CN105681268A - Data transmission method and device - Google Patents
Data transmission method and device Download PDFInfo
- Publication number
- CN105681268A CN105681268A CN201410677400.6A CN201410677400A CN105681268A CN 105681268 A CN105681268 A CN 105681268A CN 201410677400 A CN201410677400 A CN 201410677400A CN 105681268 A CN105681268 A CN 105681268A
- Authority
- CN
- China
- Prior art keywords
- user equipment
- address
- lgw
- mode
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a data transmission method and device. The data transmission method comprises: according to authentication information of user equipment, a local area network gateway (LGW) allocates an IP address to the user equipment, and stores the correlation of the IP address, area networks which the IP address may access, and a manner in which a secure connection is established with access network gateways of the area networks; by means of a secure tunnel, the LGW transmits data between the user equipment and an area network corresponding to the IP address of the user equipment, wherein the secure tunnel is established according to the manner in which the secure connection is established. According to the data transmission method and device provided by the invention, a problem, not taken into consideration in the related art, that different users access different area networks is solved, and different users access different area networks according to allocated IP addresses.
Description
Technical field
The present invention relates to the communications field, specifically, it relates to a kind of data transferring method and device.
Background technology
LTE proposes heterogeneous network (HeterogeneousNetwork, referred to as HN) concept, thus some new technologies of evolution, this technology is also carried out special research by 3GPP (3rdGenerationPartnershipProject: third generation collaborative project), the local IP of such as local traffic exchange accesses (LocalIPAccess, referred to as LIPA), and data distribution (SIPTO:SelectedIPTrafficOffload, optional IP service distributing) etc., data service that is local or low value is directly exchanged, it is diverted to Internet, instead of send back to core net forwarding again, avoid the impact of business to core net of a large amount of low value.
LIPA proposes based on family's level base station (HomeeNodeB, referred to as HeNB) network, and its core concept is directly just shunted away from HeNB by the communication data of local network, thus alleviates load and the transmission cost of core network. LIPA technology can be evolved into the concept of regional network further, namely at a limited regional deployment local wireless network, wireless network user accesses local area network resources after certification, Internet resource can also be accessed, accessing local network does not need charging or charging in addition, user can not change terminal access enterprise Intranet, it is only necessary to changes an access node title (AccessPointName, referred to as APN).
User terminal (UserEquipment, referred to as UE) is all the IP data based on standard, after mobile subscriber is linked into this earth mat of region, it is necessary to strict restriction authority. As a HeNB shares in many companies, company A user definitely can not access B company network, and with reason, B company personnel can not access company A network. In addition in a company, common employee can not access the responsive departments such as finance, and only advanced authorization user could access, and for some clients that comes to visit temporarily, is meeting under client's primary demand prerequisite, it is necessary to limit the accessible resource of client as far as possible.
Contriver finds, intra-zone cable network networking is complicated, it is necessary to isolation internal user, different user is divided in different regional networks, such as, it is divided into different virtual home network (VirtualLocalAreaNetwork, referred to as VLAN).But, do not consider the problem of different user access different zones net in the related.
Summary of the invention
The present invention provides a kind of data transferring method and device, at least to solve the problem not considering different user access different zones net in correlation technique.
According to an aspect of the present invention, provide a kind of data transferring method, comprise: this area area network gateway LGW is described user equipment allocation IP address according to the configuration information received, and preserve described IP address and regional network that described IP address can be accessed and the connecting network gateway with described regional network set up the corresponding relation of mode of secure connection; Described LGW carries out data transmission by safe tunnel between the described regional network that the IP address of described user equipment and described user equipment is corresponding, and wherein, described safe tunnel sets up according to the mode setting up described secure connection.
Further, before described LGW preserves described corresponding relation, described method also comprises: the certification information being used for user equipment described in certification is forwarded to certificate server by described LGW; Described LGW receives the described configuration information that described certificate server returns, wherein, the information returned described in comprises: the regional network that can access for access IP address and the described IP address of described user equipment allocation and the connecting network gateway with described regional network set up the mode of secure connection.
Further, before the certification information being used for user equipment described in certification is forwarded to certificate server by described LGW, described method also comprises: described LGW receives the described certification information from core net, wherein, described certification information inputs after being described user equipment selected zone net access point title.
Further, the mode connected with the connecting network gateway of described regional network comprise following one of at least: IPSec mode, SSL mode, TLS mode.
Further, described method also comprises: described LGW receives described user equipment not in the notice of service range; Described LGW deletes described corresponding relation.
According to a further aspect in the invention, provide a kind of data transport unit, it is applied to this area area network gateway LGW, comprise: distribution module, for being described user equipment allocation IP address according to the configuration information that receives, and preserve described IP address and regional network that described IP address can be accessed and the connecting network gateway with described regional network set up the corresponding relation of mode of secure connection; Data transmitting module, for carrying out data transmission by safe tunnel between the described regional network that the IP address of described user equipment and described user equipment is corresponding, wherein, described safe tunnel sets up according to the mode setting up described secure connection.
Further, described device also comprises: forwarding module, for forwarding the described configuration being used for user equipment described in certification to certificate server; First receiver module, for receiving the information that described certificate server returns, wherein, the information returned described in comprises: the regional network that can access for access IP address and the described IP address of described user equipment allocation and the connecting network gateway with described regional network set up the mode of secure connection.
Further, described device also comprises: the 2nd receiver module, and for receiving the described certification information from core net, wherein, described certification information inputs after being described user equipment selected zone net access point title.
Further, the mode connected with the connecting network gateway of described regional network comprise following one of at least: IPSec mode, SSL mode, TLS mode.
Further, described device also comprises: the 3rd receiver module, for receiving described user equipment not in the notice of service range; Removing module, for deleting described corresponding relation.
Pass through the present invention, adopt this area area network gateway LGW to be described user equipment allocation IP address according to the configuration information received, and preserve described IP address and regional network that described IP address can be accessed and the connecting network gateway with described regional network set up the corresponding relation of mode of secure connection; Described LGW carries out data transmission by safe tunnel between the described regional network that the IP address of described user equipment and described user equipment is corresponding, wherein, described safe tunnel sets up according to the mode setting up described secure connection, solving the problem not considering different user access different zones net in correlation technique, different user accesses different regional networks according to the IP address of distribution.
Accompanying drawing explanation
Accompanying drawing described herein is used to provide a further understanding of the present invention, forms the part of the application, and the schematic description and description of the present invention, for explaining the present invention, does not form inappropriate limitation of the present invention. In the accompanying drawings:
Fig. 1 is the schema of data transferring method according to embodiments of the present invention;
Fig. 2 is the block diagram of data transport unit according to embodiments of the present invention;
Fig. 3 is the block diagram one of data transport unit according to the preferred embodiment of the invention;
Fig. 4 is the block diagram two of data transport unit according to the preferred embodiment of the invention;
Fig. 5 is the block diagram three of data transport unit according to the preferred embodiment of the invention;
Fig. 6 is regional network networking schematic diagram according to embodiments of the present invention;
Fig. 7 is the schematic diagram that UE according to embodiments of the present invention accesses regional network.
Embodiment
Hereinafter with reference to accompanying drawing and come the present invention is described in detail in conjunction with the embodiments. It should be noted that, when not conflicting, the embodiment in the application and the feature in embodiment can combine mutually.
Providing a kind of data transferring method in the present embodiment, Fig. 1 is the schema of data transferring method according to embodiments of the present invention, and as shown in Figure 1, this flow process comprises the steps:
Step S102, this area area network gateway LGW is this user equipment allocation IP address according to the configuration information received, and preserves this IP address and regional network that this IP address can be accessed and the connecting network gateway with this regional network set up the corresponding relation of mode of secure connection;
Step S104, LGW carry out data transmission by safe tunnel between this regional network that the IP address of this user equipment and this user equipment is corresponding, and wherein, this safe tunnel sets up according to the mode setting up this secure connection.
Pass through above-mentioned steps, between the regional network that the IP address of user equipment and this user equipment is corresponding, data transmission is carried out by safe tunnel, such that it is able to the regional network can accessed according to IP address and this IP address and the connecting network gateway with this regional network set up the access rights of the corresponding relation control user equipment of the mode of secure connection, solving the problem not considering different user access different zones net in correlation technique, different user accesses different regional networks according to the IP address of distribution.
In order to safer, this configuration information can send after authentication is complete, the certification of user equipment can there be is multiple mode, such as, and in an optional enforcement mode, before LGW preserves this corresponding relation, the certification information being used for this user equipment of certification can also be forwarded to certificate server by this LGW;This LGW receives this configuration information that this certificate server returns, wherein, this information returned comprises: the regional network that can access for access IP address and this IP address of this user equipment allocation and the connecting network gateway with this regional network set up the mode of secure connection.
Before the certification information being used for this user equipment of certification is forwarded to certificate server by LGW, this LGW can also receive this certification information from core net, and wherein, this certification information inputs after being this user equipment selected zone net access point title.
The mode connected with the connecting network gateway of regional network can have a variety of, in an optional embodiment, the mode connected with the connecting network gateway of this regional network can comprise following one of at least: IPSec mode, SSL mode, TLS mode.
In an optional embodiment, user equipment is not when service range, and LGW receives this user equipment not in the notice of service range, and deletes this corresponding relation, releases resource, has saved storage area.
The embodiment of the present invention additionally provides a kind of data transport unit, is applied to this area area network gateway LGW, and this device is used for realizing above-described embodiment and preferred implementation, has carried out repeating no more of explanation. As used below, term " module " can realize the software of predetermined function and/or the combination of hardware. Although the device described by following examples realizes with software goodly, but hardware, or the realization of the combination of software and hardware is also possible and is conceived.
Fig. 2 is the block diagram of data transport unit according to embodiments of the present invention, as shown in Figure 2, comprising: distribution module 22 and data transmitting module 24, carry out brief description to each module below.
Distribution module 22, for being this user equipment allocation IP address according to the configuration information that receives, and preserves this IP address and regional network that this IP address can be accessed and the connecting network gateway with this regional network set up the corresponding relation of mode of secure connection;
Data transmitting module 24, for carrying out data transmission by safe tunnel between this regional network that the IP address of this user equipment and this user equipment is corresponding, wherein, this safe tunnel sets up according to the mode setting up this secure connection.
Fig. 3 is the block diagram one of data transport unit according to the preferred embodiment of the invention, and as shown in Figure 3, this device also comprises:
Forwarding module 32, for forwarding to certificate server by the certification information being used for this user equipment of certification;
First receiver module 34, for receiving this configuration information that this certificate server returns, wherein, this information returned comprises: the regional network that can access for access IP address and this IP address of this user equipment allocation and the connecting network gateway with this regional network set up the mode of secure connection.
Fig. 4 is the block diagram two of data transport unit according to the preferred embodiment of the invention, and as shown in Figure 4, this device also comprises:
2nd receiver module 42, for receiving this certification information from core net, wherein, this certification information inputs after being this user equipment selected zone net access point title.
In an optional embodiment, it is possible to one of at least determine the mode that the connecting network gateway with this regional network connects by following: IPSec mode, SSL mode, TLS mode.
Fig. 5 is the block diagram three of data transport unit according to the preferred embodiment of the invention, and as shown in Figure 5, this device also comprises:
3rd receiver module 52, for receiving this user equipment not in the notice of service range;
Removing module 54, for deleting this corresponding relation.
Below in conjunction with optional embodiment, the embodiment of the present invention is further described.
LIPA introduces a local gateway (LocalGateway, referred to as LGW) network logic node, do again after HeNB convergence to LGW shunting process, in practical application, LGW and HeNB can be same physical entity, it is possible to thinks independent physical entity.
User accesses regional network, and user selects access regional network APN on UE, inputs user name password, and the user authentication information of regional network is forwarded to certificate server certification by core net to LGW, LGW.
User's authentication, LGW is at regional network On-premise, and the certificate server of access LGW is also in regional network. UE requested data is sent to certificate server by LGW, authentication protocol is generally the Radius agreement (but being not limited to Radius agreement) of standard, the certification information identity that LGW is sent to certificate server uniquely identifies (Identity, referred to as UEID), it is generally Global Subscriber identification card (UniversalSubscriberIdentityModule, referred to as USIM) international mobile subscriber identity (InternationalMobileSubscriberIdentificationNumber, referred to as IMSI) number, or mobile phone number, UE accesses the user name of APN, password etc.
Access right assignment, after certificate server receives authentication request, returns to the information that UE and LGW plans in advance, returns user and accesses User IP, the access gateway IP of local network, accesses authority, authentication mode, encryption algorithm etc.
Access gateway processes, regional network access gateway needs the message to access to do filtration treatment, for responsive access region, the strong authentication of recommendation and encrypt treatment. As set up IP safety (IPSecurity between LGW and access gateway, referred to as IPSec) tunnel or SSL/transport layer safety (SecureSocketsLayer/TransportLayerSecurity, referred to as SSL/TLS) etc., in IPSec tunnel, only message (IP of stated limit, agreement, port) the ability access region net of specified range, all the other messages directly abandon.
User's UE accessing local network, UE access region network, LGW, when forwarding data, first inquires about gateway IP corresponding to UE accessing local network, access authority, authentication mode and encryption algorithm etc. If setting up IPSec tunnel between what IPSec mode, LGW and certificate server distributed access gateway, if all the other secure accessing modes (such as SSL/TLS), LGW sets up corresponding secure connection according between agreement and access gateway. Message UE being sent to regional network, LGW encryption is sent to access gateway, and access gateway forwards to inner network after deciphering again. For the message of regional network to UE, forward after access gateway encrypts after deciphering to LGW, LGW, forward to the UE of correspondence according to the IP of UE.
Releasing resource, when UE switches or leaves base station, the UE retained before LGW synchronization removal and safe tunnel mapping table.
For some large office building, the company that each floor may have many scales less, because floor space is little, these companies can share the base station small station of Femto rank (major part be all), so it may be that public side such as infrastructure management company provides that the network of indoor is disposed. The shared network of many companies that infrastructure management company provides, then need to isolate the access rights of different company, as company A employee can not access the network of B company, can not access the network of company A with the employee of reason B company.
Infrastructure management company is when disposing HeNB and LGW, it may be considered that set up safe tunnel between the gateway of LGW and different company, and different corporate user is by safe tunnel visited company Intranet.
For certain large-lot producer, department is more, and each user of some exploitation departments of public sector can access, but similar treasurer's department then can only limit some senior user could be accessed. LGW can with the access server negotiation rules of different department, such as access publicity data, directly expressly access is not encrypted; Access finance wait other responsive department, it is necessary to do authenticated encryption process between LGW and access gateway.
Fig. 6 is regional network networking schematic diagram according to embodiments of the present invention, as shown in Figure 6, regional network is at a limited regional deployment local wireless network, can be different companies, or the network of different floor, user accesses regional network inside not to be needed to change UE, does not need base station change frequency range, it is only necessary to the APN of amendment access yet.
Regional network needs core net to support the functions such as local exchange, regional network certificate server is placed in regional network, the access authority of UE, IP, access gateway, authentication mode, encryption algorithm etc. are all distributed by regional network certificate server, recommend different company or different floor to use different access gateway isolation.
Fig. 7 is the schematic diagram that UE according to embodiments of the present invention accesses regional network, and as shown in Figure 7, UE selected zone net APN, after user's input authentication information, the user authentication information of regional network is forwarded to certificate server certification by core net to LGW, LGW.
Access authentication of user comprises the following steps:
S702, LGW is sent to certificate server verify data, and certificate server authenticated information, after certification is passed through, distribute the access IP of UE, access authority and authentication mode, mainly comprise the User IP of UE, access the information such as gateway, authentication mode, encryption algorithm;
User IP is distributed to corresponding UE after receiving certification information by S704, LGW, the IP of preservation corresponding UE, and the authentication mode distributed according to certificate server, encryption algorithm etc. set up secure connection with access gateway;
S706, LGW receive the data that UE is sent to regional network, the corresponding relation in UE and IP that inquiry preserves and safe tunnel, if needing encryption, then according to the secret key consulted, data encryption being sent to access gateway, access gateway deciphers message, is sent to inner network; If there being regional network built-in message to be sent to UE, access gateway, according to the secret key encryption message consulted, is sent to LGW, and LGW forwards to different UEs according to IP after deciphering;
S708, if passing mutually with UE data under LGW, then directly forwards at LGW, it is not necessary to authenticated encryption processes. If UE switches, leave base station, or fall electricity etc., base station detect out UE do not notify after service range LGW delete before corresponding UE and, IP corresponding relation, also remove the tunnel set up in advance and connect;
S710, UE accessing local network.
LGW in this optional embodiment needs the following functions realized, it is necessary to explanation, following function can be realized by different modules.
Certification function, LGW needs encapsulation certification information message to certificate server, completes the certification function of UE access.
Secure connection function, LGW needs the connection setting up safety between access gateway, ensures that user data reliably transmits.
UE and IP, safe tunnel mapping list, LGW needs the mapping relation preserving IP corresponding to each access regional network UE and safe tunnel, the data of UE is sent in the safe tunnel consulted, issues corresponding access gateway.When reception zone net is to the data packet of UE, data packet deciphering is forwarded to the UE of correspondence.
Obviously, the technician of this area should be understood that, each module of above-mentioned the present invention or each step can realize with general calculating device, they can concentrate on single calculating device, or it is distributed on network that multiple calculating device forms, can selection of land, they can realize with the program code that calculating device can perform, thus, they can be stored and perform by calculating device in the storage device, and in some cases, can to be different from the step shown or described by the execution of order herein, or they are made into respectively each integrated circuit modules, or the multiple module in them or step are made into single integrated circuit module realize. like this, the present invention does not limit and combines in any specific hardware and software.
The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations. Within the spirit and principles in the present invention all, any amendment of doing, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. a data transferring method, it is characterised in that, comprising:
This area area network gateway LGW is described user equipment allocation IP address according to the configuration information received, and preserves described IP address and regional network that described IP address can be accessed and the connecting network gateway with described regional network set up the corresponding relation of mode of secure connection;
Described LGW carries out data transmission by safe tunnel between the described regional network that the IP address of described user equipment and described user equipment is corresponding, and wherein, described safe tunnel sets up according to the mode setting up described secure connection.
2. method according to claim 1, it is characterised in that, before described LGW preserves described corresponding relation, described method also comprises:
The certification information being used for user equipment described in certification is forwarded to certificate server by described LGW;
Described LGW receives the described configuration information that described certificate server returns, wherein, the information returned described in comprises: the regional network that can access for access IP address and the described IP address of described user equipment allocation and the connecting network gateway with described regional network set up the mode of secure connection.
3. method according to claim 2, it is characterised in that, before the certification information being used for user equipment described in certification is forwarded to certificate server by described LGW, described method also comprises:
Described LGW receives the described certification information from core net, and wherein, described certification information inputs after being described user equipment selected zone net access point title.
4. according to the method in any one of claims 1 to 3, it is characterised in that, the mode connected with the connecting network gateway of described regional network comprise following one of at least:
IPSec mode, SSL mode, TLS mode.
5. according to the method in any one of claims 1 to 3, it is characterised in that, described method also comprises:
Described LGW receives described user equipment not in the notice of service range;
Described LGW deletes described corresponding relation.
6. a data transport unit, it is characterised in that, it is applied to this area area network gateway LGW, comprising:
Distribution module, for being described user equipment allocation IP address according to the configuration information that receives, and preserve described IP address and regional network that described IP address can be accessed and the connecting network gateway with described regional network set up the corresponding relation of mode of secure connection;
Data transmitting module, for carrying out data transmission by safe tunnel between the described regional network that the IP address of described user equipment and described user equipment is corresponding, wherein, described safe tunnel sets up according to the mode setting up described secure connection.
7. device according to claim 6, it is characterised in that, described device also comprises:
Forwarding module, for forwarding to certificate server by the certification information being used for user equipment described in certification;
First receiver module, for receiving the described configuration information that described certificate server returns, wherein, the information returned described in comprises: the regional network that can access for access IP address and the described IP address of described user equipment allocation and the connecting network gateway with described regional network set up the mode of secure connection.
8. device according to claim 7, it is characterised in that, described device also comprises:
2nd receiver module, for receiving the described certification information from core net, wherein, described certification information inputs after being described user equipment selected zone net access point title.
9. device according to any one of claim 6 to 8, it is characterised in that, the mode connected with the connecting network gateway of described regional network comprise following one of at least:
IPSec mode, SSL mode, TLS mode.
10. device according to any one of claim 6 to 8, it is characterised in that, described device also comprises:
3rd receiver module, for receiving described user equipment not in the notice of service range;
Removing module, for deleting described corresponding relation.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410677400.6A CN105681268B (en) | 2014-11-21 | 2014-11-21 | Data transferring method and device |
| PCT/CN2015/079517 WO2016078375A1 (en) | 2014-11-21 | 2015-05-21 | Data transmission method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410677400.6A CN105681268B (en) | 2014-11-21 | 2014-11-21 | Data transferring method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105681268A true CN105681268A (en) | 2016-06-15 |
| CN105681268B CN105681268B (en) | 2019-09-24 |
Family
ID=56013215
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410677400.6A Active CN105681268B (en) | 2014-11-21 | 2014-11-21 | Data transferring method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105681268B (en) |
| WO (1) | WO2016078375A1 (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106792688A (en) * | 2016-12-15 | 2017-05-31 | 中磊电子(苏州)有限公司 | For the method for network traffics route |
| CN106982427A (en) * | 2017-04-14 | 2017-07-25 | 北京佰才邦技术有限公司 | Connect method for building up and device |
| CN108076162A (en) * | 2016-11-18 | 2018-05-25 | 中兴通讯股份有限公司 | A kind of mobile terminal networking methods and device |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116055220B (en) * | 2023-03-20 | 2023-08-01 | 睿至科技集团有限公司 | Internet of things terminal safety protection management and control method and system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101483606A (en) * | 2009-02-26 | 2009-07-15 | 中国网络通信集团公司 | Internal data switch control method for home gateway and home gateway therefor |
| CN102098237A (en) * | 2011-01-27 | 2011-06-15 | 大唐移动通信设备有限公司 | Gateway equipment, method for using gateway equipment and information transmission method and equipment |
| WO2011053040A3 (en) * | 2009-11-02 | 2011-10-27 | Lg Electronics Inc. | Nat traversal for local ip access |
| CN102256329A (en) * | 2010-05-19 | 2011-11-23 | 中兴通讯股份有限公司 | Path selection method and device |
| CN102396250A (en) * | 2009-04-17 | 2012-03-28 | 松下电器产业株式会社 | Apparatus for management of local ip access in segmented mobile communication system |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101286919B (en) * | 2007-04-11 | 2010-11-10 | 杭州华三通信技术有限公司 | Method and device for implementing inter-access between virtual private networks by conversion of network addresses |
| CN101448264A (en) * | 2008-12-22 | 2009-06-03 | 杭州华三通信技术有限公司 | Access control method and system of access subscribers |
| CN102056141B (en) * | 2009-11-04 | 2013-11-06 | 中兴通讯股份有限公司 | System and method for realizing local access |
| CN102457931B (en) * | 2010-10-22 | 2016-06-29 | 中兴通讯股份有限公司 | A kind of data route control method and system |
| CN102833682B (en) * | 2011-06-14 | 2018-04-27 | 中兴通讯股份有限公司 | Information acquisition method, apparatus and system |
-
2014
- 2014-11-21 CN CN201410677400.6A patent/CN105681268B/en active Active
-
2015
- 2015-05-21 WO PCT/CN2015/079517 patent/WO2016078375A1/en active Application Filing
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101483606A (en) * | 2009-02-26 | 2009-07-15 | 中国网络通信集团公司 | Internal data switch control method for home gateway and home gateway therefor |
| CN102396250A (en) * | 2009-04-17 | 2012-03-28 | 松下电器产业株式会社 | Apparatus for management of local ip access in segmented mobile communication system |
| WO2011053040A3 (en) * | 2009-11-02 | 2011-10-27 | Lg Electronics Inc. | Nat traversal for local ip access |
| CN102256329A (en) * | 2010-05-19 | 2011-11-23 | 中兴通讯股份有限公司 | Path selection method and device |
| CN102098237A (en) * | 2011-01-27 | 2011-06-15 | 大唐移动通信设备有限公司 | Gateway equipment, method for using gateway equipment and information transmission method and equipment |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108076162A (en) * | 2016-11-18 | 2018-05-25 | 中兴通讯股份有限公司 | A kind of mobile terminal networking methods and device |
| CN108076162B (en) * | 2016-11-18 | 2021-07-16 | 中兴通讯股份有限公司 | Mobile terminal networking method and device |
| CN106792688A (en) * | 2016-12-15 | 2017-05-31 | 中磊电子(苏州)有限公司 | For the method for network traffics route |
| CN106982427A (en) * | 2017-04-14 | 2017-07-25 | 北京佰才邦技术有限公司 | Connect method for building up and device |
| WO2018188482A1 (en) * | 2017-04-14 | 2018-10-18 | 北京佰才邦技术有限公司 | Connection establishment method and apparatus |
| CN106982427B (en) * | 2017-04-14 | 2020-08-18 | 北京佰才邦技术有限公司 | Connection establishment method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2016078375A1 (en) | 2016-05-26 |
| CN105681268B (en) | 2019-09-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111131258B (en) | Safe private network architecture system based on 5G network slice | |
| KR102315881B1 (en) | Mutual authentication between user equipment and an evolved packet core | |
| US9197639B2 (en) | Method for sharing data of device in M2M communication and system therefor | |
| KR102332020B1 (en) | Communication method and communication device | |
| EP2823595B1 (en) | Method, apparatuses, and computer-readable storage medium for securely accessing social networking data | |
| CN102111766B (en) | Network accessing method, device and system | |
| US20090300357A1 (en) | Method for personal network management across multiple operators | |
| CN106465101B (en) | System and method for wireless network access protection and security architecture | |
| CN109964453A (en) | Unified security framework | |
| CN107615732A (en) | Session is received to virtual network service | |
| CN114846764A (en) | Method, apparatus and system for updating anchor keys in a communication network for encrypted communication with service applications | |
| US11038761B2 (en) | Group isolation in wireless networks | |
| US20200107190A1 (en) | Terminal information transfer method and relevant products | |
| CN116546491A (en) | Method, device and system for anchor key generation and management for encrypted communication with a service application in a communication network | |
| CN105681268A (en) | Data transmission method and device | |
| CN105681267B (en) | Data transferring method and device | |
| WO2022174399A1 (en) | User equipment authentication and authorization procedure for edge data network | |
| EP1980083B1 (en) | Method for personal network management across multiple operators | |
| WO2008148348A1 (en) | Communication method, system, and home bs | |
| EP3968590B1 (en) | Communication network component and method | |
| WO2024062373A1 (en) | Registration handling of ledger-based identity | |
| CN117641358A (en) | Communication method and communication device | |
| CN118160338A (en) | Secure information push for service applications in a communication network | |
| CN118573385A (en) | Communication method and communication device | |
| CN105656861A (en) | Data transmission method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20190717 Address after: 210012 Nanjing, Yuhuatai District, South Street, Bauhinia Road, No. 68 Applicant after: Nanjing Zhongxing Software Co., Ltd. Address before: 518057 Nanshan District science and technology, Guangdong Province, South Road, No. 55, No. Applicant before: ZTE Corporation |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |