CN101959192A - Business processing method and communication device - Google Patents
Business processing method and communication device Download PDFInfo
- Publication number
- CN101959192A CN101959192A CN2009101591493A CN200910159149A CN101959192A CN 101959192 A CN101959192 A CN 101959192A CN 2009101591493 A CN2009101591493 A CN 2009101591493A CN 200910159149 A CN200910159149 A CN 200910159149A CN 101959192 A CN101959192 A CN 101959192A
- Authority
- CN
- China
- Prior art keywords
- information
- service
- attribute information
- terminal
- service control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 31
- 238000004891 communication Methods 0.000 title claims abstract description 26
- 238000000034 method Methods 0.000 claims abstract description 15
- 238000012545 processing Methods 0.000 claims abstract description 12
- 230000004048 modification Effects 0.000 claims description 57
- 238000012986 modification Methods 0.000 claims description 57
- 230000004913 activation Effects 0.000 claims description 48
- 230000006870 function Effects 0.000 claims description 8
- 238000007726 management method Methods 0.000 description 41
- 230000004044 response Effects 0.000 description 14
- 238000013468 resource allocation Methods 0.000 description 12
- 230000007246 mechanism Effects 0.000 description 6
- 230000008569 process Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000000977 initiatory effect Effects 0.000 description 4
- 238000012790 confirmation Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- GVVPGTZRZFNKDS-JXMROGBWSA-N geranyl diphosphate Chemical compound CC(C)=CCC\C(C)=C\CO[P@](O)(=O)OP(O)(O)=O GVVPGTZRZFNKDS-JXMROGBWSA-N 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/086—Access security using security domains
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/088—Access security using filters or firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/18—Selecting a network or a communication service
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a business processing method and a communication device. The method comprises steps of: in a machine to machine (M2M) application network, acquiring attribute information concerning business control which comprises accessible server information and/or limited load and resource information; after acquiring a business request sent by a terminal, controlling the business request according to the acquired attribute information concerning business control. The communication device comprises: an information acquiring unit for acquiring attribute information concerning business control which comprises accessible server information and/or limited load and resource information in a machine to machine (M2M) application network; a processing unit for controlling the business request according to the acquired attribute information concerning business control after acquiring the business request sent by the terminal. The technical scheme of the invention can improve the safety of the network.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a service processing method and a communications device.
Background
The third Generation Partnership Project (3 GPP), 3rd Generation Partnership Project, has proposed an Evolved Packet switching System (EPS). Machine-to-Machine (M2M) applications refer to network communications between one or more network elements without human involvement. M2M applications are currently available for use in EPS network architectures.
In the prior art, in an M2M application, an application server accessing a Packet Data Network (PDN) is freely accessible and is not limited. If a Virtual Private Network (VPN) is used, a specified application server can be provided for the user to Access, but the user has a restriction of a specific Access Point Name (APN). For M2M applications, some applications are tailored to the special needs of the industry users, such as meter reading business of the power industry users, and such M2M terminals only need to access the M2M application servers of the power industry users. Therefore, in order to optimize network performance and enhance network security, operators want application-specific-like M2M terminals to only need to access a certain fixed M2M application server.
Also for the above-mentioned M2M application, since the service application is simple and the data volume is small, the data service only needs to be transmitted in a non-Guaranteed Bit Rate (GBR) bearer (e.g., default bearer). In order to save network resources, the operator does not want such M2M terminal to use other services, and when the subsequent procedures of resource allocation/modification, proprietary bearer activation, Packet Data Protocol (PDP) context activation, secondary PDP context activation, or attach/PDN connection request initiated by such M2M terminal are performed, the operator wants to introduce a mechanism to enable the network side to selectively reject the service request of such M2M terminal.
During the course of research and practice on this method, the inventors of the present invention found that: in the prior art, M2M application has no access limitation on a specific network element device, such as an application server, by an M2M terminal, although a VPN technology can access the specific application server, a specific APN is required for limitation, and in M2M application, an APN is a common resource and has no limitation. Further, there is no related technical solution regarding limiting the transmission of the M2M terminal data traffic. Therefore, the prior art has not realized the control of the service initiated by the M2M terminal in the M2M application, thereby reducing the security of the network.
Disclosure of Invention
The embodiment of the invention provides a service processing method and communication equipment capable of improving network security.
The embodiment of the invention provides a service processing method, which comprises the following steps:
in a network applied by the machine-to-machine M2M, acquiring attribute information about service control, wherein the attribute information about service control comprises server information allowing access and/or bearer and resource information limiting operation;
and after acquiring the service request sent by the terminal, controlling the service request according to the acquired attribute information of the service control.
An embodiment of the present invention provides a communication device, including:
an information learning unit, configured to learn attribute information about service control in a network applied by the machine-to-machine M2M, where the attribute information about service control includes server information allowing access and/or bearer and resource information restricting operations;
and the processing unit is used for controlling the service request according to the acquired attribute information of the service control after acquiring the service request sent by the terminal.
It can be seen from the foregoing technical solutions that, in the technical solution of the embodiment of the present invention, attribute information about service control is obtained, where the attribute information about service control includes server information allowing access and/or bearer and resource information restricting operation, and therefore, after a service request sent by a terminal is obtained, a service corresponding to the service request can be controlled according to the attribute information about service control, so that a service initiated by an M2M terminal is controlled, and network security is improved.
Drawings
Fig. 1 is a flowchart of a service processing method according to a first embodiment of the present invention;
fig. 2 is a flowchart of a service processing method according to a second embodiment of the present invention;
fig. 3 is a flow chart of a service processing method according to a third embodiment of the present invention;
fig. 4 is a flowchart of a service processing method according to a fourth embodiment of the present invention;
fig. 5 is a flow chart of a service processing method according to a fifth embodiment of the present invention;
fig. 6 is a flowchart of a service processing method according to a sixth embodiment of the present invention;
fig. 7 is a schematic structural diagram of a communication device according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a communication system according to an embodiment of the present invention.
Detailed Description
The embodiment of the invention provides a service processing method, communication equipment and a communication system capable of improving network security. The following are detailed below.
Fig. 1 is a flowchart of a service processing method according to a first embodiment of the present invention, which mainly includes the steps of:
learning attribute information about traffic control includes: the attribute information about service control is obtained from serving gateway SGW configuration information, packet data network gateway PGW configuration information, home subscriber server HSS database, subscription database SPR, or group subscription database.
And step 102, after acquiring the service request sent by the terminal, controlling the service request according to the acquired attribute information of the service control.
Wherein, when the attribute information about the service control is the server information allowing access; the controlling the service request according to the acquired attribute information of the service control comprises: and if the information of the service request of the terminal is inconsistent with the information of the server allowing access, rejecting the service request of the terminal. The attribute information on the service control further includes service information that is allowed to be used; and if the information of the service request of the terminal is inconsistent with the service information allowed to be used, rejecting the service request of the terminal.
In the alternative, the first and second sets of the first,
when the attribute information about service control is bearer and resource information for restricted operation,
the controlling the service request according to the acquired attribute information of the service control comprises: and if the information of the service request of the terminal belongs to the bearing and resource information of the restricted operation, rejecting the service request of the terminal.
In the alternative, the first and second sets of the first,
when the attribute information about the service control comprises the bearing and resource information of the restricted operation and the server information of the allowed access;
the controlling the service request according to the acquired attribute information of the service control comprises:
and if the information of the terminal service request belongs to the bearing and resource information for limiting operation, rejecting the service request of the terminal.
It can be seen from the content of this embodiment that, in the technical solution of the embodiment of the present invention, attribute information about service control is obtained, where the attribute information about service control includes server information allowing access and/or bearer and resource information restricting operation, and therefore, after a service request sent by a terminal is known, a service corresponding to the service request can be controlled according to the attribute information about service control, so that a service initiated by an M2M terminal is controlled, and network security is improved.
The following detailed description is given with reference to more specific examples, which specifically include examples two to six.
Example two:
this embodiment describes that a Mobility Management network element (which may be a Mobility Management Entity (MME), a Serving GPRS Support Node (SGSN), or a Mobile Switching Center (MSC), etc.) obtains attribute information related to service control from a Home Subscriber Server (HSS) database or a Group (e.g., Group) subscription database (which may be a subscription database for M2M application specific services, and may have functions of HSS and/or SPR), including obtaining information of an application Server that allows access, optionally also obtaining information of a service that allows use, and/or obtaining information of bearers and resources that restrict operation (e.g., including restricting user initiated dedicated bearer activation, PDP context activation, secondary context activation, resource allocation/modification PDP, secondary context activation, secondary PDP context activation, secondary Mobility Management, and/or the like), Or information of a Packet Data Network (PDN) connection request). The mobility management element may subsequently notify the Serving Gateway (SGW) and the Packet Data Network Gateway (PGW) of the information, and if the application is a dynamic Policy and Charging Control (PCC), the PGW may notify the Policy and Charging Rules Function (PCRF) of the information. Thus, after receiving a service request sent by a terminal, a mobility management network element, an SGW, a PGW, or a PCRF can control the service request according to the acquired attribute information of service control, so that the service restriction mechanism can be used to optimize network performance, save network resources, and enhance network security.
Fig. 2 is a flowchart of a service processing method according to a second embodiment of the present invention.
The steps shown in the flowchart generally include three main steps of information acquisition, information notification, and execution control. The content of the acquisition information includes steps 201 to 202, the content of the information notification includes steps 203 to 206, and the content of the execution control includes steps 207 to 212.
Step 201, the mobility management network element sends an Update Location (Update Location) message to the network element where the HSS database or the Group subscription database is located.
Step 202, the network element where the HSS database or the Group subscription database is located sends an Update Location acknowledgement (Update Location Ack) message to the mobility management network element, where the Update Location Ack message may carry attribute information of service control.
The attribute information of the service control may be the following information: the message may carry information of an application server allowed to be accessed, such as an IP address or a Fully Qualified Domain Name (FQDN) (or list information of an IP address or FQDN) of the application server allowed to be accessed. Optionally, the Service information allowed to be used may be carried, where the Service information is used to indicate identification information of the Service used by the user, such as a Service identification Service ID or a quality of Service class identification QCI. Optionally, the information that restricts the user from initiating a dedicated bearer activation, PDP context activation, secondary PDP context activation, resource allocation/modification, or PDN connection request may also be carried. This information may be signed up in advance by the terminal in the database.
The information of the application server allowed to access and the service information allowed to be used may be limited according to M2M terminal granularity (for example, an M2M terminal performs service access, and may be limited according to attribute information of service control subscribed or configured by the M2M terminal), or may be limited according to Group granularity (for example, a terminal in a Group performs service access, may know to which Group the terminal belongs, and then performs limitation according to attribute information of service control subscribed or configured by the Group), or may be limited according to an APN or service granularity (for example, an APN or service information requested to be accessed by the terminal may be limited according to the APN or service information subscribed or configured). The information for limiting the user to initiate the dedicated bearer activation, PDP context activation, secondary PDP context activation, resource allocation/modification, or PDN connection request may be limited according to the M2M terminal granularity, may also be limited according to the Group granularity, or may be limited according to the bearer, PDN connection, or APN granularity, which is not limited in the embodiments of the present invention.
It should be noted that, the network element where the HSS database or the Group subscription database is located may also actively send an Insert subscription Data (Insert Subscriber Data) message to the mobility management network element, where the message carries the above information, which is not limited in this embodiment of the present invention.
Step 203, the mobility management network element sends a Create Session Request (Create Session Request) message to the PGW through the SGW, where the message may carry attribute information of service control;
the message carries information of the application server allowed to access, such as an IP address or FQDN (or list information of an IP address or FQDN) of the application server allowed to access. Optionally, Service information allowed to be used may be carried, where the Service information is used to indicate identification information of a Service used by a user, such as Service ID or QCI. Optionally, the information that restricts the user from initiating a dedicated bearer activation, PDP context activation, secondary PDP context activation, resource allocation/modification, or PDN connection request may also be carried.
Step 204, under the condition of the dynamic PCC application, the PGW sends an IP CAN Session Establishment Indication (Indication of IP CAN Session Establishment) message to the PCRF, where the message may carry the attribute information of the service control.
Step 205, the PCRF sends an IP CAN Session Establishment acknowledgement (Ack of IP CAN Session Establishment) to the PGW.
Step 206, the PGW sends a Create Session Response (Create Session Response) message to the SGW, and the SGW sends a Create Session Response (Create Session Response) message to the mobility management element.
Through the notification process, the SGW, the PGW, and the PCRF may also acquire the attribute information of the service control. Thus, when the subsequent M2M terminal initiates a service request, the mobility management network element, the SGW, the PGW, or the PCRF may all perform corresponding control operations.
Step 207, when the M2M terminal initiates a Resource Modification or Allocation procedure, the M2M terminal sends a Bearer Resource Modification/Allocation Request (Bearer Resource Modification/Allocation Request) message to the mobility management network element, where the message carries SDF (Service Data Flow) QoS and TAD (Traffic aggregation Description) information.
It should be noted that the service request initiated by the terminal in the embodiment of the present invention may be bearer resource modification/allocation, dedicated bearer activation, PDP context activation, secondary PDP context activation, or attach/PDN connection request initiated by the terminal, which is not limited in this embodiment of the present invention.
Step 208, the mobility management network element forwards a Request bearer resource Modification/Allocation (BearerResource Modification/Allocation Request) message to the SGW, where the message may carry SDF QoS and TAD information.
Step 209, the SGW forwards a Request Bearer Resource Modification/Allocation (Bearer Resource Modification/Allocation Request) message to the PGW, where the message may carry SDF QoS and TAD information.
Step 210, if the PCC application is dynamic, the PGW sends an IP CAN Session modification Indication (Indication of IP CAN Session modification) message to the PCRF, where the message may carry SDF QoS and TAD information.
The PCRF can perform control operations according to the previously learned attribute information:
if the information of the application server which is allowed to be accessed is obtained, whether the information of the application server which is requested to be accessed by the M2M terminal is consistent with the information of the application server which is allowed to be accessed is obtained, if so, the M2M terminal is allowed to be accessed; if not, the M2M terminal is denied access. For example, a source address in a DL Packet filter (downlink data filter) or a destination address in a UL Packet filter (uplink data filter) in a TAD cell carried by the M2M terminal is compared with previously known information of an application Server allowing access, if the two are consistent, the M2M terminal is Allowed to access, otherwise, the access is denied, and a reason value may be carried in the denial message to indicate that the M2M terminal is denied to access the current service, such as "illegal Server information" or "Not Allowed Server".
If the service information which is allowed to be accessed is acquired, on the basis of allowing the access to the application server, whether the service information which is requested to be accessed by the M2M terminal is consistent with the acquired service information which is allowed to be used or not is acquired, and if so, the M2M terminal is allowed to be accessed; if not, the M2M terminal is denied access. For example, comparing the QCI or Service ID in the SDF QoS carried by the M2M terminal with the previously acquired Service information (such as QCI or Service ID) allowed to be used, and if the QCI or Service ID and the Service ID are consistent, allowing access; otherwise, access is denied, and a cause value indication, such as "Forbidden Service" or "not allowed Service", may be carried.
If the information for limiting the user to initiate the special bearing activation, the PDP context activation, the secondary PDP context activation, the resource allocation/modification or the PDN connection request is obtained, whether the information for limiting the bearing resource modification/allocation requested by the M2M terminal belongs to the information for limiting the user to initiate the special bearing activation, the PDP context activation, the secondary PDP context activation, the resource allocation/modification or the PDN connection request is obtained, and if the information does not belong to the information, the M2M terminal is allowed to be limited to access; if so, the M2M terminal is denied access and may carry a cause value indication, such as "Not Allowed Activation".
And if the obtained information is the application server information allowed to be accessed and the service information allowed to be accessed, if the relevant information of the terminal service request is inconsistent with any one of the access information, rejecting the service request of the terminal.
If the acquired information is the information for limiting the user to initiate the special bearing activation, the PDP context activation, the secondary PDP context activation, the resource allocation/modification or the PDN connection request, any one or two of the application server information allowing the access and the service information allowing the access; these obtained information may be compared with the relevant information in the M2M initiated service request, and generally, if the information restricting the user from initiating a dedicated bearer activation, PDP context activation, secondary PDP context activation, resource allocation/modification, or PDN connection request is first used for comparison and the result is that the information in the service request belongs to the information restricting the user from initiating a dedicated bearer activation, PDP context activation, secondary PDP context activation, resource allocation/modification, or PDN connection request, access is denied regardless of the result of the comparison of the other or both obtained information. Or if the information of the service request of the terminal is inconsistent with at least one of the server information allowing access or the service information allowing use, rejecting the service request of the terminal.
If the PCRF allows access, the PCC rule is carried in an IP CAN Session modification confirmation (Ack of IP-CAN Session modification) message and is issued to the PGW; if the access is not allowed, a reason value is carried in an IP CAN Session modification acknowledgement (Ack of IP-CAN Session modification) message to indicate that the access to the current service is denied, and the detailed expression of the reason value is described in the foregoing several cases.
Step 212, if the user access is rejected in the IP CAN session Modification confirm message, the PGW sends a Bearer Resource Modification/Allocation rejection (Bearer Resource Modification/Allocation Reject) message to the M2M terminal through the SGW and the mobility management network element, where the message may carry a reason value indicating that the M2M terminal is rejected to access the current service, and the specific expression form of the reason value refers to the description of the foregoing several cases.
It should be noted that, the above steps are exemplified by the PCRF for control, but are not limited to this. Step 207, after receiving the request for modifying/allocating bearer resources, the mobility management network element may also perform control, and the specific content is the same as the control operation performed by the PCRF. If the mobility management network element rejects the access of the M2M terminal, a Bearer Resource Modification/Allocation Reject (Bearer Resource Modification/Allocation Reject) message is sent to the M2M terminal, where the message may carry a cause value indicating that the M2M terminal is rejected to access the current service, and the specific expression of the cause value refers to the description of the foregoing several cases. Step 208 is only performed if the mobility management element allows access by the M2M terminal.
It should be further noted that, after receiving the bearer resource modification/allocation request in step 208, the SGW may also perform control, and the specific content is the same as that of the control operation performed by the PCRF. If the SGW rejects the M2M terminal access, a Bearer Resource Modification/Allocation rejection (Bearer Resource Modification/Allocation Reject) message is sent to the M2M terminal by the mobility management network element, where the message may carry a cause value indicating that the M2M terminal is rejected to access the current service, and the specific expression of the cause value refers to the description of the foregoing several cases. Step 209 is only performed if the SGW allows access by the M2M terminal.
It should be further noted that, after receiving the bearer resource modification/allocation request in step 209, the PGW may also perform control, and the specific content is the same as that of the control operation performed by the PCRF. If the PGW rejects the M2M terminal access, a Bearer Resource Modification/Allocation rejection (Bearer Resource Modification/Allocation Reject) message is sent to the M2M terminal through the SGW and the mobility management network element, where the message may carry a reason value indicating that the M2M terminal is rejected to access the current service, and the specific representation form of the reason value refers to the description of the foregoing several cases. Step 210 is only performed if the PGW allows the M2M terminal access.
The above is exemplified by the case where the M2M terminal initiates bearer resource modification/allocation, when the M2M terminal initiates a dedicated bearer activation, PDP context activation, secondary PDP context activation, or PDN connection request, the network-side element may also execute the same control policy, and limit the service initiated by the M2M terminal.
It can be seen from the content of the embodiment that, by the above technical solution, different service requests initiated by the M2M terminal can be controlled, so that the service restriction mechanism can be used to optimize network performance, save network resources, and enhance network security.
Example three:
this embodiment describes that, when applying the dynamic PCC, the PCRF obtains attribute information about service control from a Subscription database (SPR Subscription Profile Repository) or a Group Subscription database.
Fig. 3 is a flowchart of a service processing method according to a third embodiment of the present invention.
The steps shown in the flow chart generally include two major components of obtaining information and performing control. The content of the acquisition information includes steps 301 to 308, and the content of the execution control includes steps 309 to 313.
Step 301, the mobility management network element sends a Create Session Request (Create Session Request) message to the SGW.
Step 302, the SGW sends a Create Session Request (Create Session Request) message to the PGW.
Step 304, the PCRF sends a user data Request (Profile Request) message to a network element where the SPR database or the Group subscription database is located, requesting to acquire the attribute information of the service control.
Step 305, the network element where the SPR database or the Group subscription database is located sends a user data Response (Profile Response) message to the PCRF, where the user data Response message may carry the attribute information of service control.
The message may carry a description of the attribute information of the service control, as described in step 202 above.
It should be noted that, a network element where the SPR database or the Group subscription database is located may also actively send a user data Update (Profile Update) message to the PCRF, where the message may carry the information.
Step 307, the PGW sends a Create Session Response (Create Session Response) message to the SGW, where the message may carry the attribute information of service control.
Step 308, the SGW sends a Create Session Response (Create Session Response) message to the mobility management element, where the message may carry the attribute information of service control.
Step 309-step 313: see the description of step 207-212 of the previous embodiment and the description of the portion that needs to be described in the second embodiment.
It can be seen from the content of the embodiment that, by the above technical solution, different service requests initiated by the M2M terminal can be controlled, so that the service restriction mechanism can be used to optimize network performance, save network resources, and enhance network security.
Example four:
this embodiment describes that some service control information may be preconfigured in the SGW or the PGW, and the SGW or the PGW may perform control in the subsequent bearer resource modification/allocation request of the M2M terminal.
Fig. 4 is a flowchart of a service processing method according to a fourth embodiment of the present invention.
Step 401, the M2M terminal sends a Bearer Resource Modification/Allocation Request (Bearer Resource Modification/Allocation Request) message to the mobility management network element, where the message carries the SDF QoS and TAD information, and optionally, may carry the group identifier information.
Step 402, the mobility management network element forwards a Request Bearer Resource Modification/Allocation (Bearer Resource Modification/Allocation Request) message to the SGW, where the message carries SDF QoS and TAD information, and optionally, group identification information.
Step 403, the SGW forwards a Request Bearer Resource Modification/Allocation (Bearer Resource Modification/Allocation Request) message to the PGW, where the message carries the SDF QoS and TAD information, and optionally, may carry the group identifier information.
The PGW may be configured with information of an application server allowed to be accessed, such as an IP address or FQDN (or list information of an IP address or FQDN) of the application server allowed to be accessed in advance. Optionally, Service information allowed to be used may be configured, where the Service information is used to identify attribute information of the Service used by the user, such as Service ID, QCI, or the like. Optionally, information limiting the user to initiate a dedicated bearer activation, PDP context activation, secondary PDP context activation, resource allocation/modification, or PDN connection request may also be configured.
The information of the application server allowed to access and the service information allowed to be used may be limited according to M2M terminal granularity (for example, an M2M terminal performs service access, and may be limited according to attribute information of service control subscribed or configured by the M2M terminal), or may be limited according to Group granularity (for example, a terminal in a Group performs service access, may know to which Group the terminal belongs, and then performs limitation according to attribute information of service control subscribed or configured by the Group), or may be limited according to an APN or service granularity (for example, an APN or service information requested to be accessed by the terminal may be limited according to the APN or service information subscribed or configured). The information for limiting the user to initiate the dedicated bearer activation, PDP context activation, secondary PDP context activation, resource allocation/modification, or PDN connection request may be limited according to the M2M terminal granularity, may also be limited according to the Group granularity, or may be limited according to the bearer, PDN connection, or APN granularity, which is not limited in the embodiments of the present invention.
The PGW performs control according to the pre-configured attribute information, which may specifically refer to an operation of the PCRF performing control in step 211 of the embodiment, and the principle is the same.
The PGW may also execute a corresponding control policy according to the configuration context corresponding to the Group ID, and allow the user to access if the relevant information of the terminal service request is consistent with the configuration information; and if not, rejecting the user access.
Step 404, if the PGW allows the M2M terminal to access, and if the application is a dynamic PCC application, the PGW sends an IP CAN Session modification Indication (Indication of IP CAN Session modification) message to the PCRF, where the message carries the SDF QoS and TAD information.
Step 405, the PCRF sends an IP CAN Session modification acknowledgement (Ack of IP-CAN Session modification) message to the PGW.
It should be noted that the above steps are exemplified by the PGW controlling according to the preconfigured information, but not limited thereto. After receiving the bearer resource modification/allocation request in step 402, the SGW may also perform control according to the preconfigured information, where the specific content is the same as the control operation performed by the PGW. If the SGW rejects the M2M terminal access, a Bearer Resource Modification/Allocation rejection (Bearer Resource Modification/Allocation Reject) message may be sent to the M2M terminal by the mobility management network element, where the message may carry a reason value indicating that the M2M terminal is rejected to access the current service, and specific expression of the reason value refers to the description of two cases in the embodiment. Step 403 is only performed if the SGW allows access by the M2M terminal.
It can be seen from the content of this embodiment that, according to the above technical solution, the SGW or the PGW may control the services corresponding to different service requests initiated by the M2M terminal according to the preconfigured information, so that the service restriction mechanism may be used to optimize network performance, save network resources, and enhance network security.
Example five:
this embodiment describes that when the M2M terminal initiates a dedicated bearer setup, if the PCC application is dynamic, the network element on the network side may perform control.
Fig. 5 is a flowchart of a service processing method according to a fifth embodiment of the present invention.
Step 501, the PCRF obtains attribute information of service control.
The PCRF may obtain the attribute information of the service control according to the obtaining manner described in the second embodiment or the third embodiment, which is not described herein again.
Step 502, if the PCC is dynamic, when the M2M terminal initiates a dedicated bearer establishment, a service request is initiated to interact with an Application entity (AF), and the AF sends an Application/service notification (Application/service info) message to the PCRF, where the message may carry information of an Application server that is requested to be accessed, and optionally carries service information that is requested to be used.
Step 503, the PCRF returns an acknowledgement (Acknowledge) message to the AF.
It should be noted that, in this step, the PCRF may execute the control procedure described in embodiment two or embodiment three according to the obtained attribute information of the service control, and details are not described here again. If no control is to be performed, the next step 504 is continued.
Step 504, the PCRF sends Policy and Charging Rules provisioning (Policy and Charging Rules provisioning) message to the PGW, where the message may carry the attribute information of service control.
It should be noted that the PGW may obtain the attribute information of the service control according to the obtaining manner described in the second embodiment, the third embodiment, or the fourth embodiment, and details are not described here.
After acquiring the attribute information of the service control, the PGW may execute the control process described in embodiment two, embodiment three, or embodiment four according to the attribute information of the service control, which is not described herein again. And if the control is not executed, sending a request message for establishing the special bearing/updating the bearing to the mobility management network element.
Step 505, the PGW sends Policy and Charging Rules provisioning (Policy and Charging Rules provisioning) message to the SGW, where the message may carry the attribute information of service control.
It should be noted that the SGW may obtain the attribute information of the service control according to the obtaining manner described in the second embodiment, the third embodiment, or the fourth embodiment, and details are not described here.
After the SGW obtains the attribute information of the service control, the control process described in embodiment two, embodiment three, or embodiment four may be executed according to the attribute information of the service control, and details are not described here. And if the control is not executed, sending a request message for establishing the special bearing/updating the bearing to the mobility management network element.
Step 506, the SGW sends a create-dedicated bearer request/update-bearer request message to the mobility management network element, where the message may carry the attribute information of service control.
Step 507, the mobility management network element performs service control.
It should be noted that the mobility management network element may obtain the attribute information of the service control according to the obtaining manner described in the second embodiment or the third embodiment, which is not described herein again.
The mobility management network element may execute the control process as described in embodiment two or embodiment three according to the obtained attribute information of service control, which is not described herein again.
It can be seen from the content of this embodiment that, by the above technical solution, the service corresponding to different service requests initiated by the M2M terminal can be controlled, so that the service restriction mechanism can be used to optimize the network performance, save the network resources, and enhance the network security.
Example six:
this embodiment describes that when the M2M terminal initiates the default bearer setup, a data filter (packet filter) may be allocated for the default bearer to limit the service requested to be accessed by the M2M terminal, and when the subsequent M2M terminal initiates the service request, the allocated data filter (packet filter) may control the service request initiated by the M2M terminal.
Fig. 6 is a flowchart of a service processing method according to a sixth embodiment of the present invention.
Step 601, the M2M terminal initiates to establish a default bearer, and initiates an Attach/PDN connection Request (Attach Request/PDN Connectivity Request) message to the mobility management network element, where the message may carry information of an application server requesting access, optionally may also carry service information requested to be used, and optionally may also carry a Group identifier (e.g., Group ID) to which the M2M terminal belongs.
The mobility management network element performs control according to the obtained attribute information of the service control, which may specifically refer to an operation of the PCRF performing control in step 211 of the embodiment, and the principles are the same.
Step 602, the mobility management element sends a Create Session Request (Create Session Request) message to the PGW through the SGW, where the message may carry information of an application server requesting access, optionally may also carry service information requested to be used, and optionally may also carry group identification information to which the M2M terminal belongs. The SGW or PGW may execute a corresponding control policy according to the configuration context corresponding to the Group ID, and allow the user to access if the relevant information of the terminal service request is consistent with the configuration information; and if not, rejecting the user access.
The SGW or the PGW performs control according to the acquired attribute information, which may specifically refer to an operation of the PCRF performing control in step 211 of the embodiment, and the principles are the same.
Step 603, if there is no dynamic PCC application, that is, when there is a static PCC application, if the PGW allows the terminal to access the service currently accessed, the PGW may construct a packet filter according to the IP address of the M2M terminal and the obtained address of the application server allowed to access, that is, a packet filter corresponding to the default bearer is allocated.
Step 604, the PGW sends a Create Session Response (Create Session Response) message to the mobility management network element, where the message may carry a packet filter allocated for a default bearer.
The mobility management network element acquires the allocated packet filter, and then subsequently when the terminal sends data to the network or the network sends data to the terminal, the mobility management network element can control the service request through the packet filter, wherein the control mainly comprises the step that the packet filter controls the request according to the IP address of the M2M terminal and the acquired address of the application server allowing access, and if the IP address of the M2M terminal and the acquired address of the application server allowing access are not consistent, the access of the user is refused; if so, the user is allowed access.
Step 605, if the PCC is dynamically applied, the PGW sends an IP CAN Session establishment indication request message to the PCRF, where the message may carry an IP address of the M2M terminal, and optionally may carry information of an application server allowed to access.
Step 606, the PCRF performs control according to the acquired attribute information, which may specifically refer to the operation of performing control by the PCRF in step 211 in the embodiment, and the principle is the same. And if the PCRF allows access, the PCRF generates a Service data flow template according to the acquired IP address of the M2M terminal and the address information of the M2M application server allowing access.
Step 607, the PCRF returns an IP CAN session modification confirmation message to the PGW, where the message may carry a Service data flow template allocated for the default bearer.
Step 608, the PGW sends a session establishment response message to the mobility management network element, where the message may carry a Service data flow template allocated for the default bearer.
The mobility management network element acquires the allocated Service data flow template, then subsequently when the terminal sends data to the network or the network sends data to the terminal, the mobility management network element can control the Service request through the Service data flow template, the control is mainly that the Service data flow template controls the request according to the IP address of the M2M terminal and the acquired address of the application server allowing access, if the IP address is not consistent, the user access is refused; if so, the user is allowed access.
In the embodiment of the invention, a corresponding packet filter is allocated to the default bearer when the static PCC is applied, and a Service data flow template is allocated when the dynamic PCC is applied, both the purpose is to carry out restriction control from the granularity of a data packet filter or a Service data flow template of the default bearer, and the subsequent request initiated by a terminal can carry out restriction control according to the data packet filter or the Service data flow template, and if the granularity is not consistent, the user access is refused; if so, the user is allowed access.
The foregoing describes a service processing method in detail, and accordingly, embodiments of the present invention provide a communication device and a communication system.
Fig. 7 is a schematic structural diagram of a communication device according to an embodiment of the present invention.
As shown in fig. 7, the communication apparatus includes: an information learning unit 71, a processing unit 72.
An information learning unit 71, configured to learn attribute information about service control in a network to which the machine-to-machine M2M applies, where the attribute information about service control includes server information allowing access and/or bearer and resource information restricting operations;
and the processing unit 72, after acquiring the service request sent by the terminal, controls the service request according to the acquired attribute information of the service control.
The processing unit 72 includes: a first comparison unit 721 and a first control unit 722.
A first comparing unit 721 for comparing information in the received service request with the server information allowed to access, when the attribute information on service control is the server information allowed to access;
a first control unit 722, configured to reject the service request of the terminal when the information of the service request is inconsistent with the information of the server allowing access.
The first comparing unit 721 compares the information of the received service request with the service information permitted to be used when the attribute information on service control further includes the service information permitted to be used; the first control unit 722 rejects the service request of the terminal when the information of the service request is inconsistent with the service information allowed to be used
Alternatively, the processing unit 72 includes: a second comparing unit 723 and a second control unit 724.
A second comparing unit 723, configured to compare the received information of the service request with the bearer and resource information of the restricted operation when the attribute information related to service control is the bearer and resource information of the restricted operation;
a second control unit 724, configured to reject the service request of the terminal when the information of the service request belongs to the bearer and resource information for operation restriction.
Alternatively, the processing unit 72 includes: a third comparing unit 725 and a third control unit 726.
A third comparing unit 725 for comparing the received service request information with the service control attribute information when the service control attribute information includes operation-restricted bearer and resource information and includes access-allowed server information;
a third control unit 726, configured to reject the service request of the terminal when the information of the service request belongs to the bearer and resource information for operation restriction.
The communication device may be a mobility management network element, a packet data network gateway PGW, or a policy and charging enforcement function entity PCRF.
Fig. 8 is a schematic structural diagram of a communication system according to an embodiment of the present invention.
As shown in fig. 8, the communication system includes: a terminal 81 and a network side device 82.
A terminal 81 for sending a service request in a network of machine-to-machine M2M applications;
the network side device 82 is configured to acquire attribute information related to service control, where the attribute information related to service control includes server information allowing access and/or bearer and resource information restricting operation, and after acquiring a service request sent by the terminal 81, control the service request according to the acquired attribute information related to service control.
When the attribute information specifically used for acquiring the service control by the network side device 82 is server information allowing access, if the information of the service request of the terminal 81 is inconsistent with the server information allowing access, the service request of the terminal 81 is rejected;
or,
the network side device 82 is specifically configured to, when the obtained attribute information related to the service control is bearer and resource information of the restricted operation, reject the service request of the terminal 81 if the information of the service request of the terminal 81 belongs to the bearer and resource information of the restricted operation;
or,
the network side device 82 is specifically configured to obtain the attribute information related to service control when the attribute information includes bearer and resource information for restricting operations and includes server information for allowing access; and if the information of the service request of the terminal 81 belongs to the bearing and resource information of the restricted operation, rejecting the service request of the terminal 81.
The network side device 82 is a mobility management network element, a serving gateway SGW, a packet data network gateway PGW, or a policy and charging enforcement function entity PCRF.
The network-side device 82 may have the structure shown in fig. 7, described above, with particular reference to the foregoing description.
It should be noted that, because the contents of information interaction, execution process, and the like between the units in the apparatus and the system are based on the same concept as the method embodiment of the present invention, specific contents may refer to the description in the method embodiment of the present invention, and are not described herein again.
In summary, in the technical solution of the embodiment of the present invention, the attribute information related to service control is obtained, where the attribute information related to service control includes information of a server allowing access and/or information of bearers and resources restricting operations, so that after the service request sent by the terminal is obtained, the service corresponding to the service request can be controlled according to the attribute information related to service control, thereby implementing control on the service initiated by the M2M terminal, and improving network security.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable storage medium, and the storage medium may include: read Only Memory (ROM), Random Access Memory (RAM), magnetic or optical disks, and the like.
The service processing method and the communication device provided by the embodiment of the present invention are described in detail above, and a specific example is applied in the description to explain the principle and the embodiment of the present invention, and the description of the above embodiment is only used to help understanding the method and the core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (16)
1. A method for processing a service, comprising:
in a network applied by the machine-to-machine M2M, acquiring attribute information about service control, wherein the attribute information about service control comprises server information allowing access and/or bearer and resource information limiting operation;
and after acquiring the service request sent by the terminal, controlling the service request according to the acquired attribute information of the service control.
2. The traffic processing method according to claim 1, wherein:
the learning of the attribute information on the service control includes: obtaining attribute information about service control from service gateway SGW configuration information, packet data network gateway PGW configuration information, home subscriber server HSS database, subscription database SPR or group subscription database.
3. The traffic processing method according to claim 1 or 2, characterized in that:
when the attribute information about the service control is the server information which allows access;
the controlling the service request according to the acquired attribute information of the service control comprises: and if the information of the service request of the terminal is inconsistent with the information of the server allowing access, rejecting the service request of the terminal.
4. The traffic processing method according to claim 3, wherein:
when the attribute information about the service control is the server information which allows access, the attribute information about the service control also comprises the service information which allows use;
and if the information of the service request of the terminal is inconsistent with the service information allowed to be used, rejecting the service request of the terminal.
5. The traffic processing method according to claim 1 or 2, characterized in that:
when the attribute information about service control is bearer and resource information for restricted operation,
the controlling the service request according to the acquired attribute information of the service control comprises: and if the information of the service request of the terminal belongs to the bearing and resource information of the restricted operation, rejecting the service request of the terminal.
6. The traffic processing method according to claim 1 or 2, characterized in that:
when the attribute information about the service control comprises the bearing and resource information of the restricted operation and the server information of the allowed access;
the controlling the service request according to the acquired attribute information of the service control comprises:
and if the information of the terminal service request belongs to the bearing and resource information for limiting operation, rejecting the service request of the terminal.
7. The traffic processing method according to claim 1 or 2, characterized in that:
the obtaining of the attribute information related to service control specifically includes:
the mobile management network element acquires the attribute information about the service control from a Home Subscriber Server (HSS) database or a group subscription database; or,
and the mobile management network element receives the attribute information about the service control, which is sent by a policy and charging enforcement function entity (PCRF) and acquired by the PCRRF from a subscription database (SPR) or a group subscription database.
8. The traffic processing method according to claim 1 or 2, characterized in that:
the obtaining of the attribute information related to service control specifically includes:
a Service Gateway (SGW) receives the attribute information about the service control, which is sent by a mobility management network element and acquired by the mobility management network element from a Home Subscriber Server (HSS) database or a group subscription database; or,
the service gateway SGW receives the attribute information about the service control, which is sent by a policy and charging execution function entity PCRF and acquired by the PCRRF from a subscription database SPR or a group subscription database; or,
the service gateway SGW obtains its own configured attribute information about service control.
9. The traffic processing method according to claim 1 or 2, characterized in that:
the obtaining of the attribute information related to service control specifically includes:
a packet data network gateway (PGW) receives the attribute information about service control, which is sent by a mobility management network element and acquired by the mobility management network element from a Home Subscriber Server (HSS) database or a group subscription database; or,
a packet data network gateway (PGW) receives the attribute information about service control, which is sent by a policy and charging enforcement function (PCRF) and acquired by the PCRRF from a subscription database (SPR) or a group subscription database; or,
the PGW obtains the attribute information about the service control configured by the PGW.
10. The traffic processing method according to claim 1 or 2, characterized in that:
the obtaining of the attribute information related to service control specifically includes:
a policy and charging enforcement function (PCRF) entity acquires attribute information about service control from a subscription database (SPR) or a group subscription database; or,
and the policy and charging execution functional entity PCRF receives the attribute information about service control, which is sent by a mobility management network element and acquired by the mobility management network element from a Home Subscriber Server (HSS) database or a group subscription database.
11. The traffic processing method according to claim 1 or 2, characterized in that:
the service request sent by the terminal comprises: a bearer resource modification/allocation request, a proprietary bearer activation request, a packet data protocol PDP context activation request, a secondary packet data protocol PDP context activation request, or an attach/packet data network PDN connection request.
12. A communication device, comprising:
an information learning unit, configured to learn attribute information about service control in a network applied by the machine-to-machine M2M, where the attribute information about service control includes server information allowing access and/or bearer and resource information restricting operations;
and the processing unit is used for controlling the service request according to the acquired attribute information of the service control after acquiring the service request sent by the terminal.
13. The communications device of claim 12, wherein the processing unit comprises:
a first comparing unit, configured to compare information of the received service request with server information allowing access when the attribute information regarding service control is the server information allowing access;
and the first control unit is used for rejecting the service request of the terminal when the information of the service request is inconsistent with the information of the server allowing access.
14. The communication device of claim 13, wherein:
the first comparing unit compares the received service request information with the service information allowed to be used when the attribute information on service control further includes the service information allowed to be used;
and the first control unit rejects the service request of the terminal when the information of the service request is inconsistent with the service information allowed to be used.
15. The communications device of claim 12, wherein the processing unit comprises:
a second comparing unit, configured to compare, when the attribute information related to service control is bearer and resource information of a restricted operation, information of a received service request with the bearer and resource information of the restricted operation;
and the second control unit is used for rejecting the service request of the terminal when the information of the service request belongs to the bearing and resource information of the restricted operation.
16. The communications device of claim 12, wherein the processing unit comprises:
a third comparing unit, configured to compare the received service request information with the service control attribute information when the service control attribute information includes bearer and resource information for restricting operations and includes server information for allowing access;
and the third control unit is used for rejecting the service request of the terminal when the information of the service request belongs to the bearing and resource information of the restricted operation.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101591493A CN101959192A (en) | 2009-07-17 | 2009-07-17 | Business processing method and communication device |
| PCT/CN2010/075218 WO2011006450A1 (en) | 2009-07-17 | 2010-07-16 | Service processing method and communication device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101591493A CN101959192A (en) | 2009-07-17 | 2009-07-17 | Business processing method and communication device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101959192A true CN101959192A (en) | 2011-01-26 |
Family
ID=43448956
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009101591493A Pending CN101959192A (en) | 2009-07-17 | 2009-07-17 | Business processing method and communication device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN101959192A (en) |
| WO (1) | WO2011006450A1 (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102136976A (en) * | 2011-02-24 | 2011-07-27 | 华为技术有限公司 | Machine transaction control method, device and system |
| CN102883404A (en) * | 2011-07-14 | 2013-01-16 | 华为终端有限公司 | Method for achieving machine-to-machine service, M2M terminal, AP and system |
| CN103548377A (en) * | 2012-01-21 | 2014-01-29 | 华为技术有限公司 | Method and device for executing service request (sr) procedure and serving gateway |
| WO2015062421A1 (en) * | 2013-10-30 | 2015-05-07 | 华为终端有限公司 | Gateway replacement method, gateway, and server |
| CN104683956A (en) * | 2013-11-27 | 2015-06-03 | 普天信息技术研究院有限公司 | QoS (Quality of Service) control method and system |
| WO2015127622A1 (en) * | 2014-02-27 | 2015-09-03 | 华为技术有限公司 | Method and system for providing service according to policy |
| WO2016033716A1 (en) * | 2014-09-01 | 2016-03-10 | 华为技术有限公司 | Communication method, mobile network device, terminal, application server and system |
| CN106851549A (en) * | 2011-02-28 | 2017-06-13 | 北京三星通信技术研究有限公司 | M2M terminal random access methods |
| CN111480365A (en) * | 2017-12-14 | 2020-07-31 | 瑞典爱立信有限公司 | Regulating access of a communication terminal to a communication network |
| CN113906771A (en) * | 2019-05-21 | 2022-01-07 | 艾里斯通讯公司 | Communication flow control using domain names |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111327606B (en) * | 2020-02-10 | 2022-12-13 | 广州市百果园信息技术有限公司 | Resource management method, system and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1784072A (en) * | 2004-12-02 | 2006-06-07 | 华为技术有限公司 | Broad band mobile cut-in net system and its method |
| WO2008128454A1 (en) * | 2007-04-19 | 2008-10-30 | Huawei Technologies Co., Ltd. | Method and apparatus for policy and charging control |
| CN101325583A (en) * | 2007-06-15 | 2008-12-17 | 华为技术有限公司 | Method for registering gateway address and mobility management entity |
-
2009
- 2009-07-17 CN CN2009101591493A patent/CN101959192A/en active Pending
-
2010
- 2010-07-16 WO PCT/CN2010/075218 patent/WO2011006450A1/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1784072A (en) * | 2004-12-02 | 2006-06-07 | 华为技术有限公司 | Broad band mobile cut-in net system and its method |
| WO2008128454A1 (en) * | 2007-04-19 | 2008-10-30 | Huawei Technologies Co., Ltd. | Method and apparatus for policy and charging control |
| CN101325583A (en) * | 2007-06-15 | 2008-12-17 | 华为技术有限公司 | Method for registering gateway address and mobility management entity |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102136976A (en) * | 2011-02-24 | 2011-07-27 | 华为技术有限公司 | Machine transaction control method, device and system |
| CN106851549B (en) * | 2011-02-28 | 2020-07-10 | 北京三星通信技术研究有限公司 | Random access method for M2M terminal |
| CN106851549A (en) * | 2011-02-28 | 2017-06-13 | 北京三星通信技术研究有限公司 | M2M terminal random access methods |
| CN102883404A (en) * | 2011-07-14 | 2013-01-16 | 华为终端有限公司 | Method for achieving machine-to-machine service, M2M terminal, AP and system |
| US9451387B2 (en) | 2011-07-14 | 2016-09-20 | Huawei Device Co., Ltd. | Method, M2M terminal, AP, and system for achieving machine to machine service |
| CN103548377B (en) * | 2012-01-21 | 2017-01-25 | 华为技术有限公司 | Method and device for executing service request (sr) procedure and serving gateway |
| CN103548377A (en) * | 2012-01-21 | 2014-01-29 | 华为技术有限公司 | Method and device for executing service request (sr) procedure and serving gateway |
| WO2015062421A1 (en) * | 2013-10-30 | 2015-05-07 | 华为终端有限公司 | Gateway replacement method, gateway, and server |
| CN104683956A (en) * | 2013-11-27 | 2015-06-03 | 普天信息技术研究院有限公司 | QoS (Quality of Service) control method and system |
| CN104683956B (en) * | 2013-11-27 | 2018-01-26 | 普天信息技术研究院有限公司 | QoS control method and system |
| US10425296B2 (en) | 2014-02-27 | 2019-09-24 | Huawei Technologies Co., Ltd. | Method and system for providing service according to policy |
| WO2015127622A1 (en) * | 2014-02-27 | 2015-09-03 | 华为技术有限公司 | Method and system for providing service according to policy |
| CN106797565A (en) * | 2014-09-01 | 2017-05-31 | 华为技术有限公司 | A kind of communication means, mobile network appliance, terminal, application server and system |
| WO2016033716A1 (en) * | 2014-09-01 | 2016-03-10 | 华为技术有限公司 | Communication method, mobile network device, terminal, application server and system |
| CN106797565B (en) * | 2014-09-01 | 2020-07-14 | 华为技术有限公司 | Communication method, mobile network equipment, terminal, application server and system |
| CN111480365A (en) * | 2017-12-14 | 2020-07-31 | 瑞典爱立信有限公司 | Regulating access of a communication terminal to a communication network |
| US11368898B2 (en) | 2017-12-14 | 2022-06-21 | Telefonaktiebolaget Lm Ericsson (Publ) | Regulation of communication terminal access to a communication network |
| CN113906771A (en) * | 2019-05-21 | 2022-01-07 | 艾里斯通讯公司 | Communication flow control using domain names |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2011006450A1 (en) | 2011-01-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101959192A (en) | Business processing method and communication device | |
| RU2727184C1 (en) | Pdu session establishment procedure and amf node | |
| CN103444148B (en) | Control the business detection Route Selection of functional node disposed or the network node walked around and method | |
| US10492237B2 (en) | Mobile gateway selection using a direct connection between a PCRF node and a mobility management node | |
| KR102148341B1 (en) | Method and device for setting priority of data transmission | |
| EP2528406B1 (en) | Method based on a machine to machine (m2m) application | |
| US10292088B2 (en) | Blocked device checking in roaming scenarios | |
| EP2472918B1 (en) | Method, apparatus and system for transmitting a bearer control mode in roaming scenarios | |
| US9326212B2 (en) | Method and device for processing QOS parameter in subscription service combination scenario | |
| US9225726B2 (en) | Methods for supporting user equipment accessing local IP services and apparatus therefor | |
| WO2012051890A1 (en) | Terminal access limit method and system | |
| WO2014166089A1 (en) | Method and device for congestion control | |
| KR20140078668A (en) | Pcrn roaming agreement | |
| US11375408B2 (en) | Local breakout architecture | |
| EP3078186A1 (en) | Ip address assignment for a ue in 3gpp | |
| CN107294737A (en) | A kind of strategy and billing control method and device, system based on application | |
| CN102378160B (en) | Based on carrying establishing method and the system of this locality access | |
| US20160088547A1 (en) | Service Access Control Method and Apparatus | |
| US9973396B2 (en) | On-demand QoS for data connections | |
| WO2017202342A1 (en) | Method, device and system for reporting information | |
| KR20130060967A (en) | Data service method of multiple pdn based odb scheme for lte mobile users | |
| CN104254055B (en) | A kind of emergency call realization method, equipment and system | |
| WO2017173897A1 (en) | Application-based policy and charging control method, apparatus and system | |
| CN106973029B (en) | IP flow migration method, device and system | |
| JP2024038531A (en) | User equipment (ue) |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110126 |