CN113676985B

CN113676985B - Terminal access control method, device, system, terminal and electronic equipment

Info

Publication number: CN113676985B
Application number: CN202010413748.XA
Authority: CN
Inventors: 田树一; 赵嵩
Original assignee: China Telecom Corp Ltd
Current assignee: China Telecom Corp Ltd
Priority date: 2020-05-15
Filing date: 2020-05-15
Publication date: 2023-03-31
Anticipated expiration: 2040-05-15
Also published as: CN113676985A

Abstract

The disclosure discloses a terminal access control method, a device, a system, a terminal and electronic equipment, and relates to the technical field of wireless communication. The method comprises the following steps: receiving a registration request for acquiring network subscription data sent by a terminal; determining an abnormal reason why the terminal cannot acquire the network subscription data; and sending the abnormal reason to the terminal so that the terminal determines whether to reinitiate the registration request according to the abnormal reason. The method and the device can reduce the problem of resource waste caused by frequent registration attempts of the terminal, and improve the success rate of acquiring the subscription data by the terminal through the network.

Description

Terminal access control method, device, system, terminal and electronic equipment

Technical Field

The present disclosure relates to the field of wireless communication technologies, and in particular, to a method, an apparatus, a system, a terminal and an electronic device for controlling access to a terminal.

Background

Some internet of things intelligent terminals are provided with pluggable SIM cards, and when equipment leaves a factory, the SIM cards do not store subscription data of any network or only store subscription data of a specific network. After a user of a terminal signs a contract with a certain non-public network, the terminal needs to acquire the signing data of the non-public network through the network, and then the terminal can use the non-public network.

The method for acquiring the subscription data through the network can enable the terminal to acquire the subscription data of the second network through the current network. When the terminal does not obtain the subscription data, the terminal frequently tries to obtain the subscription data of the second network through the current network, so that the current network resources are excessively occupied, and the electric quantity of the terminal is wasted.

Disclosure of Invention

The technical problem to be solved by the present disclosure is to provide a terminal access control method, device, system, terminal and electronic device, which can reduce the problem of resource waste caused by frequent attempt of registration by the terminal.

According to an aspect of the present disclosure, a method for controlling access of a terminal is provided, including: receiving a registration request for acquiring network subscription data sent by a terminal; determining an abnormal reason that the terminal cannot acquire the network subscription data; and sending the abnormal reason to the terminal so that the terminal determines whether to reinitiate the registration request according to the abnormal reason.

In some embodiments, the causes of the abnormality include: the network subscription data acquisition method comprises at least one of a case that a network control plane cannot be connected to a server for storing the network subscription data, a case that a network user plane cannot be connected to the server for storing the network subscription data, no subscription data corresponding to a terminal exists in the server for storing the network subscription data, a case that a time for the terminal to transmit registration requests for acquiring the network subscription data twice is less than a minimum time interval, and a case that the server for storing the network subscription data fails to authenticate the terminal.

In some embodiments, if the abnormal cause is that the time for sending the registration request for acquiring the network subscription data two times adjacently by the terminal is less than the minimum time interval, the minimum time interval of the two adjacent registrations is sent to the terminal.

In some embodiments, the registration request further includes an indication to obtain network subscription data via the control plane or the user plane.

In some embodiments, the registration request further includes: first terminal authentication data for verifying terminal validity.

In some embodiments, the registration request further comprises: and the second terminal authentication data is used for authenticating the terminal by the server for storing the network subscription data, wherein the first terminal authentication data and the second terminal authentication data are the same or different terminal authentication data.

According to another aspect of the present disclosure, a terminal access control method is further provided, including: sending a registration request for acquiring network subscription data to a network with a subscription data providing function; receiving abnormal reasons that a terminal sent by a network with a subscription data providing function cannot acquire network subscription data; and determining whether to reinitiate the registration request according to the abnormal reason.

In some embodiments, determining whether to reinitiate the registration request comprises: and if the server for storing the network subscription data does not have the subscription data corresponding to the terminal, or the server for storing the network subscription data fails to authenticate the terminal, not initiating the registration request again.

In some embodiments, determining whether to reinitiate the registration request comprises: if the abnormal reason is that the network control plane can not be connected to the server for storing the network subscription data, the registration request for acquiring the network subscription data through the control plane is not sent any more; and if the abnormal reason is that the network user plane cannot be connected to the server for storing the network subscription data, no registration request for acquiring the network subscription data through the user plane is sent any more.

In some embodiments, determining whether to reinitiate the registration request comprises: if the abnormal reason is that the time for the terminal to send the registration request for acquiring the network subscription data through the control plane twice is less than the minimum time interval, the registration request for acquiring the network subscription data through the control plane is not initiated again within the minimum time interval of the two adjacent registrations; if the abnormal reason is that the time for the terminal to send the registration request for acquiring the network subscription data through the user plane twice is less than the minimum time interval, the registration request for acquiring the network subscription data through the user plane is not initiated again within the minimum time interval of the two adjacent registrations.

According to another aspect of the present disclosure, a terminal access control device is further provided, including: a registration request receiving unit configured to receive a registration request for acquiring network subscription data sent by a terminal; an abnormal cause determining unit configured to determine an abnormal cause for which the terminal cannot acquire the network subscription data; and an abnormal reason sending unit configured to send the abnormal reason to the terminal so that the terminal determines whether to reinitiate the registration request according to the abnormal reason.

According to another aspect of the present disclosure, there is also provided a terminal, including: a registration request transmitting unit configured to transmit a registration request for acquiring network subscription data to a network having a subscription data providing function; an abnormal reason receiving unit configured to receive an abnormal reason that a terminal sent by a network having a subscription data providing function cannot acquire network subscription data; and the registration request judging unit is configured to determine whether to reinitiate the registration request according to the abnormal reason.

According to another aspect of the present disclosure, a terminal access control system is further provided, including: the terminal is accessed to the control device; the terminal described above; and a server configured to store the network subscription data.

According to another aspect of the present disclosure, there is also provided an electronic device, including: a memory; and a processor coupled to the memory, the processor configured to perform the terminal access control method as described above based on instructions stored in the memory.

According to another aspect of the present disclosure, a non-transitory computer-readable storage medium is also proposed, on which computer program instructions are stored, which instructions, when executed by a processor, implement the above-mentioned terminal access control method.

In the embodiment of the disclosure, the network having the subscription data providing function determines that the terminal cannot obtain the abnormal reason of the network subscription data, and sends the abnormal reason to the terminal, so that the terminal determines whether to reinitiate the registration request according to the abnormal reason, thereby reducing the problem of resource waste caused by frequent registration attempts of the terminal, and improving the success rate of obtaining the subscription data by the terminal through the network.

Other features of the present disclosure and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.

Drawings

The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description, serve to explain the principles of the disclosure.

The present disclosure may be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings, in which:

fig. 1 is a flow diagram of some embodiments of a terminal access control method of the present disclosure.

Fig. 2 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure.

Fig. 3 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure.

Fig. 4 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure.

Fig. 5 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure.

Fig. 6 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure.

Fig. 7 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure.

Fig. 8 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure.

Fig. 9 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure.

Fig. 10 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure.

Fig. 11 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure.

Fig. 12 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure.

Fig. 13 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure.

Fig. 14 is a schematic structural diagram of some embodiments of a terminal access control apparatus according to the present disclosure.

Fig. 15 is a schematic structural diagram of some embodiments of a terminal of the present disclosure.

Fig. 16 is a schematic structural diagram of some embodiments of a terminal access control system of the present disclosure.

Fig. 17 is a schematic structural view of some embodiments of an electronic device of the present disclosure.

Detailed Description

Various exemplary embodiments of the present disclosure will now be described in detail with reference to the accompanying drawings. It should be noted that: the relative arrangement of the components and steps, the numerical expressions, and numerical values set forth in these embodiments do not limit the scope of the present disclosure unless specifically stated otherwise.

Meanwhile, it should be understood that the sizes of the respective portions shown in the drawings are not drawn in an actual proportional relationship for the convenience of description.

The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the disclosure, its application, or uses.

Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate.

In all examples shown and discussed herein, any particular value should be construed as exemplary only and not as limiting. Thus, other examples of the exemplary embodiments may have different values.

It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, further discussion thereof is not required in subsequent figures.

For the purpose of promoting a better understanding of the objects, aspects and advantages of the present disclosure, reference is made to the following detailed description taken in conjunction with the accompanying drawings.

Fig. 1 is a flow diagram of some embodiments of a terminal access control method of the present disclosure. This embodiment is performed by a terminal access control device located in a network having a subscription data provision function.

In step 110, a registration request for acquiring network subscription data sent by a terminal is received.

The network subscription data may be subscription data of a network that receives the registration request, or subscription data of other networks, that is, the network that receives the registration request and the network corresponding to the network subscription data may be the same network or different networks.

In some embodiments, the registration request may carry first terminal authentication data for verifying the validity of the terminal, where the first terminal authentication data is, for example, a terminal manufacturer certificate. The terminal access control device verifies the certificate of the terminal manufacturer, judges whether the terminal is legal or not, and can execute subsequent operation if the terminal is legal.

In some embodiments, the registration request may further carry second terminal authentication data for authenticating the terminal by the server storing the network subscription data. The first terminal authentication data and the second terminal authentication data are the same or different terminal authentication data.

In step 120, it is determined that the terminal cannot acquire the abnormal reason of the network subscription data.

In some embodiments, the causes of the abnormality include: the network control plane cannot be connected to a server for storing the network subscription data, the network user plane cannot be connected to the server for storing the network subscription data, the server for storing the network subscription data does not have subscription data corresponding to the terminal, the time for the terminal to send the registration request for acquiring the network subscription data twice is less than the minimum time interval, or the server for storing the network subscription data fails to authenticate the terminal, and the like.

In some embodiments, the time that the terminal sends the registration request for acquiring the network subscription data twice in a neighborhood is less than the minimum time interval includes: the time for the terminal to send the registration request for acquiring the network subscription data through the control plane twice is less than the minimum time interval, or the time for the terminal to send the registration request for acquiring the network subscription data through the user plane twice is less than the minimum time interval.

In step 130, the abnormal reason is sent to the terminal, so that the terminal determines whether to reinitiate the registration request according to the abnormal reason.

For example, if there is no subscription data corresponding to the terminal in the server storing the network subscription data, or if the server storing the network subscription data fails to authenticate the terminal, the terminal does not re-initiate the registration request.

For another example, the network having the subscription data providing function supports acquisition of the network subscription data through the control plane as well as the user plane. If the abnormal reason is that the network control plane can not be connected to the server for storing the network subscription data, the terminal does not send a registration request for acquiring the network subscription data through the control plane to the network with the subscription data providing function any more. If the abnormal reason is that the network user plane can not be connected to the server for storing the network subscription data, the terminal does not send a registration request for acquiring the network subscription data through the user plane to the network with the subscription data providing function any more. And if the abnormal reason is that the time for the terminal to send the registration request for acquiring the network subscription data through the control plane twice is less than the minimum time interval, sending the minimum time interval of the two adjacent registrations to the terminal, so that the registration request for acquiring the network subscription data through the control plane is not restarted any more in the minimum time interval of the two adjacent registrations of the terminal. And if the abnormal reason is that the time for sending the registration request for acquiring the network subscription data through the user plane by the terminal twice is less than the minimum time interval, sending the minimum time interval of the two adjacent registrations to the terminal, so that the registration request for acquiring the network subscription data through the user plane is not initiated again within the minimum time interval of the two adjacent registrations of the terminal.

If the network with the subscription data providing function only supports the acquisition of the network subscription data through the control plane, and the abnormal reason is that the network control plane cannot be connected to the server for storing the network subscription data; or, if the network with the subscription data providing function only supports the acquisition of the network subscription data through the user plane and the abnormal reason is that the network user plane cannot be connected to the server for storing the network subscription data, the terminal does not initiate the registration request again.

If the network with the subscription data providing function only supports the acquisition of the network subscription data through the control plane or the user plane and the abnormal reason is that the time for the terminal to send the registration request for acquiring the network subscription data twice adjacently is less than the minimum time interval, the registration request is not re-initiated within the minimum time interval of the two adjacent registrations.

In some embodiments, the terminal access control device may receive a plurality of registration requests sent by the terminal. For example, the terminal may simultaneously send a registration request for acquiring the second network subscription data through the control plane and a registration request for acquiring the third network subscription data through the user plane. The abnormal reason corresponding to each registration request can also be sent to the terminal. For example, if the terminal access control device determines that the server storing the second network subscription data cannot be connected through the network control plane, and also determines that the server storing the third network subscription data does not have subscription data corresponding to the terminal, both of these abnormal situations may be transmitted to the terminal.

In the embodiment, the abnormal reason that the terminal cannot acquire the network subscription data is determined, and the abnormal reason is sent to the terminal, so that the terminal determines whether to reinitiate the registration request according to the abnormal reason, the problem of resource waste caused by frequent registration attempts of the terminal can be reduced, and the success rate of acquiring the subscription data through the network by the terminal is improved.

Fig. 2 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure. This embodiment is performed by a terminal.

In step 210, a registration request for acquiring network subscription data is sent to a network having a subscription data providing function.

The network subscription data may be subscription data of the network that receives the registration request, or subscription data of another network.

In some embodiments, the registration request may carry first terminal authentication data for verifying the validity of the terminal, where the first terminal authentication data is, for example, a terminal manufacturer certificate. The network with the subscription data providing function verifies the certificate of the terminal manufacturer, judges whether the terminal is legal or not, and can execute the subsequent operation if the terminal is legal.

In step 220, the terminal receiving the network transmission with the subscription data providing function cannot acquire the abnormal reason of the network subscription data.

In some embodiments, the causes of the abnormality include: the network control plane cannot be connected to a server for storing the network subscription data, the network user plane cannot be connected to the server for storing the network subscription data, the server for storing the network subscription data does not have subscription data corresponding to the terminal, the time for the terminal to send the registration request for acquiring the network subscription data twice is less than the minimum time interval, or the server for storing the network subscription data fails in authentication on the terminal.

In some embodiments, if the terminal sends multiple registration requests to the terminal access control device. For example, the terminal may simultaneously send a registration request for acquiring the second network subscription data through the control plane and a registration request for acquiring the third network subscription data through the user plane. The terminal access control means may transmit the cause of the abnormality corresponding to each registration request to the terminal, and the terminal may receive a plurality of causes of the abnormality.

At step 230, it is determined whether to reinitiate the registration request based on the cause of the anomaly.

For another example, the network having the subscription data providing function supports both the case of acquiring the network subscription data through the control plane and the case of acquiring the network subscription data through the user plane. If the abnormal reason is that the network control plane can not be connected to the server for storing the network subscription data, the terminal does not send a registration request for acquiring the network subscription data through the control plane to the network with the subscription data providing function any more. If the abnormal reason is that the network user plane can not be connected to the server for storing the network subscription data, the terminal does not send a registration request for acquiring the network subscription data through the user plane to the network with the subscription data providing function any more. And if the abnormal reason is that the time for the terminal to send the registration request for acquiring the network subscription data through the control plane twice is less than the minimum time interval, sending the minimum time interval of the two adjacent registrations to the terminal, so that the registration request for acquiring the network subscription data through the control plane is not restarted any more in the minimum time interval of the two adjacent registrations of the terminal. If the abnormal reason is that the time for the terminal to send the registration request for acquiring the network subscription data through the user plane twice is smaller than the minimum time interval, the minimum time interval for the two adjacent registrations is sent to the terminal, so that the registration request for acquiring the network subscription data through the user plane is not re-initiated in the minimum time interval for the two adjacent registrations of the terminal.

If the network with the subscription data providing function only supports the acquisition of the network subscription data through the control plane, and the abnormal reason is that the network control plane cannot be connected to a server for storing the network subscription data; or, if the network with the subscription data providing function only supports obtaining the network subscription data through the user plane and the abnormal reason is that the network user plane cannot be connected to the server storing the network subscription data, the terminal does not initiate the registration request again.

If the network with the subscription data providing function only supports the acquisition of the network subscription data through the control plane or the user plane, and the abnormal reason is that the time for the terminal to send the registration request for acquiring the network subscription data twice is less than the minimum time interval, the registration request is not re-initiated within the minimum time interval of two adjacent registrations.

In the embodiment, the terminal receives the abnormal reason that the terminal sent by the network with the subscription data providing function cannot acquire the network subscription data, and determines whether to reinitiate the registration request according to the abnormal reason, so that the problem that the terminal frequently tries to register to cause excessive occupation of network resources is solved.

In step 310, the terminal sends a registration request to the first network, where the registration request indicates that the second network subscription data is obtained through the first network. The first network has a subscription data providing function, and the subscription data includes, for example, a subscription voucher, a terminal identifier, and the like.

The first Network is, for example, SNPN (Stand-alone Non-Public Network), PLMN (Public Land Mobile Network), PNI-NPN (Public Network Integrated Non-Public Network), etc., and the second Network is, for example, SNPN, PNI-NPN, etc.

The first network and the second network may be the same network or different networks.

In some embodiments, if the first network may support both the acquisition of the second network subscription data through the control plane and the acquisition of the second network subscription data through the user plane, when the terminal sends a registration request to the first network, the registration request may indicate that the network subscription data is acquired through the control plane or the user plane. If the first network only supports the acquisition of the second network subscription data through the control plane, or the first network only supports the acquisition of the second network subscription data through the user plane, the registration request may not carry indication information for acquiring the network subscription data through the control plane or the user plane.

In step 320, the first network determines an abnormal cause that the second network subscription data cannot be acquired through the current network.

The reasons for the abnormality include: the first network control plane cannot be connected to the server storing the second network subscription data, the first network user plane cannot be connected to the server storing the second network subscription data, the server storing the second network subscription data does not have subscription data corresponding to the terminal, and the time for the terminal to send the registration request for acquiring the network subscription data twice is less than the minimum time interval, or the server storing the second network subscription data fails to authenticate the terminal.

In step 330, the first network sends the cause of the abnormality to the terminal.

In some embodiments, if the reason for the anomaly is that the time for the terminal to send the registration request for acquiring the network subscription data twice is less than the minimum time interval, the first network further sends the minimum time interval between two adjacent registrations to the terminal.

In step 340, the terminal performs the next registration or no longer registers according to the abnormal reason.

For example, if the anomaly reason is that the first network control plane cannot be connected to the server storing the second network subscription data, the terminal does not automatically initiate the registration request for acquiring the second network subscription data through the first network control plane any more.

If the abnormal reason is that the first network user plane cannot be connected to the server storing the second network subscription data, the terminal does not automatically initiate a registration request for acquiring the second network subscription data through the first network user plane any more.

If the abnormal reason is that the server storing the second network subscription data does not have the subscription data of the terminal, or the server storing the second network subscription data fails to authenticate the terminal, the terminal does not automatically initiate a registration request for acquiring the second network subscription data through the first network.

If the abnormal reason is that the registration of the terminal for acquiring the subscription data through the network is too frequent, the terminal does not initiate a registration request for acquiring the second network subscription data through the first network within the minimum time interval of two adjacent registrations issued by the first network.

In the embodiment, the terminal is enabled to acquire the reason why the subscription data cannot be acquired through the network during registration, and next registration or no registration is performed according to the reason, so that the success rate of acquiring the subscription data through the network by the terminal is improved, excessive occupation of network resources is avoided, and the electric quantity of the terminal is saved.

Fig. 4 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure. In this embodiment, the network having the subscription Data providing function is, for example, SNPN1, where the SNPN1 includes a UDM (Unified Data Management function), and the network subscription Data is, for example, subscription Data of SNPN 2.

In step 410, the terminal sends a registration request to the SNPN1, the registration request indicates that the registration is only used for acquiring the subscription data of the SNPN2 through the SNPN1 control plane, and the registration request also carries a terminal manufacturer certificate. The terminal manufacturer voucher can be used for SNPN1 authentication of the terminal and for server authentication of the terminal storing SNPN2 subscription data.

At step 420, snpn1 verifies that the terminal is a legitimate terminal by the terminal manufacturer's certificate in the registration request.

In step 430, the UDM of SNPN1 determines, based on the preconfigured routing information, that SNPN1 cannot connect to a server storing SNPN2 subscription data via the control plane.

In step 440, SNPN1 sends a registration rejection message to the terminal, wherein the exception cause carried in the registration rejection message is that SNPN1 can not be connected to the server storing SNPN2 subscription data through the control plane.

In step 450, the terminal does not automatically initiate a registration request to SNPN1 to acquire the subscription data of SNPN2 through the SNPN1 control plane.

In this embodiment, the SNPN1 sends the terminal an abnormal cause that the terminal cannot acquire the stored SNPN2 subscription data through the SNPN1 control plane, and the terminal does not automatically initiate a registration request to the SNPN1 to acquire the SNPN2 subscription data through the SNPN1 control plane any more, thereby reducing resource waste.

Fig. 5 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure. In this embodiment, the network having the subscription data providing function is, for example, SNPN1, the SNPN1 includes the UDM, and the network subscription data is, for example, subscription data of SNPN 2.

In step 510, the terminal sends a registration request to the SNPN1, the registration request indicates that the registration is only used for acquiring subscription data of the SNPN2 through the SNPN1 user plane, and the registration request also carries a terminal manufacturer certificate.

At step 520, snpn1 verifies that the terminal is a legitimate terminal by the terminal manufacturer's certificate in the registration request.

At step 530, the UDM of snpn1 determines that SNPN1 cannot connect to a server storing SNPN2 subscription data through the user plane.

In step 540, SNPN1 sends a registration rejection message to the terminal, and the exception cause carried in the registration rejection message is that SNPN1 cannot connect to the server storing the SNPN2 subscription data through the user plane.

In step 550, the terminal does not automatically initiate a registration request to SNPN1 to acquire subscription data of SNPN2 through the SNPN1 user plane.

In this embodiment, the SNPN1 sends the terminal the abnormal reason that the terminal cannot acquire the stored SNPN2 subscription data through the SNPN1 user plane, and the terminal no longer automatically initiates a registration request to the SNPN1 to acquire the SNPN2 subscription data through the SNPN1 user plane, thereby reducing resource waste.

Fig. 6 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure. In this embodiment, the network having the subscription data providing function is, for example, SNPN1, the SNPN1 includes the UDM, and the network subscription data is, for example, subscription data of SNPN 2.

In step 610, the terminal sends a registration request to the SNPN1, the registration request indicates that the SNPN1 obtains the subscription data of the SNPN2, and the registration request also carries a terminal manufacturer certificate.

In some embodiments, the registration request indicates that the registration is only for acquiring subscription data for SNPN2 through the SNPN1 control plane.

At step 620, snpn1 verifies that the terminal is a legitimate terminal by the terminal manufacturer's certificate in the registration request.

In step 630, the UDM of snpn1 connects to the server storing SNPN2 subscription data, but the server storing SNPN2 subscription data does not have the subscription information of the terminal.

In step 640, the snpn1 sends a registration rejection message to the terminal, and the exception cause carried in the registration rejection message is that the server storing the SNPN2 subscription data does not have the subscription information of the terminal.

In step 650, the terminal no longer initiates a registration request to SNPN1 to acquire subscription data of SNPN2 through SNPN 1.

In some embodiments, if the registration request indicates that the registration is only used for acquiring the subscription data of SNPN2 through the SNPN1 control plane, the terminal does not automatically initiate a registration request to SNPN1 for acquiring the subscription data of SNPN2 through the SNPN1 control plane.

And the subsequent terminal user signs a contract with the SNPN2, and the terminal allows the user to operate the terminal to manually initiate a registration request for acquiring the signing data of the SNPN2 from the SNPN1 according to the self setting.

In the above embodiment, when the terminal receives the subscription information of the terminal in the server storing the SNPN2 subscription data, the terminal does not automatically initiate the registration request for acquiring the subscription data of the SNPN2 to the SNPN1 through the SNPN1 control plane or the user plane any more, thereby reducing the resource occupied by the terminal when the terminal frequently tries to register.

Fig. 7 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure. In this embodiment, the network having the subscription data providing function is, for example, SNPN1, the SNPN1 includes the UDM, and the network subscription data is, for example, subscription data of SNPN 2.

In step 710, the terminal sends a registration request to SNPN1, the registration request indicates that the SNPN1 obtains the subscription data of SNPN2, and the registration request also carries a terminal manufacturer certificate.

In some embodiments, the registration request indicates that the registration is only for acquisition of subscription data for SNPN2 over the SNPN1 control plane, or the registration request indicates that the registration is only for acquisition of subscription data for SNPN2 over the SNPN1 user plane.

At step 720, snpn1 verifies that the terminal is a legitimate terminal by the terminal manufacturer's certificate in the registration request.

At step 730, the UDM of snpn1 determines that the registration is separated from the previous registration of the same type by less than the minimum time interval between two adjacent registrations, i.e. registration requests are sent too frequently.

For example, the registration interval of this type of terminal cannot be less than 60 seconds, since the registration interval is only 30 seconds apart from the previous registration of the terminal, and the terminal is specified in the subscription data of the PLMN or the PLMN UDM itself.

In step 740, snpn1 sends a registration rejection message to the terminal, where the exception cause carried in the registration rejection message is too frequent due to the registration request and indicates a minimum time interval between two adjacent registrations of the terminal. For example, the registration interval for acquiring subscription data through the network, which indicates that the terminal is adjacent twice, cannot be less than 60 seconds.

In step 750, the terminal does not initiate a registration request to SNPN1 to acquire subscription data of SNPN2 through SNPN1 any more within a minimum time interval between two adjacent registrations.

For example, if the registration request indicates that the registration is only used for acquiring the subscription data of SNPN2 through the SNPN1 control plane, the terminal does not initiate a registration request to SNPN1 to acquire the subscription data of SNPN2 through the SNPN1 control plane any more within a minimum time interval between two adjacent registrations. And if the registration request indicates that the registration is only used for acquiring the subscription data of the SNPN2 through the SNPN1 user plane, the terminal does not initiate a registration request for acquiring the subscription data of the SNPN2 through the SNPN1 user plane to the SNPN1 any more within the minimum time interval between two adjacent registrations.

In the above embodiment, when the terminal receives the abnormal reason that the terminal sends the registration request too frequently, the terminal does not automatically initiate the registration request for acquiring the subscription data of the SNPN2 through the SNPN1 control plane or the SNPN1 user plane within the minimum time interval between two adjacent registrations, so that the resource occupied by the terminal when trying to register frequently is reduced.

Fig. 8 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure. In this embodiment, the network having the subscription data providing function is, for example, SNPN1, the SNPN1 includes the UDM, and the network subscription data is, for example, subscription data of SNPN 2.

In step 810, the terminal sends a registration request to the SNPN1, where the registration request indicates to acquire the subscription data of the SNPN2 through the SNPN1 control plane, and the registration request also carries a terminal manufacturer certificate.

At step 820, snpn1 verifies that the terminal is a legitimate terminal by the terminal manufacturer's certificate in the registration request.

In step 830, the UDM of snpn1 determines that the server storing the SNPN2 network subscription data failed to authenticate the terminal.

For example, the UDM of SNPN1 sends a request for acquiring subscription data to a server storing SNPN2 network subscription data, where the request carries a terminal manufacturer certificate. And the server storing the SNPN2 signed data fails to authenticate the terminal, and the request is failed to reply to the SNPN2, wherein the failure reason is authentication failure.

In step 840, snpn1 sends a registration refusing message to the terminal, where the abnormal cause carried in the registration refusing message is that the server storing the SNPN2 network subscription data authenticates the terminal and fails.

In step 850, the terminal no longer initiates a registration request to SNPN1 to acquire the subscription data of SNPN2 through the SNPN1 control plane.

In the above embodiment, when the terminal receives the abnormal reason that the server storing the SNPN2 network subscription data authenticates the terminal, the terminal does not automatically initiate the registration request for acquiring the subscription data of the SNPN2 through the SNPN1 control plane to the SNPN1 any more, so that the resource occupied by the terminal when trying to register frequently is reduced.

Fig. 9 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure. The first network is a PLMN that includes a UDM. The second network is PNI-NPN, and the network subscription data is subscription data of the PNI-NPN.

In step 910, the terminal sends a registration request to the PLMN, where the registration request indicates that the registration is only used to obtain the PNI-NPN subscription data through the PLMN control plane, and the registration request also carries a PLMN credential of the terminal and a terminal manufacturer credential, and is used for PLMN authentication and server authentication for storing the PNI-NPN subscription data, respectively.

In step 920, the PLMN verifies that the terminal is a valid terminal through the PLMN credential of the terminal in the registration request.

In step 930, the UDM of the PLMN determines, according to the pre-configured routing information, that the PLMN cannot store the server of the PNI-NPN subscription data through the control plane connection.

In step 940, the PLMN sends a registration rejection message to the terminal, and the PLMN cannot connect to the server storing the PNI-NPN subscription data through the control plane because of the anomaly factor carried in the registration rejection message.

In step 950, the terminal no longer automatically initiates a registration request to the PLMN to obtain the subscription data of PNI-NPN via the PLMN control plane.

In this embodiment, the PLMN sends the terminal an abnormal cause that the terminal cannot acquire the PNI-NPN subscription data through the PLMN control plane, and the terminal no longer automatically initiates a registration request to the PLMN to acquire the PNI-NPN subscription data through the PLMN control plane, thereby reducing resource waste.

Fig. 10 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure. The first network is a PLMN that includes a UDM. The second network is PNI-NPN, and the network subscription data is subscription data of the PNI-NPN.

In step 1010, the terminal sends a registration request to the PLMN, the registration request indicates that the registration is only used for acquiring the PNI-NPN subscription data through the PLMN user plane, the registration request also carries a PLMN credential of the terminal for PLMN authentication, and the method of acquiring the PNI-NPN subscription data through the PLMN user plane does not need to carry a credential for server authentication for storing the PNI-NPN subscription data in the registration request.

The PLMN verifies the terminal as a legitimate terminal by means of the PLMN credentials in the registration request, step 1020.

In step 1030, the UDM of the PLMN determines that the PLMN cannot connect to the server storing the PNI-NPN subscription data through the user plane.

In step 1040, the PLMN sends a registration rejection message to the terminal, and the PLMN cannot connect to the server storing the PNI-NPN subscription data through the user plane for the reason of the anomaly carried in the registration rejection message.

In step 1050, the terminal does not automatically initiate a registration request to the PLMN to obtain the subscription data of the PNI-NPN via the PLMN user plane.

In this embodiment, the PLMN sends the terminal the abnormal cause that the terminal cannot acquire and store the PNI-NPN subscription data through the PLMN user plane, and the terminal no longer automatically initiates a registration request to the PLMN to acquire the PNI-NPN subscription data through the PLMN user plane, thereby reducing resource waste.

Fig. 11 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure. In this embodiment, the network having the subscription data providing function is, for example, a PLMN including the UDM, and the network subscription data is, for example, subscription data of PNI-NPN.

In step 1110, the terminal sends a registration request to the PLMN, where the registration request indicates that the PNI-NPN subscription data is obtained through the PLMN, and the registration request also carries a terminal manufacturer credential.

In some embodiments, the registration request indicates that the registration is only for obtaining subscription data for the PNI-NPN via the PLMN control plane.

The plmn verifies the terminal as a legitimate terminal by means of the terminal manufacturer credentials in the registration request, step 1120.

In step 1130, the UDM of the plmn connects to the server storing the PNI-NPN subscription data, but the server storing the PNI-NPN subscription data does not have the subscription information of the terminal.

In step 1140, the plmn sends a registration rejection message to the terminal, where the anomaly cause carried in the registration rejection message is that the server storing the PNI-NPN subscription data does not have the subscription information of the terminal.

In step 1150, the terminal no longer initiates a registration request to the PLMN to obtain subscription data of PNI-NPN via the PLMN.

In some embodiments, if the registration request indicates that the registration is only used for acquiring the subscription data of the PNI-NPN through the PLMN control plane, the terminal no longer automatically initiates a registration request to the PLMN for acquiring the subscription data of the PNI-NPN through the PLMN control plane.

And the subsequent terminal user signs a contract with the PNI-NPN, and the terminal allows the user to operate the terminal to manually initiate a registration request for acquiring the signing data of the PNI-NPN through the PLMN according to the self setting.

In the above embodiment, when the terminal receives that the server storing the PNI-NPN subscription data does not have the subscription information of the terminal, the terminal does not automatically initiate a registration request for acquiring the PNI-NPN subscription data from the PLMN through the control plane or the user plane of the PLMN any more, thereby reducing resource occupation caused by frequent attempts of registration by the terminal.

Fig. 12 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure. In this embodiment, the network having the subscription data providing function is, for example, a PLMN including the UDM, and the network subscription data is, for example, subscription data of PNI-NPN.

In step 1210, the terminal sends a registration request to the PLMN, where the registration request indicates to acquire the subscription data of the PNI-NPN via the PLMN, and the registration request also carries a terminal manufacturer credential.

In some embodiments, the registration request indicates that the registration is only for acquiring the subscription data of the PNI-NPN through the PLMN control plane, or the registration request indicates that the registration is only for acquiring the subscription data of the PNI-NPN through the PLMN user plane.

The plmn verifies that the terminal is a valid terminal by means of the terminal manufacturer's credentials in the registration request in step 1220.

In step 1230, the UDM of the plmn determines that the registration is separated from the previous registration of the terminal by less than the minimum time interval between two adjacent registrations, i.e. determines that the registration request is sent too frequently.

In step 1240, the plmn sends a registration rejection message to the terminal, where the anomaly cause carried in the registration rejection message is too frequent due to the registration request and indicates a minimum time interval between two adjacent registrations for the terminal. For example, the registration interval for acquiring subscription data through the network, which indicates that the terminal is adjacent twice, cannot be less than 60 seconds.

In step 1250, the terminal does not initiate a registration request to the PLMN for acquiring the subscription data of the PNI-NPN through the PLMN any longer within the minimum time interval between two adjacent registrations.

For example, the registration request indicates that the registration is only used for acquiring the subscription data of the PNI-NPN through the PLMN control plane, and the terminal does not initiate a registration request for acquiring the subscription data of the PNI-NPN through the PLMN control plane to the PLMN any more within a minimum time interval between two adjacent registrations. And the registration request indicates that the registration is only used for acquiring the PNI-NPN subscription data through the PLMN user plane, and the terminal does not initiate a registration request for acquiring the PNI-NPN subscription data through the PLMN user plane to the PLMN any more within the minimum time interval of two adjacent registrations.

In the above embodiment, when the terminal receives the abnormal reason that the terminal sends the registration request too frequently, the terminal does not automatically initiate the registration request for acquiring the subscription data of the PNI-NPN through the PLMN control plane or the user plane within the minimum time interval between two adjacent registrations, so that the resource occupation of frequent attempt registration by the terminal is reduced.

Fig. 13 is a flowchart illustrating a terminal access control method according to another embodiment of the disclosure. In this embodiment, the network having the subscription data providing function is, for example, a PLMN including the UDM, and the network subscription data is, for example, subscription data of PNI-NPN.

In step 1310, the terminal sends a registration request to the PLMN, where the registration request indicates to acquire PNI-NPN subscription data through a PLMN control plane, and the registration request also carries a terminal manufacturer credential.

The plmn verifies the terminal as a legitimate terminal by the terminal manufacturer's credentials in the registration request in step 1320.

In step 1330, the UDM of the plmn determines that the server storing the PNI-NPN network subscription data failed to authenticate the terminal.

For example, the UDM of the PLMN sends a request for acquiring subscription data to a server storing PNI-NPN network subscription data, where the request carries a terminal manufacturer credential. And the server storing the PNI-NPN subscription data fails to authenticate the terminal and replies a request failure to the PNI-NPN, wherein the failure reason is authentication failure.

In step 1340, the plmn sends a registration rejection message to the terminal, where the anomaly cause carried in the registration rejection message is a failure to authenticate the terminal by the server storing the PNI-NPN network subscription data.

In step 1350, the terminal no longer initiates a registration request to the PLMN to acquire the subscription data of PNI-NPN via the PLMN control plane.

In the above embodiment, when the terminal receives the abnormal reason that the server storing the PNI-NPN network subscription data fails to authenticate the terminal, the terminal does not automatically initiate a registration request for acquiring the PNI-NPN subscription data from the PLMN through the PLMN control plane any more, thereby reducing the resource occupation of frequent attempts by the terminal for registration.

Fig. 14 is a schematic structural diagram of some embodiments of the terminal access control device of the present disclosure. The terminal access control device includes: a registration request receiving unit 1410, an abnormality cause determining unit 1420, and an abnormality cause transmitting unit 1430.

The registration request receiving unit 1410 is configured to receive a registration request for acquiring network subscription data sent by a terminal.

The network subscription data may be network subscription data having a subscription data providing function, or may be subscription data of other networks.

In some embodiments, if the first network supports obtaining the second network subscription data through the control plane, the first network supports obtaining the second network subscription data through the user plane. When the terminal sends a registration request to the first network, the registration request may indicate that the network subscription data is obtained through the control plane or the user plane. If the first network only supports the acquisition of the second network subscription data through the control plane, or the first network only supports the acquisition of the second network subscription data through the user plane, the registration request may not carry indication information for acquiring the network subscription data through the control plane or the user plane.

The abnormal cause determination unit 1420 is configured to determine an abnormal cause for which the terminal cannot acquire the network subscription data.

In some embodiments, the time that the terminal sends the registration request for acquiring the network subscription data twice adjacent to each other is less than the minimum time interval includes: the time for the terminal to send the registration request for acquiring the network subscription data through the control plane twice is less than the minimum time interval, or the time for the terminal to send the registration request for acquiring the network subscription data through the user plane twice is less than the minimum time interval.

The abnormal cause transmitting unit 1430 is configured to transmit the abnormal cause to the terminal so that the terminal determines whether to reinitiate the registration request according to the abnormal cause.

In the embodiment, the abnormal reason that the terminal cannot acquire the network subscription data is determined, and the abnormal reason is sent to the terminal, so that the terminal determines whether to reinitiate the registration request according to the abnormal reason, resource waste caused by frequent registration attempts of the terminal is reduced, and the success rate of acquiring the subscription data through the network by the terminal is improved.

Fig. 15 is a schematic structural diagram of some embodiments of a terminal of the present disclosure. The terminal includes: registration request transmitting section 1510, abnormality cause receiving section 1520, and registration request judging section 1530.

The registration request transmitting unit 1510 is configured to transmit a registration request for acquiring network subscription data to a network having a subscription data providing function.

In some embodiments, the first network may support both the acquisition of the second network subscription data through the control plane and the acquisition of the second network subscription data through the user plane. When the terminal sends a registration request to the first network, the registration request may indicate that the network subscription data is obtained through the control plane or the user plane. If the first network only supports the acquisition of the second network subscription data through the control plane, or the first network only supports the acquisition of the second network subscription data through the user plane, the registration request may not carry indication information for acquiring the network subscription data through the control plane or the user plane.

The abnormal cause receiving unit 1520 is configured to receive an abnormal cause for which a terminal transmitted by a network having a subscription data providing function cannot acquire network subscription data.

The registration request judging unit 1530 is configured to determine whether to reinitiate the registration request according to the abnormality cause.

For another example, the network having the subscription data providing function supports both the case of acquiring the network subscription data through the control plane and the case of acquiring the network subscription data through the user plane. If the abnormal reason is that the network control plane can not be connected to the server for storing the network subscription data, the terminal does not send a registration request for acquiring the network subscription data through the control plane to the network with the subscription data providing function any more. If the abnormal reason is that the network user plane can not be connected to the server for storing the network subscription data, the terminal does not send the registration request for acquiring the network subscription data through the user plane to the network with the subscription data providing function any more. And if the abnormal reason is that the time for the terminal to send the registration requests for acquiring the network subscription data through the control plane twice is less than the minimum time interval, sending the minimum time interval of the two adjacent registrations to the terminal, so that the registration requests for acquiring the network subscription data through the control plane are not re-initiated in the minimum time interval of the two adjacent registrations of the terminal. And if the abnormal reason is that the time for sending the registration request for acquiring the network subscription data through the user plane by the terminal twice is less than the minimum time interval, sending the minimum time interval of the two adjacent registrations to the terminal, so that the registration request for acquiring the network subscription data through the user plane is not initiated again within the minimum time interval of the two adjacent registrations of the terminal.

In the embodiment, the terminal receives the abnormal reason that the terminal sent by the network with the subscription data providing function cannot acquire the network subscription data, determines whether to reinitiate the registration request according to the abnormal reason, and reduces excessive occupation of network resources caused by frequent attempt of registration by the terminal.

Fig. 16 is a schematic structural diagram of some embodiments of a terminal access control system of the present disclosure. The system includes a terminal 1610, a terminal access control device 1620, and a server 1630. The terminal 1610 and the terminal access control device 1620 have been described in detail in the above embodiments.

The server 1630 is configured to store network subscription data.

In some embodiments, the network to which the terminal access control device 1620 belongs and the network in the network subscription data may be the same network or different networks.

Fig. 17 is a schematic structural view of some embodiments of an electronic device of the present disclosure. The electronic device 1700 includes a memory 1710 and a processor 1720. Wherein: memory 1710 may be a magnetic disk, flash memory, or any other non-volatile storage medium. The memory is used to store instructions in the embodiments corresponding to fig. 1-13. Processor 1720 is coupled to memory 1710 and may be implemented as one or more integrated circuits, such as a microprocessor or microcontroller. The processor 1720 is configured to execute instructions stored in a memory.

In some embodiments, processor 1720 is coupled to memory 1710 through a BUS 1730. The electronic device 1700 may also be connected to an external storage system 1750 through storage interface 1740 for retrieving external data, and may also be connected to a network or another computer system (not shown) through network interface 1760. And will not be described in detail herein.

In the embodiment, the data instruction is stored in the memory, and the processor processes the instruction, so that the occupation of network resources caused by frequent attempt and registration of the terminal can be reduced, and the power of the terminal can be saved.

In other embodiments, a computer-readable storage medium has stored thereon computer program instructions which, when executed by a processor, implement the steps of the method in the embodiments corresponding to fig. 1-13. As will be appreciated by one of skill in the art, embodiments of the present disclosure may be provided as a method, apparatus, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.

The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

Thus far, the present disclosure has been described in detail. Some details that are well known in the art have not been described in order to avoid obscuring the concepts of the present disclosure. It will be fully apparent to those skilled in the art from the foregoing description how to practice the presently disclosed embodiments.

Although some specific embodiments of the present disclosure have been described in detail by way of example, it should be understood by those skilled in the art that the foregoing examples are for purposes of illustration only and are not intended to limit the scope of the present disclosure. It will be appreciated by those skilled in the art that modifications may be made to the above embodiments without departing from the scope and spirit of the present disclosure. The scope of the present disclosure is defined by the appended claims.

Claims

1. A terminal access control method performed by a first network, the terminal access control method comprising:

receiving a registration request for acquiring network subscription data sent by a terminal, wherein the registration request indicates that subscription data of a second network is acquired through a first network, and the second network is a non-public network;

determining an abnormal reason that the terminal cannot acquire the network subscription data, wherein the abnormal reason comprises: the server for storing the network subscription data does not have the subscription data corresponding to the terminal; and

and sending the abnormal reason to the terminal so that the terminal determines whether to reinitiate the registration request according to the abnormal reason, wherein if the server for storing the network subscription data does not have the subscription data corresponding to the terminal, the terminal does not reinitiate the registration request.

2. The terminal access control method according to claim 1, wherein the cause of abnormality further includes:

the terminal comprises at least one of a server for storing the network subscription data, a network user plane, a terminal and a server for storing the network subscription data, wherein the time for the terminal to send registration requests for acquiring the network subscription data twice is less than a minimum time interval, and the server for storing the network subscription data fails to authenticate the terminal.

3. The terminal access control method according to claim 2, wherein if the anomaly cause is that a time for the terminal to send registration requests for acquiring network subscription data twice adjacently is less than a minimum time interval, the minimum time interval for the two adjacent registrations is sent to the terminal.

4. A terminal access control method according to any one of claims 1 to 3, wherein the registration request further includes an instruction to acquire the network subscription data via a control plane or a user plane.

5. The terminal access control method according to any one of claims 1 to 3, wherein the registration request further includes:

first terminal authentication data for verifying the terminal validity.

6. The terminal access control method of claim 5, wherein the registration request further comprises:

second terminal authentication data for authenticating the terminal by the server storing the network subscription data,

the first terminal authentication data and the second terminal authentication data are the same or different terminal authentication data.

7. A terminal access control method comprises the following steps:

sending a registration request for acquiring network subscription data to a network with a subscription data providing function, wherein the registration request indicates that subscription data of a second network is acquired through a first network, and the second network is a non-public network;

receiving an abnormal reason that the terminal sent by the network with the subscription data providing function cannot acquire the network subscription data, wherein the abnormal reason comprises: the server for storing the network subscription data does not have the subscription data corresponding to the terminal; and

and determining whether to reinitiate the registration request according to the abnormal reason, wherein if the server for storing the network subscription data does not have the subscription data corresponding to the terminal, the registration request is not reinitiated.

8. The terminal access control method of claim 7, wherein the cause of the abnormality further comprises:

9. The terminal access control method of claim 8, wherein determining whether to reinitiate the registration request comprises:

and if the server storing the network subscription data fails to authenticate the terminal, the server does not reinitiate the registration request.

10. The terminal access control method according to claim 8 or 9, wherein the registration request further includes an instruction to acquire the network subscription data through a control plane or a user plane.

11. The terminal access control method of claim 10, wherein determining whether to reinitiate the registration request comprises:

if the abnormal reason is that the network control plane can not be connected to the server for storing the network subscription data, no registration request for acquiring the network subscription data through the control plane is sent any more;

and if the abnormal reason is that the network user plane can not be connected to the server for storing the network subscription data, no registration request for acquiring the network subscription data through the user plane is sent any more.

12. The terminal access control method of claim 10, wherein determining whether to reinitiate the registration request comprises:

if the abnormal reason is that the time for the terminal to send the registration request for acquiring the network subscription data through the control plane twice is less than the minimum time interval, the registration request for acquiring the network subscription data through the control plane is not restarted within the minimum time interval of the two adjacent registrations;

if the abnormal reason is that the time for the terminal to send the registration request for acquiring the network subscription data through the user plane twice is less than the minimum time interval, the registration request for acquiring the network subscription data through the user plane is not restarted within the minimum time interval of the two adjacent registrations.

13. A terminal access control device located in a first network, the terminal access control device comprising:

a registration request receiving unit, configured to receive a registration request for acquiring network subscription data sent by a terminal, where the registration request indicates that subscription data of a second network is acquired through a first network, and the second network is a non-public network;

an abnormal reason determining unit configured to determine an abnormal reason why the terminal cannot acquire the network subscription data, wherein the abnormal reason includes: the server for storing the network subscription data does not have the subscription data corresponding to the terminal; and

and the abnormal reason sending unit is configured to send the abnormal reason to the terminal so that the terminal determines whether to reinitiate the registration request according to the abnormal reason, wherein if the server for storing the network subscription data does not have the subscription data corresponding to the terminal, the terminal does not reinitiate the registration request.

14. A terminal, comprising:

a registration request sending unit, configured to send a registration request for acquiring network subscription data to a network having a subscription data providing function, where the registration request indicates that subscription data of a second network is acquired through a first network, and the second network is a non-public network;

an abnormal reason receiving unit, configured to receive an abnormal reason that the terminal sent by the network with the subscription data providing function cannot acquire the network subscription data, where the abnormal reason includes: the server for storing the network subscription data does not have the subscription data corresponding to the terminal; and

and the registration request judging unit is configured to determine whether to reinitiate a registration request according to the abnormal reason, wherein if the server for storing the network subscription data does not have the subscription data corresponding to the terminal, the registration request is not reinitiated.

15. A terminal access control system, comprising:

the terminal access control device of claim 13;

the terminal of claim 14; and

a server configured to store network subscription data.

16. An electronic device, comprising:

a memory; and

a processor coupled to the memory, the processor configured to perform the terminal access control method of any of claims 1 to 12 based on instructions stored in the memory.

17. A non-transitory computer readable storage medium having stored thereon computer program instructions which, when executed by a processor, implement the terminal access control method of any one of claims 1 to 12.