CN116506842B - Method, terminal, system and related equipment for reporting capability information of user identification card - Google Patents
Method, terminal, system and related equipment for reporting capability information of user identification card Download PDFInfo
- Publication number
- CN116506842B CN116506842B CN202310788593.1A CN202310788593A CN116506842B CN 116506842 B CN116506842 B CN 116506842B CN 202310788593 A CN202310788593 A CN 202310788593A CN 116506842 B CN116506842 B CN 116506842B
- Authority
- CN
- China
- Prior art keywords
- gba
- capability information
- user identification
- identification card
- network element
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 68
- 238000004891 communication Methods 0.000 claims abstract description 27
- 230000008569 process Effects 0.000 claims abstract description 12
- 230000006870 function Effects 0.000 claims description 20
- 238000007726 management method Methods 0.000 claims description 14
- 238000004590 computer program Methods 0.000 claims description 7
- 238000013523 data management Methods 0.000 claims description 7
- 238000013475 authorization Methods 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 14
- 238000012545 processing Methods 0.000 description 10
- 230000004044 response Effects 0.000 description 9
- ORQBXQOJMQIAOY-UHFFFAOYSA-N nobelium Chemical compound [No] ORQBXQOJMQIAOY-UHFFFAOYSA-N 0.000 description 4
- 238000012795 verification Methods 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- CNQCVBJFEGMYDW-UHFFFAOYSA-N lawrencium atom Chemical compound [Lr] CNQCVBJFEGMYDW-UHFFFAOYSA-N 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/22—Processing or transfer of terminal data, e.g. status or physical capabilities
- H04W8/24—Transfer of terminal data
Abstract
The disclosure provides a method, a terminal, a system and related equipment for reporting capability information of a user identification card, and relates to the technical field of communication. The method comprises the following steps: transmitting a GBA capability information inquiry instruction of a general guide architecture to a user identification card, wherein the GBA capability information inquiry instruction is used for inquiring GBA capability information supported by the user identification card; receiving GBA capability information returned by the user identification card; and sending a network registration request message carrying the GBA capability information to network side equipment. The method and the device can report the GBA capability information supported by the user identification card to the network side device, so that the network side device configures the GUSS parameter in the GBA authentication and authentication process according to the support condition of the user identification card on the GBA capability.
Description
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a method, a terminal, a system, and related devices for reporting capability information of a subscriber identity module card.
Background
GBA (General Bootstrapping Architecture, generic bootstrapping architecture, also called generic authentication mechanism) is a lightweight security infrastructure defined by 3GPP (3 rd Generation Partnership Project, third generation partnership project) and based on a mobile communication network (3G/4G/5G), which can provide a unified security authentication service for an application layer, and uses AKA (Authentication and Key Agreement ) to generate a key for establishing a security channel for a UE (User Equipment, user terminal, i.e., application client) and NAF (Network Application Function, network application function, i.e., application server) network elements, and then uses the key to establish a security channel between the UE and the NAF network elements for related identity authentication and security communication.
The entities of the UE include: ME (Mobile Equipment) and subscriber identity card (e.g., SIM/USIM card). According to different entity capacities of the UE, GBA is divided into two key generation modes, namely GBA_ME and GBA_U, wherein GBA_ME means that key negotiation and generation are completed on the ME of the UE, and GBA_U means that key negotiation and generation are completed on a user identification card of the UE. Gba_u has higher security than gba_me.
In the GBA authentication process, the UE and the BSF (Bootstrapping Server Function ) network element BSF need to negotiate to determine the generation manner of the key. It is specified in 3GPP to determine which key generation method to use in GBA authentication procedure by configuring GUSS (GBA user security setting) parameters by the network side device.
Currently, in the related art, because the network side device cannot determine the supporting condition of the user identification card to the GBA capability in the UE, the network side device cannot configure the corresponding GUSS parameter according to the supporting condition of the user identification card to the GBA capability.
It should be noted that the information disclosed in the above background section is only for enhancing understanding of the background of the present disclosure and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The disclosure provides a method, a terminal, a system and related equipment for reporting capability information of a user identification card, which at least overcome the technical problem that network side equipment in the related technology cannot know the supporting condition of the user identification card to GBA capability in UE to a certain extent.
Other features and advantages of the present disclosure will be apparent from the following detailed description, or may be learned in part by the practice of the disclosure.
According to one aspect of the present disclosure, there is provided a method for reporting capability information of a subscriber identity module card, the method comprising: transmitting a GBA capability information inquiry instruction of a general guide architecture to a user identification card, wherein the GBA capability information inquiry instruction is used for inquiring GBA capability information supported by the user identification card; receiving GBA capability information returned by the user identification card; and sending a network registration request message carrying the GBA capability information to network side equipment.
In some embodiments, the network registration request message is a message requesting registration to a 4G network; the sending the network registration request message carrying the GBA capability information to the network side equipment comprises the following steps: and sending a network attachment request message carrying the GBA capability information to a Mobility Management Entity (MME) network element, so that the GBA capability information is carried in a position update request message sent by the MME network element to a Home Subscriber Server (HSS) network element, wherein the HSS network element is also used for configuring GUSS parameter information for the subscriber identity module card according to the GBA capability information.
In some embodiments, the network registration request message is a message requesting registration to a 5G network; the sending the network registration request message carrying the GBA capability information to the network side equipment comprises the following steps: and sending a network registration message carrying the GBA capability information to an access and mobility management function (AMF) network element, so that the GBA capability information is carried in a terminal context registration request message sent by the AMF network element to a Unified Data Management (UDM) network element, wherein the UDM network element is further used for configuring GUSS parameter information for the user identification card according to the GBA capability information.
In some embodiments, the GBA capability information query instruction is an application protocol data unit APDU instruction for querying GBA capability information supported by a subscriber identity card.
According to another aspect of the present disclosure, there is also provided a device for reporting capability information of a subscriber identity module card, the device including: the GBA capability information inquiry module is used for sending a GBA capability information inquiry instruction of a general guide framework to the user identification card, wherein the GBA capability information inquiry instruction is used for inquiring GBA capability information supported by the user identification card; the GBA capability information acquisition module is used for receiving GBA capability information returned by the user identification card; and the GBA capability information reporting module is used for sending a network registration request message carrying the GBA capability information to the network side equipment.
According to another aspect of the present disclosure, there is also provided a terminal including: a user identification card and a mobile device; the user identification card is configured with GBA capability information supported by the user identification card; the mobile device is configured to send a GBA capability information query instruction to the subscriber identity module card, and receive GBA capability information returned by the subscriber identity module card, so as to send a network registration request message carrying the GBA capability information to a network side device, where the GBA capability information query instruction is configured to query GBA capability information supported by the subscriber identity module card.
According to another aspect of the present disclosure, there is also provided a communication system including: the system comprises a user identification card, mobile equipment, an MME network element and an HSS network element; the user identification card is configured with GBA capability information supported by the user identification card; the mobile device is configured to send a GBA capability information query instruction to the subscriber identity module card, and receive GBA capability information returned by the subscriber identity module card, so as to send a network attach request message carrying the GBA capability information to an MME network element, where the GBA capability information query instruction is used to query GBA capability information supported by the subscriber identity module card; the MME network element is used for sending a position update request message carrying the GBA capability information to the HSS network element; the HSS network element is used for configuring the GUSS parameter information for the user identification card according to the GBA capability information.
According to another aspect of the present disclosure, there is also provided a communication system including: the system comprises a user identification card, mobile equipment, an AMF network element and a UDM network element; the user identification card is configured with GBA capability information supported by the user identification card; the mobile device is configured to send a GBA capability information query instruction to the subscriber identity module card, and receive GBA capability information returned by the subscriber identity module card, so as to send a network attach request message carrying the GBA capability information to an AMF network element, where the GBA capability information query instruction is used to query GBA capability information supported by the subscriber identity module card; the AMF network element is used for sending a terminal context registration request message carrying the GBA capability information to the UDM network element; the UDM network element is configured to configure GUSS parameter information for the user identification card according to the GBA capability information.
According to another aspect of the present disclosure, there is also provided an electronic device including: a processor; and a memory for storing executable instructions of the processor; wherein the processor is configured to execute the subscriber identity card capability information reporting method according to any one of the above through execution of the executable instructions.
According to another aspect of the present disclosure, there is also provided a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method for reporting capability information of a subscriber identity card according to any one of the above.
According to another aspect of the present disclosure, there is also provided a computer program product, including a computer program, which when executed by a processor implements the method for reporting subscriber identity card capability information of any one of the above.
According to the method, the terminal, the system and the related equipment for reporting the user identification card capability information, the GBA capability information inquiry instruction is sent to the user identification card to inquire the supporting condition of the user identification card on the GBA capability, and after the user identification card returns the GBA capability information containing the supporting condition of the user identification card on the GBA capability, a network registration request message carrying the GBA capability information is sent to the network side equipment, so that the network side equipment can acquire the supporting condition of the user identification card on the GBA capability.
According to the embodiment of the invention, the GBA capability information supported by the user identification card can be reported to the network side equipment, so that the network side equipment configures the GUSS parameter in the GBA authentication and authentication process according to the support condition of the user identification card on the GBA capability.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the principles of the disclosure. It will be apparent to those of ordinary skill in the art that the drawings in the following description are merely examples of the disclosure and that other drawings may be derived from them without undue effort.
FIG. 1 illustrates a schematic diagram of a communication system architecture in an embodiment of the present disclosure;
fig. 2 is a flowchart illustrating a method for reporting capability information of a subscriber identity module card according to an embodiment of the present disclosure;
fig. 3 is a schematic diagram of a device for reporting capability information of a subscriber identity module card according to an embodiment of the disclosure;
FIG. 4 illustrates a schematic diagram of a terminal in an embodiment of the present disclosure;
fig. 5 is a schematic diagram illustrating an interaction procedure for reporting capability information of a subscriber identity module card in a 4G communication system according to an embodiment of the disclosure;
fig. 6 is a schematic diagram illustrating an interaction procedure for reporting capability information of a subscriber identity module card in a 5G communication system according to an embodiment of the disclosure;
FIG. 7 shows a block diagram of an electronic device in an embodiment of the disclosure;
fig. 8 shows a schematic diagram of a computer-readable storage medium in an embodiment of the disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. However, the exemplary embodiments may be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus a repetitive description thereof will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in software or in one or more hardware modules or integrated circuits or in different networks and/or processor devices and/or microcontroller devices.
For ease of understanding, before describing embodiments of the present disclosure, several terms referred to in the embodiments of the present disclosure are first explained as follows:
UE: user Equipment, user terminal, terminal for short.
ME: mobile Equipment, mobile device.
SIM: subscriber Identity Module, subscriber identity card.
USIM: universal Subscriber Identity Module, universal subscriber identity card.
NAF: network Application Function, network application functions.
GBA: general Bootstrapping Architecture, generic bootstrapping architecture.
BSF, bootstrapping Server Function, bootstrapping server functions.
AKA: authentication and Key Agreement authentication and key agreement protocol.
GUSS: GBA User Security Settings GBA user security settings.
MME network element: mobility Management Entity, mobility management entity.
HSS: home Subscriber Server, home subscriber server.
UDM: unified Data Management, unified data management.
AMF: access and Mobility Management Function, access and mobility management functions.
APDU: application Protocol Data Unit, application protocol data unit.
The following detailed description of embodiments of the present disclosure refers to the accompanying drawings.
Fig. 1 is a schematic diagram of an exemplary communication system architecture to which the method for reporting capability information of a subscriber identity module card according to an embodiment of the present disclosure may be applied, where, as shown in fig. 1, the communication system architecture includes: network-side device 10 and terminal UE20.
The network-side device 10 may include various network element devices for providing communication network services, for example, network element devices of an access network such as a base station, a relay, or an access point, and may also be network element devices for providing various network service functions in a core network. The specific type of network side device is not limited in the embodiments of the present disclosure.
For example, the UE20 may be any electronic Device capable of network communication, and in specific implementation, the electronic Device may be a mobile phone, a tablet (Tablet Personal Computer), a Laptop (Laptop Computer), a personal digital assistant (Personal Digital Assistant, PDA), a mobile internet Device (Mobile Internet Device, MID), a Wearable Device (wireless Device), or an in-vehicle Device, etc., and it should be noted that the specific type of the terminal is not limited in the embodiments of the present invention.
Optionally, the medium for providing the communication link between the network side device 10 and the UE20 may be a wired network or a wireless network.
In some embodiments, the network-side device 10 may include: NAF network element 101, BSF network element 102, UDM network element 103 and HSS network element 104. Wherein, the NAF network element 101 is configured to provide an application service for the UE; the BSF network element 102 is configured to generate a key for secure communications between the NAF network element 101 and the UE 20; the UDM network element 103 is configured to store subscription data of a 5G network user; the HSS network element 104 is configured to store subscription data of the 4G network user; after receiving the application request of the UE20, the NAF network element 101 needs to acquire a key negotiated between the UE20 and the BSF network element 102 in the authentication and authorization process from the BSF network element 102 through the Zn interface, and uses the key to complete the authentication of the UE.
In some embodiments, the terminal 20 may include: a subscriber identity card 201 and a mobile equipment ME202; wherein ME202 is used to provide applications and services for the UE; the subscriber identity card 201 is used to provide user identity for the terminal UE, and may be, but is not limited to: SIM card, USIM card. It should be noted that, the subscriber identity card 201 in the embodiment of the present disclosure is intended to be used for identifying identity information of the terminal 20 in a network, and in a specific manner, may be a physical card or a functional module, and the embodiment of the present disclosure is not limited to a specific implementation manner of the subscriber identity card.
As shown in fig. 1, the BSF network element obtains the user security configuration (i.e., GUSS) parameter information of the GBA from the HSS network element through the Zh interface or obtains the user security configuration (i.e., GUSS) parameter information of the GBA from the UDM network element through the BSI interface; mutual authentication is carried out by utilizing an AKA protocol through a Ub interface and the UE, a shared secret key applied between the UE and the NAF network element is generated, and the secret key and the GUSS parameter are transmitted to the NAF network element through a Zn interface. The UE and the NAF network element may run some application related protocols through the reference point Ua, in which protocols the authentication of the message is based on a shared key generated during mutual authentication of the UE and the BSF network element.
There has been no prior security association between the UE and the NAF network element prior to the procedure of generating the shared key between the UE and the BSF network element. The NAF network element is able to locate and communicate securely with the BSF network element of the user's home network in order to obtain the shared key achieved by the UE and the BSF.
The BSF network element is used as an anchor point in the whole GBA architecture and is used for acquiring an authentication vector from the HSS/UDM network element so as to finish verification of the user terminal, and an AKA mechanism is utilized to generate a shared secret key together with the HSS/UDM. The NAF network element directs the application to perform GBA authentication and obtains a shared key from the BSF network element to generate a secure communication session key between the application and the NAF network element. The HSS/UDM network element is used for generating an AKA authentication vector and carrying out identity authentication on the ME and a subscriber identity module (SIM/USIM) card. The ME is used to install the application client and the subscriber identity card (SIM/USIM card) is used to generate the shared key and the application external key.
In the GBA authentication process, the UE and the BSF network element need to negotiate to determine the generation mode of the shared key. The 3GPP specifies which key generation mode is used by the UE and the BSF network element in the GBA authentication and authorization process through the GUSS (GBA user security setting) parameter information of the HSS/UDM network element, which requires configuring the GUSS parameter information of the HSS/UDM network element.
GBA supports two application key generation modes, gba_me and gba_u. The gba_me means that the negotiation and generation of the key are completed on the ME of the UE, and the gba_u means that the negotiation and generation of the key are completed on the subscriber identity module card, and compared with the gba_me, the gba_u has higher security. The two key generation modes are suitable for different application scenes, and the GBA_U key generation mode with higher security is suitable for mobile applications requiring a user card encryption and decryption function, such as security initialization of a vehicle-mounted certificate; the GBA_ME key generation mode with lower security is suitable for authentication of general mobile applications, establishment of a secure channel and the like, such as identity authentication service, data transmission and the like of rich media communication service RCS HTTP application.
When the GBA_ME key generation mode is adopted, the user identification card is unaware, the user identification card only needs to realize the AKA calculation and MAC verification functions, and the ME realizes the generation of the shared key Ks_NAF; when the gba_u key generation method is adopted, the user identification card needs to realize the AKA calculation and MAC verification functions, and also needs to realize the generation of a shared key ks_int_naf (i.e. a key used when the UE decrypts the ciphertext message from the network) and ks_ext_naf (i.e. a key used by the network to authenticate the UE identity), and export the key ks_ext_naf to the ME, which needs to realize additional functions of the user identification card.
However, as described in the background section of the present application, the network side device (HSS/UDM network element) cannot know the supporting condition of the user identification card on the GBA capability in the terminal (UE) (whether to support the gba_u mode to generate the key), so that it is difficult for the network side device (HSS/UDM network element) to configure corresponding GUSS parameter information for the terminal (UE).
It should be noted that the UDM network element and the HSS network element shown in fig. 1 are only examples, and the network elements storing the subscriber subscription data may be different in the core networks of different version protocols. In the embodiment of the disclosure, HSS network elements of a 4G network and UDM network elements of a 5G network are taken as examples for illustration.
Those skilled in the art will appreciate that the number of terminals and network side devices in fig. 1 is merely illustrative, and that any number of terminals and network side devices may be provided as desired. The embodiments of the present disclosure are not limited in this regard.
Under the system architecture, the embodiment of the disclosure provides a method for reporting capability information of a subscriber identity module card, which can be executed by any electronic device with computing processing capability.
In some embodiments, the method for reporting the capability information of the subscriber identity module card provided in the embodiments of the present disclosure may be executed by a terminal of the system architecture; in other embodiments, the method for reporting the capability information of the subscriber identity module card provided in the embodiments of the present disclosure may be implemented by a terminal and a network device in the system architecture in an interactive manner.
Fig. 2 shows a flowchart of a method for reporting capability information of a subscriber identity module card in an embodiment of the present disclosure, as shown in fig. 2, where the method for reporting capability information of a subscriber identity module card provided in the embodiment of the present disclosure includes the following steps:
s202, sending a GBA capability information inquiry instruction of a general guide architecture to a user identification card, wherein the GBA capability information inquiry instruction is used for inquiring GBA capability information supported by the user identification card;
s204, GBA capability information returned by the user identification card is received;
s206, sending a network registration request message carrying GBA capability information to the network side equipment.
In some embodiments, when the network registration request message is a message requesting registration to the 4G network, S206 may be implemented by: the method comprises the steps of sending a network attachment request message carrying GBA capability information to a Mobility Management Entity (MME) network element, so that the MME network element carries the GBA capability information in a position update request message sent to a Home Subscriber Server (HSS) network element, wherein the HSS network element is also used for configuring GUSS parameter information for a subscriber identity module card according to the GBA capability information.
In other embodiments, when the network registration request message is a message requesting registration to the 5G network, S206 may be implemented by: and sending a network registration message carrying GBA capability information to an access and mobility management function (AMF) network element, so that the AMF network element carries the GBA capability information in a terminal context registration request message sent to a Unified Data Management (UDM) network element, wherein the UDM network element is also used for configuring GUSS parameter information for a user identification card according to the GBA capability information.
In some embodiments, the GBA capability information query instruction in the embodiments of the present disclosure is an application protocol data unit APDU instruction for querying GBA capability information supported by the subscriber identity card.
Based on the same inventive concept, the embodiment of the disclosure also provides a device for reporting the capability information of the subscriber identity module card, as described in the following embodiments. Since the principle of solving the problem of the embodiment of the device is similar to that of the embodiment of the method, the implementation of the embodiment of the device can be referred to the implementation of the embodiment of the method, and the repetition is omitted.
Fig. 3 is a schematic diagram of a device for reporting capability information of a subscriber identity module card according to an embodiment of the present disclosure, where, as shown in fig. 3, the device includes: the system comprises a GBA capability information inquiry module 301, a GBA capability information acquisition module 302 and a GBA capability information reporting module 303.
The GBA capability information query module 301 is configured to send a generic bootstrapping architecture GBA capability information query instruction to the subscriber identity module, where the GBA capability information query instruction is configured to query GBA capability information supported by the subscriber identity module; the GBA capability information obtaining module 302 is configured to receive GBA capability information returned by the subscriber identity module card; the GBA capability information reporting module 303 is configured to send a network registration request message carrying GBA capability information to a network side device.
In some embodiments, when the network registration request message is a message requesting registration to the 4G network, the GBA capability information reporting module 303 is further configured to: the method comprises the steps of sending a network attachment request message carrying GBA capability information to a Mobility Management Entity (MME) network element, so that the MME network element carries the GBA capability information in a position update request message sent to a Home Subscriber Server (HSS) network element, wherein the HSS network element is also used for configuring GUSS parameter information for a subscriber identity module card according to the GBA capability information.
In other embodiments, when the network registration request message is a message requesting to register to a 5G network, the GBA capability information reporting module 303 is further configured to: and sending a network registration message carrying GBA capability information to an access and mobility management function (AMF) network element, so that the AMF network element carries the GBA capability information in a terminal context registration request message sent to a Unified Data Management (UDM) network element, wherein the UDM network element is also used for configuring GUSS parameter information for a user identification card according to the GBA capability information.
It should be noted that, the GBA capability information query module 301, the GBA capability information obtaining module 302, and the GBA capability information reporting module 303 correspond to S202 to S206 in the method embodiment, and the foregoing modules are the same as examples and application scenarios implemented by the corresponding steps, but are not limited to the disclosure of the foregoing method embodiment. It should be noted that the modules described above may be implemented as part of an apparatus in a computer system, such as a set of computer-executable instructions.
The device for reporting the capability information of the subscriber identity module card provided in the embodiment of the present disclosure may be any device provided with the subscriber identity module card, or may be any device in communication with the subscriber identity module card, or any device in communication with the device provided with the subscriber identity module card.
Based on the same inventive concept, a terminal is also provided in the embodiments of the present disclosure, as described in the following embodiments. Since the principle of the solution of the problem of the terminal embodiment is similar to that of the method embodiment, the implementation of the terminal embodiment can refer to the implementation of the method embodiment, and the repetition is omitted.
Fig. 4 shows a schematic diagram of a terminal in an embodiment of the disclosure, as shown in fig. 4, the terminal 20 includes: a user identification card 401 and a mobile device 402.
Wherein, the user identification card 401 is configured with GBA capability information supported by itself;
the mobile device 402 is configured to send a GBA capability information query instruction to the subscriber identity module 401, and receive GBA capability information returned by the subscriber identity module 401, so as to send a network registration request message carrying GBA capability information to the network side device, where the GBA capability information query instruction is configured to query GBA capability information supported by the subscriber identity module.
In some embodiments, the mobile device 402 sends the GBA capability information query instruction to the subscriber identity card 401 through an APDU instruction, where the GBA capability information query instruction is used to query the GBA capability information supported by the subscriber identity card.
Based on the same inventive concept, a 4G communication system is also provided in the embodiments of the present disclosure, as described in the following embodiments. Since the principle of solving the problem of the system embodiment is similar to that of the method embodiment, the implementation of the system embodiment can be referred to the implementation of the method embodiment, and the repetition is omitted.
Fig. 5 shows a schematic diagram of a 4G communication system architecture in an embodiment of the disclosure, where, as shown in fig. 5, the 4G communication system includes: a subscriber identity card 501, a mobile device 502, an MME network element 503 and an HSS network element 504;
wherein, the user identification card 501 is configured with GBA capability information supported by itself; the mobile device 502 sends a GBA capability information inquiry instruction to the subscriber identity card 501, and receives GBA capability information returned by the subscriber identity card 501, so as to send a network attach request message carrying GBA capability information to the MME network element 503, where the GBA capability information inquiry instruction is used for inquiring GBA capability information supported by the subscriber identity card; the MME network element 503 returns a network attach response message to the mobile device 502, and sends a location update request message carrying GBA capability information to the HSS network element 504; the HSS network element 504 returns a location update response message to the MME network element and configures GUSS parameter information for the subscriber identity card according to the GBA capability information.
Based on the same inventive concept, a 5G communication system is also provided in the embodiments of the present disclosure, as described in the following embodiments. Since the principle of solving the problem of the system embodiment is similar to that of the method embodiment, the implementation of the system embodiment can be referred to the implementation of the method embodiment, and the repetition is omitted.
Fig. 6 shows a schematic diagram of a 5G communication system architecture according to an embodiment of the disclosure, where, as shown in fig. 6, the 5G communication system includes: a subscriber identity card 601, a mobile device 602, an AMF network element 603 and a UDM network element 604.
Wherein, the GBA capability information supported by the user identification card 601 is configured in the user identification card; the mobile device 602 sends a GBA capability information query instruction to the subscriber identity card 601, and receives GBA capability information returned by the subscriber identity card 601, so as to send a network registration message carrying GBA capability information to the AMF network element 603, where the GBA capability information query instruction is used to query GBA capability information supported by the subscriber identity card; the AMF network element 603 returns a network registration response message to the mobile device 602, and sends a terminal context registration request message carrying GBA capability information to the UDM network element 604; the UDM network element 604 returns a terminal context registration response message to the AMF network element 603, and configures GUSS parameter information for the subscriber identity card 601 according to the GBA capability information.
As can be seen from the foregoing, in the subscriber identity module card capability information reporting scheme provided in the embodiments of the present disclosure, when a terminal is registered in a 4G/5G network, a terminal ME interacts with a SIM/USIM card to obtain GBA capability of the SIM/USIM card (i.e., whether gba_u is supported), and reports the capability to an HSS/UDM network element through a 4G/5G network registration message, so as to satisfy that an operator correctly configures GBA capability parameters in GUSS parameter information for the terminal in the HSS/UDM network element, thereby ensuring that the operator successfully opens GBA capability to third party applications. The Subscriber Identity Module (SIM) capability information reporting scheme provided by the embodiment of the disclosure can be used for, but is not limited to, mobile television (MBMS), secure location Service (SUPL), internet of things application access and other services.
In the reporting scheme of the subscriber identity module card Capability information provided in the embodiment of the present disclosure, when implementing, it is required to add a parameter uicc_gba_capability of whether to support gba_u Capability in a factory configuration file of a subscriber identity module card (SIM/USIM card), if the SIM/USIM card supports gba_u, the parameter uicc_gba_capability is set to a first preset value, where the first preset value may be "2"; if the SIM/USIM card does not support GBA_U, the parameter UICC_GBA_Capacity is set to a second preset value, which may be "1".
An APDU instruction interface for inquiring GBA capability information is added between the ME of the terminal and the SIM/USIM card; and the ME of the terminal sends an APDU instruction for inquiring the GBA Capability to the SIM/USIM card through the machine card interface, and the SIM/USIM card acquires the parameter UICC_GBA_capability in the factory configuration file and returns the parameter UICC_GBA_capability to the ME of the terminal. The flow of network registration of the terminal in the 4G/5G network state is respectively as follows:
1. the terminal carries out the flow of network registration in the 4G network state:
1) The terminal sends a network attachment request (attach request) request message to the MME network element, wherein the network attachment request (attach request) request message carries GBA Capability information (parameter UICC_GBA_capability) of a subscriber identity card (SIM/USIM card);
2) The MME network element returns a network attachment request response (attach accept) message to the terminal;
3) The MME network element sends a location update request (update location request) message to the HSS network element, wherein the location update request (update location request) message carries GBA Capability information (parameter UICC_GBA_capability) of a subscriber identity card (SIM/USIM card);
4) The HSS network element stores GBA Capability information (parameter UICC_GBA_capability) of a subscriber identity card (SIM/USIM card) and establishes a mapping relation between a terminal identifier IMS and the subscriber identity card GBA Capability (UICC_GBA_capability) information;
5) The HSS network element sends a position update response (update location ack) message to the MME network element;
6) The HSS network element configures corresponding GUSS parameter information for the terminal based on GBA Capability information (parameter uicc_gba_capability) of a terminal subscriber identity card (SIM/USIM card).
2. The terminal carries out the flow of network registration in the 5G network state:
1) The terminal sends a network registration request (registration request) message to the AMF network element, wherein the network registration request (registration request) message carries GBA Capability information (parameter UICC_GBA_capability) of a subscriber identity card (SIM/USIM card);
2) The AMF network element sends a terminal context registration request (Nudm_UECM_ registration request) message to the UDM network element, wherein the terminal context registration request (Nudm_UECM_ registration request) message carries GBA Capability information (parameter UICC_GBA_capability) of a subscriber identity card (SIM/USIM card);
3) The UDM network element stores GBA Capability information (parameter UICC_GBA_capability) of a received subscriber identity card (SIM/USIM card), and establishes a mapping relation between a terminal identifier SUPI and the subscriber identity card GBA Capability (UICC_GBA_capability) information;
4) The UDM network element sends a terminal context registration response (Nudm_UECM_registration ack) message to the AMF network element;
5) The AMF network element sends a network registration response message (i.e., registration accept response message) to the terminal;
6) The UDM network element configures corresponding GUSS parameter information for the terminal based on GBA Capability information (parameter uicc_gba_capability) of a terminal subscriber identity card (SIM/USIM card).
Those skilled in the art will appreciate that the various aspects of the present disclosure may be implemented as a system, method, or program product. Accordingly, various aspects of the disclosure may be embodied in the following forms, namely: an entirely hardware embodiment, an entirely software embodiment (including firmware, micro-code, etc.) or an embodiment combining hardware and software aspects may be referred to herein as a "circuit," module "or" system.
An electronic device 700 according to such an embodiment of the present disclosure is described below with reference to fig. 7. The electronic device 700 shown in fig. 7 is merely an example and should not be construed to limit the functionality and scope of use of embodiments of the present disclosure in any way.
As shown in fig. 7, the electronic device 700 is embodied in the form of a general purpose computing device. Components of electronic device 700 may include, but are not limited to: the at least one processing unit 710, the at least one memory unit 720, and a bus 730 connecting the different system components, including the memory unit 720 and the processing unit 710.
Wherein the storage unit stores program code that is executable by the processing unit 710 such that the processing unit 710 performs steps according to various exemplary embodiments of the present disclosure described in the above-described "exemplary methods" section of the present specification. For example, the processing unit 710 may perform the following steps of the method embodiment described above: transmitting a GBA capability information inquiry instruction of the universal guide architecture to the user identification card, wherein the GBA capability information inquiry instruction is used for inquiring GBA capability information supported by the user identification card; receiving GBA capability information returned by the user identification card; and sending a network registration request message carrying GBA capability information to the network side equipment.
In some embodiments, when the electronic device 700 is a 4G terminal, the processing unit 710 may perform the following steps of the method embodiments described above: the method comprises the steps of sending a network attachment request message carrying GBA capability information to a Mobility Management Entity (MME) network element, so that the MME network element carries the GBA capability information in a position update request message sent to a Home Subscriber Server (HSS) network element, wherein the HSS network element is also used for configuring GUSS parameter information for a subscriber identity module card according to the GBA capability information.
In other embodiments, when the electronic device 700 is a 5G terminal, the processing unit 710 may perform the following steps of the method embodiments described above: and sending a network registration message carrying GBA capability information to an access and mobility management function (AMF) network element, so that the AMF network element carries the GBA capability information in a terminal context registration request message sent to a Unified Data Management (UDM) network element, wherein the UDM network element is also used for configuring GUSS parameter information for a user identification card according to the GBA capability information.
The memory unit 720 may include readable media in the form of volatile memory units, such as Random Access Memory (RAM) 7201 and/or cache memory 7202, and may further include Read Only Memory (ROM) 7203.
The storage unit 720 may also include a program/utility 7204 having a set (at least one) of program modules 7205, such program modules 7205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment.
Bus 730 may be a bus representing one or more of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 700 may also communicate with one or more external devices 740 (e.g., keyboard, pointing device, bluetooth device, etc.), one or more devices that enable a user to interact with the electronic device 700, and/or any device (e.g., router, modem, etc.) that enables the electronic device 700 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 750. Also, electronic device 700 may communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN) and/or a public network, such as the Internet, through network adapter 760. As shown, network adapter 760 communicates with other modules of electronic device 700 over bus 730. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with electronic device 700, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
From the above description of embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or may be implemented in software in combination with the necessary hardware. Thus, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, including several instructions to cause a computing device (may be a personal computer, a server, a terminal device, or a network device, etc.) to perform the method according to the embodiments of the present disclosure.
In particular, according to embodiments of the present disclosure, the process described above with reference to the flowcharts may be implemented as a computer program product comprising: and the computer program is executed by the processor to realize the method for reporting the capability information of the user identification card.
In an exemplary embodiment of the present disclosure, a computer-readable storage medium, which may be a readable signal medium or a readable storage medium, is also provided. Fig. 8 illustrates a schematic diagram of a computer-readable storage medium in an embodiment of the present disclosure, where a program product capable of implementing the method of the present disclosure is stored on the computer-readable storage medium 800 as illustrated in fig. 8. In some possible implementations, various aspects of the disclosure may also be implemented in the form of a program product comprising program code for causing a terminal device to carry out the steps according to the various exemplary embodiments of the disclosure as described in the "exemplary methods" section of this specification, when the program product is run on the terminal device.
More specific examples of the computer readable storage medium in the present disclosure may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
In this disclosure, a computer readable storage medium may include a data signal propagated in baseband or as part of a carrier wave, with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Alternatively, the program code embodied on a computer readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
In particular implementations, the program code for carrying out operations of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
It should be noted that although in the above detailed description several modules or units of a device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit in accordance with embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into a plurality of modules or units to be embodied.
Furthermore, although the steps of the methods in the present disclosure are depicted in a particular order in the drawings, this does not require or imply that the steps must be performed in that particular order or that all illustrated steps be performed in order to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step to perform, and/or one step decomposed into multiple steps to perform, etc.
From the description of the above embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or may be implemented in software in combination with the necessary hardware. Thus, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, including several instructions to cause a computing device (may be a personal computer, a server, a mobile terminal, or a network device, etc.) to perform the method according to the embodiments of the present disclosure.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This disclosure is intended to cover any adaptations, uses, or adaptations of the disclosure following the general principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
Claims (10)
1. The method for reporting the capability information of the user identification card is characterized by comprising the following steps of:
transmitting a GBA capability information inquiry instruction of a general guide architecture to a user identification card, wherein the GBA capability information inquiry instruction is used for inquiring GBA capability information supported by the user identification card;
receiving GBA capability information returned by the user identification card;
sending a network registration request message carrying the GBA capability information to network side equipment;
the GBA capability information is used for configuring the GUSS parameter information for the user identification card by the network side equipment, and the GUSS parameter information is used for negotiating and determining a generation mode of a shared secret key with a BSF network element by a terminal with the built-in user identification card in the GBA authentication and authorization process.
2. The subscriber identity module capability information reporting method according to claim 1, wherein the network registration request message is a message requesting registration to a 4G network;
the sending the network registration request message carrying the GBA capability information to the network side equipment comprises the following steps: and sending a network attachment request message carrying the GBA capability information to a Mobility Management Entity (MME) network element, so that the GBA capability information is carried in a position update request message sent by the MME network element to a Home Subscriber Server (HSS) network element, wherein the HSS network element is also used for configuring GUSS parameter information for the subscriber identity module card according to the GBA capability information.
3. The subscriber identity module capability information reporting method according to claim 1, wherein the network registration request message is a message requesting registration to a 5G network;
the sending the network registration request message carrying the GBA capability information to the network side equipment comprises the following steps: and sending a network registration message carrying the GBA capability information to an access and mobility management function (AMF) network element, so that the GBA capability information is carried in a terminal context registration request message sent by the AMF network element to a Unified Data Management (UDM) network element, wherein the UDM network element is further used for configuring GUSS parameter information for the user identification card according to the GBA capability information.
4. A method for reporting capability information of a subscriber identity module card according to any one of claims 1 to 3, wherein the GBA capability information query instruction is an APDU instruction for querying GBA capability information supported by the subscriber identity module card.
5. The utility model provides a subscriber identity module card ability information reporting device which characterized in that includes:
the GBA capability information inquiry module is used for sending a GBA capability information inquiry instruction of a general guide framework to the user identification card, wherein the GBA capability information inquiry instruction is used for inquiring GBA capability information supported by the user identification card;
the GBA capability information acquisition module is used for receiving GBA capability information returned by the user identification card;
the GBA capability information reporting module is used for sending a network registration request message carrying the GBA capability information to the network side equipment;
the GBA capability information is used for configuring the GUSS parameter information for the user identification card by the network side equipment, and the GUSS parameter information is used for negotiating and determining a generation mode of a shared secret key with a BSF network element by a terminal with the built-in user identification card in the GBA authentication and authorization process.
6. A terminal, comprising: a user identification card and a mobile device;
The user identification card is configured with GBA capability information supported by the user identification card;
the mobile device is used for sending a GBA capability information inquiry instruction to the user identification card, receiving GBA capability information returned by the user identification card, and sending a network registration request message carrying the GBA capability information to network side equipment, wherein the GBA capability information inquiry instruction is used for inquiring GBA capability information supported by the user identification card;
the GBA capability information is used for configuring the GUSS parameter information for the user identification card by the network side equipment, and the GUSS parameter information is used for negotiating and determining a generation mode of a shared secret key with a BSF network element by a terminal with the built-in user identification card in the GBA authentication and authorization process.
7. A communication system, comprising: the system comprises a user identification card, mobile equipment, an MME network element and an HSS network element;
the user identification card is configured with GBA capability information supported by the user identification card;
the mobile device is configured to send a GBA capability information query instruction to the subscriber identity module card, and receive GBA capability information returned by the subscriber identity module card, so as to send a network attach request message carrying the GBA capability information to an MME network element, where the GBA capability information query instruction is used to query GBA capability information supported by the subscriber identity module card;
The MME network element is used for sending a position update request message carrying the GBA capability information to the HSS network element;
the HSS network element is used for configuring the GUSS parameter information for the user identification card according to the GBA capability information;
the GUSS parameter information is used for negotiating and determining a generation mode of a shared key with a BSF network element by a terminal with the built-in user identification card in the GBA authentication process.
8. A communication system, comprising: the system comprises a user identification card, mobile equipment, an AMF network element and a UDM network element;
the user identification card is configured with GBA capability information supported by the user identification card;
the mobile device is configured to send a GBA capability information query instruction to the subscriber identity module card, and receive GBA capability information returned by the subscriber identity module card, so as to send a network attach request message carrying the GBA capability information to an AMF network element, where the GBA capability information query instruction is used to query GBA capability information supported by the subscriber identity module card;
the AMF network element is used for sending a terminal context registration request message carrying the GBA capability information to the UDM network element;
the UDM network element is used for configuring GUSS parameter information for the user identification card according to the GBA capability information;
The GUSS parameter information is used for negotiating and determining a generation mode of a shared key with a BSF network element by a terminal with the built-in user identification card in the GBA authentication process.
9. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the subscriber identity card capability information reporting method of any of claims 1 to 4 via execution of the executable instructions.
10. A computer readable storage medium having stored thereon a computer program, wherein the computer program when executed by a processor implements the subscriber identity card capability information reporting method of any of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310788593.1A CN116506842B (en) | 2023-06-30 | 2023-06-30 | Method, terminal, system and related equipment for reporting capability information of user identification card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310788593.1A CN116506842B (en) | 2023-06-30 | 2023-06-30 | Method, terminal, system and related equipment for reporting capability information of user identification card |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116506842A CN116506842A (en) | 2023-07-28 |
| CN116506842B true CN116506842B (en) | 2023-10-03 |
Family
ID=87320634
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310788593.1A Active CN116506842B (en) | 2023-06-30 | 2023-06-30 | Method, terminal, system and related equipment for reporting capability information of user identification card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116506842B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102413464A (en) * | 2011-11-24 | 2012-04-11 | 杭州东信北邮信息技术有限公司 | GBA (General Bootstrapping Architecture)-based secret key negotiation system and method of telecommunication capability open platform |
| CN103118365A (en) * | 2013-01-21 | 2013-05-22 | 东莞宇龙通信科技有限公司 | Achieving method of one card with multiple networks and multimode communication terminal |
| CN113543127A (en) * | 2020-03-31 | 2021-10-22 | 大唐移动通信设备有限公司 | Key generation method, device, equipment and computer readable storage medium |
| WO2022147803A1 (en) * | 2021-01-08 | 2022-07-14 | 华为技术有限公司 | Secure communication method and device |
| CN116108458A (en) * | 2021-11-10 | 2023-05-12 | 中国移动通信有限公司研究院 | Key generation method, device, terminal equipment and server |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3466012B1 (en) * | 2016-05-26 | 2024-04-10 | Telefonaktiebolaget LM Ericsson (PUBL) | Network application function registration |
-
2023
- 2023-06-30 CN CN202310788593.1A patent/CN116506842B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102413464A (en) * | 2011-11-24 | 2012-04-11 | 杭州东信北邮信息技术有限公司 | GBA (General Bootstrapping Architecture)-based secret key negotiation system and method of telecommunication capability open platform |
| CN103118365A (en) * | 2013-01-21 | 2013-05-22 | 东莞宇龙通信科技有限公司 | Achieving method of one card with multiple networks and multimode communication terminal |
| CN113543127A (en) * | 2020-03-31 | 2021-10-22 | 大唐移动通信设备有限公司 | Key generation method, device, equipment and computer readable storage medium |
| WO2022147803A1 (en) * | 2021-01-08 | 2022-07-14 | 华为技术有限公司 | Secure communication method and device |
| CN116108458A (en) * | 2021-11-10 | 2023-05-12 | 中国移动通信有限公司研究院 | Key generation method, device, terminal equipment and server |
Non-Patent Citations (1)
| Title |
|---|
| "Security capability negotiation in GBA";ZTE CORPORATION;《3GPP TSG SA WG3 Security - S3#37, Tdoc S3-050021》;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116506842A (en) | 2023-07-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11272365B2 (en) | Network authentication method, and related device and system | |
| US11296877B2 (en) | Discovery method and apparatus based on service-based architecture | |
| CN110881184B (en) | Communication method and device | |
| CN107660346B (en) | Method and apparatus for downloading profile in wireless communication system | |
| CN110035037B (en) | Security authentication method, related equipment and system | |
| CN111630882B (en) | User equipment, authentication server, medium, and method and system for determining key | |
| US20230422032A1 (en) | Session request method and apparatus, terminal, and storage medium | |
| CN110366159B (en) | Method and equipment for acquiring security policy | |
| KR20180093333A (en) | Apparatus and Methods for Access Control on eSIM | |
| WO2021093170A1 (en) | Methods and devices for establishing secure communication for applications | |
| EP4271015A1 (en) | Registration method and apparatus, authentication method and apparatus, routing indicator determining method and apparatus, entity, and terminal | |
| CN114222298A (en) | Terminal access method, device, network equipment, terminal and medium | |
| KR20220138632A (en) | Method and apparatus to configure user equipment (UE) temporary external identifier in wireless communication system | |
| CN111654861B (en) | Authentication method, authentication device, authentication equipment and computer readable storage medium | |
| JP7416984B2 (en) | Service acquisition method, device, communication device and readable storage medium | |
| KR20190117302A (en) | APPRATUS AND METHOD FOR NEGOTIATING eUICC VERSION | |
| CN116506842B (en) | Method, terminal, system and related equipment for reporting capability information of user identification card | |
| US20090136043A1 (en) | Method and apparatus for performing key management and key distribution in wireless networks | |
| WO2022166746A1 (en) | Subscription configuration information method, communication apparatus, chip, and module device | |
| CN113709732A (en) | Network access method, user equipment, network entity and storage medium | |
| CN111404867A (en) | Processing method and device based on session key, related equipment and storage medium | |
| CN117528512A (en) | Communication authentication method and related equipment | |
| CN117528513A (en) | Communication authentication method and related equipment | |
| CN117835168A (en) | Multicast communication method, communication system and related equipment of virtual network group | |
| CN117768893A (en) | Communication network security authentication method, device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |