CN101669327A - A method and device of accessing control - Google Patents

A method and device of accessing control Download PDF

Info

Publication number
CN101669327A
CN101669327A CN200880007243.0A CN200880007243A CN101669327A CN 101669327 A CN101669327 A CN 101669327A CN 200880007243 A CN200880007243 A CN 200880007243A CN 101669327 A CN101669327 A CN 101669327A
Authority
CN
China
Prior art keywords
access control
listses
hhss
imsi
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN200880007243.0A
Other languages
Chinese (zh)
Other versions
CN101669327B (en
Inventor
刘晓寒
黄敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN200880007243.0A priority Critical patent/CN101669327B/en
Publication of CN101669327A publication Critical patent/CN101669327A/en
Application granted granted Critical
Publication of CN101669327B publication Critical patent/CN101669327B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method and a device of accessing control is provided. This method is for the network with Home Node Base station HNB, comprising : receiving request of modifying access control list with UE's firstidentity; modifying the access control list, which includes the first identity and UE's second identity, according to the said request, and then the access of UE is controlled according to the modified access control list. Users will use and collocate ACL expediently through the invention to control the access of UE.

Description

A method and device of accessing control
A kind of method and device for carrying out Access Control in September in 2007 this application claims Patent Office of the People's Republic of China, Application No. 200710077386.6, a kind of priority of the Chinese patent application of entitled " method of base station from home Access Control " is submitted on 27th, and entire contents are hereby incorporated by reference in the application.Technical field
The present invention relates to the method for the Access Control in the communications field, more particularly to a kind of method and device for carrying out Access Control.Background technology
With Internet (internets)Business flourish, and broadband access network and wireless network extensive use, at a high speed, easily access network be people pursue target.In order to which preferably using the resource of existing network, the cost of protection network equipment operator, 3GPP has started base station from home(Home NodeB, HNB) research work.HNB refers to miniaturization, family or office small base station, it may be possible to completely privately owned, can also be in the case where setting different priorities, authority, and open to public use, its ownership returns individual, rather than returns government or operator;It is probably then the user of small range using object, it is also possible to large-scale user.Wireless access is realized using HNB, conventional network resources can be preferably utilized, more costs for saving network equipment operator merge the respective advantage of mobile access network and fixed access network network.
From user perspective, HNB is personal device, is allowed without owner, it is not desirable to have stranger uses.Rate under the angle of operator, HNB coverings are more preferential than macro network, it is desirable to being any limitation as using HNB UE.So HNB needs to provide the function of Access Control, the UE for attempting access to HNB is judged and limited.Only receive mandate UE access, refuse the resident of unauthorized UE, while unauthorized UE can't be influenceed to be used in the normal of macrocell.Closed user group (Closed Subscriber Group are proposed in the 3 gpp standards at present, CSG concept), one CSG may may also include multiple HNB cells comprising a HNB cell, each CSG is corresponding with an access control listses, UE in access control listses can use HNB all in CSG, other UE to be denied access.
When there is friend to act as a guest in home, HNB owner may want to the UE of friend being added in access control listses, again delete these UE after friend leaves, and this will cause the change of access control listses Can be more frequent.User can be modified access control listses by approach such as Web, HNB.Due to IMSI International Mobile Subscriber Identity(International Mobile Subscriber Identity, IMSI) it is confidential information, user can not obtain at all, so user can only use UE mobile station comprehensive service digital net number (Mobile Station Integrated Services Digital Network, MS-ISDN), i.e. UE cell-phone number carries out the modification of access control listses.
Access Control can be performed in network side, can also be performed in HNB, and because the signaling being related in network side progress Access Control is too many, Access Control needs to perform in HNB, because generally user is to use Temporary Mobile Station Identity(Temporary Mobile Station Identity, TMSI), so the execution of Access Control, which can only be also used under TMSI, few cases, needs to use IMSI.
But for how to be limited using above-mentioned access control listses the UE for accessing HNB, how user adds access control listses, how user to be deleted from access control listses, and how using MS-ISDN to configure access control listses the problems such as, not related solution in the prior art.The content of the invention
In view of this, the embodiments of the invention provide a kind of method and device for carrying out Access Control, in the network with Home node base station HNB, including:Modification access control listses request is received, the modification access control listses request includes the first mark of user equipment (UE);According to the modification access control listses request modification access control listses, the access control listses include first mark and the second mark of the UE;Access Control is carried out to UE according to amended access control listses.
The embodiment of the present invention additionally provides a kind of device for carrying out Access Control, and for carrying out Access Control to UE, described device includes:Messaging interface, information storage module and Access Control module, wherein, the messaging interface, for receiving modification access control listses request, the modification access control listses request carries the first mark of the UE;Described information memory module, for storing access control listses, and the access control listses are changed in the modification access control listses request received according to the messaging interface, the access control listses include first mark and the second mark of the UE;The Access Control module, for carrying out Access Control to UE according to the access control listses.
A kind of method for carrying out Access Control provided in an embodiment of the present invention, give concrete configuration, the application method using access control listses during the device for carrying out Access Control, such as, user, which can be in, accesses HNB, by inputting MS-ISDN, or the WEB webpages provided by customer service hot line or operator set MS-ISDN just to realize registration, modification or delete mandate UE.And give specific how using limit List processed can carry out Access Control according to UE IMSI, TMSI or other marks and access control listses to limit the scheme of the entity where UE access said apparatus, the i.e. entity to UE.The accompanying drawing used required in brief description of the drawings example or description of the prior art is made cylinder and singly introduced, apparently, drawings in the following description are only some embodiments of the present invention, for those of ordinary skill in the art, without having to pay creative labor, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet that user of the embodiment of the present invention is configured to access control listses;Fig. 2 is the schematic flow sheet that HHSS of embodiment of the present invention access control listses update;
Fig. 3 is the schematic flow sheet that HHSS of the embodiment of the present invention is updated to the HNB access control listses preserved;
Fig. 4 is the schematic flow sheet that SGSN of the embodiment of the present invention is updated to the HNB access control listses preserved;
Fig. 5 is the structural representation of HNB in the embodiment of the present invention.Embodiment
To make goal of the invention, technical scheme and beneficial effect clearer, the embodiment of the present invention is described in detail below in conjunction with accompanying drawing.
By HNB or Gateway GPRS Support Node in the present invention(Servicing GPRS Support Node, SGSN) or HNB and core net(Core Network, CN) between intermediate node to UE carry out Access Control(Illustrated below by taking HNB as an example)Whether HNB is legal come the UE for judging access according to UE IMSI (or other marks) and TMSI, so the access control listses that HNB is safeguarded include UE IMSI (or other marks) and TMSI, as shown in Table 1 and Table 2, it is the embodiment for the access control listses that HNB is preserved:
Table 1
UE3 IMSI3 TMSI3
The new logo that HHSS is defined according to IMSI to UE can also be included in the access control listses that HNB is preserved, as shown in table 2.
Table 2
HNB carries out Access Control to UE according to above-mentioned access control listses, i.e., only just allow the UE to access when having the relevant information of the UE in the access control listses that HNB is preserved.Access control listses in HNB need to be updated in time, and the entity that access control listses are updated in control HNB can be HNB user attaching servers(HNB Home Subscriber Server, HHSS), either HSS or GPRS service support nodes(Severing GPRS Support Node, SGSN), i.e., when the access control listses information in HHSS or HSS or SGSN changes, note that HNB modifies to its access control lists.The method that this several entity control HNB updates access control listses is introduced separately below.Certainly, can be HSS or HHSS to other entities that access control listses in the SGSN are updated control if the entity that Access Control is carried out to UE is SGSN.
Embodiment one
The embodiment of the present invention one provides the method that HHSS or HSS is updated to HNB access control listses.
The first situation is that occur to configure access control listses using UE MS-ISDN in user.HNB signing information is saved in the HHSS of network side, including:Security information, HNB mark, the affiliated CSG of HNB mark(CSG Identity, CSG ID), UE access control listses related each CSG etc..
CSG may include one or more HNB, and for multiple HNB, its access control lists is probably identical.So can safeguard an access control listses to each CSG on HHSS, i.e., each access control listses are identified by different CSG ID.HHSS need not be to belonging to a CSG all HNB Its access control lists is safeguarded, as long as safeguarding that the access control listses of the CSG just can be with.Or, an access control listses can also be safeguarded to each HNB, on HHSS for example, table 3 is each HNB preserved in HHSS access control listses:
Table 3
Foretelling at IMSI sunset except preserving UE in the table, HHSS can also be preserved and define new mark to UE according to IMSI, the mark can be UE sequence number or other forms, but can all unique mark UE, as shown in table 4.
Table 4
It is as shown in Figure 1 the flow chart when user is configured using UE MS-ISDN to access control listses, including:
Step 101:HHSS receives addition or deletes UE MS-ISDN modification access control listses request.
In the step, user is by handling desk, and the WEB webpages either provided by operator or the MS-ISDN that addition or deletion UE are set at HNB OM interfaces, the MS-ISDN for adding or deleting UE to HHSS transmissions are asked.
Step 102:HHSS receives the addition of user's transmission or deletes UE MS-ISDN request message, and the HSS belonging to UE sends the MS-ISDN that the UE is carried in IMSI inquiry request messages, query messages.
Step 103:HSS inquires about the corresponding information of the UE according to the MS-ISDN received.
Step 104:HSS sends the IMSI that UE is carried in IMSI query response messages, the message to HHSS. Step 105:HHSS changes access control listses, i.e., adds or delete above-mentioned UE IMSI in the access control listses that HHSS is preserved according to the IMSI information received.
Step 106:HHSS sends modification access control listses response message to the requesting party for adding or deleting MS-ISDN.
As user's request addition UE MS-ISDN in step 101, then HHSS can also define new mark according to the IMSI received to UE in step 105, and add in access control listses of its preservation UE IMSI and above-mentioned new logo.
HSS in above-mentioned flow can also preserve access control listses information, proposed in current 3GPP standards, relative CSG information is preserved in UE, potentially include the CSG ID for the CSG for allowing UE to access, or do not allow the CSG of UE accesses CSG ID, these information belong to UE signing information, are equally stored in HSS.Also to be preserved in HSS and which CSG is included in the HHSS of CSG and HHSS corresponding relation, i.e., one.
After HHSS access control listses update, the access control listses that HNB changes its preservation are informed about, idiographic flow will carry out labor below.
HHSS access control listses, which are updated, can also be in UE Services Identity Modules(After User Service Identity Module, USIM) Lost lose.The usim card made up can keep original MS-ISDN, but IMSI have changed., it is necessary to which the corresponding former IMSI of the MS-ISDN are updated by operator on HSS when user makes up usim card, and on HHSS update access control listses in the IMSI corresponding informance.In store UE signing information in HSS, including UE allow the CSG of access CSG ID or UE do not allow access CSG CSG ID, which CSG the also in store CSG and HHSS corresponding relations in HSS include in that is, one HHSS.The user access control list related in store each CSG in HHSS.According to the above- mentioned information preserved on HHSS and HSS, it is possible to which the Access Control information on HHSS is updated.The schematic flow sheet that Fig. 2 is refreshed for the access control listses preserved of HHSS in the case of above-mentioned, including:
Step 201:HSS searches its corresponding former IMSI, and the CSG according to belonging to this IMSI the searches UE and HHSS belonging to the CSG according to UE MS-ISDN, is then updated former IMSI.
Step 202:HSS sends the IMSI after carrying original IMSI in request modification IMSI request messages, the message and update to HHSS.
Step 203:Access control listses Central Plains IMSI is updated to new IMSI by HHSS according to the access control listses corresponding with CSG received where former IMSI searches it. Step 204:HHSS sends IMSI modification response messages to HSS.
Wherein, if the access control listses on HHSS also preserve the new logo that HHSS is defined to UE, step 203 is changed into:
Step 2031:With CSG corresponding access control listses of the HHSS according to where the old IMSI received searches it, new IMSI is updated to by access control listses Central Plains IMSI, and new mark is defined according to new IMSI to UE.
In both the above situation, if HNB signing information is stored in HSS, above procedure can realize that now entity HHSS is option directly between user and HSS.
The foregoing describe two kinds of situations that access control listses on HHSS or HSS change, when the two access control listses physically change, they can all notify HNB to update the access control listses that HNB is preserved so that HNB can carry out Access Control according to newest information to UE.
Illustrate how HHSS or HSS controls HNB to be updated access control listses below.
Fig. 3 is the schematic flow sheet that HHSS is updated to access control listses in HNB, specifically includes following steps:
Step 301:HHSS changes the access control listses of its preservation.
Step 302:HHSS sends in modification access control listses request message, the message to HNB and carried
UE information, includes the IMSI after UE IMSI, or UE former IMSI and renewal.
Step 303:HNB changes the access control listses of its preservation according to IMSI.
Wherein, the access control listses that HNB changes its preservation in above-mentioned steps 303 can be addition or deletion
UE IMSI, or former IMSI is updated to new IMSI.
Step 304:HNB sends modification access control listses confirmation message to HHSS.
Wherein, if the access control listses preserved on HHSS and HNB all save the new logo that HHSS is defined to UE, step 302 and step 303 are changed to respectively:
Step 3021:HHSS sends the information that UE is carried in modification Access Control request message, the message, including the new logo after the new logo that HHSS is defined to UE, or the original new logos of UE and renewal to HNB.
Step 3031:HNB changes the access control listses of its preservation.
Wherein, HNB changes access control listses of its preservation and can add or delete UE new logo for HNB in above-mentioned steps 3031, or original new logo is updated to new new logo.
In Fig. 3 flow, if HNB signing information is stored in HSS, HNB is controlled by HSS Access control listses are updated.
The embodiment of the present invention gives the specific method that Access Control is carried out in HNB, by carrying out Access Control in HNB, can avoid the substantial amounts of signaling process when network side carries out Access Control, reduce SGSN signaling traffic load.
Access Control can also be carried out in SGSN, and now SGSN preserves Access Control information as shown in table 5, and wherein UE information is obtained according to UE mark and HNB itself mark from HHSS and HSS, or in other databases.The UE information that SGSN is safeguarded can also include new logos of the HHSS according to the IMSI UE defined.
Table 5
When SGSN carries out Access Control, flow is as the flow of the embodiment of the present invention one, i.e. HHSS or HSS are updated to the Access Control information that SGSN is preserved.
Embodiment two
The embodiment of the present invention two provides the method that Access Control is carried out to UE using UE IMSI or TMSI and access control listses, including:
UE is in the free time(Idle) during state, the Access Control on HNB is in wireless heterogeneous networks(Radio Resource Control, RRC) connection be successfully established what is carried out afterwards, UE be in activation(Active) during state, the Access Control on HNB is carried out after handover request.HNB obtains UE marks (IMSI or TMSI etc. from UE)Information, and the access control listses control being stored in HNB, determine whether that the UE is accessed, so as to realize the Access Control to UE.
Only when UE after powering, carry out initial network attachment(Attach) Shi Caihui uses IMSI, and, TMSI can be used to be communicated in follow-up communication process for the sake of security.After each shutdown of UE or location updating, network can redistribute TMSI to UE.When carrying out Access Control in HNB, HNB needs to carry out Access Control to UE according to UE TMSI, therefore SGSN needs to upgrade to the TMSI preserved on HNB in time.TMSI often changes, if UE TMSI changes are synchronized on HNB every time, efficiency is very low.In embodiments of the present invention, when UE TMSI renewals, and when UE is close to HNB, just the TMSI preserved on HNB is updated, so as to realize the Access Control on HNB. The Access Control information as shown in table 5 that SGSN is preserved according to it judge UE where macrocell belonging to Routing Area(Routing Area, RA) it is whether adjacent with the RA belonging to the HNB that it is contracted.
The schematic flow sheet that SGSN is updated to the HNB access control listses preserved in the embodiment of the present invention is illustrated in figure 4, is specifically included:
Step 401:SGSN determines that UE TMSI changes, and SGSN obtains following information according to its UE preserved signing information and HNB list of relevant information:1) the RA ID where the HNB of UE signings HNB ID and the HNB;2) the RA list adjacent with the RA.RAs of the SGSN according to where whether above- mentioned information judges RA that UE is currently located with the HNB that UE contracts is adjacent, if it is, step 402 is performed, if it is not, then flow terminates.
Step 402:SGSN sends the TMSI after IMSI and change of the UE information carried in modification access control listses request message, message including UE to the UE HNB contracted.
Step 403:HNB changes corresponding information in access control listses according to above-mentioned UE information.
Step 404:HNB is returned to SGSN carries successfully modified or modification failure information in modification access control listses confirmation message, the message.
Wherein, if the access control listses on SGSN also saving the new logo that HHSS is defined to UE, step 402 and step 403 are respectively:
Step 4021:SGSN sends to HNB and the TMSI after UE information, including above-mentioned UE new logo and change is carried in modification access control listses request message, the message.
Step 4031:HNB changes corresponding information in access control listses according to above-mentioned UE information.In addition to the application scenarios described in above-described embodiment, it is some in particular cases, such as UE shutdown or power-off after, it may occur that across RA movement, if now still use embodiment two method, will have problem.Because if after UE shuts down or powered off, just span HNB adjacent R A and enter HNB, TMSI when being shut down or powered off due to UE is not transmitted to HNB, the access control listses on HNB are caused not updated timely according to TMSI new UE, so that legal UE can not access the HNB.
In the scenario above, can by following scheme HNB carry out Access Control, including:If UE normal shutdowns, UE is sent to SGSN disconnects network(Detach) ask, SGSN is received after detach requests, the TMSI carried in modification access control listses request message, message when the IMSI and UE that occur UE disconnect with network is sent to HNB.If UE abnormal shutdowns, such as when powering off, when UE position renewing timer time-out, UE state can be set to detach states by SGSN, and now SGSN also will TMSI when IMSI and UE that UE is carried in modification access control listses request message, the message are sent to HNB with network disconnection.Network side can allow the HNB of its access distance according to UE distances, adjust the UE position renewing timer cycle, and notify UE to adjust accordingly.After UE accesses HNB, UE position renewing timer period modulation is normal value by network side, and notifies UE to be adjusted.
This gives when UE TMSI changes, the method being updated to the HNB access control listses preserved is updated based on two bases for estimation in the present embodiment, can improve renewal efficiency, reduce signaling process, saves resource.
Embodiment three
The embodiment of the present invention also provides a kind of device for carrying out Access Control, the device can be located in the intermediate node between HNB or SGSN or HNB and CN, for carrying out Access Control to UE, the device includes messaging interface 501, information storage module 502, Access Control module 503, wherein
Messaging interface 501:For receiving the modification access control listses request that HHSS or HSS or SGSN are sent;If the device is in SGSN, this module is only used for receiving the modification access control listses request from HHSS or HSS.
The information of the UE needed for the list is changed in carrying in above-mentioned modification access control listses request, and the information can carry UE IMSI and TMSI, or the new logo that HHSS is defined to UE.
Information storage module 502:For storing Access Control information, it is updated for the information to information storage module.
Access Control module 503:For carrying out Access Control to UE according to the Access Control information stored in information storage module 502.
Above is being discussed in detail to a kind of method of HNB Access Controls provided by the present invention, specific case used herein is set forth to the principle and embodiment of the present invention, and the explanation of above example is only intended to help to understand method and its core concept of the invention;Simultaneously for those of ordinary skill in the art, according to the thought of the present invention, it will change in specific embodiments and applications, in summary, this specification content should not be construed as limiting the invention.

Claims (14)

  1. Claim
    1st, a kind of method for carrying out Access Control, methods described is used in the network with Home node base station HNB, and methods described includes:
    Modification access control listses request is received, the modification access control listses request includes the first mark of user equipment (UE);
    According to the modification access control listses request modification access control listses, the access control listses include first mark and the second mark of the UE;
    Access Control is carried out to UE according to amended access control listses.
    2nd, the method as described in claim 1, it is characterised in that the second of the UE is designated UE Temporary Mobile Station Identity TMSI.
    3rd, method as claimed in claim 1 or 2, it is characterised in that the reception modification access control listses request includes:
    Receive the modification access control listses request that user of home base station attribution server HHSS is sent;Or, receive the modification access control listses request that user attaching server HSS is sent;Or, receive the modification access control listses request that serving general radio packet service support node SGSN is sent.
    4th, method as claimed in claim 3, it is characterised in that also include before the reception modification access control listses request:
    HHSS or HSS receive addition or delete the request of the UE in access control listses, and the request carries the mobile station comprehensive service digital net number MS-ISDN of the UE;
    HHSS or HSS adds or deleted UE corresponding with the MS-ISDN of the UE the first mark in the access control listses each preserved;
    The HHSS or HSS send the modification access control listses request.
    5th, method as claimed in claim 4, it is characterised in that the HHSS is received after addition or the request of the UE in deletion access control listses, is further comprised:Change page(The 19th article of treaty) HHSS sends the MS-ISDN that UE is carried in International Mobile Subscriber Identity IMSI inquiry requests, the inquiry request to HSS;
    HHSS receives the IMSI that the UE corresponding with the MS-ISDN of the UE is carried in inquiry response, the inquiry response from be confused HSS;
    The HHSS adds or deleted the IMSI of the UE in its access control lists preserved;
    The first of the UE is designated UE IMSI.
    6th, method as claimed in claim 4, it is characterised in that the HHSS is received after addition or the request of the UE in deletion access control listses, is further comprised:
    The HHSS sends the MS-ISDN that UE is carried in MSI inquiry requests, the inquiry request to HSS;
    HHSS receives the IMSI that the UE corresponding with the MS-ISDN of the UE is carried in inquiry response, the inquiry response from the HSS;
    The HHSS defines new logo to the UE according to the IMSI, and adds or delete the SI and the new logo in the access control listses of its preservation;
    The first of the UE is designated the new logo.
    7th, method as claimed in claim 3, it is characterised in that also include before the modification access control listses request that the reception HHSS is sent:
    HSS is updated according to UE MS-ISDN to the IMSI of the UE;
    The HSS sends the new IMSI after the former IMSI of the UE is carried in modification IMSI request messages, the modification IMSI request messages and is updated to HHSS;
    Former IMSI in the access control listses that the HHSS is preserved is updated to new IMSI;
    The first of the UE is designated UE former IMSI and new IMSI.
    8th, method as claimed in claim 7, it is characterised in that the former IMSI in the access control listses that the HHSS is preserved is updated to new MSI and further comprised:
    HHSS defines new logo according to the new IMSI to UE;
    The first of the UE is designated the new logo.Change page(The 19th article of treaty) 9th, method as claimed in claim 3, it is characterised in that before the access control listses request of improving literature that the reception SGSN is sent, in addition to:
    The SGSN obtains the status information of the UE;
    The status information of the UE includes:In an ON state, and UE Temporary Mobile Station Identity TMSI's UE changes, and the RA that the Routing Area RA that are currently located of UE are contracted with UE where H B is adjacent, or, UE is in power-off or off-mode.
    10th, method as claimed in claim 9, it is characterised in that
    The first of the UE is designated the TMSI after UE IMSI and change;
    Or,
    If the access control listses in SGSN and HNB all save the new logo that HHSS is defined to UE, the first of the UE is designated the TMSI after the new logo and change.
    11st, the method as any one of claim 1 to 10, it is characterised in that described to be included according to amended access control listses to UE progress Access Controls:
    Intermediate node between HNB or SGSN or HNB and core net CN carries out Access Control according to amended access control listses to UE.
    12nd, a kind of device for carrying out Access Control, it is characterised in that described device includes:Messaging interface, information storage module and Access Control module, wherein,
    The messaging interface, for receiving modification access control listses request, the modification access control listses request carries the first mark of the UE;
    Described information memory module, for storing access control listses, and the access control listses are changed in the modification access control listses request received according to the messaging interface, the access control listses include first mark and the second mark of the UE;
    The Access Control module, for carrying out Access Control to UE according to the access control listses.
    13rd, device as claimed in claim 12, it is characterised in that
    The messaging interface, being further used for receiving the first mark is UE IMSI or is new logo that HHSS is defined to UE or is the TMSI of the new logo and UE or is former IMSI and updates modification page(The 19th article of treaty) The modification access control listses request of new IMSI afterwards.
    14th, the device as described in claim 12 or 13, it is characterised in that described information memory module, is further used for the access control listses that storage includes the second TMSI for being designated UE.
    15th, the device as any one of claim 12-14, it is characterised in that described device is located in the intermediate node between HNB or SGSN or HNB and CN.
    Change page(The 19th article of treaty)
CN200880007243.0A 2007-09-27 2008-09-18 A method and device of accessing control Active CN101669327B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200880007243.0A CN101669327B (en) 2007-09-27 2008-09-18 A method and device of accessing control

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CNA2007100773866A CN101400106A (en) 2007-09-27 2007-09-27 Method for household base station access control
CN200710077386.6 2007-09-27
PCT/CN2008/072401 WO2009043262A1 (en) 2007-09-27 2008-09-18 A method and device of accessing control
CN200880007243.0A CN101669327B (en) 2007-09-27 2008-09-18 A method and device of accessing control

Publications (2)

Publication Number Publication Date
CN101669327A true CN101669327A (en) 2010-03-10
CN101669327B CN101669327B (en) 2013-08-07

Family

ID=40518295

Family Applications (2)

Application Number Title Priority Date Filing Date
CNA2007100773866A Pending CN101400106A (en) 2007-09-27 2007-09-27 Method for household base station access control
CN200880007243.0A Active CN101669327B (en) 2007-09-27 2008-09-18 A method and device of accessing control

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CNA2007100773866A Pending CN101400106A (en) 2007-09-27 2007-09-27 Method for household base station access control

Country Status (2)

Country Link
CN (2) CN101400106A (en)
WO (1) WO2009043262A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104902582A (en) * 2015-04-13 2015-09-09 苏州天趣信息科技有限公司 Temporary access method and system for wireless network

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102077652A (en) * 2009-04-24 2011-05-25 华为技术有限公司 Method and apparatus for carrying out admission controlling of closed subscriber group csg terminal
CN101877852B (en) * 2009-04-29 2013-08-07 中兴通讯股份有限公司 User access control method and system
CN101730187A (en) * 2009-05-13 2010-06-09 中兴通讯股份有限公司 Method and system for realizing local access control of home base station
CN101730102B (en) * 2009-05-15 2012-07-18 中兴通讯股份有限公司 System and method for implementing authentication on user of home base station
CN101925015B (en) * 2009-06-17 2013-01-16 电信科学技术研究院 Synchronous updating method allowing closed user group list information and equipment
CN101938809A (en) * 2009-06-30 2011-01-05 中兴通讯股份有限公司 Method and system for processing access control list
CN101990273B (en) 2009-08-04 2014-12-17 中兴通讯股份有限公司 Method and system for home base station in hybrid access mode to acquire access mode of user equipment (UE)
CN101990313B (en) * 2009-08-06 2014-01-01 中兴通讯股份有限公司 Method, informing method and system for realizing local IP access control
CN101990207B (en) * 2009-08-06 2013-01-16 中兴通讯股份有限公司 Access control method, home base station (HBS) and HBS authorization server
CN101998562A (en) 2009-08-26 2011-03-30 中兴通讯股份有限公司 Systems and methods for acquiring access information of user by core network in the switching process
CN102026333B (en) * 2009-09-15 2014-01-01 中兴通讯股份有限公司 Method and device for managing casual subscribers
CN102026400A (en) * 2009-09-21 2011-04-20 中兴通讯股份有限公司 System and method for realizing local access
CN102045895A (en) * 2009-10-20 2011-05-04 中兴通讯股份有限公司 Management method and device of members in closed subscriber group (CSG)
CN102045894B (en) * 2009-10-24 2015-09-16 中兴通讯股份有限公司 The update method of closed subscriber group information and device
US8838644B2 (en) 2009-11-25 2014-09-16 International Business Machines Corporation Extensible access control list framework
CN102131266B (en) * 2010-01-13 2015-08-12 中兴通讯股份有限公司 The method and system of a kind of triggering terminal switching or logout
CN101771704B (en) 2010-01-22 2016-03-30 中兴通讯股份有限公司 A kind of method and system of safe transfer of data
CN102291806B (en) * 2010-06-21 2014-08-13 中国联合网络通信集团有限公司 Method, device and system for controlling user equipment access
CN102404821B (en) * 2010-09-15 2015-07-22 电信科学技术研究院 Access control method and device for magnetic tape controller (MTC) terminal
CN102547913B (en) * 2010-12-14 2017-11-24 上海贝尔股份有限公司 Method and apparatus for carrying out user equipment access control
CN102104923B (en) * 2011-01-13 2013-04-24 华为技术有限公司 Method and device for controlling UE (User Equipment) residency by AP (Access point)
CN102187714A (en) * 2011-04-29 2011-09-14 华为终端有限公司 Method, equipment and communication system for mobile terminal accessing to a wireless network
GB2495700B (en) * 2011-10-10 2014-01-29 Ip Access Ltd Method for enabling the management of an access control list, a home nodeb management system and cellular communication system therefor
CN103096398B (en) 2011-11-08 2016-08-03 华为技术有限公司 A kind of method and apparatus of network switching
CN110602697B (en) * 2018-06-13 2021-08-31 华为技术有限公司 Method and device for limiting terminal equipment access
CN114554570A (en) * 2020-11-19 2022-05-27 中国电信股份有限公司 User access control method, device and system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE602004008353T2 (en) * 2004-03-08 2008-05-08 Telefonaktiebolaget Lm Ericsson (Publ) UNLICENSED RADIO ACCESS NETWORKS IN CELLULAR MOBILE RADIO NETS
US8245280B2 (en) * 2005-02-11 2012-08-14 Samsung Electronics Co., Ltd. System and method for user access control to content in a network
CN100433910C (en) * 2005-05-12 2008-11-12 中兴通讯股份有限公司 Method for protecting mobile terminal identity in mobile communication system
CN100563158C (en) * 2005-10-26 2009-11-25 杭州华三通信技术有限公司 Access control method and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104902582A (en) * 2015-04-13 2015-09-09 苏州天趣信息科技有限公司 Temporary access method and system for wireless network
CN104902582B (en) * 2015-04-13 2019-01-11 国网内蒙古东部电力有限公司 A kind of interim cut-in method and system of wireless network

Also Published As

Publication number Publication date
CN101669327B (en) 2013-08-07
CN101400106A (en) 2009-04-01
WO2009043262A1 (en) 2009-04-09

Similar Documents

Publication Publication Date Title
CN101669327A (en) A method and device of accessing control
US8626155B2 (en) Methods and systems for closed subscriber group roaming
EP2377339B1 (en) Distribution of access control information in a network
KR102415681B1 (en) Communication method and communication device
US20110237250A1 (en) Management of allowed csg list and vplmn-autonomous csg roaming
US20110009113A1 (en) Access control using temporary identities in a mobile communication system including femto base stations
WO2011059688A2 (en) Local internet protocol access/selected internet protocol traffic offload packet encapsulation to support seamless mobility
CN101188553A (en) Method for notifying home user server to store the gateway address of packet data network
CN101102189A (en) A gateway system and method for implementing multi-media access
CN101969634A (en) Method and system for synchronizing user data
WO2009117879A1 (en) Method for indicating the bearer management of the service gateway
CN101330425B (en) Method for establishing tunnel from SGSN to service gateway
WO2010078785A1 (en) Method, server and system for configuring paging group and neighbor cell list of femto access point
CN101272318A (en) Method for preventing false resource release in tracing section updating or switching course
JP2013521746A (en) Method and apparatus for controlling local internet protocol access of a device
KR20230063879A (en) Enhancements for user equipment network slice management
WO2011097989A1 (en) Optimization method for local access paging and apparatus thereof
CN101686437A (en) Method and device for setting user side whiter list and paging user equipment
EP2482574A1 (en) Method and system for terminal identity processing in hybrid-access-mode-based cell
CN103229525A (en) Method, device and system for processing closed subscriber group subscription data request
US9042890B2 (en) Method, system and access device for controlling access of terminal
WO2013097337A1 (en) Network congestion control method and system
WO2006092105A1 (en) A method of controlling terminal accessing
WO2013152715A1 (en) Subscription information transmission method and device for closed subscription group
US20110014896A1 (en) Self-Aware Dynamic Authorization Method And Architecture Based On Closed Femtocell Environments

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant