CN110839231A

CN110839231A - Method and equipment for acquiring terminal identification

Info

Publication number: CN110839231A
Application number: CN201810929046.XA
Authority: CN
Inventors: 张龙; 闫渊; 吴彤
Original assignee: China Mobile Communications Group Co Ltd; China Mobile Communications Ltd Research Institute
Current assignee: China Mobile Communications Group Co Ltd; China Mobile Communications Ltd Research Institute
Priority date: 2018-08-15
Filing date: 2018-08-15
Publication date: 2020-02-25
Anticipated expiration: 2038-08-15
Also published as: CN110839231B

Abstract

The invention discloses a method and equipment for acquiring a terminal identifier, which are used for solving the problem that an MEC (mobile communication center) in the prior art cannot effectively acquire identity information of an access user. In the application, an MEC sends a terminal identification query message to network side equipment through an identification query interface; and the network side equipment feeds back the identification information of the terminal to the MEC after receiving the terminal identification query message through the identification response interface. Compared with the method that the terminal identifier is obtained through analyzing the NAS message reported by the terminal to the core network, the MEC in the embodiment of the invention can directly send the terminal identifier query message to the network side equipment, and further directly obtain the required terminal identifier from the network side equipment containing the user identity information, so that the condition that the terminal identifier information cannot be obtained because the NAS message reported by the terminal is encrypted is avoided, the MEC can effectively obtain the identity information of the access user, and further the position service class service applied by part of the MEC is perfected.

Description

Method and equipment for acquiring terminal identification

Technical Field

The present invention relates to the field of wireless communication technologies, and in particular, to a method and a device for acquiring a terminal identifier.

Background

A Mobile Edge Computing (MEC) platform is usually located in an access network, has characteristics of time delay reduction, bandwidth saving, content localization, and the like, and is an advantageous grip for the capability of 4G (the 4th Generation Mobile communication technology, fourth Generation Mobile communication technology) and 5G (the 5th Generation Mobile communication technology, fifth Generation Mobile communication technology) operators to open and extend new services. Part of the MEC applications, mainly location services, generally need to acquire the identity of the access user, such as a Mobile phone Number, an IMSI (International Mobile Subscriber identity Number), and the like. For example, a chemical plant safety production application based on MEC indoor positioning capability needs to know not only the number of people in a dangerous area, where the people in the dangerous area are distributed, but also the specific identity of the people in the dangerous area. At this time, the MEC is required to acquire the identity of the access user, such as a mobile phone number and an IMSI. The IMSI is a unique identifier of the terminal in the network, and can identify the user identity.

Generally, a terminal reports its IMSI to a core network in a NAS (Non-access stratum) message in an initial attach procedure, and at this time, in an NAS signaling interaction procedure, a network may trigger the terminal to report its IMSI through an identity request procedure. In addition, if the NAS message is not encrypted, the MEC may also obtain the IMSI by parsing the NAS message.

However, in the prior art, if the NAS message enables the ciphering algorithm, the MEC will not be able to acquire the IMSI. In addition, the terminal will actively report the IMSI only in the initial attach procedure, and the network will rarely trigger the Identity Request procedure under normal conditions, so the scheme has no wide applicability. And although the MEC may simulate the core network to issue the Identity Request message, the integrity protection of the NAS message is opened by default, and after the NAS security is activated, the message issued by the MEC in a simulated mode is discarded on the terminal side because the message fails the integrity protection check. Therefore, the current network verification shows that the scheme is invalid for the connected terminal and only valid for the idle terminal, and the possibility of acquisition failure exists.

In summary, in the prior art, the MEC cannot effectively acquire the identity information of the access user.

Disclosure of Invention

The invention provides a method and equipment for acquiring a terminal identifier, which are used for solving the problem that an MEC (mobile communication center) in the prior art cannot effectively acquire identity information of an access user.

In a first aspect, an embodiment of the present invention provides a method for acquiring a terminal identifier, where the method includes:

the MEC sends a terminal identification query message to the network side equipment through an identification query interface; and then the MEC receives the identification information of the terminal returned by the network side equipment.

In the embodiment of the invention, the MEC sends the terminal identification query message to the network side equipment through the identification query interface, then the network side equipment receives the terminal identification query message sent by the MEC through the identification response interface, and sends the queried terminal identification information to the MEC after receiving the terminal identification query message sent by the MEC. Compared with the prior art, the embodiment of the invention does not need to analyze the NAS message reported by the terminal to obtain the terminal identification information, but the MEC directly requests the network side equipment, so that the condition that the terminal identification information cannot be obtained because the NAS message reported by the terminal is encrypted is avoided, the MEC can effectively obtain the identity information of the access user, and further, the position service type service applied by part of the MEC is perfected.

In a possible implementation, the network side device is a core network;

the MEC sends a terminal identification query message to the network side equipment through an identification query interface, and the method comprises the following steps:

the MEC sends a terminal identification query message to the core network by using a Stream Control Transmission Protocol (SCTP) link between the MEC and the core network through an identification query interface;

the MEC receives the identification information of the terminal returned by the network side equipment, and the identification information comprises:

and the MEC receives an identification response message which is returned by the core network and contains the identification information of the terminal by using an SCTP link between the MEC and the core network through an identification query interface.

In the foregoing manner, when the network-side device is a core network, the MEC sends a terminal identifier query message to the core network through the identifier query interface by using the SCTP link with the core network, and receives an identifier response message including identifier information of the terminal, which is returned by the core network, through the identifier query interface by using the SCTP link with the core network, so that the identifier information of the terminal can be obtained by analyzing the identifier response message.

In a possible implementation, before the MEC sends the query message to the core network through the identified query interface using the SCTP link with the core network, the method further includes:

the MEC adds at least one of a private network IP address (Internet Protocol, Protocol for interconnection between networks), a GTP-U (General Packet Radio Service tunneling Protocol ) tunnel ID (unique code) and an S1AP-UE-ID (S1Application Protocol user unique code, S1 link Application Protocol user unique code) of the terminal to the terminal identification query message.

In the method, the MEC adds at least one of the IP address of the private network of the terminal, the GTP-U tunnel ID and the S1AP-UE-ID into the terminal identification query message, and then sends the query message to the core network by using the SCTP link between the identification query interface and the core network. Therefore, the core network analyzes the terminal identification query message and obtains the information carried by the terminal identification query message, and determines the terminal of the MEC needing to obtain the identification information according to the information carried by the terminal identification query message, so as to query and return the identification information of the terminal.

In a possible implementation manner, the network side device is a unified authentication platform;

the MEC sends a terminal identification query message to the unified authentication platform through an identification query interface by using a GTP (General packet radio Service tunneling Protocol) tunnel between the MEC and the unified authentication platform;

and the MEC receives the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.

When the network side equipment is a unified authentication platform, the MEC sends a terminal identification query message to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface, and then receives the identification information of the terminal returned by the network side equipment by using the GTP tunnel between the MEC and the unified authentication platform through the identification query interface. Therefore, the MEC can send the terminal identification query message through the existing GTP tunnel, so that the unified authentication platform returns the identification information of the terminal according to the terminal identification query message sent by the GTP tunnel, and further determines the identification information of the terminal.

In a possible implementation, the MEC adds the private network IP address and/or GTP-U tunnel ID of the terminal to the terminal identity query message, and then sends the terminal identity query message to the unified authentication platform through the identity query interface using a GTP tunnel with the unified authentication platform.

In the method, after the MEC adds the private network IP address and/or GTP-U tunnel ID of the terminal to the terminal identifier query message, the MEC sends the terminal identifier query message to the unified authentication platform through the identifier query interface by using the GTP tunnel between the MEC and the unified authentication platform, and the unified authentication platform can determine the terminal that needs to query the identifier information by analyzing the terminal identifier query message.

In a possible implementation manner, the sending, by the MEC, a terminal identifier query message to a network side device through an identifier query interface by using a GTP tunnel with the unified authentication platform includes:

the MEC sends a Ks (Key Session, Session Key) negotiation request message after GTP encapsulation to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;

after receiving the Ks negotiation response message returned by the unified authentication platform, the MEC sends a token verification request message to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;

the MEC receives the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface, and the identification information comprises the following steps:

and the MEC receives a token verification response message which is returned by the network side equipment and contains the identification information of the terminal by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.

In the method, the MEC authenticates the token through the unified authentication platform by simulating the existing terminal authentication process so as to determine the identification information of the terminal. So that the MEC can determine terminal specific identity information.

the MEC sends a terminal identification request message to network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;

and the MEC receives a terminal identification response message containing the identification information of the terminal, which is returned by the network side equipment, by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.

When the network side equipment is a unified authentication platform, the MEC sends a terminal identification request message to the network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface, and receives an identification information terminal identification response message containing the terminal returned by the network side equipment by using the GTP tunnel between the MEC and the unified authentication platform through the identification query interface. Therefore, the MEC can directly send the terminal identification request message to the unified authentication platform and receive the query result returned by the unified authentication platform to determine the identification information of the terminal.

In a second aspect, an embodiment of the present invention provides a method for acquiring a terminal identifier, where the method includes:

the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface;

and the network side equipment sends the inquired identification information of the terminal to the MEC.

In the method, the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface; and sends the queried identification information of the terminal to the MEC. Therefore, the MEC can directly determine the identification information of the terminal through the query result fed back by the network side, and does not need to obtain the identification information of the terminal through analyzing the NAS message reported by the terminal, so that the condition that the identification information of the terminal cannot be obtained because the NAS message reported by the terminal is encrypted is avoided, the MEC can effectively obtain the identity information of the access user, and further the position service type service applied by part of the MEC is perfected.

In a possible implementation, the network side device is a core network;

the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface, and the method comprises the following steps:

the core network receives a terminal identification query message sent by using an SCTP link between the core network and the MEC through an identification response interface;

the network side device sends the inquired identification information of the terminal to the MEC, and the identification information comprises the following steps:

and the core network sends the inquired identification information of the terminal to the MEC by using the SCTP link between the core network and the MEC through an identification response interface.

In the method, when the network side device is a core network, the core network receives a terminal identifier query message sent by using an SCTP link between the core network and the MEC through an identifier response interface; and sending the inquired identification information of the terminal to the MEC by using the SCTP link between the MEC and the MEC through an identification response interface. Because the core network directly contains the identification information of the terminal, the core network can feed back the identification information of the inquired terminal after receiving the terminal identification inquiry message of the MEC, so that the MEC can effectively acquire the identification information of the terminal to be determined.

In a possible implementation manner, after receiving, by the core network through the identification response interface, the terminal identification query message sent by using the SCTP link with the MEC, and before receiving, through the identification response interface, the terminal identification query message sent by using the SCTP link with the MEC, the method further includes:

the core network determines a terminal to be queried according to part or all of the following information carried in the terminal identification query message, and determines identification information of the terminal to be queried;

wherein, the terminal identification inquiry message carries part or all of the following information:

the private network IP address of the terminal, the GTP-U tunnel ID and the S1 AP-UE-ID.

In the method, after the core network receives the terminal identification query message sent by using the SCTP link between the core network and the MEC through the identification response interface, the core network determines the terminal to be queried through part or all of the private network IP address, the GTP-U tunnel ID and the S1AP-UE-ID of the terminal carried in the terminal identification query message so as to query according to the determined terminal and further determine the identification information of the terminal.

the unified authentication platform receives a terminal identification query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;

and the unified authentication platform sends the inquired identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface.

In the method, the network side device is a unified authentication platform; the unified authentication platform receives a terminal identification query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface; and sending the inquired identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface. Therefore, after the unified authentication platform determines the identification information of the terminal according to the terminal identification query message, the identification information can be fed back to the MEC, and the MEC can acquire the identification information of the terminal needing to determine the identity information.

In a possible implementation manner, after the unified authentication platform receives, through the identity response interface, the terminal identity query message sent by using the GTP tunnel between the MEC, and before sending, through the identity response interface, the queried identity information of the terminal to the MEC by using the GTP tunnel between the MEC and the unified authentication platform, the unified authentication platform further includes:

and the unified authentication platform determines the terminal to be inquired according to the private network IP address and/or GTP-U tunnel ID of the terminal carried in the terminal identification inquiry message, and determines the identification information of the terminal to be inquired.

In the method, after receiving a terminal identification query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, the unified authentication platform determines a terminal to be queried through a private network IP address, a GTP-U tunnel ID, a private network IP address and a GTP-U tunnel ID of the terminal carried in the terminal identification query message, and further determines identification information of the terminal to be queried according to the determined terminal. The determined identification information of the terminal may then be fed back to the MEC, so that the MEC obtains the identification information of the terminal for which the identity information needs to be determined.

In a possible implementation manner, the receiving, by the unified authentication platform, the terminal identity query message sent by using a GTP tunnel with the MEC through an identity response interface includes:

the unified authentication platform receives a Ks negotiation request message which is sent by using a GTP tunnel between the unified authentication platform and the MEC and is subjected to GTP encapsulation through an identification response interface;

the unified authentication platform receives a token verification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;

the unified authentication platform sends the inquired identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, and the identification information comprises the following steps:

after receiving the Ks negotiation request message, the unified authentication platform sends a Ks negotiation response message to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;

and after receiving the token verification request message, the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC.

In the method, the MEC simulates the interaction between the user terminal and the unified authentication platform, and the identification information of the terminal is obtained through the process of authenticating the token by the unified authentication platform.

the unified authentication platform receives a terminal identification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface;

and the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface.

In the method, the unified authentication platform receives a terminal identification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, and sends a terminal identification response message containing identification information of the terminal to the MEC through the identification response interface by using the GTP tunnel between the unified authentication platform and the MEC after inquiring the identification information of the terminal. So that the MEC may acquire the identification information of the terminal included in the message by parsing the terminal identification response message.

In a third aspect, an embodiment of the present invention further provides an MEC for acquiring a terminal identifier, where the MEC includes: a processor and a transceiver, the device having functionality to implement the embodiments of the first aspect described above.

In a fourth aspect, an embodiment of the present invention further provides a network side device for acquiring a terminal identifier, where the network side device includes: a processor and a transceiver, the device having functionality to implement the embodiments of the second aspect described above.

In a fifth aspect, an embodiment of the present invention further provides an MEC for acquiring a terminal identifier, where the MEC includes at least one processor and at least one memory, and the device has functions of implementing the embodiments of the first aspect.

In a sixth aspect, an embodiment of the present invention further provides a network-side device for acquiring a terminal identifier, where the network-side device includes at least one processor and at least one memory, and the device has functions of implementing the embodiments of the second aspect.

Seventh aspect, a computer-storable medium having stored thereon a computer program which, when executed by a processor, performs the steps of the above-described method.

In addition, for technical effects brought by any one implementation manner of the third aspect to the seventh aspect, reference may be made to technical effects brought by different implementation manners of the first aspect to the second aspect, and details are not described here.

Drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.

Fig. 1 is a schematic structural diagram of a system for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 2 is a schematic structural diagram of a first example of a system for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 3 is a schematic structural diagram of a second example of a system for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 4 is a schematic flowchart of a second example of a system for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 5 is a schematic structural diagram of a third example of a system for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 6 is a schematic view of a complete flow of a first example of a system for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 7 is a schematic timing diagram illustrating a second example of a system for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 8 is a schematic view of a complete flow of a third example of a system for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 9 is a schematic flowchart of a first method for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 10 is a flowchart illustrating a second method for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 11 is a schematic structural diagram of a first MEC for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 12 is a schematic structural diagram of a first network-side device for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 13 is a schematic structural diagram of a second MEC for acquiring a terminal identifier according to an embodiment of the present invention;

fig. 14 is a schematic structural diagram of a second network-side device for acquiring a terminal identifier according to an embodiment of the present invention.

Detailed Description

The embodiment of the invention relates to a method for acquiring a terminal identifier, wherein the related equipment in the method comprises an MEC and network side equipment. In specific implementation, the MEC sends a terminal identifier query message to the network side device through the identifier query interface; and then the network side equipment receives the terminal identification query message sent by the MEC through the identification response interface, and sends the queried identification information of the terminal to the MEC. Thus, the MEC may obtain the identification information of the terminal by sending a terminal identification query message to the network side device.

Currently, in a normal user access process, a core network (MME/AMF, HSS, etc.) authenticates a user based on an IMSI reported by the user, and a PGW/UPF generates a ticket and the like, and associates a user service transmission channel (such as a private network IP address and a tunnel ID of a GTP-U) with information such as the IMSI and a user phone number, so that the core network naturally has identity information of the user.

In addition, in the basic service flow of the unified authentication platform, firstly, the unified authentication platform identifies a user through a path (such as a GTP-U tunnel ID) used when an authentication key token message is applied for transmission in a mobile communication network, generates the authentication key token and returns the authentication key token through a middleware; then the service platform forwards the token sent by the APP to the unified authentication platform for authentication, the unified authentication platform authenticates the token, if the authentication is successful, the service platform is informed, and user identity information such as a user mobile phone number and the like can be returned in a response message; and the service platform determines whether to allow the user to log in according to the authentication result. Therefore, the unified authentication platform also comprises the identity information of the user.

In summary, the network side device knowing the user identity information has a core network and a unified authentication platform.

Therefore, the network side device in the embodiment of the invention can be a core network or a unified authentication platform.

In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

As shown in fig. 1, an embodiment of the present invention provides a system for acquiring a terminal identifier, where the system includes:

the MEC100 is configured to send a terminal identifier query message to the network side device through the identifier query interface; and receiving the identification information of the terminal returned by the network side equipment.

The network side device 101 is configured to receive a terminal identifier query message sent by the MEC through an identifier response interface; and sending the identification information of the inquired terminal to the MEC.

The embodiment of the present invention relates to three methods for acquiring terminal identification information by an MEC, which will be described below separately.

In the first mode, an STCP link is established between the MEC and the core network, and the query is directly carried out.

As shown in fig. 2, in a specific implementation, an STCP link is first established between the MEC and the core network, and a connection is implemented through an identifier query interface of the MEC and an identifier response interface of the core network.

And the identification query interface of the MEC end and the identification response interface of the core network are newly-established data transmission interfaces.

Subsequently, the MEC needs to add identification information for determining the terminal that needs to query the identity information to the terminal identification query message, so that the core network can accurately determine the terminal that needs to return the identification information after receiving the terminal identification query message.

Specifically, the MEC adds at least one of the following information of the terminal to the terminal identification query message. Wherein, the terminal identification inquiry message carries part or all of the following information: the private network IP address of the terminal, the GTP-U tunnel ID and the S1 AP-UE-ID.

In specific implementation, the MEC marks the terminal requiring the query of the identification information by adding at least one of the private network IP address of the terminal, the GTP-U tunnel ID and the S1AP-UE-ID to the terminal identification query message, and the subsequent core network determines the terminal inquiring the identification information through the address information in the terminal identification query message after receiving the terminal identification query message.

For example:

the core network side contains personal information of 3 terminals, which are respectively:

1. when the MEC needs to acquire the identity information of the UE2, the MEC may add the private network IP address (198.5.5.0) of the UE2 to the terminal identification query message to form a data packet, and then send the terminal identification query message including the private network IP address of the UE2 to the core network through the SCTP link, so that the subsequent core network determines, by analyzing the data packet including the private network IP address of the UE2, that the terminal that needs to acquire the identification information of the user is the UE2, and further queries the identification information of the UE 2.

2. When the MEC needs to acquire the identity information of the UE2, the MEC may further add the GTP-U tunnel ID (25) and the private network IP address (198.5.5.0) of the data transmission of the UE2 to the terminal identification query message to form a data packet, and then send the terminal identification query message including the GTP-U tunnel ID and the private network IP address to the core network through the SCTP link, so that the subsequent core network determines, through parsing the data packet including the GTP-U tunnel ID and the private network IP address, that the terminal that needs to acquire the identity information of the user is the UE2, and further queries the identity information of the UE 2.

3. When the MEC needs to acquire the identity information of the UE2, the MEC may further add the GTP-U tunnel ID (25), the private network IP address (198.5.5.0), and the S1AP-UE-ID (25) of the data transmission of the UE2 to the terminal identification query message to form a data packet, and then send the terminal identification query message including the GTP-U tunnel ID, the private network IP address, and the S1AP-UE-ID to the core network through the SCTP link, so that the subsequent core network determines, by parsing the data packet including the GTP-U tunnel ID, the private network IP address, and the S1AP-UE-ID, that the terminal that needs to acquire the identity information of the user is the UE2, and further queries the identity information of the UE 2.

In addition, the terminal identification query message carries part or all of the following information: the process that the MEC adds at least one of the private network IP address, GTP-U tunnel ID, S1AP-UE-ID, and S1AP-UE-ID of the terminal to the terminal identification query message may be referred to the above example.

After adding the identification information of the terminal to the terminal identification query message, the MEC sends the terminal identification query message to the core network through the established SCTP link.

Specifically, the MEC sends a terminal identification query message to the core network through an identification query interface by using an SCTP link with the core network;

correspondingly, the core network receives a terminal identification query message sent by using the SCTP link between the core network and the MEC through an identification response interface.

In the method, an MEC sends a terminal identification query message to a core network by using an SCTP link between the MEC and the core network through an identification query interface; and then the core network receives a terminal identification query message sent by using the SCTP link between the core network and the MEC through an identification response interface. Thus, the MEC can directly send the terminal identification query message to the core network, and the core network receives the terminal identification query message to trigger the core network to query the identification information of the terminal and feed back the identification information to the MEC.

Subsequently, the core network parses the received terminal identifier query message to determine the terminal requested by the MEC.

Specifically, after receiving a terminal identifier query message sent by using the SCTP link between the core network and the MEC through the identifier response interface, the core network determines a terminal to be queried through part or all of the following information carried in the terminal identifier query message, determines identifier information of the terminal to be queried, and then receives the terminal identifier query message sent by using the SCTP link between the core network and the MEC through the identifier response interface.

In the method, the core network analyzes the received terminal identification query message, acquires the terminal identification message carried in the terminal identification query message, and further determines the terminal needing to query the identification information.

And then, the core network inquires the determined terminal needing to inquire the identification information to obtain the identification information, and feeds the inquired identification information back to the MEC.

For example:

the core network side includes information of 3 terminals:

taking the private network IP address as an example, if the MEC determines that the identity information of the UE2 needs to be acquired, the MEC adds the private network IP address (198.5.5.0) of the UE2 to the terminal identification query message to form a data packet, and then sends the terminal identification query message containing the private network IP address of the UE2 to the core network through the SCTP link. Then the core network receives the terminal identification query message sent by using the SCTP link between the core network and the MEC through the identification response interface, further analyzes the data packet of the received terminal identification query message to obtain the private network IP address of the terminal as 198.5.5.0, further determines that the terminal needing to query the identification information is UE2, then queries the identification information of UE2, and determines that the identification information of the UE needing to query is: the IMSI is 45264562323; the cell phone number is 12453533542.

Specifically, the core network sends the identification information of the inquired terminal to the MEC through an identification response interface by using an SCTP link with the MEC.

Correspondingly, the MEC receives an identification response message which is returned by the core network and contains the identification information of the terminal through an identification query interface by using the SCTP link between the MEC and the core network.

In the method, the core network feeds back the inquired identification information of the terminal to the MEC, so that the MEC can effectively acquire the identity information of the access user, and further, the position service type service applied by part of the MEC is perfected.

For example:

1. the core network side includes information of 3 terminals:

taking the private network IP address as an example, if the MEC determines that the identity information of the UE2 needs to be acquired, the MEC adds the private network IP address (198.5.5.0) of the UE2 to the terminal identification query message to form a data packet, and then sends the terminal identification query message containing the private network IP address of the UE2 to the core network through the SCTP link. Analyzing a terminal identification query message data packet received by the core network through the identification response interface to determine that a terminal needing to query identification information is UE2, querying the identification information of UE2, and determining that the identification information of UE2 needing to query is: the IMSI is 45264562323; the cell phone number is 12453533542. The identification information (IMSI 45264562323; cell phone number 12453533542) of the UE2 is inserted into the identification response message, so that after receiving the identification response message, the MEC can obtain the identification information of the UE2 by parsing the identification response message as follows: the IMSI is 45264562323; the cell phone number is 12453533542.

Secondly, the MEC establishes an identifier query interface to send a terminal identifier query message to the unified authentication platform; and multiplexing the existing interface of the unified authentication platform to receive the terminal identification query message and returning a query result.

As shown in fig. 3, in a specific implementation, the MEC first needs to establish an identifier query interface, insert a terminal identifier query message into a GTP tunnel through the interface, and then send the terminal identifier query message to the unified authentication platform, and then the unified authentication platform reuses an existing interface of the unified authentication platform to receive the terminal identifier query message.

And the identification query interface of the MEC and the identification response interface of the core network are newly-built data transmission interfaces.

Specifically, the MEC sends a terminal identifier query message to the network side device through an identifier query interface by using a GTP tunnel between the MEC and the unified authentication platform;

correspondingly, the unified authentication platform receives a terminal identifier query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identifier response interface.

After the MEC sends the terminal identifier query message to the unified authentication platform, the unified authentication platform further needs to determine the terminal that needs to query the identifier information according to the terminal identifier query message.

After the unified authentication platform receives a terminal identification query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identification response interface, the unified authentication platform determines a terminal to be queried through a GTP-U tunnel ID carried in the terminal identification query message, and determines identification information of the terminal to be queried.

In the method, after receiving a terminal identifier query message sent by using a GTP tunnel between the MEC and the unified authentication platform through an identifier response interface, the unified authentication platform determines a terminal to be queried according to a GTP-U tunnel ID carried in the terminal identifier query message, determines identifier information of the terminal to be queried, and further sends the queried identifier information of the terminal to the MEC through the GTP tunnel between the identifier response interface and the MEC. Therefore, the unified authentication platform can send the identification information of the terminal to be acquired by the MEC to the MEC, so that the MEC can effectively acquire the identity information of the access user, and further the position service type service applied by part of the MEC is perfected.

And then, after inquiring the representation information of the terminal, the unified authentication platform returns a terminal identification response message containing the identification information of the terminal to the MEC.

Specifically, the unified authentication platform sends the queried identification information of the terminal to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC;

correspondingly, the MEC receives the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.

By the method, the MEC sends the terminal identification query message to the unified authentication platform through the identification query interface and the GTP tunnel so that the unified authentication platform queries the identification information of the terminal and further determines the identification information of the terminal which is required to be determined by the MEC.

In a specific implementation, as shown in fig. 4, the MEC and the unified authentication platform will determine the terminal identification message through the following steps.

Step 400, the MEC sends the Ks negotiation request message after GTP encapsulation to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;

step 401, the unified authentication platform receives a Ks negotiation request message which is sent by using a GTP tunnel between the unified authentication platform and the MEC and is subjected to GTP encapsulation through an identifier response interface;

step 402, after receiving the Ks negotiation request message, the unified authentication platform sends a Ks negotiation response message to the MEC through the identification response interface by using the GTP tunnel between the MEC and the unified authentication platform;

step 403, after receiving the Ks negotiation response message returned by the unified authentication platform, the MEC sends a token verification request message to the unified authentication platform through an identifier query interface by using a GTP tunnel between the MEC and the unified authentication platform;

step 404, the unified authentication platform receives a token verification request message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identifier response interface;

step 405, after receiving the token verification request message, the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC;

and 406, the MEC receives a token verification response message containing the identification information of the terminal, which is returned by the network side device, through an identification query interface by using a GTP tunnel between the MEC and the unified authentication platform.

Thirdly, the MEC end establishes an identification query interface to send a terminal identification query message to the unified authentication platform; the unified authentication platform receives the terminal identification query message through the identification query response interface and returns a query result.

As shown in fig. 5, in a specific implementation, first, the MEC needs to establish an identifier query interface, and the unified authentication platform needs to establish an identifier response interface. And then the MEC inserts the terminal identification query message into a GTP tunnel through the mark query interface and further sends the terminal identification query message to the unified authentication platform, and then the unified authentication platform receives the terminal identification query message through the established identification response interface.

And the identification query interface of the MEC and the identification response interface of the unified authentication platform are newly-established data transmission interfaces.

After the establishment of the identifier query interface of the MEC and the identifier response interface of the unified authentication platform is completed, the MEC sends a terminal identifier request message to the unified authentication platform to prompt the unified authentication platform to query the identifier information of the terminal determined in the terminal identifier request message.

Specifically, after adding at least one of the private network IP address, GTP-U tunnel ID, and S1AP-UE-ID of the terminal to the terminal identification query message, the MEC sends the query message to the core network through the identification query interface using the SCTP link with the core network.

For example:

user' s	IMSI	Mobile phone number	Private network IP address	GTP-U tunnel ID
					UE1	86123456789	13254834567	198.6.5.0	156
UE2	45264562323	12453533542	198.5.5.0	25
					UE3	85512453154	14256486585	198.4.5.1	220

1. When the MEC needs to acquire the identity information of the UE3, the MEC may add the private network IP address (198.4.5.1) of the UE3 to the terminal identification query message to perform GTP encapsulation to form a data packet, and then insert the data packet into a GTP tunnel of the UE3 to send the terminal identification query message including the private network IP address of the UE3 to the unified authentication platform, so that the subsequent unified authentication platform determines that the terminal that needs to acquire the identity information of the user is the UE3 by analyzing the data packet including the private network IP address of the UE3, and further queries the identity information of the UE 3.

2. When the MEC needs to acquire the identity information of the UE3, the MEC may add the data transmission GTP-U tunnel ID (220) of the UE3 to the terminal identity query message, and then send the terminal identity query message including the GTP-U tunnel ID of the UE3 to the unified authentication platform through the GTP tunnel to the UE3, so that the subsequent unified authentication platform determines that the terminal that needs to acquire the identity information of the user is the UE3 by analyzing the data packet including the GTP-U tunnel ID of the UE3, and further queries the identity information of the UE 3.

3. When the MEC needs to acquire the identity information of the UE3, the MEC may add the private network IP address (198.4.5.1) and GTP-U tunnel ID (220) of the UE3 to the terminal identification query message to perform GTP encapsulation to form a data packet, then insert the data packet into the GTP tunnel of the UE3 to send the terminal identification query message including the private network IP address of the UE3 and the GTP-U tunnel ID to the unified authentication platform, so that the subsequent unified authentication platform determines that the terminal that needs to acquire the identity information of the user is the UE3 by analyzing the data packet including the private network IP address of the UE3 and the GTP-U tunnel ID, and further queries the identity information of the UE 3.

Specifically, the MEC sends a terminal identifier query message to the network side device through an identifier query interface by using a GTP tunnel between the MEC and the unified authentication platform.

In the method, the MEC sends the terminal identification query message to the unified authentication platform, so that the unified authentication platform receives the terminal identification query message sent by using a GTP tunnel between the MEC and the unified authentication platform through the identification response interface and queries the identification information of the terminal determined according to the terminal identification query message.

After the unified authentication platform receives the terminal identification query message, the terminal identification query message is analyzed to determine the terminal needing to query the identification information.

Specifically, after receiving a terminal identifier query message sent by using a GTP tunnel between the terminal and the MEC through an identifier response interface, the unified authentication platform determines a terminal to be queried through part or all of the following information carried in the terminal identifier query message, and determines identifier information of the terminal to be queried; and further sending the inquired identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.

the private network IP address of the terminal and the GTP-U tunnel ID.

For example:

Taking the private network IP address as an example, if the MEC determines that the identity information of the UE3 needs to be acquired, the MEC adds the private network IP address (198.4.5.1) of the UE3 to the terminal identification query message to perform GTP encapsulation to form a data packet, and then inserts the data packet into a GTP tunnel of the UE3 to send the terminal identification query message containing the private network IP address of the UE3 to the unified authentication platform. The unified certification platform analyzes the terminal identification query message data packet received by the identification response interface to determine that the terminal needing to query the identification information is UE3, queries the identification information of UE3, and further determines that the identification information of the UE3 needing to query is: the IMSI is 85512453154; the cell phone number is 14256486585. The identification information (IMSI 85512453154; cell phone number 14256486585) of the UE3 is inserted into the identification response message, so that after receiving the identification response message, the MEC can obtain the identification information of the UE3 by parsing the identification response message as follows: the IMSI is 85512453154; the cell phone number is 14256486585.

And the same authentication platform inquires the determined identification information of the terminal according to the information of the determined terminal carried in the terminal identification inquiry message, and then feeds the information back to the MEC.

Subsequently, specifically, the unified authentication platform sends the queried identification information of the terminal to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC;

In the method, after determining the identification information of the terminal, the unified authentication platform sends the inquired identification information of the terminal to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC; and then, the MEC receives the identification information of the terminal, which is returned by the network side equipment, by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface. Thus, the MEC can acquire the identification information of the terminal needing to acquire the identification information. Further, the terminal can be more accurately positioned.

In specific implementation, the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC; and the MEC receives an identification response message which is returned by the network side equipment and contains the identification information of the terminal by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface.

Namely, the unified authentication platform sends a terminal identification response message containing the identification information of the terminal to the MEC; and the MEC receives a terminal identification response message containing the identification information of the terminal returned by the unified authentication platform, analyzes the terminal identification response message and obtains the identification information of the terminal from the terminal identification response message.

For example:

1. the core network side contains personal information of 3 terminals, which are respectively:

taking the private network IP address as an example, if the MEC determines that the identity information of the UE3 needs to be acquired, the MEC adds the private network IP address (198.4.5.1) of the UE3 to the terminal identification query message to perform GTP encapsulation to form a data packet, and then inserts the data packet into a GTP tunnel of the UE3 to send the terminal identification query message containing the private network IP address of the UE3 to the unified authentication platform. Analyzing a terminal identification query message data packet received by the unified authentication platform through the identification response interface to determine that a terminal needing to query identification information is UE3, querying the identification information of UE3, and determining that the identification information of the UE3 needing to query is: the IMSI is 85512453154; the cell phone number is 14256486585. The identification information (IMSI 85512453154; cell phone number 14256486585) of the UE3 is inserted into the identification response message, so that after receiving the identification response message, the MEC can obtain the identification information of the UE3 by parsing the identification response message as follows: the IMSI is 85512453154; the cell phone number is 14256486585.

As shown in fig. 6, an embodiment of the present invention provides a detailed flowchart of a first method for acquiring a terminal identifier.

Step 600, the MEC determines a terminal needing to acquire identity information;

step 601, adding at least one of a private network IP address, a GTP-U tunnel ID and an S1AP-UE-ID of a terminal which needs to acquire identity information into the terminal identification query message by the MEC;

step 602, the MEC sends the terminal identification query message to the core network through the identification query interface by using the SCTP link with the core network;

step 603, the core network receives the terminal identification query message through the identification response interface by using the SCTP link between the core network and the MEC;

step 604, the core network determines the terminal needing to query the identification information by analyzing the terminal identification query message;

step 605, the core network inquires the identification information of the terminal according to the determined terminal;

step 606, the core network returns an identification response message containing the identification information of the terminal to the MEC through an identification response interface by using the SCTP link between the core network and the MEC;

step 607, MEC receives the identification response message containing the identification information of the terminal returned by the core network through the identification query interface by using the SCTP link with the core network;

step 608, the MEC determines the identification information of the terminal that needs to acquire the identity information according to the identification response message that includes the identification information of the terminal and is returned by the core network.

As shown in fig. 7, an embodiment of the present invention provides a detailed timing chart of a second method for acquiring a terminal identifier. The user identification acquisition module on the MEC platform consists of a client simulation unit, a service server simulation unit and a data packet encapsulation analysis unit.

Step 700, after accessing the network, the customer simulation unit of the MEC calls the SDK to apply for the authentication key token;

step 701, a client simulation unit of the MEC sends a Ks negotiation request to a data packet parsing and encapsulating module of the MEC;

step 702, the data packet parsing and encapsulating module of the MEC performs GTP encapsulation on the received Ks negotiation request, inserts the GTP encapsulation request into the GTP tunnel of the user, and monitors the response message;

step 703, the data packet parsing and encapsulating module of the MEC terminates the response message and sends the Ks negotiation request inserted into the GTP tunnel of the user to the unified authentication platform;

step 704, the unified authentication platform returns a Ks negotiation response to the data packet parsing and encapsulating module of the MEC;

step 705, the data packet parsing and encapsulating module of the MEC performs GTP decapsulation on the Ks negotiation response sent back by the received unified authentication platform;

step 706, the data packet parsing and encapsulating module of the MEC feeds back the unsealed Ks negotiation response to the client simulation unit of the MEC;

step 707, the client simulation unit of the MEC determines an authentication key token according to the received decapsulated Ks negotiation response;

step 708, the customer simulation unit of the MEC sends the authentication key token to the service platform simulation unit of the MEC;

step 709, the service platform simulation unit of the MEC verifies the received authentication key token through the external network link application token;

step 710, a service platform simulation unit of the MEC sends a token verification request to a unified authentication platform;

step 711, the service platform simulation unit of the MEC receives a token verification success response containing the user identifier returned by the unified authentication platform.

As shown in fig. 8, an embodiment of the present invention provides a detailed flowchart of a third method for acquiring a terminal identifier.

Step 800, the MEC determines a terminal needing to acquire identity information;

step 801, adding at least one of a private network IP address and a GTP-U tunnel ID of a terminal which needs to acquire identity information into the terminal identification query message by an MEC;

step 802, the MEC sends the terminal identification query message to the unified authentication platform through an identification query interface by using a GTP tunnel between the MEC and the unified authentication platform;

step 803, the unified authentication platform receives the terminal identifier query message through an identifier response interface by using a GTP tunnel between the unified authentication platform and the MEC;

step 804, the unified authentication platform determines the terminal needing to inquire the identification information by analyzing the terminal identification inquiry message;

step 805, the unified authentication platform queries the identification information of the terminal according to the determined terminal;

step 806, the unified authentication platform returns an identification response message containing the identification information of the terminal to the MEC through an identification response interface by using a GTP tunnel between the unified authentication platform and the MEC;

step 807, the MEC receives an identification response message containing the identification information of the terminal returned by a core network through an identification query interface by using a GTP tunnel between the MEC and the unified authentication platform;

step 808, the MEC determines the identification information of the terminal that needs to acquire the identity information according to the identification response message that is returned by the unified authentication platform and contains the identification information of the terminal.

Based on the same inventive concept, the embodiment of the present invention further provides a method for acquiring a terminal identifier, because the MEC and the network side device in the method are the MEC and the network side device in the system in the embodiment of the present invention, and the principle of the method for solving the problem is similar to that of the system, the implementation of the method may refer to the implementation of the system, and repeated details are not repeated.

As shown in fig. 9, an embodiment of the present invention provides a method for acquiring a terminal identifier, where the method includes:

step 900, the MEC sends a terminal identifier query message to the network side device through the identifier query interface;

step 901, the MEC receives the identifier information of the terminal returned by the network side device.

Optionally, the network side device is a core network;

the MEC sends a terminal identification query message to the core network by using an SCTP link between the MEC and the core network through an identification query interface;

Optionally, before the MEC sends the query message to the core network through the identification query interface using the SCTP link with the core network, the method further includes:

and the MEC adds at least one of the private network IP address, the GTP-U tunnel ID and the S1AP-UE-ID of the terminal into the terminal identification query message.

Optionally, the network side device is a unified authentication platform;

the MEC sends a terminal identification query message to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;

Optionally, before the MEC sends the terminal identifier query message to the unified authentication platform through the identifier query interface by using a GTP tunnel between the MEC and the unified authentication platform, the method further includes:

and the MEC adds the private network IP address and/or the GTP-U tunnel ID of the terminal into the terminal identification query message.

Optionally, the MEC sends a terminal identifier query message to the network side device through an identifier query interface by using a GTP tunnel between the MEC and the unified authentication platform, where the method includes:

the MEC sends a Ks negotiation request message after GTP encapsulation to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;

As shown in fig. 10, an embodiment of the present invention provides a method for acquiring a terminal identifier, where the method includes:

step 1000, the network side equipment receives a terminal identification query message sent by the MEC through an identification response interface;

step 1001, the network side device sends the queried identification information of the terminal to the MEC.

Optionally, the network side device is a core network;

Optionally, after receiving, by the core network through the identifier response interface, the terminal identifier query message sent by using the SCTP link with the MEC, and before receiving, by the identifier response interface, the terminal identifier query message sent by using the SCTP link with the MEC, the method further includes:

Optionally, the network side device is a unified authentication platform;

Optionally, after the unified authentication platform receives, through the identifier response interface, the terminal identifier query message sent by using the GTP tunnel between the MEC and the unified authentication platform, and before the terminal identifier query message sent by using the GTP tunnel between the MEC and the unified authentication platform sends, to the MEC, the queried identifier information of the terminal, the unified authentication platform further includes:

Optionally, the receiving, by the unified authentication platform, the terminal identifier query message sent by using a GTP tunnel between the unified authentication platform and the MEC through an identifier response interface includes:

As shown in fig. 11, an embodiment of the present invention provides an MEC for acquiring a terminal identifier, where the MEC includes: a processor and a transceiver:

the processor is used for transmitting data through the transceiver and sending a terminal identification query message to the network side equipment through the identification query interface; and receiving the identification information of the terminal returned by the network side equipment.

Optionally, the network side device is a core network; the processor 1100 is specifically configured to:

sending a terminal identification query message to the core network by using an SCTP link between the identification query interface and the core network; and receiving an identification response message which is returned by the core network and contains the identification information of the terminal by using the SCTP link between the identification query interface and the core network.

Optionally, the processor 1100 is further configured to:

and after adding at least one of the IP address of the private network of the terminal, the GTP-U tunnel ID and the S1AP-UE-ID into the terminal identification query message, sending the query message to the core network by using an SCTP link between the identification query interface and the core network.

Optionally, the network side device is a unified authentication platform; the processor 1100 is specifically configured to:

sending a terminal identification query message to the unified authentication platform by using a GTP tunnel between the terminal identification query interface and the unified authentication platform; and receiving the identification information of the terminal returned by the network side equipment by using a GTP tunnel between the identification inquiry interface and the unified authentication platform.

Optionally, the processor 1100 is further configured to:

and after the private network IP address and/or the GTP-U tunnel ID of the terminal are/is added into the terminal identification query message, the terminal identification query message is sent to the unified authentication platform by using a GTP tunnel between the terminal and the unified authentication platform through an identification query interface.

Optionally, the processor 1100 is specifically configured to:

sending the Ks negotiation request message after GTP encapsulation to the unified authentication platform by using a GTP tunnel between the unified authentication platform and an identification query interface; after receiving a Ks negotiation response message returned by the unified authentication platform, sending a token verification request message to the unified authentication platform by using a GTP tunnel between the unified authentication platform and an identification query interface; and receiving a token verification response message which is returned by the network side equipment and contains the identification information of the terminal by using a GTP tunnel between the identification query interface and the unified authentication platform.

Optionally, the processor 1100 is specifically configured to:

sending a terminal identification request message to network side equipment by using a GTP tunnel between the identification query interface and the unified authentication platform; and receiving a terminal identification response message containing the identification information of the terminal, which is returned by the network side equipment, by using a GTP tunnel between the identification inquiry interface and the unified authentication platform.

As shown in fig. 12, an embodiment of the present invention provides a network side device for acquiring a terminal identifier, where the network side device includes: a processor and a transceiver:

the processor is used for transmitting data through the transceiver and receiving a terminal identification query message sent by the MEC through the identification response interface; and sending the identification information of the inquired terminal to the MEC.

Optionally, the network side device is a core network; the processor 1200 is specifically configured to:

receiving a terminal identification query message sent by using an SCTP link between the MEC and the MEC through an identification response interface; and sending the inquired identification information of the terminal to the MEC by using the SCTP link between the MEC and the identification response interface.

Optionally, the processor 1200 is specifically configured to:

after receiving a terminal identification query message sent by using an SCTP link between the MEC and the MEC through an identification response interface, determining a terminal to be queried through part or all of the following information carried in the terminal identification query message, and determining identification information of the terminal to be queried; receiving a terminal identification query message sent by using an SCTP link between the MEC and the MEC through an identification response interface;

Optionally, the network side device is a unified authentication platform; the processor 1200 is specifically configured to:

receiving a terminal identification query message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface; and sending the inquired identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.

Optionally, the processor 1200 is further configured to:

after receiving a terminal identification query message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface, determining a terminal to be queried through a private network IP address of the terminal and/or a GTP-U tunnel ID carried in the terminal identification query message, and determining identification information of the terminal to be queried; and sending the inquired identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.

Optionally, the processor 1200 is specifically configured to:

receiving a Ks negotiation request message which is sent by using a GTP tunnel between the MEC and is subjected to GTP encapsulation through an identification response interface; receiving a token verification request message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface; after receiving the Ks negotiation request message, sending a Ks negotiation response message to the MEC by using a GTP tunnel between the MEC and the identification response interface; and after receiving the token verification request message, sending a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the MEC and an identification response interface.

Optionally, the processor 1200 is specifically configured to:

receiving a terminal identification request message sent by using a GTP tunnel between the MEC and the MEC through an identification response interface; and sending a terminal identification response message containing the identification information of the terminal to the MEC by using a GTP tunnel between the MEC and the MEC through an identification response interface.

As shown in fig. 13, an embodiment of the present invention provides an MEC for acquiring a terminal identifier, where the MEC includes:

at least one processor 1300 and at least one memory 1301, wherein the memory 1201 stores program code that, when executed by the processor 1300, causes the processor 1300 to perform the following:

sending a terminal identification query message to network side equipment through an identification query interface; and receiving the identification information of the terminal returned by the network side equipment.

Optionally, the network side device is a core network; the processor 1300 is specifically configured to:

Optionally, the processor 1300 is further configured to:

Optionally, the network side device is a unified authentication platform; the processor 1300 is specifically configured to:

Optionally, the processor 1300 is further configured to:

Optionally, the processor 1300 is specifically configured to:

As shown in fig. 14, an embodiment of the present invention provides a network side device for acquiring a terminal identifier, where the network side device includes:

at least one processor 1400 and at least one memory 1401, wherein the memory 1201 stores program code that, when executed by the processor 1400, causes the processor 1400 to perform the following:

receiving a terminal identification query message sent by the MEC through an identification response interface; and sending the identification information of the inquired terminal to the MEC.

Optionally, the network side device is a core network; the processor 1400 is specifically configured to:

Optionally, the processor 1400 is specifically configured to:

Optionally, the network side device is a unified authentication platform; the processor 1400 is specifically configured to:

Optionally, the processor 1400 is further configured to:

Optionally, the processor 1400 is specifically configured to:

The embodiment of the invention also provides a storage medium readable by the computing equipment aiming at the method for acquiring the terminal identification, namely, the content is not lost after power failure. The storage medium stores therein a software program comprising program code which, when executed on a computing device, when read and executed by one or more processors, implements any of the above aspects of embodiments of the present invention in obtaining a terminal identification.

The present application is described above with reference to block diagrams and/or flowchart illustrations of methods, apparatus (systems) and/or computer program products according to embodiments of the application. It will be understood that one block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, and/or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer and/or other programmable data processing apparatus, create means for implementing the functions/acts specified in the block diagrams and/or flowchart block or blocks.

Accordingly, the subject application may also be embodied in hardware and/or in software (including firmware, resident software, micro-code, etc.). Furthermore, the present application may take the form of a computer program product on a computer-usable or computer-readable storage medium having computer-usable or computer-readable program code embodied in the medium for use by or in connection with an instruction execution system. In the context of this application, a computer-usable or computer-readable medium may be any medium that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.

It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims

1. A method for acquiring a terminal identifier is characterized in that the method comprises the following steps:

the mobile edge computing platform MEC sends a terminal identification query message to the network side equipment through an identification query interface;

and the MEC receives the identification information of the terminal returned by the network side equipment.

2. The method of claim 1, wherein the network-side device is a core network;

3. The method of claim 2, wherein prior to the MEC sending a query message to the core network using an SCTP link with the core network via an identify query interface, further comprising:

and the MEC adds at least one of a protocol IP address, a general packet radio service technology tunneling protocol GTP-U tunnel unique code ID and an S1 link application protocol user unique code S1AP-UE-ID which are interconnected among private network networks of the terminal into the terminal identification query message.

4. The method of claim 1, wherein the network-side device is a unified authentication platform;

the MEC sends a terminal identification query message to the unified authentication platform by using a general data transmission platform GTP tunnel between the MEC and the unified authentication platform through an identification query interface;

5. The method of claim 4, wherein before the MEC sends a terminal identity query message to the unified authentication platform via an identity query interface using a GTP tunnel with the unified authentication platform, further comprising:

6. The method of claim 4, wherein the MEC sends a terminal identity query message to a network side device through an identity query interface using a GTP tunnel with the unified authentication platform, including:

the MEC sends a session key Ks negotiation request message after GTP encapsulation to the unified authentication platform by using a GTP tunnel between the MEC and the unified authentication platform through an identification query interface;

7. The method of claim 4, wherein the MEC sends a terminal identity query message to a network side device through an identity query interface using a GTP tunnel with the unified authentication platform, including:

8. A method for acquiring a terminal identifier is characterized in that the method comprises the following steps:

9. The method of claim 8, wherein the network-side device is a core network;

10. The method of claim 9, wherein after receiving the terminal identification query message transmitted using the SCTP link with the MEC through the identification response interface, and before receiving the terminal identification query message transmitted using the SCTP link with the MEC through the identification response interface, the core network further comprises:

11. The method of claim 8, wherein the network-side device is a unified authentication platform;

12. The method of claim 11, wherein after the unified authentication platform receives the terminal identification query message transmitted using the GTP tunnel with the MEC through the identification response interface, before transmitting the queried identification information of the terminal to the MEC using the GTP tunnel with the MEC through the identification response interface, further comprising:

13. The method of claim 11, wherein the unified authentication platform receives a terminal identity query message sent using a GTP tunnel with the MEC over an identity response interface, comprising:

14. The method of claim 11, wherein the unified authentication platform receives a terminal identity query message sent using a GTP tunnel with the MEC over an identity response interface, comprising:

15. An MEC for acquiring a terminal identity, comprising: a processor and a transceiver:

16. The MEC of claim 15, wherein the network side device is a core network; the processor is specifically configured to:

17. The MEC of claim 16, wherein the processor is further to:

18. The MEC of claim 15, wherein the network-side device is a unified authentication platform; the processor is specifically configured to:

19. The MEC of claim 18, wherein the processor is further to:

20. The MEC of claim 18, wherein the processor is specifically configured to:

21. The MEC of claim 18, wherein the processor is specifically configured to:

22. A network side device for acquiring a terminal identifier is characterized by comprising: a processor and a transceiver:

23. The network-side device of claim 22, wherein the network-side device is a core network; the processor is specifically configured to:

24. The network-side device of claim 23, wherein the processor is specifically configured to:

25. The network-side device of claim 23, wherein the network-side device is a unified authentication platform; the processor is specifically configured to:

26. The network-side device of claim 25, wherein the processor is further configured to:

27. The network-side device of claim 25, wherein the processor is specifically configured to:

28. The network-side device of claim 25, wherein the processor is specifically configured to:

29. An apparatus for obtaining a terminal identifier, the apparatus comprising: at least one processor and at least one memory, wherein the memory stores program code which, when executed by the processor, causes the processor to perform the steps of the method of any of claims 1 to 7 or the steps of the method of any of claims 8 to 14.

30. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 7 or the steps of the method according to any one of claims 8 to 14.