WO2011097890A1 - Method for triggering re-authentication of terminal in idle state - Google Patents

Method for triggering re-authentication of terminal in idle state Download PDF

Info

Publication number
WO2011097890A1
WO2011097890A1 PCT/CN2010/077595 CN2010077595W WO2011097890A1 WO 2011097890 A1 WO2011097890 A1 WO 2011097890A1 CN 2010077595 W CN2010077595 W CN 2010077595W WO 2011097890 A1 WO2011097890 A1 WO 2011097890A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
anchor
idle state
paging controller
paging
Prior art date
Application number
PCT/CN2010/077595
Other languages
French (fr)
Chinese (zh)
Inventor
宋建全
刘俊羿
骆文
褚丽
涂杨巍
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2011097890A1 publication Critical patent/WO2011097890A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • the present invention relates to the field of wireless communications, and in particular, to a method for triggering a re-authentication of a terminal that triggers an idle state.
  • WiMAX Worldwide Interoperability for Microwave Access
  • Anchor PC anchor paging controller
  • the interfaces R1, R6, R4, and the serving base station in the active state release the resources related to the terminal, and the terminal and the network only contact at a specific paging moment, so that the terminal can turn off the transceiver device at other times, thereby achieving the province.
  • the effect of electricity is only the anchor paging controller (Anchor PC) will save the terminal context, while other resources ( For example, the interfaces R1, R6, R4, and the serving base station in the active state release the resources related to the terminal, and the terminal and the network only contact at a specific paging moment, so that the terminal can turn off the transceiver device at other times, thereby achieving the province.
  • the effect of electricity is only the anchor paging controller (Anchor PC) will save the terminal context, while other resources ( For example, the interfaces R1, R6, R4, and the serving base station in the active state release the resources related to the terminal, and the terminal and the network only contact at a specific paging moment, so that
  • the re-authentication is performed when the condition of the re-authentication is satisfied.
  • the terminal, the serving base station, and the anchor authenticator may trigger re-authentication of the terminal.
  • the terminal, the serving base station, the anchor authenticator may trigger re-authentication of the terminal.
  • the network element that stores the terminal security context may also trigger re-authentication of the terminal.
  • the terminal re-authentication is performed by the terminal and the Authentication, Authorization, Accounting (AAA) server in an end-to-end manner, only the terminal can maintain the end-to-end between the terminal and the AAA server in the active state.
  • Link so for a terminal that is in an idle state, if re-authentication is to be performed, the idle state must be exited.
  • the terminal When the terminal is in an idle state, only the terminal itself and the anchor authenticator (or further including the anchor paging controller) retain the security information of the terminal in the network elements. If the terminal triggers re-authentication on itself, the terminal sends a ranging request message (RNG).
  • RNG ranging request message
  • the terminal can be authenticated (which can also be considered as re-authentication), and the authentication process can rely on the prior art. carry out.
  • the network side network element triggers the re-authentication of the terminal, the network side needs to notify the terminal to exit the idle state, so that the terminal performs re-authentication in the process of network re-entry.
  • the network side network element triggers the re-authentication of the terminal
  • the network side needs to notify the terminal to exit the idle state, so that the terminal performs re-authentication in the process of network re-entry.
  • there are two processes involved in the interaction between the network side network element and the terminal one is a paging process, and the other is a location update.
  • FIG. 1 is a paging procedure in the prior art when data is sent to a terminal, and the specific steps are as follows: Step 101: From a Home Agent (HA) to anchor data channel function
  • HA Home Agent
  • Anchor DPF Anchor Data Path Function
  • FA Foreign Agent
  • ASN GW Access Service Network Gateway
  • Step 102 The anchor data channel function determines that the terminal is in an idle state, and sends an Initiate Paging Request message to the Anchor Paging Controller (Anchor PC) and an associated Location Register (LR).
  • Anchor PC Anchor Paging Controller
  • LR Location Register
  • a request is made to anchor the paging controller (Attach PC) to terminate the terminal to activate the terminal to receive data.
  • the location register is a distributed database, and each Anchor PC has an LR, so it is represented by Anchor PC/LR.
  • the start paging request message contains the necessary information for the paging terminal.
  • Step 103 The Anchor PC/LR sends an Initiate Paging Response message to the Anchor DPF/FA, which is used to confirm whether the information of the terminal is correct in the Anchor PC/LR, and is used to confirm whether the terminal is Authorization is paged.
  • Step 104 If the terminal has been authorized to page, the Anchor PC/LR constructs a paging advertisement (Paging Announce) message, according to the network topology (topology unknown/topology unknown) to one of the following network elements or A plurality of paging advertisement messages are sent: a relay paging controller (Relay PC), a local paging controller (Local PC), and a base station.
  • a relay paging controller Relay PC
  • Local PC local paging controller
  • base station a base station.
  • Step 105 a local paging controller (Local PC) and/or a relay paging controller (Relay PC) Sending a paging announcement message to the base station;
  • Local PC local paging controller
  • Relay PC relay paging controller
  • Step 106 The base station sends a paging broadcast message (MOB_PAG-ADV) through the air interface.
  • Step 107 After receiving the paging broadcast message, the terminal starts a location update or an idle mode exit process; where the idle mode exits the process, that is, re-enters the network. Process, the process of authentication may be performed (this authentication process can also be considered as a re-authentication process).
  • the logical network element Local PC, Relay PC, Anchor PC/LR, Anchor DPF/FA are all resident on the physical network element ASN-GW, and the ID of the logical network element (Anchor PC ID, Anchor ASN)
  • the GW ID, Authenticator ID) is the ID (ASN-GW ID) of the physical network element on which it resides.
  • Step 201 The terminal sends a ranging request message (RNG REQ) to the current preferred base station (or the serving base station) to request a location update, where the request message has an identifier of the anchor paging controller.
  • RNG REQ ranging request message
  • Step 202 The serving base station sends a location update request (LU-Req) to the current serving access network gateway (Serving ASN GW); the local paging controller resides on the current serving access network gateway; Step 203, current service access Serving ASN sends a location update request to the anchor paging controller; if the anchor paging controller resides at the current serving gateway, step 203 is not required; the current serving access network may also pass one or more The access network gateway is sent to the anchor paging controller.
  • LU-Req location update request
  • Step 203 current service access Serving ASN sends a location update request to the anchor paging controller; if the anchor paging controller resides at the current serving gateway, step 203 is not required; the current serving access network may also pass one or more The access network gateway is sent to the anchor paging controller.
  • Step 204 The anchor paging controller interacts with the anchor authenticator, and the anchor paging controller acquires the authentication key context (Authentication Key Context) of the terminal from the anchor authenticator; if the anchor paging controller is anchored And the anchor authenticator resides on the same physical entity, then step 204 is an internal interaction.
  • the authentication key context Authentication Key Context
  • Step 205 after the anchor paging controller obtains the AK Context, sends a location update response message (LU-Rsp) to the serving gateway (Serving ASN GW), where the AK Context is included;
  • L-Rsp location update response message
  • Step 206 The serving gateway sends a location update response message to the serving base station.
  • Step 207 The serving base station sends a ranging response message (RNG RSP) to the terminal; the message may include at least one of the following indication information: location update success, location update failure, and downlink data Send.
  • RNG RSP ranging response message
  • Step 208 The serving base station sends a location update confirmation (LU Cnf) to the serving gateway.
  • Step 209 The service gateway sends a location update confirmation to the Anchor PC; the Anchor PC updates the terminal idle state information, in particular the current location information. Similar to 203, if the anchor paging controller resides at the current serving gateway, step 209 is not required; the current serving access network may also be sent to the anchor paging controller via one or more relay access network gateways. .
  • Step 210 If the Anchor PC updates the Cipher-based Message Authentication Code (CMAC Key) in the received LU Cnf message, the Anchor PC notifies the anchor authenticator to perform CMAC. Key Count update.
  • CMAC Key Cipher-based Message Authentication Code
  • the start paging request is sent to the anchor paging controller (steps 101 to 103, that is, there is data.
  • the Anchor PC is triggered to perform paging, and the anchor paging controller starts paging the terminal, and instructs the terminal to exit the idle mode (steps 104 to 107, that is, the paging process performed by the Anchor PC, that is, the universal paging. Process) .
  • the prior art does not provide a solution for triggering the terminal to exit the idle mode in other ways for subsequent (re)authentication or receiving downlink data.
  • the technical problem to be solved by the present invention is to provide a method for re-authenticating a terminal that triggers an idle state, which supports re-authentication of the terminal in an idle state, and improves system performance.
  • the present invention provides a method for re-authenticating a terminal that triggers an idle state, including: The anchor authenticator determines that a re-authentication of a terminal in an idle state is required, and sends an indication information to an anchor search. The call controller; and the anchor paging controller notifies the terminal in the idle state to exit the idle state.
  • the above method further includes: the terminal in the idle state re-authenticating in the network re-entry after exiting the idle state.
  • the step of the anchor paging controller notifying that the terminal in the idle state exits the idle state is: the anchor paging controller notifies the terminal in the idle state to exit the idle state through the paging procedure.
  • the method further includes: the anchor paging controller obtaining the indication information from the message sent by the anchor authenticator, or The indication message is learned from the message forwarded by the anchor data channel function.
  • At least one of the following messages involved in the process of triggering the idle state of the terminal in the idle state to carry the idle state by the anchor paging controller carries the indication information: anchoring the paging controller to the following network
  • the step of the anchor paging controller notifying that the terminal in the idle state exits the idle state is: the anchor paging controller notifies the terminal in the idle state to exit the idle state through the terminal location update procedure.
  • the method further includes: the anchor paging controller obtaining the indication information from the message sent by the anchor authenticator; Alternatively, the indication information is obtained from the message forwarded by the anchor data channel function; or the indication information is obtained in the process of obtaining the authentication key context from the anchor authenticator.
  • At least one of the following messages involved in the terminal location update procedure carries the indication information: the message that the anchor paging controller sends to one or more of the following network elements: a relay paging controller, local a paging controller, a serving base station; a message sent by the relay paging controller to the next relay paging controller and/or the local paging controller; a message sent by the local paging controller to the serving base station where the terminal is located; And a message sent by the serving base station to the terminal.
  • the indication information is at least one of the following information: performing location update, the terminal exits the idle state, the terminal performs network re-entry, initiates paging to the terminal, re-authenticates the terminal, and sends downlink data to the terminal and the location. Update the results.
  • the present invention further provides a method for triggering downlink data reception by a terminal that triggers an idle state, including: when the anchor data channel function needs to be sent to the terminal, the downlink information is sent to the anchor paging control. And anchoring the paging controller to notify that it is idle The terminal exits the idle state.
  • the method further includes: after the terminal in the idle state exits the idle state, the downlink data is received after the network is re-entered.
  • the anchor paging controller notifies the terminal in the idle state to exit the idle state: the anchor paging controller notifies the terminal in the idle state to exit the idle state to receive the downlink data through the terminal location update procedure.
  • At least one of the following messages involved in the terminal location update procedure carries the indication information: the message that the anchor paging controller sends to one or more of the following network elements: a relay paging controller, local a paging controller, a serving base station; a message sent by the relay paging controller to the next relay paging controller and/or the local paging controller; a message sent by the local paging controller to the serving base station where the terminal is located; And a message sent by the serving base station to the terminal.
  • the indication information is at least one of the following information:
  • the terminal exits the idle state, the terminal performs network re-entry, initiates paging to the terminal, re-authenticates the terminal, and sends downlink data to the terminal and the location update result.
  • a method for initiating re-authentication of a terminal by a network-side entity when the terminal is in an idle state is provided, which is implemented by using a paging process and a location update process of the terminal, compared with the prior art.
  • a new implementation for re-authentication is provided.
  • FIG. 1 is a schematic diagram of a paging process initiated by the Anchor DPF/FA in the prior art
  • FIG. 2 is a schematic diagram of a terminal initiated location update process in the prior art
  • FIG. 3 is a schematic diagram of an anchor authenticator transmitting indication information to an anchor paging controller in an embodiment
  • FIG. 4 is a schematic diagram of a method for re-authenticating a terminal that triggers an idle state in the first embodiment
  • the present invention provides a terminal that triggers an idle state to perform heavy
  • the network side entity an anchor authenticator
  • the terminal actively triggers the terminal in the idle state to perform re-authentication.
  • Embodiment 1 is a diagrammatic representation of Embodiment 1:
  • the triggering process for reauthenticating the terminal is completed by using a paging procedure.
  • the method for re-authenticating the terminal that triggers the idle state includes: The anchor authenticator needs to send the indication information to the anchor paging controller when re-authenticating the terminal in the idle state. After receiving the indication information, the anchor paging controller instructs the terminal to exit the idle state by using the paging procedure, and the terminal authenticates in the process of re-accessing the network after exiting the idle state.
  • the indication information is indication information for triggering re-authentication.
  • FIG. 3 is a schematic diagram of an anchor authenticator transmitting indication information to an anchor paging controller, the anchor authenticator transmitting the indication information to the anchor through various flows and messages that can communicate with the anchor paging controller
  • the paging controller is preferably; preferably, the anchor paging controller returns a response message upon receiving the indication information.
  • the anchor authenticator can send indication information to the anchor paging controller either directly or through an anchor data channel.
  • the specific implementation may be: the anchor paging controller obtains the indication information from the message sent by the anchor authenticator, or obtains the indication message from the message forwarded by the anchor data channel function, and then anchors the paging controller to pass The paging process notifies the terminal in the idle state to exit the idle state.
  • the message sent directly by the anchor authenticator to the anchor paging controller and the message that the anchor authenticator forwards through the anchor data channel function may be a start paging message, or other may be used to anchor the authenticator and anchor A message that communicates between paging controllers.
  • At least one of the following messages involved in the flow of the paging process carries the indication information (preferably, the indication information herein is the reason information of the paging): anchoring the paging controller to the following network element
  • One or more transmitted messages eg, paging announcement messages: a relay paging controller, a local paging controller, a base station; a message sent by the relay paging controller to one or more of the following network elements ( For example, a paging announcement message): a next paging controller of the relay paging controller, a local paging controller, a base station; a message sent by the local paging controller to the base station (eg, a paging announcement message), the base station is A message sent by the air interface (such as a paging broadcast message).
  • the indication information includes at least one of the following information: performing a location update, and the terminal exits the idle state, The terminal performs network re-entry, initiates paging to the terminal, re-authenticates the terminal, and sends downlink data to the terminal.
  • a typical indication is to re-authenticate the terminal.
  • Embodiment 2 is a diagrammatic representation of Embodiment 1:
  • the terminal re-authentication right is triggered by the terminal location update process.
  • the method for triggering the re-authentication of the terminal in the idle state includes: the anchor authenticator needs to send the indication information to the anchor paging controller when re-authenticating the terminal in the idle state, and anchor the paging controller from After the anchor authenticator learns the indication information for triggering the re-authentication right, the terminal is used to indicate that the terminal exits the idle state by using the terminal location update procedure, and the terminal performs (re)authentication in the process of re-accessing the network after exiting the idle state.
  • the indication information is indication information for triggering re-authentication.
  • the anchor paging controller receives the indication information sent by the anchor authenticator before transmitting the location update response message (step 205 of FIG. 2) (the anchor authenticator to the anchor paging controller as shown in FIG. 3) Send a schematic of the instructions). For example, before the step 205 of FIG. 2, after the indication information is obtained from the message sent by the anchor authenticator, the anchor paging controller uses the location update procedure to send the indication information to the terminal in the idle state to indicate that the terminal exits. The idle state; or; before the step 205 of FIG.
  • the anchor paging controller uses the location update process to send the indication information to the terminal in the idle state, Instructing the terminal to exit the idle state; or, in step 204 of FIG. 2, the anchor paging controller learns the indication information in the process of obtaining the authentication key context from the anchor authenticator, and the anchor paging controller utilizes The location update process sends an indication message to the terminal in the idle state to instruct the terminal to exit the idle state.
  • At least one of the following messages involved in the flow of the terminal location update procedure carries the indication information: a message that the anchor paging controller sends to one or more of the following network elements (eg, a location update response message) : a relay paging controller, a local paging controller, a serving base station; a message sent by the relay paging controller to a next paging paging controller and/or a local paging controller (eg, a location update response message) a message sent by the local paging controller to the serving base station where the terminal is located (for example, a location update response message), and a message sent by the serving base station to the terminal (for example, a ranging response message).
  • a message that the anchor paging controller sends to one or more of the following network elements eg, a location update response message
  • the relay paging controller sends to one or more of the following network elements (eg, a location update response message) : a relay paging controller, a local
  • the indication information includes at least one of the following information:
  • the terminal exits the idle state, and the terminal performs the network.
  • Re-enter initiate paging to the terminal, re-authenticate the terminal, and send downlink data to the terminal to update the location.
  • a typical indication is to re-authenticate the terminal.
  • the specific embodiment 1 includes the following steps:
  • Step 401 The anchor authenticator sends a start paging request message to the Anchor PC/LR.
  • the anchor authenticator finds that a terminal needs to be re-authenticated, if the terminal is found to be in an idle mode, the terminal is The Anchor PC/LR of the terminal is found in the context information, and then a Start Page Request message is sent to the Anchor PC/LR of the terminal.
  • the Anchor Authenticator sends a Start Page Request message to the Anchor PC/LR of the terminal only when the terminal is authorized to page.
  • the start paging request message carries at least one of the following information: the identification information of the terminal, the reason information of the paging; and further, wherein the identification information of the terminal is an identifier of the terminal that needs to be re-authenticated.
  • the reason for the paging is at least one of the following: performing location update, the terminal exiting the idle state, the terminal performing network re-entry, paging the terminal, re-authenticating the terminal, and transmitting downlink data to the terminal.
  • Step 402 The Anchor PC/LR sends a start paging response message to the anchor authenticator.
  • the Anchor PC/LR After the Anchor PC/LR receives the start page request message sent by the anchor authenticator, the Anchor PC/LR sends a start page response message to the anchor authenticator; the start of the page response message includes the following two aspects: Whether the terminal information saved by the Anchor PC/LR is correct, confirm whether the terminal is authorized to perform paging operations.
  • Steps 403-406 correspond to steps 104 through 107 in Fig. 1.
  • At least one of the paging announcement message of steps 403 and 404 and the paging broadcast message of step 405 carries paging cause information.
  • the anchor authenticator and the Anchor PC/LR are located in the same physical entity, the above steps 401 and 402 are internal interactions.
  • Embodiment 1 the anchor authenticator is indirectly passed through the paging process.
  • Step 501 The anchor authenticator sends a start paging request message to the Anchor DPF/FA.
  • the anchor authenticator finds that re-authentication is required for a terminal, if the terminal is found to be in an idle mode, the terminal is The ASN-GW ID (also called Anchor ASN GW ID) of the Anchor DPF/FA of the terminal is found in the context information, and then a Start Page Request message is sent to the ASN GW ID.
  • Anchor ASN GW ID also called Anchor ASN GW ID
  • the Anchor Authenticator sends a Start Paging Request message to the Anchor DPF/FA of the terminal only when the terminal is authorized to page.
  • the start paging request message carries at least one of the following information: the identification information of the terminal, the reason information of the paging; and further, wherein the identification information of the terminal is an identifier of the terminal that needs to be re-authenticated.
  • the reason for the paging is at least one of the following: performing location update, the terminal exiting the idle state, the terminal performing network re-entry, paging the terminal, re-authenticating the terminal, and transmitting downlink data to the terminal.
  • Step 502 The Anchor DPF/FA forwards the received start paging request message to the Anchor PC/LR.
  • the Anchor DPF/FA After the Anchor DPF/FA receives the start paging request message sent by the anchor authenticator, if the terminal is found to be in the idle mode, the ASN of the Anchor PC/LR resident of the terminal is found from the context information of the terminal.
  • the GW ID also known as the Anchor PC ID
  • the Anchor PC/LR After the Anchor PC/LR receives the start page request message sent by the Anchor DPF/FA, the Anchor PC/LR sends a start page response message to the Anchor DPF/FA; the message acts as follows: One: Confirm whether the terminal information saved by Anchor PC/LR is correct, and confirm whether to authorize paging of the terminal.
  • Step 504 the Anchor DPF/FA forwards the received start page response message to the anchor authenticator.
  • Steps 505-508 are the same as 104-107 in Fig. 1.
  • At least one of the paging announcement message of steps 505 and 506 and the paging broadcast message of step 507 carries paging cause information.
  • steps 501-504 are not required, and the interaction between the anchor authenticator and the anchor paging controller is an internal interaction; if the anchor authenticator and When the Anchor DPF/FA is in the same physical entity, steps 501 and 504 are internal interactions; if Anchor PC/LR and Anchor DP/FA are located in the same physical entity, then steps 502 and 503 are internal interactions.
  • the third embodiment describes in detail the process of completing the triggering by the terminal location update process in the second embodiment.
  • the anchor authenticator needs to re-authenticate the terminal in the idle mode
  • the indication information is sent to the anchor paging controller, and the anchor paging controller instructs the terminal to exit the idle mode in the network re-entry through the terminal location update procedure.
  • the process is authenticated.
  • the existing terminal location update procedure is used for terminal trigger location update.
  • the process may be further modified.
  • the terminal further sends other indication information to the terminal to indicate that the terminal exits the idle mode.
  • the terminal After receiving the corresponding indication information, the terminal performs idle mode exit, and the terminal is in the network re-entry process. Perform (re)authentication.
  • the indication information is sent to the anchor paging controller; that is, the anchor paging controller receives the anchor authentication before sending the location update response message (step 205 of FIG. 2)
  • the indication information sent by the device (such as step 401 in FIG. 4 or step 502 in FIG. 5), or the indication information is obtained from the anchor authentication in step 204 of FIG.
  • the anchor paging controller notifies the terminal of the indication information through the location update procedure. After receiving the indication information, the terminal exits the idle state and performs (re)authentication in the process of re-entering the network.
  • At least one of the messages in steps 205-207 includes the above indication information, and the indication information is the following At least one of the information: the terminal exits the idle state, the terminal performs network re-entry, initiates paging to the terminal, re-authenticates the terminal, and sends downlink data to the terminal, and the location update result.
  • a typical indication is to re-authenticate the terminal.
  • the present invention also provides a method for triggering downlink data reception by a terminal that triggers an idle state.
  • the paging process is generally used to enable the terminal to exit the idle state and then receive the downlink data.
  • the paging controller one or more of the anchor paging control, the relay paging controller, and the local paging controller
  • the paging process sends a search to a large number of base stations in the paging group.
  • the paging message is sent, and a large number of base stations that receive the paging channel message by the paging group send the paging broadcast message to the paging terminal through the air interface, and in the terminal location update process, only the terminal needs to communicate with the current preferred base station. Therefore, the terminal in the terminal location update process triggers the idle state to exit the idle state for downlink data reception, which can save the network side and air interface resource overhead.
  • the location update process is used to instruct the terminal to exit the idle mode to receive the downlink data.
  • the method specifically includes: anchoring the data channel function, when the downlink data needs to be sent to the terminal, sending the indication information to the anchor paging controller, and the anchor paging controller triggers the idle state terminal to exit the idle state to perform downlink data. Reception.
  • the indication message is an indication message for triggering receiving downlink data.
  • the location update process is now used for terminal trigger location update.
  • this process can be further modified to further indicate that downlink data is sent to the terminal while the location is being updated.
  • the terminal After receiving the corresponding indication, the terminal exits the idle mode, and the terminal exits the idle mode, that is, after re-entering the network, the downlink data can be received.
  • the indication information is sent to the anchor paging controller; that is, the anchor paging controller receives the anchor data before transmitting the location update response message (step 205 of FIG. 2).
  • the indication information sent by the channel (step 102 in FIG. 1), the anchor paging controller may notify the terminal to the terminal through the location update process; after receiving the indication information, the terminal exits the idle mode, and then the terminal re-enters the network to receive the downlink. data.
  • At least one of the following messages involved in the flow of the terminal location update process carries the finger Information: Anchoring a message sent by the paging controller to one or more of the following network elements (eg, location update response message): relay paging controller, local paging controller, serving base station; relay paging A message sent by the controller to the next relay paging controller and/or the local paging controller (eg, a location update response message), a message sent by the local paging controller to the serving base station where the terminal is located (eg, location update) Response message), a message sent by the serving base station to the terminal (eg, a ranging response message). That is, at least one of the messages in steps 205-207 includes the above indication message.
  • the indication information is at least one of the following information:
  • the terminal exits the idle state, the terminal performs network re-entry, initiates paging to the terminal, re-authenticates the terminal, and sends downlink data to the terminal to update the location.
  • a typical indication message is that downlink data is sent to the terminal.
  • the functions of the Anchor DPF and the Anchor DF are equivalent.
  • the invention provides a method for initiating re-authentication of a terminal by a network-side entity when the terminal is in an idle state, which is implemented by using a paging process and a location update process of the terminal, and provides a method compared with the prior art.
  • a new implementation scheme for re-authentication is implemented by using a paging process and a location update process of the terminal.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Disclosed is a method for triggering re-authentication of a terminal in the idle state, said method including: when determining that it is required to perform the re-authentication of the terminal in the idle state, an anchor authenticator transmits indication information to an anchor paging controller; and the anchor paging controller informs the terminal in the idle state to quit the idle state and the re-authentication of the terminal is performed. The method is implemented by utilizing both paging procedure mode and terminal location update procedure mode. The present invention provides a new implementation scheme of performing re-authentication.

Description

一种触发空闲状态的终端进行重鉴权的方法  Method for re-authentication of terminal triggering idle state
技术领域 Technical field
本发明涉及无线通讯领域, 尤其涉及一种触发空闲状态的终端进行重鉴 权的方法。  The present invention relates to the field of wireless communications, and in particular, to a method for triggering a re-authentication of a terminal that triggers an idle state.
背景技术 Background technique
微波存取全球互通 ( Worldwide Interoperability for Microwave Access , 简 称 WiMAX )是现有无线通讯技术标准之一。 对于 WiMAX终端的状态, 有 激活状态和空闲状态之分。 WiMAX终端开机后, 会完成一个入网流程, 然 后进入激活状态; 进入激活状态的终端和网络侧的网元进行交互, 进行上下 行业务处理。 经过一定时间, 如果没有上下行的业务, 终端会进入空闲状态, 进入空闲状态的终端, 只会在锚定寻呼控制器(Anchor Paging Controller, 简 称 Anchor PC ) 中保存终端上下文, 而其它资源 (例如激活状态下接口 R1、 R6、 R4, 以及服务基站等)会释放与该终端有关的资源, 终端和网络只在特 定的寻呼时刻发生联系, 从而终端可以在其它时刻关闭收发设备, 达到省电 的效果。  Worldwide Interoperability for Microwave Access (WIMAX) is one of the existing standards for wireless communication technology. For the state of the WiMAX terminal, there are active and idle states. After the WiMAX terminal is powered on, it will complete a network access process and then enter the active state. The terminal that enters the active state interacts with the network element on the network side to perform uplink and downlink service processing. After a certain period of time, if there is no uplink and downlink traffic, the terminal will enter the idle state and enter the idle state terminal. Only the anchor paging controller (Anchor PC) will save the terminal context, while other resources ( For example, the interfaces R1, R6, R4, and the serving base station in the active state release the resources related to the terminal, and the terminal and the network only contact at a specific paging moment, so that the terminal can turn off the transceiver device at other times, thereby achieving the province. The effect of electricity.
对于终端, 除了在初始入网过程中需要鉴权外, 当满足重鉴权的条件时 还会进行重鉴权。 对于激活状态的终端, 终端、 服务基站、 锚定鉴权器都可 能触发对终端的重鉴权。 例如, 当这些网元(终端、 服务基站、 锚定鉴权器) 与安全上下文( Security Context )相关的某些定时器接近超时或者计数值接近 最大值时, 就会触发对终端进行重鉴权。 当终端进入空闲模式后, 保存有终 端安全上下文的网元同样可能触发对终端进行重鉴权。  For the terminal, in addition to the authentication required in the initial network access process, the re-authentication is performed when the condition of the re-authentication is satisfied. For an active terminal, the terminal, the serving base station, and the anchor authenticator may trigger re-authentication of the terminal. For example, when some of the timers associated with the security context (the terminal, the serving base station, the anchor authenticator) are close to the timeout or the count value is close to the maximum value, the terminal is re-authenticated. . After the terminal enters the idle mode, the network element that stores the terminal security context may also trigger re-authentication of the terminal.
由于终端重鉴权是终端和鉴权授权计费( Authentication , Authorization , Accounting, 简称 AAA )服务器以端到端的形式进行的, 只有终端在激活态 下才能维持终端到 AAA服务器之间的端到端的链接,因此对于一个处于空闲 状态下的终端, 如果要进行重鉴权, 则必须退出空闲状态。  Since the terminal re-authentication is performed by the terminal and the Authentication, Authorization, Accounting (AAA) server in an end-to-end manner, only the terminal can maintain the end-to-end between the terminal and the AAA server in the active state. Link, so for a terminal that is in an idle state, if re-authentication is to be performed, the idle state must be exited.
终端处于空闲状态时, 只有终端自身和锚定鉴权器(或进一步包括锚定 寻呼控制器)这些网元中保存有终端的安全信息。 如果是终端触发对自身的重鉴权, 那么终端会发送测距请求消息 (RNGWhen the terminal is in an idle state, only the terminal itself and the anchor authenticator (or further including the anchor paging controller) retain the security information of the terminal in the network elements. If the terminal triggers re-authentication on itself, the terminal sends a ranging request message (RNG).
REQ )给优选基站, 退出空闲状态模式流程; 一旦终端退出空闲状态模式, 也就是重新入网, 即可对终端鉴权(也可以认为是重鉴权) , 该鉴权过程依 靠现有技术就可以完成。 REQ) to the preferred base station, exiting the idle state mode flow; once the terminal exits the idle state mode, that is, re-entering the network, the terminal can be authenticated (which can also be considered as re-authentication), and the authentication process can rely on the prior art. carry out.
如果是网络侧网元触发对终端的重鉴权, 则网络侧需要通知终端退出空 闲状态, 从而使终端在网络重入的过程中进行重鉴权。 现有技术中, 有两种 流程涉及到网络侧网元和终端的交互, 一个是寻呼流程, 另外一个是位置更 新。  If the network side network element triggers the re-authentication of the terminal, the network side needs to notify the terminal to exit the idle state, so that the terminal performs re-authentication in the process of network re-entry. In the prior art, there are two processes involved in the interaction between the network side network element and the terminal, one is a paging process, and the other is a location update.
图 1是现有技术中当有数据下发给终端时的寻呼流程, 具体步骤如下: 步骤 101 , 从家乡代理(Home Agent, 简称 HA ) 向锚定数据通道功能 FIG. 1 is a paging procedure in the prior art when data is sent to a terminal, and the specific steps are as follows: Step 101: From a Home Agent (HA) to anchor data channel function
( Anchor Data Path Function, 简称 Anchor DPF ) 以及相关联的外地代理 ( Foreign Agent, 简称 FA )发送下行数据。 外地代理 FA和 Anchor DPF总是 驻留在同一个接入业务网络网关( ASN GW )上, 因此通常用 Anchor DPF/FA 表示。 锚定数据通道功能和外地代理緩存此下行数据。 (Anchor Data Path Function, referred to as Anchor DPF) and the associated Foreign Agent (FA) send downlink data. The foreign agent FA and Anchor DPF always reside on the same Access Service Network Gateway (ASN GW) and are therefore usually represented by Anchor DPF/FA. The anchor data channel function and the foreign agent cache this downstream data.
步骤 102 , 锚定数据通道功能判断终端处于空闲状态, 向锚定寻呼控制 器(Anchor PC ) 以及相关联的位置寄存器( Location Register, 简称 LR )发 送开始寻呼请求消息( Initiate Paging Request ) ,请求锚定寻呼控制器( Anchor PC )寻呼终端, 以便激活终端使其接收数据。 位置寄存器是一个分布式数据 库 ,每个 Anchor PC都有一个 LR, 因此釆用 Anchor PC/LR表示。开始寻呼请 求消息中包含寻呼终端的必要信息。  Step 102: The anchor data channel function determines that the terminal is in an idle state, and sends an Initiate Paging Request message to the Anchor Paging Controller (Anchor PC) and an associated Location Register (LR). A request is made to anchor the paging controller (Attach PC) to terminate the terminal to activate the terminal to receive data. The location register is a distributed database, and each Anchor PC has an LR, so it is represented by Anchor PC/LR. The start paging request message contains the necessary information for the paging terminal.
步骤 103 , Anchor PC/LR 向 Anchor DPF/FA发送开始寻呼响应消息 ( Initiate Paging Response ) , 一方面用于确认在 Anchor PC/LR中该终端的信 息是否正确, 一方面用于确认这个终端是否授权被寻呼。  Step 103: The Anchor PC/LR sends an Initiate Paging Response message to the Anchor DPF/FA, which is used to confirm whether the information of the terminal is correct in the Anchor PC/LR, and is used to confirm whether the terminal is Authorization is paged.
步骤 104, 如果此终端已被授权寻呼, 则 Anchor PC/LR构造寻呼通告 ( Paging Announce )消息, 根据网络拓朴情况(拓朴已知 /拓朴未知)向以下 网元中的一个或多个发送寻呼通告消息: 中继寻呼控制器 (Relay PC)、 本地寻 呼控制器(Local PC ) 、 基站。  Step 104: If the terminal has been authorized to page, the Anchor PC/LR constructs a paging advertisement (Paging Announce) message, according to the network topology (topology unknown/topology unknown) to one of the following network elements or A plurality of paging advertisement messages are sent: a relay paging controller (Relay PC), a local paging controller (Local PC), and a base station.
步骤 105 ,本地寻呼控制器 ( Local PC )和 /或中继寻呼控制器 ( Relay PC ) 向基站发送寻呼通告消息; Step 105, a local paging controller (Local PC) and/or a relay paging controller (Relay PC) Sending a paging announcement message to the base station;
步骤 106, 基站通过空口发送寻呼广播消息 ( MOB— PAG- ADV ) ; 步骤 107 , 终端收到寻呼广播消息后, 开始位置更新或空闲模式退出流 程; 其中对于空闲模式退出流程, 即重入网流程,可能会进行鉴权的过程(该 鉴权过程也可以认为是重鉴权过程) 。  Step 106: The base station sends a paging broadcast message (MOB_PAG-ADV) through the air interface. Step 107: After receiving the paging broadcast message, the terminal starts a location update or an idle mode exit process; where the idle mode exits the process, that is, re-enters the network. Process, the process of authentication may be performed (this authentication process can also be considered as a re-authentication process).
在上述流程图中, 其中逻辑网元 Local PC、 Relay PC、 Anchor PC/LR, Anchor DPF/FA都是驻留在物理网元 ASN-GW上,逻辑网元的 ID( Anchor PC ID, Anchor ASN GW ID, Authenticator ID )就是其驻留的物理网元的 ID ( ASN-GW ID ) 。  In the above flowchart, the logical network element Local PC, Relay PC, Anchor PC/LR, Anchor DPF/FA are all resident on the physical network element ASN-GW, and the ID of the logical network element (Anchor PC ID, Anchor ASN) The GW ID, Authenticator ID) is the ID (ASN-GW ID) of the physical network element on which it resides.
图 2是现有技术中终端进行位置更新的流程图, 具体步骤如下 2 is a flow chart of a location update of a terminal in the prior art, and the specific steps are as follows:
步骤 201 , 终端向当前优选基站(或称为服务基站)发送测距请求消息 ( RNG REQ ) , 请求位置更新, 请求消息中有锚定寻呼控制器的标识。  Step 201: The terminal sends a ranging request message (RNG REQ) to the current preferred base station (or the serving base station) to request a location update, where the request message has an identifier of the anchor paging controller.
步骤 202, 服务基站向当前服务接入网网关 ( Serving ASN GW )发送位 置更新请求(LU-Req ); 当前服务接入网网关上驻留有本地寻呼控制器; 步骤 203 , 当前服务接入网 ( Serving ASN ) 向锚定寻呼控制器发送位置 更新请求; 如果锚定寻呼控制器驻留在当前服务网关, 则不需要步骤 203; 当前服务接入网也可能经过一个或多个中继接入网网关发送到锚定寻呼控制 器。  Step 202: The serving base station sends a location update request (LU-Req) to the current serving access network gateway (Serving ASN GW); the local paging controller resides on the current serving access network gateway; Step 203, current service access Serving ASN sends a location update request to the anchor paging controller; if the anchor paging controller resides at the current serving gateway, step 203 is not required; the current serving access network may also pass one or more The access network gateway is sent to the anchor paging controller.
步骤 204, 锚定寻呼控制器和锚定鉴权器交互, 锚定寻呼控制器从锚定 鉴权器获取终端的鉴权密钥上下文( Authentication Key Context ) ; 如果锚定 寻呼控制器和锚定鉴权器驻留在同一个物理实体上, 则为步骤 204为内部交 互。  Step 204: The anchor paging controller interacts with the anchor authenticator, and the anchor paging controller acquires the authentication key context (Authentication Key Context) of the terminal from the anchor authenticator; if the anchor paging controller is anchored And the anchor authenticator resides on the same physical entity, then step 204 is an internal interaction.
步骤 205, 锚定寻呼控制器获取到 AK Context后, 向服务网关 ( Serving ASN GW )发送位置更新响应消息 (LU-Rsp), 其中包含有 AK Context;  Step 205, after the anchor paging controller obtains the AK Context, sends a location update response message (LU-Rsp) to the serving gateway (Serving ASN GW), where the AK Context is included;
步骤 206 , 服务网关向服务基站发送位置更新响应消息;  Step 206: The serving gateway sends a location update response message to the serving base station.
步骤 207, 服务基站向终端发送测距响应消息 (RNG RSP ) ; 该消息可 以包含如下指示信息至少之一: 位置更新成功、 位置更新失败、 有下行数据 发送。 Step 207: The serving base station sends a ranging response message (RNG RSP) to the terminal; the message may include at least one of the following indication information: location update success, location update failure, and downlink data Send.
步骤 208, 服务基站向服务网关发送位置更新确认 (LU Cnf);  Step 208: The serving base station sends a location update confirmation (LU Cnf) to the serving gateway.
步骤 209, 服务网关向 Anchor PC发送位置更新确认; Anchor PC更新终 端空闲状态信息, 特别是当前的位置信息。 同 203类似, 如果锚定寻呼控制 器驻留在当前服务网关, 则不需要步骤 209; 当前服务接入网也可能经过一 个或多个中继接入网网关发送到锚定寻呼控制器。  Step 209: The service gateway sends a location update confirmation to the Anchor PC; the Anchor PC updates the terminal idle state information, in particular the current location information. Similar to 203, if the anchor paging controller resides at the current serving gateway, step 209 is not required; the current serving access network may also be sent to the anchor paging controller via one or more relay access network gateways. .
步骤 210, 如果 Anchor PC在收到 LU Cnf消息中基于加密的消息鉴权码 密钥( Cipher-based Message Authentication Code CMAC Key,简称 CMAC Key ) 有更新, 则 Anchor PC通知锚定鉴权器进行 CMAC Key Count更新。  Step 210: If the Anchor PC updates the Cipher-based Message Authentication Code (CMAC Key) in the received LU Cnf message, the Anchor PC notifies the anchor authenticator to perform CMAC. Key Count update.
从图 1可知, 当终端处于空闲状态时, 只有当 Anchor DPF/FA有数据要 发送给终端时, 才发送开始寻呼请求给锚定寻呼控制器 (步骤 101〜步骤 103 , 即为有数据下发时触发 Anchor PC进行寻呼) , 让锚定寻呼控制器开始寻呼 终端, 指示终端退出空闲模式(步骤 104到步骤 107 , 即 Anchor PC进行的寻 呼流程, 即为通用的寻呼流程) 。 现有技术中未提供以其它方式触发终端退 出空闲模式以便进行后续 (重)鉴权或接收下行数据等过程的方案。  As can be seen from FIG. 1, when the terminal is in an idle state, only when the Anchor DPF/FA has data to send to the terminal, the start paging request is sent to the anchor paging controller (steps 101 to 103, that is, there is data. When the delivery is triggered, the Anchor PC is triggered to perform paging, and the anchor paging controller starts paging the terminal, and instructs the terminal to exit the idle mode (steps 104 to 107, that is, the paging process performed by the Anchor PC, that is, the universal paging. Process) . The prior art does not provide a solution for triggering the terminal to exit the idle mode in other ways for subsequent (re)authentication or receiving downlink data.
发明内容 Summary of the invention
本发明要解决的技术问题是提供一种触发空闲状态的终端进行重鉴权的 方法, 支持终端在空闲状态下的重鉴权, 提高系统性能。  The technical problem to be solved by the present invention is to provide a method for re-authenticating a terminal that triggers an idle state, which supports re-authentication of the terminal in an idle state, and improves system performance.
为了解决上述问题, 本发明提供了一种触发空闲状态的终端进行重鉴权 的方法, 包括: 锚定鉴权器判断需要对处于空闲状态的终端进行重鉴权时, 发送指示信息至锚定寻呼控制器; 以及锚定寻呼控制器通知处于空闲状态的 终端退出空闲状态。  In order to solve the above problem, the present invention provides a method for re-authenticating a terminal that triggers an idle state, including: The anchor authenticator determines that a re-authentication of a terminal in an idle state is required, and sends an indication information to an anchor search. The call controller; and the anchor paging controller notifies the terminal in the idle state to exit the idle state.
上述方法还包括: 空闲状态的终端在退出空闲状态后的网络重入中, 进 行重鉴权。  The above method further includes: the terminal in the idle state re-authenticating in the network re-entry after exiting the idle state.
上述方法中, 锚定寻呼控制器通知处于空闲状态的终端退出空闲状态的 步骤为: 锚定寻呼控制器通过寻呼流程通知处于空闲状态的终端退出空闲状 态。 在锚定寻呼控制器通过寻呼流程通知处于空闲状态的终端退出空闲状态 的步骤, 上述方法还包括: 锚定寻呼控制器从锚定鉴权器发送的消息中获知 指示信息, 或者, 从锚定数据通道功能转发的消息中获知指示消息。 In the above method, the step of the anchor paging controller notifying that the terminal in the idle state exits the idle state is: the anchor paging controller notifies the terminal in the idle state to exit the idle state through the paging procedure. And the step of the anchor paging controller notifying the terminal in the idle state to exit the idle state by the paging process, the method further includes: the anchor paging controller obtaining the indication information from the message sent by the anchor authenticator, or The indication message is learned from the message forwarded by the anchor data channel function.
上述方法中, 锚定寻呼控制器通过寻呼流程触发处于空闲状态的终端退 出空闲状态的过程中涉及的下述消息中至少之一携带所述指示信息: 锚定寻 呼控制器向以下网元中的一个或多个发送的消息: 中继寻呼控制器、 本地寻 呼控制器、 基站; 中继寻呼控制器向以下网元中的一个或多个发送的消息: 此中继寻呼控制器的下一个寻呼控制器、 本地寻呼控制器、 基站; 本地寻呼 控制器向基站发送的消息; 以及基站在空中接口发送的消息。  In the above method, at least one of the following messages involved in the process of triggering the idle state of the terminal in the idle state to carry the idle state by the anchor paging controller carries the indication information: anchoring the paging controller to the following network One or more messages sent in the element: a relay paging controller, a local paging controller, a base station; a message sent by the relay paging controller to one or more of the following network elements: The next paging controller of the call controller, the local paging controller, the base station; the message sent by the local paging controller to the base station; and the message sent by the base station over the air interface.
上述方法中, 锚定寻呼控制器通知处于空闲状态的终端退出空闲状态的 步骤为: 锚定寻呼控制器通过终端位置更新流程通知处于空闲状态的终端退 出空闲状态。  In the above method, the step of the anchor paging controller notifying that the terminal in the idle state exits the idle state is: the anchor paging controller notifies the terminal in the idle state to exit the idle state through the terminal location update procedure.
在锚定寻呼控制器通过终端位置更新流程通知处于空闲状态的终端退出 空闲状态的步骤之前, 上述方法还包括: 锚定寻呼控制器从锚定鉴权器发送 的消息中获知指示信息; 或者, 从锚定数据通道功能转发的消息中获知指示 信息; 或者, 在从锚定鉴权器获取鉴权密钥上下文的过程中获知指示信息。  Before the step of the anchor paging controller notifying the terminal in the idle state to exit the idle state by the terminal location update procedure, the method further includes: the anchor paging controller obtaining the indication information from the message sent by the anchor authenticator; Alternatively, the indication information is obtained from the message forwarded by the anchor data channel function; or the indication information is obtained in the process of obtaining the authentication key context from the anchor authenticator.
上述方法中, 终端位置更新流程中涉及的下述各消息至少之一携带指示 信息: 锚定寻呼控制器向以下网元中的一个或多个发送的消息: 中继寻呼控 制器、 本地寻呼控制器、 服务基站; 中继寻呼控制器向下一个中继寻呼控制 器和 /或本地寻呼控制器发送的消息; 本地寻呼控制器向终端所在的服务基站 发送的消息; 以及服务基站向终端发送的消息。  In the above method, at least one of the following messages involved in the terminal location update procedure carries the indication information: the message that the anchor paging controller sends to one or more of the following network elements: a relay paging controller, local a paging controller, a serving base station; a message sent by the relay paging controller to the next relay paging controller and/or the local paging controller; a message sent by the local paging controller to the serving base station where the terminal is located; And a message sent by the serving base station to the terminal.
上述方法中, 指示信息是以下信息中至少之一: 进行位置更新, 终端退 出空闲状态, 终端进行网络重入, 对终端发起寻呼, 对终端进行重鉴权, 有 下行数据发送给终端以及位置更新结果。  In the above method, the indication information is at least one of the following information: performing location update, the terminal exits the idle state, the terminal performs network re-entry, initiates paging to the terminal, re-authenticates the terminal, and sends downlink data to the terminal and the location. Update the results.
为了解决上述问题, 本发明还提供了一种触发空闲状态的终端进行下行 数据接收的方法, 包括: 锚定数据通道功能有下行数据需要下发至终端时, 发送指示信息至锚定寻呼控制器; 以及锚定寻呼控制器通知处于空闲状态的 终端退出空闲状态。 In order to solve the above problem, the present invention further provides a method for triggering downlink data reception by a terminal that triggers an idle state, including: when the anchor data channel function needs to be sent to the terminal, the downlink information is sent to the anchor paging control. And anchoring the paging controller to notify that it is idle The terminal exits the idle state.
上述方法还包括: 处于空闲状态的终端退出空闲状态后, 在网络重入后 进行下行数据的接收。  The method further includes: after the terminal in the idle state exits the idle state, the downlink data is received after the network is re-entered.
上述方法中, 锚定寻呼控制器通知处于空闲状态的终端退出空闲状态的 步骤为: 锚定寻呼控制器通过终端位置更新流程通知处于空闲状态的终端退 出空闲状态以进行下行数据的接收。  In the above method, the anchor paging controller notifies the terminal in the idle state to exit the idle state: the anchor paging controller notifies the terminal in the idle state to exit the idle state to receive the downlink data through the terminal location update procedure.
上述方法中, 终端位置更新流程中涉及的下述各消息至少之一携带指示 信息: 锚定寻呼控制器向以下网元中的一个或多个发送的消息: 中继寻呼控 制器、 本地寻呼控制器、 服务基站; 中继寻呼控制器向下一个中继寻呼控制 器和 /或本地寻呼控制器发送的消息; 本地寻呼控制器向终端所在的服务基站 发送的消息; 以及服务基站向终端发送的消息。  In the above method, at least one of the following messages involved in the terminal location update procedure carries the indication information: the message that the anchor paging controller sends to one or more of the following network elements: a relay paging controller, local a paging controller, a serving base station; a message sent by the relay paging controller to the next relay paging controller and/or the local paging controller; a message sent by the local paging controller to the serving base station where the terminal is located; And a message sent by the serving base station to the terminal.
上述方法中, 指示信息是以下信息中至少之一: 终端退出空闲状态, 终 端进行网络重入, 对终端发起寻呼, 对终端进行重鉴权, 有下行数据发送给 终端以及位置更新结果。  In the above method, the indication information is at least one of the following information: The terminal exits the idle state, the terminal performs network re-entry, initiates paging to the terminal, re-authenticates the terminal, and sends downlink data to the terminal and the location update result.
本发明中, 提供了一种在终端处空闲状态时由网络侧实体发起对终端的 重鉴权的方法, 釆用寻呼流程和终端的位置更新流程两种方式实现, 相比现 有技术, 提供了一种新的进行重鉴权的实现方案。  In the present invention, a method for initiating re-authentication of a terminal by a network-side entity when the terminal is in an idle state is provided, which is implemented by using a paging process and a location update process of the terminal, compared with the prior art. A new implementation for re-authentication is provided.
附图概述 BRIEF abstract
图 1 是现有技术中 Anchor DPF/FA发起寻呼流程示意图;  1 is a schematic diagram of a paging process initiated by the Anchor DPF/FA in the prior art;
图 2 是现有技术中终端发起位置更新流程示意图;  2 is a schematic diagram of a terminal initiated location update process in the prior art;
图 3是实施例中锚定鉴权器向锚定寻呼控制器发送指示信息的示意图; 图 4 是具体实施例一中触发空闲状态的终端进行重鉴权的方法示意图; 图 5是具体实施例二中触发空闲状态的终端进行重鉴权的方法示意图。  3 is a schematic diagram of an anchor authenticator transmitting indication information to an anchor paging controller in an embodiment; FIG. 4 is a schematic diagram of a method for re-authenticating a terminal that triggers an idle state in the first embodiment; FIG. A schematic diagram of a method for re-authenticating a terminal that triggers an idle state in the second example.
本发明的较佳实施方式 Preferred embodiment of the invention
根据本发明的技术方案, 本发明提供了一种触发空闲状态的终端进行重 鉴权的方法, 该方法中, 由网络侧实体(锚定鉴权器) 而非终端主动触发处 于空闲状态的终端进行重鉴权。 According to the technical solution of the present invention, the present invention provides a terminal that triggers an idle state to perform heavy In the method, the network side entity (an anchor authenticator), rather than the terminal, actively triggers the terminal in the idle state to perform re-authentication.
下面结合附图及具体实施例对本发明方法进行详细说明。  The method of the present invention will be described in detail below with reference to the accompanying drawings and specific embodiments.
实施例一:  Embodiment 1:
实施例一中釆用寻呼流程完成对终端重鉴权的触发。  In the first embodiment, the triggering process for reauthenticating the terminal is completed by using a paging procedure.
触发空闲状态的终端进行重鉴权的方法包括: 锚定鉴权器需要对处于空 闲状态的终端进行重鉴权时, 发送指示信息至锚定寻呼控制器。 锚定寻呼控 制器收到此指示信息后, 釆用寻呼流程指示终端退出空闲状态, 终端退出空 闲状态后在重新接入网络的过程中进行鉴权。 在本实施例中, 指示信息是用 于触发重鉴权的指示信息。  The method for re-authenticating the terminal that triggers the idle state includes: The anchor authenticator needs to send the indication information to the anchor paging controller when re-authenticating the terminal in the idle state. After receiving the indication information, the anchor paging controller instructs the terminal to exit the idle state by using the paging procedure, and the terminal authenticates in the process of re-accessing the network after exiting the idle state. In this embodiment, the indication information is indication information for triggering re-authentication.
图 3是锚定鉴权器向锚定寻呼控制器发送指示信息的示意图, 锚定鉴权 器可通过各种可与锚定寻呼控制器进行通信的流程和消息将指示信息发送至 锚定寻呼控制器; 优选地,锚定寻呼控制器在收到指示信息后返回响应消息。 例如, 锚定鉴权器可以直接或通过锚定数据通道将指示信息发送给锚定寻呼 控制器。 具体实施时可以是: 锚定寻呼控制器从锚定鉴权器发送的消息中获 知指示信息, 或者, 从锚定数据通道功能转发的消息中获知指示消息, 然后 锚定寻呼控制器通过寻呼流程通知处于空闲状态的终端退出空闲状态。 锚定 鉴权器直接向锚定寻呼控制器发送的消息和锚定鉴权器通过锚定数据通道功 能转发的消息可以是开始寻呼消息, 或者其它可用于锚定鉴权器和锚定寻呼 控制器之间进行通讯的消息。  3 is a schematic diagram of an anchor authenticator transmitting indication information to an anchor paging controller, the anchor authenticator transmitting the indication information to the anchor through various flows and messages that can communicate with the anchor paging controller The paging controller is preferably; preferably, the anchor paging controller returns a response message upon receiving the indication information. For example, the anchor authenticator can send indication information to the anchor paging controller either directly or through an anchor data channel. The specific implementation may be: the anchor paging controller obtains the indication information from the message sent by the anchor authenticator, or obtains the indication message from the message forwarded by the anchor data channel function, and then anchors the paging controller to pass The paging process notifies the terminal in the idle state to exit the idle state. The message sent directly by the anchor authenticator to the anchor paging controller and the message that the anchor authenticator forwards through the anchor data channel function may be a start paging message, or other may be used to anchor the authenticator and anchor A message that communicates between paging controllers.
在寻呼过程的流程中涉及的下述各消息中至少一个携带所述指示信息 (优选地, 这里的指示信息即是寻呼的原因信息) : 锚定寻呼控制器向以下 网元中的一个或多个发送的消息 (例如寻呼通告消息) : 中继寻呼控制器、 本地寻呼控制器、 基站; 中继寻呼控制器向以下网元中的一个或多个发送的 消息 (例如寻呼通告消息) : 此中继寻呼控制器的下一个寻呼控制器、 本地 寻呼控制器、基站;本地寻呼控制器向基站发送的消息(例如寻呼通告消息) , 基站在空中接口发送的消息 (例如寻呼广播消息) 。  At least one of the following messages involved in the flow of the paging process carries the indication information (preferably, the indication information herein is the reason information of the paging): anchoring the paging controller to the following network element One or more transmitted messages (eg, paging announcement messages): a relay paging controller, a local paging controller, a base station; a message sent by the relay paging controller to one or more of the following network elements ( For example, a paging announcement message): a next paging controller of the relay paging controller, a local paging controller, a base station; a message sent by the local paging controller to the base station (eg, a paging announcement message), the base station is A message sent by the air interface (such as a paging broadcast message).
指示信息包含以下信息中至少一个: 进行位置更新, 终端退出空闲状态, 终端进行网络重入, 对终端发起寻呼, 对终端进行重鉴权, 有下行数据发送 给终端。 典型的指示信息是对终端进行重鉴权。 The indication information includes at least one of the following information: performing a location update, and the terminal exits the idle state, The terminal performs network re-entry, initiates paging to the terminal, re-authenticates the terminal, and sends downlink data to the terminal. A typical indication is to re-authenticate the terminal.
实施例二: Embodiment 2:
实施例二中釆用终端位置更新流程对终端重鉴权进行触发。  In the second embodiment, the terminal re-authentication right is triggered by the terminal location update process.
触发空闲状态的终端进行重鉴权的方法包括: 锚定鉴权器需要对处于空 闲状态下的终端进行重鉴权时, 将指示信息发送至锚定寻呼控制器, 锚定寻 呼控制器从锚定鉴权器获知用于触发重鉴权的指示信息后, 利用终端位置更 新流程指示终端退出空闲状态, 终端在退出空闲状态后在重新接入网络的过 程中进行(重)鉴权。 在本实施例中, 指示信息是用于触发重鉴权的指示信 息。  The method for triggering the re-authentication of the terminal in the idle state includes: the anchor authenticator needs to send the indication information to the anchor paging controller when re-authenticating the terminal in the idle state, and anchor the paging controller from After the anchor authenticator learns the indication information for triggering the re-authentication right, the terminal is used to indicate that the terminal exits the idle state by using the terminal location update procedure, and the terminal performs (re)authentication in the process of re-accessing the network after exiting the idle state. In this embodiment, the indication information is indication information for triggering re-authentication.
锚定寻呼控制器在发送位置更新响应消息 (图 2的步骤 205 )之前收到 锚定鉴权器发送的指示信息 (如图 3所示的锚定鉴权器向锚定寻呼控制器发 送指示信息的示意图) 。 例如, 在图 2步骤 205之前, 从锚定鉴权器发送的 消息中获知所述指示信息后, 锚定寻呼控制器利用位置更新流程, 发送指示 信息给空闲状态的终端, 以指示终端退出空闲状态; 或者; 在图 2步骤 205 之前, 从锚定数据通道功能转发的消息中获知所述指示信息后, 锚定寻呼控 制器利用位置更新流程, 发送指示信息给空闲状态的终端, 以指示终端退出 空闲状态; 或者, 在图 2步骤 204中, 锚定寻呼控制器在从锚定鉴权器获取 鉴权密钥上下文的过程中获知所述指示信息, 锚定寻呼控制器利用位置更新 流程, 发送指示信息给空闲状态的终端, 以指示终端退出空闲状态。  The anchor paging controller receives the indication information sent by the anchor authenticator before transmitting the location update response message (step 205 of FIG. 2) (the anchor authenticator to the anchor paging controller as shown in FIG. 3) Send a schematic of the instructions). For example, before the step 205 of FIG. 2, after the indication information is obtained from the message sent by the anchor authenticator, the anchor paging controller uses the location update procedure to send the indication information to the terminal in the idle state to indicate that the terminal exits. The idle state; or; before the step 205 of FIG. 2, after the indication information is obtained from the message forwarded by the anchor data channel function, the anchor paging controller uses the location update process to send the indication information to the terminal in the idle state, Instructing the terminal to exit the idle state; or, in step 204 of FIG. 2, the anchor paging controller learns the indication information in the process of obtaining the authentication key context from the anchor authenticator, and the anchor paging controller utilizes The location update process sends an indication message to the terminal in the idle state to instruct the terminal to exit the idle state.
在终端位置更新过程的流程中涉及的下述各消息中至少之一携带所述指 示信息: 锚定寻呼控制器向以下网元中的一个或多个发送的消息 (例如位置 更新响应消息) : 中继寻呼控制器、 本地寻呼控制器、 服务基站; 中继寻呼 控制器向下一个中继寻呼控制器和 /或本地寻呼控制器发送的消息 (例如位置 更新响应消息) , 本地寻呼控制器向终端所在的服务基站发送的消息 (例如 位置更新响应消息) , 服务基站向终端发送的消息 (例如测距响应消息) 。  At least one of the following messages involved in the flow of the terminal location update procedure carries the indication information: a message that the anchor paging controller sends to one or more of the following network elements (eg, a location update response message) : a relay paging controller, a local paging controller, a serving base station; a message sent by the relay paging controller to a next paging paging controller and/or a local paging controller (eg, a location update response message) a message sent by the local paging controller to the serving base station where the terminal is located (for example, a location update response message), and a message sent by the serving base station to the terminal (for example, a ranging response message).
指示信息包含以下信息中至少一个: 终端退出空闲状态, 终端进行网络 重入, 对终端发起寻呼, 对终端进行重鉴权, 有下行数据发送给终端, 位置 更新结果。 典型的指示信息是对终端进行重鉴权。 The indication information includes at least one of the following information: The terminal exits the idle state, and the terminal performs the network. Re-enter, initiate paging to the terminal, re-authenticate the terminal, and send downlink data to the terminal to update the location. A typical indication is to re-authenticate the terminal.
下面通过多个具体实施例说明本发明。 The invention is illustrated below by means of a number of specific examples.
具体实施例一:  Embodiment 1
具体实施例一详细描述实施例一中锚定鉴权器通过寻呼流程直接向锚定 寻呼控制器发起触发的过程。  DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS A process in which the anchor authenticator initiates a trigger directly to an anchor paging controller through a paging procedure in Embodiment 1 is described in detail.
如图 4所示, 具体实施例一包括以下步骤:  As shown in FIG. 4, the specific embodiment 1 includes the following steps:
步骤 401 , 锚定鉴权器向 Anchor PC/LR发送开始寻呼请求消息; 当锚定鉴权器发现需要对某个终端进行重鉴权时, 如果发现该终端处于 空闲模式, 则从该终端的上下文信息中找到该终端的 Anchor PC/LR , 然后向 该终端的 Anchor PC/LR发送开始寻呼请求消息。  Step 401: The anchor authenticator sends a start paging request message to the Anchor PC/LR. When the anchor authenticator finds that a terminal needs to be re-authenticated, if the terminal is found to be in an idle mode, the terminal is The Anchor PC/LR of the terminal is found in the context information, and then a Start Page Request message is sent to the Anchor PC/LR of the terminal.
优选地, 只有授权对该终端进行寻呼时, Anchor Authenticator才发送开 始寻呼请求消息给终端的 Anchor PC/LR。  Preferably, the Anchor Authenticator sends a Start Page Request message to the Anchor PC/LR of the terminal only when the terminal is authorized to page.
优选地, 开始寻呼请求消息中携带有如下信息至少之一: 终端的标识信 息、 寻呼的原因信息; 进一步地, 其中终端的标识信息为需要重鉴权的终端 的标识。 寻呼的原因为如下至少之一: 进行位置更新、 终端退出空闲状态, 终端进行网络重入, 对终端发起寻呼, 对终端进行重鉴权, 有下行数据发送 给终端。  Preferably, the start paging request message carries at least one of the following information: the identification information of the terminal, the reason information of the paging; and further, wherein the identification information of the terminal is an identifier of the terminal that needs to be re-authenticated. The reason for the paging is at least one of the following: performing location update, the terminal exiting the idle state, the terminal performing network re-entry, paging the terminal, re-authenticating the terminal, and transmitting downlink data to the terminal.
步骤 402 , Anchor PC/LR向锚定鉴权器发送开始寻呼响应消息。  Step 402: The Anchor PC/LR sends a start paging response message to the anchor authenticator.
Anchor PC/LR 收到锚定鉴权器发送的开始寻呼请求消息后, Anchor PC/LR向锚定鉴权器发送开始寻呼响应消息; 开始寻呼响应消息作用包括以 下两个方面: 确认 Anchor PC/LR保存的终端信息是否正确, 确认是否授权对 该终端进行寻呼操作。  After the Anchor PC/LR receives the start page request message sent by the anchor authenticator, the Anchor PC/LR sends a start page response message to the anchor authenticator; the start of the page response message includes the following two aspects: Whether the terminal information saved by the Anchor PC/LR is correct, confirm whether the terminal is authorized to perform paging operations.
步骤 403-406对应于图 1中的步骤 104至 107。  Steps 403-406 correspond to steps 104 through 107 in Fig. 1.
步骤 403和 404的寻呼通告消息和步骤 405中的寻呼广播消息中至少之 一携带寻呼原因信息。 锚定鉴权器和 Anchor PC/LR位于同一物理实体中时,上述步骤 401和 402 为内部交互。 At least one of the paging announcement message of steps 403 and 404 and the paging broadcast message of step 405 carries paging cause information. When the anchor authenticator and the Anchor PC/LR are located in the same physical entity, the above steps 401 and 402 are internal interactions.
具体实施例二: Specific embodiment 2:
具体实施例二详细描述实施例一中锚定鉴权器通过寻呼流程间接经由 DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS In detail, in Embodiment 1, the anchor authenticator is indirectly passed through the paging process.
Anchor DPF/FA向锚定寻呼控制器发起触发的过程。 The process by which the Anchor DPF/FA initiates a trigger to the anchor paging controller.
如图 5所示, 包括以下步骤:  As shown in Figure 5, the following steps are included:
步骤 501 , 锚定鉴权器向 Anchor DPF/FA发送开始寻呼请求消息; 当锚定鉴权器发现需要对某个终端进行重鉴权时, 如果发现该终端处于 空闲模式, 则从该终端的上下文信息中找到该终端的 Anchor DPF/FA驻留的 ASN-GW ID (也称为 Anchor ASN GW ID ) , 然后向该 ASN GW ID发送开始 寻呼请求消息。  Step 501: The anchor authenticator sends a start paging request message to the Anchor DPF/FA. When the anchor authenticator finds that re-authentication is required for a terminal, if the terminal is found to be in an idle mode, the terminal is The ASN-GW ID (also called Anchor ASN GW ID) of the Anchor DPF/FA of the terminal is found in the context information, and then a Start Page Request message is sent to the ASN GW ID.
优选地, 只有授权对该终端进行寻呼时, Anchor Authenticator才发送开 始寻呼请求消息给终端的 Anchor DPF/FA。  Preferably, the Anchor Authenticator sends a Start Paging Request message to the Anchor DPF/FA of the terminal only when the terminal is authorized to page.
优选地, 开始寻呼请求消息中携带有如下信息至少之一: 终端的标识信 息、 寻呼的原因信息; 进一步地, 其中终端的标识信息为需要重鉴权的终端 的标识。 寻呼的原因为如下至少之一: 进行位置更新、 终端退出空闲状态, 终端进行网络重入, 对终端发起寻呼, 对终端进行重鉴权, 有下行数据发送 给终端。  Preferably, the start paging request message carries at least one of the following information: the identification information of the terminal, the reason information of the paging; and further, wherein the identification information of the terminal is an identifier of the terminal that needs to be re-authenticated. The reason for the paging is at least one of the following: performing location update, the terminal exiting the idle state, the terminal performing network re-entry, paging the terminal, re-authenticating the terminal, and transmitting downlink data to the terminal.
步骤 502 , Anchor DPF/FA向 Anchor PC/LR转发收到的开始寻呼请求消 息;  Step 502: The Anchor DPF/FA forwards the received start paging request message to the Anchor PC/LR.
当 Anchor DPF/FA收到锚定鉴权器发送的开始寻呼请求消息后, 如果发 现该终端处于空闲模式, 则从该终端的上下文信息中找到该终端的 Anchor PC/LR驻留的 ASN-GW ID (也称为 Anchor PC ID ) , 然后向该 ASN GW ID 发送开始寻呼请求消息。  After the Anchor DPF/FA receives the start paging request message sent by the anchor authenticator, if the terminal is found to be in the idle mode, the ASN of the Anchor PC/LR resident of the terminal is found from the context information of the terminal. The GW ID (also known as the Anchor PC ID) then sends a Start Page Request message to the ASN GW ID.
Anchor PC/LR收到 Anchor DPF/FA发送的开始寻呼请求消息后, Anchor PC/LR向 Anchor DPF/FA发送开始寻呼响应消息; 该消息作用为如下至少之 一: 确认 Anchor PC/LR保存的终端信息是否正确, 确认是否授权对该终端寻 呼。 After the Anchor PC/LR receives the start page request message sent by the Anchor DPF/FA, the Anchor PC/LR sends a start page response message to the Anchor DPF/FA; the message acts as follows: One: Confirm whether the terminal information saved by Anchor PC/LR is correct, and confirm whether to authorize paging of the terminal.
步骤 504, Anchor DPF/FA向锚定鉴权器转发收到的开始寻呼响应消息。 步骤 505-508与图 1中 104-107相同。  Step 504, the Anchor DPF/FA forwards the received start page response message to the anchor authenticator. Steps 505-508 are the same as 104-107 in Fig. 1.
步骤 505和 506的寻呼通告消息和步骤 507中的寻呼广播消息中至少之 一携带寻呼原因信息。  At least one of the paging announcement message of steps 505 and 506 and the paging broadcast message of step 507 carries paging cause information.
如果锚定鉴权器和 Anchor PC位于同一物理实体中,则无需步骤 501-504, 而且锚定鉴权器和锚定寻呼控制器之间的交互为内部交互; 如果锚定鉴权器 和 Anchor DPF/FA位于同一物理实体中时, 步骤 501和 504为内部交互; 如 果 Anchor PC/LR和 Anchor DP/FA位于同一物理实体中, 则步骤 502和步骤 503为内部交互。  If the anchor authenticator and the Anchor PC are in the same physical entity, then steps 501-504 are not required, and the interaction between the anchor authenticator and the anchor paging controller is an internal interaction; if the anchor authenticator and When the Anchor DPF/FA is in the same physical entity, steps 501 and 504 are internal interactions; if Anchor PC/LR and Anchor DP/FA are located in the same physical entity, then steps 502 and 503 are internal interactions.
具体实施例三: Specific embodiment 3:
具体实施例三详细描述实施例二中通过终端位置更新流程完成触发的过 程。 当锚定鉴权器需要对空闲模式下的终端进行重鉴权时, 发送指示信息给 锚定寻呼控制器, 锚定寻呼控制器通过终端位置更新流程指示终端退出空闲 模式在网络重入的过程中进行鉴权。  The third embodiment describes in detail the process of completing the triggering by the terminal location update process in the second embodiment. When the anchor authenticator needs to re-authenticate the terminal in the idle mode, the indication information is sent to the anchor paging controller, and the anchor paging controller instructs the terminal to exit the idle mode in the network re-entry through the terminal location update procedure. The process is authenticated.
从图 2可知, 现有的终端位置更新流程是用于终端触发位置更新之用。 但是这个流程可以进一步改动, 在位置更新的同时, 进一步发送其它指示信 息给终端用来指示终端退出空闲模式; 终端接收到对应的指示信息后, 进行 空闲模式退出, 在网络重入过程中对终端进行(重)鉴权。  As can be seen from FIG. 2, the existing terminal location update procedure is used for terminal trigger location update. However, the process may be further modified. At the same time as the location update, the terminal further sends other indication information to the terminal to indicate that the terminal exits the idle mode. After receiving the corresponding indication information, the terminal performs idle mode exit, and the terminal is in the network re-entry process. Perform (re)authentication.
当锚定鉴权器需要进行重鉴权时, 发送指示信息给锚定寻呼控制器; 即 锚定寻呼控制器在发送位置更新响应消息 (图 2的步骤 205 )之前收到锚定 鉴权器发送的指示信息(如图 4中步骤 401或图 5的步骤 502 ) , 或者在图 2 的步骤 204中从锚定鉴权获知指示信息。 锚定寻呼控制器通过位置更新流程 将指示信息通知到终端。 终端收到指示信息后, 退出空闲状态, 在重入网的 过程中进行(重)鉴权。  When the anchor authenticator needs to perform re-authentication, the indication information is sent to the anchor paging controller; that is, the anchor paging controller receives the anchor authentication before sending the location update response message (step 205 of FIG. 2) The indication information sent by the device (such as step 401 in FIG. 4 or step 502 in FIG. 5), or the indication information is obtained from the anchor authentication in step 204 of FIG. The anchor paging controller notifies the terminal of the indication information through the location update procedure. After receiving the indication information, the terminal exits the idle state and performs (re)authentication in the process of re-entering the network.
在步骤 205-207 的消息中至少之一包括上述指示信息, 指示信息是以下 信息中的至少一个: 终端退出空闲状态, 终端进行网络重入, 对终端发起寻 呼, 对终端进行重鉴权, 有下行数据发送给终端, 位置更新结果。 典型的指 示信息是对终端进行重鉴权。 At least one of the messages in steps 205-207 includes the above indication information, and the indication information is the following At least one of the information: the terminal exits the idle state, the terminal performs network re-entry, initiates paging to the terminal, re-authenticates the terminal, and sends downlink data to the terminal, and the location update result. A typical indication is to re-authenticate the terminal.
本发明还提供了一种触发空闲状态的终端进行下行数据接收的方法。 现 有技术中, 锚定数据通道功能有下行数据要发送给空闲状态的终端时, 一般 釆用寻呼流程使终端退出空闲状态后进行下行数据的接收。 如图 1所示, 寻 呼流程中寻呼控制器 (锚定寻呼控制、 中继寻呼控制器和本地寻呼控制器中 的一个或多个) 向寻呼组中的大量基站发送寻呼通告消息, 而寻呼组收到寻 呼通道消息的大量基站通过空口发送寻呼广播消息去寻呼终端, 而终端位置 更新流程中, 只需要终端与当前优选基站进行通讯即可。 所以, 本发明釆用 终端位置更新流程触发空闲状态的终端退出空闲状态以进行下行数据接收, 可以节省了网络侧和空口资源的开销。 The present invention also provides a method for triggering downlink data reception by a terminal that triggers an idle state. In the prior art, when the anchor data channel function has downlink data to be sent to the idle state terminal, the paging process is generally used to enable the terminal to exit the idle state and then receive the downlink data. As shown in FIG. 1, the paging controller (one or more of the anchor paging control, the relay paging controller, and the local paging controller) in the paging process sends a search to a large number of base stations in the paging group. The paging message is sent, and a large number of base stations that receive the paging channel message by the paging group send the paging broadcast message to the paging terminal through the air interface, and in the terminal location update process, only the terminal needs to communicate with the current preferred base station. Therefore, the terminal in the terminal location update process triggers the idle state to exit the idle state for downlink data reception, which can save the network side and air interface resource overhead.
本发明中, 锚定数据通道功能有下行数据要发送给终端时, 利用位置更 新流程指示终端退出空闲模式以接收下行数据。 此方法具体包括: 锚定数据 通道功能有下行数据需要下发至终端时,将指示信息发送至锚定寻呼控制器, 锚定寻呼控制器触发空闲状态的终端退出空闲状态以进行下行数据的接收。  In the present invention, when the anchor data channel function has downlink data to be sent to the terminal, the location update process is used to instruct the terminal to exit the idle mode to receive the downlink data. The method specifically includes: anchoring the data channel function, when the downlink data needs to be sent to the terminal, sending the indication information to the anchor paging controller, and the anchor paging controller triggers the idle state terminal to exit the idle state to perform downlink data. Reception.
本方法中, 指示消息是用于触发接收下行数据的指示消息。  In the method, the indication message is an indication message for triggering receiving downlink data.
从图 2可知, 现在位置更新流程是用于终端触发位置更新用的。 但是这 个流程可以进一步改动, 在位置更新的同时, 进一步用来指示有下行数据发 送给终端。 终端接收到对应的指示后退出空闲模式, 终端退出空闲模式, 即 重新入网后, 就可以接收下行数据。  As can be seen from Figure 2, the location update process is now used for terminal trigger location update. However, this process can be further modified to further indicate that downlink data is sent to the terminal while the location is being updated. After receiving the corresponding indication, the terminal exits the idle mode, and the terminal exits the idle mode, that is, after re-entering the network, the downlink data can be received.
当 Anchor DP/FA有数据要发送给终端时,发送指示信息给锚定寻呼控制 器; 即锚定寻呼控制器在发送位置更新响应消息 (图 2的步骤 205 )之前收 到锚定数据通道发送的指示信息 (如图 1 中步骤 102 ) , 锚定寻呼控制器可 以通过位置更新流程将指示信息通知到终端; 终端收到指示信息后, 退出空 闲模式, 然后终端重新进入网络接收下行数据。  When the Anchor DP/FA has data to send to the terminal, the indication information is sent to the anchor paging controller; that is, the anchor paging controller receives the anchor data before transmitting the location update response message (step 205 of FIG. 2). The indication information sent by the channel (step 102 in FIG. 1), the anchor paging controller may notify the terminal to the terminal through the location update process; after receiving the indication information, the terminal exits the idle mode, and then the terminal re-enters the network to receive the downlink. data.
在终端位置更新过程的流程中涉及的下述各消息中至少之一携带所述指 示信息: 锚定寻呼控制器向以下网元中的一个或多个发送的消息 (例如位置 更新响应消息) : 中继寻呼控制器、 本地寻呼控制器、 服务基站; 中继寻呼 控制器向下一个中继寻呼控制器和 /或本地寻呼控制器发送的消息(例如位置 更新响应消息),本地寻呼控制器向所述终端所在的服务基站发送的消息 (例 如位置更新响应消息) , 服务基站向所述终端发送的消息 (例如测距响应消 息) 。 即在步骤 205-207的消息中至少之一包括上述指示消息。 At least one of the following messages involved in the flow of the terminal location update process carries the finger Information: Anchoring a message sent by the paging controller to one or more of the following network elements (eg, location update response message): relay paging controller, local paging controller, serving base station; relay paging A message sent by the controller to the next relay paging controller and/or the local paging controller (eg, a location update response message), a message sent by the local paging controller to the serving base station where the terminal is located (eg, location update) Response message), a message sent by the serving base station to the terminal (eg, a ranging response message). That is, at least one of the messages in steps 205-207 includes the above indication message.
指示信息是以下信息中至少一个: 终端退出空闲状态, 终端进行网络重 入, 对终端发起寻呼, 对终端进行重鉴权, 有下行数据发送给终端, 位置更 新结果。 典型的指示信息是有下行数据发送给终端。  The indication information is at least one of the following information: The terminal exits the idle state, the terminal performs network re-entry, initiates paging to the terminal, re-authenticates the terminal, and sends downlink data to the terminal to update the location. A typical indication message is that downlink data is sent to the terminal.
在上述发明的方法和实施例中, Anchor DPF和 Anchor DF的功能是等价 的。 In the method and embodiment of the above invention, the functions of the Anchor DPF and the Anchor DF are equivalent.
以上所述仅为本发明的优选实施例而已, 并不用于限制本发明, 对于本 领域的技术人员来说, 本发明可以有各种更改和变化。 凡在本发明的精神和 原则之内, 所作的任何修改、 等同替换、 改进等, 均应包含在本发明的保护 范围之内。  The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.
工业实用性 Industrial applicability
本发明提供的种在终端处空闲状态时由网络侧实体发起对终端的重鉴权 的方法, 釆用寻呼流程和终端的位置更新流程两种方式实现, 相比现有技术, 提供了一种新的进行重鉴权的实现方案。  The invention provides a method for initiating re-authentication of a terminal by a network-side entity when the terminal is in an idle state, which is implemented by using a paging process and a location update process of the terminal, and provides a method compared with the prior art. A new implementation scheme for re-authentication.

Claims

权 利 要 求 书 Claim
1、 一种触发空闲状态的终端进行重鉴权的方法, 包括:  A method for triggering a re-authentication of a terminal that triggers an idle state, including:
锚定鉴权器判断需要对处于空闲状态的终端进行重鉴权时, 发送指示信 息至锚定寻呼控制器; 以及  The anchor authenticator determines that it is necessary to send the indication information to the anchor paging controller when re-authenticating the terminal in the idle state;
所述锚定寻呼控制器通知所述处于空闲状态的终端退出空闲状态。  The anchor paging controller notifies the terminal in the idle state to exit the idle state.
2、 如权利要求 1所述的方法, 还包括:  2. The method of claim 1 further comprising:
所述处于空闲状态的终端在退出空闲状态后的网络重入中, 进行重鉴 权。  The terminal in the idle state performs re-authentication in the network reentry after exiting the idle state.
3、 如权利要求 1所述的方法, 其中,  3. The method of claim 1, wherein
所述锚定寻呼控制器通知所述处于空闲状态的终端退出空闲状态的步骤 为: 所述锚定寻呼控制器通过寻呼流程通知所述处于空闲状态的终端退出空 闲状态。  The anchor paging controller notifies the terminal in the idle state to exit the idle state: the anchor paging controller notifies the terminal in the idle state to exit the idle state through the paging procedure.
4、如权利要求 3所述的方法, 在所述锚定寻呼控制器通过寻呼流程通知 所述处于空闲状态的终端退出空闲状态的步骤之前, 所述方法还包括: 所述 锚定寻呼控制器从所述锚定鉴权器发送的消息中获知所述指示信息 , 或者 , 从锚定数据通道功能转发的消息中获知所述指示消息。  4. The method of claim 3, before the step of the anchor paging controller notifying the terminal in an idle state to exit an idle state by a paging procedure, the method further comprising: the anchor seeking The call controller learns the indication information from a message sent by the anchor authenticator, or learns the indication message from a message forwarded by the anchor data channel function.
5、 如权利要求 4所述的方法, 其中,  5. The method of claim 4, wherein
所述锚定寻呼控制器通过寻呼流程通知所述处于空闲状态的终端退出空 闲状态的过程中涉及的下述消息中至少之一携带所述指示信息:  The anchor paging controller notifies at least one of the following messages involved in the process of the idle state exiting the idle state by the paging procedure to carry the indication information:
所述锚定寻呼控制器向以下网元中的一个或多个发送的消息: 中继寻呼 控制器、 本地寻呼控制器以及基站;  The anchor paging controller sends a message to one or more of the following network elements: a relay paging controller, a local paging controller, and a base station;
所述中继寻呼控制器向以下网元中的一个或多个发送的消息: 所述中继 寻呼控制器的下一个寻呼控制器、 所述本地寻呼控制器以及所述基站;  The relay paging controller sends a message to one or more of the following network elements: a next paging controller of the relay paging controller, the local paging controller, and the base station;
所述本地寻呼控制器向所述基站发送的消息; 以及  a message sent by the local paging controller to the base station;
所述基站在空中接口发送的消息。  The message sent by the base station over the air interface.
6、 如权利要求 1所述的方法, 其中,  6. The method of claim 1, wherein
所述锚定寻呼控制器通知所述处于空闲状态的终端退出空闲状态的步骤 为: 所述锚定寻呼控制器通过终端位置更新流程通知所述处于空闲状态的终 端退出空闲状态。 The anchor paging controller notifies the terminal in the idle state to exit the idle state The anchor paging controller notifies the terminal in the idle state to exit the idle state by using the terminal location update procedure.
7、如权利要求 6所述的方法, 在所述锚定寻呼控制器通过终端位置更新 流程通知所述处于空闲状态的终端退出空闲状态的步骤之前, 所述方法还包 括:  The method of claim 6, wherein before the step of the anchor paging controller notifying the terminal in the idle state to exit the idle state by the terminal location update procedure, the method further includes:
所述锚定寻呼控制器从所述锚定鉴权器发送的消息中获知所述指示信 息; 或者,  The anchor paging controller learns the indication information from a message sent by the anchor authenticator; or
从锚定数据通道功能转发的消息中获知所述指示信息; 或者,  Obtaining the indication information from a message forwarded by the anchor data channel function; or
在从所述锚定鉴权器获取鉴权密钥上下文的过程中获知所述指示信息。  The indication information is learned in the process of obtaining an authentication key context from the anchor authenticator.
8、 如权利要求 6所述的方法, 其中, 8. The method of claim 6, wherein
所述终端位置更新流程中涉及的下述各消息至少之一携带所述指示信 息: 所述锚定寻呼控制器向以下网元中的一个或多个发送的消息: 中继寻呼 控制器、 本地寻呼控制器、 服务基站;  At least one of the following messages involved in the terminal location update procedure carries the indication information: the anchor paging controller sends a message to one or more of the following network elements: a relay paging controller , local paging controller, serving base station;
所述中继寻呼控制器向下一个中继寻呼控制器和 /或所述本地寻呼控制 器发送的消息;  The relay paging controller sends a message to the next paging paging controller and/or the local paging controller;
所述本地寻呼控制器向所述终端所在的所述服务基站发送的消息; 以及 所述服务基站向所述终端发送的消息。  a message sent by the local paging controller to the serving base station where the terminal is located; and a message sent by the serving base station to the terminal.
9、 如权利要求 1至 8中任一项所述的方法, 其中,  The method according to any one of claims 1 to 8, wherein
所述指示信息是以下信息中至少之一: 进行位置更新, 终端退出空闲状 态, 终端进行网络重入, 对终端发起寻呼, 对终端进行重鉴权, 有下行数据 发送给终端以及位置更新结果。  The indication information is at least one of the following information: performing location update, the terminal exiting the idle state, the terminal performs network re-entry, initiates paging to the terminal, re-authenticates the terminal, and sends downlink data to the terminal and the location update result. .
10、 一种触发空闲状态的终端进行下行数据接收的方法, 包括: 锚定数据通道功能有下行数据需要下发至处于空闲状态的终端时, 发送 指示信息至锚定寻呼控制器; 以及  10. A method for receiving downlink data reception by a terminal that triggers an idle state, comprising: an anchor data channel function, when downlink data needs to be sent to a terminal in an idle state, sending indication information to an anchor paging controller;
所述锚定寻呼控制器通知所述处于空闲状态的终端退出空闲状态。  The anchor paging controller notifies the terminal in the idle state to exit the idle state.
11、 如权利要求 10所述的方法, 还包括:  11. The method of claim 10, further comprising:
所述处于空闲状态的终端退出空闲状态后, 在网络重入后进行下行数据 的接收。 After the terminal in the idle state exits the idle state, the downlink data is performed after the network is re-entered. Reception.
12、 如权利要求 10所述的方法, 其中,  12. The method of claim 10, wherein
所述锚定寻呼控制器通知所述处于空闲状态的终端退出空闲状态的步骤 为: 所述锚定寻呼控制器通过终端位置更新流程通知所述处于空闲状态的终 端退出空闲状态, 以进行下行数据的接收。  And the step of the anchor paging controller notifying that the terminal in the idle state exits the idle state is: the anchor paging controller notifying, by the terminal location update procedure, that the terminal in the idle state exits the idle state, to perform Reception of downlink data.
13、 如权利要求 12所述的方法, 其中,  13. The method of claim 12, wherein
所述终端位置更新流程中涉及的下述各消息至少之一携带所述指示信 息: 所述锚定寻呼控制器向以下网元中的一个或多个发送的消息: 中继寻呼 控制器、 本地寻呼控制器、 服务基站;  At least one of the following messages involved in the terminal location update procedure carries the indication information: the anchor paging controller sends a message to one or more of the following network elements: a relay paging controller , local paging controller, serving base station;
所述中继寻呼控制器向下一个中继寻呼控制器和 /或所述本地寻呼控制 器发送的消息;  The relay paging controller sends a message to the next paging paging controller and/or the local paging controller;
所述本地寻呼控制器向所述终端所在的所述服务基站发送的消息; 以及 所述服务基站向所述终端发送的消息。  a message sent by the local paging controller to the serving base station where the terminal is located; and a message sent by the serving base station to the terminal.
14、 如权利要求 10至 13中任一项所述的方法, 其中,  The method according to any one of claims 10 to 13, wherein
所述指示信息是以下信息中至少之一: 终端退出空闲状态, 终端进行网 络重入, 对终端发起寻呼, 对终端进行重鉴权, 有下行数据发送给终端以及 位置更新结果。  The indication information is at least one of the following information: The terminal exits the idle state, the terminal performs network re-entry, initiates paging to the terminal, re-authenticates the terminal, and sends downlink data to the terminal and the location update result.
PCT/CN2010/077595 2010-02-12 2010-10-08 Method for triggering re-authentication of terminal in idle state WO2011097890A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201010114505.2A CN102158862B (en) 2010-02-12 2010-02-12 A kind of terminal triggering idle condition carries out the method for discrimination weight
CN201010114505.2 2010-02-12

Publications (1)

Publication Number Publication Date
WO2011097890A1 true WO2011097890A1 (en) 2011-08-18

Family

ID=44367202

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/077595 WO2011097890A1 (en) 2010-02-12 2010-10-08 Method for triggering re-authentication of terminal in idle state

Country Status (2)

Country Link
CN (1) CN102158862B (en)
WO (1) WO2011097890A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2783597C2 (en) * 2018-01-08 2022-11-15 Хуавей Текнолоджиз Ко., Лтд. Method for key update and device
US11595206B2 (en) 2018-01-08 2023-02-28 Huawei Technologies Co., Ltd. Key update method and apparatus

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018053704A1 (en) * 2016-09-21 2018-03-29 富士通株式会社 Downlink data transmission method and device, and communication system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1960567A (en) * 2005-11-03 2007-05-09 华为技术有限公司 Communication method for terminal to enter to and exit from idle mode
US20080268871A1 (en) * 2007-04-26 2008-10-30 Samsung Electronics Co.,Ltd. System and method for providing location based services in a mobile communication system
CN101459869A (en) * 2007-12-10 2009-06-17 华为技术有限公司 Method and system for uploading position information
CN101635925A (en) * 2008-07-21 2010-01-27 中兴通讯股份有限公司 Redistribution method of anchoring paging controller and anchoring authentication device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101076179B (en) * 2006-05-20 2010-04-14 中兴通讯股份有限公司 Method for improving system performance in mobile wideband wireless access system
CN101400154B (en) * 2007-09-27 2013-08-07 中兴通讯股份有限公司 Method for triggering network withdraw of mobile terminal by network side under WIMAX idle mode
CN101426235A (en) * 2007-11-01 2009-05-06 华为技术有限公司 Method, apparatus and system for network reentry by user terminal

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1960567A (en) * 2005-11-03 2007-05-09 华为技术有限公司 Communication method for terminal to enter to and exit from idle mode
US20080268871A1 (en) * 2007-04-26 2008-10-30 Samsung Electronics Co.,Ltd. System and method for providing location based services in a mobile communication system
CN101459869A (en) * 2007-12-10 2009-06-17 华为技术有限公司 Method and system for uploading position information
CN101635925A (en) * 2008-07-21 2010-01-27 中兴通讯股份有限公司 Redistribution method of anchoring paging controller and anchoring authentication device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2783597C2 (en) * 2018-01-08 2022-11-15 Хуавей Текнолоджиз Ко., Лтд. Method for key update and device
US11595206B2 (en) 2018-01-08 2023-02-28 Huawei Technologies Co., Ltd. Key update method and apparatus

Also Published As

Publication number Publication date
CN102158862A (en) 2011-08-17
CN102158862B (en) 2015-09-16

Similar Documents

Publication Publication Date Title
US8914005B2 (en) Method and system for network logout of a mobile station in idle mode
KR101282285B1 (en) System and method to provide location based services in a mobile communication system
WO2007051423A1 (en) Communication method and system for terminal entering and leaving idle mode
CN110022206B (en) Method and device for updating key
WO2011023052A1 (en) Handover method and handover apparatus
WO2013127122A1 (en) Method and system for triggering mtc device
WO2007048343A1 (en) Method and device for managing information of a terminal exited from idle mode
CN102752725B (en) Event notification method, terminal equipment and certificate server
WO2007128241A1 (en) A method for initiating mobile terminals to enter an idle mode by network side in a wireless metropolitan area network
WO2007128240A1 (en) Method for the terminals in wireless man to enter idle mode
CN102783218A (en) Method and apparatus for redirecting data traffic
WO2011127774A1 (en) Method and apparatus for controlling mode for user terminal to access internet
JP2016501488A (en) Group authentication in broadcast for MTC group of UE
KR20180124076A (en) System and method for relaying data over a communication network
WO2007093129A1 (en) Method and system for accelerating page accessing in the wide band wireless system
CN101400154B (en) Method for triggering network withdraw of mobile terminal by network side under WIMAX idle mode
CN100450295C (en) Method of controlling position renewing
WO2007107104A1 (en) A system and method for a terminal processing indication and a method and apparatus and system for a terminal processing
JP4875679B2 (en) Method and device for establishing security associations and performing handoff authentication in a communication system
KR101583109B1 (en) Method and apparatus to facilitate network processes
CN101047710B (en) Method for implementing terminal denetwork at agent mobile network protocol
CN108924831B (en) Terminal verification method and device
WO2011097890A1 (en) Method for triggering re-authentication of terminal in idle state
CN101047946B (en) Network reaccess procedure leaded by network
WO2007109995A1 (en) Method for a terminal to quit a network and mobile communication system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10845560

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10845560

Country of ref document: EP

Kind code of ref document: A1