CN115334456A

CN115334456A - Method and device for group paging

Info

Publication number: CN115334456A
Application number: CN202110506732.8A
Authority: CN
Inventors: 郭龙华; 吴义壮; 吴�荣
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2021-05-10
Filing date: 2021-05-10
Publication date: 2022-11-11
Also published as: WO2022237733A1

Abstract

The application provides a method and a device for group paging, wherein the method for group paging comprises the following steps: the terminal equipment sends a group paging message to the network equipment, wherein the group paging message comprises a first group identifier; the terminal device sends a service request message to the network device. Further, the terminal device receives second indication information from the network device, and the terminal device determines whether an abnormality exists according to the second indication information; and under the condition that the terminal equipment determines that the abnormity exists, the terminal equipment does not respond to the paging message carrying the identifier of the first multicast session. The method for group paging in the embodiment of the application can identify illegal group paging, so that the problem of resource waste caused by illegal group paging of an attacker can be solved.

Description

Method and device for group paging

Technical Field

The present application relates to the field of communications, and more particularly, to a method and apparatus for group paging.

Background

When the UE is in an idle state, the network side may trigger the UE to initiate a service request through group paging, and establish a multicast session. Wherein, the group paging message carries the multicast session identification. However, when the multicast session id of a multicast session is revealed, an attacker can use the multicast session id to attack. For example, when the multicast session identity is not changed, a large number of UEs may be attracted to make service requests through the group paging message, resulting in UE resources being consumed, base station resources being occupied, and in severe cases, UE and base station being attacked by denial of service.

It is therefore desirable to provide a technique that can improve the security of the group paging procedure.

Disclosure of Invention

The group paging method and the group paging device can improve the safety of the group paging process.

In a first aspect, a method for group paging is provided, the method comprising: the method comprises the steps that terminal equipment receives a group paging message, wherein the group paging message comprises a first group identifier; the terminal equipment sends a service request message to the network equipment; the terminal equipment receives second indication information from the network equipment; and the terminal equipment determines that the anomaly exists according to the second indication information.

Illustratively, the first group identifier is used to identify a first group, and after receiving a group paging message carrying the first group identifier, the terminal device sends a service request message to the network device if the terminal device belongs to the first group. The service request message may be used to request to join the first group or to request to receive content of the first group. Optionally, the service request message carries first indication information, where the first indication information is used to indicate that the terminal device receives a paging message carrying a first group identifier.

It should be understood that the message that the terminal device sends the first indication information to the network device is protected by confidentiality and integrity, and an attacker cannot tamper with the message, so that the accuracy of the message can be ensured. Similarly, the second indication information sent by the network device to the terminal device is also protected in confidentiality and integrity.

The first indication information reflects the reason for the UE to initiate the service request message and/or the received paging message, and is helpful for the network equipment to judge whether the abnormality exists, so that the network equipment can timely process the abnormality, and the safety of the group paging process is improved.

Optionally, the second indication information is used for indicating at least one of the following: the network device does not trigger a group page using the first group identity; a list of group identifiers activated by the network device, the first group identifier not being present in the list; the terminal equipment has abnormity; the terminal device does not respond to the group paging message carrying the identifier of the first multicast session; the first group is not yet activated.

It should be understood that, in a possible implementation scenario, the first group may be, for example, a multicast group, and the first group identifier may be, for example, a multicast session identifier (MBS session ID) corresponding to the multicast group, and the group activation procedure may be regarded as a multicast session activation procedure. This is by way of example only and not by way of limitation.

With reference to the first aspect, in certain implementations of the first aspect, the method further includes: and under the condition that the terminal equipment determines that the abnormality exists, the terminal equipment does not respond to the paging message carrying the first group identifier.

It should be understood that the presence anomaly may be an attack of the terminal device by the pseudo base station. That is, the group paging message received by the terminal device may be forged by the pseudo base station. Alternatively, the existence exception may be that the terminal device requests to join the first group, but the first group is not yet activated.

Or, in another possible implementation scheme, the terminal device sends first indication information to the network device, where the first indication information is used to indicate that the terminal device receives a paging message carrying a first group identifier; the terminal device receives second indication information from the network device, wherein the second indication information is used for indicating at least one of the following items: the network device has not triggered group paging using the first group identity; a list of identities of groups activated by the network device, the first group identity not being present in the list; the terminal equipment has abnormity; the terminal device does not respond to the group paging message carrying the first group identifier; the first group has not been activated; and the terminal equipment determines not to respond to the paging message carrying the first group identifier according to the second indication information, or determines to respond to only the common paging message according to the second indication information. That is, in this implementation, after receiving the second indication information, the terminal device directly determines not to respond to the group paging message carrying the first group identity without determining that there is an abnormal action.

It should be understood that the determination of the existence of the anomaly by the terminal device may also be expressed as the determination of the terminal device being attacked by an attacker, or the determination of the existence of the attacker by the terminal device, or the determination of the terminal device that the received paging message carrying the first group identifier is forged, or the like. The present application is not limited.

With reference to the first aspect, in some implementation manners of the first aspect, if the terminal device does not respond to the paging message carrying the first group identifier when the terminal device is abnormal, the method includes: the terminal device does not respond to the paging message carrying the first group identity in the first time period.

With reference to the first aspect, in certain implementations of the first aspect, the method further includes: the terminal equipment determines the first time period according to the pre-configuration information; or, the terminal device receives the information of the first time period from the network device.

The first time period may be, for example, a potential session activation time. By the method provided by the embodiment of the application, under the condition that the abnormality exists, the terminal equipment does not respond to the paging message carrying the first group identifier within a period of time, so that the attack of an attacker can be avoided, and the time for the terminal equipment to influence the multicast service due to the attack of the attacker can be reduced.

With reference to the first aspect, in some implementations of the first aspect, the first group identity is a temporary mobile group identity.

With reference to the first aspect, in certain implementations of the first aspect, before the terminal device sends the first indication information to the network device, the method further includes: the terminal device receives a group paging message, which includes the first group identity.

After receiving the group paging message carrying the first group identifier, the terminal device sends a service request message to the network device if the terminal device belongs to the group corresponding to the first group identifier. With reference to the first aspect, in some implementations of the first aspect, the first indication information is carried in a service request message.

Therefore, the group paging method provided in the embodiment of the present application determines whether the terminal device receives the group paging message carrying the group identifier triggered by the network device (or determines whether the terminal device is under attack), and in case of the abnormality, the terminal device does not respond or does not respond to the group paging message carrying the corresponding group identifier for a while, thereby avoiding the problem of resource waste caused by an attacker who frequently initiates an illegal group paging, and improving the security of the group paging process.

In a second aspect, a method for group paging is provided, the method comprising: the network equipment receives a service request message from the terminal equipment; the network equipment judges whether the terminal equipment has abnormity or not.

Optionally, the service request message includes first indication information, where the first indication information is used to indicate that the terminal device receives a paging message carrying a first group identifier; the network equipment judges whether the terminal equipment is abnormal or not, and the network equipment judges whether the terminal equipment is abnormal or not according to the first indication information.

With reference to the second aspect, in certain implementations of the second aspect, the method further includes: and under the condition that the terminal equipment has the abnormality, the network equipment sends second indication information to the terminal equipment, wherein the second indication information is used for indicating that the terminal equipment has the abnormality.

With reference to the second aspect, in some implementations of the second aspect, in a case that there is an abnormality in the terminal device, the method further includes: the network device updates the context of the terminal device, and the context indicates that the network device needs to activate the first group, and performs normal paging on the terminal device.

It should be noted that the ordinary paging herein refers to the network device performing one-to-one paging on the terminal device by using the identifier of the terminal device.

With reference to the second aspect, in some implementations of the second aspect, in a case that there is an abnormality in the terminal device, the method further includes: the network device receives a first request message, wherein the first request message comprises the first group identifier, and the first request message is used for requesting to activate the first group; the network equipment determines to execute common paging to the terminal equipment according to the context of the terminal equipment; and the network equipment sends a paging message to the terminal equipment, wherein the paging message comprises the identifier of the terminal equipment, and the terminal equipment belongs to the group corresponding to the first group identifier.

With reference to the second aspect, in some implementation manners of the second aspect, the determining, by the network device, whether the terminal device is abnormal according to the first indication information includes: when the network device does not trigger the paging message carrying the first group identifier, the network device determines that the terminal device is abnormal; or, when the identifier carried in the paging message sent by the network device to the terminal device is different from the first group identifier, the network device determines that the terminal device is abnormal.

With reference to the second aspect, in some implementations of the second aspect, the second indication information is used to indicate at least one of: the network device does not trigger a group page using the first group identity; a list of group identities activated by the network device; the terminal device does not respond to the group paging message carrying the first group identifier; the first group is not yet activated.

With reference to the second aspect, in some implementations of the second aspect, in a case that there is an abnormality in the terminal device, the method further includes: the network device sends information of a first time period to the terminal device, wherein the information of the first time period is used for indicating that the terminal device does not respond to the group paging message carrying the first group identifier in the first time period.

With reference to the second aspect, in some implementations of the second aspect, the first indication information is carried in a service request message.

With reference to the second aspect, in some implementations of the second aspect, the first group identity is a temporary mobile group identity.

With reference to the second aspect, in certain implementations of the second aspect, the identification of the terminal device comprises a globally unique temporary user equipment identification, GUTI, of the terminal device.

In a third aspect, an apparatus for group paging is provided, the apparatus comprising: a transceiver module, configured to send first indication information to a network device, where the first indication information is used to indicate that a paging message carrying a first group identifier is received by a terminal device; the transceiver module is further used for receiving second indication information from the network equipment; and the processing module is used for determining that the abnormality exists according to the second indication information.

With reference to the third aspect, in some implementations of the third aspect, the processing module is further configured to: and under the condition that the abnormity is determined, the paging message carrying the first group identification is not responded.

With reference to the third aspect, in certain implementations of the third aspect, the second indication information is used to indicate at least one of: the network device does not trigger a group page using the first group identity; a list of group identifiers activated by the network device, the first group identifier not being present in the list; the terminal equipment has abnormity; the terminal device does not respond to the group paging message carrying the first group identifier; the first group is not yet activated.

With reference to the third aspect, in some implementations of the third aspect, the processing module is specifically configured to: the terminal device does not respond to the paging message carrying the first group identity in the first time period.

With reference to the third aspect, the processing module is further configured to: determining the first time period according to preconfigured information; or, the transceiving module is further configured to receive information of the first time period from a network device.

With reference to the third aspect, in some implementations of the third aspect, the first group identity is a temporary mobile group identity.

With reference to the third aspect, in certain implementations of the third aspect, the transceiver module is further configured to: a group paging message is received, the group paging message including the first group identification.

With reference to the third aspect, in some implementations of the third aspect, the first indication information is carried in a service request message.

In a fourth aspect, a method of group paging is provided, the method comprising: the terminal equipment receives a group paging message, wherein the group paging message comprises a first group identifier; the terminal equipment sends a service request message to the network equipment; the terminal device determines whether there is an abnormality.

With reference to the fourth aspect, in certain implementations of the fourth aspect, the method further includes: the terminal equipment receives second indication information from the network equipment; the terminal equipment determines that the abnormality exists according to the second indication information.

With reference to the fourth aspect, in some implementations of the fourth aspect, the second indication information is used to indicate at least one of: the network device does not trigger a group page using the first group identity; a list of group identifiers activated by the network device, the first group identifier not being present in the list; the terminal equipment has abnormity; the terminal device does not respond to the group paging message carrying the first group identifier; the first group is not yet activated.

With reference to the fourth aspect, in certain implementations of the fourth aspect, the method further includes: and under the condition that the terminal equipment determines that the abnormality exists, the terminal equipment does not respond to the paging message carrying the first group identifier.

With reference to the fourth aspect, in some implementation manners of the fourth aspect, if the terminal device is abnormal, the terminal device does not respond to the paging message carrying the first group identifier, including: the terminal device does not respond to the paging message carrying the first group identity in the first time period.

With reference to the fourth aspect, in certain implementations of the fourth aspect, the method further includes: the terminal equipment determines the first time period according to the pre-configuration information; or, the terminal device receives the information of the first time period from the network device.

In a fifth aspect, an apparatus for group paging is provided, the apparatus comprising: a transceiver module, configured to receive first indication information from a terminal device, where the first indication information is used to indicate that the terminal device receives a paging message carrying a first group identifier; and the processing module is used for judging whether the terminal equipment has abnormity according to the first indication information.

With reference to the fifth aspect, in some implementations of the fifth aspect, in a case that the terminal device has an abnormality, the transceiver module is further configured to send second indication information to the terminal device, where the second indication information is used to indicate that the terminal device has the abnormality.

With reference to the fifth aspect, in some implementations of the fifth aspect, in a case that the terminal device has an abnormality, the processing module is further configured to update a context of the terminal device, where the context indicates that the network device needs to activate the first group, and perform a normal paging on the terminal device.

With reference to the fifth aspect, in some implementations of the fifth aspect, in a case that the terminal device has an abnormality, the transceiver module is further configured to receive a first request message, where the first request message includes the first group identifier, and the first request message is used to request activation of the first group; the processing module is further configured to determine to perform a general paging on the terminal device according to the context of the terminal device; the transceiver module is further configured to send a paging message to the terminal device, where the paging message includes an identifier of the terminal device, and the terminal device belongs to a group corresponding to the first group identifier.

With reference to the fifth aspect, in some implementations of the fifth aspect, the processing module is specifically configured to: when the processing module does not trigger the paging message carrying the first group identifier, determining that the terminal equipment has an abnormality; or, when the identifier carried in the paging message sent by the sending/receiving module to the terminal device is different from the first group identifier, the processing module determines that the terminal device is abnormal.

With reference to the fifth aspect, in certain implementations of the fifth aspect, the second indication information is used to indicate at least one of: the network device does not trigger a group page using the first group identity; a list of group identities activated by the network device; the terminal device does not respond to the group paging message carrying the first group identifier; the first group is not yet activated.

With reference to the fifth aspect, in some implementation manners of the fifth aspect, in a case that the terminal device has an abnormality, the transceiver module is further configured to send information of a first time period to the terminal device, where the information of the first time period is used to indicate that the terminal device does not respond to the group paging message carrying the first group identifier in the first time period.

With reference to the fifth aspect, in some implementations of the fifth aspect, the first indication information is carried in a service request message.

With reference to the fifth aspect, in some implementations of the fifth aspect, the first group identity is a temporary mobile group identity.

With reference to the fifth aspect, in certain implementations of the fifth aspect, the identification of the terminal device comprises a globally unique temporary user equipment identification, GUTI, of the terminal device.

In a sixth aspect, an apparatus for group paging is provided, the apparatus comprising: a processor configured to execute the computer program stored in the memory to cause the communication apparatus to perform any one of the possible implementations of the first aspect to the second aspect.

In a seventh aspect, a computer-readable storage medium is provided, on which a computer program is stored, which, when run on a computer, causes the computer to perform any one of the possible implementations of the first to second aspects.

In an eighth aspect, a computer program product is provided, which comprises computer program instructions that, when run on a computer, cause the computer to perform the manner in which any of the first to second aspects may be implemented.

In a ninth aspect, a chip system is provided, the chip system comprising: a processor configured to call and run the computer program from the memory, so that the communication device in which the system-on-chip is installed performs any one of the possible implementations of the first aspect to the second aspect.

Drawings

Fig. 1 is a schematic diagram of a network architecture suitable for the method provided in the embodiment of the present application.

Fig. 2 is a flow diagram of a multicast service.

Fig. 3 is a schematic flowchart of a group paging method according to an embodiment of the present application.

Fig. 4 is a schematic flowchart of a group paging method according to another embodiment of the present application.

Fig. 5 is a schematic flow chart of a method for group paging according to another embodiment of the present application.

Fig. 6 is a schematic flow chart of a group paging method according to another embodiment of the present application.

Fig. 7 is a schematic flowchart of a group paging method according to another embodiment of the present application.

Fig. 8 is a schematic block diagram of a communication device provided in one embodiment of the present application.

Fig. 9 is a schematic block diagram of a communication device according to another embodiment of the present application.

Fig. 10 is a schematic block diagram of a communication device according to another embodiment of the present application.

Fig. 11 is a schematic block diagram of a communication device according to another embodiment of the present application.

Detailed Description

The technical solution in the present application will be described below with reference to the accompanying drawings.

The technical scheme provided by the application can be applied to various communication systems, such as: a Long Term Evolution (LTE) system, an LTE Frequency Division Duplex (FDD) system, an LTE Time Division Duplex (TDD) system, a Universal Mobile Telecommunications System (UMTS), a Worldwide Interoperability for Microwave Access (WiMAX) communication system, a fifth generation (5 g) system, a New Radio (NR), or the like.

The network element naming may be different in different network systems. The following describes the present application by taking the name of network element in 5G network as an example.

Fig. 1 and 2 are schematic diagrams of network architectures suitable for use in the methods provided by the embodiments of the present application. Fig. 1 is a schematic diagram of a 5G network architecture based on a service interface, and fig. 2 is a diagram of a 5G network architecture based on a point-to-point interface. The following first combines the schematic diagrams of the 5G network architecture shown in fig. 1 and fig. 2 to briefly describe the main network elements involved in the 5G network system.

1. User Equipment (UE): may include various handheld devices, vehicle-mounted devices, wearable devices, computing devices or other processing devices connected to a wireless modem with wireless communication capabilities, as well as various forms of terminals, mobile Stations (MSs), terminals (terminals), soft terminals, and the like. Such as water meters, electricity meters, sensors, etc.

2. Radio Access Network (RAN) network elements: hereinafter referred to as RAN for short, corresponds to access network equipment.

The method and the device are used for providing a network access function for authorized user equipment in a specific area, and can use transmission tunnels with different qualities according to the level of the user equipment, the service requirement and the like.

The RAN network element can manage radio resources, provide access services for the user equipment, and then complete forwarding of control signals and user equipment data between the user equipment and the core network, and the RAN network element can also be understood as a base station in a conventional network. For example, the RAN may be an NB, eNB, gNB, ng-eNB, or any other access network device.

3. User Plane Function (UPF): for packet routing and forwarding, quality of service (QoS) handling of user plane data, etc.

In the 5G communication system, the user plane network element may be a User Plane Function (UPF) network element. In a future communication system, the user plane network element may still be a UPF network element, or may also have another name, which is not limited in this application.

4. Multicast/broadcast user plane function (multimedia/broadcast-user plane function, MB-UPF)

The MB-UPF is mainly responsible for transmitting the multicast broadcast stream to the RAN (or UPF), and may perform packet filtering and distribution on the multicast broadcast stream, so as to implement QoS enhancement and counting/reporting of the multicast broadcast service. MB-UPF and UPF in this application are not strictly distinguished, and (MB-) UPF is used to denote MB-UPF or UPF.

5. Data Network (DN): for providing a network for transmitting data.

In the 5G communication system, the data network element may be a data network element. In a future communication system, the data network element may still be a DN network element, or may also have another name, which is not limited in this application.

6. Access and mobility management network element

The access and mobility management network element is mainly used for mobility management, access management, and the like, and can be used for realizing other functions in the MME function besides session management, for example, functions such as lawful interception and access authorization/authentication.

In the 5G communication system, the access and mobility management network element may be an access and mobility management function (AMF). In future communication systems, the access and mobility management devices may still be AMFs, or may have other names, which are not limited in this application.

7. Session Management Function (SMF): the method is mainly used for session management, internet Protocol (IP) address allocation and management of the user equipment, selection of a termination point capable of managing a user plane function, a policy control and charging function interface, downlink data notification and the like.

In the 5G communication system, the session management network element may be a session management function network element. In future communication systems, the session management network element may still be an SMF network element, or may also have another name, which is not limited in this application.

8. Multicast/broadcast session management function (multimedia/broadcast-session management function, MB-SMF)

The MB-SMF is mainly responsible for managing multicast broadcast sessions and controlling multicast broadcast transmission, and correspondingly configures the MB-UPF and the RAN according to a policy rule of a multicast broadcast service provided by PCF or locally configured so as to complete transmission of multicast broadcast streams. MB-SMF and SMF in the present application are not strictly distinguished, and (MB-) SMF is used to denote MB-SMF or SMF.

9. Policy Control Function (PCF): a unified policy framework for guiding network behavior, providing policy rule information for control plane function network elements (e.g., AMF, SMF, etc.), and the like.

In the 4G communication system, the policy control network element may be a Policy and Charging Rules Function (PCRF) network element. In the 5G communication system, the policy control network element may be a policy control function, PCF, network element. In a future communication system, the policy control network element may still be a PCF network element, or may also have another name, which is not limited in this application.

10. Application Function (AF): the method is used for carrying out data routing of application influence, opening functional network elements of a wireless access network, carrying out strategy control by interacting with a strategy framework and the like.

In the 5G communication system, the application network element may be an application function network element. In a future communication system, the application network element may still be an AF network element, or may also have another name, which is not limited in this application.

11. Unified Data Management (UDM): for handling UE identity, access authentication, registration, mobility management, etc.

In the 5G communication system, the data management network element may be a unified data management network element; in the 4G communication system, the data management network element may be a Home Subscriber Server (HSS) network element in a future communication system, and the unified data management may still be an UDM network element, or may also have another name, which is not limited in this application.

12. Unified data storage (UDR): the method mainly comprises the following functions: and access functions of type data such as subscription data, strategy data, application data and the like.

13. Authentication server (AUSF): the method is used for authentication service and key generation to realize bidirectional authentication of the user equipment, and supports a unified authentication framework.

In the 5G communication system, the authentication server may be an authentication server function network element. In a future communication system, the authentication server function network element may still be an AUSF network element, or may also have another name, which is not limited in this application.

14. Multicast/Broadcast Service Function (MBSF): the service layer function supporting multicast/broadcast service, interacting with AF and (MB) -SMF to complete MBS conversation operation and transmission, controlling MBSTF network element, etc.

15. Multicast/Broadcast Service Transport Function (MBSTF): the media anchor point of the multicast/broadcast service data supports the processing and distribution of the multicast/broadcast service data stream.

It is to be understood that the above network elements or functions may be network elements in a hardware device, or may be software functions running on dedicated hardware, or virtualization functions instantiated on a platform (e.g., a cloud platform). For convenience of description, in the following, the network device is taken as an access and mobility management network element AMF, and the base station is taken as a radio access network RAN for example.

It should be understood that the network architecture applied to the embodiment of the present application is only an example, and the network architecture applied to the embodiment of the present application is not limited thereto, and any network architecture capable of implementing the functions of the network elements described above is applicable to the embodiment of the present application.

For example, in some network architectures, network function network element entities such as an AMF, an SMF network element, a PCF network element, a BSF network element, and a UDM network element are all called Network Function (NF) network elements; or, in other network architectures, a set of network elements such as an AMF, an SMF network element, a PCF network element, a BSF network element, and a UDM network element may all be referred to as a control plane functional network element.

For ease of understanding the embodiments of the present application, some concepts or terms referred to in the present application will be first briefly described.

1. Multicast

A peer-to-peer communication mode in a network, i.e. a terminal joining the same peer group, can receive all data in the peer group. The terminal can request to join or leave a certain group from the network side, and the core network and the base station selectively transmit data, namely, the data in the group is transmitted to the terminals which join the group. Therefore, data can be transmitted to a plurality of terminals needing (joining in a group) at one time, and other communication of other terminals not needing (not joining in the group) can be guaranteed not to be influenced.

A multicast group is a set of recipients identified by a multicast session identification. A multicast Session identification (MBS Session ID) to identify a multicast Session between the AF and the 5G network, AF and UE, which may be a Temporary Mobile Group Identity (TMGI) or MBS multicast Session IP address.

A terminal becomes a member of a multicast group by joining the multicast group, thereby receiving multicast data addressed to the multicast group. The members of the multicast group are dynamic and the terminal can access or leave the multicast group at any time.

2. Protocol Data Unit (PDU) session (PDU session)

The 5G core network (5G corenet, 5GC) supports PDU connection services. The PDU connect service may refer to a service of exchanging PDU packets between the terminal device and the DN. The PDU connect service is implemented by the terminal device initiating the establishment of a PDU session. After a PDU session is established, a data transmission channel between the terminal device and the DN is established. In other words, the PDU session is UE level. Each end-point device may establish one or more PDU sessions. The terminal device may access the DN through a PDU session established between the terminal device and the DN.

As mentioned before, the SMF primary user is responsible for session management in the mobile network. The PDU session may be established, modified or released between the terminal device and the SMF through NAS Session Management (SM) signaling.

In the embodiment of the present application, the terminal device may establish multiple PDU sessions or multiple PDU connection services, for example, the terminal device may establish two or more PDU sessions, and the multiple PDU sessions are not limited. For example, the DN identities (DNNs) of these PDU sessions may be different or the same. As another example, different PDU sessions may be served by the same SMF, or by different SMFs. As another example, the establishment of these PDU sessions may be initiated simultaneously or sequentially. To facilitate understanding of the group paging method provided in the embodiment of the present application, the following briefly introduces a flow 200 of a multicast service in conjunction with fig. 2:

s201, multicast session pre-configuration process.

Illustratively, the AF configures a multicast Session to the network side, such as the AF obtains a multicast Session corresponding multicast Session identity (MBS Session ID) used to identify the multicast Session between the AF and the 5G network, the AF and the UE, which may be a Temporary Mobile Group Identity (TMGI) or an MBS multicast Session IP address. The MBS Session ID remains unchanged for a period of time. The service provider may send a message to the UE through an upper layer (e.g., an application layer, etc.) to inform the UE to start providing the multicast service, where the message includes at least the MBS Session ID.

S202, UE sends request message for joining multicast Session to AMF, the request message for joining multicast Session includes MBS Session ID, the MBS Session ID is used to identify multicast group the UE wants to join.

S203, the AMF invokes a PDU session update session management context (Nsmf _ PDU session _ update smsxt) service to send a request for the UE to join the multicast session to the (MB) -SMF.

In a possible case, when the MBS Session identified by the MBS Session ID is not activated in the core network, that is, the time when the UE requests to join the multicast group is earlier than the MBS Session activation time, for example, the SMF has not allocated resources according to the request of the AF to establish the MBS Session, the SMF sends an indication message to the UE to indicate that the MBS Session is not activated.

In another possible case, when the SMF has already established an MBS session according to the request of the AF (the session may be understood as a data transmission channel between the AF and the core network), the core network establishes a session between the UE and the core network according to the request of the UE (the session may be understood as a data transmission channel between the UE and the core network), specifically for example:

s204, (MB-) SMF sends service configuration information to AMF by invoking N1N2 messaging service, where the service configuration information includes multicast data special quality of service rules (QoS rules), and the like.

S205, the AMF sends the service configuration information to the RAN through an N2 session modification request (N2 session modification request) message.

S206, RRC reconfiguration procedure.

Illustratively, after receiving the service configuration information, the RAN sends an RRC reconfiguration message to the UE to establish a bearer between the UE and the base station. S207, the RAN sends an N2 session modification response message to the AMF.

S208, the AMF sends a response message to the (MB-) SMF.

S209, the UE enters an idle mode.

Illustratively, the UE may enter the idle state in several possible scenarios:

a) The MBS session is deactivated on the core network side, for example: when the AF has no multicast session data to send for a period of time, the AF may request the core network to deactivate the corresponding MBS session. Another example is: (MB-) UPF may request from the (MB-) SMF in the core network to deactivate the corresponding MBS session upon detecting that no multicast session data is being sent for a period of time. The core network may deactivate the MBs session upon request by the AF or (MB-) UPF. And if the UE has no other services at the moment, the UE enters an idle state.

b) When the UE requests to join the multicast group, the MBS session is not activated in the core network, that is, the time when the UE requests to join the multicast group is earlier than the multicast session start time, and the UE may enter an idle state according to the indication of the core network.

c) When no multicast session data is transmitted within a period of time, the RAN and the UE release the connection, and the UE enters an idle state. At this time, the core network side MBS conversation is in an activated state.

S210, the AF sends an MBS conversation activating request message to the (MB-) SMF.

Illustratively, when an AF needs to send multicast session data, the AF may request activation of the corresponding MBs session from the (MB-) SMF in the core network.

Alternatively, as another possible implementation manner, at S210, an MBs session activation request message may also be sent to the (MB-) SMF by the (MB-) UPF. Illustratively, when a (MB-) UPF detects that there is multicast session data to send, the (MB-) UPF may request the (MB-) SMF in the core network to activate the corresponding MBs session.

S211, the (MB-) SMF sends a request message to the AMF by calling the N1N2 message transmission service to request to activate the MBS multicast Session, wherein the request message carries the MBS Session ID. It is to be understood that requesting activation of a multicast session means activating a member of the multicast group to establish or resume a multicast session transport bearer.

S212, when the UE belonging to the MBS conversation group member is in the idle state or the non-activated state, the AMF sends the paging request message to the RAN.

Exemplarily, after receiving the request message for requesting activation of the MBS Session, the AMF determines the UE to be paged according to the MBS Session ID. It should be understood that the UE to be paged here may be all members of the MBS session group, or may be a UE in an idle state or an inactive state in the MBS group. It should also be understood that the UE in the connected state does not respond to the paging message.

When the UE is in an idle state or an inactive state, the AMF transmits a paging request message to the RAN. Under the condition that the RAN supports the MBS service, the paging request message carries an MBS Session ID, and the paging message can be a group paging message, namely a paging message with 1 to many pairs; under the condition that the RAN does not support the MBS service, the paging request message carries the UE ID, the paging message is a normal paging, that is, a 1 to 1 paging message, and the UE ID is a UE-granularity user identifier, which may be, for example, a temporary identifier of the UE. And optionally carrying the MBS Session ID. And are not limited herein.

In another possible case, the UE is in a connected mode, and the AMF sends a non-access stratum notification (NAS notification) message to the UE, where the message is used to indicate that the UE multicast Session is activated, and the MBS Session ID is carried in the message. Or, the AMF may not send the NAS notification message, and directly request the UE to join the MBS session, or request activation of the MBS session, i.e. skip steps S212-S214. Whether to send the NAS notification message is not limited herein.

S213, the RAN sends a paging message to the UE.

Illustratively, the RAN performs paging according to a cell corresponding to a tracking area where the UE is located.

And under the condition that the RAN supports the MBS service, the RAN initiates group paging to the UE, and the message carries the MBS Session ID.

In the case that the RAN does not support the MBS service, the RAN initiates a normal paging to the UE, where the message carries the UE ID, and optionally, the message also carries the MBS Session ID, to indicate the UE to activate the corresponding multicast Session. The message may not send the MBS Session ID, and after the UE responds to the paging message, the AMF directly performs the Session establishment procedure for the UE. And are not limited herein. It should be understood that normal paging means paging for paging a single UE. I.e. normal paging is a one-to-one paging procedure. Group paging is a one-to-many procedure, i.e., one group paging message may have multiple UEs responding.

S214, the UE sends a service request message to the AMF

Illustratively, the UE receives a paging message from the RAN. When the paging message carries the MBS session ID and the UE judges that the UE belongs to a multicast group corresponding to the MBS session ID, the UE sends a service request message to the AMF; and when the paging message carries the UE ID and the UE judges that the UE ID is matched with the UE, the UE sends a service request message to the AMF.

In the method 200, UE1, UE2, and UE3 are all multicast group members corresponding to the MBS session ID, UE3 is in a connected state, and UE1 and UE2 are all in an idle state. When the RAN sends a group paging message carrying the MBS session ID, both UE1 and UE2 will respond and send a service request message.

S215, the AMF sends a service Request to the (MB-) SMF via a PDU session update SM context Request message (Nsmf PDU session update smscontext Request).

S216, the network side and the UE complete the multicast session establishment process. The present application is not limited in this regard.

However, an attacker can use a group paging forgery attack, which causes problems such as consumption of UE resources and occupation of base station resources. In view of this, the present application provides a group paging method to solve the problem that an attacker forges a paging message to cause resources to be occupied without any reason.

Fig. 3 is a schematic flow chart of a method 300 provided by an embodiment of the present application. As can be seen in fig. 3, the method 300 includes:

s310: the terminal device sends a service request message to the network device, wherein the message optionally carries the first indication information.

Illustratively, before S310, the terminal device receives a group paging message, where the group paging message carries a first group identifier. It should be understood that the first group identity may be used at both the terminal side and the network side to identify the first group, which may be, for example, a Temporary Mobile Group Identity (TMGI).

Further, the terminal device sends first indication information to the network device, where the first indication information is used to indicate that the terminal device receives a paging message carrying a first group identifier.

The first indication information may be carried in a service request message sent by the terminal device to the network device, or may be carried in other messages, which is not limited in this application. The network device may be an access and mobility management element (e.g., AMF), or a session management element (e.g., SMF), or a multicast/broadcast service function element (e.g., MBSF).

S320, the network equipment judges whether the terminal equipment is abnormal or not. For example, the network device may determine whether there is an abnormality in the terminal device according to the first indication information. Exemplarily, when the network device does not trigger the paging message carrying the first group identifier, the network device determines that the terminal device is abnormal; or, when the identifier carried in the paging message sent by the network device to the terminal device is different from the first group identifier, the network device determines that the terminal device is abnormal.

It should be understood that the presence anomaly may be an attack of the terminal device by the pseudo base station. That is, the group paging message received by the terminal device may be forged by the pseudo base station, and at this time, the network device may determine that the terminal device is abnormal. Alternatively, the existence exception may be that the terminal device requests to join the first group, but the first group is not yet activated.

S330, the network equipment sends second indication information to the terminal equipment.

Illustratively, in the case that the terminal device has an abnormality, the network device sends second indication information to the terminal device, where the second indication information is used to indicate that the terminal device has an abnormality, or the second indication information is used for the terminal device to determine that the abnormality exists.

In particular, the second indication information may indicate at least one of:

the network device does not trigger a group page using the first group identity;

a list of group identities activated by the network device;

the terminal device does not respond to the group paging message carrying the first group identifier;

the first group is not yet activated.

S340, the terminal device determines whether an abnormality exists according to the second indication information.

Illustratively, the terminal device receives second indication information sent by the network device, and determines whether an abnormality exists according to the second indication information. For example: when the second indication information indicates that the network device has not triggered group paging using the first group identifier, or the network side has not sent a paging request message carrying the first group identifier, and the terminal device receives the group paging message carrying the first group identifier, or the terminal device sends a service request according to the first group identifier in the group paging message, the terminal device determines that there is an abnormality; another example is: when the second indication information indicates the group identifier list activated by the network equipment and the first group identifier is not in the list, the terminal equipment determines that an abnormality exists. Another example is: when the second indication information indicates that the UE has the abnormality or the attacker exists, the terminal equipment determines that the abnormality exists. Another example is: and when the second indication information indicates that the first group is not activated, the terminal equipment determines that the abnormality exists, wherein the first group is the group identified by the first group identifier. Another example is: and when the second indication information indicates that the terminal equipment does not respond to the group paging message carrying the first group identifier, the terminal equipment determines that the abnormality exists.

S350, the terminal device does not respond to the paging message carrying the first group identification.

Illustratively, when the terminal device determines that there is an anomaly, the terminal device does not respond to the paging message carrying the first group identifier, or the terminal device does not respond to the paging message carrying the first group identifier in the first time period. Optionally, the terminal device may determine the first time period according to the preconfigured information, and may also determine the first time period according to an instruction of the network device. For example, the network device sends a first timer while sending the second indication information to the terminal device, after the terminal device receives the second indication information (or the terminal device determines that there is an abnormality according to the second indication information), the terminal device starts the timer, and before the timer expires, the terminal device does not respond to the paging message carrying the first group identifier, where a counted time of the timer is counted as the first time period.

Optionally, in a case where the network device determines that the terminal device is abnormal, the network device determines that a general paging needs to be performed on the terminal device, or in a case where the terminal device needs to be paged, the terminal device needs to be paged in a general paging manner. It should be noted that, the ordinary paging here refers to the network device performing one-to-one paging on the terminal device by using the identifier of the terminal device. Exemplarily, the following steps are carried out:

and after the network equipment determines that the terminal equipment has abnormity, updating the context of the terminal equipment, wherein the context of the terminal equipment indicates that the terminal equipment needs to activate the first group, and then executing common paging to the terminal equipment. For example: the network equipment receives a first request message, wherein the first request message comprises a first group identifier, and the first request message is used for requesting to activate a first group; further, the network device sends a paging message to the terminal device, where the paging message includes an identifier of the terminal device, and the terminal device belongs to a group corresponding to the first group identifier. The identity of the terminal device is for example the GUTI of the terminal device.

Therefore, the group paging method provided in the embodiment of the present application determines whether the terminal device is abnormal (or determines whether the terminal device is attacked) by determining whether the group paging that carries the group identifier is triggered by the network device, and in case of the abnormal condition, the terminal device does not respond, or does not respond to the group paging message that carries the corresponding group identifier for a certain period of time, so as to avoid the problem of resource waste caused by an attacker frequently initiating an illegal group paging, and improve the security of the group paging process.

Fig. 4 is a schematic flow chart diagram of a method 400 provided by an embodiment of the present application. As can be seen in fig. 4, the method 400 includes:

s410, the terminal equipment receives the group paging message.

Illustratively, the group paging message carries an identification of the first multicast session.

S420, the terminal device sends a service request message to the network device.

Illustratively, when the terminal device is a member of a multicast group corresponding to the first multicast session, the terminal device sends a service request message to the network device. The service request message carries an identification of the first multicast session.

S430, the network device sends an indication to the terminal device that the first multicast session is not active.

Illustratively, after receiving the service request message, if the first multicast session is not activated, the network device sends an indication (inactive indication) that the first multicast session is not activated to the terminal device.

S440, the terminal device does not respond to the paging message carrying the first group identifier.

Illustratively, after receiving the first multicast session non-activation indication, the terminal device does not respond to the paging message carrying the identifier of the first multicast session. That is, after the terminal device sends the service request message to the network device according to the group paging message, and receives the first multicast session non-activation indication sent by the network device, the terminal device does not respond to the paging message carrying the identifier of the first multicast session.

Specifically, after the terminal device sends a service request message to the network device according to the group paging message, and receives a first multicast session non-activation indication sent by the network device, the terminal device determines that there is an abnormality, or the terminal device determines that the network device has not sent a paging message carrying an identifier of the first multicast session, or the terminal device determines that the network device is attacked by an attacker, or the terminal device determines that the received group paging message carrying the identifier of the first multicast session is forged, and then the terminal device does not respond to the paging message carrying the identifier of the first multicast session. It should be understood that the terminal device may not determine the abnormal action, and the application is not limited thereto.

It should be noted that the paging message that the terminal device does not respond to the identifier carrying the first multicast session may also be a paging message that the terminal device does not respond to the identifier carrying the first multicast session within a certain time period, for example, a paging message that does not respond to the identifier carrying the first multicast session within a first time period after receiving the first multicast session inactivity indication, where the first time period may be preconfigured or indicated by another network element, and the present application is not limited thereto.

In another case, the terminal device receives a group paging message carrying the first group identifier within the second time period, and the terminal device may respond to the group paging message after the second time period ends. That is, the terminal device does not respond to the group paging message in the second time period, and responds after the second time period is over. It should be understood that the second time period may be preconfigured or may be indicated by other network elements. The second time period may be the same as the first time period or different from the first time period.

Therefore, in the group paging method provided in the embodiment of the present application, after the terminal device sends the service request message to the network device according to the group paging message, and receives the multicast session inactivity indication sent by the network device, the terminal device does not respond (or does not respond within a certain time) to the paging message carrying the identifier of the multicast session, so that the problem of resource waste caused by multiple attacks performed by an attacker using the identifier of the multicast session can be avoided, and meanwhile, the security of the group paging process is improved.

Fig. 5 is a schematic flow chart of a method 500 provided by an embodiment of the present application. As can be seen in fig. 5, the method 500 includes:

and S510, the terminal device receives third indication information from the network device.

Illustratively, the third indication information indicates that the terminal device does not respond to the group paging message carrying the first multicast session identifier, or the third information indicates that the terminal device only responds to the general paging message.

Optionally, the third indication information further includes information of the first time period, or the network device sends the third indication information and the information of the first time period to the terminal device, where the third indication information indicates that the terminal device does not respond to the group paging message carrying the identifier of the first multicast session in the first time period, or the third information indicates that the terminal device only responds to the common paging message in the first time period.

It should be noted that the network device may send the third indication information to the terminal device when discovering that the terminal device is attacked by an attacker (for example, a pseudo base station), or may send the third indication information to the terminal device when it is determined that the terminal device may be abnormal, or when it is determined that the terminal device is at risk of being attacked, or when there is a certain security requirement for a paging process, the network device sends the third indication information to the terminal device. This is not a limitation of the present application.

The network device herein may be, for example, an access and mobility management network element (e.g., AMF), a session management network element (e.g., SMF), a multicast/broadcast service function network element (e.g., MBSF), and the like, which is not limited in this application.

S520, the terminal device stores the third indication information.

Illustratively, after receiving the third indication information sent by the network device, the terminal device saves the third indication information. Or after the terminal device receives the third indication information and the information of the first time period sent by the network device, the third indication information and the first time period are saved. It should be understood that the information of the first time period may be a timer, and the timing time of the timer is recorded as the first time period.

In one case, the terminal device may respond to the general paging message according to the third indication information. For example, in case 1:

s530, the terminal equipment receives the common paging message sent by the network equipment, and the common paging message carries the GUTI.

When the GUTI is the same as the GUTI locally stored in the terminal device, the terminal device sends a service request message to the network device in S540.

In another case, the terminal device does not respond to the group paging message carrying the first multicast session in accordance with the third indication information. For example, in case 2:

s550, the terminal device receives a group paging message, wherein the group paging message carries an identifier of the first multicast session.

And the terminal does not respond to the group paging message according to the third indication information.

If the terminal device also locally stores the information of the first time period and the receiving time of the group paging message is within the first time period, the terminal device does not respond to the group paging message.

Therefore, according to the group paging method provided by the embodiment of the application, the terminal device determines not to respond to the group paging message carrying the identifier of the first multicast session according to the indication of the network device, so that an attacker can be prevented from attacking by using the identifier of the first multicast session, and the security of the paging process is improved.

Fig. 6 is a schematic flow chart diagram of a method 600 provided by an embodiment of the present application. As can be seen in fig. 6, the method 300 includes:

s601, UE sends request message for joining multicast session to AMF.

S602, AMF calls PDU Session update Session management context (Nsmf _ PDU Session _ update SMcontext) service to send a request of UE for joining multicast Session to (MB) -SMF, wherein the request message carries MBS Session ID.

It should be understood that S601-S602 are similar to S202-S203 in method 200 and the description is not repeated here.

S603, the network side completes the MBS conversation establishing flow.

It should be understood that the MBS session establishment procedure is similar to S204-S208 in the method 200, and the description of the present application is not repeated herein.

S604, the MBS conversation is in deactivation.

Illustratively, when the AF has no multicast session data to send for a period of time, the AF may request from the core network to deactivate the corresponding MBS session. Another example is: (MB-) UPF may request from the (MB-) SMF in the core network to deactivate the corresponding MBS session upon detecting that no multicast session data is being sent for a period of time. The core network may deactivate the MBs session upon request by the AF or (MB-) UPF. It should be understood that the present application does not limit the specific scenario in which the MBS session is deactivated.

It should be understood that the UE enters the idle state if the UE has no other data traffic than the multicast traffic.

S605, the UE receives a paging message from the RAN, wherein the paging message carries a multicast session identification MBS session ID #1.

It should be appreciated that the UE may receive the paging message from an attacker.

S606, the UE sends a service request message to the AMF.

Exemplarily, after receiving the paging message, the UE in an idle state or an inactive state determines whether the UE belongs to a multicast group corresponding to the MBS session ID #1 carried in the paging message, and if the UE belongs to the multicast group, the UE sends a service request message to the AMF, where the service request message carries paging information (paging info) used for indicating that the service request message is triggered by the paging message. Optionally, the service request message further includes MBS session ID #1, or the paging information includes MBS session ID #1.

The paging information reflects the reason for the UE to initiate the service request message and/or the received paging message, and is helpful for the AMF to judge whether the abnormal condition exists, so that the network side can process the abnormal condition in time, and the safety of the group paging process is improved.

It should be noted that the service request message sent by the UE to the AMF is protected by confidentiality and integrity security, so that an attacker cannot tamper with the paging information.

S607, the AMF determines whether the UE has an abnormality.

Exemplarily, the AMF receives the service request message, and if the service request message carries paging information, the AMF determines whether the UE is abnormal according to the paging information.

When the paging information indicates that the service request message sent by the UE is triggered by the group paging message, the AMF determines whether group paging has been triggered. When the AMF has not triggered the group paging within a certain time, the AMF determines that there is an abnormality in the UE. The anomaly here is, for example, that the UE is attacked by a pseudo base station.

When the service request message carries the MBS session ID #1, the AMF determines that the service request message is triggered by the group paging message carrying the MBS session ID #1, and judges whether the MBS session ID #1 is used for triggering group paging or not, or judges whether the group paging message carrying the MBS session ID #1 is sent or not. And when the AMF does not trigger the group paging carrying the MBS session ID #1, the AMF determines that the UE has an abnormality.

S608, AMF sends session establishment request to (MB-) SMF, the session request message carries MBS session ID #1.

When the session is not activated on the (MB-) SMF, S609, the (MB-) SMF indicates to the AMF that the MBS session is not activated through the N1N2 messaging service.

It should be understood that S607 may be executed after S606 or after S609, which is not limited in this application.

S610, the AMF updates the UE context.

Illustratively, when the AMF determines that the UE has an abnormality at S610, the AMF determines to perform normal paging on the UE, i.e., the AMF no longer performs group paging on the UE using MBS session ID #1. And the AMF updates the UE context, and the UE context indicates that the AMF performs ordinary paging on the UE when needing to activate the MBS session. The ordinary paging refers to that the AMF carries an identifier (UE ID) of the UE in a paging message to page the single UE, where the UE ID may be, for example, a globally unique temporary UE identifier (GUTI).

The AMF may also send a UE context to the (MB-) SMF/UDM, which is correspondingly received and stored by the (MB-) SMF/UDM.

Further, the AMF transmits indication information to the UE to indicate that there is an abnormality. Specifically, the method comprises the following steps:

s611, the AMF sends the first indication information to the RAN through the N2 session request message.

S612, the RAN sends the first indication information to the UE in the RRC reconfiguration procedure.

The first indication information may indicate any one or more of:

the network side does not use MBS session ID #1 to trigger group paging, or the network side does not send a paging request message carrying MBS session ID;

the MBS session ID list activated by the network side, namely the list carried in the group paging message;

the UE has an abnormality or an attacker (pseudo base station);

the UE does not respond to the group paging message carrying the MBS session ID # 1;

the MBS session is not activated yet, and the MBS session is the session identified by MBS session ID #1 (at this time, the first indication information may be session non-activation indication information (inactive indication)).

S613, the UE determines that there is an abnormality.

Illustratively, the UE receives first indication information from the AMF, and determines that there is an abnormality according to the first indication information.

When the first indication information indicates that the network side does not use the MBS session ID #1 to trigger group paging, or the network side does not send a paging request message carrying the MBS session ID, the UE receives the group paging message carrying the MBS session ID #1, or the UE sends a service request according to the MBS session ID #1 in the group paging message, the UE determines that the abnormality exists;

when the first indication information indicates the MBS session ID list activated by the network side and the MBS session ID #1 is not in the list, the UE determines that an abnormality exists.

When the first indication information indicates that the UE has an abnormality or an attacker, the UE determines that the abnormality exists.

When the first indication information indicates that the MBS session is not activated, the UE determines that an abnormality exists, and the MBS session is the session identified by the MBS session ID #1.

And when the first indication information indicates that the UE does not respond to the group paging message carrying the MBS session ID #1, the UE determines that an abnormality exists.

It should be understood that, here, the UE determines that there is an anomaly, which may also be said to be that the UE determines that there is an attacker, or that the UE determines that the received group paging message carrying the MBS session ID #1 is a forged message.

And when the UE determines that the abnormality exists, the UE does not respond to the group paging message carrying the MBS session ID #1.

It should be understood that the UE may determine not to respond to the group paging message carrying the MBS session ID #1 after determining that there is an abnormality according to the first indication information. Or the UE may not determine that there is an abnormal operation, and when the UE receives the first indication information and the first indication information indicates any one of the above, the UE does not respond to the group paging message carrying the MBS session ID #1. For example, when the first indication information indicates that the network side does not use MBS session ID #1 to trigger group paging, the UE does not respond to the group paging message carrying MBS session ID # 1; for another example, when the first indication information indicates that the MBS session is not activated, the UE does not respond to the group paging message carrying the MBS session ID #1. Other cases are similar and will not be described again.

In the above scheme, the AMF and the UE both determine that the UE is abnormal, so when the AMF needs to page the UE in an idle state or an inactive state through MBS session ID #1, a normal paging is adopted. Exemplarily, the following steps are carried out:

s614, the AF sends an MBS session activation request message to the (MB-) SMF, wherein the MBS session activation request message carries MBS session ID #1, and the MBS session activation request message is used for requesting to activate the MBS session corresponding to the MBS session ID #1.

Illustratively, after a period of time, when the AF needs to send multicast session data, the AF may request to a (MB-) SMF in the core network to deactivate the corresponding MBs session.

As another possible implementation, an MBS session activation request message may also be sent by the (MB-) UPF to the (MB-) SMF. For example, when a (MB-) UPF detects that there is multicast session data to send, the (MB-) UPF may request a (MB-) SMF in the core network to deactivate the corresponding MBs session.

Correspondingly, after the (MB-) SMF receives the MBS session activation request message sent by the AF or UPF, the network side initiates MBS session activation.

S615, the (MB-) SMF sends a request message to the AMF by calling the N1N2 message transmission service to request to activate the MBS multicast session, wherein the request message carries the MBS session ID #1.

Further, the AMF determines that, when activating the session identified by the MBs session ID #1, it needs to perform a normal paging on the UE in an idle state or an inactive state according to the context of the UE or according to the indication information sent by the (MB-) SMF.

S616-S617, AMF initiates common paging to UE through RAN, and the message carries GUTI corresponding to UE.

Therefore, the group paging method provided by the embodiment of the application can identify the abnormality when the attacker forges the identity to page the UE. For example, when the multicast session identification MBS session ID remains unchanged for a specific lifetime, since the group paging message is a broadcast message that is not secured, an attacker can acquire or forge the MBS session ID and use the MBS session ID for an attack during the specific lifetime. That is, after the core network allocates the MBS session ID to the AF, in a specific life cycle, the MBS session ID may be used multiple times when the multicast session is activated, so an attacker may use the MBS session ID to multicast to page the members of the multicast group corresponding to the identifier, thereby causing the resources of the terminal and the network to be occupied.

For example, an attacker obtains the MBS session ID of a multicast service, denoted as ID1, by listening to group paging messages or by guessing. An attacker may launch a man-in-the-middle attack and send a fake group paging message to the UE using ID1. If the UE is in an idle state and the UE belongs to the multicast group corresponding to the ID1, the UE establishes connection with the pseudo base station, and after the UE accesses the pseudo base station, the UE accesses the real base station and the core network through the pseudo base station. Or the attacker may not launch a man-in-the-middle attack and use ID1 to send a fake group paging message to the UE. And if the UE is in an idle state and the UE belongs to the multicast group corresponding to the ID1, directly triggering the UE to access the real base station and the core network. The UE then sends a service request message to the AMF through the base station. If the multicast session corresponding to the core network side ID1 is not activated at this time, the AMF sends an indication message to the UE to indicate that the MBS session is not activated yet. And if the UE has no other user plane service needing to be carried out, the UE returns to the idle state again. And the attacker continuously sends the group paging message carrying the ID1, so that the UE is continuously converted between the idle state and the connected state, and the resources of the base station and the core network are occupied.

Since the group paging message is a 1-to-many message, i.e., the attacker sends a single group paging message, a large number of UEs can be attracted to service requests. Taking the method 200 as an example, when the base station sends the group paging message carrying the MBS session ID, both UE1 and UE2 will respond and send the service request message. Therefore, an attacker can use group paging to forge attacks, so that the problems that UE resources are consumed, base station resources are occupied and the like are caused, and the UE and the base station can be attacked by denial of service under severe conditions. For example, when the service capability of a real base station is 100 users, and an attacker sends a single group paging message to attract 20 UEs to access the network, 20% of the resources of the base station will be occupied. For another example, a group paging message sent by an attacker may carry 15 MBS session IDs, and it is assumed that 20 UEs respond to paging corresponding to each MBS session ID, that is, a service request message is sent, which results in 300 users occupying base station resources, which results in a denial of service attack on the base station and a failure to provide service for other users. The attack impact is persistent if the attacker continues to send group paging messages.

Therefore, in the group paging method provided in the embodiment of the present application, when an attacker fakes an identity to page the UE, the abnormality may be identified, and the UE does not respond to the group paging with the relevant identifier, thereby avoiding the problem of resource waste caused by illegal paging of the attacker.

Fig. 7 is a schematic flow chart diagram of a method 700 provided by an embodiment of the present application. As can be seen in fig. 7, the method 700 includes:

s701, the UE sends a request message for joining the multicast session to the AMF.

S702, AMF calls PDU Session update Session management context (Nsmf _ PDU Session _ update _ SMContext) service to send request of UE for joining multicast Session to (MB) -SMF, wherein the request message carries MBS Session ID.

S703, the network side completes the MBS conversation establishing flow.

S704, the MBS session is in deactivation.

It should be understood that S701-S704 are similar to S601-S604 in method 600 and, for brevity, the description is not repeated here.

S705, the UE receives a paging message from the RAN, where the paging message carries a multicast session identifier MBS session ID #1.

It should be appreciated that it is likely that the paging message is sent by a fake base station deployed by an attacker.

S706, the UE sends a service request message to the AMF.

It should be noted that, when the UE is in the idle state, the service request message sent by the UE to the AMF is protected by confidentiality and integrity security, so that an attacker cannot tamper with the paging information.

S707, the AMF determines whether the UE has an abnormality.

And the AMF determines that the service request message is triggered by the paging message according to the paging message, and then the AMF judges whether group paging is triggered. When the AMF has not triggered the group paging, the AMF determines that the UE has an abnormality. The anomaly here is, for example, that the UE is attacked by a pseudo base station.

When the service request message carries the MBS session ID #1, after the AMF determines that the service request message is triggered by the paging message according to the paging information, the AMF judges whether the MBS session ID #1 is used for triggering group paging or not, or the AMF judges whether the paging request message carrying the MBS session ID #1 is sent or not. And when the AMF triggers the group paging through the MBS session ID, the AMF determines that the UE has abnormality.

S708, AMF sends a session establishment request to (MB-) SMF, and the session request message carries MBS session ID #1.

When a session is not activated on the (MB-) SMF, the (MB-) SMF determines a potential session activation time. Exemplarily, the following steps are carried out:

s709, the (MB-) SMF acquires session activation time #1 by AF. Specific examples thereof include:

(MB-) SMF sends a request message to AF requesting to obtain potential session activation time; the AF returns a potential session activation time #1 (e.g., noted as timer 1).

In another possible implementation, the (MB-) SMF determines session activation time #1 according to preconfigured information.

S710, (MB-) SMF sends session activation time #2 (e.g., denoted as timer 2) to AMF via N1N2 messaging, where timer2 is less than or equal to timer1. The message also carries session inactivity indication information (inactive indication) for indicating that the session is inactive.

It should be understood that S707 may be executed after S706 or after S710, and the present application is not limited thereto.

Further, the AMF sends indication information to the UE to indicate that there is an abnormality, and optionally, may also send session activation time #2. Specifically, the method comprises the following steps:

s711, the AMF transmits the first indication information and the session activation time #2 to the RAN through the N2 session request message.

S712, the RAN sends the first indication information and session activation time #2 to the UE in the RRC reconfiguration procedure.

The first indication may indicate any one or more of:

the UE has an abnormality or an attacker (pseudo base station);

S713, the UE determines that there is an abnormality.

Illustratively, the UE receives first indication information from the AMF, and determines that an anomaly exists according to the first indication information.

When the UE receives timer2 from the RAN and the UE determines that there is an anomaly, the processing of the anomaly by the UE may be: the UE starts a timer2, and before the timer2 arrives, the UE does not respond to the group paging message carrying the MBS session ID # 1; or it can be said that in session activation time #2, the UE does not respond to the group paging message carrying MBS session ID #1. It should be understood that after the time 2 expires, the UE may respond to the group paging message carrying the MBS session ID #1.

Or, in another possible implementation, when the UE determines that there is an anomaly, determining session activation time #3 (for example, that is, timer 3) according to local pre-configuration, and starting timer3, and before the time of the timer3, the UE does not respond to the group paging message carrying MBS session ID # 1; or, in session activation time #3, the UE does not respond to the group paging message carrying MBS session ID #1. It should be appreciated that after expiration of timer3, the UE may respond to the group paging message carrying MBS session ID #1. In this implementation, session activation time #2 may not be transmitted to the UE. If the UE receives the session activation time #2 from the RAN and the session activation time #3 is locally and pre-configured, the UE starts the timer2 and the timer3 at the same time before the UE determines that the abnormality exists, and the UE does not respond to the group paging message carrying the MBS session ID #1 before the timer2 and the timer3 both arrive; or it can be said that in session activation time #2 and session activation time #3, the UE does not respond to the group paging message carrying MBS session ID #1.

If the UE monitors the group paging message carrying the MBS session ID #1 in the timer2 (or timer 3), the UE may send the service request message again after the expiration of the timer2/timer3, or ignore the group paging message carrying the MBS session ID #1 in the timer2 (or timer 3), which is not limited herein.

Therefore, in the group paging method provided by the embodiment of the application, when an attacker forges an identity to page the UE, the abnormity can be identified, and the UE does not respond to the group paging carrying the relevant identification for a period of time, so that the problem of resource waste caused by illegal paging of the attacker is avoided.

The method provided by the embodiment of the present application is described in detail above with reference to fig. 2 to 7. Hereinafter, a communication device according to an embodiment of the present application will be described in detail with reference to fig. 8 to 11.

Fig. 8 is a schematic block diagram of the communication device 10 provided in the embodiment of the present application. As shown, the communication device 10 may include a transceiver module 11 and a processing module 12.

In one possible design, the communication device 10 may correspond to a terminal equipment or UE in the above method embodiment.

Illustratively, the communication device 10 may correspond to a terminal device or UE in the methods 200 to 700 according to the embodiments of the present application, and the communication device 10 may include means for performing the method 200 in fig. 2, the method 300 in fig. 3, the method 400 in fig. 4, the method 500 in fig. 5, the method 600 in fig. 6, the method 700 in fig. 7. Also, the units and other operations and/or functions described above in the communication device 10 are respectively for implementing the corresponding flows of the methods 200 to 700.

The transceiver module 11 in the communication apparatus 10 performs the receiving and transmitting operations performed by the terminal equipment or UE in the above-mentioned method embodiments, and the processing module 12 performs operations other than the receiving and transmitting operations.

In another possible design, the communication device 10 may correspond to a network device in the above method embodiment, such as an access and mobility management network element (or AMF).

Illustratively, the communication device 10 may correspond to the network equipment in the methods 200 to 700 according to the embodiments of the present application, and the communication device 10 may include modules for performing the methods performed by the network equipment (or AMF) in the methods 200 in fig. 2, 300 in fig. 3, 400 in fig. 4, 500 in fig. 5, 600 in fig. 6, and 700 in fig. 7. Also, the units and other operations and/or functions described above in the communication device 10 are respectively for implementing the corresponding flows of the methods 200 to 700.

The transceiver module 11 in the communication apparatus 10 performs the receiving and transmitting operations performed by the network device or the AMF in the above-described embodiments of the method, and the processing module 12 performs operations other than the receiving and transmitting operations.

According to the foregoing method, fig. 9 is a schematic diagram of a communication device 20 provided in this embodiment of the present application, and as shown in fig. 9, the device 20 may be a terminal device or a network device, and the network device may be, for example, a session management network element or a mobility management network element.

The apparatus 20 may include a processor 21 (i.e., an example of a processing module) and a memory 22. The memory 22 is configured to store instructions, and the processor 21 is configured to execute the instructions stored in the memory 22, so as to enable the apparatus 20 to implement the steps performed by the terminal device, or the UE, or the network device, or the mobility management network element, or the AMF in the methods corresponding to fig. 2 to fig. 7.

Further, the apparatus 20 may further include an input port 23 (i.e., one example of a transceiver module) and an output port 24 (i.e., another example of a transceiver module). Further, the processor 21, memory 22, input port 23 and output port 24 may communicate with each other via internal connection paths, passing control and/or data signals. The memory 22 is used for storing a computer program, and the processor 21 may be used for calling and running the computer program from the memory 22 to control the input port 23 to receive signals and the output port 24 to send signals, so as to complete the steps of the network device in the above method. The memory 22 may be integrated in the processor 21 or may be provided separately from the processor 21.

Alternatively, if the communication device 20 is a communication device, the input port 23 is a receiver and the output port 24 is a transmitter. Wherein the receiver and the transmitter may be the same or different physical entities. When the same physical entity, may be collectively referred to as a transceiver.

Alternatively, if the communication device 20 is a chip or a circuit, the input port 23 is an input interface, and the output port 24 is an output interface.

As an implementation manner, the functions of the input port 23 and the output port 24 may be implemented by a transceiver circuit or a dedicated chip for transceiving. The processor 21 may be considered to be implemented by a dedicated processing chip, processing circuitry, a processor, or a general purpose chip.

As another implementation manner, a manner of using a general-purpose computer to implement the communication device provided in the embodiment of the present application may be considered. Program code that implements the functions of the processor 21, the input ports 23 and the output ports 24 is stored in the memory 22, and a general-purpose processor implements the functions of the processor 21, the input ports 23 and the output ports 24 by executing the code in the memory 22.

For the concepts, explanations, detailed descriptions and other steps related to the technical solutions provided in the embodiments of the present application related to the apparatus 20, please refer to the descriptions of the foregoing methods or other embodiments, which are not repeated herein.

Fig. 10 is a schematic structural diagram of a terminal device 30 provided in the present application. For ease of illustration, fig. 10 shows only the main components of the communication device. As shown in fig. 10, the terminal device 30 includes a processor, a memory, a control circuit, an antenna, and an input-output means.

The processor is mainly configured to process a communication protocol and communication data, control the entire terminal device, execute a software program, and process data of the software program, for example, to support the terminal device to perform the actions described in the above embodiment of the method for indicating a transmission precoding matrix. The memory is mainly used for storing software programs and data, such as the codebooks described in the above embodiments. The control circuit is mainly used for converting baseband signals and radio frequency signals and processing the radio frequency signals. The control circuit and the antenna together, which may also be called a transceiver, are mainly used for transceiving radio frequency signals in the form of electromagnetic waves. Input and output devices, such as touch screens, display screens, keyboards, etc., are used primarily for receiving data input by a user and for outputting data to the user.

When the communication device is started, the processor can read the software program in the storage unit, interpret and execute the instruction of the software program, and process the data of the software program. When data needs to be sent wirelessly, the processor outputs baseband signals to the radio frequency circuit after baseband processing is carried out on the data to be sent, and the radio frequency circuit carries out radio frequency processing on the baseband signals and then sends the radio frequency signals to the outside in an electromagnetic wave mode through the antenna. When data is sent to the terminal equipment, the radio frequency circuit receives radio frequency signals through the antenna, converts the radio frequency signals into baseband signals and outputs the baseband signals to the processor, and the processor converts the baseband signals into the data and processes the data.

Those skilled in the art will appreciate that fig. 10 shows only one memory and processor for ease of illustration. In an actual terminal device, there may be multiple processors and memories. The memory may also be referred to as a storage medium or a storage device, and the like, which is not limited in this application.

As an alternative implementation manner, the processor may include a baseband processor and a central processing unit, where the baseband processor is mainly used to process a communication protocol and communication data, and the central processing unit is mainly used to control the whole terminal device, execute a software program, and process data of the software program. The processors in fig. 10 integrate the functions of the baseband processor and the central processor, and those skilled in the art will understand that the baseband processor and the central processor may be independent processors, and are interconnected by a bus or the like. Those skilled in the art will appreciate that the terminal device may include a plurality of baseband processors to accommodate different network formats, a plurality of central processors to enhance its processing capability, and various components of the terminal device may be connected by various buses. The baseband processor may also be expressed as a baseband processing circuit or a baseband processing chip. The central processing unit can also be expressed as a central processing circuit or a central processing chip. The function of processing the communication protocol and the communication data may be built in the processor, or may be stored in the storage unit in the form of a software program, and the processor executes the software program to realize the baseband processing function.

As shown in fig. 10, the terminal device 30 includes a transceiving unit 31 and a processing unit 32. A transceiver unit may also be referred to as a transceiver, a transceiving device, etc. Alternatively, a device for implementing the receiving function in the transceiver unit 31 may be regarded as a receiving unit, and a device for implementing the transmitting function in the transceiver unit 31 may be regarded as a transmitting unit, that is, the transceiver unit 31 includes a receiving unit and a transmitting unit. For example, the receiving unit may also be referred to as a receiver, a receiving circuit, etc., and the sending unit may be referred to as a transmitter, a transmitting circuit, etc.

The terminal device shown in fig. 10 may perform each action performed by the terminal device or the UE in the methods 200 to 700, and a detailed description thereof is omitted here to avoid redundancy.

Fig. 11 shows a simplified schematic diagram of a network device 40. The network device includes

portions

41 and 42. Part 41 is mainly used for receiving and transmitting radio frequency signals and converting the radio frequency signals and baseband signals; the 42 part is mainly used for baseband processing, network equipment control and the like. Portion 41 may be generally referred to as a transceiver module, transceiver circuit, or transceiver, etc. Part 42 is typically a control center of the network device, and may be generally referred to as a processing module, for controlling the network device to perform the processing operations on the network device side in the above method embodiments.

The transceiver module of section 41, which may also be referred to as a transceiver or transceiver, includes an antenna and a radio frequency circuit, wherein the radio frequency circuit is mainly used for radio frequency processing. For example, a device for implementing a receiving function in part 41 may be regarded as a receiving module, and a device for implementing a transmitting function may be regarded as a transmitting module, that is, part 41 includes a receiving module and a transmitting module. The receiving module may also be referred to as a receiver, or a receiving circuit, etc., and the transmitting module may be referred to as a transmitter, or a transmitting circuit, etc.

Section 42 may include one or more boards, each of which may include one or more processors and one or more memories. The processor is operative to read and execute programs in the memory to implement baseband processing functions and control of the network device. If a plurality of single boards exist, the single boards can be interconnected to enhance the processing capacity. As an alternative implementation, multiple boards may share one or more processors, multiple boards may share one or more memories, or multiple boards may share one or more processors at the same time.

For example, in one implementation, the network device shown in fig. 11 may be any network device shown in fig. 2 to 7, such as a mobility management network element, an AMF, and the like.

Transceiver module of part 41 is configured to perform steps related to transceiving of any of network devices in method 200 in fig. 2, method 300 in fig. 3, method 400 in fig. 4, method 500 in fig. 5, method 600 in fig. 6, and method 700 in fig. 7; portion 42 is used to perform processing-related steps for any of method 200 in fig. 2, method 300 in fig. 3, method 400 in fig. 4, method 500 in fig. 5, method 600 in fig. 6, and method 700 in fig. 7.

It should be understood that fig. 11 is merely exemplary and not limiting, and that the network device including the transceiver module and the processing module described above may not depend on the structure shown in fig. 11.

When the device 40 is a chip, the chip includes a transceiver module and a processing module. The transceiver module can be an input/output circuit and a communication interface; the processing module is a processor or a microprocessor or an integrated circuit integrated on the chip.

The present application also provides a computer-readable storage medium, on which computer instructions for implementing the method performed by the first network device in the foregoing method embodiments are stored.

For example, the computer program, when executed by a computer, causes the computer to implement the method performed by the network device in the above-described method embodiments.

Embodiments of the present application also provide a computer program product containing instructions, where the instructions, when executed by a computer, cause the computer to implement the method performed by the first device or the method performed by the second device in the above method embodiments.

An embodiment of the present application further provides a communication system, where the communication system includes the network device in the foregoing embodiment.

For the explanation and the beneficial effects of the related content in any one of the above-mentioned apparatuses, reference may be made to the corresponding method embodiments provided above, and details are not repeated here.

In an embodiment of the present application, the network device may include a hardware layer, an operating system layer running on top of the hardware layer, and an application layer running on top of the operating system layer. The hardware layer may include hardware such as a Central Processing Unit (CPU), a Memory Management Unit (MMU), and a memory (also referred to as a main memory). The operating system of the operating system layer may be any one or more computer operating systems that implement business processing through processes (processes), such as a Linux operating system, a Unix operating system, an Android operating system, an iOS operating system, or a windows operating system. The application layer may include applications such as a browser, an address book, word processing software, and instant messaging software.

The embodiment of the present application does not particularly limit a specific structure of an execution subject of the method provided by the embodiment of the present application, as long as communication can be performed by the method provided by the embodiment of the present application by running a program in which codes of the method provided by the embodiment of the present application are recorded. For example, the execution subject of the method provided by the embodiment of the present application may be a network device, or a functional module capable of calling a program and executing the program in the network device.

Various aspects or features of the disclosure may be implemented as a method, apparatus, or article of manufacture using standard programming and/or engineering techniques. The term "article of manufacture" as used herein is intended to encompass a computer program accessible from any computer-readable device, carrier, or media. For example, computer-readable media may include, but are not limited to: magnetic storage devices (e.g., hard disk, floppy disk, or magnetic strips), optical disks (e.g., compact Disk (CD), digital Versatile Disk (DVD), or the like), smart cards, and flash memory devices (e.g., erasable programmable read-only memory (EPROM), card, stick, or key drive, or the like).

Various storage media described herein can represent one or more devices and/or other machine-readable media for storing information. The term "machine-readable medium" can include, but is not limited to: wireless channels and various other media capable of storing, containing, and/or carrying instruction(s) and/or data.

It should be understood that the processor mentioned in the embodiments of the present application may be a Central Processing Unit (CPU), and may also be other general purpose processors, digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, and so on. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.

It will also be appreciated that the memory referred to in the embodiments of the application may be either volatile memory or nonvolatile memory, or may include both volatile and nonvolatile memory. The non-volatile memory may be a read-only memory (ROM), a Programmable ROM (PROM), an Erasable PROM (EPROM), an electrically Erasable EPROM (EEPROM), or a flash memory. Volatile memory can be Random Access Memory (RAM). For example, RAM can be used as external cache memory. By way of example and not limitation, RAM may include the following forms: static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), synchronous Dynamic Random Access Memory (SDRAM), double data rate synchronous dynamic random access memory (DDR SDRAM), enhanced synchronous SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), and direct bus RAM (DR RAM).

It should be noted that when the processor is a general-purpose processor, a DSP, an ASIC, an FPGA or other programmable logic device, a discrete gate or transistor logic device, or a discrete hardware component, the memory (memory module) may be integrated into the processor.

It should also be noted that the memory described herein is intended to comprise, without being limited to, these and any other suitable types of memory.

Those of ordinary skill in the art will appreciate that the various illustrative elements and steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.

In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical functional division, and there may be other divisions in actual implementation, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. Furthermore, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to implement the solution provided by the present application.

In addition, functional units in the embodiments of the present application may be integrated into one unit, or each unit may exist alone physically, or two or more units are integrated into one unit.

In the above embodiments, all or part of the implementation may be realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. The procedures or functions described in accordance with the embodiments of the application are all or partially generated when the computer program instructions are loaded and executed on a computer. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. For example, the computer may be a personal computer, a server, or a network appliance, among others. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another computer readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.) means. The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. For example, the aforementioned usable medium may include, but is not limited to, various media capable of storing program code, such as a U disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.

The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present application should be covered within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims and the specification.

Claims

1. A method of group paging, comprising:

the method comprises the steps that terminal equipment receives a group paging message, wherein the group paging message comprises a first group identifier;

the terminal equipment sends a service request message to network equipment;

the terminal equipment receives second indication information from the network equipment;

and the terminal equipment determines that the abnormality exists according to the second indication information.

2. The method of claim 1, further comprising:

and the terminal equipment sends first indication information to the network equipment, wherein the first indication information is used for indicating that the terminal equipment receives a paging message carrying the first group identifier.

3. The method according to claim 1 or 2, characterized in that the method further comprises:

and under the condition that the terminal equipment determines that the abnormality exists, the terminal equipment does not respond to the paging message carrying the first group identifier.

4. The method according to claim 1 or 2, wherein the second indication information is used for indicating at least one of the following:

the network device has not triggered group paging using the first group identification;

a list of group identifiers activated by the network device, the first group identifier not being present in the list;

the terminal equipment has abnormity;

the terminal equipment does not respond to the group paging message carrying the first group identifier;

the first group has not been activated.

5. The method according to claim 3, wherein the terminal device does not respond to the paging message carrying the first group identifier if there is an abnormality in the terminal device, including:

and the terminal equipment does not respond to the paging message carrying the first group identifier in a first time period.

6. The method of claim 5, further comprising:

the terminal equipment determines the first time period according to the pre-configuration information; or

The terminal device receives the information of the first time period from the network device.

7. The method according to any of claims 1 to 6, wherein said first group identity is a temporary mobile group identity.

8. The method according to any of claims 1 to 7, wherein the first indication information is carried in a service request message.

9. A method of group paging, comprising:

the network equipment receives a service request message from the terminal equipment;

and the network equipment judges whether the terminal equipment is abnormal or not.

10. The method of claim 9, further comprising:

and the network equipment receives first indication information from the terminal equipment, wherein the first indication information is used for indicating that the terminal equipment receives a paging message carrying the first group identifier.

11. The method of claim 10, further comprising:

and under the condition that the terminal equipment is abnormal, the network equipment sends second indication information to the terminal equipment, wherein the second indication information is used for indicating that the terminal equipment is abnormal.

12. The method according to claim 10 or 11, wherein in case of an abnormality in the terminal device, the method further comprises:

and the network equipment updates the context of the terminal equipment, and when the context of the terminal equipment indicates that the network equipment needs to activate the first group, the network equipment executes common paging to the terminal equipment.

13. The method according to claim 12, wherein in case of an abnormality in the terminal device, the method further comprises:

the network device receives a first request message, wherein the first request message comprises the first group identifier, and the first request message is used for requesting to activate the first group;

the network equipment determines to execute common paging on the terminal equipment according to the context of the terminal equipment;

and the network equipment sends a paging message to the terminal equipment, wherein the paging message comprises the identifier of the terminal equipment, and the terminal equipment belongs to the group corresponding to the first group identifier.

14. The method according to any one of claims 9 to 13, wherein the network device determining whether the terminal device is abnormal comprises:

and the network equipment judges that the terminal equipment has abnormity according to the first indication information.

15. The method of claim 14, wherein the determining, by the network device, whether the terminal device is abnormal according to the first indication information comprises:

when the network equipment does not trigger the paging message carrying the first group identifier, the network equipment determines that the terminal equipment is abnormal; or

And when the identifier carried in the paging message sent to the terminal equipment by the network equipment is different from the first group identifier, the network equipment determines that the terminal equipment is abnormal.

16. The method according to any one of claims 9 to 15, wherein the second indication information is used for indicating at least one of:

a list of group identities activated by the network device;

the first group has not been activated.

17. The method according to any one of claims 9 to 16, wherein in case of an abnormality of the terminal device, the method further comprises:

and the network equipment sends information of a first time period to the terminal equipment, wherein the information of the first time period is used for indicating that the terminal equipment does not respond to the group paging message carrying the first group identifier in the first time period.

18. The method according to any of claims 9 to 17, wherein the first indication information is carried in a service request message.

19. The method according to any of claims 9 to 18, wherein the first group identity is a temporary mobile group identity.

20. The method according to any of claims 12 to 19, wherein the identification of the terminal device comprises a globally unique temporary user equipment identification, GUTI, of the terminal device.

21. An apparatus for group paging, comprising means for performing the steps of the method of any one of claims 1 to 8 or any one of claims 9 to 20.

22. An apparatus for group paging, comprising at least one processor coupled with at least one memory, the at least one processor to execute a computer program or instructions stored in the at least one memory to cause the communication apparatus to perform the method of any of claims 1-8 or any of claims 9-20.

23. A computer-readable storage medium, having stored thereon a computer program which, when run on a computer, causes the computer to perform the method of any of claims 1 to 8 or any of claims 9 to 20.

24. A computer program product comprising computer program code to, when run on a computer, cause the method of any of claims 1 to 8 or any of claims 9 to 20 to be performed.

25. A chip system, comprising: a processor for calling and running a computer program from a memory so that a communication device in which the system-on-chip is installed performs the method of any one of claims 1 to 8 or any one of claims 9 to 20.