CN109561430A - A kind of implementation method and equipment of public network user access private network - Google Patents
A kind of implementation method and equipment of public network user access private network Download PDFInfo
- Publication number
- CN109561430A CN109561430A CN201710884782.3A CN201710884782A CN109561430A CN 109561430 A CN109561430 A CN 109561430A CN 201710884782 A CN201710884782 A CN 201710884782A CN 109561430 A CN109561430 A CN 109561430A
- Authority
- CN
- China
- Prior art keywords
- network
- public network
- element device
- authentication
- user terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/10—Mapping addresses of different types
- H04L61/106—Mapping addresses of different types across networks, e.g. mapping telephone numbers to data network addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1073—Registration or de-registration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1101—Session protocols
- H04L65/1104—Session initiation protocol [SIP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
Abstract
The present invention relates to mobile communication technology fields, more particularly to a kind of implementation method and equipment of public network user access private network, wherein, method provided by the invention can be applied in the first network element device in private network core net, it specifically includes: receiving the access request for the identification information comprising public network user terminal that the public network user terminal in private network coverage area is sent by private network base station, it is being based on pre-stored public network user information, determine that public network user terminal passes through after access authentication, the second network element device into public network core net sends the authentication request for carrying identification information, the authentication request is used to indicate the second network element device and authenticates to public network user terminal, and the second network element device is being received after the authentication success response sent after authenticating successfully, by private network base station to public network user terminal send authentication at Function response.In such manner, it is possible to make public network user in the case where being changed without SIM card, access private network and carry out normal communication.
Description
Technical field
The implementation method of private network is accessed the present invention relates to mobile communication technology field more particularly to a kind of public network user and is set
It is standby.
Background technique
With fourth generation mobile communication technology (4th Generation Mobile Communication
Technology, 4G) the continuous maturation of network disposed special using advanced communication mechanism under 4G network in some enterprises
4G wireless network, i.e. 4G private network are come functions such as the wireless communications of realizing enterprises.Wherein, so-called private network be relative to public network and
Speech, public network refers to the public wireless communication network of telecom operators' operation, and private network is then the self-built wireless network of certain enterprises
Network is generally deployed in the region that public network does not cover, such as the wireless communication system that industrial and mining enterprises establish in mine or tunnel.
In the prior art, private network user need to use the specific subscriber identification card of private network under 4G private network environment
(Subscriber Identity Module, SIM card), Lai Shixian in 4G private network overlay area with its under 4G private network environment
Its private network user communicates.And for using in the public network user for the SIM card that public network is opened an account, it is covered in 4G private network
When in region, since 4G private network base station and public network base station use identical wireless communication mechanism, therefore 4G private network base station can be received
The access request of public network user is simultaneously reported to private network network side, but since private network network side equipment cannot know public network user
The information such as identity information and authentication key, therefore private network network side can not determine whether public network user has legal identity, in turn
Public network user is forbidden to access 4G private network.Therefore, when public network user switches in private network coverage area in by public network coverage area
When, it also needs for SIM card to be changed to the specific SIM card of private network, and also need to change the terminal customized specifically for private network sometimes and set
It is standby.
It can be seen that the problem of public network user can not access 4G private network exists in the prior art.
Summary of the invention
The implementation method of private network is accessed the present invention relates to mobile communication technology field more particularly to a kind of public network user and is set
It is standby, to solve the problems, such as that public network user existing in the prior art can not access 4G private network.
Specific technical solution provided in an embodiment of the present invention is as follows:
In a first aspect, a kind of implementation method of public network user access private network, comprising:
The first network element device in private network core net receives the public network user terminal in private network coverage area and passes through specially
The access request that base station is sent is netted, includes the identification information of the public network user terminal in the access request;
First network element device is based on pre-stored public network user information, accesses to the public network user terminal
Certification, and after determining that access authentication passes through, the second network element device transmission into public network core net carries the identity mark
Know the authentication request of information, the authentication request is used to indicate second network element device and is based on the pre-stored and identity
The corresponding user authentication information of identification information authenticates the public network user terminal;
First network element device receives the authentication success response that second network element device is sent after authenticating successfully, and
The authentication success response is sent to the public network user terminal by the private network base station.
Optionally, first network element device is based on pre-stored public network user information, to the public network user terminal
Carry out access authentication, comprising:
First network element device is if it is determined that local be previously stored with public network user corresponding with the identification information
Information, it is determined that the public network user terminal passes through access authentication.
Optionally, second network element device transmission of first network element device into public network core net carries the identity
The authentication request of identification information, comprising:
The private network base station that first network element device will carry in the access request that the private network base station is sent
Address information replace with preset address information, using replace address information after access request as the authentication request;
First network element device is by the standard protocol interface reached an agreement in advance with second network element device, to the public affairs
The second network element device in net core net sends the authentication request.
Optionally, the address information of the private network base station is being replaced with preset address information by first network element device
Before, the method also includes:
The mapping that first network element device establishes the address information of the identification information and the private network base station is closed
System;
First network element device sends described authenticate to the public network user terminal by the private network base station and successfully rings
It answers, comprising:
First network element device obtains the identification information carried in the authentication success response;
The mapping relations of first network element device based on foundation obtain institute corresponding with the identification information
State the address information of private network base station;
First network element device is according to the address information of the private network base station of acquisition, by the private network base station to institute
It states public network user terminal and sends the authentication success response.
Second aspect, a kind of implementation method of public network user access private network, comprising:
The second network element device in public network core net receives the authentication that the first network element device in private network core net is sent and asks
It asks;Wherein, the identification information comprising the public network user terminal in private network coverage area in the authentication request, and institute
State authentication request be first network element device based on pre-stored public network user information to the public network user terminal into
Row access authentication, and determine and sent after access authentication passes through;
Second network element device is based on pre-stored user authentication information corresponding with the identification information, right
The public network user terminal is authenticated;And after authenticating successfully, the first network element device of Xiang Suoshu sends authentication success response.
The third aspect, a kind of realization equipment of public network user access private network, comprising:
Receiving unit is connect for receiving the public network user terminal being in private network coverage area by what private network base station was sent
Enter request, includes the identification information of the public network user terminal in the access request;
First processing units connect the public network user terminal for being based on pre-stored public network user information
Enter certification, and after determining that access authentication passes through, the second network element device transmission into public network core net carries the identity
The authentication request of identification information, the authentication request are used to indicate second network element device and are based on the pre-stored and body
The corresponding user authentication information of part identification information, authenticates the public network user terminal;
The second processing unit, the authentication success response sent after authenticating successfully for receiving second network element device,
And the authentication success response is sent to the public network user terminal by the private network base station.
Optionally, it is based on pre-stored public network user information, when carrying out access authentication to the public network user terminal, institute
First processing units are stated to be used for:
If it is determined that local be previously stored with public network user information corresponding with the identification information, it is determined that the public affairs
Network users terminal passes through access authentication.
Optionally, the authentication that the second network element device transmission into public network core net carries the identification information is asked
When asking, the first processing units are used for:
The address information of the private network base station carried in the access request of private network base station transmission is replaced with
Preset address information, using the access request after replacement address information as the authentication request;
By the standard protocol interface reached an agreement in advance with second network element device, in Xiang Suoshu public network core net second
Network element device sends the authentication request.
Optionally, the equipment further includes establishing unit, and the unit of establishing is for by the address of the private network base station
Before information replaces with preset address information, following operation is executed:
Establish the mapping relations of the address information of the identification information and the private network base station;
When sending the authentication success response to the public network user terminal by the private network base station, the second processing
Unit is used for:
Obtain the identification information carried in the authentication success response;
The mapping relations based on foundation obtain the address of the private network base station corresponding with the identification information
Information;
According to the address information of the private network base station of acquisition, sent out by the private network base station to the public network user terminal
Send the authentication success response.
Fourth aspect, a kind of realization equipment of public network user access private network, comprising:
Receiving unit, for receiving the authentication request of the transmission of the first network element device in private network core net;Wherein, the mirror
Identification information comprising the public network user terminal in private network coverage area in power request, and the authentication request is institute
It states the first network element device and access authentication is being carried out to the public network user terminal based on pre-stored public network user information, and really
Determine to send after access authentication passes through;
Authenticating unit, for being based on pre-stored user authentication information corresponding with the identification information, to institute
Public network user terminal is stated to be authenticated;And after authenticating successfully, the first network element device of Xiang Suoshu sends authentication success response.
5th aspect, a kind of electronic equipment, comprising: one or more processors;And it is one or more computer-readable
Medium is stored on the readable medium for realizing the program of public network user access private network, wherein described program is by described one
When a or multiple processors execute, the step of realizing method as described in any one of second aspect.
6th aspect, one or more computer-readable mediums are stored on the readable medium for realizing public network use
The program of family access private network, wherein when described program is executed by one or more processors, so that processor executes such as second party
Method described in any one of face.
7th aspect, a kind of electronic equipment, comprising: one or more processors;And it is one or more computer-readable
Medium is stored on the readable medium for realizing the program of public network user access private network, wherein described program is by described one
When a or multiple processors execute, the step of realizing method as described in the third aspect.
Eighth aspect, one or more computer-readable mediums are stored on the readable medium for realizing public network use
The program of family access private network, wherein when described program is executed by one or more processors, so that processor executes such as third party
Method described in face.
The embodiment of the present invention has the beneficial effect that: by being stored in advance in the first network element device in private network core net
Public network user information is asked in the public network user terminal received in private network coverage area by the access that private network base station is sent
After asking, can public network user information according to the pre-stored data, to the public network user terminal carry out access authentication.Further, exist
Determine access authentication success after, the identification information of the public network user terminal can be reported in public network core net second
Network element device is based on pre-stored user authentication information corresponding with the identification information by the second network element device, right
The public network user terminal is authenticated.It can be seen that the completion pair in the first network element device of private network core net in the present invention
The access authentication of the public network user terminal is completed in the second network element device of public network core net to the public network user terminal
Authentication and notify can to make private network to first network element device to complete the access to the public network user terminal authenticating result
And authentication, and then public network user can be reached in the case where being changed without SIM card, access private network and carry out the mesh of normal communication
's.
Detailed description of the invention
Fig. 1 interacts signal between private network side provided in an embodiment of the present invention network element device and public network side network element device
Figure;
Fig. 2 is the signal for the different function that base station proxy module is realized in private network and public network in the embodiment of the present invention
Figure;
Fig. 3 is the flow chart for the implementation method that a kind of public network user provided in an embodiment of the present invention accesses private network;
Fig. 4 is that public network user terminal provided in an embodiment of the present invention completes the schematic diagram of a scenario for networking and authenticating;
Fig. 5 is the schematic diagram one that a kind of public network user provided in the embodiment of the present invention accesses the realization equipment of private network;
Fig. 6 is the schematic diagram two that a kind of public network user provided in the embodiment of the present invention accesses the realization equipment of private network.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with attached drawing to the present invention make into
It is described in detail to one step, it is clear that described embodiments are only a part of the embodiments of the present invention, rather than whole implementation
Example.Based on the embodiments of the present invention, obtained by those of ordinary skill in the art without making creative efforts
All other embodiment, shall fall within the protection scope of the present invention.
The problems in 4G private network can not be accessed in order to solve public network user existing in the prior art, the invention proposes one
The implementation method and equipment of kind public network user access private network can make the public network user end for being equipped with the SIM card opened an account in public network
End, can not only use in public network, can also use inside private network in the case where being changed without SIM card.Wherein, to reality
Existing public network user terminal uses inside private network, then public network user terminal in private network firstly the need of completing to access and authentication
Process.So in the embodiment of the present invention, by evolved packet core to private network LTE system (Evolved Packet Core,
EPC) the first network element device in network improves, and the first network element device can be made to complete whole to the public network user of request access
End is authenticated, and is improved by the second network element device in the EPC network to public network LTE system, private network EPC may be implemented
The docking of network and public network EPC network, and then the public network to request access is completed by the second network element device in public network EPC network
User terminal is authenticated, to make public network user terminal be successfully registered in private network and use.
It should be noted that in the description of the embodiment of the present invention, the vocabulary such as " first ", " second " are only used for distinguishing and retouch
The purpose stated, is not understood to indicate or imply relative importance, can not be interpreted as indication or suggestion sequence.
The preferred embodiment of the present invention is described in detail with reference to the accompanying drawing.
Firstly, shown in referring to Fig.1, be private network side provided in an embodiment of the present invention network element device and public network side network element device it
Between interaction schematic diagram.
Private network EPC network side includes the first network element device, and public network EPC network side includes the second network element device, and private network IP is more
Media subsystem (IP Multimedia Subsystem, IMS) network side includes third network element device, public network IMS network side packet
Include the 4th network element device.
In the following, first to the second network element device in the first network element device in private network EPC network side and public network EPC network side
Interactive process be specifically introduced.
First network element device can be used for: the public network user terminal received in private network coverage area is sent out by private network base station
The access request sent includes the identification information of public network user terminal in the access request;It is used based on pre-stored public network
Family information carries out access authentication to public network user terminal;And after determining that access authentication passes through, taken to the transmission of the second network element device
Authentication request with the identification information;After the authentication success response for receiving the transmission of the second network element device, pass through
Private network base station sends authentication success response to public network user terminal.
Second network element device can be used for: after receiving authentication request, be believed based on pre-stored with the identity
Corresponding user authentication information is ceased, public network user terminal is authenticated;And after authenticating successfully, sent to the first network element device
Authenticate success response.
In the embodiment of the present invention, first network element device may include first movement management entity (Mobile
Managenment Entity, MME), the first home signature user server (Home Subscriber Server, HSS) with
And base station proxy module etc.;Second network element device may include the 2nd MME, the 2nd HSS etc..
It can be interacted between first MME and the first HSS, realize the access of the public network user terminal to request access private network
Certification.Specifically, the first MME in the first network element device can be used for request the identity mark of the public network user terminal of access private network
Know information etc. and be reported to the first HSS, the specified public network user information for allowing to access private network can be stored in advance in the first HSS, use
Access authentication is carried out in the public network user terminal to request access private network.Wherein, the identification information of public network user terminal can
International mobile subscriber identity (the International Mobile stored in the SIM card used for public network user terminal
Subscriber Identity, IMSI) information etc..
Base station proxy module is mainly used for through the standard protocol interface open with the agreement of public network EPC network side, realize with
The communication of second network element device of public network EPC network side.It can be deployed in the first MME, also can be used as individual net in EPC network
Element device does not influence the realization of its function.
Specifically, it can refer to shown in Fig. 2, illustrate the different function that base station proxy module is realized in private network and public network
Energy.
It, can be by multiple base station maps of Enterprise Special Network to same base station, i.e. base station proxy module, base station for private network
The source address information carried in information that different private network base stations are sent is replaced with the address information of itself by proxy module, and to replace
For address information after changing as source address information, the second network element device into public network sends information.Also, believe in replacement address
Before breath, base station proxy module can establish the mapping of the identification information of public network user terminal and the address information of private network base station
Relationship, so that the response message for feeding back the second network element device passes through the private network base with the public network user terminal with mapping relations
Station is sent to the public network user terminal.Wherein, the mapping relations of foundation concretely the IMSI information of public network user terminal and specially
Net the mapping relations between Internet protocol address (Internet Protocol Address, IP address) information of base station.
For public network, which can be considered after open standard protocol interface, with the second network element device
A public network base station for establishing communication connection, for the relevant information of public network user terminal to be reported to the second network element device.Its
In, standard protocol interface open between the first network element device and the second network element device can be S1 interface here, and the second network element is set
The standby communication connection established with base station proxy module can be Flow Control Transmission Protocol (Stream Control Transmission
Protocol, SCTP) link, certainly, when it is implemented, can also open other standard protocol interfaces according to actual needs, or build
It is communicated to connect under vertical differing transmission protocols, the present invention does not limit this.
Specifically, base station proxy module can obtain the authentication result information interacted between the first MEE and the first HSS,
And after determining that public network user terminal access authentication passes through, by the private network base station carried in access request that private network base station is sent
Address information replaces with the address information of itself, using the access request behind replacement address as authentication request, passes through open S1
Interface and communication connection based on foundation is sent to the second network element device, is completed by the second network element device to public network user with realizing
The authentication of terminal.
Base station proxy module after receiving the second network element device to the success of public network user terminal authentication the authentication that sends at
After function response, it can be closed according to the mapping of the address information of the identification information and private network base station of the public network user terminal of foundation
System authenticates the destination address information carried in success response and is replaced with and the identity mark by the address information of base station proxy module
Know the address information of the corresponding private network base station of information, and the authentication success response of address after replacement is sent to private network base station, into
And the public network user terminal is transmitted to by private network base station.
With continued reference to shown in Fig. 1, the 4th net of third network element device and public network IMS network side to private network IMS network side
The interactive process of element device is introduced.
For the intercommunication for realizing communication service between private network and public network, in the embodiment of the present invention, the third of private network IMS network side
It can be docked by standard protocol interface SIP interface between network element device and the 4th network element device of public network IMS network side.
Public network user terminal can further pass through private network base station and the first network element device after being successfully accessed to private network
IMS network registration request is sent to third network element device.Correspondingly, third network element device successfully infuses the public network user terminal
After volume is into the IMS network of private network side, can also it pass through session initiation protocol (Session Initiation Protocol, SIP)
Interface sends IMS network registration request to the 4th network element device, so that the 4th network element device is successful by the public network user terminal
It is registered in the IMS network of public network side.In this way, public network user terminal is when in the private network coverage area, not only can with it is special
Other public network users in net coverage area carry out the business such as voice communication, can also access public network IMS by private network IMS network
Network, and then the communication services such as voice communication are carried out with other public network user terminals in public network coverage area.On also,
State public network user terminal by private network IMS network access public network IMS network process, perceived for user side less than,
Without carrying out additional operation, the internetwork roaming that just may be implemented in public network and private network uses public network user terminal.
Based on the above-mentioned introduction to the interactive process between private network side network element device and the network element device of public network side, the present invention is real
It applies example and additionally provides a kind of implementation method of public network user access private network, specific method flow chart can refer to shown in Fig. 3, including with
Lower step:
Step 301: it is whole that the first network element device in private network core net receives the public network user in private network coverage area
The access request sent by private network base station is held, the identity comprising the public network user terminal is believed in the access request
Breath.
Wherein, the public network user terminal in private network coverage area can be received by the first MME in the first network element device
By the access request for the identification information for carrying public network user terminal that private network base station is sent, and access request is reported
To the first HSS in the first network element device, access authentication is carried out to public network user terminal by the first HSS.Wherein, in the first HSS
In the specified public network user information for allowing to access private network can be stored in advance.
Step 302: first network element device is based on pre-stored public network user information, to the public network user terminal
Access authentication is carried out, and after determining that access authentication passes through, the second network element device into public network core net, which is sent, to be carried
State the authentication request of identification information.
Wherein, pre-stored public network user information can be based on by the first HSS, access is carried out to public network user terminal and is recognized
Card.Wherein, however, it is determined that local to be previously stored with public network user information corresponding with the identification information, it is determined that public network is used
Family terminal is by access authentication, on the contrary, however, it is determined that local that public network use corresponding with the identification information is not stored in advance
Family information, it is determined that public network user terminal is not over access authentication.First HSS can pass through after carrying out access authentication
One MME sends authentication result information to base station proxy module, and authentication result information is used to indicate with the identification information
Public network user terminal whether pass through access authentication.
Further, base station proxy module can determine whether public network user terminal passes through access according to authentication result information
Certification.And after determining that access authentication passes through, the second network element device transmission into public network core net carries the identity mark
Know the authentication request of information.
Here, it is contemplated that the information such as the authentication key of public network user terminal can not be known in private network, it can not be to public network user
Terminal is authenticated, therefore in the embodiment of the present invention, it can be assisted by open standard between the first network element device and the second network element device
Interface S1 interface is discussed, realization private network EPC network is docked with public network EPC network, and then by the second network element in public network EPC network
Equipment completes the authentication to public network user terminal.
Wherein, second network element device of the base station proxy module into public network core net, which is sent, carries the identification information
Authentication request, specifically can include: the institute that base station proxy module will carry in the access request that the private network base station is sent
The address information for stating private network base station replaces with preset address information, using the access request after replacement address information as the mirror
Power request, and the standard protocol interface by reaching an agreement in advance with second network element device, the in Xiang Suoshu public network core net
Two network element devices send the authentication request.
Also, base station proxy module is before replacing with preset address information for the address information of the private network base station,
The mapping relations that the address information of the identification information and the private network base station can also be established, are receiving in order to subsequent
After the relevant information for carrying the identification information that second network element device is sent, by having with the identification information
The private network base station of mapping relations sends relevant information to the public network user terminal with the identification information.
Step 303: second network element device is based on pre-stored user's mirror corresponding with the identification information
Information is weighed, the public network user terminal is authenticated;And after authenticating successfully, the first network element device of Xiang Suoshu send authentication at
Function response.
Specifically, what the receivable base station proxy module of the 2nd MME in the second network element device was sent carries the identity
The authentication request of identification information, and received authentication request is transmitted to the 2nd HSS.Due to the 2nd HSS in public network EPC network
It is previously stored with the user authentication information of public network user, therefore the 2nd HSS can be based on the pre-stored and identification information
Corresponding user authentication information authenticates public network user terminal, and can be after the authentication is passed, by the 2nd MME to
The base station proxy module of one network element device sends authentication success response.So far, the achievable authentication to public network user terminal.
In addition, the second network element device of public network EPC network side when sending authentication success response, can carry network authentication letter
Breath, so that public network user terminal can authenticate network side based on network authentication information after receiving authentication success response.
Here, specific network side and the authentication process of user side can refer to the prior art, not be specifically addressed in the present invention.
Step 304: first network element device receive authentication that second network element device is sent after authenticating successfully at
Function response, and the authentication success response is sent to the public network user terminal by the private network base station.
Specifically, the first network element device sends described authenticate successfully to the public network user terminal by the private network base station
Response, specifically can include: base station proxy module obtains the identification information carried in the authentication success response, and base
In the mapping relations of the address information of the identification information and the private network base station that pre-establish, obtain and the identity
The address information of the corresponding private network base station of identification information;And then the address information of the private network base station according to acquisition, lead to
It crosses the private network base station and sends the authentication success response to the public network user terminal.
It can be seen that being completed in the first network element device of private network core net to the public network user terminal in the present invention
Access authentication is completed in the second network element device of public network core net to the authentication of the public network user terminal and by authenticating result
Notify access and authentication that first network element device private network can complete to the public network user terminal, and then can
Reach public network user in the case where being changed without SIM card, access private network and carries out the purpose of normal communication.
In the following, providing a specific embodiment in conjunction with above-described embodiment and accessing 4G private network and authentication to public network user terminal
Etc. processes be described in detail, specifically can refer to schematic diagram of a scenario as shown in Figure 4:
Wherein, it is shown in figure 1.~9. indicate public network user terminal networking and authorizing procedure, specifically:
1. public network user terminal sends the access request for carrying IMSI to 4G private network base station.
2. the access request is transmitted to the first MME in private network EPC by 4G private network base station.
3. the IMSI of the public network user terminal is sent to the first HSS by the first MME in private network EPC, by the first HSS into
Row access authentication;
First HSS judges locally whether be previously stored with the IMSI of the public network user terminal, if so, notifying the first MME
Allow the public network user terminal to access private network, otherwise, notifies the first MME that the public network user terminal is not allowed to access private network;
First MME gives access authentication result notice to base station proxy module, and base station proxy module allows the public network in determination
After user terminal accesses private network, by open S1 interface, the 2nd MME into operator EPC sends the mirror for carrying IMSI
Power request.
Here it is to be noted that it base station proxy module is when sending authentication request, it can be by source IP address, i.e. 4G private network
The IP address information of base station is changed to the IP address of base station proxy module, so that the not direct access operator network of private network, reaches
Reduce the purpose of the security maintenance difficulty of private network equipment.Also, for the information sent in subsequently received operator EPC network
When, it can recognize that it is sent to public network user terminal via which 4G private network base station, can also receive 4G private network base station
After the access request of forwarding, the mapping relations of the IP address of IMSI and 4G the private network base station of public network user terminal are established.
4. twoth HSS of the 2nd MME into carrier network sends the IMSI of the public network user terminal.
5. the 2nd HSS is according to the user authentication information corresponding with the IMSI of the public network user terminal being locally stored, to this
Public network user terminal is authenticated, if authenticating successfully, carries network authentication information to the 2nd MME feedback and the public network is used
The authentication success response of the IMSI of family terminal.
6. the 2nd MME sends the authentication success response to base station proxy module;
Base station proxy module obtains the IMSI carried in authentication success response, and the IMSI based on foundation and 4G private network base station
IP address mapping relations, the IP address for obtaining corresponding with IMSI 4G private network base station passes through according to the IP address of acquisition
4G private network base station sends authentication success response to public network user terminal.
Wherein, public network user terminal can be completed based on the network authentication information carried in authentication success response to network side
Authentication.
So far, networking and authorizing procedure of the achievable public network user terminal after switching to private network by carrier network.
When public network user terminal by private network when switching back into carrier network, due to being completed in carrier network to the public network user
The authentication of terminal, therefore public network user terminal can be used directly in the operator network.
In addition, for the Generation Mobile Telecommunication System technology (2th for being able to use public network user terminal in carrier network
Generation Mobile Communication Technology, 2G) network and 3rd generation mobile communication technology (3th
Generation Mobile Communication Technology, 3G) network, it can also proceed as follows:
7. the 2nd MME in carrier network can also be by the related phase for realizing 2G, 3G communication of public network user terminal
Information registering is closed in mobile switching centre, operator (Mobile Switching Center, MSC).
8. operator MSC can send response of succeeding in registration to the 2nd MME after succeeding in registration.
9. the 2nd MME is succeeded in registration by private network base station proxy module and 4G private network base station to the return of public network user terminal
Response.
In addition, for the public network user terminal for being successfully accessed private network also IMS business can be initiated to the IMS network of private network
Register flow path, specifically include:
A, public network user terminal sends IMS network note to private network IMS network side by 4G private network base station and private network EPC
Volume request.
B, after private network IMS network side is in the IMS network that the public network user terminal is successfully registered to private network side, can pass through
Private network EPC and 4G private network base station sends response of succeeding in registration to the public network user terminal.
C, IMS network registration request can be transmitted in operator by private network IMS network side by open SIP interface
IMS network.
D, it after operator's IMS network side is completed to the registration of the public network user terminal, feeds back and registers to private network IMS network side
Success response.
Based on above content it is found that public network user terminal is not in the case where influencing normal communication, realize in private network and
Arbitrary switch in carrier network.Also, public network user terminal can also be realized and be runed even in private network coverage area
Public network user terminal in quotient's network communicates.
Based on the above embodiment, as shown in fig.5, in the embodiment of the present invention, a kind of public network user access private network is provided
It realizes equipment (e.g., the first network element device of private network core net), includes at least receiving unit 50, first processing units 51 and the
Two processing units 52, wherein
Receiving unit 50 is sent for receiving the public network user terminal being in private network coverage area by private network base station
Access request includes the identification information of the public network user terminal in the access request;
First processing units 51 carry out the public network user terminal for being based on pre-stored public network user information
Access authentication, and after determining that access authentication passes through, the second network element device transmission into public network core net carries the body
The authentication request of part identification information, the authentication request be used to indicate second network element device be based on it is pre-stored with it is described
The corresponding user authentication information of identification information authenticates the public network user terminal;
The second processing unit 52 is successfully rung for receiving the authentication that second network element device is sent after authenticating successfully
It answers, and the authentication success response is sent to the public network user terminal by the private network base station.
Optionally, it is based on pre-stored public network user information, when carrying out access authentication to the public network user terminal, institute
First processing units 51 are stated to be used for:
If it is determined that local be previously stored with public network user information corresponding with the identification information, it is determined that the public affairs
Network users terminal passes through access authentication.
Optionally, the authentication that the second network element device transmission into public network core net carries the identification information is asked
When asking, the first processing units 51 are used for:
The address information of the private network base station carried in the access request of private network base station transmission is replaced with
Preset address information, using the access request after replacement address information as the authentication request;
By the standard protocol interface reached an agreement in advance with second network element device, in Xiang Suoshu public network core net second
Network element device sends the authentication request.
Optionally, the equipment further includes establishing unit 53, and the unit 53 of establishing is for by the private network base station
Before address information replaces with preset address information, following operation is executed:
Establish the mapping relations of the address information of the identification information and the private network base station;
When sending the authentication success response to the public network user terminal by the private network base station, the second processing
Unit 52 is used for:
Obtain the identification information carried in the authentication success response;
The mapping relations based on foundation obtain the address of the private network base station corresponding with the identification information
Information;
According to the address information of the private network base station of acquisition, sent out by the private network base station to the public network user terminal
Send the authentication success response.
Based on the above embodiment, as shown in fig.6, in the embodiment of the present invention, a kind of public network user access private network is also provided
Realization equipment (e.g., the second network element device of public network core net), include at least receiving unit 60 and authenticating unit 61, wherein
Receiving unit 60, for receiving the authentication request of the transmission of the first network element device in private network core net;Wherein, described
Identification information comprising the public network user terminal in private network coverage area in authentication request, and the authentication request is
First network element device is carrying out access authentication to the public network user terminal based on pre-stored public network user information, and
It determines and sends after access authentication passes through;
Authenticating unit 61 is right for being based on pre-stored user authentication information corresponding with the identification information
The public network user terminal is authenticated;And after authenticating successfully, the first network element device of Xiang Suoshu sends authentication success response.
It should be understood by those skilled in the art that, the embodiment of the present invention can provide as method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention
Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the present invention, which can be used in one or more,
The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces
The form of product.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Although preferred embodiments of the present invention have been described, it is created once a person skilled in the art knows basic
Property concept, then additional changes and modifications may be made to these embodiments.So it includes excellent that the following claims are intended to be interpreted as
It selects embodiment and falls into all change and modification of the scope of the invention.
Obviously, those skilled in the art can carry out various modification and variations without departing from this hair to the embodiment of the present invention
The spirit and scope of bright embodiment.In this way, if these modifications and variations of the embodiment of the present invention belong to the claims in the present invention
And its within the scope of equivalent technologies, then the present invention is also intended to include these modifications and variations.
Claims (14)
1. a kind of implementation method of public network user access private network characterized by comprising
The first network element device in private network core net receives the public network user terminal in private network coverage area and passes through private network base
The access request that station is sent includes the identification information of the public network user terminal in the access request;
First network element device is based on pre-stored public network user information, carries out access to the public network user terminal and recognizes
Card, and after determining that access authentication passes through, the second network element device transmission into public network core net carries the identity
The authentication request of information, the authentication request are used to indicate second network element device and are based on the pre-stored and identity mark
Know the corresponding user authentication information of information, the public network user terminal is authenticated;
First network element device receives the authentication success response that second network element device is sent after authenticating successfully, and passes through
The private network base station sends the authentication success response to the public network user terminal.
2. the method as described in claim 1, which is characterized in that first network element device is based on pre-stored public network user
Information carries out access authentication to the public network user terminal, comprising:
First network element device if it is determined that local be previously stored with public network user information corresponding with the identification information,
Then determine that the public network user terminal passes through access authentication.
3. the method as described in claim 1, which is characterized in that second net of first network element device into public network core net
Element device sends the authentication request for carrying the identification information, comprising:
First network element device is by the ground of the private network base station carried in the access request that the private network base station is sent
Location information replaces with preset address information, using the access request after replacement address information as the authentication request;
First network element device passes through the standard protocol interface reached an agreement in advance with second network element device, Xiang Suoshu public network core
The second network element device in heart net sends the authentication request.
4. method as claimed in claim 3, which is characterized in that first network element device is by the address of the private network base station
Before information replaces with preset address information, the method also includes:
First network element device establishes the mapping relations of the address information of the identification information and the private network base station;
First network element device sends the authentication success response, packet to the public network user terminal by the private network base station
It includes:
First network element device obtains the identification information carried in the authentication success response;
The mapping relations of first network element device based on foundation obtain corresponding with the identification information described special
Net the address information of base station;
First network element device is according to the address information of the private network base station of acquisition, by the private network base station to the public affairs
Network users terminal sends the authentication success response.
5. a kind of implementation method of public network user access private network characterized by comprising
The second network element device in public network core net receives the authentication request that the first network element device in private network core net is sent;Its
In, the identification information comprising the public network user terminal in private network coverage area in the authentication request, and the mirror
Power request is that first network element device connects the public network user terminal based on pre-stored public network user information
Enter certification, and determines and sent after access authentication passes through;
Second network element device is based on pre-stored user authentication information corresponding with the identification information, to described
Public network user terminal is authenticated;And after authenticating successfully, the first network element device of Xiang Suoshu sends authentication success response.
6. a kind of realization equipment of public network user access private network characterized by comprising
Receiving unit is asked for receiving the public network user terminal being in private network coverage area by the access that private network base station is sent
It asks, includes the identification information of the public network user terminal in the access request;
First processing units carry out access to the public network user terminal and recognize for being based on pre-stored public network user information
Card, and after determining that access authentication passes through, the second network element device transmission into public network core net carries the identity
The authentication request of information, the authentication request are used to indicate second network element device and are based on the pre-stored and identity mark
Know the corresponding user authentication information of information, the public network user terminal is authenticated;
The second processing unit, the authentication success response sent after authenticating successfully for receiving second network element device, and lead to
It crosses the private network base station and sends the authentication success response to the public network user terminal.
7. equipment as claimed in claim 6, which is characterized in that pre-stored public network user information is based on, to the public network
When user terminal carries out access authentication, the first processing units are used for:
If it is determined that local be previously stored with public network user information corresponding with the identification information, it is determined that the public network is used
Family terminal passes through access authentication.
8. equipment as claimed in claim 6, which is characterized in that the second network element device transmission into public network core net carries
When the authentication request of the identification information, the first processing units are used for:
The address information of the private network base station carried in the access request of private network base station transmission is replaced with default
Address information, using replace address information after access request as the authentication request;
The second network element by the standard protocol interface reached an agreement in advance with second network element device, in Xiang Suoshu public network core net
Equipment sends the authentication request.
9. equipment as claimed in claim 8, which is characterized in that the equipment further includes establishing unit, described to establish unit use
The operation below executing before the address information of the private network base station is replaced with preset address information:
Establish the mapping relations of the address information of the identification information and the private network base station;
When sending the authentication success response to the public network user terminal by the private network base station, described the second processing unit
For:
Obtain the identification information carried in the authentication success response;
The mapping relations based on foundation obtain the address letter of the private network base station corresponding with the identification information
Breath;
According to the address information of the private network base station of acquisition, institute is sent to the public network user terminal by the private network base station
State authentication success response.
10. a kind of realization equipment of public network user access private network characterized by comprising
Receiving unit, for receiving the authentication request of the transmission of the first network element device in private network core net;Wherein, the authentication is asked
Seek the identification information comprising the public network user terminal in the private network coverage area, and the authentication request is described the
One network element device is carrying out access authentication to the public network user terminal based on pre-stored public network user information, and determination connects
Enter after certification passes through and sends;
Authenticating unit, for being based on pre-stored user authentication information corresponding with the identification information, to the public affairs
Network users terminal is authenticated;And after authenticating successfully, the first network element device of Xiang Suoshu sends authentication success response.
11. a kind of electronic equipment characterized by comprising one or more processors;And
One or more computer-readable mediums are stored on the readable medium for realizing the journey of public network user access private network
Sequence, wherein when described program is executed by one or more of processors, realize according to any one of claims 1 to 4
The step of method.
12. one or more computer-readable mediums, which is characterized in that be stored on the readable medium for realizing public network use
The program of family access private network, wherein when described program is executed by one or more processors, so that processor is executed as right is wanted
Method described in asking any one of 1 to 4.
13. a kind of electronic equipment characterized by comprising one or more processors;And
One or more computer-readable mediums are stored on the readable medium for realizing the journey of public network user access private network
Sequence, wherein when described program is executed by one or more of processors, the step of realizing method as claimed in claim 5.
14. one or more computer-readable mediums, which is characterized in that be stored on the readable medium for realizing public network use
The program of family access private network, wherein when described program is executed by one or more processors, so that processor is executed as right is wanted
Method described in asking 5.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710884782.3A CN109561430A (en) | 2017-09-26 | 2017-09-26 | A kind of implementation method and equipment of public network user access private network |
| PCT/CN2018/101519 WO2019062384A1 (en) | 2017-09-26 | 2018-08-21 | Method and device for public network user accessing private network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710884782.3A CN109561430A (en) | 2017-09-26 | 2017-09-26 | A kind of implementation method and equipment of public network user access private network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109561430A true CN109561430A (en) | 2019-04-02 |
Family
ID=65863113
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710884782.3A Pending CN109561430A (en) | 2017-09-26 | 2017-09-26 | A kind of implementation method and equipment of public network user access private network |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN109561430A (en) |
| WO (1) | WO2019062384A1 (en) |
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110557753A (en) * | 2019-08-13 | 2019-12-10 | 成都电科慧安科技有限公司 | DNS redirection method based on relay access |
| CN111163499A (en) * | 2019-11-29 | 2020-05-15 | 联通物联网有限责任公司 | Access method, device, electronic equipment and storage medium |
| CN111414645A (en) * | 2020-03-19 | 2020-07-14 | 中国电子科技集团公司第三十研究所 | Safe HSS/UDM design method and system for realizing privacy protection function |
| CN111464963A (en) * | 2020-04-01 | 2020-07-28 | 中国联合网络通信集团有限公司 | Registration method of card-free terminal and identity registration server |
| CN111465001A (en) * | 2020-04-01 | 2020-07-28 | 中国联合网络通信集团有限公司 | Registration method and device |
| CN111565435A (en) * | 2020-04-15 | 2020-08-21 | 中国联合网络通信集团有限公司 | Communication method and access network equipment |
| CN112333707A (en) * | 2019-07-16 | 2021-02-05 | 中国移动通信集团浙江有限公司 | Public and private network collaborative optimization method, device, equipment and computer storage medium |
| CN112423301A (en) * | 2020-11-02 | 2021-02-26 | 中国联合网络通信集团有限公司 | Private network registration management method and AMF network element |
| US20210112411A1 (en) * | 2019-10-10 | 2021-04-15 | Cisco Technology, Inc. | Multi-factor authentication in private mobile networks |
| CN113438647A (en) * | 2020-03-05 | 2021-09-24 | 大唐移动通信设备有限公司 | Method for accessing public network user to private network, call service processing method and equipment |
| CN113596837A (en) * | 2021-07-09 | 2021-11-02 | 长安大学 | Method and system for determining core network selection |
| CN113765874A (en) * | 2020-11-09 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Private network and dual-mode networking method based on 5G mobile communication technology |
| CN113993130A (en) * | 2021-10-29 | 2022-01-28 | 中国电信股份有限公司 | Terminal access control method, terminal and storage medium |
| CN114189853A (en) * | 2020-08-24 | 2022-03-15 | 海能达通信股份有限公司 | Communication control method and device of terminal and EPC |
| CN114339716A (en) * | 2020-09-29 | 2022-04-12 | 中国电信股份有限公司 | Subscription data transmission method, system and server |
| CN114339837A (en) * | 2021-12-31 | 2022-04-12 | 中国联合网络通信集团有限公司 | Private network access control method and device, electronic equipment and storage medium |
| CN114531279A (en) * | 2022-01-25 | 2022-05-24 | 中国联合网络通信集团有限公司 | Private network access method, server and storage medium |
| CN114584936A (en) * | 2020-11-30 | 2022-06-03 | 中国电信股份有限公司 | Method, system and storage medium for realizing short message intercommunication between private network terminal and public network terminal |
| CN114760674A (en) * | 2021-01-14 | 2022-07-15 | 南通大学 | Shipborne private network CPE design and communication method based on shipborne communication-in-motion antenna |
| CN114900794A (en) * | 2022-06-14 | 2022-08-12 | 中国联合网络通信集团有限公司 | Communication method, device, system and storage medium |
| CN115150830A (en) * | 2022-09-02 | 2022-10-04 | 北京首信科技股份有限公司 | Method and system for guaranteeing terminal public network access when 5G private network access authentication fails |
| WO2023000948A1 (en) * | 2021-07-19 | 2023-01-26 | 腾讯科技(深圳)有限公司 | Electronic sports data processing method and apparatus, and device and storage medium |
| CN116095663A (en) * | 2022-12-28 | 2023-05-09 | 中国电信股份有限公司卫星通信分公司 | Roaming service registration method, device and system |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111835875B (en) * | 2019-04-22 | 2022-12-30 | 普天信息技术有限公司 | Communication method and device for private network terminal and industry terminal |
| CN113647125B (en) * | 2019-09-23 | 2023-08-25 | Oppo广东移动通信有限公司 | Wireless communication method, terminal device and network device |
| CN111565432B (en) * | 2020-04-15 | 2021-12-07 | 中国联合网络通信集团有限公司 | Communication method and access network equipment |
| CN112187898B (en) * | 2020-09-18 | 2023-05-16 | 佳都科技集团股份有限公司 | Data access system, method and device based on public security network |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101043264A (en) * | 2007-04-17 | 2007-09-26 | 华为技术有限公司 | Method, mobile network and relay node for establishing mobile network tunnel |
| WO2011054777A2 (en) * | 2009-11-09 | 2011-05-12 | Skype Limited | Controlling communications |
| WO2011039784A9 (en) * | 2009-09-30 | 2011-08-11 | Vinjamuri Venkata Ravindra | A system and method for dual-mode authentication in hybrid networks |
| CN102368768A (en) * | 2011-10-12 | 2012-03-07 | 北京星网锐捷网络技术有限公司 | Identification method, equipment and system as well as identification server |
| CN102833846A (en) * | 2012-08-21 | 2012-12-19 | 大唐移动通信设备有限公司 | Method and device for realizing registration and service call of user equipment (UE) |
| CN105530185A (en) * | 2014-09-29 | 2016-04-27 | 优视科技有限公司 | Overlay routing network, routing method based on overlay routing network, and router |
| CN105636006A (en) * | 2015-12-24 | 2016-06-01 | 阳光凯讯(北京)科技有限公司 | 2G/3G core network interworking method and system in condition that terminal roams to 4G special network |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP5126258B2 (en) * | 2010-03-15 | 2013-01-23 | 日本電気株式会社 | ACCESS CONTROL SYSTEM, ACCESS CONTROL DEVICE, ACCESS CONTROL METHOD USED FOR THEM, AND PROGRAM THEREOF |
| CN102905254A (en) * | 2012-10-15 | 2013-01-30 | 西安大唐电信有限公司 | Method for using user equipment of mobile public network in mobile private network |
| CN107040495B (en) * | 2016-02-03 | 2021-07-13 | 重庆小目科技有限责任公司 | Multi-level combined identity authentication method applied to industrial communication and service |
-
2017
- 2017-09-26 CN CN201710884782.3A patent/CN109561430A/en active Pending
-
2018
- 2018-08-21 WO PCT/CN2018/101519 patent/WO2019062384A1/en active Application Filing
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101043264A (en) * | 2007-04-17 | 2007-09-26 | 华为技术有限公司 | Method, mobile network and relay node for establishing mobile network tunnel |
| WO2011039784A9 (en) * | 2009-09-30 | 2011-08-11 | Vinjamuri Venkata Ravindra | A system and method for dual-mode authentication in hybrid networks |
| WO2011054777A2 (en) * | 2009-11-09 | 2011-05-12 | Skype Limited | Controlling communications |
| CN102368768A (en) * | 2011-10-12 | 2012-03-07 | 北京星网锐捷网络技术有限公司 | Identification method, equipment and system as well as identification server |
| CN102833846A (en) * | 2012-08-21 | 2012-12-19 | 大唐移动通信设备有限公司 | Method and device for realizing registration and service call of user equipment (UE) |
| CN105530185A (en) * | 2014-09-29 | 2016-04-27 | 优视科技有限公司 | Overlay routing network, routing method based on overlay routing network, and router |
| CN105636006A (en) * | 2015-12-24 | 2016-06-01 | 阳光凯讯(北京)科技有限公司 | 2G/3G core network interworking method and system in condition that terminal roams to 4G special network |
Cited By (35)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112333707A (en) * | 2019-07-16 | 2021-02-05 | 中国移动通信集团浙江有限公司 | Public and private network collaborative optimization method, device, equipment and computer storage medium |
| CN110557753B (en) * | 2019-08-13 | 2023-05-09 | 成都电科慧安科技有限公司 | DNS redirection method based on relay access for public security network access |
| CN110557753A (en) * | 2019-08-13 | 2019-12-10 | 成都电科慧安科技有限公司 | DNS redirection method based on relay access |
| US20210112411A1 (en) * | 2019-10-10 | 2021-04-15 | Cisco Technology, Inc. | Multi-factor authentication in private mobile networks |
| CN111163499B (en) * | 2019-11-29 | 2022-01-04 | 联通物联网有限责任公司 | Access method, device, electronic equipment and storage medium |
| CN111163499A (en) * | 2019-11-29 | 2020-05-15 | 联通物联网有限责任公司 | Access method, device, electronic equipment and storage medium |
| CN113438647A (en) * | 2020-03-05 | 2021-09-24 | 大唐移动通信设备有限公司 | Method for accessing public network user to private network, call service processing method and equipment |
| CN111414645A (en) * | 2020-03-19 | 2020-07-14 | 中国电子科技集团公司第三十研究所 | Safe HSS/UDM design method and system for realizing privacy protection function |
| CN111465001A (en) * | 2020-04-01 | 2020-07-28 | 中国联合网络通信集团有限公司 | Registration method and device |
| CN111465001B (en) * | 2020-04-01 | 2023-05-02 | 中国联合网络通信集团有限公司 | Registration method and device |
| CN111464963A (en) * | 2020-04-01 | 2020-07-28 | 中国联合网络通信集团有限公司 | Registration method of card-free terminal and identity registration server |
| CN111565435B (en) * | 2020-04-15 | 2022-07-08 | 中国联合网络通信集团有限公司 | Communication method and access network equipment |
| CN111565435A (en) * | 2020-04-15 | 2020-08-21 | 中国联合网络通信集团有限公司 | Communication method and access network equipment |
| CN114189853B (en) * | 2020-08-24 | 2023-12-12 | 海能达通信股份有限公司 | Communication control method and device of terminal and EPC |
| CN114189853A (en) * | 2020-08-24 | 2022-03-15 | 海能达通信股份有限公司 | Communication control method and device of terminal and EPC |
| CN114339716A (en) * | 2020-09-29 | 2022-04-12 | 中国电信股份有限公司 | Subscription data transmission method, system and server |
| CN112423301B (en) * | 2020-11-02 | 2023-12-22 | 中国联合网络通信集团有限公司 | Private network registration management method and AMF network element |
| CN112423301A (en) * | 2020-11-02 | 2021-02-26 | 中国联合网络通信集团有限公司 | Private network registration management method and AMF network element |
| CN113765874B (en) * | 2020-11-09 | 2023-12-05 | 北京沃东天骏信息技术有限公司 | Private network and dual-mode networking method based on 5G mobile communication technology |
| CN113765874A (en) * | 2020-11-09 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Private network and dual-mode networking method based on 5G mobile communication technology |
| CN114584936A (en) * | 2020-11-30 | 2022-06-03 | 中国电信股份有限公司 | Method, system and storage medium for realizing short message intercommunication between private network terminal and public network terminal |
| CN114760674A (en) * | 2021-01-14 | 2022-07-15 | 南通大学 | Shipborne private network CPE design and communication method based on shipborne communication-in-motion antenna |
| CN113596837B (en) * | 2021-07-09 | 2023-05-26 | 长安大学 | Method and system for determining core network selection |
| CN113596837A (en) * | 2021-07-09 | 2021-11-02 | 长安大学 | Method and system for determining core network selection |
| WO2023000948A1 (en) * | 2021-07-19 | 2023-01-26 | 腾讯科技(深圳)有限公司 | Electronic sports data processing method and apparatus, and device and storage medium |
| CN113993130A (en) * | 2021-10-29 | 2022-01-28 | 中国电信股份有限公司 | Terminal access control method, terminal and storage medium |
| CN114339837A (en) * | 2021-12-31 | 2022-04-12 | 中国联合网络通信集团有限公司 | Private network access control method and device, electronic equipment and storage medium |
| CN114339837B (en) * | 2021-12-31 | 2023-12-22 | 中国联合网络通信集团有限公司 | Private network access control method and device, electronic equipment and storage medium |
| CN114531279A (en) * | 2022-01-25 | 2022-05-24 | 中国联合网络通信集团有限公司 | Private network access method, server and storage medium |
| CN114531279B (en) * | 2022-01-25 | 2023-12-22 | 中国联合网络通信集团有限公司 | Private network access method, server and storage medium |
| CN114900794A (en) * | 2022-06-14 | 2022-08-12 | 中国联合网络通信集团有限公司 | Communication method, device, system and storage medium |
| CN114900794B (en) * | 2022-06-14 | 2024-04-09 | 中国联合网络通信集团有限公司 | Communication method, device, system and storage medium |
| CN115150830B (en) * | 2022-09-02 | 2022-11-29 | 北京首信科技股份有限公司 | Method and system for guaranteeing terminal public network access when 5G private network access authentication fails |
| CN115150830A (en) * | 2022-09-02 | 2022-10-04 | 北京首信科技股份有限公司 | Method and system for guaranteeing terminal public network access when 5G private network access authentication fails |
| CN116095663A (en) * | 2022-12-28 | 2023-05-09 | 中国电信股份有限公司卫星通信分公司 | Roaming service registration method, device and system |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2019062384A1 (en) | 2019-04-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109561430A (en) | A kind of implementation method and equipment of public network user access private network | |
| CN105307108B (en) | A kind of Internet of Things information exchange communication means and system | |
| CN105049442B (en) | A kind of method for switching network and terminal | |
| US20090129371A1 (en) | Method and system to enable mobile roaming over ip networks and local number portability | |
| US11063990B2 (en) | Originating caller verification via insertion of an attestation parameter | |
| CN105025475B (en) | Mobile secrecy terminal realizing method towards android system | |
| Lin et al. | One-pass GPRS and IMS authentication procedure for UMTS | |
| CN108029017A (en) | The method that safe wifi calling connections are carried out by managed public WLAN accesses | |
| CN108156069A (en) | A kind of integration message system and message treatment method | |
| WO2019075899A1 (en) | Methods and devices for selecting and obtaining soft sim card | |
| CN108377574A (en) | A kind of communication means, terminal, network and the system of double card bilateral | |
| CN107529160A (en) | A kind of VoWiFi method for network access and system, terminal and wireless access points equipment | |
| CN108156634B (en) | Service processing method, device and system | |
| CN105307144B (en) | A kind of register method, method of calling, application server and network domain arrangement | |
| CN109587172A (en) | Communication means based on block chain and the communication system based on block chain | |
| CN107079019A (en) | Via the certification based on browser service of carrier network | |
| CN104125221B (en) | IMS (IP (Internet Protocol) multimedia subsystem) terminal equipment multiple soft-terminal resource sharing and application collaborative device and method | |
| US7962122B2 (en) | Secure traffic redirection in a mobile communication system | |
| CN108429773A (en) | Authentication method and Verification System | |
| CN103051594A (en) | Method, network side equipment and system of establishing end-to-end security of marked net | |
| CN106792627A (en) | A kind of implementation method of many equipment connected communications and realize system | |
| CN107708103B (en) | Method for realizing number security based on MAP signaling | |
| US10547651B2 (en) | System and method for providing telephony services over WiFi for non-cellular devices | |
| CN109982319A (en) | User authentication method, device, system, node, server and storage medium | |
| CN106888193A (en) | A kind of method for authenticating user identity, device and its system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190402 |
|
| RJ01 | Rejection of invention patent application after publication |