message is carried parameter: user identifier (as NAI), Policy Result, MBS service identification etc.The MBS service identification can be FID, or MBS Contents ID, or multicast ip address/port numbers etc.
Then enter step 907, the MBS agency sends MBS to BS and adds response message.This message is carried parameter: user identifier (as MSID), Policy Result, MBS service identification etc.Then enter step 908.
Step 908 is similar to step 610 to step 911 and step 607, does not repeat them here.
So far, terminal is successfully obtained the MBS multicast parameters, if terminal has been obtained application layer messages such as MAK and context thereof, then can receive corresponding MBS business according to MBS service identification, MAK, safe key etc. in the carrying of multicast parameters indication.If terminal is not obtained MAK and context thereof as yet, then can send request to the MBS service network, obtain MAK and context thereof.
In addition, the bang path of MBS request and response message also can be in the present embodiment: terminal<-BS<-Serving SFA<-Anchor SFA<-PF<-the MBS server (<-aaa server).In the present embodiment, MBS server and MBS agency can merge into the MBS server equally, promptly the MBS server be positioned at ASN GW on or at ASN as stand-alone network elements, step 903, step 906 can be omitted at this moment.
In the present invention, terminal request adding MBS operation flow message path can have following several, because its method is similar, therefore selects wherein several being specifically described in above execution mode, and all the other have not just specifically been set forth one by one.
(1) terminal<-service ASN<-anchor point SFA<-PF<-MBS server (<-aaa server)
(2) terminal<-service ASN<-PF<-MBS server (<-aaa server)
(3) terminal<-service ASN<-anchor point SFA<-MBS server (<-aaa server)
(4) terminal<-service ASN<-anchor point data path function (Data Path Function, be called for short " DPF ")/FA<-MBS server (<-aaa server)
(6) terminal<-service ASN<-MBS server (<-aaa server)
(7) terminal<-service ASN<-anchor point DPF/FA<-aaa server
(9) terminal<-service ASN<-aaa server
(10) terminal<-service ASN<-anchor point SFA<-aaa server
(11) terminal<-service ASN<-anchor point SFA<-PF<-aaa server
(12) terminal<-service ASN<-PF<-aaa server
Fifth embodiment of the invention relates to the update method of the professional MAK of MBS, specifically as shown in figure 10.
In the present embodiment, MBS server or third-party server side and end side be timer of independent maintenance separately, the timer cycle of MBS server or third-party server side is greater than the timer cycle of end side, and the two is all less than the life cycle of MAK.
Enter step 1001 when the MAK of MBS server or third-party server side upgrades after timer starts, MBS server or third-party server initiatively send MAK and the context thereof that upgrades to terminal.
Then enter step 1002, after terminal is received the MAK and context thereof of latest update, send MAK renewal acknowledge message to MBS server or third-party server alternatively.
If when the MAK of end side upgrades timer and starts, terminal does not obtain the MAK and the context thereof that upgrade yet, then then enters step 1003, and terminal sends the MAK update inquiry information to MBS server or third-party server.
Then enter step 1004, after MBS server or third-party server are received this request, send MAK and the context thereof that upgrades to terminal.
Wherein, the MAK of end side renewal timer can use TEK Grace Time timer.
Below sixth embodiment of the invention is described, the 6th execution mode relates to mobile communications network, comprises MBS service network and bearer network in the network, MBS service network and bearer network can be distinguished independent existence, and as shown in figure 11, perhaps both integrate, as shown in figure 12, application is comparatively flexible.The MBS service network is used for the MBS business of terminal is authenticated, and after authentication is passed through, issues the MBS authorization key to terminal; Bearer network is after the professional process mandate of the MBS of terminal request is passed through, issue the multicast parameters and the security of multicast key of MBS business to terminal, and indicating terminal receives the MBS business of correspondence by the MBS business cipher key MTK of MBS authorization key and the generation of security of multicast key in the carrying of multicast parameters sign.Wherein, the MBS service network can or satisfy when pre-conditioned when finishing the MBS resource distribution or being subjected to the triggering of bearer network (when networking as terminal or) when the request of receiving terminal, issues the MBS authorization key to terminal.Bearer network can add the MBS business in the requesting terminal or receive when terminal request adds the message of MBS business, issues the multicast parameters and the security of multicast key of MBS business.This bearer network can further comprise one of ASN, V-CSN, H-CSN or its combination in any; The MBS service network can further comprise V-MBS server, H-MBS server, roaming aaa server, hometown AAA server, one of content supplier, third party's application server or its combination in any.The MBS business finally sends to terminal by bearer network, and before terminal networked, bearer network may send the MBS business.
Though pass through with reference to some of the preferred embodiment of the invention, the present invention is illustrated and describes, but those of ordinary skill in the art should be understood that and can do various changes to it in the form and details, and without departing from the spirit and scope of the present invention.
Claims (22)
1. terminal adds the method for multicast broadcast service in the communication system, it is characterized in that, comprises following steps:
The described terminal of A is obtained the MBS authorization key from multicast broadcast service MBS service network;
The described terminal of B is obtained multicast parameters and/or the security of multicast key of described MBS from bearer network;
The described terminal of C receives the MBS of correspondence according to the MBS business cipher key of described MBS authorization key and the generation of described security of multicast key in the carrying of described multicast parameters indication;
Described steps A, B carry out with random order.
2. terminal adds the method for multicast broadcast service in the communication system according to claim 1, it is characterized in that, described MBS service network is in the request of receiving terminal or satisfy when pre-conditioned, issues described MBS authorization key to described terminal.
3. terminal adds the method for multicast broadcast service in the communication system according to claim 2, it is characterized in that, described MBS service network also issues the contextual information of MBS service identification and/or described MBS authorization key when issuing described MBS authorization key.
4. terminal adds the method for multicast broadcast service in the communication system according to claim 2, it is characterized in that described MBS service network authenticated described terminal before issuing described MBS authorization key, after authentication is passed through, issue described MBS authorization key to described terminal.
5. terminal adds the method for multicast broadcast service in the communication system according to claim 2, it is characterized in that, describedly pre-conditionedly is: terminal networks; Or network side is finished the layoutprocedure of MBS business; Or be subjected to the triggering of bearer network.
6. terminal adds the method for multicast broadcast service in the communication system according to claim 2, it is characterized in that, in the time period that the MBS authorization key upgrades, described terminal is safeguarded the MBS authorization key after former MBS authorization key and the renewal simultaneously, when described former MBS authorization key decoding is failed, and/or the MBS authorization key after upgrading is when decoding successfully, and described new MBS authorization key comes into force.
7. terminal adds the method for multicast broadcast service in the communication system according to claim 1, it is characterized in that, described terminal is obtained described MBS multicast parameters and security of multicast key by the process that adds the MBS business from described bearer network, described terminal adds the process of MBS business to be initiated by network side, or is initiated by terminal.
8. terminal adds the method for multicast broadcast service in the communication system according to claim 7, it is characterized in that, the flow process of the adding MBS business that described terminal is initiated comprises following steps:
Terminal is carried the MBS service identification by the process of DSA-REQ message initiation adding MBS business in the described message;
Described bearer network is handed down to described terminal by DSA-RSP message with multicast parameters.
9. terminal adds the method for multicast broadcast service in the communication system according to claim 7, it is characterized in that, the flow process that the terminal that described network side is initiated adds the MBS business is:
Described bearer network or MBS service network issue the MBS message that joins request to the terminal by the MBS business authentication, and it is added the MBS business;
Described bearer network is handed down to this terminal by the dynamic service flow process of adding with described multicast parameters.
10. add the method for multicast broadcast service according to terminal in claim 3 or the 8 described communication systems, it is characterized in that, described MBS service identification is one of following or its combination in any:
Multicast ip address and port numbers, MBS content identification, authorization token, MBS district sign.
11. terminal adds the method for multicast broadcast service in the communication system according to claim 8, it is characterized in that, bearer network and/or MBS service network are carried out MBS business authentication and/or authentification of user to terminal after terminal is initiated to add the process of MBS business.
12. terminal adds the method for multicast broadcast service in the communication system according to claim 11, it is characterized in that described MBS service authentication method is: bearer network and/or MBS service network are carried out strategy according to the MBS service profile of described terminal and/or the MBS service authentication result of this terminal.
13. terminal adds the method for multicast broadcast service in the communication system according to claim 12, it is characterized in that, after described authorization terminal passes through, if also need the security of multicast key, then network side issues described security of multicast key to described terminal, and described security of multicast key comprises MBS group key encryption key and context and/or group key encryption key and context thereof.
14. terminal adds the method for multicast broadcast service in the communication system according to claim 13, it is characterized in that, described bearer network is handed down to described security of multicast key and context thereof before the described terminal, at first notifies the safety alliance information of this MBS correspondence of described terminal.
15. add the method for multicast broadcast service according to terminal in each described communication system in the claim 1 to 9, it is characterized in that, the multicast parameters of described MBS comprises one of following or its combination in any: the MBS content identification, MBS district sign, traffic stream identifier, the multicast connection identifier, MBS group Security Association sign, QoS parameter.
16. terminal adds the method for multicast broadcast service in the communication system according to claim 11, it is characterized in that, bearer network and/or MBS service network determine that described terminal is by behind the MBS business authentication, if the Internet resources of described MBS are not configuration also, then at first initiate the resource distribution process of described MBS business network side.
17. a communication system is characterized in that, comprises:
The MBS service network is used for issuing the MBS authorization key to terminal;
Bearer network, be used for issuing multicast parameters and the security of multicast key of described MBS to terminal, indicate described terminal in the carrying of described multicast parameters indication, receive the MBS of correspondence according to the MBS business cipher key of described MBS authorization key and the generation of described security of multicast key.
18. communication system according to claim 17 is characterized in that, described MBS service network is in the request of receiving terminal or satisfy when pre-conditioned, issues described MBS authorization key to described terminal.
19. communication system according to claim 17, it is characterized in that described MBS service network also was used for before issuing described MBS authorization key, the MBS business of described terminal is authenticated, after authentication is passed through, issue described MBS authorization key to described terminal.
20. communication system according to claim 17 is characterized in that, described bearer network issues multicast parameters and the security of multicast key of described MBS in the process of terminal adding MBS business;
Described terminal adds the process of MBS business to be initiated by terminal, or is triggered by network side.
21. communication system according to claim 17, it is characterized in that, described bearer network also was used for before multicast parameters that issues described MBS and security of multicast key, described terminal is authenticated, after authentication is passed through, issue multicast parameters and the security of multicast key of described MBS to described terminal.
22., it is characterized in that described MBS service network is made up of one of following or its combination in any according to each described communication system in the claim 17 to 21:
Roaming MBS server, local MBS server, roaming authentication mandate accounting server, local authentication and authorization charging server, content supplier, third party's application server;
Described MBS service network and described bearer network independently exist, or integrate;
Described bearer network is made up of one of following or its combination in any:
Access service network, roaming connectivity serving network, local connectivity serving network.
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2006101594303A CN101150467B (en) | 2006-09-19 | 2006-09-19 | Method for adding multicast and broadcast service into communication system and terminal |
| PCT/CN2007/070727 WO2008040238A1 (en) | 2006-09-19 | 2007-09-19 | Method of terminal adding multicast broadcast service in wireless network and thereof system |
| US12/407,463 US8184569B2 (en) | 2006-09-19 | 2009-03-19 | Method for terminal to join multicast broadcast service in wireless network and system using thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2006101594303A CN101150467B (en) | 2006-09-19 | 2006-09-19 | Method for adding multicast and broadcast service into communication system and terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101150467A CN101150467A (en) | 2008-03-26 |
| CN101150467B true CN101150467B (en) | 2011-12-21 |
Family
ID=39250818
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2006101594303A Expired - Fee Related CN101150467B (en) | 2006-09-19 | 2006-09-19 | Method for adding multicast and broadcast service into communication system and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101150467B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2129037A1 (en) * | 2008-05-29 | 2009-12-02 | THOMSON Licensing | Method and apparatus for multicast group management |
| CN101345677B (en) * | 2008-08-21 | 2011-06-01 | 西安西电捷通无线网络通信股份有限公司 | Method for improving security of broadcast or multicast system |
| CN114980089A (en) * | 2021-02-22 | 2022-08-30 | 华为技术有限公司 | Security protection method and device for multicast or broadcast service data |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1450751A (en) * | 2002-04-09 | 2003-10-22 | 华为技术有限公司 | Method for distributing key of multi-casting business |
| CN1777095A (en) * | 2004-11-15 | 2006-05-24 | 中兴通讯股份有限公司 | Method for updating group key in multicast broadcasting application of mobile communication system |
| CN1780413A (en) * | 2004-11-25 | 2006-05-31 | 华为技术有限公司 | Packet broadcasting service key controlling method |
| EP1679820A1 (en) * | 2005-01-11 | 2006-07-12 | Samsung Electronics Co.,Ltd. | Apparatus and method for ciphering/deciphering a signal in a communication system |
-
2006
- 2006-09-19 CN CN2006101594303A patent/CN101150467B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1450751A (en) * | 2002-04-09 | 2003-10-22 | 华为技术有限公司 | Method for distributing key of multi-casting business |
| CN1777095A (en) * | 2004-11-15 | 2006-05-24 | 中兴通讯股份有限公司 | Method for updating group key in multicast broadcasting application of mobile communication system |
| CN1780413A (en) * | 2004-11-25 | 2006-05-31 | 华为技术有限公司 | Packet broadcasting service key controlling method |
| EP1679820A1 (en) * | 2005-01-11 | 2006-07-12 | Samsung Electronics Co.,Ltd. | Apparatus and method for ciphering/deciphering a signal in a communication system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101150467A (en) | 2008-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101155343B (en) | Method and system for adding multicast broadcasting service to terminal in wireless network | |
| US8184569B2 (en) | Method for terminal to join multicast broadcast service in wireless network and system using thereof | |
| EP1713289B1 (en) | A method for establishing security association between the roaming subscriber and the server of the visited network | |
| CA2650050C (en) | Method and system for providing cellular assisted secure communications of a plurality of ad hoc devices | |
| CN110035033B (en) | Key distribution method, device and system | |
| US8385248B2 (en) | System and method for multicast and broadcast service | |
| KR100605822B1 (en) | Broadcasting service method and system using encryption in mobile telecommunication system | |
| CN101163334B (en) | Microwave access global intercommunication system and terminal switching method thereof | |
| KR100836028B1 (en) | Method for multicast broadcast service | |
| KR102439686B1 (en) | Validate authorization for use of a set of features of a device | |
| US20080294891A1 (en) | Method for Authenticating a Mobile Node in a Communication Network | |
| KR20070102722A (en) | User authentication and authorisation in a communications system | |
| CN101150396B (en) | Method, network and terminal device for obtaining multicast and broadcast service secret key | |
| WO2022175538A1 (en) | A method for operating a cellular network | |
| CN101150467B (en) | Method for adding multicast and broadcast service into communication system and terminal | |
| CN101515858B (en) | Method, system and terminal for adding multicast-broadcast services into terminal in wireless network | |
| WO2022027522A1 (en) | Safe communication method and apparatus | |
| WO2008049368A1 (en) | A management method and system of the multicast broadcast service | |
| CN101155328A (en) | Method for deleting/amending multicast broadcasting service in communication system | |
| WO2010124569A1 (en) | Method and system for user access control | |
| CN105592433B (en) | method, device and system for broadcasting and monitoring device-to-device restriction discovery service | |
| CN101321396B (en) | Mobile station switch implementing method and method for constructing safety access service network | |
| US20050013268A1 (en) | Method for registering broadcast/multicast service in a high-rate packet data system | |
| KR101036710B1 (en) | System and method for supporting multicast and broadcast service in a wireless network | |
| CN101155411A (en) | Using control method and system for multicast broadcasting service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| DD01 | Delivery of document by public notice |
Addressee: Zhou Hua Document name: Notification of Passing Examination on Formalities |
|
| DD01 | Delivery of document by public notice | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20111221 Termination date: 20210919 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |