CN115426685A - Access control method, device, equipment and medium for 5G edge computing flow - Google Patents
Access control method, device, equipment and medium for 5G edge computing flow Download PDFInfo
- Publication number
- CN115426685A CN115426685A CN202211054985.7A CN202211054985A CN115426685A CN 115426685 A CN115426685 A CN 115426685A CN 202211054985 A CN202211054985 A CN 202211054985A CN 115426685 A CN115426685 A CN 115426685A
- Authority
- CN
- China
- Prior art keywords
- access control
- field
- imsi
- edge
- control list
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 26
- 238000013507 mapping Methods 0.000 claims abstract description 14
- 238000004364 calculation method Methods 0.000 claims abstract description 7
- 230000006870 function Effects 0.000 claims description 14
- 238000004590 computer program Methods 0.000 claims description 12
- 230000004044 response Effects 0.000 claims description 4
- 238000005516 engineering process Methods 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 7
- 238000011217 control strategy Methods 0.000 description 3
- 238000005192 partition Methods 0.000 description 3
- 238000010295 mobile communication Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 108010007100 Pulmonary Surfactant-Associated Protein A Proteins 0.000 description 1
- 102100027773 Pulmonary surfactant-associated protein A2 Human genes 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W28/00—Network traffic management; Network resource management
- H04W28/02—Traffic management, e.g. flow control or congestion control
- H04W28/10—Flow control between communication endpoints
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W72/00—Local resource management
- H04W72/12—Wireless traffic scheduling
- H04W72/1263—Mapping of traffic onto schedule, e.g. scheduled allocation or multiplexing of flows
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides an access control method and device for 5G edge computing flow, electronic equipment and a computer readable storage medium, and belongs to the technical field of networks. The method comprises the following steps: acquiring signed International Mobile Subscriber Identity (IMSI) data of all terminals in an edge network, wherein the signed IMSI data comprises a mapping relation between the IMSI and an IP address; configuring an access control list of edge calculation flow according to the signed IMSI data and the control requirement; and forwarding the corresponding flow according to the access control list so as to realize access control on different service flows of different terminals. The method at least solves the problem of coarse granularity of 5G edge calculation flow control in the related technology, and is suitable for scenes of edge calculation and flow control.
Description
Technical Field
The present invention relates to the field of network technologies, and in particular, to an access control method and apparatus for 5G edge computing traffic, an electronic device, and a computer-readable storage medium.
Background
At present, a mainstream 5G (5 th Generation Mobile Communication Technology, fifth Generation Mobile Communication Technology) MEC (Multi-access Edge Computing) offloading scheme is to differentiate traffic flows in a 5G network, and offload the traffic flows belonging to an Edge node to a user plane function UPF nearest to the Edge node, so as to implement near forwarding of the traffic flows.
According to the scheme, the enterprise side gateway can only distinguish the arriving service flow and shunt based on the service flow, the granularity is coarse, and fine-grained flow control cannot be effectively implemented.
Disclosure of Invention
The present invention provides a method, an apparatus, an electronic device, and a computer-readable storage medium for controlling access to 5G edge computed traffic, so as to solve at least the coarse granularity problem of 5G edge computed traffic control in the related art.
In a first aspect, the present invention provides an access control method for 5G edge computing traffic, which is applied to a 5G security gateway, and the method includes: acquiring signed International Mobile Subscriber Identity (IMSI) data of all terminals in an edge network, wherein the signed IMSI data comprises a mapping relation between the IMSI and an IP address; configuring an access control list of edge calculation flow according to the signed IMSI data and the control requirement; and forwarding corresponding flow according to the access control list so as to realize access control on different service flows of different terminals.
Preferably, the acquiring IMSI data of the contracted international mobile subscriber identities of all terminals in the edge network specifically includes: and receiving the signed IMSI data of all terminals in the edge network forwarded by the 5G core network session management function SMF through the user plane function UPF.
Preferably, the access control list includes an IMSI field, a source IP address field, a source port field, a destination IP address field, a destination port field, a policy field, and a mapping relationship between six fields thereof.
Preferably, the configuring an access control list of the edge computing traffic according to the subscription IMSI data and the control requirement specifically includes: filling IMSI in the signed IMSI data into an IMSI field of an access control list; filling an IP address corresponding to the IMSI in the signed IMSI data into a source IP address field of the access control list; and filling a source port field, a destination IP address field, a destination port address and a strategy field in the access control list according to the control requirements of different service flows corresponding to different IMSIs.
Preferably, the forwarding the corresponding traffic according to the access control list specifically includes: receiving the service flow of a target terminal; acquiring a field set corresponding to the service flow of the target terminal, and respectively matching the field set with each field in an access control list; and responding to the field matching, and forwarding the service flow of the target terminal.
Preferably, the forwarding the corresponding traffic according to the access control list further includes: discarding traffic flow of the target terminal in response to a field mismatch, wherein the field mismatch comprises at least one of: source port field mismatch, destination IP address field mismatch, destination port field mismatch.
In a second aspect, the present invention further provides an access control device for 5G edge computing traffic, including: the obtaining module is used for obtaining the IMSI data of the signed international mobile subscriber identities of all terminals in the edge network, wherein the signed IMSI data comprises the mapping relation between the IMSI and the IP address. And the configuration module is connected with the acquisition module and is used for configuring an access control list of the edge calculation flow according to the signed IMSI data and the control requirement. And the control module is connected with the configuration module and used for forwarding the flow according to the access control list so as to realize access control on different service flows of different terminals.
Preferably, the acquisition module comprises an acquisition unit. And the acquisition unit is used for receiving the signed IMSI data of all terminals in the edge network forwarded by the session management function SMF of the 5G core network through the UPF.
Preferably, the access control list includes an IMSI field, a source IP address field, a source port field, a destination IP address field, a destination port field, a policy field, and a mapping relationship between six fields thereof.
Preferably, the configuration module comprises: and the first filling unit is connected with the acquisition unit and is used for filling the IMSI in the signed IMSI data into the IMSI field of the access control list. And the second filling unit is connected with the acquisition unit and is used for filling the IP address corresponding to the IMSI in the signed IMSI data into the source IP address field of the access control list. And the configuration unit is connected with the first filling unit and the second filling unit and is used for filling a source port field, a destination IP address field, a destination port address and a strategy field in the access control list according to the control requirements of different service flows corresponding to different IMSIs.
In a third aspect, the present invention further provides an electronic device, which includes a memory and a processor, where the memory stores a computer program, and the processor is configured to run the computer program to implement the access control method for 5G edge computed traffic according to the first aspect.
In a fourth aspect, the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the method for controlling access to 5G edge computed traffic according to the first aspect.
The access control method, the access control device, the electronic equipment and the computer readable storage medium for 5G edge computing flow provided by the invention can acquire IMSIs and IP addresses of all terminals in an edge network through the cooperation of the edge network and a 5G core network, and reasonably configure access control strategies corresponding to service flows of the IMSIs and the IP addresses of all terminals, thereby realizing flexible scheduling of different service flows of different terminals and improving the performance of the edge network.
Drawings
Fig. 1 is a schematic flowchart of an access control method for 5G edge computed traffic according to embodiment 1 of the present invention;
fig. 2 is a schematic diagram of a 5G edge computing network according to embodiment 1 of the present invention;
FIG. 3 is a schematic flow chart of an access control list for configuring edge computed traffic;
fig. 4 is a schematic structural diagram of an access control device for 5G edge computing traffic according to embodiment 2 of the present invention;
fig. 5 is a schematic structural diagram of an electronic device in embodiment 3 of the present invention.
Detailed Description
In order to make those skilled in the art better understand the technical solution of the present invention, the following detailed description will be made with reference to the accompanying drawings.
It is to be understood that the specific embodiments and figures described herein are merely illustrative of the invention and are not to be considered as limiting.
It is to be understood that the various embodiments and features of the embodiments may be combined with each other without conflict.
It is to be understood that, for the convenience of description, only parts related to the present invention are shown in the drawings of the present invention, and parts not related to the present invention are not shown in the drawings.
It should be understood that each unit and module related in the embodiments of the present invention may correspond to only one physical structure, may also be composed of multiple physical structures, or multiple units and modules may also be integrated into one physical structure.
It will be understood that, without conflict, the functions, steps, etc. noted in the flowchart and block diagrams of the present invention may occur in an order different from that noted in the figures.
It is to be understood that the flowchart and block diagrams of the present invention illustrate the architecture, functionality, and operation of possible implementations of systems, apparatus, devices and methods according to various embodiments of the present invention. Each block in the flowchart or block diagrams may represent a unit, module, segment, code, which comprises executable instructions for implementing the specified function(s). Furthermore, each block or combination of blocks in the block diagrams and flowchart illustrations can be implemented by hardware-based systems that perform the specified functions or by a combination of hardware and computer instructions.
It is to be understood that the units and modules involved in the embodiments of the present invention may be implemented by software, and may also be implemented by hardware, for example, the units and modules may be located in a processor.
Example 1:
as shown in fig. 1, this embodiment provides an access control method for 5G edge computing traffic, which is applied to a 5G security gateway. As shown in fig. 2, a 5G security gateway node is set at a user side edge, where the 5G security gateway node is connected to the UPF and the enterprise application, respectively, and is configured to receive data traffic (i.e., service traffic) and control traffic forwarded by the UPF to the edge side, and implement flexible scheduling of different service traffic of different terminals by setting an access control policy for the traffic.
The access control method for 5G edge calculation flow comprises the following steps:
In this embodiment, an operator provides an MEC network to an industry customer, and deploys a UPF network element on an edge side of the MEC network. A structure of the data of the subscription IMSI (International Mobile Subscriber Identity) obtained by the communication interaction between the 5G security gateway and the 5G core network element is shown in table 1.
Table 1 structure of subscription IMSI data
IMSI | IP |
Specifically, the acquiring the IMSI data of the subscribed international mobile subscriber identities of all terminals in the edge network includes: and the 5G security gateway receives the signed IMSI data of all terminals in the edge network forwarded by the 5G core network session management function SMF through the user plane function UPF. For example, a user purchases a terminal IMSI-a, IMSI-B, and the SMF on the 5G core network side sends the mapping relationship of the IP address corresponding to the IMSI belonging to the edge network to the 5G security gateway on the user side through the UPF. The subscription IMSI data in the 5G security gateway at this time is shown in table 2.
Table 2 structure of subscription IMSI data
IMSI | IP |
IMSI-A | IP-A |
IMSI-B | IP-B |
And 102, configuring an access control list of the edge computing flow according to the signed IMSI data and the control requirement.
In this embodiment, the access control table is configured according to the subscription IMSI data to implement scheduling of different terminal service flows, and based on this, the access control table is configured according to the existing service flow partition manner to implement scheduling of different service flows of different terminals on the edge side, thereby implementing more flexible scheduling and access control of fine granularity.
Optionally, in order to completely distinguish the terminal and different traffic flows of the terminal, the access control list set in the 5G security gateway includes an IMSI field, a source IP address field, a source port field, a destination IP address field, a destination port field, a policy field, and a mapping relationship among six fields thereof.
Optionally, as shown in fig. 3, step 102: the configuring an access control list of the edge computing traffic according to the subscription IMSI data and the control requirement specifically includes:
And step 1023, filling source port fields, destination IP address fields, destination port addresses and strategy fields in the access control list according to the control requirements of different service flows corresponding to different IMSIs.
In this embodiment, an edge network administrator or an automatic control program configures a policy in an access control list of a 5G security gateway, so as to implement fine-grained access control on different service flows of different terminals. For example, for IMSI-A and IP-A terminals, the strategy that the source port is S-A, the destination IP is IP-C and the destination port is D-C is configured to pass; for the terminal of IMSI-B, IP-B, the policy with S-B as the source port, IP-D as the destination port, and D-D as the destination port is configured to pass, and the access control list in the configured 5G security gateway is shown in table 3.
TABLE 3 Access control List in a 5G Security gateway
IMSI | Source IP | Source port | Destination IP | Destination port | Policy |
IMSI-A | IP-A | SP-A | IP-C | DP-C | By passing |
IMSI-B | IP-B | SP-B | IP-D | DP-D | By passing |
In this embodiment, when the service traffic of the target terminal accesses the edge computing MEC network, the traffic is distributed to the UPF network element corresponding to the MEC through the SMF on the 5G core network side, and the UPF network element is forwarded to the 5G security gateway in the edge network. And the 5G security gateway carries out policy control on the service traffic according to the access control list.
Specifically, the forwarding the corresponding traffic according to the access control list includes: receiving the service flow of a target terminal; acquiring a field set corresponding to the service flow of the target terminal, and respectively matching the field set with each field in an access control list; and responding to the field matching, and forwarding the service flow of the target terminal.
Optionally, the forwarding the corresponding traffic according to the access control list further includes: and in response to the field mismatch, discarding the service flow of the target terminal. Wherein the field mismatch comprises at least one of: source port field mismatch, destination IP address field mismatch, destination port field mismatch.
In this embodiment, for example, for a destination terminal, IMSI-a, if a field of a service traffic of the destination terminal passes through a 5G security gateway, the field matches an access control list in the gateway, that is, a source port is SP-a, a destination IP is IP-C, and a destination port is DP-C, the 5G security gateway performs forwarding. If the fields do not match, for example, the destination port of the IMSI-a is DP-D, the traffic is discarded or ignored. For the target terminal IMSI-B, if the service flow of the target terminal passes through the 5G security gateway, the field matches the access control list in the gateway, namely the source port is SP-B, the destination IP is IP-D, and the destination port is DP-D, then the 5G security gateway forwards the service flow. If the fields do not match, for example, the destination port of the IMSI-B is DP-C, the traffic is discarded or ignored.
In the access control method for 5G edge computing traffic according to this embodiment, an access control table is configured according to subscription IMSI data to implement scheduling of different terminal service traffic, and based on this, the access control table is further configured according to the existing service traffic partition manner to implement scheduling of different service traffic of different terminals on the edge side, thereby implementing more flexible scheduling in edge computing and access control of fine granularity. In addition, the fields in the access control table are reasonably configured to completely distinguish the terminal and different service flows of the terminal, so that the service flows are distinguished from the terminal dimension, the access control can be performed on the flows of different services of different terminals, the edge network congestion caused by coarse-grained access control strategies is avoided, and the edge network performance is improved.
Example 2:
as shown in fig. 4, the present embodiment provides an access control device for 5G edge computing traffic, including:
the obtaining module 31 is configured to obtain IMSI data of subscribed international mobile subscriber identities of all terminals in an edge network, where the IMSI data includes a mapping relationship between an IMSI and an IP address.
And a configuration module 32 connected to the obtaining module 31, configured to configure an access control list of the edge computing traffic according to the contracted IMSI data and the control requirement.
And the control module 33 is connected to the configuration module 32, and is configured to forward traffic according to the access control list, so as to implement access control on different service flows of different terminals.
Optionally, the obtaining module comprises a obtaining unit. And the acquisition unit is used for receiving the signed IMSI data of all terminals in the edge network forwarded by the 5G core network session management function SMF through the user plane function UPF.
Optionally, the access control list includes an IMSI field, a source IP address field, a source port field, a destination IP address field, a destination port field, a policy field, and a mapping relationship between the six fields.
Optionally, the configuration module comprises:
and the first filling unit is connected with the acquisition unit and is used for filling the IMSI in the signed IMSI data into the IMSI field of the access control list.
And the second filling unit is connected with the acquisition unit and is used for filling the IP address corresponding to the IMSI in the signed IMSI data into the source IP address field of the access control list.
And the configuration unit is connected with the first filling unit and the second filling unit and is used for filling the source port field, the destination IP address field, the destination port address and the strategy field in the access control list according to the control requirements of different service flows corresponding to different IMSIs.
Optionally, the control module comprises:
and the receiving unit is used for receiving the service flow of the target terminal.
And the matching unit is connected with the receiving unit and used for acquiring the field set corresponding to the service flow of the target terminal and matching the field set with each field in the access control list respectively.
And the processing unit is connected with the matching unit and used for responding to the field matching and forwarding the service flow of the target terminal.
Optionally, the processing unit is further configured to discard the traffic flow of the target terminal in response to the field mismatch. Wherein the field mismatch comprises at least one of: source port field mismatch, destination IP address field mismatch, destination port field mismatch.
The access control device for 5G edge computing traffic in this embodiment is configured to configure an access control table according to the subscription IMSI data to implement scheduling of different terminal service traffic, and based on this, is further configured to configure the access control table according to the existing service traffic partition manner to implement scheduling of different service traffic of different terminals on the edge side, thereby implementing more flexible scheduling in edge computing and access control of finer granularity. In addition, the fields in the access control list are reasonably configured to completely distinguish the terminal and different service flows of the terminal, so that the service flows are distinguished from the terminal dimension, the access control can be performed on the flows of different services of different terminals, the edge network congestion caused by coarse-grained access control strategies is avoided, and the edge network performance is improved.
Example 3:
as shown in fig. 5, the present embodiment provides an electronic device, which includes a memory 41 and a processor 42, where the memory 41 stores a computer program, and the processor 42 is configured to run the computer program to implement the access control method for 5G edge computing traffic according to embodiment 1.
Example 4:
the present embodiment provides a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the access control method for 5G edge computing traffic as described in embodiment 1.
The electronic device of embodiment 3 and the computer-readable storage medium of embodiment 4 may implement differentiation of service traffic from a terminal dimension, thereby performing access control on traffic of different services of different terminals, avoiding edge network congestion caused by coarse-grained access control policies, and thus improving edge network performance.
It will be understood that the above embodiments are merely exemplary embodiments taken to illustrate the principles of the present invention, which is not limited thereto. It will be apparent to those skilled in the art that various modifications and improvements can be made without departing from the spirit and scope of the invention, and such modifications and improvements are also considered to be within the scope of the invention.
Claims (10)
1. A5G edge computing traffic access control method is applied to a 5G security gateway, and comprises the following steps:
acquiring signed International Mobile Subscriber Identity (IMSI) data of all terminals in an edge network, wherein the signed IMSI data comprises a mapping relation between the IMSI and an IP address;
configuring an access control list of edge calculation flow according to the signed IMSI data and the control requirement;
and forwarding the corresponding flow according to the access control list so as to realize access control on different service flows of different terminals.
2. The access control method for 5G edge computed traffic according to claim 1, where the obtaining IMSI data of the contracted international mobile subscriber identity of all terminals in the edge network specifically includes:
and receiving the signed IMSI data of all terminals in the edge network forwarded by the 5G core network session management function SMF through the user plane function UPF.
3. The method of claim 1, wherein the access control list comprises a mapping relationship among an IMSI field, a source IP address field, a source port field, a destination IP address field, a destination port field, a policy field, and six fields thereof,
the configuring an access control list of edge computing traffic according to the subscription IMSI data and the control requirement specifically includes:
filling IMSIs in the subscription IMSI data into IMSI fields of the access control list;
filling an IP address corresponding to the IMSI in the signed IMSI data into a source IP address field of the access control list;
and filling a source port field, a destination IP address field, a destination port address and a strategy field in the access control list according to the control requirements of different service flows corresponding to different IMSIs.
4. The access control method for 5G edge computed traffic according to claim 1, where forwarding the corresponding traffic according to the access control list specifically includes:
receiving the service flow of a target terminal;
acquiring a field set corresponding to the service flow of the target terminal, and respectively matching the field set with each field in an access control list;
and responding to the field matching, and forwarding the service flow of the target terminal.
5. The access control method for 5G edge computing traffic according to claim 1, wherein forwarding the corresponding traffic according to the access control list further comprises:
discarding traffic flow of the target terminal in response to a field mismatch, wherein the field mismatch comprises at least one of: source port field mismatch, destination IP address field mismatch, destination port field mismatch.
6. An access control device for 5G edge computing traffic, comprising:
an obtaining module, configured to obtain IMSI data of subscribed international mobile subscriber identities of all terminals in an edge network, where the IMSI data includes a mapping relationship between an IMSI and an IP address,
a configuration module connected with the acquisition module and used for configuring an access control list of the edge computing flow according to the signed IMSI data and the control requirement,
and the control module is connected with the configuration module and used for forwarding the flow according to the access control list so as to realize access control on different service flows of different terminals.
7. The access control device for 5G edge computed traffic of claim 6, wherein the obtaining module comprises an obtaining unit,
and the acquisition unit is used for receiving the signed IMSI data of all terminals in the edge network forwarded by the session management function SMF of the 5G core network through the UPF.
8. The apparatus of claim 1, wherein the access control list comprises a mapping relationship among an IMSI field, a source IP address field, a source port field, a destination IP address field, a destination port field, a policy field and six fields thereof,
the configuration module includes:
a first filling unit connected with the obtaining unit and used for filling IMSI in the signed IMSI data into the IMSI field of the access control list,
a second filling unit connected with the obtaining unit and used for filling the IP address corresponding to the IMSI in the signed IMSI data into the source IP address field of the access control list,
and the configuration unit is connected with the first filling unit and the second filling unit and is used for filling a source port field, a destination IP address field, a destination port address and a strategy field in the access control list according to the control requirements of different service flows corresponding to different IMSIs.
9. An electronic device comprising a memory having a computer program stored therein and a processor configured to execute the computer program to implement the access control method for 5G edge computed traffic of any of claims 1-5.
10. A computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, carries out a method for access control of 5G edge computed traffic according to any one of claims 1 to 5.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211054985.7A CN115426685A (en) | 2022-08-31 | 2022-08-31 | Access control method, device, equipment and medium for 5G edge computing flow |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211054985.7A CN115426685A (en) | 2022-08-31 | 2022-08-31 | Access control method, device, equipment and medium for 5G edge computing flow |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115426685A true CN115426685A (en) | 2022-12-02 |
Family
ID=84199626
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211054985.7A Pending CN115426685A (en) | 2022-08-31 | 2022-08-31 | Access control method, device, equipment and medium for 5G edge computing flow |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115426685A (en) |
Citations (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101150852A (en) * | 2006-09-20 | 2008-03-26 | 华为技术有限公司 | Method for terminal to exit from multicast and broadcast service and multicast and broadcast system |
CN101730101A (en) * | 2009-04-15 | 2010-06-09 | 中兴通讯股份有限公司 | Realizing method, system and device for separating identify label from position |
US20100223222A1 (en) * | 2008-03-31 | 2010-09-02 | Qing Zhou | Decision-making method, decision-making system, and policy decision function |
CN102088448A (en) * | 2009-12-02 | 2011-06-08 | 中兴通讯股份有限公司 | Transmitting method of Internet protocol (IP) message and boundary tunnel router |
CN102802169A (en) * | 2011-05-25 | 2012-11-28 | 中兴通讯股份有限公司 | Service access control method and system |
CN102868998A (en) * | 2012-09-14 | 2013-01-09 | 中国联合网络通信集团有限公司 | Method and device for visiting businesses of internet of things |
CN103108377A (en) * | 2011-11-15 | 2013-05-15 | 中国移动通信集团公司 | Communication method, system and center control node of machine-type communication (MTC) terminal |
CN103167051A (en) * | 2011-12-15 | 2013-06-19 | 中兴通讯股份有限公司 | Method and system for identity position mapping relationship maintenance |
CN103746928A (en) * | 2013-12-30 | 2014-04-23 | 迈普通信技术股份有限公司 | Method and system for controlling flow rate by utilizing access control list |
US20140334418A1 (en) * | 2011-11-28 | 2014-11-13 | Alcatel Lucent | Support of user plane transactions over a mobile network |
CN104618403A (en) * | 2015-03-10 | 2015-05-13 | 网神信息技术(北京)股份有限公司 | Access control method and device for security gateway |
CN104780522A (en) * | 2015-04-23 | 2015-07-15 | 东南大学 | Method for supporting terminal in mobile access to LISP identifier bearing access network |
WO2016144230A1 (en) * | 2015-03-06 | 2016-09-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Method, network device, computer program and computer program product for mobile service chaining |
US20170026774A1 (en) * | 2013-11-29 | 2017-01-26 | Ntt Docomo, Inc. | Communication system, service control device, mtc user device, gateway device, and communication method |
CN107079372A (en) * | 2015-08-20 | 2017-08-18 | 华为技术有限公司 | The method and device that a kind of network-termination device is communicated |
CN107087288A (en) * | 2016-02-15 | 2017-08-22 | 中兴通讯股份有限公司 | A kind of implementation method, the device and system of DIAMETER SGWs |
CN107302762A (en) * | 2016-04-14 | 2017-10-27 | 大唐移动通信设备有限公司 | A kind of Operational Visit and its control method, device |
CN109788514A (en) * | 2017-11-13 | 2019-05-21 | 中国电信股份有限公司 | Method of data synchronization, system and the edge calculations platform of edge calculations application |
CN113812134A (en) * | 2019-05-10 | 2021-12-17 | 三星电子株式会社 | Method and apparatus for managing identifier of UE in edge computing service |
CN114374965A (en) * | 2021-12-30 | 2022-04-19 | 广州爱浦路网络技术有限公司 | User subscription data processing method, system, device and medium |
CN114598676A (en) * | 2020-11-19 | 2022-06-07 | 中国电信股份有限公司 | Application addressing method, system and storage medium |
CN114745724A (en) * | 2022-05-05 | 2022-07-12 | 中国电信股份有限公司 | Access processing method and device, electronic equipment and computer readable medium |
-
2022
- 2022-08-31 CN CN202211054985.7A patent/CN115426685A/en active Pending
Patent Citations (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101150852A (en) * | 2006-09-20 | 2008-03-26 | 华为技术有限公司 | Method for terminal to exit from multicast and broadcast service and multicast and broadcast system |
US20100223222A1 (en) * | 2008-03-31 | 2010-09-02 | Qing Zhou | Decision-making method, decision-making system, and policy decision function |
US20120084246A1 (en) * | 2008-03-31 | 2012-04-05 | Huawei Technologies Co., Ltd. | Decision-making method, decision-making system, and policy decision function |
CN101730101A (en) * | 2009-04-15 | 2010-06-09 | 中兴通讯股份有限公司 | Realizing method, system and device for separating identify label from position |
CN102088448A (en) * | 2009-12-02 | 2011-06-08 | 中兴通讯股份有限公司 | Transmitting method of Internet protocol (IP) message and boundary tunnel router |
CN102802169A (en) * | 2011-05-25 | 2012-11-28 | 中兴通讯股份有限公司 | Service access control method and system |
CN103108377A (en) * | 2011-11-15 | 2013-05-15 | 中国移动通信集团公司 | Communication method, system and center control node of machine-type communication (MTC) terminal |
US20140334418A1 (en) * | 2011-11-28 | 2014-11-13 | Alcatel Lucent | Support of user plane transactions over a mobile network |
CN103167051A (en) * | 2011-12-15 | 2013-06-19 | 中兴通讯股份有限公司 | Method and system for identity position mapping relationship maintenance |
CN102868998A (en) * | 2012-09-14 | 2013-01-09 | 中国联合网络通信集团有限公司 | Method and device for visiting businesses of internet of things |
US20170026774A1 (en) * | 2013-11-29 | 2017-01-26 | Ntt Docomo, Inc. | Communication system, service control device, mtc user device, gateway device, and communication method |
CN103746928A (en) * | 2013-12-30 | 2014-04-23 | 迈普通信技术股份有限公司 | Method and system for controlling flow rate by utilizing access control list |
WO2016144230A1 (en) * | 2015-03-06 | 2016-09-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Method, network device, computer program and computer program product for mobile service chaining |
CN104618403A (en) * | 2015-03-10 | 2015-05-13 | 网神信息技术(北京)股份有限公司 | Access control method and device for security gateway |
CN104780522A (en) * | 2015-04-23 | 2015-07-15 | 东南大学 | Method for supporting terminal in mobile access to LISP identifier bearing access network |
CN107079372A (en) * | 2015-08-20 | 2017-08-18 | 华为技术有限公司 | The method and device that a kind of network-termination device is communicated |
CN107087288A (en) * | 2016-02-15 | 2017-08-22 | 中兴通讯股份有限公司 | A kind of implementation method, the device and system of DIAMETER SGWs |
CN107302762A (en) * | 2016-04-14 | 2017-10-27 | 大唐移动通信设备有限公司 | A kind of Operational Visit and its control method, device |
CN109788514A (en) * | 2017-11-13 | 2019-05-21 | 中国电信股份有限公司 | Method of data synchronization, system and the edge calculations platform of edge calculations application |
CN113812134A (en) * | 2019-05-10 | 2021-12-17 | 三星电子株式会社 | Method and apparatus for managing identifier of UE in edge computing service |
CN114598676A (en) * | 2020-11-19 | 2022-06-07 | 中国电信股份有限公司 | Application addressing method, system and storage medium |
CN114374965A (en) * | 2021-12-30 | 2022-04-19 | 广州爱浦路网络技术有限公司 | User subscription data processing method, system, device and medium |
CN114745724A (en) * | 2022-05-05 | 2022-07-12 | 中国电信股份有限公司 | Access processing method and device, electronic equipment and computer readable medium |
Non-Patent Citations (4)
Title |
---|
3RD GENERATION PARTNERSHIP PROJECT: ""Study on enablers for network automation for the 5G System (5GS)"", 《3GPP TR 23.700-91 V1.2.0 (2020-11)》, 30 November 2020 (2020-11-30) * |
JINGHUI LI, XIAODONG CAO, SHENGLI GUO, RUNSHA DONG, CHUNTAO SONG, TIANYI WANG, ZELIN WANG: ""5GC Network and MEC UPF Data Collection Scheme Research"", 《2021 INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGIES FOR DISASTER MANAGEMENT (ICT-DM)》, 31 December 2021 (2021-12-31) * |
侯乐,徐雷,贾宝军: ""G网络切片管理系统及运营商行业实践探讨"", 《数据与计算发展前沿》, 31 August 2020 (2020-08-31) * |
王蕴实 徐雷 张曼君: """5G+工业互联网" 安全能力及场景化解决方案"", 《通信世界》, 31 December 2021 (2021-12-31) * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11895154B2 (en) | Method and system for virtual machine aware policy management | |
EP3075108B1 (en) | Method, system and computer readable media for diameter routing using software defined network (sdn) functionality | |
EP3069484B1 (en) | Shortening of service paths in service chains in a communications network | |
CN107005474B (en) | Method, equipment and system for controlling routing | |
US8675488B1 (en) | Subscriber-based network traffic management | |
US20220286409A1 (en) | Method and apparatus for configuring quality of service policy for service, and computing device | |
CN111263373B (en) | Data processing method, controller and forwarding equipment | |
CN113542128B (en) | Method and device for sending routing information | |
US11689966B2 (en) | 5G network having an external multi-path transport protocol proxy node | |
CN110233834B (en) | Network system, method, device and equipment for intercepting attack message | |
WO2021022806A1 (en) | Network system, method, and communication device for centralized processing of network services | |
CN110278152B (en) | Method and device for establishing fast forwarding table | |
WO2022052875A1 (en) | Terminal cross-region communication method, network element device, and storage medium | |
EP2557823A1 (en) | Authentication authorization and accounting server and message processing method thereof | |
US9900804B2 (en) | Method and device for processing to share network resources, and method, device and system for sharing network resources | |
EP2165502B1 (en) | Lawful interception of data of a roaming mobile node | |
CN113067906A (en) | Addressing method, device and equipment of online charging system | |
RU2273960C2 (en) | Method for performing control measures in packet telecommunication networks and in data transfer networks | |
CN115426685A (en) | Access control method, device, equipment and medium for 5G edge computing flow | |
WO2021248971A1 (en) | Network access method, electronic device, and storage medium | |
EP4175257B1 (en) | Packet processing method, apparatus, and system, and storage medium | |
US11902087B2 (en) | Forwarding fault location determining method and device | |
EP4395246A1 (en) | Data forwarding method and system, electronic device, and storage medium | |
US20240007858A1 (en) | Methods, systems, and computer readable media for managing network function request messages at a security edge protection proxy | |
EP4221155A1 (en) | Service function chaining enhancement |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |