CN103634776A - Terminal access identifier acquiring method and identity information servers - Google Patents
Terminal access identifier acquiring method and identity information servers Download PDFInfo
- Publication number
- CN103634776A CN103634776A CN201210305447.0A CN201210305447A CN103634776A CN 103634776 A CN103634776 A CN 103634776A CN 201210305447 A CN201210305447 A CN 201210305447A CN 103634776 A CN103634776 A CN 103634776A
- Authority
- CN
- China
- Prior art keywords
- terminal
- aid
- network
- iis
- ilr
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 230000003993 interaction Effects 0.000 claims abstract description 24
- 238000013500 data storage Methods 0.000 claims description 21
- 238000013475 authorization Methods 0.000 claims description 7
- 238000004891 communication Methods 0.000 claims description 5
- 230000007774 longterm Effects 0.000 claims description 5
- 238000007726 management method Methods 0.000 claims description 5
- 238000010295 mobile communication Methods 0.000 claims description 5
- 238000000926 separation method Methods 0.000 abstract description 8
- 230000004044 response Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000011664 signaling Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/02—Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
- H04W8/08—Mobility data transfer
- H04W8/12—Mobility data transfer between location registers or mobility servers
Landscapes
- Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a terminal access identifier acquiring method and identity information servers. The method comprises the steps that the identity information servers (IIS) are set in a network; access identifiers (AID) of a terminal in the network are initially saved in the IISes, and mutual connection between the IISes is established; when the terminal carries out roaming access from a visit place network and when the visit place IIS queries the terminal AIDs at a visit place service access service router (ASR) of the terminal, the terminal AIDs are queried from the affiliation IIS of the terminal; and the visit place IIS receives the terminal AIDs queried and returned by the affiliation IIS of the terminal. According to the invention, the identity information servers are set to save the terminal AIDs; the identity information servers are mutually connected, so that terminal AID interaction can be conveniently carried out; and in a method based on identity position separation, when the terminal carries out roaming, the terminal AIDs can be acquired, and the terminal can access the visit place network.
Description
Technical Field
The present invention relates to the field of mobile communications, and in particular, to a method for acquiring an access identifier of a terminal and an identity information server.
Background
As is well known, in the IP internet, a terminal must request a valid IP address from the network in order to access the IP internet. The IP address has dual attributes that represent both the identity of the user and the network topology location in which the user is located. When a user obtains an IP address at a topological location (e.g., under an access gateway), the IP address can only be used at the topological location (e.g., only within the scope of the access gateway). This is inherently not a problem for fixed terminals, but for mobile terminals, the IP address becomes an invalid address after the terminal moves from a domain governed by one access gateway to another. At this point, the terminal must re-acquire a new IP address from the new topological location. This does not guarantee continuity of the IP-based upper layer service, e.g. the call is dropped if the end user is making an IP call.
To solve this problem, a series of solutions are proposed in the industry, such as mobile ip (mobileip) -based technologies, GTP-based technologies. However, these technologies have some generally recognized problems, such as routing detour, single point of failure, etc. On one hand, the routing roundabout results in wasting transmission bearing resources of operators, which is not beneficial to saving cost; on the other hand, the time delay for receiving and sending the IP data packet by the MN (mobile terminal) and the CN (communication opposite terminal) is increased, which is not beneficial to improving the service experience of the user; on the other hand, the possibility that the IP packet of the terminal encounters network congestion when being transmitted on the network is increased, so that the terminal service is blocked or even cannot be realized (such as real-time services of voice, video, online games and the like).
Currently, the industry starts to research a method based on identity and location separation, which aims to solve the routing detour problem while the terminal must reallocate an IP address after crossing an access gateway. Referring to fig. 1, the network logic structure of the method mainly includes an Access Service Router (ASR), an Identity Location Register (ILR), and the like. The ASR is connected with an access network below the ASR and is mainly responsible for the access of a user terminal; the ILR mainly stores the "identity-location" correspondence of the terminal. In the method, a fixed Access Identity (AID for short) needs to be configured for the terminal user, and is used for identifying the Identity of the user, and the AID is stored in the ILR. When the user terminal accesses to the network, the ASR queries the ILR to acquire the AID of the terminal and sends the AID to the terminal.
In a network actually deployed, there are often multiple operators, and there is a roaming agreement among the operators, that is, operator B allows a terminal of operator a to access through its own network and provides the terminal with corresponding network services. In the above-described method of identity-based location separation, the AID of the end user is stored in the ILR of the home operator of the user. As in the example shown in fig. 2, the user terminal A is A subscriber of operator A (i.e. operator A is the home operator of terminal A), and at this time the AID of this user is stored in the identity location register A (ILR- A). When the terminal roams to an operator B (namely, a visited operator) and is accessed through an access service router B (ASR-B), the ASR-B cannot acquire the AID of the terminal. Because there is no record in the ILR-B of operator B for this user, i.e. there is no AID information for this user. Therefore, in the above method based on identity and location separation, when the terminal roams, even if there is a roaming agreement between its home operator and the current visited operator, the terminal cannot acquire the AID of the terminal user and cannot access the network.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a method for acquiring an access identifier of a terminal and an identity information server, which can acquire the access identifier of the terminal under the condition that the terminal roams.
In order to solve the above technical problem, a method for acquiring an access identifier of a terminal of the present invention includes:
an Identity Information Server (IIS) is arranged in a network, an Access Identifier (AID) of a terminal in the network is initially stored in the IIS, and mutual connection between the IIS is established;
when the terminal is accessed from the visited place network in a roaming way, when a visited place IIS inquires the AID of the terminal in a visited place service Access Service Router (ASR) of the terminal, the AID of the terminal is inquired from the attribution IIS of the terminal;
and the visit place IIS receives the AID of the terminal inquired and returned by the attribution IIS of the terminal.
Further, the identifier used for access authentication of the terminal is also initially stored in the IIS, and the AID of the terminal is associated with the identifier used for access authentication of the terminal;
when receiving an identifier used for access authentication of a terminal sent by the visited place service ASR, the visited place IIS learns that the visited place service ASR inquires the AID of the terminal;
the visit place IIS sends the received identifier used for access authentication of the terminal to the home IIS of the terminal, and inquires the AID of the terminal;
and the visit place IIS receives the corresponding AID returned by the home location IIS of the terminal and inquired according to the identifier used for access authentication of the terminal.
Further, still include:
before inquiring the AID of the terminal to the home IIS of the terminal, the visit IIS judges whether the terminal belongs to a local network according to the identifier used for access authentication of the terminal, determines the home IIS of the terminal when the terminal does not belong to the local network, and inquires the AID of the terminal to the home IIS.
Further, all IISs are directly connected or connected through one or more border gateways;
and when the IISs are connected through the one or more border gateways, the border gateways between the IISs complete the interaction between the IISs according to the identifier used for access authentication of the terminal.
Further, the IISs interact with each other based on RADIUS (remote authentication dial in access user service) messages or Diameter messages.
Further, in a Long Term Evolution (LTE) network, a packet data network gateway (P-GW) is taken as an ASR; the IIS is deployed on an authentication, authorization and accounting (AAA) server connected with the P-GW, and the AAA servers in the network are all connected with each other; or the IIS is deployed on a Mobility Management Entity (MME) connected with the P-GW, and the MME in the network are connected with each other; or,
in a third generation mobile communication (3G) network, a gateway general packet radio service support node (GGSN) is used as ASR; the IIS is deployed on an AAA server connected with the GGSN, and the AAA servers in the network are all connected with each other; or the IIS is deployed on a Home Location Register (HLR) connected with the GGSN, and the HLRs in the network are connected with each other; or, the IIS is deployed on a Home Subscriber Server (HSS) connected with the GGSN, and the HSS in the network are connected with each other; or,
in a fixed network, a Broadband Remote Access Server (BRAS) is used as an ASR, an IIS is deployed on an AAA server connected with the BRAS, and all AAA servers in the network are connected with each other.
Further, a method for storing an access identifier of a terminal includes:
establishing interconnection between Identity Location Registers (ILRs) in a network;
when a terminal is accessed from a visited place network in a roaming way, a visited place ILR receives an Access Identifier (AID) and a Routing Identifier (RID) of the terminal, which are sent by a visited place service ASR of the terminal, wherein the AID is obtained by the visited place service ASR through inquiring from a visited place Identity Information Server (IIS); the RID is distributed to the terminal by the visit place service ASR after inquiring the AID;
and the visit location ILR sends the AID and the RID of the terminal to the home ILR of the terminal, so that the home ILR stores the corresponding relation between the AID and the RID of the terminal.
Further, still include:
before the AID and the RID of the terminal are sent to the home ILR of the terminal by the visitor location ILR, whether the terminal belongs to a local network is judged according to the AID of the terminal and pre-configured information, and if the terminal does not belong to the local network, the home network of the terminal is judged; or judging whether the terminal belongs to the local network according to the identifier used for access authentication of the terminal which is sent by the ASR in the visit area service and simultaneously sends the AID and the RID, and if not, judging the home network of the terminal.
Further, still include:
the ILRs are directly connected or connected through one or more border gateways;
and when the ILRs are connected through the one or more border gateways, the border gateways between the ILRs complete interaction between the ILRs according to the AIDs of the terminals or the identifiers used by the terminals for access authentication.
Further, still include:
after the visit location ILR switches the ASR, receiving a target ASR switched by the terminal as the RID redistributed by the terminal;
and after the terminal does not belong to the local network and the home network of the terminal is determined, the visited ILR updates the RID redistributed by the target ASR for the terminal to the home ILR of the terminal.
Further, still include:
when a communication opposite terminal (CN) of the terminal sends a data message to the terminal, and when an ILR in a network where the CN is located inquires the position information of the terminal in a service ASR of the CN, if the corresponding relation of AID-RID of the terminal is not stored locally, the AID of the terminal is sent to an attributive ILR of the terminal so as to inquire the RID of the terminal;
and the ILR in the network where the CN is positioned receives the RID of the terminal, which is locally inquired and returned by the home ILR of the terminal according to the AID.
Further, still include:
and when the terminal quits the network or releases the IP address, the visit location ILR sends the AID of the terminal to the home ILR of the terminal and informs the home ILR to delete the RID of the terminal.
Further, the ILRs interact based on RADIUS (remote authentication dial in access user service) messages or Diameter messages.
Further, in a Long Term Evolution (LTE) network, a packet data network gateway (P-GW) is used as an ASR, an ILR is deployed on an authentication, authorization, and accounting (AAA) server connected to the P-GW, and the AAA servers in the network are all connected to each other; or, the ILR is deployed on a Mobility Management Entity (MME) connected with the P-GW, and the MME in the network are connected with each other; or,
in a third generation mobile communication (3G) network, taking a gateway general packet radio service support node (GGSN) as an ASR, deploying ILR on an AAA server connected with the GGSN, and connecting the AAA servers in the network with each other; or the ILR is deployed on a Home Location Register (HLR) connected with the GGSN, and the HLRs in the network are connected with each other; or, the ILR is deployed on a Home Subscriber Server (HSS) connected with the GGSN, and the HSS in the network are connected with each other; or,
in a fixed network, a Broadband Remote Access Server (BRAS) is used as an ASR, an ILR is deployed on an AAA server connected to the BRAS, and the AAA servers in the network are all connected to each other.
Further, an identity information server comprising: the system comprises a data storage unit, an information interaction unit and an information inquiry unit, wherein:
the data storage unit is used for initially storing an Access Identifier (AID) of a terminal in the network;
the information interaction unit is used for establishing the mutual connection between the Identity Information Servers (IIS);
the information inquiry unit is used for inquiring the AID of the terminal from the attribution IIS of the terminal through the information interaction unit when a visited place service Access Service Router (ASR) of the terminal inquires the AID of the terminal when the terminal is in roaming access, and receiving the AID of the terminal inquired and returned by the attribution IIS of the terminal.
Further, the data storage unit is further configured to initially store an identifier used by the terminal for access authentication, and associate the AID of the terminal with the identifier used by the terminal for access authentication;
the information query unit is specifically configured to, when receiving an identifier, used for access authentication, of a terminal sent by the ASR, learn that the ASR needs to query the AID of the terminal, send the received identifier, used for access authentication, of the terminal to the home IIS of the terminal, query the AID of the terminal, and receive a corresponding AID, returned by the home IIS of the terminal, queried according to the identifier, used for access authentication, of the terminal.
Further, the information querying unit is further configured to, before querying the AID of the terminal for the home IIS of the terminal, determine whether the terminal belongs to a local network according to the identifier used for access authentication of the terminal, determine the home IIS of the terminal when the terminal does not belong to the local network, and query the AID of the terminal for the home IIS.
Further, the information querying unit is further configured to, after receiving an identifier used for access authentication by the terminal and sent by another identity information server, query a corresponding AID from the data storage unit according to the received identifier used for access authentication by the terminal, and return the queried AID to the corresponding identity information server.
Further, an identity location register comprising: the device comprises an information interaction unit, a data storage unit and an information updating unit, wherein:
the information interaction unit is used for establishing the interconnection between Identity Location Registers (ILRs) in the network;
the data storage unit is used for receiving and storing an Access Identifier (AID) and a Routing Identifier (RID) of the terminal, which are sent by a visited place service ASR of the terminal when the terminal is accessed in a roaming way, wherein the AID is obtained by the visited place service ASR through inquiring from a visited place Identity Information Server (IIS); the RID is distributed to the terminal by the visit place service ASR after inquiring the AID;
and the information updating unit is used for sending the AID and the RID of the terminal to the attribution ILR of the terminal through the information interaction unit so that the attribution ILR stores the corresponding relation between the AID and the RID of the terminal.
Further, the information updating unit is further configured to, before sending the AID and the RID of the terminal to the home ILR of the terminal, determine whether the terminal belongs to a local network according to the AID of the terminal and preconfigured information, and if not, determine the home network of the terminal; or judging whether the terminal belongs to the local network according to the identifier used for access authentication of the terminal which is sent by the ASR in the visit area service and simultaneously sends the AID and the RID, and if not, judging the home network of the terminal.
Further, the data storage unit is further configured to receive an RID reallocated to the terminal by the target ASR switched by the terminal after the terminal switches the ASR;
and the information updating unit is also used for updating the RID redistributed by the target ASR for the terminal to the home ILR of the terminal after the terminal does not belong to the local network and the home network of the terminal is determined.
Further, the information updating unit is further configured to send the AID of the terminal to the home ILR of the terminal when the terminal quits the network or releases the IP address, and notify the home ILR to delete the RID of the terminal.
In summary, in the method for identity location separation based on the invention, the identity information server is arranged to store the AID of the terminal and the identity information servers are connected with each other, so that the AID of the terminal can be acquired when the terminal roams, and the terminal can access the visited network.
Drawings
FIG. 1 is a prior art architecture diagram of an identity location separation network;
fig. 2 is a schematic diagram illustrating terminal roaming in an id-locator separation network in the prior art;
fig. 3 is an architecture diagram of a system for acquiring an access identifier of a terminal according to the present invention;
fig. 4 is a flowchart of embodiment 1 of a method for acquiring an access identifier of a terminal according to the present invention;
fig. 5 is a flowchart of a method for acquiring an access identifier of a terminal according to the present invention during terminal handover;
fig. 6 is a flowchart of embodiment 2 of a method for acquiring an access identifier of a terminal according to the present invention;
fig. 7 is a flowchart of embodiment 3 of a method for acquiring an access identifier of a terminal according to the present invention;
fig. 8 is a schematic diagram of the method of the present invention applied to an LTE network;
FIG. 9 is a schematic diagram of the method of the present invention applied to a 3G network;
FIG. 10 is a diagram illustrating the method of the present invention applied to a fixed network;
FIG. 11 is an architecture diagram of an identity information server of the present invention;
FIG. 12 is an architecture diagram of the identity location register of the present invention.
Detailed Description
Unlike existing Identity location separation techniques, in the present embodiment, a dedicated Identity Information Server (IIS) is used to store the end-user's AID. As shown in fig. 3, operator A has its own identity information server A (IIS-A), and operator B has its own IIS-B. Preferably, the IIS records and associates together the identity of the end user used for access authentication and the AID of the user. The identifier used by the terminal user for Access authentication generally includes an International Mobile Subscriber Identity (IMSI), a Network Access Identifier (NAI), and the like. In order to support roaming access of the end user, a signaling interface (as shown in fig. 3) needs to be added between the IIS of the visited operator and the IIS of the home operator, and the main function of the interface is to transfer the Access Identity (AID) of the end user between the visited IIS and the home IIS.
It should be noted that the IIS of the visited operator may establish a directly connected interface with the IIS of the home operator, or may indirectly establish an interface through one or more border gateways. That is, the IISs of the visited operator and the home operator establish interfaces with the border gateways, respectively, and the interaction between the two IISs is completed through the relay of the border gateway. The general role of the border gateway is to protect the data security and attack of the operators of both parties. It should be noted that the Border Gateway can be generally referred to as Border IIS (Border IIS, abbreviated as B-IIS), Gateway IIS (Gateway IIS, abbreviated as G-IIS), or Proxy IIS (Proxy IIS, abbreviated as P-IIS).
In order to support that the home carrier of the terminal can also grasp the location information of the terminal, it is preferable to add a signaling interface between the ILR (visited ILR) of the visited operator and the ILR (home ILR) of the home operator. Similarly, the ILR of the visited operator may establish a directly connected interface with the ILR of the home operator, or may establish the interface indirectly through one or more border gateways. Accordingly, Border gateways may be generally referred to as Border identity location registers (Border ILR, B-ILR), Gateway identity location registers (Gateway ILR, G-ILR), or Proxy ILR (P-ILR).
As shown in fig. 3, operator B is a visited operator of terminal a, and operator a is a home operator of terminal a. An interface is established between operator A's IIS-A and operator B's IIS-B. If the terminal A is accessed from the operator B in a roaming way, the terminal A is accessed through an access service router B (ASR-B). And the ASR-B requests the AID of the terminal to the IIS-B, and the IIS-B can acquire the AID of the terminal A from the IIS-A through the interface and send the AID to the terminal. Therefore, the problem that the terminal cannot be accessed by the operator at the roaming place can be solved.
Example 1:
fig. 4 shows a first embodiment of the present embodiment, which is a process in which a terminal accesses a network and acquires an Access Identifier (AID) of the terminal from the network, and specifically includes the following steps:
step 401: the terminal roams to a visited operator, accesses to the network of the visited operator and attaches to an Access Service Router (ASR) of the terminal, and the ASR is the service ASR of the terminal (namely, the visited service ASR);
generally, the service ASR obtains an identifier used by the terminal for access authentication in this step, such as the above-mentioned IMSI, NAI, or User Name (User Name). Based on the user name, the network firstly performs access authentication on the terminal user, and then executes the subsequent process after the access authentication is passed.
Step 402: the ASR (located in the visited operator) queries the AID of the terminal user from the visited Identity Information Server (IIS), and carries the identifier of the obtained terminal for access authentication;
step 403: after receiving the request, the visited place IIS first determines whether the user belongs to the local network;
the visited place IIS can make a judgment according to the identifier used by the terminal for access authentication (i.e. the identifier used by the user using the terminal for access authentication, hereinafter, both identifiers are expressed as the identifier used by the terminal for access authentication). In this embodiment, since it is assumed that the current access of the user is the visited operator, the visited IIS needs to further determine the home operator of the terminal user at this time, and generally, according to the identifier used for access authentication of the terminal, the visited IIS can determine the home operator of the terminal. Preferably, depending on the configuration information, the visited IIS may also determine the home IIS of the terminal.
Step 404: the visit place IIS sends a message to the attribution IIS (located in an attribution operator of the terminal user) of the terminal user, and inquires the AID of the terminal, wherein the message carries an identifier used for access authentication of the terminal;
step 405: after receiving the request, the home location IIS preferably checks that the request message is from a legal requester, then locally queries a corresponding AID according to the identifier used by the terminal for access authentication, and returns a response message carrying the AID to the visited location IIS;
step 406: the visited place IIS returns the inquired AID to the ASR;
step 407: the ASR sends the AID to the terminal, and the AID is used as an identity mark of the terminal and is configured in the local part of the terminal;
the subsequent terminal uses the AID as its own IP address for communication with the outside.
Step 408: after obtaining the AID of the terminal, the ASR further allocates a Routing Identifier (RID, also called a location Identifier) to the terminal;
step 409: the ASR (the ASR is the ASR of the visited operator) updates the RID of the terminal to the ILR (visited ILR) of the visited operator, carries the AID of the terminal user and the assigned RID, and preferably also carries an identifier used by the terminal for access authentication;
step 410: the visit location ILR stores the corresponding relation of AID-RID of the terminal locally, and sends a message carrying the corresponding relation of AID-RID to the home location ILR of the terminal;
preferably, the visited site ILR can determine that the terminal corresponding to the AID is not affiliated to the operator. The visited ILR can judge that the AID does not belong to the operator according to the AID and the preconfigured information, and can judge that the operator to which the AID belongs; or, the visited site ILR determines, according to the identifier for access authentication of the terminal preferentially carried in step 409, that the corresponding AID does not belong to the operator, and can determine the operator to which the AID belongs.
Step 411: after the attributive ILR acquires the information, storing the corresponding relation of AID-RID of the terminal in the local;
at this time, the home operator of the terminal can also know the current location information of the terminal. The home ILR returns a reply message to the visited ILR.
Step 412: the visited ILR returns a response message to the ASR.
It should be noted that, in step 410, the visited ILR may directly send the AID-RID of the terminal to the home ILR of the terminal user without recording the AID-RID correspondence of the terminal, and only the home ILR stores the AID-RID correspondence of the terminal.
The problems of the prior art can be solved by the method of the above embodiment of the present invention. When the terminal roams, the terminal can also acquire the AID of the terminal after accessing the network through the ASR of the visited operator, and the AID is used as the source address of the terminal to communicate with the outside.
It should be noted that in the description of the present embodiment, the visited IIS and the home IIS are directly interactive with each other. As described above, the visited IIS and the home IIS can communicate with each other through one or more border gateways (such as the above-mentioned B-IIS, G-IIS or P-IIS), and the border gateway can determine to which next-hop border gateway or home IIS the corresponding message should be sent according to the above-mentioned identifier used by the terminal for access authentication (as described in step 403). Similarly, the visited ILR and the home ILR may interwork via one or more border gateways (e.g., the above-mentioned B-ILR, P-ILR, G-ILR), which may determine to which next-hop border gateway or home ILR the corresponding message should be sent according to the AID or the above-mentioned identifier for access authentication of the end-user, according to the method described in step 410.
As shown in fig. 5, when a terminal switches a current ASR in a visited operator, that is, a source ASR is switched to a target ASR, the target ASR needs to allocate a new RID to the terminal, and update an AID-RID correspondence of the terminal stored in an ILR, specifically including the following steps:
step 501-502: after the terminal is switched from the source ASR to the target ASR, the target ASR distributes a new RID for the terminal;
step 503: because the target ASR is also located in the network of the visited place operator, the target ASR sends an update message to the visited place ILR, carries the AID of the terminal and the newly allocated RID, and preferably also carries an identifier used for access authentication of the terminal;
the same principle as in step 409.
Step 504: in the same step 410, the visited site ILR determines that the terminal user is not affiliated to the operator, and sends a message to the affiliated ILR of the terminal after determining the affiliated operator of the user, wherein the message carries the mapping relationship of AID-RID;
step 505-506: the same as step 411-412.
Example 2:
fig. 6 shows a second embodiment of the present invention, which still assumes that the terminal accesses the network at the visited operator, i.e. the terminal currently serves ASR and is located at the visited operator.
Step 601: a communication opposite terminal (CORRESPONDENTER Node, CN for short) of the terminal sends a data message to the terminal, the destination IP address of the data message is set as the AID of the terminal, and the data message firstly reaches a service ASR (CN-ASR) of the CN;
step 602: when the CN-ASR cannot find the position information of the terminal locally, inquiring the position information of the terminal from the ILR in the operator domain where the CN-ASR is located, and inquiring the AID of the terminal carried by the message;
it is assumed that the operator in which the CN-ASR is located is not the home operator of the terminal.
Step 603: assuming that the ILR in the operator domain where the CN-ASR is located cannot locally query the RID information of the terminal, in step 410, the ILR may determine, according to the AID and the preconfigured information, that the AID does not belong to the operator and that the operator to which the AID belongs;
step 604: the ILR sends a request to the home ILR of the terminal, carries the AID of the terminal and requests the RID information of the terminal;
step 605: after inquiring the RID information of the terminal locally according to the AID, the attributive ILR returns a response message to the ILR in the operator domain where the CN-ASR is located, and the response message carries the AID-RID information of the terminal;
step 606: after receiving the response message, the ILR in the operator domain where the CN-ASR is located carries the RID information of the terminal in the response message and returns the RID information to the CN-ASR;
step 607: and the CN-ASR sends the data message according to the position information of the terminal.
It is worth mentioning that the operator where the CN-ASR is located may be the visited operator where the terminal is currently located. At this time, as described in embodiment 1, the visited site ILR may store the AID-RID relationship of the terminal, and the CN-ASR may directly query the visited site ILR for relevant information; otherwise, the method proceeds to the above step of embodiment 2, and the home ILR is queried for relevant information. The operator where the CN-ASR is located may also be different from the visited operator where the terminal is currently located, and at this time, the location information of the terminal needs to be queried according to the method in the foregoing embodiment.
Example 3:
fig. 7 shows a third embodiment of the present invention, which still assumes that the terminal accesses the network at the visited operator, i.e. the terminal currently serves ASR and is located at the visited operator. When the terminal leaves the network, the location information of the terminal stored in the home ILR of the terminal needs to be cleared, which specifically includes the following steps.
Step 701: the current service ASR of the terminal receives the instruction of the terminal to quit the network or release the IP address;
step 702: the ASR sends a message to an ILR (visited ILR) in the local domain (i.e. visited operator domain of the terminal) to delete the location information of the terminal, wherein the ASR carries the AID of the terminal and preferably also carries an identifier used by the terminal for access authentication;
step 703: after receiving the above-mentioned message, the visited site ILR first deletes the AID-RID mapping relationship of the terminal locally, and meanwhile, according to the method of step 410, the visited site ILR can determine that the local domain is the visited domain (i.e. visited site) of the terminal and can determine the home domain of the terminal, and the visited site ILR sends a message to the home domain ILR of the terminal for deleting the location information of the terminal, carrying the AID of the terminal, and preferably also carrying the identifier used by the terminal for access authentication;
step 704: and the home ILR deletes the related information stored locally and returns a response message to the visit-ILR.
Step 705: the visited-ILR returns a response message to the ASR described above.
It should be noted that, in actual network deployment, the IIS described in this embodiment may be deployed on an Authentication, Authorization, and accounting (AAA) Server, a Home Location Register (HLR), or a Home Subscription Server (HSS), that is, the IIS serves as a functional module of these network elements, or these network elements themselves have functions of the IIS. Thus, these network elements can be used to directly replace the "identity information server" in the above embodiments. For example, the home authentication and accounting server is used to replace the home identity information server, and the visited authentication and authorization accounting server is used to replace the visited identity information server, etc., which have the same principle. At this time, the visited-IIS and the home-IIS may interact with each other through an AAA protocol, including a RADIUS (Remote authentication dial In User Service) protocol and a Diameter protocol.
For example, the Access-Request message defined by the RADIUS protocol is used by the visited site IIS, the portable terminal is used to Access the authentication identifier to Request the AID information in the terminal from the home IIS, and accordingly, the home IIS responds to the visited site IIS by using the Access-Access message, and carries the AID of the terminal. If the home IIS also has no corresponding record (e.g., the end user has not signed up an AID), the home IIS may return an Access-Reject message to the visited IIS. At this point, the ASR at the visited site will preferably deny terminal access. The visit place IIS can also use the AA-Request defined by the Diameter protocol to Request the AID information of the terminal from the attribution IIS, and the access authentication identifier used by the terminal is carried; the home IIS uses the AA-Answer response visiting place IIS, carries AID information of the terminal, or carries an error indication (for example, the terminal user does not sign AID). If the visit place IIS receives the AA-Answer message carrying the error indication, the ASR preferably refuses the terminal to access the network.
Similarly, in actual network deployment, the ILR according to this embodiment may also be deployed on an AAA server, an HLR, or an HSS, that is, the ILR serves as a functional module of these network elements, or these network elements themselves have the function of the ILR. In this way, the "identity location register" in the above embodiments can be directly replaced by these network elements. For example, the home identity location register is replaced by the home authentication and charging server, the visitor authentication and authorization charging server is replaced by the visitor identity location register, and the like, and the principle is the same. At this time, the visited ILR and the home ILR may also interact via an AAA protocol, including a RADIUS protocol and a Diameter protocol.
For example, the visited ILR uses an Accounting-Request message defined by the RADIUS protocol to carry the AID and RID information of the terminal, and updates the RID information of the terminal to the home ILR. At the time of initial update, the above information may be updated to the home ILR using Accounting-Request [ start ] (i.e., indicating that the type of this Request is start); when updating is carried out subsequently (for example, the terminal switches ASR, and new ASR allocates new RID for the terminal), Accounting-Request [ inter ] is used; when the position information of the terminal is deleted, the visited ILR sends Accounting-Request [ stop ] to the home ILR. And when the home ILR receives the Accounting-Request message with the type of stop, deleting the RID information of the terminal. Accordingly, the home ILR responds to the visited ILR with an Accounting-Response [ start ], an Accounting-Response [ intervention ], and an Accounting-Response [ stop ]. As described in example 2, when the ILR of the operator domain where the CN-ASR resides queries the RID of the terminal from the terminal's home ILR, the ILR may query the home ILR using a message newly defined in the RADIUS protocol.
The visited ILR can also use Accounting-Request message defined by Diameter protocol, carry AID and RID information of the terminal, and update RID information of the terminal to the home ILR; accordingly, the home ILR responds to the visited ILR with an Accounting-Answer. The visited ILR can use the Disconnect-Peer-Request or Abort-Session-Request and other messages, carry the AID of the terminal, and indicate the home ILR to delete the RID information of the terminal; the home ILR responds to the visited ILR with Disconnect-Peer-Answer or Abort-Session-Answer, respectively. As described in embodiment 2, when the ILR of the operator domain where the CN-ASR is located queries the RID of the terminal from the home ILR of the terminal, the ILR may query the home-ILR using a message newly defined in the Diameter protocol.
Example 4:
fig. 8 is a fourth example of the present embodiment, and specifically, the contents of the present embodiment are applied to an lte (long Term evolution) network. In the LTE network, a terminal is first connected to an S-GW (Serving Gateway) by wireless and then connected to a P-GW (Packet data network Gateway) by the S-GW. The P-GW has the ASR function described above and is referred to as P-GW (ASR).
The network is divided into the visited operator (operator B in the figure) and the home operator (operator a in the figure) of the terminal, assuming that the terminal is currently connected in the network of its visited operator, and the P-gw (asr) assigned by the network for the terminal is also located within the visited operator domain. The P-gw (asr) interfaces with both the ILR within the visited operator domain (i.e., visited ILR above) and the IIS within the visited operator domain (i.e., visited IIS above). Meanwhile, there is an interface between the visited site ILR and the ILR in the home operator domain of the terminal (i.e., the above home ILR), and there is also an interface between the visited site IIS and the IIS in the home operator domain of the terminal (i.e., the above home IIS). As described above, the interfaces described herein may be directly connected or may be indirectly connected through an intervening border gateway or the like.
The methods described in embodiments 1 to 3 of the present embodiment can all be applied to the LTE network described herein, and only the ASR of the previous embodiment needs to be replaced by the P-gw (ASR) described herein, and the source ASR and the target ASR need to be replaced by the source P-gw (ASR) and the target P-gw (ASR). Also, as described above, both the ILR and IIS may be located on an AAA server connected to the P-gw (asr) (e.g., connected to the P-gw (asr) via the SGi interface). The principle is consistent and will not be described in detail.
In addition, the LTE network further includes an MME (Mobility Management Entity) for storing a Mobility context of the terminal. In this case, the IIS and ILR may be located on the MME, or the MME itself may have IIS and/or ILR functions. At this time, the MME in the visited domain is the visited MME, the MME belonging to the visited domain is the home MME, and an indirect or direct interface is established between the visited MME and the home MME.
Example 5:
fig. 9 is a fifth example of the present embodiment, and specifically, the contents of the present embodiment are applied to a GPRS (General Packet Radio Service) network. In the GPRS network, a terminal is first connected to an SGSN (serving GPRS Support Node) by radio, and then connected to a GGSN (Gateway GPRS Support Node) by the SGSN. Here, the GGSN has the ASR function described above and is referred to as GGSN (ASR).
In the same principle as the fourth embodiment, the network is divided into a visited operator (operator B in the figure) and a home operator (operator a in the figure) of the terminal, and it is assumed that the terminal is currently connected in the network of its visited operator, and the ggsn (asr) allocated by the network for the terminal is also located in the visited operator domain. The ggsn (asr) interfaces with both the ILR within the visited operator domain (i.e. visited ILR above) and the IIS within the visited operator domain (i.e. visited IIS above). Meanwhile, there is an interface between the visited site ILR and the ILR in the home operator domain of the terminal (i.e., the above home ILR), and there is also an interface between the visited site IIS and the IIS in the home operator domain of the terminal (i.e., the above home IIS). As described above, the interfaces described herein may be directly connected or may be indirectly connected through an intervening border gateway or the like.
The methods described in embodiments 1 to 3 of the present invention can be applied to the GPRS network described herein, and only the ASR of the previous embodiment needs to be replaced by the ggsn (ASR) described herein, and the source ASR and the target ASR need to be replaced by the source ggsn (ASR) and the target ggsn (ASR). Also, as described above, both ILR and IIS may be located on an AAA server connected to ggsn (asr) (e.g., connected to ggsn (asr) via the Gi interface). The principle is consistent and will not be described in detail.
In addition, the GPRS network also includes an HLR or HSS, which is used to store information such as a subscription of a terminal user. At this time, as described above, the IIS and ILR may also be located on the HLR/HSS, where the HLR/HSS located in the visited domain is the visited-HLR/HSS, and the HLR/HSS located in the home domain is the home-HLR/HSS.
Example 6:
fig. 10 is a sixth example of the present embodiment, and specifically, the contents of the present embodiment are applied to a fixed network (e.g., xDSL). In the fixed network, the terminal is connected to a BRAS (Broadband Remote Access server) through a Subscriber Line (Subscriber Line) and a dslam (digital Subscriber Line Access multiplexer). Here, BRAS has the ASR function described above and is denoted as BRAS (ASR).
The fixed network generally manages in different areas, such as an area a and an area B shown in fig. 10. Where the home zone of the terminal is zone a, assuming that the terminal is currently connected in its visited zone (i.e., zone B). It should be noted that the area a and the area B are similar to the operator a and the operator B, so that the roaming scenario shown in fig. 10 can be considered as well. Assuming that the BRAS to which the terminal is currently connected is also located within the visited area, the BRAS (asr) has an interface with both the ILR of the visited area (i.e. the above visited ILR) and the IIS within the visited area (i.e. the above visited IIS). Meanwhile, there is an interface between the visited site ILR and the ILR in the home area of the terminal (i.e., the above home ILR), and there is also an interface between the visited site IIS and the IIS in the home area of the terminal (i.e., the above home IIS). As described above, the interfaces described herein may be directly connected or may be indirectly connected through an intervening border gateway or the like.
The methods described in embodiments 1 to 3 of the present invention can be applied to the fixed network described herein, and only the ASR of the previous embodiment needs to be replaced by the bras (ASR) described herein, and the source ASR and the target ASR need to be replaced by the source bras (ASR) and the target bras (ASR). Also, as described above, both ILR and IIS may be located on an AAA server connected to bras (asr). The principle is consistent and will not be described in detail.
As shown in fig. 11, this embodiment further provides an identity information server, including: the system comprises a data storage unit, an information interaction unit and an information inquiry unit, wherein:
the data storage unit is used for initially storing AID of the terminal in the network;
the information interaction unit is used for establishing the interconnection among the IISs;
and the information inquiry unit is used for inquiring the AID of the terminal from the attribution IIS of the terminal through the information interaction unit when the access service ASR of the terminal inquires the AID of the terminal during roaming access of the terminal, and receiving the AID of the terminal inquired and returned by the attribution IIS of the terminal.
The data storage unit is also used for initially storing the identifier used for access authentication of the terminal and associating the AID of the terminal with the identifier used for access authentication of the terminal;
the information query unit is specifically configured to, when receiving an identifier, used for access authentication, of a terminal sent by the ASR, acquire an AID of the terminal to be queried by the ASR, send the received identifier, used for access authentication, of the terminal to the home IIS of the terminal, query the AID of the terminal, and receive a corresponding AID, returned by the home IIS of the terminal, queried according to the identifier, used for access authentication, of the terminal.
And the information inquiry unit is further used for judging whether the terminal belongs to the local network or not according to the identifier used for access authentication of the terminal before inquiring the AID of the terminal from the attribution IIS of the terminal, determining the attribution IIS of the terminal when the terminal does not belong to the local network, and inquiring the AID of the terminal from the attribution IIS.
And the information inquiry unit is also used for inquiring the corresponding AID from the data storage unit according to the received identifier for the access authentication of the terminal after receiving the identifier for the access authentication of the terminal sent by the other identity information server, and returning the inquired AID to the corresponding identity information server.
As shown in fig. 12, this embodiment also provides an identity location register, including: the device comprises an information interaction unit, a data storage unit and an information updating unit, wherein:
the information interaction unit is used for establishing the interconnection between ILRs in the network;
the data storage unit is used for receiving and storing an AID and an RID of the terminal sent by a visited place service ASR of the terminal when the terminal is in roaming access, wherein the AID is obtained by the visited place service ASR through inquiry from a visited place IIS; the RID is distributed to the terminal by the visited place service ASR after inquiring the AID;
and the information updating unit is used for sending the AID and the RID of the terminal to the attributive ILR of the terminal through the information interaction unit so that the attributive ILR stores the corresponding relation between the AID and the RID of the terminal.
The information updating unit is further used for judging whether the terminal belongs to the local network or not according to the AID of the terminal and the preconfigured information before sending the AID and the RID of the terminal to the attribution ILR of the terminal, and judging the attribution network of the terminal if the terminal does not belong to the local network; or judging whether the terminal belongs to the local network according to the identifier used for access authentication of the terminal which sends AID and RID simultaneously by the visit place service ASR, and if not, judging the home network of the terminal.
The data storage unit is also used for receiving the RID redistributed by the target ASR switched by the terminal to the terminal after the ASR is switched by the terminal;
and the information updating unit is also used for updating the RID redistributed by the target ASR for the terminal to the home ILR of the terminal after the terminal does not belong to the local network and the home network of the terminal is determined.
And the information updating unit is also used for sending the AID of the terminal to the home ILR of the terminal when the terminal quits the network or releases the IP address, and informing the home ILR to delete the RID of the terminal.
It will be apparent to those skilled in the art that the modules or steps of the present invention described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and alternatively, they may be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, or they may be separately fabricated into various integrated circuit modules, or multiple modules or steps thereof may be fabricated into a single integrated circuit module. Thus, the present invention is not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (22)
1. A method for acquiring an access identifier of a terminal comprises the following steps:
an Identity Information Server (IIS) is arranged in a network, an Access Identifier (AID) of a terminal in the network is initially stored in the IIS, and mutual connection between the IIS is established;
when the terminal is accessed from the visited place network in a roaming way, when a visited place IIS inquires the AID of the terminal in a visited place service Access Service Router (ASR) of the terminal, the AID of the terminal is inquired from the attribution IIS of the terminal;
and the visit place IIS receives the AID of the terminal inquired and returned by the attribution IIS of the terminal.
2. The method of claim 1, wherein:
the identifier used for access authentication of the terminal is also initially stored in the IIS, and the AID of the terminal is associated with the identifier used for access authentication of the terminal;
when receiving an identifier used for access authentication of a terminal sent by the visited place service ASR, the visited place IIS learns that the visited place service ASR inquires the AID of the terminal;
the visit place IIS sends the received identifier used for access authentication of the terminal to the home IIS of the terminal, and inquires the AID of the terminal;
and the visit place IIS receives the corresponding AID returned by the home location IIS of the terminal and inquired according to the identifier used for access authentication of the terminal.
3. The method of claim 2, further comprising:
before inquiring the AID of the terminal to the home IIS of the terminal, the visit IIS judges whether the terminal belongs to a local network according to the identifier used for access authentication of the terminal, determines the home IIS of the terminal when the terminal does not belong to the local network, and inquires the AID of the terminal to the home IIS.
4. The method of claim 1, wherein:
the IISs are directly connected with each other or connected with each other through one or more border gateways;
and when the IISs are connected through the one or more border gateways, the border gateways between the IISs complete the interaction between the IISs according to the identifier used for access authentication of the terminal.
5. The method of claim 1, wherein:
the IISs interact with each other based on RADIUS (remote authentication dial in user service) messages or Diameter messages.
6. The method of claim 1, wherein:
in a Long Term Evolution (LTE) network, a packet data network gateway (P-GW) is taken as an ASR; the IIS is deployed on an authentication, authorization and accounting (AAA) server connected with the P-GW, and the AAA servers in the network are all connected with each other; or the IIS is deployed on a Mobility Management Entity (MME) connected with the P-GW, and the MME in the network are connected with each other; or,
in a third generation mobile communication (3G) network, a gateway general packet radio service support node (GGSN) is used as ASR; the IIS is deployed on an AAA server connected with the GGSN, and the AAA servers in the network are all connected with each other; or the IIS is deployed on a Home Location Register (HLR) connected with the GGSN, and the HLRs in the network are connected with each other; or, the IIS is deployed on a Home Subscriber Server (HSS) connected with the GGSN, and the HSS in the network are connected with each other; or,
in a fixed network, a Broadband Remote Access Server (BRAS) is used as an ASR, an IIS is deployed on an AAA server connected with the BRAS, and all AAA servers in the network are connected with each other.
7. A method of preserving access identities of terminals, comprising:
establishing interconnection between Identity Location Registers (ILRs) in a network;
when a terminal is accessed from a visited place network in a roaming way, a visited place ILR receives an Access Identifier (AID) and a Routing Identifier (RID) of the terminal, which are sent by a visited place service ASR of the terminal, wherein the AID is obtained by the visited place service ASR through inquiring from a visited place Identity Information Server (IIS); the RID is distributed to the terminal by the visit place service ASR after inquiring the AID;
and the visit location ILR sends the AID and the RID of the terminal to the home ILR of the terminal, so that the home ILR stores the corresponding relation between the AID and the RID of the terminal.
8. The method of claim 7, further comprising:
before the AID and the RID of the terminal are sent to the home ILR of the terminal by the visitor location ILR, whether the terminal belongs to a local network is judged according to the AID of the terminal and pre-configured information, and if the terminal does not belong to the local network, the home network of the terminal is judged; or judging whether the terminal belongs to the local network according to the identifier used for access authentication of the terminal which is sent by the ASR in the visit area service and simultaneously sends the AID and the RID, and if not, judging the home network of the terminal.
9. The method of claim 7, further comprising:
the ILRs are directly connected or connected through one or more border gateways;
and when the ILRs are connected through the one or more border gateways, the border gateways between the ILRs complete interaction between the ILRs according to the AIDs of the terminals or the identifiers used by the terminals for access authentication.
10. The method of claim 7, further comprising:
after the visit location ILR switches the ASR, receiving a target ASR switched by the terminal as the RID redistributed by the terminal;
and after the terminal does not belong to the local network and the home network of the terminal is determined, the visited ILR updates the RID redistributed by the target ASR for the terminal to the home ILR of the terminal.
11. The method of claim 7, further comprising:
when a communication opposite terminal (CN) of the terminal sends a data message to the terminal, and when an ILR in a network where the CN is located inquires the position information of the terminal in a service ASR of the CN, if the corresponding relation of AID-RID of the terminal is not stored locally, the AID of the terminal is sent to an attributive ILR of the terminal so as to inquire the RID of the terminal;
and the ILR in the network where the CN is positioned receives the RID of the terminal, which is locally inquired and returned by the home ILR of the terminal according to the AID.
12. The method of claim 7, further comprising:
and when the terminal quits the network or releases the IP address, the visit location ILR sends the AID of the terminal to the home ILR of the terminal and informs the home ILR to delete the RID of the terminal.
13. The method of claim 7, wherein:
the ILRs interact with each other based on RADIUS (remote authentication dial in user service) messages or Diameter messages.
14. The method of claim 7, wherein:
in a Long Term Evolution (LTE) network, a packet data network gateway (P-GW) is used as an ASR, an ILR is deployed on an authentication, authorization and accounting (AAA) server connected with the P-GW, and the AAA servers in the network are all connected with each other; or, the ILR is deployed on a Mobility Management Entity (MME) connected with the P-GW, and the MME in the network are connected with each other; or,
in a third generation mobile communication (3G) network, taking a gateway general packet radio service support node (GGSN) as an ASR, deploying ILR on an AAA server connected with the GGSN, and connecting the AAA servers in the network with each other; or the ILR is deployed on a Home Location Register (HLR) connected with the GGSN, and the HLRs in the network are connected with each other; or, the ILR is deployed on a Home Subscriber Server (HSS) connected with the GGSN, and the HSS in the network are connected with each other; or,
in a fixed network, a Broadband Remote Access Server (BRAS) is used as an ASR, an ILR is deployed on an AAA server connected to the BRAS, and the AAA servers in the network are all connected to each other.
15. An identity information server comprising: the system comprises a data storage unit, an information interaction unit and an information inquiry unit, wherein:
the data storage unit is used for initially storing an Access Identifier (AID) of a terminal in the network;
the information interaction unit is used for establishing the mutual connection between the Identity Information Servers (IIS);
the information inquiry unit is used for inquiring the AID of the terminal from the attribution IIS of the terminal through the information interaction unit when a visited place service Access Service Router (ASR) of the terminal inquires the AID of the terminal when the terminal is in roaming access, and receiving the AID of the terminal inquired and returned by the attribution IIS of the terminal.
16. The identity information server of claim 15, wherein:
the data storage unit is further used for initially storing an identifier used for access authentication of the terminal and associating the AID of the terminal with the identifier used for access authentication of the terminal;
the information query unit is specifically configured to, when receiving an identifier, used for access authentication, of a terminal sent by the ASR, learn that the ASR needs to query the AID of the terminal, send the received identifier, used for access authentication, of the terminal to the home IIS of the terminal, query the AID of the terminal, and receive a corresponding AID, returned by the home IIS of the terminal, queried according to the identifier, used for access authentication, of the terminal.
17. The identity information server of claim 16, wherein:
the information inquiry unit is further configured to, before inquiring the AID of the terminal for the home IIS of the terminal, determine whether the terminal belongs to a local network according to an identifier used for access authentication of the terminal, determine the home IIS of the terminal when the terminal does not belong to the local network, and inquire the AID of the terminal for the home IIS.
18. The identity information server of claim 16, wherein:
the information inquiry unit is further configured to, after receiving an identifier used for access authentication by the terminal and sent by another identity information server, inquire the corresponding AID from the data storage unit according to the received identifier used for access authentication by the terminal, and return the inquired AID to the corresponding identity information server.
19. An identity location register comprising: the device comprises an information interaction unit, a data storage unit and an information updating unit, wherein:
the information interaction unit is used for establishing the interconnection between Identity Location Registers (ILRs) in the network;
the data storage unit is used for receiving and storing an Access Identifier (AID) and a Routing Identifier (RID) of the terminal, which are sent by a visited place service ASR of the terminal when the terminal is accessed in a roaming way, wherein the AID is obtained by the visited place service ASR through inquiring from a visited place Identity Information Server (IIS); the RID is distributed to the terminal by the visit place service ASR after inquiring the AID;
and the information updating unit is used for sending the AID and the RID of the terminal to the attribution ILR of the terminal through the information interaction unit so that the attribution ILR stores the corresponding relation between the AID and the RID of the terminal.
20. The identity location register of claim 19, wherein:
the information updating unit is further configured to, before the AID and the RID of the terminal are sent to the home ILR of the terminal, determine whether the terminal belongs to a local network according to the AID of the terminal and preconfigured information, and if not, determine that the terminal belongs to the local network; or judging whether the terminal belongs to the local network according to the identifier used for access authentication of the terminal which is sent by the ASR in the visit area service and simultaneously sends the AID and the RID, and if not, judging the home network of the terminal.
21. The identity location register of claim 19, wherein:
the data storage unit is also used for receiving the target ASR switched by the terminal as the RID redistributed by the terminal after the ASR is switched by the terminal;
and the information updating unit is also used for updating the RID redistributed by the target ASR for the terminal to the home ILR of the terminal after the terminal does not belong to the local network and the home network of the terminal is determined.
22. The identity location register of claim 19, wherein:
and the information updating unit is further configured to send the AID of the terminal to the home ILR of the terminal when the terminal quits the network or releases the IP address, and notify the home ILR to delete the RID of the terminal.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210305447.0A CN103634776B (en) | 2012-08-24 | 2012-08-24 | A kind of method and identity information server of the access mark obtaining terminal |
| PCT/CN2013/079257 WO2013178138A1 (en) | 2012-08-24 | 2013-07-12 | Method and identity information server for obtaining access identifier of terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210305447.0A CN103634776B (en) | 2012-08-24 | 2012-08-24 | A kind of method and identity information server of the access mark obtaining terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103634776A true CN103634776A (en) | 2014-03-12 |
| CN103634776B CN103634776B (en) | 2019-01-04 |
Family
ID=49672463
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210305447.0A Active CN103634776B (en) | 2012-08-24 | 2012-08-24 | A kind of method and identity information server of the access mark obtaining terminal |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103634776B (en) |
| WO (1) | WO2013178138A1 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020057585A1 (en) * | 2018-09-21 | 2020-03-26 | 新华三技术有限公司 | Access authentication |
| WO2024183350A1 (en) * | 2023-03-03 | 2024-09-12 | 华为技术有限公司 | Billing method and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1925691A (en) * | 2006-09-30 | 2007-03-07 | 华为技术有限公司 | Method and system for realizing international nomadism call |
| CN102026164A (en) * | 2009-09-17 | 2011-04-20 | 中兴通讯股份有限公司 | Method and system for acquiring ID (Identity) of terminal user |
| CN102045692A (en) * | 2009-10-26 | 2011-05-04 | 中兴通讯股份有限公司 | Communication network realized by network architecture based on separation of control surfaces and media surface |
| EP2469962A1 (en) * | 2009-09-25 | 2012-06-27 | ZTE Corporation | Methods and systems for implementing inter-network roam, querying and attaching network |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102546847B (en) * | 2010-12-30 | 2015-10-28 | 中兴通讯股份有限公司 | Information processing method, name server and couple in router |
-
2012
- 2012-08-24 CN CN201210305447.0A patent/CN103634776B/en active Active
-
2013
- 2013-07-12 WO PCT/CN2013/079257 patent/WO2013178138A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1925691A (en) * | 2006-09-30 | 2007-03-07 | 华为技术有限公司 | Method and system for realizing international nomadism call |
| CN102026164A (en) * | 2009-09-17 | 2011-04-20 | 中兴通讯股份有限公司 | Method and system for acquiring ID (Identity) of terminal user |
| EP2469962A1 (en) * | 2009-09-25 | 2012-06-27 | ZTE Corporation | Methods and systems for implementing inter-network roam, querying and attaching network |
| CN102045692A (en) * | 2009-10-26 | 2011-05-04 | 中兴通讯股份有限公司 | Communication network realized by network architecture based on separation of control surfaces and media surface |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020057585A1 (en) * | 2018-09-21 | 2020-03-26 | 新华三技术有限公司 | Access authentication |
| US11743258B2 (en) | 2018-09-21 | 2023-08-29 | New H3C Technologies Co., Ltd. | Access authenticating |
| WO2024183350A1 (en) * | 2023-03-03 | 2024-09-12 | 华为技术有限公司 | Billing method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103634776B (en) | 2019-01-04 |
| WO2013178138A1 (en) | 2013-12-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106790732B (en) | Address translation method, device and system, and network identification control method and device | |
| CN102196402B (en) | The method and system of terminals in wireless communication systems switching | |
| US9143483B2 (en) | Method for anonymous communication, method for registration, method and system for transmitting and receiving information | |
| JP5506934B2 (en) | Network and backbone network and network components based on ID / locator separation architecture | |
| CN101123536B (en) | Method for managing integrated network locations | |
| EP1901567B2 (en) | Method and server for address management in packet network | |
| CN101064936B (en) | Method and system for accessing home zone of roaming users | |
| KR20100073842A (en) | System and method for supporting network mobility based id-location separation | |
| WO2011050678A1 (en) | Communication network implemented based on control-plane-and-medium-plane-splitting network architecture | |
| JP5427952B2 (en) | Method and system for realizing roaming between networks | |
| US9485799B2 (en) | Method to connect a mobile node to a network | |
| WO2009082979A1 (en) | A method for allocating network addresses, network and network node thereof | |
| WO2011050724A1 (en) | System for implementing mobile communication based on wideband code division multiple access (wcdma) core network and user equipment access method | |
| EP2479932A1 (en) | Method and system for allocating position identifier and transmitting message | |
| CN103634776B (en) | A kind of method and identity information server of the access mark obtaining terminal | |
| CN102573013B (en) | Data transmission method by adopting multiple access modes and access device | |
| WO2011050679A1 (en) | Communication network and terminal access method implemented based on wimax network framework | |
| WO2010045818A1 (en) | Method, apparatus and system for mobile node location management | |
| WO2012103755A1 (en) | Method and system for obtaining a terminal id | |
| CN105612774A (en) | Proximity service control method, device and system | |
| KR101529175B1 (en) | Method and system for managing mobility in non-encapsulation packet transmission | |
| CN102572999B (en) | A kind of method and system of data message route | |
| CN103108307A (en) | Location updating method, access service router and identity location mapping register | |
| JP6078683B1 (en) | Mobile communication system control method, mobile communication system, and proxy server | |
| CN102572773B (en) | A kind of position information processing method and location server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20201223 Address after: 215163 8 Jinfeng Road, science and Technology City, Suzhou high tech Zone, Jiangsu Patentee after: Suzhou Medical Device Industry Development Co.,Ltd. Address before: 518057 Ministry of justice, Zhongxing building, South Science and technology road, Nanshan District hi tech Industrial Park, Shenzhen, Guangdong Patentee before: ZTE Corp. |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A method for obtaining access identification of terminal and identity information server Effective date of registration: 20211209 Granted publication date: 20190104 Pledgee: Suzhou jinhesheng Holding Co.,Ltd. Pledgor: Suzhou Medical Device Industry Development Co.,Ltd. Registration number: Y2021320010540 |
|
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20140312 Assignee: Suzhou jinhesheng Holding Co.,Ltd. Assignor: Suzhou Medical Device Industry Development Co.,Ltd. Contract record no.: X2021320010049 Denomination of invention: A method for obtaining access identification of terminal and identity information server Granted publication date: 20190104 License type: Exclusive License Record date: 20211209 |
|
| EE01 | Entry into force of recordation of patent licensing contract | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 215163 8 Jinfeng Road, science and Technology City, Suzhou high tech Zone, Jiangsu Patentee after: Suzhou Medical Device Industry Development Group Co.,Ltd. Address before: 215163 8 Jinfeng Road, science and Technology City, Suzhou high tech Zone, Jiangsu Patentee before: Suzhou Medical Device Industry Development Co.,Ltd. |
|
| PM01 | Change of the registration of the contract for pledge of patent right | ||
| PM01 | Change of the registration of the contract for pledge of patent right |
Change date: 20230801 Registration number: Y2021320010540 Pledgor after: Suzhou Medical Device Industry Development Group Co.,Ltd. Pledgor before: Suzhou Medical Device Industry Development Co.,Ltd. |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20230804 Granted publication date: 20190104 Pledgee: Suzhou jinhesheng Holding Co.,Ltd. Pledgor: Suzhou Medical Device Industry Development Group Co.,Ltd. Registration number: Y2021320010540 |
|
| EM01 | Change of recordation of patent licensing contract | ||
| EM01 | Change of recordation of patent licensing contract |
Change date: 20230824 Contract record no.: X2021320010049 Assignor after: Suzhou Medical Device Industry Development Group Co.,Ltd. Assignor before: Suzhou Medical Device Industry Development Co.,Ltd. |
|
| EC01 | Cancellation of recordation of patent licensing contract | ||
| EC01 | Cancellation of recordation of patent licensing contract |
Assignee: Suzhou jinhesheng Holding Co.,Ltd. Assignor: Suzhou Medical Device Industry Development Group Co.,Ltd. Contract record no.: X2021320010049 Date of cancellation: 20230830 |