WO2014026540A1 - Method and device for access control - Google Patents

Method and device for access control Download PDF

Info

Publication number
WO2014026540A1
WO2014026540A1 PCT/CN2013/080382 CN2013080382W WO2014026540A1 WO 2014026540 A1 WO2014026540 A1 WO 2014026540A1 CN 2013080382 W CN2013080382 W CN 2013080382W WO 2014026540 A1 WO2014026540 A1 WO 2014026540A1
Authority
WO
WIPO (PCT)
Prior art keywords
group
access
user equipment
core network
identifier
Prior art date
Application number
PCT/CN2013/080382
Other languages
French (fr)
Chinese (zh)
Inventor
全海洋
张惠英
张英
刘建华
Original Assignee
电信科学技术研究院
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 电信科学技术研究院 filed Critical 电信科学技术研究院
Publication of WO2014026540A1 publication Critical patent/WO2014026540A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/02Access restriction performed under specific conditions
    • H04W48/04Access restriction performed under specific conditions based on user or terminal location or mobility data, e.g. moving direction, speed

Definitions

  • the present invention relates to the field of wireless communication technologies, and in particular, to a method and device for performing access control. Background technique
  • Machine-type communication is a new communication concept. Its purpose is to combine many different types of communication technologies, such as: machine-to-machine communication, machine control communication, human-computer interaction communication, mobile Connected communications to promote social production and lifestyle development. It is expected that the human-to-human communication business may only account for 1/3 of the entire user equipment market, and a larger number of communications is the MTC communication service. Sometimes, MTC communication is also known as Machine-to-machine (M2M) communication or the Internet of Things.
  • M2M Machine-to-machine
  • the MTC application server can store information about the MTC device and the interaction of the application layer data.
  • the MTC application server performs maintenance, upgrade, or prohibits certain group user devices from communicating with the network according to a certain policy, after the user equipment managed by the MTC application server accesses, the connection is released because the server refuses.
  • the signaling load is too high and resources are wasted.
  • a method and a device for performing access control according to an embodiment of the present invention are provided to solve the problem that when the MTC application server existing in the prior art needs to prohibit certain group user equipments from communicating with the network, the signaling load is too high. The problem of wasting resources.
  • the MTC application server determines that the user equipment in the group needs to be disabled
  • the MTC application server sends the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment is located in the group to the core network control node, and is used to instruct the core network control node to notify the group corresponding to the group identifier.
  • Group User equipment in the middle is forbidden to access.
  • the core network control node determines, according to the received location information from the MTC application server, an access network node corresponding to the geographic location of each location information;
  • the core network control node sends the received group identifier corresponding to the group that is forbidden to access from the MTC application server to the access network node, and is used to instruct the access network node to notify the group identifier User equipment in the corresponding group is prohibited from accessing.
  • the access network node receives the group identity of the group that is prohibited from accessing the control node of the core network
  • the access network node sends the group identifier of the group that is forbidden to be sent to the user equipment that is located in the group corresponding to the group identifier, and is used to notify the user equipment to prohibit access.
  • the user equipment When the user equipment needs to perform access control, it is determined whether the group identifier of the group to which the access group is prohibited has the group identifier of the group to which the group belongs. From the network side to determine;
  • the user equipment cancels the access control after determining the group identifier of the group that needs to perform access control in the group identifier of the group that is prohibited from accessing; in determining the group identifier of the group that is prohibited from accessing After there is no group identification of the group that needs to perform access control, access control is performed.
  • a first determining module configured to determine that the user equipment in the group needs to be prohibited from accessing
  • a first processing module configured to send the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment is located in the group to the core network control node, to indicate that the core network control node notifies the group identifier User equipment in the group is forbidden to access.
  • a second determining module configured to determine, according to the received location information from the MTC application server, an access network node corresponding to a geographic location of each location information
  • a second processing module configured to send, to the access network node, a group identifier corresponding to the group that is forbidden to access from the MTC application server, to notify the access network node to notify the group The user equipment in the corresponding group is prohibited from accessing.
  • a user equipment for performing access control includes:
  • a judging module configured to determine, in the group ID of the group that is prohibited from accessing, a group identifier of the group to which the group is prohibited, wherein the group identifier of the group to which the access is prohibited is a user
  • the device is determined according to the received notification from the network side;
  • control module configured to: after determining a group identity of a group that needs to perform access control in a group identity of a group that is prohibited from accessing, canceling access control; determining a group identity of a group that is prohibited from accessing After there is no group identification of the group that needs to perform access control, access control is performed.
  • the embodiment of the present invention notifies the user equipment of the group identity of the group that needs to be forbidden to prevent the user equipment from performing access control, thereby reducing signaling when the MTC application server needs to prohibit certain group user equipment from communicating with the network.
  • the load is too high, saving resources.
  • FIG. 1 is a schematic flow chart of a method for performing access control by an auxiliary user equipment on an MTC application server side according to an embodiment of the present invention
  • FIG. 2 is a schematic flow chart of a method for controlling access control of a user equipment on a control node of a core network according to an embodiment of the present invention
  • FIG. 3 is a schematic flowchart of a method for performing access control on a user equipment of an access network node according to an embodiment of the present invention
  • FIG. 4 is a schematic flowchart of a method for performing access control on a user equipment according to an embodiment of the present invention
  • FIG. 5 is a schematic flowchart of a method for performing access control according to an embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of an MTC application server according to an embodiment of the present invention.
  • FIG. 7 is a schematic structural diagram of a control node of a core network according to an embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of an access network node according to an embodiment of the present invention.
  • FIG. 9 is a schematic structural diagram of a user equipment according to an embodiment of the present invention. detailed description
  • the group identifier of the group to be forbidden is notified to the user equipment, so that the user equipment does not perform access control, so that the signaling load is reduced when the MTC application server needs to prohibit certain group user equipments from communicating with the network. Too high, saving resources.
  • LTE Long Term Evolution
  • UMTS Universal Mobile Telecommunications System
  • FIG. 1 a method package for assisting user equipment to perform access control on an MTC application server side according to an embodiment of the present invention is provided. The following steps are included:
  • Step 101 The MTC application server determines that the user equipment in the group needs to be disabled.
  • Step 102 The MTC application server sends the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment is located in the group to the core network control node, to notify the core network control node to notify the corresponding group identifier. User equipment in the group is forbidden to access.
  • the MTC application server determines that the user equipment in the group needs to be disabled. For example, the MTC application server performs maintenance, the MTC application server performs the upgrade, and the MTC application server prohibits the user equipment in the group according to a certain policy. Into.
  • the method further includes:
  • the MTC application server After determining that the user equipment in the group is to be unblocked, the MTC application server sends the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment in the group is located to the core network control node. And the user equipment in the group corresponding to the group identifier is notified to notify the core network control node to cancel the access prohibition.
  • the group identifier may be a complete group of Group ID of each group, or may be a partial bit of the Group ID. If it is a partial bit of the Group ID, it can be used when all groups with the same bit are disabled. For example, the Group ID is 000112. If all the groups in which the first three digits of the Group ID are 0 are forbidden, the 000 can be used as the group identifier.
  • the signaling load carried in the system information will increase, in order to reduce the signaling load.
  • Optimized allocation methods can be considered when assigning group IDs.
  • the N bits in front of the identity of the group managed by an MTC server must be the same, and N is the number less than the length of the Group ID.
  • the Group ID is 16 bits.
  • Abcdefgh 0 is assumed to broadcast abcdefgh 8 digits or broadcast abcdefgh00000000 16 digits in the system information, indicating that all high 8 is Groups of abcdefgh are forbidden to access.
  • the abcdefgh used by different MTC servers is different. In order to deploy the package, abcdefgh can also be the identification number of the MTC server.
  • the access control information may carry group control information of multiple PLMNs.
  • the geographic location information may be a cell in which the group exists, a tracking area (TA), and a location area.
  • LA Location Area
  • RA Registered Area
  • the method for controlling the access control of the user equipment on the node side of the core network in the embodiment of the present invention includes the following steps:
  • Step 201 The core network control node determines, according to the received location information from the MTC application server, an access network node corresponding to the geographic location of each location information.
  • Step 202 The core network control node sends the received group identifier corresponding to the group that is forbidden to access from the MTC application server to the access network node, and is used to notify the access network node to notify the group corresponding to the group identifier.
  • User equipment Access is forbidden.
  • the method further includes:
  • the core network control node determines, according to the received location information from the MTC application server, an access network node corresponding to the geographic location of each location information;
  • the core network control node sends the received group identifier corresponding to the group that cancels the access from the MTC application server to the access network node, and is used to notify the access network node to notify the user in the group corresponding to the group identifier.
  • the device is forbidden to access.
  • the method for performing access control on an access user node of an access network node in the embodiment of the present invention includes the following steps:
  • Step 301 The access network node receives the group identifier of the group that is forbidden to access from the control node of the core network.
  • Step 302 The access network node sends the group identifier of the group that is prohibited from accessing to the group identifier.
  • the user equipment in the group is used to notify the user equipment that access is prohibited.
  • the access network node sends the group identity of the group that is forbidden to the user equipment in the group corresponding to the group identity.
  • Manner 1 The access network node directly sends the group identity of the group that is forbidden to the user equipment.
  • the access network node may send the group identity of the group that is forbidden to the user equipment by broadcast or multicast.
  • the access network node may send the group identity of the group that is forbidden to the user equipment by using the group scheduling mode.
  • the access network node may use the group wireless network temporary identifier (Group) before sending the group scheduling.
  • Group group wireless network temporary identifier
  • the radio network Temporary Identity performs scheduling, so that the user equipment in the group obtains the group identity of the group that is prohibited from accessing the scheduled resources by monitoring the G-RNTI.
  • the access network node may place the group identity of the group that is prohibited from accessing into a System Information Block (SIB).
  • SIB can be sent through the existing SIB (see the 25.331 or 36.331 protocol, the same below) or via the new SIB. If it is a new SIB, a preferred method is that the scheduling period of the SIB is the same as the scheduling period of the SIB where the existing access control is located.
  • the core network control node receives the group device of the group that cancels the access from the core network control node, and is used to notify the user equipment to cancel the access prohibition.
  • the access network node may send the group identity of the group that is forbidden to be accessed to the user equipment by means of broadcast or multicast.
  • the access network node may send the group identity of the group that is forbidden to the user equipment by using the group scheduling mode. Specifically, before the group identifier is sent, the access network node may perform scheduling by using the G-RNTI, so that the user equipment in the group obtains the group that cancels the access prohibition on the scheduled resource by monitoring the G-RNTI. Group ID.
  • the access network node may place the group identity of the group that is forbidden from accessing in the SIB.
  • the SIB can be sent via the original SIB or via the new SIB. If it is a new SIB, a preferred method is that the scheduling period of the SIB is the same as the scheduling period of the SIB where the existing access control is located.
  • Manner 2 The access network node sends the group identity of the group that is prohibited from accessing to the user equipment in the group access control information.
  • the access network node may send the group access control information including the group identifier to the user equipment in a broadcast or multicast manner.
  • the access network node may send the group access control information to the user equipment in a group scheduling manner.
  • the access network node may perform scheduling by using the G-RNTI, so that the user equipment in the group obtains the group access control information on the scheduled resource by monitoring the G-RNTI.
  • the access network node may place the group access control information in the SIB.
  • the SIB can be sent via the original SIB or via the new SIB. If it is a new SIB, a preferred method is that the scheduling period of the SIB is the same as the scheduling period of the SIB where the existing access control is located.
  • the core network control node After receiving the group identity of the group that is forbidden to access from the core network control node, the core network control node sends the group identity of the group identity of the group that does not include the forbidden access to the user equipment.
  • the control information is used to notify the user equipment to cancel the access prohibition.
  • the access network node may send the group access control information of the group identifier of the group that does not include the forbidden access to the user equipment in a broadcast or multicast manner.
  • the access network node may use the group scheduling mode to include the group that does not include the forbidden access.
  • the group access control information of the group identifier of the group is sent to the user equipment.
  • the access network node may use the G-RNTI to perform scheduling, so that the user equipment in the group obtains the group access control information on the scheduled resources by monitoring the G-RNTI, and Whether the corresponding group is prohibited from accessing according to whether the group access control information includes the group identifier.
  • the access network node may place group access control information that does not include the group identity of the group that is forbidden to access from being placed in the SIB.
  • the SIB can be sent via the original SIB or via the new SIB. If it is a new SIB, a preferred method is that the scheduling period of the SIB is the same as the scheduling period of the SIB where the existing access control is located.
  • the public land mobile network in the first mode and the second mode, the public land mobile network (PLMN) can be shared.
  • PLMN public land mobile network
  • a broadcast or multicast PLMN can be broadcast and groups under it are forbidden to access. Case.
  • the method for performing access control by a user equipment includes the following steps:
  • Step 401 When the user equipment needs to perform access control, determine whether the group identifier of the group to which the access group is prohibited has the group identifier of the group to which the group belongs, and the group identifier of the group that is prohibited from accessing is the user.
  • the device is determined according to the received notification from the network side;
  • Step 402 After determining, by the user equipment, the group identifier of the group that needs to perform access control in the group identifier of the group that is prohibited from accessing, cancel the access control; and determine the group identifier of the group that is prohibited from accessing. After there is no group identification of the group that needs to perform access control, access control is performed.
  • Manner 1 The user equipment directly receives the group identity of the group that is forbidden to access or cancels the group identity of the group that is forbidden to access.
  • the user equipment After receiving the group identity of the group that is forbidden to access from the control node of the core network or receiving the group identity of the group that cancels the access from the core network control node, the user equipment updates the forbidden access.
  • the group ID of the group After receiving the group identity of the group that is forbidden to access from the control node of the core network or receiving the group identity of the group that cancels the access from the core network control node, the user equipment updates the forbidden access.
  • the group ID of the group After receiving the group identity of the group that is forbidden to access from the control node of the core network or receiving the group identity of the group that cancels the access from the core network control node, the user equipment updates the forbidden access.
  • the group ID of the group After receiving the group identity of the group that is forbidden to access from the control node of the core network or receiving the group identity of the group that cancels the access from the core network control node, the user equipment updates the forbidden access.
  • the group ID of the group After receiving the group identity of the group that is forbidden to access from the
  • the user equipment may receive the group identity from the core network control node by broadcast or multicast. If the group identity is received in the multicast mode, the user equipment can receive the group identity by using the group scheduling mode. Specifically, the user equipment searches for the G-RNTI, and if it is determined on the control channel that the G-RNTI used for the group scheduling is searched, the group identifier that is prohibited from being accessed is received on the resource scheduled by the control channel.
  • the user equipment can receive the group identity through the SIB.
  • the SIB can be sent via the original SIB or via the new SIB. If it is a new SIB, a preferred method is that the scheduling period of the SIB is the same as the scheduling period of the SIB where the existing access control is located.
  • an implementation manner is as follows:
  • the access layer of the user equipment receives the group identifier, and when the access control needs to be performed, it is determined whether the group identifier of the group that is prohibited from accessing has a group of the group to which the group belongs.
  • the group identifier after determining the group identifier of the group that needs to perform access control in the group identifier of the group that is prohibited from accessing, notifying the non-access stratum that the group is prohibited from being accessed by the network;
  • Another implementation manner is: a group of the group that the access layer of the user equipment receives from the network side that is forbidden to access The group identifier is notified to the non-access stratum, and when the non-access stratum needs to perform access control, it is determined whether the group identifier of the group to which the access group is prohibited has the group identifier of the group to which the group belongs.
  • Manner 2 The user equipment directly receives the group identity of the group that is forbidden to access or cancels the group identity of the group that is prohibited from accessing.
  • Manner 2 The user equipment receives group access control information including a group identifier of a group that is prohibited from accessing.
  • the user equipment After receiving, by the user equipment, the group access control information of the group identifier of the group that prohibits access from the core network control node, the user equipment receives the group access control information from the core network control node.
  • the group identity is the group identity of the group that is prohibited from accessing.
  • the user equipment may receive group access control information from the core network control node by means of broadcast or multicast.
  • the user equipment may receive the group access control information by using the group scheduling mode.
  • the user equipment searches for the G-RNTI, if it is determined that the searched G-RNTI is the corresponding group of the group.
  • the G-RNTI receives the group access control information through the group.
  • the user equipment searches for the G-RNTI, and if it is determined on the control channel that the G-RNTI used for the group scheduling is searched, the group access control information is received on the resource scheduled by the control channel.
  • the user equipment may receive group access control information through the SIB.
  • the SIB can be sent via the original SIB or via the new SIB.
  • a preferred method is that the scheduling period of the SIB is the same as the scheduling period of the SIB in which the existing access control is located.
  • an implementation manner is as follows:
  • the access layer of the user equipment receives the group access control information, and when the access control needs to be performed, it is determined whether the group identifier of the group that is prohibited from accessing belongs to the group to which the group belongs.
  • the group identifier of the group after determining the group identifier of the group that needs to perform access control in the group identifier of the group that is prohibited from accessing, notifying the non-access stratum that the group is prohibited from being accessed by the network;
  • the access layer of the user equipment receives the group access control information, and notifies the non-access stratum of the group access control information of the group that is prohibited from accessing the network side.
  • the access layer needs to perform access control, it determines whether the group identifier of the group to which the access group is prohibited has the group identifier of the group to which the group belongs.
  • the user equipment performs an access decision according to the information that the group under the home PLMN (Home PLMN, HPLMN) prohibits access.
  • the decision to group access is also based on the HPLMN.
  • the method for notifying a user equipment to prohibit or cancel a forbidden group includes the following steps: Step 501: The MTC application server determines that the user equipment in the group needs to be prohibited from being accessed. The group identifier and the location information of the location where each user equipment is located in the group are sent to the core network control node; Step 502: The core network control node determines each location information according to the received location information from the MTC application server. The access network node corresponding to the geographical location;
  • Step 503 The core network control node sends the received group identifier corresponding to the group that is forbidden to access from the MTC application server to the access network node.
  • Step 504 The access network node sets the group identity of the group that is forbidden to access to the group access control information, and sends the group identity information to the user equipment that is located in the group corresponding to the group identity.
  • Step 505 The user equipment determines, according to the received group access control information, a group that needs to be disabled.
  • Step 506 The MTC application server determines that the user equipment in the group that needs to be forbidden is accessed, and the group that needs to be forbidden is to be cancelled.
  • the group identifier of the group and the location information of the location where each user equipment is located in the group are sent to the core network control node;
  • Step 507 The core network control node determines, according to the received location information from the MTC application server, an access network node corresponding to the geographic location of each location information.
  • Step 508 The core network control node sends the received group identifier corresponding to the group that is forbidden to access from the MTC application server to the access network node.
  • Step 509 The access network node sends, to the user equipment, group access control information that does not include a group identifier of the group that cancels the prohibition of access;
  • Step 510 The user equipment determines, according to the received group access control information, a group that needs to be disabled. If the user equipment needs to perform access control, determine whether there is a group identifier of the group that is prohibited from accessing. The group ID of the group to which the group belongs, if yes, the access control is cancelled; otherwise, the access control is performed, for example, according to the access class barring mechanism (ACB, also called access control mechanism), enhancement The access prevention mechanism (Enhanced Access Barring, EAB, also known as enhanced access control mechanism) and/or roaming access control information is used for access.
  • ACB access class barring mechanism
  • EAB Enhanced Access Barring
  • roaming access control information is used for access.
  • the user equipment determines whether there is a necessary connection between the group identifier of the group to which the group is prohibited from being associated with the group identifier of the group to which the group belongs to, and the user equipment needs to perform access control. The judgment may be made according to the group identifier of the group that is prohibited from accessing after the latest update.
  • IWC wants to upgrade the server that manages the water meter in Chaoyang District (that is, the third-party MTC application server) between 12 midnight and 6 am the next day.
  • the MTC server sends the identification information of the group it manages and the geographical location information (for example, the TA list (list) covering the Chaoyang District) to the control node of the core network at around midnight.
  • the core network node determines which base stations need to be sent according to the TA list, and then sends the group identity information to the corresponding RAN control node under these TAs (eB) or Radio Network Controller (RNC). ).
  • the control node delivers the group ID of the group to be forbidden through a new system information block, or to an existing SIB, such as SIB2 (LTE) or SIB3 (UMTS).
  • SIB2 LTE
  • SIB3 UMTS
  • both group IDs are broadcasted in the system information.
  • the user equipment belonging to the two groups of Group id 1 and Group Id 2 receives the broadcast information and saves the related information.
  • the user equipment needs to communicate with the network, check the content of the system information, and confirm that the group to which it belongs belongs to the group that is prohibited from accessing, notify the NAS that the access fails, and indicate that the network denial group user equipment access.
  • the MTC server ends the upgrade, and sends the information to cancel the access control to the core network control node.
  • the core network finds the RAN control node corresponding to its corresponding TA according to the Group id to be canceled, and sends the canceled information to the corresponding RAN control node.
  • the RAN control node updates the system information based on the information.
  • the user equipment updates the system information and saves the system information.
  • the user equipment needs to access the network, it is determined whether the group to which it belongs can be accessed. If it is determined that the user equipment of the group is allowed to access, the behavior in the regular access process such as ACB check is performed.
  • the user equipment may also inform the non-access stratum related information when the received system information includes the group identifier to which the system information belongs, and indicate that the group to which the group belongs is prohibited from accessing. After the system information is updated, the group identifier that is prohibited by the user equipment before being judged is not in the broadcast information, the non-access stratum is notified, and the related group access prohibition command is cancelled.
  • the user equipment wants to access its non-access stratum determines whether to initiate an access request message to the access layer according to whether the group is prohibited from accessing. If it is forbidden, it will not be sent. Otherwise, the command of the access request can be sent to the access layer.
  • the RAN control node may use the G-RNTI to schedule all group user equipments to notify the current control information for prohibiting access.
  • the G-RNTI is reserved in advance, that is, an identifier that is known in advance by the network side and the user equipment, and is similar to a paging RNTI (Paging RNTI, P-RNTI, also referred to as a paging radio network temporary identifier).
  • Paging RNTI P-RNTI
  • P-RNTI also referred to as a paging radio network temporary identifier
  • the public access control information on the shared channel is received by listening to the G-RNTI on the shared control channel. This information content is similar to the information in the system information in Embodiment 1 and Embodiment 3. It can carry group information, or part of the group identification.
  • an embodiment of the present invention further provides an MTC application server.
  • the method for solving the problem is similar to the method for accessing the user equipment on the MTC application server side of the embodiment of the present invention.
  • the implementation of the device refer to the implementation of the method, and the repeated description will not be repeated.
  • the MTC application server of the embodiment of the present invention includes: a first determining module 600 and a first processing module 610.
  • the first determining module 600 is configured to determine that the user equipment in the group needs to be prohibited from accessing
  • the first processing module 610 is configured to send the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment in the group is located to the core network control node, to notify the core network control node to notify the group identifier Corresponding group User equipment in the group is forbidden to access.
  • the first determining module 600 and the first processing module 610 may be devices such as a processor.
  • the first determining module 600 determines that the user equipment access in the forbidden group needs to be cancelled
  • the first processing module 610 sends the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment in the group is located to the core network control node, to notify the core network control node to notify the group.
  • the user equipment in the corresponding group is identified to cancel the access.
  • the core network control node is also provided in the embodiment of the present invention.
  • the principle of the device solving the problem is similar to the method for the access control of the user equipment on the control node side of the core network in the embodiment of the present invention. Therefore, the implementation of the device can be referred to the implementation of the method, and the repeated description will not be repeated.
  • the core network control node of the embodiment of the present invention includes: a second determining module 700 and a second processing module 710.
  • a second determining module 700 configured to determine, according to the received location information from the MTC application server, an access network node corresponding to a geographic location of each location information;
  • the second processing module 710 is configured to send, to the access network node, the group identifier corresponding to the group that is forbidden to access from the MTC application server, to notify the access network node to notify the group corresponding to the group identifier User equipment in the middle is forbidden to access.
  • the second determining module 700 and the second processing module 710 may be devices such as a processor.
  • the second determining module 700 determines, according to the received location information from the MTC application server, an access network node corresponding to the geographic location of each location information;
  • the second processing module 710 sends the received group identifier corresponding to the group that cancels the access from the MTC application server to the access network node, and is used to notify the access network node to notify the group corresponding to the group identifier.
  • User equipment in the group is forbidden to access.
  • an access network node is also provided in the embodiment of the present invention.
  • the method for solving the problem is similar to the method for accessing the user equipment on the access network node side of the embodiment of the present invention. Therefore, the implementation of the device can be referred to the implementation of the method, and the repeated description will not be repeated.
  • the access network node in the embodiment of the present invention includes: a first receiving module 800 and a third processing module 810.
  • the first receiving module 800 is configured to receive a group identifier of a group that is prohibited from accessing the core network control node
  • the third processing module 810 is configured to send the group identifier of the group that is prohibited from accessing to the group group.
  • the user equipment in the corresponding group is used to notify the user equipment that access is prohibited.
  • the first receiving module 800 may be a transmission device having a transceiving function; the third processing module
  • the 810 can be a device such as a processor.
  • the first receiving module 800 receives the group identifier of the group from the core network control node that cancels the access prohibition;
  • the third processing module 810 sends the group identifier of the group that is forbidden to be accessed to the user equipment that is located in the group corresponding to the group identifier, and is used to notify the user equipment to cancel the access prohibition.
  • the third processing module 810 sends the group identifier to the user equipment by means of broadcast or group scheduling.
  • the third processing module 810 sends the group identifier to the user equipment in the group access control information.
  • the first receiving module 800 receives the group identity of the group from the core network control node that cancels the access prohibition;
  • the third processing module 810 sends the group access control information that does not include the group identifier of the group for which the access is prohibited to be sent to the user equipment located in the group corresponding to the group identifier.
  • the third processing module 810 sends the group access control information to the user equipment by means of broadcast or group scheduling.
  • the third processing module 810 sends the packet in the group scheduling manner
  • the user equipment is scheduled by using the G-RNTI.
  • the user equipment is provided in the embodiment of the present invention.
  • the method for solving the problem is similar to the method for the user equipment to perform access control according to the embodiment of the present invention. Therefore, the implementation of the device can refer to the method. The implementation, the repetition will not be repeated.
  • the user equipment in the embodiment of the present invention includes: a determining module 900 and a control module 910.
  • the determining module 900 is configured to determine, when the access control needs to be performed, whether the group identifier of the group to which the access is prohibited has a group identifier of the group to which the group belongs, wherein the group identifier of the group that is prohibited from accessing is The user equipment is determined according to the received notification from the network side;
  • the control module 910 is configured to cancel the access control after determining the group identity of the group that needs to perform access control in the group identity of the group that is prohibited from accessing; After the group ID of the group that does not need access control is identified in the identifier, access control is performed.
  • the determining module 900 and the control module 910 may be devices such as a processor.
  • the user equipment of the embodiment of the present invention may further include:
  • the second receiving module 920 is configured to: after receiving the group identifier of the group that is prohibited from accessing the core network control node or receiving the group identifier of the group that is forbidden to access from the core network control node, the update is prohibited.
  • the second receiving module 920 can be a transmission device with a transceiving function.
  • the judging module 900 receives the group identifier included in the group access control information from the core network control node as the group identifier of the group that is prohibited from accessing.
  • the determining module 900 receives the notification from the core network control node by means of broadcast or group scheduling.
  • the judging module 900 and the second receiving module 920 are at the access layer, the control module 910 is at the non-access stratum, or the second receiving module 920 is at the access layer, and the judging module 900 and the control module 910 are at the non-access stratum. .
  • the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware.
  • the present invention is in the form of a computer program product embodied on one or more computer-usable storage interfaces (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer usable program code.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.

Abstract

The embodiments of the present invention relate to the technical field of wireless communications, and in particular, to a method and device for access control, which are used to solve the problem existing in the prior art that when an MTC application server needs to prohibit the communications between user equipments in some groups and networks, an excessive signalling load and a waste of resources will be caused. The method for access control provided in the embodiments of the present invention includes: an MTC application server sending to a core network control node a group identifier of a group which needs to be prohibited and location information about the location where each user equipment in the group is located, which is used to inform the core network control node of informing the user equipments in the group corresponding to the group identifier that the access is prohibited. Since the embodiments of the present invention enable a user equipment not to perform access control by informing the user equipment of a group identifier of a group which needs to be prohibited, when an MTC application server needs to prohibit communications between user equipments in some groups and networks, the excessive signalling load is reduced and resources are saved.

Description

一种进行接入控制的方法和设备 本申请要求在 2012年 8月 15日提交中国专利局、 申请号为 201210291395.6、发明名称 为"一种进行接入控制的方法和设备 "的中国专利申请的优先权, 其全部内容通过引用结合 在本申请中。  Method and apparatus for performing access control The present application claims to be filed on August 15, 2012 by the Chinese Patent Office, Application No. 201210291395.6, entitled "A Method and Apparatus for Access Control" Priority is hereby incorporated by reference in its entirety.
技术领域 Technical field
本发明涉及无线通信技术领域, 特别涉及一种进行接入控制的方法和设备。 背景技术  The present invention relates to the field of wireless communication technologies, and in particular, to a method and device for performing access control. Background technique
机器类型通信(Machine-type communication, MTC )作为一种新型的通信理念, 其目 的是将多种不同类型的通信技术有机结合, 如: 机器对机器通信、 机器控制通信、 人机交 互通信、 移动互联通信, 从而推动社会生产和生活方式的发展。 预计未来人对人通信的业 务可能仅占整个用户设备市场的 1/3 , 而更大数量的通信是 MTC通信业务。 有时, MTC 通信又称为机器间 ( Machine-to-machine, M2M )通信或物联网。  Machine-type communication (MTC) is a new communication concept. Its purpose is to combine many different types of communication technologies, such as: machine-to-machine communication, machine control communication, human-computer interaction communication, mobile Connected communications to promote social production and lifestyle development. It is expected that the human-to-human communication business may only account for 1/3 of the entire user equipment market, and a larger number of communications is the MTC communication service. Sometimes, MTC communication is also known as Machine-to-machine (M2M) communication or the Internet of Things.
当前的移动通信网络是针对人与人之间的通信设计的, 如: 网络容量的确定等。 如果 希望利用移动通信网络来支持 MTC通信就需要根据 MTC通信的特点对移动通信系统的机 制进行优化, 以便能够在对传统的人与人通信不受或受较小影响的情况下, 更好地实现 MTC通信。  Current mobile communication networks are designed for communication between people, such as: determination of network capacity. If it is desired to utilize the mobile communication network to support MTC communication, it is necessary to optimize the mechanism of the mobile communication system according to the characteristics of the MTC communication, so that it can be better in the case where the traditional human-to-human communication is not affected or less affected. Implement MTC communication.
MTC应用服务器可以保存 MTC设备的信息, 以及应用层数据的交互。 当 MTC应用 服务器进行维护、 升级或者根据某种策略禁止某些群组用户设备与网络通信时, 该 MTC 应用服务器所管理的用户设备进行接入后, 就会因为服务器拒绝而被释放连接。 这样, 对 于大量 MTC设备存在并要与网络进行通信的情况下, 就会造成信令负荷过高, 资源浪费。  The MTC application server can store information about the MTC device and the interaction of the application layer data. When the MTC application server performs maintenance, upgrade, or prohibits certain group user devices from communicating with the network according to a certain policy, after the user equipment managed by the MTC application server accesses, the connection is released because the server refuses. Thus, in the case where a large number of MTC devices exist and communicate with the network, the signaling load is too high and resources are wasted.
综上所述, 目前 MTC应用服务器进行维护、 升级或者根据某种策略禁止某些群组用 户设备与网络通信时, 会造成信令负荷过高以及资源浪费。 发明内容  In summary, when the MTC application server performs maintenance, upgrade, or prohibits certain group user devices from communicating with the network according to certain policies, the signaling load is too high and resources are wasted. Summary of the invention
本发明实施例提供的一种进行接入控制的方法和设备, 用以解决现有技术中存在的 MTC应用服务器需要禁止某些群组用户设备与网络通信时,会造成信令负荷过高以及资源 浪费的问题。  A method and a device for performing access control according to an embodiment of the present invention are provided to solve the problem that when the MTC application server existing in the prior art needs to prohibit certain group user equipments from communicating with the network, the signaling load is too high. The problem of wasting resources.
本发明实施例提供的一种进行接入控制的方法, 包括:  A method for performing access control according to an embodiment of the present invention includes:
MTC应用服务器确定需要禁止群组中的用户设备接入;  The MTC application server determines that the user equipment in the group needs to be disabled;
所述 MTC应用服务器将需要禁止的群组的群组标识和群组中每个用户设备所在的位 置的位置信息发送给核心网控制节点, 用于指示核心网控制节点通知群组标识对应的群组 中的用户设备禁止接入。 The MTC application server sends the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment is located in the group to the core network control node, and is used to instruct the core network control node to notify the group corresponding to the group identifier. Group User equipment in the middle is forbidden to access.
本发明实施例提供的另一种进行接入控制的方法, 包括:  Another method for performing access control according to an embodiment of the present invention includes:
核心网控制节点根据接收到的来自 MTC应用服务器的位置信息, 确定每个位置信息 的地理位置对应的接入网节点;  The core network control node determines, according to the received location information from the MTC application server, an access network node corresponding to the geographic location of each location information;
所述核心网控制节点将接收到的来自 MTC应用服务器的禁止接入的群组对应的群组 标识发送给所述接入网节点, 用于指示所述接入网节点通知所述群组标识对应的群组中的 用户设备禁止接入。  The core network control node sends the received group identifier corresponding to the group that is forbidden to access from the MTC application server to the access network node, and is used to instruct the access network node to notify the group identifier User equipment in the corresponding group is prohibited from accessing.
本发明实施例提供的又一种进行接入控制的方法, 包括:  Another method for performing access control provided by the embodiment of the present invention includes:
接入网节点接收来自核心网控制节点的禁止接入的群组的群组标识;  The access network node receives the group identity of the group that is prohibited from accessing the control node of the core network;
所述接入网节点将所述禁止接入的群组的群组标识发送给位于所述群组标识对应的 群组中的用户设备, 用于通知所述用户设备禁止接入。  And the access network node sends the group identifier of the group that is forbidden to be sent to the user equipment that is located in the group corresponding to the group identifier, and is used to notify the user equipment to prohibit access.
本发明实施例提供的一种进行接入控制的方法, 包括:  A method for performing access control according to an embodiment of the present invention includes:
用户设备在需要进行接入控制时, 判断禁止接入的群组的群组标识中是否有自己所属 的群组的群组标识, 其中禁止接入的群组的群组标识是用户设备根据收到的来自网络侧的 通^确定的;  When the user equipment needs to perform access control, it is determined whether the group identifier of the group to which the access group is prohibited has the group identifier of the group to which the group belongs. From the network side to determine;
所述用户设备在确定禁止接入的群组的群组标识中有需要进行接入控制的群组的群 组标识后, 取消接入控制; 在确定禁止接入的群组的群组标识中没有需要进行接入控制的 群组的群组标识后, 进行接入控制。  The user equipment cancels the access control after determining the group identifier of the group that needs to perform access control in the group identifier of the group that is prohibited from accessing; in determining the group identifier of the group that is prohibited from accessing After there is no group identification of the group that needs to perform access control, access control is performed.
本发明实施例提供的一种进行接入控制的 MTC应用服务器, 包括:  An MTC application server for performing access control according to an embodiment of the present invention includes:
第一确定模块, 用于确定需要禁止群组中的用户设备接入;  a first determining module, configured to determine that the user equipment in the group needs to be prohibited from accessing;
第一处理模块, 用于将需要禁止的群组的群组标识和群组中每个用户设备所在的位置 的位置信息发送给核心网控制节点, 用于指示核心网控制节点通知群组标识对应的群组中 的用户设备禁止接入。  a first processing module, configured to send the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment is located in the group to the core network control node, to indicate that the core network control node notifies the group identifier User equipment in the group is forbidden to access.
本发明实施例提供的一种进行接入控制的核心网控制节点, 包括:  A core network control node for performing access control according to an embodiment of the present invention includes:
第二确定模块, 用于根据接收到的来自 MTC应用服务器的位置信息, 确定每个位置 信息的地理位置对应的接入网节点;  a second determining module, configured to determine, according to the received location information from the MTC application server, an access network node corresponding to a geographic location of each location information;
第二处理模块, 用于将接收到的来自 MTC应用服务器的禁止接入的群组对应的群组 标识发送给所述接入网节点, 用于指示所述接入网节点通知所述群组标识对应的群组中的 用户设备禁止接入。  a second processing module, configured to send, to the access network node, a group identifier corresponding to the group that is forbidden to access from the MTC application server, to notify the access network node to notify the group The user equipment in the corresponding group is prohibited from accessing.
本发明实施例提供的一种进行接入控制的接入网节点, 包括:  An access network node for performing access control according to an embodiment of the present invention includes:
第一接收模块, 用于接收来自核心网控制节点的禁止接入的群组的群组标识; 第三处理模块, 用于将所述禁止接入的群组的群组标识发送给位于所述群组标识对应 的群组中的用户设备, 用于通知所述用户设备禁止接入。 本发明实施例提供的一种进行接入控制的用户设备, 包括: a first receiving module, configured to receive a group identifier of a group that is forbidden to access from a core network control node, and a third processing module, configured to send, to the The user equipment in the group corresponding to the group identifier is used to notify the user equipment to prohibit access. A user equipment for performing access control according to an embodiment of the present invention includes:
判断模块, 用于在需要进行接入控制时, 判断禁止接入的群组的群组标识中是否有自 己所属的群组的群组标识, 其中禁止接入的群组的群组标识是用户设备根据收到的来自网 络侧的通知确定的;  a judging module, configured to determine, in the group ID of the group that is prohibited from accessing, a group identifier of the group to which the group is prohibited, wherein the group identifier of the group to which the access is prohibited is a user The device is determined according to the received notification from the network side;
控制模块, 用于在确定禁止接入的群组的群组标识中有需要进行接入控制的群组的群 组标识后, 取消接入控制; 在确定禁止接入的群组的群组标识中没有需要进行接入控制的 群组的群组标识后, 进行接入控制。  a control module, configured to: after determining a group identity of a group that needs to perform access control in a group identity of a group that is prohibited from accessing, canceling access control; determining a group identity of a group that is prohibited from accessing After there is no group identification of the group that needs to perform access control, access control is performed.
由于本发明实施例将需要禁止的群组的群组标识通知给用户设备使用户设备不进行 接入控制, 从而在 MTC应用服务器需要禁止某些群组用户设备与网络通信时, 降低了信 令负荷过高, 节省了资源。 附图说明  The embodiment of the present invention notifies the user equipment of the group identity of the group that needs to be forbidden to prevent the user equipment from performing access control, thereby reducing signaling when the MTC application server needs to prohibit certain group user equipment from communicating with the network. The load is too high, saving resources. DRAWINGS
图 1为本发明实施例 MTC应用服务器侧辅助用户设备进行接入控制的方法流程示意 图;  1 is a schematic flow chart of a method for performing access control by an auxiliary user equipment on an MTC application server side according to an embodiment of the present invention;
图 2 为本发明实施例核心网控制节点侧辅助用户设备进行接入控制的方法流程示意 图;  2 is a schematic flow chart of a method for controlling access control of a user equipment on a control node of a core network according to an embodiment of the present invention;
图 3为本发明实施例接入网节点侧辅助用户设备进行接入控制的方法流程示意图; 图 4为本发明实施例用户设备进行接入控制的方法流程示意图;  3 is a schematic flowchart of a method for performing access control on a user equipment of an access network node according to an embodiment of the present invention; FIG. 4 is a schematic flowchart of a method for performing access control on a user equipment according to an embodiment of the present invention;
图 5为本发明实施例进行接入控制的方法流程示意图;  FIG. 5 is a schematic flowchart of a method for performing access control according to an embodiment of the present invention;
图 6为本发明实施例 MTC应用服务器的结构示意图;  6 is a schematic structural diagram of an MTC application server according to an embodiment of the present invention;
图 7为本发明实施例核心网控制节点的结构示意图;  7 is a schematic structural diagram of a control node of a core network according to an embodiment of the present invention;
图 8为本发明实施例接入网节点的结构示意图;  8 is a schematic structural diagram of an access network node according to an embodiment of the present invention;
图 9为本发明实施例用户设备的结构示意图。 具体实施方式  FIG. 9 is a schematic structural diagram of a user equipment according to an embodiment of the present invention. detailed description
本发明实施例将需要禁止的群组的群组标识通知给用户设备使用户设备不进行接入 控制, 从而在 MTC应用服务器需要禁止某些群组用户设备与网络通信时, 降低了信令负 荷过高, 节省了资源。  In the embodiment of the present invention, the group identifier of the group to be forbidden is notified to the user equipment, so that the user equipment does not perform access control, so that the signaling load is reduced when the MTC application server needs to prohibit certain group user equipments from communicating with the network. Too high, saving resources.
其中, 本发明实施例适用于长期演进 ( Long Term Evolution, LTE )系统和通用移动通 信系统(Universal Mobile Telecommunications System, UMTS ), 以及其他具有 MTC应用 服务器并需要进行接入控制的系统。  The embodiments of the present invention are applicable to a Long Term Evolution (LTE) system and a Universal Mobile Telecommunications System (UMTS), and other systems having an MTC application server and requiring access control.
下面结合说明书附图对本发明实施例作进一步详细描述。  The embodiments of the present invention are further described in detail below with reference to the accompanying drawings.
如图 1所示, 本发明实施例 MTC应用服务器侧辅助用户设备进行接入控制的方法包 括下列步骤: As shown in FIG. 1 , a method package for assisting user equipment to perform access control on an MTC application server side according to an embodiment of the present invention is provided. The following steps are included:
步骤 101、 MTC应用服务器确定需要禁止群组中的用户设备接入;  Step 101: The MTC application server determines that the user equipment in the group needs to be disabled.
步骤 102、 MTC应用服务器将需要禁止的群组的群组标识和群组中每个用户设备所在 的位置的位置信息发送给核心网控制节点, 用于通知核心网控制节点通知群组标识对应的 群组中的用户设备禁止接入。  Step 102: The MTC application server sends the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment is located in the group to the core network control node, to notify the core network control node to notify the corresponding group identifier. User equipment in the group is forbidden to access.
其中, MTC应用服务器确定需要禁止群组中的用户设备接入的情况有很多,比如 MTC 应用服务器进行维护、 MTC应用服务器进行升级、 MTC应用服务器根据某种策略需要禁 止群组中的用户设备接入等。  The MTC application server determines that the user equipment in the group needs to be disabled. For example, the MTC application server performs maintenance, the MTC application server performs the upgrade, and the MTC application server prohibits the user equipment in the group according to a certain policy. Into.
较佳地, 步骤 102之后还可以进一步包括:  Preferably, after step 102, the method further includes:
MTC应用服务器在确定需要取消禁止群组中的用户设备接入后,将需要取消禁止的群 组的群组标识和群组中每个用户设备所在的位置的位置信息发送给核心网控制节点, 用于 通知核心网控制节点通知群组标识对应的群组中的用户设备取消禁止接入。  After determining that the user equipment in the group is to be unblocked, the MTC application server sends the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment in the group is located to the core network control node. And the user equipment in the group corresponding to the group identifier is notified to notify the core network control node to cancel the access prohibition.
其中,群组标识可以是每个群组的群组标识( Group ID )完整比特,也可以是 Group ID 的部分比特。如果是 Group ID的部分比特, 则在所有具备相同的比特的群组都被禁止的时 候可以釆用。 比如 Group ID是 000112, 如果所有 Group ID中前三位都是 0的群组全部禁 止接入, 则可以将 000作为群组标识。  The group identifier may be a complete group of Group ID of each group, or may be a partial bit of the Group ID. If it is a partial bit of the Group ID, it can be used when all groups with the same bit are disabled. For example, the Group ID is 000112. If all the groups in which the first three digits of the Group ID are 0 are forbidden, the 000 can be used as the group identifier.
如果被禁止的群组的数目比较多, 那么系统信息中承载的信令负荷会增加, 为了减少 信令负荷。 可以在分配群组标识的时候考虑优化的分配方式。 例如, 一个 MTC服务器所 管理的群组的标识前面 N位必须是一样的, N为小于 Group ID长度的数目。比如 Group ID 为 16位。 那么可以假设一个 MTC 服务器所管理的群组的高 8 位都是一样的, 假设为 abcdefgh0那么在系统信息中只要广播 abcdefgh 8位数或者广播 abcdefgh00000000这 16位 数,则代表所有高 8为是 abcdefgh的群组都被禁止接入。不同的 MTC服务器使用的 abcdefgh 是不同的。 为了部署筒单, abcdefgh也可以是 MTC服务器的标识号。 If the number of prohibited groups is relatively large, the signaling load carried in the system information will increase, in order to reduce the signaling load. Optimized allocation methods can be considered when assigning group IDs. For example, the N bits in front of the identity of the group managed by an MTC server must be the same, and N is the number less than the length of the Group ID. For example, the Group ID is 16 bits. Then it can be assumed that the upper 8 bits of the group managed by an MTC server are the same. Abcdefgh 0 is assumed to broadcast abcdefgh 8 digits or broadcast abcdefgh00000000 16 digits in the system information, indicating that all high 8 is Groups of abcdefgh are forbidden to access. The abcdefgh used by different MTC servers is different. In order to deploy the package, abcdefgh can also be the identification number of the MTC server.
考虑到共享 PLMN的场景, 接入控制信息中可以携带多个 PLMN的群组控制信息。 其中, 地理位置信息可以是群组存在的小区、 跟踪区 (Tracking Area, TA )、 位置区 Considering the scenario of sharing a PLMN, the access control information may carry group control information of multiple PLMNs. The geographic location information may be a cell in which the group exists, a tracking area (TA), and a location area.
( Location Area, LA )、 注册区 ( Registered Area, RA )等能代表群组中的用户设备所在的 地理位置的信息。 (Location Area, LA), Registered Area (RA), etc. can represent the geographic location of the user equipment in the group.
如图 2所示, 本发明实施例核心网控制节点侧辅助用户设备进行接入控制的方法包括 下列步骤:  As shown in FIG. 2, the method for controlling the access control of the user equipment on the node side of the core network in the embodiment of the present invention includes the following steps:
步骤 201、核心网控制节点根据接收到的来自 MTC应用服务器的位置信息,确定每个 位置信息的地理位置对应的接入网节点;  Step 201: The core network control node determines, according to the received location information from the MTC application server, an access network node corresponding to the geographic location of each location information.
步骤 202、核心网控制节点将接收到的来自 MTC应用服务器的禁止接入的群组对应的 群组标识发送给接入网节点, 用于通知接入网节点通知群组标识对应的群组中的用户设备 禁止接入。 Step 202: The core network control node sends the received group identifier corresponding to the group that is forbidden to access from the MTC application server to the access network node, and is used to notify the access network node to notify the group corresponding to the group identifier. User equipment Access is forbidden.
较佳地, 步骤 202之后还可以进一步包括:  Preferably, after step 202, the method further includes:
核心网控制节点根据接收到的来自 MTC应用服务器的位置信息, 确定每个位置信息 的地理位置对应的接入网节点;  The core network control node determines, according to the received location information from the MTC application server, an access network node corresponding to the geographic location of each location information;
核心网控制节点将接收到的来自 MTC应用服务器的取消禁止接入的群组对应的群组 标识发送给接入网节点, 用于通知接入网节点通知群组标识对应的群组中的用户设备取消 禁止接入。  The core network control node sends the received group identifier corresponding to the group that cancels the access from the MTC application server to the access network node, and is used to notify the access network node to notify the user in the group corresponding to the group identifier. The device is forbidden to access.
如图 3所示, 本发明实施例接入网节点侧辅助用户设备进行接入控制的方法包括下列 步骤:  As shown in FIG. 3, the method for performing access control on an access user node of an access network node in the embodiment of the present invention includes the following steps:
步骤 301、 接入网节点接收来自核心网控制节点的禁止接入的群组的群组标识; 步骤 302、 接入网节点将禁止接入的群组的群组标识发送给位于群组标识对应的群组 中的用户设备, 用于通知用户设备禁止接入。  Step 301: The access network node receives the group identifier of the group that is forbidden to access from the control node of the core network. Step 302: The access network node sends the group identifier of the group that is prohibited from accessing to the group identifier. The user equipment in the group is used to notify the user equipment that access is prohibited.
其中, 接入网节点将禁止接入的群组的群组标识发送给位于群组标识对应的群组中的 用户设备的方式有很多, 下面列举几种:  There are many ways for the access network node to send the group identity of the group that is forbidden to the user equipment in the group corresponding to the group identity.
方式一、 接入网节点直接将禁止接入的群组的群组标识发送给用户设备。  Manner 1: The access network node directly sends the group identity of the group that is forbidden to the user equipment.
在实施中, 接入网节点可以通过广播或组播方式将禁止接入的群组的群组标识发送给 用户设备。  In an implementation, the access network node may send the group identity of the group that is forbidden to the user equipment by broadcast or multicast.
如果通过组播方式将禁止接入的群组的群组标识发送给用户设备, 接入网节点可以通 过群组调度方式将禁止接入的群组的群组标识发送给用户设备。  If the group identity of the group that is forbidden to be accessed is sent to the user equipment by using the multicast mode, the access network node may send the group identity of the group that is forbidden to the user equipment by using the group scheduling mode.
具体的,在发送群组调度之前,接入网节点可以釆用群组无线网络临时标识符(Group Specifically, the access network node may use the group wireless network temporary identifier (Group) before sending the group scheduling.
Radio Network Temporary Identity, G-RNTI )进行调度, 这样群组中的用户设备通过监听 G-RNTI, 在调度的资源上获取禁止接入的群组的群组标识。 The radio network Temporary Identity (G-RNTI) performs scheduling, so that the user equipment in the group obtains the group identity of the group that is prohibited from accessing the scheduled resources by monitoring the G-RNTI.
在实施中, 接入网节点可以将禁止接入的群组的群组标识置于系统信息块 (System Information Block, SIB )中。该 SIB可以通过已有的 SIB (具体可以参见 25.331或者 36.331 协议, 下同)发送, 也可以通过新增的 SIB发送。 如果是新增的 SIB, —种较佳地方法是, 该 SIB的调度周期与已有的接入控制所在的 SIB的调度周期相同。  In an implementation, the access network node may place the group identity of the group that is prohibited from accessing into a System Information Block (SIB). The SIB can be sent through the existing SIB (see the 25.331 or 36.331 protocol, the same below) or via the new SIB. If it is a new SIB, a preferred method is that the scheduling period of the SIB is the same as the scheduling period of the SIB where the existing access control is located.
针对方式一, 核心网控制节点在接收来自核心网控制节点的取消禁止接入的群组的群 户设备, 用于通知用户设备取消禁止接入。  For the first mode, the core network control node receives the group device of the group that cancels the access from the core network control node, and is used to notify the user equipment to cancel the access prohibition.
在实施中, 接入网节点可以通过广播或组播方式将取消禁止接入的群组的群组标识发 送给用户设备。  In an implementation, the access network node may send the group identity of the group that is forbidden to be accessed to the user equipment by means of broadcast or multicast.
如果通过组播方式将禁止接入的群组的群组标识发送给用户设备, 接入网节点可以通 过群组调度方式将禁止接入的群组的群组标识发送给用户设备。 具体的, 在发送群组标识之前, 接入网节点可以釆用 G-RNTI进行调度, 这样群组中 的用户设备通过监听 G-RNTI, 在调度的资源上获取取消禁止接入的群组的群组标识。 If the group identity of the group that is forbidden to be accessed is sent to the user equipment by using the multicast mode, the access network node may send the group identity of the group that is forbidden to the user equipment by using the group scheduling mode. Specifically, before the group identifier is sent, the access network node may perform scheduling by using the G-RNTI, so that the user equipment in the group obtains the group that cancels the access prohibition on the scheduled resource by monitoring the G-RNTI. Group ID.
在实施中, 接入网节点可以将取消禁止接入的群组的群组标识置于 SIB中。 该 SIB可 以通过原有的 SIB发送, 也可以通过新增的 SIB发送。 如果是新增的 SIB , —种较佳地方 法是, 该 SIB的调度周期与已有的接入控制所在的 SIB的调度周期相同。  In an implementation, the access network node may place the group identity of the group that is forbidden from accessing in the SIB. The SIB can be sent via the original SIB or via the new SIB. If it is a new SIB, a preferred method is that the scheduling period of the SIB is the same as the scheduling period of the SIB where the existing access control is located.
方式二、 接入网节点将禁止接入的群组的群组标识置于群组接入控制信息中发送给用 户设备。  Manner 2: The access network node sends the group identity of the group that is prohibited from accessing to the user equipment in the group access control information.
在实施中, 接入网节点可以通过广播或组播方式将含有群组标识的群组接入控制信息 发送给用户设备。  In an implementation, the access network node may send the group access control information including the group identifier to the user equipment in a broadcast or multicast manner.
如果通过组播方式将群组接入控制信息发送给用户设备, 接入网节点可以通过群组调 度方式将群组接入控制信息发送给用户设备。  If the group access control information is sent to the user equipment in the multicast mode, the access network node may send the group access control information to the user equipment in a group scheduling manner.
具体的, 在发送群组标识之前, 接入网节点可以釆用 G-RNTI进行调度, 这样群组中 的用户设备通过监听 G-RNTI, 在调度的资源上获取群组接入控制信息。  Specifically, before the group identifier is sent, the access network node may perform scheduling by using the G-RNTI, so that the user equipment in the group obtains the group access control information on the scheduled resource by monitoring the G-RNTI.
在实施中, 接入网节点可以将群组接入控制信息置于 SIB中。 该 SIB可以通过原有的 SIB发送, 也可以通过新增的 SIB发送。 如果是新增的 SIB , —种较佳地方法是, 该 SIB 的调度周期与已有的接入控制所在的 SIB的调度周期相同。  In an implementation, the access network node may place the group access control information in the SIB. The SIB can be sent via the original SIB or via the new SIB. If it is a new SIB, a preferred method is that the scheduling period of the SIB is the same as the scheduling period of the SIB where the existing access control is located.
针对方式二, 核心网控制节点在接收来自核心网控制节点的取消禁止接入的群组的群 组标识后, 向用户设备发送不包含取消禁止接入的群组的群组标识的群组接入控制信息, 用于通知用户设备取消禁止接入。  For the second mode, after receiving the group identity of the group that is forbidden to access from the core network control node, the core network control node sends the group identity of the group identity of the group that does not include the forbidden access to the user equipment. The control information is used to notify the user equipment to cancel the access prohibition.
在实施中, 接入网节点可以通过广播或组播方式将不包含取消禁止接入的群组的群组 标识的群组接入控制信息发送给用户设备。  In an implementation, the access network node may send the group access control information of the group identifier of the group that does not include the forbidden access to the user equipment in a broadcast or multicast manner.
如果通过组播方式将不包含取消禁止接入的群组的群组标识的群组接入控制信息发 送给用户设备, 接入网节点可以通过群组调度方式将不包含取消禁止接入的群组的群组标 识的群组接入控制信息发送给用户设备。  If the group access control information of the group identifier of the group that does not include the forbidden access is sent to the user equipment by using the multicast mode, the access network node may use the group scheduling mode to include the group that does not include the forbidden access. The group access control information of the group identifier of the group is sent to the user equipment.
具体的, 在发送群组调度之前, 接入网节点可以釆用 G-RNTI进行调度, 这样群组中 的用户设备通过监听 G-RNTI, 在调度的资源上获取群组接入控制信息, 并根据群组接入 控制信息是否包含群组标识判断对应的群组是否禁止接入。  Specifically, before the group scheduling is sent, the access network node may use the G-RNTI to perform scheduling, so that the user equipment in the group obtains the group access control information on the scheduled resources by monitoring the G-RNTI, and Whether the corresponding group is prohibited from accessing according to whether the group access control information includes the group identifier.
在实施中, 接入网节点可以将不包含取消禁止接入的群组的群组标识的群组接入控制 信息置于 SIB中。 该 SIB可以通过原有的 SIB发送, 也可以通过新增的 SIB发送。 如果是 新增的 SIB , —种较佳地方法是, 该 SIB的调度周期与已有的接入控制所在的 SIB的调度 周期相同。  In an implementation, the access network node may place group access control information that does not include the group identity of the group that is forbidden to access from being placed in the SIB. The SIB can be sent via the original SIB or via the new SIB. If it is a new SIB, a preferred method is that the scheduling period of the SIB is the same as the scheduling period of the SIB where the existing access control is located.
其中, 上述方式一和方式二中, 都可以支持公共陆地移动网 (Public Land Mobile Network, PLMN )共享的情况。 比如可以广播或组播 PLMN以及其下的群组被禁止接入 的情况。 Among them, in the first mode and the second mode, the public land mobile network (PLMN) can be shared. For example, a broadcast or multicast PLMN can be broadcast and groups under it are forbidden to access. Case.
在上述过程中, 如果需要取消部分群组的接入控制同时增加部分群组的接入控制。 这 个过程与取消的流程类似, 只是取消部分组标识后, 可以再增加新的要进行接入控制的组 标识。 例如: 禁止接入的群组为组 1 , 组 2 , 组 3 , 那么在广播或者群组调度中给出组 1,2,3 的群组标识。 之后如果要允许组 1的用户接入, 禁止组 4的用户接入, 则在广播或者群组 调度中给出组 2,3,4的群组标识。  In the above process, if it is necessary to cancel the access control of the partial group and increase the access control of the partial group. This process is similar to the cancellation process. After you cancel the partial group ID, you can add a new group ID for access control. For example: The group that is forbidden to access is group 1, group 2, group 3, then the group identifier of group 1, 2, 3 is given in broadcast or group scheduling. Then, if the user of group 1 is to be allowed to access, and the user of group 4 is prohibited from accessing, the group identification of groups 2, 3, and 4 is given in the broadcast or group scheduling.
如图 4所示, 本发明实施例用户设备进行接入控制的方法包括下列步骤:  As shown in FIG. 4, the method for performing access control by a user equipment according to an embodiment of the present invention includes the following steps:
步骤 401、 用户设备在需要进行接入控制时, 判断禁止接入的群组的群组标识中是否 有自己所属的群组的群组标识, 其中禁止接入的群组的群组标识是用户设备根据收到的来 自网络侧的通知确定的;  Step 401: When the user equipment needs to perform access control, determine whether the group identifier of the group to which the access group is prohibited has the group identifier of the group to which the group belongs, and the group identifier of the group that is prohibited from accessing is the user. The device is determined according to the received notification from the network side;
步骤 402、 用户设备在确定禁止接入的群组的群组标识中有需要进行接入控制的群组 的群组标识后, 取消接入控制; 在确定禁止接入的群组的群组标识中没有需要进行接入控 制的群组的群组标识后, 进行接入控制。  Step 402: After determining, by the user equipment, the group identifier of the group that needs to perform access control in the group identifier of the group that is prohibited from accessing, cancel the access control; and determine the group identifier of the group that is prohibited from accessing. After there is no group identification of the group that needs to perform access control, access control is performed.
其中, 用户设备收到的来自网络侧的通知有很多种方式, 下面列举几种:  There are many ways for the user equipment to receive notifications from the network side. Here are a few:
方式一、 用户设备直接收到禁止接入的群组的群组标识或取消禁止接入的群组的群组 标识。  Manner 1: The user equipment directly receives the group identity of the group that is forbidden to access or cancels the group identity of the group that is forbidden to access.
具体的, 用户设备接收到来自核心网控制节点的禁止接入的群组的群组标识或接收到 来自核心网控制节点的取消禁止接入的群组的群组标识后, 更新禁止接入的群组的群组标 识。  Specifically, after receiving the group identity of the group that is forbidden to access from the control node of the core network or receiving the group identity of the group that cancels the access from the core network control node, the user equipment updates the forbidden access. The group ID of the group.
然后, 用户设备在需要进行接入控制时, 判断禁止接入的群组的群组标识中是否有自 己所属的群组的群组标识。  Then, when the user equipment needs to perform access control, it is determined whether the group identifier of the group to which the access is prohibited has the group identifier of the group to which the group belongs.
在实施中, 用户设备可以通过广播或组播方式接收来自核心网控制节点的群组标识。 如果通过组播方式接收群组标识, 用户设备可以通过群组调度方式接收群组标识。 具体的, 用户设备搜索 G-RNTI , 如果在控制信道上确定搜索到群组调度使用的 G-RNTI, 则通过该控制信道所调度的资源上接收被禁止接入的群组标识。  In an implementation, the user equipment may receive the group identity from the core network control node by broadcast or multicast. If the group identity is received in the multicast mode, the user equipment can receive the group identity by using the group scheduling mode. Specifically, the user equipment searches for the G-RNTI, and if it is determined on the control channel that the G-RNTI used for the group scheduling is searched, the group identifier that is prohibited from being accessed is received on the resource scheduled by the control channel.
在实施中, 用户设备可以通过 SIB接收群组标识。 该 SIB可以通过原有的 SIB发送, 也可以通过新增的 SIB发送。 如果是新增的 SIB , —种较佳地方法是, 该 SIB的调度周期 与已有的接入控制所在的 SIB的调度周期相同。  In an implementation, the user equipment can receive the group identity through the SIB. The SIB can be sent via the original SIB or via the new SIB. If it is a new SIB, a preferred method is that the scheduling period of the SIB is the same as the scheduling period of the SIB where the existing access control is located.
针对方式一, 一种实施方式是: 用户设备的接入层接收群组标识, 在需要进行接入控 制时, 判断禁止接入的群组的群组标识中是否有自己所属的群组的群组标识, 在确定禁止 接入的群组的群组标识中有需要进行接入控制的群组的群组标识后, 通知非接入层该群组 被网络禁止接入;  For the first method, an implementation manner is as follows: The access layer of the user equipment receives the group identifier, and when the access control needs to be performed, it is determined whether the group identifier of the group that is prohibited from accessing has a group of the group to which the group belongs. The group identifier, after determining the group identifier of the group that needs to perform access control in the group identifier of the group that is prohibited from accessing, notifying the non-access stratum that the group is prohibited from being accessed by the network;
另一种实施方式是: 用户设备的接入层将接收到的来自网络侧的禁止接入的群组的群 组标识通知给非接入层, 非接入层在需要进行接入控制时, 判断禁止接入的群组的群组标 识中是否有自己所属的群组的群组标识。 Another implementation manner is: a group of the group that the access layer of the user equipment receives from the network side that is forbidden to access The group identifier is notified to the non-access stratum, and when the non-access stratum needs to perform access control, it is determined whether the group identifier of the group to which the access group is prohibited has the group identifier of the group to which the group belongs.
方式二、 用户设备直接收到禁止接入的群组的群组标识或取消禁止接入的群组的群组 标识。  Manner 2: The user equipment directly receives the group identity of the group that is forbidden to access or cancels the group identity of the group that is prohibited from accessing.
方式二、 用户设备收到包含禁止接入的群组的群组标识的群组接入控制信息。  Manner 2: The user equipment receives group access control information including a group identifier of a group that is prohibited from accessing.
具体的, 用户设备接收到来自核心网控制节点的包含禁止接入的群组的群组标识的群 组接入控制信息后, 将接收到来自核心网控制节点的群组接入控制信息中包含的群组标识 作为禁止接入的群组的群组标识。  Specifically, after receiving, by the user equipment, the group access control information of the group identifier of the group that prohibits access from the core network control node, the user equipment receives the group access control information from the core network control node. The group identity is the group identity of the group that is prohibited from accessing.
然后, 用户设备在需要进行接入控制时, 判断禁止接入的群组的群组标识中是否有自 己所属的群组的群组标识。  Then, when the user equipment needs to perform access control, it is determined whether the group identifier of the group to which the access is prohibited has the group identifier of the group to which the group belongs.
在实施中, 用户设备可以通过广播或组播方式接收来自核心网控制节点的群组接入控 制信息。  In an implementation, the user equipment may receive group access control information from the core network control node by means of broadcast or multicast.
如果通过组播方式接收群组接入控制信息, 用户设备可以通过群组调度方式接收群组 接入控制信息。  If the group access control information is received through the multicast mode, the user equipment may receive the group access control information by using the group scheduling mode.
具体的, 用户设备搜索 G-RNTI, 如果确定搜索到的 G-RNTI是自己所在群组对应的 Specifically, the user equipment searches for the G-RNTI, if it is determined that the searched G-RNTI is the corresponding group of the group.
G-RNTI, 则通过群组接收群组接入控制信息。 The G-RNTI receives the group access control information through the group.
具体的, 用户设备搜索 G-RNTI , 如果在控制信道上确定搜索到群组调度使用的 G-RNTI, 则通过该控制信道所调度的资源上接收群组接入控制信息。  Specifically, the user equipment searches for the G-RNTI, and if it is determined on the control channel that the G-RNTI used for the group scheduling is searched, the group access control information is received on the resource scheduled by the control channel.
在实施中,用户设备可以通过 SIB接收群组接入控制信息。该 SIB可以通过原有的 SIB 发送, 也可以通过新增的 SIB发送。 如果是新增的 SIB, —种较佳地方法是, 该 SIB的调 度周期与已有的接入控制所在的 SIB的调度周期相同。  In an implementation, the user equipment may receive group access control information through the SIB. The SIB can be sent via the original SIB or via the new SIB. In the case of a new SIB, a preferred method is that the scheduling period of the SIB is the same as the scheduling period of the SIB in which the existing access control is located.
针对方式二, 一种实施方式是: 用户设备的接入层接收群组接入控制信息, 在需要进 行接入控制时, 判断禁止接入的群组的群组标识中是否有自己所属的群组的群组标识, 在 确定禁止接入的群组的群组标识中有需要进行接入控制的群组的群组标识后, 通知非接入 层该群组被网络禁止接入;  For the second method, an implementation manner is as follows: The access layer of the user equipment receives the group access control information, and when the access control needs to be performed, it is determined whether the group identifier of the group that is prohibited from accessing belongs to the group to which the group belongs. The group identifier of the group, after determining the group identifier of the group that needs to perform access control in the group identifier of the group that is prohibited from accessing, notifying the non-access stratum that the group is prohibited from being accessed by the network;
另一种实施方式是: 用户设备的接入层接收群组接入控制信息, 将接收到的来自网络 侧的禁止接入的群组的群组接入控制信息通知给非接入层, 非接入层在需要进行接入控制 时, 判断禁止接入的群组的群组标识中是否有自己所属的群组的群组标识。  In another implementation manner, the access layer of the user equipment receives the group access control information, and notifies the non-access stratum of the group access control information of the group that is prohibited from accessing the network side. When the access layer needs to perform access control, it determines whether the group identifier of the group to which the access group is prohibited has the group identifier of the group to which the group belongs.
其中,如果在 PLMN共享的情况下,用户设备根据家乡 PLMN( Home PLMN, HPLMN ) 下的群组禁止接入的信息来进行接入判决。 如果是漫游场景, 也要根据 HPLMN的情况来 进行群组接入的判决。  Wherein, if the PLMN is shared, the user equipment performs an access decision according to the information that the group under the home PLMN (Home PLMN, HPLMN) prohibits access. In the case of roaming scenarios, the decision to group access is also based on the HPLMN.
如图 5所示,本发明实施例通知用户设备禁止或取消禁止的群组的方法包括下列步骤: 步骤 501、 MTC应用服务器确定需要禁止群组中的用户设备接入, 将需要禁止的群组 的群组标识和群组中每个用户设备所在的位置的位置信息发送给核心网控制节点; 步骤 502、核心网控制节点根据接收到的来自 MTC应用服务器的位置信息,确定每个 位置信息的地理位置对应的接入网节点; As shown in FIG. 5, the method for notifying a user equipment to prohibit or cancel a forbidden group includes the following steps: Step 501: The MTC application server determines that the user equipment in the group needs to be prohibited from being accessed. The group identifier and the location information of the location where each user equipment is located in the group are sent to the core network control node; Step 502: The core network control node determines each location information according to the received location information from the MTC application server. The access network node corresponding to the geographical location;
步骤 503、核心网控制节点将接收到的来自 MTC应用服务器的禁止接入的群组对应的 群组标识发送给接入网节点;  Step 503: The core network control node sends the received group identifier corresponding to the group that is forbidden to access from the MTC application server to the access network node.
步骤 504、 接入网节点将禁止接入的群组的群组标识置于群组接入控制信息, 发送给 位于群组标识对应的群组中的用户设备;  Step 504: The access network node sets the group identity of the group that is forbidden to access to the group access control information, and sends the group identity information to the user equipment that is located in the group corresponding to the group identity.
步骤 505、 用户设备根据收到的群组接入控制信息确定需要禁止接入的群组; 步骤 506、 MTC应用服务器确定需要取消禁止的群组中的用户设备接入, 将需要取消 禁止的群组的群组标识和群组中每个用户设备所在的位置的位置信息发送给核心网控制 节点;  Step 505: The user equipment determines, according to the received group access control information, a group that needs to be disabled. Step 506: The MTC application server determines that the user equipment in the group that needs to be forbidden is accessed, and the group that needs to be forbidden is to be cancelled. The group identifier of the group and the location information of the location where each user equipment is located in the group are sent to the core network control node;
步骤 507、核心网控制节点根据接收到的来自 MTC应用服务器的位置信息,确定每个 位置信息的地理位置对应的接入网节点;  Step 507: The core network control node determines, according to the received location information from the MTC application server, an access network node corresponding to the geographic location of each location information.
步骤 508、核心网控制节点将接收到的来自 MTC应用服务器的禁止接入的群组对应的 群组标识发送给接入网节点;  Step 508: The core network control node sends the received group identifier corresponding to the group that is forbidden to access from the MTC application server to the access network node.
步骤 509、 接入网节点向用户设备发送不包含取消禁止接入的群组的群组标识的群组 接入控制信息;  Step 509: The access network node sends, to the user equipment, group access control information that does not include a group identifier of the group that cancels the prohibition of access;
步骤 510、 用户设备根据收到的群组接入控制信息确定需要禁止接入的群组; 其中, 用户设备在需要进行接入控制时, 判断禁止接入的群组的群组标识中是否有自 己所属的群组的群组标识, 如果是, 则取消接入控制; 否则进行接入控制, 比如可以根据 接入等级禁止机制 (Access Class Barring, ACB, 也称为接入控制机制)、 增强的接入禁止 机制 (Enhanced Access Barring, EAB, 也称为增强的接入控制机制)和 /或漫游的接入控 制信息来进行接入。  Step 510: The user equipment determines, according to the received group access control information, a group that needs to be disabled. If the user equipment needs to perform access control, determine whether there is a group identifier of the group that is prohibited from accessing. The group ID of the group to which the group belongs, if yes, the access control is cancelled; otherwise, the access control is performed, for example, according to the access class barring mechanism (ACB, also called access control mechanism), enhancement The access prevention mechanism (Enhanced Access Barring, EAB, also known as enhanced access control mechanism) and/or roaming access control information is used for access.
用户设备判断禁止接入的群组的群组标识中是否有自己所属的群组的群组标识的时 序与上面步骤 501〜步骤 510之间没有必然联系, 只要用户设备需要进行接入控制, 就可以 根据最近一次更新后的禁止接入的群组的群组标识进行判断。  The user equipment determines whether there is a necessary connection between the group identifier of the group to which the group is prohibited from being associated with the group identifier of the group to which the group belongs to, and the user equipment needs to perform access control. The judgment may be made according to the group identifier of the group that is prohibited from accessing after the latest update.
下面列举一个应用场景对本发明的方案进行详细说明。  The solution of the present invention will be described in detail below by enumerating an application scenario.
以 7J表公司为例, 一水表公司想在午夜 12点至第二天的凌晨 6点之间将管理朝阳区 的水表的服务器(即为第三方 MTC应用服务器)进行系统升级。 该 MTC服务器在午夜 12 点左右将其所管理的群组的标识信息以及地理位置信息 (例如: 覆盖朝阳区的 TA list (列表))发送给核心网的控制节点。 核心网节点根据 TA列表确定需要发给哪些基站, 再 将群组的标识信息发送给这些 TA下的相应的 RAN控制节点(演进基站( e B )或者无线 网络控制器( Radio Network Controller, RNC ) )。无线接入网( Radio Access Network, RAN ) 控制节点将需要禁止的群组的 Group ID通过一个新的系统信息块下发, 或者放到已有的 SIB中, 例如 SIB2 ( LTE )或者 SIB3 ( UMTS )。 假设被禁止接入的组有 2个, 其组标识分 别为 Group Id 1 , Group Id 2, 那么在系统信息中就将这两个 Group ID都广播下去。 在此之 后, 属于 Group id 1和 Group Id 2两个群组的用户设备收到广播信息并保存相关的信息。 当用户设备需要与网络通信的时候, 检查系统信息的内容, 确认自己所属的 Group属于被 禁止接入的 Group中, 则通知 NAS接入失败, 并指示其原因是网络拒绝组用户设备接入。 Taking 7J Watch Company as an example, IWC wants to upgrade the server that manages the water meter in Chaoyang District (that is, the third-party MTC application server) between 12 midnight and 6 am the next day. The MTC server sends the identification information of the group it manages and the geographical location information (for example, the TA list (list) covering the Chaoyang District) to the control node of the core network at around midnight. The core network node determines which base stations need to be sent according to the TA list, and then sends the group identity information to the corresponding RAN control node under these TAs (eB) or Radio Network Controller (RNC). ). Radio Access Network (RAN) The control node delivers the group ID of the group to be forbidden through a new system information block, or to an existing SIB, such as SIB2 (LTE) or SIB3 (UMTS). Assume that there are two groups that are forbidden to access, and their group IDs are Group Id 1 and Group Id 2, then both group IDs are broadcasted in the system information. After that, the user equipment belonging to the two groups of Group id 1 and Group Id 2 receives the broadcast information and saves the related information. When the user equipment needs to communicate with the network, check the content of the system information, and confirm that the group to which it belongs belongs to the group that is prohibited from accessing, notify the NAS that the access fails, and indicate that the network denial group user equipment access.
等到第二天的凌晨 6点, MTC服务器结束升级,则发送取消接入控制的信息给核心网 控制节点。 核心网根据其中要取消的 Group id查到其相应的 TA所对应的 RAN控制节点, 并将取消的信息发送给相应的 RAN控制节点。 RAN控制节点根据该信息更新系统信息。  Wait until the next morning at 6 am, the MTC server ends the upgrade, and sends the information to cancel the access control to the core network control node. The core network finds the RAN control node corresponding to its corresponding TA according to the Group id to be canceled, and sends the canceled information to the corresponding RAN control node. The RAN control node updates the system information based on the information.
用户设备根据更新系统信息, 并保存系统信息。 当用户设备需要接入网络时, 判断所 属的组是否可以接入。 判断为允许所属组用户设备接入, 则执行 ACB检查等常规的接入 过程中的行为。  The user equipment updates the system information and saves the system information. When the user equipment needs to access the network, it is determined whether the group to which it belongs can be accessed. If it is determined that the user equipment of the group is allowed to access, the behavior in the regular access process such as ACB check is performed.
针对上述场景, 用户设备也可以在收到的系统信息的包含了自己所属的组标识, 则通 知非接入层相关的信息, 指示所属的组被禁止接入。 当系统信息更新后, 用户设备判断之 前被禁止的组标识不在广播信息中, 则通知非接入层, 相关的组接入禁止命令取消。 用户 设备要进行接入时, 其非接入层根据组是否被禁止接入来确定是否要向接入层发起接入请 求消息。 如果被禁止, 则不发送, 否则, 则可以将接入请求的命令发送给接入层。  For the above scenario, the user equipment may also inform the non-access stratum related information when the received system information includes the group identifier to which the system information belongs, and indicate that the group to which the group belongs is prohibited from accessing. After the system information is updated, the group identifier that is prohibited by the user equipment before being judged is not in the broadcast information, the non-access stratum is notified, and the related group access prohibition command is cancelled. When the user equipment wants to access, its non-access stratum determines whether to initiate an access request message to the access layer according to whether the group is prohibited from accessing. If it is forbidden, it will not be sent. Otherwise, the command of the access request can be sent to the access layer.
针对上述场景, RAN控制节点可以釆用 G-RNTI调度所有的组用户设备, 通知当前的 禁止接入的控制信息。该 G-RNTI是事先预留, 即为网络侧和用户设备都预先知道的标识, 类似于寻呼用 RNTI ( Paging RNTI, P-RNTI, 也称为寻呼无线网络临时标识)。 通过监听 共享控制信道上的 G-RNTI接收共享信道上公共的接入控制信息。 该信息内容与实施例 1 和实施例 3中的系统信息中的信息是类似的。 可以携带群组信息, 或者群组标识的部分比 特。 考虑到共享 PLMN的场景, 也可以携带多个 PLMN的被禁止接入的群组控制信息。 通过 G-RNTI组调度来传输该信息时要周期性地发送。 一旦发生了信息变更也要及时进行 发送。  For the above scenario, the RAN control node may use the G-RNTI to schedule all group user equipments to notify the current control information for prohibiting access. The G-RNTI is reserved in advance, that is, an identifier that is known in advance by the network side and the user equipment, and is similar to a paging RNTI (Paging RNTI, P-RNTI, also referred to as a paging radio network temporary identifier). The public access control information on the shared channel is received by listening to the G-RNTI on the shared control channel. This information content is similar to the information in the system information in Embodiment 1 and Embodiment 3. It can carry group information, or part of the group identification. Considering the scenario of sharing a PLMN, it is also possible to carry group control information of a plurality of PLMNs that are prohibited from accessing. This information is transmitted periodically by G-RNTI group scheduling. In the event of a change in information, it must be sent in a timely manner.
基于同一发明构思, 本发明实施例中还提供了一种 MTC应用服务器, 由于该设备解 决问题的原理与图 1本发明实施例 MTC应用服务器侧辅助用户设备进行接入控制的方法 相似, 因此该设备的实施可以参见方法的实施, 重复之处不再赘述。  Based on the same inventive concept, an embodiment of the present invention further provides an MTC application server. The method for solving the problem is similar to the method for accessing the user equipment on the MTC application server side of the embodiment of the present invention. For the implementation of the device, refer to the implementation of the method, and the repeated description will not be repeated.
如图 6所示, 本发明实施例的 MTC应用服务器包括: 第一确定模块 600和第一处理 模块 610。  As shown in FIG. 6, the MTC application server of the embodiment of the present invention includes: a first determining module 600 and a first processing module 610.
第一确定模块 600 , 用于确定需要禁止群组中的用户设备接入;  The first determining module 600 is configured to determine that the user equipment in the group needs to be prohibited from accessing;
第一处理模块 610, 用于将需要禁止的群组的群组标识和群组中每个用户设备所在的 位置的位置信息发送给核心网控制节点, 用于通知核心网控制节点通知群组标识对应的群 组中的用户设备禁止接入。 The first processing module 610 is configured to send the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment in the group is located to the core network control node, to notify the core network control node to notify the group identifier Corresponding group User equipment in the group is forbidden to access.
其中, 所述的第一确定模块 600和第一处理模块 610可以为处理器等设备。  The first determining module 600 and the first processing module 610 may be devices such as a processor.
较佳地, 第一确定模块 600确定需要取消禁止群组中的用户设备接入;  Preferably, the first determining module 600 determines that the user equipment access in the forbidden group needs to be cancelled;
相应的, 第一处理模块 610将需要取消禁止的群组的群组标识和群组中每个用户设备 所在的位置的位置信息发送给核心网控制节点, 用于通知核心网控制节点通知群组标识对 应的群组中的用户设备取消禁止接入。  Correspondingly, the first processing module 610 sends the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment in the group is located to the core network control node, to notify the core network control node to notify the group. The user equipment in the corresponding group is identified to cancel the access.
基于同一发明构思, 本发明实施例中还提供了一种核心网控制节点, 由于该设备解决 问题的原理与图 2 本发明实施例核心网控制节点侧辅助用户设备进行接入控制的方法相 似, 因此该设备的实施可以参见方法的实施, 重复之处不再赘述。  Based on the same inventive concept, the core network control node is also provided in the embodiment of the present invention. The principle of the device solving the problem is similar to the method for the access control of the user equipment on the control node side of the core network in the embodiment of the present invention. Therefore, the implementation of the device can be referred to the implementation of the method, and the repeated description will not be repeated.
如图 7所示, 本发明实施例的核心网控制节点包括: 第二确定模块 700和第二处理模 块 710。  As shown in FIG. 7, the core network control node of the embodiment of the present invention includes: a second determining module 700 and a second processing module 710.
第二确定模块 700,用于根据接收到的来自 MTC应用服务器的位置信息,确定每个位 置信息的地理位置对应的接入网节点;  a second determining module 700, configured to determine, according to the received location information from the MTC application server, an access network node corresponding to a geographic location of each location information;
第二处理模块 710,用于将接收到的来自 MTC应用服务器的禁止接入的群组对应的群 组标识发送给接入网节点, 用于通知接入网节点通知群组标识对应的群组中的用户设备禁 止接入。  The second processing module 710 is configured to send, to the access network node, the group identifier corresponding to the group that is forbidden to access from the MTC application server, to notify the access network node to notify the group corresponding to the group identifier User equipment in the middle is forbidden to access.
其中, 所述的第二确定模块 700和第二处理模块 710可以为处理器等设备。  The second determining module 700 and the second processing module 710 may be devices such as a processor.
较佳地, 第二确定模块 700根据接收到的来自 MTC应用服务器的位置信息, 确定每 个位置信息的地理位置对应的接入网节点;  Preferably, the second determining module 700 determines, according to the received location information from the MTC application server, an access network node corresponding to the geographic location of each location information;
相应的, 第二处理模块 710将接收到的来自 MTC应用服务器的取消禁止接入的群组 对应的群组标识发送给接入网节点, 用于通知接入网节点通知群组标识对应的群组中的用 户设备取消禁止接入。  Correspondingly, the second processing module 710 sends the received group identifier corresponding to the group that cancels the access from the MTC application server to the access network node, and is used to notify the access network node to notify the group corresponding to the group identifier. User equipment in the group is forbidden to access.
基于同一发明构思, 本发明实施例中还提供了一种接入网节点, 由于该设备解决问题 的原理与图 3本发明实施例接入网节点侧辅助用户设备进行接入控制的方法相似, 因此该 设备的实施可以参见方法的实施, 重复之处不再赘述。  Based on the same inventive concept, an access network node is also provided in the embodiment of the present invention. The method for solving the problem is similar to the method for accessing the user equipment on the access network node side of the embodiment of the present invention. Therefore, the implementation of the device can be referred to the implementation of the method, and the repeated description will not be repeated.
如图 8所示,本发明实施例的接入网节点包括:第一接收模块 800和第三处理模块 810。 第一接收模块 800, 用于接收来自核心网控制节点的禁止接入的群组的群组标识; 第三处理模块 810, 用于将禁止接入的群组的群组标识发送给位于群组标识对应的群 组中的用户设备, 用于通知用户设备禁止接入。  As shown in FIG. 8, the access network node in the embodiment of the present invention includes: a first receiving module 800 and a third processing module 810. The first receiving module 800 is configured to receive a group identifier of a group that is prohibited from accessing the core network control node, and the third processing module 810 is configured to send the group identifier of the group that is prohibited from accessing to the group group. The user equipment in the corresponding group is used to notify the user equipment that access is prohibited.
其中, 所述的第一接收模块 800可以为具有收发功能的传输设备; 所述第三处理模块 The first receiving module 800 may be a transmission device having a transceiving function; the third processing module
810可以为处理器等设备。 The 810 can be a device such as a processor.
较佳地, 第一接收模块 800接收来自核心网控制节点的取消禁止接入的群组的群组标 识; 相应的, 第三处理模块 810将取消禁止接入的群组的群组标识发送给位于群组标识对 应的群组中的用户设备, 用于通知用户设备取消禁止接入。 Preferably, the first receiving module 800 receives the group identifier of the group from the core network control node that cancels the access prohibition; Correspondingly, the third processing module 810 sends the group identifier of the group that is forbidden to be accessed to the user equipment that is located in the group corresponding to the group identifier, and is used to notify the user equipment to cancel the access prohibition.
较佳地, 第三处理模块 810通过广播或群组调度方式将群组标识发送给用户设备。 较佳地, 第三处理模块 810将群组标识置于群组接入控制信息中发送给用户设备。 较佳地, 第一接收模块 800接收来自核心网控制节点的取消禁止接入的群组的群组标 识;  Preferably, the third processing module 810 sends the group identifier to the user equipment by means of broadcast or group scheduling. Preferably, the third processing module 810 sends the group identifier to the user equipment in the group access control information. Preferably, the first receiving module 800 receives the group identity of the group from the core network control node that cancels the access prohibition;
相应的, 第三处理模块 810将不包含取消禁止接入的群组的群组标识的群组接入控制 信息发送给位于群组标识对应的群组中的用户设备。  Correspondingly, the third processing module 810 sends the group access control information that does not include the group identifier of the group for which the access is prohibited to be sent to the user equipment located in the group corresponding to the group identifier.
较佳地, 第三处理模块 810通过广播或群组调度方式将群组接入控制信息发送给用户 设备。  Preferably, the third processing module 810 sends the group access control information to the user equipment by means of broadcast or group scheduling.
较佳地, 第三处理模块 810通过群组调度方式发送时, 通过 G-RNTI对用户设备进行 调度。  Preferably, when the third processing module 810 sends the packet in the group scheduling manner, the user equipment is scheduled by using the G-RNTI.
基于同一发明构思, 本发明实施例中还提供了一种用户设备, 由于该设备解决问题的 原理与图 4本发明实施例用户设备进行接入控制的方法相似, 因此该设备的实施可以参见 方法的实施, 重复之处不再赘述。  The user equipment is provided in the embodiment of the present invention. The method for solving the problem is similar to the method for the user equipment to perform access control according to the embodiment of the present invention. Therefore, the implementation of the device can refer to the method. The implementation, the repetition will not be repeated.
如图 9所示, 本发明实施例的用户设备包括: 判断模块 900和控制模块 910。  As shown in FIG. 9, the user equipment in the embodiment of the present invention includes: a determining module 900 and a control module 910.
判断模块 900, 用于在需要进行接入控制时, 判断禁止接入的群组的群组标识中是否 有自己所属的群组的群组标识, 其中禁止接入的群组的群组标识是用户设备根据收到的来 自网络侧的通知确定的;  The determining module 900 is configured to determine, when the access control needs to be performed, whether the group identifier of the group to which the access is prohibited has a group identifier of the group to which the group belongs, wherein the group identifier of the group that is prohibited from accessing is The user equipment is determined according to the received notification from the network side;
控制模块 910, 用于在确定禁止接入的群组的群组标识中有需要进行接入控制的群组 的群组标识后, 取消接入控制; 在确定禁止接入的群组的群组标识中没有需要进行接入控 制的群组的群组标识后, 进行接入控制。  The control module 910 is configured to cancel the access control after determining the group identity of the group that needs to perform access control in the group identity of the group that is prohibited from accessing; After the group ID of the group that does not need access control is identified in the identifier, access control is performed.
其中, 所述的判断模块 900和控制模块 910可以为处理器等设备。  The determining module 900 and the control module 910 may be devices such as a processor.
较佳地, 本发明实施例的用户设备还可以进一步包括:  Preferably, the user equipment of the embodiment of the present invention may further include:
第二接收模块 920, 用于接收到来自核心网控制节点的禁止接入的群组的群组标识或 接收到来自核心网控制节点的取消禁止接入的群组的群组标识后, 更新禁止接入的群组的 群组标识。  The second receiving module 920 is configured to: after receiving the group identifier of the group that is prohibited from accessing the core network control node or receiving the group identifier of the group that is forbidden to access from the core network control node, the update is prohibited. The group ID of the group that is accessed.
所述的第二接收模块 920可以为具有收发功能的传输设备。  The second receiving module 920 can be a transmission device with a transceiving function.
较佳地, 判断模块 900将接收到来自核心网控制节点的群组接入控制信息中包含的群 组标识作为禁止接入的群组的群组标识。  Preferably, the judging module 900 receives the group identifier included in the group access control information from the core network control node as the group identifier of the group that is prohibited from accessing.
较佳地, 判断模块 900通过广播或群组调度方式接收来自核心网控制节点的通知。 较佳地, 判断模块 900和第二接收模块 920在接入层, 控制模块 910在非接入层; 或 第二接收模块 920在接入层, 判断模块 900和控制模块 910在非接入层。 本领域内的技术人员应明白, 本发明的实施例可提供为方法、 系统、 或计算机程序产 品。 因此, 本发明可釆用完全硬件实施例、 完全软件实施例、 或结合软件和硬件方面的实 施例的形式。 而且, 本发明可釆用在一个或多个其中包含有计算机可用程序代码的计算机 可用存储介盾 (包括但不限于磁盘存储器、 CD-ROM、 光学存储器等)上实施的计算机程 序产品的形式。 Preferably, the determining module 900 receives the notification from the core network control node by means of broadcast or group scheduling. Preferably, the judging module 900 and the second receiving module 920 are at the access layer, the control module 910 is at the non-access stratum, or the second receiving module 920 is at the access layer, and the judging module 900 and the control module 910 are at the non-access stratum. . Those skilled in the art will appreciate that embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware. Moreover, the present invention is in the form of a computer program product embodied on one or more computer-usable storage interfaces (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer usable program code.
本发明是参照根据本发明实施例的方法、 设备(系统)、 和计算机程序产品的流程图 和 /或方框图来描述的。 应理解可由计算机程序指令实现流程图和 /或方框图中的每一流 程和 /或方框、 以及流程图和 /或方框图中的流程和 /或方框的结合。 可提供这些计算机 程序指令到通用计算机、 专用计算机、 嵌入式处理机或其他可编程数据处理设备的处理器 以产生一个机器, 使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用 于实现在流程图一个流程或多个流程和 /或方框图一个方框或多个方框中指定的功能的 装置。  The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (system), and computer program products according to embodiments of the invention. It will be understood that each process and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device. Means for implementing the functions specified in one or more of the flow or in a block or blocks of the flow chart.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方 式工作的计算机可读存储器中, 使得存储在该计算机可读存储器中的指令产生包括指令装 置的制造品, 该指令装置实现在流程图一个流程或多个流程和 /或方框图一个方框或多个 方框中指定的功能。  The computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device. The apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上, 使得在计算机 或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理, 从而在计算机或其他 可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和 /或方框图一个 方框或多个方框中指定的功能的步骤。  These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
尽管已描述了本发明的优选实施例, 但本领域内的技术人员一旦得知了基本创造性概 念, 则可对这些实施例作出另外的变更和修改。 所以, 所附权利要求意欲解释为包括优选 实施例以及落入本发明范围的所有变更和修改。  Although the preferred embodiment of the invention has been described, it will be apparent to those of ordinary skill in the art that <RTIgt; Therefore, the appended claims are intended to be construed as including the preferred embodiments and the modifications
显然, 本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的精神和 范围。这样,倘若本发明的这些修改和变型属于本发明权利要求及其等同技术的范围之内, 则本发明也意图包含这些改动和变型在内。  It is apparent that those skilled in the art can make various modifications and variations to the invention without departing from the spirit and scope of the invention. Thus, it is intended that the present invention cover the modifications and modifications of the invention

Claims

权 利 要 求 Rights request
1、 一种进行接入控制的方法, 其特征在于, 该方法包括: A method for performing access control, characterized in that the method comprises:
机器类型通信 MTC应用服务器确定需要禁止群组中的用户设备接入;  Machine type communication The MTC application server determines that user equipment access in the group needs to be prohibited;
所述 MTC应用服务器将需要禁止的群组的群组标识和群组中每个用户设备所在的位 置的位置信息发送给核心网控制节点, 用于指示核心网控制节点通知群组标识对应的群组 中的用户设备禁止接入。  The MTC application server sends the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment is located in the group to the core network control node, and is used to instruct the core network control node to notify the group corresponding to the group identifier. User equipment in the group is forbidden to access.
2、 如权利要求 1所述的方法, 其特征在于, 所述 MTC应用服务器将需要禁止的群组 的群组标识和群组中每个用户设备所在的位置的位置信息发送给核心网控制节点之后, 还 包括:  2. The method according to claim 1, wherein the MTC application server sends the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment in the group is located to the core network control node. After that, it also includes:
所述 MTC应用服务器在确定需要取消禁止群组中的用户设备接入后 , 将需要取消禁 止的群组的群组标识和群组中每个用户设备所在的位置的位置信息发送给核心网控制节 点, 用于指示核心网控制节点通知群组标识对应的群组中的用户设备取消禁止接入。  After determining that the user equipment in the group is required to be unblocked, the MTC application server sends the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment in the group is located to the core network control. And a node, configured to instruct the core network control node to notify the user equipment in the group corresponding to the group identifier to cancel the access prohibition.
3、 一种进行接入控制的方法, 其特征在于, 该方法包括:  3. A method for performing access control, characterized in that the method comprises:
核心网控制节点根据接收到的来自 MTC应用服务器的位置信息, 确定每个位置信息 的地理位置对应的接入网节点;  The core network control node determines, according to the received location information from the MTC application server, an access network node corresponding to the geographic location of each location information;
所述核心网控制节点将接收到的来自 MTC应用服务器的禁止接入的群组对应的群组 标识发送给所述接入网节点, 用于指示所述接入网节点通知所述群组标识对应的群组中的 用户设备禁止接入。  The core network control node sends the received group identifier corresponding to the group that is forbidden to access from the MTC application server to the access network node, and is used to instruct the access network node to notify the group identifier User equipment in the corresponding group is prohibited from accessing.
4、如权利要求 3所述的方法,其特征在于,所述核心网控制节点将接收到的来自 MTC 应用服务器的禁止接入的群组对应的群组标识发送给所述接入网节点之后, 还包括: 所述核心网控制节点根据接收到的来自 MTC应用服务器的位置信息, 确定每个位置 信息的地理位置对应的接入网节点;  The method according to claim 3, wherein the core network control node sends the received group identifier corresponding to the group that is forbidden to access from the MTC application server to the access network node. And the method further includes: determining, by the core network control node, the access network node corresponding to the geographic location of each location information according to the received location information from the MTC application server;
所述核心网控制节点将接收到的来自 MTC应用服务器的取消禁止接入的群组对应的 群组标识发送给所述接入网节点, 用于指示所述接入网节点通知所述群组标识对应的群组 中的用户设备取消禁止接入。  Sending, by the core network control node, the group identifier corresponding to the group that cancels the access prevention from the MTC application server to the access network node, and instructing the access network node to notify the group The user equipment in the corresponding group is identified to cancel the access.
5、 一种进行接入控制的方法, 其特征在于, 该方法包括:  5. A method for performing access control, characterized in that the method comprises:
接入网节点接收来自核心网控制节点的禁止接入的群组的群组标识;  The access network node receives the group identity of the group that is prohibited from accessing the control node of the core network;
所述接入网节点将所述禁止接入的群组的群组标识发送给位于所述群组标识对应的 群组中的用户设备, 用于通知所述用户设备禁止接入。  And the access network node sends the group identifier of the group that is forbidden to be sent to the user equipment that is located in the group corresponding to the group identifier, and is used to notify the user equipment to prohibit access.
6、 如权利要求 5 所述的方法, 其特征在于, 所述接入网节点将所述群组标识发送给 位于所述群组标识对应的群组中的用户设备之后, 还包括:  The method of claim 5, wherein the access network node sends the group identifier to the user equipment in the group corresponding to the group identifier, and further includes:
所述核心网控制节点接收来自核心网控制节点的取消禁止接入的群组的群组标识; 所述核心网控制节点将所述取消禁止接入的群组的群组标识发送给位于所述群组标 识对应的群组中的用户设备, 用于通知所述用户设备取消禁止接入。 Receiving, by the core network control node, a group identifier of a group from the core network control node that cancels the forbidden access; The core network control node sends the group identifier of the group that is forbidden to access to the user equipment that is located in the group corresponding to the group identifier, and is used to notify the user equipment to cancel the prohibition of access.
7、 如权利要求 5 所述的方法, 其特征在于, 所述核心网控制节点将群组标识发送给 用户设备, 包括:  The method of claim 5, wherein the core network control node sends the group identifier to the user equipment, including:
所述核心网控制节点通过广播或群组调度方式将群组标识发送给用户设备。  The core network control node sends the group identifier to the user equipment by means of broadcast or group scheduling.
8、 如权利要求 5 所述的方法, 其特征在于, 所述接入网节点将所述禁止接入的群组 所述接入网节点将群组标识置于群组接入控制信息中发送给用户设备。  The method according to claim 5, wherein the access network node sends the group identity to the group access control information by sending the group identity to the access network node Give the user device.
9、 如权利要求 8 所述的方法, 其特征在于, 所述接入网节点将所述群组标识发送给 位于所述群组标识对应的群组中的用户设备之后, 还包括:  The method of claim 8, wherein the access network node sends the group identifier to the user equipment in the group corresponding to the group identifier, and further includes:
所述核心网控制节点接收来自核心网控制节点的取消禁止接入的群组的群组标识; 所述核心网控制节点将不包含所述取消禁止接入的群组的群组标识的群组接入控制 信息发送给位于所述群组标识对应的群组中的用户设备。  The core network control node receives a group identity of a group from the core network control node that cancels the forbidden access; the core network control node does not include the group of the group identity of the group that cancels the forbidden access group The access control information is sent to the user equipment located in the group corresponding to the group identifier.
10、 如权利要求 8所述的方法, 其特征在于, 所述核心网控制节点将群组接入控制信 息发送给用户设备, 包括:  The method of claim 8, wherein the core network control node sends the group access control information to the user equipment, including:
所述核心网控制节点通过广播或群组调度方式将群组接入控制信息发送给用户设备。 The core network control node sends the group access control information to the user equipment in a broadcast or group scheduling manner.
11、如权利要求 7或 10所述的方法, 其特征在于, 所述核心网控制节点通过群组调度 方式发送时, 通过 G-RNTI对所述用户设备进行调度。 The method according to claim 7 or 10, wherein, when the core network control node sends in a group scheduling manner, the user equipment is scheduled by using a G-RNTI.
12、 一种进行接入控制的方法, 其特征在于, 该方法包括:  12. A method for performing access control, characterized in that the method comprises:
用户设备在需要进行接入控制时, 判断禁止接入的群组的群组标识中是否有自己所属 的群组的群组标识, 其中禁止接入的群组的群组标识是用户设备根据收到的来自网络侧的 通知确定的;  When the user equipment needs to perform access control, it is determined whether the group identifier of the group to which the access group is prohibited has the group identifier of the group to which the group belongs. The notification from the network side is determined;
所述用户设备在确定禁止接入的群组的群组标识中有需要进行接入控制的群组的群 组标识后, 取消接入控制; 在确定禁止接入的群组的群组标识中没有需要进行接入控制的 群组的群组标识后, 进行接入控制。  The user equipment cancels the access control after determining the group identifier of the group that needs to perform access control in the group identifier of the group that is prohibited from accessing; in determining the group identifier of the group that is prohibited from accessing After there is no group identification of the group that needs to perform access control, access control is performed.
13、 如权利要求 12 所述的方法, 其特征在于, 所述用户设备确定禁止接入的群组的 群组标识, 包括:  The method of claim 12, wherein the user equipment determines the group identity of the group that is forbidden to access, including:
所述用户设备接收到来自核心网控制节点的禁止接入的群组的群组标识或接收到来 自核心网控制节点的取消禁止接入的群组的群组标识后, 更新禁止接入的群组的群组标 识。  After the user equipment receives the group identity of the group that is forbidden to access from the core network control node or receives the group identity of the group that cancels the access restriction from the core network control node, the group that is forbidden to access is updated. The group ID of the group.
14、 如权利要求 12 所述的方法, 其特征在于, 所述用户设备接收来自核心网控制节 点的通知, 包括:  The method of claim 12, wherein the receiving, by the user equipment, the notification from the core network control node comprises:
所述用户设备将接收到来自核心网控制节点的群组接入控制信息中包含的群组标识 作为禁止接入的群组的群组标识。 The user equipment will receive the group identifier included in the group access control information from the core network control node. The group ID of the group that is prohibited from access.
15、 如权利要求 13或 14所述的方法, 其特征在于, 所述用户设备接收到来自核心网 控制节点的通知, 包括:  The method according to claim 13 or 14, wherein the user equipment receives the notification from the core network control node, including:
所述用户设备通过广播或群组调度方式接收来自核心网控制节点的通知。  The user equipment receives the notification from the core network control node by means of broadcast or group scheduling.
16、 如权利要求 12~14任一所述的方法, 其特征在于, 所述用户设备的接入层判断禁 止接入的群组的群组标识中是否有自己所属的群组的群组标识, 在确定禁止接入的群组的 群组标识中有需要进行接入控制的群组的群组标识后, 通知非接入层该群组被网络禁止接 入; 或  The method according to any one of claims 12 to 14, wherein the access layer of the user equipment determines whether the group identifier of the group to which the access group is prohibited has the group identifier of the group to which the group belongs. After determining the group identifier of the group that needs to perform access control in the group identifier of the group that is prohibited from accessing, notify the non-access stratum that the group is prohibited from being accessed by the network; or
所述用户设备的接入层将接收到的来自网络侧的禁止接入的群组的群组标识通知给 非接入层, 非接入层判断禁止接入的群组的群组标识中是否有自己所属的群组的群组标 识。  The access layer of the user equipment notifies the non-access stratum of the received group identity of the group that is forbidden to access from the network side, and the non-access stratum determines whether the group identity of the group that is prohibited from accessing is The group ID of the group to which you belong.
17、 一种进行接入控制的机器类型通信 MTC应用服务器, 其特征在于, 该 MTC应用 服务器包括:  17. A machine type communication MTC application server for performing access control, wherein the MTC application server comprises:
第一确定模块, 用于确定需要禁止群组中的用户设备接入;  a first determining module, configured to determine that the user equipment in the group needs to be prohibited from accessing;
第一处理模块, 用于将需要禁止的群组的群组标识和群组中每个用户设备所在的位置 的位置信息发送给核心网控制节点, 用于指示核心网控制节点通知群组标识对应的群组中 的用户设备禁止接入。  a first processing module, configured to send the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment is located in the group to the core network control node, to indicate that the core network control node notifies the group identifier User equipment in the group is forbidden to access.
18、如权利要求 17所述的 MTC应用服务器,其特征在于,所述第一确定模块还用于: 确定需要取消禁止群组中的用户设备接入;  The MTC application server according to claim 17, wherein the first determining module is further configured to: determine that the user equipment access in the group is required to be canceled;
所述第一处理模块还用于: 将需要取消禁止的群组的群组标识和群组中每个用户设备 所在的位置的位置信息发送给核心网控制节点, 用于指示核心网控制节点通知群组标识对 应的群组中的用户设备取消禁止接入。  The first processing module is further configured to: send the group identifier of the group that needs to be forbidden and the location information of the location where each user equipment in the group is located to the core network control node, where used to indicate the notification of the core network control node The user equipment in the group corresponding to the group identifier cancels the access prohibition.
19、 一种进行接入控制的核心网控制节点, 其特征在于, 该核心网控制节点包括: 第二确定模块, 用于根据接收到的来自 MTC应用服务器的位置信息, 确定每个位置 信息的地理位置对应的接入网节点;  A core network control node for performing access control, wherein the core network control node includes: a second determining module, configured to determine each location information according to the received location information from the MTC application server. The access network node corresponding to the geographical location;
第二处理模块, 用于将接收到的来自 MTC应用服务器的禁止接入的群组对应的群组 标识发送给所述接入网节点, 用于指示所述接入网节点通知所述群组标识对应的群组中的 用户设备禁止接入。  a second processing module, configured to send, to the access network node, a group identifier corresponding to the group that is forbidden to access from the MTC application server, to notify the access network node to notify the group The user equipment in the corresponding group is prohibited from accessing.
20、 如权利要求 19所述的核心网控制节点, 其特征在于, 所述第二确定模块还用于: 根据接收到的来自 MTC应用服务器的位置信息, 确定每个位置信息的地理位置对应的接 入网节点;  The core network control node according to claim 19, wherein the second determining module is further configured to: determine, according to the received location information from the MTC application server, a geographical location of each location information Access network node;
所述第二处理模块还用于: 将接收到的来自 MTC应用服务器的取消禁止接入的群组 对应的群组标识发送给所述接入网节点, 用于指示所述接入网节点通知所述群组标识对应 的群组中的用户设备取消禁止接入。 The second processing module is further configured to: send the received group identifier corresponding to the group that cancels the access from the MTC application server to the access network node, and is used to notify the access network node to notify Corresponding to the group identifier User equipment in the group is forbidden from accessing.
21、 一种进行接入控制的接入网节点, 其特征在于, 该接入网节点包括:  An access network node that performs access control, where the access network node includes:
第一接收模块, 用于接收来自核心网控制节点的禁止接入的群组的群组标识; 第三处理模块, 用于将所述禁止接入的群组的群组标识发送给位于所述群组标识对应 的群组中的用户设备, 用于通知所述用户设备禁止接入。  a first receiving module, configured to receive a group identifier of a group that is forbidden to access from a core network control node, and a third processing module, configured to send, to the The user equipment in the group corresponding to the group identifier is used to notify the user equipment to prohibit access.
22、 如权利要求 21 所述的接入网节点, 其特征在于, 所述第一接收模块还用于: 接 收来自核心网控制节点的取消禁止接入的群组的群组标识;  The access network node according to claim 21, wherein the first receiving module is further configured to: receive a group identifier of a group that is forbidden to be accessed from a control node of the core network;
所述第三处理模块还用于: 将所述取消禁止接入的群组的群组标识发送给位于所述群 组标识对应的群组中的用户设备, 用于通知所述用户设备取消禁止接入。  The third processing module is further configured to: send the group identifier of the group that is forbidden to access to the user equipment that is located in the group corresponding to the group identifier, to notify the user equipment to cancel the prohibition Access.
23、 如权利要求 21所述的接入网节点, 其特征在于, 所述第三处理模块具体用于: 通过广播或群组调度方式将群组标识发送给用户设备。  The access network node according to claim 21, wherein the third processing module is specifically configured to: send the group identifier to the user equipment by using a broadcast or a group scheduling manner.
24、 如权利要求 21所述的接入网节点, 其特征在于, 所述第三处理模块具体用于: 将群组标识置于群组接入控制信息中发送给用户设备。  The access network node according to claim 21, wherein the third processing module is specifically configured to: send the group identifier to the user equipment by placing the group identifier in the group access control information.
25、 如权利要求 24 所述的接入网节点, 其特征在于, 所述第一接收模块还用于: 接 收来自核心网控制节点的取消禁止接入的群组的群组标识;  The access network node according to claim 24, wherein the first receiving module is further configured to: receive a group identifier of a group that is forbidden to access from a control node of the core network;
所述第三处理模块还用于: 将不包含所述取消禁止接入的群组的群组标识的群组接入 控制信息发送给位于所述群组标识对应的群组中的用户设备。  The third processing module is further configured to: send group access control information that does not include the group identifier of the group that cancels the access prohibition to the user equipment that is located in the group corresponding to the group identifier.
26、 如权利要求 24所述的接入网节点, 其特征在于, 所述第三处理模块具体用于: 通过广播或群组调度方式将群组接入控制信息发送给用户设备。  The access network node according to claim 24, wherein the third processing module is specifically configured to: send the group access control information to the user equipment by using a broadcast or a group scheduling manner.
27、如权利要求 23或 26所述的接入网节点, 其特征在于, 所述第三处理模块还用于: 通过群组调度方式发送时, 通过 G-RNTI对所述用户设备进行调度。  The access network node according to claim 23 or 26, wherein the third processing module is further configured to: when the group scheduling mode is sent, scheduling the user equipment by using a G-RNTI.
28、 一种进行接入控制的用户设备, 其特征在于, 该用户设备包括:  A user equipment for performing access control, where the user equipment includes:
判断模块, 用于在需要进行接入控制时, 判断禁止接入的群组的群组标识中是否有自 己所属的群组的群组标识, 其中禁止接入的群组的群组标识是用户设备根据收到的来自网 络侧的通知确定的;  a judging module, configured to determine, in the group ID of the group that is prohibited from accessing, a group identifier of the group to which the group is prohibited, wherein the group identifier of the group to which the access is prohibited is a user The device is determined according to the received notification from the network side;
控制模块, 用于在确定禁止接入的群组的群组标识中有需要进行接入控制的群组的群 组标识后, 取消接入控制; 在确定禁止接入的群组的群组标识中没有需要进行接入控制的 群组的群组标识后, 进行接入控制。  a control module, configured to: after determining a group identity of a group that needs to perform access control in a group identity of a group that is prohibited from accessing, canceling access control; determining a group identity of a group that is prohibited from accessing After there is no group identification of the group that needs to perform access control, access control is performed.
29、 如权利要求 28所述的用户设备, 其特征在于, 所述用户设备还包括:  The user equipment of claim 28, wherein the user equipment further comprises:
第二接收模块, 用于接收到来自核心网控制节点的禁止接入的群组的群组标识或接收 到来自核心网控制节点的取消禁止接入的群组的群组标识后, 更新禁止接入的群组的群组 标识。  a second receiving module, configured to receive a group identity of a group that is forbidden to access from a core network control node or to receive a group identity of a group that is forbidden to access from a core network control node, The group ID of the entered group.
30、 如权利要求 28所述的用户设备, 其特征在于, 所述判断模块具体用于: 将接收到来自核心网控制节点的群组接入控制信息中包含的群组标识作为禁止接入 的群组的群组标识。 The user equipment according to claim 28, wherein the determining module is specifically configured to: The group identifier included in the group access control information received from the core network control node is used as the group identifier of the group that is prohibited from accessing.
31、 如权利要求 29或 30所述的用户设备, 其特征在于, 所述判断模块具体用于: 通过广播或群组调度方式接收来自核心网控制节点的通知。  The user equipment according to claim 29 or 30, wherein the determining module is specifically configured to: receive a notification from a core network control node by using a broadcast or a group scheduling manner.
32、 如权利要求 29 所述的用户设备, 其特征在于, 所述判断模块和所述第二接收模 块在接入层, 所述控制模块在非接入层; 或  The user equipment according to claim 29, wherein the determining module and the second receiving module are in an access layer, and the control module is in a non-access stratum; or
所述第二接收模块在接入层, 所述判断模块和所述控制模块在非接入层。  The second receiving module is at an access layer, and the determining module and the control module are at a non-access stratum.
PCT/CN2013/080382 2012-08-15 2013-07-30 Method and device for access control WO2014026540A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201210291395.6A CN103596242B (en) 2012-08-15 2012-08-15 A kind of method and apparatus carrying out access control
CN201210291395.6 2012-08-15

Publications (1)

Publication Number Publication Date
WO2014026540A1 true WO2014026540A1 (en) 2014-02-20

Family

ID=50086179

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/080382 WO2014026540A1 (en) 2012-08-15 2013-07-30 Method and device for access control

Country Status (2)

Country Link
CN (1) CN103596242B (en)
WO (1) WO2014026540A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016085882A1 (en) * 2014-11-25 2016-06-02 Huawei Technologies Co., Ltd System and method for downlink machine-to-machine communications
CN104540107A (en) * 2014-12-03 2015-04-22 东莞宇龙通信科技有限公司 Management method and management system for machine type communication (MTC) terminal cluster, and network side equipment
CN109219041B (en) * 2017-07-05 2021-06-29 中国电信股份有限公司 Access control method and mobility management entity
CN115708382A (en) * 2021-08-19 2023-02-21 Oppo广东移动通信有限公司 Cell residence method, device, mobile terminal and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102238629A (en) * 2010-05-07 2011-11-09 华为技术有限公司 Access control method for machine type communication, equipment and communication system
CN102238696A (en) * 2010-04-29 2011-11-09 电信科学技术研究院 Control method and equipment for terminal equipment access network
CN102404821A (en) * 2010-09-15 2012-04-04 电信科学技术研究院 Access control method and device for magnetic tape controller (MTC) terminal
CN102547911A (en) * 2010-12-08 2012-07-04 上海贝尔股份有限公司 Method and equipment for carrying out ascending transmission control of MTC equipment on basis of position information

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101895858B (en) * 2009-05-20 2014-11-05 华为技术有限公司 Location update strategy acquisition, location update reject and paging methods and equipment
CN102158930B (en) * 2010-02-11 2015-07-22 电信科学技术研究院 Method and equipment for accessing MTC (Multimedia Telephone Communication) equipment
CN102244855B (en) * 2010-05-10 2015-04-15 华为技术有限公司 Position-based machine to machine communicating method, system and device
CN102404792A (en) * 2010-09-14 2012-04-04 中兴通讯股份有限公司 Control method and system of overload
CN102118833A (en) * 2011-03-04 2011-07-06 电信科学技术研究院 Cell accessing indication method, cell selection method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102238696A (en) * 2010-04-29 2011-11-09 电信科学技术研究院 Control method and equipment for terminal equipment access network
CN102238629A (en) * 2010-05-07 2011-11-09 华为技术有限公司 Access control method for machine type communication, equipment and communication system
CN102404821A (en) * 2010-09-15 2012-04-04 电信科学技术研究院 Access control method and device for magnetic tape controller (MTC) terminal
CN102547911A (en) * 2010-12-08 2012-07-04 上海贝尔股份有限公司 Method and equipment for carrying out ascending transmission control of MTC equipment on basis of position information

Also Published As

Publication number Publication date
CN103596242B (en) 2018-08-10
CN103596242A (en) 2014-02-19

Similar Documents

Publication Publication Date Title
US9974004B2 (en) Extended access barring
CN104186012B (en) Method and apparatus for selective access control with service continuity guarantees
TWI535310B (en) Provisioning of application categories at a user equipment during network congestion
US9220031B2 (en) Access control method and device
JP5396375B2 (en) Mobile communication method and mobile station
JP2018502503A (en) Provisioning application categories on user equipment during network congestion
KR20190100345A (en) Controlling Access to Network Slices in Wireless Communication Systems
CN101222750B (en) Method for processing urgent call and called subscriber in urgent call call-back and its application
US20140248914A1 (en) Base station and system information notification method
KR102320037B1 (en) Method and apparatus to control power saving mode in a mobile communication system
JP5484581B2 (en) Emergency service user calling method and calling system
WO2012119477A1 (en) Method and device for indicating cell access and for selecting cell
CN102123135A (en) Method and system for determining characteristic information of MTC (Machine Type Communication) equipment and device
US11297680B2 (en) Method and apparatus for handling emergency services in a wireless network
US20160330648A1 (en) A method and apparatus for performing congestion mitigation and barring
CN106031287A (en) Random access method, terminal and base station
KR20170050542A (en) Method and apparatus for transmitting and receiving paging message
WO2014026540A1 (en) Method and device for access control
WO2013170537A1 (en) Access control method, terminal, and access network device
CN102469554A (en) Method for terminal to switch in network and terminal
EP3654730B1 (en) Devices and methods for controlling network congestion with rrc inactive
CN108076447B (en) Service-oriented MTC (machine type communication) equipment dynamic access control method and device
WO2011124173A2 (en) Method and system for network congestion processing
CN103220635A (en) Method and system for service notification in wireless communication
WO2017021057A1 (en) Virtual international mobile subscriber identity based insight delivery to mobile devices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13829191

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13829191

Country of ref document: EP

Kind code of ref document: A1