WO2010130126A1 - Method and system for access control and access side device - Google Patents

Method and system for access control and access side device Download PDF

Info

Publication number
WO2010130126A1
WO2010130126A1 PCT/CN2009/075261 CN2009075261W WO2010130126A1 WO 2010130126 A1 WO2010130126 A1 WO 2010130126A1 CN 2009075261 W CN2009075261 W CN 2009075261W WO 2010130126 A1 WO2010130126 A1 WO 2010130126A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
csg
service type
access
management device
Prior art date
Application number
PCT/CN2009/075261
Other languages
French (fr)
Chinese (zh)
Inventor
陆伟
吴问付
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2010130126A1 publication Critical patent/WO2010130126A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/02Access restriction performed under specific conditions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/06Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
    • H04W4/08User group management

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to an access control method and system. Background technique
  • the fixed network and the mobile network are more and more integrated.
  • the UE User Equipment
  • the home wireless access device such as HNB, Home NodeB home base station; HeNB, Home evolved NodeB).
  • Home base station such as HNB, Home NodeB home base station; HeNB, Home evolved NodeB).
  • Home base station such as HNB, Home NodeB home base station; HeNB, Home evolved NodeB.
  • Home base station such as HNB, Home NodeB home base station; HeNB, Home evolved NodeB.
  • Home base station such as HNB, Home NodeB home base station; HeNB, Home evolved NodeB.
  • Home base station such as HNB, Home NodeB home base station; HeNB, Home evolved NodeB
  • Home base station such as HNB, Home NodeB home base station; HeNB, Home evolved NodeB
  • Home base station such as HNB, Home NodeB home base station; HeNB, Home evolved NodeB.
  • Home base station such as HNB, Home NodeB home base station
  • each CSG includes one cell or several cells of the operator, and each CSG is identified by a CSG ID (identity), and the UE (or user user) may belong to one or more CSGs, that is, one or more CSGs.
  • the CSG ID of one or more CSGs is stored on the UE, and the CSG ID constitutes an Allowed CSG List (also referred to as a CSG ID list).
  • the mode of CSG access can be Closed Access Mode or Hybrid. Access Mode (mixed mode).
  • the CSG ID included in the Allowed CSG List of the UE is consistent with the CSG ID of the pre-accessed CSG, that is, the UE is a CSG member, allowing the CSG to access the CSG, but not the non-CSG member.
  • the UE accesses the CSG, and the non-CSG member refers to the UE that does not include the CSG ID of the pre-accessed CSG in the Allowed CSG List;
  • each UE may choose to access the CSG regardless of whether the UE is a CSG member. However, in order to ensure the normal service of the UE as a CSG member, other non-CSG members may be used in the case of limited resources.
  • the UE is detached or switched to another macro network.
  • the inventors have found that at least the following problems exist in the prior art: When the Closed Access Mode is used, only the UEs of the CSG members are allowed to access the CSG, and the UEs that are allowed to access the CSG are usually used first. Preemption of resources on a first-come-first-served basis is not conducive to the use of network resources;
  • Embodiments of the present invention provide an access control method and system, which implement access control for different users and effectively utilize resources.
  • An embodiment of the present invention provides an access control method, including:
  • An embodiment of the present invention further provides an access management device, including:
  • a service type obtaining unit configured to obtain a permitted service type of the user in the CSG
  • the access control unit determines whether the user allows access to the CSG according to the allowed service type of the CSG.
  • Embodiments of the present invention provide an access control system, including a service type subscription database and a policy and charging rule function device PCRF:
  • the service type subscription database is configured to store an allowed service type of the CSG pre-configured for the user equipment according to whether the user is a CSG member, and/or a CSG ID accessed by the user, and/or a type of the user equipment;
  • the PCRF is configured to obtain an allowed service type of the user in the CSG, and determine, according to the allowed service type of the CSG, whether the user is allowed to access the CSG.
  • the technical solution provided by the foregoing embodiment of the present invention can be used to determine whether the user is allowed to access the CSG according to the allowed service type of the CSG by obtaining the service type of the user in the closed user group CSG.
  • Providing differentiated services for different users for different service types can not only effectively utilize network resources, but also create conditions for users to set resource usage methods according to needs, and improve utilization of network resources.
  • FIG. 1 is a schematic structural diagram of a home access mode in the prior art
  • FIG. 2 is a flowchart of an access control method according to an embodiment of the present invention.
  • FIG. 3 is a block diagram showing the structure of an access management device according to an embodiment of the present invention.
  • FIG. 4 is a block diagram showing the structure of an access control system according to an embodiment of the present invention.
  • FIG. 5 is a schematic diagram 1 of an application scenario of an access control system according to an embodiment of the present invention.
  • FIG. 6 is a second schematic diagram of an application scenario of an access control system according to an embodiment of the present invention.
  • FIG. 7 is a schematic diagram 3 of an application scenario of an access control system according to an embodiment of the present invention.
  • FIG. 8 is a schematic diagram 4 of an application scenario of an access control system according to an embodiment of the present invention.
  • FIG. 9 is a schematic diagram 5 of an application scenario of an access control system according to an embodiment of the present invention. detailed description
  • the CSG access mode restricts users from accessing specific CSGs, and there are defects in that they cannot effectively utilize limited resources to meet the service needs of different users.
  • An embodiment of the present invention provides an access control method and system, by obtaining a service type of a user in a closed subscriber group CSG, and accessing the CSG to provide different users with different service types for different users.
  • Service can effectively utilize network resources.
  • the owner of the home wireless access device usually wants the home wireless access device to provide services only to family members and a number of specific visitors, that is, home wireless access.
  • the owner of the incoming device also wants to restrict users' access to specific CSGs, control network resources, and ensure their own needs while meeting the needs of other different users.
  • the access control method and system provided by the embodiments of the present invention may also set a resource usage method and control network resource creation conditions according to requirements, and improve utilization of network resources.
  • FIG. 1 a schematic diagram of a structure of a home access mode in the prior art, including a home wireless access device, and a licensed language, connects the user to the operator's mobile network through the Generic IP Access Network.
  • the home wireless access device includes: an HNB, which operates in a UTRAN (UMTS Terrestrial Radio Access Network UMTS, terrestrial radio access network) spectrum;
  • UTRAN UMTS Terrestrial Radio Access Network UMTS, terrestrial radio access network
  • HeNB operating in an E-UTRAN (Evolved UMTS Terrestrial Radio Access Network) spectrum
  • the Home non-3GPP WAP running on non-3GPP networks (such as CDMA/Wimax/WLAN/HRPD). (Code Division Multiple Access, WiMAX (Worldwide Interoperability for Microwave Access) / WLAN (High Local Area Network) / HRPD (High Rate Packet Data) Data))
  • the spectrum used by the radio access network The GW (Gateway) of the home radio access device, such as HNB GW, HeNB GW, Home non-3GPP WAP GW, performs home wireless access device management and access Control, collect home wireless access equipment, route and forward data between the home wireless access equipment and signaling between network elements in the mobile network.
  • MME Mobility Management Entity
  • responsible for control plane mobility management in E-UTRAN networks including user context and mobility state management, assigning user temporary Identity, etc.
  • SGSN Serving GPRS Supporting Node
  • SGSN Serving GPRS Supporting Node
  • non-3GPP GW implements mobility management, session management and other functions in non-3GPP networks (for WLAN networks, non-3GPP GW is Evolved Packet Data Gateway (EPDG); for Wimax networks)
  • the non-3GPP GW is an Access Service Network Gateway (ASN GW); for a CDMA network, the non-3GPP GW is an Access Gateway (AGW); for the HRPD network, the non-3GPP GW is a high speed Packet Data Service Gateway (HSGW, HRPD Serving Gateway))
  • the HSS Home Subscriber Server
  • the HSS Home Subscriber Server
  • the AAA Server (Authentication, Authorization and Accounting Server) is used to perform access authentication, authorization, and accounting functions for users.
  • HMS Home Management Server
  • the HMS can be a separate network element or integrated into the HSS.
  • the HMS can also be directly connected to the home wireless access point. This architecture is not limited.
  • an embodiment of the present invention provides an access control method, including:
  • Step 1 1 Obtain the allowed service type of the user in the closed user group CSG;
  • Step 12 Determine, according to the allowed service type of the CSG in the CSG, whether the user is allowed to access the CSG.
  • the service type may be pre-defined by the owner and the operator of the home wireless access device, and is pre-stored in the service type subscription database.
  • the service type is for a CSG ID, according to whether the user is a CSG member. And/or the type of user, pre-set for the user.
  • a CSG ID when the user is a CSG member, the user corresponds to a certain service type, or when the user is not a CSG member, the user corresponds to a certain service type.
  • the user type of the specific visitor is temporary
  • the user type of the owner of the home wireless access device is normal, and the like, and different types of users are assigned different types of services.
  • the user when the user is a CSG member, the user corresponds to a certain service type, or when the user is not a CSG member, the user corresponds to a certain service type, and according to the type of the user, the user may be a CSG member.
  • the service type is more finely divided.
  • the user type of the specific visitor is temporary
  • the user type of the owner of the home wireless access device is normal
  • the temporary and normal types of the user type correspond to the service type when the user is a CSG member.
  • Different subdivisions similarly, according to the type of the user, the corresponding service type can be more finely divided when the user is not a CSG member.
  • the user type such as classifying the user into high-level, ordinary, etc., will not be described.
  • the classification method of the user type is not limited to the above.
  • the service type subscription database can be CSS (CSG Subscriber Server, CSG subscription data) Library), SPR (Subscription Profile Repository), or a database for storing business information data such as HSS.
  • CSS CSG Subscriber Server, CSG subscription data
  • SPR Subscribescription Profile Repository
  • a database for storing business information data such as HSS.
  • the QCI Class Identification (QOS Class Identification) of the service type can be used to identify the service permission setting type, for example, the user can only be allowed to perform the service.
  • the service authority obtained by the user is the service whose QCI value cannot exceed 5, and the service permission can be set in the manner of a cell, for example, setting with two bytes. , one byte sets the service permission setting method, such as QCI, and another byte sets its upper limit 5;
  • GBR fixed bearer rate
  • users can not perform GBR-bearing services and can only perform non-GBR bearer services.
  • service permission settings such as some users setting available network bandwidth, bandwidth resource settings using the highest bandwidth, and so on.
  • the execution body of the step 1 1 of obtaining the allowed service type of the user in the CSG may be a Policy and Charging Rules Function (PCRF), and the PCRF is a Policy and Charging Control (Policy and Charging Control) , PCC) policy and charging rules feature devices.
  • PCRF Policy and Charging Rules Function
  • PCC Policy and Charging Control
  • the step 1 1 of obtaining the allowed service type of the user in the CSG includes: The PCRF obtains the CSG information of the user access and/or the type of the user from the mobility management device;
  • the PCRF obtains the allowed service type of the user in the CSG from the service type subscription database according to the CSG information accessed by the user and/or the type of the user. For details, please refer to the following.
  • the CSG information accessed by the user includes whether the user is a CSG member and/or a CSG accessed by the user.
  • the step 1 1 of obtaining the allowed service type of the user in the CSG may be, before the PCRF obtains the allowed service type of the CSG from the mobility management device, and the home wireless access device accesses according to the user.
  • the CSG information, and/or the type of the user configures the allowed service type of the user in the CSG, and sends the service type to the service type subscription database; the mobility management device obtains the user's permission in the CSG from the service type subscription database. business type.
  • the home wireless access device configures the allowed service type of the user in the CSG according to whether the user is the CSG member, and/or the type of the user, and sends the service type to the service type subscription database, for example, for a certain CSG. ID, not only can the user be set as a CSG member, but also the type of the user (temporary or normal, etc.), in particular, the allowed service type of the CSG is preset for the user.
  • the owner of the home wireless access device can restrict the user from accessing a specific CSG, control the network resources, and ensure the needs of other users while satisfying the needs of other users. For details, refer to the following description.
  • step 12 of determining, according to the allowed service type of the CSG, whether the user is allowed to access the CSG includes:
  • the PCRF sends the allowed service type of the user in the CSG to the mobility management device, and the home wireless At least one of an access device or a user device;
  • the mobility management device, the home wireless access device, or the user equipment receives the service request of the user; the mobility management device, the home wireless access device, or the user equipment determines whether the service request conforms to the allowed service type of the CSG, and the access conforms Business request, or reject a non-compliant business request.
  • step 12 of determining, according to the allowed service type of the CSG, whether the user is allowed to access the CSG includes:
  • the PCRF receives the service request of the user
  • the PCRF accesses a service request of a user who conforms to the allowed service type of the CSG, or rejects a service request of a user who does not comply with the permitted service type of the CSG.
  • the access control method may further include:
  • the mobility management device or the home wireless access device receives the user's tracking area update request or handover request;
  • the mobility management device or the home wireless access device transmits the allowed service type of the user in the CSG to the updated or switched mobility management device or home wireless access device of the tracking area update request or the handover request.
  • the source mobility management device may send the user permission control class of the CSG to the target mobility management device for access control, and the target network is implemented.
  • the method of access control is the same as the foregoing description, and details are not described herein again.
  • an embodiment of the present invention provides an access management device, including:
  • a service type obtaining unit 101 configured to obtain a permitted service type of the user in the CSG
  • the access control unit 102 determines, according to the allowed service type of the user in the CSG, whether the user is Allow access to the CSG.
  • the service type obtaining unit 101 is configured to obtain, from the mobility management device, an allowed service type of the user in the CSG; or a CSG for obtaining user access from the mobility management device.
  • Information and/or type of the user obtaining, according to the CSG information accessed by the user and/or the type of the user, the allowed service type of the user in the CSG from the service type subscription database, where the user picks up
  • the incoming CSG information includes whether the user is a CSG ID for the CSG member and/or user access.
  • the service type obtaining unit 101 is configured to obtain, by using the policy and charging rule function device, the allowed service type of the user in the CSG.
  • the access control unit 102 is configured to receive a service request of the user, and determine whether the service request of the user meets the foregoing.
  • the CSG allows the service type, accesses the qualified service request, or rejects the non-compliant service request.
  • the access control unit 102 is configured to determine, according to the allowed service type of the CSG, whether to initiate a matching service request, or not to initiate a non-compliant service request.
  • the access management device when the access management device is a PCRF, the access management device further includes:
  • a first service type sending unit configured to send the allowed service type of the user in the CSG to at least one of a mobility management device, a home wireless access device, or a user equipment.
  • the access management device when the access management device is a mobility management device or a home wireless access device, the access management device further includes: a second service type sending unit, configured to send the allowed service type of the CSG to the tracking area update request or the switching request update or switch after receiving the tracking area update request or the handover request of the user Access management device.
  • a second service type sending unit configured to send the allowed service type of the CSG to the tracking area update request or the switching request update or switch after receiving the tracking area update request or the handover request of the user Access management device.
  • the access management device when the access management device is a home wireless access device, the access management device further includes: a service type configuration unit, configured to configure a user's allowed service in the CSG according to whether the user is a CSG member, and/or a user type Type, and store the allowed service type of the user in the CSG in the service type subscription database.
  • a service type configuration unit configured to configure a user's allowed service in the CSG according to whether the user is a CSG member, and/or a user type Type, and store the allowed service type of the user in the CSG in the service type subscription database.
  • the home wireless access device may be a home base station HNB, or an evolved home base station HeNB, or a home non-3GPP wireless access point Home non-3GGP WAP.
  • an access control system includes a service type subscription database 200 and a policy and charging rule function device (PCRF) 100:
  • PCRF policy and charging rule function device
  • the service type subscription database 200 is configured to store, according to whether the user is a CSG member, and/or a CSG ID accessed by the user, and/or a type of the user equipment, pre-configuring the allowed service type of the CSG for the user equipment;
  • the policy and charging rule function device 100 is configured to obtain an allowed service type of the user in the CSG, and determine, according to the allowed service type of the CSG, whether the user is allowed to access the CSG.
  • system may further include:
  • the mobility management device 300 is configured to obtain, by using the policy and charging rule function device 100, the allowed service type of the user in the CSG, and determine, according to the allowed service type of the CSG, whether the user is allowed to access the CSG.
  • the home wireless access device 400 is configured to obtain, by the policy and charging rule function device 100 and the mobility management device 300, the allowed service type of the user in the CSG, according to the user's permission in the CSG.
  • the service type determines whether the user is allowed to access the CSG.
  • the user equipment 500 is configured to obtain, by the policy and charging rule function device 100, the mobility management device 300, and the home wireless access device 400, the allowed service type of the user in the CSG, and determine the type according to the allowed service type of the user in the CSG. Whether the user is allowed to access the CSG.
  • the PCRF, the mobility management device, the home wireless access device, and the user equipment can store the allowed service type of the user in the CSG, so as to facilitate monitoring of the user service.
  • the system may further include: a Serving GW (S-GW) and/or a Packet Data Network Gateway (P-GW, PDN GW, Packet Data Network), and the PCRF may pass the service network management and/or the packet data network.
  • S-GW Serving GW
  • P-GW Packet Data Network Gateway
  • P-GW Packet Data Network Gateway
  • the gateway obtains, from the mobility management device, whether the user is the type of the CSG member, and/or the user equipment, or obtains the allowed service of the user equipment in the CSG from the mobility management device by using the service network management and/or the network network management. Types of.
  • the PCRF may send the allowed service type of the user equipment in the CSG to at least one of the mobility management device, the home wireless access device, or the user equipment by using the service network management system and/or the network network management system.
  • the service network management and the packet data network gateway are not described here. For details, refer to the following.
  • the technical solution provided by the foregoing embodiment of the present invention can be used to determine whether the user is allowed to access the CSG according to the allowed service type of the CSG by obtaining the service type of the user in the closed user group CSG.
  • Providing differentiated services for different users for different service types can not only effectively utilize network resources, but also create conditions for users to set resource usage methods according to needs, and improve utilization of network resources.
  • an access control method of an embodiment of the present invention is described in conjunction with an execution body, which is obtained
  • the allowed service type of the user in the CSG determines whether the user is allowed to access the CSG according to the allowed service type of the CSG, and provides differentiated services for different users for different service types: 1 1 1.
  • User equipment passes the family
  • the wireless access device initiates an access request message to the mobility management device.
  • the user equipment receives the CSG ID of the CSG broadcast, obtains the CSG ID accessed by the user, and sends the CSG ID accessed by the user to the home wireless access device.
  • the home wireless access device can obtain the user's Allowed CSG List information from the HMS, CSS, or the operator's backend system.
  • the home wireless access device can determine whether the user is a CSG member according to the user's Allowed CSG List (also referred to as the CSG list) and the CSG ID accessed by the user: If the CSG ID accessed by the user is in the user's In the Allowed CSG List, the user is a CSG member; if the CSG ID accessed by the user is not in the Allowed CSG List of the user, the user is a non-CSG member;
  • the home wireless access device can obtain the type of the user according to the type identification of the user.
  • the home wireless access device notifies the mobility management device of the CSG information and/or the type of the user accessed by the user, and the CSG information accessed by the user includes whether the user is a CSG member and/or a CSG ID accessed by the user.
  • the access request message may be an attach request, a tracking area update request, a handover request, or the like, or may be a request for a user to request a service, such as a PDN (Packet Data Network) connection establishment request, a resource modification request, and a resource allocation.
  • the request is either a proprietary bearer setup request, a bearer modification request, and the like.
  • the home wireless access device sends an access request message to the mobility through the access side gateway.
  • the mobility management device acquires the CSG information and/or the type of the user accessed by the user.
  • the CSG information accessed by the user such as whether the user is a CSG member and/or a CSG ID accessed by the user.
  • the mobility management device may obtain the CSG information and/or the type of the user access by the user in another manner: if the mobility management device according to the CSG ID of the user access reported by the home wireless access device, the mobility management device The Allowed CSG list of the user obtained in the HMS, CSS or the operator's back-end system, and then the mobility management device compares the CSG ID accessed by the user with the Allowed CSG list of the user, and knows whether the user is a CSG member, and/or knows Information such as the type of user.
  • the mobility management device sends a message notification message to the S-GW (Serving GW).
  • the mobility management device can create a default backup request (Update Default Bearer Request), update a bearer request (Update Bearer Request), create a PDP (Packet Data Protocol) context request (Create PDP Context Request), or update a PDP context.
  • the message such as the request informs the S-GW whether the obtained user is a CSG member, and/or a CSG ID accessed by the user, and/or a type of the user.
  • the S-GW sends an information notification message to the P-GW (PDN GW, Packet Data Network, Packet Data Network Gateway).
  • PDN GW Packet Data Network, Packet Data Network Gateway
  • the S-GW notifies the P-GW whether the user is a CSG member, and/or a CSG ID accessed by the user, and/or a type of the user.
  • the S-GW may create a default bearer request by including, but not limited to, these listed messages.
  • Update Bearer Request Create PDP Context Request, or Update Whether the user obtained by the message such as the PDP context request (Update PDP Context Request) is notified to the P-GW by the CSG member, and/or the CSG ID accessed by the user, and/or the type of the user;
  • the S-GW obtain the user through the proxy binding update (PBU, Proxy Binding Update)? Notifying the P-GW to the CSG member, and/or the CSG ID accessed by the user, and/or the type of the user;
  • PBU Proxy Binding Update
  • the P-GW sends an information notification message to the PCRF.
  • the P-GW sends an information notification message to the PCRF to notify the PCRF whether the user is a CSG member, and/or the CSG ID accessed by the user, and/or the type of the user.
  • the S-GW can control the Gateway Control Session Establishment, the Gateway Control and the QoS Rules Request, etc. through the Gateway Control Session Establishment, Gateway Control and QoS Rules Request, etc.
  • the message will be notified to the PCRF whether the user is a CSG member, and/or the CSG ID accessed by the user, and/or the type of the user.
  • the PCRF sends an information notification message to the service type subscription database.
  • the PCRF notifies the service type subscription database whether the user is a CSG member, and/or a CSG ID accessed by the user, and/or a type of the user.
  • This information notification message may be a user subscription data request message, etc., and will not be described again.
  • the service type subscription database finds the service type of the CSG where the user is located, and sends a notification message to the PCRF.
  • the service type subscription database may be in the following manners including, but not limited to, finding the service type of the CSG where the user is located:
  • the CSG ID of the user sets different allowed service types for users of different PLMNs.
  • Chinese mobile users can only use one type of service type, such as audio service
  • China Unicom users can use various services. , including audio and video services.
  • the service type of the non-CSG user can be found under the category of the China Unicom user under the CSG ID found.
  • the non-CSG user cannot use the video service.
  • the user can only use other non-video services.
  • the information notification response message may include the allowed service type of the user, and may also include at least one of a CSG ID accessed by the user, a CSG member, and a type of the user.
  • the information notification message may be a user subscription data request message or the like
  • the information notification response message may be a subscription data response message or the like.
  • the PCRF sends a message notification response message to the P-GW.
  • the information notification response message may include the type of the allowed service of the user, and may also include at least one of the CSG ID of the user access, whether the user is a CSG member, and the type of the user.
  • the PCRF may also directly send the user's allowed service type to the S-GW, or may include the user.
  • the CSG ID of the access whether the user is a CSG member, and At least one of the types of households.
  • the PCRF sends a message notification response message to the P-GW.
  • the information notification response message may include the type of the allowed service of the user, and may also include at least one of the CSG ID of the user access, whether the user is a CSG member, and the type of the user.
  • the S-GW sends a message notification response message to the mobility management device.
  • the information notification response message includes the type of the allowed service of the user, and may also include at least one of the CSG ID accessed by the user, whether the user is a CSG member, and the type of the user.
  • the type of allowed service of the user that the S-GW can obtain by creating a default bearer response message, updating a bearer response, creating a PDP context response, or updating a PDP context response, a CSG ID of the user access, whether the user is a CSG member, and At least one of the types of users is notified to the mobility management device.
  • the mobility management device sends an access response message to the user through the home wireless access device.
  • the access response message may contain the allowed service type of the user.
  • the mobility management device can notify the user by attaching an accept message (Attach accept), a tracking area update accept message (TAU accept) message, and the like.
  • the home wireless access device can also be notified by the Initial UE context request message.
  • the access request is a PDN (Packet Data Network) connection establishment request, a resource modification request, a resource allocation request, or a dedicated bearer setup request, a bearer modification request, and the like.
  • the RRC connection reconfiguration message may be used to notify the UE or the Bearer setup request message to notify the home access device of the allowed service type of the user, or the requested access request has no permission to be denied, and the message may be carried in the Deactive bearer request message.
  • the element notifies the user of the allowed service type to the home access device, or through the Radio bearer release request
  • the message carries the cell to notify the user of the type of allowed service of the user.
  • the user When the user is not allowed to access, the user may also be notified of the allowed service type by rejecting the message, including including the mobile service type that is not limited to the PDN CONNECTIVITY REJECT message. It is noted that, in the access control method of the embodiment of the present invention, after the user equipment, the home wireless access device, the mobility management device, or the P-GW, or the PCRF receives the service type of the user, the user equipment, the home wireless The access device, the mobility management device or the P-GW, or the PCRF can monitor the service, such as:
  • the user equipment After receiving the allowed service type of the user in the CSG, the user equipment saves the allowed service type to control that it no longer initiates a service request without permission.
  • the user will not initiate a service with a QCI value of 5. If the user is not allowed to use the GBR service, the user will not initiate the GBR bearer service.
  • the home wireless access device saves the allowed service type after receiving the allowed service type in the CSG.
  • the user requests the service, it determines whether the requested service of the user meets the allowed service type, accesses the qualified service request, or refuses to Compliance with business requests.
  • the home wireless access device can directly initiate the rejection without accepting the request.
  • the home wireless access device finds that its service is to use G B R bearer, then the service request can be directly rejected.
  • the source home can be connected by switching the message.
  • the service type saved on the device is notified to the target home wireless access device.
  • the Forward relocation request message can be used.
  • the specific message is not restricted.
  • the target home wireless access device can select whether to access or reject the service request according to the service type of the user.
  • the mobility management device After receiving the allowed service type of the CSG, the mobility management device saves the allowed service type. When the user requests the service, it determines whether the requested service of the user meets the allowed service type, accesses the qualified service request, or refuses to Compliance with business requests.
  • the mobility management device can directly initiate the rejection without accepting the request.
  • the mobility management device finds that its service is to use GBR bearer, then the service request can be directly rejected.
  • the source mobility management device sends the allowed service type of the user in the CSG to the target mobility management device, for example, in the UE CONTEXT Request/Response
  • the (UE Context Request/Response message) message includes the allowed service type of the user in the CSG to facilitate the target mobility management device to perform service control.
  • the P-GW determines whether the requested service of the user meets the allowed service type, accesses the qualified service request, or rejects the non-compliant service request.
  • the specific processing includes not limited to the following situations:
  • the P-GW can directly initiate the rejection without accepting the request. For example, if the user can only use the non-GBR service, if the P-GW finds that its service is to use the GBR bearer, then the service request can be directly rejected.
  • the PCRF determines whether the requested service of the user meets the allowed service type, accesses the qualified service request, or rejects the non-compliant service request.
  • the PCRF and PCEF Policy and Charging Enforcement Function are the main policy control entities in the PCC, and the PCEF can be a device that is integrated with the PGW. It can be known that when a user initiates a service request, the PCEF can also reject the non-compliant service request.
  • Embodiment 2 Policy and Charging Enforcement Function
  • FIG. 6-8 a schematic diagram of an application scenario of an access control system according to an embodiment of the present invention illustrates an embodiment of the present invention.
  • an owner of a home wireless access device joins a user as a CSG member
  • the user is added to the CSG.
  • the ID list, and the type of the user in particular, when setting the allowed service type of the CSG at the same time, how to access the CSG to obtain different types of services by obtaining the allowed service type of the user in the CSG
  • a number of specific guest visits the owner of the home wireless access device, can access the user as a CSG member, and/or set the type of the visiting user (temporary or normal, etc.), in particular, The allowed service type in the CSG is preset for the user.
  • the user management system involved in this step may be an HMS, but is not limited to the HMS, and is not limited to a specific network element.
  • the user management system includes all the networks involved in the list of CSG IDs added to the user access. yuan. 222.
  • the user management system sends a request message for adding a user to the CSG ID list to the service type subscription database.
  • the business type contract database may be a database such as HSS, SPR, and CSS (CSG contract server).
  • the message may include the type of allowed service of the user in the CSG, and the like.
  • the service type subscription database sends an increase user to the CSG ID list confirmation message to the user management system.
  • This message may include the type of allowed service of the user in the CSG, and the like.
  • the service type subscription database sends a message to the user that allows the user to modify the list request message.
  • This message may also include the type of allowed service of the user in the CSG, and the like.
  • the user sends a permission to the user to modify the list confirmation message to the service type subscription database.
  • Step 225 an example process for joining a user to a CSG member. This process is only an example and should not be considered as the only restriction on joining a user as a CSG member.
  • the user downloads the allowed service type from the CSG to the mobility management device.
  • This process can be performed in the attach and location update process (tracking zone update or routing zone update), and the service type subscription database downloads the allowed service type of the specific user in the CSG to the mobility management device.
  • the service type subscription database sends an insertion subscription data message to the mobility management device.
  • the message can contain the type of service allowed by the user in the CSG.
  • the mobility management device sends an insertion contract data confirmation message to the service type subscription database.
  • the mobility management device obtains the type of allowed service of the user in the CSG.
  • the owner of the home wireless access device adds the user to the CSG ID column of the user access.
  • the user's allowed service type in the CSG is also set.
  • the mobility management device can obtain the service type subscription database.
  • the allowed service type of the user in the CSG, and the PCRF can obtain the allowed service type of the user in the CSG from the mobility management device, and the PCRF performs the decision of the bearer rule, and the bearer rule determines the service rule according to the allowed service type. For example, the QOS carried by the business.
  • the PCRF obtains the allowed service type of the user in the CSG from the service type subscription database, and then makes a decision on the business rule.
  • the access network management network element For the user equipment, the access network management network element, the mobility management device, the PCRF, or the P-GW to monitor the service, refer to the method described in the first embodiment, and no further details are provided.
  • Embodiment 3 For the user equipment, the access network management network element, the mobility management device, the PCRF, or the P-GW to monitor the service, refer to the method described in the first embodiment, and no further details are provided.
  • the difference between this embodiment and the first embodiment is that the UE (user equipment) sends an access request message to the non-3GPP GW (non-3GPP gateway) through the home access device, and the user is sent by the non-3GPP GW.
  • the CSG ID of the access, whether the user is a CSG member, and at least one of the types of users are given to the PCRF.
  • the PCRF obtains the allowed service type of the user in the CSG from the service type subscription database, and then makes a decision on the business rule.
  • control of the service for the UE, the home radio access device, the non-3GPP GW, and the PCRF may be performed in the manner described in Embodiment 1, and details are not described herein.
  • the present invention can be implemented by means of software plus a necessary general hardware platform, and of course, can also be implemented by hardware, or a combination of the two. Based on such understanding, the technical solution of the present invention is essentially or The portion of the technology contribution can be embodied in the form of a software product, which can be stored in a storage medium, including instructions for causing a computer device (which can be a personal computer, server, or network) Apparatus, etc.) performs the methods described in various embodiments of the present invention.
  • the storage medium may be random access memory (RAM), memory, read only memory (ROM), electrically programmable R ⁇ M, electrically erasable programmable R ⁇ M, registers, hard disk, removable disk, CD-R ⁇ M, Or any other form of storage medium known in the art.
  • RAM random access memory
  • ROM read only memory
  • electrically programmable R ⁇ M electrically erasable programmable R ⁇ M
  • registers hard disk, removable disk, CD-R ⁇ M, Or any other form of storage medium known in the art.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method and a system for access control are provided by the embodiments of the present invention, wherein, the method for access control includes: obtaining the subscriber's permitted service type in the closed subscriber group CSG (11); determining whether the subscriber is permitted to access the CSG according to the subscriber's permitted service type in the CSG (12). The subscriber accesses the CSG by obtaining the subscriber's service type in the closed subscriber group CSG to realize providing discrepant services for different subscribers according to different service types. The invention can not only utilize the network resources effectively, but also create conditions for the subscribers to set the usage of resources according to the requirement, and improve the availability of the network resources.

Description

一种接入控制的方法、 系统及接入侧设备  Method, system and access side device for access control
技术领域 Technical field
本发明涉及通信技术领域, 尤其涉及一种接入控制方法及系统。 背景技术  The present invention relates to the field of communications technologies, and in particular, to an access control method and system. Background technique
目前, 通信的业务类型越来越多, 为了利用有限资源满足不同用户的业务 需求, 需要对网络资源采用各种不同的控制策略。  At present, there are more and more types of communication services. In order to utilize limited resources to meet the business needs of different users, various control strategies are needed for network resources.
而且, 固定网络与移动网络越来越融合, 参见图 1所示, 如 UE ( User Equipment, 用户设备) 可以通过家庭无线接入设备(如 HNB, Home NodeB 家庭基站; HeNB, Home evolved NodeB演进的家庭基站; Home non-3GGP WAP, Home non-3GPP wireless access point 家庭非第三代合作伙伴计划无 线接入点) , 通过 Generic IP Access Network (通用的 IP接入网络)将 UE连接 到运营商的移动网络, 即家庭接入模式, 网络资源可以用于很多的家庭网络业 务。  Moreover, the fixed network and the mobile network are more and more integrated. As shown in FIG. 1, for example, the UE (User Equipment) can be evolved through the home wireless access device (such as HNB, Home NodeB home base station; HeNB, Home evolved NodeB). Home base station; Home non-3GGP WAP, Home non-3GPP wireless access point, non-third generation partner program wireless access point), connecting UE to carrier through Generic IP Access Network Mobile networks, that is, home access modes, network resources can be used for many home network services.
所以, 不仅运营商希望控制网络资源, 家庭无线接入设备的所有者也希望 可以控制网络资源, 保证自己的需求的同时也要满足其他不同用户的需求。  Therefore, not only do operators want to control network resources, but the owners of home wireless access devices also want to control network resources to ensure their own needs while meeting the needs of other different users.
为了利用有限资源满足不同用户的业务需求, 已经提出 CSG ( Closed Subscriber Group, 封闭用户组)接入机制。 具体是: 每个 CSG包括运营商的 一个小区或者几个小区, 每个 CSG以 CSG ID (标识) 来标识, UE (或 user用 户)可以属于一个或多个 CSG , 即成为一个或多个 CSG的成员, 这样, UE上存 储一个或多个 CSG的 CSG ID, CSG ID构成 Allowed CSG List (准入 CSG列表, 也可称为 CSG ID列表) 。  In order to meet the business needs of different users with limited resources, a CSG (Closed Subscriber Group) access mechanism has been proposed. Specifically, each CSG includes one cell or several cells of the operator, and each CSG is identified by a CSG ID (identity), and the UE (or user user) may belong to one or more CSGs, that is, one or more CSGs. In this way, the CSG ID of one or more CSGs is stored on the UE, and the CSG ID constitutes an Allowed CSG List (also referred to as a CSG ID list).
CSG接入的模式又可以为 Closed Access Mode (闭合模式) 或 Hybrid Access Mode (混合模式 ) 。 The mode of CSG access can be Closed Access Mode or Hybrid. Access Mode (mixed mode).
当为 Closed Access Mode时, UE的 Allowed CSG List中包含的 CSG ID与 预接入的 CSG的 CSG ID—致, 即 UE为 CSG成员, 则允许其接入该 CSG, 而不 允许非 CSG成员的 UE接入该 CSG,非 CSG成员即指 Allowed CSG List中不包含 预接入的 CSG的 CSG ID的 UE;  In the Closed Access Mode, the CSG ID included in the Allowed CSG List of the UE is consistent with the CSG ID of the pre-accessed CSG, that is, the UE is a CSG member, allowing the CSG to access the CSG, but not the non-CSG member. The UE accesses the CSG, and the non-CSG member refers to the UE that does not include the CSG ID of the pre-accessed CSG in the Allowed CSG List;
当为 Hybrid Access Mode时, 无论 UE是否为 CSG成员, 各 UE都可以选择 接入该 CSG , 但是为了保证作为 CSG成员的 UE的正常业务, 在资源有限的情况 下, 可以将其他非 CSG成员的 UE分离, 或者将其切换到其它的宏网络中。  In the case of the Hybrid Access Mode, each UE may choose to access the CSG regardless of whether the UE is a CSG member. However, in order to ensure the normal service of the UE as a CSG member, other non-CSG members may be used in the case of limited resources. The UE is detached or switched to another macro network.
在实现本发明过程中, 发明人发现现有技术中至少存在如下问题: 当为 Closed Access Mode时, 由于只允许 CSG成员的 UE接入该 CSG, 而 且, 允许接入 CSG的 UE, 通常采用先到先得抢占资源, 导致不利于网络资源的 利用;  In the process of implementing the present invention, the inventors have found that at least the following problems exist in the prior art: When the Closed Access Mode is used, only the UEs of the CSG members are allowed to access the CSG, and the UEs that are allowed to access the CSG are usually used first. Preemption of resources on a first-come-first-served basis is not conducive to the use of network resources;
当为 Hybrid Access Mode时, 由于在资源有限的情况下, 将其他非 CSG成 员的 UE分离, 或者将其切换到其它的宏网络中, 既不利于网络资源的利用, 又 对非 CSG成员的用户带来不好的业务体验。 发明内容 本发明的实施例提供了一种接入控制方法及系统, 实现对不同用户的接入 控制、 有效利用资源。  When the Hybrid Access Mode is used, the UEs of other non-CSG members are separated or switched to other macro networks in the case of limited resources, which is not conducive to the utilization of network resources and users of non-CSG members. Bring a bad business experience. SUMMARY OF THE INVENTION Embodiments of the present invention provide an access control method and system, which implement access control for different users and effectively utilize resources.
本发明的实施例提供了一种接入控制方法, 包括:  An embodiment of the present invention provides an access control method, including:
获得用户在封闭用户组 CSG的允许业务类型;  Obtain the allowed service type of the user in the closed user group CSG;
根据所述用户在 CSG的允许业务类型确定所述用户是否允许接入所述 CSG。 Determining, according to the allowed service type of the CSG by the user, whether the user is allowed to access the CSG.
本发明的实施例还提供了一种接入管理设备, 包括:  An embodiment of the present invention further provides an access management device, including:
业务类型获取单元, 用于获得用户在 CSG的允许业务类型;  a service type obtaining unit, configured to obtain a permitted service type of the user in the CSG;
接入控制单元, 根据所述用户在 CSG的允许业务类型确定所述用户是否允 许接入所述 CSG。  The access control unit determines whether the user allows access to the CSG according to the allowed service type of the CSG.
本发明的实施例提供了一种接入控制系统, 包括业务类型签约数据库以及 策略和计费规则功能设备 PCRF:  Embodiments of the present invention provide an access control system, including a service type subscription database and a policy and charging rule function device PCRF:
所述业务类型签约数据库, 用于存储根据用户是否为 CSG成员、 和 /或用户 接入的 CSG ID、和 /或用户设备的类型, 为用户设备预先配置的 CSG的允许业务 类型;  The service type subscription database is configured to store an allowed service type of the CSG pre-configured for the user equipment according to whether the user is a CSG member, and/or a CSG ID accessed by the user, and/or a type of the user equipment;
所述 PCRF, 用于获得用户在 CSG的允许业务类型, 根据所述用户在 CSG 的允许业务类型确定所述用户是否允许接入所述 CSG。  The PCRF is configured to obtain an allowed service type of the user in the CSG, and determine, according to the allowed service type of the CSG, whether the user is allowed to access the CSG.
由上述本发明的实施例提供的技术方案可以看出, 通过获得用户在封闭用 户组 CSG的业务类型, 根据所述用户在 CSG的允许业务类型确定所述用户是否 允许接入所述 CSG , 实现针对不同的业务类型为不同的用户提供差异化的服务, 不但可以有效利用网络资源, 也可以为用户根据需要设定资源使用方法创立条 件, 提高对网络资源的利用率。 附图说明  The technical solution provided by the foregoing embodiment of the present invention can be used to determine whether the user is allowed to access the CSG according to the allowed service type of the CSG by obtaining the service type of the user in the closed user group CSG. Providing differentiated services for different users for different service types can not only effectively utilize network resources, but also create conditions for users to set resource usage methods according to needs, and improve utilization of network resources. DRAWINGS
为了更清楚地说明本发明实施例的技术方案, 下面将对实施例描述中所需 要使用的附图作筒单地介绍, 显而易见地, 下面描述中的附图仅仅是本发明的 一些实施例, 对于本领域普通技术人员来讲, 在不付出创造性劳动性的前提下, 还可以根据这些附图获得其他的附图。 图 1为现有技术中家庭接入模式结构示意图; In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be described in detail below. It is obvious that the drawings in the following description are only some embodiments of the present invention. It will be apparent to those skilled in the art that other drawings may be obtained from these drawings without the inventive labor. 1 is a schematic structural diagram of a home access mode in the prior art;
图 2为本发明实施例的接入控制方法流程图;  2 is a flowchart of an access control method according to an embodiment of the present invention;
图 3为本发明实施例的接入管理设备构成框图;  3 is a block diagram showing the structure of an access management device according to an embodiment of the present invention;
图 4为本发明实施例的接入控制系统的构成框图;  4 is a block diagram showing the structure of an access control system according to an embodiment of the present invention;
图 5为本发明实施例接入控制系统的应用场景示意图一;  FIG. 5 is a schematic diagram 1 of an application scenario of an access control system according to an embodiment of the present invention; FIG.
图 6为本发明实施例接入控制系统的应用场景示意图二;  6 is a second schematic diagram of an application scenario of an access control system according to an embodiment of the present invention;
图 7为本发明实施例接入控制系统的应用场景示意图三;  7 is a schematic diagram 3 of an application scenario of an access control system according to an embodiment of the present invention;
图 8为本发明实施例接入控制系统的应用场景示意图四;  8 is a schematic diagram 4 of an application scenario of an access control system according to an embodiment of the present invention;
图 9为本发明实施例接入控制系统的应用场景示意图五。 具体实施方式  FIG. 9 is a schematic diagram 5 of an application scenario of an access control system according to an embodiment of the present invention. detailed description
下面将结合本发明实施例中的附图, 对本发明实施例中的技术方案进行清 楚、 完整地描述, 显然, 所描述的实施例仅仅是本发明一部分实施例, 而不是 全部的实施例。 基于本发明中的实施例, 本领域普通技术人员在没有做出创造 性劳动前提下所获得的所有其他实施例, 都属于本发明保护的范围。  BRIEF DESCRIPTION OF THE DRAWINGS The technical solutions in the embodiments of the present invention will be described in detail with reference to the accompanying drawings. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without the creative work are all within the scope of the present invention.
由于带宽资源有限, 但很多业务类型要占用大量的资源, 现有技术中 CSG 接入模式, 限制用户接入特定的 CSG , 存在不能有效利用有限资源满足不同用 户的业务需求的缺陷。  Due to the limited bandwidth resources, many service types occupy a large amount of resources. In the prior art, the CSG access mode restricts users from accessing specific CSGs, and there are defects in that they cannot effectively utilize limited resources to meet the service needs of different users.
本发明的实施例提供了一种接入控制方法及系统, 通过获得用户在封闭用 户组 CSG的业务类型, 将所述用户接入所述 CSG , 实现针对不同的业务类型为 不同的用户提供差异化的服务, 可以有效利用网络资源。  An embodiment of the present invention provides an access control method and system, by obtaining a service type of a user in a closed subscriber group CSG, and accessing the CSG to provide different users with different service types for different users. Service can effectively utilize network resources.
而且, 结合家庭接入模式的发展, 家庭无线接入设备的所有者通常希望家 庭无线接入设备只对家庭成员和若干特定来访客人等提供服务, 即家庭无线接 入设备的所有者也希望可以限制用户接入特定的 CSG , 控制网络资源, 保证自 己的需求的同时也要满足其他不同用户的需求。 Moreover, in combination with the development of the home access mode, the owner of the home wireless access device usually wants the home wireless access device to provide services only to family members and a number of specific visitors, that is, home wireless access. The owner of the incoming device also wants to restrict users' access to specific CSGs, control network resources, and ensure their own needs while meeting the needs of other different users.
本发明的实施例提供的接入控制方法及系统, 也可以为用户根据需要设定 资源使用方法、 控制网络资源创立条件, 提高对网络资源的利用率。  The access control method and system provided by the embodiments of the present invention may also set a resource usage method and control network resource creation conditions according to requirements, and improve utilization of network resources.
再参见图 1所示, 现有技术中家庭接入模式结构示意图, 包括家庭无线接入 设备, 使用许可的频语, 通过 Generic IP Access Network将用户连接到运营商 的移动网络。  Referring to FIG. 1 again, a schematic diagram of a structure of a home access mode in the prior art, including a home wireless access device, and a licensed language, connects the user to the operator's mobile network through the Generic IP Access Network.
家庭无线接入设备包括: HNB, 运行在 UTRAN ( UMTS Terrestrial Radio Access Network UMTS, 陆地无线接入网)频谱;  The home wireless access device includes: an HNB, which operates in a UTRAN (UMTS Terrestrial Radio Access Network UMTS, terrestrial radio access network) spectrum;
HeNB , 运行在 E-UTRAN ( Evolved UMTS Terrestrial Radio Access Network, 演进的 UMTS陆地无线接入网)频谱;  HeNB, operating in an E-UTRAN (Evolved UMTS Terrestrial Radio Access Network) spectrum;
Home non-3GPP WAP , 运 行 在 non-3GPP 网 络 ( 如 CDMA/Wimax/WLAN/HRPD等网络)频谱。 ( Code Division Multiple Access, 码分多址接入 ) /Wimax ( Worldwide Interoperability for Microwave Access, i 波存取全球互通) /WLAN ( Wireless Local Area Network, 无线局域网 ) /HRPD(High Rate Packet Data, 高速分组数据) )等无线接入网络使用的频谱) 家庭无线接入设备的 GW ( Gate way, 网关) , 如 HNB GW、 HeNB GW、 Home non-3GPP WAP GW, 执行家庭无线接入设备管理和接入控制、 汇集家 庭无线接入设备, 路由和转发家庭无线接入设备和移动网络中的网元之间的信 令的数据等功能。  Home non-3GPP WAP, running on non-3GPP networks (such as CDMA/Wimax/WLAN/HRPD). (Code Division Multiple Access, WiMAX (Worldwide Interoperability for Microwave Access) / WLAN (High Local Area Network) / HRPD (High Rate Packet Data) Data)) The spectrum used by the radio access network) The GW (Gateway) of the home radio access device, such as HNB GW, HeNB GW, Home non-3GPP WAP GW, performs home wireless access device management and access Control, collect home wireless access equipment, route and forward data between the home wireless access equipment and signaling between network elements in the mobile network.
MME ( Mobility Management Entity, 移动性管理实体) , 负责 E-UTRAN 网络中的控制面移动性管理, 包括用户上下文和移动状态管理, 分配用户临时 身份标识等。 MME (Mobility Management Entity), responsible for control plane mobility management in E-UTRAN networks, including user context and mobility state management, assigning user temporary Identity, etc.
SGSN ( Serving GPRS Supporting Node, 服务通用分组无线业务支持节 点) , 用于实现 GPRS/UMTS网络中路由转发、 移动性管理、 会话管理以及用 户信息存储等功能。  SGSN (Serving GPRS Supporting Node) is used to implement routing forwarding, mobility management, session management, and user information storage in GPRS/UMTS networks.
non-3GPP GW (非 3GPP网关) 实现 non-3GPP网络中的移动性管理、 会 话管理等功能(对于 WLAN网络, non-3GPP GW为演进分组数据网关( EPDG , Evolved Packet Data Gateway ); 对于 Wimax网络, non-3GPP GW为接入业务 网络网关(Access Service Network Gateway, ASN GW ) ; 对于 CDMA网络, non-3GPP GW为接入网关 (Access Gateway, AGW ) ; 对于 HRPD网络, non-3GPP GW为高速分组数据服务网关( HSGW, HRPD Serving Gateway ) )„ non-3GPP GW (non-3GPP gateway) implements mobility management, session management and other functions in non-3GPP networks (for WLAN networks, non-3GPP GW is Evolved Packet Data Gateway (EPDG); for Wimax networks) The non-3GPP GW is an Access Service Network Gateway (ASN GW); for a CDMA network, the non-3GPP GW is an Access Gateway (AGW); for the HRPD network, the non-3GPP GW is a high speed Packet Data Service Gateway (HSGW, HRPD Serving Gateway))
HSS ( Home Subscriber Server, 归属用户服务器)用于存储用户签约信 息。 The HSS (Home Subscriber Server) is used to store user subscription information.
AAA Server ( Authentication, Authorization and Accounting Server,认证、 授权与计费服务器)用于对用户执行接入认证、 授权和计费功能。  The AAA Server (Authentication, Authorization and Accounting Server) is used to perform access authentication, authorization, and accounting functions for users.
HMS ( Home Management Server, 家庭接入管理服务器) , 负责家庭无 线接入设备的管理功能。 HMS可以是一个独立的网元, 也可以集成到 HSS中。 H MS也可以直接和家庭无线接入点相连, 本架构不作限制。  HMS (Home Management Server), responsible for the management functions of home wireless access devices. The HMS can be a separate network element or integrated into the HSS. The HMS can also be directly connected to the home wireless access point. This architecture is not limited.
如图 2所示, 本发明的实施例提供一种接入控制方法, 包括:  As shown in FIG. 2, an embodiment of the present invention provides an access control method, including:
步骤 1 1: 获得用户在封闭用户组 CSG的允许业务类型;  Step 1 1: Obtain the allowed service type of the user in the closed user group CSG;
步骤 12: 根据所述用户在 CSG的允许业务类型确定所述用户是否允许接入 所述 CSG。  Step 12: Determine, according to the allowed service type of the CSG in the CSG, whether the user is allowed to access the CSG.
可见, 通过获得用户在 CSG的业务类型, 根据用户在 CSG的允许业务类型 确定用户是否允许接入所述 CSG , 实现针对不同的业务类型为不同的用户提供 差异化的服务, 可以有效利用网络资源, 提高对网络资源的利用率。 It can be seen that by obtaining the service type of the user in the CSG, according to the type of the service allowed by the user in the CSG Determining whether the user is allowed to access the CSG, and providing differentiated services for different users for different service types, can effectively utilize network resources, and improve utilization of network resources.
所述业务类型可以由家庭无线接入设备的所有者和运营商事先约定, 预先 存储在业务类型签约数据库中, 具体如, 所述业务类型为对于某一 CSG ID, 根 据用户是否为 CSG成员, 和 /或用户的类型, 为用户预先设置。  The service type may be pre-defined by the owner and the operator of the home wireless access device, and is pre-stored in the service type subscription database. For example, the service type is for a CSG ID, according to whether the user is a CSG member. And/or the type of user, pre-set for the user.
如, 对于某一 CSG ID, 用户是 CSG成员时, 用户对应某一业务类型, 或者, 用户不是 CSG成员时, 用户对应某一业务类型。  For example, for a CSG ID, when the user is a CSG member, the user corresponds to a certain service type, or when the user is not a CSG member, the user corresponds to a certain service type.
或者, 对于某一 CSG ID, 根据用户的类型, 如特定来访客人的用户类型为 临时, 家庭无线接入设备的所有者的用户类型为正常, 等等, 为不同类型的用 户分配不同的业务类型。  Or, for a certain CSG ID, according to the type of the user, for example, the user type of the specific visitor is temporary, the user type of the owner of the home wireless access device is normal, and the like, and different types of users are assigned different types of services. .
或者, 进一步, 对于某一 CSG ID, 用户是 CSG成员时, 用户对应某一业务 类型, 或者, 用户不是 CSG成员时, 用户对应某一业务类型, 再根据用户的类 型, 可以对用户是 CSG成员时对应业务类型进行更精细的划分, 如特定来访客 人的用户类型为临时, 家庭无线接入设备的所有者的用户类型为正常, 用户类 型的临时和正常分别对应用户是 CSG成员时对应业务类型的不同细分; 同理, 再根据用户的类型, 可以对用户不是 CSG成员时对应业务类型进行更精细的划 分, 用户的类型, 如将用户类型分成高级、 普通等等, 不做赘述。  Or, further, for a CSG ID, when the user is a CSG member, the user corresponds to a certain service type, or when the user is not a CSG member, the user corresponds to a certain service type, and according to the type of the user, the user may be a CSG member. The service type is more finely divided. For example, the user type of the specific visitor is temporary, the user type of the owner of the home wireless access device is normal, and the temporary and normal types of the user type correspond to the service type when the user is a CSG member. Different subdivisions; similarly, according to the type of the user, the corresponding service type can be more finely divided when the user is not a CSG member. The user type, such as classifying the user into high-level, ordinary, etc., will not be described.
或者, 对于某一 CSG ID, ^据用户的类型, 为不同类型的用户分配不同的 业务类型, 再根据用户是否为 CSG成员, 将为不同类型的用户分配不同的业务 类型进行更精细的划分, 在此不赘述。  Or, for a certain CSG ID, according to the type of the user, different types of users are assigned different service types, and according to whether the user is a CSG member, different types of users are assigned different service types for finer division. I will not go into details here.
用户类型的分类方法, 不限于上述。  The classification method of the user type is not limited to the above.
业务类型签约数据库可以是 CSS ( CSG Subscriber Server, CSG签约数据 库) 、 SPR ( Subscription Profile Repository, 签约规格数据库)或者是 HSS 等存放业务信息数据的数据库。 The service type subscription database can be CSS (CSG Subscriber Server, CSG subscription data) Library), SPR (Subscription Profile Repository), or a database for storing business information data such as HSS.
所述业务类型可以采用 Q〇S ( Quality of Service, 业务质量) 的 QCI类标 ( QOS Class Identification )来标识业务权限设置类型,如可以只允许用户进行 The QCI Class Identification (QOS Class Identification) of the service type can be used to identify the service permission setting type, for example, the user can only be allowed to perform the service.
QCI比较低的业务, 比如 QCI值为 5以下的值, 那么用户获取到的业务权限就是 QCI值上限不能超过 5的业务, 这个业务权限可以信元的方式设置, 比如用二个 字节进行设置, 一个字节设置业务权限设置方式, 比如以 QCI计, 另一个字节则 设置其上限值 5; If the QCI value is lower than 5, the service authority obtained by the user is the service whose QCI value cannot exceed 5, and the service permission can be set in the manner of a cell, for example, setting with two bytes. , one byte sets the service permission setting method, such as QCI, and another byte sets its upper limit 5;
也可以采用其他的业务权限设置类型, 如, 是否允许用户进行 GBR (固定 承载速率) 的业务, 比如用户不能进行 GBR承载的业务, 只能进行非 GBR承载 的业务, 那么具体设置方式也可以采用二个字节, 一个字节是指采用何种方式 进行业务权限设置, 比如以是否 GBR承载设置, 另一个字节采用是 0或者 1来设 置用户是否能够使用 GBR业务;  You can also use other types of service privilege settings, such as whether to allow users to perform GBR (fixed bearer rate) services. For example, users can not perform GBR-bearing services and can only perform non-GBR bearer services. Two bytes, one byte refers to the method used to set the service rights, such as whether to set the GBR bearer, and the other byte is 0 or 1 to set whether the user can use the GBR service;
也可能会有其它的业务权限设置类型, 比如一些用户设置可用的网络带宽, 带宽资源设置使用最高带宽等。  There may also be other types of service permission settings, such as some users setting available network bandwidth, bandwidth resource settings using the highest bandwidth, and so on.
如何进行不同的业务类型的设置包括以上几种方式, 但不限于以上方式。 进一步, 所述获得用户在 CSG的允许业务类型的步骤 1 1的执行主体可以是 策略和计费规则功能设备 PCRF ( Policy and Charging Rules Function ) , PCRF 为策略与计费控制系统( Policy and Charging Control, PCC )的策略和计费规 则功能设备。  How to set different service types includes the above methods, but is not limited to the above. Further, the execution body of the step 1 1 of obtaining the allowed service type of the user in the CSG may be a Policy and Charging Rules Function (PCRF), and the PCRF is a Policy and Charging Control (Policy and Charging Control) , PCC) policy and charging rules feature devices.
结合执行主体 PCRF, 所述获得用户在 CSG的允许业务类型的步骤 1 1 , 包 括: PCRF从移动性管理设备处获得所述用户接入的 CSG信息和 /或所述用户的 类型; In combination with the execution subject PCRF, the step 1 1 of obtaining the allowed service type of the user in the CSG includes: The PCRF obtains the CSG information of the user access and/or the type of the user from the mobility management device;
PCRF根据所述用户接入的 CSG信息和 /或所述用户的类型, 从业务类型签 约数据库获得所述用户在 CSG的允许业务类型。 具体可以参见后文叙述。  The PCRF obtains the allowed service type of the user in the CSG from the service type subscription database according to the CSG information accessed by the user and/or the type of the user. For details, please refer to the following.
所述用户接入的 CSG信息包括用户是否为 CSG成员和 /或用户接入的 CSG The CSG information accessed by the user includes whether the user is a CSG member and/or a CSG accessed by the user.
ID。 ID.
或者, 所述获得用户在 CSG的允许业务类型的步骤 1 1 , 还可以是, 在 PCRF从移动性管理设备处获得所述用户在 CSG的允许业务类型之前,家 庭无线接入设备根据用户接入的 CSG信息、 和 /或所述用户的类型配置用户在所 述 CSG的允许业务类型, 并发送给业务类型签约数据库; 移动性管理设备从所 述业务类型签约数据库获得所述用户在 CSG的允许业务类型。  Alternatively, the step 1 1 of obtaining the allowed service type of the user in the CSG may be, before the PCRF obtains the allowed service type of the CSG from the mobility management device, and the home wireless access device accesses according to the user. The CSG information, and/or the type of the user, configures the allowed service type of the user in the CSG, and sends the service type to the service type subscription database; the mobility management device obtains the user's permission in the CSG from the service type subscription database. business type.
可见, 家庭无线接入设备通过根据用户是否为所述 CSG成员、 和 /或所述用 户的类型配置用户在所述 CSG的允许业务类型,并发送给业务类型签约数据库, 如, 对于某一 CSG ID, 不仅可以将用户设置为 CSG成员, 还可以设置用户的类 型(临时或正常等等), 尤其是, 为所述用户预先设置在 CSG的允许业务类型。  It can be seen that the home wireless access device configures the allowed service type of the user in the CSG according to whether the user is the CSG member, and/or the type of the user, and sends the service type to the service type subscription database, for example, for a certain CSG. ID, not only can the user be set as a CSG member, but also the type of the user (temporary or normal, etc.), in particular, the allowed service type of the CSG is preset for the user.
由此, 家庭无线接入设备的所有者可以限制用户接入特定的 CSG, 控制网 络资源, 保证自己的需求的同时也要满足其他不同用户的需求, 具体见后文叙 述。  Therefore, the owner of the home wireless access device can restrict the user from accessing a specific CSG, control the network resources, and ensure the needs of other users while satisfying the needs of other users. For details, refer to the following description.
再进一步, 根据所述用户在 CSG的允许业务类型确定所述用户是否允许接 入所述 CSG的步骤 12, 包括:  Further, the step 12 of determining, according to the allowed service type of the CSG, whether the user is allowed to access the CSG, includes:
PCRF将所述用户在 CSG的允许业务类型发送给移动性管理设备、家庭无线 接入设备或用户设备中的至少一个; The PCRF sends the allowed service type of the user in the CSG to the mobility management device, and the home wireless At least one of an access device or a user device;
移动性管理设备、 家庭无线接入设备或用户设备接收所述用户的业务请求; 移动性管理设备、 家庭无线接入设备或用户设备判断所述业务请求是否符 合 CSG的允许业务类型, 接入符合的业务请求, 或者拒绝不符合的业务请求。  The mobility management device, the home wireless access device, or the user equipment receives the service request of the user; the mobility management device, the home wireless access device, or the user equipment determines whether the service request conforms to the allowed service type of the CSG, and the access conforms Business request, or reject a non-compliant business request.
或者可以是, 根据所述用户在 CSG的允许业务类型确定所述用户是否允许 接入所述 CSG的步骤 12, 包括:  Or the step 12 of determining, according to the allowed service type of the CSG, whether the user is allowed to access the CSG, includes:
PCRF接收所述用户的业务请求;  The PCRF receives the service request of the user;
PCRF接入符合所述在 CSG的允许业务类型的用户的业务请求,或者拒绝不 符合所述在 CSG的允许业务类型的用户的业务请求。  The PCRF accesses a service request of a user who conforms to the allowed service type of the CSG, or rejects a service request of a user who does not comply with the permitted service type of the CSG.
进一步, 接入控制方法还可以包括:  Further, the access control method may further include:
移动性管理设备或家庭无线接入设备接收用户的跟踪区更新请求或切换请 求;  The mobility management device or the home wireless access device receives the user's tracking area update request or handover request;
移动性管理设备或家庭无线接入设备将用户在 CSG的允许业务类型发送给 跟踪区更新请求或切换请求的更新或切换后的移动性管理设备或家庭无线接入 设备。  The mobility management device or the home wireless access device transmits the allowed service type of the user in the CSG to the updated or switched mobility management device or home wireless access device of the tracking area update request or the handover request.
这样, 当接收到跟踪区更新请求或切换请求时, 如移动性管理设备变化时, 源移动性管理设备可以向目标移动性管理设备发送用户在 CSG的允许业务类 进行接入控制, 目标网络实现接入控制的方法同前述描述相同, 在此不再赘述。  In this way, when the tracking area update request or the handover request is received, for example, when the mobility management device changes, the source mobility management device may send the user permission control class of the CSG to the target mobility management device for access control, and the target network is implemented. The method of access control is the same as the foregoing description, and details are not described herein again.
如图 3所示, 本发明实施例提供了一种接入管理设备, 包括:  As shown in FIG. 3, an embodiment of the present invention provides an access management device, including:
业务类型获取单元 101 , 用于获得用户在 CSG的允许业务类型;  a service type obtaining unit 101, configured to obtain a permitted service type of the user in the CSG;
接入控制单元 102,根据所述用户在 CSG的允许业务类型确定所述用户是否 允许接入所述 CSG。 The access control unit 102 determines, according to the allowed service type of the user in the CSG, whether the user is Allow access to the CSG.
具体而言, 接入管理设备为 PCRF时, 业务类型获取单元 101 , 用于从移动 性管理设备处获得用户在 CSG的允许业务类型; 或者用于从移动性管理设备处 获得用户接入的 CSG信息和 /或所述用户的类型,根据所述用户接入的 CSG信息 和 /或所述用户的类型, 从所述业务类型签约数据库获得所述用户在 CSG的允许 业务类型, 所述用户接入的 CSG信息包括用户是否为 CSG成员和 /或用户接入的 CSG ID。  Specifically, when the access management device is a PCRF, the service type obtaining unit 101 is configured to obtain, from the mobility management device, an allowed service type of the user in the CSG; or a CSG for obtaining user access from the mobility management device. Information and/or type of the user, obtaining, according to the CSG information accessed by the user and/or the type of the user, the allowed service type of the user in the CSG from the service type subscription database, where the user picks up The incoming CSG information includes whether the user is a CSG ID for the CSG member and/or user access.
或者, 接入管理设备为移动性管理设备、 家庭无线接入设备或用户设备时, 业务类型获取单元 101,用于通过策略和计费规则功能设备获得用户在 CSG的允 许业务类型。  Or, when the access management device is a mobility management device, a home wireless access device, or a user equipment, the service type obtaining unit 101 is configured to obtain, by using the policy and charging rule function device, the allowed service type of the user in the CSG.
具体而言,接入管理设备为 PCRF、移动性管理设备或家庭无线接入设备时, 接入控制单元 102, 用于接收所述用户的业务请求, 判断所述用户的业务请求是 否符合所述 CSG的允许业务类型, 接入符合的业务请求, 或者拒绝不符合的业 务请求。  Specifically, when the access management device is a PCRF, a mobility management device, or a home wireless access device, the access control unit 102 is configured to receive a service request of the user, and determine whether the service request of the user meets the foregoing. The CSG allows the service type, accesses the qualified service request, or rejects the non-compliant service request.
或者, 接入管理设备为用户设备时, 接入控制单元 102, 用于根据所述用户 在 CSG的允许业务类型, 确定发起符合的业务请求, 或者不发起不符合的业务 请求。  Or, when the access management device is the user equipment, the access control unit 102 is configured to determine, according to the allowed service type of the CSG, whether to initiate a matching service request, or not to initiate a non-compliant service request.
进一步, 接入管理设备为 PCRF时, 所述接入管理设备, 还包括:  Further, when the access management device is a PCRF, the access management device further includes:
第一业务类型发送单元, 用于将所述用户在 CSG的允许业务类型发送给移 动性管理设备、 家庭无线接入设备或用户设备中的至少一个。  And a first service type sending unit, configured to send the allowed service type of the user in the CSG to at least one of a mobility management device, a home wireless access device, or a user equipment.
进一步, 接入管理设备为移动性管理设备或家庭无线接入设备时, 所述接 入管理设备, 还包括: 第二业务类型发送单元, 用于接收到所述用户的跟踪区更新请求或切换请 求之后, 将所述用户在 CSG的允许业务类型发送给所述跟踪区更新请求或切换 请求的更新或切换后的接入管理设备。 Further, when the access management device is a mobility management device or a home wireless access device, the access management device further includes: a second service type sending unit, configured to send the allowed service type of the CSG to the tracking area update request or the switching request update or switch after receiving the tracking area update request or the handover request of the user Access management device.
进一步, 接入管理设备为家庭无线接入设备时, 所述接入管理设备还包括: 业务类型配置单元, 用于根据用户是否为 CSG成员、 和 /或用户的类型配置 用户在 CSG的允许业务类型, 并将所述用户在 CSG的允许业务类型存储在业务 类型签约数据库内。  Further, when the access management device is a home wireless access device, the access management device further includes: a service type configuration unit, configured to configure a user's allowed service in the CSG according to whether the user is a CSG member, and/or a user type Type, and store the allowed service type of the user in the CSG in the service type subscription database.
家庭无线接入设备可以为家庭基站 HNB, 或演进的家庭基站 HeNB, 或家庭 非 3GPP无线接入点 Home non-3GGP WAP。  The home wireless access device may be a home base station HNB, or an evolved home base station HeNB, or a home non-3GPP wireless access point Home non-3GGP WAP.
如图 4所示, 一种接入控制系统, 包括业务类型签约数据库 200以及策略和 计费规则功能设备(PCRF ) 100:  As shown in FIG. 4, an access control system includes a service type subscription database 200 and a policy and charging rule function device (PCRF) 100:
业务类型签约数据库 200, 用于存储根据用户是否为 CSG成员、 和 /或用户 接入的 CSG ID、和 /或用户设备的类型, 为用户设备预先配置在所述 CSG的允许 业务类型;  The service type subscription database 200 is configured to store, according to whether the user is a CSG member, and/or a CSG ID accessed by the user, and/or a type of the user equipment, pre-configuring the allowed service type of the CSG for the user equipment;
策略和计费规则功能设备 100,用于获得用户在 CSG的允许业务类型,根据 所述用户在 CSG的允许业务类型确定所述用户是否允许接入所述 CSG。  The policy and charging rule function device 100 is configured to obtain an allowed service type of the user in the CSG, and determine, according to the allowed service type of the CSG, whether the user is allowed to access the CSG.
进一步, 所述系统可以还包括:  Further, the system may further include:
移动性管理设备 300 , 用于通过策略和计费规则功能设备 100获得用户在 CSG的允许业务类型, 根据所述用户在 CSG的允许业务类型确定所述用户是否 允许接入所述 CSG。  The mobility management device 300 is configured to obtain, by using the policy and charging rule function device 100, the allowed service type of the user in the CSG, and determine, according to the allowed service type of the CSG, whether the user is allowed to access the CSG.
家庭无线接入设备 400, 用于通过策略和计费规则功能设备 100以及移动性 管理设备 300获得用户在 CSG的允许业务类型, 根据所述用户在 CSG的允许业 务类型确定所述用户是否允许接入所述 CSG。 The home wireless access device 400 is configured to obtain, by the policy and charging rule function device 100 and the mobility management device 300, the allowed service type of the user in the CSG, according to the user's permission in the CSG. The service type determines whether the user is allowed to access the CSG.
用户设备 500,用于通过策略和计费规则功能设备 100、移动性管理设备 300 以及家庭无线接入设备 400获得用户在 CSG的允许业务类型, 根据所述用户在 CSG的允许业务类型确定所述用户是否允许接入所述 CSG。  The user equipment 500 is configured to obtain, by the policy and charging rule function device 100, the mobility management device 300, and the home wireless access device 400, the allowed service type of the user in the CSG, and determine the type according to the allowed service type of the user in the CSG. Whether the user is allowed to access the CSG.
可以知道, 上述 PCRF、 移动性管理设备、 家庭无线接入设备以及用户设备 可以存储用户在 CSG的允许业务类型, 便于对用户业务进行监控。  It can be known that the PCRF, the mobility management device, the home wireless access device, and the user equipment can store the allowed service type of the user in the CSG, so as to facilitate monitoring of the user service.
而且, 所述系统还可以包括: 服务网管 (Serving GW, S-GW )和 /或分组 数据网络网关(P- GW , PDN GW, Packet Data Network ) , PCRF可以通过 服务网管和 /或分组数据网络网关, 从移动性管理设备处获得用户是否为所述 CSG成员、 和 /或用户设备的类型, 或者, 通过服务网管和 /或网络网管, 从移动 性管理设备处获得用户设备在 CSG的允许业务类型。  Moreover, the system may further include: a Serving GW (S-GW) and/or a Packet Data Network Gateway (P-GW, PDN GW, Packet Data Network), and the PCRF may pass the service network management and/or the packet data network. The gateway obtains, from the mobility management device, whether the user is the type of the CSG member, and/or the user equipment, or obtains the allowed service of the user equipment in the CSG from the mobility management device by using the service network management and/or the network network management. Types of.
以及, PCRF可以通过服务网管和 /或网络网管, 将用户设备在 CSG的允许 业务类型发送给移动性管理设备、 家庭无线接入设备或用户设备中的至少一个。  And, the PCRF may send the allowed service type of the user equipment in the CSG to at least one of the mobility management device, the home wireless access device, or the user equipment by using the service network management system and/or the network network management system.
服务网管及分组数据网络网关, 在此不赘述, 具体参见后文叙述。  The service network management and the packet data network gateway are not described here. For details, refer to the following.
由上述本发明的实施例提供的技术方案可以看出, 通过获得用户在封闭用 户组 CSG的业务类型, 根据所述用户在 CSG的允许业务类型确定所述用户是否 允许接入所述 CSG , 实现针对不同的业务类型为不同的用户提供差异化的服务, 不但可以有效利用网络资源, 也可以为用户根据需要设定资源使用方法创立条 件, 提高对网络资源的利用率。 实施例一  The technical solution provided by the foregoing embodiment of the present invention can be used to determine whether the user is allowed to access the CSG according to the allowed service type of the CSG by obtaining the service type of the user in the closed user group CSG. Providing differentiated services for different users for different service types can not only effectively utilize network resources, but also create conditions for users to set resource usage methods according to needs, and improve utilization of network resources. Embodiment 1
如图 5所示, 结合执行主体, 说明本发明的实施例的接入控制方法, 其获得 用户在 CSG的允许业务类型, 根据用户在 CSG的允许业务类型确定用户是否允 许接入所述 CSG , 实现针对不同的业务类型为不同的用户提供差异化的服务: 1 1 1、 用户设备通过家庭无线接入设备向移动性管理设备发起接入请求消 息。 As shown in FIG. 5, an access control method of an embodiment of the present invention is described in conjunction with an execution body, which is obtained The allowed service type of the user in the CSG determines whether the user is allowed to access the CSG according to the allowed service type of the CSG, and provides differentiated services for different users for different service types: 1 1 1. User equipment passes the family The wireless access device initiates an access request message to the mobility management device.
用户设备接收 CSG广播的 CSG ID, 获得用户接入的 CSG ID, 并发送用户 接入的 CSG ID给家庭无线接入设备。 家庭无线接入设备可以从 HMS、 CSS或者 运营商的后台系统中获得用户的 Allowed CSG List信息。  The user equipment receives the CSG ID of the CSG broadcast, obtains the CSG ID accessed by the user, and sends the CSG ID accessed by the user to the home wireless access device. The home wireless access device can obtain the user's Allowed CSG List information from the HMS, CSS, or the operator's backend system.
家庭无线接入设备可以根据用户的 Allowed CSG List (准入 CSG列表, 也 可称为 CSG ID列表)和用户接入的 CSG ID判断用户是否为 CSG成员: 如果用 户接入的 CSG ID在用户的 Allowed CSG List中, 则用户为 CSG成员; 如果用户 接入的 CSG ID不在用户的 Allowed CSG List中, 则用户为非 CSG成员;  The home wireless access device can determine whether the user is a CSG member according to the user's Allowed CSG List (also referred to as the CSG list) and the CSG ID accessed by the user: If the CSG ID accessed by the user is in the user's In the Allowed CSG List, the user is a CSG member; if the CSG ID accessed by the user is not in the Allowed CSG List of the user, the user is a non-CSG member;
家庭无线接入设备可以根据用户的类型标识, 获得用户的类型。  The home wireless access device can obtain the type of the user according to the type identification of the user.
家庭无线接入设备将用户接入的 CSG信息和 /或用户的类型通知给移动性 管理设备,用户接入的 CSG信息包括用户是否为 CSG成员和 /或用户接入的 CSG ID。  The home wireless access device notifies the mobility management device of the CSG information and/or the type of the user accessed by the user, and the CSG information accessed by the user includes whether the user is a CSG member and/or a CSG ID accessed by the user.
所述接入请求消息可以是附着请求、 跟踪区更新请求、 切换请求等, 也可 以是用户请求业务的请求, 如 PDN ( Packet Data Network, 分组数据网络)连 接建立请求、 资源修改请求、 资源分配请求或者是专有承载建立请求、 承载修 改请求等。  The access request message may be an attach request, a tracking area update request, a handover request, or the like, or may be a request for a user to request a service, such as a PDN (Packet Data Network) connection establishment request, a resource modification request, and a resource allocation. The request is either a proprietary bearer setup request, a bearer modification request, and the like.
应当知道, 如果家庭无线接入设备和移动性管理设备之间存在接入侧网关 (如 HNB GW或者 HeNB GW等 ) , 则家庭无线接入设备通过接入侧网关发送接 入请求消息到移动性管理设备。 1 12、 移动性管理设备获取用户接入的 CSG信息和 /或用户的类型。 It should be noted that if there is an access side gateway (such as HNB GW or HeNB GW, etc.) between the home wireless access device and the mobility management device, the home wireless access device sends an access request message to the mobility through the access side gateway. Manage devices. 1 12. The mobility management device acquires the CSG information and/or the type of the user accessed by the user.
用户接入的 CSG信息如用户是否为 CSG成员和 /或用户接入的 CSG ID。 应当知道, 移动性管理设备可以采用其他方式获取用户接入的 CSG信息和 / 或用户的类型: 如移动性管理设备根据家庭无线接入设备上报的用户接入的 CSG ID, 移动性管理设备从 HMS、 CSS或者运营商的后台系统中获得的用户的 Allowed CSG list, 然后移动性管理设备将用户接入的 CSG ID与用户的 Allowed CSG list比较, 获知该用户是否为 CSG成员, 和 /或获知用户的类型等信息。  The CSG information accessed by the user, such as whether the user is a CSG member and/or a CSG ID accessed by the user. It should be understood that the mobility management device may obtain the CSG information and/or the type of the user access by the user in another manner: if the mobility management device according to the CSG ID of the user access reported by the home wireless access device, the mobility management device The Allowed CSG list of the user obtained in the HMS, CSS or the operator's back-end system, and then the mobility management device compares the CSG ID accessed by the user with the Allowed CSG list of the user, and knows whether the user is a CSG member, and/or knows Information such as the type of user.
1 13、 移动性管理设备向 S-GW ( Serving GW, 服务网关)发送信息通知消 息。  1 13. The mobility management device sends a message notification message to the S-GW (Serving GW).
移动性管理设备可以通过创建缺省 7 载请求 (Create Default Bearer Request )、更新承载请求 ( Update Bearer Request )、创建 PDP ( Packet Data Protocol 分组数据协议)上下文请求(Create PDP Context Request )或者更 新 PDP上下文请求( Update PDP Context Request )等消息将获得的用户是否 为 CSG成员、 和 /或用户接入的 CSG ID、 和 /或用户的类型通知给 S-GW。  The mobility management device can create a default backup request (Update Default Bearer Request), update a bearer request (Update Bearer Request), create a PDP (Packet Data Protocol) context request (Create PDP Context Request), or update a PDP context. The message such as the request (Update PDP Context Request) informs the S-GW whether the obtained user is a CSG member, and/or a CSG ID accessed by the user, and/or a type of the user.
1 14、 S-GW向 P-GW ( PDN GW, Packet Data Network, 分组数据网络网 关)发送信息通知消息。  1 14. The S-GW sends an information notification message to the P-GW (PDN GW, Packet Data Network, Packet Data Network Gateway).
S-GW向 P-GW通知用户是否为 CSG成员、 和 /或用户接入的 CSG ID、 和 / 或用户的类型。  The S-GW notifies the P-GW whether the user is a CSG member, and/or a CSG ID accessed by the user, and/or a type of the user.
如果 S-GW和 P-GW之间的接口协议使用 GTP ( GRPS隧道协议, GPRS Tunneling Protocol ) , S-GW可以通过包括不限于这些列举的消息, 创建缺省 承载请求 ( Create Default Bearer Request ) 、 更新承载请求 ( Update Bearer Request ) 、 创建 PDP上下文请求(Create PDP Context Request )或者更新 PDP上下文请求( Update PDP Context Request )等消息将获得的用户是否为 CSG成员、 和 /或用户接入的 CSG ID、 和 /或用户的类型通知给 P-GW; If the interface protocol between the S-GW and the P-GW uses GTP (GRP Tunneling Protocol), the S-GW may create a default bearer request by including, but not limited to, these listed messages. Update Bearer Request, Create PDP Context Request, or Update Whether the user obtained by the message such as the PDP context request (Update PDP Context Request) is notified to the P-GW by the CSG member, and/or the CSG ID accessed by the user, and/or the type of the user;
如果 S-GW和 P-GW之间的接口协议使用 PMIP ( Proxy Mobile Internet Protocol, 代理移动互联网协议), S-GW可以通过代理绑定更新( PBU , Proxy Binding Update )等消息将获得的用户是否为 CSG成员、 和 /或用户接入的 CSG ID、 和 /或用户的类型通知给 P-GW;  If the interface protocol between the S-GW and the P-GW uses PMIP (Proxy Mobile Internet Protocol), can the S-GW obtain the user through the proxy binding update (PBU, Proxy Binding Update)? Notifying the P-GW to the CSG member, and/or the CSG ID accessed by the user, and/or the type of the user;
1 15、 P-GW向 PCRF发送信息通知消息。  1 15. The P-GW sends an information notification message to the PCRF.
P-GW向 PCRF发送信息通知消息,将用户是否为 CSG成员、和 /或用户接入 的 CSG ID、 和 /或用户的类型通知给 PCRF。  The P-GW sends an information notification message to the PCRF to notify the PCRF whether the user is a CSG member, and/or the CSG ID accessed by the user, and/or the type of the user.
可以知道, 如果 S-GW和 P-GW之间的接口协议使用 PMIP, S-GW可以通过 网关控制会话建立 (Gateway Control Session Establishment ) 、 网关控制和 QoS规则请求( Gateway Control and QoS Rules Request )等消息将获得的用 户是否为 CSG成员、 和 /或用户接入的 CSG ID、 和 /或用户的类型通知给 PCRF。  It can be known that if the interface protocol between the S-GW and the P-GW uses PMIP, the S-GW can control the Gateway Control Session Establishment, the Gateway Control and the QoS Rules Request, etc. through the Gateway Control Session Establishment, Gateway Control and QoS Rules Request, etc. The message will be notified to the PCRF whether the user is a CSG member, and/or the CSG ID accessed by the user, and/or the type of the user.
1 16、 PCRF向业务类型签约数据库发送信息通知消息。  1 16. The PCRF sends an information notification message to the service type subscription database.
PCRF向业务类型签约数据库通知用户是否为 CSG成员、 和 /或用户接入的 CSG ID、 和 /或用户的类型。  The PCRF notifies the service type subscription database whether the user is a CSG member, and/or a CSG ID accessed by the user, and/or a type of the user.
此信息通知消息可以是用户签约数据请求消息等, 不做赘述。  This information notification message may be a user subscription data request message, etc., and will not be described again.
1 17、 业务类型签约数据库查找到用户所在 CSG的业务类型, 以及向 PCRF 发送信息通知响应消息。  1 17. The service type subscription database finds the service type of the CSG where the user is located, and sends a notification message to the PCRF.
业务类型签约数据库可以采用以下方式包括不限于查找到用户所在 CSG的 业务类型:  The service type subscription database may be in the following manners including, but not limited to, finding the service type of the CSG where the user is located:
( 1 )根据用户的 RAI ( Routing Area Identity , 路由区标识)查找到用户 所在的 CSG; (1) Find the user according to the user's RAI (Routing Area Identity) Where the CSG is located;
( 2 )根据用户的 PLMN ( Public Land Mobile Network,公共陆地移动网络) 查找用户所在的 CSG下该 PLMN的允许业务类型信息:  (2) Find the allowed service type information of the PLMN under the CSG where the user is located according to the user's PLMN (Public Land Mobile Network):
如: 用户接入的 CSG ID下对不同的 PLMN的用户设置了不同的允许业务类 型, 如中国移动用户只能使用一类业务类型, 如音频业务, 而中国联通的用户 则可以使用各种业务, 包括音视频业务。  For example, the CSG ID of the user sets different allowed service types for users of different PLMNs. For example, Chinese mobile users can only use one type of service type, such as audio service, while China Unicom users can use various services. , including audio and video services.
( 3 )再根据用户的类型找到为该用户细分的允许业务类型:  (3) Find the allowed business type for the user based on the type of user:
如: 用户是非 CSG用户, 那么在找到的 CSG ID下的中国联通用户的类别下 再找到非 CSG用户的业务类型, 比如非 CSG用户不能使用视频业务。  For example, if the user is a non-CSG user, then the service type of the non-CSG user can be found under the category of the China Unicom user under the CSG ID found. For example, the non-CSG user cannot use the video service.
那么根据业务类型签约数据库查询的结果, 该用户只能使用其它非视频业 务。  Then, according to the result of the contract type database query of the business type, the user can only use other non-video services.
信息通知响应消息中可以包含有此用户的允许业务类型, 也可以包含用户 接入的 CSG ID、 用户是否为 CSG成员, 以及用户的类型中的至少一个, 这里不 做限制。  The information notification response message may include the allowed service type of the user, and may also include at least one of a CSG ID accessed by the user, a CSG member, and a type of the user.
对应于步骤 1 16所述, 信息通知消息可以是用户签约数据请求消息等, 则信 息通知响应消息可以是签约数据响应消息等。  Corresponding to step 1 16, the information notification message may be a user subscription data request message or the like, and the information notification response message may be a subscription data response message or the like.
1 18、 PCRF向 P-GW发送信息通知响应消息。  1 18. The PCRF sends a message notification response message to the P-GW.
信息通知响应消息可以包括用户的允许业务类型, 也可以包含用户接入的 CSG ID、 用户是否为 CSG成员, 以及用户的类型中的至少一个。  The information notification response message may include the type of the allowed service of the user, and may also include at least one of the CSG ID of the user access, whether the user is a CSG member, and the type of the user.
对应于步骤 1 15,如果 S-GW与 P-GW之间采用 PMIP ( Proxy Mobile Internet Protocol , 代理移动互联网协议) , 那么 PCRF也可以直接向 S-GW发送用户的 允许业务类型, 也可以包含用户接入的 CSG ID、 用户是否为 CSG成员, 以及用 户的类型中的至少一个。 Corresponding to step 115, if PMIP (Proxy Mobile Internet Protocol) is used between the S-GW and the P-GW, the PCRF may also directly send the user's allowed service type to the S-GW, or may include the user. The CSG ID of the access, whether the user is a CSG member, and At least one of the types of households.
1 19、 PCRF向 P-GW发送信息通知响应消息。  1 19. The PCRF sends a message notification response message to the P-GW.
信息通知响应消息可以包括用户的允许业务类型, 也可以包含用户接入的 CSG ID、 用户是否为 CSG成员, 以及用户的类型中的至少一个。  The information notification response message may include the type of the allowed service of the user, and may also include at least one of the CSG ID of the user access, whether the user is a CSG member, and the type of the user.
1 1 10、 S-GW向移动性管理设备发送信息通知响应消息。  1 1 10. The S-GW sends a message notification response message to the mobility management device.
信息通知响应消息中包含用户的允许业务类型, 也可以包含用户接入的 CSG ID、 用户是否为 CSG成员, 以及用户的类型中的至少一个。  The information notification response message includes the type of the allowed service of the user, and may also include at least one of the CSG ID accessed by the user, whether the user is a CSG member, and the type of the user.
S-GW可以通过创建缺省承载响应消息、 更新承载响应、创建 PDP上下文响 应或者更新 PDP上下文响应等消息将获得的用户的允许业务类型, 用户接入的 CSG ID、 用户是否为 CSG成员、 以及用户的类型中的至少一个通知给移动性管 理设备。  The type of allowed service of the user that the S-GW can obtain by creating a default bearer response message, updating a bearer response, creating a PDP context response, or updating a PDP context response, a CSG ID of the user access, whether the user is a CSG member, and At least one of the types of users is notified to the mobility management device.
1 1 1 1、 移动性管理设备通过家庭无线接入设备向用户发送接入响应消息。 接入响应消息中可以包含有用户的允许业务类型。 移动性管理设备可以通 过附着接受消息 (Attach accept ) 、 跟踪区更新接受消息 (TAU accept)消息等 通知给用户。 其中也可以通过 Initial UE context request消息通知给家庭无线接 入设备。  1 1 1 1. The mobility management device sends an access response message to the user through the home wireless access device. The access response message may contain the allowed service type of the user. The mobility management device can notify the user by attaching an accept message (Attach accept), a tracking area update accept message (TAU accept) message, and the like. The home wireless access device can also be notified by the Initial UE context request message.
如果接入请求是 PDN ( Packet Data Network, 分组数据网络)连接建立请 求、 资源修改请求、 资源分配请求或者是专有承载建立请求、 承载修改请求等。 那么也可以通过 RRC connection reconfiguration消息通知 UE或者 Bearer setup request消息将用户的允许业务类型通知家庭接入设备, 或者所述请求的接入请 求没有权限被拒绝,那么可以通过 Deactive bearer request消息中携带信元将用 户的允许业务类型通知家庭接入设备, 或者通过 Radio bearer release request 消息中携带信元将用户的允许业务类型通知用户。 If the access request is a PDN (Packet Data Network) connection establishment request, a resource modification request, a resource allocation request, or a dedicated bearer setup request, a bearer modification request, and the like. Then, the RRC connection reconfiguration message may be used to notify the UE or the Bearer setup request message to notify the home access device of the allowed service type of the user, or the requested access request has no permission to be denied, and the message may be carried in the Deactive bearer request message. The element notifies the user of the allowed service type to the home access device, or through the Radio bearer release request The message carries the cell to notify the user of the type of allowed service of the user.
不允许用户接入时, 也可以通过拒绝消息将通知用户的允许业务类型, 如 包括不限于在 PDN CONNECTIVITY REJECT ( PDN 连接拒绝)消息中通知用 户其允许业务类型。 值得注意的是, 本发明的实施例的接入控制方法, 在用户设备、 家庭无线 接入设备、 移动性管理设备或 P-GW、 或者 PCRF接收到用户的业务类型后, 用 户设备、 家庭无线接入设备、 移动性管理设备或 P-GW、 或者 PCRF都可以对业 务进行监控, 如:  When the user is not allowed to access, the user may also be notified of the allowed service type by rejecting the message, including including the mobile service type that is not limited to the PDN CONNECTIVITY REJECT message. It is noted that, in the access control method of the embodiment of the present invention, after the user equipment, the home wireless access device, the mobility management device, or the P-GW, or the PCRF receives the service type of the user, the user equipment, the home wireless The access device, the mobility management device or the P-GW, or the PCRF can monitor the service, such as:
1、用户设备在收到用户在 CSG的允许业务类型之后,保存此允许业务类型, 以控制其不再发起没有权限的业务请求。  1. After receiving the allowed service type of the user in the CSG, the user equipment saves the allowed service type to control that it no longer initiates a service request without permission.
如, 以用户能够使用的最高 QCI值为 5为例, 那么用户就不会发起超过 QCI 值为 5的业务; 如果不允许用户采用 GBR的业务, 那么用户就不会再发起 GBR 承载的业务。  For example, if the highest QCI value that the user can use is 5, the user will not initiate a service with a QCI value of 5. If the user is not allowed to use the GBR service, the user will not initiate the GBR bearer service.
2、 家庭无线接入设备在收到在 CSG的允许业务类型后保存此允许业务类 型, 在用户请求业务时, 判断用户的请求业务是否符合允许业务类型, 接入符 合的业务请求, 或者拒绝不符合的业务请求。  2. The home wireless access device saves the allowed service type after receiving the allowed service type in the CSG. When the user requests the service, it determines whether the requested service of the user meets the allowed service type, accesses the qualified service request, or refuses to Compliance with business requests.
如, 用户只能使用最大 QCI为 5的业务, 那么如果用户请求的业务 QCI值超 过了这个最大值, 那么家庭无线接入设备可以直接发起拒绝, 而不接受请求。  For example, if the user can only use the service with a maximum QCI of 5, then if the QCI value of the service requested by the user exceeds this maximum value, the home wireless access device can directly initiate the rejection without accepting the request.
如, 用户只能使用非 GBR的业务, 那么家庭无线接入设备如果发现其业务 要采用 G B R承载, 那么可以直接拒绝此业务请求。  For example, if the user can only use non-GBR services, if the home wireless access device finds that its service is to use G B R bearer, then the service request can be directly rejected.
需要注意的是, 如果用户发生切换, 可以通过切换消息, 将源家庭无线接 入设备上保存的业务类型通知目标家庭无线接入设备, 比如可以通过 Forward relocation request (转发重定位 ) 消息, 具体消息不做限制。 It should be noted that if the user switches, the source home can be connected by switching the message. The service type saved on the device is notified to the target home wireless access device. For example, the Forward relocation request message can be used. The specific message is not restricted.
后续在用户发起业务请求时, 根据用户的业务类型, 目标家庭无线接入设 备可以选择接入还是拒绝此业务请求。  When the user initiates a service request, the target home wireless access device can select whether to access or reject the service request according to the service type of the user.
3、移动性管理设备在收到用户在 CSG的允许业务类型后保存此允许业务类 型, 在用户请求业务时, 判断用户的请求业务是否符合允许业务类型, 接入符 合的业务请求, 或者拒绝不符合的业务请求。  3. After receiving the allowed service type of the CSG, the mobility management device saves the allowed service type. When the user requests the service, it determines whether the requested service of the user meets the allowed service type, accesses the qualified service request, or refuses to Compliance with business requests.
如, 用户只能使用最大 QCI为 5的业务, 那么如果用户请求的业务超过 QCI 值 5这个最大值, 那么移动性管理设备可以直接发起拒绝, 而不接受请求。  For example, if the user can only use the service with the maximum QCI of 5, then if the service requested by the user exceeds the maximum value of QCI value 5, the mobility management device can directly initiate the rejection without accepting the request.
如, 用户只能使用非 GBR的业务, 那么如果移动性管理设备如果发现其业 务要采用 GBR承载, 那么可以直接拒绝此业务请求。  For example, if the user can only use non-GBR services, if the mobility management device finds that its service is to use GBR bearer, then the service request can be directly rejected.
值得注意的是, 如果用户发起跟踪区更新或者切换时, 移动性管理设备变 化时, 源移动性管理设备向目标移动性管理设备发送用户在 CSG的允许的业务 类型, 比如在 UE CONTEXT Request/Response ( UE上下文请求 /响应消息)消 息中包括用户在 CSG的允许业务类型, 以便于目标移动性管理设备进行业务控 制。  It is worth noting that if the mobility management device changes when the user initiates the tracking area update or handover, the source mobility management device sends the allowed service type of the user in the CSG to the target mobility management device, for example, in the UE CONTEXT Request/Response The (UE Context Request/Response message) message includes the allowed service type of the user in the CSG to facilitate the target mobility management device to perform service control.
4、 P-GW收到用户在 CSG的允许业务类型后, 当用户发起业务请求时, 判 断用户的请求业务是否符合允许业务类型, 接入符合的业务请求, 或者拒绝不 符合的业务请求。  4. After receiving the allowed service type of the CSG, the P-GW determines whether the requested service of the user meets the allowed service type, accesses the qualified service request, or rejects the non-compliant service request.
具体处理过程包括不限于以下情况:  The specific processing includes not limited to the following situations:
如, 用户只能使用最大 QCI为 5的业务, 那么如果用户请求的业务 QCI值超 过了这个最大值, 那么 P-GW可以直接发起拒绝, 而不接受请求。 如, 用户只能使用非 GBR的业务, 那么 P-GW如果发现其业务要采用 GBR 承载, 那么可以直接拒绝此业务请求。 For example, if the user can only use the service with the maximum QCI of 5, then if the QCI value of the service requested by the user exceeds this maximum value, the P-GW can directly initiate the rejection without accepting the request. For example, if the user can only use the non-GBR service, if the P-GW finds that its service is to use the GBR bearer, then the service request can be directly rejected.
5、 如果 PCRF获取用户在 CSG的允许业务类型后, 保存此允许业务类型。 当用户发起业务请求时, PCRF判断用户的请求业务是否符合允许业务类型, 接入符合的业务请求, 或者拒绝不符合的业务请求。  5. If the PCRF obtains the allowed service type of the user in the CSG, save the allowed service type. When the user initiates a service request, the PCRF determines whether the requested service of the user meets the allowed service type, accesses the qualified service request, or rejects the non-compliant service request.
PCRF与 PCEF ( Policy and Charging Enforcement Function ,策略和计费执 行功能实体)是 PCC中的主要策略控制实体, 而且 PCEF可以是与 PGW合一的 设备。可以知道, 当用户发起业务请求时, PCEF也可以拒绝不符合的业务请求。 实施例二  The PCRF and PCEF (Policy and Charging Enforcement Function) are the main policy control entities in the PCC, and the PCEF can be a device that is integrated with the PGW. It can be known that when a user initiates a service request, the PCEF can also reject the non-compliant service request. Embodiment 2
如图 6-8所示, 本发明的实施例接入控制系统的应用场景示意图, 说明本发 明的实施例, 当家庭无线接入设备的所有者将用户加入为 CSG成员, 即增加用 户到 CSG ID列表, 以及设置用户的类型, 尤其是, 同时设置用户在 CSG的允许 业务类型时, 如何通过获得用户在 CSG的允许业务类型, 将所述用户接入所述 CSG , 实现针对不同的业务类型为不同的用户提供差异化的服务:  As shown in FIG. 6-8, a schematic diagram of an application scenario of an access control system according to an embodiment of the present invention illustrates an embodiment of the present invention. When an owner of a home wireless access device joins a user as a CSG member, the user is added to the CSG. The ID list, and the type of the user, in particular, when setting the allowed service type of the CSG at the same time, how to access the CSG to obtain different types of services by obtaining the allowed service type of the user in the CSG Differentiated services for different users:
如图 6所示: 如, 若干特定客人来访, 家庭无线接入设备的所有者, 可以将 来访用户加入为 CSG成员, 和 /或设置来访用户的类型 (临时或正常等等) , 尤 其是, 为所述用户预先设置在 CSG的允许业务类型。  As shown in Figure 6: For example, a number of specific guest visits, the owner of the home wireless access device, can access the user as a CSG member, and/or set the type of the visiting user (temporary or normal, etc.), in particular, The allowed service type in the CSG is preset for the user.
221、 增加用户到 CSG ID列表中。  221. Add users to the CSG ID list.
这个步骤中涉及到的用户管理系统, 可以是 HMS, 但不限定于 HMS, 也不 限定于一种特定的网元, 用户管理系统包括所有在加入用户接入的 CSG ID列表 中涉及到的网元。 222、 用户管理系统向业务类型签约数据库发送增加用户到 CSG ID列表请 求消息。 The user management system involved in this step may be an HMS, but is not limited to the HMS, and is not limited to a specific network element. The user management system includes all the networks involved in the list of CSG IDs added to the user access. yuan. 222. The user management system sends a request message for adding a user to the CSG ID list to the service type subscription database.
业务类型签约数据库可能是 HSS、 SPR以及 CSS ( CSG签约服务器)等数 据库。  The business type contract database may be a database such as HSS, SPR, and CSS (CSG contract server).
该消息中可以包括用户在 CSG的允许业务类型等。  The message may include the type of allowed service of the user in the CSG, and the like.
223、 业务类型签约数据库向用户管理系统发送增加用户到 CSG ID列表确 认消息。  223. The service type subscription database sends an increase user to the CSG ID list confirmation message to the user management system.
此消息中可以包括用户在 CSG的允许业务类型等。  This message may include the type of allowed service of the user in the CSG, and the like.
224、 业务类型签约数据库向用户发送允许用户修改列表请求消息。  224. The service type subscription database sends a message to the user that allows the user to modify the list request message.
此消息中也可以包括用户在 CSG的允许业务类型等。  This message may also include the type of allowed service of the user in the CSG, and the like.
225、 用户向业务类型签约数据库发送允许用户修改列表确认消息。  225. The user sends a permission to the user to modify the list confirmation message to the service type subscription database.
以上步骤从 221 -步骤 225, 为将用户加入 CSG成员的示例过程,此过程仅是 一个举例, 不应视为对将用户加入为 CSG成员的唯一限制。  The above steps are from 221 - Step 225, an example process for joining a user to a CSG member. This process is only an example and should not be considered as the only restriction on joining a user as a CSG member.
如图 7所示, 用户下载其在 CSG的允许业务类型到移动性管理设备的过程。 此过程可以在附着以及位置更新过程(跟踪区更新或者路由区更新) 中执行, 由业务类型签约数据库向移动性管理设备下载特定用户在 CSG的允许业务类 型。  As shown in Figure 7, the user downloads the allowed service type from the CSG to the mobility management device. This process can be performed in the attach and location update process (tracking zone update or routing zone update), and the service type subscription database downloads the allowed service type of the specific user in the CSG to the mobility management device.
331、 业务类型签约数据库向移动性管理设备发送插入签约数据消息。 消息中可以包含用户在 CSG的允许业务类型。  331. The service type subscription database sends an insertion subscription data message to the mobility management device. The message can contain the type of service allowed by the user in the CSG.
332、 移动性管理设备向业务类型签约数据库发送插入签约数据确认消息。 移动性管理设备获得用户在 CSG的允许业务类型。  332. The mobility management device sends an insertion contract data confirmation message to the service type subscription database. The mobility management device obtains the type of allowed service of the user in the CSG.
如图 8所示, 家庭无线接入设备的所有者将用户加入用户接入的 CSG ID列 表中, 同时设置用户在 CSG的允许业务类型。 As shown in Figure 8, the owner of the home wireless access device adds the user to the CSG ID column of the user access. In the table, the user's allowed service type in the CSG is also set.
其与实施例一的区别在于: 由于, 用户在 CSG的允许业务类型是家庭无线 接入设备的所有者设置并存储在业务类型签约数据库的, 所以, 移动性管理设 备可以从业务类型签约数据库获得用户在 CSG的允许业务类型,进而 PCRF可以 从移动性管理设备处获得用户在 CSG的允许业务类型,并由 PCRF进行承载规则 的决策, 承载规则如根据允许进行的业务类型进行业务规则的决策, 比如进行 业务所用的承载的 QOS等。 而实施例一是由 PCRF从业务类型签约数据库处获 得用户在 CSG的允许业务类型, 再进行业务规则的决策。  The difference from the first embodiment is that: since the allowed service type of the CSG in the CSG is set by the owner of the home wireless access device and stored in the service type subscription database, the mobility management device can obtain the service type subscription database. The allowed service type of the user in the CSG, and the PCRF can obtain the allowed service type of the user in the CSG from the mobility management device, and the PCRF performs the decision of the bearer rule, and the bearer rule determines the service rule according to the allowed service type. For example, the QOS carried by the business. In the first embodiment, the PCRF obtains the allowed service type of the user in the CSG from the service type subscription database, and then makes a decision on the business rule.
对于用户设备、 接入网管理网元、 移动性管理设备、 PCRF或 P-GW对业务 的监控, 可以参考实施例一所述的方式进行, 不做赘述。 实施例三  For the user equipment, the access network management network element, the mobility management device, the PCRF, or the P-GW to monitor the service, refer to the method described in the first embodiment, and no further details are provided. Embodiment 3
如图 9所示, 本实施例与实施例一的区别在于: UE (用户设备)通过家庭 接入设备发送接入请求消息到 non-3GPP GW (非 3GPP网关) , 由 non-3GPP GW发送用户接入的 CSG ID、 用户是否为 CSG成员, 以及用户的类型中的至少 一个给 PCRF, PCRF从业务类型签约数据库获得用户在 CSG的允许业务类型, 再进行业务规则的决策。  As shown in FIG. 9, the difference between this embodiment and the first embodiment is that the UE (user equipment) sends an access request message to the non-3GPP GW (non-3GPP gateway) through the home access device, and the user is sent by the non-3GPP GW. The CSG ID of the access, whether the user is a CSG member, and at least one of the types of users are given to the PCRF. The PCRF obtains the allowed service type of the user in the CSG from the service type subscription database, and then makes a decision on the business rule.
对于 UE、 家庭无线接入设备、 non-3GPP GW、 PCRF对业务的控制可以参 考实施例一所述的方式进行, 不做赘述。  The control of the service for the UE, the home radio access device, the non-3GPP GW, and the PCRF may be performed in the manner described in Embodiment 1, and details are not described herein.
通过以上的实施方式的描述, 本领域的技术人员可以清楚地了解到本发明 可借助软件加必需的通用硬件平台的方式来实现, 当然也可以通过硬件, 或者 二者的结合来实施。 基于这样的理解, 本发明的技术方案本质上或者说对现有 技术做出贡献的部分可以以软件产品的形式体现出来, 该软件模块或计算机软 件产品可以存储在一个存储介质中, 包括若干指令用以使得一台计算机设备 (可 以是个人计算机, 服务器, 或者网络设备等)执行本发明各个实施例所述的方 法。 存储介质可以是随机存储器(RAM ) 、 内存、 只读存储器(ROM ) 、 电可 编程 R〇M、 电可擦除可编程 R〇M、 寄存器、 硬盘、 可移动磁盘、 CD-R〇M、 或 技术领域内所公知的任意其它形式的存储介质。 Through the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be implemented by means of software plus a necessary general hardware platform, and of course, can also be implemented by hardware, or a combination of the two. Based on such understanding, the technical solution of the present invention is essentially or The portion of the technology contribution can be embodied in the form of a software product, which can be stored in a storage medium, including instructions for causing a computer device (which can be a personal computer, server, or network) Apparatus, etc.) performs the methods described in various embodiments of the present invention. The storage medium may be random access memory (RAM), memory, read only memory (ROM), electrically programmable R〇M, electrically erasable programmable R〇M, registers, hard disk, removable disk, CD-R〇M, Or any other form of storage medium known in the art.
以上所述, 仅为本发明较佳的具体实施方式, 但本发明的保护范围并不局 限于此, 任何熟悉本技术领域的技术人员在本发明揭露的技术范围内, 可轻易 想到的变化或替换, 都应涵盖在本发明的保护范围之内。 因此, 本发明的保护 范围应该以权利要求的保护范围为准。  The above is only a preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or within the technical scope disclosed by the present invention. Alternatives are intended to be covered by the scope of the present invention. Therefore, the scope of the invention should be determined by the scope of the claims.

Claims

权利 要求 书 Claim
1、 一种接入控制方法, 其特征在于, 包括:  An access control method, comprising:
获得用户在封闭用户组 CSG的允许业务类型;  Obtain the allowed service type of the user in the closed user group CSG;
根据所述用户在 CSG的允许业务类型确定所述用户是否允许接入所述 CSG。  Determining whether the user is allowed to access the CSG according to the allowed service type of the CSG.
2、根据权利要求 1所述的接入控制方法,其特征在于,所述获得用户在 CSG 的允许业务类型, 包括:  The access control method according to claim 1, wherein the obtaining the allowed service type of the user in the CSG comprises:
策略和计费规则功能设备 PCRF从移动性管理设备处获得所述用户接入的 CSG信息和 /或所述用户的类型;  The policy and charging rule function device PCRF obtains the CSG information of the user access and/or the type of the user from the mobility management device;
所述 PCRF根据所述用户接入的 CSG信息和 /或所述用户的类型, 从业务类 型签约数据库获得所述用户在 CSG的允许业务类型。  The PCRF obtains the allowed service type of the user in the CSG from the service type subscription database according to the CSG information accessed by the user and/or the type of the user.
3、根据权利要求 2所述的接入控制方法,其特征在于,所述用户接入的 CSG 信息包括用户是否为 CSG成员和 /或用户接入的 CSG I D。  The access control method according to claim 2, wherein the CSG information accessed by the user includes whether the user is a CSG member and/or a CSG I D accessed by the user.
4、根据权利要求 1所述的接入控制方法,其特征在于,所述获得用户在 CSG 的允许业务类型, 包括:  The access control method according to claim 1, wherein the obtaining the allowed service type of the user in the CSG comprises:
5、根据权利要求 4所述的接入控制方法, 其特征在于, 所述 PCRF从移动性 管理设备处获得所述用户在 CSG的允许业务类型之前, 所述方法还包括: 所述 家庭无线接入设备根据用户接入的 CSG信息、 和 /或所述用户的类型配置用户在 所述 CSG的允许业务类型,并发送给业务类型签约数据库,所述用户接入的 CSG 信息包括用户是否为 CSG成员和 /或用户接入的 CSG ID; The access control method according to claim 4, wherein, before the PCRF obtains the allowed service type of the user in the CSG from the mobility management device, the method further includes: the home wireless connection The inbound device configures the allowed service type of the user in the CSG according to the CSG information accessed by the user, and/or the type of the user, and sends the information to the service type subscription database. The CSG information accessed by the user includes whether the user is a CSG. CSG ID of the member and/or user access;
所述移动性管理设备从所述业务类型签约数据库获得所述用户在 CSG的允 许业务类型。 The mobility management device obtains the permission of the user in the CSG from the service type subscription database Type of business.
6、 根据权利要求 2或 3或 4或 5所述的接入控制方法, 其特征在于, 根据所述 用户在 CSG的允许业务类型确定所述用户是否允许接入所述 CSG, 包括:  The access control method according to claim 2 or 3 or 4 or 5, wherein determining whether the user is allowed to access the CSG according to the allowed service type of the CSG by the user includes:
所述 PCRF将所述用户在 CSG的允许业务类型发送给移动性管理设备、家庭 无线接入设备或用户设备中的至少一个;  Transmitting, by the PCRF, the allowed service type of the user in the CSG to at least one of a mobility management device, a home wireless access device, or a user equipment;
所述移动性管理设备、 家庭无线接入设备或用户设备接收所述用户的业务 请求;  Receiving, by the mobility management device, the home wireless access device, or the user equipment, a service request of the user;
所述移动性管理设备、 家庭无线接入设备或用户设备判断所述业务请求是 否符合 CSG的允许业务类型, 接入符合的业务请求, 或者拒绝不符合的业务请 求。  The mobility management device, the home wireless access device, or the user equipment determines whether the service request conforms to the allowed service type of the CSG, accesses a qualified service request, or rejects a non-compliant service request.
7、 根据权利要求 6所述的接入控制方法, 其特征在于, 所述方法, 还包括: 所述移动性管理设备或所述家庭无线接入设备接收所述用户的跟踪区更新 请求或切换请求;  The access control method according to claim 6, wherein the method further comprises: the mobility management device or the home wireless access device receiving a tracking area update request or switching of the user Request
所述移动性管理设备或所述家庭无线接入设备将所述用户在 CSG的允许业 务类型发送给所述跟踪区更新请求或切换请求的更新或切换后的移动性管理设 备或家庭无线接入设备。  Transmitting, by the mobility management device or the home wireless access device, the allowed service type of the CSG to the tracking area update request or the update or handover of the handover request or the mobility management device or the home wireless access device.
8、 根据权利要求 2或 3或 4或 5所述的接入控制方法, 其特征在于, 根据所述 用户在 CSG的允许业务类型确定所述用户是否允许接入所述 CSG, 包括:  The access control method according to claim 2 or 3 or 4 or 5, wherein determining whether the user is allowed to access the CSG according to the allowed service type of the CSG by the user includes:
PCRF接收所述用户的业务请求;  The PCRF receives the service request of the user;
PCRF接入符合所述在 CSG的允许业务类型的用户的业务请求,或者拒绝不 符合所述在 CSG的允许业务类型的用户的业务请求。  The PCRF accesses a service request of a user who conforms to the allowed service type of the CSG, or rejects a service request of a user who does not comply with the permitted service type of the CSG.
9、 一种接入管理设备, 其特征在于, 包括: 业务类型获取单元, 用于获得用户在 CSG的允许业务类型; 9. An access management device, comprising: a service type obtaining unit, configured to obtain a permitted service type of the user in the CSG;
接入控制单元, 根据所述用户在 CSG的允许业务类型确定所述用户是否允 许接入所述 CSG。  The access control unit determines whether the user allows access to the CSG according to the allowed service type of the CSG.
10、 根据权利要求 9所述的接入管理设备, 其特征在于, 所述接入管理设备 为 PCRF时,所述业务类型获取单元,用于从移动性管理设备处获得用户在 CSG 的允许业务类型; 或者用于从移动性管理设备处获得用户接入的 CSG信息和 /或 所述用户的类型, 根据所述用户接入的 CSG信息和 /或所述用户的类型, 从所述 业务类型签约数据库获得所述用户在 CSG的允许业务类型, 所述用户接入的 CSG信息包括用户是否为 CSG成员和 /或用户接入的 CSG ID。  The access management device according to claim 9, wherein, when the access management device is a PCRF, the service type obtaining unit is configured to obtain, from the mobility management device, the allowed service of the user in the CSG. Type; or CSG information for obtaining user access from the mobility management device and/or type of the user, according to the CSG information accessed by the user and/or the type of the user, from the service type The subscription database obtains the allowed service type of the user in the CSG, and the CSG information accessed by the user includes whether the user is a CSG member and/or a CSG ID accessed by the user.
1 1、 根据权利要求 9所述的接入管理设备, 其特征在于, 所述接入管理设备 为移动性管理设备、 家庭无线接入设备或用户设备时, 所述业务类型获取单元, 用于通过策略和计费规则功能设备获得用户在 CSG的允许业务类型。  The access management device according to claim 9, wherein, when the access management device is a mobility management device, a home wireless access device, or a user equipment, the service type acquiring unit is configured to: The allowed service type of the user in the CSG is obtained through the policy and charging rule function device.
12、 根据权利要求 9所述的接入管理设备, 其特征在于, 所述接入管理设备 为 PCRF、 移动性管理设备或家庭无线接入设备时, 所述接入控制单元, 用于接 收所述用户的业务请求, 判断所述用户的业务请求是否符合所述 CSG的允许业 务类型, 接入符合的业务请求, 或者拒绝不符合的业务请求。  The access management device according to claim 9, wherein, when the access management device is a PCRF, a mobility management device, or a home wireless access device, the access control unit is configured to receive Determining the service request of the user, determining whether the service request of the user meets the allowed service type of the CSG, accessing a qualified service request, or rejecting a non-compliant service request.
13、 根据权利要求 9所述的接入管理设备, 其特征在于, 所述接入管理设备 为用户设备时, 所述接入控制单元, 用于根据所述用户在 CSG的允许业务类型, 确定发起符合的业务请求, 或者不发起不符合的业务请求。  The access management device according to claim 9, wherein, when the access management device is a user equipment, the access control unit is configured to determine, according to the allowed service type of the user in the CSG, Initiate a matching business request, or do not initiate a non-compliant business request.
14、 根据权利要求 9或 10所述的接入管理设备, 其特征在于, 所述接入管理 设备为 PCRF时, 所述接入管理设备, 还包括:  The access management device according to claim 9 or 10, wherein, when the access management device is a PCRF, the access management device further includes:
第一业务类型发送单元, 用于将所述用户在 CSG的允许业务类型发送给移 动性管理设备、 家庭无线接入设备或用户设备中的至少一个。 a first service type sending unit, configured to send the allowed service type of the user in the CSG to the mobile At least one of an active management device, a home wireless access device, or a user device.
15、 根据权利要求 9所述的接入管理设备, 其特征在于, 所述接入管理设备 为移动性管理设备或家庭无线接入设备时, 所述接入管理设备, 还包括:  The access management device according to claim 9, wherein, when the access management device is a mobility management device or a home wireless access device, the access management device further includes:
第二业务类型发送单元, 用于接收到所述用户的跟踪区更新请求或切换请 求之后, 将所述用户在 CSG的允许业务类型发送给所述跟踪区更新请求或切换 请求的更新或切换后的接入管理设备。  a second service type sending unit, configured to send the allowed service type of the CSG to the tracking area update request or the switching request update or switch after receiving the tracking area update request or the handover request of the user Access management device.
16、 根据权利要求 9所述的接入管理设备, 其特征在于, 所述接入管理设备 为家庭无线接入设备时, 所述接入管理设备还包括:  The access management device according to claim 9, wherein, when the access management device is a home wireless access device, the access management device further includes:
业务类型配置单元, 用于根据用户接入的 CSG信息和 /或所述用户的类型配 置用户在 CSG的允许业务类型, 并将所述用户在 CSG的允许业务类型存储在业 务类型签约数据库内, 所述用户接入的 CSG信息包括用户是否为 CSG成员和 / 或用户接入的 CSG ID。  a service type configuration unit, configured to configure a permitted service type of the user in the CSG according to the CSG information accessed by the user and/or the type of the user, and store the allowed service type of the user in the CSG in the service type subscription database, The CSG information accessed by the user includes whether the user is a CSG member and/or a CSG ID accessed by the user.
17、 一种接入控制系统, 其特征在于, 包括业务类型签约数据库以及策略 和计费规则功能设备 PCRF:  17. An access control system, comprising: a service type subscription database and a policy and charging rule function device PCRF:
所述业务类型签约数据库, 用于存储根据用户是否为 CSG成员、 和 /或用户 接入的 CSG ID、和 /或用户设备的类型, 为用户设备预先配置的 CSG的允许业务 类型;  The service type subscription database is configured to store an allowed service type of the CSG pre-configured for the user equipment according to whether the user is a CSG member, and/or a CSG ID accessed by the user, and/or a type of the user equipment;
所述 PCRF, 用于获得用户在 CSG的允许业务类型, 根据所述用户在 CSG 的允许业务类型确定所述用户是否允许接入所述 CSG。  The PCRF is configured to obtain an allowed service type of the user in the CSG, and determine, according to the allowed service type of the CSG, whether the user is allowed to access the CSG.
18、 根据权利要求 17所述的接入控制系统, 其特征在于, 所述系统还包括: 移动性管理设备,用于通过所述 PCRF获得用户在 CSG的允许业务类型,根据所 述用户在 CSG的允许业务类型确定所述用户是否允许接入所述 CSG。 The access control system according to claim 17, wherein the system further comprises: a mobility management device, configured to obtain, by using the PCRF, an allowed service type of the user in the CSG, according to the user in the CSG The allowed service type determines whether the user is allowed to access the CSG.
19、 根据权利要求 18所述的接入控制系统, 其特征在于, 所述系统还包括: The access control system according to claim 18, wherein the system further comprises:
CSG的允许业务类型, 根据所述用户在 CSG的允许业务类型确定所述用户是否 允许接入所述 CSG。 The allowed service type of the CSG determines whether the user is allowed to access the CSG according to the allowed service type of the CSG.
20、 根据权利要求 19所述的接入控制系统, 其特征在于, 所述系统还包括: 用户设备, 用于通过所述 PCRF、 所述移动性管理设备以及家庭无线接入设备获 得用户在 CSG的允许业务类型, 根据所述用户在 CSG的允许业务类型确定所述 用户是否允许接入所述 CSG。  The access control system according to claim 19, wherein the system further comprises: a user equipment, configured to obtain a user in the CSG by using the PCRF, the mobility management device, and the home wireless access device The allowed service type determines whether the user is allowed to access the CSG according to the allowed service type of the CSG in the user.
PCT/CN2009/075261 2009-05-15 2009-12-02 Method and system for access control and access side device WO2010130126A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200910084243.7 2009-05-15
CN2009100842437A CN101888596A (en) 2009-05-15 2009-05-15 Access control method and system

Publications (1)

Publication Number Publication Date
WO2010130126A1 true WO2010130126A1 (en) 2010-11-18

Family

ID=43074269

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/075261 WO2010130126A1 (en) 2009-05-15 2009-12-02 Method and system for access control and access side device

Country Status (2)

Country Link
CN (1) CN101888596A (en)
WO (1) WO2010130126A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102695222B (en) * 2011-03-24 2017-03-15 中兴通讯股份有限公司 A kind of changing method of local IP access business and system
CN102186157B (en) * 2011-05-17 2015-06-17 电信科学技术研究院 Method and equipment for transmitting CSG (Content Service Gateway) information
CN102811467A (en) * 2011-05-30 2012-12-05 中兴通讯股份有限公司 Switching method and switching system
CN103797772B (en) * 2011-09-09 2018-07-17 瑞典爱立信有限公司 The differentiation for the data service adjusted using the user class correlation of network address lookup is handled
CN103812788B (en) * 2012-11-05 2017-06-16 华为技术有限公司 Method, apparatus and system that control user accesses
WO2015031202A1 (en) * 2013-08-30 2015-03-05 Interdigital Patent Holdings, Inc. Methods for application specific access control
CN113873615A (en) 2015-08-18 2021-12-31 北京三星通信技术研究有限公司 UE access method and equipment
CN110166984B (en) * 2018-02-13 2021-09-24 维沃移动通信有限公司 Service processing method, information sending method and related equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101312410A (en) * 2007-05-24 2008-11-26 上海贝尔阿尔卡特股份有限公司 Control apparatus and method for controlling access of multiple kinds of service in same user side interface
CN101400107A (en) * 2007-09-27 2009-04-01 华为技术有限公司 Method and apparatus for completing user adding
US20090094351A1 (en) * 2007-10-08 2009-04-09 Qualcomm Incorporated Access terminal configuration and access control

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101312410A (en) * 2007-05-24 2008-11-26 上海贝尔阿尔卡特股份有限公司 Control apparatus and method for controlling access of multiple kinds of service in same user side interface
CN101400107A (en) * 2007-09-27 2009-04-01 华为技术有限公司 Method and apparatus for completing user adding
US20090094351A1 (en) * 2007-10-08 2009-04-09 Qualcomm Incorporated Access terminal configuration and access control

Also Published As

Publication number Publication date
CN101888596A (en) 2010-11-17

Similar Documents

Publication Publication Date Title
JP7366356B2 (en) Paging wireless devices through your wireless network
JP7455138B2 (en) Core paging processing
KR101973462B1 (en) Method for performing detach procedure and terminal thereof
US9756561B2 (en) Method for providing connection type information and method for controlling radio resource of home (e)NodeB
US9532202B2 (en) Access control method, access control apparatus and communication system
RU2428817C2 (en) Method, system and device to disconnect user during transfer of mobile terminal service in heterogenous network
WO2017141993A1 (en) Terminal device, mobility management entity (mme), and communication control method
WO2010130126A1 (en) Method and system for access control and access side device
WO2012051890A1 (en) Terminal access limit method and system
CN108605270B (en) User equipment, core network device, and communication method
WO2011050737A1 (en) Method for realizing local access and system thereof
WO2013089452A1 (en) Method and device for providing a proximity service in a wireless communication system
JP7291245B2 (en) RAN paging process
WO2010017783A1 (en) Method, system and apparatus for controlling the access and deletion of user equipment
WO2014166089A1 (en) Method and device for congestion control
US9629179B2 (en) Method and device for processing local access connection
WO2012142889A1 (en) Gateway selection method, implementation device and system
JP7216762B2 (en) UE, communication control method performed by UE, core network device, and communication control method performed by core network device
US8874079B2 (en) Control method for home base station access and home base station gateway
WO2012126319A1 (en) Method and system for handing off local access service
WO2014071790A1 (en) Method, device and system for policy control of fixed-mobile convergence
WO2011000305A1 (en) Method, system and device for controlling access
WO2013152651A1 (en) Resource management method and system, and resource management network element
WO2011131064A1 (en) Home nodeb (hnb) access control method and system
WO2014071798A1 (en) Method for managing offload connection, radio-side network element and mobility management entity

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09844537

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09844537

Country of ref document: EP

Kind code of ref document: A1