CN101686164B - Positioning method and position verification method of wireless access device, and wireless access device - Google Patents

Positioning method and position verification method of wireless access device, and wireless access device Download PDF

Info

Publication number
CN101686164B
CN101686164B CN 200810222971 CN200810222971A CN101686164B CN 101686164 B CN101686164 B CN 101686164B CN 200810222971 CN200810222971 CN 200810222971 CN 200810222971 A CN200810222971 A CN 200810222971A CN 101686164 B CN101686164 B CN 101686164B
Authority
CN
China
Prior art keywords
wireless access
access device
location
information
location information
Prior art date
Application number
CN 200810222971
Other languages
Chinese (zh)
Other versions
CN101686164A (en
Inventor
张宁
李茜
王绍斌
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to CN 200810222971 priority Critical patent/CN101686164B/en
Publication of CN101686164A publication Critical patent/CN101686164A/en
Application granted granted Critical
Publication of CN101686164B publication Critical patent/CN101686164B/en

Links

Abstract

The embodiment of the invention provides a positioning method and a position verification method of a wireless access device, and a wireless access device. The positioning method of the wireless access device comprises the following steps: receiving user device position information transmitted by a user device; identifying the position information by using identification information of the wireless access device; and transmitting the identified position information to a network side to carry out the position verification. The user device position information transmitted by the user device is utilized to indirectly realize the goal of positioning the wireless access device; by binding the user device position information with the identification of the wireless access device, the wireless access device is positioned by the fact that the network side mistakes the user device position information as the position information of the wireless access device; without changing the prior networkstructure, the invention effectively realizes the positioning of the wireless access device under the condition of no macrocell coverage; and the invention overcomes the defect that the operators do not support the entities with the functions of positioning and storing the connected conversations and can not verify the position based on the port.

Description

无线接入设备的定位方法和位置验证方法及无线接入设备 Positioning method and a wireless access device location verification method and a radio access device

技术领域 FIELD

[0001] 本发明实施例涉及通信技术领域,尤其涉及一种无线接入设备的定位方法和位置验证方法及无线接入设备。 Example relates to communication technologies [0001] The present invention particularly relates to a method for locating a wireless access device and a location verification method and a wireless access device.

背景技术 Background technique

[0002] 家庭基站又称超微蜂窝基站(femtocell),是相对于3G蜂窝移动通信系统所采用的宏基站(macrocell)而提出的。 [0002] The home base station also known picocell base station (femtocell), with respect to the macro base station (macrocell) 3G cellular mobile communication system proposed employed. 家庭基站的发射功率有限一般仅为+15db,室内覆盖范围为50公尺,其作用类似于Wi-Fi的接入点设备(Access point ;简称:AP),使得用户可以通过以太网连接到家庭宽带网络,并且支持多个用户。 HNB transmit power is typically only limited + 15db, indoor coverage of 50 meters, which acts like a Wi-Fi access point (Access point; for short: AP), so that the user can connect via Ethernet to the home broadband network and supports multiple users. 移动运营商为了改善室内覆盖,提高室内宽带接入速度,满足用户各种多媒体业务的需求而大力发展家庭基站;进一步地,家庭基站还可以缓解宏基站的压力,使宏基站能够主要服务于室外用户;另外,家庭基站还可以缓解无线运营商和移动虚拟网络运营商的压力。 Mobile operators in order to improve indoor coverage, improve indoor broadband access speeds to meet user demand for multimedia services and to develop a home base station; further, the home base station may also ease the pressure on the macro base station, the macro base station capable of serving the main outdoor users; in addition, the home base station may also ease the pressure on wireless operators and mobile virtual network operators.

[0003] 运营商希望获得家庭基站使用时的位置信息,目的是控制AP在允许的范围内工作,当AP在其允许范围之外时能够禁止其工作,例如运营商不希望AP在国外使用而导致其话费流失等。 [0003] Operators want the home base station position information used in the purpose of controlling the AP works within the permissible range, when the AP is in its out of the range can be allowed to disable its operation, for example, operators do not want to use the foreign AP resulting in the loss of their calls and so on. 现有技术利用AP位置锁定机制实现上述需求,具体的实现过程是当AP请求接入移动核心网络的业务网关(以下简称:AG)为其提供3G业务服务时,AG将基于AP的位置绑定及认证功能实体(简称:AHR)提供的AP位置锁定信息确定AP的位置是否合法,若AP位置不合法,应拒绝该AP接入。 AP prior art use position locking mechanisms to achieve the above requirements, the specific implementation process is the access service gateway when the mobile AP requesting core network (hereinafter referred to as: AG) to provide 3G services during service, AG based on the location of the AP bound and authentication function (abbreviation: AHR) AP locking position provides information for determining the location of the AP is legitimate, if the position is not legitimate AP, the AP should be denied access. 现有技术AP位置锁定机制一般包括以下两种实现方式, 分别是基于端口和基于宏蜂窝的位置锁定方案,其中基于端口的AP位置锁定机制是指,因特网服务提供商(Internet service provider ;简称:ISP)网络能够将其为AP分配的IP 地址与AP的物理端口进行绑定,应用层可以基于该IP地址查询到对应的端口信息,以进一步确定AP位置信息,从而实现AP的定位。 AP location prior art locking mechanism generally includes the following two implementations, which are based on the port and the locking scheme based on the location of the macrocell, wherein the location of the port based on the AP means the locking mechanism, an Internet service provider (Internet service provider; referred to as: ISP) network can be bound to a physical port IP address assignment with the AP AP, based on the application layer may query the IP address corresponding to the port information, to further determine the AP position information, thereby realizing the positioning of the AP. 基于宏蜂窝的位置检测机制是指,AP通过检测周围的宏蜂窝的小区识别码(cell id,运营商用于唯一标识某个小区)而获得与宏蜂窝的相对位置,并将宏蜂窝的位置信息提交给网络。 Based on the position detection mechanism macrocell means, the AP by the macro cell identification code detected around (cell id, the operator used to uniquely identify a cell) obtained by the relative position of the macro cell, and location information of the macro submitted to the network.

[0004] 发明人在实现本发明的过程中,发现现有技术至少存在以下缺点: [0004] In the process of implementing the present invention finds that the prior art at least has the following disadvantages:

[0005] 现有技术中,基于端口的AP位置锁定方案要求运营商支持连接会话定位与存储功能(Connection location function ;简称:CLF)实体,CLF实体用于将用户设备(以下简称:UE)的IP地址与网络定位信息、地理位置信息进行关联,网络架构相对复杂,而且还存在IP地址欺骗的安全威胁;基于宏蜂窝的AP位置锁定方案中要求AP必须处于宏蜂窝的覆盖下,若AP脱离宏蜂窝的覆盖则无法进行AP的位置定位,适用范围有限。 [0005] In the prior art, based on the location of the port AP locking scheme requires operators to support positioning and storage function session connection (Connection location function; abbreviation: CLF) entity, the CLF entity for a user equipment (hereinafter referred to as: UE) of IP address and network location information, location information associated with the network architecture is relatively complex, but also a security threat exists IP address spoofing; macro cell AP based on AP requires a position fix embodiment must be in the macrocell coverage, if the AP from macrocell coverage AP position location can not be performed, the limited scope of application.

发明内容 SUMMARY

[0006] 本发明实施例提供一种无线接入设备的定位方法和位置验证方法及无线接入设备,用以解决现有技术中实现无线接入设备如家庭基站定位时网络架构相对复杂、适用范围有限等缺陷,实现无线接入设备的准确定位。 [0006] The embodiment provides a wireless access method and positioning device location verification method and a radio access device embodiment of the present invention to solve the prior art, when the wireless access device such as a home base station location is relatively complex network architecture for and limited range of defects, to achieve accurate positioning of the wireless access device.

[0007] 本发明实施例提供一种无线接入设备的定位方法,包括:[0008] 接收用户设备发送的所述用户设备的位置信息; Example [0007] The present invention provides a method for locating a wireless access device, comprising: [0008] The location information sent by a user of the user equipment device;

[0009] 应用无线接入设备的身份信息对所述位置信息进行标识; [0009] Application of the wireless access device identification information for identifying the position information;

[0010] 将经过标识的所述位置信息发送给网络侧进行位置验证。 [0010] will be verified through the position information identifying the position is transmitted to the network side.

[0011] 本发明实施例提供一种无线接入设备位置验证方法,包括: [0011] The present invention provides a method of location verification of wireless access device, comprising:

[0012] 接收来自无线接入设备的位置验证请求消息,所述位置验证请求消息包括应用所述无线接入设备的身份信息所标识的、接入所述无线接入设备的用户设备的位置信息; [0012] received from the wireless access device location verification request message, the request message includes a location verification, the user equipment access to the wireless access device applying the wireless access device identification information identified by the location information ;

[0013] 根据预先存储的所述无线接入设备的位置信息,对所述位置验证请求消息中包括的所述用户设备的位置信息进行验证。 [0013] The pre-stored location information of the wireless access device, the location information included in the message to authenticate the user equipment a request for the location verification.

[0014] 本发明实施例还提供一种无线接入设备的定位方法,包括: [0014] Embodiments of the invention further provides a method for locating a wireless access device, comprising:

[0015] 从无线接入设备所包括的全球定位系统模块中获取所述无线接入设备的位置信息; [0015] acquiring location information from the wireless access device is a global positioning system module for wireless access device included in;

[0016] 将所述位置信息发送给网络侧进行位置验证。 [0016] The position information is transmitted to the network side for location verification.

[0017] 本发明实施例还提供一种无线接入设备位置验证方法,包括: [0017] Embodiments of the present invention further provides a method of location verification of wireless access device, comprising:

[0018] 接收来自无线接入设备的位置验证请求消息,所述位置验证请求消息包括从所述无线接入设备所包括的全球定位系统模块中获取所述无线接入设备的位置信息; [0018] received from the wireless access device location verification request message, the location verification request message comprises acquiring location information of the wireless access device from a global positioning system module of the wireless access device included in;

[0019] 根据预先存储的所述无线接入设备允许工作范围的位置信息,对所述无线接入设备进行位置验证。 [0019] allowable operation ranges of the position information of the wireless access location verification device according to the wireless access device stored in advance.

[0020] 本发明实施例提供一种无线接入设备,包括: [0020] The present invention provides a wireless access device, comprising:

[0021] 第一接收模块,用于接收用户设备发送的所述用户设备的位置信息; [0021] a first receiving module, for receiving the user location information transmitting device of the user equipment;

[0022] 绑定模块,用于应用无线接入设备的身份信息对所述位置信息进行标识; [0022] The binding module, the identity information of the wireless access device for applying the position information identifier;

[0023] 第一发送模块,用于将经过标识的所述位置信息发送给网络侧进行位置验证。 [0023] The first sending module, configured to verify the position after the position information identifier is transmitted to the network side.

[0024] 本发明实施例提供一种用户设备,包括: [0024] The present invention provides a user equipment, comprising:

[0025] 第一全球定位系统模块,用于获取用户设备的位置信息; [0025] The first module is a global positioning system, a user device configured to obtain location information;

[0026] 第二发送模块,用于从所述第一全球定位系统模块中获取所述位置信息,发送给无线接入设备。 [0026] The second sending module, configured to obtain the position information from the first global positioning system module, sent to the wireless access device.

[0027] 本发明实施例还提供一种用户设备,其特征在于包括: [0027] The present invention further provides a user equipment, comprising:

[0028] 第二获取模块,用于从定位中心获取用户设备的位置信息; [0028] The second acquiring module, for acquiring the user equipment location information from a location center;

[0029] 第四发送模块,用于向无线接入设备发送所述用户设备的位置信息。 [0029] The fourth sending means for sending the position information of the user equipment to the wireless access device.

[0030] 本发明实施例还提供一种位置验证服务器,包括: [0030] Embodiments of the invention further provide a position verification server, comprising:

[0031] 第三接收模块,用于接收来自无线接入设备的位置验证请求消息,所述位置验证请求消息包括应用所述无线接入设备的身份信息所标识的、接入所述无线接入设备的用户设备的位置信息; [0031] The third receiving module, configured to receive from a wireless access device location verification request message, the location verification request message includes an application of the wireless access device identification information identified, access to the wireless access the location information of the user equipment device;

[0032] 第一验证模块,用于根据预先存储的所述无线接入设备的位置信息,对所述位置验证请求消息中包括的所述用户设备的位置信息进行验证。 [0032] The first authentication module, according to pre-stored location information of the wireless access device, the location information included in the message to authenticate the user equipment a request for the location verification.

[0033] 本发明实施例还提供一种无线接入设备,包括: [0033] Embodiments of the present invention further provides a wireless access device, comprising:

[0034] 第二全球定位系统模块,用于获得所述无线接入设备的位置信息; [0034] The second module is a global positioning system, obtaining location information for said wireless access device;

[0035] 第一获取模块,用于从所述第二全球定位系统模块中获取所述无线接入设备的位直fe息; [0035] The first acquiring module, for acquiring the wireless access device from said second global positioning system module fe bit straight interest;

[0036] 第三发送模块,用于将所述位置信息发送给网络侧进行位置验证。 [0036] The third sending module, for sending the location information to the network side for location verification. [0037] 本发明实施例还提供一种位置验证服务器,包括: Example [0037] The present invention further provides a location authentication server, comprising:

[0038] 第四接收模块,用于接收来自无线接入设备的位置验证请求消息,所述位置验证请求消息包括从所述无线接入设备所包括的全球定位系统模块中获取所述无线接入设备的位置信息; [0038] The fourth receiving module for receiving from a wireless access device location verification request message, the location verification request message comprises acquiring the wireless access from a global positioning system module of the wireless access device included in the the location information of the device;

[0039] 第二验证模块,用于根据预先存储的所述无线接入设备允许工作范围的位置信息,对所述无线接入设备进行位置验证。 [0039] The second verification module configured to allow the location information of the working range of the wireless access apparatus according to pre-stored, the wireless access device for location verification.

[0040] 本发明实施例还提供一种网络系统,包括: [0040] Embodiments of the present invention further provides a network system, comprising:

[0041] 用户设备,用于根据无线接入设备的请求,从全球定位系统模块中获取所述用户设备的位置信息,发送给所述无线接入设备; [0041] the user equipment, for acquiring location information of the user equipment from a global positioning system module according to the request from the wireless access device, transmitting to the wireless access device;

[0042] 无线接入设备,用于接收所述用户设备发送的所述用户设备的位置信息,应用所述无线接入设备的身份信息对所述位置信息进行标识; [0042] The wireless access device, for receiving the location information of the user equipment from the user equipment, the application of the wireless access device identity information of said position information identifier;

[0043] 位置验证服务器,用于根据预先存储的所述无线接入设备的位置信息,对所述用户设备的位置信息进行验证。 [0043] The position of the authentication server, according to pre-stored location information of the wireless access device, the position information of the user equipment for authentication.

[0044] 本发明实施例还提供一种网络系统,包括: [0044] Embodiments of the present invention further provides a network system, comprising:

[0045] 无线接入设备,用于从所述无线接入设备所包括的全球定位系统模块中获取所述无线接入设备的位置信息,发送给网络侧; [0045] The wireless access device configured to obtain location information of the wireless access device from a global positioning system module included in the wireless access apparatus, the transmission to the network side;

[0046] 位置验证服务器,用于根据预先存储的所述无线接入设备允许工作范围的位置信息,对所述无线接入设备的位置信息进行验证。 [0046] The authentication server location, location information for allowing the working range of the wireless access device according to the pre-stored location information of the wireless access device is verified.

[0047] 本发明实施例还提供一种网络系统,包括: Example [0047] The present invention further provides a network system, comprising:

[0048] 用户设备,用于根据无线接入设备的请求,从定位中心中获取所述用户设备的位置信息,发送给所述无线接入设备; [0048] the user equipment, for acquiring location information of the user equipment according to a request from the positioning center in the wireless access device, transmitting to the wireless access device;

[0049] 无线接入设备,用于接收所述用户设备发送的所述用户设备的位置信息,应用所述无线接入设备的身份信息对所述位置信息进行标识; [0049] The wireless access device, for receiving the location information of the user equipment from the user equipment, the application of the wireless access device identity information of said position information identifier;

[0050] 位置验证服务器,用于根据预先存储的所述无线接入设备的位置信息,对所述用户设备的位置信息进行验证。 [0050] The position of the authentication server, according to pre-stored location information of the wireless access device, the position information of the user equipment for authentication.

[0051] 本发明实施例提供的无线接入设备的定位方法和位置验证方法及无线接入设备, 以及用户设备和位置验证服务器和网络系统中,无线接入设备借助UE发送来的UE位置信息间接地实现定位无线接入设备的目的,无线接入设备通过将UE的位置信息与无线接入设备的身份标识进行绑定,实现网络侧将UE的位置信息当成无线接入设备的位置信息对无线接入设备进行定位,该种实现方式无需改变现有的网络结构,同时实现过程不需要宏蜂窝的参与,有效地解决在没有宏蜂窝覆盖的条件下,实现无线接入设备的准确定位;同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 [0051] The method of positioning and location verification method of the wireless access device according to an embodiment of the present invention and a wireless access device, and a user equipment and a network server and a location verification systems, wireless access device UE by UE location information transmitted achieve the object positioning device indirectly wireless access, wireless access device bound by the identity and location information of the UE with the wireless access device identifier, network location information of the UE-side wireless access device as location information positioning wireless access device, this type of implementation without changing the existing network structure, while achieving the process does not require the participation of the macrocell, accurate positioning effective solution in the absence of macrocell coverage, wireless access device; while effectively address the deficiencies carrier does not support CLF entity, not based on port location verification.

附图说明 BRIEF DESCRIPTION

[0052] 为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作一简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。 [0052] In order to more clearly illustrate the technical solutions in the embodiments or the prior art embodiment of the present invention, the accompanying drawings for illustrating the prior art described or needed to be used in an embodiment will be briefly introduced hereinafter, the description below the figures show some embodiments of the present invention, those of ordinary skill in the art is concerned, without any creative effort, and can obtain other drawings based on these drawings.

[0053] 图1为本发明无线接入设备的定位方法实施例一流程图;[0054] 图2为本发明无线接入设备位置验证方法实施例一流程图; [0053] FIG 1 is positioned method of wireless access device embodiment of the present invention, a flow chart; [0054] FIG wireless access device location verification method of a flowchart of an embodiment of the present invention;

[0055] 图3为本发明无线接入设备的导入流程实施例一信令流程图; [0055] FIG. 3 is introduced into the flow diagram of a wireless access device embodiment of the present invention, the signaling flow chart;

[0056] 图4为本发明无线接入设备的接入流程实施例一信令流程图; Example access procedure a signaling [0056] FIG. 4 is a wireless access device embodiment of the present invention, a flow chart;

[0057] 图5为本发明无线接入设备的导入流程实施例二信令流程图; [0057] FIG 5 is introduced into the flow of the wireless access device according to a second embodiment of the present invention, a signaling flowchart;

[0058] 图6为本发明无线接入设备的接入流程实施例二信令流程图; [0058] FIG. 6 access procedure in a wireless access device according to a second embodiment of the present invention, a signaling flowchart;

[0059] 图7为本发明无线接入设备的定位方法实施例二流程图; [0059] FIG. 7 positioning method according to a second wireless access device embodiment of the present invention, a flow chart;

[0060] 图8为本发明无线接入设备位置验证方法实施例二流程图; According to a second embodiment of a flowchart of a method of location verification of the wireless access device [0060] FIG. 8 of the present invention;

[0061] 图9为本发明无线接入设备的导入流程实施例三信令流程图; [0061] FIG. 9 is introduced into the flow of the wireless access device according to a third embodiment of the present invention, a signaling flowchart;

[0062] 图10为本发明无线接入设备的接入流程实施例三信令流程图; [0062] FIG. 10 access procedure in a wireless access device according to a third embodiment of the present invention, a signaling flowchart;

[0063] 图11为本发明无线接入设备实施例一结构示意图; [0063] FIG. 11 is a structure of a wireless access device embodiment of the present invention;

[0064] 图12为本发明用户设备实施例一结构示意图; [0064] FIG. 12 is a schematic diagram of a configuration example of embodiment of the invention the user equipment;

[0065] 图13为本发明位置验证服务器实施例一结构示意图; [0065] FIG 13 a schematic view of a location verification server configuration example embodiment of the present invention;

[0066] 图14为本发明网络系统实施例一结构示意图; [0066] FIG 14 a schematic view of a configuration example of a network system embodiment of the present invention;

[0067] 图15为本发明用户设备实施例二结构示意图; [0067] FIG. 15 schematic structural diagram of a user equipment two embodiments of the present invention;

[0068] 图16为本发明网络系统实施例二结构示意图; [0068] FIG 16 two schematic structural diagram of a network system embodiment of the present invention;

[0069] 图17为本发明无线接入设备实施例二结构示意图; [0069] FIG 17 two radio access devices schematic structural diagram of embodiment of the invention;

[0070] 图18为本发明位置验证服务器实施例二结构示意图; [0070] FIG location verification server 18 schematic structural diagram of two embodiments of the present invention;

[0071] 图19为本发明网络系统实施例三结构示意图。 [0071] FIG 19 a schematic view of the structure according to a third embodiment of the present invention, a network system.

具体实施方式 Detailed ways

[0072] 下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅是本发明一部分实施例,而不是全部的实施例。 [0072] below in conjunction with the present invention in the accompanying drawings, technical solutions of embodiments of the present invention are clearly and completely described, obviously, the described embodiments are merely part of embodiments of the present invention, but not all embodiments example. 基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。 Based on the embodiments of the present invention, all other embodiments of ordinary skill in the art without any creative effort shall fall within the scope of the present invention.

[0073] 为使本发明实施例的目的、技术方案和优点更加清楚,以下本发明实施例的网络类型包括:GSM网络、CDMA网络、WCDMA网络、Wimax网络、TD-SCDMA网络、LTE网络等。 [0073] In order that the invention object of the embodiment, the technical solutions and advantages clearer, the network type embodiment the present invention comprises: GSM network, CDMA network, WCDMA network, Wimax network, TD-SCDMA network, LTE network and the like. 无线接入设备的类型包括:家庭基站、微型基站Pico、UMTS AP, WiMAX Femto基站、WiMAX宏基站等。 Type of wireless access device comprising: a home base station, femtocell Pico, UMTS AP, WiMAX Femto base stations, WiMAX macro base station. 以下本发明实施例的用户设备类型包括:手机、笔记本电脑、PDA等移动终端。 The user equipment type of embodiments of the present invention comprises the following: cell phones, laptops, PDA and other mobile terminals.

[0074] 图1为本发明无线接入设备的定位方法实施例一流程图,以无线接入设备为家庭基站为例,如图1所示,该方法包括: [0074] Figure 1 is a positioning method according to a wireless access device embodiment of the invention a flow chart, a wireless access device to a home base station as an example, shown in Figure 1, the method comprising:

[0075] 步骤100,接收用户设备发送的所述用户设备的位置信息; [0075] Step 100, the location information sent by a user of the user equipment device;

[0076] 本发明各实施例中用AP表示家庭基站。 Each of the embodiments [0076] of the present invention represented by the home base station AP. AP在能够为UE提供接入功能之前,要经由安全网关(SeGW)完成与认证服务器之间的身份认证,并与安全网关之间建立安全隧道(II^sec),在认证成功的情况下家庭基站经运营商授权具有接入功能,并向周围发射广播信号为UE提供接入功能。 AP before being able to offer access to functionality for UE, to establish a secure tunnel (II ^ sec) between security gateways and security gateway through (SeGW) authentication between the accumulator and the authentication server, and the family in the authentication is successful authorized by the base station operator has access function, and transmitting a broadcast signal provided around the access function UE. 当UE检测到AP发射的微蜂窝信号后,向AP发送建立无线资源控制(简称:RRC)请求并与AP建立RRC连接。 When the UE detects microcell transmitted signals from the AP, sent to establish a radio resource control (abbreviation: RRC) request to the AP and establishes an RRC connection with the AP. 由于AP的覆盖范围较小,接入AP的UE的位置信息与AP的位置信息接近,因此本实施例中AP可以借助UE的位置信息实现AP的位置定位。 Due to the small coverage range of the AP, the AP the access location information of the UE is close to the AP, so that the position information of the AP may embodiment of the present embodiment implemented by UE position location of the AP. AP在接收UE发送的UE位置信息之前,AP向UE发送UE位置信息的请求信息,UE在接收到该请求信息后,从全球定位系统(GlcAalPositioning System;以下简称:GPS)模块中获取UE的位置信息并发送给AP,为了防止AP对该UE位置信息进行篡改,UE在从GPS模块中获取UE位置信息后,应用UE与认证服务器之间的认证派生密钥对UE位置信息进行加密处理,然后再发送给AP,保证AP发送给网络侧的位置信息的真实准确性。 AP prior to receiving the UE location information transmitted by the UE, AP transmission request information UE location information to the UE, UE, after receiving the request information from a Global Positioning System (GlcAalPositioning System; hereinafter referred to as: GPS) location module obtains the UE AP sends information, UE location information in order to prevent tampering with the AP, the UE after the UE acquires the location information from the GPS module, a derived authentication key between the UE and the authentication server application UE location information is encrypted, and then sent to the AP, the AP transmits to ensure the accuracy of the true position information of the network side. 进一步地,为了防止AP的重放攻击,还可以在对UE位置信息进行加密处理的基础上加入时间戳信息,然后再发送给AP,至此AP接收到UE发送的UE的位置信息。 Further, in order to prevent replay attacks AP, may be added on the basis of UE position information on the encryption processing time stamp information, and then transmitted to the AP, the AP receives far location information of the UE sent by the UE. 本实施例中UE也可以不对UE的位置信息进行加密和加时间戳的处理,而直接发送。 Examples UE location information of the UE may not be encrypted and timestamping process of the present embodiment, the direct transmission. 还有,AP向UE发送UE位置信息的请求信息后,若UE本身不具有GPS模块无法知道其位置信息时,UE可以向核心网的定位中心(LocationServer ;简称:!^)发送位置信息的请求,LS接收到请求后通过计算得到UE的位置信息并返回给UE,UE接收到LS返回的自身的位置信息后,将位置信息发送给AP。 There after, AP transmission request information UE location information to the UE, if the UE itself does not have a GPS module can not know its location information, the UE may be positioned in the center of the core network (LocationServer; abbreviation: ^!) Location information request after obtained, by calculating the LS receives the request and returns the location information of the UE to the UE, after the UE receives the position information of the LS returned, and transmits the location information to the AP.

[0077] 步骤101,应用家庭基站的身份信息对所述位置信息进行标识; [0077] Step 101, the application identification information of the home base station location information identified;

[0078] 当AP接收到UE发送的UE位置信息后,为了要网络侧进行位置验证的网络功能实体将UE的位置信息当成AP的位置信息进而进行AP的定位,AP要对UE位置信息进行标识,用以实现UE位置信息和AP身份的绑定,以借助该UE位置信息当成AP的位置信息实现AP的定位功能,具体进行标识的方式可以包括以下两种,其中一种是应用AP的身份识别号(AP ID)对UE位置信息进行标识,还可以是应用AP的数字证书对UE位置信息进行标识,还可以是应用家庭基站的媒体接入媒介访问控制,(Medium Access Control ;简称MAC)地址对所述位置信息进行标识,也可以应用家庭基站的IP地址对所述位置信息进行标识。 [0078] When the AP receives UE location information transmitted by the UE, the network function entity location verification of the order to the network side to the UE location information as the location information of the AP and thus positioning the AP, AP to the UE position information identifier , to achieve binding UE location information and the identity of the AP to the UE by the location information as location information of the AP to achieve targeting of the AP, as specifically identified may include two, one of which is the identity of the application AP identifier (AP ID) of the UE position information identifier, a digital certificate may also be application AP position information on the UE identifier, the media application may also access the home base station medium access control, (medium access control; abbreviated MAC) the address information identifying the location, may be applied to the IP address of the home base station location information identified. 上述的AP的身份识别号、AP的数字证书、AP的MAC地址和AP的IP地址均能够唯一标识AP的身份,当然也可以采用其它能够唯一标识AP的方式并不局限于以上方式。 AP identification number described above, a digital certificate of AP, MAC address and IP address of the AP are AP can uniquely identify the identity of the AP, although other ways can uniquely identify the AP may be employed is not limited to the above manner.

[0079] 步骤102,将经过标识的所述位置信息发送给网络侧进行位置验证。 [0079] Step 102, will be transmitted to the network side through location verification information identifying the location.

[0080] AP对UE位置信息进行标识与其身份信息进行绑定后将UE位置信息发送给网络侧进行位置验证,具体包括将经过标识的UE位置信息经由业务网关发送给网络定位服务器,由于网络定位服务器此时接收到的UE位置信息是经过UE加密等处理的,因此应该由网络定位服务器将该位置信息进行解密,解析成AP的位置绑定及认证功能实体(以下简称: AHR)能够识别的信息,网络定位服务器所用的密钥可以是由认证服务器传过来的,且该密钥是UE与认证服务器之间的进行业务所要的认证密钥的派生密钥,网络定位服务器应用该认证派生密钥对UE位置信息进行解密,并将解密结果返回给业务网关,业务网关接收网络定位服务器发送的经过解密处理的位置信息,业务网关向AHR发送经过解密处理的位置信息,由AHR进行AP的位置合法性验证。 [0080] AP position information on the UE identification information with its status after binding UE location information transmitted to the network side to verify the position, including the location server through a network to a UE via a location information identifying the service gateway, since the network location At this time, the server receives the location information of UE after the UE is the encryption process, and should the position information decrypted by the network location server, to resolve the position and bound AP authentication function (hereinafter referred to as: AHR) can be identified information, network location server key may be used by the authentication server over the transmission, and that the key is for traffic between the UE and the authentication server to the authentication key derived key, the authentication network location server application derives secret key to decrypt the location information of UE, and returns the decryption result to the service gateway, the location information, the service gateway service gateway after receiving the network location server transmits the decryption process transmits the position information to the AHR through the decryption process, performed by the AP position of AHR legality verification. 若验证成功,则AHR向业务网关返回成功响应,若验证不成功,则返回失败响应。 If the validation is successful, the AHR success response from the service gateway, if the verification is not successful, failed to return a response. 本实施例中所述的业务网关包括在AP导入(Boot)流程中的预备网关(Provisioning AG)和AP接入流程中的服务网关(krving AG)。 The service gateway embodiment of the present embodiment comprises a preliminary gateway (Provisioning AG) introduced in the AP (the Boot) process and AP serving gateway access procedure (krving AG).

[0081] 本发明实施例中,AP基于UE,借助UE发送来的UE位置信息间接地实现定位AP的目的,AP通过将UE的位置信息与AP的身份标识进行绑定,实现网络侧AHR将UE的为位置信息当成AP的位置信息对AP进行定位,由于AP的覆盖范围较小,UE的位置信息与AP实际的位置信息差距不大,能够满足AP位置的精确度;而且本实施例提供的解决方案无需改变现有的网络结构;同时实现过程不需要宏蜂窝的参与,有效地解决了在没有宏蜂窝覆盖的条件下,实现AP的准确定位,同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 Embodiment [0081] In the present invention, based on the AP UE, UE location information transmitted by UE to achieve the purpose of positioning the AP indirectly, bind AP position information by the identity of the UE with the AP, the network side to realize the AHR UE location information for the location information of the AP as an AP positioned, due to the small coverage range of the AP, the AP is not the location information of UE position information actual gap to meet the accuracy of the position of the AP; and the present embodiment provides solutions without changing the existing network structure; while achieving process does not require the participation of the macrocell, effectively solved in the absence of macrocell coverage, accurate positioning of the AP, while effectively solved the carrier does not support CLF entity, the defect can not be based on port location verification.

[0082] 图2为本发明无线接入设备位置验证方法实施例一流程图,以无线接入设备为家庭基站为例,如图2所示,该方法包括: [0082] FIG wireless access device location verification method according to the present invention, a flowchart of embodiment, the wireless access device to a home base station as an example, shown in Figure 2, the method comprising:

[0083] 步骤200,接收来自家庭基站的位置验证请求消息,所述位置验证请求消息包括应用所述家庭基站的身份信息所标识的、接入所述家庭基站的用户设备的位置信息; [0083] Step 200, the home base station from a receiving position verification request message, the location verification request message includes location information of the application information of the identity of the home base station identified, user access to the home base station apparatus;

[0084] 网络侧AHR接收业务网关发送的位置验证请求消息,该位置验证请求消息可以是在AP导入流程中预备网关向AHR发送的导入请求消息,也可以是在AP接入流程中服务网关向AHR发送的接入请求消息,在位置验证请求消息中包括UE的位置信息,其中UE为接入的AP上的准备进行业务的用户设备,且UE的位置信息是与AP的身份信息所绑定在一起的,AHR根据与UE的位置信息绑定在一起的AP的身份标识便得知将以UE位置信息当作AP 的位置信息进行AP位置验证。 [0084] The location verification service network gateway sends AHR received request message, the location verification request message may be introduced into the process in the AP request message to the gateway preliminary introduction AHR transmitted, it may be in the AP to the serving gateway access procedure AHR user equipment transmits the access request message, in the location verification request message including location information of the UE, wherein the UE performs a service on the AP is ready to access, and location information of the UE is bound to the identity information of the AP together, AHR based on identity and location information of the UE binding together the AP that they would UE location information as the location information of the AP AP position were verified.

[0085] 步骤201,根据预先存储的所述家庭基站的位置信息,对所述位置验证请求消息中包括的所述用户设备的位置信息进行验证。 [0085] Step 201, based on the position information of the home base station stored in advance in the authentication request message comprises location information of the user equipment to verify the position.

[0086] AHR以UE位置信息作为验证对象,以其预先存储在AHR上的AP允许工作范围的位置信息为依据进行位置合法性验证,具体可以是将UE位置信息与AP允许工作范围的位置信息进行对比,获得二者之间的差值信息,再判断该差值信息是否超过预先设定的阈值,若超过则表示AP实际工作的位置与允许工作的位置相差较远,也就是说AP离开了允许工作的位置范围,因此应禁止其接入功能;若没有超过阈值则验证成功表示AP还处于允许的工作范围内,可以保持AP的正常工作,并返回验证成功消息。 [0086] In AHR validation target UE location information, AP with its previously stored position information on AHR allow operation range based on a position to verify the legitimacy of the specific UE location information may be a position information allows the AP operation range comparison, to obtain information on the difference between the two, and then determines whether the difference exceeds a predetermined threshold value information, if the location of the AP exceeds said actual work position to allow work are far away, i.e. away AP the allowable operation range of positions, and therefore it should be prohibited access function; if not exceed the threshold value indicates the AP further successful authentication within the allowable working range can maintain normal operation of the AP, and returns the authentication success message. 其中阈值可以根据实际情况例如AP的覆盖范围大小等参数预先设定并存储在AHR中。 Wherein the threshold may be, for example, coverage AP size parameter is set in advance and stored in the AHR according to actual situation.

[0087] 本实施例提供的家庭基站位置验证方法,网络侧AHR将携带有AP身份信息所标识的UE位置信息当成AP的位置信息,并应用所存储AP允许工作位置信息对AP位置的合法性进行验证;无需改变现有的网络结构,同时实现过程不需要宏蜂窝的参与,有效地解决了在没有宏蜂窝覆盖的条件下,实现AP的准确定位,同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 [0087] The present location verification method of a home base station according to an embodiment, the network side carries AHR AP identity information UE location information identified as the location information of the AP, and the stored application position information AP allowable working position AP legitimacy be verified; without changing the existing network structure, while achieving the process does not require the participation of the macro, the effective solution in the absence of accurate positioning of macrocell coverage, to achieve the AP, while effectively solving the carrier does not support CLF entity, the defect can not be based on port location verification.

[0088] AP在具体应用中在首次使用时要进行AP的导入(Boot)流程,在后续使用过程中要进行AP的接入流程,以上两个流程中均要对AP进行位置验证,以下分别介绍在两个流程中实现AP位置验证的过程。 [0088] AP in a particular application to be used for the first time introduced the AP (the Boot) process, during the subsequent use access procedure to be performed in the AP, the above two processes have to verify the location of the AP, hereinafter It describes the implementation process of the two AP location validation process.

[0089] 图3为本发明无线接入设备的导入流程实施例一信令流程图,以无线接入设备为家庭基站为例,本实施例是基于UE的AP导入流程中进行位置验证的实现过程,如图3所示,该流程包括: [0089] FIG. 3 import process wireless access device according to a signaling flow chart, a wireless access device in the home base station for the embodiment of the present invention, the embodiment is based on achieving the position AP verification process introduced in the present embodiment UE process, shown in Figure 3, the process comprising:

[0090] AP经由安全网关(SeGW)完成与认证服务器之间的身份认证,并与kGW之间建立安全隧道(II3sec),如果认证通过,那么运营商就可以授权AP具备接入功能,并向周围发射 [0090] AP establish a secure tunnel (II3sec) between kGW and through the security gateway (SeGW) authentication between the accumulator and the authentication server, and, if authenticated, then the operator will be authorized to have access to AP function, and around launch

广播信号。 Broadcast signal.

[0091] 步骤la,UE检测周围的微蜂窝信号,并发起RRC连接建立请求,请求建立RRC连接; [0091] Step la, UE detects the ambient microcell signal, and initiate an RRC connection establishment request, a request to establish an RRC connection;

[0092] 步骤2a,UE向AP发送位置更新请求; [0092] Step 2a, UE sends a location update request to the AP;

[0093] 步骤3a,AP对UE执行准入控制功能即发送UE身份请求,在该请求中同时携带对UE的GPS位置信息数据的请求; [0093] Step 3a, AP execution request admission control function i.e. UE identity transmission request data while carrying GPS location information of the UE in the request of the UE;

[0094] 步骤4a,UE处理该请求,并从GPS模块获取相应的位置信息数据; [0094] Step 4a, UE processes the request and acquires information of the corresponding position data from the GPS module;

[0095] 步骤5a,若UE具备位置信息数据,则在身份响应消息中携带该数据;否则,携带位置信息数据获取失败的原因; [0095] Step 5a, if the UE includes location information data, in the identity response message carries the data; otherwise, carrying the location information data acquired cause of the failure;

[0096] 步骤6a,AP收到UE提供的位置信息后,对其进行标识,用以实现UE位置信息和AP 身份的绑定; After [0096] Step. 6A, AP receive location information provided by the UE, to identify it, to achieve binding UE location information and the identity of the AP;

[0097] 步骤7a,AP发送“Boot”请求,并携带UE提供的位置信息数据给预备网关(Provisioning AG); [0097] Step 7a, AP transmits "Boot" requests, and carries the location information provided by the UE to the preliminary data gateway (Provisioning AG);

[0098] 步骤8a,AG将该请求发送给网络定位服务器,用于位置信息的计算,并将计算的结果即具体的定位信息传送给AG ; [0098] Step 8a, AG sends the request to the network location server for calculating the location information, and the calculated results, i.e. specific targeting information to the AG;

[0099] 步骤9a,AG向AHR发送“Boot”请求,并携带位置信息; [0099] Step 9a, AG transmission "Boot" request, and carrying location information to the AHR;

[0100] 步骤10a,AHR对该位置信息的合法性进行校验; [0100] Step 10a, the legitimacy of AHR verify the position information;

[0101] 步骤11a,如果检验成功,并向AG发送“Boot”成功响应,并携带本地接入网元的地址及其它配置信息;若校验不成功,则发送“Boot”失败响应。 [0101] Step 11a, if the verification is successful, and transmits the AG "Boot" success response, and carries address and other configuration information of the local access network element; and if the verification is unsuccessful, it sends "Boot" failure response.

[0102] 本实施例提供的方法中是AP向发送UE身份请求,在该请求中同时携带对UE的GPS位置信息数据的请求,当然也可以通过其它消息携带对UE的GPS位置信息数据的请求, 或者单独直接向UE发送对UE的GPS位置信息数据的请求等实施方式也在本发明的保护范围之内。 [0102] The present embodiment of the method provided in the AP sends a request to UE identity, while carrying the request for the UE GPS location information data in the request, of course, it may also carry a request for the UE GPS location information data through other messages also within the scope of the present invention, or requests, a separate GPS location information sending data directly to the UE UE implementation.

[0103] 由于进行完导入流程后要进行接入流程,而两个流程中所涉及的业务网关不同, 导入流程中业务网关为预备网关(Provisioning AG),而接入流程中业务网关具体为服务器网关(serving AG),因此若导入流程中若验证成功则AHR作出成功响应,并携带本地接入网元的地址即服务器网关(servingAG)的地址告知AP下次与服务器网关(servingAG) 进行交互。 [0103] As a result of the import process to be performed after completion of the access procedure, the service gateway two different processes involved in the import process for the preparation gateway service gateway (Provisioning AG), and particularly the access service gateway process server gateway (serving AG), so if the import process when authentication succeeds AHR to success response, and carries the address of the local access network element, i.e. server gateway address (servingAG) inform the next AP server gateway (servingAG) interact. 在AP完成首次导入流程的基础上进行AP的接入(access)流程。 An access an AP (Access) process is completed in the first flow introduced AP basis.

[0104] 图4为本发明无线接入设备的接入流程实施例一信令流程图,以无线接入设备为家庭基站为例,本实施例是基于UE的AP接入流程中进行位置验证的实现过程,如图4所示,该流程包括: Example flowchart illustrating a signaling access procedure [0104] FIG wireless access device embodiment of the present invention, a wireless access device in a home base station, the present embodiment is based AP access procedure of the UE for location verification the implementation, shown in Figure 4, the process comprising:

[0105] AP经由安全网关(SeGW)完成与认证服务器之间的身份认证,并与kGW之间建立安全隧道(II3sec),如果认证通过,那么运营商就可以授权AP具备接入功能,并向周围发射 [0105] AP establish a secure tunnel (II3sec) between kGW and through the security gateway (SeGW) authentication between the accumulator and the authentication server, and, if authenticated, then the operator will be authorized to have access to AP function, and around launch

广播信号。 Broadcast signal.

[0106] 步骤lb,AP从APM下载相应的配置信息,例如用户准入控制列表等; [0106] Step lb, AP download the appropriate configuration information from the APM, for example, a user access control list;

[0107] 步骤2b,UE预与AP进行业务交互,发送RRC连接请求并建立RRC连接; [0107] Step 2b, UE pre-service interaction with the AP, and transmits an RRC connection request to establish an RRC connection;

[0108] 步骤3b,UE向AP发送位置更新请求; [0108] Step 3b, UE sends a location update request to the AP;

[0109] 步骤4b,AP对UE执行准入控制功能即发送UE身份请求,在该请求中同时携带对UE的GPS位置信息数据的请求; [0109] Step 4b, AP performs admission control function i.e. a request for the UE transmits UE identity, while carrying GPS location information request data to the UE in the request;

[0110] 步骤5b,UE处理该请求,并从GPS模块获取相应的位置信息数据; [0110] Step 5b, UE processes the request and acquires information of the corresponding position data from the GPS module;

[0111] 步骤6b,若UE具备位置信息数据,则在身份响应消息中携带该数据;否则,携带位置信息数据获取失败的原因; [0111] Step 6b, if the UE includes location information data, in the identity response message carries the data; otherwise, carrying the location information data acquired cause of the failure;

[0112] 步骤7b,AP收到UE提供的位置信息后,对其进行标识,用以实现位置信息和AP身份的绑定; After [0112] Step 7B, AP receive location information provided by the UE, to identify it, to achieve binding position information and the identity of the AP;

[0113] 步骤8b, AP发送“access”请求,并携带UE提供的位置信息数据给服务网关(serving AG); [0113] Step 8b, AP transmits "access" requests, and carries the location information data provided by the UE to the serving gateway (serving AG);

[0114] 步骤9b,AG将该请求发送给网络定位服务器,用于位置信息的计算,并将计算的 [0114] Step 9b, AG sends the request to the network location server for calculating the location information, and the calculated

1结果即具体的定位信息传送给AG ; 1 Results i.e. specific targeting information to the AG;

[0115] 步骤10b,AG向AHR发送“access”请求,并携带位置信息; [0115] Step 10b, AG sends AHR "access" requests, and carries the position information;

[0116] 步骤11b,AHR对该位置信息的合法性进行校验; [0116] Step 11b, the legitimacy of AHR verify the position information;

[0117] 步骤12b,如果检验成功,则向AG发送“access”成功响应;若校验不成功,则发送“access”失败响应。 [0117] Step 12b, if the verification is successful, is sent to the AG "access" success response; and if the verification is unsuccessful, it sends "access" failure response.

[0118] 以上各实施例中所涉及的UE是指AP的CSG用户的用户设备。 [0118] Examples of the above embodiments involved UE refers to a user AP CSG user equipment.

[0119] 本发明实施例中,AP借助UE发送来的UE位置信息间接地实现定位AP的目的,其中UE的位置信息是从UE本身的GPS模块中获得的,AP通过将UE的位置信息与AP的身份标识进行绑定,实现网络侧AHR将UE的为位置信息当成AP的位置信息对AP进行定位,由于AP的覆盖范围较小,UE的位置信息与AP实际的位置信息差距不大,能够满足AP位置的精确度;而且本实施例提供的解决方案无需改变现有的网络结构;同时实现过程不需要宏蜂窝的参与,有效地解决了在没有宏蜂窝覆盖的条件下,实现AP的准确定位,同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 [0119] embodiment of the present invention, AP by the UE location information of the UE transmitted to achieve the purpose of positioning the AP indirectly, wherein the location information of the UE is obtained from the UE itself a GPS module, AP by the UE location information and binds AP identity, network AHR side of the UE for the location information of the location information of the AP as the AP positioning, due to the small coverage range of the AP, the AP position information of UE position information of the actual gap is not, AP location can meet accuracy; and the solution provided in this embodiment without changing the existing network structure; while achieving the process does not require the participation of the macro, the effective solution in the absence of macrocell coverage, to achieve an AP accurate positioning, while effectively address the deficiencies carrier does not support CLF entity, not based on port location verification.

[0120] 图5为本发明无线接入设备的导入流程实施例二信令流程图,以无线接入设备为家庭基站为例,本实施例是基于UE的AP导入流程中进行位置验证的实现过程,如图5所示,该流程包括: Import process according to the second signaling radio access device [0120] FIG. 5 is a flowchart of embodiments of the invention, a wireless access device in a home base station, the present embodiment is an implementation of location verification of an AP for UE based import process process, as shown in Figure 5, the process comprising:

[0121] AP经由安全网关(SeGW)完成与认证服务器之间的身份认证,并与kGW之间建立安全隧道(II3sec),如果认证通过,那么运营商就可以授权AP具备接入功能,并向周围发射 [0121] AP establish a secure tunnel (II3sec) between kGW and through the security gateway (SeGW) authentication between the accumulator and the authentication server, and, if authenticated, then the operator will be authorized to have access to AP function, and around launch

广播信号。 Broadcast signal.

[0122] 步骤le,UE检测周围的微蜂窝信号,并发起RRC连接建立请求,请求建立RRC连接; [0122] Step Le, microcellular UE detects ambient signal, and initiate an RRC connection establishment request, a request to establish an RRC connection;

[0123] 步骤2e,UE向AP发送位置更新请求; [0123] Step 2e, UE sends a location update request to the AP;

[0124] 步骤3e,AP对UE执行准入控制功能即发送UE身份请求,在该请求中同时携带对UE的位置信息的请求; [0124] Step 3e, AP admission control function execution request transmits i.e. UE identity requests while carrying position information of the UE in the request for the UE;

[0125] 步骤4e,UE处理该请求,并向LS询问相应的位置信息数据; [0125] Step 4e, UE processes the request and asks the location information data corresponding to the LS;

[0126] 步骤5e,UE在身份响应消息中携带该位置信息数据; [0126] Step 5e, UE identity in the message carrying the location information response data;

[0127] 步骤6e,AP收到UE提供的位置信息后,对其进行标识,用以实现位置信息和AP身份的绑定; After [0127] Step 6E, AP receive location information provided by the UE, to identify it, to achieve binding position information and the identity of the AP;

[0128] 步骤7e,AP发送Boot请求,并携带UE提供的位置信息数据给预备网关(Provisioning AG); [0128] Step 7e, AP Boot transmission request carries the location information and data provided by the UE to prepare a gateway (Provisioning AG);

[0129] 步骤8e,AG向AHR发送“Boot “请求,并携带地理位置信息; [0129] Step 8e, AG transmission "Boot" request, and carrying location information to the AHR;

[0130] 步骤9e,AHR对该位置信息的合法性进行校验; [0130] Step 9e, the legitimacy of AHR verify the position information;

[0131] 步骤10e,如果检验成功,并向AG发送“Boot “成功响应;若校验不成功,则发送”Boot “失败响应。 [0131] Step 10e, if the verification is successful, and transmits AG "Boot" success response; and if the verification is unsuccessful, it sends "Boot" failure response.

[0132] 本实施例提供的方法中是AP向发送UE身份请求,在该请求中同时携带对UE的GPS位置信息数据的请求,当然也可以通过其它消息携带对UE的GPS位置信息数据的请求, 或者单独直接向UE发送对UE的GPS位置信息数据的请求等实施方式也在本发明的保护范围之内。 [0132] The present embodiment of the method provided in the AP sends a request to UE identity, while carrying the request for the UE GPS location information data in the request, of course, it may also carry a request for the UE GPS location information data through other messages also within the scope of the present invention, or requests, a separate GPS location information sending data directly to the UE UE implementation. 在AP完成首次导入流程的基础上进行AP的接入(access)流程。 An access an AP (Access) process is completed in the first flow introduced AP basis.

[0133] 图6为本发明无线接入设备的接入流程实施例二信令流程图,以无线接入设备为家庭基站为例,本实施例是基于UE的AP接入流程中进行位置验证的实现过程,如图6所示,该流程包括: Process according to a second signaling access wireless access device [0133] FIG 6 is a flowchart of embodiments of the invention, a wireless access device in a home base station, the present embodiment is based AP access procedure of the UE for location verification the implementation shown in FIG. 6, the process comprising:

[0134] AP经由安全网关(SeGW)完成与认证服务器之间的身份认证,并与kGW之间建立安全隧道(II3sec),如果认证通过,那么运营商就可以授权AP具备接入功能,并向周围发射 [0134] AP establish a secure tunnel (II3sec) between kGW and through the security gateway (SeGW) authentication between the accumulator and the authentication server, and, if authenticated, then the operator will be authorized to have access to AP function, and around launch

广播信号。 Broadcast signal.

[0135] 步骤If,AP从APM下载相应的配置信息,比如用户准入控制列表等; [0135] Step If, AP download the appropriate configuration information from the APM, such as user access control list;

[0136] 步骤2f,UE预与AP进行业务交互,发送RRC连接请求并建立RRC连接; [0136] Step 2f, UE pre-service interaction with the AP, and transmits an RRC connection request to establish an RRC connection;

[0137] 步骤3f,UE向AP发送位置更新请求; [0137] Step 3f, UE sends a location update request to the AP;

[0138] 步骤4f,AP对UE执行准入控制功能即发送UE身份请求,在该请求中同时携带对UE的位置信息数据的请求; [0138] Step 4f, AP admission control function execution request transmits i.e. UE identity request while the UE carrying the location information of the data in the request for the UE;

[0139] 步骤5f,UE处理该请求,并向LS询问UE当前的位置信息数据; [0139] Step 5f, UE processes the request, and querying the current location information data UE LS;

[0140] 步骤6f,UE在身份响应消息中携带该数据; [0140] Step 6f, UE identity in the message carrying the response data;

[0141] 步骤7f,AP收到UE提供的位置信息后,对其进行标识,用以实现位置信息和AP身份的绑定; After [0141] Step 7F, AP receive location information provided by the UE, to identify it, to achieve binding position information and the identity of the AP;

[0142] 步骤8f,AP发送“access”请求,并携带UE提供的位置信息数据给服务网关(serving AG); [0142] Step 8f, AP transmits "access" requests, and carries the location information data provided by the UE to the serving gateway (serving AG);

[0143] 步骤9f,AG向AHR发送“access”请求,并携带地理位置信息; [0143] Step 9f, AG sends AHR "access" request, and carrying location information;

[0144] 步骤IOf,AHR对该位置信息的合法性进行校验; [0144] Step IOf, AHR legitimacy verify the position information;

[0145] 步骤llf,如果检验成功,并向AG发送“access”成功响应;若校验不成功,则发送“access”失败响应。 [0145] Step LLF, if the verification is successful, and transmits the AG "access" success response; and if the verification is unsuccessful, it sends "access" failure response.

[0146] 以上各实施例中所涉及的UE是指AP的CSG用户的用户设备。 [0146] Examples of the above UE refers to an embodiment of the CSG user of the user equipment AP.

[0147] 本发明实施例中,AP借助UE发送来的UE位置信息间接地实现定位AP的目的,其中UE的位置信息是从核心网的LS中获得的,AP通过将UE的位置信息与AP的身份标识进行绑定,实现网络侧AHR将UE的为位置信息当成AP的位置信息对AP进行定位,由于AP的覆盖范围较小,UE的位置信息与AP实际的位置信息差距不大,能够满足AP位置的精确度; 而且本实施例提供的解决方案无需改变现有的网络结构;同时实现过程不需要宏蜂窝的参与,有效地解决了在没有宏蜂窝覆盖的条件下,实现AP的准确定位,同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 [0147] embodiment of the present invention, AP by the UE location information of the UE transmitted to achieve the purpose of positioning the AP indirectly, wherein the location information of the UE is obtained from the LS core network is, AP by the position information of the UE with the AP It binds identity, network AHR side of the UE for the location information of the location information of the AP as the AP positioning, due to the small coverage range of the AP, the location information of the UE and the AP information of the actual position of the gap is not possible position accuracy to meet the AP; and solution provided in this embodiment without changing the existing network structure; while achieving the process does not require the participation of the macro, the effective solution in the absence of macrocell coverage, the AP accurate localization while effectively address the deficiencies carrier does not support CLF entity, not based on port location verification.

[0148] 图7为本发明无线接入设备的定位方法实施例二流程图,以无线接入设备为家庭基站为例,如图7所示,该方法包括: [0148] FIG. 7 positioning method according to a second wireless access device embodiment of the present invention, a flow chart, a wireless access device to a home base station as an example, shown in Figure 7, the method comprising:

[0149] 步骤500,从家庭基站所包括的全球定位系统模块中获取所述家庭基站的位置信息; [0149] Step 500, acquiring location information of the home base station from a global positioning system module included in the home base station;

[0150] 本实施例中所涉及的家庭基站与前述实施例所不同之处在于,本方法中涉及的家庭基站具有GPS功能,其自身配置有GPS模块,当需要进行家庭基站即AP的位置验证时,AP 从自身配备的GPS模块中取出位置信息用于位置验证。 [0150] HNB foregoing embodiment relates to the present embodiment is different from the embodiment in that embodiment, the method relates to a home base station having a GPS function, which itself is configured with a GPS module, when required HNB i.e. location verification of the AP when, AP pickup position information from the GPS module is equipped with its own location for verification.

[0151] 步骤501,将所述位置信息发送给网络侧进行位置验证。 [0151] Step 501, the location information is transmitted to the network side for location verification.

[0152] AP从GPS模块中获取到位置信息后,位置信息发送给网络侧进行AP的位置验证, 具体包括将位置信息经由业务网关发送给网络定位服务器,网络定位服务器对接收到的位置信息进行解析,使得位置信息能够被AHR所识别,解析后将解析结果发送给业务网关,业务网关接收网络定位服务器发送的经过解析的位置信息后,业务网关向AHR发送经过解析的位置信息进行AP的位置合法性验证。 [0152] After the AP acquired from the GPS module into position information, the position information transmitting location verification of the AP to the network side, including the location information sent to the network location server via a service gateway, the location information of the network location server the received parsing, so that the position information can be identified AHR, resolved after the analysis result is sent to the service gateway, the location information of the parsed service gateway network location server receives a transmission, the transmission service gateway location through the AP to the AHR position information parsed legality verification. 若验证成功,则AHR向业务网关返回成功响应,若验证不成功,则返回失败响应。 If the validation is successful, the AHR success response from the service gateway, if the verification is not successful, failed to return a response. 本实施例中所述的业务网关包括在AP导入(Boot)流程中的预备网关(Provisioning AG)和PA接入流程中的服务网关(krving AG)。 The service gateway embodiment of the present embodiment comprises a preliminary gateway (Provisioning AG) introduced in the AP (the Boot) PA flow and serving gateway access procedure (krving AG).

[0153] 本发明实施例中,AP利用自身的GPS功能从GPS模块中获取位置信息,直接将实际的AP位置信息发送给AHR,实现网络侧AHR对AP进行定位,保证定位精度;而且本实施例提供的解决方案无需改变现有的网络结构;同时实现过程不需要宏蜂窝的参与,有效地解决了在没有宏蜂窝覆盖的条件下,实现AP的准确定位,同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 [0153] Example, the AP using its own GPS functionality acquires location information from the GPS module, directly send the actual AP location information to the AHR, implement the network side AHR the AP positioning, ensure the positioning accuracy of the present invention; and the present embodiment the solution provided without changing the existing network structure; while achieving the process does not require the participation of the macro, the effective solution in the absence of accurate positioning of macrocell coverage, to achieve the AP, while effectively solving the operator does not support CLF entity, can not be based on the defect port position verification.

[0154] 图8为本发明无线接入设备位置验证方法实施例二流程图,,以无线接入设备为家庭基站为例,如图8所示,该方法包括: [0154] FIG 8 position of the wireless access device authentication method according to a second embodiment of the present invention ,, a flowchart of a wireless access device to a home base station as an example shown in Figure 8, the method comprising:

[0155] 步骤600,接收来自家庭基站的位置验证请求消息,所述位置验证请求消息包括从所述家庭基站所包括的全球定位系统模块中获取所述家庭基站的位置信息; [0155] Step 600, the base station receives from the home location verification request message, the location verification request message comprises acquiring location information of the home base station from a global positioning system module included in the home base station;

[0156] 网络侧AHR接收业务网关发送的位置验证请求消息,该位置验证请求消息可以是在AP导入流程中预备网关向AHR发送的导入请求消息,也可以是在AP接入流程中服务网关向AHR发送的接入请求消息,在位置验证请求消息中包括AP的位置信息,AHR根据AP的位置信息进行AP位置验证。 [0156] AHR receiving location verification service network gateway sends the request message, the location verification request message may be introduced into the process in the AP request message to the gateway preliminary introduction AHR transmitted, it may be in the AP to the serving gateway access procedure AHR access request message sent, in the location verification request message including location information of the AP, AP AHR for location verification of the AP position information.

[0157] 步骤601,根据预先存储的所述家庭基站允许工作范围的位置信息,对所述家庭基站进行位置验证。 [0157] Step 601, the home base station according to the pre-stored location information allows the operating range of the home base station for location verification.

[0158] AHR以接收到的AP的实际位置信息作为验证对象,以其预先存储在AHR上的AP允许工作范围的位置信息为依据进行位置合法性验证,具体可以是将AP的实际位置信息与AP允许工作范围的位置信息进行对比,获得二者之间的差值信息,再判断该差值信息是否超过预先设定的阈值,若超过则表示AP实际工作的位置与允许工作的位置相差较远,也就是说AP离开了允许工作的位置范围,因此应禁止其接入功能;若没有超过阈值则验证成功表示AP还处于允许的工作范围内,可以保持AP的正常工作,并返回验证成功消息。 [0158] AHR actual location information received as a verification target AP, AP with its previously stored position information on AHR allow work to verify the legitimacy of the position range as the basis, the actual location may be a specific information of the AP and AP position information allows the comparison operation range to obtain difference information between the two, and then determines whether the difference exceeds a predetermined threshold value information, and if it exceeds the actual operating position AP represents the difference between the working position allows more far away from the AP that is allowable operation range of positions, and therefore it should be prohibited access function; if not exceed the threshold value indicates the successful authentication AP still within the permissible operating range, the AP can maintain normal operation, and returns the verification is successful messages. 其中阈值可以根据实际情况例如AP的覆盖范围大小等参数预先设定并存储在AHR中。 Wherein the threshold may be, for example, coverage AP size parameter is set in advance and stored in the AHR according to actual situation.

[0159] 本实施例提供的家庭基站位置验证方法,网络侧AHR应用所存储AP允许工作位置信息对接收到的从AP上GPS模块中获取的位置信息进行AP位置的合法性进行验证;无需改变现有的网络结构,同时实现过程不需要宏蜂窝的参与,有效地解决了在没有宏蜂窝覆盖的条件下,实现AP的准确定位,同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 [0159] a home base station location verification method provided in the present embodiment, the network side AHR application AP storage location allows the information acquired from the GPS module operative position AP received information validity is verified AP location; no change existing network structure, while achieving process does not require the participation of the macrocell, effectively solve the accurate positioning in the absence of macrocell coverage, the AP achieved while effectively solved the carrier does not support CLF entity, the port can not be based on the position of a defect verification.

[0160] AP在具体应用中在首次使用时要进行AP的导入(Boot)流程,在后续使用过程中要进行AP的接入流程,以上两个流程中均要对AP进行位置验证,以下分别介绍在两个流程中实现AP位置验证的过程。 [0160] AP in a particular application to be used for the first time introduced the AP (the Boot) process, during the subsequent use access procedure to be performed in the AP, the above two processes have to verify the location of the AP, hereinafter It describes the implementation process of the two AP location validation process.

[0161] 图9为本发明无线接入设备的导入流程实施例三信令流程图,以无线接入设备为家庭基站为例,本实施例是基于AP的GPS功能的AP导入流程中进行位置验证的实现过程, 如图9所示,该流程包括: [0161] FIG. 9 import process wireless access device according to a third signaling flow chart, a wireless access device in the home base station for the embodiment of the present invention, the present embodiment is based on the import process GPS AP function of the position of the AP verification implementation, shown in Figure 9, the process comprising:

[0162] AP经由安全网关(SeGW)完成与认证服务器之间的身份认证,并与kGW之间建立安全隧道(II3sec),如果认证通过,那么运营商就可以授权AP具备接入功能,并向周围发射广播信号。 [0162] AP establish a secure tunnel (II3sec) between kGW and through the security gateway (SeGW) authentication between the accumulator and the authentication server, and, if authenticated, then the operator will be authorized to have access to AP function, and about the transmit broadcast signals.

[0163] 步骤lc,AP向预备网关(Provisioning AG)发送“Boot”请求,并携带AP的位置信息,该位置信息由AP的GPS模块来提供; [0163] Step LC, AP transmits "Boot" requests, and carries the location information of the AP, the location information provided by the GPS module to the AP preliminary gateway (Provisioning AG);

[0164] 步骤2c,AG将位置信息数据提交给网络定位服务器用于位置信息计算; [0164] Step 2c, AG location information submitted data to the network location server for calculating the location information;

[0165] 步骤3c,AG将Boot请求转发给AHR ; [0165] Step 3c, AG Boot will forward the request to the AHR;

[0166] 步骤4c,AHR对该位置信息执行判断,并作出响应,携带本地接入网元的地址及其它配置信息。 [0166] Step 4c, AHR perform the position determination information, and, in response, carries address and other configuration information of the local access network element.

[0167] 由于进行完导入流程后要进行接入流程,而两个流程中所涉及的业务网关不同, 导入流程中业务网关为预备网关(Provisioning AG),而接入流程中业务网关具体为服务器网关(serving AG),因此若导入流程中若验证成功则AHR作出成功响应,并携带本地接入网元的地址即服务器网关(servingAG)的地址告知AP下次与服务器网关(serving AG) 进行交互。 [0167] As a result of the import process to be performed after completion of the access procedure, the service gateway two different processes involved in the import process for the preparation gateway service gateway (Provisioning AG), and particularly the access service gateway process server gateway (serving AG), so if the import process when authentication succeeds AHR to success response, and carries the address of the local access network element, i.e. server gateway address (servingAG) inform the next AP server gateway (serving AG) interacting . 在AP完成首次导入流程的基础上进行AP的接入(access)流程。 An access an AP (Access) process is completed in the first flow introduced AP basis.

[0168] 图10为本发明无线接入设备的接入流程实施例三信令流程图,以无线接入设备为家庭基站为例,本实施例是基于UE的AP接入流程中进行位置验证的实现过程,如图10 所示,该流程包括: [0168] FIG wireless access device 10 access procedure according to a third signaling flow chart, a wireless access device in the home base station for the embodiment of the present invention, the present embodiment is a position based on the AP the access authentication procedure of the UE the implementation, shown in FIG. 10, the process comprising:

[0169] AP经由安全网关(SeGW)完成与认证服务器之间的身份认证,并与kGW之间建立安全隧道(II3sec),如果认证通过,那么运营商就可以授权AP具备接入功能,并向周围发射 [0169] AP establish a secure tunnel (II3sec) between kGW and through the security gateway (SeGW) authentication between the accumulator and the authentication server, and, if authenticated, then the operator will be authorized to have access to AP function, and around launch

广播信号。 Broadcast signal.

[0170] 步骤ld,AP从APM获取配置信息; [0170] Step ld, AP configuration information acquired from the APM;

[0171] 步骤2d,AP向“Serving AG”发送“Access”请求,并携带AP的位置信息,该位置信息由AP的GPS模块来提供; [0171] Step 2D, AP sends a "Serving AG" "Access" request, and carries the location information of the AP, the location information provided by the AP to a GPS module;

[0172] 步骤3d,AG将位置信息数据提交给网络定位服务器用于位置信息计算; [0172] Step 3d, AG location information submitted data to the network location server for calculating the location information;

[0173] 步骤4d,AG将“Access”请求转发给AHR ; [0173] Step 4d, AG to "Access" forwards the request to the AHR;

[0174] 步骤5d,AHR对该位置信息执行判断,并作出响应。 [0174] Step 5d, AHR perform the position determination information, and responds. 如果检验成功,则向AG发送“access”成功响应;若校验不成功,则发送“access”失败响应。 If the verification is successful, it sends "access" success response to the AG; and if the verification is unsuccessful, it sends "access" failure response.

[0175] 本发明实施例中,AP利用自身的GPS功能从GPS模块中获取位置信息,直接将实际的AP位置信息发送给AHR,实现网络侧AHR对AP进行定位,保证定位精度;而且本实施例提供的解决方案无需改变现有的网络结构;同时实现过程不需要宏蜂窝的参与,有效地解决了在没有宏蜂窝覆盖的条件下,实现AP的准确定位,同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 [0175] Example, the AP using its own GPS functionality acquires location information from the GPS module, directly send the actual AP location information to the AHR, implement the network side AHR the AP positioning, ensure the positioning accuracy of the present invention; and the present embodiment the solution provided without changing the existing network structure; while achieving the process does not require the participation of the macro, the effective solution in the absence of accurate positioning of macrocell coverage, to achieve the AP, while effectively solving the operator does not support CLF entity, can not be based on the defect port position verification.

[0176] 图11为本发明无线接入设备实施例一结构示意图,如图11所示,该无线接入设备可以是例如无线接入设备等能够为用户设备提供接入功能的设备,本实施例中无线接入设备以无线接入设备为例进行说明,该无线接入设备包括第一接收模块11、绑定模块12和第一发送模块13,其中第一接收模块11用于接收用户设备发送的所述用户设备的位置信息; 绑定模块12用于应用无线接入设备的身份信息对所述位置信息进行标识;第一发送模块13用于将经过标识的所述位置信息发送给网络侧进行位置验证。 [0176] FIG wireless access device 11 of the present embodiment is a structure of embodiment of the invention shown in Figure 11, the wireless access device may be, for example, to provide access to functionality for a user equipment device for wireless access devices, the present embodiment Example wireless access device to a wireless access device as an example, the wireless access device comprises a first receiving module 11, binding module 12, and a first sending module 13, wherein the first receiving module 11 for receiving user equipment transmitting location information of the user equipment; binding module 12 to the application identification information of said wireless access device location identification information; a first sending module 13 configured to send the location information to the network through the identification side for location verification.

[0177] 具体为,本实施例中以无线接入设备为家庭基站为例进行说明。 [0177] Specifically, in the present embodiment, the wireless access device as an example of the home base station. 家庭基站在为UE 提供的接入功能之前,首先经由安全网关(SeGW)完成与认证服务器之间的身份认证,并与安全网关之间建立安全隧道(msec),在认证成功的情况下家庭基站经运营商授权具有接入功能,并向周围发射广播信号为UE提供接入功能。 Before the home base station access function is provided by the UE, first establish a secure tunnel (msec) and between security gateways through a security gateway (SeGW) authentication between the accumulator and the authentication server, and a home base station in the authentication is successful authorized by the operator with access function, and transmitting a broadcast signal provided around the access function UE. UE检测到家庭基站发射的微蜂窝信号后,与家庭基站建立RRC连接;然后UE向家庭基站发送位置更新请求,家庭基站通过第一发送模块13向UE发送位置信息的请求信息以请求UE发送位置信息,UE从GPS模块中获取位置信息后发送给家庭基站,家庭基站中的第一接收模块11接收到UE的位置信息后,通过绑定模块12对UE位置信息进行标识,用以实现UE位置信息和AP身份的绑定,以借助该UE 位置信息当成AP的位置信息实现AP的定位功能,具体进行标识的方式可以包括以下两种, 其中一种是应用AP的身份识别号(AP ID)对UE位置信息进行标识,还可以是应用AP的数字证书对UE位置信息进行标识。 UE after detecting the home base station microcell transmitted signals, to establish an RRC connection to the home base station; the UE to the home base station then transmits a location update request, the request information by the home base station 13 transmits the position information to the UE to request the UE a first transmitting module transmits the location information, after the UE acquires the location information transmitted from the GPS module to a home base station, the UE 11 receives location information of the home base station in a first receiving module, UE location information identified by the binding module 12 pairs, the UE location to achieve binding and AP identity information to the UE by means of position information as the position information of the AP to achieve targeting AP, and may be specifically identified embodiment include two, one of which is the identification number of the application AP (AP ID) identifying position information for the UE, it may also be applied to the digital certificate of the AP position information identifying UE. 上述的AP的身份识别号和AP的数字证书均能够唯一标识AP的身份,当然也可以采用其它能够唯一标识AP的方式并不局限于以上两种方式。 The above-described AP identification number and a digital certificate that uniquely identifies the AP are AP identity, of course, other ways can uniquely identify the AP is not limited to the above may be used in two ways. 在绑定模块12进行结束UE位置信息的标识后,通过第一发送模块13将UE的位置信息发送到网络侧进行位置验证。 After the end of the binding module 12 of the identification information of the UE location, the network side transmits to the location verification module transmitting a first location information of the UE 13.

[0178] 由于在进行家庭基站接入流程中要从APM上下载配置信息,因此家庭基站中还包括第一下载模块14用于从家庭基站管理平台下载配置信息。 [0178] Since the home base station access procedure performed in the configuration information downloaded from the APM, so the home base station further comprises a first module 14 for downloading to download configuration information from the home base station management platform.

[0179] 本发明实施例中,家庭基站基于UE,借助UE发送来的UE位置信息间接地实现定位家庭基站的目的,家庭基站通过将UE的位置信息与家庭基站的身份标识进行绑定,实现网络侧AHR将UE的为位置信息当成家庭基站的位置信息对家庭基站进行定位,由于家庭基站的覆盖范围较小,UE的位置信息与家庭基站实际的位置信息差距不大,能够满足家庭基站位置的精确度;而且本实施例提供的解决方案无需改变现有的网络结构;同时实现过程不需要宏蜂窝的参与,有效地解决了在没有宏蜂窝覆盖的条件下,实现家庭基站的准确定位, 同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 [0179] embodiment of the present invention, a home base station based on the UE, the UE location information of the UE by means of object transmitted achieve the positioning of the HNB indirectly, bind the home base station location information by the identity of the UE and the home base station, implemented AHR-side network of the UE as the location information for the location information of the home base station HNB positioning, due to the small coverage of the home base station, the location information of the actual gap between the home base station location information of the UE is not able to meet the home base station location accuracy; and solution provided in this embodiment without changing the existing network structure; while achieving the process does not require the participation of the macro, the effective solution in the absence of macrocell coverage, to achieve accurate positioning of the home base station, while effectively address the deficiencies carrier does not support CLF entity, not based on port location verification.

[0180] 图12为本发明用户设备实施例一结构示意图,如图12所示,该用户设备包括第一全球定位系统模块21和第二发送模块22,其中第一全球定位系统模块21用于获取用户设备的位置信息;第二发送模块22用于从第一全球定位系统模块21中获取所述位置信息,发送给无线接入设备。 [0180] FIG 12 a schematic view of a configuration example of a user apparatus embodiment of the present invention, shown in Figure 12, the user equipment comprises a first GPS module 21 and a second sending module 22, wherein the first module is a global positioning system 21 for acquiring location information of the user device; a second sending module 22 is configured to acquire the first position information from a global positioning system module 21 transmits to the wireless access device.

[0181] 具体为,本实施例中以无线接入设备为家庭基站为例进行说明。 [0181] Specifically, in the present embodiment, the wireless access device as an example of the home base station. 在家庭基站具有接入功能后,UE检测到家庭基站发射的微蜂窝信号后,向家庭基站发送RRC请求并与家庭基站建立RRC连接;然后向家庭基站发送位置更新请求,家庭基站向UE发送身份请求,携带对UE的GPS位置信息的请求,UE处理该请求,从第一全球定位系统模块21中获取相应的位置信息,通过第二发送模块22将UE的位置信息发送给家庭基站。 After the home base station having a function of access, the UE detects microcell home base station transmitted signal is transmitted to the home base station establishes an RRC connection request and RRC home base station; then transmits a location update request to home base, the home base station transmits to the UE identity request, the request carries the location information of the GPS to the UE, UE processes the request, obtain the corresponding position information from a global positioning system module 21 first transmits the location information to the home base station through a second transmission module 22 of the UE. UE接收家庭基站发送的对UE位置信息的请求信息可以通过UE中包括的第二接收模块23完成。 The second receiving module receives the UE's home base station transmits the request information to the UE by UE position information may be included in the 23 completed.

[0182] UE中还可以包括用于应用所述用户设备与认证服务器之间的认证派生密钥,对从第一全球定位系统模块21中获取所述位置信息进行加密的加密模块M ;还可以进一步包括用于对经过加密模块M加密的位置信息添加时间戳信息的时间戳模块25。 [0182] UE may also comprise a derived key for authentication between the user equipment and the application authentication server, for acquiring the first position information from the GPS module 21 encrypts the encryption module M; also further comprising means for adding time stamp information to the encrypted information encrypted location module M timestamp module 25. 具体地为了防止家庭基站对该UE位置信息进行篡改,UE在从第一全球定位系统模块21中获取UE位置信息后,由加密模块M应用UE与认证服务器之间的认证派生密钥对UE位置信息进行加密处理,然后再发送给家庭基站,保证家庭基站发送给网络侧的位置信息的真实准确性。 Specifically, in order to prevent tampering with the home base station location information of the UE, the UE acquires the location information from the first UE GPS module 21, a key derived from the authentication encryption module M between the UE and the authentication server application on the UE location information is encrypted and then sent to the home base station, the base station transmits to the home to ensure the accuracy of the true position information of the network side. 进一步地,可以通过时间戳模块25在对UE为位置信息进行加密处理的基础上加入时间戳信息防止家庭基站的重放攻击。 Further, the module 25 may be performed by the time stamp in the UE for the location information of the encryption processing based on the added time stamp information of the home base station to prevent replay attacks.

[0183] 本实施例提供的用户设备能够在家庭基站的请求下,将从GPS模块中获得的位置信息发送给家庭基站,并对发送位置信息进行必要的加密等处理,为家庭基站借助UE位置信息进行位置验证提依据。 [0183] The user equipment can be provided in the present embodiment, at the request of the home base station, the location information obtained from the GPS module is sent to the home base station, and transmits the location information of the necessary processing such as encryption, by the UE location to the home base station position to verify the information mentioned basis.

[0184] 图13为本发明位置验证服务器实施例一结构示意图,如图13所示,该位置验证服务器包括第三接收模块31和第一验证模块32,其中第三接收模块31用于接收来自无线接入设备的位置验证请求消息,所述位置验证请求消息包括应用所述无线接入设备的身份信息所标识的、接入所述无线接入设备的用户设备的位置信息;第一验证模块32用于根据预先存储的所述无线接入设备的位置信息,对所述位置验证请求消息中包括的所述用户设备的位置信息进行验证。 [0184] FIG 13 a schematic view of a location verification server configuration example embodiment of the present invention, as shown in FIG. 13, the position of the authentication server comprises a third receiving module 31 and a first verification module 32, wherein the third receiving module 31 for receiving wireless access device location verification request message, the location verification request message including location information of an application of the wireless access device identification information identified, the wireless access device access to a user device; a first authentication module 32 according to pre-stored location information of the wireless access device, the location information of the location request message comprises the user authentication device for authentication.

[0185] 本实施例中以无线接入设备为家庭基站为例进行说明,本实施例中位置验证服务器可以是家庭基站的位置绑定及认证功能实体(AHR),其包括的第三接收模块31接收位置验证请求消息,该位置验证请求消息中包括的位置信息是UE的位置信息,而且该UE的位置信息是经过应用家庭基站身份信息所标识的,由于该家庭基站身份信息标识的存在,AHR将该位置信息当成是家庭基站的位置信息进行位置合法性验证。 [0185] In the present embodiment, the wireless access device as an example of a home base station, server location verification embodiment of the present embodiment may be a binding position and the home base station authentication function entity (the AHR), which comprises a third receiving module 31 receives the location verification request message, the location information in the location verification request message including the location information of the UE, and the location information of the UE is the result of application of the home base station identification information identified by the presence of the home base station identification information identifying, AHR is the location information as the location information of the HNB verify the legitimacy of position. 验证过程是由第一验证模块32完成的,具体为第一验证模块32以UE位置信息作为验证对象,以其预先存储在AHR上的AP允许工作范围的位置信息为依据进行位置合法性验证,具体可以是将UE位置信息与AP允许工作范围的位置信息进行对比,获得二者之间的差值信息,再判断该差值信息是否超过预先设定的阈值,若超过则表示AP实际工作的位置与允许工作的位置相差较远,也就是说AP离开了允许工作的位置范围,因此应禁止其接入功能;若没有超过阈值则验证成功表示AP还处于允许的工作范围内,可以保持AP的正常工作,并返回验证成功消息。 A first verification process is performed by verification module 32, specifically a first authentication module 32 as a verification target UE location information, allowing position information stored in advance in its operating range of the AP on AHR verify the legitimacy based on the position, specific UE location information may be location information allows the AP working range are compared to obtain difference information between the two, and then determines whether the difference exceeds a predetermined threshold value information, the AP exceeds said actual work position and a position allowing work are far away, that is to say away from the AP to allow the working range of positions, and therefore it should be prohibited access function; if not exceed the threshold value indicates the AP further successful authentication within the allowable working range can be maintained AP normal operation, and returns to verification success message. 其中阈值可以根据实际情况例如AP的覆盖范围大小等参数预先设定并存储在AHR中。 Wherein the threshold may be, for example, coverage AP size parameter is set in advance and stored in the AHR according to actual situation. AHR中可以包括用于存储所述家庭基站的位置信息和用于根据家庭基站的位置信息对所述用户设备的位置信息进行验证所需的阈值的第一存储模块33。 AHR can be included for storing location information of the home base station for performing a first storage module verify threshold required position information 33 of the user equipment according to the location information of the home base station.

[0186] 本实施例提供的位置验证服务器将携带有家庭基站身份信息所标识的UE位置信息当成家庭基站的位置信息,并应用所存储的家庭基站允许工作位置信息对家庭基站位置的合法性进行验证;无需改变现有的网络结构,同时实现过程不需要宏蜂窝的参与,有效地解决了在没有宏蜂窝覆盖的条件下,实现家庭基站的准确定位,同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 [0186] The present position of the authentication server provided in the embodiment of the home base station which carries the identity information of UE location information as identified by the home base station location information, and apply the stored home base station location information allows the working position of the home base station performs legality verification; without changing the existing network structure, while achieving process does not require the participation of the macrocell, effectively solved in the absence of macrocell coverage, accurate positioning of the home base station, while effectively solved the carrier does not support CLF entity, the defect can not be based on port location verification.

[0187] 图14为本发明网络系统实施例一结构示意图,本实施例提供的网络系统中的无线接入设备可以是例如无线接入设备等能够为用户设备提供接入功能的设备,本实施例中无线接入设备以无线接入设备为例进行说明,如图14所示该网络系统包括无线接入设备1、用户设备2和位置验证服务器3,其中用户设备2用于根据无线接入设备1的请求,从用户设备2中的全球定位系统模块中获取用户设备2的位置信息,发送给无线接入设备1 ;无线接入设备1用于接收用户设备2发送的用户设备2的位置信息,并应用无线接入设备1 的身份信息对所述位置信息进行标识;位置验证服务器3用于根据预先存储的无线接入设备1的位置信息,对用户设备2的位置信息进行验证。 [0187] FIG 14 a schematic view of a configuration example of a network system embodiment of the present invention, a network system provided in the present embodiment the wireless access device may provide, for example, access to functionality for a user equipment device for wireless access devices, the present embodiment Example wireless access device to a wireless access device as an example, the network system shown in FIG. 14 includes a wireless access device 1, the position of the user equipment 2 and the authentication server 3, wherein the user equipment 2 for wireless access requesting device 1, 2 acquired from the GPS module in the user equipment location information of the user equipment 2 transmits to the wireless access device 1; a wireless access device for transmitting a user equipment 2 receives the user equipment location 2 information, and application identification information of the wireless access device 1 of the position information identifier; position location information for the authentication server 3 according to the wireless access device 1 is stored in advance, the position information of the user equipment 2 is verified.

[0188] 本实施例中以无线接入设备为家庭基站为例进行说明。 [0188] In the present embodiment, the wireless access device as an example of the home base station. 网络系统还包括网络定位服务器4用于对用户设备2的位置信息数据进行计算。 The network system further includes a network server 4 for locating the position information data of the user device 2 is calculated. 系统还包括业务网关5用于将家庭基站1发送的用户设备2的位置信息转发给网络定位服务器4,接收网络定位服务器4返回的计算结果,将所述计算结果发送给位置验证服务器3。 The system further comprises a service gateway 5 for forwarding the location information of the user equipment 2 of the home base station 1 transmits to the network location server 4, the results returned location server receiving network 4, transmits the calculation result to the authentication server 3 position. 系统还包括用于为家庭基站1提供配置信息的家庭基站管理平台6。 The system further comprises means for providing configuration information to the home base station 1 to the home base station management platform 6.

[0189] 家庭基站1向用户设备2请求上传用户设备2的位置信息,用户设备2从其GPS 模块中取出位置信息并发送给家庭基站1,家庭基站1接收到用户设备2的位置信息后应用家庭基站1的身份信息对用户设备2的位置信息进行标识,使得网络侧将用户设备2的位置信息当成家庭基站1的位置信息用作位置验证。 [0189] a home base station 2 requests the uploading user equipment location information to a user equipment, the user equipment 2 sends position information 2 extracted from the GPS module in the home base station 1, the home base station 1 receives the position information of the user equipment to the application 2 identity information of a home base station location information of the user device 2 is identified, the network side so that the location information of the user equipment 2 as the position information is used as a home base station location verification. 家庭基站1将用户设备2的位置信息发送给业务网关5,业务网关5转发该位置信息给网络定位服务器4,网络定位服务器4对用户设备2的位置信息数据进行计算,能够为位置验证服务器3提供地理位置信息;网络定位服务器4将计算结果返回给业务网关5,业务网关5再将该计算结果发送给位置验证服务器3,位置验证服务器3接收用户设备2的位置信息后,应用预先存储的签约的家庭基站1的位置信息,对用户设备2的位置信息进行位置合法性验证。 The home base station 1 sends the location information of the user equipment 2 to the service gateway 5, the service gateway 5 forwards the location information to the network location server 4, the location information of a data network location server 4 to the user device 2 is calculated, it is possible for the position of the authentication server 3 providing geographical location information; network location server 4 returns the calculation result to the service gateway 5, the service gateway 5 and then transmits the calculation result to the authentication server 3 position, the position of the user device authentication server 3 receives position information 2, the application stored in advance location information of the HNB subscription 1, the position information of the user equipment 2 legality verification position. 本实施例中所涉及的业务网关可以是在家庭基站在导入(Boot)流程中涉及的预备网关(Provisioning AG),也可以是家庭基站在接入(access)流程中涉及的服务网关(Serving AG)。 Service gateway according to the present embodiment of the embodiment may be prepared according to the gateway in the lead (the Boot) process in the home base station (Provisioning AG), or may be directed to the home base station serving gateway in an access (Access) process (Serving AG ). 家庭基站管理平台6在家庭基站1进行接入流程中为家庭基站1提供相关的配置信息。 6 home base station management platform to provide configuration information to the home base station 1 in the home base station 1 performs the access process. 本实施例中所涉及的用户设备、家庭基站和位置验证服务器可以是上述各实施例中所提供的设备,具体功能及交互此处不再赘述。 The user equipment involved in the present embodiment, the position of the home base station and the authentication server may be a device in the above embodiments are provided, the function and interaction specifically omitted here.

[0190] 图15为本发明用户设备实施例二结构示意图,如图15所示,该用户设备包括第二获取模块61和第四发送模块62,其中第二获取模块61用于从定位中心获取用户设备的位置信息;第四发送模块62用于向无线接入设备发送所述用户设备的位置信息。 [0190] FIG. 15 schematic structural diagram of a user equipment two embodiments of the present invention, shown in Figure 15, the user equipment includes a second acquiring module 61 and a fourth sending module 62, wherein the second acquiring module 61 for acquiring from the location center the location information of the user equipment; fourth sending module 62 for transmitting location information of the user equipment to the wireless access device.

[0191] 具体地,本实施例中以无线接入设备为家庭基站为例进行说明。 [0191] Specifically, in the present embodiment, the wireless access device as an example of the home base station. 在家庭基站AP具有接入功能后,UE检测到家庭基站发射的微蜂窝信号后,向家庭基站发送RRC请求并与家庭基站建立RRC连接;然后向家庭基站发送位置更新请求,家庭基站向UE发送身份请求,携带对UE的GPS位置信息的请求,UE处理该请求,通过第二获取模块61从核心网LS处获取UE的位置信息,并通过第四发送模块62发送给家庭基站。 After the home base station AP has access function, the UE detects microcell home base station transmitted signal is transmitted to the home base station establishes an RRC connection request and RRC home base station; then transmits a location update request to home base, the home base station transmits to the UE identity request carrying the request for the GPS location information of the UE, UE processes the request, acquiring location information of the UE from the core network LS by the second obtaining module 61, and transmitted to the home base station by a fourth sending module 62. UE接收家庭基站发送的对UE位置信息的请求信息可以通过UE中包括的第五接收模块63完成。 The fifth receiving module UE receives the request information sent home base station location information for the UE by UE 63 is included to complete.

[0192] 本实施例提供的用户设备能够在家庭基站的请求下,将从核心网LS中获得的位置信息发送给家庭基站,为家庭基站借助UE位置信息进行位置验证提依据。 [0192] user equipment according to the present embodiment can be provided at the request of the home base station, the location information obtained from the core network LS is transmitted to the home base station, means for location verification provide UE based on the location information for the home base station.

[0193] 图16为本发明网络系统实施例二结构示意图,本实施例提供的网络系统中的无线接入设备可以是例如无线接入设备的能够为用户设备提供接入功能的设备,本实施例中无线接入设备以无线接入设备为例进行说明,如图16所示该网络系统包括无线接入设备1、用户设备2和位置验证服务器3,其中用户设备2用于根据无线接入设备1的请求,从定位中心中获取用户设备2的位置信息,发送给无线接入设备1 ;无线接入设备1用于接收用户设备2发送的用户设备2的位置信息,应用无线接入设备1的身份信息对所述位置信息进行标识;位置验证服务器3用于根据预先存储的无线接入设备1的位置信息,对用户设备2的位置信息进行验证。 [0193] Fig 16 bis a schematic structural diagram of a network system of the present embodiment, a network system provided in the present embodiment the wireless access device may provide, for example, access to functionality for a user equipment device of the wireless access device, the present embodiment Example wireless access device to a wireless access device as an example, the network system 16 shown in FIG. 1 includes a wireless access device, the user device authentication server 2, and 3 positions, where the user equipment 2 for wireless access requesting apparatus 1 acquires from the center of the positioning location information of the user equipment 2 transmits to the wireless access device 1; a wireless access device 2 for location information transmitted from the user equipment 2 receiving user equipment, wireless access device application 1, the identity information identifies location information; position location information for the authentication server 3 according to the wireless access device 1 is stored in advance, the position information of the user equipment 2 is verified.

[0194] 本实施例中以无线接入设备为家庭基站为例进行说明,网络系统还包括用于将家庭基站1发送的用户设备2的位置信息发送给位置验证服务器3的业务网关;还包括用于为所述无线接入设备提供配置信息的家庭基站管理平台6。 [0194] In the present embodiment, the wireless access device as an example, the network system further comprises means for transmitting the location information of the user equipment 2 of the home base station 1 transmits to the location verification service gateway server 3 is a home base station; further comprising provide configuration information for the wireless access device to the home base station management platform 6.

[0195] 家庭基站1向用户设备2请求上传用户设备2的位置信息,用户设备2从LS7中获取位置信息并发送给家庭基站1,家庭基站1接收到用户设备2的位置信息后应用家庭基站1的身份信息对用户设备2的位置信息进行标识,使得网络侧将用户设备2的位置信息当成家庭基站1的位置信息用作位置验证。 After [0195] the home base station requests the user equipment to upload to a user equipment 2 1 2 position information, the user equipment 2 acquires the position information from the home base station sends LS7 1, the home base station to the user equipment 1 receives the position information of the home base station 2 Application identity information of a location information of the user device 2 is identified, the network side so that the location information of the user equipment 2 as the location information as a home base station location verification. 家庭基站1将用户设备2的位置信息发送给业务网关5,业务网关5再将位置信息发送给位置验证服务器3,位置验证服务器3接收用户设备2的位置信息后,应用预先存储的签约的家庭基站1的位置信息,对用户设备2的位置信息进行位置合法性验证。 After the home base station 1 sends the location information of the user equipment 2 to the service gateway 5, the service gateway 5 and then sent to the location information the location authentication server 3, the position of the user device authentication server 3 receives position information 2, the signing application is stored in advance family 1 of the base station position information, the position information of the user equipment 2 legality verification position. 本实施例中所涉及的业务网关可以是在家庭基站在导入(Boot) 流程中涉及的预备网关(Provisioning AG),也可以是家庭基站在接入(access)流程中涉及的服务网关(Serving AG)。 Service gateway according to the present embodiment of the embodiment may be prepared according to the gateway in the lead (the Boot) process in the home base station (Provisioning AG), or may be directed to the home base station serving gateway in an access (Access) process (Serving AG ). 家庭基站管理平台6在家庭基站1进行接入流程中为家庭基站1提供相关的配置信息。 6 home base station management platform to provide configuration information to the home base station 1 in the home base station 1 performs the access process. 本实施例中所涉及的用户设备、家庭基站和位置验证服务器可以是上述各实施例中所提供的设备,具体功能及交互此处不再赘述。 The user equipment involved in the present embodiment, the position of the home base station and the authentication server may be a device in the above embodiments are provided, the function and interaction specifically omitted here.

[0196] 图17为本发明无线接入设备实施例二结构示意图,如图17所示,该无线接入设备可以是例如无线接入设备的能够为用户设备提供接入功能的设备,本实施例中无线接入设备以无线接入设备为例进行说明,该无线接入设备包括第二全球定位系统模块41、第一获取模块42和第三发送模块43,其中第二全球定位系统模块41用于获得所述无线接入设备的位置信息;第一获取模块42用于从第二全球定位系统模块41中获取所述无线接入设备的位置信息;第三发送模块43用于将所述位置信息发送给网络侧进行位置验证。 [0196] FIG 17 a schematic view of two radio access device embodiment of the present invention, shown in Figure 17, the wireless access device may be, for example, to provide access to functionality for a user equipment device of the wireless access device, the present embodiment Example wireless access device to a wireless access device as an example, the wireless access device comprises a second GPS module 41, a first acquisition module 42, and a third sending module 43, a global positioning system wherein the second module 41 for obtaining the position information of the wireless access device; a first acquiring module 42 for acquiring the wireless access device from a second GPS location information module 41; a third sending module 43 for the sending location information to the network side for location verification.

[0197] 具体地,本实施例中以无线接入设备为家庭基站为例进行说明。 [0197] Specifically, in the present embodiment, the wireless access device as an example of the home base station. 家庭基站中的第二全球定位系统模块41利用GPS功能获得家庭基站实际所处位置信息并存储在第二全球定位系统模块41中;第一获取模块42从第二全球定位系统模块41中取出检测到的家庭基站的位置信息后,通过第三发送模块43将该位置信息发送给网络侧进行家庭基站的位置合法性验证。 The home base station a second global positioning system using a GPS module 41 to obtain the actual function of the home base station location information and stored in the second global positioning system module 41; a first acquisition module 42 is removed from the second module 41 detects a Global Positioning System position information of the home base station, to verify the legitimacy of the position of the home base station to the network side via a third sending module 43 transmits the position information. 家庭基站在进行接入流程中要从家庭基站管理平台下载配置信息,应用该配置信息对用户设备进行准入控制,从家庭基站管理平台下载配置信息可以通过家庭基站包括的第二下载模块44完成。 Home access procedure performed in the home base station from the management platform to download configuration information to the configuration information to the user application admission control device, the home base station from the management platform may download configuration information by the home base station comprises a second download module 44 is completed .

[0198] 本发明实施例中,家庭基站利用自身的GPS功能从GPS模块中获取位置信息,直接将实际的家庭基站位置信息发送给AHR,实现网络侧AHR对家庭基站进行定位,保证定位精度;而且本实施例提供的解决方案无需改变现有的网络结构;同时实现过程不需要宏蜂窝的参与,有效地解决了在没有宏蜂窝覆盖的条件下,实现家庭基站的准确定位,同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 Embodiment [0198] of the present invention, the home base station using its own GPS functionality acquires location information from the GPS module, directly send the actual home base station location information to the AHR, implement the network side AHR HNB positioning, ensure the positioning accuracy; solutions provided by the network without changing the existing structure and the present embodiment; while achieving the process does not require the participation of the macro, the effective solution in the absence of macrocell coverage, to achieve accurate positioning of the home base station, while effectively solving the carrier does not support CLF entity, it can not be based on the defect port position verification.

[0199] 图18为本发明位置验证服务器实施例二结构示意图,如图18所示,该位置验证服务器包括第四接收模块51和第二验证模块52,其中第四接收模块51用于接收来自无线接入设备的位置验证请求消息,所述位置验证请求消息包括从所述无线接入设备所包括的全球定位系统模块中获取所述无线接入设备的位置信息;第二验证模块52用于根据预先存储的所述无线接入设备允许工作范围的位置信息,对所述无线接入设备进行位置验证。 [0199] FIG location verification server 18 schematic structural diagram of two embodiments of the present invention, shown in Figure 18, the location verification server includes a fourth receiving module 51 and the second verification module 52, wherein the fourth receiving module 51 for receiving wireless access device location verification request message, the location verification request message comprises acquiring location information of the wireless access device from a global positioning system module of the wireless access device included; a second module 52 for authentication permitting position information according to the working range of the AP stored in advance, the wireless access device for location verification.

[0200] 本实施例中以无线接入设备为家庭基站为例进行说明,本实施例中位置验证服务器可以是家庭基站的位置绑定及认证功能实体(AHR),其包括的第四接收模块51接收位置验证请求消息,该位置验证请求消息中包括的位置信息是家庭基站的实际工作的位置信息。 [0200] In the present embodiment, the wireless access device as an example of a home base station, server location verification embodiment of the present embodiment may be a binding position and the home base station authentication function entity (the AHR), which includes a fourth receiving module 51 receives the location verification request message, the location information in the location verification request message including the location information of the actual work of the home base station. 验证过程是由第二验证模块52完成的,具体为第二验证模块52以家庭基站的实际工作的位置信息作为验证对象,以其预先存储在AHR上的家庭基站允许工作范围的位置信息为依据进行位置合法性验证,具体可以是将家庭基站的实际工作的位置信息与家庭基站允许工作范围的位置信息进行对比,若不符则验证失败,也就是说家庭基站离开了允许工作的位置范围,因此应禁止其接入功能;若相互符合则验证成功,可以保持家庭基站的正常工作,并返回验证成功消息。 A second verification process is completed by the authentication module 52, specifically, the second verification module 52 to the position information of the actual work of the home base station to be verified as its home base station stored in advance in AHR on the allowable operation range based on position information verify the legitimacy of position, may be specific to actual work home base station location information with the home base station location information allows the operating range of the comparison, if it does not match the verification fails, that left the home base station allows working position range, shall prohibit their access function; if it is in line with mutual authentication is successful, can maintain the normal operation of the HNB, and returns the verification success message. AHR中可以包括用于存储家庭基站允许工作范围的位置信息的第二存储模块53。 AHR may include a second storage means for storing location information of the home base station allows the operation range 53

[0201] 本实施例提供的位置验证服务器应用所存储的家庭基站允许工作位置信息对家庭基站通过自身GPS功能而获得的家庭基站实际位置信息的合法性进行验证,无需改变现有的网络结构,同时实现过程不需要宏蜂窝的参与,有效地解决了在没有宏蜂窝覆盖的条件下,实现家庭基站的准确定位,同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 Legitimacy of the actual position of the home base station location verification information provided by the server application the stored allowable working embodiment the home base station location information for the home base station itself by a GPS function obtained by [0201] the present verify, without changing the existing network architecture, while achieving process does not require the participation of the macrocell, effectively solved in the absence of macrocell coverage, the exact location of the base station for home, while effectively address the deficiencies carrier does not support CLF entity, not based on port location verification .

[0202] 图19为本发明网络系统实施例三结构示意图,本实施例提供的网络系统中的无线接入设备可以是例如无线接入设备等能够为用户设备提供接入功能的设备,本实施例中无线接入设备以无线接入设备为例进行说明,如图19所示该网络系统包括无线接入设备1 和位置验证服务器3,其中无线接入设备1用于从无线接入设备1所包括的全球定位系统模块中获取所述无线接入设备的位置信息,发送给网络侧;位置验证服务器3用于根据预先存储的无线接入设备1允许工作范围的位置信息,对无线接入设备1的位置信息进行验证。 [0202] FIG 19 a schematic view of three embodiments of a network system configuration example, a network system provided in the present embodiment the wireless access device may provide, for example, access to functionality for a user equipment device for wireless access devices, the present embodiment Example wireless access device to a wireless access device as an example, the network system 19 shown in FIG. 1 includes a wireless access device authentication server 3 and the location where the wireless access device for a wireless access device 1 from the global positioning system comprises a module acquires location information of the wireless access device, transmits to the network side; location verification server 3 according to the position information pre-stored permissible operating range wireless access device 1, wireless access location of the device 1 is verified.

[0203] 本实施例中以无线接入设备为家庭基站为例进行说明。 [0203] In the present embodiment, the wireless access device as an example of the home base station. 该网络系统还包括网络定位服务器4用于对家庭基站1的位置信息数据进行计算;系统还包括业务网关5用于将家庭基站1发送的用户设备2的位置信息转发给网络定位服务器4,接收网络定位服务器4返回的计算结果,将所述计算结果发送给位置验证服务器3。 The network system further includes a network server 4 for locating the position information of the home base station 1 data is calculated; the system further comprises a service gateway 5 for the location information of the user equipment 1 transmits the home base station 2 to the network location server 4 forwards the received the results of the network location server 4 returns the calculation result to the authentication server 3 position. 系统还包括用于为家庭基站1提供配置信息的家庭基站管理平台6。 The system further comprises means for providing configuration information to the home base station 1 to the home base station management platform 6.

[0204] 当进行家庭基站的位置验证时,家庭基站1从自身配置的GPS模块中取出当前家庭基站1工作的位置信息,并发给网络侧进行位置验证;家庭基站1将家庭基站1的位置信息发送给业务网关5,业务网关5转发该位置信息给网络定位服务器4,网络定位服务器4对家庭基站1的位置信息数据进行计算,为位置验证服务器3提供地理位置信息;网络定位服务器4将计算结果返回给业务网关5,业务网关5再将该计算结果发送给位置验证服务器3,位置验证服务器3在接收家庭基站1的地理位置信息后,应用所存储的签约的家庭基站1的位置信息对其进行位置验证。 [0204] When the position to verify the home base station, the home base station 1 is removed from its configuration of the GPS module in the current location information of the home base station 1 is operated, and sent to the network side location verification; location information of the home base station 1 to the home base station 1 sent to the service gateway 5, the service gateway 5 forwards the location information to the network location server 4, the network location server for location information data 4 home base station 1 is calculated to provide geographic location information for the authentication server 3; internet positioning server 4 calculates result is returned to the service gateway 5, the service gateway 5 and then transmits the calculation result to the authentication server 3 position, the position of the authentication server 3 after receiving the location information of the home base station 1, the position of the stored subscription application of the home base station 1 information that performs location verification. 本实施例中所涉及的业务网关可以是在家庭基站在导入(Boot)流程中涉及的预备网关(Provisioning AG),也可以是家庭基站在接入(access) 流程中涉及的服务网关(Serving AG)。 Service gateway according to the present embodiment of the embodiment may be prepared according to the gateway in the lead (the Boot) process in the home base station (Provisioning AG), or may be directed to the home base station serving gateway in an access (Access) process (Serving AG ). 家庭基站管理平台6在家庭基站1进行接入流程中为家庭基站1提供相关的配置信息。 6 home base station management platform to provide configuration information to the home base station 1 in the home base station 1 performs the access process. 本实施例中所涉及的用户设备、家庭基站和位置验证服务器可以是上述各实施例中所提供的设备,具体功能及交互此处不再赘述。 The user equipment involved in the present embodiment, the position of the home base station and the authentication server may be a device in the above embodiments are provided, the function and interaction specifically omitted here.

[0205] 本发明上述实施例提供的无线接入设备的定位方法和无线接入设备位置验证方法及无线接入设备,以及用户设备和位置验证服务器和网络系统中,无线接入设备一方面基于UE,借助UE发送来的UE位置信息间接地实现定位无线接入设备的目的,无线接入设备通过将UE的位置信息与无线接入设备的身份标识进行绑定,实现网络侧AHR将UE的为位置信息当成无线接入设备的位置信息对无线接入设备进行定位,由于无线接入设备的覆盖范围较小,UE的位置信息与无线接入设备实际的位置信息差距不大,能够满足无线接入设备位置的精确度;另一方面通过在无线接入设备增加GPS模块,利用自身的GPS功能从GPS 模块中获取位置信息,直接将实际的AP位置信息发送给AHR,实现网络侧AHR对AP进行定位,保证定位精度;而且两种实现方式均无需改变现有的网络结构;同时实 [0205] The embodiments of the present invention provides a positioning method and a wireless access device wireless access device location verification method and a radio access equipment, and a user equipment and a network server and a location verification systems, wireless access device based on the one hand UE, the location information of the UE by UE transmitted achieve the object positioning device indirectly wireless access, wireless access equipment by binding the identity and location information of the UE with the wireless access device identification, network of the UE side AHR location information as the location information of the wireless access device to the wireless access device is positioned, due to the small coverage of the wireless access device, the gap between the actual position information and the position information of the UE radio access device not to meet the radio the access device location accuracy; on the other hand by increasing the GPS module in a wireless access device, using its own GPS functionality acquires location information from the GPS module, AP directly sends the location information to the actual AHR, implemented on the network side AHR AP positioning, ensure the positioning accuracy; and are implemented in two ways without changing the existing network structure; the same time the solid 现过程不需要宏蜂窝的参与,有效地解决在没有宏蜂窝覆盖的条件下,实现无线接入设备的准确定位;同时有效地解决了运营商不支持CLF实体,无法基于端口进行位置验证的缺陷。 Now process does not require the participation of a macrocell, effective solution in the absence of macrocell coverage, to achieve accurate positioning of the wireless access device; while effectively address the deficiencies of carrier does not support CLF entity, not based on a position verification port .

[0206] 结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、 计算机软件或者二者的结合来实现,为了清楚地说明硬件和软件的可互换性,在上述说明中已经按照功能一般性地描述了各示例的组成及步骤。 [0206] incorporated herein disclosed units and algorithm steps described exemplary embodiments, by electronic hardware, computer software, or a combination thereof. In order to clearly illustrate this interchangeability of hardware and software, in foregoing has generally described in terms of functional components and steps of each example. 这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。 Whether these functions are performed by hardware or software depends upon the particular application and design constraints of the technical solutions. 专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本发明的范围。 Professional technical staff may use different methods for each specific application to implement the described functionality, but such implementation should not be considered outside the scope of the present invention.

[0207] 结合本文中所公开的实施例描述的方法或算法的步骤可以用硬件、处理器执行的软件模块,或者二者的结合来实施。 [0207] The steps of a method or algorithm described in the embodiments disclosed herein may be implemented in hardware, or a combination thereof, in a software module executed by a processor to implement. 软件模块可以置于随机存储器(RAM)、内存、只读存储器(ROM)、电可编程ROM、电可擦除可编程ROM、寄存器、硬盘、可移动磁盘、CD-ROM、或任意其它形式的存储介质中。 A software module may be placed in a random access memory (RAM), a memory, a read only memory (ROM), electrically programmable ROM, an electrically erasable programmable ROM, a register, a hard disk, a removable disk, CD-ROM, or any other form of storage medium.

[0208] 最后应说明的是:以上实施例仅用以说明本发明实施例的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解: 其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。 [0208] Finally, it should be noted that: above embodiments are merely to illustrate the technical solutions in the embodiments of the present invention, rather than limiting;. Although the present invention has been described in detail embodiments, those of ordinary skill in the art should appreciated: it still may be made to the technical solutions described in each embodiment of the modified or part of the technical features equivalents; as such modifications or replacements do not cause the essence of corresponding technical solutions to depart from the respective embodiments of the present invention the technical solution the spirit and scope.

Claims (17)

1. 一种无线接入设备的定位方法,其特征在于包括: 向用户设备发送位置信息的请求信息;接收所述用户设备发送的所述用户设备的位置信息,所述位置信息是所述用户设备接收到所述请求信息后,向核心网的定位中心发送位置信息的请求,由所述定位中心通过计算得到所述用户设备的位置信息后返回给所述用户设备的; 应用无线接入设备的身份信息对所述位置信息进行标识; 将经过标识的所述位置信息发送给网络侧进行位置验证; 所述将经过标识的所述位置信息发送给网络侧进行位置验证包括: 将经过标识的所述位置信息经由业务网关发送给网络定位服务器; 所述业务网关接收所述网络定位服务器发送的经过解密处理的位置信息; 所述业务网关向位置绑定及认证功能实体发送所述经过解密处理的位置信息进行所述无线接入设备的位置合法性 CLAIMS 1. A method for locating a wireless access device, comprising: transmitting request information to a user equipment location information; receiving the user equipment from the user equipment location information, the location information of said user after the device information after receiving the request, the request positioning center transmits the location information to the core network, to obtain location information of the user equipment by calculating the positioning center returns to the user equipment; wireless access device application identity information of the position information identifier; transmitting the position to the verification position information through the network identifier; will be sent to the network side via the information identifying the location of the location verification comprising: after the identification of sending the location information to a network via a service gateway location server; the service gateway after receiving the location information transmitted from a network location server decryption process; the service gateway sends the location and binding of the authentication entity after the decryption process position information of the position of the legitimacy of the wireless access device 验证。 verification.
2.根据权利要求1所述的无线接入设备的定位方法,其特征在于所述向所述用户设备发送所述位置信息的请求信息包括:接收所述用户设备发送的位置更新请求后,向所述用户设备发送用户设备身份请求消息,所述用户设备身份请求消息包括所述位置信息的请求信息。 2. The method of locating the wireless access device according to claim 1, wherein the request information to the location information of the user equipment comprises: after receiving the location update request sent by the user equipment, to the user equipment sends a user equipment identity request message, the request message includes the user equipment identity information of the location information request.
3.根据权利要求2所述的无线接入设备的定位方法,其特征在于所述接收所述用户设备发送的位置更新请求之前包括:所述用户设备检测周围的微蜂窝信号,向所述无线接入设备发送无线资源控制连接请求;与所述无线接入设备建立无线资源控制连接后,向所述无线接入设备发送位置更新请求。 The method of locating the wireless access device according to claim 2, comprising before the receiving the location update request sent by the user: the user equipment detects ambient microcell signal to the radio the access device sends a radio resource control connection request; after establishing RRC connection with the wireless access device sends a location update request to the wireless access device.
4.根据权利要求3所述的无线接入设备的定位方法,其特征在于所述用户设备检测周围的微蜂窝信号,向所述无线接入设备发送无线资源控制连接请求之前包括:所述无线接入设备从无线接入设备管理平台下载配置信息。 The method of locating the wireless access device according to claim 3, wherein said detecting device around the user microcell signal, transmits the RRC connection request to the wireless access apparatus prior comprising: the wireless access device download configuration information from the wireless access device management platform.
5.根据权利要求1所述的无线接入设备的定位方法,其特征在于所述应用无线接入设备的身份信息对所述位置信息进行标识包括:应用无线接入设备的身份识别号对所述位置信息进行标识;或应用无线接入设备的数字证书对所述位置信息进行标识;或应用无线接入设备的媒体接入媒介访问控制地址对所述位置信息进行标识;或应用无线接入设备的IP地址对所述位置信息进行标识。 The positioning method according to the wireless access device according to claim 1, wherein said wireless access device application identity information identifies the location information comprises: identification number of the application on the wireless access device identifying said position information; digital certificate or application of the wireless access device identification position information; wireless access device applications or media access media access control address of the location identification information; or wireless access application IP address of the device to the location information is identified.
6. 一种无线接入设备位置验证方法,其特征在于包括:接收业务网关发送的来自无线接入设备的位置验证请求消息,所述位置验证请求消息包括应用所述无线接入设备的身份信息所标识的、接入所述无线接入设备的用户设备的位置信息,所述位置信息是所述用户设备接收到所述无线接入设备发送的位置信息的请求信息后,向核心网的定位中心发送位置信息的请求,由所述定位中心通过计算得到所述用户设备的位置信息后返回给所述用户设备的;根据预先存储的所述无线接入设备的位置信息,对所述位置验证请求消息中包括的所述用户设备的位置信息进行验证。 A location verification method of a wireless access device, comprising: receiving from a wireless access device location verification service gateway sends a request message, the authentication request message comprises location information of the application the identity of the wireless access device identified, the wireless user equipment to access the access device location information, the location information of the user equipment after receiving the location information request message sent by the wireless access device, positioning the core network Center sends the request location information, the user location information obtained by the positioning apparatus by calculating a center returns to the user device; according to pre-stored location information of the wireless access device, verification of the location location information request message comprises the user equipment for authentication.
7.根据权利要求6所述的无线接入设备位置验证方法,其特征在于所述根据预先存储的所述无线接入设备的位置信息,对所述位置验证请求消息中包括的所述用户设备的位置信息进行验证包括:若所述无线接入设备的位置信息与所述用户设备的位置信息之间差值小于预定阈值, 则验证成功。 The wireless access device location verification method according to claim 6, wherein said position information stored in advance according to a wireless access device, the position of the user device authentication request message comprises positional information verifying comprises: location information between a wireless access device location with the user equipment if the difference is less than a predetermined threshold value, the verification is successful.
8. 一种无线接入设备,其特征在于包括:第一接收模块,用于接收用户设备发送的所述用户设备的位置信息; 绑定模块,用于应用无线接入设备的身份信息对所述位置信息进行标识; 第一发送模块,用于将经过标识的所述位置信息发送给网络侧进行位置验证; 所述第一发送模块还用于向所述用户设备发送所述位置信息的请求信息,所述位置信息是所述用户设备接收到所述请求信息后,向核心网的定位中心发送位置信息的请求,由所述定位中心通过计算得到所述用户设备的位置信息后返回给所述用户设备的;所述第一发送模块,具体用于将经过标识的所述位置信息经由业务网关发送给网络定位服务器,以便所述业务网关接收所述网络定位服务器发送的经过解密处理的位置信息, 向位置绑定及认证功能实体发送所述经过解密处理的位置信息进行所述 A wireless access device, comprising: a first receiving module, a location information of the user equipment is sent by a user equipment; binding module, a wireless access device for applying information of their identity said position information identifier; a first sending module, configured to send the position to the verification position information through the network identifier; the first sending module is further configured to send a request to the user equipment location information information, the location information is a user equipment after receiving the request information, requesting positioning center transmits the location information to the core network, the location information of the user by the positioning device obtained by calculating back to the center position of the first transmitting module is configured to send to a network via a service gateway location server passes information identifying the location, so that the service gateway receiving the network location server transmits the decryption process after; said user equipment information, and the position of the binding entity sending the authentication information through the location of the decryption process is performed 无线接入设备的位置合法性验证。 Position of the wireless access device legality verification.
9.根据权利要求8所述的无线接入设备,其特征在于还包括: 第一下载模块,用于从无线接入设备管理平台下载配置信息。 9. A wireless access device according to claim 8, characterized by further comprising: a first download module for downloading configuration information from the wireless access device management platform.
10. 一种位置验证服务器,其特征在于包括:第三接收模块,用于接收业务网关发送的来自无线接入设备的位置验证请求消息,所述位置验证请求消息包括应用所述无线接入设备的身份信息所标识的、接入所述无线接入设备的用户设备的位置信息,所述位置信息是所述用户设备接收到所述无线接入设备发送的位置信息的请求信息后,向核心网的定位中心发送位置信息的请求,由所述定位中心通过计算得到所述用户设备的位置信息后返回给所述用户设备的;第一验证模块,用于根据预先存储的所述无线接入设备的位置信息,对所述位置验证请求消息中包括的所述用户设备的位置信息进行验证。 A location verification server, comprising: a third receiving module, a location verification device receives from the wireless access gateway sends a service request message, the request message includes an application location verification of the AP the identity information of the identified, access to the wireless access location information of the user equipment device, the location information is the user equipment after receiving the location information request message sent by the wireless access device, the core the request positioning center transmits the location information of the network, location information of the user equipment is obtained by calculation by the positioning center returns to the user device; a first authentication module, according to the wireless access prestored device location, the location verification request message comprises location information of the user equipment for authentication.
11.根据权利要求10所述的位置验证服务器,其特征在于还包括:第一存储模块,用于存储所述无线接入设备的位置信息和用于根据无线接入设备的位置信息对所述用户设备的位置信息进行验证所需的阈值。 According to claim 10, the position of the authentication server, characterized by further comprising: a first storage module, for storing location information of said wireless access device and a location information of said wireless access device according to the location information of the user equipment will be required to verify thresholds.
12. —种网络系统,其特征在于包括:用户设备、无线接入设备、位置验证服务器、网络定位服务器和业务网关;所述用户设备,用于根据所述无线接入设备的请求,从全球定位系统模块中获取所述用户设备的位置信息,发送给所述无线接入设备;所述无线接入设备,用于接收所述用户设备发送的所述用户设备的位置信息,应用所述无线接入设备的身份信息对所述位置信息进行标识;所述业务网关,用于将所述无线接入设备发送的所述用户设备的位置信息转发给所述网络定位服务器,接收所述网络定位服务器返回的计算结果,将所述计算结果发送给所述位置验证服务器;所述网络定位服务器,用于对所述用户设备的位置信息进行计算,将计算结果返回给所述业务网关;所述位置验证服务器,用于根据预先存储的所述无线接入设备的位置信息,对所述 12. - kind of network system, comprising: a user equipment, a wireless access device, the position of the authentication server, the location server and the network service gateway; the user equipment, according to a request for access to the wireless device, from the global positioning system module acquires the location information of the user equipment transmits to the wireless access device; location information of the wireless access device, for receiving the user sending the user equipment device, the wireless application identity information access device for identifying the position information; the service gateway, for forwarding location information of the user equipment transmitted by the wireless access network device to said location server, receiving the network positioning the results returned by the server, the calculation result to the location verification server; the network location server for location information of the user equipment is calculated, the calculated result is returned to the service gateway; the position authentication server, according to the pre-stored location information of the wireless access device, the 业务网关发送的计算结果进行验证。 Transmitting the results to verify the service gateway.
13.根据权利要求12所述的网络系统,其特征在于还包括无线接入设备管理平台,用于为所述无线接入设备提供配置信息。 13. The network system according to claim 12, characterized by further comprising a wireless access device management platform for providing configuration information to the wireless access device.
14. 一种网络系统,其特征在于包括:无线接入设备、位置验证服务器、网络定位服务器和业务网关;所述无线接入设备,用于从所述无线接入设备所包括的全球定位系统模块中获取所述无线接入设备的位置信息,发送给网络侧;所述业务网关,用于将所述无线接入设备发送的所述无线接入设备的位置信息转发给所述网络定位服务器,接收所述网络定位服务器返回的计算结果,将所述计算结果发送给所述位置验证服务器;所述网络定位服务器,用于对所述无线接入设备的位置信息进行计算,将计算结果返回给所述业务网关;所述位置验证服务器,用于根据预先存储的所述无线接入设备允许工作范围的位置信息,对所述业务网关发送的计算结果进行验证。 14. A network system, comprising: a wireless access device, the position of the authentication server, the location server and the network service gateway; the wireless access device, a global positioning system from the wireless access device included forwarding the service gateway, for transmission of the wireless access device location information of the wireless device to access the network location server; module acquiring location information of the wireless access device, transmits to the network side receiving the network location server returns the calculation result, and transmits the calculation result to the location verification server; the network location server for calculating the location information of the wireless access device, the calculation result is returned to the service gateway; the location verification server location information for allowing the working range of the wireless access apparatus according to pre-stored, the calculation result of the traffic sent by the gateway for verification.
15.根据权利要求14所述的网络系统,其特征在于还包括无线接入设备管理平台,用于为所述无线接入设备提供配置信息。 15. The network system according to claim 14, characterized by further comprising a wireless access device management platform for providing configuration information to the wireless access device.
16. 一种网络系统,其特征在于包括:用户设备、无线接入设备、业务网关和位置验证服务器;所述用户设备,用于根据所述无线接入设备的请求,从定位中心中获取所述用户设备的位置信息,发送给所述无线接入设备,所述位置信息是所述用户设备接收到所述无线接入设备的请求后,向核心网的定位中心发送位置信息的请求,由所述定位中心通过计算得到所述用户设备的位置信息后返回给所述用户设备的;所述无线接入设备,用于接收所述用户设备发送的所述用户设备的位置信息,应用所述无线接入设备的身份信息对所述位置信息进行标识;所述业务网关,用于将所述无线接入设备发送的所述用户设备的位置信息发送给所述位置验证服务器;所述位置验证服务器,用于根据预先存储的所述无线接入设备的位置信息,对所述用户设备的位置信息进行 16. A network system, comprising: a user equipment, a wireless access device, and a gateway location service authentication server; the user equipment, for obtaining the center according to a request from the positioning of the wireless access device location information of said user equipment transmits to the wireless access device, the location information is requested by the user equipment after receiving a request to access the wireless device, transmitting the position information to the positioning of the center of the core network, by the after the user returns the location information of the positioning apparatus by calculating the center to the user equipment; location information of the wireless access device, for receiving the user sending the user equipment device, the application identity information of the wireless access device for identifying the position information; the service gateway, for sending the location information of the wireless access device transmitting user device authentication server to said location; the location verification server, location information stored in advance according to the wireless access device, location information of the user equipment is 验证。 verification.
17.根据权利要求16所述的网络系统,其特征在于还包括无线接入设备管理平台,用于为所述无线接入设备提供配置信息。 17. The network system according to claim 16, characterized by further comprising a wireless access device management platform for providing configuration information to the wireless access device.
CN 200810222971 2008-09-24 2008-09-24 Positioning method and position verification method of wireless access device, and wireless access device CN101686164B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 200810222971 CN101686164B (en) 2008-09-24 2008-09-24 Positioning method and position verification method of wireless access device, and wireless access device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 200810222971 CN101686164B (en) 2008-09-24 2008-09-24 Positioning method and position verification method of wireless access device, and wireless access device

Publications (2)

Publication Number Publication Date
CN101686164A CN101686164A (en) 2010-03-31
CN101686164B true CN101686164B (en) 2012-07-04

Family

ID=42049148

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 200810222971 CN101686164B (en) 2008-09-24 2008-09-24 Positioning method and position verification method of wireless access device, and wireless access device

Country Status (1)

Country Link
CN (1) CN101686164B (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102547601B (en) * 2010-12-21 2015-03-25 鼎桥通信技术有限公司 Cluster service location updating method based on wireless broadband technology, and cluster system
CN102612078A (en) * 2011-01-25 2012-07-25 电信科学技术研究院 Wireless access system and device and data transmission method
CN103152696A (en) * 2013-03-19 2013-06-12 沈志松 Point of interest positioning system based on WiFi (Wireless Fidelity)
CN104468463B (en) * 2013-09-12 2019-05-28 深圳市腾讯计算机系统有限公司 Verification method, device and system
CN104703121B (en) * 2013-12-04 2018-07-20 华为技术有限公司 Method, system and the network side equipment that control device accesses
CN103841519B (en) * 2014-03-25 2018-04-10 北京极科极客科技有限公司 Method and apparatus for accurate positioning through a geographical network sniffer
CN104378378A (en) * 2014-11-25 2015-02-25 福建三元达通讯股份有限公司 Authentication method and system
CN104581728A (en) * 2014-12-02 2015-04-29 东莞宇龙通信科技有限公司 Access control method and the mobile server terminal
CN104836662A (en) * 2015-01-27 2015-08-12 北京中油瑞飞信息技术有限责任公司 Unified identity authentication system
CN109076435A (en) * 2016-05-31 2018-12-21 华为技术有限公司 A kind of position verification method and device
CN107786540A (en) * 2017-09-21 2018-03-09 国家电网公司 Equipment information acquisition method and terminal equipment
WO2019061557A1 (en) * 2017-09-29 2019-04-04 华为技术有限公司 Residual access point information recognition method and recognition apparatus

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1751248A (en) 2001-12-27 2006-03-22 高通股份有限公司 Use of mobile stations for determination of base station location parameters in a wireless mobile communication system
CN101115302A (en) 2007-08-08 2008-01-30 华为技术有限公司 Method and device for obtaining position information of mobile terminal

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1751248A (en) 2001-12-27 2006-03-22 高通股份有限公司 Use of mobile stations for determination of base station location parameters in a wireless mobile communication system
CN101115302A (en) 2007-08-08 2008-01-30 华为技术有限公司 Method and device for obtaining position information of mobile terminal

Also Published As

Publication number Publication date
CN101686164A (en) 2010-03-31

Similar Documents

Publication Publication Date Title
EP2547134B1 (en) Improved subscriber authentication for unlicensed mobile access signaling
US10178522B2 (en) VoIP emergency call support
CA2413944C (en) A zero-configuration secure mobility networking technique with web-base authentication method for large wlan networks
CA2517800C (en) User plane-based location services (lcs) system, method and apparatus
EP2304977B1 (en) Locating emergency calls via femto access points
KR100595714B1 (en) Supl initial message and method for processing supl using the same in supl based location information system
US7236477B2 (en) Method for performing authenticated handover in a wireless local area network
KR101030627B1 (en) Voip emergency call handling
CN103039053B (en) A method for registration of security devices and client group using a single registration process
US20060073811A1 (en) System and method for authentication in a mobile communications system
US7461248B2 (en) Authentication and authorization in heterogeneous networks
JP5714663B2 (en) Emergency line mode call support
US20090208013A1 (en) Wireless network handoff key
KR100494558B1 (en) The method and system for performing authentification to obtain access to public wireless LAN
JP6093810B2 (en) Configuring authentication and secure channels for communication handoff scenarios
AU2011268205B2 (en) Method and apparatus for binding subscriber authentication and device authentication in communication systems
US8862872B2 (en) Ticket-based spectrum authorization and access control
US20080108321A1 (en) Over-the-air (OTA) device provisioning in broadband wireless networks
JP6262308B2 (en) System and method for performing link setup and authentication
US8826020B2 (en) Home node-B apparatus and security protocols
EP2553898B1 (en) Method and system for authenticating a point of access
JP4701172B2 (en) System and method for controlling access to network using redirection
US7900039B2 (en) TLS session management method in SUPL-based positioning system
US20080026724A1 (en) Method for wireless local area network user set-up session connection and authentication, authorization and accounting server
JP6185017B2 (en) Authentication in secure user plane location (SUPL) system

Legal Events

Date Code Title Description
C06 Publication
C10 Request of examination as to substance
C14 Granted