CN114531256A - Data communication method and system - Google Patents
Data communication method and system Download PDFInfo
- Publication number
- CN114531256A CN114531256A CN202011212145.XA CN202011212145A CN114531256A CN 114531256 A CN114531256 A CN 114531256A CN 202011212145 A CN202011212145 A CN 202011212145A CN 114531256 A CN114531256 A CN 114531256A
- Authority
- CN
- China
- Prior art keywords
- user plane
- local area
- area network
- user
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 95
- 238000004891 communication Methods 0.000 title claims abstract description 56
- 230000003993 interaction Effects 0.000 claims description 6
- 230000001960 triggered effect Effects 0.000 claims description 2
- 238000012795 verification Methods 0.000 abstract description 5
- 230000006870 function Effects 0.000 description 40
- 238000007726 management method Methods 0.000 description 31
- 238000010586 diagram Methods 0.000 description 11
- 230000008569 process Effects 0.000 description 11
- 238000012545 processing Methods 0.000 description 9
- 230000005540 biological transmission Effects 0.000 description 6
- 238000006243 chemical reaction Methods 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000013519 translation Methods 0.000 description 3
- 230000010365 information processing Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012797 qualification Methods 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008521 reorganization Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The application discloses a data communication method and a data communication system. Wherein, the method comprises the following steps: the user plane functional entity receives user plane data from user equipment; and the user plane functional entity forwards the user plane data to local area network equipment for authentication, wherein when the authentication is passed, the user equipment is determined to be allowed to access a local area network corresponding to the local area network equipment. The method and the device solve the technical problems that when the existing mobile terminal is connected with the local area network, various configurations and verifications need to be carried out on the account, the process steps are complicated, and the convenience is low.
Description
Technical Field
The present application relates to the field of communications, and in particular, to a data communication method and system.
Background
With the generalization of mobile terminal office, how to safely and conveniently access a local area Network (e.g., an intranet) in an enterprise campus is a technical problem that needs to be solved urgently, and in order to solve the technical problem, in the related art, a mobile terminal accesses the intranet by opening a Virtual Private Network (VPN), but in this way, various configurations are required to be performed on a VPN account, and various verification processes are required in the access process, so that the technical problems of complicated steps and low convenience exist
In view of the above problems, no effective solution has been proposed.
Disclosure of Invention
The embodiment of the application provides a data communication method and a data communication system, which at least solve the technical problems that various configurations and verifications need to be carried out on an account when the existing mobile terminal is connected with a local area network, the process steps are complicated, and the convenience is low.
According to an aspect of an embodiment of the present application, there is provided a data communication method, including: a User Plane Function (UPF) entity receives User Plane data from a User Equipment (UE); and the user plane functional entity forwards the user plane data to Local Area Network equipment for authentication, wherein when the authentication is passed, the user equipment is determined to be allowed to access a Local Area Network (LAN for short) corresponding to the Local Area Network equipment.
According to another aspect of the embodiments of the present application, there is provided a data communication method, including: the slice network equipment receives user plane data from user equipment; the slicing network equipment authenticates the user plane data; and after the authentication is passed, determining that the user equipment is allowed to access the local area network, and forwarding the user plane data to the local area network.
According to another aspect of the embodiments of the present application, there is provided a data communication method, including: the local area network equipment receives user plane data from the user equipment forwarded by the user plane functional entity; and the local area network equipment authenticates the user plane data, wherein when the user plane data passes the authentication, the user equipment is determined to be allowed to access the local area network corresponding to the local area network equipment.
According to another aspect of the embodiments of the present application, there is provided a method for accessing a local area network, including: the local area Network equipment sends a registration request to a Network Exposure Function (NEF) entity; after receiving a registration success message from the network open function entity, the local area network device sends authorized user information to the network open function entity, wherein the authorized user information meets the following conditions: and the user equipment corresponding to the authorized user information is allowed to access the local area network equipment through the user plane functional entity.
According to another aspect of the embodiments of the present application, there is provided a data communication method, including: the method comprises the steps that user equipment obtains the current position of the user equipment; and when the user equipment determines that the current position is located in the coverage area of the target local area network, the user equipment sends user plane data to local area network equipment through a user plane functional entity so as to access the target local area network.
According to another aspect of the embodiments of the present application, there is provided a user plane function entity, including: a receiving module, configured to receive user plane data from a user equipment; and the sending module is used for forwarding the user plane data to local area network equipment for authentication, wherein when the authentication is passed, the user equipment is determined to be allowed to access the local area network corresponding to the local area network equipment.
According to another aspect of the embodiments of the present application, there is also provided an access apparatus for a local area network, including: the first sending module is used for sending a registration request to the network open function entity; a receiving module, configured to receive a registration success message from the network open function entity; a second sending module, configured to send, after the receiving module receives the registration success message, authorized user information to the network open function entity, where the authorized user information meets the following conditions: and the user equipment corresponding to the authorized user information is allowed to access the local area network equipment through the user plane functional entity.
According to another aspect of the embodiments of the present application, there is also provided a data communication system, including: the user equipment is used for sending user plane data to the user plane functional entity; and the user plane functional entity is used for receiving the user plane data and forwarding the user plane data to local area network equipment for authentication, wherein when the authentication is passed, the user equipment is determined to be allowed to access the local area network corresponding to the local area network equipment.
In the embodiment of the application, the user plane functional entity is adopted to receive the user plane data with the indication data type information from the user equipment and then forward the user plane data to the local area network equipment for authentication, and when the authentication is passed, the user equipment is determined to be allowed to access the local area network corresponding to the local area network equipment, so that the user equipment can quickly access the local area network through the local area network equipment only by simple verification without complex VPN login access, and the technical problems that the existing mobile terminal needs to carry out various configurations and verifications on an account when being connected with the local area network, and the process steps are complicated and the convenience is low are solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
FIG. 1 is a schematic diagram of a communication system according to an embodiment of the present application;
FIG. 2 is a schematic diagram of another communication system according to an embodiment of the present application;
FIG. 3 is a schematic diagram of another communication system according to an embodiment of the present application;
FIG. 4 is a flow chart diagram of a data communication method according to an embodiment of the application;
FIG. 5 is a flow chart diagram of another method of data communication according to an embodiment of the present application;
fig. 6 is a flowchart illustrating an access method of a local area network according to an embodiment of the present application;
FIG. 7 is a flow chart illustrating an authorized user configuration according to an embodiment of the present application;
FIG. 8 is a schematic flow chart diagram of another method of data communication according to an embodiment of the present application;
FIG. 9 is a schematic flow chart diagram of another method of data communication according to an embodiment of the present application;
FIG. 10 is a schematic diagram of a user plane functional entity according to an embodiment of the present application;
fig. 11 is a schematic diagram of an access device of a local area network according to an embodiment of the present application;
FIG. 12 is a schematic diagram of a data communication system according to an embodiment of the present application;
fig. 13 is a flow chart of a method of data communication according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be further noted that each functional entity involved in the embodiment of the present application, for example, the user plane functional entity, the network open functional entity, the policy control functional entity, the session management functional entity, and the like, may be a specific network function instantiated on the same core network server. Alternatively, the entities may be separate servers, and in some cases, a plurality of functional entities may share one server.
The specific structure of the server includes but is not limited to: a processor, a memory for storing data, and a transmission module for communication functions. Besides, the method can also comprise the following steps: a display, an input/output interface (I/O interface), a Universal Serial Bus (USB) port (which may be included as one of the ports of the I/O interface), a network interface, a power source, and/or a camera.
It should be noted that the above-described processor may be generally referred to herein as a "data processing circuit". The data processing circuitry may be embodied in whole or in part in software, hardware, firmware, or any combination thereof. Further, the data processing circuit may be a single, stand-alone processing module, or incorporated, in whole or in part, into any of the other elements of the server. As referred to in the embodiments of the application, the data processing circuit acts as a processor control (e.g. selection of a variable resistance termination path connected to the interface).
The memory may be used to store software programs and modules of application software, such as program instructions/data storage devices corresponding to the data communication method in the embodiments of the present application, and the processor may execute various functional applications and data processing by operating the software programs and modules stored in the memory.
The transmission module is used for receiving or sending data via a network. In one example, the transmission device includes a network adapter that can be connected to other network devices through a base station to communicate with the internet. In one example, the transmission module may be a radio frequency module, which is used for communicating with the internet in a wireless manner.
For a better understanding of the embodiments of the present application, some of the terms or expressions appearing in the course of describing the embodiments of the present application are to be interpreted as follows:
user Equipment (UE): the embodiment of the application can be electronic communication equipment such as a mobile phone, a tablet computer and the like.
User Plane Function (UPF): the method comprises the steps of routing and forwarding of user data packets, data interaction with an external data network DN, service quality processing of a user plane, flow control rule implementation and the like.
Radio Access Network (RAN for short): a radio access network is part of a mobile communication system. It is an implementation of radio access technology that exists between a device (e.g., a mobile phone, a computer, or any remotely controlled machine) and a core network, providing a communication connection between the two.
Local Area Network (LAN for short): the system is a computer communication network formed by mutually connecting a plurality of computers, external equipment, a database and the like in a certain area, can be connected with a remote local area network, a database or a processing center through a data communication network or a special data circuit to form an information processing system with a larger range, and can realize functions of file management, application software sharing, printer sharing, schedule arrangement in a working group, e-mail and fax communication service and the like. In this embodiment, the local area network may be an intranet.
Data Network (DN): the data network is a network formed by data terminal equipment, data exchange equipment and data transmission links distributed in various places, and data transmission and exchange among the data terminals and remote information processing are realized under the support of network protocols (software comprises three layers of protocols under OSI).
Enterprise Access Control (EAC) is used to implement terminal registration, security check, security isolation, security notification and security repair, and ensure that the identity of a terminal device accessing an intranet is authentic and meets the requirements of a mandatory security policy. The external terminal equipment can be limited to access some public resources; the terminal equipment which does not meet the requirement of the mandatory security policy can be safely isolated, and the network resources can be normally accessed only after the terminal equipment is repaired; only the terminal devices that meet the mandatory security policy requirements and are internal users can normally access network resources. In the embodiment of the present application, the EAC entity includes, but is not limited to, a gateway device.
Network open function (NEF): and all external applications which are located between the 5G core network and external third-party application function bodies (possibly part of internal AF) and are responsible for managing data of the external open network must pass through NEF when the external applications want to access the internal data of the 5G core network. The NEF provides corresponding security guarantee to ensure the security of the external application to the 3gpp network, and provides functions of external application Qos customization capability opening, mobility state event subscription, AF request distribution, and the like.
Access and Mobility Management Function (AMF): the AMF includes registration Management, connection Management, reachability Management, mobility Management, access authentication, access authorization, lawful interception, forwarding of Session Management (SM) messages between the UE and the SMF, forwarding of SMs messages between the UE and the SMSF, and the like. Where the AMF receives all connection and session related information from the UE but is only responsible for handling connection and mobility management tasks, all messages related to session management are forwarded to SMF processing over the N11 reference interface.
Session Management Function (SMF): SMF is a functional unit of 5G service-based architecture, which is mainly responsible for interacting with a separate data plane, creating, updating, and deleting PDU (protocol data unit) sessions, and managing a session environment with UPF.
Policy Control Function (PCF): PCF supports a unified policy framework to guarantee network behavior while providing access and mobility management related policies to AMF implementing these policies
Network Address Translation (NAT): when some hosts within a private network have been assigned local IP addresses, but now want to communicate with hosts on the internet, the NAT method can be used, which requires the installation of NAT software on routers connected to the internet in the private network, called NAT routers, which have at least one valid external global IP address, so that all hosts using local addresses will have to translate their local addresses to global IP addresses on the NAT routers before they can connect to the internet when communicating with the outside world.
Network Slice Function (NSF): the network slice is a networking mode according to needs, an operator can separate a plurality of virtual end-to-end networks on a unified infrastructure, and each network slice is logically isolated from a wireless access network bearing network to a core network so as to adapt to various types of applications. In one network slice, at least three parts of a wireless network sub-slice, a bearer network sub-slice and a core network sub-slice can be divided. Network slicing is a logical concept, which is the reorganization of resources, which is the selection of virtual machines and physical resources needed for a particular communication service type according to an SLA (service level agreement). In an embodiment of the present application, the NSF entity may be a slice network device.
Example 1
According to an embodiment of the present application, a data communication method is provided. It should be noted that the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer-executable instructions and that, although a logical order is illustrated in the flowcharts, in some cases, the steps illustrated or described may be performed in an order different than presented herein.
As shown in fig. 1, fig. 1 relates to two ways of accessing a local area network. Wherein, the User Equipment (UE) is connected with a user plane functional entity (UPF) through a wireless access network (LAN) and sends user plane data to the user plane functional entity (UPF); a user plane functional entity (UPF) is connected with a network open functional entity (NEF) and a policy control functional entity (PCF) through a session management functional entity (SMF) to carry out information interaction and acquire a forwarding policy corresponding to user plane data; then, two ways are adopted to connect the local area network: the first method comprises the following steps: according to the forwarding policy, a user plane function entity (UPF) may select to forward the user plane data to the local area network device (as in the process shown in fig. 3), so as to implement connection between the user device and the local area network; and the second method comprises the following steps: and selecting to forward the user plane data to the local area network via a Data Network (DN) to realize the connection of the User Equipment (UE) and the Local Area Network (LAN) (the flow is shown in figure 2).
Fig. 2 is a diagram of a conventional system for enabling a UE to access a local area network in the related art. The UE is connected with the UPF through the RAN and sends user plane data to the UPF; UPF connects NEF entity and PCF entity through session management function entity to obtain forwarding strategy; and forwarding the user plane data to the local area network through the DN according to the forwarding strategy indication, wherein the DN and the local area network are accessed by using the VPN, and finally the information interaction between the UE and the local area network is realized. Therefore, in order to implement access of the UE to the local area network, a VPN manner may be used for access, but since network configuration and an access process are relatively complex in the VPN manner, the embodiment of the present application provides an access manner shown in fig. 3, specifically:
as shown in fig. 3, the UE connects to the UPF through the RAN and sends user plane data to the UPF; UPF connects NEF entity and PCF entity through session management function entity to obtain forwarding strategy; and the user plane data is forwarded to local area network equipment, namely an EAC entity according to the forwarding strategy indication, and after the authentication is passed, the information interaction between the UE and the local area network can be realized.
In the operating environment shown in fig. 1 to fig. 3, an embodiment of the present application provides a data communication method, as shown in fig. 4, the method at least includes steps S402 to S406:
s402, the UPF receives user plane data from the UE.
In this embodiment of the present application, the user plane data carries indication information for indicating a type of the user plane data, where the indication information at least includes one of the following: and the identification information of the UE or the protocol type adopted by the user plane data.
Optionally, the identification information of the UE may be personal information such as an account name and a mobile phone number of the UE; the type of the protocol used by the user plane data may be a 5G communication protocol, an ethernet protocol, or the like, and the indication information of the type of the user plane data is mainly used for authenticating whether the UE is authorized to access the local area network.
S404, the UPF forwards the user plane data to the local area network device for authentication. In some embodiments, as shown in fig. 4, the lan device includes, but is not limited to: an EAC entity.
In some embodiments of the present application, the UPF determines a forwarding policy of the user plane data according to the data type indication information, where the forwarding policy is at least used to indicate the UPF to forward the user plane data to the local area network device; and when the forwarding strategy indicates that the UPF forwards the user plane data to the local area network equipment, the UPF forwards the user plane data to the local area network equipment.
In this embodiment, when the forwarding policy instructs the UPF to forward the user plane data to the local area network via the DN, the UPF forwards the user plane data to the local area network device through the DN.
In this embodiment of the present application, before the UPF determines the forwarding policy of the user plane data according to the data type indication information, the UPF obtains the forwarding policy from a session management function entity, and stores the forwarding policy.
In this embodiment of the present application, before forwarding the user plane data to the local area network device for authentication, the UPF needs to configure a network element in a core network, for example: the local area network equipment sends a registration request to the NEF entity; after receiving the registration success message from the NEF entity, the local area network device sends authorized user information to the NEF entity to notify the PCF entity to modify a forwarding policy, wherein the UE corresponding to the authorized user information is allowed to forward the user plane data to the local area network device through the UPF, and the modified forwarding policy is used to instruct the UPF to forward the user plane data from the UE corresponding to the authorized user information to the local area network device. For ease of understanding, the above configuration flow is described in detail below with reference to fig. 5.
Taking a local area network device as an Enterprise Access Control (EAC) device as an example, as shown in fig. 5, the configuration process at least includes steps S502 to S510:
s502, a local area network device sends a registration service request to a NEF entity, where the local area network device includes but is not limited to: an Enterprise Access Control (EAC) device.
And S504, after the authentication of the NEF entity is successful, the NEF entity sends registration success information to the local area network equipment.
Since the NEF is located between the 5G core network and the external third party application function and is responsible for managing the data of the open network to the outside, all external applications want to access the internal data of the 5G core network and must pass through the NEF entity. In the embodiment of the present application, in order to enable the UE to normally access the local area network, the local area network device needs to register the UE in the NEF entity, and after the registration is successful, the UE obtains the qualification for accessing the local area network, that is, the UE obtaining the qualification for accessing the local area network is an authorized UE.
S506, the local area network equipment sends the authorized user information to the NEF entity.
In the embodiment of the present application, if the NEF entity identifies that the authorized user information is correct, that is, the UE corresponding to the information is authorized to access the local area network, the forwarding path of the UPF to the user plane data may be changed.
S508, the NEF entity sends the information of changing the authorized user forwarding strategy to the PCF entity.
In this embodiment of the present application, the forwarding policy is used to instruct the UPF to forward the user plane data to the local area network device or instruct the UPF to forward the user plane data to the local area network via a DN; the modified forwarding policy is used to instruct a UPF to forward the user plane data to the lan device, and when the forwarding policy instructs the UPF to forward the user plane data to the lan device, the UPF forwards the user plane data to the lan device.
And S510, the NEF entity and the local area network equipment complete configuration.
In the embodiment of the present application, when all the configurations are successful, that is, the local area network device allows to receive the user plane data forwarded by the UE through the UPF, which is called one-time authentication. The normal implementation of the lan access method can ensure the normal implementation of the data communication method shown in fig. 4, that is, the lan access method shown in fig. 5 is the basis of the data communication method shown in fig. 4.
It should be noted that the access method of the local area network provided in the embodiment of the present application may be applied in cooperation with the data communication method in embodiment 2, but the access method is not dependent on the data communication method and may be applied independently, and the access method itself is an independent access method of the local area network.
S406, when the authentication is passed, determining to allow the UE to access the local area network corresponding to the local area network device.
In this embodiment of the present application, the lan device determines, according to data type indication information in the user plane data, whether a source of the UE and the UE are authorized to access a lan corresponding to the lan device, and when the UE passes authentication, determines to allow the UE to access the lan corresponding to the lan device, and then the lan device determines to allow receiving the user plane data, and the lan device determines to allow sending data to the UE through the UPF.
The following describes the procedure of accessing the UE to the local area network in detail with reference to the core network. As shown in fig. 6, the process at least includes the following steps:
s602, the UE sends a session establishment request to an access and mobility management function (AMF) entity through the RAN.
Since the 5G core network supports both access through a 3GPP access network (such as a gNB and an eNB) and network access of Non 3GPP (such as an ethernet communication protocol and a WIFI protocol), a communication mode between the UE and the mobility management function entity is not fixed, and in this embodiment, the UE communicates with the access and mobility management function entity through the RAN only by an optional implementation manner.
S604, the access and mobility management function (AMF) entity selects a session management function and sends a request for establishing a service call to the session management function entity (SMF).
In the 5G core network, the access and mobility management function entity receives all connection and session related information from the UE, but it is only responsible for handling connection and mobility management tasks, and all messages related to session management are forwarded to the session management function entity over the N11 reference interface.
S606, the session management function entity sends the policy service calling request to the PCF entity.
Wherein, the session management function entity and the PCF entity are also connected via the N11 reference interface.
S608, the session management function entity completes the establishment of the user plane path between the UE and the UPF.
In the embodiment of the present application, through establishment of the user plane path, the UPF may receive user plane data from the UE and receive a forwarding policy from the PCF entity at the same time.
S610, the UPF receives user plane data from the UE.
In this embodiment of the present application, the user plane data carries indication information for indicating a type of the user plane data, where the indication information at least includes identification information of the UE or a protocol type used by the user plane data. The identification information of the UE may be information such as an account name and a mobile phone number of the UE; the type of protocol used by the user plane data may be a 5G communication protocol, etc.
And S612, the UPF forwards the user plane data to the local area network equipment according to the forwarding strategy.
In this embodiment of the present application, first, the UPF obtains a forwarding policy from a session management function entity, and stores the forwarding policy, where the forwarding policy is determined according to data type indication information of the user plane data; secondly, the UPF forwards the user plane data according to the forwarding strategy, wherein the forwarding strategy is at least used for indicating the UPF to forward the user plane data to the local area network equipment; and when the forwarding strategy indicates that the UPF forwards the user plane data to the local area network equipment, the UPF forwards the user plane data to the local area network equipment.
In an optional embodiment of the present application, the forwarding policy may further instruct the UPF to forward the user plane data to the local area network via the DN, and at this time, the UPF forwards the user plane data to the local area network via the DN.
S614, the local area network equipment authenticates the user plane data source and completes the network address conversion.
In the embodiment of the present application, the lan device determines, according to the UE identification information in the user plane data, a source of the UE and whether the UE is authorized to access the lan corresponding to the lan device, and when the UE passes authentication, the lan device completes network address translation, and the UE can access the lan corresponding to the lan device.
S616, the UE accesses the local area network.
In this embodiment of the present application, after determining that the UE is allowed to access the local area network corresponding to the local area network device, the local area network device determines that the user plane data is allowed to be received, and the local area network device determines that the data is allowed to be sent to the UE through the UPF.
According to an optional embodiment of the present application, the data communication method is applied to access of a user in an enterprise campus to an enterprise intranet, and the specific manner is as follows: based on the 5G public network, an enterprise deploys an EAC to communicate with a core network of an operator, and intercommunication of authorized user information and user data is completed; when an authorized user enters a coverage area of an enterprise intranet, the authorized user accesses to a 5G network of an operator, user data enters an EAC after being identified by a UPF (user data identifier) in a core network (for example, UE identifiers carried in the user data, data types of the user data and the like are identified), secondary authentication is completed in the EAC, the access to the enterprise intranet is allowed, and at the moment, the user can automatically and safely access to the enterprise intranet through a 5G terminal without manually starting a VPN (virtual private network); when the user leaves the enterprise campus, the intranet connection is disconnected, and the intranet can be accessed again only through the VPN. The method creatively meets the requirements of low cost, convenience and safety of customers for accessing the intranet of the enterprise on the basis of reusing the public 5G network.
Taking the UE accessing an intranet (LAN) as an example, as shown in fig. 7, the process at least includes the following steps:
s702, the user plane function entity receives user plane data from the user equipment.
In this embodiment of the present application, the user plane data carries indication information for indicating a type of the user plane data, where the indication information at least includes identification information of the user equipment or a protocol type adopted by the user plane data.
S704, the user plane function entity (UPF) forwards the user plane data to the lan device, that is, to the EAC device, according to the forwarding policy.
In the embodiment of the application, firstly, the user plane functional entity obtains a forwarding policy from a session management functional entity and stores the forwarding policy, wherein the forwarding policy is determined according to data type indication information of the user plane data; secondly, the user plane functional entity forwards the user plane data according to the forwarding strategy, wherein the forwarding strategy is at least used for indicating the user plane functional entity to forward the user plane data to the local area network equipment; when the forwarding policy indicates that the user plane functional entity forwards the user plane data to the local area network device, the user plane functional entity forwards the user plane data to the local area network device.
In an optional embodiment of the present application, the forwarding policy may further instruct the user plane functional entity to forward the user plane data to the local area network via a data network, and at this time, the user plane functional entity forwards the user plane data to the local area network via the data network.
S706, the EAC device authenticates the user plane data source and completes the network address conversion. For example, an external network address carried in the user plane data is converted into a host address to be accessed in the local area network, so that the access of the UE to the intranet is realized.
In the embodiment of the application, a local area network device judges whether a source of the user equipment and the user equipment are authorized to access a local area network corresponding to the local area network device according to user equipment identification information in user plane data, and when the user equipment passes authentication, the local area network device completes network address conversion, and the user equipment can access the local area network corresponding to the local area network device.
S708, the user equipment accesses the local area network.
In this embodiment of the present application, after determining that the user equipment is allowed to access the local area network corresponding to the local area network device, the local area network device determines that the user plane data is allowed to be received, and the local area network device determines that the user plane functional entity is allowed to send data to the user equipment.
It should be noted that the local area network involved in the present embodiment includes, but is not limited to: an enterprise local area network or an intra-enterprise private network.
Example 2
According to an embodiment of the present application, there is also provided a data communication method, as shown in fig. 8, the method at least includes the following steps:
s802, the slice network equipment receives user plane data from the user equipment.
In this embodiment of the present application, the user plane data carries data type indication information for indicating the user plane data, where the indication information at least includes identification information of the user equipment or a protocol type adopted by the user plane data.
S804, the slice network equipment authenticates the user plane data.
In this embodiment of the present application, the slice network device determines a forwarding policy of the user plane data according to the data type indication information, where the forwarding policy is at least used to instruct the slice network device to forward the user plane data to the local area network; when the forwarding policy instructs the slice network device to forward the user plane data to the local area network, the slice network device forwards the user plane data to the local area network.
And S806, after the authentication is passed, determining that the user equipment is allowed to access the local area network.
The network slice is a networking-on-demand mode, an operator can separate a plurality of virtual end-to-end networks on a unified infrastructure, and each network slice is logically isolated from a wireless access network bearer network to a core network so as to adapt to various types of applications, namely, user equipment can access a local area network through network slice equipment. On this basis, the embodiment of the application provides a data communication method based on a network slicing device.
It should be noted that, as an alternative to the data communication method shown in fig. 4, the slice network device receives user plane data from the user equipment and authenticates the user plane data, and after the authentication is passed, determines to allow the user equipment to access the local area network, and forwards the user plane data to the local area network.
In some optional embodiments, the data communication method may be applied to access of users in an enterprise campus to an enterprise intranet, wherein secondary authentication in a 5G network slice is opened to a third-party enterprise user, an operator completes a main authentication process of user access control, when the enterprise intranet needs to be accessed through the network slice, secondary authentication is completed by a slicing network device, and an enterprise authorized user can access the intranet by using the slicing network.
Example 3
According to an embodiment of the present application, there is also provided a data communication method, as shown in fig. 9, the method at least includes the following steps:
s902, the local area network device receives the user plane data from the user device forwarded by the user plane function entity.
In this embodiment of the present application, the user plane data carries data type indication information for indicating the user plane data.
And S904, the local area network equipment authenticates the user plane data.
S906, after the authentication is passed, the user equipment is determined to be allowed to access the local area network corresponding to the local area network equipment.
In the embodiment of the present application, the lan device determines, according to the user device identification information in the user plane data, a source of the user device and whether the user device is authorized to access a lan corresponding to the lan device, and when the authentication is passed, the lan device completes network address translation, and the user device can access the lan corresponding to the lan device; and after determining that the user equipment is allowed to access the local area network corresponding to the local area network equipment, the local area network equipment determines that the user plane data is allowed to be received, and the local area network equipment determines that the user plane functional entity is allowed to send data to the user equipment.
It should be noted that, for the preferred implementation of this embodiment, reference may be made to the relevant descriptions of the embodiments corresponding to fig. 4 to 8, which are not described herein again.
Example 4
According to an embodiment of the present application, there is further provided a user plane functional entity, where the user plane functional entity is configured to implement the method shown in fig. 4, and as shown in fig. 10, the user plane functional entity at least includes the following modules:
a receiving module 102, configured to receive user plane data from a user equipment;
in this embodiment of the present application, the user plane data carries indication information for indicating a type of the user plane data, where the indication information at least includes one of the following: the identification information of the user equipment or the protocol type adopted by the user plane data.
A sending module 104, configured to forward the user plane data to a local area network device for authentication, where when the authentication passes, it is determined that the user device is allowed to access a local area network corresponding to the local area network device.
In this embodiment of the present application, the sending module is further configured to determine a forwarding policy of the user plane data according to the data type indication information, where the forwarding policy is at least used to instruct the user plane functional entity to forward the user plane data to the local area network device; and when the forwarding strategy indicates that the user plane functional entity forwards the user plane data to the local area network equipment, forwarding the user plane data to the local area network equipment.
It should be noted that, for the preferred implementation of this embodiment, reference may be made to the relevant descriptions of the embodiments corresponding to fig. 4 to 8, which are not described herein again.
Example 5
According to an embodiment of the present application, there is further provided an access apparatus for a local area network, which is applied to a local area network device, and is configured to implement the data communication method shown in fig. 9, as shown in fig. 11, the apparatus at least includes the following structures:
a first sending module 112, configured to send a registration request to the NEF entity;
a receiving module 114, configured to receive a registration success message from the NEF entity;
a second sending module 116, configured to send authorized user information to the NEF entity after the receiving module receives the registration success message, where the authorized user information satisfies the following conditions: and the user equipment corresponding to the authorized user information is allowed to access the local area network equipment through the user plane functional entity.
It should be noted that, for the preferred implementation of this embodiment, reference may be made to the relevant descriptions of the embodiments corresponding to fig. 4 to 8, which are not described herein again.
Example 6
According to an embodiment of the present application, there is also provided a data communication system, as shown in fig. 12, the system at least includes:
the user equipment 122 is configured to send user plane data to the user plane functional entity;
and the user plane functional entity 124 is configured to receive the user plane data, and forward the user plane data to a local area network device for authentication, where when the authentication is passed, it is determined that the user device is allowed to access a local area network corresponding to the local area network device.
It should be noted that, for the preferred implementation of this embodiment, reference may be made to the relevant descriptions of the embodiments corresponding to fig. 4 to 8, which are not described herein again.
Example 7
According to an embodiment of the present application, there is also provided a data communication method, as shown in fig. 13, the method including:
step S130, the user equipment acquires the current position of the user equipment;
step S132, when the user equipment determines that the current position is located in the coverage area of the target local area network, the user equipment sends user plane data to the local area network equipment through the user plane functional entity so as to access the target local area network. The specific implementation process of the user equipment accessing the local area network in step S132 may refer to the related description of the embodiments shown in fig. 4 to 8, and is not described herein again.
User devices include, but are not limited to: mobile terminals such as mobile phones and tablet computers.
In some embodiments of the present application, the user equipment may determine the current location by a positioning system provided in the user equipment, where the positioning system may include, but is not limited to: global positioning system, beidou positioning system, etc.
For the way of accessing the user equipment to the local area network, the method may be selected based on the actual requirements of the user, specifically:
the user equipment displays an access mode list in a man-machine interaction interface, wherein the access mode list comprises: the system comprises a VPN access mode and a non-VPN access mode, wherein the non-VPN access mode is used for indicating that the UE is allowed to access the local area network through a user plane functional entity; and the user equipment responds to the selection instruction, and selects an access mode for accessing the target local area network from the access mode list, wherein when the non-VPN access mode is selected, the user equipment is triggered to send user plane data to the local area network equipment through the user plane functional entity.
It should be noted that, for the preferred implementation of this embodiment, reference may be made to the relevant descriptions of the embodiments corresponding to fig. 4 to 8, which are not described herein again.
The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.
In the above embodiments of the present application, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed technical content can be implemented in other manners. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one type of division of logical functions, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The foregoing is only a preferred embodiment of the present application and it should be noted that those skilled in the art can make several improvements and modifications without departing from the principle of the present application, and these improvements and modifications should also be considered as the protection scope of the present application.
Claims (20)
1. A method of data communication, comprising:
the user plane functional entity receives user plane data from user equipment;
and the user plane functional entity forwards the user plane data to local area network equipment for authentication, wherein when the authentication is passed, the user equipment is determined to be allowed to access a local area network corresponding to the local area network equipment.
2. The method according to claim 1, wherein the user plane data carries data type indication information for indicating the user plane data; the user plane functional entity forwards the user plane data to local area network equipment for authentication, and the authentication comprises the following steps:
the user plane functional entity determines a forwarding strategy of the user plane data according to the data type indication information, wherein the forwarding strategy is at least used for indicating the user plane functional entity to forward the user plane data to the local area network device; and
and when the forwarding strategy indicates that the user plane functional entity forwards the user plane data to the local area network equipment, the user plane functional entity forwards the user plane data to the local area network equipment.
3. The method according to claim 2, wherein before the user plane function entity determines the forwarding policy of the user plane data according to the data type indication information, the method further comprises:
and the user plane functional entity acquires the forwarding strategy from a session management functional entity and stores the forwarding strategy.
4. The method of claim 2, wherein the method further comprises:
when the forwarding policy instructs the user plane function entity to forward the user plane data to the local area network via a data network, the user plane function entity forwards the user plane data to the local area network via the data network.
5. The method of claim 1, wherein the method further comprises:
the local area network equipment sends a registration request to a network open function entity;
after receiving the registration success message from the network open function entity, the local area network device sends authorized user information to the network open function entity to notify a policy control function entity to modify a forwarding policy, wherein the user device corresponding to the authorized user information is allowed to forward the user plane data to the local area network device through the user plane function entity, and the modified forwarding policy is used for instructing the user plane function entity to forward the user plane data from the user device corresponding to the authorized user information to the local area network device.
6. The method of claim 5, wherein before the user plane function entity forwards the user plane data to a local area network device, the method further comprises:
the user plane functional entity receives a forwarding policy from a policy functional entity via a session management functional entity, where the forwarding policy is used to instruct the user plane functional entity to forward the user plane data to the local area network device or instruct the user plane functional entity to forward the user plane data to the local area network via a data network.
7. The method of claim 2, wherein the data type indication information comprises at least one of: identification information of the user equipment; and the protocol type adopted by the user plane data.
8. The method according to any one of claims 1 to 6, wherein after determining that the user equipment is allowed to access a local area network corresponding to the local area network device, the method further comprises:
the local area network device determines to allow receiving the user plane data, and the local area network device determines to allow sending data to the user equipment through the user plane functional entity.
9. A method of data communication, comprising:
the slice network equipment receives user plane data from user equipment;
the slice network equipment authenticates the user plane data; and
and after the authentication is passed, determining that the user equipment is allowed to access a local area network, and forwarding the user plane data to the local area network.
10. The method according to claim 9, wherein the user plane data carries data type indication information for indicating the user plane data; the authentication of the user plane data by the slice network device comprises:
the slicing network device determines a forwarding strategy of the user plane data according to the data type indication information, wherein the forwarding strategy is at least used for indicating the slicing network device to forward the user plane data to the local area network; and
when the forwarding policy instructs the slice network device to forward the user plane data to the local area network, the slice network device forwards the user plane data to the local area network.
11. A method of data communication, comprising:
the local area network equipment receives user plane data from the user equipment forwarded by the user plane functional entity;
and the local area network equipment authenticates the user plane data, wherein when the user plane data passes the authentication, the user equipment is determined to be allowed to access the local area network corresponding to the local area network equipment.
12. An access method of a local area network, wherein the method comprises the following steps:
the local area network equipment sends a registration request to a network open function entity;
after receiving a registration success message from the network open function entity, the local area network device sends authorized user information to the network open function entity, wherein the authorized user information meets the following conditions: and the user equipment corresponding to the authorized user information is allowed to access the local area network equipment through the user plane functional entity.
13. The method of claim 12, wherein after sending the authorized user information to the network open function entity, the method further comprises:
and the network open functional entity sends a notification message for modifying a forwarding strategy to a strategy control functional entity, wherein the modified forwarding strategy is used for indicating a user plane functional entity to forward user plane data from user equipment to local area network equipment.
14. The method of claim 13, wherein after the network openness function entity sends a notification message to the policy control function entity to modify the forwarding policy, the method further comprises:
and the strategy control functional entity sends the modified forwarding strategy to a user plane functional entity through a session management functional entity, so that the user plane functional entity sends the user plane data to the local area network equipment according to the forwarding strategy.
15. A method of data communication, comprising:
the user equipment acquires the current position of the user equipment;
and when the user equipment determines that the current position is located in the coverage area of the target local area network, the user equipment sends user plane data to local area network equipment through a user plane functional entity so as to access the target local area network.
16. The method of claim 15, wherein before the ue sends user plane data to a lan device through a user plane function entity, the method further comprises:
the user equipment displays an access mode list in a human-computer interaction interface, wherein the access mode list comprises: the system comprises a VPN access mode and a non-VPN access mode, wherein the non-VPN access mode is used for indicating that the user equipment is allowed to access a local area network through a user plane functional entity;
and the user equipment responds to a selection instruction, and selects an access mode for accessing the target local area network from the access mode list, wherein when the non-VPN access mode is selected, the user equipment is triggered to send user plane data to the local area network equipment through a user plane functional entity.
17. A user plane functional entity comprising:
the receiving module is used for receiving user plane data from user equipment;
and the sending module is used for forwarding the user plane data to local area network equipment for authentication, wherein when the authentication is passed, the user equipment is allowed to access a local area network corresponding to the local area network equipment.
18. The user plane functional entity of claim 17, wherein the user plane data carries data type indication information for indicating the user plane data; the sending module is further configured to determine a forwarding policy of the user plane data according to the data type indication information, where the forwarding policy is at least used to instruct the user plane functional entity to forward the user plane data to the local area network device; and when the forwarding strategy indicates that the user plane functional entity forwards the user plane data to the local area network equipment, forwarding the user plane data to the local area network equipment.
19. An access device of a local area network, applied to a local area network device, the device comprising:
the first sending module is used for sending a registration request to the network open function entity;
a receiving module, configured to receive a registration success message from the network open function entity;
a second sending module, configured to send, after the receiving module receives the registration success message, authorized user information to the network open function entity, where the authorized user information meets the following conditions: and the user equipment corresponding to the authorized user information is allowed to access the local area network equipment through the user plane functional entity.
20. A data communication system, comprising:
the user equipment is used for sending user plane data to the user plane functional entity;
and the user plane functional entity is used for receiving the user plane data and forwarding the user plane data to local area network equipment for authentication, wherein when the authentication is passed, the user equipment is determined to be allowed to access the local area network corresponding to the local area network equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011212145.XA CN114531256A (en) | 2020-11-03 | 2020-11-03 | Data communication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011212145.XA CN114531256A (en) | 2020-11-03 | 2020-11-03 | Data communication method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114531256A true CN114531256A (en) | 2022-05-24 |
Family
ID=81619840
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011212145.XA Pending CN114531256A (en) | 2020-11-03 | 2020-11-03 | Data communication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114531256A (en) |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030236982A1 (en) * | 2002-06-20 | 2003-12-25 | Hsu Raymond T. | Inter-working function for a communication system |
| US7574202B1 (en) * | 2006-07-21 | 2009-08-11 | Airsurf Wireless Inc. | System and methods for a secure and segregated computer network |
| EP2753108A2 (en) * | 2011-10-08 | 2014-07-09 | Huawei Device Co., Ltd. | Wireless local area network authentication method and mobile terminal |
| CN106131074A (en) * | 2016-08-29 | 2016-11-16 | 北京像素软件科技股份有限公司 | The access method of a kind of LAN resources and system |
| CN107454099A (en) * | 2017-08-30 | 2017-12-08 | 努比亚技术有限公司 | A kind of secure data management method, terminal and computer-readable recording medium |
| CN108811011A (en) * | 2017-05-05 | 2018-11-13 | 华为技术有限公司 | A kind of conversation managing method, the network equipment and communication system |
| CN108881356A (en) * | 2017-05-11 | 2018-11-23 | 华为技术有限公司 | Data cached method and conversation management functional entity |
| CN109936506A (en) * | 2017-12-18 | 2019-06-25 | 华为技术有限公司 | Data transmission method, equipment and system |
| CN110247906A (en) * | 2019-06-10 | 2019-09-17 | 平安科技(深圳)有限公司 | A kind of method for monitoring network and device, equipment, storage medium |
| CN110417633A (en) * | 2018-04-28 | 2019-11-05 | 华为技术有限公司 | A kind of communication means and equipment |
| US10491376B1 (en) * | 2018-06-08 | 2019-11-26 | Cisco Technology, Inc. | Systems, devices, and techniques for managing data sessions in a wireless network using a native blockchain platform |
| US20200092424A1 (en) * | 2018-09-13 | 2020-03-19 | Weihua QIAO | Charging Control with SMF and PCF |
| CN111212430A (en) * | 2020-01-13 | 2020-05-29 | 祝峰昆 | Wireless local area network protection system based on zero knowledge proof |
| WO2020150268A1 (en) * | 2019-01-14 | 2020-07-23 | Apple Inc. | Management of vehicle-to-everything pc5 capability in 5g systems |
-
2020
- 2020-11-03 CN CN202011212145.XA patent/CN114531256A/en active Pending
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030236982A1 (en) * | 2002-06-20 | 2003-12-25 | Hsu Raymond T. | Inter-working function for a communication system |
| US7574202B1 (en) * | 2006-07-21 | 2009-08-11 | Airsurf Wireless Inc. | System and methods for a secure and segregated computer network |
| EP2753108A2 (en) * | 2011-10-08 | 2014-07-09 | Huawei Device Co., Ltd. | Wireless local area network authentication method and mobile terminal |
| CN106131074A (en) * | 2016-08-29 | 2016-11-16 | 北京像素软件科技股份有限公司 | The access method of a kind of LAN resources and system |
| CN108811011A (en) * | 2017-05-05 | 2018-11-13 | 华为技术有限公司 | A kind of conversation managing method, the network equipment and communication system |
| CN108881356A (en) * | 2017-05-11 | 2018-11-23 | 华为技术有限公司 | Data cached method and conversation management functional entity |
| CN107454099A (en) * | 2017-08-30 | 2017-12-08 | 努比亚技术有限公司 | A kind of secure data management method, terminal and computer-readable recording medium |
| CN109936506A (en) * | 2017-12-18 | 2019-06-25 | 华为技术有限公司 | Data transmission method, equipment and system |
| CN110417633A (en) * | 2018-04-28 | 2019-11-05 | 华为技术有限公司 | A kind of communication means and equipment |
| US10491376B1 (en) * | 2018-06-08 | 2019-11-26 | Cisco Technology, Inc. | Systems, devices, and techniques for managing data sessions in a wireless network using a native blockchain platform |
| US20200092424A1 (en) * | 2018-09-13 | 2020-03-19 | Weihua QIAO | Charging Control with SMF and PCF |
| WO2020150268A1 (en) * | 2019-01-14 | 2020-07-23 | Apple Inc. | Management of vehicle-to-everything pc5 capability in 5g systems |
| CN110247906A (en) * | 2019-06-10 | 2019-09-17 | 平安科技(深圳)有限公司 | A kind of method for monitoring network and device, equipment, storage medium |
| CN111212430A (en) * | 2020-01-13 | 2020-05-29 | 祝峰昆 | Wireless local area network protection system based on zero knowledge proof |
Non-Patent Citations (5)
| Title |
|---|
| 李凌;: "4G VPN中数据网接入局域网被访需求的实现研究", 无线互联科技, no. 11, 10 June 2017 (2017-06-10) * |
| 李沸乐;杨文聪;: "5G轻量化核心网总体方案研究与设计", 移动通信, no. 01, 15 January 2020 (2020-01-15) * |
| 梁景原, 丁世杰, 陈杰: "WLAN接入GPRS核心网的认证机制", 电信工程技术与标准化, no. 02, 15 February 2003 (2003-02-15) * |
| 白晓梅;: "一种网络认证计费的设计与实现", 沈阳师范大学学报(自然科学版), no. 02, 15 April 2010 (2010-04-15) * |
| 罗斌;樊自甫;万晓榆;: "TD-SCDMA网络建设中Iu接口用户平面假活现象的解决方法研究", 广东通信技术, no. 03, 15 March 2009 (2009-03-15) * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI386100B (en) | Communication apparatuses and methods for handling apparatus terminated communication request | |
| US11647452B2 (en) | Application-driven user slice selection for mobile networks | |
| US9113332B2 (en) | Method and device for managing authentication of a user | |
| CN112437104B (en) | Method and device for managing service quality and communication system | |
| CN108029017A (en) | The method that safe wifi calling connections are carried out by managed public WLAN accesses | |
| US9185092B2 (en) | Confidential communication method using VPN, system thereof, program thereof, and recording medium for the program | |
| CN112449315A (en) | Network slice management method and related device | |
| US10791464B2 (en) | Method for establishing a secure connection | |
| CN107006052A (en) | Set up using the OTT connections of the D2D based on infrastructure serviced | |
| US20220225095A1 (en) | External Authentication Method, Communication Apparatus, and Communication System | |
| CN114080054A (en) | PDU session establishment method, terminal equipment and chip system | |
| EP2317694A1 (en) | Method and system and user equipment for protocol configuration option transmission | |
| CN111656811A (en) | Lawful interception in a communication system using a service-based interface | |
| CN114679753A (en) | Network slice switching method and device and communication system | |
| CN116193431A (en) | Slice authentication method and device | |
| US11057757B2 (en) | Techniques for providing subscriber-specific routing of a roaming user equipment in a visited communication network | |
| EP4262170A1 (en) | Multipath communication and control | |
| CN107343285A (en) | Management equipment and equipment management method | |
| Nguyen et al. | An SDN‐based connectivity control system for Wi‐Fi devices | |
| CN114531256A (en) | Data communication method and system | |
| EP3879866B1 (en) | Method for establishing a secure connection for the internet of things | |
| EP4002766B1 (en) | Method and system for reachability of services specific to one specific network access over a different network access and system thereof | |
| US20230090407A1 (en) | Management of routing | |
| CN116471590A (en) | Terminal access method, device and authentication service function network element | |
| KR100957636B1 (en) | Method and system for managing data session |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |