CN101841886A - LIPA data flow transmission method and system - Google Patents
LIPA data flow transmission method and system Download PDFInfo
- Publication number
- CN101841886A CN101841886A CN201010149786A CN201010149786A CN101841886A CN 101841886 A CN101841886 A CN 101841886A CN 201010149786 A CN201010149786 A CN 201010149786A CN 201010149786 A CN201010149786 A CN 201010149786A CN 101841886 A CN101841886 A CN 101841886A
- Authority
- CN
- China
- Prior art keywords
- local
- insert
- lipa
- operator
- data flow
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/02—Arrangements for optimising operational condition
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/04—Large scale networks; Deep hierarchical networks
- H04W84/042—Public Land Mobile systems, e.g. cellular systems
- H04W84/045—Public Land Mobile systems, e.g. cellular systems using private Base Stations, e.g. femto Base Stations, home Node B
Abstract
The invention discloses a transmission method of LIPA data flow; an operator authorizes the LIPA of H(e)NB before H(e)NB deployment; when the H(e)NB is started, the core network of the operator and the H(e)NB mutually authenticate successfully and H(e)NB has LIPA authority, and the H(e)NB is allowed to be accessed through a local IP; and the H(e)NB registers UE, the UE can implement local IP access under the circumstance of local IP access so that the H(e)NB can directly carry out data flow transmission with the local network of a resident/a company without the core network under the circumstance that the local network of the resident/company allows the LIPA. The invention also correspondingly discloses a transmission system of the LIPA data flow. Because relevant data flow does not need to be transmitted through the core network, the invention can reduce the burden of the network and save the transmission cost.
Description
Technical field
The present invention relates to radio honeycomb communication system, relate in particular to a kind of local IP and insert (Local IP Access, LIPA) transmission method of data flow and system.
Background technology
(Home Node-B HNB) is used for providing the wireless coverage of 3G for being in 3-G (Generation Three mobile communication system) (3G) mobile phone in the family Home eNodeB.HNB generally is connected to the dwelling house broadband service that has existed, it comprises the function of an element (Node B) of the grand Radio Access Network of 3G of a standard and radio network controller (Radio Network Controller, radio resource management function RNC) of a standard.
Fig. 1 is the system configuration schematic diagram of HNB; as shown in Figure 1; HNB is by a security gateway (security gateway; SeGW) core net of access carrier; wherein the broadband IP backhaul between HNB and the SeGW may be unsafe, the escape way protection that the information of propagating in this backhaul will be set up between HNB and the SeGW.On behalf of the core net of operator and HNB, SeGW authenticate mutually.HNB GW (HNB Gateway) is the entity that separates in logic in the core net of operator with SeGW, is used for the access control of the UE of non-CSG (Closed Subscriber Group).
Fig. 2 is family's evolution base station (Home evolved Node-B, HeNB) system configuration schematic diagram, as shown in Figure 2, the difference of HeNB and HNB be exactly it be the air interface that is connected 3GPP subscriber equipment and EUTRAN (Evolved Universal Terrestrial Radio Access Network).H (e) NB (Home (evolved) Node-B) comprises HNB and HeNB, is the general designation of HNB and HeNB.
Because existing wireless access technology makes transfer of data reach higher speed, operator has shown great demand to alleviating network burden and save transmission cost by the unloading network data flow, and local IP access makes that having IP address user equipment directly is linked into the equipment that has the IP address in other local or the company's IP network by H (e) NB, so the specific data stream that unloads this H (e) NB subsystem and grand network is (such as the internet data stream of H (e) NB subsystem and the internet data stream of grand network, company data stream etc.) alleviating network burden is also more and more paid close attention to by operator with the saving transmission cost.
Consider that from the angle of function and framework the specific I P data flow unloading of H (e) NB subsystem and grand network is similarly, this may cause the general character of the framework that the specific I P data flow of unloading of H (e) NB subsystem specific I P data flow and grand network unloads.Network data flow without core net can become very usual for Home eNodeB and grand network, and this will cause the generation of the safety measure consistent with framework.
But; still unmatchful H (e) NB is linked into the description of data flow transmission of the local network of resident/company by LIPA in existing technical specification; also not to the transmission path of data flow and the corresponding safeguard measure of transmission content; and; the unloading of the specific IP traffic of H (e) NB subsystem has become an inexorable trend, thereby the safe transmission pattern of LIPA data flow need be introduced into the successful unloading of the specific IP traffic that guarantees H (e) NB subsystem.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of transmission method and system of LIPA data flow, can make H (e) NB carry out data flow transmission by the local network that LIPA is linked into resident/company, thereby alleviates network burden, saving transmission cost.
For achieving the above object, technical scheme of the present invention is achieved in that
A kind of local IP inserts the transmission method of LIPA data flow, comprising:
Between the core net of a, operator and Home eNodeB or the evolution base station H of family (e) NB mutually behind the authentication success, the core net of operator judges whether described H (e) NB has the LIPA authority, described H (e) NB has the LIPA authority, then allows described H (e) NB to insert execution in step b by local IP; Otherwise, do not allow H (e) NB to insert by local IP;
Step b:H (e) NB carries out the registration of UE, and judges whether described UE can insert by local IP, and described UE can insert by local IP, and then described UE inserts by local IP; Otherwise, do not allow UE to pass through local IP and insert.
After described UE inserted by local IP, this method also comprises: the local network of H (e) NB and resident/company directly carried out the data flow transmission without core net.
Described H (e) NB also comprises step after judging that described UE can insert by local IP:
Whether described UE selects to insert by local IP, and described UE selects to insert by local IP, and then described UE inserts by local IP; Otherwise described UE does not insert by local IP.
This method also comprises: operator writes the identity identification list of H (e) NB with LIPA authority in advance in being used for authenticating the network element of H (e) NB,
The core net of described operator judges whether described H (e) NB has the LIPA authority to be: inquire about the identify label whether described H (e) NB is arranged in the identity identification list that is used for authenticating the H with LIPA authority (e) NB that preserves in the network element of H (e) NB.
This method also comprises: operator writes the identity identification list that allows by the UE of local IP access in advance in being used for authenticating the network element of UE,
Describedly judge whether described UE can insert by local IP and be: be used for authenticating the identify label whether this UE is arranged in the identity identification list of the UE that the permission of preserving in the network element of UE inserts by local IP in the core net of inquiry operator.
The local network of described H (e) NB and resident/company directly carries out being undertaken by local gateway without the data flow transmission of core net, and described local gateway and described H (e) NB merge setting or independent the setting.
The local network of described H (e) NB and resident/company directly carries out: adopt the network security protection mode that described data flow transmitted is protected, perhaps, described data flow transmitted is not protected.
A kind of transmission system of LIPA data flow comprises: the core net of operator, H (e) NB and UE; Wherein,
The core net of described operator, be used for and Home eNodeB or the evolution base station H of family (e) NB between mutually behind the authentication success, judge whether described H (e) NB has the LIPA authority, and described H (e) NB has the LIPA authority, then allow described H (e) NB to insert by local IP; Otherwise, do not allow H (e) NB to insert by local IP;
Described H (e) NB, be used for after the core net of operator allows described H (e) NB to insert by local IP, carrying out the registration of UE, and judge whether described UE can insert by local IP, described UE can insert by local IP, then controls described UE and inserts by local IP; Otherwise, do not allow UE to pass through local IP and insert;
Described UE is used for the judged result according to H (e) NB, by or do not insert by local IP.
Described H (e) NB also is used for after UE inserts by local IP, directly carries out data flow transmission without core net with the local network of resident/company.
Whether described UE also is used for selecting to insert by local IP after H (e) NB judges that described UE can insert by local IP, and described UE selects to insert by local IP, and then described UE inserts by local IP; Otherwise described UE does not insert by local IP.
The core net of described operator also is used for writing according to the network element that operating in of operator is used for authenticating H (e) NB the identity identification list of H (e) NB with LIPA authority;
The core net of described operator judges whether H (e) NB has the LIPA authority to be: inquire about the identify label whether described H (e) NB is arranged in the identity identification list that is used for authenticating the H with LIPA authority (e) NB that preserves in the network element of H (e) NB.
The core net of described operator, the network element that also is used for being used for authenticating according to operating in of operator UE writes the identity identification list that allows by the UE of local IP access;
Describedly judge whether described UE can insert by local IP and be: be used for authenticating the identify label whether this UE is arranged in the identity identification list of the UE that the permission of preserving in the network element of UE inserts by local IP in the core net of inquiry operator.
This system also comprises local gateway, and the local network of described H (e) NB and resident/company directly carries out being undertaken by local gateway without the data flow transmission of core net, and described local gateway and described H (e) NB merge setting or independent the setting.
The local network of described H (e) NB and resident/company directly carries out: adopt the network security protection mode that described data flow transmitted is protected, perhaps, described data flow transmitted is not protected.
The transmission method of LIPA data flow of the present invention and system, the LIPA to H (e) NB before H (e) NB disposes of operator authorizes, when H (e) NB starts, mutual authentication success and this H (e) NB have the LIPA authority between the core net of operator and H (e) NB, then allow H (e) NB to insert by local IP, H (e) NB carries out the registration of UE, UE can implement local IP access under the situation by local IP access, thereby the local network in resident/company allows under the situation of LIPA, H (e) NB can directly carry out the data flow transmission without core net with the local network of resident/company, because related data flow does not need to transmit by core net, so the present invention can alleviate network burden, save transmission cost.
Description of drawings
Fig. 1 is the system configuration schematic diagram of HNB;
Fig. 2 is the system configuration schematic diagram of HeNB;
Fig. 3 is the transmission method schematic flow sheet of LIPA data flow of the present invention;
Fig. 4 is the transfer process schematic diagram of embodiment of the invention 1LIPA data flow;
Fig. 5 is the transfer process schematic diagram of embodiment of the invention 2LIPA data flow;
Fig. 6 is the transfer process schematic diagram of embodiment of the invention 3LIPA data flow;
Fig. 7 is the transfer process schematic diagram of embodiment of the invention 4LIPA data flow;
Fig. 8 is the transfer process schematic diagram of embodiment of the invention 5LIPA data flow;
Fig. 9 is the transfer process schematic diagram of embodiment of the invention 6LIPA data flow.
Embodiment
Basic thought of the present invention is: the LIPA to H (e) NB before H (e) NB disposes of operator authorizes, when H (e) NB starts, mutual authentication success and this H (e) NB have the LIPA authority between the core net of operator and H (e) NB, then allow H (e) NB to insert by local IP, H (e) NB carries out the registration of UE, UE can implement local IP access under the situation by local IP access, thereby the local network in resident/company allows under the situation of LIPA, and H (e) NB can directly carry out the data flow transmission without core net with the local network of resident/company.
Fig. 3 is the transmission method schematic flow sheet of LIPA data flow of the present invention, and as shown in Figure 3, the transmission method of LIPA data flow of the present invention may further comprise the steps:
Step 301: operator is authorized at the core net of the operator LIPA to H (e) NB.
Here, operator generally before H (e) NB disposes the LIPA to H (e) NB authorize, can in being used for authenticating the network element of H (e) NB, write the identity identification list of H (e) NB with LIPA authority such as, operator.Need to prove that the network element that can be used to authenticate H (e) NB includes but not limited to: security gateway, MME, MSC, SGSN or H (e) NB-GW.
When step 302:H (e) NB starts, mutual authentication success between the core net of operator and H (e) NB.
Step 303: the core net of operator judges whether this H (e) NB has the LIPA authority, if allow H (e) NB to insert execution in step 304 by local IP; Otherwise, forward step 307 to, do not allow H (e) NB to insert by local IP.
Here, judge H (e) NB whether have the LIPA authority can for: inquiry is used for authenticating the identify label whether this H (e) NB is arranged in the identity identification list of the H with LIPA authority (e) NB that preserves in the network element of H (e) NB.
Step 304:H (e) NB carries out the registration of UE, and notice this H of UE (e) NB has the LIPA ability, and judges whether UE can insert by local IP, if allow UE to insert execution in step 305 by local IP; Otherwise, do not allow UE to pass through local IP and insert, forward step 308 to.
Here, operator generally can be in advance writes the identity identification list of H (e) NB with LIPA authority in being used for authenticating the network element of H (e) NB, judge UE whether can by local IP insert can for: be used for authenticating the identify label whether this UE is arranged in the identity identification list of the UE that the permission of preserving in the network element of UE inserts by local IP in the core net of inquiry operator.
Whether step 305:UE selects to insert by local IP, if, execution in step 306; Otherwise, forwarding step 309 to, UE does not insert by local IP.
Here, the local network of H (e) NB and resident/company directly carries out can being undertaken by local gateway without the data flow transmission of core net, and local gateway can merge setting with H (e) NB, also can independently be provided with.Data flow between H (e) NB that transmits by local gateway and the local network of resident/company can not protected, and can adopt network security protection modes such as IPsec and/or TLS to protect yet.
In actual applications, also can not allow UE select, when H (e) NB allowed UE to insert by local IP, UE directly inserts by local IP.
Step 306:UE inserts by local IP, and flow process finishes.
When UE selected use to insert by local IP, then the local network in resident/company allowed under the situation of LIPA, and H (e) NB can directly carry out the data flow transmission without core net with the local network of resident/company.
UE carries out LIPA by H (e) NB and refers to that just H (e) NB is linked into the local network of resident/company by LIPA.
Step 307: do not allow H (e) NB to insert by local IP, flow process finishes.
Step 308: do not allow UE to pass through local IP and insert, flow process finishes.
Step 309:UE does not insert by local IP, and flow process finishes.
The present invention also proposes a kind of transmission system of LIPA data flow, comprising: the core net of operator, H (e) NB and UE; Wherein,
The core net of described operator, be used for and Home eNodeB or the evolution base station H of family (e) NB between mutually behind the authentication success, judge whether described H (e) NB has the LIPA authority, and described H (e) NB has the LIPA authority, then allow described H (e) NB to insert by local IP; Otherwise, do not allow H (e) NB to insert by local IP;
Described H (e) NB, be used for after the core net of operator allows described H (e) NB to insert by local IP, carrying out the registration of UE, and judge whether described UE can insert by local IP, described UE can insert by local IP, then controls described UE and inserts by local IP; Otherwise, do not allow UE to pass through local IP and insert;
Described UE is used for the judged result according to H (e) NB, by or do not insert by local IP.
Described H (e) NB also is used for after UE inserts by local IP, directly carries out data flow transmission without core net with the local network of resident/company.
Whether described UE also is used for selecting to insert by local IP after H (e) NB judges that described UE can insert by local IP, and described UE selects to insert by local IP, and then described UE inserts by local IP; Otherwise described UE does not insert by local IP.
The core net of described operator also is used for writing according to the network element that operating in of operator is used for authenticating H (e) NB the identity identification list of H (e) NB with LIPA authority;
The core net of described operator judges whether H (e) NB has the LIPA authority to be: inquire about the identify label whether described H (e) NB is arranged in the identity identification list that is used for authenticating the H with LIPA authority (e) NB that preserves in the network element of H (e) NB.
The core net of described operator, the network element that also is used for being used for authenticating according to operating in of operator UE writes the identity identification list that allows by the UE of local IP access;
Describedly judge whether described UE can insert by local IP and be: be used for authenticating the identify label whether this UE is arranged in the identity identification list of the UE that the permission of preserving in the network element of UE inserts by local IP in the core net of inquiry operator.
This system also comprises local gateway, and the local network of described H (e) NB and resident/company directly carries out being undertaken by local gateway without the data flow transmission of core net, and described local gateway and described H (e) NB merge setting or independent the setting.
The local network of described H (e) NB and resident/company directly carries out: adopt the network security protection mode that described data flow transmitted is protected, perhaps, described data flow transmitted is not protected.
Below by specific embodiment technical scheme of the present invention is described in further detail.
Embodiment 1
In the present embodiment, H (e) NB does not have the LIPA authority, and Fig. 4 is the transfer process schematic diagram of embodiment of the invention 1LIPA data flow, and as shown in Figure 4, the transfer process of embodiment of the invention 1LIPA data flow comprises:
Before step 401:H (e) NB disposed, operator was authorized the LIPA of H (e) NB.
When step 402:H (e) NB starts, carry out the mutual authentication of success between the network of operator and H (e) NB and judge whether H (e) NB has the LIPA authority.
Step 403: judge that H (e) NB does not have the LIPA authority, do not allow H (e) NB to insert by local IP.
Embodiment 2
In the present embodiment, H (e) NB has the LIPA authority, but UE can not be by local IP access, and Fig. 5 is the transfer process schematic diagram of embodiment of the invention 2LIPA data flow, and as shown in Figure 5, the transfer process of embodiment of the invention 2LIPA data flow comprises:
Before step 501:H (e) NB disposed, operator was authorized the LIPA of H (e) NB.
When step 502:H (e) NB starts, carry out the mutual authentication of success between the network of operator and H (e) NB and judge whether H (e) NB has the LIPA authority.
Step 503: judge that H (e) NB has the LIPA authority, allow H (e) NB to insert by local IP.H (e) NB carries out the registration of UE, and notice this H of UE (e) NB has the LIPA ability, and judges whether UE can insert by local IP.
Step 504: judge that UE can not insert by local IP, do not allow UE to pass through local IP and insert.
Embodiment 3
In the present embodiment, H (e) NB has the LIPA authority, UE can insert and whether carry out local IP access by local IP does not need UE to select, Fig. 6 is the transfer process schematic diagram of embodiment of the invention 3LIPA data flow, as shown in Figure 6, the transfer process of embodiment of the invention 3LIPA data flow comprises:
Before step 601:H (e) NB disposed, operator was authorized the LIPA of H (e) NB.
When step 602:H (e) NB starts, carry out the mutual authentication of success between the network of operator and H (e) NB and judge whether H (e) NB has the LIPA authority.
Step 603: judge that H (e) NB has the LIPA authority, allow H (e) NB to insert by local IP.H (e) NB carries out the registration of UE, and notice this H of UE (e) NB has the LIPA ability, and judges whether UE can insert by local IP.
Step 604: judge that UE can insert by local IP, UE inserts by local IP.
Embodiment 4
In the present embodiment, H (e) NB has LIPA authority, UE to select not carry out local IP access by local IP access and UE, Fig. 7 is the transfer process schematic diagram of embodiment of the invention 4LIPA data flow, and as shown in Figure 7, the transfer process of embodiment of the invention 4LIPA data flow comprises:
Before step 701:H (e) NB disposed, operator was authorized the LIPA of H (e) NB.
When step 702:H (e) NB starts, carry out the mutual authentication of success between the network of operator and H (e) NB and judge whether H (e) NB has the LIPA authority.
Step 703: judge that H (e) NB has the LIPA authority, allow H (e) NB to insert by local IP.H (e) NB carries out the registration of UE, and notice this H of UE (e) NB has the LIPA ability, and judges whether UE can insert by local IP.
Step 704: judge that UE can insert by local IP, UE selects not use LIPA, and then UE does not insert by local IP.
Embodiment 5
In the present embodiment; H (e) NB has LIPA authority, UE to insert by local IP, UE selects to carry out local IP access and the data flow between the local network of H (e) NB and resident/company is not carried out safeguard protection; Fig. 8 is the transfer process schematic diagram of embodiment of the invention 5LIPA data flow; as shown in Figure 8, the transfer process of embodiment of the invention 5LIPA data flow comprises:
Before step 801:H (e) NB disposed, operator was authorized the LIPA of H (e) NB.
When step 802:H (e) NB starts, carry out the mutual authentication of success between the network of operator and H (e) NB and judge whether H (e) NB has the LIPA authority.
Step 803: judge that H (e) NB has the LIPA authority, then allow H (e) NB to insert by local IP.H (e) NB carries out the registration of UE, and notice this H of UE (e) NB has the LIPA ability, and judges whether UE can insert by local IP.
Step 804: judge that UE can insert by local IP, UE selects to use LIPA, and then the local network in resident/company allows under the situation of LIPA, and H (e) NB can directly carry out the data flow transmission without core net with the local network of resident/company.The local network of H (e) NB and resident/company directly carries out can being undertaken by local gateway without the data flow transmission of core net, and local gateway can be unified with H (e) NB, also can be independent.Data flow between H (e) NB that transmits by local gateway and the local network of resident/company is not carried out safeguard protection.
Embodiment 6
In the present embodiment; H (e) NB has LIPA authority, UE to insert by local IP, UE selects to carry out local IP access and the data flow between the local network of H (e) NB and resident/company is carried out safeguard protection; Fig. 9 is the transfer process schematic diagram of embodiment of the invention 6LIPA data flow; as shown in Figure 9, the transfer process of embodiment of the invention 6LIPA data flow comprises:
Before step 901:H (e) NB disposed, operator was authorized the LIPA of H (e) NB.
When step 902:H (e) NB starts, carry out the mutual authentication of success between the network of operator and H (e) NB and judge whether H (e) NB has the LIPA authority.
Step 903: judge that H (e) NB has the LIPA authority, then allow H (e) NB to insert by local IP.H (e) NB carries out the registration of UE, and notice this H of UE (e) NB has the LIPA ability, and judges whether UE can insert by local IP.
Step 904:UE can insert by local IP, and UE selects to use LIPA, and then the local network in resident/company allows under the situation of LIPA, and H (e) NB can directly carry out the data flow transmission without core net with the local network of resident/company.The local network of H (e) NB and resident/company directly carries out can being undertaken by local gateway without the data flow transmission of core net, and local gateway can be unified with H (e) NB, also can be independent.Data flow between H (e) NB that transmits by local gateway and the local network of resident/company adopts network security protection modes such as IPsec and/or TLS to protect.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.
Claims (14)
1. a local IP inserts the transmission method of LIPA data flow, it is characterized in that this method comprises:
Between the core net of a, operator and Home eNodeB or the evolution base station H of family (e) NB mutually behind the authentication success, the core net of operator judges whether described H (e) NB has the LIPA authority, described H (e) NB has the LIPA authority, then allows described H (e) NB to insert execution in step b by local IP; Otherwise, do not allow H (e) NB to insert by local IP;
Step b:H (e) NB carries out the registration of UE, and judges whether described UE can insert by local IP, and described UE can insert by local IP, and then described UE inserts by local IP; Otherwise, do not allow UE to pass through local IP and insert.
2. method according to claim 1 is characterized in that, after described UE inserted by local IP, this method also comprises: the local network of H (e) NB and resident/company directly carried out the data flow transmission without core net.
3. method according to claim 2 is characterized in that, described H (e) NB also comprises step after judging that described UE can insert by local IP:
Whether described UE selects to insert by local IP, and described UE selects to insert by local IP, and then described UE inserts by local IP; Otherwise described UE does not insert by local IP.
4. method according to claim 2 is characterized in that, this method also comprises: operator writes the identity identification list of H (e) NB with LIPA authority in advance in being used for authenticating the network element of H (e) NB,
The core net of described operator judges whether described H (e) NB has the LIPA authority to be: inquire about the identify label whether described H (e) NB is arranged in the identity identification list that is used for authenticating the H with LIPA authority (e) NB that preserves in the network element of H (e) NB.
5. method according to claim 2 is characterized in that, this method also comprises: operator writes the identity identification list that allows by the UE of local IP access in advance in being used for authenticating the network element of UE,
Describedly judge whether described UE can insert by local IP and be: be used for authenticating the identify label whether this UE is arranged in the identity identification list of the UE that the permission of preserving in the network element of UE inserts by local IP in the core net of inquiry operator.
6. according to each described method of claim 2 to 5, it is characterized in that, the local network of described H (e) NB and resident/company directly carries out being undertaken by local gateway without the data flow transmission of core net, and described local gateway and described H (e) NB merge setting or independent the setting.
7. according to each described method of claim 2 to 5; it is characterized in that; the local network of described H (e) NB and resident/company directly carries out: adopt the network security protection mode that described data flow transmitted is protected; perhaps, described data flow transmitted is not protected.
8. the transmission system of a LIPA data flow is characterized in that, this system comprises: the core net of operator, H (e) NB and UE; Wherein,
The core net of described operator, be used for and Home eNodeB or the evolution base station H of family (e) NB between mutually behind the authentication success, judge whether described H (e) NB has the LIPA authority, and described H (e) NB has the LIPA authority, then allow described H (e) NB to insert by local IP; Otherwise, do not allow H (e) NB to insert by local IP;
Described H (e) NB, be used for after the core net of operator allows described H (e) NB to insert by local IP, carrying out the registration of UE, and judge whether described UE can insert by local IP, described UE can insert by local IP, then controls described UE and inserts by local IP; Otherwise, do not allow UE to pass through local IP and insert;
Described UE is used for the judged result according to H (e) NB, by or do not insert by local IP.
9. system according to claim 8 is characterized in that, described H (e) NB also is used for after UE inserts by local IP, directly carries out data flow transmission without core net with the local network of resident/company.
10. system according to claim 9 is characterized in that,
Whether described UE also is used for selecting to insert by local IP after H (e) NB judges that described UE can insert by local IP, and described UE selects to insert by local IP, and then described UE inserts by local IP; Otherwise described UE does not insert by local IP.
11. system according to claim 9 is characterized in that,
The core net of described operator also is used for writing according to the network element that operating in of operator is used for authenticating H (e) NB the identity identification list of H (e) NB with LIPA authority;
The core net of described operator judges whether H (e) NB has the LIPA authority to be: inquire about the identify label whether described H (e) NB is arranged in the identity identification list that is used for authenticating the H with LIPA authority (e) NB that preserves in the network element of H (e) NB.
12. system according to claim 9 is characterized in that,
The core net of described operator, the network element that also is used for being used for authenticating according to operating in of operator UE writes the identity identification list that allows by the UE of local IP access;
Describedly judge whether described UE can insert by local IP and be: be used for authenticating the identify label whether this UE is arranged in the identity identification list of the UE that the permission of preserving in the network element of UE inserts by local IP in the core net of inquiry operator.
13. according to each described system of claim 9 to 12, it is characterized in that, this system also comprises local gateway, the local network of described H (e) NB and resident/company directly carries out being undertaken by local gateway without the data flow transmission of core net, and described local gateway and described H (e) NB merge setting or independent the setting.
14. according to each described system of claim 9 to 12; it is characterized in that; the local network of described H (e) NB and resident/company directly carries out: adopt the network security protection mode that described data flow transmitted is protected; perhaps, described data flow transmitted is not protected.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010149786A CN101841886A (en) | 2010-04-15 | 2010-04-15 | LIPA data flow transmission method and system |
| PCT/CN2010/074015 WO2011127684A1 (en) | 2010-04-15 | 2010-06-17 | Transmission method and system for local ip access (lipa) data stream |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010149786A CN101841886A (en) | 2010-04-15 | 2010-04-15 | LIPA data flow transmission method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101841886A true CN101841886A (en) | 2010-09-22 |
Family
ID=42744907
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010149786A Pending CN101841886A (en) | 2010-04-15 | 2010-04-15 | LIPA data flow transmission method and system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN101841886A (en) |
| WO (1) | WO2011127684A1 (en) |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102006672A (en) * | 2010-09-28 | 2011-04-06 | 中国联合网络通信集团有限公司 | Service request processing method, communication system and household base station |
| CN102026403A (en) * | 2010-09-28 | 2011-04-20 | 中国联合网络通信集团有限公司 | Method and communication system for processing business requests as well as HNB (home node B) gateway |
| CN102158960A (en) * | 2011-02-16 | 2011-08-17 | 电信科学技术研究院 | Method, system and equipment for establishing LIPA (Local Internet Protocol Access) connection |
| CN102158982A (en) * | 2011-02-16 | 2011-08-17 | 电信科学技术研究院 | Method and equipment for processing local IP access (LIPA) connection |
| CN102170708A (en) * | 2011-05-24 | 2011-08-31 | 电信科学技术研究院 | Method, system and equipment for processing dedicated bearer for LIPA (Local IP Access) connection, |
| WO2012051892A1 (en) * | 2010-10-22 | 2012-04-26 | 中兴通讯股份有限公司 | Method and system for data routing control |
| CN102457983A (en) * | 2010-10-22 | 2012-05-16 | 电信科学技术研究院 | Method and equipment for processing packet data network connection |
| CN102843679A (en) * | 2011-06-24 | 2012-12-26 | 中怡(苏州)科技有限公司 | Transmission method and transmission system of wireless data stream |
| CN102869042A (en) * | 2011-07-05 | 2013-01-09 | 中怡(苏州)科技有限公司 | Method and system for transmitting wireless data streams |
| CN103037369A (en) * | 2011-10-06 | 2013-04-10 | 财团法人工业技术研究院 | Authentication method and device for local network co-access network element and terminal equipment |
| CN103314617A (en) * | 2011-01-14 | 2013-09-18 | 交互数字专利控股公司 | Local internet protocol access connection handling during circuit switched fallback and handover |
| CN104012119A (en) * | 2011-12-23 | 2014-08-27 | 诺基亚公司 | Method and apparatus for traffic offloading |
| CN104270739A (en) * | 2011-06-24 | 2015-01-07 | 中怡(苏州)科技有限公司 | Method and system for transmitting wireless data flow |
| CN105306538A (en) * | 2015-09-22 | 2016-02-03 | 北京佰才邦技术有限公司 | Data storage method, capability opening entity and base station |
| CN105517105A (en) * | 2014-09-23 | 2016-04-20 | 中兴通讯股份有限公司 | Method and apparatus for accessing network |
| US9713039B2 (en) | 2011-09-30 | 2017-07-18 | Interdigital Patent Holdings, Inc. | Methods, apparatus and systems for enabling managed remote access |
| WO2017210824A1 (en) * | 2016-06-06 | 2017-12-14 | 海能达通信股份有限公司 | Cluster service data transmission control method, apparatus, and device |
| CN107750050A (en) * | 2011-01-06 | 2018-03-02 | 北京三星通信技术研究有限公司 | One kind supports user equipment (UE) mobility method and equipment |
| CN107819732A (en) * | 2016-09-13 | 2018-03-20 | 中兴通讯股份有限公司 | The method and apparatus of user terminal access local network |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101335984A (en) * | 2007-06-25 | 2008-12-31 | 华为技术有限公司 | Household miniature base station access control method and system |
| CN101662757A (en) * | 2009-06-30 | 2010-03-03 | 华为技术有限公司 | Method, femto gateway and system for controlling subscriber access |
| CN101690319A (en) * | 2007-04-27 | 2010-03-31 | 诺基亚西门子通信公司 | Method, radio system, and base station |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101437223B (en) * | 2007-11-16 | 2011-11-02 | 华为技术有限公司 | Access method, system and apparatus for household base station |
| US8856387B2 (en) * | 2008-04-24 | 2014-10-07 | Qualcomm Incorporated | Local IP access scheme |
| WO2010036181A2 (en) * | 2008-09-23 | 2010-04-01 | Telefonaktiebolaget L M Ericsson (Publ) | Access control for terminals in utran femto system |
-
2010
- 2010-04-15 CN CN201010149786A patent/CN101841886A/en active Pending
- 2010-06-17 WO PCT/CN2010/074015 patent/WO2011127684A1/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101690319A (en) * | 2007-04-27 | 2010-03-31 | 诺基亚西门子通信公司 | Method, radio system, and base station |
| CN101335984A (en) * | 2007-06-25 | 2008-12-31 | 华为技术有限公司 | Household miniature base station access control method and system |
| CN101662757A (en) * | 2009-06-30 | 2010-03-03 | 华为技术有限公司 | Method, femto gateway and system for controlling subscriber access |
Cited By (36)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102006672A (en) * | 2010-09-28 | 2011-04-06 | 中国联合网络通信集团有限公司 | Service request processing method, communication system and household base station |
| CN102026403A (en) * | 2010-09-28 | 2011-04-20 | 中国联合网络通信集团有限公司 | Method and communication system for processing business requests as well as HNB (home node B) gateway |
| CN102457931B (en) * | 2010-10-22 | 2016-06-29 | 中兴通讯股份有限公司 | A kind of data route control method and system |
| WO2012051892A1 (en) * | 2010-10-22 | 2012-04-26 | 中兴通讯股份有限公司 | Method and system for data routing control |
| CN102457983B (en) * | 2010-10-22 | 2014-08-06 | 电信科学技术研究院 | Method and equipment for processing packet data network connection |
| CN102457931A (en) * | 2010-10-22 | 2012-05-16 | 中兴通讯股份有限公司 | Method and system for controlling data route |
| CN102457983A (en) * | 2010-10-22 | 2012-05-16 | 电信科学技术研究院 | Method and equipment for processing packet data network connection |
| CN107750050B (en) * | 2011-01-06 | 2022-03-04 | 北京三星通信技术研究有限公司 | Method and equipment for supporting mobility of User Equipment (UE) |
| CN107750050A (en) * | 2011-01-06 | 2018-03-02 | 北京三星通信技术研究有限公司 | One kind supports user equipment (UE) mobility method and equipment |
| CN103314617A (en) * | 2011-01-14 | 2013-09-18 | 交互数字专利控股公司 | Local internet protocol access connection handling during circuit switched fallback and handover |
| CN102158960A (en) * | 2011-02-16 | 2011-08-17 | 电信科学技术研究院 | Method, system and equipment for establishing LIPA (Local Internet Protocol Access) connection |
| CN102158982A (en) * | 2011-02-16 | 2011-08-17 | 电信科学技术研究院 | Method and equipment for processing local IP access (LIPA) connection |
| WO2012109944A1 (en) * | 2011-02-16 | 2012-08-23 | 电信科学技术研究院 | Method and device for handling lipa connection |
| WO2012109992A1 (en) * | 2011-02-16 | 2012-08-23 | 电信科学技术研究院 | Method, system and apparatus for establishing lipa connection |
| CN102158960B (en) * | 2011-02-16 | 2013-06-12 | 电信科学技术研究院 | Method, system and equipment for establishing LIPA (Local Internet Protocol Access) connection |
| CN102170708B (en) * | 2011-05-24 | 2013-10-16 | 电信科学技术研究院 | Method, system and equipment for processing dedicated bearer for LIPA (Local IP Access) connection, |
| WO2012159495A1 (en) * | 2011-05-24 | 2012-11-29 | 电信科学技术研究院 | Method, system and apparatus for processing dedicated bearer for lipa connection |
| CN102170708A (en) * | 2011-05-24 | 2011-08-31 | 电信科学技术研究院 | Method, system and equipment for processing dedicated bearer for LIPA (Local IP Access) connection, |
| CN102843679A (en) * | 2011-06-24 | 2012-12-26 | 中怡(苏州)科技有限公司 | Transmission method and transmission system of wireless data stream |
| CN104270739A (en) * | 2011-06-24 | 2015-01-07 | 中怡(苏州)科技有限公司 | Method and system for transmitting wireless data flow |
| US9107071B2 (en) | 2011-06-24 | 2015-08-11 | Sernet (Shuzhou) Technologies Corporation | Method and system for transmitting wireless data streams |
| US8504023B2 (en) | 2011-07-05 | 2013-08-06 | Sernet (Suzhou) Technologies Corporation | Method and system for wireless data flow |
| CN102869042A (en) * | 2011-07-05 | 2013-01-09 | 中怡(苏州)科技有限公司 | Method and system for transmitting wireless data streams |
| CN102869042B (en) * | 2011-07-05 | 2014-12-31 | 中怡(苏州)科技有限公司 | Method and system for transmitting wireless data streams |
| US9713039B2 (en) | 2011-09-30 | 2017-07-18 | Interdigital Patent Holdings, Inc. | Methods, apparatus and systems for enabling managed remote access |
| US9137661B2 (en) | 2011-10-06 | 2015-09-15 | Industrial Technology Research Institute | Authentication method and apparatus for user equipment and LIPA network entities |
| CN103037369B (en) * | 2011-10-06 | 2016-05-04 | 财团法人工业技术研究院 | Authentication method and device for local network co-access network element and terminal equipment |
| CN103037369A (en) * | 2011-10-06 | 2013-04-10 | 财团法人工业技术研究院 | Authentication method and device for local network co-access network element and terminal equipment |
| CN104012119A (en) * | 2011-12-23 | 2014-08-27 | 诺基亚公司 | Method and apparatus for traffic offloading |
| CN105517105A (en) * | 2014-09-23 | 2016-04-20 | 中兴通讯股份有限公司 | Method and apparatus for accessing network |
| CN105306538A (en) * | 2015-09-22 | 2016-02-03 | 北京佰才邦技术有限公司 | Data storage method, capability opening entity and base station |
| CN105306538B (en) * | 2015-09-22 | 2019-05-03 | 北京佰才邦技术有限公司 | The open entity of storage method, ability of data and base station |
| US11233690B2 (en) | 2015-09-22 | 2022-01-25 | Baicells Technologies Co. Ltd. | Data storage method, non-volatile computer storage medium, electronic equipment, service capability exposure function, and base station |
| WO2017210824A1 (en) * | 2016-06-06 | 2017-12-14 | 海能达通信股份有限公司 | Cluster service data transmission control method, apparatus, and device |
| CN107819732A (en) * | 2016-09-13 | 2018-03-20 | 中兴通讯股份有限公司 | The method and apparatus of user terminal access local network |
| WO2018050007A1 (en) * | 2016-09-13 | 2018-03-22 | 中兴通讯股份有限公司 | Method and apparatus for accessing local network by user terminal and computer storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2011127684A1 (en) | 2011-10-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101841886A (en) | LIPA data flow transmission method and system | |
| JP5216921B2 (en) | Method and apparatus for creating an association between a user equipment and an access point | |
| KR101506071B1 (en) | Gateway device, base station, mobile management server, and communication method | |
| TW201739276A (en) | Enhanced non-access stratum security | |
| CN113329407A (en) | Mutual authentication between user equipment and evolved packet core | |
| TW201101867A (en) | Method and arrangement in a communication network | |
| US20160007389A1 (en) | Communication Apparatus | |
| CN108293223A (en) | A kind of data transmission method, user equipment and network side equipment | |
| CN109691154A (en) | On-demand network function re-authentication based on key freshness | |
| US9338655B2 (en) | Access control of relay node with closed subscriber group | |
| WO2014128690A2 (en) | Communication apparatus | |
| US9049693B2 (en) | Gateway, communication system, method of controlling gateway, and computer readable medium therefor | |
| CN101771704B (en) | A kind of method and system of safe transfer of data | |
| CN101674578A (en) | Method and system for safely accessing femtocell into network | |
| WO2016155478A1 (en) | User equipment authentication method and device | |
| EP2378802B1 (en) | A wireless telecommunications network, and a method of authenticating a message | |
| CN101651974A (en) | Registration method and system of user equipment of closed user group in home node base system | |
| CN101778471A (en) | Method for locking position of home base station | |
| KR102185215B1 (en) | Operating method of authentication apparatus, system for network access and uthentication, operating method of end terminal and operating method of access terminal | |
| CN101715177B (en) | Position locking method for network equipment and position locking system | |
| CN101827344B (en) | A kind of processing method of urgent call and device | |
| CN101902716B (en) | A kind of processing method of urgency traffic and system | |
| CN101909271B (en) | A kind of processing method of urgency traffic and system | |
| US10687379B1 (en) | Communication apparatus | |
| WO2012174884A1 (en) | Access control method and device, interface and security gateway |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20100922 |