CN114205815A - Method and system for authentication control of 5G private network - Google Patents
Method and system for authentication control of 5G private network Download PDFInfo
- Publication number
- CN114205815A CN114205815A CN202111255999.0A CN202111255999A CN114205815A CN 114205815 A CN114205815 A CN 114205815A CN 202111255999 A CN202111255999 A CN 202111255999A CN 114205815 A CN114205815 A CN 114205815A
- Authority
- CN
- China
- Prior art keywords
- authentication
- private network
- user
- phone number
- gateway
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/16—Discovering, processing access restriction or access information
Abstract
The invention provides a method and a system for authentication control of a 5G private network, which comprises the steps of converting SMFN4 signaling into a Radius message; and converting the Radius authentication request message into a general authentication protocol and sending the general authentication protocol to an intranet authentication system, or checking local user data of a private network authentication gateway, and performing access control, audit and mobile IP address mapping on a private network access terminal according to an authentication result. The system automatically maps the mobile IP of the terminal and the intranet IP of the enterprise, thereby not only protecting the intranet boundary of the enterprise, but also ensuring that 5G private network users normally access intranet resources; and access authentication, access control and access behavior audit log collection can be carried out on the private network access terminal according to the authentication system of the enterprise.
Description
Technical Field
The present invention relates to gas detection technologies, and in particular, to a gas concentration prediction device and a gas concentration real-time detection and prediction system.
Background
The cellular mobile communication technology evolves to the 5G era, and the technical indexes of network bandwidth, time delay, reliability, connection number and the like are greatly improved. The traditional mobile network architecture cannot enable industry users to obtain the enabling of the technical indexes of 5G, and in order to enable 5G to be maximized in different industries, a 5G private network needs to be deployed by combining specific service scenes and service requirements.
The 5G private network is a Local Area Network (LAN), is a private network which is created by using a 5G network slicing technology, has the functions of unifying connectivity and optimizing services and ensures the communication safety in a specific area, and provides professional communication services for specific users in the links of organization, management, production, scheduling and the like.
There are two main modes for operators to massively copy and popularize 5G private networks, namely a public network UPF mode and a sinking (private) UPF mode. Compared to the public network UPF mode, the sinking (dedicated) UPF mode (fig. 1) has the following characteristics: 1. the method can realize that the business flow does not go out of the park, and the end-to-end application flow to the enterprise is completed in the enterprise park; 2. the transmission path of the 5G network is greatly shortened, and better service experience guarantee is provided for low-delay and large-bandwidth services; 3. each industry user has an independent UPF network element, the local information system of the industry user is convenient to be connected, and an operator has the capability of realizing an industry customized solution. The sinking (private) UPF model is therefore the primary model for operators to deploy 5G private networks for industry users. At present, 5G solutions corresponding to three operators, namely a neighbor mode of china telecommunications, a remote mode of china mobile and a 5G hybrid private network mode of china unicom are sinking (dedicated) UPF modes.
The admission of the 5G private network user terminal is opened by an operator, but for industrial users, the deployed 5G private network is the same as an industrial intranet, and the admission of the SIM card is not enough to meet the access security requirements of the industrial users, at least can not be used as a unique measure, particularly in the situation of facing personal user access such as government and enterprise. In addition, industry users also have diversified safety autonomous management requirements, such as resource access rights, behavior compliance auditing, and the like. Only the operator is relied on for safety access management, and the requirements of industry users cannot be met.
The existing 5G private network scheme has the following defects:
1. the UPF network element is the only network element for processing the user data plane data, the UPF network element has simpler functions, namely, the UPF network element only transmits data according to the strategy issued by the SMF session management network element, and has no service control capability, while the SMF belongs to the core network element and has no open docking capability. Therefore, the existing 5G private network scheme is difficult to realize the management of real-name authentication access and access authority according to the requirements of enterprise users.
2. The 5G terminal acquires mobile IP, and the mobile IP and the intranet IP section belong to different network segments, so that VPN equipment or NAT equipment needs to be additionally deployed when the 5G private network accesses the intranet.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a 5G private network authentication system and method combined with UPF.
In order to achieve the purpose, the invention adopts the following specific technical scheme:
a method for authentication control of a 5G private network specifically comprises the following steps:
(1) converting SMF N4 signaling into Radius message;
(2) and converting the Radius authentication request message into a general authentication protocol and sending the general authentication protocol to an intranet authentication system, or checking local user data of a private network authentication gateway, and performing access control, audit and mobile IP address mapping on a private network access terminal according to an authentication result.
Preferably, the step (1) specifically comprises the following steps:
(101) the 5G terminal accesses a 5G network;
(102) the 5G public network core network distributes mobile IP for the 5G terminal;
(103) an SMF network element of a 5G public network core network sends a user mobile phone number and a mobile IP corresponding to a 5G terminal to a private network UPF;
and the private network UPF encapsulates the user mobile phone number and the mobile IP into a standard Radius authentication message and sends a Radius authentication request to the private network authentication gateway.
Preferably, the step (2) specifically comprises the following steps:
(201) the private network authentication gateway judges whether a gateway local system has a user mobile phone number, if not, the step (202) is executed, otherwise, the step (204) is executed;
(202) the private network authentication gateway encapsulates the user mobile phone number into a universal authentication interface protocol message and sends the message to the enterprise intranet authentication platform to verify the validity of the user mobile phone number;
(203) the enterprise intranet authentication platform feeds back the verification result to the private network authentication gateway after the verification is passed;
(204) the private network authentication gateway locally verifies the validity of the user mobile phone number;
(205) the private network authentication gateway executes user online processing aiming at the verified legal user mobile phone number and the corresponding mobile IP;
(206) the private network authentication gateway performs one-to-one mapping on the mobile IP and the intranet IP;
(207) when the 5G terminal corresponding to the mobile phone number and the mobile IP of the user accesses the intranet application, the access data is forwarded to a private network authentication gateway through a private network UPF;
(208) the private network authentication gateway identifies that the mobile IP is matched with the online form user, performs access control on a data packet of the private network authentication gateway according to the strategy, and audits the access behavior of the private network authentication gateway, namely records the access behavior of the private network authentication gateway.
Preferably, the step (202) of the private network authentication gateway encapsulating the user mobile phone number into a universal authentication interface protocol message and sending the message to the enterprise intranet authentication platform for verifying the validity of the user mobile phone number specifically means that
The private network authentication gateway packages the user mobile phone number into LDAP, Radius or HTTP protocol messages and sends the LDAP, Radius or HTTP protocol messages to the enterprise internal network authentication platform to verify the validity of the user mobile phone number.
Preferably, in the step (2), if the Radius authentication request message is converted into a universal authentication protocol and sent to the intranet authentication system for validity verification, the user data corresponding to the access terminal passing the verification is added to the local user data.
A system for authentication control of 5G private network comprises
The private network UPF is used for converting SMF N4 signaling into a Radius message;
and the private network authentication gateway converts the Radius authentication request message of the private network UPF into a general authentication protocol and sends the general authentication protocol to the enterprise intranet authentication system, or verifies local user data of the private network authentication gateway, and performs access control, audit and mobile IP address mapping on the private network access terminal according to an authentication result.
Preferably, also comprises
And the 5G public network core network is used for allocating mobile IP for the 5G terminal accessed to the 5G network and sending the user mobile phone number and the mobile IP corresponding to the 5G terminal to the private network UPF.
Preferably, the specific reference that the private network authentication gateway converts the Radius authentication request message of the private network UPF into the universal authentication protocol and sends the universal authentication protocol to the intranet authentication system
The private network authentication gateway packages the user mobile phone number into LDAP, Radius or HTTP protocol messages and sends the LDAP, Radius or HTTP protocol messages to the enterprise internal network authentication platform to verify the validity of the user mobile phone number.
Preferably, the access control, audit and mobile IP address mapping of the private network access terminal by the private network authentication gateway specifically refer to
And the private network authentication gateway performs one-to-one mapping on the mobile IP corresponding to the 5G terminal which is verified to be legal and the intranet IP of the enterprise, identifies the matching of the mobile IP and an online table user when the 5G terminal accesses the intranet application, performs access control on a data packet of the mobile IP according to a strategy, and audits the access behavior of the data packet, namely records the access behavior.
The invention has the beneficial effects that:
1. the enterprise network of the 5G private network is accessed, and the private network access terminal can be subjected to admission authentication, access control and access behavior audit log collection according to the authentication system of the enterprise.
2. After the 5G private network terminal confirms that the authentication of the enterprise intranet authentication system is successful through the system, the system automatically performs one-to-one mapping on the mobile IP of the terminal and the enterprise intranet IP, so that the enterprise intranet boundary is protected, and the 5G private network user can be ensured to normally access enterprise intranet resources.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the technical solutions in the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic diagram of a sink (dedicated) UPF mode;
FIG. 2 is a flow chart of a 5G private network authentication control method of the present invention;
FIG. 3 is a schematic diagram of a 5G private network authentication control system according to the present invention;
fig. 4 is a schematic diagram of an N4 interface protocol stack.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. Other embodiments, which can be derived by one of ordinary skill in the art from the embodiments given herein without any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 2, the present invention provides a method for authentication control of a 5G private network, which specifically includes the following steps:
(1) converting SMF N4 signaling into Radius message;
(2) and converting the Radius authentication request message into a general authentication protocol and sending the general authentication protocol to an intranet authentication system, or checking local user data of a private network authentication gateway, and performing access control, audit and mobile IP address mapping on a private network access terminal according to an authentication result.
Preferably, the step (1) specifically comprises the following steps:
(101) the 5G terminal accesses a 5G network;
(102) the 5G public network core network distributes mobile IP for the 5G terminal;
(103) an SMF network element of a 5G public network core network sends a user mobile phone number and a mobile IP corresponding to a 5G terminal to a private network UPF;
and the private network UPF encapsulates the user mobile phone number and the mobile IP into a standard Radius authentication message and sends a Radius authentication request to the private network authentication gateway.
Preferably, the step (2) specifically comprises the following steps:
(201) the private network authentication gateway judges whether a gateway local system has a user mobile phone number, if not, the step (202) is executed, otherwise, the step (204) is executed;
(202) the private network authentication gateway encapsulates the user mobile phone number into a universal authentication interface protocol message and sends the message to the enterprise intranet authentication platform to verify the validity of the user mobile phone number;
(203) the enterprise intranet authentication platform feeds back the verification result to the private network authentication gateway after the verification is passed;
(204) the private network authentication gateway locally verifies the validity of the user mobile phone number;
(205) the private network authentication gateway executes user online processing aiming at the verified legal user mobile phone number and the corresponding mobile IP;
(206) the private network authentication gateway performs one-to-one mapping on the mobile IP and the intranet IP;
(207) when the 5G terminal corresponding to the mobile phone number and the mobile IP of the user accesses the intranet application, the access data is forwarded to a private network authentication gateway through a private network UPF;
(208) the private network authentication gateway identifies that the mobile IP is matched with the online form user, performs access control on a data packet of the private network authentication gateway according to the strategy, and audits the access behavior of the private network authentication gateway, namely records the access behavior of the private network authentication gateway.
Preferably, the step (202) of the private network authentication gateway encapsulating the user mobile phone number into a universal authentication interface protocol message and sending the message to the enterprise intranet authentication platform for verifying the validity of the user mobile phone number specifically means that
The private network authentication gateway packages the user mobile phone number into LDAP, Radius or HTTP protocol messages and sends the LDAP, Radius or HTTP protocol messages to the enterprise internal network authentication platform to verify the validity of the user mobile phone number.
Preferably, in the step (2), if the Radius authentication request message is converted into a universal authentication protocol and sent to the intranet authentication system for validity verification, the user data corresponding to the access terminal passing the verification is added to the local user data.
As shown in FIG. 3, the present invention also provides a system for authentication control of 5G private network, which comprises
The private network UPF is used for converting SMF N4 signaling into a Radius message;
and the private network authentication gateway converts the Radius authentication request message of the private network UPF into a general authentication protocol and sends the general authentication protocol to the enterprise intranet authentication system, or verifies local user data of the private network authentication gateway, and performs access control, audit and mobile IP address mapping on the private network access terminal according to an authentication result.
Preferably, the system for authentication control of the 5G private network further comprises
And the 5G public network core network is used for allocating mobile IP for the 5G terminal accessed to the 5G network and sending the user mobile phone number and the mobile IP corresponding to the 5G terminal to the private network UPF.
Preferably, the specific reference that the private network authentication gateway converts the Radius authentication request message of the private network UPF into the universal authentication protocol and sends the universal authentication protocol to the intranet authentication system
The private network authentication gateway packages the user mobile phone number into LDAP, Radius or HTTP protocol messages and sends the LDAP, Radius or HTTP protocol messages to the enterprise internal network authentication platform to verify the validity of the user mobile phone number.
Preferably, the access control, audit and mobile IP address mapping of the private network access terminal by the private network authentication gateway specifically refer to
And the private network authentication gateway performs one-to-one mapping on the mobile IP corresponding to the 5G terminal which is verified to be legal and the intranet IP of the enterprise, identifies the matching of the mobile IP and an online table user when the 5G terminal accesses the intranet application, performs access control on a data packet of the mobile IP according to a strategy, and audits the access behavior of the data packet, namely records the access behavior.
As shown in fig. 4, it is a protocol stack of an N4 interface, where an N4 interface is responsible for signaling interaction between UPF and SMF, and interfaces between CP (control plane function) and UP (user plane function), and the interface functions include session management, terminal IP address allocation, data detection and forwarding, routing protocol support, tunnel management, and QoS control, and the CP controls packet processing in the user plane function by establishing, modifying, or deleting packet forwarding control protocol session packets. In the invention, the conversion of SMF N4 signaling into Radius message specifically means that UPF acquires data transmitted from an N4 interface, a field of a user mobile phone number is added on the basis of the existing transmission field, and the data is transmitted to an enterprise intranet by a general authentication protocol.
In other embodiments, in order to improve the versatility of the present invention, so that the UPF can be adapted to different N4 interfaces defining different manufacturers and improve the value added service of the UPF, a UPF extender may be provided, the UPF extension controller is connected to UPFs of multiple hardware forms through a switch, such as a server form UPF and a switch form UPF, the UPF extension controller stores N4 interface definition scheme libraries, a UPF function library, a service scenario library, and a policy conflict solution library of various definition schemes of each manufacturer, each N4 interface definition scheme library includes detailed information of N4 interface definitions, manufacturers, and the like, the UPF function library includes basic functions required by the UPF and custom functions selected by different users, the UPF of the hardware form is loaded with the basic functions, the UPF extension controller updates the UPF functions according to different requirements of the users, and can implement dynamic installation, Update, uninstall, delete, etc.; in addition, the UPF expansion controller can also control the hardware form of the corresponding UPF required by the switch switching according to the application scene input by the user.
If the UPF in the form of the switch is selected, the UPF expansion controller runs a policy conflict detection algorithm, judges whether a flow table conflict of a single UPF and a policy conflict of a plurality of UPF networks exist, and adaptively selects and executes a conflict solution scheme aiming at the conflict type so as to solve the conflict.
The invention has the advantages that:
1. the enterprise network of the 5G private network is accessed, and the private network access terminal can be subjected to admission authentication, access control and access behavior audit log collection according to the authentication system of the enterprise.
2. After the 5G private network terminal confirms that the authentication of the enterprise intranet authentication system is successful through the system, the system automatically performs one-to-one mapping on the mobile IP of the terminal and the enterprise intranet IP, so that the enterprise intranet boundary is protected, and the 5G private network user can be ensured to normally access enterprise intranet resources.
In light of the foregoing description of the preferred embodiments of the present invention, those skilled in the art can now make various alterations and modifications without departing from the scope of the invention. The technical scope of the present invention is not limited to the contents of the specification, and must be determined according to the scope of the claims.
Claims (9)
1. A method for authentication control of a 5G private network is characterized by comprising the following steps:
(1) converting SMF N4 signaling into Radius message;
(2) and converting the Radius authentication request message into a general authentication protocol and sending the general authentication protocol to an intranet authentication system, or checking local user data of a private network authentication gateway, and performing access control, audit and mobile IP address mapping on a private network access terminal according to an authentication result.
2. The method for authentication control of a 5G private network according to claim 1, wherein the step (1) specifically comprises the following steps:
(101) the 5G terminal accesses a 5G network;
(102) the 5G public network core network distributes mobile IP for the 5G terminal;
(103) an SMF network element of a 5G public network core network sends a user mobile phone number and a mobile IP corresponding to a 5G terminal to a private network UPF;
(104) private network UPF packages user mobile phone number and mobile IP into standard Radius authentication message, and sends Radius authentication request to private network authentication gateway.
3. The method for authentication control of a 5G private network according to claim 2, wherein the step (2) specifically comprises the following steps:
(201) the private network authentication gateway judges whether a gateway local system has a user mobile phone number, if not, the step (202) is executed, otherwise, the step (204) is executed;
(202) the private network authentication gateway encapsulates the user mobile phone number into a universal authentication interface protocol message and sends the message to the enterprise intranet authentication platform to verify the validity of the user mobile phone number;
(203) the enterprise intranet authentication platform feeds back the verification result to the private network authentication gateway after the verification is passed;
(204) the private network authentication gateway locally verifies the validity of the user mobile phone number;
(205) the private network authentication gateway executes user online processing aiming at the verified legal user mobile phone number and the corresponding mobile IP;
(206) the private network authentication gateway performs one-to-one mapping on the mobile IP and the intranet IP;
(207) when the 5G terminal corresponding to the mobile phone number and the mobile IP of the user accesses the application of the enterprise intranet, the access data of the application is forwarded to a private network authentication gateway through a private network UPF;
(208) the private network authentication gateway identifies that the mobile IP is matched with the online form user, performs access control on a data packet of the private network authentication gateway according to the strategy, and audits the access behavior of the private network authentication gateway, namely records the access behavior of the private network authentication gateway.
4. The method according to claim 3, wherein the step (202) of encapsulating the user's mobile phone number into a generic authentication interface protocol message by the private network authentication gateway and sending the message to the intranet authentication platform for verifying the validity of the user's mobile phone number specifically means that the private network authentication gateway encapsulates the user's mobile phone number into a generic authentication interface protocol message
And the private network authentication gateway encapsulates the user mobile phone number into LDAP, Radius or HTTP protocol messages and sends the LDAP, Radius or HTTP protocol messages to the enterprise intranet authentication platform to verify the validity of the user mobile phone number.
5. The method according to claim 1, wherein in step (2), if the Radius authentication request message is converted into a generic authentication protocol and sent to the intranet authentication system for validity verification, the user data corresponding to the verified access terminal is added to the local user data.
6. A system for authentication control of 5G private network is characterized by comprising
The private network UPF is used for converting SMF N4 signaling into a Radius message;
and the private network authentication gateway converts the Radius authentication request message of the private network UPF into a general authentication protocol and sends the general authentication protocol to the enterprise intranet authentication system, or verifies local user data of the private network authentication gateway, and performs access control, audit and mobile IP address mapping on the private network access terminal according to an authentication result.
7. The system for authentication control of 5G private network according to claim 6, further comprising
And the 5G public network core network is used for allocating mobile IP for the 5G terminal accessed to the 5G network and sending the user mobile phone number and the mobile IP corresponding to the 5G terminal to the private network UPF.
8. The system for authentication control of 5G private network according to claim 6, wherein the private network authentication gateway converts the Radius authentication request message of the private network UPF into a generic authentication protocol and sends the generic authentication protocol to the Intranet authentication system
And the private network authentication gateway encapsulates the user mobile phone number into LDAP, Radius or HTTP protocol messages and sends the LDAP, Radius or HTTP protocol messages to the enterprise intranet authentication platform to verify the validity of the user mobile phone number.
9. The system of claim 6, wherein the private network authentication gateway performs access control, auditing and mobile IP address mapping on the private network access terminal specifically means
And the private network authentication gateway performs one-to-one mapping on the mobile IP corresponding to the 5G terminal which is verified to be legal and the intranet IP of the enterprise, identifies the matching of the mobile IP and an online table user when the 5G terminal accesses the intranet application, performs access control on a data packet of the mobile IP according to a strategy, and audits the access behavior of the data packet, namely records the access behavior.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111255999.0A CN114205815A (en) | 2021-10-27 | 2021-10-27 | Method and system for authentication control of 5G private network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111255999.0A CN114205815A (en) | 2021-10-27 | 2021-10-27 | Method and system for authentication control of 5G private network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114205815A true CN114205815A (en) | 2022-03-18 |
Family
ID=80646387
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111255999.0A Pending CN114205815A (en) | 2021-10-27 | 2021-10-27 | Method and system for authentication control of 5G private network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114205815A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114727291A (en) * | 2022-03-31 | 2022-07-08 | 中国电信股份有限公司 | Local distribution system, method, device, network equipment and storage medium |
| CN114845382A (en) * | 2022-03-31 | 2022-08-02 | 广州爱浦路网络技术有限公司 | Networking method for 5G private network and public network |
| CN115150830A (en) * | 2022-09-02 | 2022-10-04 | 北京首信科技股份有限公司 | Method and system for guaranteeing terminal public network access when 5G private network access authentication fails |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103052064A (en) * | 2011-10-13 | 2013-04-17 | 中国移动通信集团公司 | Method, equipment and system for accessing private services of operator |
| WO2020123158A1 (en) * | 2018-12-13 | 2020-06-18 | Apple Inc. | Secondary authentication for wwan vpn |
| CN113079134A (en) * | 2021-03-19 | 2021-07-06 | 南方电网数字电网研究院有限公司 | Mobile terminal access method, mobile terminal access device, computer equipment and medium |
| US20210306853A1 (en) * | 2020-03-31 | 2021-09-30 | Cisco Technology, Inc. | Techniques to facilitate fast roaming between a mobile network operator public wireless wide area access network and an enterprise private wireless wide area access network |
-
2021
- 2021-10-27 CN CN202111255999.0A patent/CN114205815A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103052064A (en) * | 2011-10-13 | 2013-04-17 | 中国移动通信集团公司 | Method, equipment and system for accessing private services of operator |
| WO2020123158A1 (en) * | 2018-12-13 | 2020-06-18 | Apple Inc. | Secondary authentication for wwan vpn |
| US20210306853A1 (en) * | 2020-03-31 | 2021-09-30 | Cisco Technology, Inc. | Techniques to facilitate fast roaming between a mobile network operator public wireless wide area access network and an enterprise private wireless wide area access network |
| CN113079134A (en) * | 2021-03-19 | 2021-07-06 | 南方电网数字电网研究院有限公司 | Mobile terminal access method, mobile terminal access device, computer equipment and medium |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114727291A (en) * | 2022-03-31 | 2022-07-08 | 中国电信股份有限公司 | Local distribution system, method, device, network equipment and storage medium |
| CN114845382A (en) * | 2022-03-31 | 2022-08-02 | 广州爱浦路网络技术有限公司 | Networking method for 5G private network and public network |
| CN114845382B (en) * | 2022-03-31 | 2023-09-05 | 广州爱浦路网络技术有限公司 | Networking method for 5G private network and public network |
| CN114727291B (en) * | 2022-03-31 | 2023-09-29 | 中国电信股份有限公司 | Local shunting system, method, device, network equipment and storage medium |
| CN115150830A (en) * | 2022-09-02 | 2022-10-04 | 北京首信科技股份有限公司 | Method and system for guaranteeing terminal public network access when 5G private network access authentication fails |
| CN115150830B (en) * | 2022-09-02 | 2022-11-29 | 北京首信科技股份有限公司 | Method and system for guaranteeing terminal public network access when 5G private network access authentication fails |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114205815A (en) | Method and system for authentication control of 5G private network | |
| KR102066188B1 (en) | How to establish a roaming connection | |
| US7400576B2 (en) | Method and system for QoS control using wireless LAN network, its base station, and terminal | |
| CN113596191B (en) | Data processing method, network element equipment and readable storage medium | |
| US9369448B2 (en) | Network security parameter generation and distribution | |
| EP2297999B1 (en) | Method and apparatus for provisioning of information in a cellular communication network | |
| CN106789527B (en) | Private network access method and system | |
| CN103036784A (en) | Methods and apparatus for a self-organized layer-2 enterprise network architecture | |
| CN113765874B (en) | Private network and dual-mode networking method based on 5G mobile communication technology | |
| CN111866987A (en) | Communication method and device | |
| KR101426721B1 (en) | Method and equipment for authenticating subscriber terminal | |
| CN102299834A (en) | Data sharing method, equipment and system for local area network | |
| CN106789952B (en) | Method and system for serving local area network into internet | |
| CN113613314A (en) | ICOT private network networking method and system based on converged network splitter | |
| CN111245699B (en) | Remote communication service control method, server and client | |
| CN116471586A (en) | Data processing method, device and readable storage medium | |
| CN114143788A (en) | Method and system for realizing authentication control of 5G private network based on MSISDN | |
| CN103475491A (en) | Remote maintenance system which is logged in to safely without code and achieving method | |
| CN106792821B (en) | Access control method and device based on virtual gateway | |
| CN117119463A (en) | CPE security authentication method and system for 5G private network | |
| CN108566446A (en) | LAN domain name analytic method, device and system | |
| CN114884771B (en) | Identity network construction method, device and system based on zero trust concept | |
| CN104753774B (en) | A kind of distributed enterprise comprehensive access gate | |
| CN104717316A (en) | Client access method and system in trans-NAT environment | |
| CN111884863B (en) | VPC service chain implementation method and system for cloud computing environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |