CN101686164A

CN101686164A - Positioning method and position verification method of wireless access device, and wireless access device

Info

Publication number: CN101686164A
Application number: CN200810222971A
Authority: CN
Inventors: 王绍斌; 张宁; 李茜
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2008-09-24
Filing date: 2008-09-24
Publication date: 2010-03-31
Anticipated expiration: 2028-09-24
Also published as: CN101686164B

Abstract

Embodiments of the present invention provide a positioning method and a position verification method of a wireless access device and the wireless access device. The positioning method of the wireless access device includes receiving the location information of the user equipment sent by the user equipment; using the identity information of the wireless access device to identify the location information; and sending the identified location information to the network side for location verification. The purpose of locating the wireless access device is achieved indirectly by means of the location information of the user equipment sent by the user equipment. The wireless access device binds the location information of the user equipment with the identity of the wireless access device, so that the network side The location information is used as the location information of the wireless access device to locate the wireless access device without changing the existing network structure, effectively solving the problem of positioning the wireless access device under the condition of no macro cell coverage; solving the problem that the operator does not support connection The session location and storage functional entity cannot perform location verification based on ports.

Description

The localization method of radio reception device and position verification method and radio reception device

Technical field

The embodiment of the invention relates to communication technical field, relates in particular to a kind of localization method and position verification method and radio reception device of radio reception device.

Background technology

Home eNodeB claims pico cell base station (femtocell) again, is the macro base station (macrocell) that adopts with respect to the 3G cell mobile communication systems and proposing.The transmitting power of Home eNodeB is limited generally only to be+15db, and indoor coverage is 50 meters, and its effect is similar to access point apparatus (the Access point of Wi-Fi; Be called for short: AP), make the user to be connected to family's broadband network, and support a plurality of users by Ethernet.Mobile operator improves indoor broadband access speed in order to improve indoor covering, satisfies the demand of the various multimedia services of user and greatly develops Home eNodeB; Further, Home eNodeB can also be alleviated the pressure of macro base station, makes macro base station can mainly serve outdoor user; In addition, Home eNodeB can also be alleviated the pressure of cellular carrier and MVNO.

Operator wishes to obtain the positional information of Home eNodeB when using, and purpose is that control AP works in allowed limits, can forbid its work when AP is outside its allowed band, and for example operator does not wish that AP uses abroad and causes its telephone expenses loss etc.Prior art utilizes AP locking position mechanism to realize the demand, concrete implementation procedure be when the Service Gateway of AP request access mobile core network (hereinafter to be referred as: when AG) providing the 3G business service for it, AG will (be called for short: the AP locking position information that AHR) provides determines whether the position of AP is legal based on the binding positions of AP and authentication function entity, if the AP position is illegal, should refuses this AP and insert.Prior art AP locking position mechanism generally comprises following two kinds of implementations, be based on port respectively and based on the locking position scheme of macrocellular, wherein the AP locking position mechanism based on port is meant, ISP (Internet service provider; Be called for short: ISP) network can be bound its physical port for AP IP address allocated and AP, and application layer can be determined the AP positional information with further based on this IP address lookup to corresponding port information, thus the location of realizing AP.Location detection mechanism based on macrocellular is meant that AP obtains the relative position with macrocellular by the cell ID (cell id, operator are used for certain sub-district of unique identification) of the macrocellular around detecting, and the positional information of macrocellular is submitted to network.

The inventor finds that there is following shortcoming at least in prior art in realizing process of the present invention:

In the prior art, based on the AP locking position scheme requirement operator support connection session location and memory function (the Connection location function of port; Be called for short: CLF) entity, CLF entity be used for subscriber equipment (carry out hereinafter to be referred as: IP address UE) and network positioning information, geographical location information related, network architecture relative complex, but also have the security threat of IP address spoofing; Require AP must be under the covering of macrocellular in the AP locking position scheme based on macrocellular, if AP breaks away from the location positioning that the covering of macrocellular then can't be carried out AP, restricted application.

Summary of the invention

The embodiment of the invention provides a kind of localization method and position verification method and radio reception device of radio reception device, defectives such as network architecture relative complex, restricted application when realizing radio reception device such as Home eNodeB location in the prior art in order to solve, the accurate location of realizing radio reception device.

The embodiment of the invention provides a kind of localization method of radio reception device, comprising:

Receive the positional information of the described subscriber equipment of subscriber equipment transmission;

The identity information of employing wireless access device identifies described positional information;

To send to network side through the described positional information of sign and carry out location verification.

The embodiment of the invention provides a kind of radio reception device position verification method, comprising:

Reception is from the location verification request message of radio reception device, and described location verification request message comprises the positional information that identity information identified, that insert the subscriber equipment of described radio reception device of using described radio reception device;

According to the positional information of described radio reception device of storage in advance, the positional information of the described subscriber equipment that comprises in the described location verification request message is verified.

The embodiment of the invention also provides a kind of localization method of radio reception device, comprising:

From the included GPS module of radio reception device, obtain the positional information of described radio reception device;

Described positional information is sent to network side carry out location verification.

The embodiment of the invention also provides a kind of radio reception device position verification method, comprising:

Reception is from the location verification request message of radio reception device, and described location verification request message comprises the positional information of obtaining described radio reception device from the included GPS module of described radio reception device;

According to the positional information of the described radio reception device permission working range of storing in advance, described radio reception device is carried out location verification.

The embodiment of the invention provides a kind of radio reception device, comprising:

First receiver module is used to receive the positional information of the described subscriber equipment that subscriber equipment sends;

Binding module, the identity information that is used for the employing wireless access device identifies described positional information;

First sending module is used for that the described positional information through sign is sent to network side and carries out location verification.

The embodiment of the invention provides a kind of subscriber equipment, comprising:

First GPS module is used to obtain the positional information of subscriber equipment;

Second sending module is used for obtaining described positional information from described first GPS module, sends to radio reception device.

The embodiment of the invention also provides a kind of subscriber equipment, it is characterized in that comprising:

Second acquisition module is used for obtaining from the centre of location positional information of subscriber equipment;

The 4th sending module is used for sending to radio reception device the positional information of described subscriber equipment.

The embodiment of the invention also provides a kind of location verification server, comprising:

The 3rd receiver module, be used to receive the location verification request message from radio reception device, described location verification request message comprises the positional information that identity information identified, that insert the subscriber equipment of described radio reception device of using described radio reception device;

First authentication module is used for according to the positional information of described radio reception device of storage in advance, and the positional information of the described subscriber equipment that comprises in the described location verification request message is verified.

The embodiment of the invention also provides a kind of radio reception device, comprising:

Second GPS module is used to obtain the positional information of described radio reception device;

First acquisition module is used for obtaining from described second GPS module positional information of described radio reception device;

The 3rd sending module is used for that described positional information is sent to network side and carries out location verification.

The 4th receiver module is used to receive the location verification request message from radio reception device, and described location verification request message comprises the positional information of obtaining described radio reception device from the included GPS module of described radio reception device;

Second authentication module is used for the positional information according to the described radio reception device permission working range of storage in advance, and described radio reception device is carried out location verification.

The embodiment of the invention also provides a kind of network system, comprising:

Subscriber equipment is used for the request according to radio reception device, obtains the positional information of described subscriber equipment from GPS module, sends to described radio reception device;

Radio reception device is used to receive the positional information of the described subscriber equipment that described subscriber equipment sends, and the identity information of using described radio reception device identifies described positional information;

The location verification server is used for the positional information according to the described radio reception device of storing in advance, and the positional information of described subscriber equipment is verified.

Radio reception device is used for obtaining from the included GPS module of described radio reception device the positional information of described radio reception device, sends to network side;

The location verification server is used for the positional information according to the described radio reception device permission working range of storage in advance, and the positional information of described radio reception device is verified.

Subscriber equipment is used for the request according to radio reception device, obtains the positional information of described subscriber equipment from the centre of location, sends to described radio reception device;

The localization method of the radio reception device that the embodiment of the invention provides and position verification method and radio reception device, and in subscriber equipment and location verification server and the network system, the UE positional information that radio reception device sends by UE realizes locating the purpose of radio reception device indirectly, radio reception device is by binding the positional information of UE and the identify label of radio reception device, realize that the positional information that network side is treated as radio reception device with the positional information of UE positions radio reception device, this kind implementation need not to change existing network configuration, implementation procedure does not need the participation of macrocellular simultaneously, solve effectively under the condition that does not have macrocellular to cover, realize the accurate location of radio reception device; Simultaneously solved operator effectively and do not supported the CLF entity, can't carry out the defective of location verification based on port.

Description of drawings

In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, to do one to the accompanying drawing of required use in embodiment or the description of the Prior Art below introduces simply, apparently, accompanying drawing in describing below is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.

Fig. 1 is localization method embodiment one flow chart of radio reception device of the present invention;

Fig. 2 is radio reception device position verification method embodiment one flow chart of the present invention;

Fig. 3 is the importing flow implementation example one signaling process figure of radio reception device of the present invention;

Fig. 4 is the access process embodiment one signaling process figure of radio reception device of the present invention;

Fig. 5 is the importing flow implementation example two signaling process figure of radio reception device of the present invention;

Fig. 6 is the access process embodiment two signaling process figure of radio reception device of the present invention;

Fig. 7 is localization method embodiment two flow charts of radio reception device of the present invention;

Fig. 8 is radio reception device position verification method embodiment two flow charts of the present invention;

Fig. 9 is the importing flow implementation example three signaling process figure of radio reception device of the present invention;

Figure 10 is the access process embodiment three signaling process figure of radio reception device of the present invention;

Figure 11 is radio reception device embodiment one structural representation of the present invention;

Figure 12 is subscriber equipment embodiment one structural representation of the present invention;

Figure 13 is location verification server implementation example one structural representation of the present invention;

Figure 14 is network system embodiment one structural representation of the present invention;

Figure 15 is subscriber equipment embodiment two structural representations of the present invention;

Figure 16 is network system embodiment two structural representations of the present invention;

Figure 17 is radio reception device embodiment two structural representations of the present invention;

Figure 18 is location verification server implementation example two structural representations of the present invention;

Figure 19 is network system embodiment three structural representations of the present invention.

Embodiment

Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that is obtained under the creative work prerequisite.

For the purpose, technical scheme and the advantage that make the embodiment of the invention is clearer, the network type of the following embodiment of the invention comprises: GSM network, cdma network, WCDMA network, Wimax network, TD-SCDMA network, LTE network etc.The type of radio reception device comprises: Home eNodeB, femto cell Pico, UMTS AP, WiMAX Femto base station, WiMAX macro base station etc.The user device type of the following embodiment of the invention comprises: portable terminals such as mobile phone, notebook computer, PDA.

Fig. 1 is that Home eNodeB is an example for localization method embodiment one flow chart of radio reception device of the present invention with the radio reception device, and as shown in Figure 1, this method comprises:

Step 100, the positional information of the described subscriber equipment that the reception subscriber equipment sends;

Represent Home eNodeB with AP in the various embodiments of the present invention.AP is before can providing access function for UE, will via security gateway (SeGW) finish and certificate server between authentication, and and security gateway between set up secure tunnel (IPsec), Home eNodeB is authorized through operator and is had access function under the situation of authentication success, and launches broadcast singal towards periphery and provide access function for UE.Detect the microcellulor signal of AP emission as UE after, set up Radio Resource control to the AP transmission and (be called for short: RRC) ask and set up RRC to be connected with AP.Because the coverage of AP is less, the positional information of UE that inserts AP is approaching with the positional information of AP, so AP can be by the location positioning of the positional information realization AP of UE in the present embodiment.AP is before the UE positional information that receives the UE transmission, and AP is to the solicited message of UE transmission UE positional information, and UE is after receiving this solicited message, from global positioning system (GlobalPositioning System; Hereinafter to be referred as: GPS) obtain the positional information of UE and send to AP in the module, in order to prevent that AP from distorting this UE positional information, UE is after obtaining the UE positional information from the GPS module, the authentication derivative key of using between UE and the certificate server is carried out encryption to the UE positional information, and then send to AP, guarantee that AP sends to the true and accurate of the positional information of network side.Further, in order to prevent the Replay Attack of AP, can also be on the basis of the UE positional information being carried out encryption the joining day stab information, and then send to AP, so far AP receives the positional information of the UE that UE sends.UE also can not encrypt and add the processing of timestamp in the present embodiment to the positional information of UE, and directly sends.Also have, after AP sent the solicited message of UE positional information to UE, if UE itself does not have the GPS module can't know its positional information the time, UE can be to the centre of location (LocationServer of core net; Be called for short: LS) send the request of positional information, LS receive the request back by calculating UE positional information and return to UE, after the positional information of self that UE receives that LS returns, positional information is sent to AP.

Step 101, the identity information of using Home eNodeB identifies described positional information;

Receive the UE positional information of UE transmission as AP after, for want network functional entity that network side carries out location verification with the positional information of UE as the positional information of AP and then carry out the location of AP, AP will identify the UE positional information, in order to realize the binding of UE positional information and AP identity, to realize the positioning function of AP as the positional information of AP by this UE positional information, specifically carry out label manner and can comprise following two kinds, wherein a kind of is that the identity recognition number (AP ID) of using AP identifies the UE positional information, can also be that the digital certificate of using AP identifies the UE positional information, can also be that the medium of using Home eNodeB insert medium access control, (Medium Access Control; Abbreviation MAC) address identifies described positional information, and the IP address that also can use Home eNodeB identifies described positional information.The MAC Address of the identity recognition number of above-mentioned AP, the digital certificate of AP, AP and the IP address of AP all can unique identification AP identity, can certainly adopt the mode that other can unique identification AP to be not limited to upper type.

Step 102 will send to network side through the described positional information of sign and carry out location verification.

AP identifies the UE positional information and the UE positional information is sent to network side after binding with its identity information and carry out location verification, specifically comprise the UE positional information through sign is sent to network location server via Service Gateway, because the UE positional information that network location server receives is at this moment encrypted to wait through UE and is handled, therefore should this positional information be decrypted by network location server, resolve to the binding positions of AP and authentication function entity (hereinafter to be referred as the AHR) information that can discern, the used key of network location server can be passed by certificate server comes, and this key is the derivative key of carrying out professional desired authenticate key between UE and the certificate server, network location server is used this authentication derivative key the UE positional information is decrypted, and decrypted result returned to Service Gateway, Service Gateway receives the positional information of the process decryption processing of network location server transmission, Service Gateway is carried out the position legitimate verification of AP to the positional information of AHR transmission through decryption processing by AHR.If be proved to be successful, then AHR returns success response to Service Gateway, if checking is unsuccessful, then returns failure response.Service Gateway described in the present embodiment is included in AP and imports preparation gateway (Provisioning AG) in (Boot) flow process and the gateway (Serving AG) in the AP access process.

In the embodiment of the invention, AP is based on UE, the UE positional information of sending by UE realizes locating the purpose of AP indirectly, AP is by binding the positional information of UE and the identify label of AP, realize that network side AHR positions the positional information for the treatment of as AP for positional information of UE to AP, because the coverage of AP is less, the positional information gap of the positional information of UE and AP reality is little, can satisfy the accuracy of AP position; And the solution that present embodiment provides need not to change existing network configuration; Implementation procedure does not need the participation of macrocellular simultaneously, has solved effectively under the condition that does not have macrocellular to cover, and realizes the accurate location of AP, has solved operator effectively simultaneously and has not supported the CLF entity, can't carry out the defective of location verification based on port.

Fig. 2 is radio reception device position verification method embodiment one flow chart of the present invention, is that Home eNodeB is an example with the radio reception device, and as shown in Figure 2, this method comprises:

Step 200 receives the location verification request message from Home eNodeB, and described location verification request message comprises the positional information that identity information identified, that insert the subscriber equipment of described Home eNodeB of using described Home eNodeB;

Network side AHR receives the location verification request message that Service Gateway sends, this location verification request message can be to import the importing request message that the preparation gateway sends to AHR in the flow process at AP, it also can be the access request message that gateway sends to AHR in the AP access process, the positional information that in the location verification request message, comprises UE, wherein UE carries out professional subscriber equipment for the preparation on the AP that inserts, and the positional information of UE is that the identity information with AP binds together, and the identify label of the AP that AHR binds together according to the positional information with UE is just learnt the positional information of being used as AP with the UE positional information is carried out the AP location verification.

Step 201 according to the positional information of described Home eNodeB of storage in advance, is verified the positional information of the described subscriber equipment that comprises in the described location verification request message.

AHR with the UE positional information as identifying object, with its positional information that is stored in the AP permission working range on the AHR in advance serves as according to carrying out the position legitimate verification, specifically can be to allow the positional information of working range to compare UE positional information and AP, obtain the difference information between the two, judge again whether this difference information surpasses pre-set threshold, if the position above the position of then representing the AP real work and the work of permission differs far away, that is to say that AP has left the position range that allows work, therefore should forbid its access function; Then be proved to be successful expression AP and also be in the working range of permission if surpass threshold value, can keep the operate as normal of AP, and return and be proved to be successful message.Wherein threshold value can according to actual conditions for example the parameters such as footprint size of AP preestablish and be stored among the AHR.

The femtocell positions verification method that present embodiment provides, network side AHR will carry UE positional information that the AP identity information the identified positional information as AP, and use the institute's AP that stores permission service position information the legitimacy of AP position is verified; Need not to change existing network configuration, implementation procedure does not need the participation of macrocellular simultaneously, has solved effectively under the condition that does not have macrocellular to cover, and realizes the accurate location of AP, simultaneously solved operator effectively and do not supported the CLF entity, can't carry out the defective of location verification based on port.

AP will carry out importing (Boot) flow process of AP when using first in concrete the application, in follow-up use, to carry out the access process of AP, more than all to carry out location verification in two flow processs to AP, below be presented in the process that realizes the AP location verification in two flow processs respectively.

Fig. 3 is that Home eNodeB is an example for the importing flow implementation example one signaling process figure of radio reception device of the present invention with the radio reception device, and the AP that present embodiment is based on UE imports the implementation procedure of carrying out location verification in the flow process, and as shown in Figure 3, this flow process comprises:

AP finish via security gateway (SeGW) and certificate server between authentication, and and SeGW between set up secure tunnel (IPsec), if the authentication pass through, operator just can authorize AP to possess access function so, and launches broadcast singal towards periphery.

Step 1a, the microcellulor signal around UE detects, and initiate the RRC connection and set up request, request is set up RRC and is connected;

Step 2a, UE sends position updating request to AP;

Step 3a, AP carries out admission control function to UE and promptly sends the UE identity request, carries the request to the GPS location information data of UE in this request simultaneously;

Step 4a, UE handle this request, and obtain corresponding location information data from the GPS module;

Step 5a if UE possesses location information data, then carries these data in identity response message; Otherwise, carry the reason that location information data obtains failure;

Step 6a, AP identify it after receiving the positional information that UE provides, in order to realize the binding of UE positional information and AP identity;

Step 7a, AP send " Boot " request, and carry location information data that UE provides to preparation gateway (Provisioning AG);

Step 8a, AG sends to network location server with this request, is used for the calculating of positional information, and is that concrete locating information sends AG to result calculated;

Step 9a, AG sends " Boot " request to AHR, and carries positional information;

Step 10a, AHR carries out verification to the legitimacy of this positional information;

Step 11a, if check successfully, and to AG transmission " Boot " success response, and carry address and other configuration information of local access network unit; If verification is unsuccessful, then send " Boot " failure response.

Be that AP is to sending the UE identity request in the method that present embodiment provides; in this request, carry request simultaneously to the GPS location information data of UE; can certainly carry request by other message, perhaps directly send execution modes such as request to the GPS location information data of UE also within protection scope of the present invention separately to UE to the GPS location information data of UE.

Owing to will carry out access process after finishing the importing flow process, and related Service Gateway difference in two flow processs, Service Gateway is preparation gateway (Provisioning AG) in the importing flow process, and Service Gateway is specially server gateway (serving AG) in the access process, therefore AHR makes success response if be proved to be successful then in the flow process if import, and the address of carrying local access network unit is that the address of server gateway (servingAG) informs that AP carries out with server gateway (servingAG) next time alternately.Finish access (access) flow process of carrying out AP on the basis that imports flow process first at AP.

Fig. 4 is the access process embodiment one signaling process figure of radio reception device of the present invention, is that Home eNodeB is an example with the radio reception device, and present embodiment is based on the implementation procedure of carrying out location verification in the AP access process of UE, and as shown in Figure 4, this flow process comprises:

Step 1b, AP downloads corresponding configuration information from APM, for example user's access control tabulation etc.;

Step 2b, UE is pre-to carry out service interaction with AP, sends the RRC connection request and also sets up the RRC connection;

Step 3b, UE sends position updating request to AP;

Step 4b, AP carries out admission control function to UE and promptly sends the UE identity request, carries the request to the GPS location information data of UE in this request simultaneously;

Step 5b, UE handle this request, and obtain corresponding location information data from the GPS module;

Step 6b if UE possesses location information data, then carries these data in identity response message; Otherwise, carry the reason that location information data obtains failure;

Step 7b, AP identify it after receiving the positional information that UE provides, in order to realize the binding of positional information and AP identity;

Step 8b, AP send " access " request, and carry location information data that UE provides to gateway (serving AG);

Step 9b, AG sends to network location server with this request, is used for the calculating of positional information, and is that concrete locating information sends AG to result calculated;

Step 10b, AG sends " access " request to AHR, and carries positional information;

Step 11b, AHR carries out verification to the legitimacy of this positional information;

Step 12b if check successfully, then sends " access " success response to AG; If verification is unsuccessful, then send " access " failure response.

More than among each embodiment related UE be meant the CSG user's of AP subscriber equipment.

In the embodiment of the invention, the UE positional information that AP sends by UE realizes locating the purpose of AP indirectly, wherein the positional information of UE is to obtain from the GPS module of UE itself, AP is by binding the positional information of UE and the identify label of AP, realize that network side AHR positions the positional information for the treatment of as AP for positional information of UE to AP, because the coverage of AP is less, the positional information gap of the positional information of UE and AP reality is little, can satisfy the accuracy of AP position; And the solution that present embodiment provides need not to change existing network configuration; Implementation procedure does not need the participation of macrocellular simultaneously, has solved effectively under the condition that does not have macrocellular to cover, and realizes the accurate location of AP, has solved operator effectively simultaneously and has not supported the CLF entity, can't carry out the defective of location verification based on port.

Fig. 5 is that Home eNodeB is an example for the importing flow implementation example two signaling process figure of radio reception device of the present invention with the radio reception device, and the AP that present embodiment is based on UE imports the implementation procedure of carrying out location verification in the flow process, and as shown in Figure 5, this flow process comprises:

Step 1e, the microcellulor signal around UE detects, and initiate the RRC connection and set up request, request is set up RRC and is connected;

Step 2e, UE sends position updating request to AP;

Step 3e, AP carries out admission control function to UE and promptly sends the UE identity request, carries the request to the positional information of UE in this request simultaneously;

Step 4e, UE handle this request, and inquire corresponding location information data to LS;

Step 5e, UE carry this location information data in identity response message;

Step 6e, AP identify it after receiving the positional information that UE provides, in order to realize the binding of positional information and AP identity;

Step 7e, AP send the Boot request, and carry location information data that UE provides to preparation gateway (ProvisioningAG);

Step 8e, " Boot " asks, and carries geographical location information AG to the AHR transmission;

Step 9e, AHR carries out verification to the legitimacy of this positional information;

Step 10e, if check successfully, and to AG transmission " Boot " success response; If verification is unsuccessful, then send " Boot " failure response.

Be that AP is to sending the UE identity request in the method that present embodiment provides; in this request, carry request simultaneously to the GPS location information data of UE; can certainly carry request by other message, perhaps directly send execution modes such as request to the GPS location information data of UE also within protection scope of the present invention separately to UE to the GPS location information data of UE.Finish access (access) flow process of carrying out AP on the basis that imports flow process first at AP.

Fig. 6 is the access process embodiment two signaling process figure of radio reception device of the present invention, is that Home eNodeB is an example with the radio reception device, and present embodiment is based on the implementation procedure of carrying out location verification in the AP access process of UE, and as shown in Figure 6, this flow process comprises:

Step 1f, AP downloads corresponding configuration information from APM, such as user's access control tabulation etc.;

Step 2f, UE is pre-to carry out service interaction with AP, sends the RRC connection request and also sets up the RRC connection;

Step 3f, UE sends position updating request to AP;

Step 4f, AP carries out admission control function to UE and promptly sends the UE identity request, carries the request to the location information data of UE in this request simultaneously;

Step 5f, UE handle this request, and to LS inquiry UE current position information data;

Step 6f, UE carry these data in identity response message;

Step 7f, AP identify it after receiving the positional information that UE provides, in order to realize the binding of positional information and AP identity;

Step 8f, AP send " access " request, and carry location information data that UE provides to gateway (serving AG);

Step 9f, AG sends " access " request to AHR, and carries geographical location information;

Step 10f, AHR carries out verification to the legitimacy of this positional information;

Step 11f, if check successfully, and to AG transmission " access " success response; If verification is unsuccessful, then send " access " failure response.

In the embodiment of the invention, the UE positional information that AP sends by UE realizes locating the purpose of AP indirectly, wherein the positional information of UE is to obtain from the LS of core net, AP is by binding the positional information of UE and the identify label of AP, realize that network side AHR positions the positional information for the treatment of as AP for positional information of UE to AP, because the coverage of AP is less, the positional information gap of the positional information of UE and AP reality is little, can satisfy the accuracy of AP position; And the solution that present embodiment provides need not to change existing network configuration; Implementation procedure does not need the participation of macrocellular simultaneously, has solved effectively under the condition that does not have macrocellular to cover, and realizes the accurate location of AP, has solved operator effectively simultaneously and has not supported the CLF entity, can't carry out the defective of location verification based on port.

Fig. 7 is that Home eNodeB is an example for localization method embodiment two flow charts of radio reception device of the present invention with the radio reception device, and as shown in Figure 7, this method comprises:

Step 500 is obtained the positional information of described Home eNodeB from the included GPS module of Home eNodeB;

Home eNodeB and previous embodiment institute difference related in the present embodiment are, the Home eNodeB that relates in this method has the GPS function, himself dispose the GPS module, when needs carry out Home eNodeB when being the location verification of AP, AP extracting position information from the GPS module that self is equipped with is used for location verification.

Step 501 sends to network side with described positional information and carries out location verification.

AP gets access to positional information from the GPS module after, positional information sends to the location verification that network side carries out AP, specifically comprise positional information is sent to network location server via Service Gateway, network location server is resolved the positional information that receives, make positional information to be discerned by AHR, after the parsing analysis result is sent to Service Gateway, after Service Gateway received the positional information through parsing of network location server transmission, Service Gateway sent the position legitimate verification that carries out AP through the positional information of parsing to AHR.If be proved to be successful, then AHR returns success response to Service Gateway, if checking is unsuccessful, then returns failure response.Service Gateway described in the present embodiment is included in AP and imports preparation gateway (Provisioning AG) in (Boot) flow process and the gateway (Serving AG) in the PA access process.

In the embodiment of the invention, AP utilizes the GPS function of self to obtain positional information from the GPS module, and directly the AP positional information with reality sends to AHR, realizes that network side AHR positions AP, guarantees positioning accuracy; And the solution that present embodiment provides need not to change existing network configuration; Implementation procedure does not need the participation of macrocellular simultaneously, has solved effectively under the condition that does not have macrocellular to cover, and realizes the accurate location of AP, has solved operator effectively simultaneously and has not supported the CLF entity, can't carry out the defective of location verification based on port.

Fig. 8 is radio reception device position verification method embodiment two flow charts of the present invention,, be that Home eNodeB is an example with the radio reception device, as shown in Figure 8, this method comprises:

Step 600 receives the location verification request message from Home eNodeB, and described location verification request message comprises the positional information of obtaining described Home eNodeB from the included GPS module of described Home eNodeB;

Network side AHR receives the location verification request message that Service Gateway sends, this location verification request message can be to import the importing request message that the preparation gateway sends to AHR in the flow process at AP, it also can be the access request message that gateway sends to AHR in the AP access process, the positional information that comprises AP in the location verification request message, AHR carries out the AP location verification according to the positional information of AP.

Step 601 according to the positional information of the described Home eNodeB permission working range of storing in advance, is carried out location verification to described Home eNodeB.

AHR with the actual position information of the AP that receives as identifying object, with its positional information that is stored in the AP permission working range on the AHR in advance serves as according to carrying out the position legitimate verification, specifically can be that the actual position information of AP and the positional information of AP permission working range are compared, obtain the difference information between the two, judge again whether this difference information surpasses pre-set threshold, if the position above the position of then representing the AP real work and the work of permission differs far away, that is to say that AP has left the position range that allows work, therefore should forbid its access function; Then be proved to be successful expression AP and also be in the working range of permission if surpass threshold value, can keep the operate as normal of AP, and return and be proved to be successful message.Wherein threshold value can according to actual conditions for example the parameters such as footprint size of AP preestablish and be stored among the AHR.

The femtocell positions verification method that present embodiment provides, network side AHR are used the positional information of obtaining the GPS module that the institute's AP that store permission service position information butt joint receives and are carried out the legitimacy of AP position and verify from AP; Need not to change existing network configuration, implementation procedure does not need the participation of macrocellular simultaneously, has solved effectively under the condition that does not have macrocellular to cover, and realizes the accurate location of AP, simultaneously solved operator effectively and do not supported the CLF entity, can't carry out the defective of location verification based on port.

Fig. 9 is the importing flow implementation example three signaling process figure of radio reception device of the present invention, with the radio reception device is that Home eNodeB is an example, the AP that present embodiment is based on the GPS function of AP imports the implementation procedure of carrying out location verification in the flow process, and as shown in Figure 9, this flow process comprises:

Step 1c, AP sends " Boot " request to preparation gateway (Provisioning AG), and the positional information of carrying AP, and this positional information is provided by the GPS module of AP;

Step 2c, AG submit to network location server with location information data and are used for positional information calculation;

Step 3c, AG is transmitted to AHR with the Boot request;

Step 4c, AHR carry out this positional information and judge, and respond, and carry address and other configuration information of local access network unit.

Owing to will carry out access process after finishing the importing flow process, and related Service Gateway difference in two flow processs, Service Gateway is preparation gateway (Provisioning AG) in the importing flow process, and Service Gateway is specially server gateway (servingAG) in the access process, therefore AHR makes success response if be proved to be successful then in the flow process if import, and the address of carrying local access network unit is that the address of server gateway (servingAG) informs that AP carries out with server gateway (servingAG) next time alternately.Finish access (access) flow process of carrying out AP on the basis that imports flow process first at AP.

Figure 10 is the access process embodiment three signaling process figure of radio reception device of the present invention, is that Home eNodeB is an example with the radio reception device, and present embodiment is based on the implementation procedure of carrying out location verification in the AP access process of UE, and as shown in figure 10, this flow process comprises:

Step 1d, AP obtains configuration information from APM;

Step 2d, AP is to " Serving AG " transmission " Access " request, and the positional information of carrying AP, and this positional information is provided by the GPS module of AP;

Step 3d, AG submit to network location server with location information data and are used for positional information calculation;

Step 4d, AG is transmitted to AHR with " Access " request;

Step 5d, AHR carry out this positional information and judge, and respond.If check successfully, then send " access " success response to AG; If verification is unsuccessful, then send " access " failure response.

Figure 11 is radio reception device embodiment one structural representation of the present invention, as shown in figure 11, this radio reception device can be that for example radio reception device etc. can provide the equipment of access function for subscriber equipment, radio reception device is that example describes with the radio reception device in the present embodiment, this radio reception device comprises first receiver module 11, binding module 12 and first sending module 13, and wherein first receiver module 11 is used to receive the positional information of the described subscriber equipment that subscriber equipment sends; The identity information that binding module 12 is used for the employing wireless access device identifies described positional information; First sending module 13 is used for that the described positional information through sign is sent to network side and carries out location verification.

Being specially, is that Home eNodeB is that example describes with the radio reception device in the present embodiment.Home eNodeB is before the access function that provides for UE, at first finish via security gateway (SeGW) and certificate server between authentication, and and security gateway between set up secure tunnel (IPsec), Home eNodeB is authorized through operator and is had access function under the situation of authentication success, and launches broadcast singal towards periphery and provide access function for UE.UE sets up RRC with Home eNodeB and is connected after detecting the microcellulor signal of Home eNodeB emission; UE sends position updating request to Home eNodeB then, Home eNodeB sends positional information to UE by first sending module 13 solicited message sends positional information with request UE, UE sends to Home eNodeB obtain positional information from the GPS module after, after first receiver module 11 in the Home eNodeB receives the positional information of UE, identify by 12 pairs of UE positional informations of binding module, in order to realize the binding of UE positional information and AP identity, to realize the positioning function of AP as the positional information of AP by this UE positional information, specifically carry out label manner and can comprise following two kinds, wherein a kind of is that the identity recognition number (AP ID) of using AP identifies the UE positional information, can also be that the digital certificate of using AP identifies the UE positional information.The identity recognition number of above-mentioned AP and the digital certificate of AP all can unique identification AP identity, can certainly adopt the mode that other can unique identification AP to be not limited to above dual mode.Finish the sign of UE positional information in binding module 12 after, by first sending module 13 positional information of UE is sent to network side and carry out location verification.

Owing in carrying out the Home eNodeB access process, will download configuration information, so comprise also in the Home eNodeB that first download module 14 is used for from Home eNodeB management platform download configuration information from APM.

In the embodiment of the invention, Home eNodeB is based on UE, the UE positional information of sending by UE realizes locating the purpose of Home eNodeB indirectly, Home eNodeB is by binding the positional information of UE and the identify label of Home eNodeB, realize that network side AHR positions the positional information for the treatment of as Home eNodeB for positional information of UE to Home eNodeB, because the coverage of Home eNodeB is less, the positional information gap of the positional information of UE and Home eNodeB reality is little, can satisfy the accuracy of femtocell positions; And the solution that present embodiment provides need not to change existing network configuration; Implementation procedure does not need the participation of macrocellular simultaneously, has solved effectively under the condition that does not have macrocellular to cover, and realizes the accurate location of Home eNodeB, has solved operator effectively simultaneously and has not supported the CLF entity, can't carry out the defective of location verification based on port.

Figure 12 is subscriber equipment embodiment one structural representation of the present invention, and as shown in figure 12, this subscriber equipment comprises first GPS module 21 and second sending module 22, and wherein first GPS module 21 is used to obtain the positional information of subscriber equipment; Second sending module 22 is used for obtaining described positional information from first GPS module 21, sends to radio reception device.

Being specially, is that Home eNodeB is that example describes with the radio reception device in the present embodiment.After Home eNodeB has access function, after UE detects the microcellulor signal of Home eNodeB emission, send RRC to Home eNodeB and ask and set up RRC to be connected with Home eNodeB; Send position updating request to Home eNodeB then, Home eNodeB sends identity request to UE, carry request to the GPS positional information of UE, UE handles this request, from first GPS module 21, obtain corresponding positional information, the positional information of UE is sent to Home eNodeB by second sending module 22.UE receives the solicited message to the UE positional information of Home eNodeB transmission and can finish by second receiver module 23 that comprises among the UE.

Can also comprise the authentication derivative key that is used to use between described subscriber equipment and the certificate server among the UE, to from first GPS module 21, obtaining the encrypting module 24 that described positional information is encrypted; Can further include the timestamp module 25 that is used for the positional information interpolation timestamp information of encrypting through encrypting module 24.Particularly in order to prevent that Home eNodeB from distorting this UE positional information, UE is after obtaining the UE positional information from first GPS module 21, by the authentication derivative key that encrypting module 24 is used between UE and the certificate server UE positional information is carried out encryption, and then send to Home eNodeB, guarantee that Home eNodeB sends to the true and accurate of the positional information of network side.Further, can to UE be the Replay Attack that the positional information joining day stamp information on the basis of encryption of carrying out prevents Home eNodeB by timestamp module 25.

The subscriber equipment that present embodiment provides can be under the request of Home eNodeB, the positional information that will obtain from the GPS module sends to Home eNodeB, and carry out necessary processing such as encryption to sending positional information, for carrying out location verification by the UE positional information, Home eNodeB puies forward foundation.

Figure 13 is location verification server implementation example one structural representation of the present invention, as shown in figure 13, this location verification server comprises the 3rd receiver module 31 and first authentication module 32, wherein the 3rd receiver module 31 is used to receive the location verification request message from radio reception device, and described location verification request message comprises the positional information that identity information identified, that insert the subscriber equipment of described radio reception device of using described radio reception device; First authentication module 32 is used for according to the positional information of described radio reception device of storage in advance, and the positional information of the described subscriber equipment that comprises in the described location verification request message is verified.

Be that Home eNodeB is that example describes with the radio reception device in the present embodiment, the position authentication server can be the binding positions and the authentication function entity (AHR) of Home eNodeB in the present embodiment, the 3rd receiver module 31 receiving positions checking request message that it comprises, the positional information that comprises in this location verification request message is the positional information of UE, and the positional information of this UE is to identify through using family's base station identity information, because the existence of this Home eNodeB identity information sign, AHR carries out the position legitimate verification with this positional information as the positional information that is Home eNodeB.Proof procedure is finished by first authentication module 32, be specially first authentication module 32 with the UE positional information as identifying object, with its positional information that is stored in the AP permission working range on the AHR in advance serves as according to carrying out the position legitimate verification, specifically can be to allow the positional information of working range to compare UE positional information and AP, obtain the difference information between the two, judge again whether this difference information surpasses pre-set threshold, if the position above the position of then representing the AP real work and the work of permission differs far away, that is to say that AP has left the position range that allows work, therefore should forbid its access function; Then be proved to be successful expression AP and also be in the working range of permission if surpass threshold value, can keep the operate as normal of AP, and return and be proved to be successful message.Wherein threshold value can according to actual conditions for example the parameters such as footprint size of AP preestablish and be stored among the AHR.Can comprise first memory module 33 that is used to store the positional information of described Home eNodeB and is used for the positional information of described subscriber equipment being verified required threshold value among the AHR according to the positional information of Home eNodeB.

The location verification server that present embodiment provides will carry UE positional information that the Home eNodeB identity information the identified positional information as Home eNodeB, and use the Home eNodeB of being stored and allow service position information that the legitimacy of femtocell positions is verified; Need not to change existing network configuration, implementation procedure does not need the participation of macrocellular simultaneously, solved effectively under the condition that does not have macrocellular to cover, realize the accurate location of Home eNodeB, simultaneously solved operator effectively and do not supported the CLF entity, can't carry out the defective of location verification based on port.

Figure 14 is network system embodiment one structural representation of the present invention, radio reception device in the network system that present embodiment provides can be that for example radio reception device etc. can provide the equipment of access function for subscriber equipment, radio reception device is that example describes with the radio reception device in the present embodiment, this network system comprises radio reception device 1 as shown in figure 14, subscriber equipment 2 and location verification server 3, wherein subscriber equipment 2 is used for the request according to radio reception device 1, obtain the positional information of subscriber equipment 2 in the GPS module from subscriber equipment 2, send to radio reception device 1; Radio reception device 1 is used to receive the positional information of the subscriber equipment 2 that subscriber equipment 2 sends, and the identity information of employing wireless access device 1 identifies described positional information; Location verification server 3 is used for the positional information according to the radio reception device of storing in advance 1, and the positional information of subscriber equipment 2 is verified.

Be that Home eNodeB is that example describes with the radio reception device in the present embodiment.Network system comprises that also network location server 4 is used for the location information data of subscriber equipment 2 is calculated.System comprises that also the positional information that Service Gateway 5 is used for subscriber equipment 2 that Home eNodeB 1 is sent is transmitted to network location server 4, receives the result of calculation that network location server 4 is returned, and described result of calculation is sent to location verification server 3.System also comprises the Home eNodeB management platform 6 that is used to Home eNodeB 1 that configuration information is provided.

Home eNodeB 1 is uploaded the positional information of subscriber equipment 2 to subscriber equipment 2 requests, subscriber equipment 2 extracting position information and send to Home eNodeB 1 from its GPS module, Home eNodeB 1 receives the identity information of using Home eNodeB 1 after the positional information of subscriber equipment 2 positional information of subscriber equipment 2 is identified, make network side with the positional information of subscriber equipment 2 as the positional information of Home eNodeB 1 as location verification.Home eNodeB 1 sends to Service Gateway 5 with the positional information of subscriber equipment 2, Service Gateway 5 is transmitted this positional information and is given network location server 4, the location information data of 4 pairs of subscriber equipmenies 2 of network location server calculates, and can provide geographical location information for location verification server 3; Network location server 4 returns to Service Gateway 5 with result of calculation, Service Gateway 5 sends to location verification server 3 with this result of calculation again, after location verification server 3 receives the positional information of subscriber equipment 2, use the positional information of the signatory Home eNodeB 1 of storage in advance, the positional information of subscriber equipment 2 is carried out the position legitimate verification.Related Service Gateway can be to import the preparation gateway (Provisioning AG) that relates in (Boot) flow process at Home eNodeB in the present embodiment, also can be the gateway (Serving AG) that Home eNodeB relates in inserting (access) flow process.Home eNodeB management platform 6 carries out providing relevant configuration information for Home eNodeB 1 in the access process at Home eNodeB 1.The equipment that related subscriber equipment, Home eNodeB and location verification server can be in the various embodiments described above to be provided in the present embodiment, concrete function and herein repeating no more alternately.

Figure 15 is subscriber equipment embodiment two structural representations of the present invention, and as shown in figure 15, this subscriber equipment comprises second acquisition module 61 and the 4th sending module 62, and wherein second acquisition module 61 is used for obtaining from the centre of location positional information of subscriber equipment; The 4th sending module 62 is used for sending to radio reception device the positional information of described subscriber equipment.

Particularly, be that Home eNodeB is that example describes with the radio reception device in the present embodiment.After Home eNodeB AP has access function, after UE detects the microcellulor signal of Home eNodeB emission, send RRC to Home eNodeB and ask and set up RRC to be connected with Home eNodeB; Send position updating request to Home eNodeB then, Home eNodeB sends identity request to UE, carry request to the GPS positional information of UE, UE handles this request, obtain the positional information of UE by second acquisition module 61 from core net LS, and send to Home eNodeB by the 4th sending module 62.UE receives the solicited message to the UE positional information of Home eNodeB transmission and can finish by the 5th receiver module 63 that comprises among the UE.

The subscriber equipment that present embodiment provides can be under the request of Home eNodeB, and the positional information that will obtain from core net LS sends to Home eNodeB, puies forward foundation for Home eNodeB carries out location verification by the UE positional information.

Figure 16 is network system embodiment two structural representations of the present invention, radio reception device in the network system that present embodiment provides can be the equipment that access function can be provided for subscriber equipment of radio reception device for example, radio reception device is that example describes with the radio reception device in the present embodiment, this network system comprises radio reception device 1 as shown in figure 16, subscriber equipment 2 and location verification server 3, wherein subscriber equipment 2 is used for the request according to radio reception device 1, from the centre of location, obtain the positional information of subscriber equipment 2, send to radio reception device 1; Radio reception device 1 is used to receive the positional information of the subscriber equipment 2 that subscriber equipment 2 sends, and the identity information of employing wireless access device 1 identifies described positional information; Location verification server 3 is used for the positional information according to the radio reception device of storing in advance 1, and the positional information of subscriber equipment 2 is verified.

Be that Home eNodeB is that example describes with the radio reception device in the present embodiment, network system comprises that also the positional information that is used for subscriber equipment 2 that Home eNodeB 1 is sent sends to the Service Gateway of location verification server 3; Also comprise the Home eNodeB management platform 6 that is used to described radio reception device that configuration information is provided.

Home eNodeB 1 is uploaded the positional information of subscriber equipment 2 to subscriber equipment 2 requests, subscriber equipment 2 obtains positional information and sends to Home eNodeB 1 from LS7, Home eNodeB 1 receives the identity information of using Home eNodeB 1 after the positional information of subscriber equipment 2 positional information of subscriber equipment 2 is identified, make network side with the positional information of subscriber equipment 2 as the positional information of Home eNodeB 1 as location verification.Home eNodeB 1 sends to Service Gateway 5 with the positional information of subscriber equipment 2, Service Gateway 5 sends to positional information location verification server 3 again, after location verification server 3 receives the positional information of subscriber equipment 2, use the positional information of the signatory Home eNodeB 1 of storage in advance, the positional information of subscriber equipment 2 is carried out the position legitimate verification.Related Service Gateway can be to import the preparation gateway (Provisioning AG) that relates in (Boot) flow process at Home eNodeB in the present embodiment, also can be the gateway (Serving AG) that Home eNodeB relates in inserting (access) flow process.Home eNodeB management platform 6 carries out providing relevant configuration information for Home eNodeB 1 in the access process at Home eNodeB 1.The equipment that related subscriber equipment, Home eNodeB and location verification server can be in the various embodiments described above to be provided in the present embodiment, concrete function and herein repeating no more alternately.

Figure 17 is radio reception device embodiment two structural representations of the present invention, as shown in figure 17, this radio reception device can be the equipment that access function can be provided for subscriber equipment of radio reception device for example, radio reception device is that example describes with the radio reception device in this enforcement side, this radio reception device comprises second GPS module 41, first acquisition module 42 and the 3rd sending module 43, and wherein second GPS module 41 is used to obtain the positional information of described radio reception device; First acquisition module 42 is used for obtaining from second GPS module 41 positional information of described radio reception device; The 3rd sending module 43 is used for that described positional information is sent to network side and carries out location verification.

Particularly, be that Home eNodeB is that example describes with the radio reception device in the present embodiment.Second GPS module 41 in the Home eNodeB is utilized the GPS function to obtain Home eNodeB actual present position information and is stored in second GPS module 41; First acquisition module 42 sends to the position legitimate verification that network side carries out Home eNodeB by the 3rd sending module 43 with this positional information take out the positional information of detected Home eNodeB from second GPS module 41 after.Home eNodeB will be from Home eNodeB management platform download configuration information in carrying out access process, use this configuration information subscriber equipment is carried out access control, can finish by second download module 44 that Home eNodeB comprises from Home eNodeB management platform download configuration information.

In the embodiment of the invention, Home eNodeB utilizes the GPS function of self to obtain positional information from the GPS module, and directly the femtocell positions information with reality sends to AHR, realizes that network side AHR positions Home eNodeB, guarantees positioning accuracy; And the solution that present embodiment provides need not to change existing network configuration; Implementation procedure does not need the participation of macrocellular simultaneously, has solved effectively under the condition that does not have macrocellular to cover, and realizes the accurate location of Home eNodeB, has solved operator effectively simultaneously and has not supported the CLF entity, can't carry out the defective of location verification based on port.

Figure 18 is location verification server implementation example two structural representations of the present invention, as shown in figure 18, this location verification server comprises the 4th receiver module 51 and second authentication module 52, wherein the 4th receiver module 51 is used to receive the location verification request message from radio reception device, and described location verification request message comprises the positional information of obtaining described radio reception device from the included GPS module of described radio reception device; Second authentication module 52 is used for allowing according to the described radio reception device of storage in advance the positional information of working range, and described radio reception device is carried out location verification.

Be that Home eNodeB is that example describes with the radio reception device in the present embodiment, the position authentication server can be the binding positions and the authentication function entity (AHR) of Home eNodeB in the present embodiment, the 4th receiver module 51 receiving positions checking request message that it comprises, the positional information that comprises in this location verification request message is the positional information of the real work of Home eNodeB.Proof procedure is finished by second authentication module 52, be specially second authentication module 52 with the positional information of the real work of Home eNodeB as identifying object, with its positional information that is stored in the Home eNodeB permission working range on the AHR in advance serves as according to carrying out the position legitimate verification, specifically can be that positional information and Home eNodeB with the real work of Home eNodeB allows the positional information of working range to compare, if be not inconsistent then authentication failed, that is to say that Home eNodeB has left the position range that allows work, therefore should forbid its access function; If meet then and be proved to be successful mutually, can keep the operate as normal of Home eNodeB, and return and be proved to be successful message.Can comprise among the AHR and be used to store second memory module 53 that Home eNodeB allows the positional information of working range.

Location verification server that present embodiment provides is used the Home eNodeB of being stored and is allowed the legitimacy of the Home eNodeB actual position information that service position information obtains by self GPS function Home eNodeB to verify, need not to change existing network configuration, implementation procedure does not need the participation of macrocellular simultaneously, solved effectively under the condition that does not have macrocellular to cover, realize the accurate location of Home eNodeB, simultaneously solved operator effectively and do not supported the CLF entity, can't carry out the defective of location verification based on port.

Figure 19 is network system embodiment three structural representations of the present invention, radio reception device in the network system that present embodiment provides can be that for example radio reception device etc. can provide the equipment of access function for subscriber equipment, radio reception device is that example describes with the radio reception device in the present embodiment, this network system comprises radio reception device 1 and location verification server 3 as shown in figure 19, wherein radio reception device 1 is used for obtaining from radio reception device 1 included GPS module the positional information of described radio reception device, sends to network side; Location verification server 3 is used for allowing according to the radio reception device 1 of storage in advance the positional information of working range, and the positional information of radio reception device 1 is verified.

Be that Home eNodeB is that example describes with the radio reception device in the present embodiment.This network system comprises that also network location server 4 is used for the location information data of Home eNodeB 1 is calculated; System comprises that also the positional information that Service Gateway 5 is used for subscriber equipment 2 that Home eNodeB 1 is sent is transmitted to network location server 4, receives the result of calculation that network location server 4 is returned, and described result of calculation is sent to location verification server 3.System also comprises the Home eNodeB management platform 6 that is used to Home eNodeB 1 that configuration information is provided.

When carrying out the location verification of Home eNodeB, Home eNodeB 1 takes out the positional information of current Home eNodeB 1 work from the GPS module that self disposes, and issues network side and carry out location verification; Home eNodeB 1 sends to Service Gateway 5 with the positional information of Home eNodeB 1, Service Gateway 5 is transmitted this positional information and is given network location server 4, the location information data of 4 pairs of Home eNodeB 1 of network location server calculates, for location verification server 3 provides geographical location information; Network location server 4 returns to Service Gateway 5 with result of calculation, Service Gateway 5 sends to location verification server 3 with this result of calculation again, location verification server 3 is used the positional information of the signatory Home eNodeB of being stored 1 it is carried out location verification behind the geographical location information that receives Home eNodeB 1.Related Service Gateway can be to import the preparation gateway (Provisioning AG) that relates in (Boot) flow process at Home eNodeB in the present embodiment, also can be the gateway (Serving AG) that Home eNodeB relates in inserting (access) flow process.Home eNodeB management platform 6 carries out providing relevant configuration information for Home eNodeB 1 in the access process at Home eNodeB 1.The equipment that related subscriber equipment, Home eNodeB and location verification server can be in the various embodiments described above to be provided in the present embodiment, concrete function and herein repeating no more alternately.

The localization method of the radio reception device that the above embodiment of the present invention provides and radio reception device position verification method and radio reception device, and in subscriber equipment and location verification server and the network system, radio reception device is on the one hand based on UE, the UE positional information of sending by UE realizes locating the purpose of radio reception device indirectly, radio reception device is by binding the positional information of UE and the identify label of radio reception device, realize that network side AHR positions the positional information for the treatment of as radio reception device for positional information of UE to radio reception device, because the coverage of radio reception device is less, the positional information gap of the positional information of UE and radio reception device reality is little, can satisfy the accuracy of radio reception device position; By increasing the GPS module at radio reception device, utilize the GPS function of self to obtain positional information from the GPS module on the other hand, directly the AP positional information with reality sends to AHR, realizes that network side AHR positions AP, guarantees positioning accuracy; And two kinds of implementations all need not to change existing network configuration; Implementation procedure does not need the participation of macrocellular simultaneously, solves effectively under the condition that does not have macrocellular to cover, and realizes the accurate location of radio reception device; Simultaneously solved operator effectively and do not supported the CLF entity, can't carry out the defective of location verification based on port.

The unit and the algorithm steps of each example of describing in conjunction with embodiment disclosed herein, can realize with electronic hardware, computer software or the combination of the two, for the interchangeability of hardware and software clearly is described, the composition and the step of each example described prevailingly according to function in the above description.These functions still are that software mode is carried out with hardware actually, depend on the application-specific and the design constraint of technical scheme.The professional and technical personnel can use distinct methods to realize described function to each specific should being used for, but this realization should not thought and exceeds scope of the present invention.

The method of describing in conjunction with embodiment disclosed herein or the step of algorithm can use the software module of hardware, processor execution, and perhaps the combination of the two is implemented.Software module can place random asccess memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or the storage medium of other form arbitrarily.

It should be noted that at last: above embodiment only in order to the technical scheme of the explanation embodiment of the invention, is not intended to limit; Although with reference to previous embodiment the present invention is had been described in detail, those of ordinary skill in the art is to be understood that: it still can be made amendment to the technical scheme that aforementioned each embodiment put down in writing, and perhaps part technical characterictic wherein is equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution break away from the spirit and scope of various embodiments of the present invention technical scheme.

Claims

1. A positioning method for a wireless access device, characterized in that it comprises:

receiving the location information of the user equipment sent by the user equipment;

Applying the identity information of the wireless access device to identify the location information;

Send the identified location information to the network side for location verification.

2. The positioning method of the wireless access device according to claim 1, characterized in that before receiving the location information of the user equipment sent by the user equipment, the method includes:

Send request information for the location information to the user equipment.

3. The wireless access device positioning method according to claim 2, further comprising:

After receiving the request information, the user equipment obtains the location information from the global positioning system module, and sends the location information to the wireless access device.

4. The positioning method for a wireless access device according to claim 3, wherein said obtaining the location information from a global positioning system module, and sending the location information to the wireless access device includes:

The location information is obtained from the global positioning system module, the location information is encrypted by using an authentication derived key between the user equipment and the authentication server, and the encrypted location information is sent to the wireless access device.

5. The positioning method for wireless access equipment according to claim 4, characterized in that the location information is obtained from the global positioning system module, and the authentication derived key pair between the user equipment and the authentication server is applied Encrypting the location information, and sending the encrypted location information to the wireless access device includes:

Obtain the location information from the global positioning system module, encrypt the location information by using the authentication derived key between the user equipment and the authentication server, add the time stamp information, and send the encrypted location information to The wireless access device.

6. The wireless access device positioning method according to claim 2, further comprising:

After receiving the request information, the user equipment obtains the location information from the positioning center, and sends the location information to the wireless access device.

7. The wireless access device positioning method according to claim 2, wherein the request information for sending the location information to the user equipment includes:

After receiving the location update request sent by the user equipment, send a user equipment identity request message to the user equipment, where the user equipment identity request message includes the request information of the location information.

8. The wireless access device positioning method according to claim 7, characterized in that before receiving the location update request sent by the user equipment, the method includes:

The user equipment detects surrounding microcell signals, and sends a radio resource control connection request to the wireless access device;

After establishing a radio resource control connection with the wireless access device, sending a location update request to the wireless access device.

9. The positioning method of a wireless access device according to claim 8, wherein the user equipment detects surrounding microcell signals, and before sending a radio resource control connection request to the wireless access device, the steps include:

The wireless access device downloads configuration information from the wireless access device management platform.

10. The positioning method for a wireless access device according to claim 1, wherein the identification of the location information using the identity information of the wireless access device comprises:

Applying the identification number of the wireless access device to identify the location information; or

Applying the digital certificate of the wireless access device to identify the location information; or

identifying the location information by using a media access media access control address of the wireless access device; or

The IP address of the wireless access device is used to identify the location information.

11. The positioning method for any wireless access device according to claims 1 to 10, wherein the sending the identified location information to the network side for location verification includes:

Sending the identified location information to the network location server via the service gateway;

The service gateway receives the decrypted location information sent by the network location server;

The service gateway sends the decrypted location information to the location binding and authentication functional entity to verify the validity of the location of the wireless access device.

12. A method for verifying the location of a wireless access device, comprising:

Receive a location verification request message from a wireless access device, where the location verification request message includes location information of a user equipment accessing the wireless access device identified by the identity information of the wireless access device;

Verifying the location information of the user equipment included in the location verification request message according to the pre-stored location information of the wireless access device.

13. The method for verifying the location of the wireless access device according to claim 12, characterized in that according to the pre-stored location information of the wireless access device, the user equipment included in the location verification request message The location information to be verified includes:

If the difference between the location information of the wireless access device and the location information of the user equipment is smaller than a predetermined threshold, the verification is successful.

14. A positioning method for a wireless access device, characterized by comprising:

Obtaining the location information of the wireless access device from a global positioning system module included in the wireless access device;

Send the location information to the network side for location verification.

15. The positioning method of the wireless access device according to claim 14, characterized in that before acquiring the location information of the wireless access device from the global positioning system module included in the wireless access device, the method includes:

16. The positioning method for wireless access devices according to claim 14 or 15, wherein the sending the location information to the network side for location verification includes:

Send the location information to the network positioning server via the service gateway;

The service gateway receives the parsed location information sent by the network location server;

The service gateway sends the parsed location information to the location binding and authentication functional entity to verify the validity of the location of the wireless access device.

17. A method for verifying the location of a wireless access device, comprising:

Receive a location verification request message from the wireless access device, where the location verification request message includes obtaining the location information of the wireless access device from a global positioning system module included in the wireless access device;

Perform location verification on the wireless access device according to the pre-stored location information of the allowable working range of the wireless access device.

18. A wireless access device, characterized by comprising:

A first receiving module, configured to receive the location information of the user equipment sent by the user equipment;

A binding module, configured to use the identity information of the wireless access device to identify the location information;

The first sending module is configured to send the identified location information to the network side for location verification.

19. The wireless access device according to claim 18, wherein the first sending module is further configured to send request information for the location information to the user equipment.

20. The wireless access device according to claim 18 or 19, further comprising:

The first download module is used to download configuration information from the wireless access device management platform.

21. A user equipment, characterized by comprising:

A first global positioning system module, configured to acquire location information of the user equipment;

The second sending module is configured to obtain the location information from the first global positioning system module and send it to the wireless access device.

22. The user equipment according to claim 21, further comprising:

The second receiving module is configured to receive the request information for the location information of the user equipment sent by the wireless access device.

23. The user equipment according to claim 21 or 22, further comprising:

An encryption module, configured to use the authentication derived key between the user equipment and the authentication server to encrypt the location information obtained from the first global positioning system module.

24. The user equipment according to claim 23, further comprising:

A time stamp module, configured to add time stamp information to the location information encrypted by the encryption module.

25. A user equipment, characterized by comprising:

The second obtaining module is used to obtain the location information of the user equipment from the positioning center;

A fourth sending module, configured to send the location information of the user equipment to the wireless access device.

26. The user equipment according to claim 25, further comprising:

The fifth receiving module is configured to receive the request information for the location information of the user equipment sent by the wireless access device.

27. A location verification server, characterized by comprising:

A third receiving module, configured to receive a location verification request message from a wireless access device, where the location verification request message includes a user who accesses the wireless access device and is identified by using the identity information of the wireless access device device location information;

The first verification module is configured to verify the location information of the user equipment included in the location verification request message according to the pre-stored location information of the wireless access device.

28. The location verification server according to claim 27, further comprising:

The first storage module is configured to store the location information of the wireless access device and a threshold required for verifying the location information of the user equipment according to the location information of the wireless access device.

29. A wireless access device, characterized by comprising:

A second global positioning system module, configured to obtain location information of the wireless access device;

A first obtaining module, configured to obtain the location information of the wireless access device from the second global positioning system module;

The third sending module is configured to send the location information to the network side for location verification.

30. The wireless access device according to claim 29, further comprising:

The second downloading module is used for downloading configuration information from the wireless access device management platform.

31. A location verification server, characterized by comprising:

A fourth receiving module, configured to receive a location verification request message from a wireless access device, where the location verification request message includes acquiring the location of the wireless access device from a global positioning system module included in the wireless access device information;

The second verification module is configured to verify the location of the wireless access device according to the pre-stored location information of the allowable working range of the wireless access device.

32. The location verification server according to claim 31, further comprising:

The second storage module is configured to store the location information of the allowable working range of the wireless access device.

33. A network system, characterized by comprising:

The user equipment is configured to obtain the location information of the user equipment from the global positioning system module according to the request of the wireless access device, and send it to the wireless access device;

The wireless access device is configured to receive the location information of the user equipment sent by the user equipment, and use the identity information of the wireless access device to identify the location information;

The location verification server is configured to verify the location information of the user equipment according to the pre-stored location information of the wireless access device.

34. The network system according to claim 33, further comprising a network location server, configured to calculate the location information of the user equipment.

35. The network system according to claim 34, further comprising a service gateway, configured to forward the location information of the user equipment sent by the wireless access device to the network positioning server, and receive the network location information Positioning the calculation result returned by the server, and sending the calculation result to the location verification server.

36. The network system according to claim 35, further comprising a wireless access device management platform, configured to provide configuration information for the wireless access device.

37. A network system, characterized by comprising:

The wireless access device is configured to obtain the location information of the wireless access device from the global positioning system module included in the wireless access device, and send it to the network side;

The location verification server is configured to verify the location information of the wireless access device according to the pre-stored location information of the allowable working range of the wireless access device.

38. The network system according to claim 37, further comprising a network location server, configured to calculate the location information of the wireless access device.

39. The network system according to claim 38, further comprising a service gateway, configured to forward the location information of the user equipment sent by the wireless access device to the network location server, and receive the network location information Positioning the calculation result returned by the server, and sending the calculation result to the location verification server.

40. The network system according to claim 39, further comprising a wireless access device management platform, configured to provide configuration information for the wireless access device.

41. A network system, characterized by comprising:

The user equipment is configured to obtain the location information of the user equipment from the positioning center according to the request of the wireless access device, and send it to the wireless access device;

42. The network system according to claim 41, further comprising a service gateway, configured to send the location information of the user equipment sent by the wireless access device to the location verification server.

43. The network system according to claim 42, further comprising a wireless access device management platform, configured to provide configuration information for the wireless access device.