CN102724649B - The method and system of monitoring Hypomobility terminal location change - Google Patents
The method and system of monitoring Hypomobility terminal location change Download PDFInfo
- Publication number
- CN102724649B CN102724649B CN201110079081.5A CN201110079081A CN102724649B CN 102724649 B CN102724649 B CN 102724649B CN 201110079081 A CN201110079081 A CN 201110079081A CN 102724649 B CN102724649 B CN 102724649B
- Authority
- CN
- China
- Prior art keywords
- terminal
- asme
- request message
- accessed
- hss
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Abstract
The invention discloses a kind of method of monitoring Hypomobility terminal location change, the position limitation information of terminal is configured in HSS/HLR as subscription data, and is downloaded in connection security management device A SME during insertion subscription data;Methods described also includes:During attachment Attach/ routing area updating RAUs/tracing section updating TAU, when checking ASME that the terminal current request accesses not among position limitation information by the ASME that accesses before the terminal, refuse the Attach/RAU/TAU processes, and send a warning message to MTC server.The invention discloses a kind of system of monitoring Hypomobility terminal location change.The present invention improves the access safety of Hypomobility MTC terminal and network, significantly mitigates due to issuable signaling traffic load when such Hypomobility MTC terminal is illegally moved.
Description
Technical field
The present invention relates to Hypomobility terminal location monitoring technology, more particularly to a kind of machine and machine (M2M,
Machine-to-Machine the method and system of Hypomobility terminal location change) are monitored in communication system.
Background technology
With global IT application, and the appearance and development of communication network technology, more easily can enter between men
Row is linked up, and the exchange of information is also more and more frequent.However, current only in the case of human intervention, computer or other one
The ability that a little intelligent terminal (IT, Intelligent Terminal) equipment just possess networking and communicate, numerous common machines
Kind equipment hardly possesses networking and communication capacity.The machine kind equipment for how allowing these common possesses networking and communication capacity,
Preferably service and guarantee are provided for social life to allow communication network technology, make city become intelligent, be communication at present
The target that system is pursued.This is directed to, the concept that Machine To Machine (M2M, Machine to Machine) communicates is introduced in
In communication network technology.The target of M2M communications is exactly to make all machine kind equipments all possess networking and communication capacity, so as to reality
Existing machine is exchanged with the information between people, people and machine with machine, machine.
Existing mobile network is designed for person to person (human-to-human), for machine and machine, machine with
Communication non-optimal between people, people and machine.With the development of M2M technologies, terminal quantity will be presented and greatly be increased, according to estimating
Meter, by least, than high two orders of magnitude of terminal of human-to-human communications, the signaling for producing therefrom, data are to existing shifting
Dynamic network will be produced and greatly be impacted.
There is substantial amounts of M2M applications in M2M systems, machine type (MTC, Machine Type Communication) is eventually
Where end may be deployed in excessive risk and unmanned, therefore there is stolen threat, and be wherein mostly
Hypomobility MTC terminal, they are characterized in that, or infrequently move, or only move in authorized region.Here
It is primarily directed to not move out the Hypomobility MTC terminal for authorizing position or region or being only limited to fixed position.If
Such MTC terminal is in undelegated position or regional access network network (such as being stolen), it will cause serious security threat.Than
Such as, the MTC terminal for recording party A-subscriber family water meter usage amount should be integrally fixed at party A-subscriber house originally, if stolen or without awarding
Power is moved to party B-subscriber house, then the possibility for reporting is exactly the water meter usage amount of party B-subscriber, but expense but calculates clearing and uses in A
Family man.For another example, if where the fire alarm monitoring MTC terminal of office building is moved to other without permission, it is assumed that the place
There occurs big fire, then fire alarm monitoring MTC terminal will send the positional information of mistake to monitoring server, so as to cause can not and
When put out a fire, produce very serious consequence.Therefore, for this kind of Hypomobility MTC terminal, network needs detecting and reports possibility
As such MTC terminal such as is stolen at the event for moving generation without permission.So, network or MTC server can bases
The event for reporting takes corresponding action.
In existing network, when terminal is moved or roams, attachment (Attach), Routing Area Update will be performed
(RAU, Routing Area Update) or tracing section updating (TAU, Tracking Area Update) flow process.Here with
Illustrate as a example by Attach processes when terminal is moved in evolved packet system (EPS, Evolved Packet System),
Fig. 1 is Attach and position update flow figure in EPS, as shown in figure 1, Attach flow processs specifically include following steps:
Step 101:When user terminal (UE, User Equpiment) is mobile or roams, temporary identifications are used
GUTI/P-TMSI initiates attach request messages to network.
Step 102:After eNodeB receives the attach request messages of UE, to New MME (Mobile
Management Entity) initiate attach requests.
Step 103:Due to New MME None- identified terminal identities, therefore according to the information in eNodeB message to Old
MME initiates UE identity requests (Identification Request).
Step 104:Old MME return UE identity responses after the UE identity requests for receiving New MME
(Identification Response).If Old MME can not recognize that the UE identity or request message are tampered, in UE
A wrong value is included in identity response.
Step 105:After New MME receive UE identity responses, it is known that Old MME can not recognize UE identity, then initiate to UE
Identity request Identity Request.
Step 106:UE receives the identity request of network requirement, sends identity response Identity to network
Response message, includes permanent identification IMSI in message.
Step 107:Network and UE are authenticated and key agreement mechanisms (AKA, Authentication and Key
Agreement) authentication and safety mode process (Security mode command).
Step 108:New MME carry out position more to home subscriber server (HSS, Home Subscriber Server)
New request (Location Update Request).
Step 109:HSS requires that Old MME delete UE positional informationes (Cancel Location).
Step 110:Old MME return delete position information response (Cancel to HSS after UE positional informationes are deleted
Location Ack)。
Step 111:HSS updates response (Location Update Ack) to New MME home positions.
After above step, UE and network complete the location updating during Attach, are not related to positional information here
Inspection and monitoring alarm information transmission etc..
By above-mentioned flow process it is recognised that know in existing network and store UE positions mainly have three network elements:UE、
MME、HSS.In existing standard tissue, for the problem detected by location change after MTC terminal movement, mainly have following several
Plant technical scheme.
1st, the scheme detected based on SGSN (Serving GPRS Support Node)/MME.By comparing wireless access
Location area information (Location Area Information) that net (RAN, Radio Access Network) side reports and
In HSS/HLR (Home Location Register), whether the location area information of configuration is consistent, checks MTC terminal attachment point
Whether change.
2nd, the scheme detected based on HLR/HSS.By comparing mobile management (MM, the Mobility Management) phase
Between the UE positions (RAI, TAI, CGI, E-CGI etc.) that report of SGSN/MME it is whether consistent with the position of configuration, check MTC terminal
Whether attachment point changes.
3rd, the scheme detected based on GGSN/P-GW.GGSN/P-GW is creating activation MS Info Change when PDN connects
Reporting Action, SGSN/MME report UE positions in bearer management process (Bearer Management Procedure)
(RAI, TAI, CGI, E-CGI etc.) is put to GGSN/P-GW.GGSN/P-GW is by comparing the UE positions for reporting and the position of configuration
It is whether consistent, check whether MTC terminal attachment point changes.
4th, the scheme based on location management.Network entity (such as SGSN/MME) must store predefined station location marker, when
After MTC terminal movement, the positional information (station location marker) that RAN is reported or MTC terminal is explicitly noticed.Network entity is (such as MSC/
SGSN/MME) compare the station location marker for receiving whether consistent with predefined station location marker.MTC terminal is checked by this attached
And a little whether change.
1,3,4 in such scheme, what is mainly solved is that Hypomobility MTC terminal is illegally moved under same SGSN/MME
Scene and problem, for SGSN-spanning/MME scenes under illegal mobile problem obviously can not solve well.
Such scheme 2, no matter MTC terminal whether SGSN-spanning/MME movements in theory, HSS/HLR is saved
Whether the positional information of MTC terminal, can consistent with pre-configured information judging by comparing information that MTC terminal reports
Whether MTC terminal illegally moves.But the positional information ratio of the Hypomobility MTC terminal in prior art for SGSN-spanning/MME
Compared with, it is necessary to through processes such as identity request, terminal authentication, location updatings, if such scheme 2 is adopted in M2M networks, will be right
M2M networks will cause great signaling traffic load.
The content of the invention
In view of this, present invention is primarily targeted at provide a kind of monitoring Hypomobility terminal location change method and
System, can be prohibited access to communication networks after Hypomobility terminal leaves setting regions, so as to avoid because terminal misplace and
Cause mistake to indicate, decrease signaling traffic load caused by this partial transposition terminal institute.
To reach above-mentioned purpose, the technical scheme is that what is be achieved in that:
A kind of method of monitoring Hypomobility terminal location change, the position limitation information of terminal are matched somebody with somebody as subscription data
Put in home subscriber server HSS/ attaching position register HLR, and access is downloaded to during insertion subscription data
In equipment safety control ASME;Methods described also includes:
During Attach/RAU/TAU, check that the terminal current request connects by the ASME accessed before the terminal
The ASME for entering not among position limitation information when, refuse the Attach/RAU/TAU processes, and send a warning message to MTC
Server.
Preferably, the position limitation information of the terminal includes the ASME list informations for allowing the terminal to access;
During the Attach/RAU/TAU, the terminal sends connection request to the ASME that current request is accessed and disappears
Breath;The ASME that the terminal current request is accessed is accessed to before the terminal when recognizing the terminal identity
ASME sends identification request message;
The ASME accessed before the terminal checks that the ASME for sending identification request message is not allowing the terminal to access
ASME lists in when, refuse the Attach/RAU/TAU processes, and send a warning message to MTC server.
Preferably, the ASME for accessing before the terminal checks that the ASME for sending identification request message is not allowing the end
Before in the ASME lists for terminating, methods described also includes:
The ASME accessed before the terminal checks whether the identification request message is credible, and, the terminal identity
Whether can be identified, when the identification request message is credible and the terminal identity can be identified, check that sending identification request disappears
Whether the ASME of breath is the ASME for allowing the terminal to access;The identification request message is insincere and/or the terminal identity
When can not be identified, response message is sent to the ASME for sending identification request message, improper value is included in the response message.
Preferably, described to after the ASME transmission response messages for sending identity request message, methods described also includes:
The ASME that the terminal current request is accessed sends identity request message to the terminal, and is receiving the end
After the international mobile subscriber identity IMSI information at end, authentication data request message is sent to HSS/HLR;
The HSS/HLR is not being permitted according to the ASME that the subscription data inspection of the terminal sends authentication data request message
When in the ASME lists that perhaps described terminal is accessed, refuse the Attach/RAU/TAU processes, and send a warning message to MTC clothes
Business device.
Preferably, the terminal is machine type communication MTC terminal;
In UMTS UMTS network, the ASME is SGSN or VLR Visitor Location Register VLR, in EPS
In network, the ASME is mobile management entity MME;
The identification information of the terminal is carried in the connection request message that terminal sends;Wherein, the identification information is
One in following information:
Interim identity TMSI, packet-switched domain interim identity P-TMSI, global unique temporary identity GUTI, international shifting
Dynamic user identification code IMSI.
A kind of method of monitoring Hypomobility terminal location change, including:
Before execution position more new technological process, the ASME that the terminal current request that HSS/HLR checks is accessed is not in position
When among restricted information, refuse the Attach/RAU/TAU processes that the terminal is initiated, and alarm letter is sent to MTC server
Breath.
Preferably, the position limitation information of the terminal includes the ASME list informations for allowing the terminal to access;
The HSS/HLR checks that the ASME of the terminal current request access, not among position limitation information, is:
After the ASME that terminal current request is accessed receives the connection request message of terminal, the connection request message is confirmed
Described in terminal identification information be IMSI information when, to HSS/HLR send authentication data request message;
The HSS/HLR checks that the ASME for sending authentication data request message is not arranged in the ASME for allowing the terminal to access
When in table, refuse the Attach/RAU/TAU processes, and send a warning message to MTC server.
Preferably, the position limitation information of the terminal includes the ASME list informations for allowing the terminal to access;
The HSS/HLR checks that the ASME of the terminal current request access, not among position limitation information, is:
During the Attach/RAU/TAU, the terminal can not recognize the end to the ASME that current request is accessed
When the ASME accessed before end identity, and the terminal can not recognize the terminal identity, the terminal current request is accessed
ASME send identity request message to the terminal, and after the IMSI information for receiving the terminal, send to HSS/HLR
Authentication data request message;
The HSS/HLR is not being permitted according to the ASME that the subscription data inspection of the terminal sends authentication data request message
When in the ASME lists that perhaps described terminal is accessed, refuse the Attach/RAU/TAU processes, and send a warning message to MTC clothes
Business device.
A kind of system of monitoring Hypomobility terminal location change, including ASME and HSS/HLR, wherein,
HSS/HLR, for the position limitation information of terminal is stored as subscription data;
ASME, for the position limitation information of the terminal is downloaded during insertion subscription data;
The ASME accessed before the terminal, for during Attach/RAU/TAU, checking that the terminal currently please
When asking the ASME of access not among position limitation information, refuse the Attach/RAU/TAU processes, and send a warning message
To MTC server.
Preferably, the position limitation information of the terminal includes the ASME list informations for allowing the terminal to access;
The terminal, for, during the Attach/RAU/TAU, sending connection to the ASME that current request is accessed
Request message;
The ASME that the terminal current request is accessed is further used for, when recognizing the terminal identity, to described
The ASME accessed before terminal sends identification request message;
The ASME accessed before the terminal is further used for, and checks that the ASME for sending identification request message is not allowing institute
When stating in the ASME lists of terminal access, refuse the Attach/RAU/TAU processes, and send a warning message to MTC and service
Device.
Preferably, the ASME for accessing before the terminal is further used for, and checks whether the identification request message is credible,
And, whether the terminal identity can be identified, and when the identification request message is credible and the terminal identity can be identified, enter
One step inspection sends whether the ASME of identification request message is the ASME for allowing the terminal to access;The identification request message is not
When credible and/or described terminal identity can not be identified, response message, the sound are sent to the ASME for sending identification request message
Improper value is included in answering message.
Preferably, the ASME that the terminal current request is accessed is further used for, and sends identity request to the terminal and disappears
Breath, and after the IMSI information for receiving the terminal, authentication data request message is sent to HSS/HLR;
The HSS/HLR is further used for, and sends authentication data request message according to the subscription data inspection of the terminal
ASME not in the ASME lists for allowing the terminal to access when, refuse the Attach/RAU/TAU processes, and send announcement
Alarming information is to MTC server.
A kind of system of monitoring Hypomobility terminal location change, including ASME and HSS/HLR, wherein,
HSS/HLR is used for, and before execution position more new technological process, checks that the ASME that the terminal current request is accessed does not exist
When among position limitation information, refuse the Attach/RAU/TAU processes that the terminal is initiated, and alarm is sent to MTC server
Information.
Preferably, the position limitation information of the terminal includes the ASME list informations for allowing the terminal to access;
The ASME that terminal current request is accessed is used for, and after the connection request message for receiving terminal, confirms the connection
When the identification information of terminal described in request message is IMSI information, authentication data request message is sent to HSS/HLR;
The HSS/HLR is further used for, and checks that the ASME for sending authentication data request message is not allowing the terminal
When in the ASME lists of access, refuse the Attach/RAU/TAU processes, and send a warning message to MTC server.
Preferably, the position limitation information of the terminal includes the ASME list informations for allowing the terminal to access;
The ASME that the terminal current request is accessed is further used for, during the Attach/RAU/TAU, currently
The ASME that request is accessed can not recognize that the ASME accessed before the terminal identity, and the terminal can not recognize the terminal
During identity, identity request message is sent to the terminal, and after the IMSI information for receiving the terminal, send out to HSS/HLR
Send authentication data request message;
The HSS/HLR is further used for, and sends authentication data request message according to the subscription data inspection of the terminal
ASME not in the ASME lists for allowing the terminal to access when, refuse the Attach/RAU/TAU processes, and send announcement
Alarming information is to MTC server.
In the present invention, when MTC terminal is registered in network first, ASME downloads the MTC terminal signing from HSS/HLR
Data, the subscription data include the ASME identification list information for allowing the MTC terminal to access.So, if MTC terminal movement
When having arrived the region that other ASME are covered, when the access request of the MTC terminal is received, then other ASME are first to this
MTC terminal is identified, it is impossible to will send identity request message to the MTC terminal original ASME when recognizing, so as to by the MTC terminal
Former ASME confirms whether the ASME being currently accessed is the ASME for allowing the MTC terminal to access.If the ASME that request is accessed is non-
The ASME for accessing is allowed, then refuses the access request of the MTC terminal.If the ASME that the MTC terminal current request is accessed is received
After the connection request message of the MTC terminal, when in confirmation connection request message, the identification information of the MTC terminal is IMSI information,
Authentication data request message is sent to HSS/HLR, HSS/HLR is identified according to the ASME for allowing MTC terminal to access in subscription data
List judges that whether the ASME for sending authentication data request message is the ASME that the MTC terminal allows to access, if it is not, then refusing
The access request of the exhausted terminal.The present invention improves the access safety of Hypomobility MTC terminal and network, significantly mitigate due to
Issuable signaling traffic load when such Hypomobility MTC terminal is illegally moved.
Description of the drawings
Fig. 1 is Attach and position update flow figure in EPS;
Fig. 2 is the composition structural representation of the system of present invention monitoring Hypomobility terminal location change;
Fig. 3 is the flow chart of the embodiment of the method one of present invention monitoring Hypomobility terminal location change;
Fig. 4 is the flow chart of the embodiment of the method two of present invention monitoring Hypomobility terminal location change.
Specific embodiment
The present invention basic thought be, it is generally the case that position limitation information is to be configured in HSS/ as subscription data
In HLR, and ASME (that is, SGSN/MME) is downloaded to by inserting user data (Insert subscriber data) process
In.When the Hypomobility MTC terminal moves to other ASME coverages, former ASME can check the ASME identity for receiving
Whether in the permission list (for example the ASME identification lists for, being allowed) of subscription data, if not in the list for allowing,
Refuse the MTC terminal and be linked into network, and report and alarm information gives MTC Server (MTC server).If new ASME and original
ASME all None- identified MTC terminal identity, then newly ASME carries user identity IMSI and initiates authentication data request to HSS/HLR,
HSS/HLR can now check new ASME whether in the list for allowing, if not refusing the request in the list for allowing,
And report and alarm information gives MTC Server.
It is to make the object, technical solutions and advantages of the present invention become more apparent, by the following examples and referring to the drawings, right
The present invention is further described.
Fig. 2 is the composition structural representation of the system of present invention monitoring Hypomobility terminal location change, as shown in Fig. 2
The system of present invention monitoring Hypomobility terminal location change includes RAN, ASME and HSS/HLR;In figure, network element 201 is low shifting
Dynamic property MTC terminal, only allows to move in authorized region, or is fixed from mobile etc..Network element 202 is for Hypomobility MTC
The former access network side gusset Old RAN of Terminal for service.In the present invention, Old RAN represent MTC terminal in initial attachment when institute
The RAN of access.Network element 203 is the former core-network side node Old ASME that service is provided for Hypomobility MTC terminal, at MTC ends
Rectify subscription data is downloaded from HSS/HLR during often registering;Comprising the permission Hypomobility MTC terminal in subscription data
The ASME identification lists (ASME identity list) of access.It should be noted that Old ASME in a umts network can be with
For SGSN or VLR, can be MME in EPS networks.Network element 204 is the HSS/HLR that service is provided for Hypomobility MTC terminal,
The HSS/HLR stores the ASME identification lists (ASME identity list) of the allowed access of the Hypomobility MTC terminal.Net
Unit 205 is, after Hypomobility MTC terminal is illegally moved, to provide the new access network side gusset (New RAN) of service for which.Network element
206 is, after Hypomobility MTC terminal is illegally moved, to provide the new core-network side node (New ASME) of service for which, is needed
Illustrate, New ASME can be SGSN or VLR in a umts network, can be MME in EPS networks.
In the present invention, the ASME (i.e. original ASME) accessed before MTC terminal is in MTC terminal initial registration from HSS/HLR
The subscription data of the terminal is downloaded, comprising the ASME identification lists for allowing the MTC terminal to access in subscription data.So, if
MTC terminal has carried out illegal movement, then new ASME is necessarily without the subscription data for storing the MTC terminal, it is impossible to recognize the MTC
The former ASME indicated in access request message is sent identification request message by terminal, so as to confirm to be currently accessed by former ASME
ASME be whether ASME that the MTC terminal allows to access.
In the present invention, MTC terminal is set.For
This MTC terminal, would not allow for its random movement and is linked into other ASME, and only have access in MTC terminal subscription data
The ASME for allowing the MTC terminal to access.The position limitation information of terminal is stored by HSS/HLR as subscription data;ASME
The position limitation information of the terminal is downloaded during insertion subscription data;The ASME accessed before MTC terminal, for
During Attach/RAU/TAU, when checking ASME that MTC terminal current request accesses not among position limitation information, refusal
The Attach/RAU/TAU processes, and send a warning message to MTC server.Position limitation information includes permission MTC ends
Terminate into ASME identification list information.Check the ASME of MTC terminal current request access not among position limitation information, i.e.,
Check the ASME of MTC terminal current request access whether in the ASME lists for allowing the terminal to access.
In the present invention, the ASME (Old ASME) of the initial attachment of MTC terminal is for obtaining the MTC ends for being initially attached to network
The ASME identification list information of the allowed access in end;Specifically, as it was previously stated, can obtain from HSS/HLR in initial attaching process
The subscription data of MTC terminal is taken, the subscription data includes the ASME identification list information for allowing MTC terminal to access.This area skill
Art personnel should be appreciated that MTC terminal can also obtain the ASME for allowing MTC terminal to access during RAU/TAU from HSS/HLR
Identification list information.
The ASME (New ASME) that MTC terminal is accessed after moving out setting regions is receiving the connection request of MTC terminal
After message, it is impossible to when recognizing MTC terminal identity, send to the ASME (OldASME, i.e. original ASME) that MTC terminal is initially adhered to and know
Other request message;The identification information of MTC terminal is carried in the connection request message;Wherein, the identification information can be
TMSI, P-TMSI, GUTI or IMSI etc..
Former ASME allows the ASME identification lists for accessing to judge to send identification request message according to acquired MTC terminal
Whether ASME is the ASME for allowing MTC terminal to access, if it is not, then refusal MTC terminal is accessed.That is, Old ASME
The ASME identification lists for accessing are allowed to be compared the New ASME identification informations carried in identity request message and MTC terminal
It is right, if identify with the ASME in the ASME identification lists for allowing to access matching, allow MTC terminal to access, otherwise would not allow for
MTC terminal is accessed.In the present invention, as said process is actually the Attach/RAU/TAU processes that MTC terminal is initiated, because
This, does not allow MTC terminal to access the Attach/RAU/TAU processes that actually refusal MTC terminal is initiated, it is allowed to which MTC terminal connects
Enter actually to allow the subsequent process of the Attach/RAU/TAU processes of MTC terminal initiation.
Former ASME is before judging whether send the ASME for recognizing request message is the ASME for allowing access, in addition it is also necessary to check
Whether the identity request message is credible, and, whether MTC terminal identity can be identified, and can in the identity request message
Letter and MTC terminal identity is when can be identified, determines whether whether the ASME for sending identification request message is to allow MTC terminal to connect
The ASME for entering;When the identity request message is insincere and/or MTC terminal identity can not be identified, returns and fit comprising one
As the ASME that the response message of error message is currently accessed to MTC terminal.
The ASME that MTC terminal is currently accessed sends body to MTC terminal after the response message comprising error message is received
Part request message, and after the IMSI information for receiving MTC terminal, authentication data request message is sent to HSS/HLR;
HSS/HLR judges to send according to the ASME identification lists that the permission MTC terminal in the subscription data of MTC terminal is accessed
Whether the ASME of authentication data request message is the ASME that MTC terminal allows to access, if it is not, then refusal MTC terminal
Attach/RAU/TAU processes, and send a warning message to MTC server.
In the present invention, if the MTC terminal mark letter carried in the connection request message that sends to New ASME of MTC terminal
Cease for IMSI, then New ASME directly send authentication data request message to HSS/HLR;HSS/HLR is according in subscription data
The terminal allows the ASME identification lists for accessing to judge whether the ASME for sending access request message is that the terminal allows to connect
The ASME for entering, if it is not, then the Attach/RAU/TAU processes that refusal MTC terminal is initiated.
In the present invention, HSS/HLR can be so that, before execution position more new technological process, inspection MTC terminal current request be accessed
ASME not among position limitation information when, refuse MTC terminal initiate Attach/RAU/TAU processes, and to MTC service
Device sends a warning message.
Specifically, the position limitation information of MTC terminal includes the ASME list informations for allowing MTC terminal to access;
The ASME that MTC terminal current request is accessed confirms that connection request disappears after the connection request message for receiving terminal
When the identification information of MTC terminal is IMSI information in breath, authentication data request message is sent to HSS/HLR;HSS/HLR is checked and is sent out
When sending the ASME of authentication data request message not in the ASME lists for allowing the terminal to access, refuse what MTC terminal was initiated
Attach/RAU/TAU processes, and send a warning message to MTC server.
Or, during the Attach/RAU/TAU, current request is accessed the ASME that MTC terminal current request is accessed
ASME can not recognize the terminal identity, and the ASME accessed before MTC terminal is when can not recognize the terminal identity, to
MTC terminal sends identity request message, and after the IMSI information for receiving MTC terminal, sending authentication data to HSS/HLR please
Seek message;
HSS/HLR is not allowing MTC according to the ASME that the subscription data inspection of MTC terminal sends authentication data request message
When in the ASME lists that terminal is accessed, refuse the Attach/RAU/TAU processes of MTC terminal, and send a warning message to MTC clothes
Business device.
It will be appreciated by those skilled in the art that the system of present invention monitoring Hypomobility terminal location change is mainly based upon
Existing M2M systems and constitute, simply the processing function of part network element therein is changed, and the present invention is simply introduced
The function changed by this part network element.
Hereinafter, by specific example, further elucidate the essence of technical solution of the present invention.
Fig. 3 is the flow chart of the embodiment of the method one of present invention monitoring Hypomobility terminal location change, as shown in figure 3,
In this example, former core-network side node (Old ASME) can recognize MTC terminal identity, then check whether MTC terminal is low shifting
Dynamic property MTC terminal, if it is, further determining that the ASME (New ASME) that MTC terminal current request is accessed is identified whether
In the ASME identification lists for being allowed, judged result is no, then do not allow MTC terminal access network.This example monitors low movement
Property terminal location change method specifically comprise the steps of:
Step 301:The backward new RAN of MTC terminal movement initiates connection request (Connection Request) message, should
Comprising MTC terminal unique mark in Connection Request message (here by taking attach request requests as an example);
In the present invention, MTC terminal unique mark may be temporary identifications (TMSI, Temporary Mobile
Subscriber Identity)、P-TMSI(Packet Switch-Temporary Mobile Subscriber
Identity), (GUTI, Globally Unique Temporary UE Identity) etc..
Step 302:After the RAN that request is accessed receives the connection request message of MTC terminal, send to New ASME
Connection Request message;
Step 303:New ASME determinations can not recognize MTC terminal identity, send identification request to Old ASME
(Identification Request) message, includes what MTC terminal was reported in Identification Request message
Unique mark;
Step 304:After Old ASME receive identification request message, check whether the unique mark of MTC terminal can recognize that
Or whether identification message is credible.In the case of recognizing that message is credible and MTC terminal mark is discernible, according to the MTC ends of storage
End subscription data checks whether the MTC terminal is Hypomobility MTC terminal, if it is, checking that the ASME that request is accessed is (current
Send the ASME of identity request message) identify whether in the ASME identification lists for being allowed.
Step 305:If MTC terminal is the Hypomobility MTC terminal, and checks that received ASME marks do not exist
In the ASME identification lists for being allowed, then Old ASME send identity response Identification to New ASME
Response, includes an error message in response message.
Step 305a:Old ASME send a monitoring to MTC Server and notify (Monitoring
Notification) message (including warning information, also referred to as alarm information).This step is optional step.
Step 306:After New ASME receive Old ASME responses, refusal connection (Connection is sent to RAN sides
Reject) message.
Step 306a:If abovementioned steps 305a are not carried out, New ASME send one to MTC Server
Monitoring Notification message.
Step 307:RAN sides send Connection Reject message to MTC terminal.
Fig. 4 is the flow chart of the embodiment of the method two of present invention monitoring Hypomobility terminal location change, as shown in figure 4,
In this example, former core-network side node (Old ASME) can not recognize MTC terminal identity or think to recognize that message is insincere, and or
The unique mark that person's MTC terminal is reported is permanent identification IMSI, then check whether the MTC terminal is described by HSS/HLR
Hypomobility MTC terminal, if it is, determining that the ASME (New ASME) that MTC terminal current request is accessed is identified whether in institute
In the ASME identification lists of permission.Judged result is no, then do not allow MTC terminal access network.This example monitors Hypomobility
The method of terminal location change is specifically comprised the steps of:
Step 401:MTC terminal initiates Connection Request requests to RAN (here please with Attach Request
As a example by asking);
Step 402:RAN sends Connection Request message to New ASME;
Step 403:New ASME are checked and can not be recognized MTC terminal identity, are identified asking to Old ASME
Identification Request, the unique mark reported comprising MTC terminal in request message.
Step 404:After Old ASME receive identification request message Identification Request, MTC ends are checked
Whether the unique mark at end is recognizable or recognizes whether message is credible.
Step 405:In the case of recognizing that request message is insincere or MTC terminal mark is unrecognizable, in identification response
An error message is returned in message Identification Response and gives New ASME.
Step 406:After New ASME receive response message, identity request message Identity is sent to MTC terminal
Request, it is desirable to which MTC terminal provides permanent identification IMSI (International Mobile Subscriber
Identity)。
Step 407:MTC terminal sends Identity Response message to New ASME, and MTC terminal is included in message
IMSI.
Step 408:After New ASME receive the IMSI of MTC terminal, authentication data request is sent to HSS/HLR
Authentication Data Request, ask the Ciphering Key of MTC terminal.
Step 409:According to subscription data and MTC terminal IMSI, HSS/HLR checks whether MTC terminal is Hypomobility MTC
Terminal, and check that the ASME for sending access request is identified whether in the ASME identification lists for being allowed.If low movement
Property MTC terminal, and received ASME identified not in the ASME identification lists for being allowed, then judge that the MTC terminal is non-
Method is moved.
Step 410:If MTC terminal is illegally moved, Authentication Datas of the HSS/HLR to New ASME
Response returns an error message.
Step 410a:HSS/HLR sends a Monitoring Notification message to MTC Server.This step
Suddenly it is optional step.
Step 411a:New ASME send Connection Reject message to MTC terminal.
Step 411b:If step 410a is not carried out, New ASME send a Monitoring to MTC Server
Notification message.
Step 411:If the non-Hypomobility MTC terminal of MTC terminal, or illegally do not moved, then network and MTC terminal
Perform normal Authentication/Security flow processs.
It should be noted that in the present invention, if the ASME that MTC terminal current request is accessed receives the connection request of terminal
After message, confirm MTC terminal in the connection request message identification information be IMSI information when, then directly to HSS/HLR send
Authentication data request message;HSS/HLR judges to send according to the ASME identification lists that the permission MTC terminal in subscription data is accessed
Whether the ASME of access request message is the ASME that MTC terminal allows to access, if it is not, then the refusal terminal access network
Network.
In UMTS UMTS network, ASME is SGSN or VLR Visitor Location Register VLR, in EPS networks
In, the ASME is mobile management entity MME;
The above, only presently preferred embodiments of the present invention is not intended to limit protection scope of the present invention.
Claims (15)
1. a kind of method that monitoring Hypomobility terminal location is changed, it is characterised in that the position limitation information of terminal is used as label
About data are configured in home subscriber server HSS/ attaching position register HLR, and the quilt during insertion subscription data
Download in connection security management device A SME;Methods described also includes:
During attachment Attach/ routing area updating RAUs/tracing section updating TAU, by the ASME inspections accessed before the terminal
Look into ASME that the terminal current request accesses not among position limitation information when, refuse the Attach/RAU/TAU mistakes
Journey, and send a warning message to MTC server.
2. method according to claim 1, it is characterised in that the position limitation information of the terminal is comprising allowing the end
Terminate into ASME list informations;
During the Attach/RAU/TAU, the terminal sends connection request message to the ASME that current request is accessed;
When recognizing the terminal identity, the ASME accessed to before the terminal sends out the ASME that the terminal current request is accessed
Send identification request message;
The ASME accessed before the terminal checks that the ASME for sending identification request message is not allowing what the terminal was accessed
When in ASME lists, refuse the Attach/RAU/TAU processes, and send a warning message to MTC server.
3. method according to claim 2, it is characterised in that the ASME accessed before the terminal check send identification please
Before asking the ASME of message not in the ASME lists for allowing the terminal to access, methods described also includes:
The ASME accessed before the terminal checks whether the identification request message is credible, and, whether the terminal identity
Can be identified, when the identification request message is credible and the terminal identity can be identified, check and send identification request message
Whether ASME is the ASME for allowing the terminal to access;The identification request message is insincere and/or the terminal identity can not
When identified, response message is sent to the ASME for sending identification request message, improper value is included in the response message.
4. method according to claim 3, it is characterised in that described to send response to the ASME for sending identity request message
After message, methods described also includes:
The ASME that the terminal current request is accessed sends identity request message to the terminal, and is receiving the terminal
After international mobile subscriber identity IMSI information, authentication data request message is sent to HSS/HLR;
The HSS/HLR is not allowing institute according to the ASME that the subscription data inspection of the terminal sends authentication data request message
When stating in the ASME lists of terminal access, refuse the Attach/RAU/TAU processes, and send a warning message to MTC and service
Device.
5. the method according to any one of Claims 1-4, it is characterised in that the terminal is machine type communication MTC ends
End;
In UMTS UMTS network, the ASME is SGSN or VLR Visitor Location Register VLR, in EPS networks
In, the ASME is mobile management entity MME;
The identification information of the terminal is carried in the connection request message that terminal sends;Wherein, the identification information is following
One in information:
Interim identity TMSI, packet-switched domain interim identity P-TMSI, global unique temporary identity GUTI, international mobile use
Family identification code IMSI.
6. a kind of method that monitoring Hypomobility terminal location is changed, it is characterised in that methods described includes:
Before execution position more new technological process, the ASME that the terminal current request that HSS/HLR checks is accessed is not in position limitation
When among information, refuse the Attach/RAU/TAU processes that the terminal is initiated, and send a warning message to MTC server;
According to subscription data and MTC terminal IMSI, HSS/HLR checks whether MTC terminal is Hypomobility MTC terminal, and check
The ASME for sending access request is identified whether in the ASME identification lists for being allowed.
7. method according to claim 6, it is characterised in that characterized in that, the position limitation information bag of the terminal
Containing the ASME list informations for allowing the terminal to access;
The HSS/HLR checks that the ASME of the terminal current request access, not among position limitation information, is:
After the ASME that terminal current request is accessed receives the connection request message of terminal, institute in the connection request message is confirmed
When the identification information for stating terminal is IMSI information, authentication data request message is sent to HSS/HLR;
The HSS/HLR checks the ASME for sending authentication data request message not in the ASME lists for allowing the terminal to access
When, refuse the Attach/RAU/TAU processes, and send a warning message to MTC server.
8. method according to claim 6, it is characterised in that the position limitation information of the terminal is comprising allowing the end
Terminate into ASME list informations;
The HSS/HLR checks that the ASME of the terminal current request access, not among position limitation information, is:
During the Attach/RAU/TAU, the terminal can not recognize the terminal body to the ASME that current request is accessed
Part, and the ASME accessed before the terminal is when can not recognize the terminal identity, what the terminal current request was accessed
ASME sends identity request message to the terminal, and after the IMSI information for receiving the terminal, sends to HSS/HLR and recognize
Card data request information;
The HSS/HLR is not allowing institute according to the ASME that the subscription data inspection of the terminal sends authentication data request message
When stating in the ASME lists of terminal access, refuse the Attach/RAU/TAU processes, and send a warning message to MTC and service
Device.
9. a kind of system of monitoring Hypomobility terminal location change, including ASME and HSS/HLR, it is characterised in that
HSS/HLR, for the position limitation information of terminal is stored as subscription data;
ASME, for the position limitation information of the terminal is downloaded during insertion subscription data;
The ASME accessed before the terminal, for during Attach/RAU/TAU, checking that the terminal current request connects
The ASME for entering not among position limitation information when, refuse the Attach/RAU/TAU processes, and send a warning message to MTC
Server.
10. system according to claim 9, it is characterised in that the position limitation information of the terminal is described comprising allowing
The ASME list informations that terminal is accessed;
The terminal, for, during the Attach/RAU/TAU, sending connection request to the ASME that current request is accessed
Message;
The ASME that the terminal current request is accessed is further used for, when recognizing the terminal identity, to the terminal
The ASME for accessing before sends identification request message;
The ASME accessed before the terminal is further used for, and checks that the ASME for sending identification request message is not allowing the end
When in the ASME lists for terminating, refuse the Attach/RAU/TAU processes, and send a warning message to MTC server.
11. systems according to claim 10, it is characterised in that the ASME accessed before the terminal is further used for,
Check whether the identification request message is credible, and, whether the terminal identity can be identified, and the identification request message can
The letter and terminal identity is when can be identified, further checks whether the ASME for sending identification request message is to allow the terminal
The ASME of access;When the identification request message is insincere and/or the terminal identity can not be identified, to sending identification request
The ASME of message sends response message, and improper value is included in the response message.
12. systems according to claim 11, it is characterised in that the ASME that the terminal current request is accessed further is used
In sending identity request message to the terminal, and after the IMSI information for receiving the terminal, send to HSS/HLR and recognize
Card data request information;
The HSS/HLR is further used for, and sends authentication data request message according to the subscription data inspection of the terminal
ASME not in the ASME lists for allowing the terminal to access when, refuse the Attach/RAU/TAU processes, and send alarm
Information is to MTC server.
A kind of 13. systems of monitoring Hypomobility terminal location change, including ASME and HSS/HLR, it is characterised in that
HSS/HLR is used for, and before execution position more new technological process, checks the ASME of the terminal current request access not in position
When among restricted information, refuse the Attach/RAU/TAU processes that the terminal is initiated, and alarm letter is sent to MTC server
Breath;Also,
Check whether MTC terminal is Hypomobility MTC terminal according to subscription data and MTC terminal IMSI, and check that transmission connects
The ASME for entering request is identified whether in the ASME identification lists for being allowed.
14. systems according to claim 13, it is characterised in that the position limitation information of the terminal is described comprising allowing
The ASME list informations that terminal is accessed;
The ASME that terminal current request is accessed is used for, and after the connection request message for receiving terminal, confirms the connection request
When the identification information of terminal described in message is IMSI information, authentication data request message is sent to HSS/HLR;
The HSS/HLR is further used for, and checks that the ASME for sending authentication data request message is not allowing the terminal to access
ASME lists in when, refuse the Attach/RAU/TAU processes, and send a warning message to MTC server.
15. systems according to claim 13, it is characterised in that the position limitation information of the terminal is described comprising allowing
The ASME list informations that terminal is accessed;
The ASME that the terminal current request is accessed is further used for, during the Attach/RAU/TAU, current request
The ASME of access can not recognize that the ASME accessed before the terminal identity, and the terminal can not recognize the terminal identity
When, identity request message is sent to the terminal, and after the IMSI information for receiving the terminal, send to HSS/HLR and recognize
Card data request information;
The HSS/HLR is further used for, and sends authentication data request message according to the subscription data inspection of the terminal
ASME not in the ASME lists for allowing the terminal to access when, refuse the Attach/RAU/TAU processes, and send alarm
Information is to MTC server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110079081.5A CN102724649B (en) | 2011-03-30 | 2011-03-30 | The method and system of monitoring Hypomobility terminal location change |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110079081.5A CN102724649B (en) | 2011-03-30 | 2011-03-30 | The method and system of monitoring Hypomobility terminal location change |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102724649A CN102724649A (en) | 2012-10-10 |
CN102724649B true CN102724649B (en) | 2017-04-05 |
Family
ID=46950279
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201110079081.5A Expired - Fee Related CN102724649B (en) | 2011-03-30 | 2011-03-30 | The method and system of monitoring Hypomobility terminal location change |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102724649B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019024744A1 (en) * | 2017-07-31 | 2019-02-07 | 华为技术有限公司 | Method and device for acquiring identifier of terminal device |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104349373B (en) * | 2013-08-07 | 2018-10-30 | 华为终端有限公司 | Terminal monitoring event configuration method, application server and homing position equipment |
CN105828285A (en) * | 2015-01-27 | 2016-08-03 | 中兴通讯股份有限公司 | Machine-type communication (MTC) terminal location monitoring and managing method, device and system |
CN109729042B (en) * | 2017-10-27 | 2021-03-12 | 大唐移动通信设备有限公司 | Information transmission and processing method and device |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4237134B2 (en) * | 2004-12-08 | 2009-03-11 | 日本電信電話株式会社 | Network, network system and network system communication method |
JP4455537B2 (en) * | 2006-05-24 | 2010-04-21 | 日本電信電話株式会社 | Network system for collecting measurement data via wireless communication |
-
2011
- 2011-03-30 CN CN201110079081.5A patent/CN102724649B/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4237134B2 (en) * | 2004-12-08 | 2009-03-11 | 日本電信電話株式会社 | Network, network system and network system communication method |
JP4455537B2 (en) * | 2006-05-24 | 2010-04-21 | 日本電信電話株式会社 | Network system for collecting measurement data via wireless communication |
Non-Patent Citations (1)
Title |
---|
3rdGeneration Partnership Project;3GPP;《3GPP TR 23.888》;20100720;33-35页,表6.11.2-1 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019024744A1 (en) * | 2017-07-31 | 2019-02-07 | 华为技术有限公司 | Method and device for acquiring identifier of terminal device |
Also Published As
Publication number | Publication date |
---|---|
CN102724649A (en) | 2012-10-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9042886B2 (en) | Method of and a support node for requesting registration of stationary user equipment in a cellular telecommunication system | |
EP2134061B1 (en) | Method and system for protection against the unauthorised use of a terminal | |
CN102056266B (en) | Method and system for access control of machine type communication (MTC) terminal | |
EP1754390B1 (en) | Method and radio communication network for detecting the presence of fraudulent subscriber identity modules | |
US20070238455A1 (en) | Mobile based area event handling when currently visited network doe not cover area | |
CN117015994A (en) | Method, system and computer readable medium for validating location update messages | |
EP2754311B1 (en) | Mobile terminal theft detection system | |
CN102056140A (en) | Method and system for acquiring machine type communication terminal information | |
WO2006009712A2 (en) | Tracking lost and stolen mobile devices using location technologies and equipment identifiers | |
CN102083212A (en) | Method, system and device for identifying terminal | |
CN102724649B (en) | The method and system of monitoring Hypomobility terminal location change | |
CN102340759B (en) | Communication terminal state acquisition method and system | |
CN102056128B (en) | Information acquisition method and system of machinery communication terminals | |
CN101489214B (en) | Method, apparatus and system for detecting user side equipment | |
CN102833733B (en) | A kind of method and system for monitoring the movement of Hypomobility terminal location | |
CN104717600A (en) | M2M terminal/terminal peripheral accessibility management method and device | |
CN101217704A (en) | An updating method of user information of authentication authorized charging system | |
CN103297946A (en) | Method and system for monitoring terminal behavior disorder | |
EP2725830B1 (en) | Method and system for triggering response of terminal, terminal and network side | |
US9191819B2 (en) | Security method for the verification of an information retrieval request | |
CN111788838A (en) | Method for providing a connection to a wireless device, subscriber identity module and management node | |
CN101938746A (en) | Anti-cloning method and device of user identification module | |
JP2011504700A (en) | Method for accessing a closed group in a radio access network | |
US10827347B1 (en) | Dynamic identities in a mobile device | |
CN103918294B (en) | The method for preventing the fraud of security module from using |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170405 Termination date: 20210330 |