WO2013000214A1 - Access control method and system for mtc device - Google Patents

Access control method and system for mtc device Download PDF

Info

Publication number
WO2013000214A1
WO2013000214A1 PCT/CN2011/080994 CN2011080994W WO2013000214A1 WO 2013000214 A1 WO2013000214 A1 WO 2013000214A1 CN 2011080994 W CN2011080994 W CN 2011080994W WO 2013000214 A1 WO2013000214 A1 WO 2013000214A1
Authority
WO
WIPO (PCT)
Prior art keywords
mtc
server
mtc server
mtc device
connect
Prior art date
Application number
PCT/CN2011/080994
Other languages
French (fr)
Chinese (zh)
Inventor
马景旺
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2013000214A1 publication Critical patent/WO2013000214A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/086Access security using security domains
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/70Services for machine-to-machine communication [M2M] or machine type communication [MTC]

Definitions

  • the present invention relates to the field of Machine Type Communication (MTC), and in particular, to an access control method and system for an MTC device.
  • MTC Machine Type Communication
  • GSM Global System of Mobile communication
  • CDMA Code Division Multiple Access
  • WCDMA Wideband Code Division Multiple Access
  • TD-SCDMA Time Division Synchronization Code Wireless communication systems
  • TD-SCDMA Time Division-Synchronous Code Division Multiple Access
  • LTE Long Term Evolution
  • CN Core Network
  • Radio Access Radio Access
  • Network Network, RAN) and terminal components, wherein the core network is responsible for non-access stratum transactions, such as terminal location update, and is an anchor point of the user plane; the access network includes a base station or a base station and a base station controller, and the access network is responsible for receiving Incoming layer transactions (such as management of radio resources); there may be physical or logical connections between base stations according to actual conditions, and each base station may be connected to one or more core network nodes.
  • a terminal and user equipment (UE) are various devices that can communicate with a cellular wireless communication network, such as a mobile phone.
  • the existing cellular communication network can further support the MTC service in order to meet other requirements.
  • the communication between the MTC devices is independently performed by the MTC device, and no one needs to be required. Participation.
  • An MTC device is generally composed of a sensing device module (such as a sensor), a communication module, and a power source.
  • the MTC device obtains data through its sensing device module, and then reports the data to the cellular communication network through the communication module, and accesses the public data network through the cellular communication network.
  • MTC business can be applied to logistics In the areas of monitoring, security detection, telemedicine detection, remote meter reading, etc.
  • the data reported by the MTC device can be managed by the cellular network operator or the MTC server of the MTC service operator, and the data is provided to the relevant MTC users.
  • MTC service operators can provide services for an industry (such as power companies, etc.) and MTC service organizations that provide services for multiple MTC users.
  • FIG. 1 is a schematic diagram of a network structure of a cellular communication network supporting MTC services.
  • the MTC device connects to the MTC server through the cellular communication network, and reports the data to the MTC server.
  • the MTC server may be located in the core network or in the public data network.
  • the MTC server is generally managed by the MTC service operator through the relevant communication protocol. Establish a connection with the relevant network element in the core network.
  • the MTC devices are respectively applied to different MTC service applications, and the data needs to be reported to the corresponding MTC server.
  • the MTC device is not connected to the MTC server.
  • the MTC device is connected to the MTC server that is not related to it, which causes the load of the MTC server to increase, which wastes system resources and reduces the efficiency of the MTC server.
  • the process of accessing the MTC server to the MTC server is not performed.
  • the restriction also poses a security threat. It is easy for an attacker to use an MTC device to attack an MTC server, resulting in the MTC server not working properly. Summary of the invention
  • the main object of the present invention is to provide an access control method and system for an MTC device, which can save system resources, improve the efficiency of the MTC server, and improve system security.
  • An access control method for a machine type communication (MTC) device including:
  • the MTC device connection control network element receives the access request of the MTC device, and the access request at least carries the MTC server information that the MTC device requests to connect;
  • the MTC device connection control network element determines whether the MTC server that the MTC device requests to connect is an MTC server that is allowed to connect, and determines that the MTC server that the MTC device requests to connect is an MTC server that is allowed to connect, and allows the MTC device to connect to the MTC server. And determining that the MTC server requested by the MTC device is not an MTC server that is allowed to connect, and rejecting the access request of the MTC device.
  • the MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
  • HSS Home Subscriber Server
  • HLR Home Subscriber Location Register
  • the MTC server is associated with the MTC subscription user, and then determines that the MTC server is an MTC server that the MTC device is allowed to connect to; the MTC server does not have an association relationship with the MTC subscription user, and the MTC server Not the MTC server that the MTC device is allowed to connect to.
  • the MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
  • the MTC server is the MTC server that the MTC device is allowed to connect to; the MTC server is not associated with the MTC subscription user, and the MTC server is not the MTC server that the MTC device is allowed to connect to.
  • the MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
  • the query message carries at least the MTC device information that initiates the access request and the MTC server information that the MTC device requests to connect;
  • the query result indicating that the MTC server is an MTC server associated with the MTC subscription user to which the MTC device belongs, and determining that the MTC server is an MTC server allowed to be connected by the MTC device
  • the query result indicates that the MTC server is not the MTC server associated with the MTC subscription user to which the MTC device belongs, and then determines that the MTC server is not the MTC server allowed to be connected by the MTC device.
  • the association setting information of the MTC subscription user and the MTC server is saved by the HSS or the HLR.
  • the method further includes:
  • the MTC device connection control network element establishes a connection between the MTC device and the MTC server.
  • the MTC device connection control network element is a gateway located in a core network, and the MTC server is located in a core network or a public data network.
  • An access control system for an MTC device including an MTC device connection control network element, an MTC device, and an MTC server;
  • the MTC device is connected to the control network element, and is configured to determine, after receiving the access request of the MTC device, whether the MTC server requested by the MTC device is an MTC server that is allowed to connect, and determine that the MTC server requests the MTC server to connect to Connected MTC server, And the MTC device is allowed to connect to the MTC server; if the MTC server that the MTC device requests to connect to is not the MTC server that is allowed to connect, the access request of the MTC device is rejected.
  • the system also includes HSS or HLR,
  • the MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
  • the MTC server is associated with the MTC subscription user, and then determines that the MTC server is an MTC server that the MTC device is allowed to connect to; the MTC server does not have an association relationship with the MTC subscription user, and the MTC server Not the MTC server that the MTC device is allowed to connect to.
  • the system also includes HSS or HLR,
  • the MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
  • the MTC server is the MTC server that the MTC device is allowed to connect to; the MTC server is not associated with the MTC subscription user, and the MTC server is not the MTC server that the MTC device is allowed to connect to.
  • the system also includes HSS or HLR,
  • the MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
  • the query message carries at least the MTC device information that initiates the access request and the MTC server information that the MTC device requests to connect;
  • the query result indicating that the MTC server is an MTC server associated with the MTC subscription user to which the MTC device belongs, and determining that the MTC server is an MTC server allowed to be connected by the MTC device
  • the query result indicates that the MTC server is not the MTC server associated with the MTC subscription user to which the MTC device belongs, and then determines that the MTC server is not the MTC server allowed to be connected by the MTC device.
  • the HSS or the HLR saves the association setting information of the MTC subscription user and the MTC server, and the MTC device connection control network element is further configured to establish, after the MTC device is allowed to connect to the MTC server, between the MTC device and the MTC server. connection.
  • the MTC device connection control network element is a gateway located in a core network, and the MTC server is located in a core network or a public data network.
  • the MTC device connection control network element determines whether the MTC server requested by the MTC device is the MTC that is allowed to connect.
  • the server determines that the MTC server that the MTC device requests to connect is the MTC server that is allowed to connect, and allows the MTC device to connect to the MTC server; determining that the MTC server that the MTC device requests to connect is not allowed
  • the connected MTC server rejects the access request of the MTC device.
  • the MTC device can only be connected to the licensed MTC server, so that the MTC device can be prevented from accessing the unrelated MTC server, thereby saving system resources and improving the efficiency of the MTC server, and the present invention accesses the MTC device.
  • the process of the MTC server is limited, which can reduce the risk of the MTC server being attacked and improve system security.
  • FIG. 1 is a schematic diagram of a network structure of a cellular communication network supporting MTC services
  • FIG. 2 is a schematic flowchart of an access control method of an MTC device according to an embodiment of the present invention
  • FIG. 3 is a schematic flowchart of an MTC device connection control network element determining whether an MTC server requested by an MTC device is an MTC server that is allowed to connect according to an embodiment of the present invention
  • FIG. 4 is a schematic flowchart of another MTC device connection control network element determining whether an MTC server connected to an MTC device request is an MTC server that is allowed to connect according to an embodiment of the present invention
  • FIG. 5 is a schematic flowchart of another MTC device connection control network element determining whether an MTC server connected to an MTC device request is an MTC server that is allowed to connect according to an embodiment of the present invention
  • FIG. 6 is a schematic structural diagram of an access control system of an MTC device according to the present invention.
  • FIG. 7 is a schematic structural diagram of an access control system of an MTC device according to an embodiment of the present invention
  • FIG. 8 is a schematic diagram of a connection between an MTC device and an MTC device access control network element according to an embodiment of the present invention
  • the basic idea of the present invention is: after receiving the access request of the MTC device, the MTC device connection control network element determines that the MTC server requested by the MTC device is an MTC server that is allowed to connect, and allows the MTC device to connect to the MTC server; If it is determined that the MTC server requested by the MTC device is not the MTC server that is allowed to connect, the access request of the MTC device is rejected.
  • 1 is a schematic flowchart of an access control method of an MTC device according to an embodiment of the present invention. As shown in FIG. 2, the method includes:
  • Step 201 The MTC device connection control network element receives an access request of the MTC device, and the access request carries at least the MTC server information that the MTC device requests to connect.
  • Step 202 The MTC device connection control network element determines whether the MTC server requested by the MTC device is an MTC server that is allowed to connect, and if yes, go to step 203; otherwise, go to step 204.
  • Step 203 Allow the MTC device to connect to the MTC server.
  • Step 204 Reject the access request of the MTC device.
  • FIG. 3 is a schematic flowchart of an MTC device connection control network element determining whether an MTC server requested by an MTC device is an MTC server that is allowed to connect, as shown in FIG. 3, where the process includes:
  • Step 1 The MTC device connection control network element sends a query message to the Home Subscriber Server (HSS) or the Home Location Register (HLR) in the core network, and the query message carries at least the request for initiating the access request.
  • MTC device information MTC device information
  • Step 2 The MTC device connection control network element receives the MTC subscription user information of the MTC device returned by the HSS or the HLR;
  • Step 3 The MTC device connection control network element sends an inquiry message to the HSS or the HLR, where the inquiry message carries at least the MTC subscription user information;
  • Step 4 The MTC device connection control network element receives the MTC server information associated with the MTC subscription user returned by the HSS or the HLR.
  • Step 5 The MTC device connection control network element determines whether the MTC server requested by the MTC device is associated with the MTC subscription user, that is, whether the MTC server requested by the MTC device is included in the MTC server information returned by the HSS or the HLR, if The MTC server is associated with the MTC subscription user, and the MTC server is allowed for the MTC device.
  • the connected MTC server if the MTC server does not have an associated relationship with the MTC subscription user, the MTC server is not the MTC server to which the MTC device is allowed to connect.
  • FIG. 4 is a schematic diagram of another MTC device connection control network element determining whether an MTC server connected to an MTC device request is an MTC server that is allowed to connect, as shown in FIG. 4, the process includes:
  • Step ⁇ The MTC device connection control network element sends an inquiry message to the HSS or the HLR, where the inquiry message carries at least the MTC device information that initiates the access request;
  • Step 2 The MTC device connection control network element receives the MTC server information that is returned from the HSS or the HLR and is associated with the MTC subscription user to which the MTC device belongs.
  • Step 3 The MTC device connection control network element determines whether the MTC server requested by the MTC device is associated with the MTC subscription user. If the MTC server is associated with the MTC subscription user, the MTC server is allowed for the MTC device. The connected MTC server; if the MTC server does not have an associated relationship with the MTC subscription user, the MTC server is not the MTC server to which the MTC device is allowed to connect.
  • FIG. 5 is a schematic diagram of another embodiment of the MTC device connection control network element determining whether the MTC server connected to the MTC device is an MTC server that is allowed to connect. As shown in FIG. 5, the process includes:
  • Step 1 The MTC device connection control network element sends an inquiry message to the HSS or the HLR, where the inquiry message carries at least the MTC device information that initiates the access request and the MTC server information that the MTC device requests to connect;
  • Step 2 The MTC device connection control network element receives the query result returned from the HSS or the HLR. If the query result indicates that the MTC server is the MTC server associated with the MTC subscription user to which the MTC device belongs, it is determined that the MTC server is the MTC server. The MTC server that the device is allowed to connect to; if the query result indicates that the MTC server is not the MTC server associated with the MTC subscription user to which the MTC device belongs, it is determined that the MTC server is not the MTC server. The MTC server to which the device is allowed to connect.
  • the MTC subscription user is associated with the MTC server, and the MTC server can connect with the MTC device of the MTC subscription user and obtain the data reported by the MTC device of the MTC subscription user.
  • the association setting information of the MTC subscription user and the MTC server may be saved in the HSS or the HLR in the core network; the MTC device connects the associated MTC server of the MTC subscription user obtained by the control network element from the HLR or the HSS.
  • the information can be the identity or address of the MTC server.
  • the MTC device connection control network element allows the MTC device to connect to the MTC server
  • the connection between the MTC device and the MTC server can be further established.
  • the MTC device connection control network element may be a gateway located in the core network, and the gateway serves as an access point of the core network and the MTC server located in the public data network, and the MTC device connects to the MTC through the gateway. server.
  • FIG. 6 is a schematic structural diagram of an access control system of an MTC device according to the present invention. As shown in FIG. 6, the system includes: an MTC device connection control network element. , MTC device, MTC server; among them,
  • the MTC device is connected to the control network element, and is configured to determine, after receiving the access request of the MTC device, whether the MTC server that the MTC device requests to connect is an MTC server that is allowed to connect, and determine that the MTC server requests the connected MTC server to be allowed.
  • the connected MTC server allows the MTC device to connect to the MTC server; and determines that the MTC server that the MTC device requests to connect to is not the MTC server that is allowed to connect, rejects the access request of the MTC device.
  • the system also includes HSS or HLR,
  • the MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
  • the MTC server is associated with the MTC subscription user, and then determines that the MTC server is an MTC server that the MTC device is allowed to connect to; the MTC server does not have an association relationship with the MTC subscription user, and the MTC server Not the MTC server that the MTC device is allowed to connect to.
  • the system also includes HSS or HLR,
  • the MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
  • the MTC server is associated with the MTC subscription user, and then determines that the MTC server is an MTC server that the MTC device is allowed to connect to; the MTC server does not have an association relationship with the MTC subscription user, and the MTC server Not the MTC server that the MTC device is allowed to connect to.
  • the system also includes HSS or HLR,
  • the MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
  • the query result indicating that the MTC server is an MTC server associated with the MTC subscription user to which the MTC device belongs, and determining that the MTC server is an MTC server allowed to be connected by the MTC device
  • the query result indicates that the MTC server is not the MTC server associated with the MTC subscription user to which the MTC device belongs, and then determines that the MTC server is not the MTC server allowed to be connected by the MTC device.
  • the MTC device is connected to the control network element, and is further configured to establish a connection between the MTC device and the MTC server after allowing the MTC device to connect to the MTC server.
  • the MTC device connection control network element is a gateway located in a core network, and the MTC server is located in a core network or a public data network.
  • the MTC server may be located in the core network or in the public data network.
  • the MTC device establishes a connection with the MTC server through the MTC device access control network element in the core network, where the MTC device can pass through the core network.
  • the network element is connected to the MTC access control network element.
  • the MTC device establishes a connection with the MTC access control network element through the GGSN/P-GW.
  • the MTC device access control network element functions as a gateway when the MTC device accesses the MTC server.
  • the MTC device access control network element and the MTC server located in the core network can communicate using the GPRS Tunneling Protocol (GTP) in the core network, and the MTC device access control network element and the MTC server located in the public data network. Communication can be performed using Network Domain Security/Internet Protocol (NDS/IP) or other communication protocols.
  • GTP GPRS Tunneling Protocol
  • NSS/IP Network Domain Security/Internet Protocol
  • the MTC subscription user is generally an industry organization or a merchant, etc., which can There are multiple MTC devices; the MTC subscription user needs to determine its own associated MTC server, and the MTC device of the subscription user is reported to the MTC server associated with the MTC subscription user; the MTC server can be managed by the MTC subscription user, and the MTC server is generally The MTC server of the MTC subscription user may also be an MTC server located in the core network. In this case, the MTC server is generally managed by the cellular communication network operator and provides services to the MTC subscription user.
  • the MTC subscription user and the cellular communication network operator sign a service agreement
  • the HSS/HLR of the home network of the MTC device registers the subscription information of the MTC device, and the subscription information may include the identifier of the MTC device (for example, the international mobile subscriber identity code) , referred to as IMSI), the information of the supported service capabilities, and the MTC subscribers to which it belongs; the HSS/HLR also stores the information of the MTC subscribers, including the information of the MTC server associated with the MTC subscribers.
  • IMSI international mobile subscriber identity code
  • the MTC device When the MTC device reports data, it needs to establish a connection between the radio access network and the MTC device access control network element in the core network, and then establish a connection between the MTC device access control network element and the MTC server, and further send the reported data to the relevant data.
  • MTC server In this embodiment, the MTC device can establish a connection with the MTC device access control network element through the packet service data service contact GGSN/P-GW in the core network.
  • Step 801 The MTC device sends, to the MTC device access control network element, request information for accessing the MTC server.
  • the request information includes the address or identifier of the MTC server that is requested to access.
  • Step 802 The MTC device access control network element obtains information about the MTC subscription user to which the MTC device belongs from the HLR/HSS.
  • the MTC device access control network element can be obtained from the HSS/HLR according to the identifier of the MTC device.
  • the information about the signing user of the MTC device, the information of the signing user may include the identifier of the signing user.
  • Step 803 The MTC device access control network element obtains information about the associated MTC server of the signing user from the HSS/HLR according to the identifier of the signing user. ;
  • the information of the associated MTC server may include the identifier and the address of the associated MTC server, etc.
  • Step 804 The MTC device access control network element determines whether the MTC server that the MTC device requests to access is an MTC server that is allowed to access; The MTC server performs the operation of step 805. If it is not the MTC server that is allowed to access, the operation of step 806 is performed.
  • the MTC device access control network element can determine whether the MTC server that the MTC device requests to access is the associated MTC server of the MTC subscription user to which the MTC device belongs; if the MTC server that the MTC device requests to access is the MTC subscription user to which the MTC device belongs The associated MTC server is the MTC server that is allowed to access, and vice versa, the MTC server is not allowed to access.
  • Step 805 The MTC device access control unit establishes a connection between the MTC device and the MTC server that is requested to access.
  • the MTC device After the MTC device establishes a connection with the MTC server that is requested to access, the MTC device sends the reported data to the MTC server.
  • Step 806 The MTC device access control unit rejects the request of the MTC device to access the MTC server.
  • the MTC device connection control network element can control the connection between the MTC device and the MTC server, so that the MTC device can establish a connection with the correct MTC server, and avoid the connection between the MTC device and the unrelated MTC server. It can avoid the load increase of the MTC server and the security threat of attacks from the MTC device.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Disclosed is an access control method for a machine type communication (MTC) device, comprising: after an MTC device connection control network element receives an access request from an MTC device, if it is judged that the MTC server requested by the MTC device to connect to is an MTC server that allows connection, then allow the MTC device to connect with the MTC server; and if it is judged that the MTC server requested by the MTC device to connect to is an MTC device that does not allow connection, then deny the access request from the MTC device. Also disclosed is an access control system for an MTC device. The MTC device of the present invention can only connect to the permitted MTC server, thereby preventing the MTC device from accessing an irrelevant MTC server, thus saving system resources and improving efficiency of the MTC server. In addition, in the present invention, the process of the MTC device accessing the MTC server is restricted, thereby reducing the risks of the MTC server being attacked, thus improving system security.

Description

一种 MTC设备的接入控制方法和系统 技术领域  Access control method and system for MTC device
本发明涉及机器类型通信 ( Machine Type Communication, MTC )领域, 尤其涉及一种 MTC设备的接入控制方法和系统。 背景技术  The present invention relates to the field of Machine Type Communication (MTC), and in particular, to an access control method and system for an MTC device. Background technique
蜂窝无线通信系统包括全球移动通讯系统 ( Global System of Mobile communication, GSM )、 码分多址 (Code Division Multiple Access, CDMA) , 宽带码分多址(Wideband Code Division Multiple Access, WCDMA )、 时分 同步码分多址 ( Time Division- Synchronous Code Division Multiple Access, TD-SCDMA )、 长期演进( Long Term Evolution, LTE )等无线通信系统, 其主要由核心网 ( Core Network, CN )、 接入网 ( Radio Access Network, RAN )和终端组成, 其中, 核心网负责非接入层事务, 例如终端位置更新 等, 并且是用户面的锚点; 接入网包括基站或者基站以及基站控制器, 接 入网负责接入层事务(例如无线资源的管理); 基站之间可以根据实际情况 存在物理或者逻辑上的连接, 并且每个基站可以和一个或者以上的核心网 节点连接。 终端及用户设备(User Equipment, UE )是指可以和蜂窝无线通 信网络进行通信的各种设备, 例如移动电话等。  Cellular wireless communication system includes Global System of Mobile communication (GSM), Code Division Multiple Access (CDMA), Wideband Code Division Multiple Access (WCDMA), Time Division Synchronization Code Wireless communication systems such as Time Division-Synchronous Code Division Multiple Access (TD-SCDMA) and Long Term Evolution (LTE), which are mainly composed of Core Network (CN) and Access Network (Radio Access). Network, RAN) and terminal components, wherein the core network is responsible for non-access stratum transactions, such as terminal location update, and is an anchor point of the user plane; the access network includes a base station or a base station and a base station controller, and the access network is responsible for receiving Incoming layer transactions (such as management of radio resources); there may be physical or logical connections between base stations according to actual conditions, and each base station may be connected to one or more core network nodes. A terminal and user equipment (UE) are various devices that can communicate with a cellular wireless communication network, such as a mobile phone.
现有的蜂窝通信网络除了支持人与人之间的通信外, 为了满足其他方 面的需求, 可以进一步支持 MTC业务, 在 MTC业务中, MTC设备之间的 通信由 MTC设备自主完成, 不需要人的参与。 MTC设备一般由感知设备 模块(例如传感器)、 通信模块和电源等组成。 在 MTC业务中, MTC设备 通过其感知设备模块获得数据, 然后通过通信模块将数据上报给蜂窝通信 网络, 并通过蜂窝通信网络接入到公共数据网。 MTC业务可以应用在物流 监控、 安全检测、 远程医疗检测、 远程抄表等领域, MTC设备上报的数据 可以由蜂窝网络运营商或者 MTC业务运营商的 MTC服务器进行管理, 并 将数据提供给有关 MTC用户。 MTC业务运营商可以为某行业的机构 (如 电力公司等)、 为多家 MTC用户提供服务的 MTC业务服务机构等。 In addition to supporting communication between people, the existing cellular communication network can further support the MTC service in order to meet other requirements. In the MTC service, the communication between the MTC devices is independently performed by the MTC device, and no one needs to be required. Participation. An MTC device is generally composed of a sensing device module (such as a sensor), a communication module, and a power source. In the MTC service, the MTC device obtains data through its sensing device module, and then reports the data to the cellular communication network through the communication module, and accesses the public data network through the cellular communication network. MTC business can be applied to logistics In the areas of monitoring, security detection, telemedicine detection, remote meter reading, etc., the data reported by the MTC device can be managed by the cellular network operator or the MTC server of the MTC service operator, and the data is provided to the relevant MTC users. MTC service operators can provide services for an industry (such as power companies, etc.) and MTC service organizations that provide services for multiple MTC users.
图 1为蜂窝通信网络支持 MTC业务的网络结构示意图, 如图 1所示, MTC设备通过蜂窝通信网络与 MTC服务器进行连接, 将数据上报给 MTC 服务器。 在网络结构中可以存在多个 MTC服务器, MTC服务器可以位于 核心网, 也可以位于公共数据网内; 当 MTC服务器位于公共数据网时, MTC服务器一般由 MTC业务运营商管理, 通过有关的通信协议与核心网 中的有关网元建立连接。  Figure 1 is a schematic diagram of a network structure of a cellular communication network supporting MTC services. As shown in Figure 1, the MTC device connects to the MTC server through the cellular communication network, and reports the data to the MTC server. There may be multiple MTC servers in the network structure. The MTC server may be located in the core network or in the public data network. When the MTC server is located in the public data network, the MTC server is generally managed by the MTC service operator through the relevant communication protocol. Establish a connection with the relevant network element in the core network.
在蜂窝通信系统内的大量 MTC设备中, MTC设备分别应用于不同的 MTC业务应用, 需要将数据上报给对应的 MTC服务器, 但是, 现有技术 中, 并未对 MTC设备接入 MTC服务器的过程进行限制, 所以, 如果 MTC 设备和与其不相关的 MTC服务器进行连接, 会导致该 MTC服务器的负载 增加, 浪费系统资源且会降低 MTC服务器的效率; 并且, 不对 MTC设备 接入 MTC服务器的过程进行限制也会带来安全威胁, 攻击者很容易使用 MTC设备对某一个 MTC服务器进行攻击,导致该 MTC服务器不能正常工 作。 发明内容  In a large number of MTC devices in a cellular communication system, the MTC devices are respectively applied to different MTC service applications, and the data needs to be reported to the corresponding MTC server. However, in the prior art, the MTC device is not connected to the MTC server. The MTC device is connected to the MTC server that is not related to it, which causes the load of the MTC server to increase, which wastes system resources and reduces the efficiency of the MTC server. Moreover, the process of accessing the MTC server to the MTC server is not performed. The restriction also poses a security threat. It is easy for an attacker to use an MTC device to attack an MTC server, resulting in the MTC server not working properly. Summary of the invention
有鉴于此,本发明的主要目的在于提供一种 MTC设备的接入控制方法 和系统, 能够节约系统资源、 提高 MTC服务器的效率、 提高系统安全性。  In view of this, the main object of the present invention is to provide an access control method and system for an MTC device, which can save system resources, improve the efficiency of the MTC server, and improve system security.
为达到上述目的, 本发明实施例的技术方案是这样实现的:  To achieve the above objective, the technical solution of the embodiment of the present invention is implemented as follows:
一种机器类型通信(MTC )设备的接入控制方法, 包括:  An access control method for a machine type communication (MTC) device, including:
MTC设备连接控制网元收到 MTC设备的接入请求, 所述接入请求至 少携带 MTC设备请求连接的 MTC服务器信息; MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服务器是 否为允许连接的 MTC服务器, 判定 MTC设备请求连接的 MTC服务器为 允许连接的 MTC服务器, 则允许所述 MTC设备连接所述 MTC服务器; 判定 MTC设备请求连接的 MTC服务器不为允许连接的 MTC服务器, 则 拒绝所述 MTC设备的接入请求。 The MTC device connection control network element receives the access request of the MTC device, and the access request at least carries the MTC server information that the MTC device requests to connect; The MTC device connection control network element determines whether the MTC server that the MTC device requests to connect is an MTC server that is allowed to connect, and determines that the MTC server that the MTC device requests to connect is an MTC server that is allowed to connect, and allows the MTC device to connect to the MTC server. And determining that the MTC server requested by the MTC device is not an MTC server that is allowed to connect, and rejecting the access request of the MTC device.
所述 MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器具体为:  The MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
向核心网中的归属用户服务器(HSS )或归属用户位置寄存器(HLR ) 发送查询消息, 所述查询消息至少携带发起接入请求的 MTC设备信息; 收到 HSS或 HLR返回的所述 MTC设备所属的 MTC签约用户信息; 向 HSS或 HLR发送查询消息, 所述查询消息至少携带所述 MTC签约 用户信息;  Sending an inquiry message to a Home Subscriber Server (HSS) or a Home Subscriber Location Register (HLR) in the core network, where the query message carries at least the MTC device information that initiates the access request; and receives the MTC device returned by the HSS or the HLR. The MTC subscription user information; sending an inquiry message to the HSS or the HLR, where the inquiry message carries at least the MTC subscription user information;
收到 HSS或 HLR返回的与所述 MTC签约用户相关联的 MTC服务器 信息;  Receiving MTC server information associated with the MTC subscription user returned by the HSS or the HLR;
所述 MTC服务器与所述 MTC签约用户关联, 则判定所述 MTC服务 器为所述 MTC设备所允许连接的 MTC服务器; 所述 MTC服务器与所述 MTC签约用户不存在关联关系,则所述 MTC服务器不是所述 MTC设备所 允许连接的 MTC服务器。  The MTC server is associated with the MTC subscription user, and then determines that the MTC server is an MTC server that the MTC device is allowed to connect to; the MTC server does not have an association relationship with the MTC subscription user, and the MTC server Not the MTC server that the MTC device is allowed to connect to.
所述 MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器具体为:  The MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
向 HSS或 HLR发送查询消息,所述查询消息至少携带发起接入请求的 MTC设备信息;  Sending a query message to the HSS or the HLR, where the query message carries at least the MTC device information that initiates the access request;
收到来自 HSS或 HLR返回的与所述 MTC设备所属的 MTC签约用户 相关联的 MTC服务器信息;  Receiving MTC server information associated with the MTC subscription user to which the MTC device belongs, returned from the HSS or HLR;
所述 MTC服务器与所述 MTC签约用户关联, 则判定所述 MTC服务 器为所述 MTC设备所允许连接的 MTC服务器; 所述 MTC服务器与所述 MTC签约用户不存在关联关系,则所述 MTC服务器不是所述 MTC设备所 允许连接的 MTC服务器。 Determining, by the MTC server, the MTC subscription user, determining the MTC service The MTC server is the MTC server that the MTC device is allowed to connect to; the MTC server is not associated with the MTC subscription user, and the MTC server is not the MTC server that the MTC device is allowed to connect to.
所述 MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器具体为:  The MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
向 HSS或 HLR发送查询消息,所述查询消息至少携带发起接入请求的 MTC设备信息和 MTC设备请求连接的 MTC服务器信息;  Sending a query message to the HSS or the HLR, where the query message carries at least the MTC device information that initiates the access request and the MTC server information that the MTC device requests to connect;
收到来自 HSS或 HLR返回的查询结果, 查询结果表示所述 MTC服务 器是所述 MTC设备所属的 MTC签约用户关联的 MTC服务器, 则判定所 述 MTC服务器为所述 MTC设备所允许连接的 MTC服务器; 查询结果表 示所述 MTC服务器不是所述 MTC设备所属的 MTC签约用户关联的 MTC 服务器, 则判定所述 MTC服务器不为所述 MTC设备所允许连接的 MTC 服务器。  Receiving the query result returned from the HSS or the HLR, the query result indicating that the MTC server is an MTC server associated with the MTC subscription user to which the MTC device belongs, and determining that the MTC server is an MTC server allowed to be connected by the MTC device The query result indicates that the MTC server is not the MTC server associated with the MTC subscription user to which the MTC device belongs, and then determines that the MTC server is not the MTC server allowed to be connected by the MTC device.
MTC签约用户与 MTC服务器的关联设置信息由 HSS或者 HLR保存。 所述 MTC设备连接控制网元允许所述 MTC设备连接所述 MTC服务 器之后, 该方法还包括:  The association setting information of the MTC subscription user and the MTC server is saved by the HSS or the HLR. After the MTC device connection control network element allows the MTC device to connect to the MTC server, the method further includes:
MTC设备连接控制网元建立所述 MTC设备和所述 MTC服务器之间的 连接。  The MTC device connection control network element establishes a connection between the MTC device and the MTC server.
所述 MTC设备连接控制网元为位于核心网中的网关, 所述 MTC服务 器位于核心网或公共数据网。  The MTC device connection control network element is a gateway located in a core network, and the MTC server is located in a core network or a public data network.
一种 MTC设备的接入控制系统, 包括 MTC设备连接控制网元、 MTC 设备、 MTC服务器; 其中,  An access control system for an MTC device, including an MTC device connection control network element, an MTC device, and an MTC server;
所述 MTC设备连接控制网元,设置为在收到 MTC设备的接入请求后, 判断所述 MTC设备请求连接的 MTC服务器是否为允许连接的 MTC服务 器, 判定 MTC设备请求连接的 MTC服务器为允许连接的 MTC服务器, 则允许所述 MTC设备连接所述 MTC服务器; 判定 MTC设备请求连接的 MTC服务器不为允许连接的 MTC服务器,则拒绝所述 MTC设备的接入请 求。 The MTC device is connected to the control network element, and is configured to determine, after receiving the access request of the MTC device, whether the MTC server requested by the MTC device is an MTC server that is allowed to connect, and determine that the MTC server requests the MTC server to connect to Connected MTC server, And the MTC device is allowed to connect to the MTC server; if the MTC server that the MTC device requests to connect to is not the MTC server that is allowed to connect, the access request of the MTC device is rejected.
该系统还包括 HSS或 HLR,  The system also includes HSS or HLR,
所述 MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器具体为:  The MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
向核心网中的 HSS或 HLR发送查询消息,所述查询消息至少携带发起 接入请求的 MTC设备信息;  Sending a query message to the HSS or the HLR in the core network, where the query message carries at least the MTC device information that initiates the access request;
收到 HSS或 HLR返回的所述 MTC设备所属的 MTC签约用户信息; 向 HSS或 HLR发送查询消息, 所述查询消息至少携带所述 MTC签约 用户信息; 信息;  Receiving, by the HSS or the HLR, the MTC subscription user information to which the MTC device belongs; sending an inquiry message to the HSS or the HLR, where the query message carries at least the MTC subscription user information;
所述 MTC服务器与所述 MTC签约用户关联, 则判定所述 MTC服务 器为所述 MTC设备所允许连接的 MTC服务器; 所述 MTC服务器与所述 MTC签约用户不存在关联关系,则所述 MTC服务器不是所述 MTC设备所 允许连接的 MTC服务器。  The MTC server is associated with the MTC subscription user, and then determines that the MTC server is an MTC server that the MTC device is allowed to connect to; the MTC server does not have an association relationship with the MTC subscription user, and the MTC server Not the MTC server that the MTC device is allowed to connect to.
该系统还包括 HSS或 HLR,  The system also includes HSS or HLR,
所述 MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器具体为:  The MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
向 HSS或 HLR发送查询消息,所述查询消息至少携带发起接入请求的 MTC设备信息;  Sending a query message to the HSS or the HLR, where the query message carries at least the MTC device information that initiates the access request;
收到来自 HSS或 HLR返回的与所述 MTC设备所属的 MTC签约用户 相关联的 MTC服务器信息;  Receiving MTC server information associated with the MTC subscription user to which the MTC device belongs, returned from the HSS or HLR;
所述 MTC服务器与所述 MTC签约用户关联, 则判定所述 MTC服务 器为所述 MTC设备所允许连接的 MTC服务器; 所述 MTC服务器与所述 MTC签约用户不存在关联关系,则所述 MTC服务器不是所述 MTC设备所 允许连接的 MTC服务器。 Determining, by the MTC server, the MTC subscription user, determining the MTC service The MTC server is the MTC server that the MTC device is allowed to connect to; the MTC server is not associated with the MTC subscription user, and the MTC server is not the MTC server that the MTC device is allowed to connect to.
该系统还包括 HSS或 HLR,  The system also includes HSS or HLR,
所述 MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器具体为:  The MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
向 HSS或 HLR发送查询消息,所述查询消息至少携带发起接入请求的 MTC设备信息和 MTC设备请求连接的 MTC服务器信息;  Sending a query message to the HSS or the HLR, where the query message carries at least the MTC device information that initiates the access request and the MTC server information that the MTC device requests to connect;
收到来自 HSS或 HLR返回的查询结果, 查询结果表示所述 MTC服务 器是所述 MTC设备所属的 MTC签约用户关联的 MTC服务器, 则判定所 述 MTC服务器为所述 MTC设备所允许连接的 MTC服务器; 查询结果表 示所述 MTC服务器不是所述 MTC设备所属的 MTC签约用户关联的 MTC 服务器, 则判定所述 MTC服务器不为所述 MTC设备所允许连接的 MTC 服务器。  Receiving the query result returned from the HSS or the HLR, the query result indicating that the MTC server is an MTC server associated with the MTC subscription user to which the MTC device belongs, and determining that the MTC server is an MTC server allowed to be connected by the MTC device The query result indicates that the MTC server is not the MTC server associated with the MTC subscription user to which the MTC device belongs, and then determines that the MTC server is not the MTC server allowed to be connected by the MTC device.
所述 HSS或者 HLR保存 MTC签约用户与 MTC服务器的关联设置信 所述 MTC设备连接控制网元, 还设置为在允许 MTC设备连接 MTC 服务器之后, 建立所述 MTC设备和所述 MTC服务器之间的连接。  The HSS or the HLR saves the association setting information of the MTC subscription user and the MTC server, and the MTC device connection control network element is further configured to establish, after the MTC device is allowed to connect to the MTC server, between the MTC device and the MTC server. connection.
所述 MTC设备连接控制网元为位于核心网中的网关, 所述 MTC服务 器位于核心网或公共数据网。  The MTC device connection control network element is a gateway located in a core network, and the MTC server is located in a core network or a public data network.
本发明实施例 MTC设备的接入控制方法和系统, MTC设备连接控制 网元收到 MTC设备的接入请求后 , MTC设备连接控制网元判断 MTC设备 请求连接的 MTC服务器是否为允许连接的 MTC服务器, 判定 MTC设备 请求连接的 MTC服务器为允许连接的 MTC服务器, 则允许所述 MTC设 备连接所述 MTC服务器; 判定 MTC设备请求连接的 MTC服务器不为允 许连接的 MTC服务器, 则拒绝所述 MTC设备的接入请求。 通过本发明, MTC设备只能与许可的 MTC服务器连接, 所以, 能够避免 MTC设备接入 不相关的 MTC服务器, 从而节约系统资源、 提高 MTC服务器的效率, 并 且, 本发明通过对 MTC设备接入 MTC服务器的过程进行限制, 能够降低 MTC服务器被攻击的风险, 提高系统安全性。 附图说明 The access control method and system of the MTC device in the embodiment of the present invention, after the MTC device connection control network element receives the access request of the MTC device, the MTC device connection control network element determines whether the MTC server requested by the MTC device is the MTC that is allowed to connect. The server determines that the MTC server that the MTC device requests to connect is the MTC server that is allowed to connect, and allows the MTC device to connect to the MTC server; determining that the MTC server that the MTC device requests to connect is not allowed The connected MTC server rejects the access request of the MTC device. With the present invention, the MTC device can only be connected to the licensed MTC server, so that the MTC device can be prevented from accessing the unrelated MTC server, thereby saving system resources and improving the efficiency of the MTC server, and the present invention accesses the MTC device. The process of the MTC server is limited, which can reduce the risk of the MTC server being attacked and improve system security. DRAWINGS
图 1为蜂窝通信网络支持 MTC业务的网络结构示意图;  FIG. 1 is a schematic diagram of a network structure of a cellular communication network supporting MTC services;
图 2为本发明实施例 MTC设备的接入控制方法流程示意图;  2 is a schematic flowchart of an access control method of an MTC device according to an embodiment of the present invention;
图 3为本发明实施例一种 MTC设备连接控制网元判断 MTC设备请求 连接的 MTC服务器是否为允许连接的 MTC服务器的流程示意图;  3 is a schematic flowchart of an MTC device connection control network element determining whether an MTC server requested by an MTC device is an MTC server that is allowed to connect according to an embodiment of the present invention;
图 4为本发明实施例另一种 MTC设备连接控制网元判断 MTC设备请 求连接的 MTC服务器是否为允许连接的 MTC服务器的流程示意图;  4 is a schematic flowchart of another MTC device connection control network element determining whether an MTC server connected to an MTC device request is an MTC server that is allowed to connect according to an embodiment of the present invention;
图 5为本发明实施例再一种 MTC设备连接控制网元判断 MTC设备请 求连接的 MTC服务器是否为允许连接的 MTC服务器的流程示意图;  FIG. 5 is a schematic flowchart of another MTC device connection control network element determining whether an MTC server connected to an MTC device request is an MTC server that is allowed to connect according to an embodiment of the present invention;
图 6为本发明 MTC设备的接入控制系统结构示意图;  6 is a schematic structural diagram of an access control system of an MTC device according to the present invention;
图 7为本发明实施例一种 MTC设备的接入控制系统结构示意图; 图 8为本发明实施例 MTC设备与 MTC设备接入控制网元建立连接后, FIG. 7 is a schematic structural diagram of an access control system of an MTC device according to an embodiment of the present invention; FIG. 8 is a schematic diagram of a connection between an MTC device and an MTC device access control network element according to an embodiment of the present invention;
MTC设备接入 MTC服务器的过程示意图。 具体实施方式 Schematic diagram of the process of accessing the MTC device to the MTC server. detailed description
本发明的基本思想是: MTC设备连接控制网元收到 MTC设备的接入 请求后, 判定 MTC设备请求连接的 MTC服务器为允许连接的 MTC服务 器, 则允许所述 MTC设备连接所述 MTC服务器; 判定 MTC设备请求连 接的 MTC服务器不为允许连接的 MTC服务器, 则拒绝所述 MTC设备的 接入请求。 图 1为本发明实施例 MTC设备的接入控制方法流程示意图,如图 2所 示, 该方法包括: The basic idea of the present invention is: after receiving the access request of the MTC device, the MTC device connection control network element determines that the MTC server requested by the MTC device is an MTC server that is allowed to connect, and allows the MTC device to connect to the MTC server; If it is determined that the MTC server requested by the MTC device is not the MTC server that is allowed to connect, the access request of the MTC device is rejected. 1 is a schematic flowchart of an access control method of an MTC device according to an embodiment of the present invention. As shown in FIG. 2, the method includes:
步驟 201 : MTC设备连接控制网元收到 MTC设备的接入请求,所述接 入请求至少携带 MTC设备请求连接的 MTC服务器信息。  Step 201: The MTC device connection control network element receives an access request of the MTC device, and the access request carries at least the MTC server information that the MTC device requests to connect.
步驟 202: MTC设备连接控制网元判断 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器, 如果是, 转到步驟 203; 否则, 转到 步驟 204。  Step 202: The MTC device connection control network element determines whether the MTC server requested by the MTC device is an MTC server that is allowed to connect, and if yes, go to step 203; otherwise, go to step 204.
步驟 203: 允许所述 MTC设备连接所述 MTC服务器。  Step 203: Allow the MTC device to connect to the MTC server.
步驟 204: 拒绝所述 MTC设备的接入请求。  Step 204: Reject the access request of the MTC device.
图 3为本发明实施例一种 MTC设备连接控制网元判断 MTC设备请求 连接的 MTC服务器是否为允许连接的 MTC服务器的流程示意图, 如图 3 所示, 该流程包括:  FIG. 3 is a schematic flowchart of an MTC device connection control network element determining whether an MTC server requested by an MTC device is an MTC server that is allowed to connect, as shown in FIG. 3, where the process includes:
步驟 1 : MTC设备连接控制网元向核心网中的归属用户服务器(Home Subscriber Server, HSS )或归属用户位置寄存器( Home Location Register, HLR )发送查询消息,该查询消息至少携带发起接入请求的 MTC设备信息; 步驟 2: MTC设备连接控制网元收到 HSS或 HLR返回的该 MTC设备 所属的 MTC签约用户信息;  Step 1: The MTC device connection control network element sends a query message to the Home Subscriber Server (HSS) or the Home Location Register (HLR) in the core network, and the query message carries at least the request for initiating the access request. MTC device information; Step 2: The MTC device connection control network element receives the MTC subscription user information of the MTC device returned by the HSS or the HLR;
步驟 3: MTC设备连接控制网元向 HSS或 HLR发送查询消息, 该查 询消息至少携带该 MTC签约用户信息;  Step 3: The MTC device connection control network element sends an inquiry message to the HSS or the HLR, where the inquiry message carries at least the MTC subscription user information;
步驟 4: MTC设备连接控制网元收到 HSS或 HLR返回的与该 MTC签 约用户相关联的 MTC服务器信息;  Step 4: The MTC device connection control network element receives the MTC server information associated with the MTC subscription user returned by the HSS or the HLR.
步驟 5: MTC设备连接控制网元判断该 MTC设备请求连接的 MTC服 务器是否与该 MTC签约用户相关联, 即判断 MTC设备请求连接的 MTC 服务器是否包含在 HSS或 HLR返回的 MTC服务器信息中, 如果该 MTC 服务器与该 MTC签约用户关联, 则该 MTC服务器为该 MTC设备所允许 连接的 MTC服务器; 如果该 MTC服务器与该 MTC签约用户不存在关联 关系, 则该 MTC服务器不是该 MTC设备所允许连接的 MTC服务器。 Step 5: The MTC device connection control network element determines whether the MTC server requested by the MTC device is associated with the MTC subscription user, that is, whether the MTC server requested by the MTC device is included in the MTC server information returned by the HSS or the HLR, if The MTC server is associated with the MTC subscription user, and the MTC server is allowed for the MTC device. The connected MTC server; if the MTC server does not have an associated relationship with the MTC subscription user, the MTC server is not the MTC server to which the MTC device is allowed to connect.
图 4为本发明实施例另一种 MTC设备连接控制网元判断 MTC设备请 求连接的 MTC服务器是否为允许连接的 MTC服务器的流程示意图, 如图 4所示, 该流程包括:  4 is a schematic diagram of another MTC device connection control network element determining whether an MTC server connected to an MTC device request is an MTC server that is allowed to connect, as shown in FIG. 4, the process includes:
步驟 Γ: MTC设备连接控制网元向 HSS或 HLR发送查询消息, 该查 询消息至少携带发起接入请求的 MTC设备信息;  Step Γ: The MTC device connection control network element sends an inquiry message to the HSS or the HLR, where the inquiry message carries at least the MTC device information that initiates the access request;
步驟 2,: MTC设备连接控制网元收到来自 HSS或 HLR返回的与该 MTC设备所属的 MTC签约用户相关联的 MTC服务器信息;  Step 2: The MTC device connection control network element receives the MTC server information that is returned from the HSS or the HLR and is associated with the MTC subscription user to which the MTC device belongs.
步驟 3,: MTC设备连接控制网元判断该 MTC设备所请求连接的 MTC 服务器是否与该 MTC签约用户相关联, 如果该 MTC服务器与该 MTC签 约用户关联, 则该 MTC服务器为该 MTC设备所允许连接的 MTC服务器; 如果该 MTC服务器与该 MTC签约用户不存在关联关系, 则该 MTC服务 器不是该 MTC设备所允许连接的 MTC服务器。  Step 3: The MTC device connection control network element determines whether the MTC server requested by the MTC device is associated with the MTC subscription user. If the MTC server is associated with the MTC subscription user, the MTC server is allowed for the MTC device. The connected MTC server; if the MTC server does not have an associated relationship with the MTC subscription user, the MTC server is not the MTC server to which the MTC device is allowed to connect.
图 5为本发明实施例再一种 MTC设备连接控制网元判断 MTC设备请 求连接的 MTC服务器是否为允许连接的 MTC服务器的流程示意图, 如图 5所示, 该流程包括:  FIG. 5 is a schematic diagram of another embodiment of the MTC device connection control network element determining whether the MTC server connected to the MTC device is an MTC server that is allowed to connect. As shown in FIG. 5, the process includes:
步驟 1": MTC设备连接控制网元向 HSS或 HLR发送查询消息, 该查 询消息至少携带发起接入请求的 MTC设备信息和 MTC设备请求连接的 MTC服务器信息;  Step 1": The MTC device connection control network element sends an inquiry message to the HSS or the HLR, where the inquiry message carries at least the MTC device information that initiates the access request and the MTC server information that the MTC device requests to connect;
步驟 2": MTC设备连接控制网元收到来自 HSS或 HLR返回的查询结 果, 如果查询结果表示该 MTC服务器是该 MTC设备所属的 MTC签约用 户关联的 MTC服务器, 则判定该 MTC服务器为该 MTC设备所允许连接 的 MTC服务器; 如果查询结果表示该 MTC服务器不是该 MTC设备所属 的 MTC签约用户关联的 MTC服务器, 则判定该 MTC服务器不为该 MTC 设备所允许连接的 MTC服务器。 Step 2: The MTC device connection control network element receives the query result returned from the HSS or the HLR. If the query result indicates that the MTC server is the MTC server associated with the MTC subscription user to which the MTC device belongs, it is determined that the MTC server is the MTC server. The MTC server that the device is allowed to connect to; if the query result indicates that the MTC server is not the MTC server associated with the MTC subscription user to which the MTC device belongs, it is determined that the MTC server is not the MTC server. The MTC server to which the device is allowed to connect.
本发明实施例中, MTC签约用户与 MTC服务器相关联指 MTC服务器 可以与该 MTC签约用户的 MTC设备连接以及获得该 MTC签约用户的 MTC设备所上报的数据。  In the embodiment of the present invention, the MTC subscription user is associated with the MTC server, and the MTC server can connect with the MTC device of the MTC subscription user and obtain the data reported by the MTC device of the MTC subscription user.
在本发明实施例中, MTC签约用户与 MTC服务器的关联设置信息可 以在核心网中的 HSS或者 HLR保存; MTC设备连接控制网元从 HLR或者 HSS获得的某个 MTC签约用户的关联的 MTC服务器的信息可以为 MTC 服务器的标识或者地址。  In the embodiment of the present invention, the association setting information of the MTC subscription user and the MTC server may be saved in the HSS or the HLR in the core network; the MTC device connects the associated MTC server of the MTC subscription user obtained by the control network element from the HLR or the HSS. The information can be the identity or address of the MTC server.
在本发明实施例中, MTC设备连接控制网元允许 MTC设备连接 MTC 服务器后, 进一步可以建立 MTC设备和 MTC服务器之间的连接。  In the embodiment of the present invention, after the MTC device connection control network element allows the MTC device to connect to the MTC server, the connection between the MTC device and the MTC server can be further established.
在本发明实施例中, MTC设备连接控制网元可以是位于核心网中的网 关, 该网关作为核心网与位于公共数据网中的 MTC服务器连接的接入点, MTC设备通过该网关连接到 MTC服务器。  In the embodiment of the present invention, the MTC device connection control network element may be a gateway located in the core network, and the gateway serves as an access point of the core network and the MTC server located in the public data network, and the MTC device connects to the MTC through the gateway. server.
本发明实施例还相应地提出了一种 MTC设备的接入控制系统, 图 6为 本发明 MTC设备的接入控制系统结构示意图, 如图 6所示, 该系统包括: MTC设备连接控制网元、 MTC设备、 MTC服务器; 其中,  An embodiment of the present invention further provides an access control system for an MTC device. FIG. 6 is a schematic structural diagram of an access control system of an MTC device according to the present invention. As shown in FIG. 6, the system includes: an MTC device connection control network element. , MTC device, MTC server; among them,
所述 MTC设备连接控制网元, 设置为在收到 MTC设备的接入请求后, 判断所述 MTC设备请求连接的 MTC服务器是否为允许连接的 MTC服务器, 判定 MTC设备请求连接的 MTC服务器为允许连接的 MTC服务器, 则允许 所述 MTC设备连接所述 MTC服务器; 判定 MTC设备请求连接的 MTC服 务器不为允许连接的 MTC服务器, 则拒绝所述 MTC设备的接入请求。  The MTC device is connected to the control network element, and is configured to determine, after receiving the access request of the MTC device, whether the MTC server that the MTC device requests to connect is an MTC server that is allowed to connect, and determine that the MTC server requests the connected MTC server to be allowed. The connected MTC server allows the MTC device to connect to the MTC server; and determines that the MTC server that the MTC device requests to connect to is not the MTC server that is allowed to connect, rejects the access request of the MTC device.
该系统还包括 HSS或 HLR,  The system also includes HSS or HLR,
所述 MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器具体为:  The MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
向核心网中的 HSS或 HLR发送查询消息,所述查询消息至少携带发起 接入请求的 MTC设备信息; Sending a query message to the HSS or HLR in the core network, where the query message carries at least Accessing the requested MTC device information;
收到 HSS或 HLR返回的所述 MTC设备所属的 MTC签约用户信息; 向 HSS或 HLR发送查询消息, 所述查询消息至少携带所述 MTC签约 用户信息;  Receiving, by the HSS or the HLR, the MTC subscription user information that is sent by the MTC device; sending an inquiry message to the HSS or the HLR, where the query message carries at least the MTC subscription user information;
收到 HSS或 HLR返回的与所述 MTC签约用户相关联的 MTC服务器 信息;  Receiving MTC server information associated with the MTC subscription user returned by the HSS or the HLR;
所述 MTC服务器与所述 MTC签约用户关联, 则判定所述 MTC服务 器为所述 MTC设备所允许连接的 MTC服务器; 所述 MTC服务器与所述 MTC签约用户不存在关联关系,则所述 MTC服务器不是所述 MTC设备所 允许连接的 MTC服务器。  The MTC server is associated with the MTC subscription user, and then determines that the MTC server is an MTC server that the MTC device is allowed to connect to; the MTC server does not have an association relationship with the MTC subscription user, and the MTC server Not the MTC server that the MTC device is allowed to connect to.
该系统还包括 HSS或 HLR,  The system also includes HSS or HLR,
所述 MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器具体为:  The MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
向 HSS或 HLR发送查询消息,所述查询消息至少携带发起接入请求的 MTC设备信息;  Sending a query message to the HSS or the HLR, where the query message carries at least the MTC device information that initiates the access request;
收到来自 HSS或 HLR返回的与所述 MTC设备所属的 MTC签约用户 相关联的 MTC服务器信息;  Receiving MTC server information associated with the MTC subscription user to which the MTC device belongs, returned from the HSS or HLR;
所述 MTC服务器与所述 MTC签约用户关联, 则判定所述 MTC服务 器为所述 MTC设备所允许连接的 MTC服务器; 所述 MTC服务器与所述 MTC签约用户不存在关联关系,则所述 MTC服务器不是所述 MTC设备所 允许连接的 MTC服务器。  The MTC server is associated with the MTC subscription user, and then determines that the MTC server is an MTC server that the MTC device is allowed to connect to; the MTC server does not have an association relationship with the MTC subscription user, and the MTC server Not the MTC server that the MTC device is allowed to connect to.
该系统还包括 HSS或 HLR,  The system also includes HSS or HLR,
所述 MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器具体为:  The MTC device connection control network element determines whether the MTC server that the MTC device requests to connect to is an MTC server that is allowed to connect is specifically:
向 HSS或 HLR发送查询消息,所述查询消息至少携带发起接入请求的 MTC设备信息和 MTC设备请求连接的 MTC服务器信息; Sending a query message to the HSS or the HLR, where the query message carries at least the request to initiate the access request MTC device information and MTC server information requested by the MTC device;
收到来自 HSS或 HLR返回的查询结果, 查询结果表示所述 MTC服务 器是所述 MTC设备所属的 MTC签约用户关联的 MTC服务器, 则判定所 述 MTC服务器为所述 MTC设备所允许连接的 MTC服务器; 查询结果表 示所述 MTC服务器不是所述 MTC设备所属的 MTC签约用户关联的 MTC 服务器, 则判定所述 MTC服务器不为所述 MTC设备所允许连接的 MTC 服务器。  Receiving the query result returned from the HSS or the HLR, the query result indicating that the MTC server is an MTC server associated with the MTC subscription user to which the MTC device belongs, and determining that the MTC server is an MTC server allowed to be connected by the MTC device The query result indicates that the MTC server is not the MTC server associated with the MTC subscription user to which the MTC device belongs, and then determines that the MTC server is not the MTC server allowed to be connected by the MTC device.
所述 MTC设备连接控制网元, 还设置为在允许 MTC设备连接 MTC 服务器之后, 建立所述 MTC设备和所述 MTC服务器之间的连接。  The MTC device is connected to the control network element, and is further configured to establish a connection between the MTC device and the MTC server after allowing the MTC device to connect to the MTC server.
所述 MTC设备连接控制网元为位于核心网中的网关, 所述 MTC服务 器位于核心网或公共数据网。  The MTC device connection control network element is a gateway located in a core network, and the MTC server is located in a core network or a public data network.
如图 7所示, MTC服务器可以位于核心网, 也可以位于公共数据网, MTC设备通过核心网中的 MTC设备接入控制网元与 MTC服务器建立连 接, 其中 MTC设备可以通过核心网中的有关网元与 MTC接入控制网元连 接,例如 MTC设备通过 GGSN/P-GW与 MTC接入控制网元连接建立连接。  As shown in FIG. 7, the MTC server may be located in the core network or in the public data network. The MTC device establishes a connection with the MTC server through the MTC device access control network element in the core network, where the MTC device can pass through the core network. The network element is connected to the MTC access control network element. For example, the MTC device establishes a connection with the MTC access control network element through the GGSN/P-GW.
在本发明中, MTC设备接入控制网元的作用相当于 MTC设备接入 MTC服务器时的网关。 MTC设备接入控制网元和位于核心网的 MTC服务 器之间可以采用核心网内的 GPRS 隧道协议 ( GPRS Tunneling Protocol, GTP )进行通信, MTC设备接入控制网元和位于公共数据网的 MTC服务 器之间可以采用网络域安全互联协议 ( Network Domain Security/Internet Protocol, NDS/IP )或者其它通信协议进行通信。  In the present invention, the MTC device access control network element functions as a gateway when the MTC device accesses the MTC server. The MTC device access control network element and the MTC server located in the core network can communicate using the GPRS Tunneling Protocol (GTP) in the core network, and the MTC device access control network element and the MTC server located in the public data network. Communication can be performed using Network Domain Security/Internet Protocol (NDS/IP) or other communication protocols.
为使本发明的目的、 技术方案和优点更加清楚明白, 以下举实施例并 参照附图, 对本发明进一步详细说明。  The present invention will be further described in detail below with reference to the accompanying drawings.
实施例  Example
在本实施例中, MTC签约用户一般为行业机构或者商户等, 其可以拥 有多个 MTC设备; MTC签约用户需要确定自己的关联 MTC服务器, 该签 约用户的 MTC设备上报给与该 MTC签约用户关联 MTC服务器; 该 MTC 服务器可以由 MTC签约用户自己管理, 这时 MTC服务器一般处于公共数 据网内; MTC签约用户的关联 MTC服务器也可以为位于核心网中的 MTC 服务器,这种情况下 MTC服务器一般由蜂窝通信网络运营商管理并向 MTC 签约用户提供服务。 In this embodiment, the MTC subscription user is generally an industry organization or a merchant, etc., which can There are multiple MTC devices; the MTC subscription user needs to determine its own associated MTC server, and the MTC device of the subscription user is reported to the MTC server associated with the MTC subscription user; the MTC server can be managed by the MTC subscription user, and the MTC server is generally The MTC server of the MTC subscription user may also be an MTC server located in the core network. In this case, the MTC server is generally managed by the cellular communication network operator and provides services to the MTC subscription user.
MTC设备使用时, MTC签约用户和蜂窝通信网络运营商签订有关服务 协议, MTC设备的归属网络的 HSS/HLR登记 MTC设备的签约信息, 签约 信息可以包括 MTC设备的标识(例如国际移动用户识别码,简称为 IMSI )、 支持的业务能力的信息、 以及其所属的 MTC签约用户等; HSS/HLR也保 存有 MTC签约用户的信息, 其中包括该 MTC签约用户所关联的 MTC服 务器的信息。  When the MTC device is used, the MTC subscription user and the cellular communication network operator sign a service agreement, and the HSS/HLR of the home network of the MTC device registers the subscription information of the MTC device, and the subscription information may include the identifier of the MTC device (for example, the international mobile subscriber identity code) , referred to as IMSI), the information of the supported service capabilities, and the MTC subscribers to which it belongs; the HSS/HLR also stores the information of the MTC subscribers, including the information of the MTC server associated with the MTC subscribers.
MTC设备上报数据时, 需要通过无线接入网络和核心网络中的 MTC 设备接入控制网元建立连接, 然后通过该 MTC设备接入控制网元和 MTC 服务器建立连接, 进一步将上报数据发送给有关 MTC服务器。 在本实施例 中, MTC设备可以通过核心网中的分组业务数据服务接点 GGSN/P-GW与 MTC设备接入控制网元建立连接。  When the MTC device reports data, it needs to establish a connection between the radio access network and the MTC device access control network element in the core network, and then establish a connection between the MTC device access control network element and the MTC server, and further send the reported data to the relevant data. MTC server. In this embodiment, the MTC device can establish a connection with the MTC device access control network element through the packet service data service contact GGSN/P-GW in the core network.
下面结合图 8说明 MTC设备与 MTC设备接入控制网元建立连接后, MTC设备接入 MTC服务器的过程:  The following describes the process of connecting the MTC device to the MTC server after the MTC device establishes a connection with the MTC device access control network element:
步驟 801 , MTC设备向 MTC设备接入控制网元发送接入 MTC服务器 的请求信息;  Step 801: The MTC device sends, to the MTC device access control network element, request information for accessing the MTC server.
在该请求信息中, 包括申请接入的 MTC服务器的地址或者标识。  The request information includes the address or identifier of the MTC server that is requested to access.
步驟 802 , MTC设备接入控制网元从 HLR/HSS获得该 MTC设备所属 的 MTC签约用户的信息;  Step 802: The MTC device access control network element obtains information about the MTC subscription user to which the MTC device belongs from the HLR/HSS.
MTC设备接入控制网元可以根据该 MTC设备的标识从 HSS/HLR获得 该 MTC设备的签约用户的信息,签约用户的信息可以包括签约用户的标识; 步驟 803 , MTC设备接入控制网元根据签约用户的标识从 HSS/HLR获 得该签约用户的关联的 MTC服务器的信息; The MTC device access control network element can be obtained from the HSS/HLR according to the identifier of the MTC device. The information about the signing user of the MTC device, the information of the signing user may include the identifier of the signing user. Step 803: The MTC device access control network element obtains information about the associated MTC server of the signing user from the HSS/HLR according to the identifier of the signing user. ;
关联的 MTC服务器的信息可以包括关联 MTC服务器的标识和地址等; 步驟 804, MTC设备接入控制网元判断 MTC设备申请接入的 MTC服 务器是否为允许接入的 MTC服务器; 如果是允许接入的 MTC服务器, 则 执行步驟 805的操作, 如果不是允许接入的 MTC服务器, 则执行步驟 806 的操作。  The information of the associated MTC server may include the identifier and the address of the associated MTC server, etc. Step 804: The MTC device access control network element determines whether the MTC server that the MTC device requests to access is an MTC server that is allowed to access; The MTC server performs the operation of step 805. If it is not the MTC server that is allowed to access, the operation of step 806 is performed.
MTC设备接入控制网元可以判断 MTC设备申请接入的 MTC服务器是 否为该 MTC设备所属的 MTC签约用户的关联 MTC服务器;如果 MTC设 备申请接入的 MTC服务器是该 MTC设备所属的 MTC签约用户的关联 MTC服务器,则为允许接入的 MTC服务器,反之,则不是允许接入的 MTC 服务器。  The MTC device access control network element can determine whether the MTC server that the MTC device requests to access is the associated MTC server of the MTC subscription user to which the MTC device belongs; if the MTC server that the MTC device requests to access is the MTC subscription user to which the MTC device belongs The associated MTC server is the MTC server that is allowed to access, and vice versa, the MTC server is not allowed to access.
步驟 805, MTC设备接入控制单元建立 MTC设备和申请接入的 MTC 服务器之间的连接。  Step 805: The MTC device access control unit establishes a connection between the MTC device and the MTC server that is requested to access.
MTC设备和申请接入的 MTC服务器之间建立连接后,进一步 MTC设 备将上报数据发送给该 MTC服务器。  After the MTC device establishes a connection with the MTC server that is requested to access, the MTC device sends the reported data to the MTC server.
步驟 806, MTC设备接入控制单元拒绝该 MTC设备的接入 MTC服务 器的请求。  Step 806: The MTC device access control unit rejects the request of the MTC device to access the MTC server.
通过本发明中的方法, MTC设备连接控制网元可以控制 MTC设备与 MTC服务器之间的连接,使 MTC设备能够与正确的 MTC服务器建立连接, 避免 MTC设备与不相关的 MTC服务器进行连接, 也可以避免 MTC服务 器的负载增加及受到来自 MTC设备的攻击的安全威胁。  Through the method of the present invention, the MTC device connection control network element can control the connection between the MTC device and the MTC server, so that the MTC device can establish a connection with the correct MTC server, and avoid the connection between the MTC device and the unrelated MTC server. It can avoid the load increase of the MTC server and the security threat of attacks from the MTC device.
以上所述, 仅为本发明的较佳实施例而已, 并非用于限定本发明的保 护范围。  The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.

Claims

权利要求书 Claim
1、 一种机器类型通信(MTC )设备的接入控制方法, 其中, 该方法包 括:  1. An access control method for a machine type communication (MTC) device, wherein the method comprises:
MTC设备连接控制网元收到 MTC设备的接入请求, 所述接入请求至 少携带 MTC设备请求连接的 MTC服务器信息;  The MTC device connection control network element receives an access request of the MTC device, and the access request carries at least the MTC server information that the MTC device requests to connect;
MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服务器是 否为允许连接的 MTC服务器, 判定 MTC设备请求连接的 MTC服务器为 允许连接的 MTC服务器, 则允许所述 MTC设备连接所述 MTC服务器; 判定 MTC设备请求连接的 MTC服务器不为允许连接的 MTC服务器, 则 拒绝所述 MTC设备的接入请求。  The MTC device connection control network element determines whether the MTC server that the MTC device requests to connect is an MTC server that is allowed to connect, and determines that the MTC server that the MTC device requests to connect is an MTC server that is allowed to connect, and allows the MTC device to connect to the MTC server. And determining that the MTC server requested by the MTC device is not an MTC server that is allowed to connect, and rejecting the access request of the MTC device.
2、 根据权利要求 1所述的方法, 其中, 所述 MTC设备连接控制网元 判断所述 MTC设备请求连接的 MTC服务器是否为允许连接的 MTC服务 器具体为:  2. The method according to claim 1, wherein the MTC device connection control network element determines whether the MTC server requested to be connected by the MTC device is an MTC server that is allowed to connect, specifically:
向核心网中的归属用户服务器(HSS )或归属用户位置寄存器(HLR ) 发送查询消息, 所述查询消息至少携带发起接入请求的 MTC设备信息; 收到 HSS或 HLR返回的所述 MTC设备所属的 MTC签约用户信息; 向 HSS或 HLR发送查询消息, 所述查询消息至少携带所述 MTC签约 用户信息;  Sending an inquiry message to a Home Subscriber Server (HSS) or a Home Subscriber Location Register (HLR) in the core network, where the query message carries at least the MTC device information that initiates the access request; and receives the MTC device returned by the HSS or the HLR. The MTC subscription user information; sending an inquiry message to the HSS or the HLR, where the inquiry message carries at least the MTC subscription user information;
收到 HSS或 HLR返回的与所述 MTC签约用户相关联的 MTC服务器 信息;  Receiving MTC server information associated with the MTC subscription user returned by the HSS or the HLR;
所述 MTC服务器与所述 MTC签约用户关联, 则判定所述 MTC服务 器为所述 MTC设备所允许连接的 MTC服务器; 所述 MTC服务器与所述 MTC签约用户不存在关联关系,则所述 MTC服务器不是所述 MTC设备所 允许连接的 MTC服务器。  The MTC server is associated with the MTC subscription user, and then determines that the MTC server is an MTC server that the MTC device is allowed to connect to; the MTC server does not have an association relationship with the MTC subscription user, and the MTC server Not the MTC server that the MTC device is allowed to connect to.
3、 根据权利要求 1所述的方法, 其中, 所述 MTC设备连接控制网元 判断所述 MTC设备请求连接的 MTC服务器是否为允许连接的 MTC服务 器具体为: 3. The method according to claim 1, wherein the MTC device is connected to a control network element Determining whether the MTC server requested by the MTC device to connect is an MTC server that is allowed to connect is specifically:
向 HSS或 HLR发送查询消息,所述查询消息至少携带发起接入请求的 MTC设备信息;  Sending a query message to the HSS or the HLR, where the query message carries at least the MTC device information that initiates the access request;
收到来自 HSS或 HLR返回的与所述 MTC设备所属的 MTC签约用户 相关联的 MTC服务器信息;  Receiving MTC server information associated with the MTC subscription user to which the MTC device belongs, returned from the HSS or HLR;
所述 MTC服务器与所述 MTC签约用户关联, 则判定所述 MTC服务 器为所述 MTC设备所允许连接的 MTC服务器; 所述 MTC服务器与所述 MTC签约用户不存在关联关系,则所述 MTC服务器不是所述 MTC设备所 允许连接的 MTC服务器。  The MTC server is associated with the MTC subscription user, and then determines that the MTC server is an MTC server that the MTC device is allowed to connect to; the MTC server does not have an association relationship with the MTC subscription user, and the MTC server Not the MTC server that the MTC device is allowed to connect to.
4、 根据权利要求 1所述的方法, 其中, 所述 MTC设备连接控制网元 判断所述 MTC设备请求连接的 MTC服务器是否为允许连接的 MTC服务 器具体为:  The method according to claim 1, wherein the MTC device connection control network element determines whether the MTC server requested to be connected by the MTC device is an MTC server that allows connection:
向 HSS或 HLR发送查询消息,所述查询消息至少携带发起接入请求的 MTC设备信息和 MTC设备请求连接的 MTC服务器信息;  Sending a query message to the HSS or the HLR, where the query message carries at least the MTC device information that initiates the access request and the MTC server information that the MTC device requests to connect;
收到来自 HSS或 HLR返回的查询结果, 查询结果表示所述 MTC服务 器是所述 MTC设备所属的 MTC签约用户关联的 MTC服务器, 则判定所 述 MTC服务器为所述 MTC设备所允许连接的 MTC服务器; 查询结果表 示所述 MTC服务器不是所述 MTC设备所属的 MTC签约用户关联的 MTC 服务器, 则判定所述 MTC服务器不为所述 MTC设备所允许连接的 MTC 服务器。  Receiving the query result returned from the HSS or the HLR, the query result indicating that the MTC server is an MTC server associated with the MTC subscription user to which the MTC device belongs, and determining that the MTC server is an MTC server allowed to be connected by the MTC device The query result indicates that the MTC server is not the MTC server associated with the MTC subscription user to which the MTC device belongs, and then determines that the MTC server is not the MTC server allowed to be connected by the MTC device.
5、 根据权利要求 1至 4任一项所述的方法, 其中, MTC签约用户与 MTC服务器的关联设置信息由 HSS或者 HLR保存。  The method according to any one of claims 1 to 4, wherein the association setting information of the MTC subscription user and the MTC server is saved by the HSS or the HLR.
6、 根据权利要求 1至 4任一项所述的方法, 其中, 所述 MTC设备连 接控制网元允许所述 MTC设备连接所述 MTC服务器之后,该方法还包括: MTC设备连接控制网元建立所述 MTC设备和所述 MTC服务器之间的 连接。 The method according to any one of claims 1 to 4, wherein, after the MTC device connection control network element allows the MTC device to connect to the MTC server, the method further includes: The MTC device connection control network element establishes a connection between the MTC device and the MTC server.
7、 根据权利要求 6所述的方法, 其中, 所述 MTC设备连接控制网元 为位于核心网中的网关, 所述 MTC服务器位于核心网或公共数据网。  The method according to claim 6, wherein the MTC device connection control network element is a gateway located in a core network, and the MTC server is located in a core network or a public data network.
8、 一种 MTC设备的接入控制系统, 其中, 该系统包括 MTC设备连接 控制网元、 MTC设备、 MTC服务器; 其中,  8. An access control system for an MTC device, wherein the system includes an MTC device connection control network element, an MTC device, and an MTC server; wherein
所述 MTC设备连接控制网元,设置为在收到 MTC设备的接入请求后, 判断所述 MTC设备请求连接的 MTC服务器是否为允许连接的 MTC服务 器, 判定 MTC设备请求连接的 MTC服务器为允许连接的 MTC服务器, 则允许所述 MTC设备连接所述 MTC服务器; 判定 MTC设备请求连接的 MTC服务器不为允许连接的 MTC服务器,则拒绝所述 MTC设备的接入请 求。  The MTC device is connected to the control network element, and is configured to determine, after receiving the access request of the MTC device, whether the MTC server requested by the MTC device is an MTC server that is allowed to connect, and determine that the MTC server requests the MTC server to connect to The connected MTC server allows the MTC device to connect to the MTC server; and determines that the MTC server that the MTC device requests to connect to is not the MTC server that is allowed to connect, rejects the access request of the MTC device.
9、 根据权利要求 8所述的系统, 其中, 该系统还包括 HSS或 HLR, 所述 MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器具体为:  The system according to claim 8, wherein the system further comprises an HSS or an HLR, and the MTC device connection control network element determines whether the MTC server requested to be connected by the MTC device is an MTC server that is allowed to connect, specifically:
向核心网中的 HSS或 HLR发送查询消息,所述查询消息至少携带发起 接入请求的 MTC设备信息;  Sending a query message to the HSS or the HLR in the core network, where the query message carries at least the MTC device information that initiates the access request;
收到 HSS或 HLR返回的所述 MTC设备所属的 MTC签约用户信息; 向 HSS或 HLR发送查询消息, 所述查询消息至少携带所述 MTC签约 用户信息;  Receiving, by the HSS or the HLR, the MTC subscription user information that is sent by the MTC device; sending an inquiry message to the HSS or the HLR, where the query message carries at least the MTC subscription user information;
收到 HSS或 HLR返回的与所述 MTC签约用户相关联的 MTC服务器 信息;  Receiving MTC server information associated with the MTC subscription user returned by the HSS or the HLR;
所述 MTC服务器与所述 MTC签约用户关联, 则判定所述 MTC服务 器为所述 MTC设备所允许连接的 MTC服务器; 所述 MTC服务器与所述 MTC签约用户不存在关联关系,则所述 MTC服务器不是所述 MTC设备所 允许连接的 MTC服务器。 The MTC server is associated with the MTC subscription user, and then determines that the MTC server is an MTC server that the MTC device is allowed to connect to; the MTC server does not have an association relationship with the MTC subscription user, and the MTC server Not the MTC device Allow connection to the MTC server.
10、 根据权利要求 8所述的系统, 其中, 该系统还包括 HSS或 HLR, 所述 MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器具体为:  The system according to claim 8, wherein the system further comprises an HSS or an HLR, and the MTC device connection control network element determines whether the MTC server requested to be connected by the MTC device is an MTC server that is allowed to connect, specifically:
向 HSS或 HLR发送查询消息,所述查询消息至少携带发起接入请求的 MTC设备信息;  Sending a query message to the HSS or the HLR, where the query message carries at least the MTC device information that initiates the access request;
收到来自 HSS或 HLR返回的与所述 MTC设备所属的 MTC签约用户 相关联的 MTC服务器信息;  Receiving MTC server information associated with the MTC subscription user to which the MTC device belongs, returned from the HSS or HLR;
所述 MTC服务器与所述 MTC签约用户关联, 则判定所述 MTC服务 器为所述 MTC设备所允许连接的 MTC服务器; 所述 MTC服务器与所述 MTC签约用户不存在关联关系,则所述 MTC服务器不是所述 MTC设备所 允许连接的 MTC服务器。  The MTC server is associated with the MTC subscription user, and then determines that the MTC server is an MTC server that the MTC device is allowed to connect to; the MTC server does not have an association relationship with the MTC subscription user, and the MTC server Not the MTC server that the MTC device is allowed to connect to.
11、 根据权利要求 8所述的系统, 其中, 该系统还包括 HSS或 HLR, 所述 MTC设备连接控制网元判断所述 MTC设备请求连接的 MTC服 务器是否为允许连接的 MTC服务器具体为:  The system according to claim 8, wherein the system further comprises an HSS or an HLR, and the MTC device connection control network element determines whether the MTC server requested to be connected by the MTC device is an MTC server that is allowed to connect, specifically:
向 HSS或 HLR发送查询消息,所述查询消息至少携带发起接入请求的 MTC设备信息和 MTC设备请求连接的 MTC服务器信息;  Sending a query message to the HSS or the HLR, where the query message carries at least the MTC device information that initiates the access request and the MTC server information that the MTC device requests to connect;
收到来自 HSS或 HLR返回的查询结果, 查询结果表示所述 MTC服务 器是所述 MTC设备所属的 MTC签约用户关联的 MTC服务器, 则判定所 述 MTC服务器为所述 MTC设备所允许连接的 MTC服务器; 查询结果表 示所述 MTC服务器不是所述 MTC设备所属的 MTC签约用户关联的 MTC 服务器, 则判定所述 MTC服务器不为所述 MTC设备所允许连接的 MTC 服务器。  Receiving the query result returned from the HSS or the HLR, the query result indicating that the MTC server is an MTC server associated with the MTC subscription user to which the MTC device belongs, and determining that the MTC server is an MTC server allowed to be connected by the MTC device The query result indicates that the MTC server is not the MTC server associated with the MTC subscription user to which the MTC device belongs, and then determines that the MTC server is not the MTC server allowed to be connected by the MTC device.
12、 根据权利要求 9至 11任一项所述的系统, 其中, 所述 HSS或者 HLR保存 MTC签约用户与 MTC服务器的关联设置信息。 The system according to any one of claims 9 to 11, wherein the HSS or the HLR saves association setting information of the MTC subscription user and the MTC server.
13、 根据权利要求 8至 11任一项所述的系统, 其中, 13. The system according to any one of claims 8 to 11, wherein
所述 MTC设备连接控制网元, 还设置为在允许 MTC设备连接 MTC 服务器之后, 建立所述 MTC设备和所述 MTC服务器之间的连接。  The MTC device is connected to the control network element, and is further configured to establish a connection between the MTC device and the MTC server after allowing the MTC device to connect to the MTC server.
14、 根据权利要求 13所述的系统, 其中, 所述 MTC设备连接控制网 元为位于核心网中的网关, 所述 MTC服务器位于核心网或公共数据网。  The system according to claim 13, wherein the MTC device connection control network element is a gateway located in a core network, and the MTC server is located in a core network or a public data network.
PCT/CN2011/080994 2011-06-27 2011-10-19 Access control method and system for mtc device WO2013000214A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110174881.5A CN102857899B (en) 2011-06-27 2011-06-27 A kind of connection control method and system of MTC device
CN201110174881.5 2011-06-27

Publications (1)

Publication Number Publication Date
WO2013000214A1 true WO2013000214A1 (en) 2013-01-03

Family

ID=47404022

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/080994 WO2013000214A1 (en) 2011-06-27 2011-10-19 Access control method and system for mtc device

Country Status (2)

Country Link
CN (1) CN102857899B (en)
WO (1) WO2013000214A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11783914B2 (en) 2014-10-21 2023-10-10 Psomagen, Inc. Method and system for panel characterizations

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010121433A1 (en) * 2009-04-24 2010-10-28 华为技术有限公司 Method and apparatus for carrying out admission controlling of closed subscriber group csg terminal
WO2011043571A2 (en) * 2009-10-05 2011-04-14 삼성전자 주식회사 Area-based access control method for terminals which carry out m2m communications in a wireless communication system
WO2011050689A1 (en) * 2009-10-30 2011-05-05 中兴通讯股份有限公司 Access control method and system for machine type communication terminal

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101931931B (en) * 2009-06-25 2014-03-12 华为技术有限公司 Information process method, system and mobility management network element
CN102056128B (en) * 2009-10-30 2014-04-09 中兴通讯股份有限公司 Information acquisition method and system of machinery communication terminals
CN102056140B (en) * 2009-11-06 2013-08-07 中兴通讯股份有限公司 Method and system for acquiring machine type communication terminal information

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010121433A1 (en) * 2009-04-24 2010-10-28 华为技术有限公司 Method and apparatus for carrying out admission controlling of closed subscriber group csg terminal
WO2011043571A2 (en) * 2009-10-05 2011-04-14 삼성전자 주식회사 Area-based access control method for terminals which carry out m2m communications in a wireless communication system
WO2011050689A1 (en) * 2009-10-30 2011-05-05 中兴通讯股份有限公司 Access control method and system for machine type communication terminal

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11783914B2 (en) 2014-10-21 2023-10-10 Psomagen, Inc. Method and system for panel characterizations

Also Published As

Publication number Publication date
CN102857899B (en) 2018-07-27
CN102857899A (en) 2013-01-02

Similar Documents

Publication Publication Date Title
US9473877B2 (en) Uplink/downlink transmission method for small amount of data, and corresponding terminal and mobility management unit
US20140237125A1 (en) Method, apparatus, and system for establishing device-to-device connection
WO2018077243A1 (en) Dual-sim card dual-call connection communication method, terminal, network and system
WO2013107074A1 (en) Method and system for determining accessibility of terminal group
JP2014530528A (en) Method for triggering data traffic distribution, network side device, user equipment, and network system
WO2011054299A1 (en) Method and system for obtaining information of machine type communication terminal
WO2012142955A1 (en) Machine to machine service management device, network device, and service processing method and system
CN105828413A (en) Safety method of D2D mode B discovery, terminal and system
WO2013097332A1 (en) Method and system for managing terminal group
US10219309B2 (en) D2D service authorizing method and device and home near field communication server
US9713176B2 (en) Telecommunication method and telecommunication system
US7778648B2 (en) Method for handling deferred location request
WO2012130098A1 (en) Method and system for obtaining an ip address of a machine type communication (mtc) device
WO2011020435A1 (en) Method and system for transmitting data packet at machine-to-machine (m2m) application server
WO2013056595A1 (en) Method, system and device for establishing connection
CN102740297A (en) Paging method, device and system
JP2015503304A (en) Access method, mobility management device, and user equipment
WO2015089969A1 (en) Accessibility management method and device for m2m terminal/terminal peripheral
WO2013067744A1 (en) Serving gateway selection method and system for terminal group
WO2015154426A1 (en) Method and device for prose temporary identifier notification and update
WO2012152221A1 (en) Service communication method, device, and system
WO2014036970A1 (en) Method, device, and system for triggering application
WO2012151846A1 (en) Method and system for triggering terminal in specific location, and terminal thereof
US20170019749A1 (en) Service control system, user apparatus, and service control method
WO2013152545A1 (en) Connection establishment method and gateway unit

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11868809

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11868809

Country of ref document: EP

Kind code of ref document: A1