WO2015076345A1 - 通信制御方法、ユーザ端末、及びプロセッサ - Google Patents
通信制御方法、ユーザ端末、及びプロセッサ Download PDFInfo
- Publication number
- WO2015076345A1 WO2015076345A1 PCT/JP2014/080805 JP2014080805W WO2015076345A1 WO 2015076345 A1 WO2015076345 A1 WO 2015076345A1 JP 2014080805 W JP2014080805 W JP 2014080805W WO 2015076345 A1 WO2015076345 A1 WO 2015076345A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- access point
- wlan
- wlan access
- detected
- authentication
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/08—Access restriction or access information delivery, e.g. discovery data delivery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/15—Setup of multiple wireless link connections
- H04W76/16—Involving different core network technologies, e.g. a packet-switched [PS] bearer in combination with a circuit-switched [CS] bearer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/18—Management of setup rejection or failure
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/73—Access point logical identity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
- H04W88/06—Terminal devices adapted for operation in multiple networks or having at least two operational modes, e.g. multi-mode terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/08—Access point devices
Definitions
- the present invention relates to a communication control method, a user terminal, and a processor used in a cellular communication system capable of cooperating with a wireless LAN system.
- 3GPP 3rd Generation Partnership Project
- RAN Radio Access Network
- WLAN Wireless Local Area Network
- the traffic load of the cellular RAN can be reduced (offload) by switching the traffic of the user terminal accommodated by the cellular RAN to be accommodated by the WLAN.
- a WLAN access point can be installed relatively freely. Therefore, there is a possibility that an “spoofed WLAN access point” is installed in order to intercept the communication contents of the user terminal. It is not preferable to leave the “spoofed WLAN access point” from the viewpoint of securing confidentiality of communication.
- an object of the present invention is to ensure communication confidentiality even when a cellular RAN is linked to a WLAN.
- a communication control method includes a step A in which a user terminal acquires a reliable WLAN access point identifier from a network device of a cellular network, and the user terminal sets a WLAN access point corresponding to the identifier. If detected, the detected WLAN access point is subjected to a WLAN connection procedure including an authentication process necessary for a WLAN connection, and the detected process is performed when the authentication process fails in the WLAN connection procedure. And reporting C related to the WLAN access point from the user terminal to the network device.
- the user terminal includes a control unit that acquires a reliable WLAN access point identifier from a network device of a cellular network.
- the control unit detects a WLAN access point corresponding to the identifier, the control unit performs a WLAN connection procedure including authentication processing necessary for WLAN connection to the detected WLAN access point.
- the control unit notifies the network device of report information regarding the detected WLAN access point when the authentication process fails in the WLAN connection procedure.
- the processor according to the third feature is provided in a user terminal that acquires an identifier of a reliable WLAN access point from a network device of a cellular network.
- the processor detects a WLAN access point corresponding to the identifier, the processor performs a WLAN connection procedure including an authentication process necessary for WLAN connection to the detected WLAN access point.
- the user terminal acquires a reliable WLAN access point identifier from the network device of the cellular network, and the user terminal detects a WLAN access point corresponding to the identifier. If the detected WLAN access point includes a step B of performing a WLAN connection procedure including an authentication process necessary for WLAN connection, and the detected WLAN access when the authentication process fails in the WLAN connection procedure. And C for notifying the network device of report information regarding points from the user terminal.
- step A the user terminal further acquires WLAN authentication information to be used for the authentication process from the network device.
- step B the user terminal uses the WLAN authentication information acquired from the network device for the authentication process.
- the network device manages information related to the reliable WLAN access point.
- the communication control method further includes a step D in which the network device that has received the report information updates the managed information based on the received report information.
- step D the network device updates the managed information so as to exclude the detected WLAN access point.
- the report information is used for the detected WLAN access point identifier, the WLAN authentication information used for the authentication process with the detected WLAN access point, and the authentication process with the detected WLAN access point. At least one of the authentication methods provided.
- the report information further includes at least one of position information related to a geographical location of the detected WLAN access point and time information related to an authentication failure time with the detected WLAN access point.
- the step C includes the step C1 of holding the report information in the user terminal when the user terminal does not have connection with the cellular network when the authentication with the detected WLAN access point fails. And after the user terminal is connected to the cellular network, the user terminal notifies the network device of the held report information.
- the user terminal includes a control unit that acquires a reliable WLAN access point identifier from a network device of a cellular network.
- the control unit detects a WLAN access point corresponding to the identifier, the control unit performs a WLAN connection procedure including authentication processing necessary for WLAN connection to the detected WLAN access point.
- the control unit notifies the network device of report information regarding the detected WLAN access point when the authentication process fails in the WLAN connection procedure.
- the processor according to the embodiment is provided in a user terminal that acquires an identifier of a reliable WLAN access point from a network device of a cellular network.
- the processor detects a WLAN access point corresponding to the identifier, the processor performs a WLAN connection procedure including an authentication process necessary for WLAN connection to the detected WLAN access point.
- FIG. 1 is a system configuration diagram according to the embodiment.
- the cellular communication system includes an eNB 200.
- the eNB 200 corresponds to a cellular base station.
- the eNB 200 manages one or a plurality of cells, and performs radio communication with the UE 100 that has established a connection with the own cell.
- “cell” is used as a term indicating a minimum unit of a radio communication area, and is also used as a term indicating a function of performing radio communication with the UE 100.
- the eNB 200 has, for example, a radio resource management (RRM) function, a user data routing function, and a measurement control function for mobility control and scheduling.
- RRM radio resource management
- the UE 100 is a mobile radio communication device, and performs radio communication with a cell that has established a connection.
- UE100 is corresponded to a user terminal.
- the UE 100 is a terminal (dual terminal) that supports both cellular communication and WLAN communication methods.
- the eNB 200 configures a cellular RAN that is a kind of access network.
- the cellular RAN in LTE is referred to as E-UTRAN (Evolved Universal Terrestrial Radio Access Network).
- the eNB 200 is connected to the cellular core network 10.
- the cellular-side core network 10 includes an MME / S-GW.
- the MME is a network node that performs various types of mobility control for the UE 100, and corresponds to a control station.
- the S-GW is a network node that performs transfer control of user data, and corresponds to an exchange.
- the cellular core network 10 is connected to the Internet 3.
- the eNB 200 (E-UTRAN) and the cellular core network 10 constitute the cellular network 1.
- the cellular side server 400 is connected to the cellular side core network 10.
- the cellular server 400 authenticates the UE 100 in the cellular network 1. Further, the cellular server 400 provides the UE 100 with information for the UE 100 to connect to the WLAN.
- the WLAN system includes a WLAN access point (hereinafter simply referred to as “AP”) 300.
- the AP 300 constitutes a WLAN that is a type of access network.
- the AP 300 is configured based on, for example, IEEE 802.11 standards.
- the AP 300 is connected to the WLAN side core network 20.
- the WLAN side core network 20 is connected to the Internet 3.
- the AP 300 (WLAN) and the WLAN side core network 20 constitute a WLAN network 2.
- the WLAN side server 500 is connected to the WLAN side core network 20.
- the WLAN side server 500 authenticates the UE 100 in the WLAN network 2.
- FIG. 2 is a block diagram of the UE 100.
- the UE 100 includes antennas 101 and 102, a cellular communication unit 111, a WLAN communication unit 112, a user interface 120, a GNSS (Global Navigation Satellite System) receiver 130, a battery 140, and a memory. 150 and a processor 160.
- the memory 150 and the processor 160 constitute a control unit.
- the UE 100 may not have the GNSS receiver 130.
- the memory 150 may be integrated with the processor 160, and this set (that is, a chip set) may be used as the processor 160 '.
- the antenna 101 and the cellular communication unit 111 are used for transmitting and receiving cellular radio signals.
- the cellular communication unit 111 converts the baseband signal output from the processor 160 into a cellular radio signal and transmits it from the antenna 101.
- the cellular communication unit 111 converts a cellular radio signal received by the antenna 101 into a baseband signal and outputs it to the processor 160.
- the antenna 102 and the WLAN communication unit 112 are used for transmitting and receiving WLAN radio signals.
- the WLAN communication unit 112 converts the baseband signal output from the processor 160 into a WLAN radio signal and transmits it from the antenna 102.
- the WLAN communication unit 112 converts the WLAN radio signal received by the antenna 102 into a baseband signal and outputs the baseband signal to the processor 160.
- the user interface 120 is an interface with a user who owns the UE 100, and includes, for example, a display, a microphone, a speaker, and various buttons.
- the user interface 120 receives an input from the user and outputs a signal indicating the content of the input to the processor 160.
- the GNSS receiver 130 receives a GNSS signal and outputs the received signal to the processor 160 in order to obtain position information indicating the geographical position of the UE 100.
- the battery 140 stores power to be supplied to each block of the UE 100.
- the memory 150 stores a program executed by the processor 160 and information used for processing by the processor 160.
- the processor 160 includes a baseband processor that performs modulation / demodulation and encoding / decoding of a baseband signal, and a CPU that executes programs stored in the memory 150 and performs various processes.
- the processor 160 may further include a codec that performs encoding / decoding of an audio / video signal.
- the processor 160 executes various processes and various communication protocols described later.
- FIG. 3 is a block diagram of the eNB 200.
- the eNB 200 includes an antenna 201, a cellular communication unit 210, a network interface 220, a memory 230, and a processor 240.
- the memory 230 and the processor 240 constitute a control unit.
- the antenna 201 and the cellular communication unit 210 are used for transmitting and receiving cellular radio signals.
- the cellular communication unit 210 converts the baseband signal output from the processor 240 into a cellular radio signal and transmits it from the antenna 201.
- the cellular communication unit 210 converts a cellular radio signal received by the antenna 201 into a baseband signal and outputs it to the processor 240.
- the network interface 220 is connected to the neighboring eNB via the X2 interface and is connected to the MME / S-GW via the S1 interface.
- the memory 230 stores a program executed by the processor 240 and information used for processing by the processor 240.
- the processor 240 includes a baseband processor that performs modulation / demodulation and encoding / decoding of a baseband signal, and a CPU that executes programs stored in the memory 230 and performs various processes.
- the processor 240 executes various processes and various communication protocols described later.
- FIG. 4 is a block diagram of the cellular server 400.
- the cellular server 400 includes a network interface 410, a memory 420, and a processor 430.
- the memory 420 corresponds to a storage unit.
- the processor 430 and the memory 420 constitute a control unit.
- the network interface 410 is connected to the cellular core network 10.
- the memory 420 stores a program executed by the processor 430 and information used for processing by the processor 430.
- the processor 430 executes programs stored in the memory 420 and performs various processes.
- the processor 430 executes various processes described later.
- FIG. 5 is a protocol stack diagram of a radio interface in LTE. As shown in FIG. 5, the radio interface protocol is divided into the first to third layers of the OSI reference model, and the first layer is a physical (PHY) layer.
- the second layer includes a MAC (Medium Access Control) layer, an RLC (Radio Link Control) layer, and a PDCP (Packet Data Convergence Protocol) layer.
- the third layer includes an RRC (Radio Resource Control) layer.
- the physical layer performs encoding / decoding, modulation / demodulation, antenna mapping / demapping, and resource mapping / demapping. Between the physical layer of UE100 and the physical layer of eNB200, user data and a control signal are transmitted via a physical channel.
- the MAC layer performs data priority control, retransmission processing by hybrid ARQ (HARQ), and the like. Between the MAC layer of the UE 100 and the MAC layer of the eNB 200, user data and control signals are transmitted via a transport channel.
- the MAC layer of the eNB 200 includes a scheduler that determines an uplink / downlink transport format (transport block size, modulation / coding scheme) and an allocation resource block to the UE 100.
- the RLC layer transmits data to the RLC layer on the receiving side using the functions of the MAC layer and the physical layer. Between the RLC layer of the UE 100 and the RLC layer of the eNB 200, user data and control signals are transmitted via a logical channel.
- the PDCP layer performs header compression / decompression and encryption / decryption.
- the RRC layer is defined only in the control plane that handles control signals. Control signals (RRC messages) for various settings are transmitted between the RRC layer of the UE 100 and the RRC layer of the eNB 200.
- the RRC layer controls the logical channel, the transport channel, and the physical channel according to establishment, re-establishment, and release of the radio bearer. If there is a connection (RRC connection) between the RRC of the UE 100 and the RRC of the eNB 200, the UE 100 is in a connected state, otherwise, the UE 100 is in an idle state.
- the NAS (Non-Access Stratum) layer located above the RRC layer performs session management and mobility management.
- the cellular server 400 transmits / receives a NAS message to / from the UE 100.
- FIG. 6 is a diagram for explaining traffic steering.
- a plurality of APs 300 are provided in the cell of the eNB 200.
- the AP 300 is, for example, an AP (Operator controlled AP) managed by an operator of the cellular communication system.
- a plurality of UEs 100 are present in the cell of the eNB 200.
- the UE 100 may establish a connection with the eNB 200 and may perform cellular communication with the eNB 200. In that case, UE100 transmits / receives the cellular radio signal containing traffic (user data) with eNB200.
- the traffic load of the eNB 200 is reduced by traffic steering that switches the traffic of the UE 100 accommodated by the eNB 200 (E-UTRAN) to be accommodated by the AP 300 (WLAN). (Off-road).
- Traffic steering includes a case where the connection destination of the UE 100 is switched between the eNB 200 and the AP 300, and a case where the UE 100 is connected to both the eNB 200 and the AP 300 and the data path is switched between the eNB 200 and the AP 300.
- AP information information for connecting to the AP 300
- the cellular server 400 manages AP information of a reliable AP 300 (for example, an operator controlled AP), and provides the managed AP information to the UE 100.
- AP information includes an identifier of the reliable AP 300 and WLAN authentication information.
- the identifier of the AP 300 is, for example, an SSID (Service Set Identifier) or ESSID (Extended Service Set Identifier).
- the identifier of the AP 300 may include a MAC address.
- the WLAN authentication information is, for example, an authentication key.
- the AP 300 can be installed relatively freely, and thus there is a possibility that a “spoofed AP” may be installed in order to intercept the communication content of the UE 100.
- the “spoofed AP” is, for example, the AP 300 in which the same AP identifier as the AP identifier of the operator controlled AP is set. It is not preferable to leave such “spoofed AP” from the viewpoint of securing confidentiality of communication.
- the communication control method detects the case where the UE 100 detects the reliable AP 300 identifier from the cellular server 400 and the UE 100 detects the AP 300 corresponding to the identifier.
- Step B for performing a WLAN connection procedure including an authentication process necessary for WLAN connection to the AP 300, and report information regarding the detected AP 300 from the UE 100 when the authentication process fails in the WLAN connection procedure from the UE 100 to the cellular server 400
- Step C for notifying
- the AP 300 that has failed in the authentication process with the UE 100 despite having the same identifier as the reliable AP 300 is a “spoofed AP”. Therefore, by reporting the report information related to such AP 300 from the UE 100 to the cellular server 400, it is possible to grasp the presence of the “spoofed AP”.
- step A the UE 100 further acquires WLAN authentication information to be used for the authentication process from the cellular server 400.
- Step B the UE 100 uses the WLAN authentication information acquired from the cellular server 400 for the authentication process.
- the cellular server 400 manages information (AP information) related to the reliable AP 300.
- the communication control method further includes a step D in which the cellular-side server 400 that has received the report information updates the information managed based on the received report information.
- the cellular server 400 updates the managed information so as to exclude the detected AP 300, for example.
- the AP information of “spoofed AP” can be prevented from being provided to the UE 100 from the cellular side server 400, so that the UE 100 can be prevented from performing the WLAN connection procedure with the “spoofed AP”.
- the report information is used for the identifier of the AP (“spoofed AP”) 300 detected by the UE 100, the WLAN authentication information used for the authentication process with the detected AP 300, and the authentication process with the detected AP 300. At least one of the authentication methods. Further, the report information may further include at least one of position information related to the geographical position of the detected AP 300 and time information related to the authentication failure time with the detected AP 300. Thereby, the cellular network 1 can grasp the details of the “spoofing AP”.
- FIG. 7 is a diagram illustrating an operation sequence according to the embodiment.
- the UE 100 In the initial state of FIG. 7, the UE 100 is in a state of establishing a connection with the cellular network 1. Further, a case is assumed where the AP 300 and the WLAN side server 500 are “spoofing”.
- the cellular server 400 provides the AP 100 with reliable AP information of the AP 300.
- the AP information includes the trusted AP 300 identifier (eg, SSID) and WLAN authentication information (eg, authentication key).
- the UE 100 stores the provided AP information.
- the eNB 200 transmits RAN level information for network selection to the UE 100.
- the RAN level information includes network selection rules, parameters applied in the network selection rules, WLAN measurement instructions, and the like.
- the UE 100 performs WLAN measurement (scan) based on the AP information and the RAN level information. For example, reception of a beacon signal including an AP identifier included in AP information is attempted.
- step S13 the UE 100 receives a beacon signal transmitted from the AP 300.
- the UE 100 determines that a reliable AP 300 has been detected (step S14).
- step S15 the UE 100 performs a WLAN connection procedure including an authentication process necessary for the WLAN connection, on the detected AP 300.
- the WLAN connection procedure includes wireless authentication (step S15a) that is authentication between the UE 100 and the AP 300, and network authentication (step S15b) that is authentication between the UE 100 and the WLAN side server 500.
- wireless authentication is performed with the AP identifier (SSID)
- SSID AP identifier
- the wireless authentication passes, but the authentication fails in the network authentication, and the UE 100 determines that the authentication has failed (step S16).
- the report information is used for the identifier of the AP (“impersonated AP”) 300 detected by the UE 100, the WLAN authentication information used for the authentication process with the detected AP 300, and the authentication process with the detected AP 300. At least one of the authentication methods provided. Further, the report information may further include at least one of position information related to the geographical position of the detected AP 300 and time information related to the authentication failure time with the detected AP 300.
- step S17 the UE 100 transmits report information to the cellular server 400.
- the UE 100 if the UE 100 maintains the connection with the cellular network 1, the UE 100 immediately notifies the cellular side server 400 of the report information.
- the UE 100 may not be connected to the cellular network 1 (idle state) when authentication fails. In that case, UE100 hold
- the cellular server 400 that has received the report information from the UE 100 updates the managed AP information so as to exclude the AP 300 (“spoofed AP”) indicated by the report information.
- the cellular-side server 400 may display the contents of the report information and present the “spoofed AP” information to the operator.
- the operator can identify the location of the “spoofing AP” and take measures such as removing the “spoofing AP”.
- the cellular server 400 or the operator may change the setting for changing the AP identifier for a genuine AP (for example, an operator controlled AP) having the same AP identifier as the “spoofed AP”.
- Step B for performing a WLAN connection procedure including an authentication process necessary for the WLAN connection to the detected AP 300, and report information regarding the detected AP 300 from the UE 100 when the authentication process fails in the WLAN connection procedure.
- step C of notifying the side server 400.
- the AP information is provided from the cellular server 400 to the UE 100, and the UE 100 notifies the cellular server 400 of the report information. That is, the “network device” is the cellular server 400. However, the AP information may be provided from the eNB 200 to the UE 100, and the UE 100 may notify the eNB 200 of the report information. In this case, the “network device” is not the cellular server 400 but the eNB 200.
- the LTE system is described as an example of the cellular communication system.
- the present invention is not limited to the LTE system, and the present invention may be applied to a system other than the LTE system.
- communication confidentiality can be ensured even when the cellular RAN is linked to a WLAN.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
実施形態に係る通信制御方法は、ユーザ端末が、セルラネットワークのネットワーク装置から、信頼できるWLANアクセスポイントの識別子を取得するステップAと、前記ユーザ端末が、前記識別子に対応するWLANアクセスポイントを検知した場合に、当該検知したWLANアクセスポイントに対して、WLAN接続に必要な認証処理を含むWLAN接続手順を行うステップBと、前記WLAN接続手順において前記認証処理に失敗した場合に、前記検知したWLANアクセスポイントに関する報告情報を、前記ユーザ端末から前記ネットワーク装置に対して通知するステップCと、を含む。
以下、図面を参照して、3GPP規格に準拠して構成されるセルラ通信システム(LTEシステム)を無線LAN(WLAN)システムと連携させる場合の実施形態を説明する。
図1は、実施形態に係るシステム構成図である。
図6は、トラフィック・ステアリングを説明するための図である。
次に、実施形態に係る通信制御方法について説明する。
eNB200とは異なり、AP300は比較的自由に設置可能であるため、UE100の通信内容を傍受するために「成りすましAP」が設置される虞がある。「成りすましAP」とは、例えば、Operator controlled APのAP識別子と同じAP識別子が設定されたAP300である。このような「成りすましAP」を放置することは、通信の秘匿性を確保する観点から好ましくない。
図7は、実施形態に係る動作シーケンスを示す図である。図7の初期状態において、UE100は、セルラネットワーク1との接続を確立した状態にある。また、AP300及びWLAN側サーバ500が「成りすまし」であるケースを想定する。
上述したように、実施形態に係る通信制御方法は、UE100が、セルラ側サーバ400から、信頼できるAP300の識別子を取得するステップAと、UE100が、当該識別子に対応するAP300を検知した場合に、当該検知したAP300に対して、WLAN接続に必要な認証処理を含むWLAN接続手順を行うステップBと、WLAN接続手順において認証処理に失敗した場合に、当該検知したAP300に関する報告情報を、UE100からセルラ側サーバ400に対して通知するステップCと、を含む。これにより、セルラネットワーク1において「成りすましAP」の存在を把握することができる。
上述した実施形態では、AP情報をセルラ側サーバ400からUE100に提供し、UE100が報告情報をセルラ側サーバ400に通知していた。すなわち、「ネットワーク装置」がセルラ側サーバ400であった。しかしながら、AP情報をeNB200からUE100に提供し、UE100が報告情報をeNB200に通知してもよい。この場合、「ネットワーク装置」は、セルラ側サーバ400ではなく、eNB200である。
Claims (9)
- ユーザ端末が、セルラネットワークのネットワーク装置から、信頼できるWLANアクセスポイントの識別子を取得するステップAと、
前記ユーザ端末が、前記識別子に対応するWLANアクセスポイントを検知した場合に、当該検知したWLANアクセスポイントに対して、WLAN接続に必要な認証処理を含むWLAN接続手順を行うステップBと、
前記WLAN接続手順において前記認証処理に失敗した場合に、前記検知したWLANアクセスポイントに関する報告情報を、前記ユーザ端末から前記ネットワーク装置に対して通知するステップCと、
を含むことを特徴とする通信制御方法。 - 前記ステップAにおいて、前記ユーザ端末は、前記認証処理に用いるべきWLAN認証情報を前記ネットワーク装置からさらに取得し、
前記ステップBにおいて、前記ユーザ端末は、前記ネットワーク装置から取得した前記WLAN認証情報を前記認証処理に用いることを特徴とする請求項1に記載の通信制御方法。 - 前記ネットワーク装置は、前記信頼できるWLANアクセスポイントに関する情報を管理しており、
前記通信制御方法は、
前記報告情報を受信した前記ネットワーク装置が、当該受信した報告情報に基づいて、前記管理している情報を更新するステップDをさらに含むことを特徴とする請求項1に記載の通信制御方法。 - 前記ステップDにおいて、前記ネットワーク装置は、前記検知したWLANアクセスポイントを除外するように、前記管理している情報を更新することを特徴とする請求項3に記載の通信制御方法。
- 前記報告情報は、前記検知したWLANアクセスポイントの識別子、前記検知したWLANアクセスポイントとの前記認証処理に用いられたWLAN認証情報、前記検知したWLANアクセスポイントとの前記認証処理に用いられた認証方法、のうち少なくとも1つを含むことを特徴とする請求項1に記載の通信制御方法。
- 前記報告情報は、前記検知したWLANアクセスポイントの地理的位置に関する位置情報、前記検知したWLANアクセスポイントとの認証失敗時刻に関する時間情報、のうち少なくとも1つをさらに含むことを特徴とする請求項5に記載の通信制御方法。
- 前記ステップCは、
前記検知したWLANアクセスポイントとの認証失敗時に、前記ユーザ端末が前記セルラネットワークとの接続を有していない場合、前記ユーザ端末において前記報告情報を保持するステップC1と、
前記ユーザ端末が前記セルラネットワークに接続した後に、前記保持している報告情報を前記ユーザ端末から前記ネットワーク装置に対して通知するステップC2と、
を含むことを特徴とする請求項1に記載の通信制御方法。 - セルラネットワークのネットワーク装置から、信頼できるWLANアクセスポイントの識別子を取得する制御部を備えるユーザ端末であって、
前記制御部は、前記識別子に対応するWLANアクセスポイントを検知した場合に、当該検知したWLANアクセスポイントに対して、WLAN接続に必要な認証処理を含むWLAN接続手順を行い、
前記制御部は、前記WLAN接続手順において前記認証処理に失敗した場合に、前記検知したWLANアクセスポイントに関する報告情報を前記ネットワーク装置に対して通知することを特徴とするユーザ端末。 - セルラネットワークのネットワーク装置から、信頼できるWLANアクセスポイントの識別子を取得するユーザ端末に備えられるプロセッサであって、
前記識別子に対応するWLANアクセスポイントを検知した場合に、当該検知したWLANアクセスポイントに対して、WLAN接続に必要な認証処理を含むWLAN接続手順を行う処理と、
前記WLAN接続手順において前記認証処理に失敗した場合に、前記検知したWLANアクセスポイントに関する報告情報を前記ネットワーク装置に対して通知する処理と、を実行することを特徴とするプロセッサ。
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP14864493.3A EP3076696A4 (en) | 2013-11-25 | 2014-11-20 | Communication control method, user terminal, and processor |
JP2015549193A JPWO2015076345A1 (ja) | 2013-11-25 | 2014-11-20 | 通信制御方法、ユーザ端末、及びプロセッサ |
US15/161,946 US20160270143A1 (en) | 2013-11-25 | 2016-05-23 | Communication control method, user terminal, and processor |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2013-242927 | 2013-11-25 | ||
JP2013242927 | 2013-11-25 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/161,946 Continuation US20160270143A1 (en) | 2013-11-25 | 2016-05-23 | Communication control method, user terminal, and processor |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2015076345A1 true WO2015076345A1 (ja) | 2015-05-28 |
Family
ID=53179605
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2014/080805 WO2015076345A1 (ja) | 2013-11-25 | 2014-11-20 | 通信制御方法、ユーザ端末、及びプロセッサ |
Country Status (4)
Country | Link |
---|---|
US (1) | US20160270143A1 (ja) |
EP (1) | EP3076696A4 (ja) |
JP (1) | JPWO2015076345A1 (ja) |
WO (1) | WO2015076345A1 (ja) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106211128A (zh) * | 2016-06-29 | 2016-12-07 | 中国联合网络通信集团有限公司 | Wlan接入状态事件的生成方法和装置 |
JP6152962B1 (ja) * | 2016-12-15 | 2017-06-28 | 株式会社タウンWiFi | 端末装置、接続方法、接続プログラム、認証支援サーバ、認証支援方法、認証支援プログラム及び認証支援システム |
JP2017118305A (ja) * | 2015-12-24 | 2017-06-29 | 株式会社ベルチャイルド | 通信システム及びプログラム |
WO2017154467A1 (ja) * | 2016-03-09 | 2017-09-14 | 株式会社リコー | 識別情報提供システム、識別情報提供装置、識別情報提供プログラムおよび識別情報提供方法 |
JP2018527794A (ja) * | 2015-07-23 | 2018-09-20 | クアルコム,インコーポレイテッド | 不正アクセスポイントのプロファイリング |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10044554B2 (en) * | 2015-09-08 | 2018-08-07 | Verizon Patent And Licensing Inc. | Analyzing dropped wireless local area network connections |
EP4061041A1 (en) | 2017-06-16 | 2022-09-21 | Motorola Mobility LLC | Reporting monitored parameter information |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004350054A (ja) * | 2003-05-22 | 2004-12-09 | Casio Comput Co Ltd | ネットワーク接続システム、このシステムに用いられる端末装置及びネットワーク接続方法 |
JP2005522073A (ja) * | 2002-03-27 | 2005-07-21 | インターナショナル・ビジネス・マシーンズ・コーポレーション | ワイヤレス・アクセス・ポイントのための方法、装置、およびプログラム・プロダクト |
JP2007089006A (ja) * | 2005-09-26 | 2007-04-05 | Microsoft Corp | 無線ネットワーク内で接続を断たれたクライアントおよび不正なアクセスポイントを協調して見つけ出す方法 |
JP2009164882A (ja) * | 2008-01-07 | 2009-07-23 | Hitachi Ltd | 移動端末及び移動体通信管理システム |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7047036B2 (en) * | 2002-07-02 | 2006-05-16 | Interdigital Technology Corporation | Method and apparatus for handoff between a wireless local area network (WLAN) and a universal mobile telecommunication system (UMTS) |
US7286515B2 (en) * | 2003-07-28 | 2007-10-23 | Cisco Technology, Inc. | Method, apparatus, and software product for detecting rogue access points in a wireless network |
GB2430114B (en) * | 2005-09-13 | 2008-06-25 | Roke Manor Research | A method of verifying integrity of an access point on a wireless network |
CN102006646B (zh) * | 2009-08-28 | 2012-08-08 | 华为终端有限公司 | 一种切换方法和切换设备 |
JP5178690B2 (ja) * | 2009-10-30 | 2013-04-10 | 株式会社東芝 | 通信システム、当該システムの携帯端末、および当該システムのセンタ |
US20110222523A1 (en) * | 2010-03-12 | 2011-09-15 | Mediatek Inc | Method of multi-radio interworking in heterogeneous wireless communication networks |
WO2011156769A1 (en) * | 2010-06-10 | 2011-12-15 | Interdigital Patent Holdings, Inc. | Reconfiguration and handover procedures for fuzzy cells |
US8655312B2 (en) * | 2011-08-12 | 2014-02-18 | F-Secure Corporation | Wireless access point detection |
US8909247B2 (en) * | 2011-11-08 | 2014-12-09 | At&T Mobility Ii Llc | Location based sharing of a network access credential |
US10098028B2 (en) * | 2012-03-16 | 2018-10-09 | Qualcomm Incorporated | System and method of offloading traffic to a wireless local area network |
-
2014
- 2014-11-20 EP EP14864493.3A patent/EP3076696A4/en not_active Withdrawn
- 2014-11-20 WO PCT/JP2014/080805 patent/WO2015076345A1/ja active Application Filing
- 2014-11-20 JP JP2015549193A patent/JPWO2015076345A1/ja active Pending
-
2016
- 2016-05-23 US US15/161,946 patent/US20160270143A1/en not_active Abandoned
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005522073A (ja) * | 2002-03-27 | 2005-07-21 | インターナショナル・ビジネス・マシーンズ・コーポレーション | ワイヤレス・アクセス・ポイントのための方法、装置、およびプログラム・プロダクト |
JP2004350054A (ja) * | 2003-05-22 | 2004-12-09 | Casio Comput Co Ltd | ネットワーク接続システム、このシステムに用いられる端末装置及びネットワーク接続方法 |
JP2007089006A (ja) * | 2005-09-26 | 2007-04-05 | Microsoft Corp | 無線ネットワーク内で接続を断たれたクライアントおよび不正なアクセスポイントを協調して見つけ出す方法 |
JP2009164882A (ja) * | 2008-01-07 | 2009-07-23 | Hitachi Ltd | 移動端末及び移動体通信管理システム |
Non-Patent Citations (2)
Title |
---|
3GPP, 3GPP TECHNICAL REPORT ''TR 37.834 VI.0.0, August 2013 (2013-08-01) |
See also references of EP3076696A4 |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2018527794A (ja) * | 2015-07-23 | 2018-09-20 | クアルコム,インコーポレイテッド | 不正アクセスポイントのプロファイリング |
JP2017118305A (ja) * | 2015-12-24 | 2017-06-29 | 株式会社ベルチャイルド | 通信システム及びプログラム |
WO2017154467A1 (ja) * | 2016-03-09 | 2017-09-14 | 株式会社リコー | 識別情報提供システム、識別情報提供装置、識別情報提供プログラムおよび識別情報提供方法 |
JPWO2017154467A1 (ja) * | 2016-03-09 | 2019-01-31 | 株式会社リコー | 識別情報提供システム、識別情報提供装置、識別情報提供プログラムおよび識別情報提供方法 |
US10856147B2 (en) | 2016-03-09 | 2020-12-01 | Ricoh Company, Ltd. | Identification information providing system, identification information providing apparatus, identification information providing method, and non-transitory recording medium |
CN106211128A (zh) * | 2016-06-29 | 2016-12-07 | 中国联合网络通信集团有限公司 | Wlan接入状态事件的生成方法和装置 |
CN106211128B (zh) * | 2016-06-29 | 2019-08-06 | 中国联合网络通信集团有限公司 | Wlan接入状态事件的生成方法和装置 |
JP6152962B1 (ja) * | 2016-12-15 | 2017-06-28 | 株式会社タウンWiFi | 端末装置、接続方法、接続プログラム、認証支援サーバ、認証支援方法、認証支援プログラム及び認証支援システム |
WO2018109962A1 (ja) * | 2016-12-15 | 2018-06-21 | 株式会社タウンWiFi | 端末装置、接続方法、接続プログラム及び認証支援システム |
JP2018098695A (ja) * | 2016-12-15 | 2018-06-21 | 株式会社タウンWiFi | 端末装置、接続方法、接続プログラム、認証支援サーバ、認証支援方法、認証支援プログラム及び認証支援システム |
US10524128B2 (en) | 2016-12-15 | 2019-12-31 | Townwifi Inc. | Terminal device, connection method, connection program, and authentication assist system |
Also Published As
Publication number | Publication date |
---|---|
JPWO2015076345A1 (ja) | 2017-03-16 |
US20160270143A1 (en) | 2016-09-15 |
EP3076696A4 (en) | 2017-06-07 |
EP3076696A1 (en) | 2016-10-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9832699B2 (en) | Communication control method, user terminal, cellular base station, and access point | |
EP3668268B1 (en) | Mobile communication system, user terminal, and base station | |
WO2015076345A1 (ja) | 通信制御方法、ユーザ端末、及びプロセッサ | |
US9832683B2 (en) | Communication system, user terminal, and communication control method utilizing plural bearers for cellular and WLAN communication | |
WO2016125887A1 (ja) | 基地局 | |
JP6189400B2 (ja) | ユーザ端末、基地局、及びプロセッサ | |
US20150350990A1 (en) | Cellular communication system, user terminal, and cellular base station | |
US10349338B2 (en) | Determining whether to configure a user terminal in a country based on authentication | |
US9936509B2 (en) | Radio communication apparatus, processor, and communication control method | |
JP6538026B2 (ja) | ネットワーク選択制御方法、基地局、及びユーザ端末 | |
US20160249215A1 (en) | Communication control method, authentication server, and user terminal | |
JP6563454B2 (ja) | 基地局、プロセッサ、及び通信制御方法 | |
JP6134084B1 (ja) | セルラ基地局及びプロセッサ | |
JP6494524B2 (ja) | 通信制御方法、ゲートウェイ装置及びユーザ端末 | |
JP2016136755A (ja) | 無線通信装置、プロセッサ、及び通信制御方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 14864493 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2015549193 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
REEP | Request for entry into the european phase |
Ref document number: 2014864493 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2014864493 Country of ref document: EP |