WO2013064052A1 - User access method, access service router, and user access system - Google Patents

User access method, access service router, and user access system Download PDF

Info

Publication number
WO2013064052A1
WO2013064052A1 PCT/CN2012/083709 CN2012083709W WO2013064052A1 WO 2013064052 A1 WO2013064052 A1 WO 2013064052A1 CN 2012083709 W CN2012083709 W CN 2012083709W WO 2013064052 A1 WO2013064052 A1 WO 2013064052A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
user terminal
access
asr
address
Prior art date
Application number
PCT/CN2012/083709
Other languages
French (fr)
Chinese (zh)
Inventor
王彪
潘云波
魏元
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2013064052A1 publication Critical patent/WO2013064052A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup

Definitions

  • the invention relates to an identification network in the communication field, and particularly relates to a user access method, an access service router (ASR) and a user access system.
  • ASR access service router
  • the existing Internet has not been able to meet the needs of today's information society, which seriously hinders the further development of information networks. It is urgent to break through, leapfrogging and designing a new network architecture to solve the existing Internet presence. Serious drawbacks. In recent years, countries around the world have started research work on new network systems. On this basis, the identification network system is proposed to meet the needs of the future Internet in terms of universal service, mobility, security, controllability and manageability. .
  • the identification network architecture is a new network architecture different from the Open Systems Interconnection (OSI) 7-layer network system and the Internet 4-layer network system.
  • the identification network system organically integrates users, services and network resources into one, and realizes network integrated access and provides universal services for users.
  • the identity and location of the user are separated.
  • the host is the host, and the access identifier (Access Identifier, AID) is configured as the identity identifier for the user;
  • the Access Service Router (ASR) is used to configure the router ID (RID) as the location identifier.
  • All Host hosts are registered and authenticated by the ASR and access the network.
  • the Host accesses the ASR and the behavior of leaving the ASR.
  • the ASR needs to send the identity and location register (ILR) to the Identifer and Location Register (ILR).
  • the ILR saves the mapping relationship between the AID and the RID configured by the Host for the user, ⁇ AID, RID>, and provides a response to the query mapping relationship.
  • the communication between the Host and the Host is implemented by encapsulating and routing the RID on the ASR.
  • the original packet between the Host and the Host is encapsulated in the payload Payload.
  • the destination ASR performs the packet. Decapsulate and then forward the original message to the destination Host.
  • the process of forwarding packets between the source Host1 and the destination Host2 is as follows: First, the source Hostl sends the packet to the source ASR1, and the source ASR1 uses the RID to encapsulate the packet. The post-source ASR1 sends the encapsulated packet to the destination ASR2. Finally, after the packet reaches the destination ASR2, the packet is decapsulated on the destination ASR2 and forwarded to the destination Host2.
  • a user accessing a network generally includes the following steps:
  • UE associated access network Access Network, referred to as AN
  • AN UE associated access network
  • the AN authenticates the UE
  • the embodiments of the present invention provide a user access method, an access service router ASR, and a user access system, which can be deployed by using an existing access network, and the transformation of the existing network is minimized, and the non-identification network is compatible. user.
  • the present invention provides a user access method, including: an access service router (ASR) receiving a request for acquiring identity information sent by a user terminal after performing access authentication through an access network (AN) Message; and
  • ASR access service router
  • the ASR distinguishes the user type of the user terminal, and returns corresponding identity information according to the user type of the user terminal.
  • the user types include: a normal user and an identification network user.
  • the identity information includes an access identifier (AID) of the user terminal of the identification network or an IP address of the normal user terminal.
  • AID access identifier
  • the step of distinguishing the user type of the user terminal by the ASR includes:
  • the ASR queries the Authentication Authorization Accounting (AAA) server for the AID of the user terminal, and if the query is made, the user terminal is considered to be the identification network user, and if not, the user terminal is considered to be the end.
  • the end is a normal user.
  • the step of the ASR returning corresponding identity information according to the user type of the user terminal includes:
  • the user terminal is an identification network user, return the AID of the user terminal to the user terminal;
  • the user terminal is assigned an IP address, and the IP address is returned to the user terminal.
  • the step of the ASR assigning an IP address to the user terminal includes:
  • the ASR acts as a Dynamic Host Setup Protocol (DHCP) server or a DHCP relay, and assigns an IP address to the user terminal.
  • DHCP Dynamic Host Setup Protocol
  • An embodiment of the present invention further provides an access service router, including:
  • a receiving module configured to receive a request message for requesting the user terminal to obtain the identity information
  • a determining module configured to determine a user type of the user terminal, and send the determination result to the allocation module
  • an allocating module configured to The judgment result returns corresponding identity information to the user terminal.
  • the user types include: a normal user and an identification network user.
  • the identity information includes an access identifier (AID) of the user terminal of the identification network or an IP address of the normal user terminal.
  • AID access identifier
  • the determining module is configured to determine the user type of the user terminal by: querying an authentication authorization charging (AAA) server for an AID of the user terminal, and if queried, determining that the user terminal is an identification network user If not found, the user terminal is determined to be a normal user.
  • AAA authentication authorization charging
  • the allocation module is configured to return corresponding identity information to the user terminal according to the determination result by:
  • the user terminal is an identification network user
  • the AID is returned to the user terminal
  • the user terminal is assigned an IP address. Addressing, and returning the IP address to the user terminal.
  • the allocation module is configured to be a dynamic host setup protocol (DHCP) server or a DHCP relay, and assign an IP address to the user terminal.
  • DHCP dynamic host setup protocol
  • An embodiment of the present invention further provides a user access system, including: an access network (AN), an authentication and authorization accounting (AAA) server, and an access service router, as described above, where the AN is set to: receive The access request of the user terminal forwards the access request to the AAA server, and completes the access authentication by using the AAA server.
  • AN access network
  • AAA authentication and authorization accounting
  • the user access method, the access service router ASR, and the user access system provided by the present invention can be deployed by using an existing access network, and the transformation of the existing network is minimized, and the non-identification network is compatible.
  • the user can distinguish the identity network user from the existing network common user and assign corresponding identity information to it.
  • 1 is a schematic diagram of a network structure of an identification network
  • FIG. 2 is a flowchart of forwarding a message between a source Host1 and a destination Host2 in the identification network
  • FIG. 3 is a flowchart of a user access method in the embodiment
  • FIG. 5 is a schematic structural diagram of a user access system in an embodiment
  • FIG. 6 is a flow chart of a user access method in an application example.
  • this embodiment provides a user access method, including the following steps: S101: the user terminal performs access network (AN) authentication;
  • AN access network
  • the user terminal requests access to the AN and completes the authentication through the AAA server.
  • the AAA server performs authentication
  • the AAA server stores the authentication information of the user and the user identification information.
  • the user identification information includes an access identifier (AID) of the user terminal.
  • the access service router receives a request message that is sent by the user terminal to obtain identity information after performing access authentication by using an access network (AN);
  • the identity information requested by the user includes an AID identifying the network user or an IP address of the ordinary user.
  • the ASR distinguishes the user type of the user terminal, and returns corresponding identity information according to the user type of the user terminal.
  • the existing access network is deployed to minimize the modification to the existing network, and the non-identifying network users are compatible. Therefore, the user types include: ordinary users (ie, non-identifying network users) and identification network users.
  • the ASR queries the AAA server for the AID of the user terminal. If the query is made, the user is considered to be the identity network user, otherwise it is an ordinary user.
  • the ASR may send a query request message to the AAA server to obtain the AID of the user terminal, and after receiving the query request message, the AAA server responds the locally stored user identification information by query. The message is returned to the ASR.
  • the ASR returns the corresponding identity information according to the user type of the user terminal, including: if the user is an identity network user, the ASR returns the AID of the user terminal to the user terminal;
  • the ASR allocates an IP address to the user terminal, and returns the IP address to the user terminal.
  • the IP address allocation operation of the common user terminal is performed by the ASR.
  • the ASR may have a DHCP function, and the DHCP protocol is used to assign an IP address to the user terminal, but not necessarily the same physical entity as the DHCP server.
  • the ASR may be DHCP relay.
  • the ASR uses the protocol customized by the identification network to assign an IP address to the user terminal.
  • this embodiment provides an access service router (ASR) for allocating identity information to a user, including:
  • a receiving module configured to receive a request message that the user terminal requests identity information
  • the identity information includes an access identifier (AID) of the user terminal of the identification network or an IP address of the ordinary user terminal.
  • AID access identifier
  • a judging module configured to determine a user type of the user terminal, and send the judgment result to the distribution module; wherein the user type of the user terminal includes: a common user and an identification network user.
  • the determining module determines the user type of the user terminal by querying the AAA server for the access identifier (AID) of the user terminal. If the query is made, the user is determined to be the identification network user, otherwise the user is the ordinary user.
  • AID access identifier
  • the determining module is configured to send a query request message to the AAA server to obtain an AID of the user terminal, and the receiving module is further configured to receive the query response message returned by the AAA server, and The AID of the user carried in the query response message.
  • an allocation module configured to return corresponding identity information to different types of user terminals according to the determination result.
  • the allocation module returns the AID of the user terminal to the user terminal;
  • the allocation module assigns an IP address to the user terminal, and returns the IP address to the user terminal.
  • the IP address allocation operation of the common user terminal is performed by the ASR allocation module, and the allocation module may have a DHCP function, and the DHCP protocol is used to assign an IP address to the user terminal, but not necessarily the same physical entity as the DHCP server.
  • the entity can also be a DHCP relay.
  • it is not excluded to assign an IP address to the user terminal by using a protocol customized by the identification network.
  • the present invention further provides a user access system, which is applied to an identification network, and includes: an AN, an AAA server, and an access service router ASR as described above.
  • the AN is directly associated with the AAA server. After receiving the access request sent by the user terminal UE, the AN forwards the access request to the AAA server, and performs the AAA server. Access authentication. After the authentication succeeds, the authentication success response is returned to the UE through the AN.
  • the method for user access includes the following steps:
  • the user terminal UE requests to access the AN;
  • the AN is connected to the AAA server, and the AAA server authenticates the UE, and after completing the authentication, returns a successful authentication response to the AN;
  • the AAA server during the authentication, the user authentication information and the user identification information stored in local memory; wherein the user information includes a user identifier of an access identifier (AID) 0
  • S203 The AN returns an authentication success response to the UE.
  • S204 The UE requests an IP address/AID from the ASR.
  • the ordinary UE only needs an IP address, and the IP address is the identity information of the ordinary user; the identity network UE needs an AID, and the AID is the identity information of the identity network user.
  • the ASR After receiving the request from the UE, the ASR queries the AAA server for the access identifier AID of the UE.
  • the AAA server queries whether the AID of the UE is stored locally, and if yes, sends the AID to the ASR.
  • step S207 if the UE is an identity network user, the ASR sends the AID information acquired from the AAA server to the UE; if the UE is a normal user, the ASR acts as a DHCP server, or a DHCP relay, and allocates an IP address to the UE.
  • the ASR assigns the identity information to the user, and the user accesses the AN.
  • the user access method, the access service router ASR, and the user access system provided in the foregoing embodiments are deployed by using an existing access network, and the ASR of the identification network is introduced.
  • the modification of the existing network may be reduced, and the compatibility with the non-identifying network users may be implemented.
  • the identification network user and the current network common user may be distinguished, and the identification network user is assigned an AID, and the ordinary user is assigned an IP address.
  • the user access method, the access service router ASR, and the user access system provided by the embodiments of the present invention can be deployed by using an existing access network, thereby minimizing the transformation of the existing network, and is compatible with
  • the identification network user can distinguish the identification network user from the existing network common user and assign corresponding identity information to it.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A user access method, an access service router (ASR), and a user access system. The method comprises: the ASR receiving a request message requesting for the acquisition of identity information and transmitted by a user terminal when an access authentication is performed by same via an access network (AN); the ASR identifying the user type of the user terminal, and returning the corresponding identity information on the basis of the user type of the user terminal. The ASR comprises a receiver module, a determination module, and a distribution module. The user access system comprises the AN, an authentication, authorization, and accounting (AAA) server, and the ASR, where the AN is configured to receive an access request of the user terminal, to forward the access request to the AAA server, and to complete an access authentication via the AAA server. The user access method, the ASR, and the user access system allow for deployment using an existing AN, for minimal modifications to the existing network, and for compatibility with non-identified network users.

Description

一种用户接入方法、 接入服务路由器及用户接入系统  User access method, access service router and user access system
技术领域 Technical field
本发明涉及通信领域的标识网, 具体涉及一种用户接入方法、 接入服务 路由器( Access Service Router , 简称 ASR ) 以及用户接入系统。  The invention relates to an identification network in the communication field, and particularly relates to a user access method, an access service router (ASR) and a user access system.
背景技术 现有互联网已经不能很好地满足当今信息社会的需求, 严重阻碍着信息 网络的进一步发展, 急需突破性、 跨越式的构思和设计一种新的网络体系结 构, 以解决现有互联网存在的严重弊端。 近年来, 世界各国纷纷展开了新网 络体系方面的研究工作, 在此基础上, 提出标识网络体系, 以满足未来互联 网在普适服务、 移动性、 安全性、 可控可管性等方面的需求。 标识网络体系结构是一种不同于开放系统互连 (OSI)7层网络体系和互联 网 4层网络体系的新型网络体系结构。 标识网络体系将用户、 业务和网络资 源三者有机统一为一个整体, 很好地实现了网络一体化接入并为用户提供普 适服务。 在标识网络中, 用户的身份和位置分离, 在如图 1所示的标识网网 络结构图中, Host为主机, 为用户配置接入标识( Access Identifier , 简 称 AID )作为身份标识; 接入路由器( Access Service Router , 简称 ASR )为用 户配置路由标识( Router Identifier , 简称 RID )作为位置标识。 所有 Host主 机通过 ASR进行注册和认证并接入网络。 Host接入到 ASR上,以及离开 ASR 的行为, ASR都需向身份和位置登记寄存器( Identifer and Location Register , 简称 ILR ) 汇 ^艮。 ILR保存 Host为用户配置的 AID与 RID的映射关系 <AID, RID> , 同时提供对查询映射关系的响应。 BACKGROUND OF THE INVENTION The existing Internet has not been able to meet the needs of today's information society, which seriously hinders the further development of information networks. It is urgent to break through, leapfrogging and designing a new network architecture to solve the existing Internet presence. Serious drawbacks. In recent years, countries around the world have started research work on new network systems. On this basis, the identification network system is proposed to meet the needs of the future Internet in terms of universal service, mobility, security, controllability and manageability. . The identification network architecture is a new network architecture different from the Open Systems Interconnection (OSI) 7-layer network system and the Internet 4-layer network system. The identification network system organically integrates users, services and network resources into one, and realizes network integrated access and provides universal services for users. In the identification network, the identity and location of the user are separated. In the network structure diagram of the identification network shown in Figure 1, the host is the host, and the access identifier (Access Identifier, AID) is configured as the identity identifier for the user; The Access Service Router (ASR) is used to configure the router ID (RID) as the location identifier. All Host hosts are registered and authenticated by the ASR and access the network. The Host accesses the ASR and the behavior of leaving the ASR. The ASR needs to send the identity and location register (ILR) to the Identifer and Location Register (ILR). The ILR saves the mapping relationship between the AID and the RID configured by the Host for the user, <AID, RID>, and provides a response to the query mapping relationship.
Host与 Host之间通信, 通过对 ASR上的 RID进行封装并路由来实现, 将 Host与 Host之间的原始报文封装在有效载荷 Payload中, 报文到达目的 ASR后, 目的 ASR对报文进行解封装, 然后将原始报文转发到目的 Host。 如图 2所示, 在标识网中源 Hostl与目的 Host2之间转发报文的过程为: 首 先源 Hostl将报文发送至源 ASR1 ,在源 ASR1处用 RID对报文进行封装; 然 后源 ASR1将封装后的报文发送至目的 ASR2; 最后, 当报文到达目的 ASR2 后, 在目的 ASR2上对 >¾文进行解封装, 并转发到目的 Host2。 The communication between the Host and the Host is implemented by encapsulating and routing the RID on the ASR. The original packet between the Host and the Host is encapsulated in the payload Payload. After the packet reaches the destination ASR, the destination ASR performs the packet. Decapsulate and then forward the original message to the destination Host. As shown in Figure 2, the process of forwarding packets between the source Host1 and the destination Host2 is as follows: First, the source Hostl sends the packet to the source ASR1, and the source ASR1 uses the RID to encapsulate the packet. The post-source ASR1 sends the encapsulated packet to the destination ASR2. Finally, after the packet reaches the destination ASR2, the packet is decapsulated on the destination ASR2 and forwarded to the destination Host2.
目前, 在现有网络中, 用户接入网络一般包括如下步骤:  Currently, in an existing network, a user accessing a network generally includes the following steps:
1、 UE关联接入网络 ( Access Network, 简称 AN ) ;  1. UE associated access network (Access Network, referred to as AN);
2、 AN对 UE进行认证;  2. The AN authenticates the UE;
3、 为 UE分配地址。  3. Assign an address to the UE.
但是, 由于现有网络如 WLAN、 WiMAX, 固网等并未实现用户身份和 位置的分类, 所以, 有关接入网或接入方法不能实现对标识网络的支持。 因 此, 目前急需提出一种使标识网可以利用现有的接入网部署, 尽可能减少对 现网的改造, 并继续兼容目前的非标识网络用户 (或者, 称为普通用户) 的 方法及装置。  However, since existing networks such as WLAN, WiMAX, and fixed networks do not classify user identities and locations, the access network or access method cannot support the identification network. Therefore, there is an urgent need to propose a method and apparatus for enabling an identification network to be deployed using an existing access network, minimizing the transformation of the existing network, and continuing to be compatible with current non-identifying network users (or, referred to as ordinary users). .
发明内容 本发明实施方式提供一种用户接入方法、接入服务路由器 ASR以及用户 接入系统, 可以利用现有的接入网部署, 尽可能减少了对现网的改造, 并且 兼容非标识网用户。 SUMMARY OF THE INVENTION The embodiments of the present invention provide a user access method, an access service router ASR, and a user access system, which can be deployed by using an existing access network, and the transformation of the existing network is minimized, and the non-identification network is compatible. user.
为了解决上述技术问题, 本发明提供了一种用户接入方法, 包括: 接入服务路由器(ASR )接收用户终端在通过接入网络(AN )进行接入 认证后发送的请求获取身份信息的请求消息; 以及  In order to solve the above technical problem, the present invention provides a user access method, including: an access service router (ASR) receiving a request for acquiring identity information sent by a user terminal after performing access authentication through an access network (AN) Message; and
所述 ASR区分所述用户终端的用户类型,才艮据所述用户终端的用户类型 返回相应的身份信息。  The ASR distinguishes the user type of the user terminal, and returns corresponding identity information according to the user type of the user terminal.
所述用户类型包括: 普通用户和标识网用户。  The user types include: a normal user and an identification network user.
所述身份信息包括标识网用户终端的接入标识 (AID )或者普通用户终 端的 IP地址。  The identity information includes an access identifier (AID) of the user terminal of the identification network or an IP address of the normal user terminal.
所述 ASR区分所述用户终端的用户类型的步骤包括:  The step of distinguishing the user type of the user terminal by the ASR includes:
所述 ASR向认证授权计费(AAA )服务器查询所述用户终端的 AID, 若 查询到, 则认为所述用户终端为标识网用户, 若未查询到则认为所述用户终 端为普通用户。 The ASR queries the Authentication Authorization Accounting (AAA) server for the AID of the user terminal, and if the query is made, the user terminal is considered to be the identification network user, and if not, the user terminal is considered to be the end. The end is a normal user.
所述 ASR根据所述用户终端的用户类型返回相应的身份信息的步骤包 括:  The step of the ASR returning corresponding identity information according to the user type of the user terminal includes:
若所述用户终端为标识网用户, 则将所述用户终端的 AID返回给所述用 户终端;  If the user terminal is an identification network user, return the AID of the user terminal to the user terminal;
若所述用户终端为普通用户, 则为所述用户终端分配 IP地址, 并将所述 IP地址返回给所述用户终端。  If the user terminal is a normal user, the user terminal is assigned an IP address, and the IP address is returned to the user terminal.
所述 ASR为所述用户终端分配 IP地址的步骤包括:  The step of the ASR assigning an IP address to the user terminal includes:
所述 ASR作为动态主机设置协议(DHCP )服务器或者 DHCP中继, 为所述用户终端分配 IP地址。 本发明实施方式还提供一种接入服务路由器, 包括:  The ASR acts as a Dynamic Host Setup Protocol (DHCP) server or a DHCP relay, and assigns an IP address to the user terminal. An embodiment of the present invention further provides an access service router, including:
接收模块, 其设置为接收用户终端请求获取身份信息的请求消息; 判断模块, 其设置为判断所述用户终端的用户类型, 并将判断结果发送 至分配模块; 以及 分配模块, 其设置为根据所述判断结果向所述用户终端返回相应的身份 信息。  a receiving module, configured to receive a request message for requesting the user terminal to obtain the identity information; a determining module, configured to determine a user type of the user terminal, and send the determination result to the allocation module; and an allocating module configured to The judgment result returns corresponding identity information to the user terminal.
所述用户类型包括: 普通用户和标识网用户。  The user types include: a normal user and an identification network user.
所述身份信息包括标识网用户终端的接入标识 (AID )或者普通用户终 端的 IP地址。  The identity information includes an access identifier (AID) of the user terminal of the identification network or an IP address of the normal user terminal.
所述判断模块是设置为通过如下方式判断所述用户终端的用户类型: 向 认证授权计费 (AAA )服务器查询所述用户终端的 AID, 若查询到, 则判断 所述用户终端为标识网用户, 若未查询到则判断所述用户终端为普通用户。  The determining module is configured to determine the user type of the user terminal by: querying an authentication authorization charging (AAA) server for an AID of the user terminal, and if queried, determining that the user terminal is an identification network user If not found, the user terminal is determined to be a normal user.
所述分配模块是设置为通过如下方式才艮据所述判断结果向所述用户终端 返回相应的身份信息:  The allocation module is configured to return corresponding identity information to the user terminal according to the determination result by:
若所述判断结果是所述用户终端为标识网用户, 则将所述用户终端的 If the result of the determination is that the user terminal is an identification network user, then the user terminal is
AID返回给所述用户终端; The AID is returned to the user terminal;
若所述判断结果是所述用户终端为普通用户, 则为所述用户终端分配 IP 地址 , 并将所述 IP地址返回给所述用户终端。 If the result of the determination is that the user terminal is a normal user, the user terminal is assigned an IP address. Addressing, and returning the IP address to the user terminal.
所述分配模块是设置为作为动态主机设置协议 (DHCP ) 服务器或者 DHCP中继, 为所述用户终端分配 IP地址。  The allocation module is configured to be a dynamic host setup protocol (DHCP) server or a DHCP relay, and assign an IP address to the user terminal.
本发明实施方式还提供一种用户接入系统, 包括: 接入网络(AN ) 、 认 证授权计费 (AAA )服务器以及如以上所述的接入服务路由器, 其中, 所述 AN设置为: 接收用户终端的接入请求, 将所述接入请求转发至所 述 AAA服务器, 通过所述 AAA服务器完成接入认证。  An embodiment of the present invention further provides a user access system, including: an access network (AN), an authentication and authorization accounting (AAA) server, and an access service router, as described above, where the AN is set to: receive The access request of the user terminal forwards the access request to the AAA server, and completes the access authentication by using the AAA server.
与有关技术相比, 本发明提供的用户接入方法、接入服务路由器 ASR以 及用户接入系统可以利用现有的接入网部署, 尽可能减少了对现网的改造, 并且兼容非标识网用户, 能够区分标识网用户与现网普通用户, 为其分配相 应的身份信息。 附图概述 图 1是标识网网络结构示意图; 图 2是标识网中源 Hostl与目的 Host2之间转发报文的流程图; 图 3是实施例中用户接入方法流程图; 图 4是实施例中 ASR结构示意图; 图 5是实施例中用户接入系统结构示意图; Compared with related technologies, the user access method, the access service router ASR, and the user access system provided by the present invention can be deployed by using an existing access network, and the transformation of the existing network is minimized, and the non-identification network is compatible. The user can distinguish the identity network user from the existing network common user and assign corresponding identity information to it. 1 is a schematic diagram of a network structure of an identification network; FIG. 2 is a flowchart of forwarding a message between a source Host1 and a destination Host2 in the identification network; FIG. 3 is a flowchart of a user access method in the embodiment; FIG. 5 is a schematic structural diagram of a user access system in an embodiment; FIG.
图 6是一个应用示例中用户接入方法流程图。  6 is a flow chart of a user access method in an application example.
本发明的较佳实施方式 Preferred embodiment of the invention
下文中将结合附图对本发明的实施例进行详细说明。 需要说明的是, 在 不冲突的情况下, 本申请中的实施例及实施例中的特征可以相互任意组合。  Embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that, in the case of no conflict, the features in the embodiments and the embodiments in the present application may be arbitrarily combined with each other.
实施例: 如图 3所示, 本实施例提供了一种用户接入方法, 包括以下步骤: S101 : 用户终端进行接入网络(AN )认证; Embodiments As shown in FIG. 3, this embodiment provides a user access method, including the following steps: S101: the user terminal performs access network (AN) authentication;
在这一步骤中, 用户终端请求接入 AN, 通过 AAA服务器完成认证。 在 AAA服务器进行认证时, AAA服务器存储所述用户的认证信息以及用户标 识信息。 其中, 所述用户标识信息包括用户终端的接入标识(AID ) 。  In this step, the user terminal requests access to the AN and completes the authentication through the AAA server. When the AAA server performs authentication, the AAA server stores the authentication information of the user and the user identification information. The user identification information includes an access identifier (AID) of the user terminal.
S102: 接入服务路由器(ASR )接收到用户终端在通过接入网络(AN ) 进行接入认证后发送的请求获取身份信息的请求消息;  S102: The access service router (ASR) receives a request message that is sent by the user terminal to obtain identity information after performing access authentication by using an access network (AN);
其中, 用户请求的身份信息包括标识网用户的 AID或者普通用户的 IP 地址。  The identity information requested by the user includes an AID identifying the network user or an IP address of the ordinary user.
S103: 所述 ASR区分所述用户终端的用户类型, 并才艮据所述用户终端的 用户类型返回相应的身份信息。  S103: The ASR distinguishes the user type of the user terminal, and returns corresponding identity information according to the user type of the user terminal.
本实施例利用现有的接入网部署, 尽可能减少对现网的改造, 并且能够 兼容非标识网用户, 因此, 用户类型包括: 普通用户 (即, 非标识网用户) 和标识网用户。  In this embodiment, the existing access network is deployed to minimize the modification to the existing network, and the non-identifying network users are compatible. Therefore, the user types include: ordinary users (ie, non-identifying network users) and identification network users.
其中, 在区分用户终端的用户类型时, ASR向所述 AAA服务器查询所 述用户终端的 AID, 若查询到, 则认为所述用户为标识网用户, 否则为普通 用户。  The ASR queries the AAA server for the AID of the user terminal. If the query is made, the user is considered to be the identity network user, otherwise it is an ordinary user.
作为一种优选的方式, ASR可以向所述 AAA服务器发送查询请求消息 以获取所述用户终端的 AID, 所述 AAA服务器收到所述查询请求消息后,将 本地存储的用户标识信息通过查询响应消息返回给所述 ASR。  As a preferred manner, the ASR may send a query request message to the AAA server to obtain the AID of the user terminal, and after receiving the query request message, the AAA server responds the locally stored user identification information by query. The message is returned to the ASR.
其中, ASR根据所述用户终端的用户类型返回相应的身份信息, 包括: 若所述用户为标识网用户,则所述 ASR将所述用户终端的 AID返回给所 述用户终端;  The ASR returns the corresponding identity information according to the user type of the user terminal, including: if the user is an identity network user, the ASR returns the AID of the user terminal to the user terminal;
若所述用户为普通用户, 则所述 ASR为所述用户终端分配 IP地址, 并 将所述 IP地址返回给所述用户终端。  If the user is a normal user, the ASR allocates an IP address to the user terminal, and returns the IP address to the user terminal.
在本实施例中, 普通用户终端的 IP地址分配工作由 ASR来完成, ASR 可以具备 DHCP功能,使用 DHCP协议为用户终端分配 IP地址,但不一定和 DHCP服务器是同一物理实体, 如 ASR可以是 DHCP中继。 当然, 并不排除 ASR使用标识网自定义的协议为用户终端分配 IP地址。 如图 4所示, 本实施例提供了一种为用户分配身份信息的接入服务路由 器(ASR ) , 包括: In this embodiment, the IP address allocation operation of the common user terminal is performed by the ASR. The ASR may have a DHCP function, and the DHCP protocol is used to assign an IP address to the user terminal, but not necessarily the same physical entity as the DHCP server. For example, the ASR may be DHCP relay. Of course, it is not excluded that the ASR uses the protocol customized by the identification network to assign an IP address to the user terminal. As shown in FIG. 4, this embodiment provides an access service router (ASR) for allocating identity information to a user, including:
接收模块, 其设置为接收用户终端请求身份信息的请求消息;  a receiving module, configured to receive a request message that the user terminal requests identity information;
其中, 所述身份信息包括标识网用户终端的接入标识 (AID )或者普通 用户终端的 IP地址。  The identity information includes an access identifier (AID) of the user terminal of the identification network or an IP address of the ordinary user terminal.
判断模块, 其设置为判断所述用户终端的用户类型, 并将判断结果发送 至分配模块; 其中, 所述用户终端的用户类型包括: 普通用户和标识网用户。  a judging module, configured to determine a user type of the user terminal, and send the judgment result to the distribution module; wherein the user type of the user terminal includes: a common user and an identification network user.
所述判断模块是通过以下方式判断用户终端的用户类型:向 AAA服务器 查询所述用户终端的接入标识 (AID ) , 若查询到, 则判断所述用户为标识 网用户, 否则为普通用户。  The determining module determines the user type of the user terminal by querying the AAA server for the access identifier (AID) of the user terminal. If the query is made, the user is determined to be the identification network user, otherwise the user is the ordinary user.
作为一种优选的方式,所述判断模块是设置为向 AAA服务器发送查询请 求消息以获取所述用户终端的 AID ,所述接收模块还设置为接收所述 AAA服 务器返回的查询响应消息, 以及所述查询响应消息中携带的用户的 AID。  As a preferred mode, the determining module is configured to send a query request message to the AAA server to obtain an AID of the user terminal, and the receiving module is further configured to receive the query response message returned by the AAA server, and The AID of the user carried in the query response message.
分配模块, 其设置为根据所述判断结果向不同类型的用户终端返回相应 的身份信息。  And an allocation module, configured to return corresponding identity information to different types of user terminals according to the determination result.
其中, 若所述判断结果是所述用户为标识网用户, 则分配模块将所述用 户终端的 AID返回给所述用户终端;  If the result of the determination is that the user is an identification network user, the allocation module returns the AID of the user terminal to the user terminal;
若所述判断结果是所述用户为普通用户, 则分配模块为所述用户终端分 配 IP地址, 并将所述 IP地址返回给所述用户终端。  If the result of the determination is that the user is a normal user, the allocation module assigns an IP address to the user terminal, and returns the IP address to the user terminal.
在本实施例中, 普通用户终端的 IP地址分配工作由 ASR的分配模块来 完成, 所述分配模块可以具备 DHCP功能, 使用 DHCP协议为用户终端分配 IP地址, 但不一定和 DHCP服务器是同一物理实体, 也可以是 DHCP中继。 当然, 并不排除使用标识网自定义的协议为用户终端分配 IP地址。  In this embodiment, the IP address allocation operation of the common user terminal is performed by the ASR allocation module, and the allocation module may have a DHCP function, and the DHCP protocol is used to assign an IP address to the user terminal, but not necessarily the same physical entity as the DHCP server. The entity can also be a DHCP relay. Of course, it is not excluded to assign an IP address to the user terminal by using a protocol customized by the identification network.
此外, 如图 5所示, 本发明还提供了一种用户接入系统, 应用于标识网 中, 包括: AN、 AAA服务器以及如上面所述的接入服务路由器 ASR。  In addition, as shown in FIG. 5, the present invention further provides a user access system, which is applied to an identification network, and includes: an AN, an AAA server, and an access service router ASR as described above.
其中, AN与 AAA服务器直接关联, 当 AN接收到用户终端 UE发送的 接入请求后, 将该接入请求转发至 AAA服务器, 通过所述 AAA服务器进行 接入认证, 认证成功后通过 AN将认证成功响应返回给 UE。 The AN is directly associated with the AAA server. After receiving the access request sent by the user terminal UE, the AN forwards the access request to the AAA server, and performs the AAA server. Access authentication. After the authentication succeeds, the authentication success response is returned to the UE through the AN.
在一个应用示例中, 如图 6所示, 用户接入的方法包括以下步骤:  In an application example, as shown in FIG. 6, the method for user access includes the following steps:
S201 : 用户终端 UE请求接入 AN;  S201: The user terminal UE requests to access the AN;
S202: AN连接至 AAA服务器, AAA服务器对 UE进行认证, 完成认证 后, 返回认证成功响应给 AN;  S202: The AN is connected to the AAA server, and the AAA server authenticates the UE, and after completing the authentication, returns a successful authentication response to the AN;
其中, AAA服务器在认证时, 将所述用户的认证信息以及用户标识信 息保存在本地存储器中; 其中, 所述用户标识信息包括用户的接入标识 ( AID ) 0 Wherein the AAA server during the authentication, the user authentication information and the user identification information stored in local memory; wherein the user information includes a user identifier of an access identifier (AID) 0
S203: AN返回认证成功响应给 UE;  S203: The AN returns an authentication success response to the UE.
S204: UE向 ASR请求 IP地址 /AID;  S204: The UE requests an IP address/AID from the ASR.
其中, 普通 UE只需 IP地址, IP地址即为普通用户的身份信息; 标识网 UE需要 AID, AID是标识网用户的身份信息。  The ordinary UE only needs an IP address, and the IP address is the identity information of the ordinary user; the identity network UE needs an AID, and the AID is the identity information of the identity network user.
S205: ASR收到 UE的请求后,向 AAA服务器查询 UE的接入标识 AID; S205: After receiving the request from the UE, the ASR queries the AAA server for the access identifier AID of the UE.
S206: AAA服务器查询本地是否存储有该 UE的 AID, 如果有, 则将该 AID发送给 ASR; S206: The AAA server queries whether the AID of the UE is stored locally, and if yes, sends the AID to the ASR.
S207: ASR若收到 AAA服务器返回的 UE的 AID, 则将所述 AID返回 给所述 UE, 否则为所述 UE分配 IP地址, 并将所述 IP地址返回给所述 UE。  S207: If the ASR receives the AID of the UE returned by the AAA server, the AID returns the AID to the UE, otherwise allocates an IP address to the UE, and returns the IP address to the UE.
在步骤 S207中, 如果 UE为标识网用户, ASR将从 AAA服务器获取的 AID信息发送给 UE; 如果 UE为普通用户, ASR作为 DHCP服务器, 或者 DHCP中继, 为 UE分配 IP地址。  In step S207, if the UE is an identity network user, the ASR sends the AID information acquired from the AAA server to the UE; if the UE is a normal user, the ASR acts as a DHCP server, or a DHCP relay, and allocates an IP address to the UE.
至此, ASR为用户分配身份信息完毕, 用户接入 AN完成。  At this point, the ASR assigns the identity information to the user, and the user accesses the AN.
从上述实施例可以看出, 相对于有关技术, 上述实施例中提供的用户接 入方法、接入服务路由器 ASR以及用户接入系统利用现有的接入网部署, 引 入标识网的 ASR, 尽可能减少了对现网的改造, 实现了对非标识网用户的兼 容, 能够区分标识网用户与现网普通用户, 分别为标识网用户分配 AID, 为 普通用户分配 IP地址。  As can be seen from the foregoing embodiments, the user access method, the access service router ASR, and the user access system provided in the foregoing embodiments are deployed by using an existing access network, and the ASR of the identification network is introduced. The modification of the existing network may be reduced, and the compatibility with the non-identifying network users may be implemented. The identification network user and the current network common user may be distinguished, and the identification network user is assigned an AID, and the ordinary user is assigned an IP address.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序 来指令相关硬件完成, 所述程序可以存储于计算机可读存储介质中, 如只读 存储器、 磁盘或光盘等。 可选地, 上述实施例的全部或部分步骤也可以使用 一个或多个集成电路来实现。 相应地, 上述实施例中的各模块 /单元可以釆用 硬件的形式实现, 也可以釆用软件功能模块的形式实现。 本发明不限制于任 何特定形式的硬件和软件的结合。 One of ordinary skill in the art will appreciate that all or part of the steps in the above methods may be passed through the program. The instructions are related to hardware completion, and the program can be stored in a computer readable storage medium such as a read only memory, a magnetic disk, or an optical disk. Alternatively, all or part of the steps of the above embodiments may also be implemented using one or more integrated circuits. Correspondingly, each module/unit in the foregoing embodiment may be implemented in the form of hardware, or may be implemented in the form of a software function module. The invention is not limited to any specific form of combination of hardware and software.
以上所述仅为本发明的优选实施例而已, 并非用于限定本发明的保护范 围。 根据本发明的发明内容, 还可有其他多种实施例, 在不背离本发明精神 改变和变形, 凡在本发明的精神和原则之内, 所作的任何修改、 等同替换、 改进等, 均应包含在本发明的保护范围之内。  The above description is only a preferred embodiment of the present invention and is not intended to limit the scope of protection of the present invention. In view of the present invention, various other modifications, equivalents, improvements, etc., should be made without departing from the spirit and scope of the invention. It is included in the scope of protection of the present invention.
工业实用性 Industrial applicability
与有关技术相比, 本发明实施方式提供的用户接入方法、 接入服务路由 器 ASR以及用户接入系统可以利用现有的接入网部署,尽可能减少了对现网 的改造, 并且兼容非标识网用户, 能够区分标识网用户与现网普通用户, 为 其分配相应的身份信息。  Compared with related technologies, the user access method, the access service router ASR, and the user access system provided by the embodiments of the present invention can be deployed by using an existing access network, thereby minimizing the transformation of the existing network, and is compatible with The identification network user can distinguish the identification network user from the existing network common user and assign corresponding identity information to it.

Claims

权 利 要 求 书 Claim
1、 一种用户接入方法, 包括:  1. A user access method, comprising:
接入服务路由器(ASR )接收用户终端在通过接入网络(AN )进行接入 认证后发送的请求获取身份信息的请求消息; 以及  An access service router (ASR) receives a request message for requesting identity information sent by a user terminal after performing access authentication through an access network (AN);
所述 ASR区分所述用户终端的用户类型,才艮据所述用户终端的用户类型 返回相应的身份信息。  The ASR distinguishes the user type of the user terminal, and returns corresponding identity information according to the user type of the user terminal.
2、 如权利要求 1所述的方法, 其中,  2. The method of claim 1 wherein
所述用户类型包括: 普通用户和标识网用户。  The user types include: a normal user and an identification network user.
3、 如权利要求 1所述的方法, 其中,  3. The method of claim 1, wherein
所述身份信息包括标识网用户终端的接入标识 (AID )或者普通用户终 端的 IP地址。  The identity information includes an access identifier (AID) of the user terminal of the identification network or an IP address of the normal user terminal.
4、 如权利要求 3所述的方法, 其中,  4. The method of claim 3, wherein
所述 ASR区分所述用户终端的用户类型的步骤包括:  The step of distinguishing the user type of the user terminal by the ASR includes:
所述 ASR向认证授权计费(AAA )服务器查询所述用户终端的 AID, 若 查询到, 则认为所述用户终端为标识网用户, 若未查询到则认为所述用户终 端为普通用户。  The ASR queries the Authentication Authorization Accounting (AAA) server for the AID of the user terminal. If the ASR is queried, the user terminal is considered to be an identification network user. If not, the user terminal is considered to be an ordinary user.
5、 如权利要求 4所述的方法, 其中,  5. The method of claim 4, wherein
所述 ASR根据所述用户终端的用户类型返回相应的身份信息的步骤包 括:  The step of the ASR returning corresponding identity information according to the user type of the user terminal includes:
若所述用户终端为标识网用户, 则将所述用户终端的 AID返回给所述用 户终端;  If the user terminal is an identification network user, return the AID of the user terminal to the user terminal;
若所述用户终端为普通用户, 则为所述用户终端分配 IP地址, 并将所述 IP地址返回给所述用户终端。  If the user terminal is a normal user, the user terminal is assigned an IP address, and the IP address is returned to the user terminal.
6、 如权利要求 5所述的方法, 其中,  6. The method of claim 5, wherein
所述 ASR为所述用户终端分配 IP地址的步骤包括:  The step of the ASR assigning an IP address to the user terminal includes:
所述 ASR作为动态主机设置协议(DHCP )服务器或者 DHCP中继, 为所述用户终端分配 IP地址。 The ASR acts as a Dynamic Host Setup Protocol (DHCP) server or a DHCP relay. Assigning an IP address to the user terminal.
7、 一种接入服务路由器, 包括:  7. An access service router, comprising:
接收模块, 其设置为接收用户终端请求获取身份信息的请求消息; 判断模块, 其设置为判断所述用户终端的用户类型, 并将判断结果发送 至分配模块; 以及  a receiving module, configured to receive a request message that the user terminal requests to obtain identity information; a determining module, configured to determine a user type of the user terminal, and send the determination result to the allocation module;
分配模块, 其设置为根据所述判断结果向所述用户终端返回相应的身份 信息。  And an allocation module, configured to return corresponding identity information to the user terminal according to the determination result.
8、 如权利要求 7所述的接入服务路由器, 其中,  8. The access service router of claim 7, wherein
所述用户类型包括: 普通用户和标识网用户。  The user types include: a normal user and an identification network user.
9、 如权利要求 7所述的接入服务路由器, 其中,  9. The access service router of claim 7, wherein
所述身份信息包括标识网用户终端的接入标识 (AID )或者普通用户终 端的 IP地址。  The identity information includes an access identifier (AID) of the user terminal of the identification network or an IP address of the normal user terminal.
10、 如权利要求 9所述的接入服务路由器, 其中,  10. The access service router of claim 9, wherein
所述判断模块是设置为通过如下方式判断所述用户终端的用户类型: 向 认证授权计费 (AAA )服务器查询所述用户终端的 AID, 若查询到, 则判断 所述用户终端为标识网用户, 若未查询到则判断所述用户终端为普通用户。  The determining module is configured to determine the user type of the user terminal by: querying an authentication authorization charging (AAA) server for an AID of the user terminal, and if queried, determining that the user terminal is an identification network user If not found, the user terminal is determined to be a normal user.
11、 如权利要求 10所述的接入服务路由器, 其中,  11. The access service router of claim 10, wherein
所述分配模块是设置为通过如下方式才艮据所述判断结果向所述用户终端 返回相应的身份信息:  The allocation module is configured to return corresponding identity information to the user terminal according to the determination result by:
若所述判断结果是所述用户终端为标识网用户, 则将所述用户终端的 If the result of the determination is that the user terminal is an identification network user, then the user terminal is
AID返回给所述用户终端; The AID is returned to the user terminal;
若所述判断结果是所述用户终端为普通用户, 则为所述用户终端分配 IP 地址, 并将所述 IP地址返回给所述用户终端。  If the result of the determination is that the user terminal is a normal user, the user terminal is assigned an IP address, and the IP address is returned to the user terminal.
12、 如权利要求 11所述的接入服务路由器, 其中,  12. The access service router of claim 11, wherein
所述分配模块是设置为作为动态主机设置协议 (DHCP ) 服务器或者 The allocation module is configured to act as a Dynamic Host Setup Protocol (DHCP) server or
DHCP中继, 为所述用户终端分配 IP地址。 A DHCP relay allocates an IP address to the user terminal.
13、 一种用户接入系统, 包括: 接入网络(AN )、 认证授权计费(AAA ) 服务器以及如权利要求 7至 12任一项权利要求所述的接入服务路由器,其中, 所述 AN设置为: 接收用户终端的接入请求, 将所述接入请求转发至所 述 AAA服务器, 通过所述 AAA服务器完成接入认证。 13. A user access system, comprising: an access network (AN), authentication and authorization charging (AAA) The server and the access service router according to any one of claims 7 to 12, wherein the AN is configured to: receive an access request of the user terminal, and forward the access request to the AAA server, Access authentication is completed by the AAA server.
PCT/CN2012/083709 2011-11-03 2012-10-29 User access method, access service router, and user access system WO2013064052A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110343036.6 2011-11-03
CN2011103430366A CN103095657A (en) 2011-11-03 2011-11-03 User access method and access serving router and user access system

Publications (1)

Publication Number Publication Date
WO2013064052A1 true WO2013064052A1 (en) 2013-05-10

Family

ID=48191322

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/083709 WO2013064052A1 (en) 2011-11-03 2012-10-29 User access method, access service router, and user access system

Country Status (2)

Country Link
CN (1) CN103095657A (en)
WO (1) WO2013064052A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101483860A (en) * 2009-01-23 2009-07-15 清华大学 Negotiation control method based on SIP security policy grade in IMS network
CN102025658A (en) * 2009-09-17 2011-04-20 中兴通讯股份有限公司 Method and system for realizing intercommunication between identity network and internet
CN102026164A (en) * 2009-09-17 2011-04-20 中兴通讯股份有限公司 Method and system for acquiring ID (Identity) of terminal user
US20110096782A1 (en) * 2009-10-23 2011-04-28 Electronics And Telecommunications Research Institute Method for converting network address

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102025608B (en) * 2009-09-17 2013-03-20 中兴通讯股份有限公司 Communication method, data message forwarding method in communication process as well as communication nodes
CN102025590B (en) * 2009-09-18 2012-07-18 中兴通讯股份有限公司 Method and system for realizing intercommunication between new net and internet
CN102045307B (en) * 2009-10-10 2014-08-13 中兴通讯股份有限公司 Method for managing network equipment and corresponding network system
CN102056236B (en) * 2009-11-01 2014-04-30 中兴通讯股份有限公司 Communication network implemented based on Wimax network structure and terminal access method
CN102130975A (en) * 2010-01-20 2011-07-20 中兴通讯股份有限公司 Method and system for accessing network on public equipment by using identifier
CN101938413B (en) * 2010-08-26 2012-02-22 北京交通大学 Method for transition from traditional internet to universal identifier network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101483860A (en) * 2009-01-23 2009-07-15 清华大学 Negotiation control method based on SIP security policy grade in IMS network
CN102025658A (en) * 2009-09-17 2011-04-20 中兴通讯股份有限公司 Method and system for realizing intercommunication between identity network and internet
CN102026164A (en) * 2009-09-17 2011-04-20 中兴通讯股份有限公司 Method and system for acquiring ID (Identity) of terminal user
US20110096782A1 (en) * 2009-10-23 2011-04-28 Electronics And Telecommunications Research Institute Method for converting network address

Also Published As

Publication number Publication date
CN103095657A (en) 2013-05-08

Similar Documents

Publication Publication Date Title
JP5497901B2 (en) Anonymous communication method, registration method, message sending / receiving method and system
US8665849B2 (en) Methods and systems for implementing inter-network roam, querying and attaching network
WO2010118604A1 (en) Method, system and device for implementing identity identifier and location separation
WO2009046666A1 (en) Addressing method of policy decision function entity, network element and network system
WO2015196755A1 (en) Address allocation method in subscriber identifier and locator separation network, and access service router
US8605736B2 (en) Method, system and apparatus for heterogeneous addressing mapping
WO2017107871A1 (en) Access control method and network device
WO2012130049A1 (en) Address processing method and device
WO2012089001A1 (en) Ip address allocation method and device
WO2012088882A1 (en) Method and system for data transmission, and access gateway
US8705471B2 (en) Method and system for implementing ID/locator mapping
EP2130389B1 (en) Ip address allocation in evolved wireless networks
WO2011147343A1 (en) Method, device and system for address assignment in internet protocol (ip) networks
WO2014201600A1 (en) Session management method, address management method and relevant device
US20240098583A1 (en) PDU session continuity for a UE moving between a telecommunications network and a gateway device
CN104253798A (en) Network security monitoring method and system
US20120300776A1 (en) Method for creating virtual link, communication network element, and ethernet network system
WO2013185696A2 (en) Data processing method and device
WO2011032478A1 (en) Method, device and terminal for obtaining terminal identifier
WO2007003105A1 (en) A method system and apparatus for relating the information associated with user in nass
WO2011120365A1 (en) Method and system for establishing connection between multi-homed terminals
WO2009076906A1 (en) Method, device and system for a terminal to realize the access to the retail service provider
WO2014135102A1 (en) Wlan user management method, device and system
WO2013064051A1 (en) User access method, access service router, and user access system
WO2014047923A1 (en) Method and device for accessing network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12845919

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12845919

Country of ref document: EP

Kind code of ref document: A1