CN103609153B - The method, apparatus and system of user's identification - Google Patents

The method, apparatus and system of user's identification Download PDF

Info

Publication number
CN103609153B
CN103609153B CN201180071128.1A CN201180071128A CN103609153B CN 103609153 B CN103609153 B CN 103609153B CN 201180071128 A CN201180071128 A CN 201180071128A CN 103609153 B CN103609153 B CN 103609153B
Authority
CN
China
Prior art keywords
message
base station
equipment
sent
mentioned
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201180071128.1A
Other languages
Chinese (zh)
Other versions
CN103609153A (en
Inventor
王志峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN103609153A publication Critical patent/CN103609153A/en
Application granted granted Critical
Publication of CN103609153B publication Critical patent/CN103609153B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved

Abstract

The invention discloses a kind of method of user's identification, equipment and system.In this method, before base station sends the non access stratum NAS message for encrypted negotiation sent by equipment of the core network to UE, including:Identity request message is sent to the UE by the base station, and the identity request message is used to ask the user of the UE to identify, and the user is identified for the identification of base stations UE;The base station receives the identity response message of UE transmissions, and the identity response message carries the above-mentioned user mark of the UE.Using method provided in an embodiment of the present invention, base station can be identified with active obtaining UE user so as to identify UE.

Description

The method, apparatus and system of user's identification
Technical field
The present invention relates to the technology of moving communicating field, more particularly to user's identification.
Background technology
In communication system(Such as Long Term Evolution(English is Long Term Evolution, abbreviation LTE)System)'s During operation maintenance, user profile tracking and call history are often used to monitor and evaluate honored guest(VIP)Service quality, Processing is complained and orientation problem.In the user equipment that tracking is specified(English is User Equipment, referred to as UE), and obtain The call history of the UE is taken, or during UE performances of statistics different manufacturers etc., is required for identifying UE.Core-network side network Node, such as mobile management entity(English is Mobility Management Entity, referred to as MME)UE can be identified, so And pass through Non-Access Stratum between UE and MME(English is Non-Access Stratum, abbreviation NAS)Message interacts, and makees To access net side network node, such as base station, relay station etc. can only transparent transmission NAS message, NAS message after encryption can not be parsed, therefore And None- identified UE, this is complained for access network side orientation problem, solution and monitoring VIP quality of services cause to be stranded greatly very much It is difficult.
The content of the invention
The embodiment of the present invention provides a kind of method, apparatus and system of user's identification.
On the one hand the embodiment of the present invention provides a kind of method of user's identification.In this method, base station is to user equipment (UE) Before sending the non access stratum NAS message for encrypted negotiation sent by equipment of the core network, including:
Identity request message is sent to the UE by above-mentioned base station, and above-mentioned identity request message is used for the use for asking above-mentioned UE Family identifies;Above-mentioned base station receives the identity response message that above-mentioned UE is sent, and above-mentioned identity response message carries the above-mentioned of above-mentioned UE User identifies.
Using the above method, the above-mentioned above-mentioned user of base station active obtaining is identified to identify above-mentioned UE, it is not necessary to which core net is matched somebody with somebody Close.
The embodiment of the present invention is on the other hand, there is provided a kind of method of user's identification.In this method, UE receives identity request and disappeared Breath, the identity request message be the base station send by equipment of the core network send the NAS message for encrypted negotiation before by Transmitted by the base station, the identity request message is used to ask the user of the UE to identify, and the user is identified for the identification of base stations The UE;The UE sends identity response message to the base station, and the identity response message carries user's mark of the UE.
Using technical scheme provided in an embodiment of the present invention, above-mentioned UE can be by above-mentioned base station initiative recognition, it is not necessary on State equipment of the core network cooperation.
The embodiment of the present invention is on the other hand, there is provided a kind of access network device, including:
Emitter, the emitter are used to send message to user equipment (UE) and/or equipment of the core network;
Receiver, the receiver are used to receive the message sent by above-mentioned UE and/or above-mentioned equipment of the core network;
Processor, the processor be used for control the emitter to above-mentioned UE send for encrypted negotiation NAS message it Before, identity request message is sent to above-mentioned UE, the identity request message is used for the identity for asking the UE;Above-mentioned processor It is additionally operable to after above-mentioned receiver receives the identity response message sent by above-mentioned UE, controls above-mentioned emitter to be sent out to above-mentioned UE The NAS message for encrypted negotiation is sent, above-mentioned identity response message carries above-mentioned UE identity.
Using above-mentioned access network device, can be identified with the above-mentioned UE of active obtaining user, so as to identify UE, it is not necessary to core Heart net equipment coordinates.
The embodiment of the present invention is on the other hand, there is provided a kind of user equipment, including:
Receiver, the receiver are used to receive the identity request message sent by base station, and the identity request message is used for please Ask the identity of above-mentioned user equipment.
Emitter, the emitter are used for after above-mentioned receiver receives the above-mentioned identity request message of above-mentioned base station transmission, Identity response message is sent to above-mentioned base station, the identity response message carries the above-mentioned identity of above-mentioned user equipment.
Using above-mentioned UE, it can make it that the above-mentioned above-mentioned UE of network equipment active obtaining user's mark is above-mentioned so as to identify UE, it is not necessary to which equipment of the core network coordinates.
The embodiment of the present invention is on the other hand, there is provided a kind of communication system.The communication system includes above-mentioned access network device With above-mentioned user equipment.The method that the communication system performs above-mentioned user's identification.
Using above-mentioned communication system, the user of the above-mentioned above-mentioned user equipment of access network device active obtaining can be caused to mark Know and identify above-mentioned user equipment.
The embodiment of the present invention is on the other hand, there is provided a kind of computer program product.The computer program product includes storage Medium, in the storage medium storage realize the code of the method for above-mentioned user's identification.
Using above computer program product, the above-mentioned above-mentioned user equipment of access network device active obtaining can be caused User identifies and identifies above-mentioned user equipment.
Brief description of the drawings
Fig. 1 is the system architecture schematic diagram of the embodiment of the present invention;
Fig. 2 is a kind of schematic flow sheet of the method for user's identification that the embodiment of the present invention one provides;
Fig. 3 is a kind of schematic flow sheet of the method for user's identification that the embodiment of the present invention two provides;
Fig. 4 is a kind of schematic flow sheet of the method for user's identification that the embodiment of the present invention three provides;
Fig. 5 is a kind of structural representation for access network device that the embodiment of the present invention four provides to embodiment six;
Fig. 6 is a kind of structural representation for user equipment that the embodiment of the present invention seven provides.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Site preparation describes.Obviously, specific embodiment as described below is only the part of the embodiment of the present invention, and the present invention can be with Without wishing Implement in the other embodiments of these specific details.For example, the technical scheme is that entering based on LTE system framework Row description, but the invention is not restricted to the communication system architecture described in embodiment, the present invention can be additionally used in WCDMA Access(English is Wideband Code Division Multiple Access, abbreviation WCDMA)System, and follow-up evolution In system.
Fig. 1 is the communication system architecture figure that embodiments of the invention are based on.UE, base station(Such as evolution base station(English is Evolution Node B, abbreviation eNB))And equipment of the core network(Such as MME)In the communication system of composition, above-mentioned UE with it is above-mentioned The friendship of row information, into the interaction of row information, is entered in base station by eating dishes without rice or wine by S1 mouths between above-mentioned base station and above-mentioned equipment of the core network Mutually, between above-mentioned base station it is the interaction for entering row information by X2 mouths.In user's control face, above-mentioned UE and above-mentioned equipment of the core network When entering the transmission of row information by NAS message, the base station as access net side is used to forward the NAS message.
A kind of as shown in Fig. 2 user identification method that embodiments of the invention one provide.This method be base station establish with Carried out after UE wireless heterogeneous networks connection, including:
S21, base station send identity request message to UE.The identity request message is used to ask the user of the UE to identify.
S22, above-mentioned base station receive the identity response message of UE transmissions.
After the UE receives above-mentioned identity request message, identity response message is sent to above-mentioned base station.The identity response disappears Breath carries user's mark of the UE.Above-mentioned base station parses and obtains user's mark of the UE in the identity response message, and Identified according to the user and identify the UE.Alternatively, the base station can also preserve user's mark and be used for follow-up.
S23, above-mentioned base station send the NAS message for encrypted negotiation sent by equipment of the core network to above-mentioned UE.
Above-mentioned base station disappears in the NAS for encrypted negotiation for being sent to above-mentioned base station by above-mentioned equipment of the core network to UE transmissions Before breath, the process of the above-mentioned base station inquiry UE identity is completed(For example, step S21 and S22).
The technical scheme provided using embodiments of the invention one, connects with above-mentioned UE RRC in above-mentioned base station and has established Into afterwards, before equipment of the core network and UE encrypted negotiation NAS messages, base station inquiry UE identity is completed, base station can be obtained UE user's mark, and independent of equipment of the core network.
As shown in figure 3, a kind of user identification method that embodiments of the invention two provide, including herein below.
S30, base station are established and are connected with UE RRC.
Base station and UE establish the process that RRC is connected and are applied to the present embodiment in the prior art, and here is omitted.
S31, above-mentioned base station send identity request message to above-mentioned UE.The identity request message is used for the user for asking the UE Mark.As an example, the identity request message can be NAS message.
S32, above-mentioned base station receive the identity response message of UE transmissions.
After the UE receives the identity request message that above-mentioned base station is sent, identity response message is sent to above-mentioned base station.As One example, the identity response message can be NAS message.The identity response message carries user's mark of the UE.Institute User is stated to identify for UE described in the identification of base stations.As an example, user's mark can be international mobile subscriber Mark(English is International Mobile Subscribe Identity, abbreviation IMSI)It is or international mobile Device identification(English is International Mobile Equipment, abbreviation IMEI), can also IMSI and IMEI etc..
Above-mentioned base station parses and obtains user's mark of the above-mentioned UE in the identity response message, identifies above-mentioned UE.On Above-mentioned UE user's mark can also be preserved for follow-up use by stating base station.
It is preferred that the base station can also abandon the identity response message, without issuing equipment of the core network, so as to save Save Internet resources.
S33, above-mentioned base station send a notification message to equipment of the core network.
The notification message is used to notify equipment of the core network to carry out initialization operation to the UE.The initialization operation bag Include and UE is authenticated, encrypted and service quality(English is Quality Of Service, abbreviation QOS)Control etc..As One example, the notification message can be that base station sends initialising subscriber equipment message by S1 mouths to equipment of the core network, and this is first Beginningization user equipment message is used to notify above-mentioned equipment of the core network to have UE to access and carry out initialization operation to the UE.
S34, above-mentioned base station receive the NAS message for encrypted negotiation sent by the equipment of the core network.
After the equipment of the core network receives the notification message of base station transmission, the equipment of the core network initializes to above-mentioned UE Operation, and send the NAS message for being used for encrypted negotiation to above-mentioned base station.
The NAS message for being used for encrypted negotiation sent by equipment of the core network is sent to UE by S35, above-mentioned base station.
Above-mentioned base station is used for the NAS message of encrypted negotiation by this that sent by equipment of the core network is received, by eating dishes without rice or wine It is sent to the UE.The UE is received after this is used for the NAS message of encrypted negotiation, the UE and the equipment of the core network to the follow-up UE and The NAS message of interaction is encrypted between the equipment of the core network.
Alternatively, above-mentioned base station can also construct a plurality of above-mentioned identity request message inquiry UE identity.On for example, State base station and send a plurality of identity request message, the identity response message that above-mentioned UE transmissions are successfully received until above-mentioned base station is gone forward side by side Untill row user's identification.Such as the number thresholding of the above-mentioned identity request message of above-mentioned base station transmission can also be set, at described time In number thresholding, if above-mentioned base station receives the identity response message that above-mentioned UE is sent, identity request message is not retransmited;If In number thresholding, if above-mentioned base station does not receive the identity response message that above-mentioned UE is sent, above-mentioned base station is sent again Identity request message gives above-mentioned UE, until transmission times reaches the number thresholding.If the identity request that above-mentioned base station is sent Message reaches number thresholding, does not receive above-mentioned UE identity response message also, is then considered as UE connection failures.For example, above-mentioned base The transmission of a plurality of identity request message can also be realized by setting multiple timers by standing, when above-mentioned base station transmission one is above-mentioned After identity request message, if in first timer duration, after not receiving the identity response message that above-mentioned UE is sent back, Namely above-mentioned base station inquiry UE identity failure, the base station can retransmit an above-mentioned identity request message, ask the UE Identity, until the second timer expires.
The technical scheme provided using embodiments of the invention two, above-mentioned base station can be added in equipment of the core network and UE The above-mentioned UE of initiative recognition before close NAS information, without identifying UE by equipment of the core network again so that realize simple.Especially During for docking difficult when equipment of the core network belongs to different manufacturers with base station equipment, base station side can voluntarily identify UE so as to full The operation maintenance demand of foot access network side, it is simple and easy without coordinating core network side again.
Further, in the present embodiment above-mentioned base station be RRC connections foundation after the completion of, and base station notice equipment of the core network Before thering is above-mentioned UE to access and carrying out initialization operation, the carry out ID inquiring to above-mentioned UE, can take full advantage of S30 with Intrinsic access delay between S33.Scheme is realized simple.
Further, above-mentioned base station utilizes UE identity, such as IMSI and IMEI to know UE in the present embodiment Not, without identifying UE by identifying interface identifier so that the recognition accuracy to UE greatly improves, and realizes simple.
As shown in figure 4, a kind of user identification method that embodiments of the invention three provide, including herein below.
S40, base station are established RRC with UE and are connected.
Base station and UE establish the process that RRC is connected and are applied to the present embodiment in the prior art, and here is omitted.
S41, above-mentioned base station send a notification message to equipment of the core network.
The notification message is used to notify equipment of the core network to carry out initialization operation to above-mentioned UE.The initialization operation bag Include above-mentioned UE is authenticated, encrypt and QOS control etc..As an example, the notification message can be that above-mentioned base station leads to The initialising subscriber equipment message that S1 mouths are sent to equipment of the core network is crossed, the initialising subscriber equipment message is used to notify above-mentioned core Heart net equipment has UE to access and carries out initialization operation to the UE.
S42, above-mentioned base station send identity request message and are used to ask the user of the UE to identify to the UE.
As an example, the identity request message can be NAS message.
S43, above-mentioned base station receive the identity response message of UE transmissions.
The UE sends identity response message after the identity request message that above-mentioned base station is sent is received, to above-mentioned base station.Make Can be NAS message for identity response message described in an example.The identity response message carries user's mark of the UE.Institute User is stated to identify for UE described in the identification of base stations.As an example, user mark can with IMSI or IMEI, can also IMSI and IMEI etc..
Above-mentioned base station, which parses and obtains the user of the UE in the identity response message, identifies the UE.The base The user's mark that can also preserve the UE stand for follow-up use.
It is preferred that the base station can also abandon the identity response message, without issuing equipment of the core network, so as to save Save Internet resources.
S44, above-mentioned base station receive the NAS message for encrypted negotiation sent by equipment of the core network.
The equipment of the core network receives the notification message for being used to notify to initialize UE sent by above-mentioned base station Afterwards, initialization operation can be carried out to the UE of access.In the ciphering process for carrying out initialization operation, the equipment of the core network can be upward State base station and send NAS message for encrypted negotiation.
S45, above-mentioned base station pass through the NAS message for being used for encrypted negotiation sent by equipment of the core network above-mentioned UE。
Above-mentioned UE is received after this is used for the NAS message of encrypted negotiation, the UE and the equipment of the core network to the follow-up UE and NAS message between equipment of the core network is encrypted.
Alternatively, the similar S31 with second embodiment, above-mentioned base station can construct a plurality of above-mentioned identity request message and look into UE user's mark is ask, such as can be by setting timer and/or register to realize.There is provided using the embodiment of the present invention three Technical scheme, in above-mentioned base station before the NAS message for encrypted negotiation that the equipment of the core network is sent is received, lead The dynamic identification completed to UE, enter without identifying UE by equipment of the core network again, realize simply, can also avoid because of different factories Family offer access network equipment and equipment of the core network and caused by coordinate on difficulty.
As an example, if above-mentioned base station before the identity response message that above-mentioned UE is sent is received, above-mentioned base station The NAS message for encrypted negotiation that equipment of the core network is sent in above-mentioned S44 is received, then above-mentioned base station is to above-mentioned NAS message Preserved, and above-mentioned UE wouldn't be sent to.After above-mentioned identification of base stations goes out above-mentioned UE, above-mentioned base station just will be by core net The NAS message for being used for encrypted negotiation that equipment is sent is sent to above-mentioned UE.In the technical scheme that the present embodiment provides, base station control Make the time that UE is handed down to for the NAS message of encrypted negotiation, it can be ensured that NAS message is encrypted between UE and equipment of the core network Before interaction, realize that UE is identified for base station, nor UE can be increased the turn-on time of core net is postponed.
Alternatively, the base station can also construct the identity that a plurality of identity request message inquires about the UE in the present embodiment Mark, specifically can refer to the associated description of above-described embodiment two, will not be repeated here.As shown in figure 5, embodiments of the invention four A kind of access network device 50 is provided, including:Processor 501, emitter 502 and receiver 503.
Above-mentioned emitter 502 is used to send message to UE and/or core network device.Above-mentioned receiver 503 is used to receive The message that UE and/or core network device are sent.Above-mentioned processor is used to control above-mentioned emitter to be used for sending to above-mentioned UE Before the NAS message of encrypted negotiation, the identity to above-mentioned UE transmission identity request messages for asking above-mentioned UE, and After above-mentioned receiver receives the identity response message sent by above-mentioned UE, above-mentioned emitter is controlled to be sent to above-mentioned UE for adding The NAS message of close negotiation.Above-mentioned identity response message carries above-mentioned UE identity.
The access network device 50 that the present embodiment provides can perform described in embodiments of the invention one base station in method Performed action, the description in above method embodiment is specifically can refer to, will not be repeated here.Affiliated access network device 50 It is dynamic performed by the base station in implementation method embodiment outside receiver 503 and processor 501 except above-mentioned emitter 502 Make, some structures can also be set.The non-limiting example of this class formation can include memory, microprocessor, send electronics Circuit of signal etc..
Embodiments of the invention five provide a kind of access network device, and above-mentioned access network device includes emitter, receive Machine and processor.Access network device provided in the present embodiment is roughly the same with the access network device in example IV. Further, above-mentioned processor is additionally operable to control above-mentioned emitter to disappear to above-mentioned identity request in the above-mentioned UE of above-mentioned receiver reception Sent a notification message after the identity response message of breath to above-mentioned equipment of the core network, the notification message is used to notify above-mentioned core network Equipment carries out initialization operation to above-mentioned UE.Above-mentioned processor is additionally operable to control above-mentioned receiver to receive above-mentioned equipment of the core network hair The NAS message for encrypted negotiation sent, and the NAS message is sent to above-mentioned UE.The access network that the present embodiment provides is set Action in the standby method that can be performed described in embodiments of the invention two performed by base station, it specifically can refer to above method implementation Description in example, will not be repeated here.For the step in implementation method embodiment, the access network device can also include The structure being previously mentioned in fourth embodiment.
Embodiments of the invention six provide a kind of access network device, and above-mentioned access network device includes emitter, receive Machine and processor.Access network device provided in the present embodiment is roughly the same with the access network device in example IV. Further, the processor is additionally operable to control above-mentioned emitter before above-mentioned emitter machine sends above-mentioned identity request message, Sent a notification message to above-mentioned core network device, the notification message is used to notify above-mentioned core network device to carry out initially UE Change operation.The processor is additionally operable to control above-mentioned emitter after above-mentioned receiver receives above-mentioned identity response message, to Above-mentioned UE sends the NAS message for encrypted negotiation sent by above-mentioned equipment of the core network that above-mentioned receiver receives.
The access network device that embodiments of the invention six provide can be performed in the methods described of embodiments of the invention three Action performed by base station, the description in above method embodiment is specifically can refer to, will not be repeated here.In order to which implementation method is real The step in example is applied, the access network device can also include the structure being previously mentioned in fourth embodiment.
As shown in fig. 6, embodiments of the invention seven provide a kind of user equipment (UE) 60, including:Receiver 601 and transmitting Machine 602.Above-mentioned receiver 601 is used to receive the above-mentioned identity request message sent by base station.Above-mentioned emitter 602 is used for above-mentioned After receiver 601 receives the above-mentioned identity request message sent by base station, identity response message is sent to above-mentioned base station.
The user equipment 60 that embodiments of the invention seven provide can perform embodiments of the invention one to embodiment three and appoint Action in one methods described performed by user equipment, specifically can refer to the description in above method embodiment, herein no longer Repeat.For the step in implementation method embodiment, the UE can also set some structures, and the non-limiting of these structures is shown Example can include memory, microprocessor, send circuit of electronic signal etc..
Above-mentioned UE provided in an embodiment of the present invention is simple, can coordinate the identification of base stations UE, it is easy to accomplish.
The embodiment of the present invention eight also provides a kind of communication system, and the communication system is similar with shown in Fig. 1, including:The present invention Example IV to any one of access network device of embodiment six and embodiments of the invention seven described in user set It is standby.The equipment of the communication system can perform embodiments of the invention one to any embodiment methods described of embodiment three, specifically The description in above method embodiment is can refer to, will not be repeated here.
The communication system that the embodiment of the present invention eight provides, can cause the above-mentioned above-mentioned user of access network device active obtaining The user of equipment identifies and identifies above-mentioned user equipment, without identifying UE by core net.
Embodiments of the invention nine provide a kind of computer program product, and the computer program product includes storage medium. In the storage medium storage implementation example one to the method described in embodiment three any one embodiment code.
The communication system that the embodiment of the present invention nine provides, can cause the above-mentioned above-mentioned user of access network device active obtaining The user of equipment identifies and identifies above-mentioned user equipment, without identifying UE by core net.
In certain embodiments, it is not specifically described for well known method, interface, equipment signaling technology, Yi Mianyin Unnecessary details make it that the present invention is fuzzy.One of ordinary skill in the art will appreciate that realize complete in above-described embodiment method Portion or part steps are can to indicate the hardware of correlation by program to complete, and described program can store to be calculated with one In machine readable storage medium storing program for executing, described storage medium, such as:Read-only memory(Read-only Memory, ROM)It is or random Storage memory(Random Access Memory, RAM), magnetic disc, CD etc..Above-described embodiment, to this Purpose, technical scheme and the beneficial effect of invention are further described, and be should be understood that and be the foregoing is only this The embodiment of invention, the protection domain being not intended to limit the present invention, those skilled in the art are not paying wound The property made work on the basis of, any modification, equivalent substitution and improvements done etc., should be included in protection scope of the present invention it It is interior.

Claims (3)

  1. A kind of 1. method of user's identification, it is characterised in that base station is sending what is sent by equipment of the core network to user equipment (UE) Before the non access stratum NAS message of encrypted negotiation, including:
    The base station sends identity request message to the UE, and the identity request message is used to ask the user of the UE to mark Know;
    The base station receives the identity response message that the UE is sent, and the identity response message carries the user of the UE Mark;
    After the base station receives the identity response message that the UE is sent, the base station is sent by described to the UE Before the NAS message for encrypted negotiation that equipment of the core network is sent, or the base station is by the identity request message It is sent to before the UE, in addition to:
    The base station sends a notification message to the equipment of the core network, and the notification message is used to notify the equipment of the core network pair The UE carries out initialization operation, and the initialization operation includes the UE being authenticated, encrypted and serviced quality Q OS controls System;
    After the base station sends the notification message to the equipment of the core network, the base station is sent by the core to the UE Before the NAS message for encrypted negotiation that heart net equipment is sent, in addition to:
    The base station receives the NAS message for encrypted negotiation that the equipment of the core network is sent.
  2. 2. the method as described in claim 1, it is characterised in that when the identity response that the base station is sent in reception by the UE Before message, if the base station receives the NAS message for encrypted negotiation sent by the equipment of the core network, the base Stand and preserve the NAS message for being used for encrypted negotiation.
  3. A kind of 3. access network device, it is characterised in that including:
    Emitter, the emitter are used to send message to user equipment (UE) and/or equipment of the core network;
    Receiver, the receiver are used to receive the message sent by the UE and/or the equipment of the core network;
    Processor, the processor be used for control the emitter to the UE send for encrypted negotiation NAS message it Before, identity request message is sent to the UE, the identity request message is used for the identity for asking the UE;The processing Device is additionally operable to after the receiver receives the identity response message that is sent by the UE, controls the emitter to the UE The NAS message for encrypted negotiation is sent, the identity response message carries the identity of the UE;
    The processor is additionally operable to:
    The emitter is controlled after the identity response message that the receiver receives that the UE is sent, to the core net Equipment dispatch order message, the notification message are used to notify the equipment of the core network to carry out initialization operation to the UE;Or Person
    The emitter is controlled before the identity response message that the receiver receives that the UE is sent, to the core net Equipment dispatch order message, the notification message are used to notify the equipment of the core network to carry out initialization operation, institute to the UE Stating initialization operation includes the UE being authenticated, encrypted and serviced quality Q OS controls;
    The processor is additionally operable to control the emitter after the receiver receives the identity response message, to described UE sends the NAS message for being used for encrypted negotiation as described in being sent above-mentioned equipment of the core network that the receiver receives.
CN201180071128.1A 2011-12-21 2011-12-21 The method, apparatus and system of user's identification Active CN103609153B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2011/084308 WO2013091179A1 (en) 2011-12-21 2011-12-21 User recognition method, device and system

Publications (2)

Publication Number Publication Date
CN103609153A CN103609153A (en) 2014-02-26
CN103609153B true CN103609153B (en) 2017-12-15

Family

ID=48667639

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201180071128.1A Active CN103609153B (en) 2011-12-21 2011-12-21 The method, apparatus and system of user's identification

Country Status (2)

Country Link
CN (1) CN103609153B (en)
WO (1) WO2013091179A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105519040B (en) 2014-11-05 2019-08-20 华为技术有限公司 User equipment management method, equipment and system
CN108024301B (en) * 2016-11-04 2022-07-26 夏普株式会社 Base station, user equipment and execution method thereof

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101473565A (en) * 2006-06-21 2009-07-01 Lg电子株式会社 Method of transmitting and receiving radio access information using a message separation in a wireless mobile communications system
CN101765216A (en) * 2008-12-23 2010-06-30 大唐移动通信设备有限公司 Method, device and system for controlling subscriber access
CN101945503A (en) * 2010-09-06 2011-01-12 华为技术有限公司 Base station controller and method for obtaining user identification
CN101945379A (en) * 2009-07-10 2011-01-12 华为技术有限公司 Method for obtaining user permanent mark and access network equipment

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101033556B1 (en) * 2003-07-10 2011-05-11 엘지전자 주식회사 IMSI, and method for identifying mobile-network using the same in mobile communication system
KR101706383B1 (en) * 2010-05-03 2017-02-14 삼성전자주식회사 Short message service message delivery method and system in a mobile telecommunication system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101473565A (en) * 2006-06-21 2009-07-01 Lg电子株式会社 Method of transmitting and receiving radio access information using a message separation in a wireless mobile communications system
CN101765216A (en) * 2008-12-23 2010-06-30 大唐移动通信设备有限公司 Method, device and system for controlling subscriber access
CN101945379A (en) * 2009-07-10 2011-01-12 华为技术有限公司 Method for obtaining user permanent mark and access network equipment
CN101945503A (en) * 2010-09-06 2011-01-12 华为技术有限公司 Base station controller and method for obtaining user identification

Also Published As

Publication number Publication date
CN103609153A (en) 2014-02-26
WO2013091179A1 (en) 2013-06-27

Similar Documents

Publication Publication Date Title
US8929865B2 (en) Optimizing user device context for mobility management entity (MME) resiliency
EP3596996B1 (en) Method and apparatus for handling a ue that is in the idle state
KR101215231B1 (en) RRC messages and procedures
CN104883217B (en) A kind of method, system and the equipment of transmitting satellite message
CN108029015A (en) Wireless access point and terminal device in communication network
US10034173B2 (en) MTC service management using NFV
CN110999257B (en) Delivery method selection for delivery of server notifications
US20150043537A1 (en) Security processing method and system in network handover process
US20160095022A1 (en) Method, apparatus, and system for connecting to network
KR102306682B1 (en) Message transmission method and device
EP3562204B1 (en) Method and apparatus for selecting user plane anchor
EP2862398A1 (en) A method and node for paging in a radio access network
WO2015089735A1 (en) User equipment capability acquisition method, system and equipment
TW201911917A (en) Paging method, terminal equipment and network equipment
JP6097757B2 (en) Method and apparatus for transmitting and receiving multicast data in a wireless communication system
US20220210859A1 (en) Data transmission method and apparatus
EP2566116A2 (en) Method for establishing a connection between a node of a communication system and a node of a data service network in a wireless communication system
US20150215725A1 (en) Method, system, and equipment for sending trigger message
US9258711B2 (en) Wireless communication system and authentication method thereof
US10051513B2 (en) Method and apparatus for obtaining authentication information
WO2012003721A1 (en) Method and system for resource management based on network sharing
WO2017177975A1 (en) Service provider identity indication method and apparatus, user equipment and access device
CN104010381B (en) A kind of method, equipment and system for establishing direct communication path
CN104219733B (en) A kind of adjacent communication relay node discovery method and apparatus
CN103609153B (en) The method, apparatus and system of user's identification

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant