CN103391536B - Protective method, terminal, core network control entity and system of terminal temporary identifications - Google Patents
Protective method, terminal, core network control entity and system of terminal temporary identifications Download PDFInfo
- Publication number
- CN103391536B CN103391536B CN201210141696.0A CN201210141696A CN103391536B CN 103391536 B CN103391536 B CN 103391536B CN 201210141696 A CN201210141696 A CN 201210141696A CN 103391536 B CN103391536 B CN 103391536B
- Authority
- CN
- China
- Prior art keywords
- terminal
- temporary mark
- life cycle
- timing
- core net
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a protective method, terminal, core network control entity and system of terminal temporary identifications, and relates to the field of information safety. The protective method solves the technical problem that in the prior art, the temporary identifications can not be timely updated due to the low mobility of the terminal. The protective method mainly comprises the step of providing a device. The method comprises the steps of setting lift cycle for the first temporary identification allocated to the terminal, and starting a timer to conduct timing; when timing of the timer reaches the life cycle, allocating the second temporary identification to the terminal. The protective method is mainly used for protecting the terminal temporary identifications.
Description
Technical field
The present invention relates to the information security field in wireless communication network system technology, more particularly, to a kind of terminal is marked temporarily
Guard method, terminal, core net controlled entity and the system known.
Background technology
In a 3 gpp system, IMSI is the global unique identification of mobile network contracted user, is forever effective.For life
Deposit the privacy of user, should avoid on a wireless interface identifying the end of user using contracted user's permanent identification IMSI as far as possible
End, eats dishes without rice or wine to eavesdrop the tracking to user after obtaining terminal IMSI information to prevent attacker from passing through.
Therefore, for above-mentioned phenomenon, 3GPP system common practice is:Core net controlled entity(MSC/VLR, SGSN and
MME)User terminal for being successfully attached in network distributes a temporary mark(TMSI, P-TMSI and GUTI).Core network control
Entity processed safeguards the corresponding relation of temporary mark and IMSI in terminal context information.Terminal is receiving network side distribution
After temporary mark, will be identified oneself using temporary mark in follow-up signalling interactive process.The attachment removal from network when terminal
Afterwards, the temporary mark being distributed also will continue to preserve.When terminal initiates attach request to network again, it may use that last time
During attachment, the temporary mark of network allocation to be identifying oneself, thus avoiding using IMSI.After introducing temporary mark, most
In the case of terminal the temporary mark using network allocation is identified oneself.Although attacker passes through to eat dishes without rice or wine to eavesdrop to obtain user
The temporary mark of terminal, is randomly assigned by network side yet with temporary mark, attacker cannot obtain user's temporary mark with
The corresponding relation of permanent identification, therefore attacker cannot be tracked to user using temporary mark.Furthermore, meeting certain bar
In the case of part, network is by the temporary mark new to terminal distribution.Accordingly even when attacker utilizes temporary mark to a certain user
Followed the tracks of, after temporary mark updates, also cannot be continued with original acquisition because mark corresponding relation changes him
Temporary mark continues to follow the tracks of to user, has so just reached the purpose preventing following the tracks of.
In 3GPP system, terminal will obtain different temporary marks when being attached to different core network controlled entity.Work as end
When end is attached to GSM/UMTS CS domain system, service MSC/VLR will distribute TMSI for it;When terminal is attached to GSM/UMTS PS
During domain system, service SGSN will distribute P-TMSI for it;When terminal is attached to EPS, MME will distribute GUTI for it.
Temporary mark assigning process taking EPS is as a example described here.Defined in 3GPP TS23.401/24.301
The following two kinds temporary mark redistribution method:
1st, MME distributes new GUTI by Attach process or TAU process to UE.
2nd, MME passes through GUTI Reallocation(GUTI reassigns)Process distributes new GUTI to UE.UE is in
During EMM-REGISTERED state, MME can initiate GUTI Reallocation process and come for the new GUTI of UE distribution.
At present, the comprehensive analysis to existing temporary mark distribution mechanism can be seen that existing 3GPP network mainly several as follows
It is the new temporary mark of terminal distribution in the case of kind:
1. terminal does not have effective temporary mark;
2. terminal changes core network service nodes;
3. according to network needs(There is no and be specifically defined).
But, during distributing temporary mark by such scheme, at least also there is following technology and ask in prior art
Topic:
Existing 3GPP system is very effective using temporary mark mechanism for the mobile terminal in network, but for
Hypomobility in network(Moving area is limited or maintains static)Terminal, there are still certain security risk.
For example:Described according to existing protocol, for a terminal having been obtained for effective temporary mark, generally only exist
When it changes core network service nodes, network can be just the new temporary mark of its distribution, and this is mainly by the shifting of terminal
Dynamic property causes.So, for Hypomobility terminal in network, they after obtaining a temporary mark from network, very
Have few opportunities and be updated, therefore will be using same temporary mark in some time section.Now, temporary mark general of terminal etc.
Effect becomes a long term identification, is one long-term " code name " of terminal.Attacker is possible with it after obtaining this " code name "
Terminal is persistently followed the tracks of.Thus lead to attacker terminal can be identified follow the tracks of, and then obtain the work of a certain terminal
Make status information.Because passing through location matches, attacker even can know the corresponding relation of temporary mark and true terminal, this
Just overall monitor can be carried out to terminal, so that privacy of user is compromised.Particularly in Internet of Things application, a large amount of M2M terminals
Generally maintain static after deployment, there is the marked feature of Hypomobility, therefore will particularly for this Terminal Type the problems referred to above
Prominent, there is larger potential safety hazard.
Content of the invention
The present invention is to overcome the temporary mark of terminal in prior art cannot upgrade in time the poor stability leading to
Defect, there is provided a kind of guard method of terminal temporary mark, terminal, core net controlled entity and system.
A kind of guard method of terminal temporary mark, including:
For distributing to the first temporary mark setting life cycle of terminal, and start intervalometer timing;
When the timing of intervalometer reaches life cycle, it is terminal distribution second temporary mark.
The said method that the present invention provides, by arranging life cycle using to temporary mark, and when reaching life cycle, more
Newly the technological means of interim life cycle, solve in prior art, the temporary mark that some terminals are led to due to its Hypomobility
The technical problem that cannot upgrade in time, and then achieve the temporary mark that can upgrade in time, improve the technology of Terminal security
Effect.
A kind of core net controlled entity, including:
Setup module, for the first temporary mark setting life cycle for distributing to terminal;
Timing module, for the life cycle timing being arranged according to setup module;
Distribute module, for for described terminal distribution first temporary mark, and when the timing of timing module reaches existence
During the phase, it is terminal distribution second temporary mark.
The above-mentioned core net controlled entity that the present invention provides arranges life cycle because having to temporary mark, and in life cycle
During arrival, update the function of interim life cycle, so can solve in prior art, some terminals are led to due to its Hypomobility
The technical problem that temporary mark cannot upgrade in time, and then achieve the temporary mark that can upgrade in time, improve terminal security
The technique effect of property.
A kind of core net controlled entity, including:
Setup module, for the first temporary mark setting life cycle for distributing to terminal;
Distribute module, for for described terminal distribution first temporary mark, and when know reach life cycle when, be terminal
Distribute the second temporary mark.
This core net controlled entity that the present invention provides, because have arranging life cycle to temporary mark, and is knowing life
Phase of depositing reassigns the function of temporary mark when reaching, can solve in prior art, temporary mark is infrequently moved due to terminal
The problem that cannot update leading to, so can make terminal temporary mark renewal no longer place one's entire reliance upon terminal move, but
Can be updated according to life cycle, therefore obtain the technique effect that can improve Terminal security.
A kind of core net controlled entity, including:
Timing module, for the life cycle timing according to the first temporary mark receiving;
Distribute module, for the first temporary mark described in terminal distribution, and when the timing of timing module reaches existence
During the phase, it is terminal distribution second temporary mark.
The above-mentioned core net controlled entity that the present invention provides, because have the existence according to the first temporary mark receiving
Phase timing, and update when timing reaches the first temporary mark function it is possible to solve prior art in, temporary mark by
Infrequently move, in terminal, the problem that cannot update leading to, so can obtain make terminal temporary mark renewal no longer complete
Depend on terminal to move, can be updated according to life cycle, improve the technique effect of Terminal security.
A kind of terminal, including:
Setup module, for the first temporary mark setting life cycle for distributing to terminal;
Timing module, for the life cycle timing being arranged according to setup module;
Notification module, for when the timing of timing module reaches life cycle, request core network entity is terminal distribution the
Two temporary marks.
The above-mentioned terminal that the present invention provides, because having the temporary mark setting life cycle to distribution, and arrives in life cycle
When reaching, actively ask to update the function of temporary mark to network side it is possible to help terminal to solve to lead due to its Hypomobility
The technical problem that cannot update of temporary mark causing, so the renewal time to temporary mark that can obtain carry out management and control, convenient
Network side updates the technique effect of temporary mark to the terminal of Hypomobility.
A kind of terminal, including:
Timing module, for according to the life cycle timing receiving the first temporary mark;
Notification module, for when the timing of timing module reaches life cycle, request core network entity is terminal distribution the
Two temporary marks.
The terminal that the present invention provides, because having the life cycle receiving the first temporary mark, is counted according to this life cycle
When, and when reaching life cycle, actively ask to update the function of temporary mark to network side, terminal can be helped to solve due to it
The useful life of the temporary mark that Hypomobility leads to cannot measure, and then cannot update the technical problem of temporary mark, and then
The renewal time to temporary mark that can obtain carries out management and control, facilitates network side to update temporary mark to the terminal of Hypomobility
Technique effect.
A kind of terminal, including:
Setup module, for the first temporary mark setting life cycle for distributing to terminal;
Notification module, for notifying core net controlled entity life cycle.
The terminal that the present embodiment provides, because having the temporary mark setting life cycle to distribution, and this life cycle is led to
Know the function of core net controlled entity, solve the temporary mark of terminal in prior art because the Hypomobility of terminal and no
Method does time restriction, the technical problem that therefore cannot update for a long time to temporary mark, and then can obtain terminal help network
Side carries out time control to the renewal of temporary mark, is easy to network side and upgrades in time temporary mark, improves the skill of Terminal security
Art effect.
A kind of protection system of terminal temporary mark, including:Core net controlled entity and terminal;
Core net controlled entity, for the first temporary mark setting life cycle for distributing to terminal, and according to giving birth to temporarily
Grow up to be a useful person timing, when timing reaches life cycle, be terminal distribution second temporary mark;
Terminal, for receiving the first temporary mark and the second temporary mark.
A kind of protection system of terminal temporary mark, including:Core net controlled entity and terminal;
Core net controlled entity, for the first temporary mark setting life cycle for distributing to terminal and interim by first
Mark and life cycle be sent to terminal, when know reach life cycle when, be terminal distribution second temporary mark.
Terminal, the life cycle timing receiving for basis, and when timing reaches life cycle, request core network entity is
Terminal distribution second temporary mark.
A kind of protection system of terminal temporary mark, including:Core net controlled entity and terminal;
Terminal, for the first temporary mark setting life cycle for distributing to terminal, and the life according to setup module setting
Deposit phase timing, when timing reaches life cycle, request core network entity is terminal distribution second temporary mark;
Core network entity, for for terminal distribution first temporary mark, and in the request receiving terminal, is that terminal is divided
Join the second temporary mark.
A kind of protection system of terminal temporary mark, including:Core net controlled entity and terminal;
Core net controlled entity, for distributing temporary mark to terminal, and according to the life cycle timing receiving, works as timing
When reaching life cycle, it is terminal distribution second temporary mark;
Terminal, for the first temporary mark setting life cycle for distributing to terminal, and will notify core net life cycle
Controlled entity.
A kind of protection system of terminal temporary mark, including:Setup module, timing module and distribute module;
Setup module, for the first temporary mark setting life cycle for distributing to terminal;
Timing module, for the life cycle timing being arranged according to setup module;
Distribute module, for when the timing of timing module reaches life cycle, being terminal distribution second temporary mark.
Above-mentioned each system that the present invention provides, by arranging life cycle using to temporary mark, and when reaching life cycle,
Update the technological means of interim life cycle, solve in prior art, the interim mark that some terminals are led to due to its Hypomobility
The technical problem that knowledge cannot upgrade in time, and then achieve the temporary mark that can upgrade in time, improve the skill of Terminal security
Art effect.
Brief description
Accompanying drawing is used for providing a further understanding of the present invention, and constitutes a part for description, the reality with the present invention
Apply example and be used for explaining the present invention together, be not construed as limiting the invention.In the accompanying drawings:
Fig. 1 is the schematic flow sheet of the guard method of terminal temporary mark in the embodiment of the present invention 1;
Fig. 2 is to be arranged by network side in the embodiment of the present invention 2 and realize the protection of terminal temporary mark by way of safeguarding
The schematic flow sheet of method;
Fig. 3 is to arrange, by network side, the guarantor realizing terminal temporary mark by way of terminal maintenance in the embodiment of the present invention 3
The schematic flow sheet of maintaining method;
Fig. 4 is to be arranged by terminal in the embodiment of the present invention 4 and realize the protection side of terminal temporary mark by way of safeguarding
The schematic flow sheet of method;
Fig. 5 is to arrange, by terminal, the guarantor realizing terminal temporary mark by way of network side is safeguarded in the embodiment of the present invention 5
The schematic flow sheet of maintaining method;
Fig. 6 is based on being arranged by network side in the case of multiple terminals and realize end by way of safeguarding in the embodiment of the present invention 6
The schematic flow sheet of the guard method of end temporary mark;
Fig. 7 is the structural representation of the core net controlled entity in the embodiment of the present invention 7;
Fig. 8 is the structural representation of the core net controlled entity in the embodiment of the present invention 8;
Fig. 9 is the structural representation of the terminal in the embodiment of the present invention 8;
Figure 10 is the structural representation of the core net controlled entity in the embodiment of the present invention 9 and terminal;
Figure 11 is the structural representation of the core net controlled entity in the embodiment of the present invention 10 and terminal;
Figure 12 is the structural representation of the protection system of terminal temporary mark in the embodiment of the present invention 11;
Figure 13 is the structural representation of the protection system of another terminal temporary mark in the embodiment of the present invention 11.
Specific embodiment
Below in conjunction with the accompanying drawings, the specific embodiment of the present invention is described in detail, it is to be understood that the life of the present invention
Deposit scope not limited by specific embodiment.
Embodiment 1
The present embodiment provides a kind of guard method of terminal temporary mark, as shown in figure 1, the method includes:
101, for distributing to the first temporary mark setting life cycle of terminal, and start intervalometer timing;
102, when the timing of intervalometer reaches life cycle, it is terminal distribution second temporary mark.
Said method can individually be deployed to be realized in terminal it is also possible to the core net being individually deployed to network side controls in fact
Realize on body, or partial deployment is in terminal, on partial deployment to core net controlled entity, both sides are passed through to exchange common realization.
The method that the present embodiment provides, arranges a life cycle by the temporary mark being distributed by terminal, marks interim
In the case of the life cycle of knowledge is overdue, the mode that network redistributes temporary mark for terminal solves temporary mark due to terminal
The low technical problem that cannot upgrade in time of mobility, and then achieve the renewal that temporary mark can obtain timing, prevent end
The technique effect of user terminal safety is usurped, ensured to the temporary mark at end by illegal tracking.
The length of the life cycle in the present embodiment can adopt regular time length, it would however also be possible to employ randomly select when
Between length, thus realizing that terminal temporary mark is regular or irregular renewal.Specifically, set time length can be in net
The time span of configuration on network or terminal system, random time length can be produced at random in the range of the time period of a configuration
Raw time span.
The life cycle of temporary mark can be arranged/be safeguarded by network side, also can be arranged/be safeguarded by end side.
Whether it is can be selected as needed by core net controlled entity or terminal a temporary mark setting life cycle
Select, such as selected based on terminal type.In practical application, system can be only certain form of terminal setting life cycle, for example,
For M2M(Machine to Machine/Man, machine and machine/people)Terminal, Hypomobility terminal, fixed terminal etc., and
Life cycle is not provided with to other types terminal.
Wherein, the Hypomobility mentioned in the present embodiment(Or infrequently move)Terminal refer to:1st, the terminal not moved;
2nd, infrequently move(As at least one more than the moon does not move), but once movement will occur position area, tracking area or Route Area more
New terminal;3rd, often move, but moving range is less, generally because of mobile, position area, tracking area or Route Area will not occur
The terminal updating.
It should be noted that:, be applied to 3GPP system, terminal is when being attached to different core network controlled entity for the present invention
Different temporary marks will be obtained.When terminal is attached to GSM(Global System for Mobile Communications,
Global system for mobile communications)/UMTS(Universal Mobile Telecommunications System, General Mobile leads to
Letter system)CS(Circuit Switched, circuit switching)During domain system, the core net controlled entity MSC of service(Mobile
Switching Center, mobile switching centre)/VLR(Visited Location Register, VLR Visitor Location Register)
Temporary mark TMSI will be distributed for it(Temporary Mobile Subscriber Identities, temporarily moved subscriber mark
Know);When terminal is attached to GSM/UMTS PS(Packet Switched, packet switch)During domain system, the core network control of service
Entity SGSN processed(Serving GPRS Support Node, Serving GPRS Support Node)Temporary mark P- will be distributed for it
TMSI(Packet Temporary Mobile Subscriber Identities, packet TMSI);Work as end
End is attached to EPS(Evolved Packet System, evolved packet system)During system, the core net controlled entity MME of service
(Mobile Management Entity, Mobility Management Entity)Temporary mark GUTI will be distributed for it.
Below mainly, just above-mentioned several implementations exist respectively taking distribution temporary mark GUTI in EPS as a example
Describe in detail in embodiment.Specifically, above-mentioned several implementations can be generally divided into:Embodiment 2 is used for network is described
Side is arranged(Life cycle)Network side is safeguarded(Life cycle)Implementation;Embodiment 3 is used for illustrating that network side is arranged(Life cycle)
Terminal maintenance(Life cycle)Implementation;Embodiment 4 is used for illustrating that terminal is arranged(Life cycle)Terminal maintenance(Life cycle)'s
Implementation;Embodiment 5 is used for illustrating that terminal is arranged(Life cycle)Network side is safeguarded(Life cycle)Implementation.
Embodiment 2
The present embodiment provides a kind of guard method of terminal temporary mark, and the method is mainly realized by being deployed in network side
The life cycle of temporary mark is arranged by network side and safeguards the scheme of renewal.As shown in Fig. 2 the method includes:
201, after core net controlled entity is terminal distribution first temporary mark, core net controlled entity is arranged for terminal
Life cycle;
Mentioning in the present embodiment and following embodiment is terminal distribution first temporary mark in core net controlled entity
Afterwards, refer to core net controlled entity according to normal temporary mark allocation flow(As GUTI allocation flow, Attach flow process or
TAU flow process)After terminal distribution temporary mark, after terminal receives the temporary mark of this distribution.
202, core net controlled entity starts intervalometer timing;
Core net controlled entity is according to the attachment defined in existing protocol(Attach), tracing section updating(Tracking
Area Update, TAU)Or global unique temporary identity(Globally Unique Temporary Identity, GUTI)
Reassignment process, is the new GUTI of terminal distribution.After this, core net controlled entity arranges a GUTI existence for this terminal
Phase simultaneously starts corresponding intervalometer.
203, when the timing of intervalometer reaches life cycle, core net controlled entity starts temporary mark and reassigns flow process,
For terminal distribution second temporary mark, and this second temporary mark is reassigned command messages by GUTI it is sent to terminal;
204, after terminal receives this instruction, return GUTI Reallocation Complete message to core net controlled entity.
Supplementary notes be:The above is with EPS, and core net controlled entity is the facing of explanation as a example MME situation
Markers weight sensing assigning process.When in GSM/UMTS CS domain, when core controlled entity is in the case of MSC/VLR, in above-mentioned GUTI
Reallocation(GUTI reassigns)Process will be replaced by TMSIReallocation process;When in GSM/UMTS ps domain, core
When heart net controlled entity is SGSN, will be by P-TMSI Reallocation process generation in above-mentioned GUTI Reallocation process
Replace.Because, in the case of other system, specific implementation is that those skilled in the art can be light according to above-described embodiment content
Easily learn, therefore will not be described here.
The method that the present embodiment provides, by, after distribution the first temporary mark, core net controlled entity is that this first faces
When mark setting life cycle, and when reaching this life cycle, be the means that user terminal updates the first temporary mark, solve and show
Have the terminal of Hypomobility in technology cannot upgrade in time due to the temporary mark leading to that is infrequently moved, poor stability
Technical problem, and then achieve the temporary mark of the terminal that can upgrade in time, improve the technique effect of Terminal security.
Embodiment 3
The present embodiment provides a kind of guard method of terminal temporary mark, and the method is mainly by dividing in network side and terminal
Do not carry out deployment to realize arranging life cycle by network side, the scheme that terminal maintenance life cycle updates.As shown in figure 3, the method bag
Include:
301, when core net controlled entity is terminal distribution one GUTI(Concrete opportunity may be considered core network entity
Before also a GUTI of distribution not being sent to terminal), core net controlled entity is terminal setting life cycle;
Specifically, step 301 is during ongoing Attach or TAU, or network will initiate GUTI weight
During assigning process, core network control node is terminal distribution the GUTI and arranges the life cycle of a GUTI.
Mention in the present embodiment and following embodiment " is terminal distribution first temporary mark in core net controlled entity
When " refer to:Core net controlled entity is according to normal temporary mark allocation flow(As GUTI reassigns flow process, Attach flow process
Or TAU flow process)For terminal distribution temporary mark, but also in the flow process of network side, this temporary mark is not sent to end
Before end.
302, a GUTI and its life cycle are issued to terminal by core net controlled entity.
Specifically, a GUTI and its life cycle are issued to terminal can realize in the following way:
Core net controlled entity sends Attach received message, TAU received message or GUTI reassignment order to terminal and disappears
Any one in breath, carries the life cycle of a GUTI and a GUTI in these message.
Illustrate a bit:The difference of the network system types according to terminal attachment, when core net controlled entity is SGSN,
Above-mentioned GUTI Reallocation process and TAU received message, will be by P-TMSIReallocation process and Route Area
Update(Routing Area Update, RAU)Received message is replaced, when core net controlled entity is MSC/VLR, upper
State GUTI Reallocation process and TAU received message, will by TMSI Reallocation process and position area more
Newly(Location Area Update, LAU)Received message replaces.
303, terminal starts intervalometer timing after receiving life cycle;
304, terminal responds back to core net controlled entity;
Herein, return corresponding response according to the type of message carrying life cycle receiving in end step 302 to disappear
Breath, such as one of Attach completion message, TAU completion message, GUTI Reallocation Complete message.
In the same manner, when core net controlled entity is SGSN, TAU completion message will be replaced by RAU completion message, work as core
When net controlled entity is MSC/VLR, TAU completion message will be replaced by LAU completion message.
It should be noted which kind of signalling interactive process specifically used depends on the net accompanying by terminal in actual applications
Network type and under this network type ongoing flow process.If for example in ESP system, core net controlled entity is MME,
Using for TAU flow process, then can be then TAU received message in above-mentioned steps 302, in step 304, correspondence should complete to disappear for TAU
Breath;In the same manner, if in GSM, UMTS communication system, core net controlled entity is MSC and SGSN, and above-mentioned TAU process will be by phase
LAU the or RAU process answered replaces, and can be then LAU or RAU received message in step 302, in step 304, correspondence should be LAU
Or RAU completion message.Which kind of message to be those skilled in the art according to the description of this part with regard to which kind of flow process concrete using and
The various embodiments of the present invention can be with apparent, and partly relevant content will not be described in great detail in the following.
305, when the timing of intervalometer reaches life cycle, terminal sends reassignment request to core net controlled entity and disappears
Breath, request core net controlled entity distributes the 2nd GUTI;
Wherein, above-mentioned reassignment request message is TAU request message, carries request distribution second in TAU request message
The configured information of GUTI.
When core net controlled entity is SGSN, TAU request message will be replaced by RAU request message, when core network control
When entity processed is MSC/VLR, TAU request message will be replaced by LAU request message.
306, after core net controlled entity receives above-mentioned reassignment request message, it is terminal distribution the 2nd GUTI, and sets
Put corresponding life cycle;
307, core net controlled entity sends TAU and accepts message to terminal, carries the second of distribution in TAU received message
GUTI and the 2nd GUTI corresponding life cycle;
Herein, also according to the system type of attachment, due to the request message in corresponding step 305, so this TAU accepts
Message could alternatively be LAU received message or RAU received message.
308, terminal sends TAU completion message to core net controlled entity.
In the same manner, LAU the or RAU received message in corresponding step 307, the permissible LAU that replaces with of this TAU completion message completes
Message or RAU completion message.
In the method that the present embodiment provides, core net controlled entity is provided with life cycle in the lump when distributing GUTI, and will
This GUTI and life cycle have been issued to terminal, and carry out timing by terminal according to this life cycle.At the end of timing, terminal notification
Core net controlled entity demonstrates the need for distributing again temporary mark.By way of the interacting of terminal and core net controlled entity,
Solve the technical problem being difficult to update that in prior art, temporary mark leads to because terminal infrequently moves, and then achieve
Prevent user terminal from being followed the trail of by malice, improve the technique effect of Terminal security.
Embodiment 4
The present embodiment provides a kind of guard method of terminal temporary mark, and the method is mainly by way of being deployed in terminal
Realize, the life cycle of temporary mark is arranged by terminal and safeguards the scheme of this life cycle renewal.As shown in figure 4, the method includes:
401, after core net controlled entity is terminal distribution first temporary mark, terminal receives core net controlled entity
First GUTI of distribution.
Core net controlled entity reassigns process according to the Attach defined in existing protocol, TAU or GUTI, is terminal
Distribute new GUTI, i.e. a GUTI in the present embodiment.
402, terminal is a GUTI setting life cycle, and starts intervalometer;
After terminal receives a GUTI, one corresponding life cycle of setting simultaneously starts intervalometer timing.
403, when the timing of intervalometer reaches life cycle, terminal request core net controlled entity distribution second is marked temporarily
Know.
Specifically, above-mentioned terminal request core net controlled entity distributes the second temporary mark and is specially:
Terminal sends TAU to core net controlled entity(Tracking Area Update, tracing section updating)Request message,
Carry the configured information of request distribution the second temporary mark in TAU request message, demonstrate the need for application distribution the second temporary mark.
Illustrate a bit:The difference of the system type according to terminal attachment, when core net controlled entity is SGSN, above-mentioned
TAU request message, will be replaced by RAU request message, and when core net controlled entity is MSC/VLR, above-mentioned TAU request disappears
Breath, will be replaced by LAU request message.
404, core net controlled entity can be terminal distribution second temporary mark according to the mode of prior art;
405, core net controlled entity sends TAU and accepts message to terminal, and carry distribution in TAU received message second faces
When mark;
TAU request message in the corresponding step 403 of this TAU received message, in the same manner, according to system type, could alternatively be
Which kind of received message one of LAU received message or RAU received message, specifically adopt, depending on currently ongoing stream
Journey.
406, terminal sends TAU completion message to core net controlled entity.
TAU received message in the corresponding step 405 of this TAU completion message, in the same manner, according to system type, this TAU completes to disappear
Breath could alternatively be LAU completion message or RAU completion message.
In the method that the present embodiment provides, it is the temporary mark setting life cycle receiving by terminal, and in life cycle knot
Network side is notified, request distributes temporary mark again during bundle.The interim mark that terminal is led to equally can be solved due to Hypomobility
The technical problem that knowledge can not often update, and then the temporary mark that upgrades in time can be obtained, prevent terminal tracked, improve terminal
The technique effect of safety.
Embodiment 5
The present embodiment provides a kind of guard method of terminal temporary mark, and the method is mainly by dividing in network side and terminal
Do not carry out deployment to realize arranging life cycle by terminal, network side safeguards the scheme of life cycle renewal.As shown in figure 5, the method master
Including:
501, core net controlled entity is terminal distribution first temporary mark;
Core net controlled entity reassigns process according to the Attach defined in existing protocol, TAU or GUTI, is terminal
Distribute new GUTI.
502, after terminal receives a GUTI of distribution, life cycle is set.
503, terminal will notify core net controlled entity life cycle.
Specifically, above-mentioned core net controlled entity will be notified life cycle can to realize by following several ways:
Terminal sends one of ATTACH completion message, TAU completion message or GUTI Reallocation Complete message and arrives core
Net controlled entity, the life cycle of carried terminal setting in completion message.
Wherein, which completion message, the GUTI allocation flow adopting depending on network side in step 501 and end are specifically adopted
The network type of end attachment.For example when core net controlled entity is SGSN, TAU completion message will be by RAU completion message institute's generation
Replace, when core net controlled entity is MSC/VLR, TAU completion message will be replaced by LAU completion message.
504, core net controlled entity starts intervalometer timing according to this life cycle;
Preferably, also can return to a response message to complete to terminal in order to determine operation.
505, when the timing of intervalometer reaches life cycle, core net controlled entity triggering temporary mark reassigns process,
For terminal distribution the 2nd GUTI.
In step 505, the reassignment process of triggering can be carried out according to prior art, such as divide according to existing temporary mark again
Flow journey, difference is, will reassign command messages by temporary mark and carry the 2nd GUTI to terminal.
Above-described embodiment 2-5 is the behaviour taking EPS as a example illustrating the present invention proposed terminal temporary mark guard method
Make method and flow process, but institute's extracting method is applied equally to GSM, UMTS mobile communication system.For example:In GSM, UMTS communication
In system, core net controlled entity is MSC and SGSN, and above-mentioned TAU process will be replaced by corresponding LAU or RAU process, above-mentioned
GUTI reassigns process and will be replaced by TMSI Reallocation process or P-TMSI Reallocation process.Answer actual
With in which kind of signalling interactive process specifically used depend on terminal accompanying by network type.And specific embodiment is also
Those skilled in the art can be known easily according to above-mentioned content, will not be described here.
Embodiment 6
In embodiment 2 offer in the method that network side arranges and safeguards life cycle, can also exist based on different
Granularity arranges the preferred version of temporary mark life cycle.Below, will in the present embodiment this preferred version be illustrated.
In the method that the present embodiment provides, when being arranged by network side the life cycle of temporary mark, network side core network control
Entity processed can arrange temporary mark life cycle based on different granularities.Substantially can be divided into:Core network entity divides for each terminal
She Zhi not temporary mark, such as following A situation;Or, core network entity is multiple terminals unified setting temporary mark, such as following B
Situation with C.
A. it is temporary mark one single life cycle of setting of each terminal;
B. it is one group of terminal(For example belong to the terminal of same user, belong to the terminal of the same area)One unification of setting
Life cycle;
C. all terminal nodes by being serviced arrange a unified life cycle.
Because above-mentioned A situation has passed through embodiment 2(If core net controlled entity is the temporary mark setting one being distributed
The life cycle of individual temporary mark, and start an intervalometer accordingly.When the timer has lapsed, core net controlled entity passes through GUTI
Reassignment process is the new temporary mark of terminal distribution)Method in be described, therefore will not be described here, require supplementation with
Bright is:For above-described embodiment 2, when terminal attachment removal from network, the intervalometer being started stops.
Main this of the present embodiment illustrates to the situation of B and C, including:
When any terminal in multiple terminals is attached on core net controlled entity, core network entity starts intervalometer.
Accordingly, now when the timing of intervalometer reaches life cycle, it is that terminal distribution second temporary mark specifically includes:
When the timing of intervalometer reaches life cycle, core network entity is that each terminal distribution second in multiple terminals is faced
When mark;
When all attachment removals from core net controlled entity of multiple terminals, stop intervalometer timing.
Specifically, as shown in fig. 6, during for B, when in one group, at least one terminal is attached to core net control
During entity, core net controlled entity is that this group of terminal arranges a life cycle and starts intervalometer accordingly;When intervalometer expires
When, core net controlled entity reassigns, by GUTI, one new temporary mark of each terminal distribution that process is in this group,
And reset this intervalometer;In group, all when this core net controlled entity attachment removal, this intervalometer stops timing to all terminals.
For C situation, start working in core net controlled entity or be at least one Terminal for service(At least one
Individual terminal is attached to this core net controlled entity)When, core net controlled entity arranges a life cycle and starts intervalometer accordingly;
When the timing of intervalometer reaches life cycle, core net controlled entity reassigns each that process is its service eventually by GUTI
One new temporary mark of end distribution;And reset this intervalometer;Quit work or not for appointing in this core net controlled entity
What Terminal for service(All terminals are all from this core net controlled entity attachment removal)When stop timing.
In the method that the present embodiment provides, there is provided a kind of when when network side is arranged and safeguards life cycle, can be to many
The method of individual terminal unified setting life cycle, more can enrich the implementation to life cycle, and save network side expense,
It is easy to the renewal of temporary mark is managed collectively.
Embodiment 7
The present embodiment provides a kind of core net controlled entity, and this core net controlled entity can be used for implementing to realize network in 2
Side arranges the method that network side is safeguarded.As shown in fig. 7, comprises:Setup module 71, timing module 72, distribute module 73.
Setup module 71, for the first temporary mark setting life cycle for distributing to terminal;Timing module 72, for root
Life cycle timing according to setup module setting 71;Distribute module 73, for for terminal distribution first temporary mark, and works as timing
When the timing of module 72 reaches life cycle, it is terminal distribution second temporary mark.
In preferred version, setup module 71, specifically for, after distribute module 73 is terminal distribution first temporary mark, being
Terminal arranges life cycle;Correspondingly, distribute module 73, specifically for when the timing of timing module 72 reaches life cycle, starting
Temporary mark reassigns process, is terminal distribution second temporary mark.
Further, setup module 71 can also include:Set up and put submodule, group setting submodule.
Set up and put submodule, for being respectively provided with life cycle for the corresponding temporary mark of each terminal;Group setting submodule,
For arranging life cycle for the corresponding temporary mark of multiple terminals is unified.
Correspondingly, in such cases, timing module 72, specifically for being attached to core when any terminal in multiple terminals
Network control system physically when, start intervalometer timing.
Distribute module 73 includes:
Multiple terminals allocation unit, for when the timing of timing module 72 reaches life cycle, being each in multiple terminals
Terminal distribution second temporary mark;
Multiple terminals stop element, for when all attachment removals from core net controlled entity of multiple terminals, stopping timing
The timing of module 72.
The core net controlled entity that the present embodiment provides can be the first temporary mark setting life cycle, and in this life cycle
During arrival, it is user terminal renewal temporary mark, and then achieves the temporary mark of the terminal that can upgrade in time, improve terminal security
The technique effect of property.
Embodiment 8
The present embodiment provides a kind of core net controlled entity, and this core network entity can be used as in embodiment 3, to realize net
The method that network side arranges terminal maintenance.As shown in figure 8, including:
Setup module 81, for the first temporary mark setting life cycle for distributing to terminal;
Distribute module 82, for for terminal distribution first temporary mark, and when know reach life cycle when, be that terminal is divided
Join the second temporary mark.
In preferred version, setup module 81, specifically for when distribute module 82 is terminal distribution the first temporary mark, being
Terminal arranged for the first life cycle, and the first temporary mark and the first life cycle are issued to terminal.
Specifically, setup module 81 includes:Transmitting element, for sending Attach received message to terminal, LAU accepts
Message, RAU received message, TAU received message or GUTI reassign one of command messages, carry first and mark temporarily in message
Know and life cycle.
Additionally, this core net controlled entity also includes:Receiver module 83, updates request for the LAU that receiving terminal sends
One of message, RAU request message or TAU request message, carry the finger of request distribution the second temporary mark in request message
Show information;
Correspondingly, distribute module 82, specifically for when receiving configured information, being terminal distribution second temporary mark.
Further, distribute module 82 may also include:Distribution transmitting element, is used for receiving distribution the second temporary mark
Request after, be terminal distribution second temporary mark, and the life cycle of the second temporary mark be set, send LAU received message,
One of RAU received message or TAU received message arrive terminal, carry second temporary mark and second of distribution in received message
The life cycle of temporary mark.
The above-mentioned core net controlled entity that the present embodiment provides is because being provided with to be the first temporary mark setting existence
The function of phase, so prior art can be solved for realizing the first temporary mark offer strong event horizon that upgrades in time
In, for the terminal of some Hypomobilities, the temporary mark due to leading to for being moved illegally usurped, the technology followed the trail of is asked
Topic, and then the temporary mark that upgrades in time, the technique effect of offer Terminal security are provided.
In order to the method in embodiment 3 can completely be implemented, the present embodiment additionally provides a kind of terminal, can be used as implementing
Terminal in example 3 uses.As shown in figure 9, this terminal includes:
Timing module 91, for according to the life cycle timing receiving;
Notification module 92, for when the timing of timing module 91 reaches life cycle, request core network entity divides for terminal
Join the second temporary mark.
Further, timing module 91, the attach received message sending specifically for reception core net controlled entity,
LAU received message, RAU received message, TAU received message or temporary mark reassign one of command messages, take in message
Carry the first temporary mark and life cycle, and according to life cycle timing.
In corresponding preferred version, notification module 92 includes:
Transmit-Receive Unit, for when the timing of timing module 91 reached for the first life cycle, sending to core net controlled entity
One of location area updating request message, Routing Area Update request message or TAU request message, carry request in request message
Distribute the configured information of the second temporary mark;And receive location area updating received message, the road that core net controlled entity returns
One of received message or TAU received message are updated to terminal by area, in received message, carries the second temporary mark of distribution
With the life cycle of the second temporary mark, and send location area updating completion message, Routing Area Update completion message or TAU and complete
One of message arrives core net controlled entity.
The terminal that the present embodiment provides, carries out timing due to being provided with according to life cycle, and when timing reaches this life cycle
When, the function of notifying network side that the first temporary mark is updated in time, solve in prior art, due to terminal infrequently
The temporary mark that leads to of movement cannot upgrade in time, reduce the technical problem of Terminal security, and then achieves help network
Side is realized updating temporary mark for terminal in time, improves the technique effect of Terminal security.
Embodiment 9
The present embodiment provides a kind of core net controlled entity, and this core net controlled entity can be used as in embodiment 5, realizes eventually
Side arranges the guard method of the terminal temporary mark that network side is safeguarded.As shown in Figure 10, including:Timing module 11, distributes mould
Block 12.
Timing module 11, for the life cycle timing according to the first temporary mark receiving;Distribute module 12, for for
Terminal distribution first temporary mark, and when the timing of timing module 11 reaches life cycle, be that terminal distribution second is marked temporarily
Know.
Further, timing module 11, specifically for receiving terminal, to send attachment completion message, location area updating complete
One of message, Routing Area Update completion message, TAU completion message or temporary mark Reallocation Complete message is become to arrive core net
During controlled entity, carry the life cycle of the first temporary mark in completion message, according to this life cycle timing;Distribute module 12, tool
Body is used for when the timing of timing module 11 reaches life cycle, and triggering temporary mark reassigns process, is that terminal distribution second is faced
When mark, and send carry the second temporary mark temporary mark reassign command messages to terminal.
The life cycle that the core net controlled entity that the present embodiment provides has according to receiving carries out timing, and arrives in timing
When reaching, start the function of reassigning temporary mark, the terminal temporary mark infrequently moving therefore can be avoided tracked or steal
Technical problem, and then the temporary mark that upgrades in time can be obtained, improve the technique effect of Terminal security.
Additionally, in order to preferably realize the method in embodiment 5, the present embodiment additionally provides a kind of terminal, such as Figure 10, should
Terminal includes:
Setup module 13, for the first temporary mark setting life cycle for distributing to terminal;
Notification module 14, for notifying core net controlled entity life cycle.
Further, setup module 13, after in core net controlled entity for terminal distribution first temporary mark,
Setting life cycle;Notification module 14, completes specifically for attachment completion message, location area updating completion message, Routing Area Update
One of message, TAU completion message or temporary mark Reallocation Complete message arrive core net controlled entity, take in completion message
Band life cycle.
The terminal that the present embodiment provides is passed through to arrange life cycle using to the temporary mark receiving, and this life cycle is reported
Accuse the core net controlled entity of network side, so that this core net controlled entity controls dividing of temporary mark according to this life cycle again
Join process, and then solve the technical problem of the poor stability that terminal is led to due to Hypomobility in prior art, it is right to achieve
Temporary mark arranges life cycle, helps core net controlled entity that expired temporary mark is updated, and is easy to improve terminal peace
The technique effect of full property.
Embodiment 10
The present embodiment provides a kind of terminal, and this terminal can be used in embodiment 4, realizes the interim of terminal maintenance terminal setting
The guard method of mark.As shown in figure 11, including:Setup module 21, timing module 22, notification module 23.
Wherein, setup module 21, for the first temporary mark setting life cycle for distributing to terminal;Timing module 22,
For the life cycle timing being arranged according to setup module 21;Notification module 23, reaches existence for the timing when timing module 22
During the phase, request core network entity is terminal distribution second temporary mark.
Further, setup module 21, after in core net controlled entity for terminal distribution first temporary mark,
Setting life cycle;
Correspondingly, notification module 23 includes:Transmit-Receive Unit, sends LAU request message to core net controlled entity, RAU please
Ask one of message or TAU request message, in request message, carry the configured information of request distribution the second temporary mark;And
Receive core net controlled entity to send in location area updating received message, Routing Area Update received message or TAU received message
One kind to terminal, carry the second temporary mark of distribution in received message, and send location area updating completion message, Route Area
Update one of completion message or TAU completion message and arrive core net controlled entity.
The terminal that the present embodiment provides can arrange life cycle timing to the temporary mark receiving, also can be in this existence
When phase reaches, the temporary mark that please look for novelty to the core net controlled entity of network side, so solve in prior art mark temporarily
Know due to the low technical problem of the safety causing cannot be updated for a long time, achieving can in the case of the low movement of terminal still
Request network side is updated to temporary mark, improves the technique effect of Terminal security.
Because the network controlling entity in above-described embodiment 7-10 or terminal are used to realize the method in embodiment 2-6,
It is all that those skilled in the art can be by reference to right in place of the not most detailed description of unit or module therefore in embodiment 7-10
Run away with embodiment 2-6 answered, will not be described here.
Embodiment 11
A kind of protection system of the present embodiment terminal temporary mark, as shown in figure 12, this system includes:Setup module 31,
Timing module 32 and distribute module 33;
Setup module 31, for the first temporary mark setting life cycle for distributing to terminal;Timing module 32, for root
Life cycle timing according to setup module 31 setting;Distribute module 33, for for terminal distribution first temporary mark, and works as timing
When the timing of module 22 reaches life cycle, it is terminal distribution second temporary mark.
In preferred version, setup module 31 includes:
Set up and put submodule, for being respectively provided with life cycle for the corresponding temporary mark of each terminal;
Group setting submodule, for for multiple terminals(The plurality of terminal can be to belong to same user, or belongs to same area
One group of terminal in domain or be attached on core net controlled entity, and provide the institute of service by this core network entity for it
There is terminal)Corresponding temporary mark unified setting life cycle.
Correspondingly, timing module 32 is specifically for the life cycle timing respectively for each terminal;And/or for for multiple
The unified life cycle of terminal carries out timing.
Correspondingly, in preferred version, distribute module 33 includes:
Multiple terminals allocation unit, for when the timing of timing module 32 reaches life cycle(It is specially unified life cycle
When), it is each terminal distribution second temporary mark in multiple terminals;
Multiple terminals stop element, for when all attachment removals from core net controlled entity of multiple terminals, stopping timing
The timing of module.
The system that the present embodiment provides, because the temporary mark having for terminal arranges life cycle, to life cycle timing, and
When the life cycle that timing is arrived, the function of can reassigning temporary mark for terminal exists it is possible to solve terminal in existing timing
After being attached on certain core net controlled entity, the problems such as due to seldom moving that the temporary mark causing is easily tracked, usurping, and then
The temporary mark of the terminal that upgrades in time can be obtained, improve the technique effect of Terminal security.
The above-mentioned module that the present embodiment provides, can all be deployed in terminal, can all be deployed in core net control
Physically, or can also partial deployment in terminal, partial deployment is on core net controlled entity.Concrete dispositions method has very
Multiple, four kinds of embodiments are specifically provided below in the present embodiment.
A kind of embodiment of the protection system of terminal temporary mark, this embodiment can be real by core net controlled entity
The repertoire that existing temporary mark updates.As shown in figure 13, including:Core net controlled entity and terminal;
Core net controlled entity, for for terminal distribution first temporary mark, and is distribute to terminal first interim
Mark setting life cycle, and according to interim maker timing, when timing reaches life cycle, be that terminal distribution second is marked temporarily
Know;
Terminal, for receiving the first temporary mark and the second temporary mark.
Or, the embodiment of the protection system of second terminal temporary mark, this embodiment can be by core network control
Entity setting up life cycle processed, timing is carried out by this life cycle of terminal-pair, by interacting and then realizing temporary mark renewal
Function.As shown in figure 13, including:Core net controlled entity and terminal;
Core net controlled entity, for for terminal distribution first temporary mark, and is distribute to terminal first interim
Mark setting life cycle, and the first temporary mark and life cycle are sent to terminal, when know reach life cycle when, be that terminal is divided
Join the second temporary mark;.
Terminal, the life cycle timing receiving for basis, and when timing reaches life cycle, request core network entity is
Terminal distribution second temporary mark.
Or, the embodiment of the protection system of the third terminal temporary mark, this embodiment is realized being faced by terminal-pair
When the update status that identify be monitored, and request core net controlled entity completes the function of temporary mark renewal in time.As figure
Shown in 13, including:Core net controlled entity and terminal;
Terminal, for the first temporary mark setting life cycle for distributing to terminal, and the life according to setup module setting
Deposit phase timing, when timing reaches life cycle, request core network entity is terminal distribution second temporary mark;
Core network entity, for for terminal distribution first temporary mark, and is terminal distribution first temporary mark, and
Receive terminal request when, be terminal distribution second temporary mark.
Or, the embodiment of the protection system of the 4th kind of terminal temporary mark, this embodiment realize by terminal with
The interaction of core net controlled entity completes the function that temporary mark is updated.As shown in figure 13, including:Core net controlled entity and
Terminal;
Core net controlled entity, for distributing the first temporary mark to terminal, and according to the life cycle timing receiving, when
When timing reaches life cycle, it is terminal distribution second temporary mark;
Terminal, for distributing to the first temporary mark setting life cycle of terminal for core net controlled entity, and will survive
Phase notifies core net controlled entity.
Existing scheme by distributing, for user terminal, the protection that temporary mark is capable of to contracted user's permanent identification, but
It is that it has terminal temporary mark because updating and permanently effective possibility.So temporary mark actually will become eventually
Long-term " code name " at end, exists by the security risk of attacker's malicious exploitation.This situation is outstanding for the relatively low terminal of mobility
For being susceptible to.In existing H2H communications applications, a lot of terminals have low mobility, and a large amount of after Internet of Things application introduces
M2M terminal maintains static after all having the characteristics that deployment or Hypomobility is it is therefore desirable to strengthen safety precaution to this situation.
However, existing scheme obviously can not meet reaches such purpose.The said system that therefore the present embodiment provides, can be terminal
The temporary mark being distributed arranges a life cycle, and in the case of the life cycle of temporary mark is overdue, network side is terminal
Redistribute temporary mark.On the basis of existing protocol, it is strengthened, can not only be to the permanent identification of user terminal
Carry out effective protection additionally it is possible to periodically or aperiodically be updated to the temporary mark of certain type terminals as needed,
Effectively eliminate above-mentioned potential safety hazard.
The present invention can have the specific embodiment of multiple multi-forms, combine accompanying drawing to this above taking Fig. 1-Fig. 5 as a example
The explanation for example of bright technical scheme, this is not meant to that the instantiation that the present invention is applied can only be confined to specific flow process
Or in example structure, those of ordinary skill in the art is it is to be appreciated that specific embodiments presented above are multiple
Some examples in its preferred usage, the embodiment of any embodiment the claims in the present invention all should be wanted in technical solution of the present invention
Within the scope of seeking survival.
Finally it should be noted that:These are only the preferred embodiments of the present invention, be not limited to the present invention, although
With reference to the foregoing embodiments the present invention is described in detail, for a person skilled in the art, it still can be right
Technical scheme described in foregoing embodiments is modified, or carries out equivalent to wherein some technical characteristics.All
Within the spirit and principles in the present invention, any modification, equivalent substitution and improvement made etc., should be included in the existence of the present invention
Within the scope of.
Claims (30)
1. a kind of guard method of terminal temporary mark is it is characterised in that be applied to the terminal of middle Hypomobility, including:
For distributing to the first temporary mark setting life cycle of terminal, and start intervalometer timing;
When the timing of described intervalometer reaches described life cycle, it is described terminal distribution second temporary mark;
Core net controlled entity is respectively provided with life cycle for the corresponding temporary mark of each terminal, or corresponding for multiple terminals
Temporary mark unified setting life cycle;The method also includes:
When any terminal in the plurality of terminal is attached on described core net controlled entity, described core net controlled entity
Start intervalometer.
2. method according to claim 1 is it is characterised in that described the first temporary mark setting for distributing to terminal is given birth to
Deposit the phase, and start intervalometer timing and specifically include:
After core net controlled entity is terminal distribution first temporary mark, described core net controlled entity is described terminal setting
Life cycle, and start intervalometer timing;
When the timing of described intervalometer reaches described life cycle, it is that described terminal distribution second temporary mark specifically includes:
When the timing of described intervalometer reaches described life cycle, described core net controlled entity starts temporary mark and reassigned
Journey, is described terminal distribution second temporary mark.
3. method according to claim 1 is it is characterised in that the described timing when described intervalometer reaches described life cycle
When, it is that described terminal distribution second temporary mark specifically includes:
When the timing of described intervalometer reaches described life cycle, described core net controlled entity is every in the plurality of terminal
Individual terminal distribution second temporary mark;
When all attachment removals from described core net controlled entity of the plurality of terminal, stop described intervalometer timing.
4. a kind of guard method of terminal temporary mark is it is characterised in that be applied to the terminal of middle Hypomobility, including:
For distributing to the first temporary mark setting life cycle of terminal, and start intervalometer timing;
When the timing of described intervalometer reaches described life cycle, it is described terminal distribution second temporary mark;
Described the first temporary mark setting life cycle for distributing to terminal, and start intervalometer timing and specifically include:
After core net controlled entity is terminal distribution first temporary mark, described terminal arranges life cycle, and starts intervalometer;
When the described timing when described intervalometer reaches described life cycle, it is that described terminal distribution second temporary mark specifically wraps
Include:
When the timing of described intervalometer reaches described life cycle, core net controlled entity distribution second described in described terminal request
Temporary mark.
5. method according to claim 4 is it is characterised in that core net controlled entity distribution the described in described terminal request
Two temporary marks are specially:
Described terminal to described core net controlled entity send location area updating request message, Routing Area Update request message or with
Track area updates one of request message, carries the configured information of request distribution the second temporary mark in described request message.
6. the method according to claim 4 or 5 is it is characterised in that the described timing when described intervalometer reaches described life
When depositing the phase, it is that described terminal distribution second temporary mark also includes:
After described core net controlled entity receives the request of described distribution the second temporary mark, it is the described in described terminal distribution
Two temporary marks, and send in location area updating received message, Routing Area Update received message or tracing section updating received message
One kind to described terminal, carry the second temporary mark of distribution in described received message.
7. a kind of guard method of terminal temporary mark is it is characterised in that be applied to the terminal of middle Hypomobility, including:
For distributing to the first temporary mark setting life cycle of terminal, and start intervalometer timing;
When the timing of described intervalometer reaches described life cycle, it is described terminal distribution second temporary mark;
Described the first temporary mark setting life cycle for distributing to terminal specifically includes:
When core net controlled entity is terminal distribution the first temporary mark, described core net controlled entity is described terminal setting
Life cycle, and described first temporary mark and described life cycle are issued to described terminal;
Described startup intervalometer timing;When the timing of described intervalometer reaches described life cycle, it is described terminal distribution second
Temporary mark specifically includes:
Described terminal starts intervalometer timing, and when the timing of described intervalometer reaches described life cycle, described terminal is to described
Core net controlled entity sends in location area updating request message, Routing Area Update request message or tracing section updating request message
One kind, carry in described request message request distribution the second temporary mark configured information.
8. method according to claim 7 it is characterised in that described by described first temporary mark with described life cycle
It is dealt into described terminal to specifically include:
Described core net controlled entity sends attachment received message, location area updating received message, Route Area more to described terminal
New received message, tracing section updating received message or temporary mark reassign one of command messages, carry in described message
Described first temporary mark and described life cycle.
9. method according to claim 7 is it is characterised in that described startup intervalometer timing;Meter when described intervalometer
When reaching described life cycle, be that described terminal distribution second temporary mark specifically also includes:
After described core net controlled entity receives the request of described distribution the second temporary mark, it is the described in described terminal distribution
Two temporary marks, and the life cycle of described second temporary mark is set, send location area updating received message, Routing Area Update connects
Arrived described terminal by one of message or tracing section updating received message, carry distribution in described received message second is interim
Mark and the life cycle of described second temporary mark.
10. a kind of guard method of terminal temporary mark is it is characterised in that be applied to the terminal of middle Hypomobility, including:
For distributing to the first temporary mark setting life cycle of terminal, and start intervalometer timing;
When the timing of described intervalometer reaches described life cycle, it is described terminal distribution second temporary mark;
Described the first temporary mark setting life cycle for distributing to terminal specifically includes:
After core net controlled entity is terminal distribution first temporary mark, terminal arranges life cycle, and described life cycle is led to
Know described core net controlled entity;
Described startup intervalometer timing;When the timing of described intervalometer reaches described life cycle, it is described terminal distribution second
Temporary mark specifically includes:
Described core net controlled entity starts intervalometer timing, when the timing of described intervalometer reaches described life cycle, triggering
Temporary mark reassigns process, is described terminal distribution second temporary mark, and sends and carry facing of described second temporary mark
Markers weight sensing assignment command message is to described terminal, and distributes new life cycle.
11. methods according to claim 10 it is characterised in that described described life cycle notified described core network control
Entity processed specifically includes:
Described terminal sends attachment completion message, location area updating completion message, Routing Area Update completion message, tracing section updating
One of completion message or temporary mark Reallocation Complete message arrive described core net controlled entity, take in described completion message
Carry described life cycle.
12. methods according to claim 10 it is characterised in that described life cycle be the time limit being fixedly installed or setting
Time range in randomly choose time limit.
A kind of 13. core net controlled entities it is characterised in that being applied to the terminal of middle Hypomobility, including:
Setup module, for the first temporary mark setting life cycle for distributing to terminal;
Timing module, for the life cycle timing being arranged according to setup module;
Distribute module, for for described terminal distribution first temporary mark, and when the timing of described timing module reach described
During life cycle, it is described terminal distribution second temporary mark;
Described setup module includes:
Set up and put submodule, for being respectively provided with life cycle for the corresponding temporary mark of each terminal;
Group setting submodule, for arranging life cycle for the corresponding temporary mark of multiple terminals is unified;
Described timing module, specifically for being attached on described core net controlled entity when any terminal in the plurality of terminal
When, start intervalometer timing.
14. core net controlled entities according to claim 13 it is characterised in that
Described setup module, specifically for, after described distribute module is terminal distribution first temporary mark, being that described terminal sets
Put life cycle;
Described distribute module, specifically for when the timing of described timing module reaches described life cycle, starting temporary mark weight
Assigning process, is described terminal distribution second temporary mark.
15. core net controlled entities according to claim 13 are it is characterised in that described distribute module includes:
Multiple terminals allocation unit, for when the timing of described timing module reaches described life cycle, being in the plurality of terminal
Each terminal distribution second temporary mark;
Multiple terminals stop element, for when all attachment removals from described core net controlled entity of the plurality of terminal, stopping
The timing of described timing module.
A kind of 16. core net controlled entities it is characterised in that being applied to the terminal of middle Hypomobility, including:
Setup module, for the first temporary mark setting life cycle for distributing to terminal;
Distribute module, for for described terminal distribution first temporary mark, and when know reach described life cycle when, for described
Terminal distribution second temporary mark;
Described setup module, specifically for when described distribute module is terminal distribution the first temporary mark, being that described terminal sets
Put life cycle, and described first temporary mark and described life cycle are issued to described terminal;
Described setup module, also includes:
Receiving unit, for receive the location area updating request message that described terminal sends, Routing Area Update request message or with
Track area updates one of request message, carries the configured information of request distribution the second temporary mark in described request message;
Described distribute module, specifically for when receiving described configured information, being described terminal distribution second temporary mark.
17. core net controlled entities according to claim 16 are it is characterised in that described setup module includes:
Transmitting element, for sending attachment received message, location area updating received message, Routing Area Update acceptance to described terminal
Message, tracing section updating received message or temporary mark reassign one of command messages, carry institute in described received message
State the first temporary mark and described life cycle.
18. core net controlled entities according to claim 16 are it is characterised in that described distribute module includes:
Distribution transmitting element, for receiving after the request of described distribution the second temporary mark, is the described in described terminal distribution
Two temporary marks, and the life cycle of described second temporary mark is set, send location area updating received message, Routing Area Update connects
Arrived described terminal by one of message or tracing section updating received message, carry distribution in described received message second is interim
Mark and the life cycle of described second temporary mark.
A kind of 19. core net controlled entities it is characterised in that being applied to the terminal of middle Hypomobility, including:
Timing module, for the life cycle timing according to the first temporary mark receiving;
Distribute module, for the first temporary mark described in terminal distribution, and when the timing arrival of described timing module is described
During life cycle, it is described terminal distribution second temporary mark;
Described timing module, specifically for receive described terminal send attachment completion message, location area updating completion message,
One of Routing Area Update completion message, tracing section updating completion message or temporary mark Reallocation Complete message arrive described core
During heart net controlled entity, carry the life cycle of described first temporary mark in described completion message, according to described life cycle timing;
Described distribute module, specifically for when the timing of described timing module reaches described life cycle, triggering temporary mark weight
Assigning process, is described terminal distribution second temporary mark, and sends and carry the temporary mark of described second temporary mark and divide again
Join command messages to described terminal.
A kind of 20. terminals it is characterised in that for middle Hypomobility terminal, including:
Setup module, for the first temporary mark setting life cycle for distributing to terminal;
Timing module, for the life cycle timing being arranged according to setup module;
Notification module, for when the timing of described timing module reaches described life cycle, request core net controlled entity is institute
State terminal distribution second temporary mark.
21. terminals according to claim 20 it is characterised in that
Described setup module, specifically for, after core net controlled entity is terminal distribution first temporary mark, arranging life cycle;
Described notification module includes:
Transmit-Receive Unit, to described core net controlled entity send location area updating request message, Routing Area Update request message or
One of tracing section updating request message, carries the configured information of request distribution the second temporary mark in described request message;
And receive location area updating received message, Routing Area Update received message or the tracking area that described core net controlled entity sends
Update one of received message and arrive described terminal, in described received message, carry the second temporary mark of distribution.
A kind of 22. terminals it is characterised in that for middle Hypomobility terminal, including:
Timing module, for the life cycle timing according to the first temporary mark receiving;
Notification module, for when the timing of described timing module reaches described life cycle, request core net controlled entity is institute
State terminal distribution second temporary mark.
23. terminals according to claim 22 it is characterised in that
Described timing module, specifically for receiving attachment received message, the location area updating acceptance that core net controlled entity sends
Message, Routing Area Update received message, tracing section updating received message or temporary mark reassign one of command messages, institute
State and in message, carry described first temporary mark and described life cycle, and according to described life cycle timing.
24. terminals according to claim 23 are it is characterised in that described notification module includes:
Transmit-Receive Unit, for when the timing of described timing module reaches described life cycle, sending out to described core net controlled entity
Send one of location area updating request message, Routing Area Update request message or tracing section updating request message, described request
The configured information of request distribution the second temporary mark is carried in message;And receive the position that described core net controlled entity returns
Area updates one of received message, Routing Area Update received message or tracing section updating received message and arrives described terminal, described
The second temporary mark of distribution and the life cycle of described second temporary mark is carried in received message.
A kind of 25. protection systems of terminal temporary mark it is characterised in that being applied to the terminal of middle Hypomobility, including:Core
Net controlled entity and terminal;
Described core net controlled entity, for the first temporary mark setting life cycle for distributing to terminal, and sets according to described
The life cycle timing put, when described timing reaches described life cycle, is described terminal distribution second temporary mark;
Described core net controlled entity is respectively provided with life cycle for the corresponding temporary mark of each terminal, or is multiple terminal-pairs
The temporary mark unified setting life cycle answered;
When any terminal in the plurality of terminal is attached on described core net controlled entity, described core net controlled entity
Start intervalometer;
Described terminal, for receiving described first temporary mark and the second temporary mark.
A kind of 26. protection systems of terminal temporary mark it is characterised in that being applied to the terminal of middle Hypomobility, including:Core
Net controlled entity and terminal;
Described core net controlled entity, for the first temporary mark setting life cycle for distributing to terminal, and by described first
Temporary mark and described life cycle are sent to terminal, when know reach described life cycle when, be that described terminal distribution second is interim
Mark;
Described terminal, the life cycle timing receiving for basis, and when timing reaches described life cycle, ask core network control
Entity processed is described terminal distribution second temporary mark;
Described terminal specifically for, start intervalometer timing, when described intervalometer timing reach described life cycle when, described end
Holding please to described core net controlled entity transmission location area updating request message, Routing Area Update request message or tracing section updating
Seek one of message, in described request message, carry the configured information of request distribution the second temporary mark.
A kind of 27. protection systems of terminal temporary mark it is characterised in that being applied to the terminal of middle Hypomobility, including:Core
Net controlled entity and terminal;
Described terminal, for the first temporary mark setting life cycle for distributing to terminal, and the life cycle timing according to setting,
When timing reaches described life cycle, request core net controlled entity is described terminal distribution second temporary mark;
Described core net controlled entity, for for terminal distribution first temporary mark, and in the request receiving terminal, is institute
State terminal distribution second temporary mark.
A kind of 28. protection systems of terminal temporary mark it is characterised in that being applied to the terminal of middle Hypomobility, including:Core
Net controlled entity and terminal;
Described core net controlled entity, for distributing the first temporary mark to described terminal, and according to the life cycle meter receiving
When, when timing reaches described life cycle, it is described terminal distribution second temporary mark;
Described terminal, for the first temporary mark setting life cycle for distributing to terminal, and described life cycle is notified core
Heart net controlled entity;
Described core net controlled entity is specifically for starting intervalometer timing, when the timing of described intervalometer reaches described existence
During the phase, triggering temporary mark reassigns process, is described terminal distribution second temporary mark, and sends that to carry described second interim
The temporary mark of mark reassigns command messages to described terminal, and distributes new life cycle.
A kind of 29. protection systems of terminal temporary mark it is characterised in that being applied to the terminal of middle Hypomobility, including:Setting
Module, timing module and distribute module;
Described setup module, for the first temporary mark setting life cycle for distributing to terminal;
Described timing module, for the life cycle timing being arranged according to setup module;
Described distribute module, for for described terminal distribution first temporary mark, and when the timing of described timing module reaches
During described life cycle, it is described terminal distribution second temporary mark;
Described distribute module includes:
Multiple terminals allocation unit, for when the timing of described timing module reaches described life cycle, being in the plurality of terminal
Each terminal distribution second temporary mark;
Multiple terminals stop element, described for when all attachment removals from core net controlled entity of the plurality of terminal, stopping
The timing of timing module.
30. systems according to claim 29 are it is characterised in that described setup module includes:
Set up and put submodule, for being respectively provided with life cycle for the corresponding temporary mark of each terminal;
Group setting submodule, for arranging life cycle for the corresponding temporary mark of multiple terminals is unified.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210141696.0A CN103391536B (en) | 2012-05-09 | 2012-05-09 | Protective method, terminal, core network control entity and system of terminal temporary identifications |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210141696.0A CN103391536B (en) | 2012-05-09 | 2012-05-09 | Protective method, terminal, core network control entity and system of terminal temporary identifications |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103391536A CN103391536A (en) | 2013-11-13 |
CN103391536B true CN103391536B (en) | 2017-02-08 |
Family
ID=49535677
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210141696.0A Active CN103391536B (en) | 2012-05-09 | 2012-05-09 | Protective method, terminal, core network control entity and system of terminal temporary identifications |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103391536B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104754560B (en) * | 2013-12-30 | 2018-11-30 | 华为终端(东莞)有限公司 | A kind of location privacy protection method, apparatus and system |
CN104410964B (en) * | 2014-11-26 | 2019-01-25 | 东莞宇龙通信科技有限公司 | A kind of mark update method, communication equipment, the network equipment and system |
CN107070654B (en) * | 2017-05-12 | 2020-11-27 | 北京小米移动软件有限公司 | Information acquisition method and device |
CN108200007B (en) * | 2017-11-24 | 2021-02-02 | 中国科学院信息工程研究所 | Dynamic identity management method and system for mobile network |
CN108093402B (en) * | 2017-11-24 | 2021-02-09 | 中国科学院信息工程研究所 | User privacy information protection method and system based on terminal enhancement |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102047629A (en) * | 2008-01-18 | 2011-05-04 | 交互数字专利控股公司 | Method and apparatus for enabling machine to machine communication |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1950989A4 (en) * | 2005-11-16 | 2012-01-04 | Nec Corp | Mobile communication system, core network, radio network system, and method for selecting network for containing the system |
CN101355793B (en) * | 2007-07-27 | 2011-08-31 | 华为技术有限公司 | Method and apparatus for recognizing user equipment as well as method for transferring and distributing temporary mark |
CN101400054B (en) * | 2007-09-28 | 2012-10-17 | 华为技术有限公司 | Method, system and device for protecting privacy of customer terminal |
CN101600197A (en) * | 2008-06-04 | 2009-12-09 | 中兴通讯股份有限公司 | The control method of interim Cell Radio Network Temporary Identifier/Identity, Cell-RNTI and device |
-
2012
- 2012-05-09 CN CN201210141696.0A patent/CN103391536B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102047629A (en) * | 2008-01-18 | 2011-05-04 | 交互数字专利控股公司 | Method and apparatus for enabling machine to machine communication |
Also Published As
Publication number | Publication date |
---|---|
CN103391536A (en) | 2013-11-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103391536B (en) | Protective method, terminal, core network control entity and system of terminal temporary identifications | |
CN101355793B (en) | Method and apparatus for recognizing user equipment as well as method for transferring and distributing temporary mark | |
CN102123135B (en) | Method and system for determining characteristic information of MTC (Machine Type Communication) equipment and device | |
CN102612013A (en) | Group-based position managing method and equipment of machine type communication (MTC) equipment | |
CN102083212A (en) | Method, system and device for identifying terminal | |
CN101330639B (en) | Method and apparatus for implementing beep-page in a mobile switching centre pool | |
CN102300192A (en) | Equipment and method for distributing TMSI (Temporary Mobile Subscriber Identity) during machine to machine communication and corresponding network attaching and location area updating methods | |
CN104105086B (en) | Close on selection method and device, the user registering method and device of service server | |
CN101291532A (en) | Method, system and core network node for implementing load migration in pool zone | |
CN100403819C (en) | Method for distributing channel resource in trunking service | |
CN102196401B (en) | Method for acquiring tracing area identity (TAI) of machine type communication device (MTC) from home subscriber server (HSS) and downlink paging method | |
CN100563390C (en) | Obtain the method for access system context | |
CN104581652A (en) | Message processing method as well as method and device for selecting MME (mobility management entity) | |
CN103238345A (en) | Communication method, device and system all based on mobile management entity pool (MME Pool) | |
CN101557609A (en) | Method of user load transfer, communication system and core network control node | |
CN108271227A (en) | A kind of SOT state of termination across RAT determines method and terminal | |
CN102378305A (en) | Communication method and relevant device of machine-type communication (MTC) equipment | |
CN105554178A (en) | Address allocation method, gateway and system | |
CN102056128B (en) | Information acquisition method and system of machinery communication terminals | |
EP2744285B1 (en) | Method and device for short-delay resource management, and wireless access network device | |
CN104717600B (en) | M2M terminal/terminal peripheral accessibility management method and equipment | |
CN102215457A (en) | Dynamic configuration method and system of ME (MTC (Machine Type Communication) Equipment) group | |
CN110100465A (en) | Gateway, mobility management apparatus, base station, communication means, control method, paging method and computer-readable medium | |
CN101754389A (en) | Resource control method, device and system | |
CN101064928B (en) | Method and device for realizing position register update |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |