WO2015165224A1 - Authorization processing method and apparatus, proximity server, and home subscriber server - Google Patents

Authorization processing method and apparatus, proximity server, and home subscriber server Download PDF

Info

Publication number
WO2015165224A1
WO2015165224A1 PCT/CN2014/089260 CN2014089260W WO2015165224A1 WO 2015165224 A1 WO2015165224 A1 WO 2015165224A1 CN 2014089260 W CN2014089260 W CN 2014089260W WO 2015165224 A1 WO2015165224 A1 WO 2015165224A1
Authority
WO
WIPO (PCT)
Prior art keywords
plmn information
plmn
information
current
registered
Prior art date
Application number
PCT/CN2014/089260
Other languages
French (fr)
Chinese (zh)
Inventor
朱进国
梁爽
卢飞
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2015165224A1 publication Critical patent/WO2015165224A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information

Definitions

  • the present invention relates to the field of communications, and in particular, to an authorization processing method and apparatus, a proximity server, a user equipment, and a home subscriber server.
  • Direct communication between devices in the vicinity using Device to Device can bring many benefits to the terminal, such as higher speed, lower latency and lower power consumption, and greatly improved.
  • the wireless resource efficiency of the operator, the D2D Relay mode is beneficial for operators to improve wireless coverage; for applications, the use of proximity information in the D2D communication process can develop more attractive new services.
  • the Public Safety system can also use D2D technology to enable communication between terminals without wireless coverage.
  • FIG. 1 is a schematic diagram of a D2D architecture related to 3GPP in the related art. As shown in FIG. 1 , the functions of the key network elements are described below.
  • Terminal also called User Equipment (UE), which supports the interface PC5 between the terminal and the terminal to send and receive signals. At the same time, it has access to the base station through the radio and access through the S1 interface.
  • the terminal In the core network, the terminal communicates with the proximity communication server through the user plane interface PC3.
  • Base station In the evolved system, it is also called an evolved NodeB (Evolved NodeB, eNodeB for short), which provides radio resources for the access of the terminal, and communicates with the core network through the S1 interface.
  • eNodeB evolved NodeB
  • the core network includes the mobility management unit and gateway.
  • the mobile management unit is a control plane entity responsible for temporarily storing user data, and is responsible for authentication, mobility management, and subscription checking.
  • the gateway is a user plane entity, which is responsible for allocating an IP address to the terminal and forwarding the uplink and downlink data packets of the terminal. And billing and so on.
  • a short-range communication server which is located outside the core network, and the terminal communicates with the server through the user plane interface PC3.
  • the main functions of the server include D2D service authorization, allocation of temporary code for terminal-requested applications for terminal broadcast, assistance with D2D discovery, and billing.
  • the authorization information comes from the home subscriber server.
  • PLMN Public Land Mobile Network
  • a Public Land Mobile Network supports a short-range communication server, and multiple PLMNs can share a short-range communication server.
  • the home subscriber server is located in the home network.
  • the main function is to provide subscription information and authentication information for users and applications.
  • the operator allocates a unique application identifier to the application on the terminal.
  • the identifier includes the PLMN information and the application identifier information.
  • the PLMN includes the country code and the network number.
  • the application identifier information uniquely identifies an application, and may also uniquely identify an application. Such as hotels, restaurants, etc.
  • the terminal D2D needs to use the carrier's frequency band resources, it needs to obtain authorization from the operator and the operator can control and charge.
  • the terminal generally does not allow direct broadcast of its own application identifier, but needs to The proximity server acquires a temporary identification code uniquely corresponding to the application identifier, and then broadcasts the code.
  • the D2D discovery of the two terminals includes two processes: UE A broadcast, UE B listen. If the code A monitored by UE B already knows, terminal B finds that terminal A is nearby. If the terminal B does not recognize the monitored code A, there is still a process of matching to the network, and the application identifier of the UE A corresponding to the code A is learned from the network, so that the terminal A is found nearby.
  • the description of these three processes is shown in Figures 2, 3 and 4, respectively.
  • FIG. 2 is a flow chart of a broadcast request for a D2D service in the related art. As shown in FIG. 2, the process includes the following steps:
  • step S202 the terminal A obtains an application identifier from the operator, and the application identifier is only allowed to be used by the UE A.
  • Step S204 if the terminal A wants to broadcast itself by using the wireless resource of the operator, so that other people can discover themselves, establish a connection with the network, and send a broadcast request message to the proximity server, where the request includes the application identifier that is desired to be broadcast, Endpoint identification and indication of announcing.
  • the terminal A generates the identity of the home proximity server through the PLMN identity that belongs to the terminal, and searches for the IP address of the home server by using the domain name server (DNS).
  • DNS domain name server
  • the terminal identifier is an International Mobile Subscriber Identifier (IMSI) or a Mobile Subscriber Integrated Service Digital Network (MSISDN).
  • Step S206 After receiving the broadcast request, the home proximity server requests, if there is no user context, to send a subscription request to the home subscriber server, with the user identifier.
  • Step S208 The home subscriber server returns the subscription information of the terminal in the subscription response, and in the case of roaming, the home subscriber server also returns the visited PLMN identifier currently registered by the user.
  • Step S210 According to the contract information belonging to the proximity server, determine that the terminal is allowed to perform the D2D service, and the user does sign the application identifier, the user context is created, and a temporary identifier code A and corresponding are assigned to the application identifier sent by the user. Validity period.
  • Step S212 the home proximity server generates an identifier of the visited proximity server according to the visited PLMN identifier obtained in step S208, and obtains the visited proximity server IP address through the DNS lookup, and then sends a broadcast request to the visited proximity server.
  • Authorization message with application identification, terminal identification, and assigned temporary identification code A and corresponding validity period.
  • step S214 the visited proximity server authorizes the current broadcast request, and records the received application identifier, the terminal identifier, and the assigned temporary identifier code A and the corresponding validity period, so as to perform subsequent billing.
  • the visited proximity server returns a broadcast request authorization response message.
  • Step S216 After receiving the local short-distance server to authorize the current broadcast request, the proximity server returns the assigned temporary identifier code A and the corresponding validity period to the UE A.
  • Step S218, the terminal A acquires radio resources from the current registration network.
  • the user-registered network base station can broadcast the available D2D radio resources, and the terminal obtains the content through the contention.
  • the base station can also specify the available D2D radio resources for the terminal through the RRC procedure.
  • step S220 the terminal A broadcasts the obtained code A on the acquired radio resource.
  • the terminal A sets a timer and periodically broadcasts during the validity period indicated in step S216.
  • the temporary identification code A is invalidated, and the terminal A must re-initiate the process of broadcasting the request, and re-acquire the temporary identification code A and the validity period.
  • the Code A immediately becomes invalid, and the terminal also needs to re-initiate the broadcast request process.
  • FIG. 3 is a flowchart of a listening request for a D2D service in the related art. As shown in FIG. 3, the process includes the following steps:
  • step S302 the terminal B obtains the application identifier of the terminal A from the operator or a third party.
  • Step S304 If the terminal B wants to discover the terminal A, the terminal B establishes a connection with the network, and sends a monitoring request to the proximity server, where the request includes the terminal A application identifier and the terminal B terminal identifier that are to be discovered.
  • the terminal B generates the identity of the proximity server through the PLMN identity that it belongs to, and obtains the IP address of the home server by the DNS lookup.
  • the terminal identifier is IMSI or MSISDN.
  • Step S306 after receiving the discovery request, the proximity server requests the home subscriber server to send a subscription request with the user identifier if there is no user context.
  • Step S308 the home subscriber server returns the subscription information of the terminal in the subscription response, and in the case of roaming, the home subscriber server also returns the visited PLMN identifier currently registered by the user.
  • Step S310 Create a user context according to the fact that the subscription information belongs to the proximity server and determines that the terminal is allowed to perform the D2D service. If the destination application identifier requested by the terminal is another PLMN, the IP address of the destination close-range server is obtained through the DNS according to the provided PLMN information, and then the interception request is sent to the destination close-range server, with the terminal A application identifier that is desired to be discovered. Terminal B terminal identification. If the destination application identifier requested by the terminal is the home PLMN, step S312 is not performed, and the home proximity server directly finds the corresponding code A and the corresponding validity period according to the terminal A application identifier.
  • Step S312 the destination proximity server finds the corresponding code A and the corresponding validity period according to the terminal A application identifier, and returns the information to the home proximity server.
  • Step S314 the belonging proximity server sends the obtained code A and the validity period to the terminal B.
  • step S316 the terminal B acquires a radio resource.
  • the terminal B configures the radio resource corresponding to each PLMN that the D2D monitors, and the terminal may listen to all the radio resources in the indicated valid value in step S314.
  • the temporary identification code A is invalidated, and the terminal B must re-initiate the process of listening for the request to acquire the new temporary identification code A and the validity period.
  • step S314 a mask may be returned.
  • the monitored code matches the template, such as the first few codes. If the bit and the template match exactly, the terminal B needs to initiate a matching process to learn the application identifier corresponding to the code.
  • FIG. 4 is a flowchart of a matching request for a D2D service in the related art. As shown in FIG. 4, the process includes the following steps:
  • step S402 the terminal B listens to the code A, and the code A matches the mask, but the terminal B does not recognize the code A.
  • Step S404 the terminal B establishes a connection with the network, and sends a matching request to the home proximity server, where the request includes the found code A and the terminal B terminal identifier.
  • the terminal B generates the identity of the proximity server through the PLMN identity that it belongs to, and obtains the IP address of the home server by the DNS lookup.
  • the terminal identifier is IMSI or MSISDN.
  • Step S406 After receiving the discovery request, the proximity server requests the home subscriber server to send a subscription request with the user identifier if there is no user context. The home subscriber server returns the subscription information of the terminal in the subscription response.
  • Step S408 determining that the terminal is allowed to perform D2D service according to the subscription information belonging to the proximity server. If the monitored PLMN information in the Code A is the home PLMN, the home proximity server obtains the terminal A application identifier and the validity period according to the code A that is sent. If the monitored PLMN information in the Code A indicates another PLMN, the home proximity server obtains the destination short-range server IP address through the DNS according to the destination PLMN information, and sends a matching request message with the code A and the terminal B terminal identifier. .
  • Step S410 the destination proximity server obtains the terminal A application identifier and the validity period according to the received Code A.
  • Step S412 the destination proximity server returns the acquired terminal A application identifier and the validity period to the belonging proximity server.
  • Step S414 the home proximity server returns the terminal A application identifier and the validity period to the UE B, and the UE B successfully discovers that the terminal A is in the adjacent area. Within this validity period, both the code A and the terminal A application identifiers match.
  • the HSS Based on the above communication flow of D2D, the HSS provides the currently registered PLMN information. However, when the user moves in each PLMN, since the routing/tracking area update is not initiated, the corresponding home proximity server does not initiate an authorization request to the HSS, and thus cannot Implement the authorization control of the HSS to the user.
  • the present invention provides an authorization processing scheme to at least solve the problem that the HSS cannot authorize the user when the user moves between the PLMNs in the related art.
  • an authorization processing method including: acquiring resident PLMN information of a public land mobile network PLMN currently camped on by a user equipment UE that initiates a service request; determining whether the resident PLMN information is near In the case of the registered PLMN information stored on the server and/or the peer PLMN information corresponding to the registered PLMN; if the determination result is yes, the service request of the UE is authorized according to the resident PLMN information; And/or, if the determination result is no, authorizing the service request of the UE according to the current registered PLMN information acquired from the home subscriber server HSS and/or the current peer PLMN information corresponding to the currently registered PLMN information. deal with.
  • the authorization processing of the service request of the UE according to the current registered PLMN information acquired from the HSS and/or the current peer PLMN information corresponding to the current registered PLMN information includes: Determining whether the resident PLMN information is in the current registered PLMN information and/or the current peer PLMN information; if the determination result is yes, the service request to the UE according to the resident PLMN information Authorizing; and/or, if the judgment result is no, rejecting the service request of the UE.
  • the obtaining the resident PLMN information of the PLMN currently camped by the UE that initiates the service request comprises: receiving a service request message from the UE, where the service request message carries the UE The resident PLMN information of the PLMN currently camping on.
  • an authorization processing method including: acquiring resident PLMN information of a public land mobile network PLMN currently camped by a user equipment UE; and obtaining the resident PLMN information obtained in a service request Transmitted to a proximity server, wherein the resident PLMN information is used by the proximity server to determine registered PLMN information and/or the registered PLMN information stored by the resident PLMN information on the proximity server In the peer PLMN information, and/or when the home subscriber server HSS determines that the camped PLMN information is in the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information, the close range The server and/or the HSS perform authorization processing on the service request of the UE.
  • At least one of the following resides in the PLMN: residing in the registered PLMN information and/or the current Registering the PLMN information included in the PLMN; when the base station does not support the registered PLMN information and/or the PLMN included in the currently registered PLMN information, camping on the base station support and in the peer PLMN information and/or The PLMN included in the current peer-to-peer PLMN information; the PLMN included in the base station not supporting the registered PLMN information and/or the currently registered PLMN information, and the peer-to-peer PLMN information and/or the current peer-to-peer
  • the PLMN information includes the PLMN, it resides in the PLMN that is reselected after re-initiating the location request.
  • an authorization processing method including: receiving an authorization request message of a user equipment UE that initiates a service request from a proximity server; determining whether the authorization request message carries the current UE status The resident PLMN information of the resident public land mobile network PLMN; if the determination result is yes, the service to the UE according to the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information Requesting authorization processing; and/or, if the determination result is no, transmitting the current registered PLMN information and/or the current peer PLMN information to the proximity server.
  • performing authorization processing on the service request of the UE according to the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information comprises: determining whether the resident PLMN information is in the office In the current registered PLMN information and/or in the current peer PLMN information; If yes, the service request of the UE is authorized; and/or, if the determination result is no, the service request of the UE is rejected.
  • the method further includes: sending the current registered PLMN information and/or the current peer PLMN information to the proximity server.
  • the method before performing authorization processing on the service request of the UE according to the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information, the method further includes: receiving a mobility management entity MME a location update request, wherein the location update request carries current registered PLMN information and/or the current peer PLMN information.
  • an authorization processing apparatus including: a first acquisition module, configured to acquire resident PLMN information of a public land mobile network PLMN currently camped on by a user equipment UE that initiates a service request; a determining module, configured to determine whether the resident PLMN information is stored in the registered PLMN information and/or the peer PLMN information corresponding to the registered PLMN; the first processing module is configured to be in the first If the determination result of the determination module is yes, the service request of the UE is authorized according to the resident PLMN information; and/or the second processing module is set to the determination result of the first determination module. In the case of no, the service request of the UE is authorized according to the current registered PLMN information acquired from the home subscriber server HSS and/or the current peer PLMN information corresponding to the currently registered PLMN information.
  • the first processing module includes: a first determining unit, configured to determine whether the resident PLMN information is in the current registered PLMN information and/or the current peer PLMN information; a first authorization unit, When the determination result of the first determining unit is yes, the service request of the UE is authorized according to the resident PLMN information; and/or the first rejecting unit is set to be in the first When the judgment result of the judgment unit is NO, the service request of the UE is rejected.
  • a first determining unit configured to determine whether the resident PLMN information is in the current registered PLMN information and/or the current peer PLMN information
  • a first authorization unit When the determination result of the first determining unit is yes, the service request of the UE is authorized according to the resident PLMN information; and/or the first rejecting unit is set to be in the first When the judgment result of the judgment unit is NO, the service request of the UE is rejected.
  • the first obtaining module includes: a first receiving unit, configured to receive a service request message from the UE, where the service request message carries a location of the PLMN currently camped by the UE Residing PLMN information.
  • a proximity server comprising the apparatus of any of the above.
  • an authorization processing apparatus comprising: a second acquisition module, configured to acquire resident PLMN information of a public land mobile network PLMN currently camped on by a user equipment UE; a first sending module, setting Transmitting the acquired resident PLMN information to a proximity server in a service request, wherein the resident PLMN information is used by the proximity server to determine the resident PLMN information in the near From the registered PLMN information stored on the server and/or the peer PLMN information of the registered PLMN information, and/or the home subscriber server HSS determines that the resident PLMN information is in the currently registered PLMN information and/or the current When registering the current peer PLMN information corresponding to the PLMN information, the proximity server and/or the HSS perform authorization processing on the service request of the UE.
  • the apparatus further comprises a camping module arranged to reside in the PLMN by at least one of: residing in the PLMN included in the registered PLMN information and/or the currently registered PLMN information; Supporting the registered PLMN information and/or the PLMN included in the currently registered PLMN information, camping in a PLMN supported by the base station and included in the peer PLMN information and/or the current peer PLMN information; Residing in the PLMN included in the base station not supporting the registered PLMN information and/or the currently registered PLMN information, and not supporting the peer PLMN information and/or the PLMN included in the current peer PLMN information In the PLMN that is reselected after initiating the location request.
  • a camping module arranged to reside in the PLMN by at least one of: residing in the PLMN included in the registered PLMN information and/or the currently registered PLMN information; Supporting the registered PLMN information and/or the PLMN included in the currently registered PLMN information, camping in
  • a user equipment UE comprising the apparatus of any of the above.
  • an authorization processing apparatus including: a first receiving module, configured to receive an authorization request message of a user equipment UE that initiates a service request from a proximity server; and a second determining module, configured to Determining whether the authorization request message carries the resident PLMN information of the public land mobile network PLMN currently camped by the UE; and the third processing module is configured to be that if the judgment result of the second determining module is yes And performing authorization processing on the service request of the UE according to the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information; and/or, the fourth processing module is configured to be in the second judgment If the judgment result of the module is no, the current registered PLMN information and/or the current peer PLMN information is sent to the proximity server.
  • the third processing module includes: a second determining unit, configured to determine whether the resident PLMN information is in the current registered PLMN information and/or in the current peer PLMN information; the second authorization unit And configured to authorize the service request of the UE if the determination result of the second determining unit is yes; and/or, the second reject unit is set to the determination result of the second determining unit In the case of No, the service request of the UE is rejected.
  • a second determining unit configured to determine whether the resident PLMN information is in the current registered PLMN information and/or in the current peer PLMN information
  • the second authorization unit And configured to authorize the service request of the UE if the determination result of the second determining unit is yes; and/or, the second reject unit is set to the determination result of the second determining unit In the case of No, the service request of the UE is rejected.
  • the third processing module further comprises: a sending unit, configured to send the current registered PLMN information and/or the current peer PLMN information to the proximity server.
  • a sending unit configured to send the current registered PLMN information and/or the current peer PLMN information to the proximity server.
  • the device further includes: a second receiving module, configured to receive a location update request of the mobility management entity MME, where the location update request carries current registered PLMN information and/or the current peer PLMN information .
  • a second receiving module configured to receive a location update request of the mobility management entity MME, where the location update request carries current registered PLMN information and/or the current peer PLMN information .
  • a home subscriber server comprising the apparatus of any of the above.
  • the resident PLMN information of the public land mobile network PLMN currently camped by the user equipment UE that obtains the service request is obtained; and the registered PLMN information and/or the location of the resident PLMN information stored on the proximity server is determined.
  • the peer PLMN information corresponding to the registered PLMN In the case of the peer PLMN information corresponding to the registered PLMN; if the determination result is yes, the service request of the UE is authorized according to the resident PLMN information; and/or, if the determination result is no Authorizing the service request of the UE according to the current registered PLMN information acquired from the home subscriber server HSS and/or the current peer PLMN information corresponding to the current registered PLMN information, and solving the related technology in the user between the PLMNs When moving, the HSS cannot perform authorization control on the user, and thus the effect that the HSS can perform effective authorization control for the user when moving between the PLMNs is achieved.
  • FIG. 1 is a schematic diagram of a D2D architecture related to 3GPP in the related art
  • FIG. 2 is a flow chart of a broadcast request for a D2D service in the related art
  • FIG. 3 is a flowchart of a listening request of a D2D service in the related art
  • FIG. 5 is a flowchart of an authorization processing method 1 according to an embodiment of the present invention.
  • FIG. 6 is a flowchart of an authorization processing method 2 according to an embodiment of the present invention.
  • FIG. 7 is a flowchart of an authorization processing method 3 according to an embodiment of the present invention.
  • FIG. 8 is a structural block diagram of an authorization processing apparatus 1 according to an embodiment of the present invention.
  • FIG. 9 is a block diagram showing a preferred structure of the first processing module 86 in the authorization processing apparatus 1 according to an embodiment of the present invention.
  • FIG. 10 is a block diagram showing a preferred structure of the first obtaining module 82 in the authorization processing apparatus 1 according to an embodiment of the present invention.
  • FIG. 11 is a structural block diagram of a proximity server according to an embodiment of the present invention.
  • FIG. 12 is a structural block diagram of an authorization processing apparatus 2 according to an embodiment of the present invention.
  • FIG. 13 is a block diagram showing a preferred structure of an authorization processing apparatus 2 according to an embodiment of the present invention.
  • FIG. 14 is a block diagram showing a preferred structure of a user equipment UE according to an embodiment of the present invention.
  • FIG. 15 is a structural block diagram of an authorization processing apparatus 3 according to an embodiment of the present invention.
  • FIG. 16 is a structural block diagram 1 of a third processing module 156 in an authorization processing apparatus 3 according to an embodiment of the present invention.
  • 17 is a block diagram 2 of a preferred structure of a third processing module 156 in an authorization processing apparatus 3 according to an embodiment of the present invention
  • FIG. 18 is a block diagram showing a preferred structure of an authorization processing apparatus 3 according to an embodiment of the present invention.
  • FIG. 19 is a structural block diagram of a home subscriber server according to an embodiment of the present invention.
  • 21 is a flowchart of a broadcast request for authorization processing in accordance with a preferred embodiment of the present invention.
  • FIG. 22 is a flowchart of a listening request for authorization processing according to a preferred embodiment of the present invention.
  • FIG. 23 is a flowchart of a matching request for authorization processing according to a preferred embodiment of the present invention.
  • FIG. 24 is a flow diagram of a UE, HSS obtaining a peer PLMN, in accordance with a preferred embodiment of the present invention.
  • FIG. 5 is a flowchart of an authorization processing method according to an embodiment of the present invention. As shown in FIG. 5, the flow includes the following steps:
  • Step S502 acquiring the resident PLMN information of the public land mobile network PLMN currently camped by the user equipment UE that initiates the service request;
  • Step S504 determining whether the resident PLMN information is stored in the registered PLMN information stored on the proximity server and/or the peer PLMN information corresponding to the registered PLMN;
  • Step S506 if the determination result is yes, perform authorization processing on the service request of the UE according to the resident PLMN information; and/or, if the determination result is no, according to the current registered PLMN obtained from the home subscriber server HSS
  • the information and/or the current peer PLMN information corresponding to the currently registered PLMN information performs authorization processing on the service request of the UE.
  • the proximity server it is determined whether the user is currently between different PLMNs by determining whether the current resident PLMN of the user equipment UE is stored in the PLMN information and/or the peer PLMN information stored on the proximity server. Moving, and performing corresponding authorization processing according to the judgment result, not only solves the problem that the HSS cannot authorize and control the user when the user moves between the PLMNs in the related art, thereby achieving the user even when moving between the PLMNs, even if The HSS can also perform effective authorization control on the user without initiating the routing/tracking process.
  • the authorization processing of the service request of the UE according to the current registered PLMN information acquired from the HSS and/or the current peer PLMN information corresponding to the currently registered PLMN information may adopt the following simple processing manner, for example, determining the resident PLMN information. Whether it is in the currently registered PLMN information and/or the current peer PLMN information; if the judgment result is yes, the service request of the UE is authorized according to the resident PLMN information; and/or, if the judgment result is no , reject the UE's business request.
  • the method may be adopted, for example, by receiving a service request message from the UE, where the service request message carries the current station of the UE. Residing PLMN information of the remaining PLMN.
  • the service request may be related to the technology, for example, may be a D2D broadcast request, a D2D broadcast request, or a D2D matching request.
  • FIG. 6 is a flowchart of an authorization processing method 2 according to an embodiment of the present invention. As shown in FIG. 6, the process includes the following steps:
  • Step S602 acquiring resident PLMN information of the public land mobile network PLMN currently camped by the user equipment UE;
  • Step S604 the acquired resident PLMN information is sent to the proximity server in the service request, where the resident PLMN information is used by the proximity server to determine the registered PLMN information stored on the proximity server for the resident PLMN information and/or In the peer PLMN information for registering the PLMN information, and/or the home subscriber server HSS determines that the camped PLMN information is in the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information, the proximity server and / or HSS authorization processing of the UE's service request.
  • the user equipment UE by providing the acquired current resident PLMN information to the proximity server, respectively performing the corresponding authorization processing through the proximity server or the HSS, the user in the related technology is also solved.
  • the HSS moves between PLMNs, the HSS cannot authorize the user.
  • the problem is that when the user moves between the PLMNs, the HSS can effectively control the user even if the routing/tracking process is not initiated.
  • the user equipment may select the resident PLMN in multiple manners before acquiring the resident PLMN information of the PLMN currently camped by the user equipment.
  • the user equipment may reside in the PLMN in at least one of the following manners: Registering the PLMN information and/or the PLMN included in the currently registered PLMN information; when the base station does not support the registered PLMN information and/or the PLMN included in the currently registered PLMN information, camping on the base station support and in the peer PLMN information and/or the current pair And the PLMN included in the PLMN information; and when the base station does not support the registered PLMN information and/or the PLMN included in the currently registered PLMN information does not support the peer PLMN information and/or the PLMN included in the current peer PLMN information,
  • the new PLMN is selected, that is, the location update request is re-initiated, and resides in the PLMN that is re-selected after re-initiating the location request.
  • FIG. 7 is a flowchart of a third method of authorization processing according to an embodiment of the present invention. As shown in FIG. 7, the flow includes the following steps:
  • Step S702 receiving an authorization request message of the user equipment UE that initiates the service request from the proximity server;
  • Step S704 determining whether the authorization request message carries the resident PLMN information of the public land mobile network PLMN currently camped by the UE;
  • Step S706 if the determination result is yes, authorizing the service request of the UE according to the current peer PLMN information corresponding to the current registered PLMN information and/or the current registered PLMN information; and/or, if the determination result is no In the case, the currently registered PLMN information and/or the current peer PLMN information is transmitted to the proximity server.
  • the home subscriber server HSS determines the authorization processing of the UE service request by judging whether the received authorization request carries the current resident PLMN information, and solves the related art in the related art when the user moves between the PLMNs.
  • the HSS cannot perform authorization control on the user, so that when the user moves between the PLMNs, the HSS can effectively control the user even if the routing/tracking process is not initiated.
  • the following simple processing manner may be adopted for performing authorization processing on the service request of the UE according to the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information, for example, determining whether the resident PLMN information is currently Registering the PLMN information and/or the current peer PLMN information; if the judgment result is yes, authorizing the service request of the UE; and/or, if the judgment result is no, rejecting the service request of the UE.
  • the peer PLMN information is the latest version, and the current registered PLMN information and/or the current peer PLMN information may be sent to the proximity server after authorizing the service request of the UE.
  • the above-mentioned peer-to-peer PLMN information or current peer-to-peer PLMN information is relative to the registered PLMN information or the currently registered PLMN information, and the peer-to-peer PLMN information refers to information completely equivalent to the registered PLMN information.
  • the current peer PLMN information is information that is identical to the currently registered PLMN information. Before the current peer-to-peer PLMN information corresponding to the current registered PLMN information and/or the current registered PLMN information is used to perform the authorization processing on the service request of the UE, the current peer PLMN information needs to be acquired, and the current peer PLMN information may be obtained.
  • a plurality of, for example, a mobile management entity (Mobile Management Entity, MME for short) may be obtained, that is, a location update request of the mobile management entity MME is received, where the location update request carries the currently registered PLMN information and / or current peer PLMN information.
  • MME Mobile Management Entity
  • an authorization processing device is also provided, which is used to implement the above-mentioned embodiments and preferred embodiments, and has not been described again.
  • the term "module” may implement a combination of software and/or hardware of a predetermined function.
  • the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
  • FIG. 8 is a structural block diagram of an authorization processing apparatus 1 according to an embodiment of the present invention. As shown in FIG. 8, the apparatus includes a first acquisition module 82, a first determination module 84, a first processing module 86, and/or a second processing module. 88. The device will be described below.
  • the first obtaining module 82 is configured to obtain the resident PLMN information of the public land mobile network PLMN currently camped on by the user equipment UE that initiates the service request.
  • the first determining module 84 is connected to the first acquiring module 82, and is configured to determine the station. Whether the reserved PLMN information is stored in the registered PLMN information and/or the corresponding PLMN information corresponding to the registered PLMN; the first processing module 86 is connected to the first determining module 84, and is set to be in the first determining module. If the determination result is yes, the service request of the UE is authorized according to the resident PLMN information; and/or the second processing module 88 is connected to the first determining module 84, and is set to be determined by the first determining module. If the result is no, the service request of the UE is authorized according to the current registered PLMN information acquired from the home subscriber server HSS and/or the current peer PLMN information corresponding to the currently registered PLMN information.
  • FIG. 9 is a block diagram showing a preferred structure of the first processing module 86 in the authorization processing apparatus 1 according to the embodiment of the present invention.
  • the first processing module 86 includes a first determining unit 92, a first authorization unit 94, and/or Or the first rejecting unit 96, the first processing module 86 will be described below.
  • the first determining unit 92 is configured to determine whether the resident PLMN information is in the currently registered PLMN information and/or the current peer PLMN information; the first authorization unit 94 is connected to the first determining unit 92, and is set to be in the first judgment. If the judgment result of the unit is yes, the service request of the UE is authorized according to the resident PLMN information; and/or the first reject unit 96 is connected to the first determining unit 92, and is set to be in the first determining unit. If the result of the determination is negative, the service request of the UE is rejected.
  • FIG. 10 is a block diagram showing a preferred structure of the first obtaining module 82 in the authorization processing apparatus 1 according to the embodiment of the present invention.
  • the first obtaining module 82 includes a first receiving unit 102, and the first receiving unit is provided below. Unit 102 is described.
  • the first receiving unit 102 is configured to receive a service request message from the UE, where the service request message carries the resident PLMN information of the PLMN currently camped by the UE.
  • the proximity server 112 includes the authorization processing device 114 of any of the above.
  • FIG. 12 is a structural block diagram of an authorization processing apparatus 2 according to an embodiment of the present invention. As shown in FIG. 12, the apparatus includes a second acquisition module 122 and a first transmission module 124, which will be described below.
  • the second obtaining module 122 is configured to acquire the resident PLMN information of the public land mobile network PLMN currently camped by the user equipment UE.
  • the first sending module 124 is connected to the second acquiring module 122, and is configured to acquire the resident PLMN.
  • the information is sent to the proximity server in the service request, wherein the resident PLMN information is used by the proximity server in determining the registered PLMN information and/or the registered PLMN information of the registered PLMN information that the resident PLMN information is stored on the proximity server.
  • the proximity server and/or the HSS performs the service request of the UE. Authorization processing.
  • FIG. 13 is a block diagram showing a preferred structure of an authorization processing apparatus 2 according to an embodiment of the present invention. As shown in FIG. 13, the apparatus includes a resident module 132 in addition to all the modules shown in FIG. Module 132 is described.
  • the camping module 132 is connected to the second obtaining module 122, and is configured to reside in the PLMN by at least one of: residing in the PLMN included in the registered PLMN information and/or the currently registered PLMN information; the base station does not support When registering the PLMN information and/or the PLMN included in the currently registered PLMN information, camping in the PLMN supported by the base station and included in the peer PLMN information and/or the current peer PLMN information; the base station does not support the registration of the PLMN information and/or the current Registering PLMN information included in the PLMN information does not support peer PLMN information. And/or the PLMN included in the current peer PLMN information, residing in the PLMN reselected after re-initiating the location request.
  • FIG. 14 is a block diagram showing a preferred structure of a user equipment UE according to an embodiment of the present invention.
  • the user equipment UE 142 includes the authorization processing apparatus 144 of any of the above.
  • FIG. 15 is a structural block diagram of an authorization processing apparatus 3 according to an embodiment of the present invention. As shown in FIG. 15, the apparatus includes a first receiving module 152, a second determining module 154, a third processing module 156, and/or a fourth processing module. 158. The device will be described below.
  • the first receiving module 152 is configured to receive an authorization request message of the user equipment UE that initiates the service request from the short-range server.
  • the second determining module 154 is connected to the first receiving module 152, and is configured to determine whether the authorization request message is carried. Residing PLMN information of the public land mobile network PLMN currently camped by the UE; the third processing module 156 is connected to the second judging module 154, and is set to be in the case that the judgment result of the second judging module is yes, according to the current Registering the PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information to perform authorization processing on the service request of the UE; and/or, the fourth processing module 158 is connected to the second determining module 154, and is set to be in the second When the judgment result of the determination module is negative, the currently registered PLMN information and/or the current peer PLMN information is transmitted to the proximity server.
  • the third processing module 156 includes a second determining unit 162, a second authorization unit 164, and/or Or the second rejecting unit 166, the third processing module 156 is described below.
  • the second determining unit 162 is configured to determine whether the resident PLMN information is in the currently registered PLMN information and/or the current peer PLMN information; the second authorization unit 164 is connected to the second determining unit 162, and is set to be in the second If the judgment result of the determination unit is yes, the service request of the UE is authorized; and/or the second rejection unit 166 is connected to the second determination unit 162, and is set to be the determination result of the second determination unit is no. In the case of the UE, the service request of the UE is rejected.
  • FIG. 17 is a block diagram of a preferred structure of a third processing module 156 in the authorization processing apparatus 3 according to an embodiment of the present invention.
  • the third processing module 156 includes all the structures shown in FIG.
  • the transmitting unit 172 will be described below with reference to the preferred configuration.
  • the sending unit 172 is connected to the second authorization unit 164, and is configured to send the current registered PLMN information and/or the current peer PLMN information to the proximity server.
  • FIG. 18 is a block diagram showing a preferred structure of an authorization processing apparatus 3 according to an embodiment of the present invention. As shown in FIG. 18, the apparatus includes a second receiving module 182 in addition to all the modules shown in FIG. The second receiving module 182 is described.
  • the second receiving module 182 is connected to the foregoing third processing module 156 and configured to receive a location update request of the mobility management entity MME, where the location update request carries the current registered PLMN information and/or the current peer PLMN information.
  • FIG. 19 is a structural block diagram of a home subscriber server according to an embodiment of the present invention. As shown in FIG. 19, the home subscriber server 192 includes the authorization processing apparatus 194 of any of the above.
  • the HSS cannot perform authorization control on the user, that is, when the user moves in the peer PLMN, the routing/tracking area update is not initiated, and thus the HSS cannot know the current user real station.
  • the retained PLMN information after the user PLMN changes, if the user context is stored in the home proximity server, the home proximity server does not initiate an authorization request to the HSS, so that the HSS cannot control the user.
  • a user authorization processing scheme is provided, which is described below.
  • FIG. 20 is a flowchart of an authorization process according to an embodiment of the present invention. As shown in FIG. 20, the process includes the following steps:
  • the home proximity server obtains the currently registered PLMN information and/or the current peer PLMN information (ie, the registered PLMN information and the peer PLMN information corresponding to the registered PLMN information) from the HSS.
  • the PLMN information may be Is a list of identifiers used to identify the currently registered PLMN
  • the peer PLMN information may also be a list of identifiers used to identify the peer PLMN.
  • step S2004 the terminal brings the PLMN information currently camped by the user to the belonging proximity server in the service request (for example, the broadcast request, the interception request, and the matching request).
  • the service request for example, the broadcast request, the interception request, and the matching request.
  • Step S2006 the home proximity server receives the PLMN information currently camped by the user, and determines whether the resident PLMN information is also obtained from the HSS last time (before the service request) the registered PLMN information and/or the peer PLMN list. in.
  • the acquisition process of the peer PLMN list is described later in FIG.
  • step S2008 if the PLMN information currently camped by the user is in the list of registered PLMNs and/or peer PLMNs that were last acquired from the HSS, there is no need to go to the HSS for authorization.
  • Step S2010 otherwise, the HSS is re-authorized, and the new registered PLMN information and/or the peer PLMN list (ie, the currently registered PLMN information and the currently registered PLMN information) are re-acquired from the HSS.
  • the new registered PLMN information and/or peer PLMN list refers to the previously saved registered PLMN information and/or peer PLMN information according to the resident PLMN information. Updated registered PLMN information and/or peer PLMN information.
  • FIG. 21 is a flowchart of a broadcast request for authorization processing according to a preferred embodiment of the present invention. As shown in FIG. 21, the flow includes the following steps:
  • step S2102 the terminal A obtains an application identifier from the operator, and the application identifier is only allowed to be used by the UE A.
  • Step S2104 If the terminal A wants to broadcast itself by using the wireless resource of the operator, so that other people can discover themselves, establish a connection with the network, and send a broadcast request message to the proximity server, where the request includes the application identifier that is desired to be broadcast, An indication of terminal identification and announcing, and resident PLMN information (e.g., PLMN identity) currently hosted by the terminal.
  • the terminal A generates the identity of the home proximity server through the PLMN identity that it belongs to, and obtains the IP address of the home server by using the DNS lookup.
  • the terminal identifier is IMSI or MSISDN.
  • the terminal A receives the registered PLMN identity and/or a peer PLMN identity list from the core network, including one or more peer PLMN identifiers.
  • the terminal learns all the PLMN identifiers supported by the current base station by listening to the broadcast message of the base station.
  • the terminal preferably resides in the registered PLMN; if the current base station does not support the registered PLMN, the terminal selects the PLMN supported by the base station and in the peer PLMN list if the base station does not support the registered PLMN and all the peer PLMNs For the list, the terminal needs to re-initiate the location update procedure, re-register with the core network and obtain a new registered PLMN identity and/or a peer PLMN identity list.
  • Step S2106 After the home proximity server receives the broadcast request, if there is no user context, request the home subscriber server to send a subscription request with the user identifier. In this message, it is also possible to carry the currently resident PLMN identity carried by the terminal.
  • Step S2108 If the PLMN identifier currently camped by the terminal is not carried in step S2106, the HSS returns the D2D subscription information of the user to the home proximity server, and the PLMN and/or the peer PLMN list currently registered by the terminal (ie, the currently registered PLMN information) And/or current peer PLMN information).
  • the affiliation server determines whether the PLMN currently camped by the terminal is in the list of PLMNs and/or peer PLMNs currently registered by the terminal provided by the HSS. If yes, it further determines whether access is permitted according to the subscription information, otherwise access is not allowed. At this time, the HSS may send all the D2D data to the home proximity server, and the home proximity server performs the access check.
  • the home subscriber server HSS can determine whether the PLMN currently camped by the user is allowed, for example, checking whether the currently camped PLMN is currently registered. Whether it is allowed in the PLMN information, or whether it is in the current peer PLMN list, otherwise it is not allowed. If not allowed, the failure is returned, and the home subscriber server HSS is allowed to return the subscription information of the terminal in the subscription response, and in the case of roaming, the home subscriber server also returns the visited PLMN identifier and/or the peer PLMN identifier currently registered by the user. List. At this time, the HSS may issue different subscription data according to different PLMNs where the terminal currently resides.
  • the home proximity server saves the terminal currently registered PLMN information and/or the current peer PLMN list obtained from the HSS.
  • the home proximity server checks whether the current resident PLMN of the user is in the registered PLMN and/or the peer PLMN list, and then does not need to To the HSS re-authorization, otherwise step S2106 and step S2108 need to be performed to re-authorize the HSS and obtain new subscription data.
  • Step S2110 According to the subscription information belonging to the proximity server, determine that the terminal is allowed to perform the D2D service, and the user does sign the application identifier, the user context is created, and a temporary identifier code A and corresponding are assigned to the application identifier sent by the user. Validity period.
  • Step S2112 The home proximity server generates an identifier of the visited proximity server according to the visited PLMN identifier obtained by the PLMN where the terminal is located in the step S2104, and obtains the IP address of the proximity server through the DNS lookup, and then A broadcast request authorization message is sent to the visited proximity server, with an application identifier, a terminal identifier, and an assigned temporary identifier code A and a corresponding validity period.
  • the visited proximity server authorizes the current broadcast request, and records the received application identifier, the terminal identifier, and the assigned temporary identifier code A and the corresponding validity period, so as to perform subsequent billing.
  • the visited proximity server returns a broadcast request authorization response message.
  • Step S2116 After receiving the local short-distance server to authorize the current broadcast request, the proximity server returns the assigned temporary identifier code A and the corresponding validity period to the UE A.
  • step S2118 the terminal A acquires radio resources from the current registration network.
  • the user-registered network base station can broadcast the available D2D radio resources, and the terminal obtains the available D2D radio resources through the radio resource control (Radio Resource Control, RRC for short) process.
  • RRC Radio Resource Control
  • step S2120 the terminal A broadcasts the obtained code A on the acquired radio resource.
  • the terminal A sets a timer, which is periodically broadcast during the validity period indicated by step S2116.
  • the home proximity server obtains the resident PLMN information from the terminal, performs an authorization check in the HSS, or performs an authorization check by the home proximity server according to the subscription data provided by the HSS, and when the subsequent resident PLMN information is sent from the terminal.
  • the HSS is re-authorized when not in the current registered PLMN information and/or the current peer PLMN list obtained from the HSS.
  • FIG. 22 is a flowchart of a listening request for authorization processing according to a preferred embodiment of the present invention. As shown in FIG. 22, the flow includes the following steps:
  • step S2202 the terminal B acquires the application identifier of the terminal A from the operator or a third party.
  • Step S2204 If the terminal B wants to discover the terminal A, the terminal establishes a connection with the network, and sends a monitoring request to the proximity server, where the request includes the terminal A application identifier, the terminal B terminal identifier, and the terminal currently camped on the terminal. PLMN logo.
  • the terminal B generates the identity of the proximity server through the PLMN identity that it belongs to, and obtains the IP address of the home server by the DNS lookup.
  • the terminal identifier is IMSI or MSISDN. Terminal B acquires the resident PLMN and is similar to that in step S2104.
  • Step S2206 After receiving the discovery request, the proximity server requests, if there is no user context, to send a subscription request to the home subscriber server, with a user identifier, and in the message, may also carry the currently camped PLMN brought by the terminal. information.
  • Step S2208 If the PLMN information currently camped by the terminal is not carried in step S2206, the HSS returns the D2D subscription information of the user to the home proximity server, and the terminal currently registers the PLMN and/or the current peer PLMN list.
  • the affiliation server determines whether the PLMN currently camped by the terminal is in the PLMN and/or the current peer PLMN list currently registered by the terminal provided by the HSS. If yes, it further determines whether access is permitted according to the subscription information, otherwise access is not allowed. At this time, the HSS may send all the D2D data to the home proximity server, and the home proximity server performs the access check.
  • the home subscriber server HSS determines whether the PLMN currently camped by the user is allowed, such as checking whether the currently camped PLMN is in the currently registered PLMN information, or whether it is currently peer-to-peer. Within the PLMN list, yes, otherwise not allowed.
  • the home subscriber server returns the subscription information of the terminal in the subscription response, and in the case of roaming, the home subscriber server also returns the visited PLMN identity and/or the peer PLMN identity list currently registered by the user.
  • the HSS may issue different subscription data according to different PLMNs where the terminal currently resides.
  • the home proximity server checks whether the current resident PLMN of the user is in the registered PLMN and/or the peer PLMN. In the list, there is no need to re-authorize the HSS. Otherwise, steps S2206 and S2208 need to be performed to re-authorize the HSS and obtain new subscription data.
  • Step S2210 Create a user context according to the fact that the subscription information belongs to the proximity server and determines that the terminal is allowed to perform the D2D service. If the destination application identifier requested by the terminal is another PLMN, the IP address of the destination close-range server is obtained through the DNS according to the provided PLMN information, and then the interception request is sent to the destination close-range server, with the terminal A application identifier that is desired to be discovered. Terminal B terminal identification. If the destination application identifier requested by the terminal is the home PLMN, step S2212 is not performed, and the home proximity server directly finds the corresponding code A and the corresponding validity period according to the terminal A application identifier.
  • step S2212 the destination proximity server finds the corresponding code A and the corresponding validity period according to the terminal A application identifier, and returns the information to the home proximity server.
  • Step S2214 The home proximity server generates an identifier of the visited proximity server according to the visited PLMN identifier obtained in step S604, and obtains the visited proximity server IP address through the DNS lookup, and then sends a broadcast request to the visited proximity server.
  • Authorization message with application identification, terminal identification, code A and corresponding validity period.
  • the visited proximity server authorizes the current interception request, and records the received application identifier, the terminal identifier, and the code A and the corresponding validity period, so as to perform subsequent billing.
  • the visited proximity server returns a listening authorization request response message.
  • step S2218 the home proximity server sends the obtained code A and validity period to the terminal B.
  • step S2220 the terminal B acquires radio resources.
  • the terminal B configures the radio resource corresponding to each PLMN that the D2D monitors, and the terminal can listen to all the radio resources within the valid value indicated by step S2218.
  • step S2222 the terminal B listens to the code A, and successfully finds that the terminal A is in the adjacent area.
  • step S2210 may return a mask.
  • the code monitored in step S2222 matches the template, such as the first few bits of the code and the If the template is completely matched, the terminal B needs to initiate a matching process to learn the application identifier corresponding to the code.
  • FIG. 23 is a flowchart of a matching request for authorization processing according to a preferred embodiment of the present invention. As shown in FIG. 23, the flow includes the following steps:
  • step S2302 the terminal B listens to the code A, and the code A matches the mask, but the terminal B does not recognize the code A.
  • step S2304 the terminal B establishes a connection with the network, and sends a matching request to the home proximity server, where the request includes the found code A, the terminal B terminal identifier, and the PLMN identifier currently hosted by the terminal.
  • the terminal B generates the identity of the proximity server through the PLMN identity that it belongs to, and obtains the IP address of the home server by the DNS lookup.
  • the terminal identifier is IMSI or MSISDN. Terminal B acquires the resident PLMN and is similar to that in step S2004.
  • Step S2306 After receiving the discovery request, the proximity server requests the home subscriber server to send a subscription request with the user identifier if there is no user context. In this message, it is also possible to carry the currently camped PLMN information carried by the terminal.
  • Step S2308 If the PLMN information currently camped by the terminal is not carried in step S2306, the HSS returns the D2D subscription information of the user to the home proximity server, and the PLMN and/or the peer PLMN list currently registered by the terminal.
  • the affiliation server determines whether the PLMN currently camped by the terminal is in the list of PLMNs and/or peer PLMNs currently registered by the terminal provided by the HSS. If yes, it further determines whether access is permitted according to the subscription information, otherwise access is not allowed. At this time, the HSS may send all the D2D data to the home proximity server, and the home proximity server performs the access check.
  • the home subscriber server HSS determines whether the PLMN currently camped by the user is allowed, such as checking whether the currently camped PLMN is in the currently registered PLMN information, or whether it is in the peer PLMN. Within the list, yes, otherwise not allowed.
  • the home subscriber server returns the subscription information of the terminal in the subscription response, and in the case of roaming, the home subscriber server also returns the visited PLMN identity and/or the peer PLMN identity list currently registered by the user.
  • the HSS may issue different subscription data according to different PLMNs where the terminal currently resides.
  • the home proximity server checks whether the current resident PLMN of the user is in the registered PLMN or the peer PLMN list, and then does not need to go to the HSS. Re-authorization, otherwise step S2306 and step S2308 need to be performed to re-authorize the HSS and obtain new subscription data.
  • the user context is created according to the fact that the subscription information belongs to the proximity server and determines that the terminal is allowed to perform the D2D service.
  • the belonging close distance server determines whether the visited proximity server has authorized the current monitoring, and if so, skips step S2310 and step S2312.
  • Step S2310 The home proximity server generates an identifier of the visited proximity server according to the visited PLMN identifier obtained by the PLMN where the terminal is located in the step S2304, and obtains the IP address of the proximity server through the DNS lookup, and then Sending a broadcast request authorization message to the visited proximity server, with an application identifier, a terminal identifier, and code A.
  • step S2312 the visited proximity server authorizes the current listening request, and records the received application identifier, terminal identifier, and code A for subsequent charging.
  • the visited proximity server returns a listening authorization request response message.
  • Step S2314 If the PLMN information in the code A that is monitored is the home PLMN, the home proximity server obtains the terminal A application identifier and the validity period according to the code A that is sent. If the monitored PLMN information in the CodeA indicates another PLMN, the home proximity server obtains the destination short-range server IP address through the DNS according to the destination PLMN information, and sends a matching request message with the code A and the terminal B terminal identifier.
  • step S2316 the destination proximity server obtains the terminal A application identifier and the validity period according to the received Code A.
  • step S2318 the destination proximity server returns the acquired terminal A application identifier and validity period to the home proximity server.
  • step S2320 the home proximity server sends a matching report to the visited proximity server A of the terminal A, with the terminal A application identifier and the user identifier, and the visited proximity server A saves the information and performs charging.
  • Step S2322 The home proximity server sends a matching report to the visited proximity server B of the terminal B, with the terminal A application identifier and the user identifier B, and the visited proximity server B saves the information and performs charging.
  • step S2324 the home proximity server returns the terminal A application identifier and the validity period to the UE B, and the UE B successfully discovers that the terminal A is in the adjacent area. Within this validity period, both the code A and the terminal A application identifiers match.
  • FIG. 24 is a flowchart of obtaining a peer PLMN by a UE and an HSS according to a preferred embodiment of the present invention. As shown in FIG. 24, the process includes the following steps:
  • Step S2402 The terminal accesses an originating or location update request by using an Evolved Telecommunication System Radio Access Network (E-UTRAN), and after receiving the message, the MME acquires the PLMN information selected therein.
  • the PLMN information may be selected by the terminal (supporting the terminal that selects the PLMN) or selected by the base station (the terminal that does not support the selection of the PLMN).
  • the terminal also brings its own ability to support D2D services to the MME.
  • Step S2404 After the MME completes the authentication and other verification, the MME initiates a location update request to the HSS, where the PLMN information obtained in step S2402 is carried as the PLMN information registered by the terminal; if the terminal indicates that the D2D capability is supported, and the MME is configured with the registered PLMN Corresponding peer-to-peer PLMN list, the location update request message initiated by the HSS also carries a list of peer PLMNs corresponding to the PLMN, including one or Multiple peer PLMNs. The so-called peer PLMN list means that all PLMNs in the list are equivalent to the registered PLMN.
  • the MME indicates skipping the insertion of the subscription data (ie, the MME may have obtained the subscription data)
  • the Insert Contract Data portion may be skipped, but the HSS will still maintain the Registered PLMN and/or the Peer PLMN list.
  • step S2410 the HSS returns a location update response to the MME.
  • step S2412 the MME completes the D2D authorization and the contract check according to the subscription data.
  • the MME sends the registered PLMN and/or peer PLMN information to the terminal.
  • modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
  • the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module.
  • the invention is not limited to any specific combination of hardware and software.
  • the above embodiments and preferred embodiments solve the problem that the HSS cannot perform authorization control on the user when moving between the PLMNs in the related art, thereby achieving the HSS when the user moves between the PLMNs.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present invention provides an authorization processing solution. An authorization processing method comprises: acquiring camping public land mobile network (PLMN) information of a PLMN that a user equipment (UE) initiating a service request currently camps on; determining whether the camping PLMN information exists in registered PLMN information and/or peer PLMN information corresponding to registered PLMNs that are stored in a proximity server; if the determination result is Yes, performing authorization processing on the service request of the UE according to the camping PLMN information; and/or if the determination result is No, performing authorization processing on the service request of the UE according to current registered PLMN information and/or current peer PLMN information corresponding to the current registered PLMN information that are acquired from a home subscriber server (HSS). The present invention achieves the effect that the HSS can perform effective authorization control on a user when the user moves among various PLMNs.

Description

授权处理方法、装置、近距离服务器、及归属用户服务器Authorization processing method, device, proximity server, and home subscriber server 技术领域Technical field
本发明涉及通信领域,具体而言,涉及一种授权处理方法、装置、近距离服务器、用户设备及归属用户服务器。The present invention relates to the field of communications, and in particular, to an authorization processing method and apparatus, a proximity server, a user equipment, and a home subscriber server.
背景技术Background technique
临近区域的终端利用设备到设备(Device to Device,简称为D2D)直接通信能够给终端带来很多好处,比如更高的速率,更低的延迟以及更小的功耗,同时也极大地提高了运营商的无线资源效率,D2D的Relay模式有利于运营商提高无线覆盖;对于应用来说利用D2D通讯过程中的临近信息可以开发出更加吸引人的新业务。公共安全(Public Safety)系统也可以利用D2D技术实现没有无线覆盖的情况下终端之间的通讯。Direct communication between devices in the vicinity using Device to Device (D2D for short) can bring many benefits to the terminal, such as higher speed, lower latency and lower power consumption, and greatly improved. The wireless resource efficiency of the operator, the D2D Relay mode is beneficial for operators to improve wireless coverage; for applications, the use of proximity information in the D2D communication process can develop more attractive new services. The Public Safety system can also use D2D technology to enable communication between terminals without wireless coverage.
图1是相关技术中和3GPP相关的D2D架构示意图,如图1所示,重点网元的功能说明如下。FIG. 1 is a schematic diagram of a D2D architecture related to 3GPP in the related art. As shown in FIG. 1 , the functions of the key network elements are described below.
终端:也叫用户设备(User Equipment,简称为UE),支持终端和终端之间的接口PC5发送和接受信号,同时在有覆盖的情况下,支持通过无线接入基站,并通过S1接口接入核心网,终端通过用户面接口PC3和近距离通信服务器通信。Terminal: also called User Equipment (UE), which supports the interface PC5 between the terminal and the terminal to send and receive signals. At the same time, it has access to the base station through the radio and access through the S1 interface. In the core network, the terminal communicates with the proximity communication server through the user plane interface PC3.
基站:在演进系统中也叫演进的NodeB(Evolved NodeB,简称为eNodeB),主要为终端的接入提供无线资源,同时和核心网通过S1接口互通。Base station: In the evolved system, it is also called an evolved NodeB (Evolved NodeB, eNodeB for short), which provides radio resources for the access of the terminal, and communicates with the core network through the S1 interface.
核心网,包括了移动管理单元和网关。移动管理单元是控制面实体,负责临时存储用户数据的服务器,负责鉴权、移动性管理和签约检查等;网关是用户面实体,负责为终端分配IP地址、转发终端的上下行数据包文,并进行计费等。The core network includes the mobility management unit and gateway. The mobile management unit is a control plane entity responsible for temporarily storing user data, and is responsible for authentication, mobility management, and subscription checking. The gateway is a user plane entity, which is responsible for allocating an IP address to the terminal and forwarding the uplink and downlink data packets of the terminal. And billing and so on.
近距离通信服务器,该服务器位于核心网外面,终端通过用户面接口PC3和该服务器进行通信。该服务器的主要功能包括了D2D业务授权、为终端请求的应用分配临时code用于终端广播、协助进行D2D发现以及计费等功能。授权信息来自于归属用户服务器。目前一个公共陆地移动网络(Public Land Mobile Network,简称为PLMN)支持一个近距离通信服务器,也可以多个PLMN共享一个近距离通信服务器。 A short-range communication server, which is located outside the core network, and the terminal communicates with the server through the user plane interface PC3. The main functions of the server include D2D service authorization, allocation of temporary code for terminal-requested applications for terminal broadcast, assistance with D2D discovery, and billing. The authorization information comes from the home subscriber server. Currently, a Public Land Mobile Network (PLMN) supports a short-range communication server, and multiple PLMNs can share a short-range communication server.
归属用户服务器,位于归属网,主要功能是提供用户和应用的签约信息和认证信息。The home subscriber server is located in the home network. The main function is to provide subscription information and authentication information for users and applications.
运营商为终端上的应用分配唯一的应用标识,比如,该标识包括了PLMN信息以及应用标识信息,PLMN包括了国家码和网络号,应用标识信息唯一标识一个应用,也可以唯一标识一类应用,比如宾馆、饭店等。在有覆盖的情况下,终端D2D如果需要使用运营商的频段资源,需要从运营商获得授权且运营商能够进行控制和收费,这时终端一般不允许直接广播自己的应用标识,而是需要从近距离服务器获取一个和该应用标识唯一对应的临时标识code,然后广播该code。The operator allocates a unique application identifier to the application on the terminal. For example, the identifier includes the PLMN information and the application identifier information. The PLMN includes the country code and the network number. The application identifier information uniquely identifies an application, and may also uniquely identify an application. Such as hotels, restaurants, etc. In the case of coverage, if the terminal D2D needs to use the carrier's frequency band resources, it needs to obtain authorization from the operator and the operator can control and charge. In this case, the terminal generally does not allow direct broadcast of its own application identifier, but needs to The proximity server acquires a temporary identification code uniquely corresponding to the application identifier, and then broadcasts the code.
两个终端的D2D发现包括了2个过程:UE A广播、UE B监听。如果UE B监听到的code A已经认识,则终端B发现终端A在附近。如果终端B不认识监听到的code A,则还有一个到网络匹配的过程,从网络获知和该code A对应的UE A的应用标识,从而发现终端A在附近。这三个过程的描述分别如图2、图3和图4所示。The D2D discovery of the two terminals includes two processes: UE A broadcast, UE B listen. If the code A monitored by UE B already knows, terminal B finds that terminal A is nearby. If the terminal B does not recognize the monitored code A, there is still a process of matching to the network, and the application identifier of the UE A corresponding to the code A is learned from the network, so that the terminal A is found nearby. The description of these three processes is shown in Figures 2, 3 and 4, respectively.
图2是相关技术中D2D业务的广播请求流程图,如图2所示,该流程包括如下步骤:2 is a flow chart of a broadcast request for a D2D service in the related art. As shown in FIG. 2, the process includes the following steps:
步骤S202,终端A从运营商获取应用标识,该应用标识只允许被UE A所使用。In step S202, the terminal A obtains an application identifier from the operator, and the application identifier is only allowed to be used by the UE A.
步骤S204,终端A如果希望利用运营商的无线资源广播自己,从而其他人能够发现自己,则和网络建立连接,并向近距离服务器发送广播请求消息,该请求里面包括了希望广播的应用标识、终端标识和发送(announcing)的指示。终端A通过自己归属的PLMN标识,生成归属近距离服务器的标识,并通过域名服务器(Domain Name Server,简称为DNS)查找获知归属近距离服务器IP地址。终端标识为国际移动用户标识符(International Mobile Subscriber Identifier,简称为IMSI)或者移动用户综合业务数字网(Mobile Subscriber Integrated Service Digital Network,简称为MSISDN)。Step S204, if the terminal A wants to broadcast itself by using the wireless resource of the operator, so that other people can discover themselves, establish a connection with the network, and send a broadcast request message to the proximity server, where the request includes the application identifier that is desired to be broadcast, Endpoint identification and indication of announcing. The terminal A generates the identity of the home proximity server through the PLMN identity that belongs to the terminal, and searches for the IP address of the home server by using the domain name server (DNS). The terminal identifier is an International Mobile Subscriber Identifier (IMSI) or a Mobile Subscriber Integrated Service Digital Network (MSISDN).
步骤S206,归属近距离服务器收到广播请求之后,如果没有用户上下文,则向归属用户服务器请求发送签约请求,带有用户标识。Step S206: After receiving the broadcast request, the home proximity server requests, if there is no user context, to send a subscription request to the home subscriber server, with the user identifier.
步骤S208,归属用户服务器在签约响应中返回终端的签约信息,同时在漫游的情况下,归属用户服务器也返回用户当前注册的拜访地PLMN标识。Step S208: The home subscriber server returns the subscription information of the terminal in the subscription response, and in the case of roaming, the home subscriber server also returns the visited PLMN identifier currently registered by the user.
步骤S210,根据签约信息归属近距离服务器判断允许该终端进行D2D业务且该用户的确签约有发送的应用标识,则创建用户上下文,并为该用户发送的应用标识分配一个临时的标识code A以及对应的有效期。 Step S210: According to the contract information belonging to the proximity server, determine that the terminal is allowed to perform the D2D service, and the user does sign the application identifier, the user context is created, and a temporary identifier code A and corresponding are assigned to the application identifier sent by the user. Validity period.
步骤S212,归属近距离服务器根据步骤S208所获得的拜访地PLMN标识,生成拜访地近距离服务器的标识,并通过DNS查找获知拜访地近距离服务器IP地址,然后向该拜访近距离服务器发送广播请求授权消息,其中带有应用标识、终端标识以及分配的临时标识code A和对应的有效期。Step S212, the home proximity server generates an identifier of the visited proximity server according to the visited PLMN identifier obtained in step S208, and obtains the visited proximity server IP address through the DNS lookup, and then sends a broadcast request to the visited proximity server. Authorization message with application identification, terminal identification, and assigned temporary identification code A and corresponding validity period.
步骤S214,拜访地近距离服务器授权本次广播请求,并记录下所收到的应用标识、终端标识以及分配的临时标识code A和对应的有效期,以便后续进行计费。拜访地近距离服务器返回广播请求授权响应消息。In step S214, the visited proximity server authorizes the current broadcast request, and records the received application identifier, the terminal identifier, and the assigned temporary identifier code A and the corresponding validity period, so as to perform subsequent billing. The visited proximity server returns a broadcast request authorization response message.
步骤S216,收到拜访地近距离服务器授权本次广播请求之后,近距离服务器将分配的临时标识code A和对应的有效期返回给UE A。Step S216: After receiving the local short-distance server to authorize the current broadcast request, the proximity server returns the assigned temporary identifier code A and the corresponding validity period to the UE A.
步骤S218,终端A从当前注册网络获取无线资源。用户注册的网络基站可以广播可用的D2D无线资源,终端通过竞争的方式获得,基站也可以通过RRC过程为终端指定可用的D2D无线资源。Step S218, the terminal A acquires radio resources from the current registration network. The user-registered network base station can broadcast the available D2D radio resources, and the terminal obtains the content through the contention. The base station can also specify the available D2D radio resources for the terminal through the RRC procedure.
步骤S220,终端A在获取的无线资源上广播所获得的code A。为了提高效率,终端A设置定时器,在步骤S216指示的有效期内定时广播。In step S220, the terminal A broadcasts the obtained code A on the acquired radio resource. In order to improve efficiency, the terminal A sets a timer and periodically broadcasts during the validity period indicated in step S216.
当有效期超时之后,该临时标识code A就失效了,终端A必须重新发起广播请求的过程,重新获取临时标识code A和有效期。当用户移出当前注册的PLMN之后,该Code A立刻变为无效,终端也需要重新发起广播请求的过程。After the validity period expires, the temporary identification code A is invalidated, and the terminal A must re-initiate the process of broadcasting the request, and re-acquire the temporary identification code A and the validity period. After the user moves out of the currently registered PLMN, the Code A immediately becomes invalid, and the terminal also needs to re-initiate the broadcast request process.
图3相关技术中D2D业务的监听请求流程图,如图3所示,该流程包括如下步骤:FIG. 3 is a flowchart of a listening request for a D2D service in the related art. As shown in FIG. 3, the process includes the following steps:
步骤S302,终端B从运营商或者第三方获取终端A的应用标识。In step S302, the terminal B obtains the application identifier of the terminal A from the operator or a third party.
步骤S304,终端B如果希望发现终端A,则和网络建立连接,并向近距离服务器发送监听请求,该请求里面包括了希望发现的终端A应用标识、终端B终端标识。终端B通过自己归属的PLMN标识,生成近距离服务器的标识,并通过DNS查找获知归属近距离服务器IP地址。终端标识为IMSI或者MSISDN。Step S304: If the terminal B wants to discover the terminal A, the terminal B establishes a connection with the network, and sends a monitoring request to the proximity server, where the request includes the terminal A application identifier and the terminal B terminal identifier that are to be discovered. The terminal B generates the identity of the proximity server through the PLMN identity that it belongs to, and obtains the IP address of the home server by the DNS lookup. The terminal identifier is IMSI or MSISDN.
步骤S306,近距离服务器收到发现请求之后,如果没有用户上下文,则向归属用户服务器请求发送签约请求,带有用户标识。Step S306, after receiving the discovery request, the proximity server requests the home subscriber server to send a subscription request with the user identifier if there is no user context.
步骤S308,归属用户服务器在签约响应中返回终端的签约信息,同时在漫游的情况下,归属用户服务器也返回用户当前注册的拜访地PLMN标识。 Step S308, the home subscriber server returns the subscription information of the terminal in the subscription response, and in the case of roaming, the home subscriber server also returns the visited PLMN identifier currently registered by the user.
步骤S310,根据签约信息归属近距离服务器判断允许该终端进行D2D业务,则创建用户上下文。如果终端请求的目的应用标识是另外一个PLMN的,则根据所提供的PLMN信息通过DNS获取目的近距离服务器的IP地址,然后向目的近距离服务器发送监听请求,带有希望发现的终端A应用标识、终端B终端标识。如果终端请求的目的应用标识就是该归属PLMN,则不执行步骤S312,归属近距离服务器直接根据终端A应用标识,找到对应的code A和对应的有效期。Step S310: Create a user context according to the fact that the subscription information belongs to the proximity server and determines that the terminal is allowed to perform the D2D service. If the destination application identifier requested by the terminal is another PLMN, the IP address of the destination close-range server is obtained through the DNS according to the provided PLMN information, and then the interception request is sent to the destination close-range server, with the terminal A application identifier that is desired to be discovered. Terminal B terminal identification. If the destination application identifier requested by the terminal is the home PLMN, step S312 is not performed, and the home proximity server directly finds the corresponding code A and the corresponding validity period according to the terminal A application identifier.
步骤S312,目的近距离服务器根据终端A应用标识,找到对应的code A和对应的有效期,并将这些信息返回给归属近距离服务器。Step S312, the destination proximity server finds the corresponding code A and the corresponding validity period according to the terminal A application identifier, and returns the information to the home proximity server.
步骤S314,归属近距离服务器将所获得的code A和有效期,发送给终端B。Step S314, the belonging proximity server sends the obtained code A and the validity period to the terminal B.
步骤S316,终端B获取无线资源。终端B配置允许D2D监听的每个PLMN所对应的无线资源,终端可以在步骤S314,所指示的有效值内监听所有的这些无线资源。In step S316, the terminal B acquires a radio resource. The terminal B configures the radio resource corresponding to each PLMN that the D2D monitors, and the terminal may listen to all the radio resources in the indicated valid value in step S314.
步骤S318,终端B监听到code A,则成功发现终端A在临近区域。Step S318, when the terminal B listens to the code A, the terminal A is successfully found to be in the adjacent area.
当有效期超时之后,该临时标识code A就失效了,终端B必须重新发起监听请求的过程,获取新的临时标识code A和有效期。After the validity period expires, the temporary identification code A is invalidated, and the terminal B must re-initiate the process of listening for the request to acquire the new temporary identification code A and the validity period.
如果步骤S304,中,终端B带上来的是一类应用,则步骤S314,可能返回一个模板(mask),这时候步骤S318,中若监听到的code和该模板匹配,比如code的前几个bit和该模板完全匹配,则终端B需要发起匹配过程来获知和该code对应的应用标识。If the terminal B brings up a type of application in step S304, then in step S314, a mask may be returned. In this step, if the monitored code matches the template, such as the first few codes. If the bit and the template match exactly, the terminal B needs to initiate a matching process to learn the application identifier corresponding to the code.
图4是相关技术中D2D业务的匹配请求流程图,如图4所示,该流程包括如下步骤:FIG. 4 is a flowchart of a matching request for a D2D service in the related art. As shown in FIG. 4, the process includes the following steps:
步骤S402,终端B监听到code A,该Code A和模板(mask)匹配,但是终端B并不认识该code A。In step S402, the terminal B listens to the code A, and the code A matches the mask, but the terminal B does not recognize the code A.
步骤S404,终端B和网络建立连接,并向归属近距离服务器发送匹配请求,该请求里面包括了发现的code A、终端B终端标识。终端B通过自己归属的PLMN标识,生成近距离服务器的标识,并通过DNS查找获知归属近距离服务器IP地址。终端标识为IMSI或者MSISDN。 Step S404, the terminal B establishes a connection with the network, and sends a matching request to the home proximity server, where the request includes the found code A and the terminal B terminal identifier. The terminal B generates the identity of the proximity server through the PLMN identity that it belongs to, and obtains the IP address of the home server by the DNS lookup. The terminal identifier is IMSI or MSISDN.
步骤S406,近距离服务器收到发现请求之后,如果没有用户上下文,则向归属用户服务器请求发送签约请求,带有用户标识。归属用户服务器在签约响应中返回终端的签约信息。Step S406: After receiving the discovery request, the proximity server requests the home subscriber server to send a subscription request with the user identifier if there is no user context. The home subscriber server returns the subscription information of the terminal in the subscription response.
步骤S408,根据签约信息归属近距离服务器判断允许该终端进行D2D业务。如果监听到的Code A中PLMN信息就是本归属PLMN,则归属近距离服务器根据带上来的Code A获取终端A应用标识和有效期。如果监听到的Code A中PLMN信息指示另外一个PLMN,则归属近距离服务器根据目的PLMN信息通过DNS获得目的近距离服务器IP地址,并发送将匹配请求消息,其中带有code A、终端B终端标识。Step S408, determining that the terminal is allowed to perform D2D service according to the subscription information belonging to the proximity server. If the monitored PLMN information in the Code A is the home PLMN, the home proximity server obtains the terminal A application identifier and the validity period according to the code A that is sent. If the monitored PLMN information in the Code A indicates another PLMN, the home proximity server obtains the destination short-range server IP address through the DNS according to the destination PLMN information, and sends a matching request message with the code A and the terminal B terminal identifier. .
步骤S410,目的近距离服务器根据收到的Code A获取终端A应用标识和有效期。Step S410, the destination proximity server obtains the terminal A application identifier and the validity period according to the received Code A.
步骤S412,目的近距离服务器将获取到的终端A应用标识和有效期返回给归属近距离服务器。Step S412, the destination proximity server returns the acquired terminal A application identifier and the validity period to the belonging proximity server.
步骤S414,归属近距离服务器将终端A应用标识和有效期返回给UE B,于是UE B成功发现终端A在临近区域。在该有效期之内,code A和终端A应用标识都是匹配的。Step S414, the home proximity server returns the terminal A application identifier and the validity period to the UE B, and the UE B successfully discovers that the terminal A is in the adjacent area. Within this validity period, both the code A and the terminal A application identifiers match.
基于D2D的上述通信流程,HSS提供当前注册的PLMN信息,然而当用户在各个PLMN移动时,由于不会发起路由/跟踪区更新,对应的归属近距离服务器不会向HSS发起授权请求,因而无法实现HSS对用户的授权控制。Based on the above communication flow of D2D, the HSS provides the currently registered PLMN information. However, when the user moves in each PLMN, since the routing/tracking area update is not initiated, the corresponding home proximity server does not initiate an authorization request to the HSS, and thus cannot Implement the authorization control of the HSS to the user.
发明内容Summary of the invention
本发明提供了一种授权处理方案,以至少解决相关技术中用户在各个PLMN间移动时,HSS无法对用户进行授权控制的问题。The present invention provides an authorization processing scheme to at least solve the problem that the HSS cannot authorize the user when the user moves between the PLMNs in the related art.
根据本发明的一个方面,提供了一种授权处理方法,包括:获取发起业务请求的用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;判断所述驻留PLMN信息是否在近距离服务器上保存的注册PLMN信息和/或所述注册PLMN对应的对等PLMN信息中;在判断结果为是的情况下,依据所述驻留PLMN信息对所述UE的业务请求进行授权处理;和/或,在判断结果为否的情况下,依据从归属用户服务器HSS获取的当前注册PLMN信息和/或所述当前注册PLMN信息对应的当前对等PLMN信息对所述UE的业务请求进行授权处理。According to an aspect of the present invention, an authorization processing method is provided, including: acquiring resident PLMN information of a public land mobile network PLMN currently camped on by a user equipment UE that initiates a service request; determining whether the resident PLMN information is near In the case of the registered PLMN information stored on the server and/or the peer PLMN information corresponding to the registered PLMN; if the determination result is yes, the service request of the UE is authorized according to the resident PLMN information; And/or, if the determination result is no, authorizing the service request of the UE according to the current registered PLMN information acquired from the home subscriber server HSS and/or the current peer PLMN information corresponding to the currently registered PLMN information. deal with.
优选地,依据从所述HSS获取的所述当前注册PLMN信息和/或所述当前注册PLMN信息对应的所述当前对等PLMN信息对所述UE的业务请求进行授权处理包括: 判断所述驻留PLMN信息是否在所述当前注册PLMN信息和/或所述当前对等PLMN信息中;在判断结果为是的情况下,依据所述驻留PLMN信息对所述UE的业务请求进行授权;和/或,在判断结果为否的情况下,拒绝所述UE的业务请求。Preferably, the authorization processing of the service request of the UE according to the current registered PLMN information acquired from the HSS and/or the current peer PLMN information corresponding to the current registered PLMN information includes: Determining whether the resident PLMN information is in the current registered PLMN information and/or the current peer PLMN information; if the determination result is yes, the service request to the UE according to the resident PLMN information Authorizing; and/or, if the judgment result is no, rejecting the service request of the UE.
优选地,获取发起业务请求的所述UE当前驻留的所述PLMN的所述驻留PLMN信息包括:接收来自所述UE的业务请求消息,其中,所述业务请求消息中携带有所述UE当前驻留的所述PLMN的所述驻留PLMN信息。Preferably, the obtaining the resident PLMN information of the PLMN currently camped by the UE that initiates the service request comprises: receiving a service request message from the UE, where the service request message carries the UE The resident PLMN information of the PLMN currently camping on.
根据本发明的另一方面,提供了一种授权处理方法,包括:获取用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;将获取的所述驻留PLMN信息在业务请求中发送给近距离服务器,其中,所述驻留PLMN信息用于所述近距离服务器在确定所述驻留PLMN信息在所述近距离服务器上保存的注册PLMN信息和/或所述注册PLMN信息的对等PLMN信息中,和/或,归属用户服务器HSS确定所述驻留PLMN信息在当前注册PLMN信息中和/或所述当前注册PLMN信息对应的当前对等PLMN信息中时,所述近距离服务器和/或所述HSS对所述UE的所述业务请求进行授权处理。According to another aspect of the present invention, an authorization processing method is provided, including: acquiring resident PLMN information of a public land mobile network PLMN currently camped by a user equipment UE; and obtaining the resident PLMN information obtained in a service request Transmitted to a proximity server, wherein the resident PLMN information is used by the proximity server to determine registered PLMN information and/or the registered PLMN information stored by the resident PLMN information on the proximity server In the peer PLMN information, and/or when the home subscriber server HSS determines that the camped PLMN information is in the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information, the close range The server and/or the HSS perform authorization processing on the service request of the UE.
优选地,在获取所述UE当前驻留的所述PLMN的所述驻留PLMN信息之前,通过以下方式至少之一驻留在PLMN中:驻留在所述注册PLMN信息和/或所述当前注册PLMN信息包括的PLMN中;在基站不支持所述注册PLMN信息和/或所述当前注册PLMN信息包括的PLMN时,驻留在所述基站支持且在所述对等PLMN信息和/或所述当前对等PLMN信息包括的PLMN中;在基站不支持所述注册PLMN信息和/或所述当前注册PLMN信息包括的PLMN,也不支持所述对等PLMN信息和/或所述当前对等PLMN信息包括的PLMN时,驻留在重新发起位置请求后重新选择的PLMN中。Preferably, before acquiring the resident PLMN information of the PLMN currently camped by the UE, at least one of the following resides in the PLMN: residing in the registered PLMN information and/or the current Registering the PLMN information included in the PLMN; when the base station does not support the registered PLMN information and/or the PLMN included in the currently registered PLMN information, camping on the base station support and in the peer PLMN information and/or The PLMN included in the current peer-to-peer PLMN information; the PLMN included in the base station not supporting the registered PLMN information and/or the currently registered PLMN information, and the peer-to-peer PLMN information and/or the current peer-to-peer When the PLMN information includes the PLMN, it resides in the PLMN that is reselected after re-initiating the location request.
根据本发明的又一方面,提供了一种授权处理方法,包括:接收来自近距离服务器的发起业务请求的用户设备UE的授权请求消息;判断所述授权请求消息中是否携带有所述UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;在判断结果为是的情况下,依据当前注册PLMN信息和/或所述当前注册PLMN信息对应的当前对等PLMN信息对所述UE的业务请求进行授权处理;和/或,在判断结果为否的情况下,将所述当前注册PLMN信息和/或所述当前对等PLMN信息发送给所述近距离服务器。According to still another aspect of the present invention, an authorization processing method is provided, including: receiving an authorization request message of a user equipment UE that initiates a service request from a proximity server; determining whether the authorization request message carries the current UE status The resident PLMN information of the resident public land mobile network PLMN; if the determination result is yes, the service to the UE according to the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information Requesting authorization processing; and/or, if the determination result is no, transmitting the current registered PLMN information and/or the current peer PLMN information to the proximity server.
优选地,依据所述当前注册PLMN信息和/或所述当前注册PLMN信息对应的所述当前对等PLMN信息对所述UE的业务请求进行授权处理包括:判断所述驻留PLMN信息是否在所述当前注册PLMN信息中和/或所述当前对等PLMN信息中;在判断结 果为是的情况下,对所述UE的业务请求进行授权;和/或,在判断结果为否的情况下,拒绝所述UE的业务请求。Preferably, performing authorization processing on the service request of the UE according to the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information comprises: determining whether the resident PLMN information is in the office In the current registered PLMN information and/or in the current peer PLMN information; If yes, the service request of the UE is authorized; and/or, if the determination result is no, the service request of the UE is rejected.
优选地,在对所述UE的业务请求进行授权之后,还包括:将所述当前注册PLMN信息和/或所述当前对等PLMN信息发送给所述近距离服务器。Preferably, after authorizing the service request of the UE, the method further includes: sending the current registered PLMN information and/or the current peer PLMN information to the proximity server.
优选地,在依据所述当前注册PLMN信息和/或所述当前注册PLMN信息对应的所述当前对等PLMN信息对所述UE的业务请求进行授权处理之前,还包括:接收移动管理实体MME的位置更新请求,其中,所述位置更新请求中携带有当前注册PLMN信息和/或所述当前对等PLMN信息。Preferably, before performing authorization processing on the service request of the UE according to the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information, the method further includes: receiving a mobility management entity MME a location update request, wherein the location update request carries current registered PLMN information and/or the current peer PLMN information.
根据本发明的还一方面,提供了一种授权处理装置,包括:第一获取模块,设置为获取发起业务请求的用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;第一判断模块,设置为判断所述驻留PLMN信息是否在近距离服务器上保存的注册PLMN信息和/或所述注册PLMN对应的对等PLMN信息中;第一处理模块,设置为在所述第一判断模块的判断结果为是的情况下,依据所述驻留PLMN信息对所述UE的业务请求进行授权处理;和/或,第二处理模块,设置为在所述第一判断模块的判断结果为否的情况下,依据从归属用户服务器HSS获取的当前注册PLMN信息和/或所述当前注册PLMN信息对应的当前对等PLMN信息对所述UE的业务请求进行授权处理。According to still another aspect of the present invention, an authorization processing apparatus is provided, including: a first acquisition module, configured to acquire resident PLMN information of a public land mobile network PLMN currently camped on by a user equipment UE that initiates a service request; a determining module, configured to determine whether the resident PLMN information is stored in the registered PLMN information and/or the peer PLMN information corresponding to the registered PLMN; the first processing module is configured to be in the first If the determination result of the determination module is yes, the service request of the UE is authorized according to the resident PLMN information; and/or the second processing module is set to the determination result of the first determination module. In the case of no, the service request of the UE is authorized according to the current registered PLMN information acquired from the home subscriber server HSS and/or the current peer PLMN information corresponding to the currently registered PLMN information.
优选地,所述第一处理模块包括:第一判断单元,设置为判断所述驻留PLMN信息是否在所述当前注册PLMN信息和/或所述当前对等PLMN信息中;第一授权单元,设置为在所述第一判断单元的判断结果为是的情况下,依据所述驻留PLMN信息对所述UE的业务请求进行授权;和/或,第一拒绝单元,设置为在所述第一判断单元的判断结果为否的情况下,拒绝所述UE的业务请求。Preferably, the first processing module includes: a first determining unit, configured to determine whether the resident PLMN information is in the current registered PLMN information and/or the current peer PLMN information; a first authorization unit, When the determination result of the first determining unit is yes, the service request of the UE is authorized according to the resident PLMN information; and/or the first rejecting unit is set to be in the first When the judgment result of the judgment unit is NO, the service request of the UE is rejected.
优选地,所述第一获取模块包括:第一接收单元,设置为接收来自所述UE的业务请求消息,其中,所述业务请求消息中携带有所述UE当前驻留的所述PLMN的所述驻留PLMN信息。Preferably, the first obtaining module includes: a first receiving unit, configured to receive a service request message from the UE, where the service request message carries a location of the PLMN currently camped by the UE Residing PLMN information.
根据本发明的还一方面,提供了一种近距离服务器,包括上述任一项所述的装置。According to still another aspect of the present invention, a proximity server is provided, comprising the apparatus of any of the above.
根据本发明的再一方面,提供了一种授权处理装置,包括:第二获取模块,设置为获取用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;第一发送模块,设置为将获取的所述驻留PLMN信息在业务请求中发送给近距离服务器,其中,所述驻留PLMN信息用于所述近距离服务器在确定所述驻留PLMN信息在所述近 距离服务器上保存的注册PLMN信息和/或所述注册PLMN信息的对等PLMN信息中,和/或,归属用户服务器HSS确定所述驻留PLMN信息在当前注册PLMN信息中和/或所述当前注册PLMN信息对应的当前对等PLMN信息中时,所述近距离服务器和/或所述HSS对所述UE的所述业务请求进行授权处理。According to a further aspect of the present invention, there is provided an authorization processing apparatus, comprising: a second acquisition module, configured to acquire resident PLMN information of a public land mobile network PLMN currently camped on by a user equipment UE; a first sending module, setting Transmitting the acquired resident PLMN information to a proximity server in a service request, wherein the resident PLMN information is used by the proximity server to determine the resident PLMN information in the near From the registered PLMN information stored on the server and/or the peer PLMN information of the registered PLMN information, and/or the home subscriber server HSS determines that the resident PLMN information is in the currently registered PLMN information and/or the current When registering the current peer PLMN information corresponding to the PLMN information, the proximity server and/or the HSS perform authorization processing on the service request of the UE.
优选地,该装置还包括驻留模块,设置为通过以下方式至少之一驻留在PLMN中:驻留在所述注册PLMN信息和/或所述当前注册PLMN信息包括的PLMN中;在基站不支持所述注册PLMN信息和/或所述当前注册PLMN信息包括的PLMN时,驻留在所述基站支持且在所述对等PLMN信息和/或所述当前对等PLMN信息包括的PLMN中;在基站不支持所述注册PLMN信息和/或所述当前注册PLMN信息包括的PLMN,也不支持所述对等PLMN信息和/或所述当前对等PLMN信息包括的PLMN时,驻留在重新发起位置请求后重新选择的PLMN中。Advantageously, the apparatus further comprises a camping module arranged to reside in the PLMN by at least one of: residing in the PLMN included in the registered PLMN information and/or the currently registered PLMN information; Supporting the registered PLMN information and/or the PLMN included in the currently registered PLMN information, camping in a PLMN supported by the base station and included in the peer PLMN information and/or the current peer PLMN information; Residing in the PLMN included in the base station not supporting the registered PLMN information and/or the currently registered PLMN information, and not supporting the peer PLMN information and/or the PLMN included in the current peer PLMN information In the PLMN that is reselected after initiating the location request.
根据本发明的又一方面,提供了一种用户设备UE,包括上述任一项所述的装置。According to still another aspect of the present invention, a user equipment UE is provided, comprising the apparatus of any of the above.
根据本发明的还一方面,提供了一种授权处理装置,包括:第一接收模块,设置为接收来自近距离服务器的发起业务请求的用户设备UE的授权请求消息;第二判断模块,设置为判断所述授权请求消息中是否携带有所述UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;第三处理模块,设置为在所述第二判断模块的判断结果为是的情况下,依据当前注册PLMN信息和/或所述当前注册PLMN信息对应的当前对等PLMN信息对所述UE的业务请求进行授权处理;和/或,第四处理模块,设置为在所述第二判断模块的判断结果为否的情况下,将所述当前注册PLMN信息和/或所述当前对等PLMN信息发送给所述近距离服务器。According to still another aspect of the present invention, an authorization processing apparatus is provided, including: a first receiving module, configured to receive an authorization request message of a user equipment UE that initiates a service request from a proximity server; and a second determining module, configured to Determining whether the authorization request message carries the resident PLMN information of the public land mobile network PLMN currently camped by the UE; and the third processing module is configured to be that if the judgment result of the second determining module is yes And performing authorization processing on the service request of the UE according to the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information; and/or, the fourth processing module is configured to be in the second judgment If the judgment result of the module is no, the current registered PLMN information and/or the current peer PLMN information is sent to the proximity server.
优选地,所述第三处理模块包括:第二判断单元,设置为判断所述驻留PLMN信息是否在所述当前注册PLMN信息中和/或所述当前对等PLMN信息中;第二授权单元,设置为在所述第二判断单元的判断结果为是的情况下,对所述UE的业务请求进行授权;和/或,第二拒绝单元,设置为在所述第二判断单元的判断结果为否的情况下,拒绝所述UE的业务请求。Preferably, the third processing module includes: a second determining unit, configured to determine whether the resident PLMN information is in the current registered PLMN information and/or in the current peer PLMN information; the second authorization unit And configured to authorize the service request of the UE if the determination result of the second determining unit is yes; and/or, the second reject unit is set to the determination result of the second determining unit In the case of No, the service request of the UE is rejected.
优选地,所述第三处理模块还包括:发送单元,设置为将所述当前注册PLMN信息和/或所述当前对等PLMN信息发送给所述近距离服务器。Preferably, the third processing module further comprises: a sending unit, configured to send the current registered PLMN information and/or the current peer PLMN information to the proximity server.
优选地,所述装置还包括:第二接收模块,设置为接收移动管理实体MME的位置更新请求,其中,所述位置更新请求中携带有当前注册PLMN信息和/或所述当前对等PLMN信息。 Preferably, the device further includes: a second receiving module, configured to receive a location update request of the mobility management entity MME, where the location update request carries current registered PLMN information and/or the current peer PLMN information .
根据本发明的再一方面,提供了一种归属用户服务器,包括上述任一项所述的装置。According to still another aspect of the present invention, a home subscriber server is provided, comprising the apparatus of any of the above.
通过本发明,采用获取发起业务请求的用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;判断所述驻留PLMN信息是否在近距离服务器上保存的注册PLMN信息和/或所述注册PLMN对应的对等PLMN信息中;在判断结果为是的情况下,依据所述驻留PLMN信息对所述UE的业务请求进行授权处理;和/或,在判断结果为否的情况下,依据从归属用户服务器HSS获取的当前注册PLMN信息和/或所述当前注册PLMN信息对应的当前对等PLMN信息对所述UE的业务请求进行授权处理,解决了相关技术中用户在各个PLMN间移动时,HSS无法对用户进行授权控制的问题,进而达到了用户在各个PLMN间移动时,HSS也能对用户进行有效授权控制的效果。With the present invention, the resident PLMN information of the public land mobile network PLMN currently camped by the user equipment UE that obtains the service request is obtained; and the registered PLMN information and/or the location of the resident PLMN information stored on the proximity server is determined. In the case of the peer PLMN information corresponding to the registered PLMN; if the determination result is yes, the service request of the UE is authorized according to the resident PLMN information; and/or, if the determination result is no Authorizing the service request of the UE according to the current registered PLMN information acquired from the home subscriber server HSS and/or the current peer PLMN information corresponding to the current registered PLMN information, and solving the related technology in the user between the PLMNs When moving, the HSS cannot perform authorization control on the user, and thus the effect that the HSS can perform effective authorization control for the user when moving between the PLMNs is achieved.
附图说明DRAWINGS
此处所说明的附图用来提供对本发明的进一步理解,构成本申请的一部分,本发明的示意性实施例及其说明用于解释本发明,并不构成对本发明的不当限定。在附图中:The drawings described herein are intended to provide a further understanding of the invention, and are intended to be a part of the invention. In the drawing:
图1是相关技术中和3GPP相关的D2D架构示意图;1 is a schematic diagram of a D2D architecture related to 3GPP in the related art;
图2是相关技术中D2D业务的广播请求流程图;2 is a flow chart of a broadcast request for a D2D service in the related art;
图3相关技术中D2D业务的监听请求流程图;FIG. 3 is a flowchart of a listening request of a D2D service in the related art;
图4是相关技术中D2D业务的匹配请求流程图;4 is a flowchart of a matching request of a D2D service in the related art;
图5是根据本发明实施例的授权处理方法一的流程图;FIG. 5 is a flowchart of an authorization processing method 1 according to an embodiment of the present invention; FIG.
图6是根据本发明实施例的授权处理方法二的流程图;6 is a flowchart of an authorization processing method 2 according to an embodiment of the present invention;
图7是根据本发明实施例的授权处理方法三的流程图;FIG. 7 is a flowchart of an authorization processing method 3 according to an embodiment of the present invention; FIG.
图8是根据本发明实施例的授权处理装置一的结构框图;FIG. 8 is a structural block diagram of an authorization processing apparatus 1 according to an embodiment of the present invention; FIG.
图9是根据本发明实施例的授权处理装置一中第一处理模块86的优选结构框图;FIG. 9 is a block diagram showing a preferred structure of the first processing module 86 in the authorization processing apparatus 1 according to an embodiment of the present invention;
图10是根据本发明实施例的授权处理装置一中第一获取模块82的优选结构框图;FIG. 10 is a block diagram showing a preferred structure of the first obtaining module 82 in the authorization processing apparatus 1 according to an embodiment of the present invention;
图11是根据本发明实施例的近距离服务器的结构框图; 11 is a structural block diagram of a proximity server according to an embodiment of the present invention;
图12是根据本发明实施例的授权处理装置二的结构框图;FIG. 12 is a structural block diagram of an authorization processing apparatus 2 according to an embodiment of the present invention; FIG.
图13是根据本发明实施例的授权处理装置二的优选结构框图;FIG. 13 is a block diagram showing a preferred structure of an authorization processing apparatus 2 according to an embodiment of the present invention; FIG.
图14是根据本发明实施例的用户设备UE的优选结构框图;FIG. 14 is a block diagram showing a preferred structure of a user equipment UE according to an embodiment of the present invention; FIG.
图15是根据本发明实施例的授权处理装置三的结构框图;FIG. 15 is a structural block diagram of an authorization processing apparatus 3 according to an embodiment of the present invention; FIG.
图16是根据本发明实施例的授权处理装置三中第三处理模块156的结构框图一;FIG. 16 is a structural block diagram 1 of a third processing module 156 in an authorization processing apparatus 3 according to an embodiment of the present invention;
图17是根据本发明实施例的授权处理装置三中第三处理模块156的优选结构框图二;17 is a block diagram 2 of a preferred structure of a third processing module 156 in an authorization processing apparatus 3 according to an embodiment of the present invention;
图18是根据本发明实施例的授权处理装置三的优选结构框图;FIG. 18 is a block diagram showing a preferred structure of an authorization processing apparatus 3 according to an embodiment of the present invention; FIG.
图19是根据本发明实施例的归属用户服务器的结构框图;19 is a structural block diagram of a home subscriber server according to an embodiment of the present invention;
图20是根据本发明实施例的授权处理流程图;20 is a flowchart of an authorization process according to an embodiment of the present invention;
图21是根据本发明优选实施方式的授权处理的广播请求流程图;21 is a flowchart of a broadcast request for authorization processing in accordance with a preferred embodiment of the present invention;
图22是根据本发明优选实施方式的授权处理的监听请求流程图;22 is a flowchart of a listening request for authorization processing according to a preferred embodiment of the present invention;
图23是根据本发明优选实施方式的授权处理的匹配请求流程图;23 is a flowchart of a matching request for authorization processing according to a preferred embodiment of the present invention;
图24是根据本发明优选实施方式的UE、HSS获得对等PLMN的流程图。24 is a flow diagram of a UE, HSS obtaining a peer PLMN, in accordance with a preferred embodiment of the present invention.
具体实施方式detailed description
下文中将参考附图并结合实施例来详细说明本发明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互组合。The invention will be described in detail below with reference to the drawings in conjunction with the embodiments. It should be noted that the embodiments in the present application and the features in the embodiments may be combined with each other without conflict.
在本实施例中提供了一种授权处理方法,图5是根据本发明实施例的授权处理方法一的流程图,如图5所示,该流程包括如下步骤:In this embodiment, an authorization processing method is provided. FIG. 5 is a flowchart of an authorization processing method according to an embodiment of the present invention. As shown in FIG. 5, the flow includes the following steps:
步骤S502,获取发起业务请求的用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;Step S502, acquiring the resident PLMN information of the public land mobile network PLMN currently camped by the user equipment UE that initiates the service request;
步骤S504,判断驻留PLMN信息是否在近距离服务器上保存的注册PLMN信息和/或注册PLMN对应的对等PLMN信息中; Step S504, determining whether the resident PLMN information is stored in the registered PLMN information stored on the proximity server and/or the peer PLMN information corresponding to the registered PLMN;
步骤S506,在判断结果为是的情况下,依据驻留PLMN信息对UE的业务请求进行授权处理;和/或,在判断结果为否的情况下,依据从归属用户服务器HSS获取的当前注册PLMN信息和/或当前注册PLMN信息对应的当前对等PLMN信息对UE的业务请求进行授权处理。Step S506, if the determination result is yes, perform authorization processing on the service request of the UE according to the resident PLMN information; and/or, if the determination result is no, according to the current registered PLMN obtained from the home subscriber server HSS The information and/or the current peer PLMN information corresponding to the currently registered PLMN information performs authorization processing on the service request of the UE.
通过上述步骤,对于近距离服务器而言,通过判断用户设备UE当前的驻留PLMN是否在近距离服务器上保存的注册PLMN信息和/或对等PLMN信息,来确定用户当前是否在不同的PLMN间移动了,以及依据判断结果分别进行相应的授权处理,不仅解决了相关技术中用户在各个PLMN间移动时,HSS无法对用户进行授权控制的问题,进而达到了用户在各个PLMN间移动时,即使不发起路由/跟踪流程,HSS也能对用户进行有效授权控制的效果。Through the above steps, for the proximity server, it is determined whether the user is currently between different PLMNs by determining whether the current resident PLMN of the user equipment UE is stored in the PLMN information and/or the peer PLMN information stored on the proximity server. Moving, and performing corresponding authorization processing according to the judgment result, not only solves the problem that the HSS cannot authorize and control the user when the user moves between the PLMNs in the related art, thereby achieving the user even when moving between the PLMNs, even if The HSS can also perform effective authorization control on the user without initiating the routing/tracking process.
优选地,依据从HSS获取的当前注册PLMN信息和/或当前注册PLMN信息对应的当前对等PLMN信息对UE的业务请求进行授权处理可以采用以下较为简便的处理方式,例如,判断驻留PLMN信息是否在当前注册PLMN信息和/或当前对等PLMN信息中;在判断结果为是的情况下,依据驻留PLMN信息对UE的业务请求进行授权;和/或,在判断结果为否的情况下,拒绝UE的业务请求。另外,获取发起业务请求的UE当前驻留的PLMN的驻留PLMN信息时,可以采用多种方式,例如,可以通过接收来自UE的业务请求消息,其中,该业务请求消息中携带有UE当前驻留的PLMN的驻留PLMN信息。需要说明的是,该业务请求可以是相关技术中例如,可以是D2D广播请求,也可以D2D监听请求,还可以是D2D匹配请求。Preferably, the authorization processing of the service request of the UE according to the current registered PLMN information acquired from the HSS and/or the current peer PLMN information corresponding to the currently registered PLMN information may adopt the following simple processing manner, for example, determining the resident PLMN information. Whether it is in the currently registered PLMN information and/or the current peer PLMN information; if the judgment result is yes, the service request of the UE is authorized according to the resident PLMN information; and/or, if the judgment result is no , reject the UE's business request. In addition, when the residing PLMN information of the PLMN currently camped by the UE that initiates the service request is obtained, the method may be adopted, for example, by receiving a service request message from the UE, where the service request message carries the current station of the UE. Residing PLMN information of the remaining PLMN. It should be noted that the service request may be related to the technology, for example, may be a D2D broadcast request, a D2D broadcast request, or a D2D matching request.
图6是根据本发明实施例的授权处理方法二的流程图,如图6所示,该流程包括如下步骤:FIG. 6 is a flowchart of an authorization processing method 2 according to an embodiment of the present invention. As shown in FIG. 6, the process includes the following steps:
步骤S602,获取用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;Step S602, acquiring resident PLMN information of the public land mobile network PLMN currently camped by the user equipment UE;
步骤S604,将获取的驻留PLMN信息在业务请求中发送给近距离服务器,其中,驻留PLMN信息用于近距离服务器在确定驻留PLMN信息在近距离服务器上保存的注册PLMN信息和/或注册PLMN信息的对等PLMN信息中,和/或,归属用户服务器HSS确定驻留PLMN信息在当前注册PLMN信息中和/或当前注册PLMN信息对应的当前对等PLMN信息中时,近距离服务器和/或HSS对UE的业务请求进行授权处理。Step S604, the acquired resident PLMN information is sent to the proximity server in the service request, where the resident PLMN information is used by the proximity server to determine the registered PLMN information stored on the proximity server for the resident PLMN information and/or In the peer PLMN information for registering the PLMN information, and/or the home subscriber server HSS determines that the camped PLMN information is in the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information, the proximity server and / or HSS authorization processing of the UE's service request.
通过上述步骤,对于用户设备UE而言,通过将获取的自身当前的驻留PLMN信息提供给近距离服务器,通过近距离服务器或是HSS来分别执行对应的授权处理,同样解决了相关技术中用户在各个PLMN间移动时,HSS无法对用户进行授权控制的问 题,进而达到了用户在各个PLMN间移动时,即使不发起路由/跟踪流程,HSS也能对用户进行有效授权控制的效果。Through the above steps, for the user equipment UE, by providing the acquired current resident PLMN information to the proximity server, respectively performing the corresponding authorization processing through the proximity server or the HSS, the user in the related technology is also solved. When the HSS moves between PLMNs, the HSS cannot authorize the user. The problem is that when the user moves between the PLMNs, the HSS can effectively control the user even if the routing/tracking process is not initiated.
其中,用户设备在获取自身当前驻留的PLMN的驻留PLMN信息之前,可以通过多种方式选择驻留的PLMN,例如,可以通过以下方式至少之一驻留在PLMN中:优先选择驻留在注册PLMN信息和/或当前注册PLMN信息包括的PLMN中;在基站不支持注册PLMN信息和/或当前注册PLMN信息包括的PLMN时,驻留在基站支持且在对等PLMN信息和/或当前对等PLMN信息包括的PLMN中;而在基站不支持注册PLMN信息和/或当前注册PLMN信息包括的PLMN,也不支持对等PLMN信息和/或当前对等PLMN信息包括的PLMN时,还可以重新选择新的PLMN,即重新发起位置更新请求,驻留在重新发起位置请求后重新选择的PLMN中。The user equipment may select the resident PLMN in multiple manners before acquiring the resident PLMN information of the PLMN currently camped by the user equipment. For example, the user equipment may reside in the PLMN in at least one of the following manners: Registering the PLMN information and/or the PLMN included in the currently registered PLMN information; when the base station does not support the registered PLMN information and/or the PLMN included in the currently registered PLMN information, camping on the base station support and in the peer PLMN information and/or the current pair And the PLMN included in the PLMN information; and when the base station does not support the registered PLMN information and/or the PLMN included in the currently registered PLMN information does not support the peer PLMN information and/or the PLMN included in the current peer PLMN information, The new PLMN is selected, that is, the location update request is re-initiated, and resides in the PLMN that is re-selected after re-initiating the location request.
图7是根据本发明实施例的授权处理方法三的流程图,如图7所示,该流程包括如下步骤:FIG. 7 is a flowchart of a third method of authorization processing according to an embodiment of the present invention. As shown in FIG. 7, the flow includes the following steps:
步骤S702,接收来自近距离服务器的发起业务请求的用户设备UE的授权请求消息;Step S702, receiving an authorization request message of the user equipment UE that initiates the service request from the proximity server;
步骤S704,判断授权请求消息中是否携带有UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;Step S704, determining whether the authorization request message carries the resident PLMN information of the public land mobile network PLMN currently camped by the UE;
步骤S706,在判断结果为是的情况下,依据当前注册PLMN信息和/或当前注册PLMN信息对应的当前对等PLMN信息对UE的业务请求进行授权处理;和/或,在判断结果为否的情况下,将当前注册PLMN信息和/或当前对等PLMN信息发送给近距离服务器。Step S706, if the determination result is yes, authorizing the service request of the UE according to the current peer PLMN information corresponding to the current registered PLMN information and/or the current registered PLMN information; and/or, if the determination result is no In the case, the currently registered PLMN information and/or the current peer PLMN information is transmitted to the proximity server.
通过上述步骤,对于归属用户服务器HSS而言,通过判断接收到的授权请求中是否携带用户当前的驻留PLMN信息来控制UE业务请求的授权处理,解决了相关技术中用户在各个PLMN间移动时,HSS无法对用户进行授权控制的问题,进而达到了用户在各个PLMN间移动时,即使不发起路由/跟踪流程,HSS也能对用户进行有效授权控制的效果。Through the above steps, the home subscriber server HSS determines the authorization processing of the UE service request by judging whether the received authorization request carries the current resident PLMN information, and solves the related art in the related art when the user moves between the PLMNs. The HSS cannot perform authorization control on the user, so that when the user moves between the PLMNs, the HSS can effectively control the user even if the routing/tracking process is not initiated.
优选地,依据当前注册PLMN信息和/或当前注册PLMN信息对应的当前对等PLMN信息对UE的业务请求进行授权处理也可采用以下较简单的处理方式,例如,判断驻留PLMN信息是否在当前注册PLMN信息中和/或当前对等PLMN信息中;在判断结果为是的情况下,对UE的业务请求进行授权;和/或,在判断结果为否的情况下,拒绝UE的业务请求。为保持近距离服务器上保存的注册PLMN信息以及对应的 对等PLMN信息为最新版本,可以在对UE的业务请求进行授权之后,将上述当前注册PLMN信息和/或上述当前对等PLMN信息发送给近距离服务器。Preferably, the following simple processing manner may be adopted for performing authorization processing on the service request of the UE according to the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information, for example, determining whether the resident PLMN information is currently Registering the PLMN information and/or the current peer PLMN information; if the judgment result is yes, authorizing the service request of the UE; and/or, if the judgment result is no, rejecting the service request of the UE. To maintain the registered PLMN information stored on the close server and the corresponding The peer PLMN information is the latest version, and the current registered PLMN information and/or the current peer PLMN information may be sent to the proximity server after authorizing the service request of the UE.
另外,需要指出的是,上述对等PLMN信息或当前对等PLMN信息是相对于注册PLMN信息或当前注册PLMN信息而言的,该对等PLMN信息即是指和注册PLMN信息完全等同的信息,该当前对等PLMN信息是和当前注册PLMN信息完全等同的信息。在依据当前注册PLMN信息和/或当前注册PLMN信息对应的当前对等PLMN信息对UE的业务请求进行授权处理之前,需要获取该当前对等PLMN信息,获取该当前对等PLMN信息的方式也可以多种,例如,可以通过移动性管理实体(Mobile Management Entity,简称为MME)的方式来获取,即接收移动管理实体MME的位置更新请求,其中,该位置更新请求中携带有当前注册PLMN信息和/或当前对等PLMN信息。In addition, it should be noted that the above-mentioned peer-to-peer PLMN information or current peer-to-peer PLMN information is relative to the registered PLMN information or the currently registered PLMN information, and the peer-to-peer PLMN information refers to information completely equivalent to the registered PLMN information. The current peer PLMN information is information that is identical to the currently registered PLMN information. Before the current peer-to-peer PLMN information corresponding to the current registered PLMN information and/or the current registered PLMN information is used to perform the authorization processing on the service request of the UE, the current peer PLMN information needs to be acquired, and the current peer PLMN information may be obtained. A plurality of, for example, a mobile management entity (Mobile Management Entity, MME for short) may be obtained, that is, a location update request of the mobile management entity MME is received, where the location update request carries the currently registered PLMN information and / or current peer PLMN information.
在本实施例中还提供了一种授权处理装置,该装置用于实现上述实施例及优选实施方式,已经进行过说明的不再赘述。如以下所使用的,术语“模块”可以实现预定功能的软件和/或硬件的组合。尽管以下实施例所描述的装置较佳地以软件来实现,但是硬件,或者软件和硬件的组合的实现也是可能并被构想的。In the embodiment, an authorization processing device is also provided, which is used to implement the above-mentioned embodiments and preferred embodiments, and has not been described again. As used below, the term "module" may implement a combination of software and/or hardware of a predetermined function. Although the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
图8是根据本发明实施例的授权处理装置一的结构框图,如图8所示,该装置包括第一获取模块82、第一判断模块84、第一处理模块86和/或第二处理模块88,下面对该装置进行说明。FIG. 8 is a structural block diagram of an authorization processing apparatus 1 according to an embodiment of the present invention. As shown in FIG. 8, the apparatus includes a first acquisition module 82, a first determination module 84, a first processing module 86, and/or a second processing module. 88. The device will be described below.
第一获取模块82,设置为获取发起业务请求的用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;第一判断模块84,连接至上述第一获取模块82,设置为判断驻留PLMN信息是否在近距离服务器上保存的注册PLMN信息和/或注册PLMN对应的对等PLMN信息中;第一处理模块86,连接至上述第一判断模块84,设置为在第一判断模块的判断结果为是的情况下,依据驻留PLMN信息对UE的业务请求进行授权处理;和/或,第二处理模块88,连接至上述第一判断模块84,设置为在第一判断模块的判断结果为否的情况下,依据从归属用户服务器HSS获取的当前注册PLMN信息和/或当前注册PLMN信息对应的当前对等PLMN信息对UE的业务请求进行授权处理。The first obtaining module 82 is configured to obtain the resident PLMN information of the public land mobile network PLMN currently camped on by the user equipment UE that initiates the service request. The first determining module 84 is connected to the first acquiring module 82, and is configured to determine the station. Whether the reserved PLMN information is stored in the registered PLMN information and/or the corresponding PLMN information corresponding to the registered PLMN; the first processing module 86 is connected to the first determining module 84, and is set to be in the first determining module. If the determination result is yes, the service request of the UE is authorized according to the resident PLMN information; and/or the second processing module 88 is connected to the first determining module 84, and is set to be determined by the first determining module. If the result is no, the service request of the UE is authorized according to the current registered PLMN information acquired from the home subscriber server HSS and/or the current peer PLMN information corresponding to the currently registered PLMN information.
图9是根据本发明实施例的授权处理装置一中第一处理模块86的优选结构框图,如图9所示,该第一处理模块86包括第一判断单元92、第一授权单元94和/或第一拒绝单元96,下面对该第一处理模块86进行说明。 FIG. 9 is a block diagram showing a preferred structure of the first processing module 86 in the authorization processing apparatus 1 according to the embodiment of the present invention. As shown in FIG. 9, the first processing module 86 includes a first determining unit 92, a first authorization unit 94, and/or Or the first rejecting unit 96, the first processing module 86 will be described below.
第一判断单元92,设置为判断驻留PLMN信息是否在当前注册PLMN信息和/或当前对等PLMN信息中;第一授权单元94,连接至上述第一判断单元92,设置为在第一判断单元的判断结果为是的情况下,依据驻留PLMN信息对UE的业务请求进行授权;和/或,第一拒绝单元96,连接至上述第一判断单元92,设置为在第一判断单元的判断结果为否的情况下,拒绝UE的业务请求。The first determining unit 92 is configured to determine whether the resident PLMN information is in the currently registered PLMN information and/or the current peer PLMN information; the first authorization unit 94 is connected to the first determining unit 92, and is set to be in the first judgment. If the judgment result of the unit is yes, the service request of the UE is authorized according to the resident PLMN information; and/or the first reject unit 96 is connected to the first determining unit 92, and is set to be in the first determining unit. If the result of the determination is negative, the service request of the UE is rejected.
图10是根据本发明实施例的授权处理装置一中第一获取模块82的优选结构框图,如图10所示,该第一获取模块82包括第一接收单元102,下面对该第一接收单元102进行说明。FIG. 10 is a block diagram showing a preferred structure of the first obtaining module 82 in the authorization processing apparatus 1 according to the embodiment of the present invention. As shown in FIG. 10, the first obtaining module 82 includes a first receiving unit 102, and the first receiving unit is provided below. Unit 102 is described.
第一接收单元102,设置为接收来自UE的业务请求消息,其中,业务请求消息中携带有UE当前驻留的PLMN的驻留PLMN信息。The first receiving unit 102 is configured to receive a service request message from the UE, where the service request message carries the resident PLMN information of the PLMN currently camped by the UE.
图11是根据本发明实施例的近距离服务器的结构框图,如图11所示,该近距离服务器112包括上述任一项的授权处理装置一114。11 is a structural block diagram of a proximity server according to an embodiment of the present invention. As shown in FIG. 11, the proximity server 112 includes the authorization processing device 114 of any of the above.
图12是根据本发明实施例的授权处理装置二的结构框图,如图12所示,该装置包括第二获取模块122和第一发送模块124,下面对该装置进行说明。FIG. 12 is a structural block diagram of an authorization processing apparatus 2 according to an embodiment of the present invention. As shown in FIG. 12, the apparatus includes a second acquisition module 122 and a first transmission module 124, which will be described below.
第二获取模块122,设置为获取用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;第一发送模块124,连接至上述第二获取模块122,设置为将获取的驻留PLMN信息在业务请求中发送给近距离服务器,其中,驻留PLMN信息用于近距离服务器在确定驻留PLMN信息在近距离服务器上保存的注册PLMN信息和/或注册PLMN信息的对等PLMN信息中,和/或,归属用户服务器HSS确定驻留PLMN信息在当前注册PLMN信息中和/或当前注册PLMN信息对应的当前对等PLMN信息中时,近距离服务器和/或HSS对UE的业务请求进行授权处理。The second obtaining module 122 is configured to acquire the resident PLMN information of the public land mobile network PLMN currently camped by the user equipment UE. The first sending module 124 is connected to the second acquiring module 122, and is configured to acquire the resident PLMN. The information is sent to the proximity server in the service request, wherein the resident PLMN information is used by the proximity server in determining the registered PLMN information and/or the registered PLMN information of the registered PLMN information that the resident PLMN information is stored on the proximity server. And/or, when the home subscriber server HSS determines that the resident PLMN information is in the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information, the proximity server and/or the HSS performs the service request of the UE. Authorization processing.
图13是根据本发明实施例的授权处理装置二的优选结构框图,如图13所示,该装置除包括图12所示的所有模块外,还包括驻留模块132,下面对该驻留模块132进行说明。FIG. 13 is a block diagram showing a preferred structure of an authorization processing apparatus 2 according to an embodiment of the present invention. As shown in FIG. 13, the apparatus includes a resident module 132 in addition to all the modules shown in FIG. Module 132 is described.
驻留模块132,连接至上述第二获取模块122,设置为通过以下方式至少之一驻留在PLMN中:驻留在注册PLMN信息和/或当前注册PLMN信息包括的PLMN中;在基站不支持注册PLMN信息和/或当前注册PLMN信息包括的PLMN时,驻留在基站支持且在对等PLMN信息和/或当前对等PLMN信息包括的PLMN中;在基站不支持注册PLMN信息和/或当前注册PLMN信息包括的PLMN,也不支持对等PLMN信息 和/或当前对等PLMN信息包括的PLMN时,驻留在重新发起位置请求后重新选择的PLMN中。The camping module 132 is connected to the second obtaining module 122, and is configured to reside in the PLMN by at least one of: residing in the PLMN included in the registered PLMN information and/or the currently registered PLMN information; the base station does not support When registering the PLMN information and/or the PLMN included in the currently registered PLMN information, camping in the PLMN supported by the base station and included in the peer PLMN information and/or the current peer PLMN information; the base station does not support the registration of the PLMN information and/or the current Registering PLMN information included in the PLMN information does not support peer PLMN information. And/or the PLMN included in the current peer PLMN information, residing in the PLMN reselected after re-initiating the location request.
图14是根据本发明实施例的用户设备UE的优选结构框图,如图14所示,该用户设备UE142,包括上述任一项的授权处理装置二144。FIG. 14 is a block diagram showing a preferred structure of a user equipment UE according to an embodiment of the present invention. As shown in FIG. 14, the user equipment UE 142 includes the authorization processing apparatus 144 of any of the above.
图15是根据本发明实施例的授权处理装置三的结构框图,如图15所示,该装置包括第一接收模块152、第二判断模块154、第三处理模块156和/或第四处理模块158,下面对该装置进行说明。FIG. 15 is a structural block diagram of an authorization processing apparatus 3 according to an embodiment of the present invention. As shown in FIG. 15, the apparatus includes a first receiving module 152, a second determining module 154, a third processing module 156, and/or a fourth processing module. 158. The device will be described below.
第一接收模块152,设置为接收来自近距离服务器的发起业务请求的用户设备UE的授权请求消息;第二判断模块154,连接至上述第一接收模块152,设置为判断授权请求消息中是否携带有UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;第三处理模块156,连接至上述第二判断模块154,设置为在第二判断模块的判断结果为是的情况下,依据当前注册PLMN信息和/或当前注册PLMN信息对应的当前对等PLMN信息对UE的业务请求进行授权处理;和/或,第四处理模块158,连接至上述第二判断模块154,设置为在第二判断模块的判断结果为否的情况下,将当前注册PLMN信息和/或当前对等PLMN信息发送给近距离服务器。The first receiving module 152 is configured to receive an authorization request message of the user equipment UE that initiates the service request from the short-range server. The second determining module 154 is connected to the first receiving module 152, and is configured to determine whether the authorization request message is carried. Residing PLMN information of the public land mobile network PLMN currently camped by the UE; the third processing module 156 is connected to the second judging module 154, and is set to be in the case that the judgment result of the second judging module is yes, according to the current Registering the PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information to perform authorization processing on the service request of the UE; and/or, the fourth processing module 158 is connected to the second determining module 154, and is set to be in the second When the judgment result of the determination module is negative, the currently registered PLMN information and/or the current peer PLMN information is transmitted to the proximity server.
图16是根据本发明实施例的授权处理装置三中第三处理模块156的结构框图一,如图16所示,该第三处理模块156包括第二判断单元162、第二授权单元164和/或第二拒绝单元166,下面对该第三处理模块156进行说明。16 is a block diagram showing the structure of a third processing module 156 in the authorization processing device 3 according to an embodiment of the present invention. As shown in FIG. 16, the third processing module 156 includes a second determining unit 162, a second authorization unit 164, and/or Or the second rejecting unit 166, the third processing module 156 is described below.
第二判断单元162,设置为判断驻留PLMN信息是否在当前注册PLMN信息中和/或当前对等PLMN信息中;第二授权单元164,连接至上述第二判断单元162,设置为在第二判断单元的判断结果为是的情况下,对UE的业务请求进行授权;和/或,第二拒绝单元166,连接至上述第二判断单元162,设置为在第二判断单元的判断结果为否的情况下,拒绝UE的业务请求。The second determining unit 162 is configured to determine whether the resident PLMN information is in the currently registered PLMN information and/or the current peer PLMN information; the second authorization unit 164 is connected to the second determining unit 162, and is set to be in the second If the judgment result of the determination unit is yes, the service request of the UE is authorized; and/or the second rejection unit 166 is connected to the second determination unit 162, and is set to be the determination result of the second determination unit is no. In the case of the UE, the service request of the UE is rejected.
图17是根据本发明实施例的授权处理装置三中第三处理模块156的优选结构框图二,如图17所示,该第三处理模块156除包括图16所示的所有结构外,还包括发送单元172,下面对该优选结构进行说明。17 is a block diagram of a preferred structure of a third processing module 156 in the authorization processing apparatus 3 according to an embodiment of the present invention. As shown in FIG. 17, the third processing module 156 includes all the structures shown in FIG. The transmitting unit 172 will be described below with reference to the preferred configuration.
发送单元172,连接至上述第二授权单元164,设置为将上述当前注册PLMN信息和/或当前对等PLMN信息发送给近距离服务器。 The sending unit 172 is connected to the second authorization unit 164, and is configured to send the current registered PLMN information and/or the current peer PLMN information to the proximity server.
图18是根据本发明实施例的授权处理装置三的优选结构框图,如图18所示,该装置除包括图15所示的所有模块外,还包括第二接收模块182,下面对该第二接收模块182进行说明。FIG. 18 is a block diagram showing a preferred structure of an authorization processing apparatus 3 according to an embodiment of the present invention. As shown in FIG. 18, the apparatus includes a second receiving module 182 in addition to all the modules shown in FIG. The second receiving module 182 is described.
第二接收模块182,连接至上述第三处理模块156,设置为接收移动管理实体MME的位置更新请求,其中,位置更新请求中携带有当前注册PLMN信息和/或当前对等PLMN信息。The second receiving module 182 is connected to the foregoing third processing module 156 and configured to receive a location update request of the mobility management entity MME, where the location update request carries the current registered PLMN information and/or the current peer PLMN information.
图19是根据本发明实施例的归属用户服务器的结构框图,如图19所示,该归属用户服务器192包括上述任一项的授权处理装置三194。FIG. 19 is a structural block diagram of a home subscriber server according to an embodiment of the present invention. As shown in FIG. 19, the home subscriber server 192 includes the authorization processing apparatus 194 of any of the above.
针对相关技术中用户在各个PLMN间移动时,HSS无法对用户进行授权控制的问题,即当用户在对等PLMN中移动的时候,不会发起路由/跟踪区更新,因而HSS无法知道当前用户真正驻留的PLMN信息;当用户PLMN发生变化之后,如果归属近距离服务器中保存有用户上下文,则归属近距离服务器不会向HSS发起授权请求,这样HSS无法对用户进行控制。在本实施例中,提供了一种用户授权处理方案,下面对该方案进行说明。For the related art, when the user moves between the PLMNs, the HSS cannot perform authorization control on the user, that is, when the user moves in the peer PLMN, the routing/tracking area update is not initiated, and thus the HSS cannot know the current user real station. The retained PLMN information; after the user PLMN changes, if the user context is stored in the home proximity server, the home proximity server does not initiate an authorization request to the HSS, so that the HSS cannot control the user. In this embodiment, a user authorization processing scheme is provided, which is described below.
图20是根据本发明实施例的授权处理流程图,如图20所示,该流程包括如下步骤:FIG. 20 is a flowchart of an authorization process according to an embodiment of the present invention. As shown in FIG. 20, the process includes the following steps:
步骤S2002,归属近距离服务器从HSS获取当前注册的PLMN信息和/或当前对等PLMN信息(即上述注册PLMN信息以及该注册PLMN信息对应的对等PLMN信息,需要说明的是,该PLMN信息可以是用于对当前注册的PLMN进行标识的标识列表,该对等PLMN信息也可以是用于标识对等PLMN的标识列表)。In step S2002, the home proximity server obtains the currently registered PLMN information and/or the current peer PLMN information (ie, the registered PLMN information and the peer PLMN information corresponding to the registered PLMN information) from the HSS. It should be noted that the PLMN information may be Is a list of identifiers used to identify the currently registered PLMN, and the peer PLMN information may also be a list of identifiers used to identify the peer PLMN.
步骤S2004,终端在业务请求中(例如,广播请求、监听请求、匹配请求中),将用户当前驻留的PLMN信息带给归属近距离服务器。In step S2004, the terminal brings the PLMN information currently camped by the user to the belonging proximity server in the service request (for example, the broadcast request, the interception request, and the matching request).
步骤S2006,归属近距离服务器收到用户当前驻留的PLMN信息,判断该驻留PLMN信息是否还在上次(此次业务请求之前)从HSS获取到的注册PLMN信息和/或对等PLMN列表中。对等PLMN列表的获取过程在后续图24中进行描述。Step S2006, the home proximity server receives the PLMN information currently camped by the user, and determines whether the resident PLMN information is also obtained from the HSS last time (before the service request) the registered PLMN information and/or the peer PLMN list. in. The acquisition process of the peer PLMN list is described later in FIG.
步骤S2008,如果用户当前驻留的PLMN信息在上次从HSS获取到的注册PLMN和/或对等PLMN列表中,则不用去HSS进行授权。In step S2008, if the PLMN information currently camped by the user is in the list of registered PLMNs and/or peer PLMNs that were last acquired from the HSS, there is no need to go to the HSS for authorization.
步骤S2010,否则,重新去HSS进行授权,并从HSS重新获得新的注册PLMN信息和/或对等PLMN列表(即上述当前注册PLMN信息以及该当前注册PLMN信息 对应的当前充对等PLMN信息),需要指出的是,该新的注册PLMN信息和/或对等PLMN列表是指依据驻留PLMN信息对之前保存的注册PLMN信息和/或对等PLMN信息进行更新后的注册PLMN信息和/或对等PLMN信息。Step S2010, otherwise, the HSS is re-authorized, and the new registered PLMN information and/or the peer PLMN list (ie, the currently registered PLMN information and the currently registered PLMN information) are re-acquired from the HSS. Corresponding current peer-to-peer PLMN information), it should be noted that the new registered PLMN information and/or peer PLMN list refers to the previously saved registered PLMN information and/or peer PLMN information according to the resident PLMN information. Updated registered PLMN information and/or peer PLMN information.
下面基于D2D通信流程对本发明优选实施方式进行说明。Preferred embodiments of the present invention will now be described based on a D2D communication flow.
图21是根据本发明优选实施方式的授权处理的广播请求流程图,如图21所示,该流程包括如下步骤:21 is a flowchart of a broadcast request for authorization processing according to a preferred embodiment of the present invention. As shown in FIG. 21, the flow includes the following steps:
步骤S2102,终端A从运营商获取应用标识,该应用标识只允许被UE A所使用。In step S2102, the terminal A obtains an application identifier from the operator, and the application identifier is only allowed to be used by the UE A.
步骤S2104,终端A如果希望利用运营商的无线资源广播自己,从而其他人能够发现自己,则和网络建立连接,并向近距离服务器发送广播请求消息,该请求里面包括了希望广播的应用标识、终端标识和发送(announcing)的指示,以及终端当前驻留的驻留PLMN信息(例如,PLMN标识)。终端A通过自己归属的PLMN标识,生成归属近距离服务器的标识,并通过DNS查找获知归属近距离服务器IP地址。终端标识为IMSI或者MSISDN。终端A在位置更新的时候,从核心网收到已经注册的PLMN标识和/或一个对等PLMN标识列表,其中包括1个或多个对等PLMN标识。终端通过收听基站的广播消息获知当前基站所支持的所有PLMN标识。终端优选驻留在已注册的PLMN;如果当前基站不支持已注册的PLMN,则终端选择基站支持的且在对等PLMN列表中的PLMN,如果基站不支持已注册的PLMN以及所有的对等PLMN列表,则终端需要重新发起位置更新过程,在核心网重新注册并获得新的已经注册的PLMN标识和/或一个对等PLMN标识列表。Step S2104: If the terminal A wants to broadcast itself by using the wireless resource of the operator, so that other people can discover themselves, establish a connection with the network, and send a broadcast request message to the proximity server, where the request includes the application identifier that is desired to be broadcast, An indication of terminal identification and announcing, and resident PLMN information (e.g., PLMN identity) currently hosted by the terminal. The terminal A generates the identity of the home proximity server through the PLMN identity that it belongs to, and obtains the IP address of the home server by using the DNS lookup. The terminal identifier is IMSI or MSISDN. When the location is updated, the terminal A receives the registered PLMN identity and/or a peer PLMN identity list from the core network, including one or more peer PLMN identifiers. The terminal learns all the PLMN identifiers supported by the current base station by listening to the broadcast message of the base station. The terminal preferably resides in the registered PLMN; if the current base station does not support the registered PLMN, the terminal selects the PLMN supported by the base station and in the peer PLMN list if the base station does not support the registered PLMN and all the peer PLMNs For the list, the terminal needs to re-initiate the location update procedure, re-register with the core network and obtain a new registered PLMN identity and/or a peer PLMN identity list.
步骤S2106,归属近距离服务器收到广播请求之后,如果没有用户上下文,则向归属用户服务器请求发送签约请求,带有用户标识。在该消息中,还可能带有终端带上来的当前驻留的PLMN标识。Step S2106: After the home proximity server receives the broadcast request, if there is no user context, request the home subscriber server to send a subscription request with the user identifier. In this message, it is also possible to carry the currently resident PLMN identity carried by the terminal.
步骤S2108,如果步骤S2106中没有携带终端当前驻留的PLMN标识,则HSS向归属近距离服务器返回用户的D2D签约信息,终端当前注册的PLMN和/或对等PLMN列表(即上述当前注册PLMN信息和/或当前对等PLMN信息)。归属近距离服务器判断终端当前驻留的PLMN是否在HSS提供的终端当前注册的PLMN和/或对等PLMN列表中,如果在则根据签约信息进一步判断是否允许接入,否则不允许接入。此时HSS可能将全部D2D数据下发给归属近距离服务器,由归属近距离服务器做接入检查。Step S2108: If the PLMN identifier currently camped by the terminal is not carried in step S2106, the HSS returns the D2D subscription information of the user to the home proximity server, and the PLMN and/or the peer PLMN list currently registered by the terminal (ie, the currently registered PLMN information) And/or current peer PLMN information). The affiliation server determines whether the PLMN currently camped by the terminal is in the list of PLMNs and/or peer PLMNs currently registered by the terminal provided by the HSS. If yes, it further determines whether access is permitted according to the subscription information, otherwise access is not allowed. At this time, the HSS may send all the D2D data to the home proximity server, and the home proximity server performs the access check.
如果步骤S2106中携带了终端当前驻留的PLMN信息,归属用户服务器HSS可以判断用户当前驻留的PLMN是否允许,比如检查当前驻留的PLMN是否在当前注册 PLMN信息中,或者是否在当前对等PLMN列表内,是则允许,否则不允许。如果不允许则返回失败,允许则归属用户服务器HSS在签约响应中返回终端的签约信息,同时在漫游的情况下,归属用户服务器也返回用户当前注册的拜访地PLMN标识和/或对等PLMN标识列表。此时HSS可能会根据终端当前驻留的不同PLMN下发不同的签约数据。If the step S2106 carries the PLMN information currently residing by the terminal, the home subscriber server HSS can determine whether the PLMN currently camped by the user is allowed, for example, checking whether the currently camped PLMN is currently registered. Whether it is allowed in the PLMN information, or whether it is in the current peer PLMN list, otherwise it is not allowed. If not allowed, the failure is returned, and the home subscriber server HSS is allowed to return the subscription information of the terminal in the subscription response, and in the case of roaming, the home subscriber server also returns the visited PLMN identifier and/or the peer PLMN identifier currently registered by the user. List. At this time, the HSS may issue different subscription data according to different PLMNs where the terminal currently resides.
归属近距离服务器保存从HSS获得的终端当前注册PLMN信息和/或当前对等PLMN列表。The home proximity server saves the terminal currently registered PLMN information and/or the current peer PLMN list obtained from the HSS.
当后续终端再次发起D2D业务请求消息(广播请求、监听请求、匹配请求),归属近距离服务器检查用户当前的驻留的PLMN是否在注册的PLMN和/或对等PLMN列表内,是则无需再去HSS重新授权,否则需要执行步骤S2106和步骤S2108重新去HSS进行授权并获得新的签约数据。When the subsequent terminal initiates the D2D service request message (broadcast request, interception request, matching request) again, the home proximity server checks whether the current resident PLMN of the user is in the registered PLMN and/or the peer PLMN list, and then does not need to To the HSS re-authorization, otherwise step S2106 and step S2108 need to be performed to re-authorize the HSS and obtain new subscription data.
步骤S2110,根据签约信息归属近距离服务器判断允许该终端进行D2D业务且该用户的确签约有发送的应用标识,则创建用户上下文,并为该用户发送的应用标识分配一个临时的标识code A以及对应的有效期。Step S2110: According to the subscription information belonging to the proximity server, determine that the terminal is allowed to perform the D2D service, and the user does sign the application identifier, the user context is created, and a temporary identifier code A and corresponding are assigned to the application identifier sent by the user. Validity period.
步骤S2112,归属近距离服务器根据步骤S2104中终端提供的终端所驻留的PLMN获得的拜访地PLMN标识,生成拜访地近距离服务器的标识,并通过DNS查找获知拜访地近距离服务器IP地址,然后向该拜访近距离服务器发送广播请求授权消息,其中带有应用标识、终端标识以及分配的临时标识code A和对应的有效期。Step S2112: The home proximity server generates an identifier of the visited proximity server according to the visited PLMN identifier obtained by the PLMN where the terminal is located in the step S2104, and obtains the IP address of the proximity server through the DNS lookup, and then A broadcast request authorization message is sent to the visited proximity server, with an application identifier, a terminal identifier, and an assigned temporary identifier code A and a corresponding validity period.
步骤S2114,拜访地近距离服务器授权本次广播请求,并记录下所收到的应用标识、终端标识以及分配的临时标识code A和对应的有效期,以便后续进行计费。拜访地近距离服务器返回广播请求授权响应消息。In step S2114, the visited proximity server authorizes the current broadcast request, and records the received application identifier, the terminal identifier, and the assigned temporary identifier code A and the corresponding validity period, so as to perform subsequent billing. The visited proximity server returns a broadcast request authorization response message.
步骤S2116,收到拜访地近距离服务器授权本次广播请求之后,近距离服务器将分配的临时标识code A和对应的有效期返回给UE A。Step S2116: After receiving the local short-distance server to authorize the current broadcast request, the proximity server returns the assigned temporary identifier code A and the corresponding validity period to the UE A.
步骤S2118,终端A从当前注册网络获取无线资源。用户注册的网络基站可以广播可用的D2D无线资源,终端通过竞争的方式获得,基站也可以通过无线资源控制(Radio Resource Control,简称为RRC)过程为终端指定可用的D2D无线资源。In step S2118, the terminal A acquires radio resources from the current registration network. The user-registered network base station can broadcast the available D2D radio resources, and the terminal obtains the available D2D radio resources through the radio resource control (Radio Resource Control, RRC for short) process.
步骤S2120,终端A在获取的无线资源上广播所获得的code A。为了提高效率,终端A设置定时器,在步骤S2116指示的有效期内定时广播。 In step S2120, the terminal A broadcasts the obtained code A on the acquired radio resource. In order to improve efficiency, the terminal A sets a timer, which is periodically broadcast during the validity period indicated by step S2116.
通过上述过程,归属近距离服务器从终端获取驻留的PLMN信息,在HSS中进行授权检查或者归属近距离服务器根据HSS提供的签约数据进行授权检查,并且当后续当终端发上来的驻留PLMN信息不在从HSS获取的当前注册PLMN信息和/或当前对等PLMN列表中的时候,向HSS重新授权。另外,还能够实现在终端拜访地进行授权,有效实现拜访地网络进行D2D控制和计费。Through the above process, the home proximity server obtains the resident PLMN information from the terminal, performs an authorization check in the HSS, or performs an authorization check by the home proximity server according to the subscription data provided by the HSS, and when the subsequent resident PLMN information is sent from the terminal. The HSS is re-authorized when not in the current registered PLMN information and/or the current peer PLMN list obtained from the HSS. In addition, it is also possible to implement authorization at the terminal visited, and effectively implement D2D control and charging for the visited network.
图22是根据本发明优选实施方式的授权处理的监听请求流程图,如图22所示,该流程包括如下步骤:FIG. 22 is a flowchart of a listening request for authorization processing according to a preferred embodiment of the present invention. As shown in FIG. 22, the flow includes the following steps:
步骤S2202,终端B从运营商或者第三方获取终端A的应用标识。In step S2202, the terminal B acquires the application identifier of the terminal A from the operator or a third party.
步骤S2204,终端B如果希望发现终端A,则和网络建立连接,并向近距离服务器发送监听请求,该请求里面包括了希望发现的终端A应用标识、终端B终端标识,以及终端当前驻留的PLMN标识。终端B通过自己归属的PLMN标识,生成近距离服务器的标识,并通过DNS查找获知归属近距离服务器IP地址。终端标识为IMSI或者MSISDN。终端B获取驻留PLMN和步骤S2104中类似。Step S2204: If the terminal B wants to discover the terminal A, the terminal establishes a connection with the network, and sends a monitoring request to the proximity server, where the request includes the terminal A application identifier, the terminal B terminal identifier, and the terminal currently camped on the terminal. PLMN logo. The terminal B generates the identity of the proximity server through the PLMN identity that it belongs to, and obtains the IP address of the home server by the DNS lookup. The terminal identifier is IMSI or MSISDN. Terminal B acquires the resident PLMN and is similar to that in step S2104.
步骤S2206,近距离服务器收到发现请求之后,如果没有用户上下文,则向归属用户服务器请求发送签约请求,带有用户标识,在该消息中,还可能带有终端带上来的当前驻留的PLMN信息。Step S2206: After receiving the discovery request, the proximity server requests, if there is no user context, to send a subscription request to the home subscriber server, with a user identifier, and in the message, may also carry the currently camped PLMN brought by the terminal. information.
步骤S2208,如果步骤S2206中没有携带终端当前驻留的PLMN信息,则HSS向归属近距离服务器返回用户的D2D签约信息,终端当前注册PLMN和/或当前对等PLMN列表。归属近距离服务器判断终端当前驻留的PLMN是否在HSS提供的终端当前注册的PLMN和/或当前对等PLMN列表中,如果在则根据签约信息进一步判断是否允许接入,否则不允许接入。此时HSS可能将全部D2D数据下发给归属近距离服务器,由归属近距离服务器做接入检查。Step S2208: If the PLMN information currently camped by the terminal is not carried in step S2206, the HSS returns the D2D subscription information of the user to the home proximity server, and the terminal currently registers the PLMN and/or the current peer PLMN list. The affiliation server determines whether the PLMN currently camped by the terminal is in the PLMN and/or the current peer PLMN list currently registered by the terminal provided by the HSS. If yes, it further determines whether access is permitted according to the subscription information, otherwise access is not allowed. At this time, the HSS may send all the D2D data to the home proximity server, and the home proximity server performs the access check.
如果步骤S2206中携带了终端当前驻留的PLMN信息,归属用户服务器HSS判断用户当前驻留的PLMN是否允许,比如检查当前驻留的PLMN是否在当前注册的PLMN信息中,或者是否在当前对等PLMN列表内,是则允许,否则不允许。归属用户服务器在签约响应中返回终端的签约信息,同时在漫游的情况下,归属用户服务器也返回用户当前注册的拜访地PLMN标识和/或对等PLMN标识列表。此时HSS可能会根据终端当前驻留的不同PLMN下发不同的签约数据。If the step S2206 carries the PLMN information currently camped on by the terminal, the home subscriber server HSS determines whether the PLMN currently camped by the user is allowed, such as checking whether the currently camped PLMN is in the currently registered PLMN information, or whether it is currently peer-to-peer. Within the PLMN list, yes, otherwise not allowed. The home subscriber server returns the subscription information of the terminal in the subscription response, and in the case of roaming, the home subscriber server also returns the visited PLMN identity and/or the peer PLMN identity list currently registered by the user. At this time, the HSS may issue different subscription data according to different PLMNs where the terminal currently resides.
当后续终端再次发起D2D业务请求消息(广播请求、监听请求、匹配请求),归属近距离服务器检查用户当前的驻留的PLMN是否在注册的PLMN和/或对等PLMN 列表内,是则无需再去HSS重新授权,否则需要执行步骤S2206和步骤S2208重新去HSS进行授权并获得新的签约数据。When the subsequent terminal initiates the D2D service request message (broadcast request, interception request, matching request) again, the home proximity server checks whether the current resident PLMN of the user is in the registered PLMN and/or the peer PLMN. In the list, there is no need to re-authorize the HSS. Otherwise, steps S2206 and S2208 need to be performed to re-authorize the HSS and obtain new subscription data.
步骤S2210,根据签约信息归属近距离服务器判断允许该终端进行D2D业务,则创建用户上下文。如果终端请求的目的应用标识是另外一个PLMN的,则根据所提供的PLMN信息通过DNS获取目的近距离服务器的IP地址,然后向目的近距离服务器发送监听请求,带有希望发现的终端A应用标识、终端B终端标识。如果终端请求的目的应用标识就是该归属PLMN,则不执行步骤S2212,归属近距离服务器直接根据终端A应用标识,找到对应的code A和对应的有效期。Step S2210: Create a user context according to the fact that the subscription information belongs to the proximity server and determines that the terminal is allowed to perform the D2D service. If the destination application identifier requested by the terminal is another PLMN, the IP address of the destination close-range server is obtained through the DNS according to the provided PLMN information, and then the interception request is sent to the destination close-range server, with the terminal A application identifier that is desired to be discovered. Terminal B terminal identification. If the destination application identifier requested by the terminal is the home PLMN, step S2212 is not performed, and the home proximity server directly finds the corresponding code A and the corresponding validity period according to the terminal A application identifier.
步骤S2212,目的近距离服务器根据终端A应用标识,找到对应的code A和对应的有效期,并将这些信息返回给归属近距离服务器。In step S2212, the destination proximity server finds the corresponding code A and the corresponding validity period according to the terminal A application identifier, and returns the information to the home proximity server.
步骤S2214,归属近距离服务器根据步骤S604所获得的拜访地PLMN标识,生成拜访地近距离服务器的标识,并通过DNS查找获知拜访地近距离服务器IP地址,然后向该拜访近距离服务器发送广播请求授权消息,其中带有应用标识、终端标识、code A和对应的有效期。Step S2214: The home proximity server generates an identifier of the visited proximity server according to the visited PLMN identifier obtained in step S604, and obtains the visited proximity server IP address through the DNS lookup, and then sends a broadcast request to the visited proximity server. Authorization message with application identification, terminal identification, code A and corresponding validity period.
步骤S2216,拜访地近距离服务器授权本次监听请求,并记录下所收到的应用标识、终端标识以及code A和对应的有效期,以便后续进行计费。拜访地近距离服务器返回监听授权请求响应消息。In step S2216, the visited proximity server authorizes the current interception request, and records the received application identifier, the terminal identifier, and the code A and the corresponding validity period, so as to perform subsequent billing. The visited proximity server returns a listening authorization request response message.
步骤S2218,归属近距离服务器将所获得的code A和有效期,发送给终端B。In step S2218, the home proximity server sends the obtained code A and validity period to the terminal B.
步骤S2220,终端B获取无线资源。终端B配置允许D2D监听的每个PLMN所对应的无线资源,终端可以在步骤S2218所指示的有效值内监听所有的这些无线资源。In step S2220, the terminal B acquires radio resources. The terminal B configures the radio resource corresponding to each PLMN that the D2D monitors, and the terminal can listen to all the radio resources within the valid value indicated by step S2218.
步骤S2222,终端B监听到code A,则成功发现终端A在临近区域。In step S2222, the terminal B listens to the code A, and successfully finds that the terminal A is in the adjacent area.
如果步骤S2204中,终端B带上来的是一类应用,则步骤S2210可能返回一个模板(mask),这时候步骤S2222中若监听到的code和该模板匹配,比如code的前几个bit和该模板完全匹配,则终端B需要发起匹配过程来获知和该code对应的应用标识。If the terminal B brings up a type of application in step S2204, step S2210 may return a mask. In this case, if the code monitored in step S2222 matches the template, such as the first few bits of the code and the If the template is completely matched, the terminal B needs to initiate a matching process to learn the application identifier corresponding to the code.
图23是根据本发明优选实施方式的授权处理的匹配请求流程图,如图23所示,该流程包括如下步骤:FIG. 23 is a flowchart of a matching request for authorization processing according to a preferred embodiment of the present invention. As shown in FIG. 23, the flow includes the following steps:
步骤S2302,终端B监听到code A,该Code A和模板(mask)匹配,但是终端B并不认识该code A。 In step S2302, the terminal B listens to the code A, and the code A matches the mask, but the terminal B does not recognize the code A.
步骤S2304,终端B和网络建立连接,并向归属近距离服务器发送匹配请求,该请求里面包括了发现的code A、终端B终端标识,以及终端当前驻留的PLMN标识。终端B通过自己归属的PLMN标识,生成近距离服务器的标识,并通过DNS查找获知归属近距离服务器IP地址。终端标识为IMSI或者MSISDN。终端B获取驻留PLMN和步骤S2004中类似。In step S2304, the terminal B establishes a connection with the network, and sends a matching request to the home proximity server, where the request includes the found code A, the terminal B terminal identifier, and the PLMN identifier currently hosted by the terminal. The terminal B generates the identity of the proximity server through the PLMN identity that it belongs to, and obtains the IP address of the home server by the DNS lookup. The terminal identifier is IMSI or MSISDN. Terminal B acquires the resident PLMN and is similar to that in step S2004.
步骤S2306,近距离服务器收到发现请求之后,如果没有用户上下文,则向归属用户服务器请求发送签约请求,带有用户标识。在该消息中,还可能带有终端带上来的当前驻留的PLMN信息。Step S2306: After receiving the discovery request, the proximity server requests the home subscriber server to send a subscription request with the user identifier if there is no user context. In this message, it is also possible to carry the currently camped PLMN information carried by the terminal.
步骤S2308,如果步骤S2306中没有携带终端当前驻留的PLMN信息,则HSS向归属近距离服务器返回用户的D2D签约信息,终端当前注册的PLMN和/或对等PLMN列表。归属近距离服务器判断终端当前驻留的PLMN是否在HSS提供的终端当前注册的PLMN和/或对等PLMN列表中,如果在则根据签约信息进一步判断是否允许接入,否则不允许接入。此时HSS可能将全部D2D数据下发给归属近距离服务器,由归属近距离服务器做接入检查。Step S2308: If the PLMN information currently camped by the terminal is not carried in step S2306, the HSS returns the D2D subscription information of the user to the home proximity server, and the PLMN and/or the peer PLMN list currently registered by the terminal. The affiliation server determines whether the PLMN currently camped by the terminal is in the list of PLMNs and/or peer PLMNs currently registered by the terminal provided by the HSS. If yes, it further determines whether access is permitted according to the subscription information, otherwise access is not allowed. At this time, the HSS may send all the D2D data to the home proximity server, and the home proximity server performs the access check.
如果步骤S2306中携带了终端当前驻留的PLMN信息,归属用户服务器HSS判断用户当前驻留的PLMN是否允许,比如检查当前驻留的PLMN是否在当前注册的PLMN信息中,或者是否在对等PLMN列表内,是则允许,否则不允许。归属用户服务器在签约响应中返回终端的签约信息,同时在漫游的情况下,归属用户服务器也返回用户当前注册的拜访地PLMN标识和/或对等PLMN标识列表。此时HSS可能会根据终端当前驻留的不同PLMN下发不同的签约数据。If the PLMN information currently camped by the terminal is carried in step S2306, the home subscriber server HSS determines whether the PLMN currently camped by the user is allowed, such as checking whether the currently camped PLMN is in the currently registered PLMN information, or whether it is in the peer PLMN. Within the list, yes, otherwise not allowed. The home subscriber server returns the subscription information of the terminal in the subscription response, and in the case of roaming, the home subscriber server also returns the visited PLMN identity and/or the peer PLMN identity list currently registered by the user. At this time, the HSS may issue different subscription data according to different PLMNs where the terminal currently resides.
当后续终端再次发起D2D业务请求消息(广播请求、监听请求、匹配请求),归属近距离服务器检查用户当前的驻留的PLMN是否在注册的PLMN或对等PLMN列表内,是则无需再去HSS重新授权,否则需要执行步骤S2306和步骤S2308重新去HSS进行授权并获得新的签约数据。根据签约信息归属近距离服务器判断允许该终端进行D2D业务,则创建用户上下文。归属近距离服务器判断拜访地近距离服务器是否已经授权本次监听了,如果是,则跳过步骤S2310和步骤S2312。When the subsequent terminal initiates the D2D service request message (broadcast request, interception request, matching request) again, the home proximity server checks whether the current resident PLMN of the user is in the registered PLMN or the peer PLMN list, and then does not need to go to the HSS. Re-authorization, otherwise step S2306 and step S2308 need to be performed to re-authorize the HSS and obtain new subscription data. The user context is created according to the fact that the subscription information belongs to the proximity server and determines that the terminal is allowed to perform the D2D service. The belonging close distance server determines whether the visited proximity server has authorized the current monitoring, and if so, skips step S2310 and step S2312.
步骤S2310,归属近距离服务器根据步骤S2304中终端提供的终端所驻留的PLMN获得的拜访地PLMN标识,生成拜访地近距离服务器的标识,并通过DNS查找获知拜访地近距离服务器IP地址,然后向该拜访近距离服务器发送广播请求授权消息,其中带有应用标识、终端标识、code A。 Step S2310: The home proximity server generates an identifier of the visited proximity server according to the visited PLMN identifier obtained by the PLMN where the terminal is located in the step S2304, and obtains the IP address of the proximity server through the DNS lookup, and then Sending a broadcast request authorization message to the visited proximity server, with an application identifier, a terminal identifier, and code A.
步骤S2312,拜访地近距离服务器授权本次监听请求,并记录下所收到的应用标识、终端标识以及code A,以便后续进行计费。拜访地近距离服务器返回监听授权请求响应消息。In step S2312, the visited proximity server authorizes the current listening request, and records the received application identifier, terminal identifier, and code A for subsequent charging. The visited proximity server returns a listening authorization request response message.
步骤S2314,如果监听到的Code A中PLMN信息就是本归属PLMN,则归属近距离服务器根据带上来的Code A获取终端A应用标识和有效期。如果监听到的CodeA中PLMN信息指示另外一个PLMN,则归属近距离服务器根据目的PLMN信息通过DNS获得目的近距离服务器IP地址,并发送将匹配请求消息,其中带有code A、终端B终端标识。Step S2314: If the PLMN information in the code A that is monitored is the home PLMN, the home proximity server obtains the terminal A application identifier and the validity period according to the code A that is sent. If the monitored PLMN information in the CodeA indicates another PLMN, the home proximity server obtains the destination short-range server IP address through the DNS according to the destination PLMN information, and sends a matching request message with the code A and the terminal B terminal identifier.
步骤S2316,目的近距离服务器根据收到的Code A获取终端A应用标识和有效期。In step S2316, the destination proximity server obtains the terminal A application identifier and the validity period according to the received Code A.
步骤S2318,目的近距离服务器将获取到的终端A应用标识和有效期返回给归属近距离服务器。In step S2318, the destination proximity server returns the acquired terminal A application identifier and validity period to the home proximity server.
步骤S2320,归属近距离服务器向终端A的拜访地近距离服务器A发送匹配报告,带有终端A应用标识以及用户标识,访地近距离服务器A保存信息并进行计费。In step S2320, the home proximity server sends a matching report to the visited proximity server A of the terminal A, with the terminal A application identifier and the user identifier, and the visited proximity server A saves the information and performs charging.
步骤S2322,归属近距离服务器向终端B的拜访地近距离服务器B发送匹配报告,带有终端A应用标识以及用户标识B,访地近距离服务器B保存信息并进行计费。Step S2322: The home proximity server sends a matching report to the visited proximity server B of the terminal B, with the terminal A application identifier and the user identifier B, and the visited proximity server B saves the information and performs charging.
步骤S2324,归属近距离服务器将终端A应用标识和有效期返回给UE B,于是UE B成功发现终端A在临近区域。在该有效期之内,code A和终端A应用标识都是匹配的。In step S2324, the home proximity server returns the terminal A application identifier and the validity period to the UE B, and the UE B successfully discovers that the terminal A is in the adjacent area. Within this validity period, both the code A and the terminal A application identifiers match.
图24是根据本发明优选实施方式的UE、HSS获得对等PLMN的流程图,如图24所示,该流程包括如下步骤:FIG. 24 is a flowchart of obtaining a peer PLMN by a UE and an HSS according to a preferred embodiment of the present invention. As shown in FIG. 24, the process includes the following steps:
步骤S2402,终端通过演进的通信系统无线接入网络(Evolved Telecommunication System Radio Access Network,简称为E-UTRAN))接入发起附着或者位置更新请求,MME接受到该消息之后,获取其中选择的PLMN信息,该PLMN信息可以由终端选择(支持选择PLMN的终端)或者由基站选择(不支持选择PLMN的终端)。终端同时将自己支持D2D业务的能力带给MME。Step S2402: The terminal accesses an originating or location update request by using an Evolved Telecommunication System Radio Access Network (E-UTRAN), and after receiving the message, the MME acquires the PLMN information selected therein. The PLMN information may be selected by the terminal (supporting the terminal that selects the PLMN) or selected by the base station (the terminal that does not support the selection of the PLMN). The terminal also brings its own ability to support D2D services to the MME.
步骤S2404,MME完成鉴权以及其他校验之后,向HSS发起位置更新请求,其中携带步骤S2402中获得的PLMN信息作为终端注册的PLMN信息;如果终端指示支持D2D能力,且MME配置有该注册PLMN对应的对等PLMN列表,则向HSS发起的位置更新请求消息中还带有该PLMN相对应的对等PLMN列表,其中包含一个或 者多个对等PLMN。所谓对等PLMN列表指的是该列表中所有PLMN都是和注册PLMN等同的。Step S2404: After the MME completes the authentication and other verification, the MME initiates a location update request to the HSS, where the PLMN information obtained in step S2402 is carried as the PLMN information registered by the terminal; if the terminal indicates that the D2D capability is supported, and the MME is configured with the registered PLMN Corresponding peer-to-peer PLMN list, the location update request message initiated by the HSS also carries a list of peer PLMNs corresponding to the PLMN, including one or Multiple peer PLMNs. The so-called peer PLMN list means that all PLMNs in the list are equivalent to the registered PLMN.
步骤S2406~S2408,HSS完成必要的校验,如果允许终端从MME携带的注册PLMN接入,则保存注册PLMN和对等PLMN列表,并向MME插入用户的签约数据,其中包含D2D的签约数据。Steps S2406 to S2408, the HSS completes the necessary check. If the terminal is allowed to access from the registered PLMN carried by the MME, the registered PLMN and the peer PLMN list are saved, and the user's subscription data, including the D2D subscription data, is inserted into the MME.
如果MME指示跳过插入签约数据(即MME可能已经获得了签约数据),则可以跳过插入签约数据部分,但是HSS还是会保存注册PLMN和/或对等PLMN列表。If the MME indicates skipping the insertion of the subscription data (ie, the MME may have obtained the subscription data), the Insert Contract Data portion may be skipped, but the HSS will still maintain the Registered PLMN and/or the Peer PLMN list.
步骤S2410,HSS向MME返回位置更新应答。In step S2410, the HSS returns a location update response to the MME.
步骤S2412,MME根据签约数据完成D2D授权以及签约检查。执行附着和位置更新的剩余步骤,MME将注册PLMN和/或对等PLMN信息发送给终端。In step S2412, the MME completes the D2D authorization and the contract check according to the subscription data. The remaining steps of performing the attach and location update, the MME sends the registered PLMN and/or peer PLMN information to the terminal.
显然,本领域的技术人员应该明白,上述的本发明的各模块或各步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以将它们存储在存储装置中由计算装置来执行,并且在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤,或者将它们分别制作成各个集成电路模块,或者将它们中的多个模块或步骤制作成单个集成电路模块来实现。这样,本发明不限制于任何特定的硬件和软件结合。It will be apparent to those skilled in the art that the various modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein. The steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module. Thus, the invention is not limited to any specific combination of hardware and software.
以上所述仅为本发明的优选实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.
工业实用性Industrial applicability
如上所述,通过上述实施例及优选实施方式,解决了相关技术中用户在各个PLMN间移动时,HSS无法对用户进行授权控制的问题,进而达到了用户在各个PLMN间移动时,HSS也能对用户进行有效授权控制的效果。 As described above, the above embodiments and preferred embodiments solve the problem that the HSS cannot perform authorization control on the user when moving between the PLMNs in the related art, thereby achieving the HSS when the user moves between the PLMNs. The effect of effective authorization control for users.

Claims (21)

  1. 一种授权处理方法,包括:An authorization processing method, including:
    获取发起业务请求的用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;Obtaining resident PLMN information of a public land mobile network PLMN currently camped on by the user equipment UE that initiates the service request;
    判断所述驻留PLMN信息是否在近距离服务器上保存的注册PLMN信息和/或所述注册PLMN对应的对等PLMN信息中;Determining whether the resident PLMN information is stored in the registered PLMN information stored on the proximity server and/or the peer PLMN information corresponding to the registered PLMN;
    在判断结果为是的情况下,依据所述驻留PLMN信息对所述UE的业务请求进行授权处理;和/或,在判断结果为否的情况下,依据从归属用户服务器HSS获取的当前注册PLMN信息和/或所述当前注册PLMN信息对应的当前对等PLMN信息对所述UE的业务请求进行授权处理。If the determination result is yes, the service request of the UE is authorized according to the resident PLMN information; and/or, if the determination result is no, according to the current registration obtained from the home subscriber server HSS The PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information performs authorization processing on the service request of the UE.
  2. 根据权利要求1所述的方法,其中,依据从所述HSS获取的所述当前注册PLMN信息和/或所述当前注册PLMN信息对应的所述当前对等PLMN信息对所述UE的业务请求进行授权处理包括:The method according to claim 1, wherein the service request of the UE is performed according to the current registered PLMN information acquired from the HSS and/or the current peer PLMN information corresponding to the currently registered PLMN information. Authorization processing includes:
    判断所述驻留PLMN信息是否在所述当前注册PLMN信息和/或所述当前对等PLMN信息中;Determining whether the resident PLMN information is in the current registered PLMN information and/or the current peer PLMN information;
    在判断结果为是的情况下,依据所述驻留PLMN信息对所述UE的业务请求进行授权;和/或,在判断结果为否的情况下,拒绝所述UE的业务请求。If the determination result is yes, the service request of the UE is authorized according to the resident PLMN information; and/or, if the determination result is no, the service request of the UE is rejected.
  3. 根据权利要求1所述的方法,其中,获取发起业务请求的所述UE当前驻留的所述PLMN的所述驻留PLMN信息包括:The method of claim 1, wherein the obtaining the resident PLMN information of the PLMN currently camped by the UE that initiates a service request comprises:
    接收来自所述UE的业务请求消息,其中,所述业务请求消息中携带有所述UE当前驻留的所述PLMN的所述驻留PLMN信息。Receiving a service request message from the UE, where the service request message carries the resident PLMN information of the PLMN currently camped by the UE.
  4. 一种授权处理方法,包括:An authorization processing method, including:
    获取用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;Obtaining resident PLMN information of a public land mobile network PLMN currently camped on by the user equipment UE;
    将获取的所述驻留PLMN信息在业务请求中发送给近距离服务器,其中,所述驻留PLMN信息用于所述近距离服务器在确定所述驻留PLMN信息在所述近距离服务器上保存的注册PLMN信息和/或所述注册PLMN信息的对等PLMN信息中,和/或,归属用户服务器HSS确定所述驻留PLMN信息在当前 注册PLMN信息中和/或所述当前注册PLMN信息对应的当前对等PLMN信息中时,所述近距离服务器和/或所述HSS对所述UE的所述业务请求进行授权处理。Transmitting the acquired resident PLMN information to a proximity server in a service request, wherein the resident PLMN information is used by the proximity server to determine that the resident PLMN information is saved on the proximity server In the registered PLMN information and/or the peer PLMN information of the registered PLMN information, and/or the home subscriber server HSS determines that the resident PLMN information is currently When registering in the PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information, the proximity server and/or the HSS perform authorization processing on the service request of the UE.
  5. 根据权利要求4所述的方法,其中,在获取所述UE当前驻留的所述PLMN的所述驻留PLMN信息之前,通过以下方式至少之一驻留在PLMN中:The method according to claim 4, wherein at least one of the following resides in the PLMN before acquiring the resident PLMN information of the PLMN currently camped by the UE:
    驻留在所述注册PLMN信息和/或所述当前注册PLMN信息包括的PLMN中;Residing in the PLMN included in the registered PLMN information and/or the currently registered PLMN information;
    在基站不支持所述注册PLMN信息和/或所述当前注册PLMN信息包括的PLMN时,驻留在所述基站支持且在所述对等PLMN信息和/或所述当前对等PLMN信息包括的PLMN中;And when the base station does not support the registered PLMN information and/or the PLMN included in the currently registered PLMN information, camping on the base station support and included in the peer PLMN information and/or the current peer PLMN information In PLMN;
    在基站不支持所述注册PLMN信息和/或所述当前注册PLMN信息包括的PLMN,也不支持所述对等PLMN信息和/或所述当前对等PLMN信息包括的PLMN时,驻留在重新发起位置请求后重新选择的PLMN中。Residing in the PLMN included in the base station not supporting the registered PLMN information and/or the currently registered PLMN information, and not supporting the peer PLMN information and/or the PLMN included in the current peer PLMN information In the PLMN that is reselected after initiating the location request.
  6. 一种授权处理方法,包括:An authorization processing method, including:
    接收来自近距离服务器的发起业务请求的用户设备UE的授权请求消息;Receiving an authorization request message of the user equipment UE that initiates the service request from the proximity server;
    判断所述授权请求消息中是否携带有所述UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;Determining whether the authorization request message carries the resident PLMN information of the public land mobile network PLMN currently camped by the UE;
    在判断结果为是的情况下,依据当前注册PLMN信息和/或所述当前注册PLMN信息对应的当前对等PLMN信息对所述UE的业务请求进行授权处理;和/或,在判断结果为否的情况下,将所述当前注册PLMN信息和/或所述当前对等PLMN信息发送给所述近距离服务器。If the result of the determination is yes, the service request of the UE is authorized according to the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information; and/or, in the determination result is no In case, the currently registered PLMN information and/or the current peer PLMN information is sent to the proximity server.
  7. 根据权利要求6所述的方法,其中,依据所述当前注册PLMN信息和/或所述当前注册PLMN信息对应的所述当前对等PLMN信息对所述UE的业务请求进行授权处理包括:The method according to claim 6, wherein the authorization processing of the service request of the UE according to the current registered PLMN information and/or the current peer PLMN information corresponding to the currently registered PLMN information comprises:
    判断所述驻留PLMN信息是否在所述当前注册PLMN信息中和/或所述当前对等PLMN信息中;Determining whether the resident PLMN information is in the current registered PLMN information and/or in the current peer PLMN information;
    在判断结果为是的情况下,对所述UE的业务请求进行授权;和/或,在判断结果为否的情况下,拒绝所述UE的业务请求。 If the determination result is yes, the service request of the UE is authorized; and/or, if the determination result is no, the service request of the UE is rejected.
  8. 根据权利要求7所述的方法,其中,在对所述UE的业务请求进行授权之后,还包括:The method of claim 7, wherein after authorizing the service request of the UE, the method further comprises:
    将所述当前注册PLMN信息和/或所述当前对等PLMN信息发送给所述近距离服务器。Transmitting the currently registered PLMN information and/or the current peer PLMN information to the proximity server.
  9. 根据权利要求6至8中任一项所述的方法,其中,在依据所述当前注册PLMN信息和/或所述当前注册PLMN信息对应的所述当前对等PLMN信息对所述UE的业务请求进行授权处理之前,还包括:The method according to any one of claims 6 to 8, wherein the service request to the UE is performed according to the current peer PLMN information corresponding to the current registered PLMN information and/or the currently registered PLMN information Before performing authorization processing, it also includes:
    接收移动管理实体MME的位置更新请求,其中,所述位置更新请求中携带有当前注册PLMN信息和/或所述当前对等PLMN信息。Receiving a location update request of the mobility management entity MME, where the location update request carries current registered PLMN information and/or the current peer PLMN information.
  10. 一种授权处理装置,包括:An authorization processing device comprising:
    第一获取模块,设置为获取发起业务请求的用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;a first obtaining module, configured to acquire resident PLMN information of a public land mobile network PLMN currently camped by the user equipment UE that initiates the service request;
    第一判断模块,设置为判断所述驻留PLMN信息是否在近距离服务器上保存的注册PLMN信息和/或所述注册PLMN对应的对等PLMN信息中;a first determining module, configured to determine whether the resident PLMN information is stored in the registered PLMN information and/or the peer PLMN information corresponding to the registered PLMN;
    第一处理模块,设置为在所述第一判断模块的判断结果为是的情况下,依据所述驻留PLMN信息对所述UE的业务请求进行授权处理;和/或,第二处理模块,设置为在所述第一判断模块的判断结果为否的情况下,依据从归属用户服务器HSS获取的当前注册PLMN信息和/或所述当前注册PLMN信息对应的当前对等PLMN信息对所述UE的业务请求进行授权处理。a first processing module, configured to perform authorization processing on the service request of the UE according to the resident PLMN information if the determination result of the first determining module is yes; and/or, the second processing module, If the result of the first determining module is negative, the UE is configured according to the current registered PLMN information acquired from the home subscriber server HSS and/or the current peer PLMN information corresponding to the current registered PLMN information. The business request is authorized for processing.
  11. 根据权利要求10所述的装置,其中,所述第一处理模块包括:The apparatus of claim 10, wherein the first processing module comprises:
    第一判断单元,设置为判断所述驻留PLMN信息是否在所述当前注册PLMN信息和/或所述当前对等PLMN信息中;a first determining unit, configured to determine whether the resident PLMN information is in the current registered PLMN information and/or the current peer PLMN information;
    第一授权单元,设置为在所述第一判断单元的判断结果为是的情况下,依据所述驻留PLMN信息对所述UE的业务请求进行授权;和/或,第一拒绝单元,设置为在所述第一判断单元的判断结果为否的情况下,拒绝所述UE的业务请求。a first authorization unit, configured to authorize, according to the resident PLMN information, a service request of the UE, if the determination result of the first determining unit is yes; and/or, the first rejecting unit, setting In case the determination result of the first determining unit is no, the service request of the UE is rejected.
  12. 根据权利要求10所述的装置,其中,所述第一获取模块包括:The apparatus of claim 10, wherein the first obtaining module comprises:
    第一接收单元,设置为接收来自所述UE的业务请求消息,其中,所述业务请求消息中携带有所述UE当前驻留的所述PLMN的所述驻留PLMN信息。 The first receiving unit is configured to receive a service request message from the UE, where the service request message carries the resident PLMN information of the PLMN currently camped by the UE.
  13. 一种近距离服务器,包括权利要求10至12中任一项所述的装置。A proximity server comprising the apparatus of any one of claims 10 to 12.
  14. 一种授权处理装置,包括:An authorization processing device comprising:
    第二获取模块,设置为获取用户设备UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;a second acquiring module, configured to acquire resident PLMN information of a public land mobile network PLMN currently camped by the user equipment UE;
    第一发送模块,设置为将获取的所述驻留PLMN信息在业务请求中发送给近距离服务器,其中,所述驻留PLMN信息用于所述近距离服务器在确定所述驻留PLMN信息在所述近距离服务器上保存的注册PLMN信息和/或所述注册PLMN信息的对等PLMN信息中,和/或,归属用户服务器HSS确定所述驻留PLMN信息在当前注册PLMN信息中和/或所述当前注册PLMN信息对应的当前对等PLMN信息中时,所述近距离服务器和/或所述HSS对所述UE的所述业务请求进行授权处理。a first sending module, configured to send the acquired resident PLMN information to a proximity server in a service request, where the resident PLMN information is used by the proximity server to determine the resident PLMN information In the registered PLMN information stored on the proximity server and/or the peer PLMN information of the registered PLMN information, and/or the home subscriber server HSS determines that the resident PLMN information is in the currently registered PLMN information and/or When the current registered PLMN information is in the current peer PLMN information, the proximity server and/or the HSS perform authorization processing on the service request of the UE.
  15. 根据权利要求14所述的装置,其中,还包括驻留模块,设置为通过以下方式至少之一驻留在PLMN中:The apparatus of claim 14, further comprising a resident module configured to reside in the PLMN by at least one of:
    驻留在所述注册PLMN信息和/或所述当前注册PLMN信息包括的PLMN中;Residing in the PLMN included in the registered PLMN information and/or the currently registered PLMN information;
    在基站不支持所述注册PLMN信息和/或所述当前注册PLMN信息包括的PLMN时,驻留在所述基站支持且在所述对等PLMN信息和/或所述当前对等PLMN信息包括的PLMN中;And when the base station does not support the registered PLMN information and/or the PLMN included in the currently registered PLMN information, camping on the base station support and included in the peer PLMN information and/or the current peer PLMN information In PLMN;
    在基站不支持所述注册PLMN信息和/或所述当前注册PLMN信息包括的PLMN,也不支持所述对等PLMN信息和/或所述当前对等PLMN信息包括的PLMN时,驻留在重新发起位置请求后重新选择的PLMN中。Residing in the PLMN included in the base station not supporting the registered PLMN information and/or the currently registered PLMN information, and not supporting the peer PLMN information and/or the PLMN included in the current peer PLMN information In the PLMN that is reselected after initiating the location request.
  16. 一种用户设备UE,包括:权利要求14至15中任一项所述的装置。A user equipment UE comprising: the apparatus of any one of claims 14 to 15.
  17. 一种授权处理装置,包括:An authorization processing device comprising:
    第一接收模块,设置为接收来自近距离服务器的发起业务请求的用户设备UE的授权请求消息;a first receiving module, configured to receive an authorization request message of a user equipment UE that initiates a service request from a proximity server;
    第二判断模块,设置为判断所述授权请求消息中是否携带有所述UE当前驻留的公共陆地移动网络PLMN的驻留PLMN信息;a second determining module, configured to determine whether the authorization request message carries the resident PLMN information of the public land mobile network PLMN currently camped by the UE;
    第三处理模块,设置为在所述第二判断模块的判断结果为是的情况下,依据当前注册PLMN信息和/或所述当前注册PLMN信息对应的当前对等PLMN 信息对所述UE的业务请求进行授权处理;和/或,第四处理模块,设置为在所述第二判断模块的判断结果为否的情况下,将所述当前注册PLMN信息和/或所述当前对等PLMN信息发送给所述近距离服务器。a third processing module, configured to: in case the determination result of the second determining module is yes, the current peer PLMN corresponding to the current registered PLMN information and/or the currently registered PLMN information The information is authorized to process the service request of the UE; and/or the fourth processing module is configured to: if the determination result of the second determining module is negative, the current registered PLMN information and/or The current peer PLMN information is sent to the proximity server.
  18. 根据权利要求17所述的装置,其中,所述第三处理模块包括:The apparatus of claim 17, wherein the third processing module comprises:
    第二判断单元,设置为判断所述驻留PLMN信息是否在所述当前注册PLMN信息中和/或所述当前对等PLMN信息中;a second determining unit, configured to determine whether the resident PLMN information is in the current registered PLMN information and/or in the current peer PLMN information;
    第二授权单元,设置为在所述第二判断单元的判断结果为是的情况下,对所述UE的业务请求进行授权;和/或,第二拒绝单元,设置为在所述第二判断单元的判断结果为否的情况下,拒绝所述UE的业务请求。a second authorization unit, configured to authorize a service request of the UE if the determination result of the second determination unit is yes; and/or, the second rejection unit is set to be in the second determination If the judgment result of the unit is no, the service request of the UE is rejected.
  19. 根据权利要求18所述的装置,其中,所述第三处理模块还包括:The apparatus of claim 18, wherein the third processing module further comprises:
    发送单元,设置为将所述当前注册PLMN信息和/或所述当前对等PLMN信息发送给所述近距离服务器。And a sending unit, configured to send the current registered PLMN information and/or the current peer PLMN information to the proximity server.
  20. 根据权利要求17至19中任一项所述的装置,其中,还包括:The apparatus according to any one of claims 17 to 19, further comprising:
    第二接收模块,设置为接收移动管理实体MME的位置更新请求,其中,所述位置更新请求中携带有当前注册PLMN信息和/或所述当前对等PLMN信息。The second receiving module is configured to receive a location update request of the mobility management entity MME, where the location update request carries current registered PLMN information and/or the current peer PLMN information.
  21. 一种归属用户服务器,包括权利要求17至20中任一项所述的装置。 A home subscriber server comprising the apparatus of any one of claims 17 to 20.
PCT/CN2014/089260 2014-04-30 2014-10-23 Authorization processing method and apparatus, proximity server, and home subscriber server WO2015165224A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410182610.8 2014-04-30
CN201410182610.8A CN105025462A (en) 2014-04-30 2014-04-30 Authorization processing method and apparatus, close range server and home subscriber server

Publications (1)

Publication Number Publication Date
WO2015165224A1 true WO2015165224A1 (en) 2015-11-05

Family

ID=54358104

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/089260 WO2015165224A1 (en) 2014-04-30 2014-10-23 Authorization processing method and apparatus, proximity server, and home subscriber server

Country Status (2)

Country Link
CN (1) CN105025462A (en)
WO (1) WO2015165224A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111935852A (en) * 2020-07-17 2020-11-13 广东以诺通讯有限公司 Communication method, terminal and storage medium

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111315035B (en) * 2020-02-24 2023-11-10 华为技术有限公司 WiFi network connection method and device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103546926A (en) * 2012-07-09 2014-01-29 中兴通讯股份有限公司 Method and device for determining neighbor user equipment in WLAN
US20140056220A1 (en) * 2012-08-23 2014-02-27 Interdigital Patent Holdings, Inc. Method and apparatus for performing device-to-device discovery

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103546926A (en) * 2012-07-09 2014-01-29 中兴通讯股份有限公司 Method and device for determining neighbor user equipment in WLAN
US20140056220A1 (en) * 2012-08-23 2014-02-27 Interdigital Patent Holdings, Inc. Method and apparatus for performing device-to-device discovery

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ORANGE: "3GPP, S 2-140695 , Clarification on the Number of Prose Function(s), and Local PLMN (s", 3GPP, TSG SA2 MEETING #101BIS, 17 February 2014 (2014-02-17), XP050765785 *
QUALCOMM INCORPORATED ET AL.: "3GPP, S 2-141411 , TS23, 303CR0023, Completion of Definitions", 3GPP, TSG SA2 MEETING #102, 28 March 2014 (2014-03-28) *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111935852A (en) * 2020-07-17 2020-11-13 广东以诺通讯有限公司 Communication method, terminal and storage medium

Also Published As

Publication number Publication date
CN105025462A (en) 2015-11-04

Similar Documents

Publication Publication Date Title
JP7128234B2 (en) Method and apparatus for selecting core network in mobile communication system
EP2768272B1 (en) Methods and apparatuses for device to device communication
CN109691059B (en) Method for selection of IP version, wireless communication device, and network node
WO2014040506A1 (en) Terminal discovery, discovery processing method and device
CN104066200A (en) Method for realizing end-to-end communication among user equipment (UE), and UE
WO2014146474A1 (en) Terminal registration method, terminal discovery method, terminal and device
WO2012095021A1 (en) Method, system, and device for establishing local ip access connection
KR20160132756A (en) Method for supporting ue access control
CN107409437B (en) DCN processing method of PLMN, UE and DCN service node
EP3128773B1 (en) Processing method and apparatus for d2d discovery
WO2015165149A1 (en) Configuration method, prose key management functional entity, terminal, system, and storage medium
KR102110420B1 (en) Method and apparatus for efficient security management of disaster message in mobile communication system
KR102112610B1 (en) Method and apparatus for device to device communication
WO2016000395A1 (en) D2d service authorizing method and device and home near field communication server
WO2016180117A1 (en) Method and apparatus for selecting relay node in device-to-device network
WO2015154426A1 (en) Method and device for prose temporary identifier notification and update
WO2015165224A1 (en) Authorization processing method and apparatus, proximity server, and home subscriber server
WO2016023282A1 (en) Near field communication discovery method, apparatus and system
KR101795786B1 (en) Method and Apparatus for Selecting Core Network
WO2015135269A1 (en) Service discovery and authentication method, device, terminal, system, and computer storage medium
WO2012151846A1 (en) Method and system for triggering terminal in specific location, and terminal thereof
KR101795787B1 (en) Method and Apparatus for Selecting Core Network
WO2016000306A1 (en) Method for transmitting prose information, terminal and communication device
WO2017000591A1 (en) Information sending method and terminal
WO2016112678A1 (en) Data processing method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14890657

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14890657

Country of ref document: EP

Kind code of ref document: A1