CN103037363A

CN103037363A - Protective method and system of privacy of machine communications and machine communications service management entity

Info

Publication number: CN103037363A
Application number: CN2012102485563A
Authority: CN
Inventors: 金雷; 卞永刚; 张永靖; 陈显锋; 林琦; 牟伦建
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2011-03-11
Filing date: 2011-03-11
Publication date: 2013-04-10

Abstract

The invention provides a protective method and system of privacy of machine communications and machine communications service management entity as well as relevant devices. Privacy protection of machine-to-machine (M2M) is achieved, and signaling overheads are reduced at the same time. The method comprises that service management entity receives location and joins information, locating information confirms an entity which receives a private check, and the service management entity touches the entity which receives a private check, and carries out a private check. Due to the fact that the M2M service management entity confirms the entity which receives a private check in advance, touches the entity which receives a private check, and carries out a private check. Message exchanges at a mobile internet devices (mId) port are reduced, so message overheads are reduced, and network loads are reduced. Especially for wireless network with openings, reduced signaling overheads bring more benefits. At the same time, by using the third generation partnership project (3GPP) location server, a protective function of privacy and a location process reduce complexity of a platform.

Description

The private guard method of machine communication, system and machine communication service management entity

Technical field

The present invention relates to the communications field, relate in particular to private guard method, system and the machine communication service management entity of machine communication.

Background technology

Machine communication (Machine-to-Machine Communications, M2M) be a kind of take machine intelligence alternately as core, the networking application and service, it is by embedding wireless at machine intimate or wire communication module and application processing logic, realization need not the data communication of manual intervention, to satisfy the user to the information system requirement of the aspects such as monitoring, command scheduling, data acquisition and measurement.Accompanying drawing 1-a has provided a kind of typical M2M system architecture, wherein, various M2M terminals (for example, transducer, microcontroller etc.) directly access or long-range M2M service management entity (the Service Capability Layer that accesses to of process M2M gateway, SCL), and the professional ability that various M2M use (for example, electricity meter-reading, intelligent transportation etc.) then to be provided by M2M service management entity is obtained the data of M2M terminal collection or the M2M terminal is carried out Long-distance Control and management.

(the European Telecommunications Standards Institute for Machine-to-Machine Communications of the ETSI of machine communication, ETSI M2M) overall goal of standard is to create the open standard of M2M communication, to promote to set up the future network of an integrated various device and service, make the professional interoperable of M2M, also so that M2M uses can share basic business and be independent of network realizes.EISI M2M standard has defined location application DLL (dynamic link library) (Application Programming Interface in M2M application and M2M service management entity mIa interface, API), M2M uses the variation that can obtain positional information and subscribe to positional information.

What be closely related with positional information is exactly the problem of privacy protection.The privacy protection refers to that when processing the electronic communication personal data user has the right to allow to permit the third party to collect customer position information when and where, and has the right to delete the license that this third party collects customer position information.Privacy protection is person to person's problem that (Human to Human Communications, H2H) location must consider of communicating by letter.For example; at third generation partner program (The 3rd-Generation Partnership Project; 3GPP) in the network; privacy protection is described register (Privacy Profile Register by secret independently; PPR) or GMLC (Gateway Mobile Location Center; GMLC) etc. entity is finished; it is a kind of privacy protection of centralized architecture; its realization flow is: professional (the LoCation Service of external position; LCS) after client is obtained order by Le interface or OSA-LCS interface launch position; the position acquisition command routing is to ownership place GMLC (Home Gateway Mobile Location Center; HGMLC) or further be sent to the PPR entity by HGMLC by the Lpp interface and carry out the privacy protection; to check whether outside LCS client has authority that subscriber equipment (User Equipment, UE) is positioned.If there is not authority, then return messages are to outside LCS client; If authority is arranged, then further carry out the 3GPP position fixing process.The privacy protection mechanism has comprised the process that UE is carried out privacy notice (namely inform the location) or carries out the checking of UE privacy; the latter needs the user (for example to confirm; user interface by UE) can locate after, outside LCS client just has authority to position.In addition, can be in the different bands of position to a UE and be provided with different private authorities.

For the industry-by-industry of using M2M; such as Smart Home, automobile and electricity meter-reading etc., M2M equipment wherein uses as personal device, and device location has identified customer position information to a great extent; therefore, M2M also has the problem of the privacy protection of similar H2H to need to solve.

ETSI M2M uses resource to be the Restful style on basis, the business function layer of equipment, gateway and service management entity (Service Capability Layer, SCL) all can affiliated resource be managed, belong to a kind of system of distributed management resource.In other words, in the existing M2M system architecture, neither one is similar to PPR among the H2H or the central entity of GMLC is finished private defencive function.

Although on existing M2M system architecture basis, ETSI M2M has introduced access right function, consist of the M2M system architecture shown in accompanying drawing 1-b.Yet, because the M2M devices in system is numerous, not that each equipment has user interface (User Interface, UI), can not be similar to that (these UE have user interface to UE among the 3GPP, for example, the display of mobile phone etc.) carrying out privacy notice or checking equally comes directly each M2M equipment to be carried out privacy notice or verify.In other words, the situation (for example, the user has MEM device A and equipment B) for this people's multimachine in the M2M system suppose that device A has UI, and equipment B does not have UI, then can carry out privacy notice or checking to device A.Yet the privacy protection for equipment B although introduced access right function, still needs to find device A by the mId interface first, and then equipment B is carried out privacy notice or checking.On the other hand; even can use by the NTOE interface positioning function of 3GPP; in essence; if when processing private protection mechanism with this distributed access authentication function of access right; also to find equipment B by the mId interface first; the SCL of equipment B to the information processing that receives after, need to come the 3GPP location is then used by the mId interface in the equipment B location with the 3GPP positioning function if find.

Because the bottom-layer network of mId interface can be cable network, it also can be wireless network, therefore, find first device A and then equipment B is carried out privacy notice or checking by the mId interface in the above-mentioned prior art, perhaps, use the mode of 3GPP positioning equipment B all can bring extra signaling consumption by the mId interface again after finding equipment B by the mId interface first, these unnecessary signaling consumptions can cause the network load overload, take the normal data channel and cause the cost loss of operator; For the wireless network of eating dishes without rice or wine was arranged, the signaling consumption problem was more serious.

Summary of the invention

The embodiment of the invention provides private guard method, system and machine communication service management entity and the relevant device of machine communication, reduces signaling consumption in the privacy protection that realizes M2M.

The embodiment of the invention provides a kind of private guard method of machine communication, comprising: the service management entity determines to carry out the entity that privacy checks according to locating information after receiving position access message; The described entity that carries out the privacy inspection of described service management entity triggers carries out privacy inspection.

The embodiment of the invention provides a kind of private guard method of machine communication, comprising: machine communication M2M equipment receives position access message or the privacy inspection request that the service management entity sends; Described M2M equipment returns the auth response that privacy is checked to described service management entity; If the auth response to the privacy inspection positions described M2M equipment for allowing, then described M2M equipment obtains the positional information of described M2M equipment.

The embodiment of the invention provides a kind of machine communication service management entity, comprising: judge module, after receiving position access message, determine to carry out the entity that privacy checks according to locating information; Trigger module is used for triggering the described entity that carries out the privacy inspection and carries out privacy inspection.

The embodiment of the invention provides a kind of machine communication equipment, comprising: receiver module, and the position access message or the privacy inspection that are used for the transmission of reception service management entity are asked; Return module, be used for returning the auth response that privacy is checked to described service management entity; Position information acquisition module positions described M2M equipment for allowing if be used for described auth response, obtains the positional information of described M2M equipment.

The embodiment of the invention provides a kind of private protection system of machine communication, comprising: comprise machine communication service management entity and machine communication equipment;

Described machine communication service management entity after receiving position access message, is determined to carry out the entity that privacy checks according to locating information, triggers the described entity that carries out the privacy inspection and carries out privacy inspection;

Described machine communication equipment is used for receiving position access message or the privacy inspection request that described machine communication service management entity sends, and returns the auth response that privacy is checked to described machine communication service management entity.

The embodiment of the invention provides a kind of private protection system of machine communication, comprising: machine communication service management entity and third generation partner program location-server;

Described third generation partner program location-server is used for receiving the request for location services that described machine communication service management entity sends, and carries out described privacy and checks.

By the invention described above embodiment as can be known, owing to determine in advance to carry out the private entity that checks and trigger the entity that carries out private inspection and carry out privacy inspection by M2M service management entity, therefore, the method that the embodiment of the invention provides has reduced at the interacting message of mId interface and then has reduced message overhead, thereby reduced network load, especially for the wireless network of eating dishes without rice or wine is arranged, it is larger that signaling consumption reduces the benefit of bringing; Meanwhile, take full advantage of private defencive function and the positioning flow of 3GPP location-server, reduced the complexity of platform.

Description of drawings

In order to be illustrated more clearly in the technical scheme of the embodiment of the invention, the below will do to introduce simply to the accompanying drawing of required use in prior art or the embodiment description, apparently, accompanying drawing in the following describes only is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain such as these accompanying drawings other accompanying drawing.

Fig. 1-a is existing typical M2M system architecture schematic diagram;

Fig. 1-b is the M2M system architecture schematic diagram after ETSI M2M has introduced access right function;

Fig. 2 is the private guard method schematic flow sheet of the machine communication that provides of the embodiment of the invention;

Fig. 3-a is the private guard method schematic flow sheet of the machine communication that provides of another embodiment of the present invention;

Fig. 3-b is that the privacy that the embodiment of the invention provides arranges the resource structures schematic diagram;

Fig. 4 is the private guard method schematic flow sheet of the machine communication that provides of another embodiment of the present invention;

Fig. 5 is the private guard method schematic flow sheet of the machine communication that provides of another embodiment of the present invention;

Fig. 6 is the private guard method schematic flow sheet of the machine communication that provides of another embodiment of the present invention;

Fig. 7 is the private guard method schematic flow sheet of the machine communication that provides of another embodiment of the present invention;

Fig. 8 is the private guard method schematic flow sheet of the machine communication that provides of another embodiment of the present invention;

Fig. 9 is the logical construction schematic diagram of the machine communication service management entity that provides of the embodiment of the invention;

Figure 10 is the logical construction schematic diagram of the machine communication service management entity that provides of another embodiment of the present invention;

Figure 11 is the logical construction schematic diagram of the machine communication service management entity that provides of another embodiment of the present invention;

Figure 12 is the logical construction schematic diagram of the machine communication service management entity that provides of another embodiment of the present invention;

Figure 13 is the logical construction schematic diagram of the machine communication service management entity that provides of another embodiment of the present invention;

Figure 14 is the logical construction schematic diagram of the machine communication service management entity that provides of another embodiment of the present invention;

Figure 15 is the logical construction schematic diagram of the machine communication service management entity that provides of another embodiment of the present invention;

Figure 16 is the logical construction schematic diagram of the machine communication service management entity that provides of another embodiment of the present invention;

Figure 17 is the logical construction schematic diagram of the machine communication equipment that provides of the embodiment of the invention;

Figure 18 is the logical construction schematic diagram of the machine communication equipment that provides of another embodiment of the present invention;

Figure 19 is the logical construction schematic diagram of the machine communication equipment that provides of another embodiment of the present invention;

Figure 20 is the logical construction schematic diagram of a kind of machine communication service management entity of providing of another embodiment of the present invention;

Figure 21 is the logical construction schematic diagram of the private protection system of a kind of machine communication of providing of the embodiment of the invention;

Figure 22 is the logical construction schematic diagram of the private protection system of a kind of machine communication of providing of another embodiment of the present invention;

Figure 23 is the logical construction schematic diagram of the private protection system of a kind of machine communication of providing of another embodiment of the present invention.

Embodiment

Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, the every other embodiment that those skilled in the art obtain belongs to the scope of protection of the invention.

Seeing also accompanying drawing 2, is the private guard method schematic flow sheet of the machine communication that provides of the embodiment of the invention, mainly comprises step:

S201, machine communication M2M service management entity judge the entity that carries out the privacy inspection after receiving position access message according to locating information.Position access message wherein refers to that deletion creates and updating message to the obtaining of the location resource in service management entity or the M2M equipment, and to the subscription of location resource with go subscribe message.

Need to prove that the function of service management entity also can be finished by platform or middleware among the present invention.And M2M service management entity (SCL) can be in platform, gateway and some the M2M equipment.

In embodiments of the present invention, machine communication M2M service management entity is identical with M2M service management entity present position in the M2M system architecture shown in the accompanying drawing 1-a, can (for example use for various M2M, electricity meter-reading, intelligent transportation etc.) professional ability is provided, thus obtain the data of M2M equipment collection or M2M equipment is carried out Long-distance Control and management.The position acquisition order can be used position application DLL (dynamic link library) (the Application Programming Interface that passes through the mIa interface by M2M, API) initiate, for example, a kind of position location API function can be Retrieve (URI of location resource, parameters (deviceId)).

Need to prove that in embodiments of the present invention, so-called " user " refers to the affiliated user of equipment (comprising the M2M equipment with user interface and the subscriber equipment with user interface); Subscriber equipment with user interface also can be described as " Notified device " in embodiments of the present invention, this subscriber equipment can not be M2M equipment, but support note, the notice such as multimedia message verification mode, this subscriber equipment also can be M2M equipment, support is based on resource access way and the note of URI, the notice such as multimedia message verification mode, it receives the information that M2M service management entity sends over, for example, the notifying/verifying request, and the response of the information that it the returns information that to be the user send over M2M service management entity for example, allows the M2M equipment under it is carried out position acquisition and location etc.

In embodiments of the present invention, determine that the entity that carries out the privacy inspection comprises following several situation:

The first situation may be that the user uses the locating information configuration that will comprise private configuration information or is arranged on M2M service management entity by M2M, and these private configuration informations show at M2M service management entity carries out privacy inspection, carries out the privacy inspection or carry out privacy inspection at the 3GPP location-server at M2M equipment.M2M service management entity is after receiving the position acquisition order, can get access to these private configuration informations, thereby judge it is to carry out privacy inspection, carry out the privacy inspection or carry out privacy inspection at 3GPP location-server (with M2M service management entity separation) at M2M equipment at M2M service management entity (such as being integrated with 3GPP location-server function) according to these " private configuration informations ".

The second situation may be that the user does not dispose or be arranged on M2M service management entity with the private configuration information of described the first situation, M2M service management entity is after receiving the position acquisition order, for reducing message overhead, time-delay comprises notice by analysis, the locating information of the private configuration information such as verification mode is determined to advance privacy inspection at M2M service management entity (such as being integrated with the 3GPP location-server), carry out the privacy inspection or carry out privacy inspection at 3GPP location-server (with M2M service management entity separation) at M2M equipment.For example, if the private configuration information by analyzing and positioning information, M2M service management entity is found the notifying/verifying request to be sent to subscriber equipment (Notified device), then judge it is to carry out privacy inspection at M2M service management entity, otherwise judge it is to carry out privacy inspection at M2M equipment; And for example, only require and obtain the existing positional information of M2M equipment and do not need to locate in real time M2M equipment if launch position obtains the third party of order, then can judge at M2M service management entity and carry out privacy inspection, also can reduce message overhead and time-delay.

And for example, by the align_type information in the analyzing and positioning information, if (location server) obtains positional information such as 3GPP network element GMLC by location-server, then M2M service management entity can according to collect before or after receiving the position access information equipment align_type information to equipment requirement judge, carry out privacy inspection at M2M service management entity or location server.

And if if by locating to obtain positional information by device Domain such as being equipped with GPS or WSN, then the service management entity can according to collect before or after receiving the position acquisition order equipment align_type information to the M2M equipment requirement judge, do privacy inspection at M2M equipment.Further, M2M service management entity can according to collect before or after receiving the position acquisition order equipment stationkeeping ability information to the M2M equipment requirement recognize, WSN positions the positional information that operates and obtain M2M equipment by reference node or gateway device etc. in the location, M2M equipment among the figure can be above-mentioned reference node or gateway device at this moment, i.e. private inspection can be carried out in this M2M equipment.The positional information here can be the accurate positional information such as longitude, latitude, height, can be the city, road, the positional information that residential quarter, room number etc. are fuzzy.Also can be relative position information, such as among the WSN with respect to the distance of gateway or reference node.

S202, the described entity that carries out the privacy inspection of M2M service management entity triggers carries out privacy inspection.

So-called privacy checks, refers to carry out entity that privacy checks and determines that using third party that launch position obtains order by M2M has the location resource of lack of competence access M2M equipment and/or M2M equipment is located.

In one embodiment of the invention, can determine to carry out the private entity that checks according to locating information is M2M service management entity, also can determine to carry out the entity that described privacy checks according to described locating information is described M2M equipment, and then M2M service management entity triggers is carried out entity that privacy checks to carry out privacy inspection specifically can be that mode by the access of Restful resource or SIP signaling or the privately owned Signalling exchanges such as interior signaling trigger privacy inspection.

In the present embodiment; M2M service management entity has private audit function; after privacy has checked and has allowed the location; M2M service management entity can be sent to the 3GPP location-server with request for location services by Le interface (interface of LCS client and 3GPP location-server), to process privacy protection and the positioning flow of 3GPP side.And in the present embodiment, M2M service management entity is integrated with location-server such as the function of 3GPP location-server GMLC, and M2M service management entity can be sent to the 3GPP network element with Location Request by Lg/SLg interface (interface between 3GPP location-server and the 3GPP network element) and process positioning flow after finishing the privacy inspection and allowing the location.

In another embodiment, if determining to carry out the described private entity that checks according to described locating information is described M2M equipment, then M2M service management entity triggers is carried out entity that privacy checks and carried out privacy inspection and comprise: M2M service management entity is sent to M2M equipment with privacy inspection request or position acquisition order, and M2M service management entity receives the response of described M2M equipment.

In another embodiment, if determining to carry out the private entity that checks according to locating information is third generation partner program 3GPP location-server, then M2M service management entity triggers is carried out entity that privacy checks and carried out privacy inspection and comprise: M2M service management entity is to described 3GPP location-server transmission request for location services, carrying out described privacy by described 3GPP location-server checks, at this moment, if the 3GPP location-server does not have private audit function, then the 3GPP location-server is undertaken alternately by Lpp interface and PPR, carries out privacy inspection by PPR.In the present embodiment, M2M service management entity will access request for location services that message conversion becomes by the position and be sent to the 3GPP location-server and can be: M2M service management entity is sent to the 3GPP location-server with request for location services by Le interface (being the interface between LCS client and the 3GPP location-server), is sent to the 3GPP network element by location-server again and positions flow process.

M2M service management entity triggers is carried out privacy and is checked except above-mentioned substance, comprise that also M2M service management entity sends notice request and/or checking request to Notified device, after Notified device finishes inside notice demonstration and checking, return notice or auth response (push-notification-answer is optional), M2M service management entity receives the response to notice request and/or checking request.

In order to reduce expense, improve location efficiency or to improve user's experience, M2M service management entity can be according to private configuration information, send one to subscriber equipment and merge notice, this merging notice is used for notice one group of M2M equipment is positioned, be that one group of equipment of user all allows to be positioned and M2M service management entity arranges group (group) informing function of unlatching according to privacy, these notices are merged to a notification message, be sent to simultaneously Notified device (namely being sent to the user) in certain time; M2M service management entity also can send one to subscriber equipment and merge the checking request according to private configuration information, and this merging checking request is used for request one group of M2M equipment is positioned.Correspondingly, Notified device only need to return the user for the merging notice and provide a push-notification-answer, returns the auth response that the user provides for merging the checking request.M2M equipment is positioned for allowing in auth response, this is the same category of device association function that the embodiment of the invention provides, after Notified device allows the third party that certain M2M equipment of user is positioned when namely verifying, follow-uply do not need to verify just and can position the similar M2M equipment that the user has, to pare down expenses and to improve user's experience, wherein the same category of device association function can be arranged when private configuration information is set by the user, and by the auth response unlatching same category of device association function of platform according to subsequent user, to reduce the checking message overhead to the user.

In an embodiment provided by the invention, if determining to carry out the private entity that checks according to locating information is M2M service management entity, then when the result of privacy inspection positioned this M2M equipment for permission, M2M service management entity was sent to third generation partner program 3GPP network element with request for location services and receives the positioning service response of described 3GPP network element; Perhaps, M2M service management entity is sent to third generation partner program 3GPP network element with Location Request and receives the positioning result that described third generation partner program 3GPP network element positions described M2M equipment; Perhaps, described M2M service management entity is sent to Location Request M2M equipment and receives the positioning result that described M2M equipment positions described M2M equipment.

Because the 3GPP network element also has private audit function, therefore, if carried out private inspection at M2M service management entity, then M2M service management entity is when being sent to the 3GPP network element with request for location services, the 3GPP network element probably carries out privacy inspection again, and the privacy inspection that the 3GPP network element carries out again not necessarily, and the privacy inspection of this repetition tends to bring bad experience to the user.In embodiments of the present invention, M2M service management entity is in the Location Request that is sent to third generation partner program 3GPP network element, the positioning mark that can comprise described M2M service management entity, this positioning mark carries out privacy inspection again for informing that the 3GPP network element is removed from, perhaps M2M service management entity is in the Location Request that is sent to third generation partner program 3GPP network element, can comprise be used to illustrating that described M2M service management entity had carried out the sign that described privacy checks, for example, increase identifier declaration in M2M platform processes mistake by revising existing Le interface, private register or GMLC by 3GPP determine whether will continuing to do privacy inspection, the private data that are 3GPP will increase the location kind, determine whether again to carry out privacy inspection by described 3GPP network element.

Permission positions M2M equipment in zones of different, namely can be according to the different permission locating area of the prior flexible configuration of the different requirement of third party, for example, permission company colleague intra-company that the user works to own/car location, friend near the public place of entertainment to own/car location or household the Zone Full of the company of removing to oneself/car locates etc.

In another embodiment, if determining to carry out the private entity that checks according to described locating information is M2M equipment, then M2M service management entity also comprises after privacy inspection request or position acquisition order are sent to M2M equipment: M2M service management entity receives the positioning result that described M2M equipment is positioned, perhaps, M2M service management entity receives the result that M2M equipment carries out the privacy inspection.

In embodiments of the present invention, the result that checks of so-called privacy mainly comprises: allow described M2M equipment is positioned, do not allow described M2M equipment is positioned, allows described M2M equipment is positioned and sends notice, sends the checking of notice and the described subscriber equipment of needs to subscriber equipment but can allow the location without response the time, send notice and locate by rear just permission in the checking of described subscriber equipment to subscriber equipment to subscriber equipment.

Determining to carry out the private entity that checks according to locating information in the present invention is among the embodiment of M2M equipment or third generation partner program 3GPP location-server, the described entity that carries out the privacy inspection of M2M service management entity triggers carries out privacy inspection and also comprises: M2M service management entity is to subscriber equipment or M2M equipment dispatch order and/or checking request, M2M service management entity receives the auth response to the checking request, and this auth response comprises whether allowing M2M equipment is positioned.

In order to reduce expense, improve location efficiency or improve user's experience, be defined as among the embodiment of M2M equipment or third generation partner program 3GPP location-server at the entity that carries out the privacy inspection, M2M service management entity can be according to private configuration information, send a merging notice to subscriber equipment or M2M equipment, this merging notice is used for notice and will positions one group of M2M equipment, this is one group of equipment association function that the embodiment of the invention provides, be that one group of equipment of user all allows to be positioned and M2M service management entity arranges group (group) informing function of unlatching according to privacy, these notices are merged to a notification message, be sent to simultaneously Notified device (namely being sent to the user) in certain time; M2M service management entity also can send a merging checking request to subscriber equipment or M2M equipment according to private configuration information, and this merging checking request positions one group of M2M equipment for request.Correspondingly, Notified device only need to return the user for the merging notice and provide a push-notification-answer, returns the auth response that the user provides for merging the checking request.M2M equipment is positioned for allowing in auth response, then auth response can comprise that direct permission positions the M2M equipment identical with this M2M device type, does not need the third party again to send the checking request and verifies.This is the same category of device association function that the embodiment of the invention provides, after Notified device allows the third party that certain M2M equipment of user is positioned when namely verifying, follow-uply do not need to verify just and can position the similar M2M equipment that the user has, to pare down expenses and to improve user's experience.

See also accompanying drawing 3-a, the private guard method schematic flow sheet of the machine communication that another embodiment of the present invention provides.Accompanying drawing 3-a illustrated embodiment has provided the mutual of each equipment on accompanying drawing 2 illustrated embodiment bases, be described as follows.

S301, M2M use to M2M service management entity and send position access message;

For example, use api function Retrieve (URI of location resource, parameters (deviceId)), send access message in position by the mIa interface to M2M service management entity, with up-to-date locating information or the existing locating information of obtaining M2M equipment.

S302, M2M service management entity analysis locating information;

In embodiments of the present invention, locating information comprises position access message.The main purpose of M2M service management entity analysis locating information is determined to carry out privacy inspection, carry out the privacy inspection or carry out privacy inspection at the 3GPP location-server at M2M equipment at M2M service management entity, and determination methods specifically can be consulted the step S201 relevant portion of accompanying drawing 2 examples.In the present embodiment, suppose to determine to carry out privacy inspection at M2M service management entity.

S303, M2M service management entity carry out privacy inspection;

M2M service management entity carries out privacy inspection, the foundation of its inspection mainly is that the user uses the innovation that the interfaces uses such as process dIa and mIa are similar to access right in the ETSI M2M standard by M2M, obtain, upgrade deletion (Create Retrieve Update Delete, CRUD) user of flow setting privacy, for example, the contactUser child resource is set,＜Consumer〉child resource and areaAllowed child resource, shown in accompanying drawing 3-b, be＜accessRight 〉/the locPermissions child resource in definition for the authority of location information access.

The user is when arranging private configuration messages by the M2M application, by the addressing information that the contactUser child resource is specified Notified device, concrete configurable device number, IP address or URI.When third party's launch position access message also need to be notified the user or allow the user verify, then by sending short messages to userIdentity/multimedia message, perhaps access Notified device resource as a means of the source side formula by URI, perhaps the IP address by configuration sends notice or verifies that message is to Notified device, after Notified device has notice or verifies, be converted among the UI accessible message for the user at device interior.

For the setting of Attribute in the contactUser child resource, mainly be the definition of following attribute:

Association: the same category of device association function after contactUser allows NA that certain equipment of user is positioned when referring to verify, does not follow-uply need to verify that the same category of device that just user is had can position, to pare down expenses and to improve user's experience.

Group: one group of equipment association function, some equipment that refer to the user all are employed the location, but whether the privacy function has opened the group informing function according to the privacy setting, and these notices of user are merged to a notification message, issues simultaneously the user in certain time.

AreaPermitted: the zone allows private configuration information, and the zone allows private configuration information to be used for allowing in zones of different M2M equipment to be positioned.M2M service management entity can allow private configuration information in the receiving area.In contrast to the areaPermitted of 3GPP, the equipment that user is positioned can only arrange the zone of fixing permission location.Can come the different permission locating area of flexible configuration according to network application (Network Application, NA) among the M2M.Permission company colleague in intra-company that the user works to own/car location, friend near the public place of entertainment to own/car location, the household the Zone Full of the company of removing to oneself/car locates.

Need to prove that the privacy setting is used through the interface configuration such as dIa and mIa by M2M except the user, also can be undertaken by privately owned interface.In some cases, after user and operator or M2M service provider were signatory, the privacy setting that comprises in the agreement can be configured in the private related resource by privately owned interface.

S304, M2M service management entity is sent to subscriber equipment with notice request and/or checking request, and subscriber equipment can refer to have the equipment of user interface;

If M2M service management entity accesses message by analysis position, discovery needs user's notice and checking, because as previously mentioned, user's notice and checking are returned by subscriber equipment (Notified device), therefore, M2M service management entity is sent to Notified device with notice request and/or checking request.

S305, subscriber equipment return notice or auth response;

Notice or auth response are returned after finishing notice demonstration and checking in subscriber equipment (Notified device) inside, and wherein, push-notification-answer is optional.

S306, M2M service management entity is sent to the 3GPP location-server with Location Request;

Need to prove, in the present embodiment, the function of M2M service management entity is integrated 3GPP location-server or 3GPP location-server, M2M service management entity also can be sent to the 3GPP network element with Location Request by Lg/SLg interface (interface between 3GPP location-server and the 3GPP network element).

S307, the 3GPP location-server is to M2M service management entity restoring to normal position result;

In embodiments of the present invention, for the M2M equipment of locating by the 3GPP network element by the Le interface, obtain the positioning result of user's face SUPL/ chain of command according to the positioning flow of 3GPP, wherein, location technology comprises OTDOA, CellID, AGPS and global positioning system (Global Positioning System, GPS) technology etc.; PPR or GMLC by 3GPP determine whether will continuing to do privacy inspection.The 3GPP network element offers the 3GPP location-server with positioning result, again by the 3GPP location-server to M2M service management entity restoring to normal position result.

S308, M2M service management entity is back to M2M with positioning result and uses.

See also accompanying drawing 4, the private guard method schematic flow sheet of the machine communication that another embodiment of the present invention provides.In the present embodiment, the 3GPP location-server separates with M2M service management entity.Accompanying drawing 4 illustrated embodiments have provided the mutual of each equipment on accompanying drawing 2 illustrated embodiment bases, be described as follows.

S401, M2M use to M2M service management entity and send position access message;

S402, M2M service management entity analysis locating information;

In embodiments of the present invention, locating information comprises position access message.M2M service management entity analysis locating information main purpose is to judge to be to carry out the privacy inspection or carry out privacy inspection at M2M equipment at the 3GPP location-server.Suppose M2M service management entity according to the information in the position access message, for example align_type information (namely by 3GPP location or other modes, for example wsn locates) can be judged at the 3GPP location-server and carry out privacy inspection.

S403, M2M service management entity sends request for location services to the 3GPP location-server;

In the present embodiment, M2M service management entity is sent to the 3GPP location-server with request for location services: M2M service management entity is sent to the 3GPP location-server with request for location services by Le interface (being the interface between LCS client and the 3GPP location-server), is sent to the 3GPP network element by location-server again.After the 3GPP location-server is received request for location services (LCS service request), carry out privacy and check (S404).

S405, the 3GPP location-server is sent to M2M service management entity with the positioning service response of request for location services.

If the 3GPP location-server is located successfully, then positioning service responds the positional information of carrying M2M equipment.

S406, M2M service management entity is back to M2M with the positioning service response and uses.

Seeing also accompanying drawing 5, is the private guard method schematic flow sheet of the machine communication that provides of another embodiment of the present invention, mainly comprises step:

S501, machine communication M2M service management entity determine to carry out the entity that privacy checks according to locating information after receiving position access message.

Determine to carry out privacy inspection at M2M service management entity, 3GPP location-server or at M2M equipment, concrete determination methods can be consulted the step S201 relevant portion of accompanying drawing 2 illustrated embodiments.For example, if locate to obtain positional information by device Domain such as WSN, then M2M service management entity can according to the equipment stationkeeping ability information judgement of collecting before or receive the backward equipment requirement of position access message, carry out privacy inspection at M2M equipment (M2M device).Further, M2M service management entity can according to collect before or receive that the equipment stationkeeping ability information of the backward equipment requirement of position access message recognizes, position the position that operation also can obtain the node of positional information in the device Domain such as reference node or gateway device, M2M equipment among the figure can be above-mentioned reference node or gateway device at this moment, i.e. private inspection can be carried out in this M2M equipment.

S502 is M2M equipment if step S501 determines to carry out the private entity that checks, then M2M service management entity accesses the auth response that message is sent to M2M equipment and receives M2M equipment with privacy inspection request or position.

Alternatively, M2M equipment also returns push-notification-answer, the response of M2M service management entity reception notification.

Alternatively, M2M equipment also returns M2M equipment and carries out the result that privacy checks, M2M service management entity receives M2M equipment and carries out the result that described privacy checks, mainly has following several situation:

If follow-up position fixing process need to come M2M equipment location by M2M service management entity relationship location-server, then M2M equipment need to private check result, for example, allow the location to be back to M2M service management entity;

When receiving position access message, M2M service management entity carried out resolving or conversion, for example, be converted to privacy and check request message, if through the M2M device authentication, do not allow the third party that M2M equipment is located, this result informs M2M service management entity then to need M2M equipment " not allow the third party to M2M equipment location ", then by M2M service management entity response is informed that M2M uses;

In embodiments of the present invention, the result that so-called privacy checks comprises with lower a kind of or combination in any: allow described M2M equipment is positioned, do not allow described M2M equipment is positioned, allows described M2M equipment is positioned and to the M2M equipment dispatch order with user interface, to the described checking with M2M equipment of user interface of the M2M equipment dispatch order with user interface and needs, locate etc. by rear just permission to the M2M equipment dispatch order with user interface and in described checking with M2M equipment of user interface.

S503, M2M service management entity receives the positioning result that M2M equipment is positioned.

If M2M service management entity is that privacy inspection request is sent to described M2M equipment, then M2M service management entity reception M2M equipment carries out also comprising before the private result who checks: message is accessed in the position to M2M service management entity or Location Request is sent to M2M equipment.Particularly, if before this, M2M service management entity is message to be accessed in the position be sent to M2M equipment, because positioning function is at M2M equipment by oneself, does not therefore need M2M service management entity again to issue position access message; If before this, if M2M service management entity is that privacy inspection request is sent to described M2M equipment, need that then message is accessed in the position or Location Request is sent to M2M equipment.So still issue Location Request to issuing position access message, depend on the request that M2M uses has been resolved and changed to M2M service management entity whether.

Seeing also accompanying drawing 6, is the private guard method schematic flow sheet of the machine communication that provides of another embodiment of the present invention, mainly comprises step:

S601, machine communication M2M equipment receive position access message or the privacy inspection request that M2M service management entity sends.

In the present embodiment, the position access message of machine communication M2M equipment reception or privacy inspection request are that the definite privacy of M2M service management entity checks transmission when M2M equipment carries out.

S602, M2M equipment return the response that privacy is checked to M2M service management entity.

The response that privacy is checked for example, can be to allow the third party to M2M equipment location etc.; Alternatively, M2M equipment also returns push-notification-answer.

Alternatively, M2M equipment comprises also that to the auth response that described M2M service management entity returns the privacy inspection M2M equipment returns the result who carries out the privacy inspection to M2M service management entity.

In order to reduce expense or improvement user experience, the M2M device just will be returned the user for the merging notice and provide a push-notification-answer, verifies for merging and asks to return the auth response that the user provides.M2M equipment is positioned for allowing in auth response, then auth response can comprise that direct permission positions the M2M equipment identical with this M2M device type, does not need the third party again to send the checking request and verifies.This is the same category of device association function that the embodiment of the invention provides, after Notified device allows the third party that certain M2M equipment of user is positioned when namely verifying, follow-uply do not need to verify just and can position the similar M2M equipment that the user has, to pare down expenses and to improve user's experience.

S603, if allow M2M equipment is positioned, then M2M equipment obtains the positional information of described M2M equipment.

In the present embodiment, the positional information that M2M equipment obtains M2M equipment comprises: positional information, M2M equipment that M2M equipment obtains M2M equipment by the global positioning system (Global Positioning System, GPS) of self obtain the positional information of M2M equipment or M2M equipment obtains M2M equipment by WSN positional information from the 3GPP core network element.Particularly, obtain the M2M equipment of location for this locality, obtain the equipment of location for the device Domain at M2M equipment, positioning flow according to WSN obtains positioning result, and wherein location technology comprises RSSI, TOA, TDOA, AOA, and not based on the range finding based on jumping figure and connective location technology.

Further, if position flow process by reference node or gateway device, then reference node or gateway device, need in M2M equipment, create location resource by Restful resource access way and come storage location information, or come the URI of indicating positions locational information by a declaration resource (announce resource).Perhaps by M2M service management entity maintaining reference node URI, when accepting the position access message of NA, directly in the location resource of reference node, obtain positional information.Have the GPS function such as certain reference node among gateway device or the WSN, other M2M equipment can utilize positional information that GPS obtains as the positional information of self under the WSN among a small circle.

If the M2M equipment that is positioned or reference node or gateway device are connected with 3GPP, can be by position requests (the Mobile Originated Location Request of 3GPP portable terminal initiation, MO-LR) flow process (this flow process does not check privacy at 3GPP) is obtained device location, be further to guarantee privacy, need to when the M2M equipment that is positioned or reference node are initiated request for location services, carry to show it is the sign that M2M that the third party initiates uses.

See also accompanying drawing 7, the private guard method schematic flow sheet of the machine communication that another embodiment of the present invention provides.Accompanying drawing 7 illustrated embodiments have provided the mutual of each equipment on accompanying drawing 5 and accompanying drawing 6 illustrated embodiment bases, be described as follows.

S701, M2M use to M2M service management entity and send position access message;

S702, M2M service management entity analysis localization message;

In embodiments of the present invention, localization message comprises position access message.M2M service management entity analysis position access message main purpose is to judge to be to carry out privacy inspection, carry out the privacy inspection or carry out privacy inspection at M2M equipment at the 3GPP location-server at M2M service management entity, and the method for determining specifically can be consulted the step S201 relevant portion of accompanying drawing 2 examples.In the present embodiment, suppose to determine to carry out privacy inspection at M2M equipment.

S703, M2M service management entity is sent to M2M equipment with privacy inspection request or position access message;

S704, M2M equipment carry out privacy inspection;

S705, M2M equipment returns auth response to M2M service management entity;

The auth response that M2M equipment returns is the auth response that privacy is checked, for example, can be to allow the third party to M2M equipment location etc.Alternatively, M2M equipment also returns push-notification-answer; Alternatively, M2M equipment also returns M2M equipment and carries out the result that privacy checks, M2M service management entity receives M2M equipment and carries out the result that described privacy checks.

S706, M2M equipment is to this M2M equipment location;

If the result that privacy checks is, for example, allow M2M equipment is positioned, then M2M equipment obtains the positional information of this M2M equipment.

S707, M2M equipment responds to M2M service management entity restoring to normal position;

If obtained the positional information of this M2M equipment, the location response of then returning comprises the positional information of obtaining.

S708, M2M service management entity is used the restoring to normal position response to M2M.

If M2M equipment has obtained the positional information of this M2M equipment, then the location response returned of M2M service management entity comprises the positional information of the M2M equipment that obtains.

See also accompanying drawing 8, the private guard method schematic flow sheet of the machine communication that another embodiment of the present invention provides mainly comprises the steps:

S801, machine communication M2M service management entity becomes 3GPP network element or the discernible location signaling of PPR with the position access message conversion that receives.

During for the M2M equipment that exists in the M2M system than multiple access 3GPP, and need situation about positioning by the 3GPP positioning function.The private defencive function that M2M service management entity introducing GMLC and external LCS client have namely has M2M is used the position access message that sends by the mIa interface, is converted into the discernible core net location signaling of 3GPP.The mIa interface is also supported the provisioning to external LCS client, and the relevant data of configuration privacy comprise private grade (privacy class).In addition, also can realize by privately owned interface the configuration of privacy.

S802 by mutual with 3GPP network element or PPR, obtains the positional information of M2M equipment.

In the present embodiment, M2M service management entity has Lg interface, can be connected to 3GPP, reuses the stationkeeping ability of 3GPP network element; Have private audit function, reuse the function of existing GMLC; Support the Lpp interface, check message with the mutual privacy of PPR, and can support a plurality of Lpp interfaces.

Seeing also accompanying drawing 9, is the logical construction schematic diagram of a kind of machine communication service management entity of providing of the embodiment of the invention.For convenience of explanation, only show the part relevant with the embodiment of the invention.In embodiments of the present invention, M2M service management entity is identical with M2M service management entity present position in the M2M system architecture shown in the accompanying drawing 1-a, can (for example use for various M2M, electricity meter-reading, intelligent transportation etc.) professional ability is provided, thereby obtain the data of M2M equipment collection or M2M equipment is carried out Long-distance Control and management, its functional module/unit that comprises can be software module/unit, hardware module/unit or the software and hardware module/unit that combines, comprise judge module 901 and trigger module 902, wherein:

Judge module 901 after receiving position access message, determines to carry out the entity that privacy checks according to locating information;

Trigger module 902 is used for triggering described judge module 901 definite private entities that check of carrying out and carries out privacy inspection.

Particularly, be described M2M service management entity if described judge module 901 determines to carry out the private entity that checks according to described locating information, then trigger described M2M service management entity by described trigger module 902 and carry out described privacy inspection; If it is described M2M equipment that described judge module 901 determines to carry out the described private entity that checks according to described locating information, then described trigger module 902 comprises the first transmitting element 1001 and the first receiving element 1002, the machine communication service management entity that provides of another embodiment of the present invention as shown in Figure 10, wherein: the first transmitting element 1001 is used for privacy inspection request or described position access message are sent to described M2M equipment, and the first receiving element 1002 is used for receiving the response of described M2M equipment; If it is third generation partner program 3GPP location-server that described judge module 901 determines to carry out the described private entity that checks according to described locating information, then described trigger module 902 comprises request for location services transmitting element 1101, the machine communication service management entity that provides of another embodiment of the present invention as shown in Figure 11, request for location services transmitting element 1101 is used for sending request for location services to described 3GPP location-server, carries out described privacy by described 3GPP location-server and checks.

Need to prove, in the execution mode of above machine communication service management entity, the division of each functional module only illustrates, can be as required in the practical application, for example the facility of the configuration requirement of corresponding hardware or software implemented is considered, and the above-mentioned functions distribution is finished by different functional modules, the internal structure that is about to described machine communication service management entity is divided into different functional modules, to finish all or part of function described above.And, in the practical application, corresponding functional module in the present embodiment can be to be realized by corresponding hardware, also can be finished by the corresponding software of corresponding hardware implement, for example, aforesaid judge module, can be have carry out aforementioned receive position access message after, determine to carry out the hardware of the entity that privacy checks according to locating information, determining device for example, thus also can be to carry out general processor or other hardware devices that the corresponding computer program is finished aforementioned functional; For another example aforesaid trigger module, can be to have to carry out the hardware that the described entity that carries out the privacy inspection of aforementioned triggering carries out private audit function, such as trigger, thereby also can be to carry out general processor or other hardware devices that the corresponding computer program is finished aforementioned functional.

If it is described M2M service management entity that described judge module 901 determines to carry out the private entity that checks according to described locating information, then machine communication service management entity also comprises the first transceiver module 1201, the second transceiver module 1202 or the 3rd transceiver module 1203, the machine communication service management entity that provides of another embodiment of the present invention as shown in Figure 12, wherein:

Described the first transceiver module 1201, be used for when the result of privacy inspection positions described M2M equipment for permission, request for location services be sent to third generation partner program 3GPP network element and receive described 3GPP network element carry out the result that privacy checks gained;

Described the second transceiver module 1202, be used for when the result of privacy inspection positions described M2M equipment for permission, Location Request being sent to third generation partner program 3GPP network element and receiving the positioning result that described third generation partner program 3GPP network element positions described M2M equipment;

Described the 3rd transceiver module 1203 is used for when the result of privacy inspection positions described M2M equipment for permission Location Request being sent to M2M equipment and receiving the positioning result that described M2M equipment positions described M2M equipment.

In the first transceiver module 1201 of accompanying drawing 12 examples, described request for location services comprises the positioning mark of described M2M service management entity, described positioning mark carries out privacy inspection again for informing that described 3GPP network element is removed from, perhaps described request for location services comprises sign, be used for illustrating that described M2M service management entity had carried out the sign that described privacy checks, determine whether again to carry out privacy inspection by described 3GPP network element.

The machine communication service management entity of accompanying drawing 9 or accompanying drawing 12 examples can also comprise the first receiver module 1301 or second receiver module 1302 as a result as a result, the machine communication service management entity that provides of another embodiment of the present invention as shown in Figure 13, wherein:

The described first receiver module 1301 as a result is used for receiving the positioning result that described M2M equipment is positioned;

The described second receiver module 1302 as a result is used for receiving described M2M equipment and carries out the result that described privacy checks.

To the machine communication service management entity of accompanying drawing 13 arbitrary examples, the described entity that carries out the privacy inspection also is used for sending notice to subscriber equipment at accompanying drawing 9; The described entity that carries out the privacy inspection also is used for sending checking to subscriber equipment; The described entity that carries out the privacy inspection also is used for receiving the auth response to described checking request, and described auth response comprises whether allowing described M2M equipment is positioned.

In order to reduce expense, improve location efficiency or improve user's experience, at accompanying drawing 9 to the machine communication service management entity of accompanying drawing 13 arbitrary examples, the described entity that carries out the privacy inspection can also be according to private configuration information, send one to subscriber equipment and merge notice, this merging notice is used for notice one group of M2M equipment is positioned, be that one group of equipment of user all allows to be positioned and M2M service management entity arranges group (group) informing function of unlatching according to privacy, these notices are merged to a notification message, be sent to simultaneously Notified device (namely being sent to the user) in certain time; The described entity that carries out the privacy inspection also can send one to subscriber equipment and merge the checking request according to private configuration information, and this merging verifies that request is used for request one group of M2M equipment is positioned.Correspondingly, Notified device only need to return the user for the merging notice and provide a push-notification-answer, returns the auth response that the user provides for merging the checking request.M2M equipment is positioned for allowing in auth response, this is the same category of device association function that the embodiment of the invention provides, after Notified device allows the third party that certain M2M equipment of user is positioned when namely verifying, follow-uply do not need to verify just and can position the similar M2M equipment that the user has, to pare down expenses and to improve user's experience, wherein the same category of device association function can be arranged when private configuration information is set by the user, and by the auth response unlatching same category of device association function of platform according to subsequent user, to reduce the checking message overhead to the user.

Accompanying drawing 9 also comprises the first configuration information receiver module 1401 and/or the second configuration information receiver module 1402 to the machine communication service management entity of accompanying drawing 13 arbitrary examples, the machine communication service management entity that provides of another embodiment of the present invention as shown in Figure 14, wherein:

Described the first configuration information receiver module 1401 is used for receiving the directly private configuration information in location, and the private configuration information in described direct location is used for directly allowing the M2M equipment identical with described M2M device type is positioned;

Described the second configuration information receiver module 1402 is used for the receiving area and allows private configuration information, and described zone allows private configuration information to be used for allowing different Location Request sides in zones of different M2M equipment to be positioned.

Accompanying drawing 9 can also comprise locating information acquisition module 1501 to the machine communication service management entity of accompanying drawing 14 arbitrary examples, the machine communication service management entity that provides of another embodiment of the present invention as shown in Figure 15, locating information acquisition module 1501 is used for obtaining described locating information, and described locating information comprises private configuration information and align_type information.

Can comprise the first acquiring unit 1601, second acquisition unit 1602, the 3rd acquiring unit 1603 or the 4th acquiring unit 1604 in the machine communication service management entity of accompanying drawing 15 examples, the machine communication service management entity that provides of another embodiment of the present invention as shown in Figure 16, wherein:

Described the first acquiring unit 1601 is used for the capability information obtaining that reports by the M2M equipment that obtains;

Described second acquisition unit 1602 is used for obtaining by the user data that obtains from 3GPP Rg interface;

Described the 3rd acquiring unit 1603 is used for obtaining by the common user data-interface of OMA SUPM definition;

Described the 4th acquiring unit 1604, the user configuration information that is used for obtaining by open API API obtains.

Seeing also accompanying drawing 17, is the logical construction schematic diagram of a kind of machine communication equipment of providing of the embodiment of the invention.For convenience of explanation, only show the part relevant with the embodiment of the invention.The machine communication equipment of accompanying drawing 17 examples comprises:

Receiver module 1701, the position access message or the privacy inspection that are used for the transmission of reception M2M service management entity are asked;

Return module 1702, be used for returning the auth response that privacy is checked to described M2M service management entity.

The machine communication equipment of accompanying drawing 17 examples can also comprise position information acquisition module 1801, as shown in Figure 18 the machine communication equipment that provides of another embodiment of the present invention.Described M2M equipment is positioned for allowing if described acquisition of information module 1801 is used for described auth response, obtain the positional information of described M2M equipment.

The acquisition of information module 1801 of accompanying drawing 17 examples may further include the first acquiring unit 1901, second acquisition unit 1902 or the 3rd acquiring unit 1903, the machine communication equipment that provides of another embodiment of the present invention as shown in Figure 19, wherein:

Described the first acquiring unit 1901 is used for obtaining by the global position system GPS of self positional information of described M2M equipment;

Described second acquisition unit 1902, be used for obtaining from the third generation partner program 3GPP network element positional information of described M2M equipment, particularly, second acquisition unit 1902 is used for obtaining positional information by the MO-LR positioning flow, and positioning mark or an expression positional information of carrying Location Request side or service management entity are used for the indication that M2M communicates by letter;

Described the 3rd acquiring unit 1903; be used for obtaining by radio sensing network WSN the positional information of described M2M equipment; particularly; the 3rd acquiring unit 1903 is used for the private defencive function of service management entity according to the reference node URI of configuration, message is accessed in the position or privacy checks that order sends to reference node.

Seeing also accompanying drawing 20, is the logical construction schematic diagram of the machine communication service management entity that provides of another embodiment of the present invention.For convenience of explanation, only show the part relevant with the embodiment of the invention.The machine communication service management entity of accompanying drawing 20 examples comprises:

Modular converter 2001, the position access message conversion that is used for receiving becomes third generation partner program 3GPP network element or secret to describe the discernible location signaling of register PPR;

Acquisition module 2002 is used for obtaining the positional information of M2M equipment by to describe register PPR mutual with described 3GPP network element or secret.

Seeing also accompanying drawing 21, is the logical construction schematic diagram of the private protection system of a kind of machine communication of providing of the embodiment of the invention.For convenience of explanation, only show the part relevant with the embodiment of the invention.Attached system shown in Figure 21 comprises machine communication service management entity 2101 and machine communication equipment 2102, wherein:

Described machine communication service management entity 2101 after receiving position access message, is determined to carry out the entity that privacy checks according to locating information, triggers the described entity that carries out the privacy inspection and carries out privacy inspection;

Described machine communication equipment 2102 is used for receiving position access message or the privacy inspection request that described machine communication service management entity 2101 sends, and returns the auth response that privacy is checked to described machine communication service management entity.

Seeing also accompanying drawing 22, is the logical construction schematic diagram of the private protection system of a kind of machine communication of providing of another embodiment of the present invention.For convenience of explanation, only show the part relevant with the embodiment of the invention.Attached system shown in Figure 22 comprises machine communication service management entity 2201 and third generation partner program location-server 2202, wherein:

Described machine communication service management entity 2201 after receiving position access message, is determined to carry out the entity that privacy checks according to locating information, triggers the described entity that carries out the privacy inspection and carries out privacy inspection;

Described third generation partner program location-server 2202 is used for receiving the request for location services that described machine communication service management entity 2201 sends, and carries out described privacy and checks.

Seeing also accompanying drawing 23, is the logical construction schematic diagram of the private protection system of a kind of machine communication of providing of another embodiment of the present invention.For convenience of explanation, only show the part relevant with the embodiment of the invention.Attached system shown in Figure 23 comprises that machine communication service management entity 2301 and third generation partner program network element 2302 or secret describe register 2303, wherein:

Described machine communication service management entity 2301 comprises modular converter 23011 and acquisition module 23012;

Described modular converter 23011, the position access message conversion that is used for receiving becomes third generation partner program network core network element 2302 or secret to describe register 2303 discernible location signalings;

Described acquisition module 23012 is used for obtaining the positional information of machine communication equipment by to describe register 2303 mutual with described third generation partner program network element 2302 or secret;

Described third generation partner program network element 2302 or secret are described register 2303, are used for obtaining the positional information of described machine communication equipment, and the positional information of described machine communication equipment is offered described machine communication service management entity 2301.

Need to prove, the contents such as the information interaction between each module/unit of said apparatus, implementation, since with the inventive method embodiment based on same design, its technique effect that brings is identical with the inventive method embodiment, particular content can referring to the narration among the inventive method embodiment, repeat no more herein.

One of ordinary skill in the art will appreciate that all or part of step in the whole bag of tricks of above-described embodiment is to come the relevant hardware of instruction finish by program, this program can be stored in the computer-readable recording medium, storage medium can comprise: read-only memory (ROM, Read Only Memory), random access memory (RAM, Random Access Memory), disk or CD etc.

More than private guard method, system and machine communication service management entity and the relevant device of machine communication that the embodiment of the invention is provided be described in detail, used specific case herein principle of the present invention and execution mode are set forth, the explanation of above embodiment just is used for helping to understand method of the present invention and core concept thereof; Simultaneously, for one of ordinary skill in the art, according to thought of the present invention, all will change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.

Claims

1. the private guard method of a machine communication is characterized in that, described method comprises:

The service management entity becomes third generation partner program 3GPP network element or secret to describe the discernible location signaling of register PPR the position access message conversion that receives;

By to describe register PPR mutual with described 3GPP network element or secret, obtain the positional information of M2M equipment.

2. a machine communication service management entity is characterized in that, described service management entity comprises:

Modular converter, the position access message conversion that is used for receiving becomes third generation partner program 3GPP network element or secret to describe the discernible location signaling of register PPR;

Acquisition module is used for obtaining the positional information of M2M equipment by to describe register PPR mutual with described 3GPP network element or secret.

3. the private protection system of a machine communication, it is characterized in that, described system comprises that machine communication service management entity, third generation partner program network element or secret describe register, and described machine communication service management entity comprises modular converter and acquisition module;

Described modular converter, the position access message conversion that is used for receiving becomes described third generation partner program network element or described secret to describe the discernible location signaling of register;

Described acquisition module is used for obtaining the positional information of machine communication equipment by to describe register mutual with described third generation partner program network element or secret;

Described third generation partner program network element or secret are described register, are used for obtaining the positional information of described machine communication equipment, and the positional information of described machine communication equipment is offered described machine communication service management entity.