CN103379591A - Method and device for user device connection mode selection - Google Patents

Method and device for user device connection mode selection Download PDF

Info

Publication number
CN103379591A
CN103379591A CN2012101263683A CN201210126368A CN103379591A CN 103379591 A CN103379591 A CN 103379591A CN 2012101263683 A CN2012101263683 A CN 2012101263683A CN 201210126368 A CN201210126368 A CN 201210126368A CN 103379591 A CN103379591 A CN 103379591A
Authority
CN
China
Prior art keywords
mobile network
user equipment
network
fixed network
network user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2012101263683A
Other languages
Chinese (zh)
Other versions
CN103379591B (en
Inventor
尤建洁
范亮
朱春晖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201210126368.3A priority Critical patent/CN103379591B/en
Publication of CN103379591A publication Critical patent/CN103379591A/en
Application granted granted Critical
Publication of CN103379591B publication Critical patent/CN103379591B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention discloses a method and device for user device connection mode selection. The method comprises the steps that under the condition that the authentication of a mobile network user device connected from a fixed network home gateway is passed, a charging server is identified and authorized by a fixed network so that relevant identification information can be obtained, wherein the identification information comprises service set identification selected by the mobile network user device or RG identification and/or link identification corresponding to an RG; a connection mode is selected for the mobile network user device by a fixed network AAA server according to preset parameters, and the preset parameters comprise the identification information. According to the method and device for user device connection mode selection, the connection mode can be selected for the mobile network user device connected from the fixed network.

Description

The system of selection of subscriber equipment access module and device
Technical field
The present invention relates to the communications field, in particular to a kind of system of selection and device of subscriber equipment access module.
Background technology
Along with the development of network technology and the user demand to business, user terminal (User Equipment, UE) is multimode gradually, can be chosen in dissimilar access network accesses, to carry multifarious business.Different network connections has different characteristics and transmittability, to satisfy the user to the multifarious demand of business.At present, multimode user terminal can be realized the seamless link between the dissimilar radio access network, universal mobile telecommunications system (UMTS such as honeycomb, Universal Mobile Telecommunications System), enhanced data rates for gsm evolution technology (EDGE, Enhanced Data Rate for GSM Evolution), general packet radio service technology (GPRS, General Packet Radio Service) with IEEE 802.11 in WLAN (WLAN, Wireless LocalAreaNetworks) between seamless link.WLAN can provide very high data rate in family and hot spot region among a small circle, and cellular network can provide higher flexibility and ubiquitous covering, but data rate is lower; If can be in conjunction with both advantages, the user will benefit from it.In the coverage of wlan access point, multimode user terminal utilizes WLAN to carry out data access and the networking telephone (VoIP, Voice over Internet Protocol) application can also be used overlapping cellular network simultaneously, carries out audio call or media interviews.
At present, international normal structure broadband forum (BBF) is being fixed Mobile Convergence (FMC, Fixed MobileConvergence) standardization effort, the scene of research comprises that user terminal passes through home gateway (RG, Residential Gateway) from the BBF network insertion, and access is mobile or the business of fixed network.Because the isomerism of network, when user terminal during in the BBF network insertion, authenticate the user, there are differences with common BBF user aspect address assignment and the charging.Concrete scene as shown in Figure 1.
In scene as shown in Figure 1, the business datum that 3GPP UE initiates can have two kinds of situations transmission: from the local fixed network unloading of access or connect back mobile core network.In the prior art, the 3GPP network can send to the fixed network network access module indication of UE, can such as the transmission of above-mentioned two situations.In this case, need fixed network to make a policy according to certain foundation, namely select which kind of access module to UE, but do not provide fixed network according to which foundation, the solution of the UE access module of how making a strategic decision in the correlation technique at present.
Summary of the invention
For not providing how the to make a strategic decision problem of solution of subscriber equipment access module of fixed network in the correlation technique, the invention provides a kind of system of selection and device of subscriber equipment access module, to address the above problem at least.
According to an aspect of the present invention, a kind of system of selection of subscriber equipment access module is provided, comprise: in the situation that the mobile network user device authentication from the access of fixed network home gateway passes through, the fixed network authentication and authorization charging server obtains relevant identification information, wherein, this identification information comprises: the service set that mobile network user equipment is selected, or, the link identification that the sign of RG and/or RG are corresponding; The fixed network aaa server is selected access module according to predefined parameter for mobile network user equipment, and wherein, this predefined parameter comprises above-mentioned identification information.
Preferably, described fixed network aaa server obtains the service set that described mobile network user equipment selects and comprises: described RG provides one or more service set to described mobile network user equipment; Described mobile network user equipment is selected the service set of its access from described one or more service set; Described RG notifies the described service set that described mobile network user equipment is selected to described fixed network aaa server.
Preferably, described RG notifies the described service set that described mobile network user equipment is selected to described fixed network aaa server, comprising: the described service set that described RG selects described mobile network user equipment is encapsulated in and sends to described fixed network aaa server in the authentication message.
Preferably, the described service set that described RG selects described mobile network subscriber equipment is encapsulated in and sends to described fixed network aaa server in the authentication message, comprising: the described service set that described RG selects described mobile network subscriber equipment is encapsulated in and sends to authentication proxy in the authentication message; Described authentication proxy is transmitted to described fixed network aaa server with described authentication message.
Preferably, described fixed network aaa server obtains sign and/or link identification corresponding to described RG of described RG, comprise: in the verification process of described mobile network user equipment, described fixed network aaa server obtains sign and/or link identification corresponding to described RG of described RG.
Preferably, described fixed network aaa server is according to predefined parameter, select access module for described mobile network subscriber equipment, comprising: described fixed network aaa server is according to described predefined parameter, and making a strategic decision is the access module of described mobile network user equipment selection; Perhaps, described fixed network aaa server is according to sign and/or link identification corresponding to described RG of described RG, derive from the service set of the described mobile network user equipment of described RG access, according to this service set and described predefined parameter, making a strategic decision is the access module of described mobile network subscriber equipment selection again.
Preferably, described fixed network aaa server obtains the sign of described RG, comprising: described RG is encapsulated in the sign of described RG and sends to described fixed network aaa server in the authentication message; Described fixed network aaa server obtains link identification corresponding to described RG, comprising: in the verification process of described mobile network user equipment, the link identification that the fixed network network element is corresponding with described RG sends to described fixed network aaa server.
Preferably, described predefined parameter also comprises: the local collocation strategy of described fixed network aaa server and/or the CAMEL-Subscription-Information of described mobile network user equipment.
Preferably, the access module of described mobile network user equipment comprises: described mobile network user equipment returns the mobile core network of its ownership from local fixed network unloading or described mobile network user equipment connection.
Preferably, if described fixed network aaa server is described mobile network subscriber equipment selection access module is the fixed network unloading of described mobile network user equipment from accessing, then described method also comprises: described fixed network aaa server indication fixed network network element is the local fixed network of described mobile network user devices allocation address; If described fixed network aaa server is that described mobile network user equipment selection access module is the mobile core network that described mobile network user equipment connection returns its ownership, then described method also comprises: described fixed network aaa server indication fixed network network element and mobile core network element are set up the session tunnel, to obtain described mobile core network as the address of described mobile network user devices allocation.
According to another aspect of the present invention, a kind of choice device of subscriber equipment access module is provided, be positioned at fixed network authentication and authorization charging aaa server side, comprise: acquisition module, be used in the situation that the mobile network user device authentication that the home gateway RG from fixed network accesses passes through, obtain relevant identification information, wherein, described identification information comprises: the service set SSID that described mobile network user equipment is selected, or, the sign of described RG and/or link identification corresponding to described RG; Select module, be used for according to predefined parameter, select access module for described mobile network user equipment, wherein, described predefined parameter comprises described identification information.
Preferably, the message of carrying described service set that described mobile network user equipment select of described acquisition module by receiving that described RG sends, obtain the message of the described service set of described mobile network user equipment selection, wherein, described mobile network user equipment is the described service set of selecting from one or more service set that described RG provides.
Preferably, described message is authentication message.
Preferably, described acquisition module is used for the verification process at described mobile network user equipment, obtains sign and/or link identification corresponding to described RG of described RG.
Preferably, described acquisition module comprises: the first acquiring unit, for the authentication message of the sign of carrying described RG that receives described RG transmission, obtain the sign of described RG from described authentication message; Second acquisition unit is used for the verification process at described mobile network user equipment, obtains link identification corresponding to described RG from the fixed network network element.
Preferably, described selection module is used for according to described predefined parameter, the access module of making a strategic decision and selecting into described mobile network user equipment; Perhaps, described selection module is used for sign and/or link identification corresponding to described RG according to described RG, derive from the service set of the described mobile network user equipment of described RG access, according to this service set and described predefined parameter, making a strategic decision is the access module of described mobile network subscriber equipment selection again.
Preferably, described predefined parameter also comprises: the local collocation strategy of described fixed network aaa server and/or the CAMEL-Subscription-Information of described mobile network user equipment.
Preferably, the access module of described mobile network user equipment comprises: described mobile network user equipment returns the mobile core network of its ownership from local fixed network unloading or described mobile network user equipment connection.
Preferably, described device also comprises: indicating module, be used for select for described mobile network subscriber equipment access module be described mobile network user equipment in the situation of the fixed network unloading of access, indication fixed network network element is the local fixed network of described mobile network user devices allocation address; Perhaps, being used for select access module for described mobile network user equipment is in the situation of the described mobile network user equipment connection mobile core network that returns its ownership, indication fixed network network element and mobile core network element are set up the session tunnel, to obtain described mobile core network as the address of described mobile network user devices allocation.
By the present invention, in the situation that the mobile network user device authentication that the RG from fixed network accesses passes through, fixed network authentication and authorization charging (AAA) server obtains relevant identification information, wherein, this identification information comprises: the service set (SSID) that mobile network user equipment is selected, perhaps, the link identification that the sign of RG and/or RG are corresponding, then according to the predefined parameter that comprises at least this identification information, for this mobile network user equipment is selected access module.Thereby so that can carry out follow-up business according to corresponding access module from the mobile network user equipment of fixed network RG access, improve the user and experience.
Description of drawings
Accompanying drawing described herein is used to provide a further understanding of the present invention, consists of the application's a part, and illustrative examples of the present invention and explanation thereof are used for explaining the present invention, do not consist of improper restriction of the present invention.In the accompanying drawings:
Fig. 1 is the configuration diagram according to FMC in the correlation technique;
Fig. 2 is the flow chart according to the system of selection of the subscriber equipment access module of the embodiment of the invention;
Fig. 3 is the structural representation according to the choice device of the subscriber equipment access module of the embodiment of the invention;
Fig. 4 is the structural representation of the choice device of subscriber equipment access module according to the preferred embodiment of the invention;
Fig. 5 is the structural representation of choice device of the subscriber equipment access module of another preferred embodiment according to the present invention;
Fig. 6 is according to the mobile network user equipment of the preferred embodiment of the present invention one identifying procedure figure after the fixed network access;
Fig. 7 is according to the mobile network user equipment of the preferred embodiment of the present invention two identifying procedure figure after the fixed network access;
Fig. 8 is the identifying procedure figure of RG in fixed network in the preferred embodiment of the present invention two.
Embodiment
Hereinafter also describe in conjunction with the embodiments the present invention in detail with reference to accompanying drawing.Need to prove that in the situation of not conflicting, embodiment and the feature among the embodiment among the application can make up mutually.
Fig. 2 is the flow chart according to the system of selection of the subscriber equipment access module of the embodiment of the invention, and as shown in Figure 2, the method mainly may further comprise the steps (step S202-step S204):
Step S202, in the situation that the mobile network user device authentication that the RG from fixed network accesses passes through, the authentication and authorization charging of fixed network (Authentication, Authorization andAccounting, referred to as AAA) server obtains relevant identification information, wherein, described identification information comprises: service set (the Service Set Identifier that described mobile network user equipment is selected, referred to as SSID), or, the sign of described RG and/or link identification corresponding to described RG;
Step S204, described fixed network aaa server select access module according to predefined parameter for described mobile network user equipment, and wherein, described predefined parameter comprises described identification information.
Pass through the embodiment of the invention, in the situation that the mobile network user device authentication that the RG from fixed network accesses passes through, fixed network authentication and authorization charging (AAA) server obtains relevant identification information, wherein, this identification information comprises: the service set (SSID) that mobile network user equipment is selected, perhaps, the link identification that the sign of RG and/or RG are corresponding, then according to the predefined parameter that comprises at least this identification information, for this mobile network user equipment is selected access module.Thereby so that can carry out follow-up business according to corresponding access module from the mobile network user equipment of the RG of fixed network access, improve the user and experience.
In embodiments of the present invention, in the situation that the mobile network user device authentication that the fixed network aaa server can access at the RG from fixed network passes through, by relevant identification information, according to this identification information, for this mobile network user equipment (UE) is selected access module, wherein, this identification information can be the SSID that this mobile network UE selects, perhaps, also can be sign and/or link identification corresponding to this RG of this RG.
In a preferred implementation of the embodiment of the invention, can provide one or more SSID (being one or more AP that RG can hang) by RG, mobile network (is for example opened, the 3GPP network) after UE selected, the SSID that RG selects 3GPP UE sent to the AAA (referred to as BBFAAA) of fixed network.
In this preferred implementation, fixed network RG provides one or more SSID to mobile network UE, SSID (the Service Set Identifier that this mobile network UE that accesses from fixed network RG provides according to fixed network RG, service set) select the SSID of its access, RG notifies the AAA to BBF with the SSID that UE selects.
One of the embodiment of the invention more preferred embodiment in, the service attribute of the business that RG can initiate according to current mobile network UE, and/or the attribute of mobile network UE, and/or access module, and/or carrier network is planned to mobile network UE and provides one or more SSID for user selections.For example, connect back mobile core network for IP Multimedia System (IP Multimedia Subsystem is referred to as IMS) service needed, this moment, RG needed to provide the SSID that can connect back mobile core network to mobile network UE; And can local unload for some business of networking, then need provide to mobile network UE can the local SSID that unloads for RG.
In this preferred implementation, preferably, RG can be encapsulated in the SSID that described mobile network UE selects in the authentication message (for example RADIUS message) and send to described BBF AAA.Wherein, when RG and BBF AAA exist authentication proxy when (for example BNG serves as RADIUS Proxy), this authentication message can be transmitted to BBFAAA via authentication proxy.
In this preferred implementation, preferably, BBF AAA can the CAMEL-Subscription-Information decision-making in conjunction with local collocation strategy and/or described mobile network UE select access module for described UE on the basis of the SSID that described mobile network UE selects when selecting access module for mobile network UE.
In a preferred implementation of the embodiment of the invention, RG can only provide a SSID (being only to hang an AP on the RG) to mobile network UE, selects access module by BBF AAA according to the mobile network UE that is designated of line id corresponding to RG or RG.
In this preferred implementation, verification process, the fixed network aaa server obtains sign (as: MAC Address) and/or link identification (for example line id) corresponding to RG of RG from the mobile network UE of fixed network RG access.In the situation that mobile network UE authentication is passed through, BBF AAA is according to the link identification of described RG, and/or the sign of RG (such as MAC Address) decision-making is from the access module of the mobile network UE of this RG access.Preferably, BBF AAA can also be on the basis of the sign of the link identification of described RG and/or RG, in conjunction with the CAMEL-Subscription-Information decision-making of local collocation strategy and/or the described UE access module from the 3GPP UE of this RG access.Perhaps, BBF AAA derives from the SSID of the UE of this RG access according to sign and/or link identification corresponding to RG of described RG, then BBFAAA is according to described SSID, and/or local collocation strategy, and/or which kind of access module the decision-making of the CAMEL-Subscription-Information of described UE selects for described UE.
Preferably, described RG can be encapsulated in the sign of oneself and send to described BBFAAA in the authentication message.
Preferably, the link identification that RG is corresponding (such as line id) can pass through BBF network element (such as wideband network gateway (Broadband Network Gateway is referred to as BNG)) and sends to BBF AAA.
In embodiments of the present invention, BBF AAA is when selecting access module for mobile network UE, access module that can be corresponding according to pre-configured all SSID, select the access module corresponding with the current SSID that obtains, for example, if the SSID1 that mobile network UE selects, the corresponding local unloading of this SSID1, then BBFAAA for the access module of this mobile network UE decision-making is: from local fixed network unloading.Perhaps, also can be according to the user property of mobile network UE, for example, the data with certain user property are all returned mobile core network, and then BBFAAA is that the access module with mobile network UE selection of this user property is: the mobile core network that connects back this mobile network UE ownership.
In a preferred implementation of the embodiment of the invention, described access module comprises: described UE connects back the mobile core network that described UE belongs to from local fixed network unloading or described UE.
In a preferred implementation of the embodiment of the invention, UE unloads from local fixed network if BBFAAA makes a strategic decision out, then indicates the fixed network network element to distribute local fixed network address to this mobile network UE; UE connects back mobile core network if make a strategic decision out, then indicates fixed network network element and 3GPP network element to set up the session tunnel, the address of distributing to obtain mobile network.
According to the embodiment of the invention, a kind of choice device of subscriber equipment access module also is provided, be positioned at fixed network authentication and authorization charging aaa server side, can be for the system of selection that realizes the above-mentioned subscriber equipment access module that the embodiment of the invention provides.
Fig. 3 is the structural representation according to the choice device of the subscriber equipment access module of the embodiment of the invention, and as shown in Figure 3, this device mainly comprises: acquisition module 10 and selection module 20.Wherein, acquisition module 10, be used in the situation that the mobile network user device authentication that the home gateway (RG) from fixed network accesses passes through, obtain relevant identification information, wherein, described identification information comprises: service set (SSID) SSID that described mobile network user equipment is selected, or, the sign of described RG and/or link identification corresponding to described RG; Select module 20, with acquisition module 10 couplings, be used for according to predefined parameter, select access module for described mobile network user equipment, wherein, described predefined parameter comprises described identification information.
Pass through the embodiment of the invention, in the situation that the mobile network user device authentication that the RG from fixed network accesses passes through, the acquisition module 10 of choice device that is positioned at the subscriber equipment access module of fixed network authentication and authorization charging (AAA) server side obtains relevant identification information, wherein, this identification information comprises: the service set (SSID) that mobile network user equipment is selected, perhaps, the link identification that the sign of RG and/or RG are corresponding, select module 20 according to the predefined parameter that comprises at least this identification information, for this mobile network user equipment is selected access module.Thereby so that can carry out follow-up business according to corresponding access module from the mobile network user equipment of the RG of fixed network access, improve the user and experience.
In a preferred implementation of the embodiment of the invention, acquisition module 10 can be by the message of carrying the described service set that described mobile network user equipment selects that receives that described RG sends, obtain the message of the described service set of described mobile network user equipment selection, wherein, described mobile network user equipment is the described service set of selecting from one or more service set that described RG provides.In this preferred implementation, can provide one or more SSID (being one or more AP that RG can hang) by RG, after mobile network was opened (for example, the 3GPP network) UE selection, RG sent to the fixed network aaa server with the SSID that 3GPP UE selects.
In this preferred implementation, preferably, RG can be encapsulated in the SSID that described mobile network UE selects in the authentication message (for example RADIUS message) and send to described BBF AAA.Wherein, when RG and BBF AAA exist authentication proxy when (for example BNG serves as RADIUS Proxy), this authentication message can be transmitted to BBFAAA via authentication proxy.
In another preferred embodiment of the embodiment of the invention, acquisition module 10 obtains sign and/or link identification corresponding to described RG of described RG for the verification process at described mobile network user equipment.In this preferred implementation, RG can only provide a SSID (being only to hang an AP on the RG) to mobile network UE, selects access module by the fixed network aaa server according to the mobile network UE that is designated of line id corresponding to RG or RG.
In this preferred implementation, preferably, as shown in Figure 4, acquisition module 10 can comprise: the first acquiring unit 110, for the authentication message of the sign of carrying described RG that receives described RG transmission, obtain the sign of described RG from described authentication message; Second acquisition unit 120 is used for the verification process at described mobile network user equipment, obtains link identification corresponding to described RG from the fixed network network element.In a preferred embodiment, RG can be encapsulated in the sign of oneself and send to the fixed network aaa server in the authentication message, the first acquiring unit 110 obtains the sign of described RG from this authentication message, second acquisition unit 120 can be by obtaining link identification corresponding to RG (such as line id) from the message (such as BNG) of BBF network element.
In above-mentioned preferred implementation, select module 20 to be used for according to described predefined parameter the access module of making a strategic decision and selecting into described mobile network user equipment; Perhaps, selection module 20 also can be used for sign and/or link identification corresponding to described RG according to described RG, derive from the service set of the described mobile network user equipment of described RG access, according to this service set and described predefined parameter, making a strategic decision is the access module of described mobile network subscriber equipment selection again.
In embodiments of the present invention, preferably, above-mentioned predefined parameter can also comprise: the local collocation strategy of fixed network aaa server and/or the CAMEL-Subscription-Information of described mobile network user equipment.
In embodiments of the present invention, preferably, the access module of mobile network user equipment comprises: mobile network user equipment returns the mobile core network of its ownership from local fixed network unloading or mobile network user equipment connection.
In a preferred implementation of the embodiment of the invention, as shown in Figure 5, this device can also comprise: indicating module 30, be used for select for described mobile network subscriber equipment access module be described mobile network user equipment in the situation of the fixed network unloading of access, indication fixed network network element is the local fixed network of described mobile network user devices allocation address; Perhaps, being used for select access module for described mobile network user equipment is in the situation of the described mobile network user equipment connection mobile core network that returns its ownership, indication fixed network network element and mobile core network element are set up the session tunnel, to obtain described mobile core network as the address of described mobile network user devices allocation.
Identifying procedure after the below accesses from the BBF network take 3GPP UE is as example, and the technical scheme that the embodiment of the invention is provided describes.
Embodiment one
In the present embodiment, RG provides one or more SSID (being that RG can hang one or more AP) for 3GPP UE.
Fig. 6 is the identifying procedure figure after 3GPPUE accesses from the BBF network in the present embodiment, and as shown in Figure 6, the identifying procedure after 3GPPUE accesses from the BBF network mainly may further comprise the steps:
Step S601, RG authenticate at the BBF network;
In specific implementation process, RG is in BBF network authentication process, BNG participates in the verification process of RG, and will be packaged into from the authentication request message of RG remote subscriber and dial in the service for checking credentials (Remote Authentication Dial In User Service is referred to as RADIUS) RADIUS and send to the BBF aaa server and authenticate.
Step S602,3GPP UE send authentication protocol to RG and begin (EAPoL-Start) message, authenticate by the 802.1x agreement.
Wherein, 3GPPUE is the 802.1X requestor, and RG is the 802.1X authenticator.
Preferably, in verification process, RG can provide one or more SSID for user selection, and 3GPP UE selects certain SSID access network according to user intention.
Preferably, described RG can be according to service attribute, and/or user property, and/or access module, and/or carrier network planning provides one or more SSID for user selections.
Step S603, receive the EAPoL Start message that UE sends after, RG sends authentication protocol ID request (EAPIdentity Request) message to UE, is used for notice UE report of user name.
Step S604, receive the EAP Identity Request message that RG sends after, UE replys authentication protocol IE and replys (EAPIdentity Response) message and wherein carry user name in the message to RG.
Step S605, RG connect the EAP Identity Response message that will receive and are encapsulated in RADIUS authentication access request (the RADIUS Access Request) message, and RADIUS Access Request message is sent to BBF AAA.
Wherein, RG is radius client, and BBFAAA is the radius server end.
Particularly, the SSID that also 3GPP UE selected of RG is encapsulated in the RADIUS Access Request message and sends to BBFAAA.
Particularly, when existence was served as RADIUS Proxy such as network elements such as BNG between RG and the BBFAAA, above-mentioned RADIUSAccess Request message was transmitted to BBF AAA via RADIUS Proxy.
The RADIUS Access Request message repeating that step S606, BBF AAA will receive from RG according to network address sign (NAI, Network Address Identifier) is to 3GPP AAA.
Step S607, after receiving the RADIUSAccess Request message of BBFAAA transmission, 3GPPAAA replys authentication access response (RADIUSAccess Response) message to BBFAAA, wherein carries EAP Challenge (challenge) in this message.
Step S608, BBF AAA with the RADIUS Access Response message repeating that receives to RG.
Step S609, RG is from the RADIUS Access Response message that receives, and deblocking goes out the EAP frame, and this EAP frame is sent to UE.After receiving the EAP frame of RG transmission, UE replys message to RG, carries challenge password (Challenged Password) in the message.
Step S610, after the message of UE answer was received in challenge, RG was encapsulated into the EAP frame in the RADIUS Access Request message and sends to BBFAAA, wherein carries the Challenged Password that receives.
The RADIUS Access Request message repeating that step S611, BBF AAA receive challenge is to 3GPPAAA.
Step S612, if the 3GPP UE of request access BBF access network is by authenticating, then 3GPP AAA answer authentication access is accepted (RADIUS Access Accept) message and is wherein carried the CAMEL-Subscription-Information of UE to BBF AAA; If the 3GPPUE of request access BBF access network not by authentication, then replys authentication admission reject message to BBFAAA.
Particularly, in the situation that 3GPP UE authentication is passed through, BBF AAA stores the SSID that this UE selects, and wherein SSID can be carried to BBFAAA by step S605.
Further, BBF AAA is according to described SSID, and/or local collocation strategy, and/or which kind of access module the decision-making of the CAMEL-Subscription-Information of described UE selects for described UE.
Particularly, described access module represents that described UE is from local fixed network unloading or connects back mobile core network.
Further, UE unloads from local fixed network if BBF AAA makes a strategic decision out, then indicates the fixed network network element to distribute local fixed network address to 3GPP UE; UE connects back mobile core network if make a strategic decision out, then indicates fixed network network element and 3GPP network element to set up the session tunnel, the address of distributing to obtain mobile network.
Step S613, BBF AAA transmit RADIUS Access Accept message to RG.
Particularly, BBFAAA sends to RG with the access module of the UE that makes a strategic decision out.When existence was served as RADIUS Proxy such as network elements such as BNG between RG and the BBFAAA, above-mentioned RADIUS Access Accept message was transmitted to BBF AAA via RADIUS Proxy.Similarly, the access module of RADIUS Proxy storage UE.
Step S614, the RG deblocking goes out the EAP frame, sends authentication protocol success (EAP Success) message to UE.
Embodiment two
In the present embodiment, RG only provides a SSID (being only to hang an AP on the RG), is that 3GPP UE from the RG access selects access module by BBF AAA according to the sign of described RG or link identification corresponding to described RG.
Fig. 7 is the identifying procedure figure after 3GPPUE accesses from the BBF network in the present embodiment, and as shown in Figure 7, this flow process may further comprise the steps:
Step S701, RG authenticate at the BBF network according to flow process shown in Figure 8;
Fig. 8 is the identifying procedure figure of embodiment of the invention RG in the BBF network, and as shown in Figure 8, this flow process may further comprise the steps:
Step S801, RG authenticate at the BBF network, and RG sends message identifying to BNG;
Particularly, the message identifying that BNG can send according to RG obtains the MAC Address (being the sign of RG) of RG and/or the link identification (such as Line ID) of RG access.
Step S802, BNG can adopt radius protocol to realize to the message identifying that BBFAAA sends RG.
Particularly, the message identifying of the RG that BBF AAA sends according to BNG obtains the MAC Address of RG and/or the link identification (such as Line ID) of RG access.
Step S702,3GPP UE send authentication protocol to RG and begin (EAPoL-Start) message, authenticate by the 802.1x agreement.
Wherein, 3GPPUE is the 802.1X requestor, and RG is the 802.1X authenticator.
Particularly, RG only provides a SSID for the user selection access network.
Step S703, receive the EAPoL Start message that UE sends after, RG sends authentication protocol ID request (EAPIdentity Request) message to UE, is used for notice UE report of user name.
Step S704, receive the EAP Identity Request message that RG sends after, UE replys authentication protocol IE and replys (EAPIdentity Response) message and wherein carry user name in the message to RG.
Step S705, RG is encapsulated into the EAP Identity Response message that receives in authentication access request (RADIUSAccess Request) message, and RADIUS Access Request message is sent to BBF AAA.
Wherein, RG is radius client, and BBFAAA is the radius server end.
Particularly, when existence was served as RADIUS Proxy such as network elements such as BNG between RG and the BBFAAA, above-mentioned RADIUSAccess Request message was transmitted to BBF AAA via RADIUS Proxy.
Particularly, RG also is encapsulated into oneself MAC Address in the RADIUS Access Request message and sends to BBFAAA.And/or: the link identification that BBF network element (such as AN, access node or BNG) accesses RG (link identification of this RG access also is simultaneously the link identification from the 3GPP UE of this RG access) and/or RG sign (such as MAC Address) are inserted into the RADIUS Access Request message and send to BBF AAA.
The RADIUS Access Request message repeating that step S706, BBF AAA will receive from RG according to network address sign (NAI, Network Address Identifier) is to 3GPP AAA.
Step S707, receive the RADIUSAccess Request message that BBFAAA sends after, 3GPPAAA replys authentication access response (RADIUS Access Response) message and wherein carries EAP Challenge in this message to BBF AAA.
Step S708, BBF AAA with the RADIUS Access Response message repeating that receives to RG.
Step S709, RG is from the RADIUS Access Response message that receives, and deblocking goes out the EAP frame, and this EAP frame is sent to UE.After receiving the EAP frame of RG transmission, UE replys message to RG, carries challenge password (Challenged Password) in the message.
Step S710, receive the message that UE replys after, RG is encapsulated into the EAP frame in the RADIUS Access Request message and sends to BBFAAA, wherein carries the Challenged Password that receives.
Step S711, BBFAAA with the RADIUSAccess Request message repeating that receives to 3GPPAAA.
Step S712, if the 3GPP UE of request access BBF access network is by authenticating, then 3GPP AAA answer authentication access is accepted (RADIUS Access Accept) message and is wherein carried the CAMEL-Subscription-Information of UE to BBF AAA; If the 3GPPUE of request access BBF access network not by authentication, then replys authentication admission reject message to BBFAAA.
Particularly, in the situation that 3GPP UE authentication is passed through, BBF AAA is according to the link identification of RG, and/or the sign of RG (such as MAC Address), and/or local collocation strategy, and/or the decision-making of the CAMEL-Subscription-Information of described UE is from the access module of the 3GPPUE of this RG access.Perhaps, BBF AAA derives from the SSID of the UE of this RG access according to sign and/or link identification corresponding to RG of described RG; BBF AAA is according to described SSID, and/or local collocation strategy, and/or which kind of access module the decision-making of the CAMEL-Subscription-Information of described UE selects for described UE.
Particularly, described access module represents that described UE is from local fixed network unloading or connects back mobile core network.
Further, UE unloads from local fixed network if BBF AAA makes a strategic decision out, then indicates the fixed network network element to distribute local fixed network address to 3GPP UE; UE connects back mobile core network if make a strategic decision out, then indicates fixed network network element and 3GPP network element to set up the session tunnel, the address of distributing to obtain mobile network.
Step S713, BBF AAA transmit RADIUS Access Accept message to RG.
Particularly, BBFAAA sends to RG with the access module of the UE that makes a strategic decision out.When existence was served as RADIUS Proxy such as network elements such as BNG between RG and the BBFAAA, above-mentioned RADIUS Access Accept message was transmitted to BBF AAA via RADIUS Proxy.Similarly, the access module of RADIUS Proxy storage UE.
Step S714, the RG deblocking goes out the EAP frame, sends authentication protocol success (EAP Success) message to UE.
From above description, can find out, by above-mentioned one or more embodiment, in the situation that the mobile network user device authentication that the RG from fixed network accesses passes through, fixed network authentication and authorization charging (AAA) server obtains relevant identification information, wherein, this identification information comprises: the service set (SSID) that mobile network user equipment is selected, perhaps, the link identification that the sign of RG and/or RG are corresponding, then according to the predefined parameter that comprises at least this identification information, for this mobile network user equipment is selected access module.Thereby so that can carry out follow-up business according to corresponding access module from the mobile network user equipment of the RG of fixed network access, improve the user and experience.
Obviously, those skilled in the art should be understood that, above-mentioned each module of the present invention or each step can realize with general calculation element, they can concentrate on the single calculation element, perhaps be distributed on the network that a plurality of calculation elements form, alternatively, they can be realized with the executable program code of calculation element, thereby, they can be stored in the storage device and be carried out by calculation element, and in some cases, can carry out step shown or that describe with the order that is different from herein, perhaps they are made into respectively each integrated circuit modules, perhaps a plurality of modules in them or step are made into the single integrated circuit module and realize.Like this, the present invention is not restricted to any specific hardware and software combination.
The above is the preferred embodiments of the present invention only, is not limited to the present invention, and for a person skilled in the art, the present invention can have various modifications and variations.Within the spirit and principles in the present invention all, any modification of doing, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (19)

1. the system of selection of a subscriber equipment access module is characterized in that, comprising:
In the situation that the mobile network user device authentication that the home gateway RG from fixed network accesses passes through, fixed network authentication and authorization charging aaa server obtains relevant identification information, wherein, described identification information comprises: the service set SSID that described mobile network user equipment is selected, or, the sign of described RG and/or link identification corresponding to described RG; Described fixed network aaa server is selected access module according to predefined parameter for described mobile network user equipment, and wherein, described predefined parameter comprises described identification information.
2. method according to claim 1 is characterized in that, the service set that described fixed network aaa server obtains described mobile network user equipment selection comprises:
Described RG provides one or more service set to described mobile network user equipment;
Described mobile network user equipment is selected the service set of its access from described one or more service set;
Described RG notifies the described service set that described mobile network user equipment is selected to described fixed network aaa server.
3. method according to claim 2 is characterized in that, described RG notifies the described service set that described mobile network user equipment is selected to described fixed network aaa server, comprising:
The described service set that described RG selects described mobile network user equipment is encapsulated in and sends to described fixed network aaa server in the authentication message.
4. method according to claim 3 is characterized in that, the described service set that described RG selects described mobile network subscriber equipment is encapsulated in and sends to described fixed network aaa server in the authentication message, comprising:
The described service set that described RG selects described mobile network subscriber equipment is encapsulated in and sends to authentication proxy in the authentication message;
Described authentication proxy is transmitted to described fixed network aaa server with described authentication message.
5. method according to claim 1 is characterized in that, described fixed network aaa server obtains sign and/or link identification corresponding to described RG of described RG, comprising:
In the verification process of described mobile network user equipment, described fixed network aaa server obtains sign and/or link identification corresponding to described RG of described RG.
6. method according to claim 5 is characterized in that, described fixed network aaa server is selected access module according to predefined parameter for described mobile network subscriber equipment, comprising:
Described fixed network aaa server is according to described predefined parameter, and making a strategic decision is the access module of described mobile network user equipment selection; Perhaps,
Described fixed network aaa server is according to sign and/or link identification corresponding to described RG of described RG, derive from the service set of the described mobile network user equipment of described RG access, according to this service set and described predefined parameter, making a strategic decision is the access module of described mobile network subscriber equipment selection again.
7. method according to claim 5 is characterized in that,
Described fixed network aaa server obtains the sign of described RG, comprising: described RG is encapsulated in the sign of described RG and sends to described fixed network aaa server in the authentication message;
Described fixed network aaa server obtains link identification corresponding to described RG, comprising: in the verification process of described mobile network user equipment, the link identification that the fixed network network element is corresponding with described RG sends to described fixed network aaa server.
8. each described method in 7 according to claim 1 is characterized in that described predefined parameter also comprises: the local collocation strategy of described fixed network aaa server and/or the CAMEL-Subscription-Information of described mobile network user equipment.
9. each described method in 7 according to claim 1, it is characterized in that the access module of described mobile network user equipment comprises: described mobile network user equipment returns the mobile core network of its ownership from local fixed network unloading or described mobile network user equipment connection.
10. method according to claim 9 is characterized in that,
If described fixed network aaa server is described mobile network subscriber equipment selection access module is the fixed network unloading of described mobile network user equipment from accessing, then described method also comprises: described fixed network aaa server indication fixed network network element is the local fixed network of described mobile network user devices allocation address;
If described fixed network aaa server is that described mobile network user equipment selection access module is the mobile core network that described mobile network user equipment connection returns its ownership, then described method also comprises: described fixed network aaa server indication fixed network network element and mobile core network element are set up the session tunnel, to obtain described mobile core network as the address of described mobile network user devices allocation.
11. the choice device of a subscriber equipment access module is positioned at fixed network authentication and authorization charging aaa server side, it is characterized in that, comprising:
Acquisition module, be used in the situation that the mobile network user device authentication that the home gateway RG from fixed network accesses passes through, obtain relevant identification information, wherein, described identification information comprises: the service set SSID that described mobile network user equipment is selected, or, the sign of described RG and/or link identification corresponding to described RG;
Select module, be used for according to predefined parameter, select access module for described mobile network user equipment, wherein, described predefined parameter comprises described identification information.
12. device according to claim 11, it is characterized in that, the message of carrying described service set that described mobile network user equipment select of described acquisition module by receiving that described RG sends, obtain the message of the described service set of described mobile network user equipment selection, wherein, described mobile network user equipment is the described service set of selecting from one or more service set that described RG provides.
13. device according to claim 12 is characterized in that, described message is authentication message.
14. device according to claim 11 is characterized in that, described acquisition module is used for the verification process at described mobile network user equipment, obtains sign and/or link identification corresponding to described RG of described RG.
15. device according to claim 14 is characterized in that, described acquisition module comprises:
The first acquiring unit for the authentication message of the sign of carrying described RG that receives described RG transmission, obtains the sign of described RG from described authentication message;
Second acquisition unit is used for the verification process at described mobile network user equipment, obtains link identification corresponding to described RG from the fixed network network element.
16. device according to claim 14 is characterized in that,
Described selection module is used for according to described predefined parameter, the access module of making a strategic decision and selecting into described mobile network user equipment; Perhaps,
Described selection module is used for sign and/or link identification corresponding to described RG according to described RG, derive from the service set of the described mobile network user equipment of described RG access, according to this service set and described predefined parameter, making a strategic decision is the access module of described mobile network subscriber equipment selection again.
17. each described device in 16 is characterized in that described predefined parameter also comprises: the local collocation strategy of described fixed network aaa server and/or the CAMEL-Subscription-Information of described mobile network user equipment according to claim 11.
18. each described device in 16 according to claim 11, it is characterized in that the access module of described mobile network user equipment comprises: described mobile network user equipment returns the mobile core network of its ownership from local fixed network unloading or described mobile network user equipment connection.
19. device according to claim 18 is characterized in that, described device also comprises: indicating module,
Be used for select for described mobile network subscriber equipment access module be described mobile network user equipment in the situation of the fixed network unloading of access, indication fixed network network element is the local fixed network of described mobile network user devices allocation address; Perhaps,
Being used for select access module for described mobile network user equipment is in the situation of the described mobile network user equipment connection mobile core network that returns its ownership, indication fixed network network element and mobile core network element are set up the session tunnel, to obtain described mobile core network as the address of described mobile network user devices allocation.
CN201210126368.3A 2012-04-26 2012-04-26 The selection method and device of user equipment access module Expired - Fee Related CN103379591B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210126368.3A CN103379591B (en) 2012-04-26 2012-04-26 The selection method and device of user equipment access module

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210126368.3A CN103379591B (en) 2012-04-26 2012-04-26 The selection method and device of user equipment access module

Publications (2)

Publication Number Publication Date
CN103379591A true CN103379591A (en) 2013-10-30
CN103379591B CN103379591B (en) 2019-03-01

Family

ID=49464025

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210126368.3A Expired - Fee Related CN103379591B (en) 2012-04-26 2012-04-26 The selection method and device of user equipment access module

Country Status (1)

Country Link
CN (1) CN103379591B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040067735A1 (en) * 2001-03-16 2004-04-08 Lobley Nigel C. Selection of an appropriate network resource node in a cellular telecommunication system
CN101068410A (en) * 2007-03-28 2007-11-07 中兴通讯股份有限公司 Method for double-mode digital mobile terminal-opening network selection
CN102223634A (en) * 2010-04-15 2011-10-19 中兴通讯股份有限公司 Method and device for controlling mode of accessing user terminal into Internet

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040067735A1 (en) * 2001-03-16 2004-04-08 Lobley Nigel C. Selection of an appropriate network resource node in a cellular telecommunication system
CN101068410A (en) * 2007-03-28 2007-11-07 中兴通讯股份有限公司 Method for double-mode digital mobile terminal-opening network selection
CN102223634A (en) * 2010-04-15 2011-10-19 中兴通讯股份有限公司 Method and device for controlling mode of accessing user terminal into Internet

Also Published As

Publication number Publication date
CN103379591B (en) 2019-03-01

Similar Documents

Publication Publication Date Title
CN106465120B (en) Method and node for integrating a network
US8233934B2 (en) Method and system for providing access via a first network to a service of a second network
CN101606372B (en) Support of UICC-less calls
CN106105134B (en) Method and apparatus for improving end-to-end data protection
EP1770940A1 (en) Method and apparatus for establishing a communication between a mobile device and a network
CN101946455B (en) One-pass authentication mechanism and system for heterogeneous networks
CN105393630B (en) Establish method, gateway and the terminal of network connection
JP4687788B2 (en) Wireless access system and wireless access method
JP5982690B2 (en) Network convergence method, device, and communication system
CN102017677A (en) Access through non-3GPP access networks
CN103973658A (en) Static user terminal authentication processing method and device
EP2894824B1 (en) Method and device for wireless information transmission
CN104137504A (en) Allowing access to services delivered by a service delivery platform in a 3gpp hplmn, to an user equipment connected over a trusted non-3gpp access network
US20230275883A1 (en) Parameter exchange during emergency access using extensible authentication protocol messaging
CN113676904B (en) Slice authentication method and device
CN101984724B (en) Method and system for building tunnel in converged network
US8191153B2 (en) Communication system, server apparatus, information communication method, and program
CN114070597B (en) Private network cross-network authentication method and device
CN103582159A (en) Method and system for establishing multiple connections in fixed and mobile convergence scene
CN102938756A (en) Selection method and device of policy servers
CN103379591A (en) Method and device for user device connection mode selection
CN103002443A (en) Acceptance control method and acceptance control system
CN103687049A (en) Multi-connection establishing method and system
US20110153819A1 (en) Communication system, connection apparatus, information communication method, and program
CN113904781B (en) Slice authentication method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20190301

Termination date: 20210426