WO2016078352A1 - Method for updating ssd, media switch center, communication system and related storage medium - Google Patents

Method for updating ssd, media switch center, communication system and related storage medium Download PDF

Info

Publication number
WO2016078352A1
WO2016078352A1 PCT/CN2015/078375 CN2015078375W WO2016078352A1 WO 2016078352 A1 WO2016078352 A1 WO 2016078352A1 CN 2015078375 W CN2015078375 W CN 2015078375W WO 2016078352 A1 WO2016078352 A1 WO 2016078352A1
Authority
WO
WIPO (PCT)
Prior art keywords
base station
user equipment
mobile switching
switching center
data
Prior art date
Application number
PCT/CN2015/078375
Other languages
French (fr)
Chinese (zh)
Inventor
张志华
周燕
金华
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016078352A1 publication Critical patent/WO2016078352A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/0005Control or signalling for completing the hand-off
    • H04W36/0011Control or signalling for completing the hand-off for data sessions of end-to-end connection
    • H04W36/0022Control or signalling for completing the hand-off for data sessions of end-to-end connection for transferring data sessions between adjacent core network technologies
    • H04W36/00224Control or signalling for completing the hand-off for data sessions of end-to-end connection for transferring data sessions between adjacent core network technologies between packet switched [PS] and circuit switched [CS] network technologies, e.g. circuit switched fallback [CSFB]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/0005Control or signalling for completing the hand-off
    • H04W36/0011Control or signalling for completing the hand-off for data sessions of end-to-end connection
    • H04W36/0022Control or signalling for completing the hand-off for data sessions of end-to-end connection for transferring data sessions between adjacent core network technologies

Definitions

  • the present invention relates to the field of communications, and in particular, to a method for updating a shared secret data (SSD) when a long-term evolution (LTE) network is dropped back to a circuit switched (CS) circuit domain, and a mobile switching center. , communication systems and related computer storage media.
  • SSD shared secret data
  • LTE long-term evolution
  • CS circuit switched
  • LTE is a long-term evolution of the Universal Mobile Telecommunications System (UMTS) technology standard developed by the 3GPP (The 3rd Generation Partnership Project).
  • UMTS Universal Mobile Telecommunications System
  • 3GPP The 3rd Generation Partnership Project
  • CDMA2000 Code Division Multiple Access
  • E-RAN Evolved RAN
  • the network element included in the E-RAN is an evolved base station (eNodeB, Evolved NodeB), which provides radio resources for access of the user equipment UE;
  • eNodeB Evolved NodeB
  • Mobility Management Entity A control plane function entity that temporarily stores user data. It is responsible for managing and storing UE contexts (such as UE user ID, mobility management status, user security parameters, etc.) and assigning them to users. Temporary identification, when the UE is camped in the tracking area or the network is responsible for authenticating the user; processing all non-access stratum messages between the MME and the UE; triggering paging in the system architecture evolution SAE.
  • UE contexts such as UE user ID, mobility management status, user security parameters, etc.
  • the gateway is a user plane entity responsible for user plane data routing processing and terminating downlink data of the UE in idle state. Manage and store the SAE bearer context of the UE, such as the Internet Protocol IP bearer service parameters and network Internal routing information, etc. It is the anchor point of the internal user plane of the 3GPP system. A user can only have one Serving GW at a time;
  • Interworking Solution When the UE under LTE coverage cannot handle voice services, it can first fall back to the circuit domain network and process voice services in the circuit domain network. IWS is responsible for implementing MME and circuit domain mobility under LTE. Interaction of the exchange center (MSC, Media Switch Center).
  • MSC Mobile Switch Center
  • CDMA2000 1X access network mainly includes mobile terminal MS and base transceiver station BTS.
  • the base transceiver station is responsible for wireless signal transmission and reception, and realizes communication between the wireless network system and the mobile station.
  • BSC Base Station Controller
  • MSC responsible for call setup, routing, call control, radio resource allocation, mobility management, location level, channel switching in the switching area, etc.
  • the CDMA2000 1X authenticates the accessed UE through the update of the SSD.
  • the traditional user will perform authentication after the voice call is initiated. If the authentication fails, the MSC will trigger the SSD update to the user and try to authenticate again.
  • the UE decides to initiate a voice call.
  • IMS IP Multimedia Subsystem
  • the corresponding IP Multimedia Subsystem IMS, IP Multimedia Subsystem
  • EPS Evolved Packet System
  • CSFB Circuit Switched Fallback
  • the UE completes the voice service by dropping back to the circuit domain through the IWS network element.
  • the IWS network element triggers a handover request to the MSC.
  • the SSD update during the voice call cannot be completed, and the authentication fails.
  • the IWS immediately triggers the handover request to the MSC, and the MSC performs the handover. If the SSD update process of the UE is also initiated at the same time, the process conflict may be caused, and the SSD update of the UE cannot be completed.
  • an embodiment of the present invention provides an SSD update method, a mobile switching center, a communication system, and a related computer storage medium when the LTE network is dropped back to the CS domain, so as to at least solve the problem due to the existing UE.
  • the SSD update process and the handover process are simultaneously performed, resulting in a conflict problem.
  • An embodiment of the present invention provides a method for updating shared encrypted data, where the method includes:
  • the interoperation node When the interoperation node detects that the user equipment initiates the voice call service of the circuit switched domain in the long term evolution network, initiates a handover procedure to the mobile switching center to switch the user equipment to the target base station of the circuit switched domain;
  • the mobile switching center After the user equipment is handed over to the target base station, the mobile switching center initiates update of the shared encrypted data of the user equipment to the target base station.
  • the interoperation node determines whether the user equipment initiates a voice call service of a circuit switched domain in a long term evolution network by determining whether a voice start message sent by the user equipment is received.
  • the interoperation node detects that the user equipment initiates a handover procedure to the mobile switching center after the long-term evolution network initiates the voice call service of the circuit switched domain, and the method further includes: :
  • the mobile switching center After receiving the CM service request message, the mobile switching center authenticates the user equipment and records the result of the authentication failure.
  • the target base station after the user equipment switches to the target base station, the target base station sends a handover completion notification to the mobile switching center; the mobile switching center initiates a pair to the target base station.
  • the update process of updating the shared encrypted data of the user equipment includes:
  • the mobile switching center After receiving the handover completion notification sent by the target base station, the mobile switching center sends a shared encrypted data update request including the new authentication data to the user equipment by using the target base station according to the record of the authentication failure result, and Calculating the first verification data by using a preset algorithm on the new authentication data;
  • the user equipment calculates, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feeds back to the mobile switching center by using the target base station;
  • the mobile switching center performs the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the target base station;
  • the user equipment When the verification result is that the first verification data and the second verification data are the same, the user equipment locally updates the shared encrypted data, and feeds the update result to the mobile switching center through the target base station.
  • the embodiment of the invention further provides another method for updating the shared encrypted data, including:
  • the mobile switching center receives a handover procedure initiated by the interoperation node when detecting that the user equipment initiates a voice call service in the circuit switched domain of the long term evolution network, and switches the user equipment to the target base station of the circuit switched domain;
  • the mobile switching center initiates update of the shared encrypted data of the user equipment to the target base station.
  • the target base station after the user equipment switches to the target base station, the target base station sends a handover completion notification to the mobile switching center; the mobile switching center initiates a handover to the target base station.
  • the update process for updating the shared encrypted data of the user equipment includes:
  • the mobile switching center After receiving the handover completion notification sent by the target base station, the mobile switching center directly sends a shared encrypted data update request including new authentication data to the user equipment by using the target base station, and adopts the new authentication data for the new authentication data.
  • the preset algorithm performs calculation to obtain first verification data
  • the user equipment calculates, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feeds back to the mobile switching center by using the target base station;
  • the mobile switching center performs the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the target base station;
  • the user equipment When the verification result is that the first verification data and the second verification data are the same, the user equipment locally updates the shared encrypted data, and feeds the update result to the mobile switching center through the target base station.
  • the embodiment of the invention further provides a method for updating shared encrypted data, the method comprising:
  • the mobile switching center receives a handover procedure initiated by the interoperation node when detecting that the user equipment initiates a voice call service in the circuit switched domain of the long term evolution network, and switches the user equipment to the target base station of the circuit switched domain;
  • the shared encrypted data of the user equipment is initiated to be updated to the target base station.
  • the embodiment of the invention further provides a communication system, including an interoperation node, a mobile switching center, and a base station;
  • the interoperation node is configured to detect that the user equipment initiates a handover procedure to the mobile switching center when the long term evolution network initiates a voice call service of the circuit switched domain, and the user equipment is switched to the base station of the circuit switched domain. ;
  • the mobile switching center is configured to initiate, after the user equipment is switched to the base station, update the shared encrypted data of the user equipment to the base station.
  • the interoperation node is configured to determine whether the user equipment initiates a voice call service in a circuit switched domain in a long term evolution network by determining whether a voice start message sent by the user equipment is received. .
  • the interoperation node is further configured to detect a user setting. After the long-term evolution network initiates the voice call service of the circuit switching domain, before the handover process is initiated to the mobile switching center, the CM service request message is sent to the mobile switching center according to the voice start message;
  • the mobile switching center is further configured to: after receiving the CM service request message, perform authentication on the user equipment, and record an authentication failure result.
  • the base station is further configured to send a handover completion notification to the mobile switching center after the handover is completed;
  • the mobile switching center is further configured to, after receiving the handover completion notification sent by the base station, send, by using the base station, the sharing including the new authentication data to the user equipment according to the record of the authentication failure result. Encrypting the data update request, and calculating the new authentication data by using a preset algorithm to obtain the first verification data;
  • the user equipment is further configured to calculate, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feed back to the mobile switching center by using the base station;
  • the mobile switching center is further configured to perform the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the base station;
  • the user equipment is further configured to: when the verification result is that the first verification data and the second verification data are the same, locally update the shared encrypted data, and feed the update result to the mobile switching center by using the base station .
  • the base station is further configured to send a handover completion notification to the mobile switching center after the handover is completed; correspondingly,
  • the mobile switching center is further configured to: after receiving the handover completion notification sent by the base station, send, by the base station, a shared encrypted data update request that includes new authentication data, and the new authentication data is sent by the base station Calculating the first verification data by using a preset algorithm;
  • the user equipment is further configured to update the new authentication in the request according to the shared encrypted data
  • the data is calculated by using the preset algorithm to obtain second verification data, and is fed back to the mobile switching center by using the base station;
  • the mobile switching center is further configured to perform the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the base station;
  • the user equipment is further configured to: when the verification result is that the first verification data and the second verification data are the same, locally update the first verification data, and feed back the update result to the Mobile switching center.
  • the embodiment of the present invention further provides a mobile switching center, where the mobile switching center includes a switching module and an update module:
  • the switching module is configured to receive a handover procedure initiated by the interoperation node when detecting that the user equipment initiates a voice call service in the circuit switched domain of the long term evolution network, and switch the user equipment to the target base station in the circuit switched domain;
  • an update module configured to initiate, to the target base station, update the shared encrypted data of the user equipment.
  • An embodiment of the present invention further provides a computer storage medium, where the computer storage medium stores a first set of computer executable instructions, and the first set of computer executable instructions are used to perform the foregoing application to an interoperation node and an MSC.
  • the SSD update method
  • the embodiment of the invention further provides a computer storage medium, wherein the computer storage medium stores a second set of computer executable instructions, and the second set of computer executable instructions are used to execute the foregoing SSD update method applied to the MSC .
  • the solution provided by the embodiment of the present invention can complete the handover process after the user equipment falls back to the CS domain (ie, the CDMA2000 network), and then complete the SSD update process of the user equipment to prevent the UE from falling back from the LTE network to the CS domain.
  • the SSD update process and the handover process lead to conflicts.
  • FIG. 1 is a schematic structural diagram of an LTE network falling back to a CDMA2000 network
  • FIG. 2 is a schematic flowchart of an SSD update method when an LTE network is dropped back to a CS domain according to Embodiment 1 of the present invention
  • FIG. 3 is a schematic flowchart of an SSD update method when an LTE network is dropped back to a CDMA2000 network according to Embodiment 1 of the present invention
  • FIG. 4 is a schematic structural diagram of a mobile switching center according to Embodiment 1 of the present invention.
  • Embodiment 1 is a diagrammatic representation of Embodiment 1:
  • the method for updating an SSD of a UE when the LTE network is dropped from the LTE network to the CS domain includes:
  • Step 201 The IWS detects that the UE initiates a handover procedure to the MSC when the LTE network initiates the voice call service of the CS domain to switch the UE to the target base station of the CS domain.
  • Step 202 After switching the user equipment to the target base station in the circuit switched domain, the MSC initiates an update to the target base station to the SSD of the UE.
  • the MSC initiates an update procedure for updating the SSD of the UE to the target base station to complete the SSD update of the UE.
  • the mobile switching center in this embodiment includes a switching module. And update modules; among them,
  • the switching module is configured to receive a handover procedure initiated by the interoperation node when detecting that the user equipment initiates a voice call service in the circuit switched domain of the long term evolution network, and switch the user equipment to the target base station in the circuit switched domain;
  • an update module configured to initiate update of the shared encrypted data of the user equipment to the target base station.
  • the IWS may determine whether the UE initiates a voice call service in the CS domain on the LTE network by determining whether the voice start message sent by the UE is received (specifically, may be sent by the GXNA encapsulated 1X initialization message); if the IWS receives the UE The voice start message is sent, indicating that the UE currently initiates a voice call service on the LTE network, and needs to fall back to the CS domain (ie, the CDMA2000 network); if not, it indicates that the UE does not currently initiate a voice call service.
  • the voice start message sent by the UE is received (specifically, may be sent by the GXNA encapsulated 1X initialization message); if the IWS receives the UE The voice start message is sent, indicating that the UE currently initiates a voice call service on the LTE network, and needs to fall back to the CS domain (ie, the CDMA2000 network); if not, it indicates that the UE does not currently initiate a voice call service.
  • the IWS detects that after the UE initiates the handover process to the MSC after the LTE network initiates the voice call service of the CS domain, the IWS further includes:
  • the IWS sends a corresponding CM (Connect Management) service request message to the MSC according to the received voice start message;
  • the MSC After receiving the CM service request message, the MSC authenticates the UE and records the result of the authentication failure.
  • the update process of the MSC to update the SSD of the UE to the target base station in the foregoing step 202 includes:
  • the MSC After receiving the handover completion notification sent by the target base station, the MSC learns that the SSD of the UE needs to be updated according to the record of the previously saved authentication failure result, and the target base station sends an SSD update request including the new authentication data to the UE, and The new authentication data is calculated using a preset algorithm Calculate the first verification data. It should be understood that, after the handover completion notification sent by the target eNB receives the handover completion notification, the MSC may directly send the SSD update request including the new authentication data to the UE through the target base station, and does not care whether it has been previously The authentication and previous authentication results were successful or failed.
  • the UE calculates the second verification data by using the same preset algorithm as the MSC according to the new authentication data in the received SSD update request, and feeds back to the MSC through the target base station;
  • the MSC compares the first verification data and the second verification data to obtain a verification result, and feeds the verification result to the UE through the target base station.
  • the UE When the verification result is that the first verification data and the second verification data are the same, the UE locally updates the first verification data, and feeds the update result to the MSC through the IWS.
  • the update result at this time is that the update is successful; the user UE is in the verification result.
  • the first verification data and the second verification data are different, it indicates that the update failed.
  • Step 301 The UE decides to initiate a CS voice call on the LTE network.
  • Step 302 The UE sends a GCSNA encapsulated 1X initialization message (including a voice start message) to the IWS;
  • Step 303 After receiving the 1X initialization message, the IWS creates a corresponding CM service request message and sends it to the MSC.
  • Step 304 The MSC sends an "Assignment Request" message to the IWS;
  • Step 305 The IWS sends an “Assignment Complete Message” to the MSC. At this time, it is determined that the UE accesses from the IWS, and does not trigger the SSD update process. It should be understood that the step and the foregoing step 304 are based on the steps of the existing protocol. When the protocol is changed, these two steps may not be performed;
  • Step 306 The IWS sends a handover request message to the MSC.
  • Step 307 The MSC sends a handover request message to the corresponding target base station.
  • Step 308 The target base station uses the radio resource specified in the allocation message, and the base station sends a handover request response message to the MSC.
  • Step 309 The MSC sends a handover command message to the IWS.
  • Step 310 The IWS sends a GCSNA encapsulated "Universal Handover Designation Message" to the UE to notify the UE to switch to the CDMA2000 system;
  • Step 311 The EUTRAN system releases the S1 user context, and the 4G bearer is suspended.
  • Step 312 The IWS sends a handover start message to the UE.
  • Step 313 The UE switches to the CDMA200 radio channel, and acquires the service channel of the UE in the CDMA2000 base station;
  • Step 314 The UE sends a handover complete message to the target base station in the CDMA2000.
  • Step 315 The target base station in the CDMA2000 sends a handover complete message to the MSC;
  • Step 316 The MSC sends a clear command message to the IWS.
  • Step 317 The IWS sends a clear complete command message to the MSC to notify the MSC that the clearing has been completed;
  • Step 318 After the handover is completed, the MSC determines that the previous authentication fails, does not update the SSD of the UE, and starts the SSD update process.
  • Step 319 The MSC sends a shared encrypted data update request to the target base station, where the shared encrypted data update request includes new authentication data, and the MSC uses the preset algorithm to calculate the new authentication data to obtain the first verification data.
  • Step 320 The target base station forwards the shared encrypted data update request to the UE, and the UE calculates the new authentication data included in the shared encrypted data update request by using a preset algorithm to obtain the second verification data and feeds back to the target base station, and the target base station passes the “ The base station challenge order message forwards the second verification data to the MSC;
  • Step 321 After receiving the second verification data, the MSC determines whether the first verification data and the second verification data are the same, and obtains the verification result, and signs the verification result by the authentication response. The message response should be sent to the target base station;
  • Step 322 The target base station forwards the verification result to the UE.
  • the UE forwards the “update response” message to the MSC through the target base station after performing the local SSD update. Complete the SSD update of the UE.
  • the SSD update of the user equipment can be completed after the handover process is completed.
  • the problem of conflicts caused by the SSD update process and the handover process when the UE falls back from the LTE network to the CS domain is avoided.
  • the embodiment of the present invention further provides a computer storage medium, where the computer storage medium stores a first set of computer executable instructions, and the first set of computer executable instructions are used to perform the foregoing returning from the LTE network to the CS domain.
  • the SSD update method applied to the interoperation node and the MSC.
  • the embodiment of the present invention further provides a computer storage medium, where the computer storage medium stores a second set of computer executable instructions, and the second set of computer executable instructions are used to perform the foregoing returning from the LTE network to the CS domain. Applied to the SSD update method in the MSC.
  • the embodiment of the present invention further provides a mobile switching center.
  • the switching module and the update module may be configured by a central processing unit (CPU), or a digital signal processor (DSP), or a microprocessor (MPU, Micro Processor Unit), or Field Programmable Gate Array (FPGA) is implemented.
  • CPU central processing unit
  • DSP digital signal processor
  • MPU Micro Processor Unit
  • FPGA Field Programmable Gate Array
  • An embodiment of the present invention further provides a communication system, where the system includes an interoperation node, a mobile switching center, and a base station (target base station);
  • the interoperation node is configured to detect, when the user equipment initiates a voice call service of the circuit switched domain in the long term evolution network, initiate a handover procedure to the mobile switching center to switch the user equipment to the base station of the circuit switched domain Upper
  • the mobile switching center is configured to initiate, after the user equipment is switched to the base station, update the shared encrypted data of the user equipment to the base station.
  • the interoperation node is configured to determine whether the user equipment initiates a voice call service in the circuit switched domain in the long term evolution network by determining whether the voice start message sent by the user equipment is received.
  • the interoperation node is further configured to: after detecting, after the long-term evolution network initiates a voice call service of the circuit switched domain, before initiating a handover process to the mobile switching center, according to the voice start message
  • the mobile switching center sends a CM service request message
  • the mobile switching center is further configured to: after receiving the CM service request message, perform authentication on the user equipment, and record an authentication failure result.
  • the base station is further configured to send a handover completion notification to the mobile switching center after the handover is completed; correspondingly,
  • the mobile switching center is further configured to: after receiving the handover completion notification sent by the base station, send, by using the base station, the shared encrypted data update including the new authentication data by using the base station according to the record of the authentication failure result. Requesting, and calculating, by using a preset algorithm, the first authentication data to obtain first verification data;
  • the user equipment is further configured to calculate, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feed back to the mobile switching center by using the base station;
  • the mobile switching center is further configured to perform the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the base station;
  • the user equipment is further configured to: when the verification result is that the first verification data and the second verification data are the same, update the shared encrypted data locally, and feed the update result to the mobile switching center through the base station.
  • the base station is further configured to send a handover completion notification to the mobile switching center after the handover is completed; correspondingly,
  • the mobile switching center is further configured to: after receiving the handover completion notification sent by the base station, send, by the base station, a shared encrypted data update request that includes new authentication data, and the new authentication data is sent by the base station Calculating the first verification data by using a preset algorithm;
  • the user equipment is further configured to calculate, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feed back to the mobile switching center by using the base station;
  • the mobile switching center is further configured to perform the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the base station;
  • the user equipment is further configured to: when the verification result is that the first verification data and the second verification data are the same, locally update the first verification data, and feed back the update result to the mobile station by using the target base station Exchange center.
  • embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention can take the form of a hardware embodiment, a software embodiment, or a combination of software and hardware. Moreover, the invention may be employed in one or more of its A computer program product embodied on a computer usable storage medium (including but not limited to disk storage and optical storage, etc.) containing computer usable program code.
  • a computer usable storage medium including but not limited to disk storage and optical storage, etc.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
  • the handover process can be completed first, and then the SSD update process of the user equipment is completed, so as to avoid the conflict between the SSD update process and the handover process when the UE falls back from the LTE network to the CS domain. .

Abstract

Disclosed in an embodiment of the present invention are a method for updating SSD upon fall-back from a long term evolution (LTE) network to a circuit switch (CS) domain, a media switch center (MSC), a communication system and related computer storage medium, the method comprising: when detecting that a user equipment (UE) initiates a voice call service for a CS domain in an LTE network, an interworking solution (IWS) initiates a switching process for an MSC to switch the UE to a target base station of the CS domain; then the MSC initiates an update process for the target base station for updating shared secret data (SSD) of the UE, thus completing the updating of the SSD of the UE.

Description

SSD更新方法、移动交换中心、通信系统及相关存储介质SSD update method, mobile switching center, communication system and related storage medium 技术领域Technical field
本发明涉及通信领域,具体涉及一种从长期演进(LTE,Long Term Evolution)网络回落到电路交换(CS,Circuit Switch)域时的共享加密数据(SSD,Shared Secret Data)更新方法、移动交换中心、通信系统及相关计算机存储介质。The present invention relates to the field of communications, and in particular, to a method for updating a shared secret data (SSD) when a long-term evolution (LTE) network is dropped back to a circuit switched (CS) circuit domain, and a mobile switching center. , communication systems and related computer storage media.
背景技术Background technique
LTE是由第三代合作伙伴计划(3GPP,The 3rd Generation Partnership Project)组织制定的通用移动通信系统(UMTS,Universal Mobile Telecommunications System)技术标准的长期演进。LTE网络回落到码分多址(CDMA2000,Code Division Multiple Access 2000)网络架构图,如图1所示,其中包含了如下网元:LTE is a long-term evolution of the Universal Mobile Telecommunications System (UMTS) technology standard developed by the 3GPP (The 3rd Generation Partnership Project). The LTE network falls back to the network architecture diagram of Code Division Multiple Access (CDMA2000), as shown in Figure 1, which includes the following network elements:
演进型无线接入网(E-RAN,Evolved RAN):可以提供更高的上下行速率,更低的传输延迟和更加可靠的无线传输。E-RAN中包含的网元是演进型基站(eNodeB,Evolved NodeB),为用户设备UE的接入提供无线资源;E-RAN (Evolved RAN): It can provide higher uplink and downlink rates, lower transmission delay and more reliable wireless transmission. The network element included in the E-RAN is an evolved base station (eNodeB, Evolved NodeB), which provides radio resources for access of the user equipment UE;
移动管理实体(MME,Mobility Management Entity):控制面功能实体,临时存储用户数据的服务器,负责管理和存储UE上下文(比如UE的用户标识,移动性管理状态,用户安全参数等),为用户分配临时标识,当UE驻扎在该跟踪区域或者该网络是负责对该用户进行鉴权;处理MME和UE之间的所有非接入层消息;触发在系统架构演进SAE的寻呼。Mobility Management Entity (MME): A control plane function entity that temporarily stores user data. It is responsible for managing and storing UE contexts (such as UE user ID, mobility management status, user security parameters, etc.) and assigning them to users. Temporary identification, when the UE is camped in the tracking area or the network is responsible for authenticating the user; processing all non-access stratum messages between the MME and the UE; triggering paging in the system architecture evolution SAE.
服务网关(Serving GW,Serving Gateway):该网关是一个用户面实体,负责用户面数据路由处理,终结处于空闲状态的UE的下行数据。管理和存储UE的SAE承载(bearer)上下文,比如网际协议IP承载业务参数和网 络内部路由信息等。是3GPP系统内部用户面的锚点,一个用户在一个时刻只能有一个Serving GW;Serving GW (Serving Gateway): The gateway is a user plane entity responsible for user plane data routing processing and terminating downlink data of the UE in idle state. Manage and store the SAE bearer context of the UE, such as the Internet Protocol IP bearer service parameters and network Internal routing information, etc. It is the anchor point of the internal user plane of the 3GPP system. A user can only have one Serving GW at a time;
互操作节点(IWS,Interworking Solution):LTE覆盖下的UE不能处理语音业务时,可以先回退到电路域网络,在电路域网络处理语音业务;IWS负责实现LTE下的MME和电路域的移动交换中心(MSC,Media Switch Center)的交互。Interworking Solution (IWS): When the UE under LTE coverage cannot handle voice services, it can first fall back to the circuit domain network and process voice services in the circuit domain network. IWS is responsible for implementing MME and circuit domain mobility under LTE. Interaction of the exchange center (MSC, Media Switch Center).
CDMA2000 1X接入网:主要包括移动终端MS和基站收发信机BTS。基站收发信机负责无线信号收发,实现无线网络系统和移动台之间的通信。CDMA2000 1X access network: mainly includes mobile terminal MS and base transceiver station BTS. The base transceiver station is responsible for wireless signal transmission and reception, and realizes communication between the wireless network system and the mobile station.
基站控制器(BSC,Base Station Controller):负责BTS控制和管理,资源分配,无线连接建立,移动性管理,功率控制等。Base Station Controller (BSC): responsible for BTS control and management, resource allocation, wireless connection establishment, mobility management, power control, etc.
MSC:负责呼叫建立,路由选择,呼叫控制,无线资源分配,移动性管理,位置等级,交换区内信道切换等。MSC: responsible for call setup, routing, call control, radio resource allocation, mobility management, location level, channel switching in the switching area, etc.
CDMA2000 1X通过SSD的更新完成对接入的UE进行鉴权。传统用户在CDMA2000网络下,发起语音呼叫之后会进行鉴权,鉴权如果失败,MSC会触发对用户的SSD更新,尝试再次鉴权。The CDMA2000 1X authenticates the accessed UE through the update of the SSD. In the CDMA2000 network, the traditional user will perform authentication after the voice call is initiated. If the authentication fails, the MSC will trigger the SSD update to the user and try to authenticate again.
在LTE网络下,UE决定发起语音呼叫,而LTE建网初期,相应的IP多媒体子系统(IMS,IP Multimedia Subsystem)还没建立完善,或者其他资源均衡等因素的考虑导致不能通过LTE网络提供语音业务。这时在演进型分组域系统(EPS,Evolved Packet System)中,可以利用CSFB(电路交换回落)功能,UE通过IWS网元回落到电路域来完成语音业务。UE完成在LTE网络下与MSC域的呼叫接续后,IWS网元会触发切换请求到MSC。但UE完成了回落到CDMA2000网络之后,无法完成在语音呼叫过程中的SSD更新而导致鉴权失败,原因是由于UE在LTE网络下完成呼叫接续后,IWS立刻触发切换请求到MSC,MSC进行切换流程的同时如果也发起UE的SSD更新流程会引起流程冲突问题,导致无法完成UE的SSD更新。 In the LTE network, the UE decides to initiate a voice call. In the early stage of LTE network construction, the corresponding IP Multimedia Subsystem (IMS, IP Multimedia Subsystem) has not been established yet, or other resources are considered to cause the voice to be unavailable through the LTE network. business. At this time, in the Evolved Packet System (EPS), the CSFB (Circuit Switched Fallback) function can be utilized, and the UE completes the voice service by dropping back to the circuit domain through the IWS network element. After the UE completes the call connection with the MSC domain under the LTE network, the IWS network element triggers a handover request to the MSC. However, after the UE completes the fallback to the CDMA2000 network, the SSD update during the voice call cannot be completed, and the authentication fails. The reason is that after the UE completes the call connection in the LTE network, the IWS immediately triggers the handover request to the MSC, and the MSC performs the handover. If the SSD update process of the UE is also initiated at the same time, the process conflict may be caused, and the SSD update of the UE cannot be completed.
发明内容Summary of the invention
为解决现有存在的技术问题,本发明实施例在于提供一种从LTE网络回落到CS域时的SSD更新方法、移动交换中心、通信系统及相关计算机存储介质,以至少解决由于现有UE在从LTE网络回落到CS域时同时进行SSD更新流程和切换流程而导致冲突的问题。In order to solve the existing technical problems, an embodiment of the present invention provides an SSD update method, a mobile switching center, a communication system, and a related computer storage medium when the LTE network is dropped back to the CS domain, so as to at least solve the problem due to the existing UE. When the LTE network falls back to the CS domain, the SSD update process and the handover process are simultaneously performed, resulting in a conflict problem.
本发明实施例提供一种共享加密数据更新方法,所述方法包括:An embodiment of the present invention provides a method for updating shared encrypted data, where the method includes:
互操作节点检测到用户设备在长期演进网络发起电路交换域的语音呼叫业务时,向移动交换中心发起切换流程以将所述用户设备切换到电路交换域的目标基站上;When the interoperation node detects that the user equipment initiates the voice call service of the circuit switched domain in the long term evolution network, initiates a handover procedure to the mobile switching center to switch the user equipment to the target base station of the circuit switched domain;
在将所述用户设备切换到所述目标基站上后,移动交换中心向所述目标基站发起对所述用户设备的共享加密数据进行更新。After the user equipment is handed over to the target base station, the mobile switching center initiates update of the shared encrypted data of the user equipment to the target base station.
在本发明的一种实施例中,所述互操作节点通过判断是否收到所述用户设备发送的语音起步消息判断所述用户设备是否在长期演进网络发起电路交换域的语音呼叫业务。In an embodiment of the present invention, the interoperation node determines whether the user equipment initiates a voice call service of a circuit switched domain in a long term evolution network by determining whether a voice start message sent by the user equipment is received.
在本发明的一种实施例中,所述互操作节点检测到用户设备在长期演进网络发起电路交换域的语音呼叫后业务后,向所述移动交换中心发起切换流程之前,所述方法还包括:In an embodiment of the present invention, the interoperation node detects that the user equipment initiates a handover procedure to the mobile switching center after the long-term evolution network initiates the voice call service of the circuit switched domain, and the method further includes: :
所述互操作节点根据所述语音起步消息向所述移动交换中心发送CM业务请求消息;Transmitting, by the interoperation node, a CM service request message to the mobile switching center according to the voice start message;
所述移动交换中心收到CM业务请求消息后,对所述用户设备进行鉴权,记录鉴权失败结果。After receiving the CM service request message, the mobile switching center authenticates the user equipment and records the result of the authentication failure.
在本发明的一种实施例中,在所述用户设备切换到所述目标基站后,所述目标基站向所述移动交换中心发送切换完成通知;所述移动交换中心向所述目标基站发起对所述用户设备的共享加密数据进行更新的更新流程包括: In an embodiment of the present invention, after the user equipment switches to the target base station, the target base station sends a handover completion notification to the mobile switching center; the mobile switching center initiates a pair to the target base station. The update process of updating the shared encrypted data of the user equipment includes:
所述移动交换中心接收所述目标基站发送的切换完成通知后,根据所述鉴权失败结果的记录通过所述目标基站向所述用户设备发送包含新鉴权数据的共享加密数据更新请求,并对所述新鉴权数据采用预设算法进行计算得到第一验证数据;After receiving the handover completion notification sent by the target base station, the mobile switching center sends a shared encrypted data update request including the new authentication data to the user equipment by using the target base station according to the record of the authentication failure result, and Calculating the first verification data by using a preset algorithm on the new authentication data;
所述用户设备根据所述共享加密数据更新请求中的新鉴权数据采用所述预设算法进行计算得到第二验证数据,并通过所述目标基站反馈给所述移动交换中心;The user equipment calculates, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feeds back to the mobile switching center by using the target base station;
所述移动交换中心将所述第一验证数据和所述第二验证数据进行比对验证,通过所述目标基站将验证结果反馈给所述用户设备;The mobile switching center performs the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the target base station;
所述用户设备在所述验证结果为第一验证数据和所述第二验证数据相同时,在本地更新共享加密数据,并将更新结果通过所述目标基站反馈给所述移动交换中心。When the verification result is that the first verification data and the second verification data are the same, the user equipment locally updates the shared encrypted data, and feeds the update result to the mobile switching center through the target base station.
本发明实施例还提供了另一种共享加密数据更新方法,包括:The embodiment of the invention further provides another method for updating the shared encrypted data, including:
移动交换中心接收互操作节点在检测到用户设备在长期演进网络发起电路交换域的语音呼叫业务时发起的切换流程,将所述用户设备切换到电路交换域的目标基站上;The mobile switching center receives a handover procedure initiated by the interoperation node when detecting that the user equipment initiates a voice call service in the circuit switched domain of the long term evolution network, and switches the user equipment to the target base station of the circuit switched domain;
移动交换中心向所述目标基站发起对所述用户设备的共享加密数据进行更新。The mobile switching center initiates update of the shared encrypted data of the user equipment to the target base station.
在本发明的一种实施例中,所述用户设备切换到所述目标基站后,所述目标基站向所述移动交换中心发送切换完成通知;所述移动交换中心向所述目标基站发起对所述用户设备的共享加密数据进行更新的更新流程包括:In an embodiment of the present invention, after the user equipment switches to the target base station, the target base station sends a handover completion notification to the mobile switching center; the mobile switching center initiates a handover to the target base station. The update process for updating the shared encrypted data of the user equipment includes:
所述移动交换中心接收所述目标基站发送的切换完成通知后,直接通过所述目标基站向所述用户设备发送包含新鉴权数据的共享加密数据更新请求,并对所述新鉴权数据采用预设算法进行计算得到第一验证数据; After receiving the handover completion notification sent by the target base station, the mobile switching center directly sends a shared encrypted data update request including new authentication data to the user equipment by using the target base station, and adopts the new authentication data for the new authentication data. The preset algorithm performs calculation to obtain first verification data;
所述用户设备根据所述共享加密数据更新请求中的新鉴权数据采用所述预设算法进行计算得到第二验证数据,并通过所述目标基站反馈给所述移动交换中心;The user equipment calculates, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feeds back to the mobile switching center by using the target base station;
所述移动交换中心将所述第一验证数据和所述第二验证数据进行比对验证,通过所述目标基站将验证结果反馈给所述用户设备;The mobile switching center performs the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the target base station;
所述用户设备在所述验证结果为第一验证数据和所述第二验证数据相同时,在本地更新共享加密数据,并将更新结果通过所述目标基站反馈给所述移动交换中心。When the verification result is that the first verification data and the second verification data are the same, the user equipment locally updates the shared encrypted data, and feeds the update result to the mobile switching center through the target base station.
本发明实施例还提供了一种共享加密数据更新方法,所述方法包括:The embodiment of the invention further provides a method for updating shared encrypted data, the method comprising:
移动交换中心接收互操作节点在检测到用户设备在长期演进网络发起电路交换域的语音呼叫业务时发起的切换流程,将所述用户设备切换到电路交换域的目标基站上;The mobile switching center receives a handover procedure initiated by the interoperation node when detecting that the user equipment initiates a voice call service in the circuit switched domain of the long term evolution network, and switches the user equipment to the target base station of the circuit switched domain;
并在将所述用户设备切换到所目标基站上后,向所述目标基站发起对所述用户设备的共享加密数据进行更新。After the user equipment is switched to the target base station, the shared encrypted data of the user equipment is initiated to be updated to the target base station.
本发明实施例还提供了一种通信系统,包括互操作节点、移动交换中心、以及基站;The embodiment of the invention further provides a communication system, including an interoperation node, a mobile switching center, and a base station;
所述互操作节点,配置为检测到用户设备在长期演进网络发起电路交换域的语音呼叫业务时,向所述移动交换中心发起切换流程将所述用户设备切换到电路交换域的所述基站上;The interoperation node is configured to detect that the user equipment initiates a handover procedure to the mobile switching center when the long term evolution network initiates a voice call service of the circuit switched domain, and the user equipment is switched to the base station of the circuit switched domain. ;
所述移动交换中心,配置为在将所述用户设备切换到所述基站上后,向所述基站发起对所述用户设备的共享加密数据进行更新。The mobile switching center is configured to initiate, after the user equipment is switched to the base station, update the shared encrypted data of the user equipment to the base station.
在本发明的一种实施例中,所述互操作节点,配置为通过判断是否收到所述用户设备发送的语音起步消息判断所述用户设备是否在长期演进网络发起电路交换域的语音呼叫业务。In an embodiment of the present invention, the interoperation node is configured to determine whether the user equipment initiates a voice call service in a circuit switched domain in a long term evolution network by determining whether a voice start message sent by the user equipment is received. .
在本发明的一种实施例中,所述互操作节点还,配置为检测到用户设 备在长期演进网络发起电路交换域的语音呼叫后业务后,向所述移动交换中心发起切换流程之前,根据所述语音起步消息向所述移动交换中心发送CM业务请求消息;In an embodiment of the present invention, the interoperation node is further configured to detect a user setting. After the long-term evolution network initiates the voice call service of the circuit switching domain, before the handover process is initiated to the mobile switching center, the CM service request message is sent to the mobile switching center according to the voice start message;
所述移动交换中心,还配置为收到CM业务请求消息后,对所述用户设备进行鉴权,记录鉴权失败结果。The mobile switching center is further configured to: after receiving the CM service request message, perform authentication on the user equipment, and record an authentication failure result.
在本发明的一种实施例中,所述基站,还配置为在切换完成后,向所述移动交换中心发送切换完成通知;In an embodiment of the present invention, the base station is further configured to send a handover completion notification to the mobile switching center after the handover is completed;
相应的,所述移动交换中心,还配置为在接收所述基站发送的切换完成通知后,根据所述鉴权失败结果的记录通过所述基站向所述用户设备发送包含新鉴权数据的共享加密数据更新请求,并对所述新鉴权数据采用预设算法进行计算得到第一验证数据;Correspondingly, the mobile switching center is further configured to, after receiving the handover completion notification sent by the base station, send, by using the base station, the sharing including the new authentication data to the user equipment according to the record of the authentication failure result. Encrypting the data update request, and calculating the new authentication data by using a preset algorithm to obtain the first verification data;
所述用户设备,还配置为根据所述共享加密数据更新请求中的新鉴权数据采用所述预设算法进行计算得到第二验证数据,并通过所述基站反馈给所述移动交换中心;The user equipment is further configured to calculate, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feed back to the mobile switching center by using the base station;
所述移动交换中心,还配置为将所述第一验证数据和所述第二验证数据进行比对验证,通过所述基站将验证结果反馈给所述用户设备;The mobile switching center is further configured to perform the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the base station;
所述用户设备,还配置为在所述验证结果为第一验证数据和所述第二验证数据相同时,在本地更新共享加密数据,并将更新结果通过所述基站反馈给所述移动交换中心。The user equipment is further configured to: when the verification result is that the first verification data and the second verification data are the same, locally update the shared encrypted data, and feed the update result to the mobile switching center by using the base station .
在本发明的一种实施例中,所述基站,还配置为在切换完成后,向所述移动交换中心发送切换完成通知;相应的,In an embodiment of the present invention, the base station is further configured to send a handover completion notification to the mobile switching center after the handover is completed; correspondingly,
所述移动交换中心,还配置为接收所述基站发送的切换完成通知后,通过所述基站向所述用户设备发送包含新鉴权数据的共享加密数据更新请求,并对所述新鉴权数据采用预设算法进行计算得到第一验证数据;The mobile switching center is further configured to: after receiving the handover completion notification sent by the base station, send, by the base station, a shared encrypted data update request that includes new authentication data, and the new authentication data is sent by the base station Calculating the first verification data by using a preset algorithm;
所述用户设备,还配置为根据所述共享加密数据更新请求中的新鉴权 数据采用所述预设算法进行计算得到第二验证数据,并通过所述基站反馈给所述移动交换中心;The user equipment is further configured to update the new authentication in the request according to the shared encrypted data The data is calculated by using the preset algorithm to obtain second verification data, and is fed back to the mobile switching center by using the base station;
所述移动交换中心,还配置为将所述第一验证数据和所述第二验证数据进行比对验证,通过所述基站将验证结果反馈给所述用户设备;The mobile switching center is further configured to perform the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the base station;
所述用户设备,还配置为在所述验证结果为第一验证数据和所述第二验证数据相同时,在本地更新所述第一验证数据,并将更新结果通过所述基站反馈给所述移动交换中心。The user equipment is further configured to: when the verification result is that the first verification data and the second verification data are the same, locally update the first verification data, and feed back the update result to the Mobile switching center.
本发明实施例还提供了一种移动交换中心,所述移动交换中心包括切换模块及更新模块:The embodiment of the present invention further provides a mobile switching center, where the mobile switching center includes a switching module and an update module:
切换模块,配置为接收互操作节点在检测到用户设备在长期演进网络发起电路交换域的语音呼叫业务时发起的切换流程,将所述用户设备切换到电路交换域的目标基站上;The switching module is configured to receive a handover procedure initiated by the interoperation node when detecting that the user equipment initiates a voice call service in the circuit switched domain of the long term evolution network, and switch the user equipment to the target base station in the circuit switched domain;
更新模块,配置为向所述目标基站发起对所述用户设备的共享加密数据进行更新。And an update module, configured to initiate, to the target base station, update the shared encrypted data of the user equipment.
本发明实施例还提供了一种计算机存储介质,所述计算机存储介质中存储有第一组计算机可执行指令,所述第一组计算机可执行指令用于执行前述应用于互操作节点和MSC中的SSD更新方法。An embodiment of the present invention further provides a computer storage medium, where the computer storage medium stores a first set of computer executable instructions, and the first set of computer executable instructions are used to perform the foregoing application to an interoperation node and an MSC. The SSD update method.
本发明实施例还提供了一种计算机存储介质,所述计算机存储介质中存储有第二组计算机可执行指令,所述第二组计算机可执行指令用于执行前述应用于MSC中的SSD更新方法。The embodiment of the invention further provides a computer storage medium, wherein the computer storage medium stores a second set of computer executable instructions, and the second set of computer executable instructions are used to execute the foregoing SSD update method applied to the MSC .
本发明实施例的有益效果是:The beneficial effects of the embodiments of the present invention are:
本发明实施例提供的从LTE网络回落到CS域时的SSD更新方法、移动交换中心、通信系统及计算机存储介质,互操作节点检测到用户设备在长期演进网络发起电路交换域的语音呼叫业务时,向移动交换中心发起切换流程将该用户设备切换到电路交换域的目标基站上;然后移动交换中心 向目标基站发起对用户设备的共享加密数据进行更新的更新流程完成对用户设备的共享加密数据的更新。通过本发明实施例提供的方案可以在用户设备回落到CS域(即CDMA2000网络)后,能够先完成切换流程,然后再完成用户设备的SSD更新流程,避免UE在从LTE网络回落到CS域时同时进行SSD更新流程和切换流程而导致冲突的问题。The SSD update method, the mobile switching center, the communication system, and the computer storage medium when the LTE network falls back to the CS domain provided by the embodiment of the present invention, and the interoperation node detects that the user equipment initiates the voice call service of the circuit switched domain in the long term evolution network. Initiating a handover procedure to the mobile switching center to switch the user equipment to the target base station of the circuit switched domain; then moving the switching center The update process of initiating update of the shared encrypted data of the user equipment to the target base station completes the update of the shared encrypted data of the user equipment. The solution provided by the embodiment of the present invention can complete the handover process after the user equipment falls back to the CS domain (ie, the CDMA2000 network), and then complete the SSD update process of the user equipment to prevent the UE from falling back from the LTE network to the CS domain. At the same time, the SSD update process and the handover process lead to conflicts.
附图说明DRAWINGS
图1为LTE网络回落到CDMA2000网络结构示意图;FIG. 1 is a schematic structural diagram of an LTE network falling back to a CDMA2000 network;
图2为本发明实施例一提供的从LTE网络回落到CS域时的SSD更新方法流程示意图;2 is a schematic flowchart of an SSD update method when an LTE network is dropped back to a CS domain according to Embodiment 1 of the present invention;
图3为本发明实施例一提供的从LTE网络回落到CDMA2000网络时的SSD更新方法流程示意图;3 is a schematic flowchart of an SSD update method when an LTE network is dropped back to a CDMA2000 network according to Embodiment 1 of the present invention;
图4为本发明实施例一提供的移动交换中心结构示意图。FIG. 4 is a schematic structural diagram of a mobile switching center according to Embodiment 1 of the present invention.
具体实施方式detailed description
下面通过具体实施方式结合附图对本发明作进一步详细说明。The present invention will be further described in detail below with reference to the accompanying drawings.
实施例一:Embodiment 1:
请参见图2所示,本实施例提供的从LTE网络回落到CS域时对UE的SSD进行更新方法,包括:Referring to FIG. 2, the method for updating an SSD of a UE when the LTE network is dropped from the LTE network to the CS domain, includes:
步骤201:IWS检测到UE在LTE网络发起CS域的语音呼叫业务时,向MSC发起切换流程以将UE切换到CS域的目标基站上;Step 201: The IWS detects that the UE initiates a handover procedure to the MSC when the LTE network initiates the voice call service of the CS domain to switch the UE to the target base station of the CS domain.
步骤202:在将所述用户设备切换到电路交换域的目标基站上后,MSC向目标基站发起对UE的SSD进行更新。Step 202: After switching the user equipment to the target base station in the circuit switched domain, the MSC initiates an update to the target base station to the SSD of the UE.
这里,MSC向目标基站发起对UE的SSD进行更新的更新流程以完成UE的SSD更新。Here, the MSC initiates an update procedure for updating the SSD of the UE to the target base station to complete the SSD update of the UE.
具体的,请参见图4所示,本实施例中的移动交换中心包括切换模块 和更新模块;其中,Specifically, as shown in FIG. 4, the mobile switching center in this embodiment includes a switching module. And update modules; among them,
切换模块,配置为接收互操作节点在检测到用户设备在长期演进网络发起电路交换域的语音呼叫业务时发起的切换流程,将用户设备切换到电路交换域的目标基站上;The switching module is configured to receive a handover procedure initiated by the interoperation node when detecting that the user equipment initiates a voice call service in the circuit switched domain of the long term evolution network, and switch the user equipment to the target base station in the circuit switched domain;
更新模块,配置为向目标基站发起对用户设备的共享加密数据进行更新。And an update module configured to initiate update of the shared encrypted data of the user equipment to the target base station.
上述步骤201中,IWS具体可通过判断是否收到UE发送的语音起步消息(具体可通过GCSNA封装的1X初始化消息发送)判断UE是否在LTE网络发起CS域的语音呼叫业务;如果IWS收到UE发送的语音起步消息,表明UE当前在LTE网络发起语音呼叫业务,需要回落至CS域(即CDMA2000网络);如果没有收到,则表明UE当前没有发起语音呼叫业务。In the foregoing step 201, the IWS may determine whether the UE initiates a voice call service in the CS domain on the LTE network by determining whether the voice start message sent by the UE is received (specifically, may be sent by the GXNA encapsulated 1X initialization message); if the IWS receives the UE The voice start message is sent, indicating that the UE currently initiates a voice call service on the LTE network, and needs to fall back to the CS domain (ie, the CDMA2000 network); if not, it indicates that the UE does not currently initiate a voice call service.
根据现有协议,IWS检测到UE在LTE网络发起CS域的语音呼叫后业务后,向MSC发起切换流程之前,还包括:According to the existing protocol, the IWS detects that after the UE initiates the handover process to the MSC after the LTE network initiates the voice call service of the CS domain, the IWS further includes:
IWS根据接收到的语音起步消息向MSC发送一个对应的CM(Connect Management)业务请求消息;The IWS sends a corresponding CM (Connect Management) service request message to the MSC according to the received voice start message;
MSC收到CM业务请求消息后,对UE进行鉴权,并记录鉴权失败结果。After receiving the CM service request message, the MSC authenticates the UE and records the result of the authentication failure.
应当理解的是,上述步骤在协议更改时也可不进行该步骤,而是直接进行切换流程。It should be understood that the above steps may not perform this step when the protocol is changed, but directly perform the switching process.
当UE切换到目标基站后,目标基站向MSC发送切换完成通知;此时上述步骤202中MSC向目标基站发起对UE的SSD进行更新的更新流程包括:After the UE is handed over to the target base station, the target base station sends a handover completion notification to the MSC. The update process of the MSC to update the SSD of the UE to the target base station in the foregoing step 202 includes:
MSC接收目标基站发送的切换完成通知后,根据之前保存的鉴权失败结果的记录得知需要对该UE的SSD进行更新,通过目标基站向UE发送包含新鉴权数据的SSD更新请求,并对该新鉴权数据采用预设算法进行计 算得到第一验证数据。应当理解的是,本实施例中的MSC接收目标基站发送的切换完成通知得知切换完成后,也可以直接通过目标基站向UE发送包含新鉴权数据的SSD更新请求,并不关心之前是否已经进行过鉴权以及之前的鉴权结果是成功还是失败。After receiving the handover completion notification sent by the target base station, the MSC learns that the SSD of the UE needs to be updated according to the record of the previously saved authentication failure result, and the target base station sends an SSD update request including the new authentication data to the UE, and The new authentication data is calculated using a preset algorithm Calculate the first verification data. It should be understood that, after the handover completion notification sent by the target eNB receives the handover completion notification, the MSC may directly send the SSD update request including the new authentication data to the UE through the target base station, and does not care whether it has been previously The authentication and previous authentication results were successful or failed.
UE根据收到的SSD更新请求中的新鉴权数据采用与MSC相同的预设算法进行计算得到第二验证数据,并通过目标基站反馈给MSC;The UE calculates the second verification data by using the same preset algorithm as the MSC according to the new authentication data in the received SSD update request, and feeds back to the MSC through the target base station;
MSC将第一验证数据和第二验证数据进行比对验证得到验证结果,并通过目标基站将验证结果反馈给UE。The MSC compares the first verification data and the second verification data to obtain a verification result, and feeds the verification result to the UE through the target base station.
UE在验证结果为第一验证数据和第二验证数据相同时,在本地更新该第一验证数据,并将更新结果通过IWS反馈给MSC,此时的更新结果为更新成功;用户UE在验证结果为第一验证数据和第二验证数据不同时,表明此次更新失败。When the verification result is that the first verification data and the second verification data are the same, the UE locally updates the first verification data, and feeds the update result to the MSC through the IWS. The update result at this time is that the update is successful; the user UE is in the verification result. When the first verification data and the second verification data are different, it indicates that the update failed.
为了更好的理解本发明,下面结合UE从LTE网络回落到CDMA2000网络的过程为例,对本发明做进一步示例性说明,请参见图3所示,包括:For a better understanding of the present invention, the following is a further exemplary description of the process of the UE falling back from the LTE network to the CDMA2000 network, as shown in FIG. 3, including:
步骤301:UE在LTE网络决定发起CS语音呼叫;Step 301: The UE decides to initiate a CS voice call on the LTE network.
步骤302:UE发送一个GCSNA封装的1X初始化消息(包含语音起步消息)给IWS;Step 302: The UE sends a GCSNA encapsulated 1X initialization message (including a voice start message) to the IWS;
步骤303:IWS收到1X初始化消息后创建一个对应的CM业务请求消息发给MSC;Step 303: After receiving the 1X initialization message, the IWS creates a corresponding CM service request message and sends it to the MSC.
步骤304:MSC发送“指配请求”消息给IWS;Step 304: The MSC sends an "Assignment Request" message to the IWS;
步骤305:IWS发送“指配完成消息”给MSC,此时判断出UE从IWS接入,不触发SSD更新流程;应当理解的是,该步骤和上述步骤304是基于现有协议的步骤,当协议改变时,也可不进行这两个步骤;Step 305: The IWS sends an “Assignment Complete Message” to the MSC. At this time, it is determined that the UE accesses from the IWS, and does not trigger the SSD update process. It should be understood that the step and the foregoing step 304 are based on the steps of the existing protocol. When the protocol is changed, these two steps may not be performed;
步骤306:IWS发送切换请求消息给MSC;Step 306: The IWS sends a handover request message to the MSC.
步骤307:MSC发送切换请求消息给对应的目标基站; Step 307: The MSC sends a handover request message to the corresponding target base station.
步骤308:目标基站利用分配消息里面指定的无线资源,基站发送切换请求响应消息给MSC;Step 308: The target base station uses the radio resource specified in the allocation message, and the base station sends a handover request response message to the MSC.
步骤309:MSC发送切换命令消息给IWS;Step 309: The MSC sends a handover command message to the IWS.
步骤310;IWS发送GCSNA封装的“通用切换指定消息”给UE来通知UE切换到CDMA2000系统;Step 310: The IWS sends a GCSNA encapsulated "Universal Handover Designation Message" to the UE to notify the UE to switch to the CDMA2000 system;
步骤311:EUTRAN系统释放了S1用户上下文,4G承载被挂起;Step 311: The EUTRAN system releases the S1 user context, and the 4G bearer is suspended.
步骤312:IWS向UE发送切换开始消息;Step 312: The IWS sends a handover start message to the UE.
步骤313:UE切换到CDMA200无线信道,并且获取到UE在CDMA2000基站的业务信道;Step 313: The UE switches to the CDMA200 radio channel, and acquires the service channel of the UE in the CDMA2000 base station;
步骤314:UE发送切换完成消息到CDMA2000中的目标基站;Step 314: The UE sends a handover complete message to the target base station in the CDMA2000.
步骤315:CDMA2000中的目标基站发送切换完成消息给MSC;Step 315: The target base station in the CDMA2000 sends a handover complete message to the MSC;
步骤316:MSC发送清除命令消息给IWS;Step 316: The MSC sends a clear command message to the IWS.
步骤317:IWS发送清除完成命令消息给MSC来通知MSC清除已经被完成了;Step 317: The IWS sends a clear complete command message to the MSC to notify the MSC that the clearing has been completed;
步骤318:切换完成后,MSC判断之前的鉴权失败,未对UE的SSD进行更新,开始SSD更新流程;Step 318: After the handover is completed, the MSC determines that the previous authentication fails, does not update the SSD of the UE, and starts the SSD update process.
步骤319:MSC给目标基站发送共享加密数据更新请求,该共享加密数据更新请求包含新鉴权数据,MSC采用预设算法对该新鉴权数据进行计算得到第一验证数据;Step 319: The MSC sends a shared encrypted data update request to the target base station, where the shared encrypted data update request includes new authentication data, and the MSC uses the preset algorithm to calculate the new authentication data to obtain the first verification data.
步骤320:目标基站把该共享加密数据更新请求转发给UE,UE采用预设算法对共享加密数据更新请求包含的新鉴权数据进行计算得到第二验证数据并反馈给目标基站,目标基站通过“基站台challenge order”消息将该第二验证数据转发给MSC;Step 320: The target base station forwards the shared encrypted data update request to the UE, and the UE calculates the new authentication data included in the shared encrypted data update request by using a preset algorithm to obtain the second verification data and feeds back to the target base station, and the target base station passes the “ The base station challenge order message forwards the second verification data to the MSC;
步骤321:MSC收到第二验证数据后,判断第一验证数据和第二验证数据是否相同得到验证结果,并将该验证结果通过鉴权响应签名“基站响 应challenge response”消息发送给目标基站;Step 321: After receiving the second verification data, the MSC determines whether the first verification data and the second verification data are the same, and obtains the verification result, and signs the verification result by the authentication response. The message response should be sent to the target base station;
步骤322:目标基站将该验证结果转发给UE,UE在验证结果为第一验证数据和第二验证数据相同时,在本地进行SSD更新后通过目标基站将“更新响应”消息转发给MSC,至此完成UE的SSD更新。Step 322: The target base station forwards the verification result to the UE. When the verification result is the same as the first verification data and the second verification data, the UE forwards the “update response” message to the MSC through the target base station after performing the local SSD update. Complete the SSD update of the UE.
可见本发明可以在用户设备回落到CS域(即CDMA2000网络)后,能够先完成切换流程后再完成用户设备的SSD更新。避免UE在从LTE网络回落到CS域时同时进行SSD更新流程和切换流程而导致冲突的问题。It can be seen that after the user equipment falls back to the CS domain (ie, the CDMA2000 network), the SSD update of the user equipment can be completed after the handover process is completed. The problem of conflicts caused by the SSD update process and the handover process when the UE falls back from the LTE network to the CS domain is avoided.
本发明实施例还提供了一种计算机存储介质,所述计算机存储介质中存储有第一组计算机可执行指令,所述第一组计算机可执行指令用于执行前述从LTE网络回落到CS域时应用于互操作节点和MSC中的SSD更新方法。The embodiment of the present invention further provides a computer storage medium, where the computer storage medium stores a first set of computer executable instructions, and the first set of computer executable instructions are used to perform the foregoing returning from the LTE network to the CS domain. The SSD update method applied to the interoperation node and the MSC.
本发明实施例还提供了一种计算机存储介质,所述计算机存储介质中存储有第二组计算机可执行指令,所述第二组计算机可执行指令用于执行前述从LTE网络回落到CS域时应用于MSC中的SSD更新方法。The embodiment of the present invention further provides a computer storage medium, where the computer storage medium stores a second set of computer executable instructions, and the second set of computer executable instructions are used to perform the foregoing returning from the LTE network to the CS domain. Applied to the SSD update method in the MSC.
本发明实施例还提供了一种移动交换中心,该移动交换中心的结构组成及其各组成部分请参见前述对图4的相关说明。在实际应用中,所述切换模块和更新模块均可由中央处理单元(CPU,Central Processing Unit)、或数字信号处理(DSP,Digital Signal Processor)、或微处理器(MPU,Micro Processor Unit)、或现场可编程门阵列(FPGA,Field Programmable Gate Array)等来实现。The embodiment of the present invention further provides a mobile switching center. For the structural composition of the mobile switching center and its components, refer to the related description of FIG. 4. In practical applications, the switching module and the update module may be configured by a central processing unit (CPU), or a digital signal processor (DSP), or a microprocessor (MPU, Micro Processor Unit), or Field Programmable Gate Array (FPGA) is implemented.
本发明实施例还提供了一种通信系统,所述系统包括互操作节点、移动交换中心、以及基站(目标基站);An embodiment of the present invention further provides a communication system, where the system includes an interoperation node, a mobile switching center, and a base station (target base station);
所述互操作节点,配置为检测到用户设备在长期演进网络发起电路交换域的语音呼叫业务时,向所述移动交换中心发起切换流程以将所述用户设备切换到电路交换域的所述基站上; The interoperation node is configured to detect, when the user equipment initiates a voice call service of the circuit switched domain in the long term evolution network, initiate a handover procedure to the mobile switching center to switch the user equipment to the base station of the circuit switched domain Upper
所述移动交换中心,配置为在将所述用户设备切换到所述基站上后,向所述基站发起对所述用户设备的共享加密数据进行更新。The mobile switching center is configured to initiate, after the user equipment is switched to the base station, update the shared encrypted data of the user equipment to the base station.
上述方案中,所述互操作节点,配置为通过判断是否收到所述用户设备发送的语音起步消息判断所述用户设备是否在长期演进网络发起电路交换域的语音呼叫业务。In the above solution, the interoperation node is configured to determine whether the user equipment initiates a voice call service in the circuit switched domain in the long term evolution network by determining whether the voice start message sent by the user equipment is received.
上述方案中,所述互操作节点,还配置为检测到用户设备在长期演进网络发起电路交换域的语音呼叫后业务后,向所述移动交换中心发起切换流程之前,根据所述语音起步消息向所述移动交换中心发送CM业务请求消息;In the foregoing solution, the interoperation node is further configured to: after detecting, after the long-term evolution network initiates a voice call service of the circuit switched domain, before initiating a handover process to the mobile switching center, according to the voice start message The mobile switching center sends a CM service request message;
所述移动交换中心,还配置为收到CM业务请求消息后,对所述用户设备进行鉴权,记录鉴权失败结果。The mobile switching center is further configured to: after receiving the CM service request message, perform authentication on the user equipment, and record an authentication failure result.
上述方案中,所述基站,还配置为在切换完成后,向所述移动交换中心发送切换完成通知;相应的,In the above solution, the base station is further configured to send a handover completion notification to the mobile switching center after the handover is completed; correspondingly,
所述移动交换中心,还配置为在接收所述基站发送的切换完成通知后,根据所述鉴权失败结果的记录通过所述基站向所述用户设备发送包含新鉴权数据的共享加密数据更新请求,并对所述新鉴权数据采用预设算法进行计算得到第一验证数据;The mobile switching center is further configured to: after receiving the handover completion notification sent by the base station, send, by using the base station, the shared encrypted data update including the new authentication data by using the base station according to the record of the authentication failure result. Requesting, and calculating, by using a preset algorithm, the first authentication data to obtain first verification data;
所述用户设备,还配置为根据所述共享加密数据更新请求中的新鉴权数据采用所述预设算法进行计算得到第二验证数据,并通过所述基站反馈给所述移动交换中心;The user equipment is further configured to calculate, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feed back to the mobile switching center by using the base station;
所述移动交换中心,还配置为将所述第一验证数据和所述第二验证数据进行比对验证,通过所述基站将验证结果反馈给所述用户设备;The mobile switching center is further configured to perform the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the base station;
所述用户设备,还配置为在所述验证结果为第一验证数据和第二验证数据相同时,在本地更新共享加密数据,并将更新结果通过所述基站反馈给所述移动交换中心。 The user equipment is further configured to: when the verification result is that the first verification data and the second verification data are the same, update the shared encrypted data locally, and feed the update result to the mobile switching center through the base station.
上述方案中,所述基站,还配置为在切换完成后,向所述移动交换中心发送切换完成通知;相应的,In the above solution, the base station is further configured to send a handover completion notification to the mobile switching center after the handover is completed; correspondingly,
所述移动交换中心,还配置为接收所述基站发送的切换完成通知后,通过所述基站向所述用户设备发送包含新鉴权数据的共享加密数据更新请求,并对所述新鉴权数据采用预设算法进行计算得到第一验证数据;The mobile switching center is further configured to: after receiving the handover completion notification sent by the base station, send, by the base station, a shared encrypted data update request that includes new authentication data, and the new authentication data is sent by the base station Calculating the first verification data by using a preset algorithm;
所述用户设备,还配置为根据所述共享加密数据更新请求中的新鉴权数据采用所述预设算法进行计算得到第二验证数据,并通过所述基站反馈给所述移动交换中心;The user equipment is further configured to calculate, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feed back to the mobile switching center by using the base station;
所述移动交换中心,还配置为将所述第一验证数据和所述第二验证数据进行比对验证,通过所述基站将验证结果反馈给所述用户设备;The mobile switching center is further configured to perform the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the base station;
所述用户设备,还配置为在所述验证结果为第一验证数据和第二验证数据相同时,在本地更新所述第一验证数据,并将更新结果通过所述目标基站反馈给所述移动交换中心。The user equipment is further configured to: when the verification result is that the first verification data and the second verification data are the same, locally update the first verification data, and feed back the update result to the mobile station by using the target base station Exchange center.
本领域技术人员应当理解,本发明实施例所提供的通信系统中的各网元的实现功能可参照前述从LTE网络回落到CS域时的SSD更新方法的相关描述而理解。本领域技术人员应当理解,图4所示的移动交换中心中各处理单元的功能可通过运行于处理器上的程序而实现,也可通过具体的逻辑电路而实现。It should be understood by those skilled in the art that the implementation functions of the network elements in the communication system provided by the embodiments of the present invention can be understood by referring to the foregoing description of the SSD update method when the LTE network is dropped back to the CS domain. Those skilled in the art should understand that the functions of the processing units in the mobile switching center shown in FIG. 4 can be implemented by a program running on a processor, or can be implemented by a specific logic circuit.
以上内容是结合具体的实施方式对本发明所作的进一步详细说明,不能认定本发明的具体实施只局限于这些说明。对于本发明所属技术领域的普通技术人员来说,在不脱离本发明构思的前提下,还可以做出若干简单推演或替换,都应当视为属于本发明的保护范围。The above is a further detailed description of the present invention in connection with the specific embodiments, and the specific embodiments of the present invention are not limited to the description. It will be apparent to those skilled in the art that the present invention may be made without departing from the spirit and scope of the invention.
本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用硬件实施例、软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其 中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器和光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art will appreciate that embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention can take the form of a hardware embodiment, a software embodiment, or a combination of software and hardware. Moreover, the invention may be employed in one or more of its A computer program product embodied on a computer usable storage medium (including but not limited to disk storage and optical storage, etc.) containing computer usable program code.
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (system), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device. Means for implementing the functions specified in one or more of the flow or in a block or blocks of the flow chart.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。The computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device. The apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
以上所述,仅为本发明的较佳实施例而已,并非用于限定本发明的保护范围。The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.
工业实用性Industrial applicability
本发明实施例提供的从LTE网络回落到CS域时的SSD更新方法、移动交换中心、通信系统及计算机存储介质,互操作节点检测到用户设备在长期演进网络发起电路交换域的语音呼叫业务时,向移动交换中心发起切 换流程将该用户设备切换到电路交换域的目标基站上;然后移动交换中心向目标基站发起对用户设备的共享加密数据进行更新的更新流程完成对用户设备的共享加密数据的更新。即在用户设备回落到CS域后,能够先完成切换流程,然后再完成用户设备的SSD更新流程,避免UE在从LTE网络回落到CS域时同时进行SSD更新流程和切换流程而导致冲突的问题。 The SSD update method, the mobile switching center, the communication system, and the computer storage medium when the LTE network falls back to the CS domain provided by the embodiment of the present invention, and the interoperation node detects that the user equipment initiates the voice call service of the circuit switched domain in the long term evolution network. , initiate a cut to the mobile switching center The switching process switches the user equipment to the target base station of the circuit switched domain; then the mobile switching center initiates an update process for updating the shared encrypted data of the user equipment to the target base station to complete the update of the shared encrypted data of the user equipment. That is, after the user equipment falls back to the CS domain, the handover process can be completed first, and then the SSD update process of the user equipment is completed, so as to avoid the conflict between the SSD update process and the handover process when the UE falls back from the LTE network to the CS domain. .

Claims (14)

  1. 一种共享加密数据更新方法,所述方法包括:A method for updating encrypted data, the method comprising:
    互操作节点检测到用户设备在长期演进网络发起电路交换域的语音呼叫业务时,向移动交换中心发起切换流程以将所述用户设备切换到电路交换域的目标基站上;When the interoperation node detects that the user equipment initiates the voice call service of the circuit switched domain in the long term evolution network, initiates a handover procedure to the mobile switching center to switch the user equipment to the target base station of the circuit switched domain;
    在将所述用户设备切换到所述目标基站上后,移动交换中心向所述目标基站发起对所述用户设备的共享加密数据进行更新。After the user equipment is handed over to the target base station, the mobile switching center initiates update of the shared encrypted data of the user equipment to the target base station.
  2. 根据权利要求1所述的方法,其中,所述方法还包括:The method of claim 1 wherein the method further comprises:
    所述互操作节点通过判断是否收到所述用户设备发送的语音起步消息判断所述用户设备是否在长期演进网络发起电路交换域的语音呼叫业务。The interoperation node determines whether the user equipment initiates a voice call service of the circuit switched domain in the long term evolution network by determining whether the voice start message sent by the user equipment is received.
  3. 根据权利要求2所述的方法,其中,所述互操作节点检测到用户设备在长期演进网络发起电路交换域的语音呼叫后业务后,向所述移动交换中心发起切换流程之前,所述方法还包括:The method according to claim 2, wherein the interoperation node detects that the user equipment initiates a handover procedure to the mobile switching center after the long term evolution network initiates a voice call service of the circuit switched domain, the method further include:
    所述互操作节点根据所述语音起步消息向所述移动交换中心发送CM业务请求消息;Transmitting, by the interoperation node, a CM service request message to the mobile switching center according to the voice start message;
    所述移动交换中心收到CM业务请求消息后,对所述用户设备进行鉴权,记录鉴权失败结果。After receiving the CM service request message, the mobile switching center authenticates the user equipment and records the result of the authentication failure.
  4. 根据权利要求3所述的方法,其中,在所述用户设备切换到所述目标基站后,所述目标基站向所述移动交换中心发送切换完成通知;所述移动交换中心向所述目标基站发起对所述用户设备的共享加密数据进行更新的更新流程包括:The method according to claim 3, wherein after the user equipment switches to the target base station, the target base station sends a handover completion notification to the mobile switching center; the mobile switching center initiates to the target base station The update process for updating the shared encrypted data of the user equipment includes:
    所述移动交换中心接收所述目标基站发送的切换完成通知后,根据所述鉴权失败结果的记录通过所述目标基站向所述用户设备发送包含新鉴权数据的共享加密数据更新请求,并对所述新鉴权数据采用预设算法进行计算得到第一验证数据; After receiving the handover completion notification sent by the target base station, the mobile switching center sends a shared encrypted data update request including the new authentication data to the user equipment by using the target base station according to the record of the authentication failure result, and Calculating the first verification data by using a preset algorithm on the new authentication data;
    所述用户设备根据所述共享加密数据更新请求中的新鉴权数据采用所述预设算法进行计算得到第二验证数据,并通过所述目标基站反馈给所述移动交换中心;The user equipment calculates, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feeds back to the mobile switching center by using the target base station;
    所述移动交换中心将所述第一验证数据和所述第二验证数据进行比对验证,通过所述目标基站将验证结果反馈给所述用户设备;The mobile switching center performs the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the target base station;
    所述用户设备在所述验证结果为第一验证数据和第二验证数据相同时,在本地更新共享加密数据,并将更新结果通过所述目标基站反馈给所述移动交换中心。When the verification result is that the first verification data and the second verification data are the same, the user equipment locally updates the shared encrypted data, and feeds the update result to the mobile switching center through the target base station.
  5. 根据权利要求1或2所述的方法,其中,所述用户设备切换到所述目标基站后,所述目标基站向所述移动交换中心发送切换完成通知;所述移动交换中心向所述目标基站发起对所述用户设备的共享加密数据进行更新的更新流程包括:The method according to claim 1 or 2, wherein, after the user equipment switches to the target base station, the target base station sends a handover completion notification to the mobile switching center; the mobile switching center to the target base station An update process for initiating update of the shared encrypted data of the user equipment includes:
    所述移动交换中心接收所述目标基站发送的切换完成通知后,通过所述目标基站向所述用户设备发送包含新鉴权数据的共享加密数据更新请求,并对所述新鉴权数据采用预设算法进行计算得到第一验证数据;After receiving the handover completion notification sent by the target base station, the mobile switching center sends a shared encrypted data update request including new authentication data to the user equipment by using the target base station, and adopts a pre-preparation for the new authentication data. Setting an algorithm to calculate the first verification data;
    所述用户设备根据所述共享加密数据更新请求中的新鉴权数据采用所述预设算法进行计算得到第二验证数据,并通过所述目标基站反馈给所述移动交换中心;The user equipment calculates, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feeds back to the mobile switching center by using the target base station;
    所述移动交换中心将所述第一验证数据和所述第二验证数据进行比对验证,通过所述目标基站将验证结果反馈给所述用户设备;The mobile switching center performs the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the target base station;
    所述用户设备在所述验证结果为第一验证数据和第二验证数据相同时,在本地更新共享加密数据,并将更新结果通过所述目标基站反馈给所述移动交换中心。When the verification result is that the first verification data and the second verification data are the same, the user equipment locally updates the shared encrypted data, and feeds the update result to the mobile switching center through the target base station.
  6. 一种共享加密数据更新方法,所述方法包括:A method for updating encrypted data, the method comprising:
    移动交换中心接收互操作节点在检测到用户设备在长期演进网络发起 电路交换域的语音呼叫业务时发起的切换流程,将所述用户设备切换到电路交换域的目标基站上;The mobile switching center receives the interoperation node and detects that the user equipment is initiated on the long term evolution network. Switching process initiated by the voice call service of the circuit switched domain, the user equipment is switched to the target base station of the circuit switched domain;
    并在将所述用户设备切换到所述目标基站上后,向所述目标基站发起对所述用户设备的共享加密数据进行更新。After the user equipment is switched to the target base station, the shared encrypted data of the user equipment is initiated to be updated to the target base station.
  7. 一种通信系统,所述系统包括互操作节点、移动交换中心、以及基站;A communication system including an interoperation node, a mobile switching center, and a base station;
    所述互操作节点,配置为检测到用户设备在长期演进网络发起电路交换域的语音呼叫业务时,向所述移动交换中心发起切换流程以将所述用户设备切换到电路交换域的所述基站上;The interoperation node is configured to detect, when the user equipment initiates a voice call service of the circuit switched domain in the long term evolution network, initiate a handover procedure to the mobile switching center to switch the user equipment to the base station of the circuit switched domain on;
    所述移动交换中心,配置为在将所述用户设备切换到所述基站上后,向所述基站发起对所述用户设备的共享加密数据进行更新。The mobile switching center is configured to initiate, after the user equipment is switched to the base station, update the shared encrypted data of the user equipment to the base station.
  8. 根据权利要求7所述的通信系统,其中,所述互操作节点,配置为通过判断是否收到所述用户设备发送的语音起步消息判断所述用户设备是否在长期演进网络发起电路交换域的语音呼叫业务。The communication system according to claim 7, wherein the interoperation node is configured to determine whether the user equipment initiates a voice of a circuit switched domain in a long term evolution network by determining whether a voice start message sent by the user equipment is received. Call business.
  9. 根据权利要求8所述的通信系统,其中,所述互操作节点,还配置为检测到用户设备在长期演进网络发起电路交换域的语音呼叫后业务后,向所述移动交换中心发起切换流程之前,根据所述语音起步消息向所述移动交换中心发送CM业务请求消息;The communication system according to claim 8, wherein the interoperation node is further configured to detect that the user equipment initiates a handover procedure to the mobile switching center after the long term evolution network initiates a voice call service of the circuit switched domain Transmitting, according to the voice start message, a CM service request message to the mobile switching center;
    所述移动交换中心,还配置为收到CM业务请求消息后,对所述用户设备进行鉴权,记录鉴权失败结果。The mobile switching center is further configured to: after receiving the CM service request message, perform authentication on the user equipment, and record an authentication failure result.
  10. 根据权利要求9所述的通信系统,其中,所述基站,还配置为在切换完成后,向所述移动交换中心发送切换完成通知;相应的,The communication system according to claim 9, wherein the base station is further configured to send a handover completion notification to the mobile switching center after the handover is completed; correspondingly,
    所述移动交换中心,还配置为在接收所述基站发送的切换完成通知后,根据所述鉴权失败结果的记录通过所述基站向所述用户设备发送包含新鉴权数据的共享加密数据更新请求,并对所述新鉴权数据采用预设算法进行 计算得到第一验证数据;The mobile switching center is further configured to: after receiving the handover completion notification sent by the base station, send, by using the base station, the shared encrypted data update including the new authentication data by using the base station according to the record of the authentication failure result. Requesting and using a preset algorithm for the new authentication data Calculating the first verification data;
    所述用户设备,还配置为根据所述共享加密数据更新请求中的新鉴权数据采用所述预设算法进行计算得到第二验证数据,并通过所述基站反馈给所述移动交换中心;The user equipment is further configured to calculate, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feed back to the mobile switching center by using the base station;
    所述移动交换中心,还配置为将所述第一验证数据和所述第二验证数据进行比对验证,通过所述基站将验证结果反馈给所述用户设备;The mobile switching center is further configured to perform the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the base station;
    所述用户设备,还配置为在所述验证结果为第一验证数据和第二验证数据相同时,在本地更新共享加密数据,并将更新结果通过所述基站反馈给所述移动交换中心。The user equipment is further configured to: when the verification result is that the first verification data and the second verification data are the same, update the shared encrypted data locally, and feed the update result to the mobile switching center through the base station.
  11. 根据权利要求7或8所述的通信系统,其中,所述基站,还配置为在切换完成后,向所述移动交换中心发送切换完成通知;相应的,The communication system according to claim 7 or 8, wherein the base station is further configured to send a handover completion notification to the mobile switching center after the handover is completed; correspondingly,
    所述移动交换中心,还配置为接收所述基站发送的切换完成通知后,通过所述基站向所述用户设备发送包含新鉴权数据的共享加密数据更新请求,并对所述新鉴权数据采用预设算法进行计算得到第一验证数据;The mobile switching center is further configured to: after receiving the handover completion notification sent by the base station, send, by the base station, a shared encrypted data update request that includes new authentication data, and the new authentication data is sent by the base station Calculating the first verification data by using a preset algorithm;
    所述用户设备,还配置为根据所述共享加密数据更新请求中的新鉴权数据采用所述预设算法进行计算得到第二验证数据,并通过所述基站反馈给所述移动交换中心;The user equipment is further configured to calculate, according to the new authentication data in the shared encrypted data update request, the second verification data by using the preset algorithm, and feed back to the mobile switching center by using the base station;
    所述移动交换中心,还配置为将所述第一验证数据和所述第二验证数据进行比对验证,通过所述基站将验证结果反馈给所述用户设备;The mobile switching center is further configured to perform the comparison verification on the first verification data and the second verification data, and the verification result is fed back to the user equipment by the base station;
    所述用户设备,还配置为在所述验证结果为第一验证数据和第二验证数据相同时,在本地更新所述第一验证数据,并将更新结果通过所述基站反馈给所述移动交换中心。The user equipment is further configured to: when the verification result is that the first verification data and the second verification data are the same, locally update the first verification data, and feed back an update result to the mobile switching by using the base station center.
  12. 一种移动交换中心,所述移动交换中心包括切换模块及更新模块;其中,A mobile switching center, where the mobile switching center includes a switching module and an update module;
    所述切换模块,配置为接收互操作节点在检测到用户设备在长期演进 网络发起电路交换域的语音呼叫业务时发起的切换流程,将所述用户设备切换到电路交换域的目标基站上;The switching module is configured to receive an interoperation node and detect that the user equipment is in long term evolution a handover procedure initiated when the network initiates a voice call service of the circuit switched domain, and the user equipment is switched to a target base station of the circuit switched domain;
    所述更新模块,配置为向所述目标基站发起对所述用户设备的共享加密数据进行更新。The update module is configured to initiate update of the shared encrypted data of the user equipment to the target base station.
  13. 一种计算机存储介质,所述计算机存储介质中存储有第一组计算机可执行指令,所述第一组计算机可执行指令用于执行权利要求1至5任一项所述的方法。A computer storage medium having stored therein a first set of computer executable instructions, the first set of computer executable instructions for performing the method of any one of claims 1 to 5.
  14. 一种计算机存储介质,所述计算机存储介质中存储有第二组计算机可执行指令,所述第二组计算机可执行指令用于执行权利要求6所述的方法。 A computer storage medium having stored therein a second set of computer executable instructions, the second set of computer executable instructions for performing the method of claim 6.
PCT/CN2015/078375 2014-11-18 2015-05-06 Method for updating ssd, media switch center, communication system and related storage medium WO2016078352A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410660336.0A CN105682153A (en) 2014-11-18 2014-11-18 SSD (Shared Secret Data) updating method during fallback from LTE (Long Term Evolution) network to CS (Circuit Switch) domain, media switch center and communication system
CN201410660336.0 2014-11-18

Publications (1)

Publication Number Publication Date
WO2016078352A1 true WO2016078352A1 (en) 2016-05-26

Family

ID=56013203

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/078375 WO2016078352A1 (en) 2014-11-18 2015-05-06 Method for updating ssd, media switch center, communication system and related storage medium

Country Status (2)

Country Link
CN (1) CN105682153A (en)
WO (1) WO2016078352A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107087272B (en) * 2017-05-19 2020-01-14 Oppo广东移动通信有限公司 Method, terminal and storage medium for connecting network

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1801706A (en) * 2005-01-07 2006-07-12 华为技术有限公司 Network authentication system and method for IP multimedia subsystem
CN101835150A (en) * 2010-02-09 2010-09-15 华为技术有限公司 Method, device and system for updating shared enciphered data
CN102598638A (en) * 2009-08-18 2012-07-18 高通股份有限公司 Reliable inter-radio access technology core network tunnel
CN102984770A (en) * 2012-12-04 2013-03-20 中国联合网络通信集团有限公司 Network switching method, mobile management entity, base station and network system
CN103118404A (en) * 2009-07-23 2013-05-22 华为技术有限公司 Method, device and system for backspacing voice calls to circuit switching domain

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102364976B (en) * 2010-06-16 2015-06-03 中兴通讯(美国)公司 Interworking circuit service fallback
US20130028183A1 (en) * 2011-07-29 2013-01-31 Motorola Mobility, Inc. Method and apparatus for routing circuit switched fallback messaging in a wireless communication system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1801706A (en) * 2005-01-07 2006-07-12 华为技术有限公司 Network authentication system and method for IP multimedia subsystem
CN103118404A (en) * 2009-07-23 2013-05-22 华为技术有限公司 Method, device and system for backspacing voice calls to circuit switching domain
CN102598638A (en) * 2009-08-18 2012-07-18 高通股份有限公司 Reliable inter-radio access technology core network tunnel
CN101835150A (en) * 2010-02-09 2010-09-15 华为技术有限公司 Method, device and system for updating shared enciphered data
CN102984770A (en) * 2012-12-04 2013-03-20 中国联合网络通信集团有限公司 Network switching method, mobile management entity, base station and network system

Also Published As

Publication number Publication date
CN105682153A (en) 2016-06-15

Similar Documents

Publication Publication Date Title
JP6950141B2 (en) Communication method and communication equipment
US10999065B2 (en) Method and apparatus for updating a key in an active state
TWI763786B (en) User plane relocation techniques in wireless communication systems
US11653199B2 (en) Multi-RAT access stratum security
US10849181B2 (en) NR RRC connection setup optimisation
US11064356B2 (en) Security framework for MSG3 and MSG4 in early data transmission
WO2018171310A1 (en) Method, apparatus and device for allowing terminal to move between 4g and 5g networks
US9344924B2 (en) Method of handling handover security configuration and related communication device
US20170265108A1 (en) Security processing method and system in network handover process
US20150055446A1 (en) Intelligent policy and charging rule function (pcrf) restoration
US20200008109A1 (en) Base station handover method, system, and computer storage medium
WO2009152759A1 (en) Method and device for preventing loss of network security synchronization
WO2018170756A1 (en) Method and apparatus for processing mobile management
WO2017113063A1 (en) Nas message processing and cell list updating methods and devices
WO2016201796A1 (en) Method and system for realizing private network registration, network element devices and computer storage medium
WO2016054822A1 (en) Csfb call establishment method and device
WO2015117490A1 (en) Method and device for establishing bearer
WO2019029228A1 (en) Method and device for processing voice service, and storage medium
KR20220046612A (en) Systems and methods for handling radio resource control inactivity conditions
WO2016078352A1 (en) Method for updating ssd, media switch center, communication system and related storage medium
EP3174331B1 (en) Method and device for initiating mobility management process
US9277462B1 (en) Method and system for preserving context records
WO2016078464A1 (en) Method for updating ssd upon fall-back from lte network to cs domain, and communication system
WO2016184182A1 (en) Method, msc, system for managing user resource
WO2014043897A1 (en) Switching processing method and device in wireless communication system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15861839

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15861839

Country of ref document: EP

Kind code of ref document: A1