WO2016155298A1 - Relay ue access control method and apparatus - Google Patents

Relay ue access control method and apparatus Download PDF

Info

Publication number
WO2016155298A1
WO2016155298A1 PCT/CN2015/092853 CN2015092853W WO2016155298A1 WO 2016155298 A1 WO2016155298 A1 WO 2016155298A1 CN 2015092853 W CN2015092853 W CN 2015092853W WO 2016155298 A1 WO2016155298 A1 WO 2016155298A1
Authority
WO
WIPO (PCT)
Prior art keywords
remote
relay
information
access
request
Prior art date
Application number
PCT/CN2015/092853
Other languages
French (fr)
Chinese (zh)
Inventor
梁爽
朱进国
卢飞
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016155298A1 publication Critical patent/WO2016155298A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/02Access restriction performed under specific conditions
    • H04W48/04Access restriction performed under specific conditions based on user or terminal location or mobility data, e.g. moving direction, speed
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W72/00Local resource management
    • H04W72/12Wireless traffic scheduling

Definitions

  • the embodiments of the present invention relate to, but are not limited to, a distance-based service (Prose) application technology, and in particular, a relay UE access control method and apparatus.
  • Prose distance-based service
  • Figure 1 is a schematic diagram of the architecture of the network after the introduction of the Prose function in the related technology. As shown in Figure 1, after the introduction of Prose, some network elements and interfaces are added to support this function:
  • Terminal A and terminal B (UEA/UEB) supporting the Prose function can discover and communicate with each other after obtaining authorization from the network side;
  • ProSe application application is installed on both terminal A and terminal B.
  • the Prose Function entity is used to support the introduction of Prose, and is mainly used to complete the authorization and matching of UE discovery and discovery. In some solutions, the Prose Function entity is also responsible for protocol UEs discovering each other;
  • EUTRAN Evolved Universal Terrestrial Radio Access Network
  • the Evolved Packet Core Network includes a Mobility Management Entity (MME) and a Serving Gateway (PGW, Packet Data Network Gateway). These network elements provide the underlying access for the terminal accessing the Prose Function entity;
  • MME Mobility Management Entity
  • PGW Packet Data Network Gateway
  • the Home Subscriber Server which contains all the functions of the Home Location Register (HLR), is the permanent storage location for the subscriber's subscription data and is located at the home network to which the subscriber is contracted. After the introduction of the Prose function, the HSS needs to store the subscription data related to Prose;
  • SLP Secure User Plane Location Platform
  • the relay UE When the terminal moves out of the coverage of the network, the relay UE can be used to access the network to obtain related information.
  • the architecture diagram supporting the relay terminal is shown in Figure 2, where the network element definition is as follows:
  • the remote terminal (Remote UE) is not in the coverage of the network, and obtains information about the network through the relay terminal.
  • the relay UE can provide services for the remote terminal within the coverage of the network.
  • the Public Security Server is one of the application servers that the Remote UE may use, and is used to send information to the Relay UE and the Remote UE.
  • the Remote UE needs to discover the relay UE and establish communication through the process shown in FIG. 3, which generally includes the following steps:
  • Step 300 The relay UE acquires a relay UE ID (ProSe Relay UE ID) of the distance-based service from the network side by using Authorization, and information about whether the relay operation is allowed to be performed;
  • a relay UE ID ProSe Relay UE ID
  • Step 301 The Relay UE is allowed to perform a Relay operation during the authorization process, and announces its own ProSe Relay UE ID.
  • Step 302 The Remote UE around the Relay UE wants to discover the Relay UE by listening to the broadcast through the Remote UE of the relay access network;
  • Step 303 The Remote UE initiates unicast communication with the Relay UE.
  • Relay UE When the Relay UE provides services for the Remote UE, multiple Remote UEs may wish to access the Relay UE. Since the access capability of the Relay UE is limited, how to implement scheduling of multiple Remote UE accesses so that limited resources are effectively allocated needs to be solved. There is no related technical solution for the implementation of Relay UE access control in the related art.
  • the embodiments of the present invention provide a relay UE access control method and apparatus, which can implement access scheduling for a Remote UE, so that limited resources are effectively allocated.
  • An embodiment of the present invention provides a relay terminal UE access control method, including:
  • the relaying UE performs the authorization verification on the remote UE by using the access information of the remote UE, and the remote UE allows the access information to be used to indicate whether the remote UE is allowed to access.
  • the relay UE determines whether to allow the remote UE to access according to the verification result.
  • the relaying the UE to perform the authorization verification on the remote UE by using the remote UE to allow the access information includes:
  • the relay UE receives a request initiated by a remote UE, where the request carries priority information
  • the relay UE performs authorization on the remote UE according to the access information allowed by the remote UE, where the access information of the remote UE includes the level of the access control of the relay UE and the carried in the request. Priority information.
  • the request initiated by the remote UE is a request for establishing a communication
  • the priority information carried in the request is the priority information of the remote UE.
  • the method further includes:
  • the remote UE obtains the priority information of the remote UE by using a pre-authorization process, or pre-configures the priority information of the remote UE locally.
  • the relaying the UE to perform the authorization verification on the remote UE by using the remote UE to allow the access information includes:
  • the relay UE receives a request initiated by a remote UE, where the request carries information of a remote UE;
  • the relaying UE searches for the distance-based service Prose function entity of the remote UE that requests the request, and obtains the priority information of the remote UE according to the information of the remote UE that is carried in the request;
  • the relaying UE performs authorization on the remote UE that initiates the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
  • the relaying UE searches for the distance-based service Prose function entity of the remote UE that initiates the request according to the information of the remote UE that is carried in the request, and obtains the priority information of the remote UE, including :
  • the Prose function entity of the relaying UE searches for the Prose functional entity of the remote UE according to the received information of the remote UE, and acquires priority information of the remote UE;
  • the Prose function entity of the relay UE returns priority information of the remote UE to the relay UE.
  • the relaying the UE to perform the authorization verification on the remote UE by using the remote UE to allow the access information includes:
  • the relay UE obtains a level of access control, and uses a level of the relay UE access control as the access information allowed by the remote UE, and broadcasts through a broadcast message;
  • the remote UE monitors the broadcast message, and determines that the priority information of the remote UE matches the level of the access UE's own access control carried in the broadcast message, and is authorized by the relay UE.
  • the method further includes: obtaining, by the pre-authorization process, the level of the relay UE access control by using the pre-authorization process;
  • the level of the relay UE access control is pre-configured by operating, maintaining, managing the OAM system configuration or locally at the relay UE.
  • the performing, by the remote UE, the access authentication information of the remote UE by using the remote UE includes:
  • the relay UE receives a request initiated by a remote UE
  • the relay UE requests its own distance-based service Prose function entity to perform authorization verification on the remote UE that initiates the request according to the remote UE's allowed access information, and receives the authorization result of the Prose functional entity from the relay UE. ;
  • the authorization result is that the authorization is successful.
  • the request initiated by the remote UE is a broadcast message indicating that the UE is desired to access the network by using the relay UE, or establishing a communication request;
  • the method further includes: obtaining, by the ProSe functional entity of the relay UE, the access information of the remote UE from the application layer or from a home subscriber server HSS of the remote UE.
  • the remote UE allows the access information to be the information of the remote UE that is allowed to access.
  • the remote UE allows the access information to be information of the remote UE that is allowed to access
  • the method further includes: the relay UE receives a request initiated by a remote UE; or the relay UE receives a request initiated by a remote UE, and the ProSe functional entity of the relay UE does not include Information of the remote UE that is allowed to access;
  • the ProSe functional entity of the relay UE performs authorization verification to the ProSe functional entity of the remote UE.
  • the performing the authorization verification by the ProSe functional entity of the relay UE to the ProSe functional entity of the remote UE includes:
  • the relay UE finds a ProSe functional entity of the remote UE corresponding to the remote UE according to the ProSe UE ID of the remote UE that initiates the request, and sends an authorization request to the relay UE, where the authorization request carries the ProSe of the relay UE.
  • Relay UE ID ;
  • the ProSe function entity of the remote UE determines whether the corresponding remote UE can listen to the broadcast information of the relay UE carried in the authorization request or establish a communication request according to the obtained information of the remote UE that is allowed to access.
  • the method further includes: obtaining, by the ProSe functional entity of the remote UE, the information and/or priority information of the remote UE that is allowed to access from the application layer, or acquiring the HSS from the remote UE Information and/or priority information of the remote UE that is allowed to access.
  • the performing, by the remote UE, the access authentication information of the remote UE by using the remote UE includes:
  • the relay UE receives a setup communication request initiated by the remote UE, where the request carries the ProSe UE ID of the remote UE that initiated the request;
  • the relay UE acquires an international mobile subscriber identity IMSI of the remote UE;
  • the relay UE carries the obtained IMSI of the remote UE in an authorization request and sends it to the mobility management entity MME of the own UE. If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, the The authorization result received by the relay UE is that the authorization is successful.
  • the method further includes:
  • the Prose function entity of the relay UE acquires the level of the relay UE's own access control and/or the priority information of the remote UE accessing the relay UE, or the received information comes from The Prose function entity of the remote UE following the authorization request of the ProSe functional entity of the UE acquires the level of the relay UE's own access control and/or the priority information of the remote UE's access to the relay UE;
  • the level of the relay UE access control and/or the priority information of the remote UE accessing the relay UE is used to limit the level of the remote UE that triggers the broadcast, or the level of the relay UE access control. And/or the priority information of the remote UE accessing the relay UE is used to limit the level of the remote UE that communicates with the relay UE.
  • An embodiment of the present invention further provides a relay UE access control apparatus, including a control unit and a processing unit, where
  • control unit configured to perform authorization verification on the remote UE by using the access information of the remote UE, where the remote UE allows the access information to be used to indicate whether the remote UE is allowed to access;
  • the processing unit is configured to determine, according to the verification result, whether the remote UE is allowed to access.
  • control unit is configured to: receive a request initiated by the remote UE; and authorize the remote UE according to the remote UE allowing access information, where the remote end
  • the UE allowed access information includes a level of the relay UE access control and priority information carried in the request.
  • control unit is configured to: receive a request initiated by the remote UE, and search for a Prose functional entity of the remote UE that initiates the request according to the information of the remote UE carried in the request, Obtaining the priority information of the remote UE; and authorizing the remote UE that initiates the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
  • control unit is configured to: receive a request initiated by the remote UE; send a request to a Prose functional entity of the relay UE, where the information of the remote UE is carried;
  • the Prose function entity of the relay UE acquires the priority information of the remote UE; and performs the requesting remote UE according to the level of the relay UE access control and the obtained priority information of the remote UE.
  • Authorization is configured to: receive a request initiated by the remote UE; send a request to a Prose functional entity of the relay UE, where the information of the remote UE is carried;
  • the Prose function entity of the relay UE acquires the priority information of the remote UE; and performs the requesting remote UE according to the level of the relay UE access control and the obtained priority information of the remote UE.
  • control unit is configured to: obtain a level of its own access control, and use the obtained level of the self-access control as the remote UE grant access information to be broadcast by using a broadcast message.
  • control unit is configured to: receive a request initiated by the remote UE; and request a Prose function entity of its own to perform authorization verification on the remote UE that initiates the request according to the access information allowed by the remote UE. And receiving the authorization result of the Prose functional entity from the relay UE.
  • the remote UE allows the access information to be the information of the remote UE that is allowed to access;
  • the authorization result is that the authorization is successful.
  • control unit is configured to: receive a setup communication request initiated by the remote UE; acquire an IMSI of the remote UE by using an authentication process or a separate process of the remote UE; The obtained IMSI of the remote UE is carried in the authorization request and sent to the MME to which it belongs. If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, the authorization result received is the authorization success.
  • the control unit when the remote UE allows the access information to be the information of the remote UE that is allowed to access, if the ProSe functional entity of the relay UE where the control unit is located does not include the remote UE that is allowed to access Information, the control unit is also set to:
  • the ProSe function entity of the remote UE determines, according to the obtained information of the remote UE that is allowed to access, that the corresponding remote UE can listen to the broadcast information of the relay UE carried in the authorization request, or establish a communication request, Receiving authorization success information of the ProSe functional entity from the remote UE.
  • control unit when the authorization result is displayed as the authorization is successful, the control unit is further configured to:
  • the technical solution of the embodiment of the present application includes: the relay UE performs the authorization verification on the remote UE by allowing the remote UE to access the remote UE, and the relay UE determines whether to allow the verification according to the verification result.
  • the remote UE accesses.
  • access scheduling for the remote UE is implemented, so that limited resources are effectively allocated.
  • FIG. 1 is a schematic structural diagram of a network after a related technology introduces a Prose function
  • FIG. 2 is a schematic structural diagram of a related art supporting a relay terminal
  • FIG. 3 is a schematic diagram of a process in which a related UE discovers a relay UE and establishes a communication
  • FIG. 4 is a flowchart of a method for controlling access of a relay UE according to an embodiment of the present invention
  • FIG. 5 is a schematic structural diagram of a structure of a relay UE access control apparatus according to an embodiment of the present invention.
  • FIG. 6 is a schematic flowchart diagram of Embodiment 1 of an application example of the present invention.
  • FIG. 7 is a schematic flowchart of a second embodiment of application of the present invention.
  • FIG. 8 is a schematic flowchart of a third embodiment of application of the present invention.
  • FIG. 9 is a schematic flowchart of a fourth embodiment of application of the present invention.
  • FIG. 10 is a schematic flowchart diagram of Embodiment 5 of the present application.
  • FIG. 11 is a schematic flowchart diagram of Embodiment 6 of the application of the present invention.
  • FIG. 4 is a flowchart of a method for controlling access of a relay UE according to an embodiment of the present invention. As shown in FIG. 4, the method includes:
  • Step 400 The relay UE performs authorization verification on the remote UE by allowing the remote UE to allow the remote UE to access the access information.
  • step 400 may include:
  • the relay UE receives the request initiated by the remote UE, where the request may be a communication request, and the priority information carried in the request is the priority information of the remote UE; the remote UE may pass the pre-authorization process. Obtaining priority information, or locally pre-configuring the priority information at the remote UE;
  • the relay UE matches the level of the access control with the priority information carried in the request, and determines whether to allow the remote UE to access according to the matching result. among them,
  • the access control level can be used when resources are limited, or because the operator specifically limits the access control when only some remote UEs are allowed to access, or other situations where the number of accesses needs to be controlled.
  • the matching policy may be: authorizing a remote UE that is higher than the level of access control learned by the relay UE, or authorizing only the remote UE of the same level; if not, rejecting the remote UE The request ends the process.
  • the matching policy can be set by the operator.
  • step 400 may include:
  • the relaying UE receives the request from the remote UE, and searches for the Prose functional entity of the remote UE according to the information of the remote UE carried in the request, and obtains the priority information of the remote UE;
  • the UE access control level and the obtained priority information of the remote UE are used to authorize the remote UE.
  • the relay UE receives the request from the remote UE, and the relay UE sends a request to the Prose function entity of the relay UE, where the information of the remote UE is carried;
  • the information of the terminal UE is used to find the Prose function entity of the remote UE, and obtain the priority information of the remote UE.
  • the Prose function of the relay UE returns the obtained priority information of the remote UE to the relay UE.
  • the relay UE will authorize the remote UE according to the level of the relay UE access control and the priority information of the remote UE.
  • the ProSe functional entity of the remote UE may obtain the priority information from the application layer or obtain the information from the HSS of the remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • the access control level may be used when the resource is limited, or the access control may be allowed only when some remote UEs are allowed to access, or other situations in which the number of accesses needs to be controlled.
  • the matching policy may be: authorizing a remote UE that is higher than the level of access control learned by the relay UE, or authorizing only the remote UE of the same level; if not, rejecting the remote UE The request ends the process.
  • the matching policy can be set by the operator.
  • step 400 may include:
  • the relay UE After obtaining the access control level, the relay UE directly broadcasts the access control level as the remote UE allowed access information by using a broadcast message;
  • the remote UE After the remote UE monitors the broadcast message, it determines that the priority information of the relay UE is authorized by the relay UE when it matches the level of the relay UE access control carried in the broadcast message; if not, the request of the remote UE is rejected, and the end is terminated. This process.
  • Access control level which can be used when resources are limited, or because the carrier is special It is limited to allow access control only when some remote UEs are allowed to access, or other situations where the number of accesses needs to be controlled.
  • the matching policy may be: authorizing a remote UE that is higher than the level of access control learned by the relay UE, or authorizing only the remote UE of the same level; if not, rejecting the remote UE The request ends the process.
  • the matching policy can be set by the operator.
  • the priority information of the remote UE may be obtained by the remote UE through a pre-authorization process, or locally pre-configured by the remote UE, or by the relay UE from the ProSe functional entity of the remote UE through its own Prose functional entity. Get in.
  • the relay UE may obtain the level of access control in the case that the resource is limited by the pre-authorization process; or may be configured, operated, maintained, managed, or locally pre-configured by the relay UE.
  • step 400 may include:
  • the relay UE receives the request initiated by the remote UE; wherein the request may be a broadcast message indicating that the UE is to be accessed by the relay UE, or a communication request is established, where the request carries the ProSe UE ID of the remote UE that initiated the request;
  • the relay UE requests its own Prose function entity to perform authorization verification on the remote UE that initiates the request according to the allowed access information of the remote UE, and receives the authorization result of the Prose functional entity from the relay UE.
  • the authorization result is that the authorization is successful; if not, the request of the remote UE is rejected, and the process ends.
  • the relay UE receives the setup communication request initiated by the remote UE, where the request carries the ProSe UE ID of the remote UE that initiated the request;
  • the relay UE obtains the IMSI (International Mobile Subscriber Identification Number) of the remote UE by the authentication process or the separate process of the remote UE.
  • IMSI International Mobile Subscriber Identification Number
  • the relay UE obtains the IMSI (International Mobile Subscriber Identification Number) of the remote UE by the authentication process or the separate process of the remote UE.
  • IMSI International Mobile Subscriber Identification Number
  • the relay UE carries the obtained IMSI of the remote UE in the authorization request and sends it to the MME to which it belongs. If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, The authorization result received by the relay UE is the authorization success; if not, the received authorization result is the request to reject the remote UE, and the process ends.
  • the Prose function entity of the relaying UE may obtain the access information of the remote UE from the context of the relay UE that is stored by itself.
  • the ProSe functional entity of the relaying UE may obtain the foregoing authorization information, that is, the remote UE grant access information, from the application layer or from the HSS of the remote UE. If it is obtained from the HSS, it may be obtained in the pre-authorization process of the remote UE accessing the network. If not yet obtained, the remote UE may obtain the access information by initiating an authorization request to the HSS.
  • the remote UE allows the access information to be information of the remote UE that is allowed to access
  • the relay UE receives the request initiated by the remote UE; or the relay UE receives the request initiated by the remote UE.
  • the ProSe functional entity of the relaying UE does not include the information of the remote UE that is allowed to access, and then the ProSe functional entity of the relaying UE performs the authorization verification to the ProSe functional entity of the Remote UE, including:
  • the relay UE finds the ProSe functional entity of the remote UE corresponding to the remote UE according to the ProSe UE ID of the remote UE that initiates the request, and sends an authorization request to the remote UE, where the authorization request carries the ProSe Relay UE of the relay UE. ID;
  • the ProSe function entity of the remote UE determines whether the corresponding remote UE can listen to the broadcast information of the relay UE carried in the authorization request or establish a communication request according to the obtained authorization information, that is, the information of the remote UE that is allowed to access. If the authorization is successful, the authorization result returned to the Prose function entity of the relay UE corresponding to the relay UE is the authorization success; if not, the authorization result is rejected.
  • the ProSe functional entity of the remote UE may obtain the information from the application layer or obtain the information from the HSS of the remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • the method further includes: in a case where the resource is limited, the Prose functional entity of the relay UE acquires a level of the relay UE access control and/or the remote UE access relay The priority information of the UE, or the Prose function entity of the remote UE that receives the authorization request from the ProSe functional entity of the relay UE acquires the level and/or the remote end of the relay UE's own access control.
  • the UE accesses the priority information of the relaying UE, where the level of the self-access control and/or the priority information of the remote UE accessing the relaying UE is used to limit the level of the remote UE that triggers the broadcast, or the middle
  • the level of UE access control and/or the priority information of the remote UE accessing the relay UE is used to limit the level of the remote UE communicating with the relay UE.
  • the priority information of the remote UE access is such that, in case of limited resources, the low-priority remote UE is prevented from triggering the broadcast or communicating with the relay UE.
  • Step 401 The relay UE determines, according to the verification result, whether to allow the remote UE to access.
  • the UE may access the broadcast message of the network by relaying the UE or establish a communication request with the relay UE.
  • FIG. 5 is a schematic structural diagram of a relay UE access control apparatus according to an embodiment of the present invention, which may be set in a relay UE or may be an independent entity. As shown in FIG. 5, at least a control unit 501 and a processing unit 502 are included;
  • the control unit 501 is configured to perform authorization verification on the remote UE by using the access information of the remote UE, where the remote UE allows the access information to be used to indicate whether the remote UE is allowed to access;
  • the processing unit 502 is configured to determine, according to the verification result, whether to allow the remote UE to access.
  • the control unit 501 is configured to: receive a request initiated by the remote UE; according to the level of access control of the relay UE that is the access information allowed by the remote UE, and the priority information carried in the request, The remote UE performs authorization.
  • control unit 501 is configured to: receive a request initiated by the remote UE, and search for a Prose function entity of the remote UE that initiates the request according to the information of the remote UE that is carried in the request, to obtain the remote UE. Priority information; and authorizing the remote UE that initiated the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
  • control unit 501 is configured to: receive a request initiated by the remote UE; send a request to a Prose functional entity of the relay UE, where the information of the remote UE is carried; and from the relay UE
  • the Prose function entity acquires the priority information of the remote UE, and authorizes the remote UE that initiates the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
  • control unit 501 is configured to: obtain the level of its own access control, and directly broadcast the obtained level of the access UE's own access control as the remote UE grant access information by using a broadcast message.
  • control unit 501 is configured to: receive a request initiated by the remote UE; request the own Prose function entity to perform authorization verification on the remote UE that initiates the request according to the access information of the remote UE, and receive the relay from the relay UE.
  • the authorization result of the Prose functional entity The remote UE allows the access information to be the information of the remote UE that is allowed to access.
  • the authorization result is that the authorization is successful.
  • control unit 501 is configured to: receive a setup communication request initiated by the remote UE; acquire an IMSI of the remote UE by using an authentication process or a separate procedure of the remote UE; and obtain an IMSI of the remote UE obtained If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, the authorization result is that the authorization is successful.
  • control unit is also set to:
  • the control unit 501 sets for:
  • the ProSe function entity of the remote UE determines, according to the obtained authorization information, that is, the information of the remote UE that is allowed to access, the corresponding remote UE can monitor the broadcast information of the relay UE carried in the authorization request, or establish a communication request. Then, the authorization success information of the ProSe functional entity from the remote UE is received.
  • the control unit is further configured to: when the resource is limited, receive the level of the relay UE's own access control and/or the remote UE from the Prose functional entity of the relay UE.
  • Priority information of accessing the relay UE, or receiving the level of the relay UE's own access control from the Prose functional entity of the remote UE and/or the priority information of the remote UE accessing the relay UE is a Prose functional entity of the remote UE that receives the authorization request from the ProSe functional entity of the relay UE, for example, the priority of the remote UE access Level information,
  • FIG. 6 is a schematic diagram of a process for implementing access control by a relay UE according to an embodiment of the present invention. As shown in FIG. 6 , this embodiment is an implementation manner in which a relay UE performs access control during a communication establishment process by a remote UE, including:
  • Step 600 The Relay UE obtains the level of access control from its own ProSe functional entity through pre-authorization or other network authorization process; for example, what level of remote UE is allowed to access the network if its own resources are limited or Since the operator specifically limits the access control only when some remote UEs are allowed to access; or, if other users need to control the number of accesses, what level of remote UEs are allowed to access the network;
  • the Relay UE may also be configured with an access control level in the case of resource limitation through the OAM system or locally. If the configuration is adopted, the step 600 may be omitted.
  • Step 601 The Remote UE obtains its own priority parameter from the network through a pre-authorization process, that is, which level of the user the Remote UE belongs to;
  • the priority parameters of the Remote UE itself may also be configured locally.
  • Step 602 The Remote UE initiates a request, where it carries its own priority parameter, and the request message may be a setup communication request.
  • Step 603 The Relay UE receives the request, and determines whether the request initiated by the Remote UE can be accepted according to its own level of access control when the resource is limited.
  • the Relay UE is set to a user whose access control level is higher than level 3 when the resource is limited, the user request lower than the priority may be rejected.
  • the Relay UE is set to allow only users with a priority of 2 to access, other users' requests may be rejected; the matching rule may be set by the operator.
  • Step 604 The Relay UE accepts or rejects the request initiated by the Remote UE according to the result of the judgment. If the request is rejected, the Relay UE may return the corresponding reason value to the Remote UE that initiated the request, so that the Remote UE decides whether to re-initiate the subsequent request. The request, for example if If the Relay UE changes the broadcast parameters, it may re-initiate the request.
  • FIG. 7 is a schematic diagram of a process for implementing access control by a relay UE according to Embodiment 2, and as shown in FIG. 7 , this embodiment is an implementation manner of the Remote UE determining whether to initiate access according to the broadcast of the Relay UE, including:
  • steps 700 to 701 is the same as the steps 600 to 601 in the first embodiment, and is not described here.
  • Step 702 The Relay UE carries its own level information of the access control in the case where the resource is restricted, and broadcasts the broadcast information in the broadcast message;
  • the level information of the Relay UE's own access control in the case where the resource is limited may be: the user whose access control level is higher than the level 3 in the case where the resource is limited.
  • Step 703 After listening to the broadcast message, the Remote UE determines, according to its own level information, whether the current Relay UE can receive its own request.
  • the level information of the access control of the Relay UE itself in the broadcast message of the Relay UE is limited to only the user whose priority is higher than 3, or the relay UE is set to allow only the priority. Access for 2 users. Then, the Remote UE that does not match the level does not initiate a communication request.
  • the matching strategy can be set by the operator.
  • FIG. 8 is a schematic diagram of a process of implementing access control by a relay UE according to the second embodiment of the present invention. As shown in FIG. 8 , in this embodiment, the implementation manner of the relay UE performing the access control in the process of discovering the relay UE by the remote UE in the trigger mode is performed. . With the technical solution provided in this embodiment, it is avoided that a UE that does not have access to access triggers excessive broadcast messages. include:
  • Step 800 The Remote UE finds that it enters the uncovered area, and hopes to access the network through the Relay UE.
  • the Remote UE initiates a broadcast inquiry to check whether there is a Relay UE available, and the broadcast message carries the ProSe ID of the Remote UE, that is, the ProSe UE ID.
  • Steps 801a to 801b In this embodiment, it is assumed that the surrounding Relay UE1 and the Relay UE2 are aware that the Remote UE wants to access by listening to the broadcast message, and then verifying the requested Remote UE, including: Relay UE1 and Relay UE2 respectively
  • the ProSe functional entity sends an authorization request, and carries the ProSe Relay UE ID and the ProSe UE ID in the authorization request.
  • the information of the remote UE may be determined according to the information, whether the remote UE is allowed to access; if the context of the Relay UE does not include the information of the Remote UE, such as the ProSe UE ID, the process is not allowed; if the context of the Relay UE is The information including the Remote UE, such as the ProSe UE ID, is allowed to go to step 804a and step 804b.
  • the ProSe functional entity of the relaying UE may obtain the foregoing authorization information, that is, the remote UE grant access information, from the application layer or from the HSS of the remote UE. If it is obtained from the HSS, it may be obtained in the pre-authorization process of the remote UE accessing the network. If not yet obtained, the remote UE may obtain the access information by initiating an authorization request to the HSS.
  • the ProSe function of the Relay UE does not include the information of the Remote UE that is allowed to access, the ProSe function of the Relay UE needs to go to the ProSe function of the Remote UE for authorization verification, including:
  • Steps 802a to 802b The Relay UE1 and the Relay UE2 respectively learn the ProSe function entity of the Remote UE according to the ProSe UE ID of the Remote UE, and respectively send an authorization request to the ProSe function entity of the Remote UE, where each of the two Relay UEs respectively carries the ProSe.
  • Step 803a to step 803b The ProSe function entity of the Remote UE determines, according to the obtained authorization information, whether the remote UE can listen to the broadcast information of the corresponding Relay UE. If yes, the authorization succeeds. If not, the device fails. In this embodiment, the relay is assumed. UE1 allows access, and Relay UE2 does not allow access. Then, the ProSe functional entity of the Remote UE returns the authentication result to the ProSe functional entities of the two Relay UEs respectively.
  • the ProSe functional entity of the Remote UE may obtain the information from the application layer or obtain the information from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • the ProSe functional entity of the Relay UE obtains the priority information of the Remote UE access, so that the authentication result returned in the step 804a and the step 804b also carries the access priority information of the Remote UE, so that the resource is limited, or other Specific need to control the number of access or the situation of the user Next, the broadcast will not be triggered by the low priority remote UE.
  • the ProSe function entity of the Remote UE obtains the priority information of the remote UE access, so that the authentication result returned by the step 803a and the step 803b further carries the access priority information of the Remote UE, so that the resource is limited. In this case, the broadcast will not be triggered by the low priority remote UE.
  • the priority information of the Remote UE access may also be obtained from the application layer or obtained from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • Steps 804a to 804b the ProSe function entity of Relay UE1 and the ProSe function entity of Relay UE2 respectively return the received authorization result to Relay UE1 and Relay UE2;
  • Step 805 The Relay UE receives the authentication success message, and the Relay UE1 in this embodiment starts to broadcast its own information, so that the corresponding Remote UE can discover itself and complete the subsequent access process.
  • FIG. 9 is a schematic diagram of a process for implementing access control by a relay UE according to an embodiment of the present invention. As shown in FIG. 9 , this embodiment is an implementation manner in which a relay UE performs access control during a communication process between a Remote UE and a relay UE, including :
  • Step 900 The Remote UE initiates a setup communication request to the Relay UE, where the ProSe ID, that is, the ProSe UE ID of the Remote UE, is carried in the setup communication request.
  • Step 901 The Relay UE sends an authorization request to the ProSe functional entity, where the ProSe Relay UE ID of the Relay UE and the ProSe ID of the Remote UE, that is, the ProSe UE ID;
  • the context of the Relay UE in the ProSe function of the Relay UE includes the information of the Remote UE that is allowed to access, it may be determined according to the information whether the Remote UE is allowed to access. If the information of the Remote UE is not included in the context of the Relay UE, such as the ProSe UE ID, the authorization response may be returned to notify the Remote UE that the access is not allowed; if the context of the Relay UE includes the information of the Remote UE, such as ProSe The UE ID is allowed, and at this time, the process proceeds to step 904.
  • the ProSe functional entity of the Relay UE can be obtained from the application layer or from the HSS of the remote UE.
  • the above authorization information is taken, that is, the remote UE allows access information. If it is obtained from the HSS, it may be obtained in the pre-authorization process of the remote UE accessing the network. If not yet obtained, the remote UE may obtain the access information by initiating an authorization request to the HSS.
  • the ProSe function of the Relay UE does not include the information of the Remote UE that is allowed to access, the ProSe function of the Relay UE needs to go to the ProSe function of the Remote UE for authorization verification, including:
  • Step 902 The ProSe function of the Relay UE finds the ProSe functional entity of the Remote UE according to the ProSe UE ID of the Remote UE, and sends an authorization request to the Relay UE, where the ProSe Relay UE ID and the ProSe UE ID of the Relay UE are carried.
  • Step 903 The ProSe function entity of the Remote UE determines, according to the obtained authorization information, that the Remote UE is allowed to access from the Relay UE. If yes, the authorization succeeds, and if not, the failure occurs; in this embodiment, if the Relay UE allows access, then The ProSe functional entity of the Remote UE returns an authorization response to the ProSe functional entity of the Relay UE as permission;
  • the ProSe functional entity of the Remote UE may obtain the information from the application layer or obtain the information from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • the priority information can also be obtained in the process, and may also include:
  • the ProSe function of the Relay UE can obtain the priority information of the Remote UE access, and the authorization response returned in the step 904 also carries the access priority information of the Remote UE. In order to serve higher priority remote UEs in case of limited resources.
  • the ProSe function entity of the Remote UE can obtain the priority information of the Remote UE access, so that the authentication result returned in step 903 also carries the access priority information of the Remote UE, so that the resource is limited, or other A higher priority remote UE is served if the number of accesses or users needs to be controlled.
  • the priority information of the Remote UE access may also be obtained from the application layer or obtained from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet available, you can initiate a grant to the HSS Request for permission to obtain this information from the HSS.
  • Step 904 The ProSe function entity of the Relay UE returns the authentication result to the Relay UE. In this embodiment, it is allowed. If the priority information of the Remote UE access is included in step 903, it is also returned to the Relay UE.
  • Step 905 The Relay UE performs other authentication and address allocation processes to establish communication with the Remote UE.
  • FIG. 10 is a schematic flowchart of implementing access control by the fifth relay UE according to the fifth embodiment of the present invention. As shown in FIG. 10, this embodiment is another implementation of the relay UE performing access control during the establishment of communication between the Remote UE and the Relay UE. Ways, including:
  • Step 1000 The Remote UE initiates a setup communication request to the Relay UE, and carries the ProSe ID of the Remote UE, that is, the ProSe UE ID, in the setup communication request.
  • Step 1001 After receiving the request, the Relay UE acquires the IMSI of the Remote UE by using an authentication process or a separate process for the remote UE.
  • Step 1002 The relay UE sends an authorization request to the MME to which it belongs, where the IMSI of the Remote UE is the Remote UE IMSI. If the context of the MME of the Relay UE includes the information of the Remote UE that is allowed to access, the information may be determined according to the information. The remote UE accesses, if the information of the remote UE that is allowed to access includes the IMSI of the remote UE that currently initiates the request, if the access is allowed, the process proceeds to step 1004.
  • the MME may obtain the IMSI list of the Remote UE that is allowed to access when the Relay UE accesses the network. If not, the MME of the Relay UE does not include the information of the Remote UE that is allowed to access.
  • the method further includes a step 1003: obtaining, from the HSS, a list of Remote UEs that the Relay UE allows to access;
  • Step 1004 The MME of the Relay UE returns an authorization response to the Relay UE.
  • the authorization response is allowed to be accessed. If the priority information of the Remote UE access is included in step 1003, the MME is also returned to the Relay UE.
  • Step 1005 The Relay UE performs other authentication and address configuration processes to establish communication with the remote UE.
  • FIG. 11 is a schematic flowchart of implementing the access control by the relay UE in the sixth embodiment, as shown in FIG. 11
  • the embodiment is an implementation manner in which the Relay UE performs access control when the Remote UE performs the interception request, and includes:
  • Step 1100 The Remote UE initiates a setup communication request to the Relay UE, and carries the ProSe ID of the Remote UE, that is, the ProSe UE ID, in the setup communication request.
  • Step 1101 The Relay UE finds the ProSe functional entity of the Remote UE according to the ProSe UE ID of the Remote UE, and sends an authorization request to the same, which carries the ProSe UE ID.
  • Step 1102 The ProSe functional entity of the Remote UE determines, according to the obtained authorization information, that the Remote UE is allowed to access from the Relay UE, and if yes, the authorization succeeds, and if not, fails;
  • the ProSe functional entity of the Remote UE if the Relay UE allows access, the ProSe functional entity of the Remote UE returns an authorization response to the ProSe functional entity of the Relay UE as permission.
  • the ProSe functional entity of the Remote UE may obtain the information from the application layer or obtain the information from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • Priority information can also be obtained during this process, including:
  • the ProSe function entity of the remote UE obtains the priority information of the remote UE access, so that the authentication result returned in step 1102 carries the access priority information of the Remote UE, so as to control access in the resource limited or other specific needs. In the case of quantity or user, it serves the higher priority remote UE.
  • the priority information of the Remote UE access may also be obtained from the application layer or obtained from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
  • Step 1103 The Relay UE performs other authentication and address allocation processes to establish communication with the Remote UE.
  • the technical solution of the embodiment of the present application includes: the relay UE performs the authorization verification on the remote UE by allowing the remote UE to access the remote UE, and the relay UE determines whether to allow the verification according to the verification result.
  • the remote UE accesses.
  • access scheduling for the remote UE is implemented, so that limited resources are effectively allocated.

Abstract

Disclosed are a relay UE access control method and apparatus, comprising: a relay UE performs authority checking on a remote UE through remote UE access allowance information, the remote UE access allowance information being used for representing whether the remote UE is allowed to access or not; and the relay UE judges whether the remote UE is allowed to access or not according to a checking result.

Description

一种中继UE接入控制方法及装置Relay UE access control method and device 技术领域Technical field
本发明实施例涉及但不限于基于距离的业务(Prose)应用技术,尤指一种中继UE接入控制方法及装置。The embodiments of the present invention relate to, but are not limited to, a distance-based service (Prose) application technology, and in particular, a relay UE access control method and apparatus.
背景技术Background technique
为了保持第三代移动通信系统在通信领域的竞争力,为用户提供速率更快、时延更低、更加个性化的移动通信服务,同时,降低运营商的运营成本,第三代合作伙伴计划(3GPP,3rd Generation Partnership Project)标准工作组正致力于演进分组系统(EPS,Evolved Packet System)的研究。In order to maintain the competitiveness of the third generation mobile communication system in the field of communication, to provide users with faster, less delayed, more personalized mobile communication services, while reducing operators' operating costs, the third generation of partner programs The 3GPP (3rd Generation Partnership Project) standard working group is working on the Evolved Packet System (EPS).
当两个终端通过EPS网络进行通信时,两个终端需要分别建立承载。考虑到智能终端以及多种移动互联网业务的快速发展,很多业务希望能够发现临近的朋友并且进行通信,因此催生了基于距离的业务(Prose,Proximity-based Services)。支持Prose功能(Prose Function)的终端进行通信可以通过网络授权的特定资源进行通信。此时的通信路径可以不绕回到核心网。这种通信方式一方面减少了数据路由的迂回,另一方面也减少了网络数据负荷。When two terminals communicate through the EPS network, the two terminals need to establish bearers separately. Considering the rapid development of smart terminals and a variety of mobile Internet services, many businesses hope to discover nearby friends and communicate, thus spawning distance-based services (Prose, Proximity-based Services). Terminals that support the Prose Function communicate with each other through specific resources authorized by the network. The communication path at this time may not wrap around to the core network. This type of communication reduces the round trip of data routing on the one hand and reduces the network data load on the other hand.
图1为相关技术引入Prose功能后网络的组成架构示意图,如图1所示,在Prose引入后,网络新增了一些网元和接口来支持该功能:Figure 1 is a schematic diagram of the architecture of the network after the introduction of the Prose function in the related technology. As shown in Figure 1, after the introduction of Prose, some network elements and interfaces are added to support this function:
支持Prose功能的终端A和终端B(UEA/UEB)在从网络侧获得授权后,可以彼此发现以及通信;终端A和终端B上均安装有ProSe应用(application)Terminal A and terminal B (UEA/UEB) supporting the Prose function can discover and communicate with each other after obtaining authorization from the network side; ProSe application (application) is installed on both terminal A and terminal B.
Prose Function实体是为了支持Prose引入,主要用于完成对UE发现和被发现的授权,以及匹配。在某些解决方案中,Prose Function实体还负责协议UE进行彼此发现;The Prose Function entity is used to support the introduction of Prose, and is mainly used to complete the authorization and matching of UE discovery and discovery. In some solutions, the Prose Function entity is also responsible for protocol UEs discovering each other;
增强的通用陆地无线接入网络(EUTRAN,Evolved Universal Terrestrial Radio Access Network),为Prose终端提供底层接入,以及必要的发现和通信资源; An enhanced Evolved Universal Terrestrial Radio Access Network (EUTRAN) that provides underlying access to Prose terminals, as well as necessary discovery and communication resources;
增强的数据核心网(EPC,Evolved Packet Core Network)包含移动性管理实体(MME,Mobility Management Entity)和服务网关(SGW,Serving Gateway)/分组数据网关(PGW,Packet Data Network Gateway)。这些网元为终端接入Prose Function实体提供了底层接入;The Evolved Packet Core Network (EPC) includes a Mobility Management Entity (MME) and a Serving Gateway (PGW, Packet Data Network Gateway). These network elements provide the underlying access for the terminal accessing the Prose Function entity;
归属用户服务器(HSS),包含归属位置寄存器(HLR)的所有功能,是用户签约数据的永久存放地点,位于用户签约的归属网。引入Prose功能后,HSS需要存储Prose相关的签约数据;The Home Subscriber Server (HSS), which contains all the functions of the Home Location Register (HLR), is the permanent storage location for the subscriber's subscription data and is located at the home network to which the subscriber is contracted. After the introduction of the Prose function, the HSS needs to store the subscription data related to Prose;
安全的用户面位置平台(SLP,Secure User Plane Location Platform),用于帮助发现临近的终端。Secure User Plane Location Platform (SLP) to help discover nearby terminals.
当终端移出网络的覆盖范围时,可以借助中继(Relay)UE来实现接入到网络中获取相关信息。支持中继终端的架构图如图2所示,其中网元定义如下所述:When the terminal moves out of the coverage of the network, the relay UE can be used to access the network to obtain related information. The architecture diagram supporting the relay terminal is shown in Figure 2, where the network element definition is as follows:
远端终端(Remote UE)不在网络的覆盖范围内,通过中继终端获取网络的信息;The remote terminal (Remote UE) is not in the coverage of the network, and obtains information about the network through the relay terminal.
中继终端(Relay UE)在网络的覆盖范围内,能够为远端终端提供服务。The relay UE can provide services for the remote terminal within the coverage of the network.
基站和EPC的作用与图1类似,这里不再赘述。The role of the base station and the EPC is similar to that of Figure 1, and will not be described again here.
公共安全服务器(Pulic safety AS)是Remote UE可能使用的应用服务器之一,并用于下发信息给Relay UE和Remote UE。The Public Security Server (Pulic Safety AS) is one of the application servers that the Remote UE may use, and is used to send information to the Relay UE and the Remote UE.
Remote UE需要通过如图3所示的流程来发现relay UE并建立通信,大致包括以下步骤:The Remote UE needs to discover the relay UE and establish communication through the process shown in FIG. 3, which generally includes the following steps:
步骤300:Relay UE通过授权(Authorization),从网络侧获取基于距离的业务的中继UE标识(ProSe Relay UE ID),以及是否允许进行Relay操作的信息;Step 300: The relay UE acquires a relay UE ID (ProSe Relay UE ID) of the distance-based service from the network side by using Authorization, and information about whether the relay operation is allowed to be performed;
步骤301:Relay UE在授权过程中被允许进行Relay操作,广播(Announce)自身的ProSe Relay UE ID;Step 301: The Relay UE is allowed to perform a Relay operation during the authorization process, and announces its own ProSe Relay UE ID.
步骤302:Relay UE周围希望通过中继接入网络的Remote UE通过监听广播发现该Relay UE;Step 302: The Remote UE around the Relay UE wants to discover the Relay UE by listening to the broadcast through the Remote UE of the relay access network;
步骤303:Remote UE发起与Relay UE的单播通信。 Step 303: The Remote UE initiates unicast communication with the Relay UE.
当Relay UE为Remote UE提供服务时,可能会出现多个Remote UE都希望接入Relay UE。由于Relay UE的接入能力有限,因此,如何实现对多个Remote UE接入调度以使得有限的资源得到有效的分配是需要解决的。相关技术中对于Relay UE接入控制的实现还没有相关技术方案。When the Relay UE provides services for the Remote UE, multiple Remote UEs may wish to access the Relay UE. Since the access capability of the Relay UE is limited, how to implement scheduling of multiple Remote UE accesses so that limited resources are effectively allocated needs to be solved. There is no related technical solution for the implementation of Relay UE access control in the related art.
发明内容Summary of the invention
以下是对本文详细描述的主题的概述。本概述并非是为了限制权利要求的保护范围。The following is an overview of the topics detailed in this document. This Summary is not intended to limit the scope of the claims.
本发明实施例提供一种中继UE接入控制方法及装置,能够实现对Remote UE的接入调度,使得有限的资源得到有效的分配。The embodiments of the present invention provide a relay UE access control method and apparatus, which can implement access scheduling for a Remote UE, so that limited resources are effectively allocated.
本发明实施例提供了一种中继终端UE接入控制方法,包括:An embodiment of the present invention provides a relay terminal UE access control method, including:
中继UE通过远端UE允许接入信息对远端UE进行授权验证,所述远端UE允许接入信息用于表示是否允许远端UE接入;The relaying UE performs the authorization verification on the remote UE by using the access information of the remote UE, and the remote UE allows the access information to be used to indicate whether the remote UE is allowed to access.
中继UE根据验证结果判断是否允许远端UE接入。The relay UE determines whether to allow the remote UE to access according to the verification result.
可选地,其中,所述中继UE通过远端UE允许接入信息对远端UE进行授权验证包括:Optionally, wherein the relaying the UE to perform the authorization verification on the remote UE by using the remote UE to allow the access information includes:
所述中继UE接收来自远端UE发起的请求,所述请求中携带优先级信息;The relay UE receives a request initiated by a remote UE, where the request carries priority information;
所述中继UE根据所述远端UE允许接入信息对远端UE进行授权,其中所述远端UE允许接入信息包括所述中继UE接入控制的等级和所述请求中携带的优先级信息。The relay UE performs authorization on the remote UE according to the access information allowed by the remote UE, where the access information of the remote UE includes the level of the access control of the relay UE and the carried in the request. Priority information.
可选地,其中,所述远端UE发起的请求为建立通信请求,此时在所述请求中携带的优先级信息为所述远端UE的优先级信息。Optionally, the request initiated by the remote UE is a request for establishing a communication, and the priority information carried in the request is the priority information of the remote UE.
可选地,该方法还包括:Optionally, the method further includes:
所述远端UE通过预授权过程获得所述远端UE的优先级信息,或者是在所述远端UE本地预先配置所述远端UE的优先级信息。The remote UE obtains the priority information of the remote UE by using a pre-authorization process, or pre-configures the priority information of the remote UE locally.
可选地,其中,所述中继UE通过远端UE允许接入信息对远端UE进行授权验证包括: Optionally, wherein the relaying the UE to perform the authorization verification on the remote UE by using the remote UE to allow the access information includes:
所述中继UE接收来自远端UE发起的请求,所述请求中携带远端UE的信息;The relay UE receives a request initiated by a remote UE, where the request carries information of a remote UE;
所述中继UE根据所述请求中携带的远端UE的信息,查找发起请求的远端UE的基于距离的业务Prose功能实体,获取该远端UE的优先级信息;The relaying UE searches for the distance-based service Prose function entity of the remote UE that requests the request, and obtains the priority information of the remote UE according to the information of the remote UE that is carried in the request;
所述中继UE根据所述中继UE接入控制的等级和获得的远端UE的优先级信息,对发起请求的远端UE进行授权。The relaying UE performs authorization on the remote UE that initiates the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
可选地,其中,所述中继UE根据所述请求中携带的远端UE的信息,查找发起请求的远端UE的基于距离的业务Prose功能实体,获取该远端UE的优先级信息包括:Optionally, the relaying UE searches for the distance-based service Prose function entity of the remote UE that initiates the request according to the information of the remote UE that is carried in the request, and obtains the priority information of the remote UE, including :
所述中继UE向所述中继UE的Prose功能实体发送请求,其中携带所述远端UE的信息;Sending, by the relay UE, a request to a Prose functional entity of the relay UE, where the information of the remote UE is carried;
所述中继UE的Prose功能实体根据接收到的所述远端UE的信息,查找所述远端UE的Prose功能实体,并获取所述远端UE的优先级信息;The Prose function entity of the relaying UE searches for the Prose functional entity of the remote UE according to the received information of the remote UE, and acquires priority information of the remote UE;
所述中继UE的Prose功能实体向所述中继UE返回所述远端UE的优先级信息。The Prose function entity of the relay UE returns priority information of the remote UE to the relay UE.
可选地,其中,所述中继UE通过远端UE允许接入信息对远端UE进行授权验证包括:Optionally, wherein the relaying the UE to perform the authorization verification on the remote UE by using the remote UE to allow the access information includes:
所述中继UE获得接入控制的等级,将中继UE接入控制的等级作为所述远端UE允许接入信息,并通过广播消息进行广播;The relay UE obtains a level of access control, and uses a level of the relay UE access control as the access information allowed by the remote UE, and broadcasts through a broadcast message;
所述远端UE监听到广播消息,确定在所述远端UE的优先级信息匹配广播消息中携带的中继UE自身接入控制的等级时被所述中继UE授权。The remote UE monitors the broadcast message, and determines that the priority information of the remote UE matches the level of the access UE's own access control carried in the broadcast message, and is authorized by the relay UE.
可选地,该方法还包括:所述中继UE通过预授权过程获得所述中继UE接入控制的等级;Optionally, the method further includes: obtaining, by the pre-authorization process, the level of the relay UE access control by using the pre-authorization process;
或者,通过操作、维护、管理OAM系统配置或在所述中继UE本地预先配置所述中继UE接入控制的等级。Alternatively, the level of the relay UE access control is pre-configured by operating, maintaining, managing the OAM system configuration or locally at the relay UE.
可选地,其中,所述中继UE通过远端UE允许接入信息对远端UE进行授权认证包括: Optionally, the performing, by the remote UE, the access authentication information of the remote UE by using the remote UE includes:
所述中继UE接收来自远端UE发起的请求;The relay UE receives a request initiated by a remote UE;
所述中继UE请求自身的基于距离的业务Prose功能实体根据远端UE允许接入信息,对所述发起请求的远端UE进行授权验证,并接收来自中继UE的Prose功能实体的授权结果;The relay UE requests its own distance-based service Prose function entity to perform authorization verification on the remote UE that initiates the request according to the remote UE's allowed access information, and receives the authorization result of the Prose functional entity from the relay UE. ;
如果所述发起请求的远端UE包含在允许接入的远端UE的信息中,则授权结果为授权成功。If the remote UE that initiated the request is included in the information of the remote UE that is allowed to access, the authorization result is that the authorization is successful.
可选地,其中,所述来自远端UE发起的请求为表示希望通过中继UE接入网络的广播消息、或者建立通信请求;Optionally, the request initiated by the remote UE is a broadcast message indicating that the UE is desired to access the network by using the relay UE, or establishing a communication request;
在所述来自远端UE发起的请求中携带有所述远端UE的基于距离的业务的远端UE标识ProSe UE ID。The remote UE identifier ProSe UE ID carrying the distance-based service of the remote UE in the request initiated by the remote UE.
可选地,该方法还包括:所述中继UE的ProSe功能实体从应用层,或者从所述远端UE的归属用户服务器HSS中获取所述远端UE允许接入信息。Optionally, the method further includes: obtaining, by the ProSe functional entity of the relay UE, the access information of the remote UE from the application layer or from a home subscriber server HSS of the remote UE.
可选地,其中,所述远端UE允许接入信息为允许接入的远端UE的信息。Optionally, the remote UE allows the access information to be the information of the remote UE that is allowed to access.
可选地,其中,所述远端UE允许接入信息是允许接入的远端UE的信息;Optionally, where the remote UE allows the access information to be information of the remote UE that is allowed to access;
该方法还包括:所述中继UE接收来自远端UE发起的请求;或者,所述中继UE接收来自远端UE发起的请求,且所述中继UE自身的ProSe功能实体中未包含有允许接入的远端UE的信息;The method further includes: the relay UE receives a request initiated by a remote UE; or the relay UE receives a request initiated by a remote UE, and the ProSe functional entity of the relay UE does not include Information of the remote UE that is allowed to access;
所述中继UE的ProSe功能实体向远端UE的ProSe功能实体进行授权验证。The ProSe functional entity of the relay UE performs authorization verification to the ProSe functional entity of the remote UE.
可选地,其中,所述中继UE的ProSe功能实体向远端UE的ProSe功能实体进行授权验证包括:Optionally, the performing the authorization verification by the ProSe functional entity of the relay UE to the ProSe functional entity of the remote UE includes:
所述中继UE根据发起请求的远端UE的ProSe UE ID找到该远端UE对应的远端UE的ProSe功能实体,并向其发送授权请求,在授权请求中携带有该中继UE的ProSe Relay UE ID;The relay UE finds a ProSe functional entity of the remote UE corresponding to the remote UE according to the ProSe UE ID of the remote UE that initiates the request, and sends an authorization request to the relay UE, where the authorization request carries the ProSe of the relay UE. Relay UE ID;
所述远端UE的ProSe功能实体根据获取的允许接入的远端UE的信息,判断相应的远端UE是否可以监听授权请求中携带的中继UE的广播信息、或建立通信请求。 The ProSe function entity of the remote UE determines whether the corresponding remote UE can listen to the broadcast information of the relay UE carried in the authorization request or establish a communication request according to the obtained information of the remote UE that is allowed to access.
可选地,该方法还包括:所述远端UE的ProSe功能实体从应用层获取所述允许接入的远端UE的信息和/或优先级信息,或者从所述远端UE的HSS获取所述允许接入的远端UE的信息和/或优先级信息。Optionally, the method further includes: obtaining, by the ProSe functional entity of the remote UE, the information and/or priority information of the remote UE that is allowed to access from the application layer, or acquiring the HSS from the remote UE Information and/or priority information of the remote UE that is allowed to access.
可选地,其中,所述中继UE通过远端UE允许接入信息对远端UE进行授权认证包括:Optionally, the performing, by the remote UE, the access authentication information of the remote UE by using the remote UE includes:
所述中继UE接收来自远端UE发起的建立通信请求,在请求中携带有发起请求的远端UE的ProSe UE ID;The relay UE receives a setup communication request initiated by the remote UE, where the request carries the ProSe UE ID of the remote UE that initiated the request;
所述中继UE获取该远端UE的国际移动用户识别码IMSI;The relay UE acquires an international mobile subscriber identity IMSI of the remote UE;
所述中继UE将获得的远端UE的IMSI携带在授权请求中发送给自身归属的移动性管理实体MME,如果MME确定远端UE的IMSI包含在中继UE的MME上下文中,则所述中继UE收到的授权结果为授权成功。The relay UE carries the obtained IMSI of the remote UE in an authorization request and sends it to the mobility management entity MME of the own UE. If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, the The authorization result received by the relay UE is that the authorization is successful.
可选地,所述授权结果显示为授权成功时,所述方法还包括:Optionally, when the authorization result is displayed as the authorization is successful, the method further includes:
在资源受限的情况下,所述中继UE的Prose功能实体获取中继UE自身接入控制的等级和/或远端UE接入中继UE的优先级信息,或者所述接收到来自中继UE的ProSe功能实体的授权请求的远端UE的Prose功能实体获取中继UE自身接入控制的等级和/或远端UE接入中继UE的优先级信息;In the case of resource limitation, the Prose function entity of the relay UE acquires the level of the relay UE's own access control and/or the priority information of the remote UE accessing the relay UE, or the received information comes from The Prose function entity of the remote UE following the authorization request of the ProSe functional entity of the UE acquires the level of the relay UE's own access control and/or the priority information of the remote UE's access to the relay UE;
其中,所述中继UE接入控制的等级和/或远端UE接入中继UE的优先级信息用于限制触发广播的远端UE的级别,或所述中继UE接入控制的等级和/或远端UE接入中继UE的优先级信息用于限制与中继UE进行通信的远端UE的级别。The level of the relay UE access control and/or the priority information of the remote UE accessing the relay UE is used to limit the level of the remote UE that triggers the broadcast, or the level of the relay UE access control. And/or the priority information of the remote UE accessing the relay UE is used to limit the level of the remote UE that communicates with the relay UE.
本发明实施例还提供了一种中继UE接入控制装置,包括控制单元和处理单元;其中,An embodiment of the present invention further provides a relay UE access control apparatus, including a control unit and a processing unit, where
控制单元,设置为通过远端UE允许接入信息对远端UE进行授权验证,所述远端UE允许接入信息用于表示是否允许远端UE接入;以及a control unit, configured to perform authorization verification on the remote UE by using the access information of the remote UE, where the remote UE allows the access information to be used to indicate whether the remote UE is allowed to access;
处理单元,设置为根据验证结果判断是否允许远端UE接入。The processing unit is configured to determine, according to the verification result, whether the remote UE is allowed to access.
可选地,其中,所述控制单元是设置为:接收来自所述远端UE发起的请求;根据所述远端UE允许接入信息对远端UE进行授权,其中,所述远端 UE允许接入信息包括所述中继UE接入控制的等级和所述请求中携带的优先级信息。Optionally, the control unit is configured to: receive a request initiated by the remote UE; and authorize the remote UE according to the remote UE allowing access information, where the remote end The UE allowed access information includes a level of the relay UE access control and priority information carried in the request.
可选地,其中,所述控制单元是设置为:接收来自所述远端UE发起的请求;根据所述请求中携带的远端UE的信息,查找发起请求的远端UE的Prose功能实体,获取该远端UE的优先级信息;以及根据所述中继UE接入控制的等级和获得的远端UE的优先级信息,对发起请求的远端UE进行授权。Optionally, the control unit is configured to: receive a request initiated by the remote UE, and search for a Prose functional entity of the remote UE that initiates the request according to the information of the remote UE carried in the request, Obtaining the priority information of the remote UE; and authorizing the remote UE that initiates the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
可选地,其中,所述控制单元是设置为:接收来自所述远端UE发起的请求;向所述中继UE的Prose功能实体发送请求,其中携带所述远端UE的信息;从所述中继UE的Prose功能实体获取所述远端UE的优先级信息;以及根据所述中继UE接入控制的等级和获得的远端UE的优先级信息,对发起请求的远端UE进行授权。Optionally, the control unit is configured to: receive a request initiated by the remote UE; send a request to a Prose functional entity of the relay UE, where the information of the remote UE is carried; The Prose function entity of the relay UE acquires the priority information of the remote UE; and performs the requesting remote UE according to the level of the relay UE access control and the obtained priority information of the remote UE. Authorization.
可选地,其中,所述控制单元是设置为:获得自身的接入控制的等级,将获得的自身接入控制的等级作为远端UE允许接入信息通过广播消息进行广播。Optionally, the control unit is configured to: obtain a level of its own access control, and use the obtained level of the self-access control as the remote UE grant access information to be broadcast by using a broadcast message.
可选地,其中,所述控制单元是设置为:接收来自所述远端UE发起的请求;请求自身的Prose功能实体根据远端UE允许接入信息,对发起请求的远端UE进行授权验证,并接收来自中继UE的Prose功能实体的授权结果。Optionally, the control unit is configured to: receive a request initiated by the remote UE; and request a Prose function entity of its own to perform authorization verification on the remote UE that initiates the request according to the access information allowed by the remote UE. And receiving the authorization result of the Prose functional entity from the relay UE.
可选地,其中,所述远端UE允许接入信息为允许接入的远端UE的信息;Optionally, the remote UE allows the access information to be the information of the remote UE that is allowed to access;
当发起请求的远端UE包含在允许接入的远端UE的信息中,所述授权结果为授权成功。When the requesting remote UE is included in the information of the remote UE that is allowed to access, the authorization result is that the authorization is successful.
可选地,其中,所述控制单元是设置为:接收来自所述远端UE发起的建立通信请求;通过对该远程UE的鉴权过程或单独的流程,获取该远端UE的IMSI;将获得的远端UE的IMSI携带在授权请求中发送给自身归属的MME,如果MME确定远端UE的IMSI包含在中继UE的MME上下文中,则收到的授权结果为授权成功。Optionally, the control unit is configured to: receive a setup communication request initiated by the remote UE; acquire an IMSI of the remote UE by using an authentication process or a separate process of the remote UE; The obtained IMSI of the remote UE is carried in the authorization request and sent to the MME to which it belongs. If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, the authorization result received is the authorization success.
可选地,当所述远端UE允许接入信息是允许接入的远端UE的信息时,如果所述控制单元所在中继UE的ProSe功能实体中未包含有允许接入的远端UE的信息,所述控制单元还设置为: Optionally, when the remote UE allows the access information to be the information of the remote UE that is allowed to access, if the ProSe functional entity of the relay UE where the control unit is located does not include the remote UE that is allowed to access Information, the control unit is also set to:
根据所述发起请求的远端UE的ProSe UE ID找到该远端UE对应的远端UE的ProSe功能实体,并向其发送授权请求,在授权请求中携带有该中继UE的ProSe Relay UE ID;在远端UE的ProSe功能实体根据获取的允许接入的远端UE的信息,判断出相应的远端UE可以监听授权请求中携带的中继UE的广播信息、或建立通信请求时,则接收来自远端UE的ProSe功能实体的授权成功信息。Defining a ProSe function entity of the remote UE corresponding to the remote UE according to the ProSe UE ID of the remote UE, and sending an authorization request to the remote UE, where the authorization request carries the ProSe Relay UE ID of the relay UE. The ProSe function entity of the remote UE determines, according to the obtained information of the remote UE that is allowed to access, that the corresponding remote UE can listen to the broadcast information of the relay UE carried in the authorization request, or establish a communication request, Receiving authorization success information of the ProSe functional entity from the remote UE.
可选地,所述授权结果显示为授权成功时,所述控制单元还设置为:Optionally, when the authorization result is displayed as the authorization is successful, the control unit is further configured to:
在资源受限的情况下,接收来自所述中继UE的Prose功能实体的所述中继UE自身接入控制的等级和/或远端UE接入中继UE的优先级信息,或者接收来自远端UE的Prose功能实体的所述中继UE自身接入控制的等级和/或远端UE接入中继UE的优先级信息,所述远端UE的Prose功能实体为接收到来自所述中继UE的ProSe功能实体的授权请求的远端UE的Prose功能实体。In case of resource limitation, receiving the level of the access UE's own access control from the Prose functional entity of the relay UE and/or the priority information of the remote UE accessing the relay UE, or receiving from a priority level of the relay UE's own access control and/or a priority information of the remote UE accessing the relay UE, and the Prose function entity of the remote UE receives the The Prose functional entity of the remote UE that requests the authorization of the ProSe functional entity of the UE.
与相关技术相比,本申请实施例技术方案包括中继UE通过是否允许远端UE接入的远端UE允许接入信息,对远端UE进行授权验证;中继UE根据验证结果判断是否允许远端UE接入。通过本发明实施例提供的技术方案,实现了对远端UE的接入调度,使得有限的资源得到了有效的分配。Compared with the related art, the technical solution of the embodiment of the present application includes: the relay UE performs the authorization verification on the remote UE by allowing the remote UE to access the remote UE, and the relay UE determines whether to allow the verification according to the verification result. The remote UE accesses. With the technical solution provided by the embodiment of the present invention, access scheduling for the remote UE is implemented, so that limited resources are effectively allocated.
在阅读并理解了附图和详细描述后,可以明白其他方面。Other aspects will be apparent upon reading and understanding the drawings and detailed description.
附图概述BRIEF abstract
图1为相关技术引入Prose功能后网络的组成架构示意图;FIG. 1 is a schematic structural diagram of a network after a related technology introduces a Prose function;
图2为相关技术支持中继终端的架构示意图;2 is a schematic structural diagram of a related art supporting a relay terminal;
图3为相关技术Remote UE发现relay UE并建立通信的流程示意图;FIG. 3 is a schematic diagram of a process in which a related UE discovers a relay UE and establishes a communication;
图4为本发明实施例中继UE接入控制方法的流程图;4 is a flowchart of a method for controlling access of a relay UE according to an embodiment of the present invention;
图5为本发明实施例中继UE接入控制装置的组成结构示意图;FIG. 5 is a schematic structural diagram of a structure of a relay UE access control apparatus according to an embodiment of the present invention;
图6为本发明应用实施例一的流程示意图;FIG. 6 is a schematic flowchart diagram of Embodiment 1 of an application example of the present invention; FIG.
图7为本发明应用实施例二的流程示意图; 7 is a schematic flowchart of a second embodiment of application of the present invention;
图8为本发明应用实施例三的流程示意图;8 is a schematic flowchart of a third embodiment of application of the present invention;
图9为本发明应用实施例四的流程示意图;9 is a schematic flowchart of a fourth embodiment of application of the present invention;
图10为本发明应用实施例五的流程示意图;FIG. 10 is a schematic flowchart diagram of Embodiment 5 of the present application;
图11为本发明应用实施例六的流程示意图。FIG. 11 is a schematic flowchart diagram of Embodiment 6 of the application of the present invention.
本发明的实施方式Embodiments of the invention
下文中将结合附图对本发明实施例进行详细说明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互任意组合。The embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that, in the case of no conflict, the features in the embodiments and the embodiments in the present application may be arbitrarily combined with each other.
图4为本发明实施例中继UE接入控制方法的流程图,如图4所示,包括:FIG. 4 is a flowchart of a method for controlling access of a relay UE according to an embodiment of the present invention. As shown in FIG. 4, the method includes:
步骤400:中继UE通过用于表示是否允许远端UE接入的远端UE允许接入信息,对远端UE进行授权验证;Step 400: The relay UE performs authorization verification on the remote UE by allowing the remote UE to allow the remote UE to access the access information.
其中,步骤400可以包括:Wherein, step 400 may include:
中继UE接收来自远端UE发起的请求;其中,请求可以是建立通信请求,此时在请求中携带的优先级信息为远端UE的优先级信息;所述远端UE可通过预授权过程获得优先级信息,或者是在所述远端UE本地预先配置所述优先级信息;The relay UE receives the request initiated by the remote UE, where the request may be a communication request, and the priority information carried in the request is the priority information of the remote UE; the remote UE may pass the pre-authorization process. Obtaining priority information, or locally pre-configuring the priority information at the remote UE;
如果中继UE已获知接入控制的等级,中继UE将接入控制的等级和请求中携带的优先级信息进行匹配,并根据匹配结果判断是否允许远端UE接入。其中,If the relay UE has learned the level of the access control, the relay UE matches the level of the access control with the priority information carried in the request, and determines whether to allow the remote UE to access according to the matching result. among them,
接入控制等级,可以在资源受限的情况下使用,或者由于运营商特别的限定只允许部分远端UE接入时做接入控制,或者其他需要控制接入数量的情况。进行匹配的策略可以是,对高于中继UE获知的接入控制的等级的远端UE进行授权,或者只对完全相同的等级的远端UE进行授权;如果不匹配则拒绝该远端UE的请求,结束本流程。这里,匹配的策略可以由运营商设定。The access control level can be used when resources are limited, or because the operator specifically limits the access control when only some remote UEs are allowed to access, or other situations where the number of accesses needs to be controlled. The matching policy may be: authorizing a remote UE that is higher than the level of access control learned by the relay UE, or authorizing only the remote UE of the same level; if not, rejecting the remote UE The request ends the process. Here, the matching policy can be set by the operator.
其中,步骤400可以包括: Wherein, step 400 may include:
中继UE接收来自远端UE发起的请求,根据请求中携带的远端UE的信息,查找该远端UE的Prose功能实体,并获取该远端UE的优先级信息;中继UE根据中继UE接入控制的等级和获得的远端UE的优先级信息,对远端UE进行授权。The relaying UE receives the request from the remote UE, and searches for the Prose functional entity of the remote UE according to the information of the remote UE carried in the request, and obtains the priority information of the remote UE; The UE access control level and the obtained priority information of the remote UE are used to authorize the remote UE.
或者,中继UE接收来自远端UE发起的请求,中继UE向中继UE的Prose功能实体发送请求,其中携带所述远端UE的信息;中继UE的Prose功能根据请求中携带的远端UE的信息,查找远端UE的Prose功能实体,获取该远端UE的优先级信息。中继UE的Prose功能向中继UE返回获得的述远端UE的优先级信息。中继UE将根据的中继UE接入控制的等级和远端UE的优先级信息,对远端UE进行授权。Or the relay UE receives the request from the remote UE, and the relay UE sends a request to the Prose function entity of the relay UE, where the information of the remote UE is carried; The information of the terminal UE is used to find the Prose function entity of the remote UE, and obtain the priority information of the remote UE. The Prose function of the relay UE returns the obtained priority information of the remote UE to the relay UE. The relay UE will authorize the remote UE according to the level of the relay UE access control and the priority information of the remote UE.
其中,远端UE的ProSe功能实体可以从应用层获取优先级信息,或者从远端UE的HSS获取该信息。如果从HSS获取,则可能在远端UE接入网络的预授权过程中已经获取。如果尚未获取,则可以发起到HSS的授权请求,从HSS获取该信息。The ProSe functional entity of the remote UE may obtain the priority information from the application layer or obtain the information from the HSS of the remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
其中,接入控制等级,可以在资源受限的情况下使用,或者由于运营商特别的限定只允许部分远端UE接入时做接入控制,或者其他需要控制接入数量的情况。进行匹配的策略可以是,对高于中继UE获知的接入控制的等级的远端UE进行授权,或者只对完全相同的等级的远端UE进行授权;如果不匹配则拒绝该远端UE的请求,结束本流程。这里,匹配的策略可以由运营商设定。The access control level may be used when the resource is limited, or the access control may be allowed only when some remote UEs are allowed to access, or other situations in which the number of accesses needs to be controlled. The matching policy may be: authorizing a remote UE that is higher than the level of access control learned by the relay UE, or authorizing only the remote UE of the same level; if not, rejecting the remote UE The request ends the process. Here, the matching policy can be set by the operator.
其中,步骤400可以包括:Wherein, step 400 may include:
中继UE在获得接入控制的等级后,直接将接入控制的等级作为远端UE允许接入信息通过广播消息进行广播;After obtaining the access control level, the relay UE directly broadcasts the access control level as the remote UE allowed access information by using a broadcast message;
远端UE监听到广播消息后,确定在自身的优先级信息匹配广播消息中携带的中继UE接入控制的等级时被中继UE授权;如果不匹配则拒绝该远端UE的请求,结束本流程。After the remote UE monitors the broadcast message, it determines that the priority information of the relay UE is authorized by the relay UE when it matches the level of the relay UE access control carried in the broadcast message; if not, the request of the remote UE is rejected, and the end is terminated. This process.
其中,among them,
接入控制等级,可以在资源受限的情况下使用,或者由于运营商特别的 限定只允许部分远端UE接入时做接入控制,或者其他需要控制接入数量的情况。进行匹配的策略可以是,对高于中继UE获知的接入控制的等级的远端UE进行授权,或者只对完全相同的等级的远端UE进行授权;如果不匹配则拒绝该远端UE的请求,结束本流程。这里,匹配的策略可以由运营商设定。Access control level, which can be used when resources are limited, or because the carrier is special It is limited to allow access control only when some remote UEs are allowed to access, or other situations where the number of accesses needs to be controlled. The matching policy may be: authorizing a remote UE that is higher than the level of access control learned by the relay UE, or authorizing only the remote UE of the same level; if not, rejecting the remote UE The request ends the process. Here, the matching policy can be set by the operator.
其中,远端UE的优先级信息可以在远端UE通过预授权过程获得,或者是在远端UE本地预先配置的;或者由中继UE通过自身的Prose功能实体从远端UE的ProSe功能实体中获取。The priority information of the remote UE may be obtained by the remote UE through a pre-authorization process, or locally pre-configured by the remote UE, or by the relay UE from the ProSe functional entity of the remote UE through its own Prose functional entity. Get in.
其中,中继UE可以通过预授权过程获得自身在资源受限的情况下的接入控制的等级;或者,可以通过操作、维护、管理OAM系统配置或在中继UE本地预先配置的。The relay UE may obtain the level of access control in the case that the resource is limited by the pre-authorization process; or may be configured, operated, maintained, managed, or locally pre-configured by the relay UE.
其中,步骤400可以包括:Wherein, step 400 may include:
中继UE接收来自远端UE发起的请求;其中请求可以是表示希望通过中继UE接入网络的广播消息、或者建立通信请求,在请求中携带有发起请求的远端UE的ProSe UE ID;The relay UE receives the request initiated by the remote UE; wherein the request may be a broadcast message indicating that the UE is to be accessed by the relay UE, or a communication request is established, where the request carries the ProSe UE ID of the remote UE that initiated the request;
中继UE请求自身的Prose功能实体根据远端UE允许接入信息,对发起请求的远端UE进行授权验证,并接收来自中继UE的Prose功能实体的授权结果;The relay UE requests its own Prose function entity to perform authorization verification on the remote UE that initiates the request according to the allowed access information of the remote UE, and receives the authorization result of the Prose functional entity from the relay UE.
如果发起请求的远端UE包含在允许接入的远端UE的信息中,则授权结果为授权成功;如果不包含则拒绝该远端UE的请求,结束本流程。If the requesting remote UE is included in the information of the remote UE that is allowed to access, the authorization result is that the authorization is successful; if not, the request of the remote UE is rejected, and the process ends.
或者,or,
中继UE接收来自远端UE发起的建立通信请求,在请求中携带有发起请求的远端UE的ProSe UE ID;The relay UE receives the setup communication request initiated by the remote UE, where the request carries the ProSe UE ID of the remote UE that initiated the request;
中继UE通过对该远程UE的鉴权过程或单独的流程,获取该远端UE的IMSI(International Mobile Subscriber Identification Number,国际移动用户识别码);如何获取IMSI可以参见相关协议,这里不再赘述;The relay UE obtains the IMSI (International Mobile Subscriber Identification Number) of the remote UE by the authentication process or the separate process of the remote UE. For how to obtain the IMSI, refer to the related protocol, and details are not described herein. ;
中继UE将获得的远端UE的IMSI携带在授权请求中发送给自身归属的MME,如果MME确定远端UE的IMSI包含在中继UE的MME上下文中, 则中继UE收到的授权结果为授权成功;如果不包含则收到的授权结果为拒绝该远端UE的请求,结束本流程。The relay UE carries the obtained IMSI of the remote UE in the authorization request and sends it to the MME to which it belongs. If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, The authorization result received by the relay UE is the authorization success; if not, the received authorization result is the request to reject the remote UE, and the process ends.
其中,中继UE的Prose功能实体可以从自身存储有的中继UE的上下文中获取远端UE允许接入信息。这里,中继UE的ProSe功能实体可以从应用层,或者从远端UE的HSS中获取上述授权信息即远端UE允许接入信息。如果是从HSS中获取,则可能在远端UE接入网络的预授权过程中已经获取,如果尚未获取,则可以通过向HSS发起授权请求来获得远端UE允许接入信息。The Prose function entity of the relaying UE may obtain the access information of the remote UE from the context of the relay UE that is stored by itself. Here, the ProSe functional entity of the relaying UE may obtain the foregoing authorization information, that is, the remote UE grant access information, from the application layer or from the HSS of the remote UE. If it is obtained from the HSS, it may be obtained in the pre-authorization process of the remote UE accessing the network. If not yet obtained, the remote UE may obtain the access information by initiating an authorization request to the HSS.
可选地,当远端UE允许接入信息是允许接入的远端UE的信息时,如果中继UE接收来自远端UE发起的请求;或者,中继UE接收来自远端UE发起的请求,且中继UE的ProSe功能实体中未包含有允许接入的远端UE的信息,那么,中继UE的ProSe功能实体向Remote UE的ProSe功能实体进行授权验证,包括:Optionally, when the remote UE allows the access information to be information of the remote UE that is allowed to access, if the relay UE receives the request initiated by the remote UE; or the relay UE receives the request initiated by the remote UE. And the ProSe functional entity of the relaying UE does not include the information of the remote UE that is allowed to access, and then the ProSe functional entity of the relaying UE performs the authorization verification to the ProSe functional entity of the Remote UE, including:
中继UE根据发起请求的远端UE的ProSe UE ID找到该远端UE对应的远端UE的ProSe功能实体,并向其发送授权请求,在授权请求中携带有该中继UE的ProSe Relay UE ID;The relay UE finds the ProSe functional entity of the remote UE corresponding to the remote UE according to the ProSe UE ID of the remote UE that initiates the request, and sends an authorization request to the remote UE, where the authorization request carries the ProSe Relay UE of the relay UE. ID;
远端UE的ProSe功能实体根据获取的授权信息即允许接入的远端UE的信息,判断相应的远端UE是否可以监听授权请求中携带的中继UE的广播信息/或建立通信请求。如果可以则授权成功,向该中继UE对应的中继UE的Prose功能实体返回授权结果为授权成功;如果不可以则拒绝,返回的授权结果为拒绝。The ProSe function entity of the remote UE determines whether the corresponding remote UE can listen to the broadcast information of the relay UE carried in the authorization request or establish a communication request according to the obtained authorization information, that is, the information of the remote UE that is allowed to access. If the authorization is successful, the authorization result returned to the Prose function entity of the relay UE corresponding to the relay UE is the authorization success; if not, the authorization result is rejected.
其中,远端UE的ProSe功能实体可以从应用层获取该信息,或者从远端UE的HSS获取该信息。如果从HSS获取,则可能在远端UE接入网络的预授权过程中已经获取。如果尚未获取,则可以发起到HSS的授权请求,从HSS获取该信息。The ProSe functional entity of the remote UE may obtain the information from the application layer or obtain the information from the HSS of the remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
可选地,在授权结果显示为授权成功时,还包括:在资源受限的情况下,中继UE的Prose功能实体获取中继UE接入控制的等级和/或远端UE接入中继UE的优先级信息,或者所述接收到来自中继UE的ProSe功能实体的授权请求的远端UE的Prose功能实体获取中继UE自身接入控制的等级和/或远端 UE接入中继UE的优先级信息,其中,自身接入控制的等级和/或远端UE接入中继UE的优先级信息用于限制触发广播的远端UE的级别,或所述中继UE接入控制的等级和/或远端UE接入中继UE的优先级信息用于限制与中继UE进行通信的远端UE的级别。比如远端UE接入的优先级信息,这样,以便在资源受限的情况下,避免低优先级的远端UE触发广播,或与中继UE进行通信。Optionally, when the authorization result is displayed as the authorization success, the method further includes: in a case where the resource is limited, the Prose functional entity of the relay UE acquires a level of the relay UE access control and/or the remote UE access relay The priority information of the UE, or the Prose function entity of the remote UE that receives the authorization request from the ProSe functional entity of the relay UE acquires the level and/or the remote end of the relay UE's own access control. The UE accesses the priority information of the relaying UE, where the level of the self-access control and/or the priority information of the remote UE accessing the relaying UE is used to limit the level of the remote UE that triggers the broadcast, or the middle The level of UE access control and/or the priority information of the remote UE accessing the relay UE is used to limit the level of the remote UE communicating with the relay UE. For example, the priority information of the remote UE access is such that, in case of limited resources, the low-priority remote UE is prevented from triggering the broadcast or communicating with the relay UE.
步骤401:中继UE根据验证结果判断是否允许远端UE接入。Step 401: The relay UE determines, according to the verification result, whether to allow the remote UE to access.
对于步骤400中得到授权的远端UE,即可通过中继UE接入网络的广播消息、或者与中继UE建立通信请求。For the remote UE authorized in step 400, the UE may access the broadcast message of the network by relaying the UE or establish a communication request with the relay UE.
图5为本发明实施例中继UE接入控制装置的组成结构示意图,可以设置在中继UE中,也可以是独立的实体。如图5所示,至少包括控制单元501和处理单元502;其中,FIG. 5 is a schematic structural diagram of a relay UE access control apparatus according to an embodiment of the present invention, which may be set in a relay UE or may be an independent entity. As shown in FIG. 5, at least a control unit 501 and a processing unit 502 are included;
所述控制单元501,设置为通过远端UE允许接入信息对远端UE进行授权验证,所述远端UE允许接入信息用于表示是否允许远端UE接入;以及The control unit 501 is configured to perform authorization verification on the remote UE by using the access information of the remote UE, where the remote UE allows the access information to be used to indicate whether the remote UE is allowed to access;
所述处理单元502,设置为根据验证结果判断是否允许远端UE接入。The processing unit 502 is configured to determine, according to the verification result, whether to allow the remote UE to access.
其中,among them,
控制单元501是设置为:接收来自远端UE发起的请求;根据作为所述远端UE允许接入信息的所述中继UE接入控制的等级和所述请求中携带的优先级信息,对远端UE进行授权。The control unit 501 is configured to: receive a request initiated by the remote UE; according to the level of access control of the relay UE that is the access information allowed by the remote UE, and the priority information carried in the request, The remote UE performs authorization.
或者,控制单元501是设置为:接收来自所述远端UE发起的请求;根据所述请求中携带的远端UE的信息,查找发起请求的远端UE的Prose功能实体,获取该远端UE的优先级信息;以及根据所述中继UE接入控制的等级和获得的远端UE的优先级信息,对发起请求的远端UE进行授权。Or, the control unit 501 is configured to: receive a request initiated by the remote UE, and search for a Prose function entity of the remote UE that initiates the request according to the information of the remote UE that is carried in the request, to obtain the remote UE. Priority information; and authorizing the remote UE that initiated the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
或者,控制单元501是设置为:接收来自所述远端UE发起的请求;向所述中继UE的Prose功能实体发送请求,其中携带所述远端UE的信息;从所述中继UE的Prose功能实体获取所述远端UE的优先级信息;以及根据所述中继UE接入控制的等级和获得的远端UE的优先级信息,对发起请求的远端UE进行授权。 Alternatively, the control unit 501 is configured to: receive a request initiated by the remote UE; send a request to a Prose functional entity of the relay UE, where the information of the remote UE is carried; and from the relay UE The Prose function entity acquires the priority information of the remote UE, and authorizes the remote UE that initiates the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
或者,控制单元501是设置为:获得自身的接入控制的等级,直接将获得的中继UE自身接入控制的等级作为远端UE允许接入信息通过广播消息进行广播。Alternatively, the control unit 501 is configured to: obtain the level of its own access control, and directly broadcast the obtained level of the access UE's own access control as the remote UE grant access information by using a broadcast message.
或者,控制单元501是设置为:接收来自远端UE发起的请求;请求自身的Prose功能实体根据远端UE允许接入信息,对发起请求的远端UE进行授权验证,并接收来自中继UE的Prose功能实体的授权结果。其中,远端UE允许接入信息可以是允许接入的远端UE的信息;当发起请求的远端UE包含在允许接入的远端UE的信息中,授权结果为授权成功。Alternatively, the control unit 501 is configured to: receive a request initiated by the remote UE; request the own Prose function entity to perform authorization verification on the remote UE that initiates the request according to the access information of the remote UE, and receive the relay from the relay UE. The authorization result of the Prose functional entity. The remote UE allows the access information to be the information of the remote UE that is allowed to access. When the remote UE that initiates the request is included in the information of the remote UE that is allowed to access, the authorization result is that the authorization is successful.
或者,控制单元501是设置为:接收来自远端UE发起的建立通信请求;通过对该远程UE的鉴权过程或单独的流程,获取该远端UE的IMSI;将获得的远端UE的IMSI携带在授权请求中发送给自身归属的MME,如果MME确定远端UE的IMSI包含在中继UE的MME上下文中,则收到的授权结果为授权成功。Alternatively, the control unit 501 is configured to: receive a setup communication request initiated by the remote UE; acquire an IMSI of the remote UE by using an authentication process or a separate procedure of the remote UE; and obtain an IMSI of the remote UE obtained If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, the authorization result is that the authorization is successful.
对于后两种控制单元的实现,控制单元还设置为:For the implementation of the latter two control units, the control unit is also set to:
当远端UE允许接入信息是允许接入的远端UE的信息时,如果控制单元所在中继UE的ProSe功能实体中未包含有允许接入的远端UE的信息,控制单元501还设置为:When the remote UE allows the access information to be the information of the remote UE that is allowed to access, if the ProSe functional entity of the relay UE where the control unit is located does not include the information of the remote UE that is allowed to access, the control unit 501 also sets for:
根据发起请求的远端UE的ProSe UE ID找到该远端UE对应的远端UE的ProSe功能实体,并向其发送授权请求,在授权请求中携带有该中继UE的ProSe Relay UE ID;在远端UE的ProSe功能实体根据获取的授权信息即允许接入的远端UE的信息,判断出相应的远端UE可以监听授权请求中携带的中继UE的广播信息、或建立通信请求时,则接收来自远端UE的ProSe功能实体的授权成功信息。And obtaining a ProSe function entity of the remote UE corresponding to the remote UE according to the ProSe UE ID of the remote UE that initiates the request, and sending an authorization request to the remote UE, where the authorization request carries the ProSe Relay UE ID of the relay UE; The ProSe function entity of the remote UE determines, according to the obtained authorization information, that is, the information of the remote UE that is allowed to access, the corresponding remote UE can monitor the broadcast information of the relay UE carried in the authorization request, or establish a communication request. Then, the authorization success information of the ProSe functional entity from the remote UE is received.
在授权结果显示为授权成功时,控制单元还设置为:在资源受限的情况下,接收来自中继UE的Prose功能实体的所述中继UE自身接入控制的等级和/或远端UE接入中继UE的优先级信息,或者接收来自远端UE的Prose功能实体的所述中继UE自身接入控制的等级和/或远端UE接入中继UE的优先级信息,所述远端UE的Prose功能实体为接收到来自所述中继UE的ProSe功能实体的授权请求的远端UE的Prose功能实体,比如远端UE接入的优先 级信息,When the authorization result is displayed as the authorization success, the control unit is further configured to: when the resource is limited, receive the level of the relay UE's own access control and/or the remote UE from the Prose functional entity of the relay UE. Priority information of accessing the relay UE, or receiving the level of the relay UE's own access control from the Prose functional entity of the remote UE and/or the priority information of the remote UE accessing the relay UE, The Prose function entity of the remote UE is a Prose functional entity of the remote UE that receives the authorization request from the ProSe functional entity of the relay UE, for example, the priority of the remote UE access Level information,
下面结合应用实施例对本发明实施例方法进行详细描述。The method of the embodiment of the present invention is described in detail below with reference to the application examples.
图6为应用实施例一中继UE实现接入控制的流程示意图,如图6所示,本实施例是Remote UE在建立通信过程中,Relay UE进行接入控制的实施方式,包括:FIG. 6 is a schematic diagram of a process for implementing access control by a relay UE according to an embodiment of the present invention. As shown in FIG. 6 , this embodiment is an implementation manner in which a relay UE performs access control during a communication establishment process by a remote UE, including:
步骤600:Relay UE通过预授权,或者其他网络授权的过程,从自身的ProSe功能实体获取接入控制的等级;比如:在自身资源受限的情况下允许什么级别的远端UE接入网络或者由于运营商特别的限定只允许部分远端UE接入时做接入控制;或者,其他需要控制接入数量的情况下,允许什么级别的远端UE接入网络等;Step 600: The Relay UE obtains the level of access control from its own ProSe functional entity through pre-authorization or other network authorization process; for example, what level of remote UE is allowed to access the network if its own resources are limited or Since the operator specifically limits the access control only when some remote UEs are allowed to access; or, if other users need to control the number of accesses, what level of remote UEs are allowed to access the network;
需要说明的是,Relay UE也可以通过OAM系统或者本地配置在资源受限的情况下的接入控制的等级,如果采用配置的方式则可以省略步骤600。It should be noted that the Relay UE may also be configured with an access control level in the case of resource limitation through the OAM system or locally. If the configuration is adopted, the step 600 may be omitted.
步骤601:Remote UE通过预授权的过程从网络获得自身的优先级参数,即Remote UE自身属于哪个等级的用户;Step 601: The Remote UE obtains its own priority parameter from the network through a pre-authorization process, that is, which level of the user the Remote UE belongs to;
需要说明的是,如果Remote UE从未接入到网络,则Remote UE自身的优先级参数也可以在本地配置。It should be noted that if the Remote UE never accesses the network, the priority parameters of the Remote UE itself may also be configured locally.
上述步骤600和步骤601的执行没有严格的先后顺序的限定。The execution of the above steps 600 and 601 is not strictly defined.
步骤602:Remote UE发起请求,其中携带自身的优先级参数,该请求消息可以是建立通信请求;Step 602: The Remote UE initiates a request, where it carries its own priority parameter, and the request message may be a setup communication request.
步骤603:Relay UE收到请求,根据自身的在资源受限的情况下自身接入控制的等级判断是否能够接受该Remote UE发起的请求;Step 603: The Relay UE receives the request, and determines whether the request initiated by the Remote UE can be accepted according to its own level of access control when the resource is limited.
比如:假设Relay UE设置在资源受限的情况下自身接入控制的等级为高于级别3的用户,那么,低于该优先级的用户请求可能都被拒绝;For example, if the Relay UE is set to a user whose access control level is higher than level 3 when the resource is limited, the user request lower than the priority may be rejected.
再如,假设Relay UE设置只允许优先级为2的用户接入,其他用户的请求可能都被拒绝;匹配规则可以由运营商设定。For another example, if the Relay UE is set to allow only users with a priority of 2 to access, other users' requests may be rejected; the matching rule may be set by the operator.
步骤604:Relay UE根据判断的结果接受或者拒绝Remote UE发起的请求;其中,如果是拒绝请求,Relay UE可以将相应的原因值返回给发起请求的Remote UE,以便Remote UE在后续决定是否重新发起该请求,比如要是 Relay UE改变了广播参数,则可能重新发起请求。Step 604: The Relay UE accepts or rejects the request initiated by the Remote UE according to the result of the judgment. If the request is rejected, the Relay UE may return the corresponding reason value to the Remote UE that initiated the request, so that the Remote UE decides whether to re-initiate the subsequent request. The request, for example if If the Relay UE changes the broadcast parameters, it may re-initiate the request.
图7为应用实施例二中继UE实现接入控制的流程示意图,如图7所示,本实施例是Remote UE根据Relay UE的广播判断是否发起接入的实施方式,包括:FIG. 7 is a schematic diagram of a process for implementing access control by a relay UE according to Embodiment 2, and as shown in FIG. 7 , this embodiment is an implementation manner of the Remote UE determining whether to initiate access according to the broadcast of the Relay UE, including:
步骤700~步骤701的实现与应用实施例一中的步骤600~步骤601一致,这里不再赘述;The implementation of the steps 700 to 701 is the same as the steps 600 to 601 in the first embodiment, and is not described here.
步骤702:Relay UE将自身的在资源受限的情况下自身接入控制的等级信息携带在广播消息中进行广播;Step 702: The Relay UE carries its own level information of the access control in the case where the resource is restricted, and broadcasts the broadcast information in the broadcast message;
其中,在资源受限的情况下Relay UE自身接入控制的等级信息可以是:在资源受限的情况下Relay UE自身接入控制的等级为高于级别3的用户。The level information of the Relay UE's own access control in the case where the resource is limited may be: the user whose access control level is higher than the level 3 in the case where the resource is limited.
步骤703:Remote UE监听到广播消息后,根据自身的等级信息,判断当前的Relay UE是否能够接收自己的请求;Step 703: After listening to the broadcast message, the Remote UE determines, according to its own level information, whether the current Relay UE can receive its own request.
比如,假设Relay UE的广播消息中携带的Relay UE自身的在资源受限的情况下的接入控制的等级信息为只能接收优先级高于3的用户,或者假设Relay UE设置只允许优先级为2的用户接入。那么,不匹配等级的Remote UE不会发起通信请求。匹配的策略可以由运营商设定。For example, it is assumed that the level information of the access control of the Relay UE itself in the broadcast message of the Relay UE is limited to only the user whose priority is higher than 3, or the relay UE is set to allow only the priority. Access for 2 users. Then, the Remote UE that does not match the level does not initiate a communication request. The matching strategy can be set by the operator.
图8为应用实施例二中继UE实现接入控制的流程示意图,如图8所示,本实施例是触发模式下,在Remote UE发现Relay UE过程中,Relay UE进行接入控制的实施方式。通过本实施例提供的技术方案,避免了由于没有权限接入的UE触发过多的广播消息。包括:FIG. 8 is a schematic diagram of a process of implementing access control by a relay UE according to the second embodiment of the present invention. As shown in FIG. 8 , in this embodiment, the implementation manner of the relay UE performing the access control in the process of discovering the relay UE by the remote UE in the trigger mode is performed. . With the technical solution provided in this embodiment, it is avoided that a UE that does not have access to access triggers excessive broadcast messages. include:
步骤800:Remote UE发现自己进入无覆盖区域,希望通过Relay UE接入网络,Remote UE发起广播询问周围是否有可用的Relay UE,在广播消息中携带有Remote UE的ProSe ID即ProSe UE ID;Step 800: The Remote UE finds that it enters the uncovered area, and hopes to access the network through the Relay UE. The Remote UE initiates a broadcast inquiry to check whether there is a Relay UE available, and the broadcast message carries the ProSe ID of the Remote UE, that is, the ProSe UE ID.
步骤801a~步骤801b:本实施例中,假设周围的Relay UE1和Relay UE2通过监听广播消息获知有Remote UE希望接入,则对请求的Remote UE进行验证,包括:Relay UE1和Relay UE2分别向各自的ProSe功能实体发送授权请求,在授权请求中携带有各自的ProSe Relay UE ID以及ProSe UE ID。 Steps 801a to 801b: In this embodiment, it is assumed that the surrounding Relay UE1 and the Relay UE2 are aware that the Remote UE wants to access by listening to the broadcast message, and then verifying the requested Remote UE, including: Relay UE1 and Relay UE2 respectively The ProSe functional entity sends an authorization request, and carries the ProSe Relay UE ID and the ProSe UE ID in the authorization request.
如果Relay UE的ProSe功能的Relay UE的上下文中包含允许接入的 Remote UE的信息,可以根据该信息判断是否允许该Remote UE接入;如果Relay UE的上下文中不包含该Remote UE的信息如ProSe UE ID,则不允许,结束本流程;如果Relay UE的上下文中包含该Remote UE的信息如ProSe UE ID,则允许,可以转入执行步骤804a和步骤804b。If the context of the Relay UE of the ProSe function of the Relay UE includes access allowed The information of the remote UE may be determined according to the information, whether the remote UE is allowed to access; if the context of the Relay UE does not include the information of the Remote UE, such as the ProSe UE ID, the process is not allowed; if the context of the Relay UE is The information including the Remote UE, such as the ProSe UE ID, is allowed to go to step 804a and step 804b.
中继UE的ProSe功能实体可以从应用层,或者从远端UE的HSS中获取上述授权信息即远端UE允许接入信息。如果是从HSS中获取,则可能在远端UE接入网络的预授权过程中已经获取,如果尚未获取,则可以通过向HSS发起授权请求来获得远端UE允许接入信息。The ProSe functional entity of the relaying UE may obtain the foregoing authorization information, that is, the remote UE grant access information, from the application layer or from the HSS of the remote UE. If it is obtained from the HSS, it may be obtained in the pre-authorization process of the remote UE accessing the network. If not yet obtained, the remote UE may obtain the access information by initiating an authorization request to the HSS.
如果Relay UE的ProSe功能没有包含允许接入的Remote UE的信息,还包括Relay UE的ProSe功能需要去Remote UE的ProSe功能进行授权验证,包括:If the ProSe function of the Relay UE does not include the information of the Remote UE that is allowed to access, the ProSe function of the Relay UE needs to go to the ProSe function of the Remote UE for authorization verification, including:
步骤802a~步骤802b:Relay UE1和Relay UE2分别根据Remote UE的ProSe UE ID获知Remote UE的ProSe功能实体,并向Remote UE的ProSe功能实体分别发送授权请求,其中分别携带两个Relay UE各自的ProSe relay UE ID以及ProSe UE ID; Steps 802a to 802b: The Relay UE1 and the Relay UE2 respectively learn the ProSe function entity of the Remote UE according to the ProSe UE ID of the Remote UE, and respectively send an authorization request to the ProSe function entity of the Remote UE, where each of the two Relay UEs respectively carries the ProSe. Relay UE ID and ProSe UE ID;
步骤803a~步骤803b:Remote UE的ProSe功能实体根据获取的授权信息判断Remote UE是否可以监听相应的Relay UE的广播信息,如果可以则授权成功,如果不可以则失败,本实施例中,假设Relay UE1允许接入,Relay UE2不允许接入,那么,Remote UE的ProSe功能实体分别向两个Relay UE的ProSe功能实体返回鉴权结果; Step 803a to step 803b: The ProSe function entity of the Remote UE determines, according to the obtained authorization information, whether the remote UE can listen to the broadcast information of the corresponding Relay UE. If yes, the authorization succeeds. If not, the device fails. In this embodiment, the relay is assumed. UE1 allows access, and Relay UE2 does not allow access. Then, the ProSe functional entity of the Remote UE returns the authentication result to the ProSe functional entities of the two Relay UEs respectively.
Remote UE的ProSe功能实体可以从应用层获取该信息,或者从Remote UE的HSS获取该信息。如果从HSS获取,则可能在Remote UE接入网络的预授权过程中已经获取。如果尚未获取,则可以发起到HSS的授权请求,从HSS获取该信息。The ProSe functional entity of the Remote UE may obtain the information from the application layer or obtain the information from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
如果还需要获取优先级信息,则还可以包括:If you still need to get priority information, you can also include:
Relay UE的ProSe功能实体获得Remote UE接入的优先级信息,这样,在步骤804a和步骤804b返回的鉴权结果中还携带有Remote UE的接入优先级信息,以便在资源受限,或者其他特定需要控制接入数量或者用户的情况 下,不会因为低优先级的remote UE触发广播。The ProSe functional entity of the Relay UE obtains the priority information of the Remote UE access, so that the authentication result returned in the step 804a and the step 804b also carries the access priority information of the Remote UE, so that the resource is limited, or other Specific need to control the number of access or the situation of the user Next, the broadcast will not be triggered by the low priority remote UE.
或者,Remote UE的ProSe功能实体获得Remote UE接入的优先级信息,这样,在步骤803a和步骤803b返回的鉴权结果中还携带有Remote UE的接入优先级信息,以便在资源受限的情况下,不会因为低优先级的remote UE触发广播。Or, the ProSe function entity of the Remote UE obtains the priority information of the remote UE access, so that the authentication result returned by the step 803a and the step 803b further carries the access priority information of the Remote UE, so that the resource is limited. In this case, the broadcast will not be triggered by the low priority remote UE.
其中,Remote UE接入的优先级信息同样可以从应用层获取该信息,或者从Remote UE的HSS获取该信息。如果从HSS获取,则可能在Remote UE接入网络的预授权过程中已经获取。如果尚未获取,则可以发起到HSS的授权请求,从HSS获取该信息。The priority information of the Remote UE access may also be obtained from the application layer or obtained from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
步骤804a~步骤804b:Relay UE1的ProSe功能实体和Relay UE2的ProSe功能实体,分别将接收到的授权结果返回给Relay UE1和Relay UE2; Steps 804a to 804b: the ProSe function entity of Relay UE1 and the ProSe function entity of Relay UE2 respectively return the received authorization result to Relay UE1 and Relay UE2;
步骤805,收到鉴权成功消息的Relay UE,本实施例中的Relay UE1开始广播自己的信息,以便相应的Remote UE可以发现自己,并完成后续的接入过程。Step 805: The Relay UE receives the authentication success message, and the Relay UE1 in this embodiment starts to broadcast its own information, so that the corresponding Remote UE can discover itself and complete the subsequent access process.
图9为应用实施例四中继UE实现接入控制的流程示意图,如图9所示,本实施例是Remote UE在与Relay UE建立通信过程中,Relay UE进行接入控制的实施方式,包括:FIG. 9 is a schematic diagram of a process for implementing access control by a relay UE according to an embodiment of the present invention. As shown in FIG. 9 , this embodiment is an implementation manner in which a relay UE performs access control during a communication process between a Remote UE and a relay UE, including :
步骤900:Remote UE向Relay UE发起建立通信请求,在建立通信请求中携带有Remote UE的ProSe ID即ProSe UE ID;Step 900: The Remote UE initiates a setup communication request to the Relay UE, where the ProSe ID, that is, the ProSe UE ID of the Remote UE, is carried in the setup communication request.
步骤901:Relay UE向自身的ProSe功能实体发送授权请求,其中携带有Relay UE的ProSe Relay UE ID以及Remote UE的ProSe ID即ProSe UE ID;Step 901: The Relay UE sends an authorization request to the ProSe functional entity, where the ProSe Relay UE ID of the Relay UE and the ProSe ID of the Remote UE, that is, the ProSe UE ID;
此时,如果Relay UE的ProSe功能中Relay UE的上下文中包含允许接入的Remote UE的信息,可以根据该信息判断是否允许该Remote UE接入。如果Relay UE的上下文中不包含该Remote UE的信息如ProSe UE ID,则不允许,则可以返回授权响应以通知Remote UE不允许接入;如果Relay UE的上下文中包含该Remote UE的信息如ProSe UE ID,则允许,此时可以转入执行步骤904。At this time, if the context of the Relay UE in the ProSe function of the Relay UE includes the information of the Remote UE that is allowed to access, it may be determined according to the information whether the Remote UE is allowed to access. If the information of the Remote UE is not included in the context of the Relay UE, such as the ProSe UE ID, the authorization response may be returned to notify the Remote UE that the access is not allowed; if the context of the Relay UE includes the information of the Remote UE, such as ProSe The UE ID is allowed, and at this time, the process proceeds to step 904.
Relay UE的ProSe功能实体可以从应用层,或者从远端UE的HSS中获 取上述授权信息即远端UE允许接入信息。如果是从HSS中获取,则可能在远端UE接入网络的预授权过程中已经获取,如果尚未获取,则可以通过向HSS发起授权请求来获得远端UE允许接入信息。The ProSe functional entity of the Relay UE can be obtained from the application layer or from the HSS of the remote UE. The above authorization information is taken, that is, the remote UE allows access information. If it is obtained from the HSS, it may be obtained in the pre-authorization process of the remote UE accessing the network. If not yet obtained, the remote UE may obtain the access information by initiating an authorization request to the HSS.
如果Relay UE的ProSe功能没有包含允许接入的Remote UE的信息,还包括Relay UE的ProSe功能需要去Remote UE的ProSe功能进行授权验证,包括:If the ProSe function of the Relay UE does not include the information of the Remote UE that is allowed to access, the ProSe function of the Relay UE needs to go to the ProSe function of the Remote UE for authorization verification, including:
步骤902,Relay UE的ProSe功能根据Remote UE的ProSe UE ID找到Remote UE的ProSe功能实体,并向其发送授权请求,其中携带Relay UE的ProSe Relay UE ID及ProSe UE ID;Step 902: The ProSe function of the Relay UE finds the ProSe functional entity of the Remote UE according to the ProSe UE ID of the Remote UE, and sends an authorization request to the Relay UE, where the ProSe Relay UE ID and the ProSe UE ID of the Relay UE are carried.
步骤903:Remote UE的ProSe功能实体根据获取的授权信息判断Remote UE被允许从Relay UE接入,如果可以则授权成功,如果不可以则失败;本实施例中,假设Relay UE允许接入,那么,Remote UE的ProSe功能实体向Relay UE的ProSe功能实体返回授权响应为允许;Step 903: The ProSe function entity of the Remote UE determines, according to the obtained authorization information, that the Remote UE is allowed to access from the Relay UE. If yes, the authorization succeeds, and if not, the failure occurs; in this embodiment, if the Relay UE allows access, then The ProSe functional entity of the Remote UE returns an authorization response to the ProSe functional entity of the Relay UE as permission;
Remote UE的ProSe功能实体可以从应用层获取该信息,或者从Remote UE的HSS获取该信息。如果从HSS获取,则可能在Remote UE接入网络的预授权过程中已经获取。如果尚未获取,则可以发起到HSS的授权请求,从HSS获取该信息。The ProSe functional entity of the Remote UE may obtain the information from the application layer or obtain the information from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
该过程中也可以获取优先级信息,则还可以包括:The priority information can also be obtained in the process, and may also include:
Relay UE的ProSe功能实体可以获得Remote UE接入的优先级信息,这样,在步骤904返回的授权响应中还携带有Remote UE的接入优先级信息。以便在资源受限的情况下,为较高优先级的remote UE服务。The ProSe function of the Relay UE can obtain the priority information of the Remote UE access, and the authorization response returned in the step 904 also carries the access priority information of the Remote UE. In order to serve higher priority remote UEs in case of limited resources.
或者,Remote UE的ProSe功能实体可以获得Remote UE接入的优先级信息,这样,在步骤903返回的鉴权结果中还携带有Remote UE的接入优先级信息,以便在资源受限,或者其他特定需要控制接入数量或者用户的情况下,为较高优先级的remote UE服务。Alternatively, the ProSe function entity of the Remote UE can obtain the priority information of the Remote UE access, so that the authentication result returned in step 903 also carries the access priority information of the Remote UE, so that the resource is limited, or other A higher priority remote UE is served if the number of accesses or users needs to be controlled.
其中,Remote UE接入的优先级信息同样可以从应用层获取该信息,或者从Remote UE的HSS获取该信息。如果从HSS获取,则可能在Remote UE接入网络的预授权过程中已经获取。如果尚未获取,则可以发起到HSS的授 权请求,从HSS获取该信息。The priority information of the Remote UE access may also be obtained from the application layer or obtained from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet available, you can initiate a grant to the HSS Request for permission to obtain this information from the HSS.
步骤904:Relay UE的ProSe功能实体向Relay UE返回鉴权结果,本实施例中为允许,如果步骤903中包含Remote UE接入的优先级信息,则也同时返回给Relay UE;Step 904: The ProSe function entity of the Relay UE returns the authentication result to the Relay UE. In this embodiment, it is allowed. If the priority information of the Remote UE access is included in step 903, it is also returned to the Relay UE.
步骤905:Relay UE执行其他鉴权和地址分配等过程,建立与Remote UE的通信。Step 905: The Relay UE performs other authentication and address allocation processes to establish communication with the Remote UE.
图10为应用实施例五中继UE实现接入控制的流程示意图,如图10所示,本实施例是是Remote UE在与Relay UE建立通信过程中,Relay UE进行接入控制的另一实施方式,包括:10 is a schematic flowchart of implementing access control by the fifth relay UE according to the fifth embodiment of the present invention. As shown in FIG. 10, this embodiment is another implementation of the relay UE performing access control during the establishment of communication between the Remote UE and the Relay UE. Ways, including:
步骤1000:Remote UE向Relay UE发起建立通信请求,在建立通信请求中携带有Remote UE的ProSe ID即ProSe UE ID;Step 1000: The Remote UE initiates a setup communication request to the Relay UE, and carries the ProSe ID of the Remote UE, that is, the ProSe UE ID, in the setup communication request.
步骤1001:Relay UE收到请求后,通过对该远程UE的鉴权过程或单独的流程,获取该Remote UE的IMSI;Step 1001: After receiving the request, the Relay UE acquires the IMSI of the Remote UE by using an authentication process or a separate process for the remote UE.
步骤1002:Relay UE向自身归属的MME发送授权请求,其中携带Remote UE的IMSI即Remote UE IMSI,如果Relay UE的MME的上下文中包含允许接入的Remote UE的信息,可以根据该信息判断是否允许Remote UE接入,如果允许接入的Remote UE的信息中包括有当前发起请求的Remote UE的IMSI,则表明允许接入,则转入执行步骤1004即可;Step 1002: The relay UE sends an authorization request to the MME to which it belongs, where the IMSI of the Remote UE is the Remote UE IMSI. If the context of the MME of the Relay UE includes the information of the Remote UE that is allowed to access, the information may be determined according to the information. The remote UE accesses, if the information of the remote UE that is allowed to access includes the IMSI of the remote UE that currently initiates the request, if the access is allowed, the process proceeds to step 1004.
MME可以在Relay UE接入网络时,通过获取签约数据的流程获取允许接入的Remote UE的IMSI列表,如果没有获得,即Relay UE的MME的上下文中未包含允许接入的Remote UE的信息,还包括步骤1003:从HSS获取Relay UE允许接入的Remote UE的列表;The MME may obtain the IMSI list of the Remote UE that is allowed to access when the Relay UE accesses the network. If not, the MME of the Relay UE does not include the information of the Remote UE that is allowed to access. The method further includes a step 1003: obtaining, from the HSS, a list of Remote UEs that the Relay UE allows to access;
步骤1004:Relay UE的MME向Relay UE返回授权响应,本实施例中假设授权响应为允许接入,如果步骤1003中包含Remote UE接入的优先级信息,则也同时返回给Relay UE;Step 1004: The MME of the Relay UE returns an authorization response to the Relay UE. In this embodiment, the authorization response is allowed to be accessed. If the priority information of the Remote UE access is included in step 1003, the MME is also returned to the Relay UE.
步骤1005:Relay UE执行其他鉴权和地址配置等过程,建立与remote UE的通信。Step 1005: The Relay UE performs other authentication and address configuration processes to establish communication with the remote UE.
图11为应用实施例六中继UE实现接入控制的流程示意图,如图11所 示,本实施例是Remote UE在执行监听请求时,Relay UE进行接入控制的实施方式,包括:FIG. 11 is a schematic flowchart of implementing the access control by the relay UE in the sixth embodiment, as shown in FIG. 11 The embodiment is an implementation manner in which the Relay UE performs access control when the Remote UE performs the interception request, and includes:
步骤1100:Remote UE向Relay UE发起建立通信请求,在建立通信请求中携带有Remote UE的ProSe ID即ProSe UE ID;Step 1100: The Remote UE initiates a setup communication request to the Relay UE, and carries the ProSe ID of the Remote UE, that is, the ProSe UE ID, in the setup communication request.
步骤1101:Relay UE根据Remote UE的ProSe UE ID找到Remote UE的ProSe功能实体,并向其发送授权请求,其中携带ProSe UE ID;Step 1101: The Relay UE finds the ProSe functional entity of the Remote UE according to the ProSe UE ID of the Remote UE, and sends an authorization request to the same, which carries the ProSe UE ID.
步骤1102:Remote UE的ProSe功能实体根据获取的授权信息判断Remote UE被允许从Relay UE接入,如果可以则授权成功,如果不可以则失败;Step 1102: The ProSe functional entity of the Remote UE determines, according to the obtained authorization information, that the Remote UE is allowed to access from the Relay UE, and if yes, the authorization succeeds, and if not, fails;
本实施例中,假设Relay UE允许接入,那么,Remote UE的ProSe功能实体向Relay UE的ProSe功能实体返回授权响应为允许。In this embodiment, if the Relay UE allows access, the ProSe functional entity of the Remote UE returns an authorization response to the ProSe functional entity of the Relay UE as permission.
其中,Remote UE的ProSe功能实体可以从应用层获取该信息,或者从Remote UE的HSS获取该信息。如果从HSS获取,则可能在Remote UE接入网络的预授权过程中已经获取。如果尚未获取,则可以发起到HSS的授权请求,从HSS获取该信息。The ProSe functional entity of the Remote UE may obtain the information from the application layer or obtain the information from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
该过程中还可以获取优先级信息,包括:Priority information can also be obtained during this process, including:
Remote UE的ProSe功能实体获得Remote UE接入的优先级信息,这样,在步骤1102返回的鉴权结果中携带有Remote UE的接入优先级信息,以便在资源受限或者其他特定需要控制接入数量或者用户的情况下,为较高优先级的remote UE服务。The ProSe function entity of the remote UE obtains the priority information of the remote UE access, so that the authentication result returned in step 1102 carries the access priority information of the Remote UE, so as to control access in the resource limited or other specific needs. In the case of quantity or user, it serves the higher priority remote UE.
其中,Remote UE接入的优先级信息同样可以从应用层获取该信息,或者从Remote UE的HSS获取该信息。如果从HSS获取,则可能在Remote UE接入网络的预授权过程中已经获取。如果尚未获取,则可以发起到HSS的授权请求,从HSS获取该信息。The priority information of the Remote UE access may also be obtained from the application layer or obtained from the HSS of the Remote UE. If obtained from the HSS, it may have been acquired during the pre-authorization process of the Remote UE accessing the network. If not yet obtained, an authorization request to the HSS can be initiated to obtain the information from the HSS.
步骤1103:Relay UE执行其他鉴权和地址分配等过程,建立与Remote UE的通信。Step 1103: The Relay UE performs other authentication and address allocation processes to establish communication with the Remote UE.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序来指令相关硬件完成,上述程序可以存储于计算机可读存储介质中,如只读 存储器、磁盘或光盘等。可选地,上述实施例的全部或部分步骤也可以使用一个或多个集成电路来实现。相应地,上述实施例中的各模块/单元可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。本发明实施例不限制于任何特定形式的硬件和软件的结合。One of ordinary skill in the art can understand that all or part of the above steps can be completed by a program to instruct related hardware, and the above program can be stored in a computer readable storage medium, such as read only. Memory, disk or disc, etc. Alternatively, all or part of the steps of the above embodiments may also be implemented using one or more integrated circuits. Correspondingly, each module/unit in the foregoing embodiment may be implemented in the form of hardware or in the form of a software function module. Embodiments of the invention are not limited to any specific form of combination of hardware and software.
工业实用性Industrial applicability
与相关技术相比,本申请实施例技术方案包括中继UE通过是否允许远端UE接入的远端UE允许接入信息,对远端UE进行授权验证;中继UE根据验证结果判断是否允许远端UE接入。通过本发明实施例提供的技术方案,实现了对远端UE的接入调度,使得有限的资源得到了有效的分配。 Compared with the related art, the technical solution of the embodiment of the present application includes: the relay UE performs the authorization verification on the remote UE by allowing the remote UE to access the remote UE, and the relay UE determines whether to allow the verification according to the verification result. The remote UE accesses. With the technical solution provided by the embodiment of the present invention, access scheduling for the remote UE is implemented, so that limited resources are effectively allocated.

Claims (27)

  1. 一种中继终端UE接入控制方法,包括:A relay terminal UE access control method includes:
    中继UE通过远端UE允许接入信息对远端UE进行授权验证,所述远端UE允许接入信息用于表示是否允许远端UE接入;The relaying UE performs the authorization verification on the remote UE by using the access information of the remote UE, and the remote UE allows the access information to be used to indicate whether the remote UE is allowed to access.
    中继UE根据验证结果判断是否允许远端UE接入。The relay UE determines whether to allow the remote UE to access according to the verification result.
  2. 根据权利要求1所述的中继UE接入控制方法,其中,所述中继UE通过远端UE允许接入信息对远端UE进行授权验证包括:The relay UE access control method according to claim 1, wherein the relay UE performs authorization verification on the remote UE by allowing the access information to be accessed by the remote UE, including:
    所述中继UE接收来自远端UE发起的请求,所述请求中携带优先级信息;The relay UE receives a request initiated by a remote UE, where the request carries priority information;
    所述中继UE根据所述远端UE允许接入信息对远端UE进行授权,其中所述远端UE允许接入信息包括所述中继UE接入控制的等级和所述请求中携带的优先级信息。The relay UE performs authorization on the remote UE according to the access information allowed by the remote UE, where the access information of the remote UE includes the level of the access control of the relay UE and the carried in the request. Priority information.
  3. 根据权利要求2所述的中继UE接入控制方法,其中,所述远端UE发起的请求为建立通信请求,所述请求中携带的优先级信息为所述远端UE的优先级信息。The relay UE access control method according to claim 2, wherein the request initiated by the remote UE is a communication request, and the priority information carried in the request is priority information of the remote UE.
  4. 根据权利要求3所述的中继UE接入控制方法,该方法还包括:The method for controlling a relay UE access control according to claim 3, further comprising:
    所述远端UE通过预授权过程获得所述远端UE的优先级信息,或者是在所述远端UE本地预先配置所述远端UE的优先级信息。The remote UE obtains the priority information of the remote UE by using a pre-authorization process, or pre-configures the priority information of the remote UE locally.
  5. 根据权利要求1所述的中继UE接入控制方法,其中,所述中继UE通过远端UE允许接入信息对远端UE进行授权验证包括:The relay UE access control method according to claim 1, wherein the relay UE performs authorization verification on the remote UE by allowing the access information to be accessed by the remote UE, including:
    所述中继UE接收来自远端UE发起的请求,所述请求中携带远端UE的信息;The relay UE receives a request initiated by a remote UE, where the request carries information of a remote UE;
    所述中继UE根据所述请求中携带的远端UE的信息,查找发起请求的远端UE的基于距离的业务Prose功能实体,获取该远端UE的优先级信息;The relaying UE searches for the distance-based service Prose function entity of the remote UE that requests the request, and obtains the priority information of the remote UE according to the information of the remote UE that is carried in the request;
    所述中继UE根据所述中继UE接入控制的等级和获得的远端UE的优先级信息,对发起请求的远端UE进行授权。The relaying UE performs authorization on the remote UE that initiates the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
  6. 根据权利要求5所述的中继UE接入控制方法,其中,所述中继UE根据所述请求中携带的远端UE的信息,查找发起请求的远端UE的基于距离 的业务Prose功能实体,获取该远端UE的优先级信息包括:The relay UE access control method according to claim 5, wherein the relay UE searches for the distance of the remote UE that initiates the request according to the information of the remote UE carried in the request. The service Prose function entity obtains the priority information of the remote UE, including:
    所述中继UE向所述中继UE的Prose功能实体发送请求,其中携带所述远端UE的信息;Sending, by the relay UE, a request to a Prose functional entity of the relay UE, where the information of the remote UE is carried;
    所述中继UE的Prose功能实体根据接收到的所述远端UE的信息,查找所述远端UE的Prose功能实体,并获取所述远端UE的优先级信息;The Prose function entity of the relaying UE searches for the Prose functional entity of the remote UE according to the received information of the remote UE, and acquires priority information of the remote UE;
    所述中继UE的Prose功能实体向所述中继UE返回所述远端UE的优先级信息。The Prose function entity of the relay UE returns priority information of the remote UE to the relay UE.
  7. 根据权利要求1所述的中继UE接入控制方法,其中,所述中继UE通过远端UE允许接入信息对远端UE进行授权验证包括:The relay UE access control method according to claim 1, wherein the relay UE performs authorization verification on the remote UE by allowing the access information to be accessed by the remote UE, including:
    所述中继UE获得接入控制的等级,将中继UE接入控制的等级作为所述远端UE允许接入信息,并通过广播消息进行广播;The relay UE obtains a level of access control, and uses a level of the relay UE access control as the access information allowed by the remote UE, and broadcasts through a broadcast message;
    所述远端UE监听到广播消息,确定在所述远端UE的优先级信息与广播消息中携带的中继UE自身接入控制的等级相匹配时被所述中继UE授权。The remote UE monitors the broadcast message, and determines that the priority information of the remote UE is authorized by the relay UE when it matches the level of the relay UE's own access control carried in the broadcast message.
  8. 根据权利要求2、5或7所述的中继UE接入控制方法,该方法还包括:所述中继UE通过预授权过程获得所述中继UE接入控制的等级;The relay UE access control method according to claim 2, 5 or 7, the method further comprising: obtaining, by the pre-authorization process, the level of the relay UE access control by the pre-authorization process;
    或者,通过操作、维护、管理OAM系统配置或在所述中继UE本地预先配置所述中继UE接入控制的等级。Alternatively, the level of the relay UE access control is pre-configured by operating, maintaining, managing the OAM system configuration or locally at the relay UE.
  9. 根据权利要求1所述的中继UE接入控制方法,其中,所述中继UE通过远端UE允许接入信息对远端UE进行授权认证包括:The relay UE access control method according to claim 1, wherein the relay UE performs authorization authentication on the remote UE by allowing the access information to be accessed by the remote UE, including:
    所述中继UE接收来自远端UE发起的请求;The relay UE receives a request initiated by a remote UE;
    所述中继UE请求自身的基于距离的业务Prose功能实体根据远端UE允许接入信息,对所述发起请求的远端UE进行授权验证,并接收来自中继UE的Prose功能实体的授权结果;The relay UE requests its own distance-based service Prose function entity to perform authorization verification on the remote UE that initiates the request according to the remote UE's allowed access information, and receives the authorization result of the Prose functional entity from the relay UE. ;
    如果所述发起请求的远端UE包含在允许接入的远端UE的信息中,则授权结果为授权成功。If the remote UE that initiated the request is included in the information of the remote UE that is allowed to access, the authorization result is that the authorization is successful.
  10. 根据权利要求9所述的中继UE接入控制方法,其中,所述来自远端UE发起的请求为表示希望通过中继UE接入网络的广播消息、或者建立通 信请求;The relay UE access control method according to claim 9, wherein the request initiated by the remote UE is a broadcast message indicating that the UE is desired to access the network through the relay UE, or establishes a connection. Letter request;
    在所述来自远端UE发起的请求中携带有所述远端UE的基于距离的业务的远端UE标识ProSe UE ID。The remote UE identifier ProSe UE ID carrying the distance-based service of the remote UE in the request initiated by the remote UE.
  11. 根据权利要求10所述的中继UE接入控制方法,该方法还包括:所述中继UE的ProSe功能实体从应用层,或者从所述远端UE的归属用户服务器HSS中获取所述远端UE允许接入信息。The relay UE access control method according to claim 10, further comprising: the ProSe functional entity of the relay UE acquiring the farth from an application layer or from a home subscriber server HSS of the remote UE The end UE allows access to information.
  12. 根据权利要求11所述的中继UE接入控制方法,其中,所述远端UE允许接入信息为允许接入的远端UE的信息。The relay UE access control method according to claim 11, wherein the remote UE allows access information to be information of a remote UE that is allowed to access.
  13. 根据权利要求1或9所述的中继UE接入控制方法,其中,所述远端UE允许接入信息是允许接入的远端UE的信息;The relay UE access control method according to claim 1 or 9, wherein the remote UE allows access information to be information of a remote UE that is allowed to access;
    该方法还包括:所述中继UE接收来自远端UE发起的请求;或者,所述中继UE接收来自远端UE发起的请求,且所述中继UE自身的ProSe功能实体中未包含有允许接入的远端UE的信息;The method further includes: the relay UE receives a request initiated by a remote UE; or the relay UE receives a request initiated by a remote UE, and the ProSe functional entity of the relay UE does not include Information of the remote UE that is allowed to access;
    所述中继UE的ProSe功能实体向远端UE的ProSe功能实体进行授权验证。The ProSe functional entity of the relay UE performs authorization verification to the ProSe functional entity of the remote UE.
  14. 根据权利要求13所述的中继UE接入控制方法,其中,所述中继UE的ProSe功能实体向远端UE的ProSe功能实体进行授权验证包括:The relay UE access control method according to claim 13, wherein the ProSe functional entity of the relay UE performs authorization verification on the ProSe functional entity of the remote UE, including:
    所述中继UE根据发起请求的远端UE的ProSe UE ID找到该远端UE对应的远端UE的ProSe功能实体,并向其发送授权请求,在授权请求中携带有该中继UE的ProSe Relay UE ID;The relay UE finds a ProSe functional entity of the remote UE corresponding to the remote UE according to the ProSe UE ID of the remote UE that initiates the request, and sends an authorization request to the relay UE, where the authorization request carries the ProSe of the relay UE. Relay UE ID;
    所述远端UE的ProSe功能实体根据获取的允许接入的远端UE的信息,判断相应的远端UE是否可以监听授权请求中携带的中继UE的广播信息、或建立通信请求。The ProSe function entity of the remote UE determines whether the corresponding remote UE can listen to the broadcast information of the relay UE carried in the authorization request or establish a communication request according to the obtained information of the remote UE that is allowed to access.
  15. 根据权利要求5或14所述的中继UE接入控制方法,该方法还包括:所述远端UE的ProSe功能实体从应用层获取所述允许接入的远端UE的信息和/或优先级信息,或者从所述远端UE的归属用户服务器HSS获取所述允许接入的远端UE的信息和/或优先级信息。The relay UE access control method according to claim 5 or 14, further comprising: obtaining, by the ProSe functional entity of the remote UE, information and/or priority of the remote UE that is allowed to access from an application layer Level information, or information and/or priority information of the remote UE that is allowed to access is obtained from the home subscriber server HSS of the remote UE.
  16. 根据权利要求1所述的中继UE接入控制方法,其中,所述中继UE 通过远端UE允许接入信息对远端UE进行授权认证包括:The relay UE access control method according to claim 1, wherein the relay UE Authorizing the remote UE by allowing the access information to be accessed by the remote UE includes:
    所述中继UE接收来自远端UE发起的建立通信请求,在请求中携带有发起请求的远端UE的ProSe UE ID;The relay UE receives a setup communication request initiated by the remote UE, where the request carries the ProSe UE ID of the remote UE that initiated the request;
    所述中继UE获取该远端UE的国际移动用户识别码IMSI;The relay UE acquires an international mobile subscriber identity IMSI of the remote UE;
    所述中继UE将获得的远端UE的IMSI携带在授权请求中发送给自身归属的移动性管理实体MME,如果MME确定远端UE的IMSI包含在中继UE的MME上下文中,则所述中继UE收到的授权结果为授权成功。The relay UE carries the obtained IMSI of the remote UE in an authorization request and sends it to the mobility management entity MME of the own UE. If the MME determines that the IMSI of the remote UE is included in the MME context of the relay UE, the The authorization result received by the relay UE is that the authorization is successful.
  17. 根据权利要求9或16所述的中继UE接入控制方法,所述授权结果显示为授权成功时,所述方法还包括:The relay UE access control method according to claim 9 or 16, wherein the authorization result is displayed as the authorization is successful, the method further includes:
    在资源受限的情况下,所述中继UE的Prose功能实体获取中继UE自身接入控制的等级和/或远端UE接入中继UE的优先级信息,或者所述接收到来自中继UE的ProSe功能实体的授权请求的远端UE的Prose功能实体获取中继UE自身接入控制的等级和/或远端UE接入中继UE的优先级信息;In the case of resource limitation, the Prose function entity of the relay UE acquires the level of the relay UE's own access control and/or the priority information of the remote UE accessing the relay UE, or the received information comes from The Prose function entity of the remote UE following the authorization request of the ProSe functional entity of the UE acquires the level of the relay UE's own access control and/or the priority information of the remote UE's access to the relay UE;
    其中,所述中继UE接入控制的等级和/或远端UE接入中继UE的优先级信息用于限制触发广播的远端UE的级别,或所述中继UE接入控制的等级和/或远端UE接入中继UE的优先级信息用于限制与中继UE进行通信的远端UE的级别。The level of the relay UE access control and/or the priority information of the remote UE accessing the relay UE is used to limit the level of the remote UE that triggers the broadcast, or the level of the relay UE access control. And/or the priority information of the remote UE accessing the relay UE is used to limit the level of the remote UE that communicates with the relay UE.
  18. 一种中继UE接入控制装置,包括控制单元和处理单元;其中,A relay UE access control device includes a control unit and a processing unit; wherein
    控制单元,设置为通过远端UE允许接入信息对远端UE进行授权验证,所述远端UE允许接入信息用于表示是否允许远端UE接入;以及a control unit, configured to perform authorization verification on the remote UE by using the access information of the remote UE, where the remote UE allows the access information to be used to indicate whether the remote UE is allowed to access;
    处理单元,设置为根据验证结果判断是否允许远端UE接入。The processing unit is configured to determine, according to the verification result, whether the remote UE is allowed to access.
  19. 根据权利要求18所述的中继UE接入控制装置,其中,所述控制单元是设置为:接收来自所述远端UE发起的请求;根据所述远端UE允许接入信息对远端UE进行授权,其中,所述远端UE允许接入信息包括所述中继UE接入控制的等级和所述请求中携带的优先级信息。The relay UE access control apparatus according to claim 18, wherein the control unit is configured to: receive a request initiated by the remote UE; and allow access information to the remote UE according to the remote UE Authorizing, wherein the remote UE allows access information to include a level of the relay UE access control and priority information carried in the request.
  20. 根据权利要求18所述的中继UE接入控制装置,其中,所述控制单元是设置为:接收来自所述远端UE发起的请求;根据所述请求中携带的远端UE的信息,查找发起请求的远端UE的基于距离的业务Prose功能实体, 获取该远端UE的优先级信息;以及根据所述中继UE接入控制的等级和获得的远端UE的优先级信息,对发起请求的远端UE进行授权。The relay UE access control apparatus according to claim 18, wherein the control unit is configured to: receive a request initiated by the remote UE; and search according to information of a remote UE carried in the request The distance-based service Prose functional entity of the remote UE that initiated the request, Obtaining the priority information of the remote UE; and authorizing the remote UE that initiates the request according to the level of the relay UE access control and the obtained priority information of the remote UE.
  21. 根据权利要求18所述的中继UE接入控制装置,其中,所述控制单元是设置为:接收来自所述远端UE发起的请求;向所述中继UE的Prose功能实体发送请求,其中携带所述远端UE的信息;从所述中继UE的Prose功能实体获取所述远端UE的优先级信息;以及根据所述中继UE接入控制的等级和获得的远端UE的优先级信息,对发起请求的远端UE进行授权。The relay UE access control apparatus according to claim 18, wherein the control unit is configured to: receive a request initiated by the remote UE; and send a request to a Prose functional entity of the relay UE, where And carrying the information of the remote UE, acquiring the priority information of the remote UE from the Prose functional entity of the relay UE, and obtaining the priority of the remote UE according to the level of the relay UE access control Level information, authorizing the remote UE that initiated the request.
  22. 根据权利要求18所述的中继UE接入控制装置,其中,所述控制单元还设置为:获得自身的接入控制的等级,将获得的自身接入控制的等级作为远端UE允许接入信息通过广播消息进行广播。The relay UE access control apparatus according to claim 18, wherein the control unit is further configured to: obtain a level of its own access control, and use the obtained level of its own access control as a remote UE to allow access. Information is broadcast via broadcast messages.
  23. 根据权利要求18所述的中继UE接入控制装置,其中,所述控制单元是设置为:接收来自所述远端UE发起的请求;请求自身的Prose功能实体根据远端UE允许接入信息,对发起请求的远端UE进行授权验证,并接收来自中继UE的Prose功能实体的授权结果。The relay UE access control apparatus according to claim 18, wherein the control unit is configured to: receive a request initiated by the remote UE; and request a Prose function entity of itself to allow access information according to the remote UE Authorizing the remote UE that initiated the request, and receiving the authorization result of the Prose functional entity from the relay UE.
  24. 根据权利要求23所述的中继UE接入控制装置,其中,所述远端UE允许接入信息为允许接入的远端UE的信息;The relay UE access control apparatus according to claim 23, wherein the remote UE allows access information to be information of a remote UE that is allowed to access;
    当发起请求的远端UE包含在允许接入的远端UE的信息中,所述授权结果为授权成功。When the requesting remote UE is included in the information of the remote UE that is allowed to access, the authorization result is that the authorization is successful.
  25. 根据权利要求18所述的中继UE接入控制装置,其中,所述控制单元是设置为:接收来自所述远端UE发起的建立通信请求;通过对该远程UE的鉴权过程或单独的流程,获取该远端UE的国际移动用户识别码IMSI;将获得的远端UE的IMSI携带在授权请求中发送给自身归属的移动性管理实体MME,如果MME确定远端UE的IMSI包含在中继UE的MME上下文中,则收到的授权结果为授权成功。The relay UE access control apparatus according to claim 18, wherein the control unit is configured to: receive a setup communication request initiated by the remote UE; by an authentication process of the remote UE or a separate The process, the international mobile subscriber identity (IMSI) of the remote UE is obtained, and the obtained IMSI of the remote UE is carried in an authorization request and sent to the mobility management entity MME of the home UE. If the MME determines that the IMSI of the remote UE is included, In the MME context of the UE, the authorization result received is that the authorization is successful.
  26. 根据权利要求23或25所述的中继UE接入控制装置,当所述远端UE允许接入信息是允许接入的远端UE的信息时,如果所述控制单元所在中继UE的ProSe功能实体中未包含有允许接入的远端UE的信息,所述控制单元还设置为: The relay UE access control apparatus according to claim 23 or 25, when the remote UE allows the access information to be information of the remote UE that is allowed to access, if the control unit is located in the ProSe of the relay UE The function entity does not include information about the remote UE that is allowed to access, and the control unit is further configured to:
    根据所述发起请求的远端UE的ProSe UE ID找到该远端UE对应的远端UE的ProSe功能实体,并向其发送授权请求,在授权请求中携带有该中继UE的ProSe Relay UE ID;在远端UE的ProSe功能实体根据获取的允许接入的远端UE的信息,判断出相应的远端UE可以监听授权请求中携带的中继UE的广播信息、或建立通信请求时,则接收来自远端UE的ProSe功能实体的授权成功信息。Defining a ProSe function entity of the remote UE corresponding to the remote UE according to the ProSe UE ID of the remote UE, and sending an authorization request to the remote UE, where the authorization request carries the ProSe Relay UE ID of the relay UE. The ProSe function entity of the remote UE determines, according to the obtained information of the remote UE that is allowed to access, that the corresponding remote UE can listen to the broadcast information of the relay UE carried in the authorization request, or establish a communication request, Receiving authorization success information of the ProSe functional entity from the remote UE.
  27. 根据权利要求23或25所述的中继UE接入控制装置,所述授权结果显示为授权成功时,所述控制单元还设置为:The relay UE access control device according to claim 23 or 25, wherein the authorization result is displayed as the authorization is successful, the control unit is further configured to:
    在资源受限的情况下,接收来自所述中继UE的Prose功能实体的所述中继UE自身接入控制的等级和/或远端UE接入中继UE的优先级信息,或者接收来自远端UE的Prose功能实体的所述中继UE自身接入控制的等级和/或远端UE接入中继UE的优先级信息,所述远端UE的Prose功能实体为接收到来自所述中继UE的ProSe功能实体的授权请求的远端UE的Prose功能实体。 In case of resource limitation, receiving the level of the access UE's own access control from the Prose functional entity of the relay UE and/or the priority information of the remote UE accessing the relay UE, or receiving from a priority level of the relay UE's own access control and/or a priority information of the remote UE accessing the relay UE, and the Prose function entity of the remote UE receives the The Prose functional entity of the remote UE that requests the authorization of the ProSe functional entity of the UE.
PCT/CN2015/092853 2015-04-02 2015-10-26 Relay ue access control method and apparatus WO2016155298A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510154573.4A CN106162803A (en) 2015-04-02 2015-04-02 A kind of relaying UE connection control method and device
CN201510154573.4 2015-04-02

Publications (1)

Publication Number Publication Date
WO2016155298A1 true WO2016155298A1 (en) 2016-10-06

Family

ID=57003878

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/092853 WO2016155298A1 (en) 2015-04-02 2015-10-26 Relay ue access control method and apparatus

Country Status (2)

Country Link
CN (1) CN106162803A (en)
WO (1) WO2016155298A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3557898A4 (en) * 2017-01-06 2019-10-30 Huawei Technologies Co., Ltd. Authorisation verification method and apparatus
WO2021004606A1 (en) * 2019-07-05 2021-01-14 Nokia Technologies Oy Apparatus, method, and computer program for performing access check with a cellular network

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10292087B2 (en) 2017-02-01 2019-05-14 Futurewei Technologies, Inc. System and method for access barring
CN112911583A (en) 2017-07-11 2021-06-04 华为技术有限公司 Equipment access method, equipment and system
CN109257705B (en) * 2017-07-14 2023-04-18 华为技术有限公司 Data transmission method, device and system
EP3512269A1 (en) * 2018-01-15 2019-07-17 Industrial Technology Research Institute Hierarchical indirect registration for connecting a user equipment to a 5g network
CN110012517B (en) * 2019-04-01 2021-03-12 Oppo广东移动通信有限公司 Relay transmission method, device, mobile terminal and storage medium
EP3975592B1 (en) * 2019-08-16 2024-03-06 Guangdong Oppo Mobile Telecommunications Corp., Ltd. Communication method and network device
CN113596789A (en) * 2020-04-30 2021-11-02 维沃移动通信有限公司 Device interaction method and core network device
CN113709902A (en) * 2020-05-21 2021-11-26 华为技术有限公司 Relay link establishment method, relay link configuration information sending device and readable storage medium
CN113873613A (en) * 2020-06-30 2021-12-31 华为技术有限公司 Access control method and related device
US20230254692A1 (en) * 2020-07-15 2023-08-10 Lg Electronics Inc. Relay communication
CN114339748A (en) * 2020-09-30 2022-04-12 华为技术有限公司 Authentication method and device
CN114650537A (en) * 2020-12-17 2022-06-21 维沃移动通信有限公司 Credit relay communication method, device, terminal and network side equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014179294A2 (en) * 2013-05-02 2014-11-06 Qualcomm Incorporated Method and apparatus for device to device relay selection
CN104159221A (en) * 2013-05-13 2014-11-19 中兴通讯股份有限公司 Public security communication processing method and system
US20150029866A1 (en) * 2013-07-29 2015-01-29 Htc Corporation Method of relay discovery and communication in a wireless communications system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014179294A2 (en) * 2013-05-02 2014-11-06 Qualcomm Incorporated Method and apparatus for device to device relay selection
US20140329535A1 (en) * 2013-05-02 2014-11-06 Qualcomm Incorporated Method and apparatus for device to device relay selection
CN104159221A (en) * 2013-05-13 2014-11-19 中兴通讯股份有限公司 Public security communication processing method and system
US20150029866A1 (en) * 2013-07-29 2015-01-29 Htc Corporation Method of relay discovery and communication in a wireless communications system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
HUAWEI TECHNOLOGIES CO., LTD. ET AL.: "3GPP, S 2-133843 , The ProSe UE-to-network Relay with the Network Authorization", 3GPP, SA WG2 MEETING #99, 23 September 2013 (2013-09-23), XP050727137 *
HUAWEI TECHNOLOGIES CO., LTD. ET AL.: "3GPP, S 2-140177 , Discussion on UE-to-network Relay", 3GPP, SA WG2 MEETING #101, 20 January 2014 (2014-01-20), XP050744512 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3557898A4 (en) * 2017-01-06 2019-10-30 Huawei Technologies Co., Ltd. Authorisation verification method and apparatus
EP3849227A1 (en) * 2017-01-06 2021-07-14 Huawei Technologies Co., Ltd. Authorization and verification method and apparatus
WO2021004606A1 (en) * 2019-07-05 2021-01-14 Nokia Technologies Oy Apparatus, method, and computer program for performing access check with a cellular network

Also Published As

Publication number Publication date
CN106162803A (en) 2016-11-23

Similar Documents

Publication Publication Date Title
WO2016155298A1 (en) Relay ue access control method and apparatus
EP2982084B1 (en) Method and apparatus for routing proximity-based service message in wireless communication system
US10123205B2 (en) Admission of a session to a virtual network service
EP2950499B1 (en) 802.1x access session keepalive method, device, and system
TWI748952B (en) Supporting multiple concurrent service contexts with a single connectivity context
CN111373782B (en) Authorization for direct discovery applications
US8914867B2 (en) Method and apparatus for redirecting data traffic
WO2014146474A1 (en) Terminal registration method, terminal discovery method, terminal and device
JP6671527B2 (en) Method and apparatus for a terminal device to discover another terminal device
EP4247115A2 (en) Method and device for activating 5g user
KR20110091305A (en) Method and apparatus for selecting public land mobile network for emergency call in multiple operator core network
US20230199632A1 (en) Access to Second Network
US20210385283A1 (en) Multimedia Priority Service
WO2011054251A1 (en) Method, system and terminal for preventing access from illegal terminals
US8948754B2 (en) Method and apparatus for establishing a communication connection
US20230109272A1 (en) Network Slice
WO2016112674A1 (en) Communication method, terminal, system and computer storage medium
US10219309B2 (en) D2D service authorizing method and device and home near field communication server
WO2016023282A1 (en) Near field communication discovery method, apparatus and system
CN116210252A (en) Network operations to receive user consent for edge computation
US11606303B1 (en) Device initiated quality of service
WO2014047923A1 (en) Method and device for accessing network
WO2016086625A1 (en) Method and apparatus for notifying authorisation update
KR20210138322A (en) Authentication server for 5g non public network connection control, method of the network connection control and connection method of terminal
WO2022027529A1 (en) Method and apparatus for slice authentication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15887252

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15887252

Country of ref document: EP

Kind code of ref document: A1