WO2009129703A1 - Method and device for registering at universal service interface system - Google Patents

Method and device for registering at universal service interface system Download PDF

Info

Publication number
WO2009129703A1
WO2009129703A1 PCT/CN2009/070345 CN2009070345W WO2009129703A1 WO 2009129703 A1 WO2009129703 A1 WO 2009129703A1 CN 2009070345 W CN2009070345 W CN 2009070345W WO 2009129703 A1 WO2009129703 A1 WO 2009129703A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
usi
authentication
message
service interface
Prior art date
Application number
PCT/CN2009/070345
Other languages
French (fr)
Chinese (zh)
Inventor
何贤会
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2009129703A1 publication Critical patent/WO2009129703A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • the present invention belongs to the field of communication technologies, and in particular, to a method and device for registering a general service interface system.
  • WiMAX Worldwide Interoperability for Microwave Access
  • the WiMAX network is mainly composed of two parts, namely, the Access Service Network (ASN) and the Connectivity Service Network (CSN).
  • ASN mainly provides corresponding wireless access and control for WiMAX users.
  • ASN includes logical entities such as base station (BS) and access service network gateway (ASN Gateway, ASN GW);
  • CSN is WiMAX core network, which is WiMAX.
  • the user provides an IP connection service
  • the CSN includes a router, an AAA (authentication, authorization, and accounting) proxy or a server, a user database, an Internet gateway device, and the like.
  • the ASN can select different CSNs to provide services for users according to user requirements.
  • the service of the WiMAX network is open to third-party application interfaces in the network or outside the network, that is, USI (Universal Service Interface).
  • Figure 1 shows the network architecture of the USI system in the WiMAX network.
  • the WiMAX network can provide the service interface to the Application Service Provider (ASP)/Internet Application Service Provider (IIS) through the USI system. ).
  • ASP Application Service Provider
  • IIS Internet Application Service Provider
  • the ASP network or the Internet can be applied to businesses open to WiMAX access users.
  • the service capabilities that WiMAX networks open through the USI system include Quality of Service (QoS), location services, multicast broadcast services, user information queries, and user authentication.
  • QoS Quality of Service
  • location services multicast broadcast services
  • multicast broadcast services multicast broadcast services
  • user information queries user authentication.
  • the terminal wants to use the USI function and needs to go to the general service interface system (ie USI system).
  • USI system general service interface system
  • the registration of the USI is initiated by the AAA server in the CSN to initiate the USI registration after the network is accessed, or the application server of the ASP initiates the USI registration instead of the terminal after interacting with the terminal.
  • the process of initiating the USI registration by the AAA server instead of the terminal in the prior art mainly includes the following steps:
  • Step 201 After the initial network access of the terminal is completed, the ASN starts the charging start (Accounting-
  • Step 202 The AAA server sends a USI registration request to the USI system, where the registration request includes the user identifier of the terminal user.
  • Step 203 After receiving the USI registration request sent by the AAA server, the USI system registers the user identifier in the registration request message with the USI system, and sends a USI registration confirmation message to the AAA server.
  • Step 204 The terminal sends a USI ID request message to the USI system to request a temporarily used USI ID.
  • Step 205 The USI system allocates a temporary USI ID to the terminal, and sends the temporary USI ID to the terminal by using a USI ID response message.
  • the network side replaces the terminal for USI registration regardless of whether the USI system needs to be used after the terminal accesses the network. In the actual situation, some terminals may not need to use the USI system or need to use the USI system immediately after accessing the network.
  • the registration method provided by the above prior art may cause unnecessary processing on the network side and waste network resources.
  • Embodiments of the present invention provide a method and device for registering a general service interface system to solve In the prior art, the USI registration cannot be performed according to the requirements of the terminal, which causes a problem of waste of network resources.
  • Embodiments of the present invention provide a method for registering a general service interface system, the method comprising the following steps:
  • the terminal After receiving the general service interface USI registration request message from the terminal, the terminal is authenticated;
  • An embodiment of the present invention also provides a terminal, the terminal comprising:
  • a registration request unit configured to send a general service interface USI registration request message to the universal service interface device
  • An embodiment of the present invention further provides a general service interface device, where the device includes: a registration receiving unit, configured to receive a universal service interface USI registration request message from the terminal; and an authentication unit, configured to receive at the registration receiving unit After the USI registration request message of the terminal, the terminal is authenticated;
  • a sending unit configured to send a USI registration response message to the terminal after the authentication unit passes the authentication of the terminal.
  • 1 is a network structure including a USI in a WiMAX network in the prior art
  • FIG. 2 is a schematic flowchart of a USI registration process performed by an AAA server instead of a terminal in the prior art
  • FIG. 3 is a schematic flowchart of a first embodiment of a USI system registration method according to the present invention
  • FIG. 4 is a schematic flowchart of a second embodiment of a USI system registration method according to the present invention.
  • FIG. 5 is a schematic flowchart of a third embodiment of a USI system registration method according to the present invention.
  • FIG. 6 is a schematic diagram of a first structure of a system for performing USI registration according to an embodiment of the present invention
  • FIG. 7 is a schematic diagram of a first structure of an authentication unit in a USI device according to an embodiment of the present invention.
  • FIG. 8 is a schematic diagram of a second structure of an authentication unit in a USI device according to an embodiment of the present invention.
  • FIG. 9 is a schematic diagram of a second structure of a system for performing USI registration according to an embodiment of the present invention. detailed description
  • the embodiment of the present invention provides a solution for registering a general service interface USI.
  • the terminal can initiate the USI registration when the USI needs to be used, thereby solving the problem that the network side blindly replaces the terminal to register in the prior art. The problem of wasting resources.
  • Step 301 The terminal sends a USI registration request message to the USI system, where the USI registration request message carries the USI ID signed by the terminal;
  • the USI registration request message is sent to the USI system when the USI function is required.
  • the USI registration request message includes the USI ID of the terminal subscription.
  • the USI ID of the terminal subscription may be the user name of the terminal contracted USI system, or the terminal device identifier, or the WiMAX user ID or the IP address of the terminal.
  • Step 302 After receiving the USI registration request message from the terminal, the USI system authenticates the terminal according to the USI ID signed by the terminal in the USI registration request message.
  • the USI system After receiving the USI registration request message from the terminal, the USI system can authenticate the terminal according to the USI ID signed by the terminal in the USI registration request message.
  • Step 303 After the terminal authentication is completed, the USI system sends a USI registration response message to the terminal.
  • the USI registration response message sent to the terminal is a USI registration success message. If the USI system fails to authenticate the terminal, the USI registration response message sent by the USI system to the terminal is USI registration. Reject the message.
  • the USI system sends a USI registration success message to the terminal.
  • the USI registration success message may include a temporary USI ID assigned by the USI system to the terminal.
  • the temporary USI ID may also be sent to the terminal without using the USI registration success message, but is sent to the terminal through a separate message, such as the USI ID distribution message, after step 303.
  • the terminal obtains the USI registration success message or the USI ID distribution message from the USI system.
  • the terminal may use the temporary USI ID instead of the USI ID signed by the terminal.
  • the temporary USI ID can prevent the USI ID signed by the terminal from being maliciously stolen by others, so that the information interaction between the terminal and the network side becomes more secure.
  • the temporary USI ID can also be set to a valid time.
  • the terminal can use the temporary USI ID to interact with the network side.
  • the USI system can be new.
  • a temporary USI ID is assigned to the terminal, for example, the newly assigned temporary USI ID is sent to the terminal through the USI ID update message.
  • the terminal can initiate the USI registration when the USI needs to be used, thereby avoiding the problem that the terminal is blindly registered by the network side instead of the terminal during the network access process, thereby saving network resources. And by using the temporary USI ID, the information interaction between the terminal and the USI system can be made more secure.
  • the USI system can authenticate the terminal in two ways. One is to authenticate the terminal through information interaction between the USI system and the AAA server, and the other is between the USI system and the terminal.
  • the information exchange authenticates the terminal, and the two methods will be described below through a more detailed embodiment.
  • FIG. 4 is a flowchart of a second embodiment of the method according to the present invention.
  • the USI system can authenticate the terminal by interacting with the AAA server.
  • the method in this embodiment includes the following steps. :
  • Step 401 The terminal sends a USI registration request message to the USI system.
  • the USI registration request message is sent to the USI system.
  • the USI registration request message includes the USI ID of the terminal subscription.
  • the USI ID of the terminal subscription may be the user name of the terminal contracted USI system, or the terminal device identifier, or the WiMAX user ID or the IP address of the terminal.
  • Step 402 After receiving the USI registration request message of the terminal, the USI system sends an authentication request message to the AAA server to request authentication of the terminal.
  • the USI system obtains the USI ID of the terminal in the USI registration request message from the USI registration request message, and carries the USI ID signed by the terminal in the authentication request message to the AAA server.
  • Step 403 After receiving the authentication request message sent by the USI system, the AAA server authenticates the terminal, and sends an authentication response message to the USI system after the authentication is completed.
  • the AAA server stores the subscription information registered at the time of opening the account or after the account is opened.
  • the subscription information includes the USI ID signed by the terminal, the password of the terminal, and the like.
  • the AAA server determines whether the USI ID signed by the terminal in the authentication request message is the saved USI ID, and whether the terminal has subscribed to the USI service. If the USI ID of the terminal is the saved USI ID and the USI has been signed.
  • the authentication response message sent by the AAA server to the USI system is the authentication pass message. If the USI ID of the terminal is not the saved USI ID or the terminal does not subscribe to the USI service, the authentication response message sent by the AAA server to the USI system is the authentication failure. Message.
  • Step 404 After receiving the authentication response message sent by the AAA server, the USI system sends a USI registration response message to the terminal.
  • step 404 if the USI system receives the authentication response message sent by the AAA server as the authentication pass message, the USI registration response message sent by the USI system to the terminal is a USI registration success message; if the USI system receives the authentication response sent by the AAA server The message is an authentication failure message, and the USI registration response message sent by the USI system to the terminal is a USI registration rejection message.
  • the USI registration success message sent by the USI system to the terminal may include a temporary USI ID assigned by the USI system to the terminal.
  • the temporary USI ID may also be sent to the terminal without using the USI registration success message, but is sent to the terminal through a separate message, such as the USI ID distribution message, after step 404.
  • the terminal obtains the temporary USI ID after receiving the USI registration success message or the USI ID distribution message from the USI system.
  • the terminal may use the temporary USI ID instead of the USI ID signed by the terminal.
  • the temporary USI ID can prevent the USI ID signed by the terminal from being maliciously stolen by others, so that the information interaction between the terminal and the network side becomes more Safety.
  • the temporary USI ID can also be set to a valid time.
  • the terminal can use the temporary USI ID to interact with the network side.
  • the USI system can be new.
  • a temporary USI ID is assigned to the terminal, for example, the newly assigned temporary USI ID is sent to the terminal through the USI ID update message.
  • the terminal can initiate the USI registration when the USI needs to be used, thereby avoiding the fact that even if the terminal does not need to use the USI function, the terminal will register instead of the terminal, resulting in the network.
  • the AAA server in the existing network can be used to authenticate the terminal, so that the functional requirements of the USI system are relatively simple.
  • the second embodiment of the method of the present invention is to authenticate the terminal by using the AAA server in the existing network.
  • the authentication may be added to the USI system instead of the AAA server. Function to authenticate the terminal.
  • FIG. 5 a flowchart of a third embodiment of the method of the present invention is shown.
  • a user authentication function is added to the USI system, and the USI system can authenticate the terminal by interacting with the terminal.
  • the method of this embodiment includes the following steps:
  • Step 501 The terminal sends a USI registration request message to the USI system.
  • the USI registration request message is sent to the USI system.
  • the USI registration request message includes the USI ID of the terminal subscription.
  • the USI ID of the terminal subscription may be the user name of the terminal contracted USI system, or the terminal device identifier, or the WiMAX user ID or the IP address of the terminal.
  • Step 502 After receiving the USI registration request message sent by the terminal, the USI system sends a challenge request message to the terminal.
  • the USI system After receiving the USI registration request message sent by the terminal, the USI system checks whether the USI ID signed by the terminal is the saved USI ID, and whether the terminal subscribes to the contracted USI service. If the USI ID of the terminal is the saved USI ID and Signing up for the USI business, the USI system generates quality The value column is queried (for example, a random sequence is generated as a challenge value column), and the challenge value column is sent to the terminal through a challenge request message.
  • Step 503 After receiving the challenge request message, the terminal sends a challenge response message to the USI system. After receiving the challenge request message from the USI system, the terminal selects the challenge value in the challenge request message and the USI key of the terminal according to the specific The algorithm generates a response value column and sends it to the USI system via a challenge response message.
  • Step 504 After receiving the challenge response message, the USI system sends a USI registration response message to the end.
  • the USI system After receiving the challenge response message, the USI system verifies the response value column in the challenge response message, for example, comparing whether the response value column in the challenge response message sent by the terminal matches the challenge value column generated by the USI system itself, if it matches, If the verification succeeds, the USI registration response message sent by the USI system to the terminal is the USI registration success message; if it does not match, the verification fails, and the USI registration response message sent by the USI system to the terminal is a USI registration rejection message.
  • the USI registration success message sent by the USI system to the terminal may include a temporary USI ID assigned by the USI system to the terminal.
  • the temporary USI ID may also be sent to the terminal without the USI registration success message, but sent to the terminal through a separate message, such as the USI ID distribution message, after step 504.
  • the terminal After receiving the USI registration success message or the USI ID distribution message from the USI system, the terminal obtains the temporary USI ID. In the subsequent interaction with the USI subsystem, the terminal can use the temporary USI ID instead of the USI ID signed by the terminal.
  • the temporary USI ID can prevent the USI ID of the terminal from being maliciously stolen by others, making the information interaction between the terminal and the network side more secure.
  • the temporary USI ID can be set to a valid time.
  • the terminal can use the temporary USI ID to interact with the network.
  • the USI system can be newly allocated.
  • a temporary USI ID is sent to the terminal, for example, by sending a newly assigned temporary USI ID to the terminal through the USI ID update message.
  • An embodiment of the present invention further provides a system for performing USI registration.
  • the system includes a terminal 60 and a general service interface device 61.
  • the terminal 60 mainly includes the following modules:
  • the registration request unit 601 is configured to send a USI registration request message to the universal service interface device 61;
  • the receiving unit 602 is configured to receive a USI registration response message from the universal service interface device 61.
  • the USI system when the USI system sends a registration response message to the terminal, it may carry the temporary USI ID assigned by the USI system to the terminal, and may not carry this.
  • the temporary USI ID is sent to the terminal by using a USI ID distribution message. Therefore, the receiving unit 602 in the terminal 60 may specifically include: a first receiving unit 6021: for receiving the USI registration from the universal service interface device 61. Response message
  • the second receiving unit 6022 is configured to receive a USI ID distribution message sent by the universal service interface device 61, where the USI ID distribution message includes a temporary USI ID allocated by the universal service interface device 61 for the terminal.
  • the functions of the above USI system can be implemented by the universal service interface device 61.
  • the universal service interface device 61 includes:
  • a registration receiving unit 611 configured to receive a USI registration request message from the terminal
  • the authentication unit 612 is configured to: after the registration receiving unit 611 receives the USI registration request message of the terminal, perform authentication on the terminal;
  • the sending unit 613 is configured to send a USI registration response message to the terminal after the authentication unit 612 completes the terminal authentication.
  • the USI system in the universal service interface device 61 when the USI system in the universal service interface device 61 sends a registration response to the terminal, it may carry the temporary USI ID assigned by the USI system to the terminal. It is also possible that the temporary USI ID is not carried, but the temporary USI ID is sent to the terminal through a USI ID distribution message. Therefore, the sending unit 613 of the universal service interface device 61 can further include:
  • the first sending unit 6131 is configured to send a USI registration response message to the terminal.
  • the second sending unit 6132 is configured to send a USI ID distribution message to the terminal, where the USI ID distribution message includes a temporary USI ID allocated by the universal service interface device 61 for the terminal.
  • the registration request unit 601 may send a USI registration request message to the registration receiving unit 611 in the universal service interface device 61.
  • the registration receiving unit 611 notifies the authentication unit 612 after receiving the USI registration request message.
  • the terminal 60 performs authentication, and if the authentication passes, the authentication unit 612 notifies the transmitting unit 613 to transmit the USI registration response message to the receiving unit 602 of the terminal 60.
  • the authentication unit 612 notifies the first sending unit 6131 to send the USI registration response message to the first receiving unit 6021 of the terminal 60 after the authentication is passed. And informing the second sending unit 6132 to send the USI ID distribution message to the second receiving unit 6022 of the terminal 60, where the USI ID distribution message includes the temporary USI ID allocated by the universal service interface device 61 for the terminal.
  • the universal service interface device 61 can perform authentication on the terminal in two ways, one is through the common service interface device 61 and the AAA server. The information exchanges the terminal for authentication, and the other is to perform the terminal interaction between the USI system and the terminal in the universal service interface device 61. Certification.
  • the authentication unit 612 of the universal service interface device 61 may specifically include:
  • the first authentication requesting unit 61201 is configured to send an authentication request message to the AAA server after the registration receiving unit 611 receives the USI registration request message of the terminal, requesting authentication of the terminal; and the first authentication receiving unit 61202 is configured to be used in the AAA server. After the authentication is passed, the authentication response message from the AAA server is received.
  • the authentication unit 612 of the universal service interface device 61 may specifically include:
  • the second authentication request unit 61211 is configured to send a challenge request message to the terminal after the registration receiving unit 611 receives the USI registration request message of the terminal;
  • the second authentication receiving unit 61212 is configured to receive a challenge response message from the terminal.
  • the terminal 60 may further include an authentication response unit 603 for receiving the challenge request message from the universal service interface device 61.
  • the authentication response unit specifically includes:
  • a challenge receiving unit 6031 configured to receive a challenge request message from the universal service interface device 61;
  • the above challenge request message includes a USI system generated challenge value column.
  • the challenge response unit 6032 is configured to send a challenge response message to the universal service interface device 61.
  • the challenge response unit 6032 generates a response value column according to the challenge value column in the challenge request message and the USI key of the terminal according to a specific algorithm, and sends the response value column to the general service interface device 61 through the challenge response message.
  • the terminal uses and ends the general service interface device 61 when performing USI registration.
  • the method for authenticating the terminal 60 in the manner of information exchange between the terminals 60 is as follows:
  • the USI registration request message may be sent by the registration request unit 601 to the registration receiving in the universal service interface device 61.
  • the second authentication receiving unit 61212 notifies the first sending unit 6131 to send the USI registration after the response value column verification in the challenge response message is passed.
  • the response message is sent to the first receiving unit 6021 of the terminal 60, and the second sending unit 6132 is notified to send the USI ID distribution message to the second receiving unit 6022 of the terminal 60.
  • the USI ID distribution message includes the universal service interface device 61 for the terminal. Temporary USI ID.
  • the above-mentioned universal service interface device 61 may be a single board or a single device, or may be integrated as a function module in a network entity such as an AAA server or a PCRF (Policy Charging Rules Function) or an application server.
  • a network entity such as an AAA server or a PCRF (Policy Charging Rules Function) or an application server.
  • the terminal does not need to perform the USI registration by the network side blindly instead of the terminal after the network access, but the terminal initiates the USI registration when the USI needs to be used, thereby greatly saving network resources.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

A method for registering at a universal service interface system is provided, the method comprises the following steps: authenticating a terminal after receiving a universal service interface USI register request message from the terminal; after completing the authenticating, sending a USI register response message to the terminal. A universal service interface device is also provided, the device comprises: a register receiving unit, for receiving the universal service interface USI register request message from the terminal; an authenticating unit, for authenticating the terminal after receiving the USI register request message from the terminal by the register receiving unit; a sending unit, for sending the USI register response message to the terminal after the authenticating of the terminal is passed by the authenticating unit. Through the above method and device, the terminal can initiate a USI register when it is needed to use USI, thereby the network resource is saved.

Description

一种通用业务接口系统注册的方法与设备 本申请要求于 2008 年 04 月 21 日提交中国专利局、 申请号为 200810066671.2、 发明名称为 "一种通用业务接口系统注册的方法与设备" 的中国专利申请的优先权, 其全部内容通过引用结合在本申请中。  Method and device for registering general service interface system This application claims to be submitted to the Chinese Patent Office on April 21, 2008, application number 200810066671.2, and the Chinese patent entitled "Method and Equipment for Registering a General Service Interface System" Priority of the application, the entire contents of which are incorporated herein by reference.
技术领域 Technical field
本发明属于通信技术领域, 尤其涉及一种通用业务接口系统注册的方法 与设备。  The present invention belongs to the field of communication technologies, and in particular, to a method and device for registering a general service interface system.
背景技术 Background technique
WiMAX (Worldwide Interoperability for Microwave Access, 全球微波互 联接入) , 是一种基于 IEEE 802.16标准的无线城域网技术。 WiMAX网络 主要由两个部分组成, 即接入业务网 (Access Service Network, ASN) 和 连接业务网 ( Connectivity Service Network, CSN) 。 其中, ASN主要为 WiMAX用户提供相应的无线接入和控制, ASN包括基站 (Base Station, BS ) 和接入业务网网关 (ASN Gateway, ASN GW) 等逻辑实体; CSN是 WiMAX核心网, 为 WiMAX用户提供 IP连接服务, CSN包括由路由器、 AAA(authentication, authorization, and accounting, 认证授权禾口计费)代理或月艮 务器、 用户数据库、 Internet网关设备等。 ASN可以根据用户要求选择不同 的 CSN为用户提供服务。  WiMAX (Worldwide Interoperability for Microwave Access) is a wireless metropolitan area network technology based on the IEEE 802.16 standard. The WiMAX network is mainly composed of two parts, namely, the Access Service Network (ASN) and the Connectivity Service Network (CSN). Among them, ASN mainly provides corresponding wireless access and control for WiMAX users. ASN includes logical entities such as base station (BS) and access service network gateway (ASN Gateway, ASN GW); CSN is WiMAX core network, which is WiMAX. The user provides an IP connection service, and the CSN includes a router, an AAA (authentication, authorization, and accounting) proxy or a server, a user database, an Internet gateway device, and the like. The ASN can select different CSNs to provide services for users according to user requirements.
伴随着网络业务开放的要求, WiMAX 网络中也引入了一种可以将 With the opening of the network business, a WiMAX network has also introduced a
WiMAX 网络的业务开放给网内或网外的第三方应用接口, 即 USI (Universal Service Interface , 通用业务接口) 。 如图 1所示为 WiMAX网 络中包括 USI系统的网络架构, WiMAX网络可以通过 USI系统提供业务接 口给应用业务提供商 (Application Service Provider, ASP)/互联网应用业务提 供商 (internet Application Service Provider, iASP) 。 通过调用 USI提供的 业务能力, ASP 网络或互联网可以应用针对 WiMAX接入用户开放的业 务, 并且通过 ASP网络或互联网可以更加方便的为 WiMAX接入用户提供 个性化的服务。 WiMAX 网络通过 USI系统开放的业务能力包括服务质量 (Quality of Service, QoS) 、 位置服务、 多播广播业务、 用户信息查询、 用户鉴权等。 The service of the WiMAX network is open to third-party application interfaces in the network or outside the network, that is, USI (Universal Service Interface). Figure 1 shows the network architecture of the USI system in the WiMAX network. The WiMAX network can provide the service interface to the Application Service Provider (ASP)/Internet Application Service Provider (IIS) through the USI system. ). By calling the business capabilities provided by USI, the ASP network or the Internet can be applied to businesses open to WiMAX access users. And, through the ASP network or the Internet, it is more convenient to provide personalized services for WiMAX access users. The service capabilities that WiMAX networks open through the USI system include Quality of Service (QoS), location services, multicast broadcast services, user information queries, and user authentication.
终端欲使用 USI功能则需要到通用业务接口系统 (即 USI系统) 进行 The terminal wants to use the USI function and needs to go to the general service interface system (ie USI system).
USI注册, 现有技术中 USI的注册是由 CSN中的 AAA服务器在入网之后代 替终端发起 USI注册或由 ASP的应用服务器在与终端交互后代替终端发起 USI注册。 参见图 2所示, 现有技术中由 AAA服务器代替终端发起 USI注 册的流程主要包括以下歩骤: USI registration. In the prior art, the registration of the USI is initiated by the AAA server in the CSN to initiate the USI registration after the network is accessed, or the application server of the ASP initiates the USI registration instead of the terminal after interacting with the terminal. Referring to FIG. 2, the process of initiating the USI registration by the AAA server instead of the terminal in the prior art mainly includes the following steps:
歩骤 201 : ASN在终端初始入网完成后, 发送计费开始 (Accounting- Step 201: After the initial network access of the terminal is completed, the ASN starts the charging start (Accounting-
Start) 消息给 AAA服务器, 激活用户会话; Start) a message to the AAA server to activate the user session;
歩骤 202: AAA服务器向 USI系统发送 USI注册请求, 该注册请求中 包括终端用户的用户标识;  Step 202: The AAA server sends a USI registration request to the USI system, where the registration request includes the user identifier of the terminal user.
歩骤 203: USI系统收到 AAA服务器发送的 USI注册请求后, 将注册 请求消息中的用户标识注册到 USI系统中, 并向 AAA服务器发送 USI注册 确认消息;  Step 203: After receiving the USI registration request sent by the AAA server, the USI system registers the user identifier in the registration request message with the USI system, and sends a USI registration confirmation message to the AAA server.
歩骤 204: 终端向 USI系统发送 USI ID请求消息, 请求临时使用的 USI ID;  Step 204: The terminal sends a USI ID request message to the USI system to request a temporarily used USI ID.
歩骤 205: USI系统为终端分配临时 USI ID, 并通过 USI ID响应消息 将此临时 USI ID发送给终端。  Step 205: The USI system allocates a temporary USI ID to the terminal, and sends the temporary USI ID to the terminal by using a USI ID response message.
在上述现有技术中, 不管终端入网后是否需要使用 USI系统, 网络侧 都会代替终端进行 USI注册。 而在实际情况中, 某些终端入网后可能并不 需要使用 USI系统或不需要马上使用 USI系统, 那么上述现有技术提供的 注册方法就会造成网络侧一些不必要的处理, 浪费网络资源。  In the above prior art, the network side replaces the terminal for USI registration regardless of whether the USI system needs to be used after the terminal accesses the network. In the actual situation, some terminals may not need to use the USI system or need to use the USI system immediately after accessing the network. The registration method provided by the above prior art may cause unnecessary processing on the network side and waste network resources.
发明内容 Summary of the invention
本发明实施例提供了一种通用业务接口系统注册的方法与设备, 以解决 现有技术中不能根据终端的需求进行 USI注册, 导致网络资源浪费的问题。 本发明的实施例提供了一种通用业务接口系统注册的方法, 该方法包括 以下歩骤: Embodiments of the present invention provide a method and device for registering a general service interface system to solve In the prior art, the USI registration cannot be performed according to the requirements of the terminal, which causes a problem of waste of network resources. Embodiments of the present invention provide a method for registering a general service interface system, the method comprising the following steps:
收到来自终端的通用业务接口 USI注册请求消息后, 对所述终端进行认 证;  After receiving the general service interface USI registration request message from the terminal, the terminal is authenticated;
认证完成后, 向所述终端发送 USI注册响应消息。 本发明的实施例还提 供了一种终端, 该终端包括:  After the authentication is completed, the USI registration response message is sent to the terminal. An embodiment of the present invention also provides a terminal, the terminal comprising:
注册请求单元, 用于发送通用业务接口 USI注册请求消息给通用业务接 口设备;  a registration request unit, configured to send a general service interface USI registration request message to the universal service interface device;
接收单元, 用于接收来自所述通用业务接口设备的 USI注册响应消息。 本发明的实施例还提供了一种通用业务接口设备, 该设备包括: 注册接收单元, 用于接收来自终端的通用业务接口 USI注册请求消息; 认证单元, 用于在所述注册接收单元收到终端的 USI注册请求消息后, 对终端进行认证;  And a receiving unit, configured to receive a USI registration response message from the universal service interface device. An embodiment of the present invention further provides a general service interface device, where the device includes: a registration receiving unit, configured to receive a universal service interface USI registration request message from the terminal; and an authentication unit, configured to receive at the registration receiving unit After the USI registration request message of the terminal, the terminal is authenticated;
发送单元, 用于在所述认证单元对终端认证通过后, 发送 USI注册响应 消息给所述终端。  And a sending unit, configured to send a USI registration response message to the terminal after the authentication unit passes the authentication of the terminal.
附图说明 DRAWINGS
图 1为现有技术中 WiMAX网络中包含 USI的网络结构;  1 is a network structure including a USI in a WiMAX network in the prior art;
图 2为现有技术中 AAA服务器代替终端进行 USI注册的流程示意图; 图 3为本发明 USI系统注册方法第一实施例的流程示意图;  2 is a schematic flowchart of a USI registration process performed by an AAA server instead of a terminal in the prior art; FIG. 3 is a schematic flowchart of a first embodiment of a USI system registration method according to the present invention;
图 4为本发明 USI系统注册方法第二实施例的流程示意图;  4 is a schematic flowchart of a second embodiment of a USI system registration method according to the present invention;
图 5为本发明 USI系统注册方法第三实施例的流程示意图;  5 is a schematic flowchart of a third embodiment of a USI system registration method according to the present invention;
图 6为本发明实施例进行 USI注册的系统第一结构示意图;  6 is a schematic diagram of a first structure of a system for performing USI registration according to an embodiment of the present invention;
图 7为本发明实施例 USI设备中认证单元第一结构示意图;  7 is a schematic diagram of a first structure of an authentication unit in a USI device according to an embodiment of the present invention;
图 8为本发明实施例 USI设备中认证单元第二结构示意图;  8 is a schematic diagram of a second structure of an authentication unit in a USI device according to an embodiment of the present invention;
图 9为本发明实施例进行 USI注册的系统第二结构示意图。 具体实施方式 FIG. 9 is a schematic diagram of a second structure of a system for performing USI registration according to an embodiment of the present invention. detailed description
本发明实施例提供了一种通用业务接口 USI注册的方案, 在该方案 中, 终端可以在需要使用 USI时才发起 USI注册, 从而解决了现有技术中 由网络侧盲目代替终端进行注册导致网络资源浪费的问题。  The embodiment of the present invention provides a solution for registering a general service interface USI. In this solution, the terminal can initiate the USI registration when the USI needs to be used, thereby solving the problem that the network side blindly replaces the terminal to register in the prior art. The problem of wasting resources.
通用业务接口 USI注册方法第一实施例的流程如图 3所示, 包括如下 歩骤:  General Service Interface The flow of the first embodiment of the USI registration method is as shown in FIG. 3, and includes the following steps:
歩骤 301 : 终端向 USI系统发送 USI注册请求消息, 该 USI注册请求消 息中携带终端签约的 USI ID;  Step 301: The terminal sends a USI registration request message to the USI system, where the USI registration request message carries the USI ID signed by the terminal;
终端入网成功后, 可以在需要使用 USI功能时, 才向 USI系统发送 USI 注册请求消息, 该 USI注册请求消息中包含终端签约的 USI ID。 终端签约 的 USI ID 可以是终端签约 USI 系统的用户名, 或终端设备标识, 或 WiMAX用户标识或终端的 IP地址等。  After the terminal is successfully connected to the network, the USI registration request message is sent to the USI system when the USI function is required. The USI registration request message includes the USI ID of the terminal subscription. The USI ID of the terminal subscription may be the user name of the terminal contracted USI system, or the terminal device identifier, or the WiMAX user ID or the IP address of the terminal.
歩骤 302: USI系统接收到来自终端的 USI注册请求消息后, 根据 USI 注册请求消息中终端签约的 USI ID对终端进行认证;  Step 302: After receiving the USI registration request message from the terminal, the USI system authenticates the terminal according to the USI ID signed by the terminal in the USI registration request message.
USI系统收到来自终端的 USI注册请求消息后, 可以根据 USI注册请求 消息中终端签约的 USI ID对终端能否使用 USI进行认证。  After receiving the USI registration request message from the terminal, the USI system can authenticate the terminal according to the USI ID signed by the terminal in the USI registration request message.
歩骤 303 : USI系统对终端认证完成后, 向终端发送 USI注册响应消 息。  Step 303: After the terminal authentication is completed, the USI system sends a USI registration response message to the terminal.
歩骤 303中, 若 USI系统对终端认证通过, 则向终端发送的 USI注册 响应消息为 USI注册成功消息; 若 USI系统对终端认证失败, 则 USI系统 向终端发送的 USI注册响应消息为 USI注册拒绝消息。  In the step 303, if the USI system passes the terminal authentication, the USI registration response message sent to the terminal is a USI registration success message. If the USI system fails to authenticate the terminal, the USI registration response message sent by the USI system to the terminal is USI registration. Reject the message.
USI系统对终端认证通过后, 发送 USI注册成功消息给终端, 该 USI注 册成功消息中可以包含一个 USI系统给终端分配的临时 USI ID。 该临时 USI ID也可以不通过 USI注册成功消息发送给终端, 而是在歩骤 303之后 通过一个单独的消息发送给终端, 例如 USI ID分发消息。  After the terminal authentication is passed, the USI system sends a USI registration success message to the terminal. The USI registration success message may include a temporary USI ID assigned by the USI system to the terminal. The temporary USI ID may also be sent to the terminal without using the USI registration success message, but is sent to the terminal through a separate message, such as the USI ID distribution message, after step 303.
终端收到来自 USI系统的 USI注册成功消息或 USI ID分发消息后获取 上述临时 USI ID, 在后续与 USI子系统交互的过程中, 终端可以使用临时 USI ID, 而不用上述终端签约的 USI ID。 采用临时 USI ID可以防止终端签 约的 USI ID被他人恶意盗取, 使得终端与网络侧之间的信息交互变得更加 安全。 The terminal obtains the USI registration success message or the USI ID distribution message from the USI system. In the process of interacting with the USI subsystem, the terminal may use the temporary USI ID instead of the USI ID signed by the terminal. The temporary USI ID can prevent the USI ID signed by the terminal from being maliciously stolen by others, so that the information interaction between the terminal and the network side becomes more secure.
另外, 为了保障临时 USI ID安全性, 还可以给上述临时 USI ID设置有 效时间, 在有效时间内, 终端可以采用该临时 USI ID与网络侧进行信息交 互, 当超过有效时间时, USI系统可以新分配一个临时 USI ID发送给终 端, 例如通过 USI ID更新消息发送新分配的临时 USI ID给终端。  In addition, in order to ensure the security of the temporary USI ID, the temporary USI ID can also be set to a valid time. During the effective time, the terminal can use the temporary USI ID to interact with the network side. When the effective time is exceeded, the USI system can be new. A temporary USI ID is assigned to the terminal, for example, the newly assigned temporary USI ID is sent to the terminal through the USI ID update message.
通过上述本发明方法第一实施例, 终端可以在需要使用 USI时才发起 USI注册, 避免了终端在入网过程中由网络侧代替终端盲目进行注册的问 题, 进而节省了网络资源。 并且通过使用临时 USI ID可以使终端与 USI系 统之间的信息交互变得更加安全。  Through the foregoing first embodiment of the method of the present invention, the terminal can initiate the USI registration when the USI needs to be used, thereby avoiding the problem that the terminal is blindly registered by the network side instead of the terminal during the network access process, thereby saving network resources. And by using the temporary USI ID, the information interaction between the terminal and the USI system can be made more secure.
在上述歩骤 302中, USI系统对终端进行认证的方法可以有两种, 一种 是通过 USI系统与 AAA服务器之间的信息交互对终端进行认证, 另外一种 是通过 USI系统与终端之间的信息交互对终端进行认证, 下面将通过更为 详细的实施例对这两种方法进行介绍。  In the above step 302, the USI system can authenticate the terminal in two ways. One is to authenticate the terminal through information interaction between the USI system and the AAA server, and the other is between the USI system and the terminal. The information exchange authenticates the terminal, and the two methods will be described below through a more detailed embodiment.
参见图 4所示为本发明方法第二实施例的流程图, 在此实施例中, USI 系统可以通过与 AAA服务器之间的信息交互来对终端进行认证, 该实施例 的方法包括如下歩骤:  FIG. 4 is a flowchart of a second embodiment of the method according to the present invention. In this embodiment, the USI system can authenticate the terminal by interacting with the AAA server. The method in this embodiment includes the following steps. :
歩骤 401 : 终端向 USI系统发送 USI注册请求消息;  Step 401: The terminal sends a USI registration request message to the USI system.
终端入网成功后, 可以在需要使用 USI功能时, 向 USI系统发送 USI 注册请求消息, 该 USI注册请求消息中包含终端签约的 USI ID。 终端签约 的 USI ID 可以是终端签约 USI 系统的用户名, 或终端设备标识, 或 WiMAX用户标识或终端的 IP地址等。  After the terminal is successfully connected to the network, the USI registration request message is sent to the USI system. The USI registration request message includes the USI ID of the terminal subscription. The USI ID of the terminal subscription may be the user name of the terminal contracted USI system, or the terminal device identifier, or the WiMAX user ID or the IP address of the terminal.
歩骤 402: USI系统收到终端的 USI注册请求消息后, 向 AAA服务器 发送认证请求消息, 请求对终端进行认证; USI系统从终端发送的 USI注册请求消息中, 获取 USI注册请求消息中 终端签约的 USI ID, 并将此终端签约的 USI ID携带在认证请求消息中发送 给 AAA服务器。 Step 402: After receiving the USI registration request message of the terminal, the USI system sends an authentication request message to the AAA server to request authentication of the terminal. The USI system obtains the USI ID of the terminal in the USI registration request message from the USI registration request message, and carries the USI ID signed by the terminal in the authentication request message to the AAA server.
歩骤 403 : AAA服务器收到 USI系统发送的认证请求消息后, 对终端 进行认证, 认证完成后发送认证响应消息给 USI系统;  Step 403: After receiving the authentication request message sent by the USI system, the AAA server authenticates the terminal, and sends an authentication response message to the USI system after the authentication is completed.
AAA服务器中保存有终端开户时或者开户后登记的签约信息, 签约信 息包括终端签约的 USI ID, 终端的密码等。 AAA服务器收到认证请求消息 后, 判断认证请求消息中终端签约的 USI ID是否为已保存的 USI ID, 以及 终端是否已签约 USI业务, 如果终端的 USI ID为已保存的 USI ID并且已签 约 USI业务, 则 AAA服务器发送给 USI系统的认证响应消息为认证通过消 息; 如果终端的 USI ID不是已保存的 USI ID或终端未签约 USI业务, 则 AAA服务器发送给 USI系统的认证响应消息为认证失败消息。  The AAA server stores the subscription information registered at the time of opening the account or after the account is opened. The subscription information includes the USI ID signed by the terminal, the password of the terminal, and the like. After receiving the authentication request message, the AAA server determines whether the USI ID signed by the terminal in the authentication request message is the saved USI ID, and whether the terminal has subscribed to the USI service. If the USI ID of the terminal is the saved USI ID and the USI has been signed. The authentication response message sent by the AAA server to the USI system is the authentication pass message. If the USI ID of the terminal is not the saved USI ID or the terminal does not subscribe to the USI service, the authentication response message sent by the AAA server to the USI system is the authentication failure. Message.
歩骤 404: USI系统收到 AAA服务器发送的认证响应消息后, 发送 USI注册响应消息给终端。  Step 404: After receiving the authentication response message sent by the AAA server, the USI system sends a USI registration response message to the terminal.
歩骤 404中, 如果 USI系统收到 AAA服务器发送的认证响应消息为认 证通过消息, 则 USI系统发送给终端的 USI注册响应消息为 USI注册成功 消息; 如果 USI系统收到 AAA服务器发送的认证响应消息为认证失败消 息, 则 USI系统发送给终端的 USI注册响应消息为 USI注册拒绝消息。  In step 404, if the USI system receives the authentication response message sent by the AAA server as the authentication pass message, the USI registration response message sent by the USI system to the terminal is a USI registration success message; if the USI system receives the authentication response sent by the AAA server The message is an authentication failure message, and the USI registration response message sent by the USI system to the terminal is a USI registration rejection message.
USI系统向终端发送的 USI注册成功消息中可以包含一个 USI系统给终 端分配的临时 USI ID。 该临时 USI ID也可以不通过 USI注册成功消息发送 给终端, 而是在歩骤 404之后通过一个单独的消息发送给终端, 例如 USI ID分发消息。  The USI registration success message sent by the USI system to the terminal may include a temporary USI ID assigned by the USI system to the terminal. The temporary USI ID may also be sent to the terminal without using the USI registration success message, but is sent to the terminal through a separate message, such as the USI ID distribution message, after step 404.
终端收到来自 USI系统的 USI注册成功消息或 USI ID分发消息后获取 上述临时 USI ID, 在后续与 USI子系统交互的过程中, 终端可以使用临时 USI ID, 而不用上述终端签约的 USI ID。 采用临时 USI ID可以防止终端签 约的 USI ID被他人恶意盗取, 使得终端与网络侧之间的信息交互变得更加 安全。 The terminal obtains the temporary USI ID after receiving the USI registration success message or the USI ID distribution message from the USI system. In the subsequent interaction with the USI subsystem, the terminal may use the temporary USI ID instead of the USI ID signed by the terminal. The temporary USI ID can prevent the USI ID signed by the terminal from being maliciously stolen by others, so that the information interaction between the terminal and the network side becomes more Safety.
另外, 为了保障临时 USI ID安全性, 还可以给上述临时 USI ID设置有 效时间, 在有效时间内, 终端可以采用该临时 USI ID与网络侧进行信息交 互, 当超过有效时间时, USI系统可以新分配一个临时 USI ID发送给终 端, 例如通过 USI ID更新消息发送新分配的临时 USI ID给终端。  In addition, in order to ensure the security of the temporary USI ID, the temporary USI ID can also be set to a valid time. During the effective time, the terminal can use the temporary USI ID to interact with the network side. When the effective time is exceeded, the USI system can be new. A temporary USI ID is assigned to the terminal, for example, the newly assigned temporary USI ID is sent to the terminal through the USI ID update message.
通过上述本发明方法第二实施例提供的方法, 终端可以在需要使用 USI 时才发起 USI注册, 从而避免了现有技术中即使终端不需要使用 USI功能 网络侧也会代替终端进行注册, 导致网络资源浪费的问题。 并且在该方法实 施例中可以利用现有网络中的 AAA服务器来对终端进行认证, 从而使得对 USI系统的功能要求相对比较简单。  Through the method provided by the second embodiment of the method of the present invention, the terminal can initiate the USI registration when the USI needs to be used, thereby avoiding the fact that even if the terminal does not need to use the USI function, the terminal will register instead of the terminal, resulting in the network. The problem of wasting resources. In the embodiment of the method, the AAA server in the existing network can be used to authenticate the terminal, so that the functional requirements of the USI system are relatively simple.
上述本发明方法第二实施例是通过现有网络中的 AAA服务器来对终端 进行认证的, 而在本发明实施例提供的方法中, 也可以不通过 AAA服务 器, 而是通过在 USI系统增加认证功能来对终端进行认证。  The second embodiment of the method of the present invention is to authenticate the terminal by using the AAA server in the existing network. In the method provided by the embodiment of the present invention, the authentication may be added to the USI system instead of the AAA server. Function to authenticate the terminal.
参见图 5所示为本发明方法第三实施例的流程图, 在此实施例中, USI 系统中增加了用户认证功能, USI系统可以通过与终端之间的信息交互来对 终端进行认证。 该实施例的方法包括如下歩骤:  Referring to FIG. 5, a flowchart of a third embodiment of the method of the present invention is shown. In this embodiment, a user authentication function is added to the USI system, and the USI system can authenticate the terminal by interacting with the terminal. The method of this embodiment includes the following steps:
歩骤 501 : 终端向 USI系统发送 USI注册请求消息;  Step 501: The terminal sends a USI registration request message to the USI system.
终端入网成功后, 可以在需要使用 USI功能时, 向 USI系统发送 USI 注册请求消息, 该 USI注册请求消息中包含终端签约的 USI ID。 终端签约 的 USI ID 可以是终端签约 USI 系统的用户名, 或终端设备标识, 或 WiMAX用户标识或终端的 IP地址等。  After the terminal is successfully connected to the network, the USI registration request message is sent to the USI system. The USI registration request message includes the USI ID of the terminal subscription. The USI ID of the terminal subscription may be the user name of the terminal contracted USI system, or the terminal device identifier, or the WiMAX user ID or the IP address of the terminal.
歩骤 502: USI系统收到终端发送的 USI注册请求消息后, 发送质询请 求消息给终端;  Step 502: After receiving the USI registration request message sent by the terminal, the USI system sends a challenge request message to the terminal.
USI系统收到终端发送的 USI注册请求消息后, 检查终端签约的 USI ID是否为已保存的 USI ID, 以及该终端是否签约已签约 USI业务, 如果终 端的 USI ID为已保存的 USI ID并且已经签约 USI业务, 则 USI系统生成质 询数值列 (例如, 生成一随机序列作为质询数值列) , 并将该质询数值列通 过质询请求消息发送给终端。 After receiving the USI registration request message sent by the terminal, the USI system checks whether the USI ID signed by the terminal is the saved USI ID, and whether the terminal subscribes to the contracted USI service. If the USI ID of the terminal is the saved USI ID and Signing up for the USI business, the USI system generates quality The value column is queried (for example, a random sequence is generated as a challenge value column), and the challenge value column is sent to the terminal through a challenge request message.
歩骤 503: 终端收到质询请求消息后, 发送质询响应消息给 USI系统; 终端收到来自 USI系统的质询请求消息后, 根据质询请求消息中的质 询数值列和终端的 USI密钥按照特定的算法生成响应数值列, 通过质询响 应消息发送给 USI系统。  Step 503: After receiving the challenge request message, the terminal sends a challenge response message to the USI system. After receiving the challenge request message from the USI system, the terminal selects the challenge value in the challenge request message and the USI key of the terminal according to the specific The algorithm generates a response value column and sends it to the USI system via a challenge response message.
歩骤 504: USI系统收到质询响应消息后, 发送 USI注册响应消息给终  Step 504: After receiving the challenge response message, the USI system sends a USI registration response message to the end.
USI系统收到质询响应消息后, 对质询响应消息中的响应数值列进行验 证, 例如, 比较终端发送的质询响应消息中的响应数值列和 USI系统自己 生成的质询数值列是否匹配, 如果匹配, 则验证成功, USI系统发送给终端 的 USI注册响应消息为 USI注册成功消息; 如果不匹配, 则验证失败, USI 系统发送给终端的 USI注册响应消息为 USI注册拒绝消息。 After receiving the challenge response message, the USI system verifies the response value column in the challenge response message, for example, comparing whether the response value column in the challenge response message sent by the terminal matches the challenge value column generated by the USI system itself, if it matches, If the verification succeeds, the USI registration response message sent by the USI system to the terminal is the USI registration success message; if it does not match, the verification fails, and the USI registration response message sent by the USI system to the terminal is a USI registration rejection message.
上述 USI系统发送给终端的 USI注册成功消息中可以包含一个 USI系 统给终端分配的临时 USI ID。 该临时 USI ID也可以不通过 USI注册成功消 息发送给终端, 而是在歩骤 504之后通过一个单独的消息发送给终端, 例如 USI ID分发消息。  The USI registration success message sent by the USI system to the terminal may include a temporary USI ID assigned by the USI system to the terminal. The temporary USI ID may also be sent to the terminal without the USI registration success message, but sent to the terminal through a separate message, such as the USI ID distribution message, after step 504.
终端收到来自 USI系统的 USI注册成功消息或 USI ID分发消息后获取 上述临时 USI ID, 在后续与 USI子系统交互的过程中, 终端可以使用临时 USI ID, 而不用上述终端签约的 USI ID。 采用临时 USI ID可以防止终端签 约的 USI ID被他人恶意盗取, 使得终端与网络侧之间的信息交互变得更加 安全。  After receiving the USI registration success message or the USI ID distribution message from the USI system, the terminal obtains the temporary USI ID. In the subsequent interaction with the USI subsystem, the terminal can use the temporary USI ID instead of the USI ID signed by the terminal. The temporary USI ID can prevent the USI ID of the terminal from being maliciously stolen by others, making the information interaction between the terminal and the network side more secure.
另外, 为了保障临时 USI ID安全性, 可以给上述临时 USI ID设置有效 时间, 在有效时间内, 终端可以采用该临时 USI ID与网络侧进行信息交 互, 当超过有效时间时, USI系统可以新分配一个临时 USI ID发送给终 端, 例如通过 USI ID更新消息发送新分配的临时 USI ID给终端。 通过上述本发明方法第三实施例提供的方法, 终端可以在需要使用 USI 时才发起 USI注册, 从而避免了现有技术中即使终端不需要使用 USI功能 网络侧也会代替终端进行注册, 导致网络资源浪费的问题。 并且在该方法实 施例中只需要在 USI系统中增加一个认证功能, 则后续 USI系统就可以不 通过 AAA服务器而直接对终端进行认证了。 In addition, to ensure the security of the temporary USI ID, the temporary USI ID can be set to a valid time. During the effective time, the terminal can use the temporary USI ID to interact with the network. When the valid time is exceeded, the USI system can be newly allocated. A temporary USI ID is sent to the terminal, for example, by sending a newly assigned temporary USI ID to the terminal through the USI ID update message. Through the method provided by the third embodiment of the method of the present invention, the terminal can initiate the USI registration when the USI needs to be used, thereby avoiding the prior art that even if the terminal does not need to use the USI function, the network side also replaces the terminal for registration, resulting in the network. The problem of wasting resources. In the embodiment of the method, only one authentication function needs to be added to the USI system, and the subsequent USI system can directly authenticate the terminal without using the AAA server.
本发明的实施例还提供了一种进行 USI注册的系统, 参见图 6所示的 系统结构示意图, 该系统包括终端 60与通用业务接口设备 61。  An embodiment of the present invention further provides a system for performing USI registration. Referring to the system structure diagram shown in FIG. 6, the system includes a terminal 60 and a general service interface device 61.
终端 60主要包括如下模块:  The terminal 60 mainly includes the following modules:
注册请求单元 601, 用于发送 USI注册请求消息给通用业务接口设备 61 ;  The registration request unit 601 is configured to send a USI registration request message to the universal service interface device 61;
接收单元 602, 用于接收来自通用业务接口设备 61的 USI注册响应消 息。  The receiving unit 602 is configured to receive a USI registration response message from the universal service interface device 61.
根据上面方法第一实施例、 方法第二实施例和方法第三实施例的描述, USI系统发送注册响应消息给终端时, 有可能携带 USI系统分配给终端的临 时 USI ID, 也有可能不携带此临时 USI ID, 而是通过一个 USI ID分发消息 将临时 USI ID发送给终端, 因此终端 60中的接收单元 602可以具体包括: 第一接收单元 6021 : 用于接收来自通用业务接口设备 61的 USI注册响 应消息;  According to the description of the first embodiment, the second embodiment of the method, and the third embodiment of the method, when the USI system sends a registration response message to the terminal, it may carry the temporary USI ID assigned by the USI system to the terminal, and may not carry this. The temporary USI ID is sent to the terminal by using a USI ID distribution message. Therefore, the receiving unit 602 in the terminal 60 may specifically include: a first receiving unit 6021: for receiving the USI registration from the universal service interface device 61. Response message
第二接收单元 6022: 用于接收来自通用业务接口设备 61发送的 USI ID 分发消息, 该 USI ID分发消息中包括通用业务接口设备 61为终端分配的临 时 USI ID。  The second receiving unit 6022 is configured to receive a USI ID distribution message sent by the universal service interface device 61, where the USI ID distribution message includes a temporary USI ID allocated by the universal service interface device 61 for the terminal.
上述 USI系统的功能可以通过通用业务接口设备 61来完成, 该通用业 务接口设备 61包括:  The functions of the above USI system can be implemented by the universal service interface device 61. The universal service interface device 61 includes:
注册接收单元 611, 用于接收来自终端的 USI注册请求消息;  a registration receiving unit 611, configured to receive a USI registration request message from the terminal;
认证单元 612, 用于在注册接收单元 611收到终端的 USI注册请求消息 后, 对终端进行认证; 发送单元 613, 用于在认证单元 612对终端认证完成后, 发送 USI注册 响应消息给终端。 The authentication unit 612 is configured to: after the registration receiving unit 611 receives the USI registration request message of the terminal, perform authentication on the terminal; The sending unit 613 is configured to send a USI registration response message to the terminal after the authentication unit 612 completes the terminal authentication.
根据上面方法第一实施例、 方法第二实施例和方法第三实施例的描述, 通用业务接口设备 61 中的 USI系统发送注册响应给终端时, 有可能携带 USI系统分配给终端的临时 USI ID, 也有可能不携带此临时 USI ID, 而是 另外通过一个 USI ID分发消息将临时 USI ID发送给终端, 因此通用业务接 口设备 61的发送单元 613可以进一歩包括:  According to the description of the first embodiment, the second embodiment of the method, and the third embodiment of the method, when the USI system in the universal service interface device 61 sends a registration response to the terminal, it may carry the temporary USI ID assigned by the USI system to the terminal. It is also possible that the temporary USI ID is not carried, but the temporary USI ID is sent to the terminal through a USI ID distribution message. Therefore, the sending unit 613 of the universal service interface device 61 can further include:
第一发送单元 6131 : 用于发送 USI注册响应消息给终端;  The first sending unit 6131 is configured to send a USI registration response message to the terminal.
第二发送单元 6132: 用于发送 USI ID分发消息给终端, 该 USI ID分发 消息中包括通用业务接口设备 61为终端分配的临时 USI ID。  The second sending unit 6132 is configured to send a USI ID distribution message to the terminal, where the USI ID distribution message includes a temporary USI ID allocated by the universal service interface device 61 for the terminal.
参见图 6所示, 上述终端 60与通用业务接口设备 61协同工作的原理如 下:  Referring to Figure 6, the principle of the above terminal 60 working in conjunction with the universal service interface device 61 is as follows:
当终端 60在需要使用 USI功能时, 可以通过注册请求单元 601 发送 USI注册请求消息给通用业务接口设备 61 中的注册接收单元 611 ; 注册接 收单元 611收到 USI注册请求消息后通知认证单元 612对终端 60进行认 证, 如果认证通过, 则认证单元 612通知发送单元 613发送 USI注册响应消 息给终端 60的接收单元 602。  When the terminal 60 needs to use the USI function, the registration request unit 601 may send a USI registration request message to the registration receiving unit 611 in the universal service interface device 61. The registration receiving unit 611 notifies the authentication unit 612 after receiving the USI registration request message. The terminal 60 performs authentication, and if the authentication passes, the authentication unit 612 notifies the transmitting unit 613 to transmit the USI registration response message to the receiving unit 602 of the terminal 60.
若上述通用业务接口设备 61 发送 USI注册响应消息给终端 60时不携 带临时 USI ID, 则认证单元 612认证通过后通知第一发送单元 6131 发送 USI注册响应消息给终端 60 的第一接收单元 6021, 并通知第二发送单元 6132发送 USI ID分发消息给终端 60的第二接收单元 6022, 该 USI ID分发 消息中包括通用业务接口设备 61为终端分配的临时 USI ID。  If the general service interface device 61 sends the USI registration response message to the terminal 60 without carrying the temporary USI ID, the authentication unit 612 notifies the first sending unit 6131 to send the USI registration response message to the first receiving unit 6021 of the terminal 60 after the authentication is passed. And informing the second sending unit 6132 to send the USI ID distribution message to the second receiving unit 6022 of the terminal 60, where the USI ID distribution message includes the temporary USI ID allocated by the universal service interface device 61 for the terminal.
另外, 根据上述方法第二实施例和方法第三实施例的技术方案, 通用业 务接口设备 61在对终端进行认证时可以有两种方式, 一种是通过通用业务 接口设备 61 与 AAA服务器之间的信息交互对终端进行认证, 另外一种是 通过通用业务接口设备 61中的 USI系统与终端之间的信息交互对终端进行 认证。 In addition, according to the technical solution of the second embodiment and the third embodiment of the foregoing method, the universal service interface device 61 can perform authentication on the terminal in two ways, one is through the common service interface device 61 and the AAA server. The information exchanges the terminal for authentication, and the other is to perform the terminal interaction between the USI system and the terminal in the universal service interface device 61. Certification.
如果通用业务接口设备 61采用与 AAA服务器之间的信息交互的方式 对终端进行认证, 则参见图 7所示, 通用业务接口设备 61 的认证单元 612 可以具体包括:  If the universal service interface device 61 authenticates the terminal by using the information exchange with the AAA server, the authentication unit 612 of the universal service interface device 61 may specifically include:
第一认证请求单元 61201, 用于在注册接收单元 611收到终端的 USI注 册请求消息后, 发送认证请求消息给 AAA服务器, 请求对终端进行认证; 第一认证接收单元 61202, 用于在 AAA服务器认证通过后, 接收来自 AAA服务器的认证响应消息。  The first authentication requesting unit 61201 is configured to send an authentication request message to the AAA server after the registration receiving unit 611 receives the USI registration request message of the terminal, requesting authentication of the terminal; and the first authentication receiving unit 61202 is configured to be used in the AAA server. After the authentication is passed, the authentication response message from the AAA server is received.
如果通用业务接口设备 61采用与终端 60之间的信息交互的方式对终端 60进行认证, 则参见图 8所示, 通用业务接口设备 61的认证单元 612可以 具体包括:  If the universal service interface device 61 authenticates the terminal 60 by using the information exchange with the terminal 60, the authentication unit 612 of the universal service interface device 61 may specifically include:
第二认证请求单元 61211, 用于在注册接收单元 611收到终端的 USI注 册请求消息后, 发送质询请求消息给终端;  The second authentication request unit 61211 is configured to send a challenge request message to the terminal after the registration receiving unit 611 receives the USI registration request message of the terminal;
第二认证接收单元 61212, 用于接收来自终端的质询响应消息。  The second authentication receiving unit 61212 is configured to receive a challenge response message from the terminal.
相对应的, 为了完成与通用业务接口设备 61 之间的认证信息交互, 参 见图 9所示, 终端 60可以进一歩包括认证响应单元 603, 用于接收来自通 用业务接口设备 61 的质询请求消息后发送质询响应消息给通用业务接口设 备 61, 该认证响应单元具体包括:  Correspondingly, in order to complete the authentication information interaction with the universal service interface device 61, as shown in FIG. 9, the terminal 60 may further include an authentication response unit 603 for receiving the challenge request message from the universal service interface device 61. Sending a challenge response message to the general service interface device 61, the authentication response unit specifically includes:
质询接收单元 6031, 用于接收来自通用业务接口设备 61的质询请求消 息;  a challenge receiving unit 6031, configured to receive a challenge request message from the universal service interface device 61;
上述质询请求消息中包含 USI系统生成质询数值列。  The above challenge request message includes a USI system generated challenge value column.
质询响应单元 6032, 用于向通用业务接口设备 61发送质询响应消息。 质询响应单元 6032根据质询请求消息中的质询数值列和终端的 USI密 钥按照特定的算法生成响应数值列, 通过质询响应消息发送给通用业务接口 设备 61。  The challenge response unit 6032 is configured to send a challenge response message to the universal service interface device 61. The challenge response unit 6032 generates a response value column according to the challenge value column in the challenge request message and the USI key of the terminal according to a specific algorithm, and sends the response value column to the general service interface device 61 through the challenge response message.
参见图 9所示, 终端在进行 USI注册时通用业务接口设备 61采用与终 端 60之间的信息交互的方式对终端 60进行认证的方法原理如下: 当终端 60在需要使用 USI功能时, 可以通过注册请求单元 601 发送 USI注册请求消息给通用业务接口设备 61 中的注册接收单元 611 ; 注册接 收单元 611收到 USI注册请求消息后通知第二认证请求单元 61211, 第二认 证请求单元 61211发送质询请求消息给终端 60中的质询接收单元 6031 ; 质 询接收单元 6031收到质询请求消息后, 根据终端签约的 USI ID和密码按照 特定的算法生成响应数值列, 并发送给质询响应单元 6032; 质询响应单元 6032将响应数值列通过质询响应消息发送给通用业务接口设备 61的第二认 证接收单元 61212; 第二认证接收单元 61212收到质询响应消息后对质询响 应消息中的响应数值列进行验证, 如果验证通过, 则通知发送单元 613发送 USI注册响应消息给终端 60的接收单元 602。 Referring to FIG. 9, the terminal uses and ends the general service interface device 61 when performing USI registration. The method for authenticating the terminal 60 in the manner of information exchange between the terminals 60 is as follows: When the terminal 60 needs to use the USI function, the USI registration request message may be sent by the registration request unit 601 to the registration receiving in the universal service interface device 61. The unit 611; the registration receiving unit 611 notifies the second authentication request unit 61211 after receiving the USI registration request message, the second authentication request unit 61211 sends a challenge request message to the challenge receiving unit 6031 in the terminal 60; the challenge receiving unit 6031 receives the challenge request After the message, the response value column is generated according to the USI ID and password signed by the terminal according to a specific algorithm, and sent to the challenge response unit 6032; the challenge response unit 6032 sends the response value column to the second of the universal service interface device 61 through the challenge response message. The authentication receiving unit 61212; the second authentication receiving unit 61212 verifies the response value column in the challenge response message after receiving the challenge response message, and if the verification passes, the notification sending unit 613 sends the USI registration response message to the receiving unit 602 of the terminal 60. .
若上述通用业务接口设备 61 发送 USI注册响应消息给终端 60时不携 带临时 USI ID, 则第二认证接收单元 61212对质询响应消息中的响应数值 列验证通过后通知第一发送单元 6131发送 USI注册响应消息给终端 60的第 一接收单元 6021, 并通知第二发送单元 6132发送 USI ID分发消息给终端 60的第二接收单元 6022, 该 USI ID分发消息中包括通用业务接口设备 61 为终端分配的临时 USI ID。  If the general service interface device 61 sends the USI registration response message to the terminal 60 without carrying the temporary USI ID, the second authentication receiving unit 61212 notifies the first sending unit 6131 to send the USI registration after the response value column verification in the challenge response message is passed. The response message is sent to the first receiving unit 6021 of the terminal 60, and the second sending unit 6132 is notified to send the USI ID distribution message to the second receiving unit 6022 of the terminal 60. The USI ID distribution message includes the universal service interface device 61 for the terminal. Temporary USI ID.
上述通用业务接口设备 61 可以是一个单板或者一个单独的设备, 也可 以作为功能模块集成在 AAA服务器或者 PCRF ( Policy Charging Rules Function, 策略和计费规则功能) 或者应用服务器等网络实体中。  The above-mentioned universal service interface device 61 may be a single board or a single device, or may be integrated as a function module in a network entity such as an AAA server or a PCRF (Policy Charging Rules Function) or an application server.
通过上述本发明实施例提供的系统, 终端不用在入网后由网络侧盲目代 替终端进行 USI注册, 而是终端在需要使用 USI时才发起 USI注册, 从而 大大节省了网络资源。  With the system provided by the embodiment of the present invention, the terminal does not need to perform the USI registration by the network side blindly instead of the terminal after the network access, but the terminal initiates the USI registration when the USI needs to be used, thereby greatly saving network resources.
上所述仅为本发明的较佳实施例而已, 并不用以限制本发明, 凡在本发 明的精神和原则之内, 所作的任何修改、 等同替换、 改进等, 均应包含在本 发明的保护范围之内。  The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention. Any modifications, equivalent substitutions, improvements, etc., which are included in the spirit and principle of the present invention, should be included in the present invention. Within the scope of protection.

Claims

权利要求书 Claim
1、 一种通用业务接口系统注册的方法, 其特征在于, 所述的方法包 括:  A method for registering a general service interface system, the method comprising:
收到来自终端的通用业务接口 USI注册请求消息后, 对所述终端进行 认证;  After receiving the general service interface USI registration request message from the terminal, the terminal is authenticated;
认证完成后, 向所述终端发送 USI注册响应消息。  After the authentication is completed, the USI registration response message is sent to the terminal.
2、 根据权利要求 1 所述的方法, 其特征在于, 所述认证完成后, 向所 述终端发送 USI注册响应消息具体包括:  The method according to claim 1, wherein, after the authentication is completed, sending the USI registration response message to the terminal specifically includes:
若认证通过, 则向所述终端发送 USI注册成功消息;  Sending a USI registration success message to the terminal if the authentication is passed;
若认证失败, 则向所述终端发送 USI注册拒绝消息。  If the authentication fails, the USI registration reject message is sent to the terminal.
3、 根据权利要求 1 所述的方法, 其特征在于, 所述对所述终端进行认 证具体包括:  The method according to claim 1, wherein the authenticating the terminal specifically includes:
向认证、 授权和计费 AAA服务器发送认证请求消息, 请求对终端进行 认证, 所述认证请求消息中包括终端签约的 USI ID;  Sending an authentication request message to the authentication, authorization, and accounting AAA server, requesting authentication of the terminal, where the authentication request message includes the USI ID signed by the terminal;
在 AAA服务对终端认证完成后, 接收来自 AAA服务器的认证响应消息。  After the AAA service completes the terminal authentication, it receives an authentication response message from the AAA server.
4、 根据权利要求 1 所述的方法, 其特征在于, 所述对所述终端进行认 证具体包括:  The method according to claim 1, wherein the authenticating the terminal specifically includes:
确认所述终端已签约 USI业务后, 则向所述终端发送质询请求消息; 接收来自所述终端的质询响应消息;  After confirming that the terminal has subscribed to the USI service, sending a challenge request message to the terminal; receiving a challenge response message from the terminal;
根据质询响应消息对终端进行验证。  The terminal is verified according to the challenge response message.
5、 根据权利要求 4所述的方法, 其特征在于,  5. The method of claim 4, wherein
所述质询请求消息中包含质询数值列; 所述质询响应消息中包含根据所 述质询数值列和终端的 USI密钥生成的响应数值列; 根据质询响应消息对 终端进行验证具体为:  The challenge request message includes a challenge value column; the challenge response message includes a response value column generated according to the challenge value column and the USI key of the terminal; and the terminal is verified according to the challenge response message:
对质询响应消息中携带的响应数值列进行验证。  The response value column carried in the challenge response message is verified.
6、 根据权利要求 5所述的方法, 其特征在于, 对质询响应消息中携带 的响应数值列进行验证具体包括: 6. The method according to claim 5, wherein the message is carried in a challenge response message The verification of the response value column specifically includes:
比较所述响应数值列和所述质询数值列是否匹配, 如果匹配则验证成 功; 如果不匹配则验证失败。  Comparing whether the response value column and the challenge value column match, if it matches, the verification succeeds; if it does not match, the verification fails.
7、 根据权利要求 1~6任意一项所述的方法, 其特征在于, 向所述终端 发送的 USI注册响应消息中包括为终端临时分配的 USI ID。  The method according to any one of claims 1 to 6, wherein the USI registration response message sent to the terminal includes a USI ID temporarily allocated for the terminal.
8、 根据权利要求 1~6任意一项所述的方法, 其特征在于, 向所述终端 发送 USI注册响应消息后进一歩包括:  The method according to any one of claims 1 to 6, wherein the sending the USI registration response message to the terminal further comprises:
向所述终端发送 USI ID分发消息, 所述 USI ID分发消息中包括为所述 终端临时分配的 USI ID。  Sending a USI ID distribution message to the terminal, where the USI ID distribution message includes a USI ID temporarily allocated for the terminal.
9、 一种终端, 其特征在于, 所述的终端包括:  A terminal, wherein the terminal comprises:
注册请求单元, 用于发送通用业务接口 USI注册请求消息给通用业务 接口设备;  a registration request unit, configured to send a general service interface USI registration request message to the general service interface device;
接收单元, 用于接收来自所述通用业务接口设备的 USI注册响应消 息。  And a receiving unit, configured to receive a USI registration response message from the universal service interface device.
10、 根据权利要求 9所述的终端, 其特征在于,  10. The terminal of claim 9, wherein:
所述的终端进一歩包括: 认证响应单元, 用于接收到来自所述通用业务 接口设备的质询请求消息后发送质询响应消息给所述通用业务接口设备, 该 认证响应单元具体包括:  The terminal further includes: an authentication response unit, configured to: after receiving a challenge request message from the universal service interface device, send a challenge response message to the universal service interface device, where the authentication response unit specifically includes:
质询接收单元, 用于接收来自所述通用业务接口设备的质询请求消息; 质询响应单元, 用于向所述通用业务接口设备发送质询响应消息。  a challenge receiving unit, configured to receive a challenge request message from the universal service interface device, and a challenge response unit, configured to send a challenge response message to the universal service interface device.
11、 根据权利要求 9所述的终端, 其特征在于, 所述的接收单元具体包 括:  The terminal according to claim 9, wherein the receiving unit specifically includes:
第一接收单元: 用于接收来自所述通用业务接口设备的 USI注册响应 消息;  a first receiving unit: configured to receive a USI registration response message from the universal service interface device;
第二接收单元: 用于接收来自所述通用业务接口设备发送的 USI ID分 发消息, 该 USI ID分发消息中包括所述通用业务接口设备为所述终端分配 的临时 USI ID。 a second receiving unit, configured to receive a USI ID distribution message sent by the universal service interface device, where the USI ID distribution message includes the universal service interface device to allocate the terminal Temporary USI ID.
12、 一种通用业务接口设备, 其特征在于, 所述的设备包括: 注册接收单元, 用于接收来自终端的通用业务接口 USI注册请求消息; 认证单元, 用于在所述注册接收单元收到终端的 USI注册请求消息 后, 对终端进行认证;  A general service interface device, the device includes: a registration receiving unit, configured to receive a general service interface USI registration request message from the terminal; and an authentication unit, configured to receive at the registration receiving unit After the USI registration request message of the terminal, the terminal is authenticated;
发送单元, 用于在所述认证单元对终端认证通过后, 发送 USI注册响 应消息给所述终端。  And a sending unit, configured to send a USI registration response message to the terminal after the authentication unit passes the authentication of the terminal.
13、 根据权利要求 12所述的通用业务接口设备, 其特征在于, 所述的 认证单元包括:  The universal service interface device according to claim 12, wherein the authentication unit comprises:
第一认证请求单元, 用于在所述注册接收单元收到终端的 USI注册请 求消息后, 发送认证请求消息给 AAA服务器, 请求对所述终端进行认证; 第一认证接收单元, 用于在所述 AAA服务器对所述终端认证通过后, 接收来自所述 AAA服务器的认证响应消息。  a first authentication requesting unit, configured to send an authentication request message to the AAA server after the registration receiving unit receives the USI registration request message of the terminal, requesting authentication of the terminal; After the AAA server authenticates the terminal, the AAA server receives an authentication response message from the AAA server.
14、 根据权利要求 12所述的通用业务接口设备, 其特征在于, 所述的 认证单元包括:  The universal service interface device according to claim 12, wherein the authentication unit comprises:
第二认证请求单元, 用于在所述注册接收单元收到终端的 USI注册请 求消息后, 发送质询请求消息给终端;  a second authentication requesting unit, configured to send a challenge request message to the terminal after the registration receiving unit receives the USI registration request message of the terminal;
第二认证接收单元, 用于接收来自所述终端的质询响应消息。  And a second authentication receiving unit, configured to receive a challenge response message from the terminal.
15、 根据权利要求 12所述的通用业务接口设备, 其特征在于, 所述的 发送单元具体包括:  The universal service interface device according to claim 12, wherein the sending unit specifically includes:
第一发送单元: 用于发送 USI注册响应消息给所述终端;  a first sending unit, configured to send a USI registration response message to the terminal;
第二发送单元: 用于发送 USI ID分发消息给所述终端, 该 USI ID分发 消息中包括通用业务接口设备为终端分配的临时 USI ID。  The second sending unit is configured to send a USI ID distribution message to the terminal, where the USI ID distribution message includes a temporary USI ID allocated by the universal service interface device for the terminal.
16、 根据权利要求 12至 15任意一项所述的通用业务接口设备, 其特征 在于, 所述的设备为单板, 或是作为功能模块集成在 AAA服务器、 或策略 和计费规则功能实体、 或应用服务器中。  The universal service interface device according to any one of claims 12 to 15, wherein the device is a single board, or is integrated as a function module in an AAA server, or a policy and charging rule function entity, Or in the application server.
PCT/CN2009/070345 2008-04-21 2009-02-03 Method and device for registering at universal service interface system WO2009129703A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2008100666712 2008-04-21
CNA2008100666712A CN101568111A (en) 2008-04-21 2008-04-21 Method and equipment for registering usual service interface system

Publications (1)

Publication Number Publication Date
WO2009129703A1 true WO2009129703A1 (en) 2009-10-29

Family

ID=41216417

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/070345 WO2009129703A1 (en) 2008-04-21 2009-02-03 Method and device for registering at universal service interface system

Country Status (2)

Country Link
CN (1) CN101568111A (en)
WO (1) WO2009129703A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115412912A (en) * 2021-05-28 2022-11-29 华为技术有限公司 Method for registering terminal equipment, related equipment, system and storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101150396A (en) * 2006-09-20 2008-03-26 华为技术有限公司 Method, network and terminal device for obtaining multicast and broadcast service secret key
CN101150405A (en) * 2006-09-22 2008-03-26 华为技术有限公司 Method and system for multicast and broadcast service authentication and authorization

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101150396A (en) * 2006-09-20 2008-03-26 华为技术有限公司 Method, network and terminal device for obtaining multicast and broadcast service secret key
CN101150405A (en) * 2006-09-22 2008-03-26 华为技术有限公司 Method and system for multicast and broadcast service authentication and authorization

Also Published As

Publication number Publication date
CN101568111A (en) 2009-10-28

Similar Documents

Publication Publication Date Title
US11895157B2 (en) Network security management method, and apparatus
US9112909B2 (en) User and device authentication in broadband networks
US8275355B2 (en) Method for roaming user to establish security association with visited network application server
WO2008131689A1 (en) Method and system for realizing an emergency communication service and corresponding apparatuses thereof
WO2006000151A1 (en) A method for managing the local terminal equipment to access the network
WO2009033382A1 (en) Method and network element device for acquiring the policy control information of ip access session
WO2004107650A1 (en) A system and method of network authentication, authorization and accounting
WO2013063783A1 (en) Data security channel processing method and device
WO2008019615A1 (en) The method, device and system for access authenticating
WO2006000152A1 (en) A method for managing the user equipment accessed to the network by using the generic authentication architecture
WO2007019771A1 (en) An access control method of the user altering the visited network, the unit and the system thereof
WO2012167500A1 (en) Method for establishing data security channel for tunnel
US8213364B2 (en) Method for releasing a high rate packet data session
WO2008125062A1 (en) Method of admittance judgment and paging user in mobile communication system, system and device thereof
WO2010069202A1 (en) Authentication negotiation method and the system thereof, security gateway, home node b
WO2010015134A1 (en) Method and system and user equipment for protocol configuration option transmission
WO2006047956A1 (en) The general authentication frame and a method for updating the user security description information in the bsf
WO2008099254A2 (en) Authorizing n0n-3gpp ip access during tunnel establishment
WO2010040309A1 (en) Access method, network system and device
WO2011050660A1 (en) Access method and equipment
WO2015100874A1 (en) Home gateway access management method and system
WO2009129703A1 (en) Method and device for registering at universal service interface system
WO2007124671A1 (en) A method, device and system of negotiating the encrypting algorithm between the user equipment and the network
WO2012028008A1 (en) Method and system for controlling heterogeneous networks
WO2014134973A1 (en) Terminal switching method, access controller and access point

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09735960

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09735960

Country of ref document: EP

Kind code of ref document: A1