WO2018036514A1 - Method and device for sending message - Google Patents

Method and device for sending message Download PDF

Info

Publication number
WO2018036514A1
WO2018036514A1 PCT/CN2017/098628 CN2017098628W WO2018036514A1 WO 2018036514 A1 WO2018036514 A1 WO 2018036514A1 CN 2017098628 W CN2017098628 W CN 2017098628W WO 2018036514 A1 WO2018036514 A1 WO 2018036514A1
Authority
WO
WIPO (PCT)
Prior art keywords
message
module
dep
communication message
determining
Prior art date
Application number
PCT/CN2017/098628
Other languages
French (fr)
Chinese (zh)
Inventor
范军
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2018036514A1 publication Critical patent/WO2018036514A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/302Route determination based on requested QoS
    • H04L45/304Route determination for signalling traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail

Definitions

  • the present invention relates to the field of communications, and in particular to a message sending method and apparatus.
  • RFC 3588 (Request For Comments, referred to as RFC, is a series of numbered files that collect information about Internet-related information, as well as software files for UNIX and Internet communities) and related application protocols.
  • Diameter system is 3GPP (3rd Generation Partnership Project, 3GPP's goal is to achieve a smooth transition from 2G network to 3G network, to ensure backward compatibility of future technologies, support easy network construction and inter-system roaming and compatibility , including R5, R6, R7, R8, R9, etc.) HSS (Home Subscriber Server), SLF (Super Low Frequency), SPR in the IMS (IP Multimedia Subsystem) system (Subscription Profile Repository), EPC (Evolved Packet Core, 4G core network) and other related network elements provide Diameter messaging, relay and other functional services.
  • 3GPP 3rd Generation Partnership Project
  • 3GPP's goal is to achieve a smooth transition from 2G network to 3G network, to ensure backward compatibility of future technologies, support easy network construction and inter-
  • the system uses the data transmission service provided by the transport layer (that is, the TCP/SCTP layer, the Transmission Control Protocol, the Stream Control Transmission Protocol, the Stream Control Transmission Protocol) to send a Diameter message to the peer Diameter entity, and the received Diameter message. It is sent to the service layer to provide link management and transaction layer retransmission mechanisms to ensure the reliability of the signaling layer.
  • the transport layer that is, the TCP/SCTP layer, the Transmission Control Protocol, the Stream Control Transmission Protocol, the Stream Control Transmission Protocol
  • connection management function the main functions of the system include connection management function, transaction management function, and session management function.
  • session management function the main functions of the system.
  • the system can be divided into the following functional levels:
  • DAP module (Diameter Access Point), completes the access control of the neighboring points in the Diameter network, and carries the management function;
  • the DEP module (Diameter Executive Point) completes the business-related logic execution functions defined in the Diameter protocol, including transaction management, session management, Relay/Redirect, etc.
  • the DAP module is mainly responsible for completing the access control and bearer management functions of the Diameter neighbor.
  • the DAP module receives the message from the SCTP/TCP layer. If it is a request message, it sends it to the corresponding DEP module according to a certain distribution policy. If it is a response message, it sends it directly to the DEP module where the request message is located.
  • the DAP module cannot be correctly distributed due to the change of the status of the DEP module.
  • the embodiment of the invention provides a message sending method and device, so as to at least solve the technical problem that the message forwarding cannot be correctly performed due to the elastic contraction characteristic of the VNF in the related art.
  • a message sending method includes: when a VNF is in an elastic contraction, if a communication message of a network element is received, acquiring a message type of the communication message; The message type determines the target DEP module for processing the communication message; sends the communication message to the target DEP module.
  • the message type of the communication message is: obtaining the identification information carried in the communication message; determining the message type of the communication message by using the identification information.
  • the obtaining the identifier information carried in the communication message includes: obtaining the identifier information carried in the Payload field in the communication message.
  • determining, by the identifier information, the message type of the communication message includes: determining whether there is a session connection corresponding to the identifier information, where the session connection corresponding to the identifier information is a session connection to which the communication message belongs; if there is a correspondence corresponding to the identifier information The session connection determines that the message type of the communication message is a non-originating message; if there is no session connection corresponding to the identification information, it determines that the message type of the communication message is an originating message.
  • determining, according to the message type of the communication message, the target DEP module for processing the communication message comprises: determining that the DEP module associated with the session connection is the target DEP module if the message type of the communication message is a non-originating message; In the case that the message type of the communication message is an originating message, one of the plurality of DEP modules is selected as the target DEP module, wherein the plurality of DEP modules are DEP modules that are not allowed to be reduced in the preset time period.
  • the identifier information is data information
  • selecting one of the plurality of DEP modules as the target DEP module includes: determining a number of modules of the plurality of DEP modules; performing a remainder operation on the identifier information by using the number of modules to obtain identification data; The target DEP module in the DEP module that matches the identification data in sequence, and associates the target DEP module with the session connection.
  • the network element includes a 3GPP AAA SERVER network element.
  • a message sending apparatus comprising: an acquiring unit, configured to acquire a message of a communication message if a communication message of a network element is received when the VNF is in elastic contraction a determining unit configured to determine a target DEP module for processing a communication message based on a message type of the communication message; and a sending unit configured to send the communication message to the target DEP module.
  • the obtaining unit includes: an obtaining module, configured to obtain the identifier information carried in the communication message; and the first determining module is configured to determine, by using the identifier information, a message type of the communication message.
  • the obtaining module is further configured to obtain the identifier information carried in the Payload field in the communication message.
  • the first determining module includes: a determining submodule, configured to determine whether there is a session connection corresponding to the identifier information, where the session connection corresponding to the identifier information is a session connection to which the communication message belongs; the first determining submodule, The message type of the communication message is determined to be a non-originating message if there is a session connection corresponding to the identification information; and the second determining sub-module is configured to determine a message of the communication message if there is no session connection corresponding to the identification information Type is the originating message.
  • the determining unit includes: a second determining module, configured to determine that the DEP module associated with the session connection is the target DEP mode if the message type of the communication message is a non-originating message
  • the module is configured to select one of the plurality of DEP modules as the target DEP module when the message type of the communication message is an initial message, wherein the plurality of DEP modules are not allowed within the preset time period.
  • a second determining module configured to determine that the DEP module associated with the session connection is the target DEP mode if the message type of the communication message is a non-originating message
  • the module is configured to select one of the plurality of DEP modules as the target DEP module when the message type of the communication message is an initial message, wherein the plurality of DEP modules are not allowed within the preset time period.
  • Shing DEP module configured to determine that the DEP module associated with the session connection is the target DEP mode if the message type of the communication message is a non-originating message
  • the module is configured to select one of the
  • the identifier information is data information
  • the selecting module includes: a third determining submodule configured to determine a number of modules of the plurality of DEP modules; and an operation submodule configured to perform a remainder operation on the identifier information by using the number of modules to obtain the identifier
  • the data acquisition module is configured to acquire a target DEP module that matches the identification data in the plurality of DEP modules, and associates the target DEP module with the session connection.
  • the network element includes a 3GPP AAA SERVER network element.
  • a storage medium which may be configured to store program code for performing the following steps: when the VNF is in elastic contraction, if a communication message of the network element is received, Obtaining a message type of the communication message; determining a target DEP module for processing the communication message based on the message type of the communication message; and transmitting the communication message to the target DEP module.
  • the VNF when the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is acquired; and the target DEP module for processing the communication message is determined based on the message type of the communication message; The communication message is sent to the target DEP module, thereby solving the technical problem that the message forwarding cannot be correctly performed due to the elastic contraction characteristic of the VNF in the related art, and the technical effect of correctly performing message forwarding during the elastic contraction is realized.
  • FIG. 1 is a schematic diagram of a computer terminal in accordance with an embodiment of the present invention.
  • FIG. 3 is a flowchart of a message sending method according to an embodiment of the present invention.
  • FIG. 4 is a schematic diagram of a Diameter logic architecture in accordance with an embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a message transmitting apparatus according to an embodiment of the present invention.
  • the method embodiment provided in Embodiment 1 of the present application can be executed in a mobile terminal, a computer terminal or the like.
  • the computer terminal may include one or more (only one shown) processor 101 (the processor 101 may include, but is not limited to, a microprocessor MCU or programmable A processing device such as a logic device FPGA, a memory 103 provided to store data, and a transmission device 105 provided as a communication function.
  • processor 101 may include, but is not limited to, a microprocessor MCU or programmable A processing device such as a logic device FPGA, a memory 103 provided to store data, and a transmission device 105 provided as a communication function.
  • FIG. 1 is merely illustrative and does not limit the structure of the above electronic device.
  • the memory 103 can be configured as a software program and a module for storing application software, such as program instructions/modules corresponding to the control method of the device in the embodiment of the present invention, and the processor 101 executes by executing a software program and a module stored in the memory 103.
  • application software such as program instructions/modules corresponding to the control method of the device in the embodiment of the present invention
  • the processor 101 executes by executing a software program and a module stored in the memory 103.
  • the memory can include high speed random access memory and can also include non-volatile memory such as one or more magnetic storage devices, flash memory, or other non-volatile solid state memory.
  • the memory can further include memory remotely located relative to the processor, which can be connected to the computer terminal over a network. Examples of such networks include, but are not limited to, the Internet, intranets, local area networks, mobile communication networks, and combinations thereof.
  • the memory may store the program code of the following steps: when the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is acquired; based on the communication message The message type determines the target DEP module for processing the communication message; sends the communication message to the target DEP module.
  • the transmission device is arranged to receive or transmit data via a network.
  • the above-described network specific examples may include a wireless network provided by a communication provider of a computer terminal.
  • the transmission device includes a Network Interface Controller (NIC) that can be connected to other network devices through the base station to communicate with the Internet.
  • the transmission device can be a Radio Frequency (RF) module configured to communicate with the Internet wirelessly.
  • NIC Network Interface Controller
  • RF Radio Frequency
  • Non-3GPP access network is trusted or not is a network feature. If it is dynamically determined whether it is trusted or not, it is handled at the time of access authentication.
  • the AAA Server sends the indication to the access network.
  • the DER (Diameter-EAP-Request) flowchart is shown in Figure 2:
  • Step S201 After the UE establishes an association with the trusted Non-3GPP access gateway, the UE sends an EAPoL-Start to the Non-3GPP access gateway to initiate an authentication request.
  • Step S202 The Non-3GPP access gateway sends an EAP-Request/Identity message to the UE.
  • Step S203 The UE returns an EAP-Response/Identity message, and sends its user identity information to the network.
  • the identity identifier may be a pseudo-random NAI or a permanent NAI (a pseudo-random NAI is not available locally).
  • Step S204 The Non-3GPP access gateway encapsulates the EAP message with the EAP-payload AVP of the DIAMETER DER message and places the Identity in the User-Name AVP of the DIAMETER DER message, and sends the identifier to the 3GPP AAA Server.
  • Step S205 After receiving the DEA message, the 3GPP AAA Server needs to perform the following processing:
  • the EAP-AKA' algorithm is used if the DIAMETER DER carries the ANID, otherwise the EAP-AKA algorithm is used.
  • Step S206 the 3GPP AAA Server sends a DIAMETER DER message requesting a permanent user ID to the access network.
  • Step S207 the access network forwards the DER message to the UE.
  • Step S208 the UE responds by using the EAP-Response/AKA-Identity message to carry a permanent NAI (Network Access Identifier).
  • NAI Network Access Identifier
  • Step S209 the trusted Non-3GPP access gateway forwards the EAP-Response/AKA-Identity message to carry the permanent NAI to the 3GPP AAA Server, and the EAP message is encapsulated in the EAP-payload AVP of the DER message.
  • step S210 the 3GPP AAA Server checks whether the available authentication vector is cached according to the NAI, and if not, sends a MAR (Multimedia Auth Request) request to the HSS, requesting to obtain n sets of authentication vectors (n configurable, ranging from 1 to 5) ).
  • MAR Multimedia Auth Request
  • step S211 the information processing process between the AAA and the HSS is described in the related technical description of the SWx interface. Here, only the functional description is performed.
  • the HSS sends an n-group authentication quintuple in response to the 3GPP AAA Server authentication request.
  • Step S212 the 3GPP AAA Server checks whether there is local subscription information of the user. If not, the AAA initiates a SAR request (AAA_USER_DATA_REQUEST) to the HSS to obtain the user subscription information.
  • Step S213 the processing between the AAA and the HSS is referred to the SWx interface.
  • the HSS returns the SAA response to the 3GPP AAA Server.
  • step S214 the AAA server needs to perform the following processing:
  • the EAP playload parameters sent by the 3GPP AAA Server include ANID, RAND, AUTN (ANID, RAND, AUTN is part of the authentication quaternion), a message authentication code (MAC) and two user identities are assigned to the trusted Non-3GPP access gateway, and the EAP message is encapsulated in the DIAMETER DEA message.
  • the AT_RESULT_IND attribute is carried in the EAP-Payload AVP, and the AT_TRUST_IND attribute value (TRUSTED) determined in step S205 is sent to the UE if the IP mobility mode needs to be dynamically determined.
  • Step S215 the trusted Non-3GPP access gateway sends an EAP-Request/AKA-Challenge message to the UE.
  • step S216 the UE runs a UMTS (Universal Mobile Telecommunications System) algorithm in the USIM (Global Subscriber Identity Card).
  • the USIM verifies the AUTN and authenticates the network accordingly. If the AUTN is verified incorrectly, the terminal rejects the authentication (not shown in this example). If the serial number verification fails, the terminal initiates a synchronization process.
  • UMTS Universal Mobile Telecommunications System
  • USIM Global Subscriber Identity Card
  • Step S217 the trusted Non-3GPP access gateway sends an EAP-Response/AKA-Challenge message to the 3GPP AAA Server, and the EAP message is encapsulated in the DIAMETER DER message.
  • Step S218, the 3GPP AAA Server checks the received message authentication code (MAC, the MAC is calculated according to the secret key and the transmitted data to prevent the message from being destroyed), and compares XRES (Expected user Response) and received To RES (actual user response). If all checks are successful and the received DER request carries a result protection indication, the 3GPP AAA Server must send an EAP-Request/AKA-Notification message before sending the EAP Success message. If it is dynamically determining the IP mobility mode, it needs to be AT_IPMS_RES. The attribute is sent down. The EAP message is encapsulated in the DIAMETER DEA message and protected by MAC.
  • MAC received message authentication code
  • Step S219 the trusted Non-3GPP access gateway forwards the EAP message to the UE.
  • step S220 the UE sends an EAP-Response/AKA-Notification.
  • Step S221 the trusted Non-3GPP access gateway sends an EAP-Response/AKA-Notification message to the 3GPP AAA Server, and the EAP packet is encapsulated. In the DIAMETER DER message. The 3GPP AAA Server must ignore the message content.
  • step S222 after the authentication succeeds, the key changed in the authentication process needs to be updated.
  • the AAA service module initiates an LDAP (Lightweight Directory Access Protocol) write request to the AAA storage module, updates the MSK, MSK-Timeout, re-authentication ID and re-authentication ID counter, random pseudonym (if regenerated), and The pseudo-ID counter (if changed) also updates the EMSK.
  • LDAP Lightweight Directory Access Protocol
  • Step S223 after the AAA storage module updates the data, return an LDAP response to the AAA service module.
  • Step S224 the 3GPP AAA Server checks whether the user is allowed to use the Non-3GPP access, whether to use the subscribed APN7406455910s, whether the RAT-Type is in the RAT list allowed by the user subscription, and check whether the user has signed the APN7406455910 in the DER request. If the check is passed, an EAP Success message is sent to the trusted Non-3GPP access gateway (may be described before step 23) before the EAP-Notification is sent.
  • Step S225 the trusted Non-3GPP access gateway notifies the UE that the authentication is successful by using an EAP Success message. At this point, the EAP-AKA' interaction has been successfully completed.
  • IMSI NAI
  • REGISTRATION service allocation type
  • Step S227 the HSS sets the user status to REGISTERED, and then carries the user related data to initiate SAA insertion data to the AAA server.
  • the DER message (ie, Diameter-EAP-Request Command) mainly includes the following fields, and the meanings of the respective fields are as shown in Table 1:
  • the DAP module when the DAP module distributes the message to the DEP module, it is determined according to the state of the DEP module whether to distribute the message to the DEP module. After the virtualization of the VNF is introduced, the DAP module in the VNF process does not allow the DEP module to process the newly-initiated service message. The DAP module forwards the message to the DEP module in advance. This DEP module is filtered out.
  • the DAP module distributes the message according to the session (the callback connection) carried in the message and the running DEP module to select the appropriate DEP module.
  • the DER message (that is, the communication message) of the 3GPP AAA SERVER network element has a scenario in which multiple messages are exchanged in a session. If the DEP module is offline (ie, reduced in size) according to the distribution policy of the DAP module above, the DAP module will not be used again. The remaining DER message in the session is distributed to the DEP module that originally processed the message, causing the call loss of the DER message.
  • a message sending method is provided.
  • Method Embodiments it should be noted that the steps shown in the flowchart of the accompanying drawings may be performed in a computer system such as a set of computer executable instructions, and although the logical order is shown in the flowchart, In some cases, the steps shown or described may be performed in a different order than that.
  • FIG. 3 is a flowchart of a method for sending a message according to an embodiment of the present invention. As shown in FIG. 3, the method includes the following steps:
  • Step S301 When the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is obtained.
  • Step S302 Determine a target DEP module for processing the communication message based on the message type of the communication message.
  • Step S303 sending a communication message to the target DEP module.
  • the VNF when the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is acquired; the target DEP module for processing the communication message is determined based on the message type of the communication message; and the communication message is sent.
  • the target DEP module is solved, thereby solving the technical problem that the message forwarding cannot be correctly performed due to the elastic contraction characteristic of the VNF in the related art, and the technical effect of correctly performing message forwarding in the elastic contraction is realized.
  • the architecture of the operating environment of the method of the present application is shown in FIG. 4, and in the Diameter logical architecture diagram, the DEP module (the session and transaction management module and its active and standby modules) and the DAP module (the connection management module and its active and standby modules) are mainly included.
  • DIM data transmission module Diameter Data Transport Point, DIP module for short
  • platform adapter module public module / PARSER module
  • OAM service module Operation Administration and Maintenance, also known as Diameter operation management and maintenance module.
  • the above DIP module includes a LREG module (Diameter Local Registry, that is, a Diameter local registration node) and a preparation module thereof, a DTP module, a GREG module (Diameter Global Registry, that is, a Diameter global registration node), and an active/standby module thereof.
  • LREG Diameter Local Registry
  • DTP Diameter
  • GREG Diameter Global Registry
  • the execution body of the foregoing step may be a bearer adaptation module DAP or the like, but is not limited thereto.
  • the foregoing network element includes a 3GPP AAA SERVER network element; the foregoing communication message may be 3GPP DER message of the AAA SERVER network element (Diameter-EAP-Request).
  • step S301 the message type of the communication message is obtained by: obtaining the identification information carried in the communication message; and determining the message type of the communication message by using the identification information.
  • the obtaining the identifier information carried in the communication message includes: obtaining the identifier information carried in the Payload field in the communication message; determining, by using the identifier information, the message type of the communication message includes: determining whether there is a session connection corresponding to the identifier information, where The session connection corresponding to the information is the session connection to which the communication message belongs; if there is a session connection corresponding to the identification information, it is determined that the message type of the communication message is a non-originating message (ie, the Nth message of the session, N is greater than 1); If there is no session connection corresponding to the identification information, it is determined that the message type of the communication message is an origination message (the first message of the session).
  • determining, according to the message type of the communication message, the target DEP module for processing the communication message comprises: determining the DEP module associated with the session connection if the message type of the communication message is a non-originating message For the target DEP module, when the message type of the communication message is an initial message, one of the plurality of DEP modules is selected as the target DEP module, wherein the plurality of DEP modules are not allowed to be reduced during the preset time period. The DEP module.
  • the identification information is data information
  • selecting one of the plurality of DEP modules as the target DEP module includes: determining the number of modules of the plurality of DEP modules; performing the remainder operation on the identification information by using the number of modules to obtain the identification data; A target DEP module that sequentially matches the identification data among the plurality of DEP modules, and associates the target DEP module with the session connection.
  • the method of the present application can be applied to a message distribution policy in which the DER message is not interrupted when the Diameter service execution module is contracted under the virtualized 3GPP AAA SERVER network element VNF.
  • the process is as follows:
  • the DAP module When processing the DER message, the DAP module decodes the DER message to determine whether the Eap-payload (Extensible Authentication Protocol, Eap) in the DER message has eap-identity (ie, response).
  • Eap Extensible Authentication Protocol
  • the distribution strategy is as follows:
  • the DAP considers that the application is processing the DER message (that is, the message in the existing session connection), DAP. Distribute messages according to the old DEP module (including the DEP module ready to be offline).
  • the DAP considers that it is a new service message initiated by the terminal, and the DAP distributes the message according to the new DEP module distribution (remove the DEP module to be reduced) .
  • the DER message is decoded by the DAP module, and whether the DER message is the originating message of the peer is determined according to whether the Eap-payload in the DER message carries the eap-identity (ie, the identifier information carried in the Payload field). If eap-identity (response) is taken, it is considered to be an initial message, and the distributed message is distributed according to the new DEP module, and the DEP module to be reduced is distributed and distributed. If there is no eap-identity (response), it is considered to be an intermediate message of the DER.
  • the distributed message is distributed according to the old DEP module, and the DEP module that is ready to be reduced is reserved for distribution, so that the DEP module preparing to shrink can process the remaining messages of the DER.
  • the DER message newly initiated by the peer network element is not processed, and the requirement that the service message is not interrupted when the DEP module is reduced is satisfied.
  • the DEP module in the Diameter layer carried by the 3GPP AAA SERVER network element is reduced, the DER message processed by the DAP module has a call loss, the UE attachment process fails, and the user cannot access the 3GPP network.
  • the DAP module of the Diameter system in the present application determines the message distribution policy flow of the DAP module according to whether the Eap-payload in the DER message carries the eap-identity (response), as shown in FIG. 2;
  • step S202 the Diameter subsystem carried by the 3GPP AAA Server receives the DER message, and the DAP module of the Diameter decodes the DER message when processing the DER message, and determines whether the Eap-payload in the DER message has eap-identity (response) ), its distribution strategy is as follows:
  • the DAP If the Eap-payload in the DER message does not carry the eap-identity (response), the DAP considers that the application is processing the DER message (that is, the message in the existing session connection), and the DAP follows the old DEP module (including the preparation for offline). The DEP module) distributes the distributed messages.
  • the DAP considers that the DAP is a new service message initiated by the terminal, and the DAP is distributed according to the new DEP module. Prepare the denatured DEP module to remove the message.
  • the method according to the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course, by hardware, but in many cases, the former is A better implementation.
  • the technical solution of the present invention which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk,
  • the optical disc includes a number of instructions for causing a terminal device (which may be a cell phone, a computer, a server, or a network device, etc.) to perform the methods described in various embodiments of the present invention.
  • a message sending apparatus is also provided in the embodiment of the present invention.
  • the device is used to implement the above embodiments and preferred embodiments, and the description thereof has been omitted.
  • the term "module” may implement a combination of software and/or hardware of a predetermined function.
  • the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
  • FIG. 5 is a schematic diagram of a message transmitting apparatus according to an embodiment of the present invention. As shown in FIG. 5, the apparatus may include an acquisition unit 51, a determination unit 52, and a transmission unit 53.
  • the obtaining unit 51 is configured to acquire a message type of the communication message if the communication message of the network element is received when the VNF is in elastic contraction.
  • the determining unit 52 is arranged to determine a target DEP module for processing the communication message based on the message type of the communication message.
  • the sending unit 53 is configured to send a communication message to the target DEP module.
  • the acquiring unit acquires the message type of the communication message when the VNF is in the elastic contraction state, and determines the message type of the communication message based on the message type of the communication message, and determines the target DEP module for processing the communication message.
  • the sending unit sends a communication message to the target DEP module. Therefore, the technical problem that the message forwarding cannot be correctly performed due to the elastic contraction characteristic of the VNF in the related art is solved, and the message forwarding can be correctly performed even during the elastic contraction. The technical effect of hair.
  • the foregoing network element includes a 3GPP AAA SERVER network element; the foregoing communication message may be a DER message (Diameter-EAP-Request) of the 3GPP AAA SERVER network element.
  • the obtaining unit includes: an obtaining module, configured to obtain the identifier information carried in the communication message; and the first determining module is configured to determine the message type of the communication message by using the identifier information.
  • the obtaining module is further configured to obtain the identifier information carried in the Payload field in the communication message.
  • the first determining module includes: a determining sub-module, configured to determine whether there is a session connection corresponding to the identifier information, wherein the session connection corresponding to the identifier information is a session connection to which the communication message belongs; and the first determining sub-module is set to exist if Determining, by the session connection corresponding to the identifier information, the message type of the communication message is a non-originating message; and the second determining sub-module is configured to determine that the message type of the communication message is originating if there is no session connection corresponding to the identifier information Message.
  • the determining unit includes: a second determining module, configured to determine that the DEP module associated with the session connection is the target DEP module if the message type of the communication message is a non-originating message; and the selecting module is set to be in the communication In the case that the message type of the message is an originating message, one of the plurality of DEP modules is selected as the target DEP module, wherein the plurality of DEP modules are DEP modules that are not allowed to be reduced in the preset time period.
  • the identification information is data information
  • the selection module includes: a third determining sub-module, configured to determine a number of modules of the plurality of DEP modules; and an operation sub-module configured to perform a remainder operation on the identification information by using the number of modules, Identifying the data; acquiring the sub-module, and setting the target DEP module that matches the sequence data in the plurality of DEP modules, and associating the target DEP module with the session connection.
  • each of the above modules may be implemented by software or hardware.
  • the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the above modules are in any combination.
  • the forms are located in different processors.
  • Embodiments of the present invention also provide a storage medium.
  • the storage medium can be configured to store program code for performing the following steps:
  • the foregoing storage medium may include, but not limited to, a USB flash drive, a Read-Only Memory (ROM), a Random Access Memory (RAM), a mobile hard disk, and a magnetic memory.
  • ROM Read-Only Memory
  • RAM Random Access Memory
  • a mobile hard disk e.g., a hard disk
  • magnetic memory e.g., a hard disk
  • the processor executes according to the stored program code in the storage medium: when the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is acquired; The message type of the message determines the target DEP module for processing the communication message; the communication message is sent to the target DEP module.
  • modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
  • the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module.
  • the invention is not limited to any specific combination of hardware and software.
  • the VNF when the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is acquired; and the target DEP module for processing the communication message is determined based on the message type of the communication message; The communication message is sent to the target DEP module, thereby solving the technical problem that the message forwarding cannot be correctly performed due to the elastic contraction characteristic of the VNF in the related art, and the technical effect of correctly performing message forwarding during the elastic contraction is realized.

Abstract

Provided are a method and device for sending a message. The method comprises: when a VNF is in an elastic shrinkage capacity, if a communication message of a network element is received, acquiring a message type of the communication message; determining, based on the message type of the communication message, a target DEP module for processing the communication message; and sending the communication message to the target DEP module. The present invention solves the technical problem in the related art that message forwarding cannot be performed due to the characteristic of the elastic shrinkage capacity of a VNF.

Description

消息发送方法和装置Message sending method and device 技术领域Technical field
本发明涉及通信领域,具体而言,涉及一种消息发送方法和装置。The present invention relates to the field of communications, and in particular to a message sending method and apparatus.
背景技术Background technique
根据RFC3588(Request For Comments,简称为RFC,是一系列以编号排定的文件,文件收集了有关互联网相关信息,以及UNIX和互联网社区的软件文件)描述的Diameter基础协议功能,并对相关应用协议进行了扩展,Diameter系统为3GPP(3rd Generation Partnership Project,3GPP的目标是实现由2G网络到3G网络的平滑过渡,保证未来技术的后向兼容性,支持轻松建网及系统间的漫游和兼容性,包括R5、R6、R7、R8、R9等版本)IMS(IP Multimedia Subsystem,IP多媒体子系统)系统中HSS(Home Subscriber Server,归属签约用户服务器)、SLF(Super Low Frequency,超低频)、SPR(Subscription Profile Repository,用户属性存储器)、EPC(Evolved Packet Core,4G核心网络)等相关网元提供Diameter消息收发,中继等功能服务。According to RFC 3588 (Request For Comments, referred to as RFC, is a series of numbered files that collect information about Internet-related information, as well as software files for UNIX and Internet communities) and related application protocols. Expanded, Diameter system is 3GPP (3rd Generation Partnership Project, 3GPP's goal is to achieve a smooth transition from 2G network to 3G network, to ensure backward compatibility of future technologies, support easy network construction and inter-system roaming and compatibility , including R5, R6, R7, R8, R9, etc.) HSS (Home Subscriber Server), SLF (Super Low Frequency), SPR in the IMS (IP Multimedia Subsystem) system (Subscription Profile Repository), EPC (Evolved Packet Core, 4G core network) and other related network elements provide Diameter messaging, relay and other functional services.
系统使用传输层(即TCP/SCTP层,Transmission Control Protocol,传输控制协议,Stream Control Transmission Protocol,流控制传输协议)提供的数据传输服务向对等的Diameter实体发送Diameter消息,将收到的Diameter消息发送给业务层,提供链路管理及事务层重传等机制,保证信令层的可靠性。The system uses the data transmission service provided by the transport layer (that is, the TCP/SCTP layer, the Transmission Control Protocol, the Stream Control Transmission Protocol, the Stream Control Transmission Protocol) to send a Diameter message to the peer Diameter entity, and the received Diameter message. It is sent to the service layer to provide link management and transaction layer retransmission mechanisms to ensure the reliability of the signaling layer.
根据Diameter协议,系统主要功能包括连接管理功能、事务管理功能、会话管理功能。根据系统的功能需求,可将系统作如下功能层次划分:According to the Diameter protocol, the main functions of the system include connection management function, transaction management function, and session management function. According to the functional requirements of the system, the system can be divided into the following functional levels:
(1)DAP模块(Diameter Access Point),完成Diameter网络中邻接点的接入控制,承载管理功能;(1) DAP module (Diameter Access Point), completes the access control of the neighboring points in the Diameter network, and carries the management function;
(2)DEP模块(Diameter Executive Point),完成Diameter协议中定义的、与业务相关的逻辑执行功能,包括事务管理、会话管理、 Relay/Redirect(中继重定向)等。(2) The DEP module (Diameter Executive Point) completes the business-related logic execution functions defined in the Diameter protocol, including transaction management, session management, Relay/Redirect, etc.
DAP模块作为Diameter协议栈的连接管理模块,主要负责完成Diameter邻接点的接入控制和承载管理功能。DAP模块接收来自SCTP/TCP层的消息,如果是请求消息则按照一定的分发策略发送至对应的DEP模块,如果是响应消息则直接发送至其请求消息所在的DEP模块。As the connection management module of the Diameter protocol stack, the DAP module is mainly responsible for completing the access control and bearer management functions of the Diameter neighbor. The DAP module receives the message from the SCTP/TCP layer. If it is a request message, it sends it to the corresponding DEP module according to a certain distribution policy. If it is a response message, it sends it directly to the DEP module where the request message is located.
虚拟化引入VNF(Virtual Network Feature,虚拟的网络功能)弹性伸缩特性后,当VNF内的Diameter业务执行模块缩容时,由于DEP模块的状态发生改变,导致DAP模块无法正确进行消息的分发。After the Virtualization of the VNF (Virtual Network Feature) is introduced, the DAP module cannot be correctly distributed due to the change of the status of the DEP module.
针对相关技术中由于VNF的弹性缩容特性导致的无法正确进行消息转发的技术问题,目前尚未提出有效的解决方案。In view of the technical problem that the message forwarding cannot be correctly performed due to the elastic contraction characteristic of the VNF in the related art, an effective solution has not been proposed yet.
发明内容Summary of the invention
本发明实施例提供了一种消息发送方法和装置,以至少解决相关技术中由于VNF的弹性缩容特性导致的无法正确进行消息转发的技术问题。The embodiment of the invention provides a message sending method and device, so as to at least solve the technical problem that the message forwarding cannot be correctly performed due to the elastic contraction characteristic of the VNF in the related art.
根据本发明实施例的一个方面,提供了一种消息发送方法,该方法包括:在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取通讯消息的消息类型;基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块;发送通讯消息至目标DEP模块。According to an aspect of the embodiments of the present invention, a message sending method is provided. The method includes: when a VNF is in an elastic contraction, if a communication message of a network element is received, acquiring a message type of the communication message; The message type determines the target DEP module for processing the communication message; sends the communication message to the target DEP module.
可选地,获取通讯消息的消息类型包括:获取通讯消息中携带的标识信息;通过标识信息确定通讯消息的消息类型。Optionally, the message type of the communication message is: obtaining the identification information carried in the communication message; determining the message type of the communication message by using the identification information.
可选地,获取通讯消息中携带的标识信息包括:获取通讯消息中Payload字段携带的标识信息。Optionally, the obtaining the identifier information carried in the communication message includes: obtaining the identifier information carried in the Payload field in the communication message.
可选地,通过标识信息确定通讯消息的消息类型包括:判断是否存在与标识信息对应的会话连接,其中,与标识信息对应的会话连接为通讯消息所属的会话连接;若存在与标识信息对应的会话连接,则确定通讯消息的消息类型为非始发消息;若不存在与标识信息对应的会话连接,则确定通讯消息的消息类型为始发消息。 Optionally, determining, by the identifier information, the message type of the communication message includes: determining whether there is a session connection corresponding to the identifier information, where the session connection corresponding to the identifier information is a session connection to which the communication message belongs; if there is a correspondence corresponding to the identifier information The session connection determines that the message type of the communication message is a non-originating message; if there is no session connection corresponding to the identification information, it determines that the message type of the communication message is an originating message.
可选地,基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块包括:在通讯消息的消息类型为非始发消息的情况下,确定关联于会话连接的DEP模块为目标DEP模块;在通讯消息的消息类型为始发消息的情况下,选取多个DEP模块中的一个为目标DEP模块,其中,多个DEP模块为在预设时间段内不被允许缩容的DEP模块。Optionally, determining, according to the message type of the communication message, the target DEP module for processing the communication message comprises: determining that the DEP module associated with the session connection is the target DEP module if the message type of the communication message is a non-originating message; In the case that the message type of the communication message is an originating message, one of the plurality of DEP modules is selected as the target DEP module, wherein the plurality of DEP modules are DEP modules that are not allowed to be reduced in the preset time period.
可选地,标识信息为数据信息,选取多个DEP模块中的一个为目标DEP模块包括:确定多个DEP模块的模块数;利用模块数对标识信息进行取余运算,得到标识数据;获取多个DEP模块中顺序与标识数据匹配的目标DEP模块,并关联目标DEP模块和会话连接。Optionally, the identifier information is data information, and selecting one of the plurality of DEP modules as the target DEP module includes: determining a number of modules of the plurality of DEP modules; performing a remainder operation on the identifier information by using the number of modules to obtain identification data; The target DEP module in the DEP module that matches the identification data in sequence, and associates the target DEP module with the session connection.
可选地,网元包括3GPP AAA SERVER网元。Optionally, the network element includes a 3GPP AAA SERVER network element.
根据本发明实施例的另一个方面,提供了一种消息发送装置,该装置包括:获取单元,设置为在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取通讯消息的消息类型;确定单元,设置为基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块;发送单元,设置为发送通讯消息至目标DEP模块。According to another aspect of the present invention, a message sending apparatus is provided, the apparatus comprising: an acquiring unit, configured to acquire a message of a communication message if a communication message of a network element is received when the VNF is in elastic contraction a determining unit configured to determine a target DEP module for processing a communication message based on a message type of the communication message; and a sending unit configured to send the communication message to the target DEP module.
可选地,获取单元包括:获取模块,设置为获取通讯消息中携带的标识信息;第一确定模块,设置为通过标识信息确定通讯消息的消息类型。Optionally, the obtaining unit includes: an obtaining module, configured to obtain the identifier information carried in the communication message; and the first determining module is configured to determine, by using the identifier information, a message type of the communication message.
可选地,获取模块还设置为获取通讯消息中Payload字段携带的标识信息。Optionally, the obtaining module is further configured to obtain the identifier information carried in the Payload field in the communication message.
可选地,第一确定模块包括:判断子模块,设置为判断是否存在与标识信息对应的会话连接,其中,与标识信息对应的会话连接为通讯消息所属的会话连接;第一确定子模块,设置为若存在与标识信息对应的会话连接,则确定通讯消息的消息类型为非始发消息;第二确定子模块,设置为若不存在与标识信息对应的会话连接,则确定通讯消息的消息类型为始发消息。Optionally, the first determining module includes: a determining submodule, configured to determine whether there is a session connection corresponding to the identifier information, where the session connection corresponding to the identifier information is a session connection to which the communication message belongs; the first determining submodule, The message type of the communication message is determined to be a non-originating message if there is a session connection corresponding to the identification information; and the second determining sub-module is configured to determine a message of the communication message if there is no session connection corresponding to the identification information Type is the originating message.
可选地,确定单元包括:第二确定模块,设置为在通讯消息的消息类型为非始发消息的情况下,确定关联于会话连接的DEP模块为目标DEP模 块;选取模块,设置为在通讯消息的消息类型为始发消息的情况下,选取多个DEP模块中的一个为目标DEP模块,其中,多个DEP模块为在预设时间段内不被允许缩容的DEP模块。Optionally, the determining unit includes: a second determining module, configured to determine that the DEP module associated with the session connection is the target DEP mode if the message type of the communication message is a non-originating message The module is configured to select one of the plurality of DEP modules as the target DEP module when the message type of the communication message is an initial message, wherein the plurality of DEP modules are not allowed within the preset time period. Shrinking DEP module.
可选地,标识信息为数据信息,选取模块包括:第三确定子模块,设置为确定多个DEP模块的模块数;运算子模块,设置为利用模块数对标识信息进行取余运算,得到标识数据;获取子模块,设置为获取多个DEP模块中顺序与标识数据匹配的目标DEP模块,并关联目标DEP模块和会话连接。Optionally, the identifier information is data information, and the selecting module includes: a third determining submodule configured to determine a number of modules of the plurality of DEP modules; and an operation submodule configured to perform a remainder operation on the identifier information by using the number of modules to obtain the identifier The data acquisition module is configured to acquire a target DEP module that matches the identification data in the plurality of DEP modules, and associates the target DEP module with the session connection.
可选地,网元包括3GPP AAA SERVER网元。Optionally, the network element includes a 3GPP AAA SERVER network element.
根据本发明的另一个实施例,提供了一种存储介质,存储介质可以被设置为存储用于执行以下步骤的程序代码:在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取通讯消息的消息类型;基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块;发送通讯消息至目标DEP模块。According to another embodiment of the present invention, there is provided a storage medium, which may be configured to store program code for performing the following steps: when the VNF is in elastic contraction, if a communication message of the network element is received, Obtaining a message type of the communication message; determining a target DEP module for processing the communication message based on the message type of the communication message; and transmitting the communication message to the target DEP module.
在本发明实施例中,在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取通讯消息的消息类型;基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块;发送通讯消息至目标DEP模块,从而解决了相关技术中由于VNF的弹性缩容特性导致的无法正确进行消息转发的技术问题,实现了在弹性缩容时仍能够正确进行消息转发的技术效果。In the embodiment of the present invention, when the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is acquired; and the target DEP module for processing the communication message is determined based on the message type of the communication message; The communication message is sent to the target DEP module, thereby solving the technical problem that the message forwarding cannot be correctly performed due to the elastic contraction characteristic of the VNF in the related art, and the technical effect of correctly performing message forwarding during the elastic contraction is realized.
附图说明DRAWINGS
此处所说明的附图用来提供对本发明的进一步理解,构成本申请的一部分,本发明的示意性实施例及其说明用于解释本发明,并不构成对本发明的不当限定。在附图中:The drawings described herein are intended to provide a further understanding of the invention, and are intended to be a part of the invention. In the drawing:
图1是根据本发明实施例的计算机终端的示意图;1 is a schematic diagram of a computer terminal in accordance with an embodiment of the present invention;
图2是根据本发明实施例的消息转发的流程图;2 is a flow chart of message forwarding in accordance with an embodiment of the present invention;
图3是根据本发明实施例的消息发送方法的流程图; FIG. 3 is a flowchart of a message sending method according to an embodiment of the present invention; FIG.
图4是根据本发明实施例的Diameter逻辑架构的示意图;4 is a schematic diagram of a Diameter logic architecture in accordance with an embodiment of the present invention;
图5是根据本发明实施例的消息发送装置的示意图。FIG. 5 is a schematic diagram of a message transmitting apparatus according to an embodiment of the present invention.
具体实施方式detailed description
下文中将参考附图并结合实施例来详细说明本发明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互组合。The invention will be described in detail below with reference to the drawings in conjunction with the embodiments. It should be noted that the embodiments in the present application and the features in the embodiments may be combined with each other without conflict.
需要说明的是,本发明的说明书和权利要求书及上述附图中的术语“第一”、“第二”等是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。It is to be understood that the terms "first", "second" and the like in the specification and claims of the present invention are used to distinguish similar objects, and are not necessarily used to describe a particular order or order.
实施例1Example 1
本申请实施例一所提供的方法实施例可以在移动终端、计算机终端或者类似的运算装置中执行。以运行在计算机终端上为例,如图1所示,计算机终端可以包括一个或多个(图中仅示出一个)处理器101(处理器101可以包括但不限于微处理器MCU或可编程逻辑器件FPGA等的处理装置)、设置为存储数据的存储器103、以及设置为通信功能的传输装置105。本领域普通技术人员可以理解,图1所示的结构仅为示意,其并不对上述电子装置的结构造成限定。The method embodiment provided in Embodiment 1 of the present application can be executed in a mobile terminal, a computer terminal or the like. For example, running on a computer terminal, as shown in FIG. 1, the computer terminal may include one or more (only one shown) processor 101 (the processor 101 may include, but is not limited to, a microprocessor MCU or programmable A processing device such as a logic device FPGA, a memory 103 provided to store data, and a transmission device 105 provided as a communication function. It will be understood by those skilled in the art that the structure shown in FIG. 1 is merely illustrative and does not limit the structure of the above electronic device.
存储器103可设置为存储应用软件的软件程序以及模块,如本发明实施例中的设备的控制方法对应的程序指令/模块,处理器101通过运行存储在存储器103内的软件程序以及模块,从而执行各种功能应用以及数据处理,即实现上述的方法。存储器可包括高速随机存储器,还可包括非易失性存储器,如一个或者多个磁性存储装置、闪存、或者其他非易失性固态存储器。在一些实例中,存储器可进一步包括相对于处理器远程设置的存储器,这些远程存储器可以通过网络连接至计算机终端。上述网络的实例包括但不限于互联网、企业内部网、局域网、移动通信网及其组合。The memory 103 can be configured as a software program and a module for storing application software, such as program instructions/modules corresponding to the control method of the device in the embodiment of the present invention, and the processor 101 executes by executing a software program and a module stored in the memory 103. Various functional applications and data processing, that is, the above methods are implemented. The memory can include high speed random access memory and can also include non-volatile memory such as one or more magnetic storage devices, flash memory, or other non-volatile solid state memory. In some examples, the memory can further include memory remotely located relative to the processor, which can be connected to the computer terminal over a network. Examples of such networks include, but are not limited to, the Internet, intranets, local area networks, mobile communication networks, and combinations thereof.
例如,存储器可以存储如下步骤的程序代码:在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取通讯消息的消息类型;基于通讯消息的 消息类型确定用于处理通讯消息的目标DEP模块;发送通讯消息至目标DEP模块。For example, the memory may store the program code of the following steps: when the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is acquired; based on the communication message The message type determines the target DEP module for processing the communication message; sends the communication message to the target DEP module.
传输装置设置为经由一个网络接收或者发送数据。上述的网络具体实例可包括计算机终端的通信供应商提供的无线网络。在一个实例中,传输装置包括一个网络适配器(Network Interface Controller,NIC),其可通过基站与其他网络设备相连从而可与互联网进行通讯。在一个实例中,传输装置可以为射频(Radio Frequency,RF)模块,其设置为通过无线方式与互联网进行通讯。The transmission device is arranged to receive or transmit data via a network. The above-described network specific examples may include a wireless network provided by a communication provider of a computer terminal. In one example, the transmission device includes a Network Interface Controller (NIC) that can be connected to other network devices through the base station to communicate with the Internet. In one example, the transmission device can be a Radio Frequency (RF) module configured to communicate with the Internet wirelessly.
Non-3GPP接入网是否受信并非网络特性,如果是动态决定是否受信则在接入鉴权的时候处理。AAA Server将指示下发给接入网,DER(Diameter-EAP-Request)流程图如图2所示:Whether the Non-3GPP access network is trusted or not is a network feature. If it is dynamically determined whether it is trusted or not, it is handled at the time of access authentication. The AAA Server sends the indication to the access network. The DER (Diameter-EAP-Request) flowchart is shown in Figure 2:
步骤S201,UE和授信Non-3GPP接入网关(access)建立关联之后,UE向Non-3GPP接入网关发送EAPoL-Start,发起鉴权请求。Step S201: After the UE establishes an association with the trusted Non-3GPP access gateway, the UE sends an EAPoL-Start to the Non-3GPP access gateway to initiate an authentication request.
步骤S202,Non-3GPP接入网关发送EAP-Request/Identity消息到UE。Step S202: The Non-3GPP access gateway sends an EAP-Request/Identity message to the UE.
步骤S203,UE返回EAP-Response/Identity消息,向网络发送其用户身份标识信息,身份标识可以为伪随机NAI或永久NAI(本地没有可用的伪随机NAI)。Step S203: The UE returns an EAP-Response/Identity message, and sends its user identity information to the network. The identity identifier may be a pseudo-random NAI or a permanent NAI (a pseudo-random NAI is not available locally).
步骤S204,Non-3GPP接入网关将EAP报文使用DIAMETER DER消息的EAP-payload AVP封装并将Identity放在DIAMETER DER消息的User-Name AVP中,发送给3GPP AAA Server。Step S204: The Non-3GPP access gateway encapsulates the EAP message with the EAP-payload AVP of the DIAMETER DER message and places the Identity in the User-Name AVP of the DIAMETER DER message, and sends the identifier to the 3GPP AAA Server.
步骤S205,3GPP AAA Server收到DEA消息后需要做如下处理:Step S205: After receiving the DEA message, the 3GPP AAA Server needs to perform the following processing:
(1)非漫游情况下强制检查ANID(邻网网络标识符)的有效性(在3GPP定义范围内)以及根据本地配置决定是否允许该ANID接入;漫游情况下根据本地配置决定是否检查ANID,如果需要检查ANID,则根据本地配置决定是否允许该ANID接入。(1) In the case of non-roaming, it is mandatory to check the validity of the ANID (neighbor network identifier) (within the scope defined by 3GPP) and whether to allow the ANID access according to the local configuration; whether to check the ANID according to the local configuration in the case of roaming, If the ANID needs to be checked, it is decided according to the local configuration whether to allow the ANID to access.
(2)判断受信或非受信。 (2) Judging whether it is trusted or not.
(3)鉴权算法的选择。如果DIAMETER DER携带了ANID则使用EAP-AKA’算法,否则使用EAP-AKA算法。(3) Selection of the authentication algorithm. The EAP-AKA' algorithm is used if the DIAMETER DER carries the ANID, otherwise the EAP-AKA algorithm is used.
步骤S206,3GPP AAA Server向接入网发送DIAMETER DER消息请求永久用户ID。Step S206, the 3GPP AAA Server sends a DIAMETER DER message requesting a permanent user ID to the access network.
步骤S207,接入网转发DER消息给UE。Step S207, the access network forwards the DER message to the UE.
步骤S208,UE使用EAP-Response/AKA-Identity消息携带永久NAI(网络访问标识符)进行响应。Step S208, the UE responds by using the EAP-Response/AKA-Identity message to carry a permanent NAI (Network Access Identifier).
步骤S209,授信Non-3GPP接入网关转发EAP-Response/AKA-Identity消息携带永久NAI到3GPP AAA Server,EAP报文封装在DER消息的EAP-payload AVP中。Step S209, the trusted Non-3GPP access gateway forwards the EAP-Response/AKA-Identity message to carry the permanent NAI to the 3GPP AAA Server, and the EAP message is encapsulated in the EAP-payload AVP of the DER message.
步骤S210,3GPP AAA Server根据NAI检查本地是否缓存可用的鉴权向量,如果没有则向HSS发送MAR(Multimedia Auth Request)请求,请求获取n组鉴权向量(n可配置,取值范围1~5)。In step S210, the 3GPP AAA Server checks whether the available authentication vector is cached according to the NAI, and if not, sends a MAR (Multimedia Auth Request) request to the HSS, requesting to obtain n sets of authentication vectors (n configurable, ranging from 1 to 5) ).
步骤S211,AAA与HSS间的信息处理过程参见SWx接口的相关技术描述,此处仅作功能性描述,HSS响应3GPP AAA Server鉴权请求,下发n组鉴权五元组。In step S211, the information processing process between the AAA and the HSS is described in the related technical description of the SWx interface. Here, only the functional description is performed. The HSS sends an n-group authentication quintuple in response to the 3GPP AAA Server authentication request.
步骤S212,3GPP AAA Server检查本地是否存在用户的签约信息。如果没有,则AAA向HSS发起SAR请求(AAA_USER_DATA_REQUEST)获取用户签约信息。Step S212, the 3GPP AAA Server checks whether there is local subscription information of the user. If not, the AAA initiates a SAR request (AAA_USER_DATA_REQUEST) to the HSS to obtain the user subscription information.
步骤S213,AAA与HSS间的处理请参见SWx接口,此处仅作功能性描述,HSS向3GPP AAA Server返回SAA响应。Step S213, the processing between the AAA and the HSS is referred to the SWx interface. Here, only the functional description, the HSS returns the SAA response to the 3GPP AAA Server.
步骤S214,AAA server需要做如下处理:In step S214, the AAA server needs to perform the following processing:
(1)判断是否需要重新生成随机假名;(1) Determine whether it is necessary to regenerate a random pseudonym;
(2)根据算法生成TEKs(主密钥MK、认证密码k_encr、封装密钥k_aut、主会话密钥MSK、扩展主会话密钥EMSK)和MAC;(2) generating TEKs (master key MK, authentication password k_encr, encapsulation key k_aut, main session key MSK, extended main session key EMSK) and MAC according to the algorithm;
(3)3GPP AAA Server发送的EAP playload参数包括ANID,RAND, AUTN(ANID、RAND、AUTN为鉴权四元组中的一部分),一个消息鉴权码(MAC)和2个用户标识给授信Non-3GPP接入网关,EAP报文封装在DIAMETER DEA消息中。如果需要动态决定IP移动模式或者配置支持notification消息则在EAP-Payload AVP中携带AT_RESULT_IND属性,并把步骤S205确定的AT_TRUST_IND属性值(TRUSTED)下发给UE。(3) The EAP playload parameters sent by the 3GPP AAA Server include ANID, RAND, AUTN (ANID, RAND, AUTN is part of the authentication quaternion), a message authentication code (MAC) and two user identities are assigned to the trusted Non-3GPP access gateway, and the EAP message is encapsulated in the DIAMETER DEA message. The AT_RESULT_IND attribute is carried in the EAP-Payload AVP, and the AT_TRUST_IND attribute value (TRUSTED) determined in step S205 is sent to the UE if the IP mobility mode needs to be dynamically determined.
步骤S215,授信Non-3GPP接入网关发EAP-Request/AKA-Challenge消息到UE。Step S215, the trusted Non-3GPP access gateway sends an EAP-Request/AKA-Challenge message to the UE.
步骤S216,UE运行USIM(全球用户识别卡)中UMTS(通用移动通讯系统)算法。USIM验证AUTN并且据此认证网络。如果AUTN验证错误,终端则拒绝鉴权(未在本例中显示)。如果序列号验证失败,终端发起同步过程。In step S216, the UE runs a UMTS (Universal Mobile Telecommunications System) algorithm in the USIM (Global Subscriber Identity Card). The USIM verifies the AUTN and authenticates the network accordingly. If the AUTN is verified incorrectly, the terminal rejects the authentication (not shown in this example). If the serial number verification fails, the terminal initiates a synchronization process.
步骤S217,授信Non-3GPP接入网关发送EAP-Response/AKA-Challenge报文到3GPP AAA Server,EAP报文封装在DIAMETER DER消息中。Step S217, the trusted Non-3GPP access gateway sends an EAP-Response/AKA-Challenge message to the 3GPP AAA Server, and the EAP message is encapsulated in the DIAMETER DER message.
步骤S218,3GPP AAA Server检查收到的消息认证码(MAC,MAC是根据秘密的密钥和传输的数据计算出来的以防止消息被破坏),比较XRES(Expected user Response,预期用户响应)和收到RES(实际用户响应)。如果所有检查都成功,且收到的DER请求带了结果保护指示,则3GPP AAA Server必须在发送EAP Success消息前发送EAP-Request/AKA-Notification消息,如果是动态决定IP移动模式则需要将AT_IPMS_RES属性下发下去。EAP报文封装在DIAMETER DEA消息中且用MAC保护。Step S218, the 3GPP AAA Server checks the received message authentication code (MAC, the MAC is calculated according to the secret key and the transmitted data to prevent the message from being destroyed), and compares XRES (Expected user Response) and received To RES (actual user response). If all checks are successful and the received DER request carries a result protection indication, the 3GPP AAA Server must send an EAP-Request/AKA-Notification message before sending the EAP Success message. If it is dynamically determining the IP mobility mode, it needs to be AT_IPMS_RES. The attribute is sent down. The EAP message is encapsulated in the DIAMETER DEA message and protected by MAC.
步骤S219,授信Non-3GPP接入网关转发EAP消息到UE。Step S219, the trusted Non-3GPP access gateway forwards the EAP message to the UE.
步骤S220,UE发送EAP-Response/AKA-Notification。In step S220, the UE sends an EAP-Response/AKA-Notification.
步骤S221,授信Non-3GPP接入网关发送EAP-Response/AKA-Notification消息到3GPP AAA Server,EAP报文封装 在DIAMETER DER消息中。3GPP AAA Server必须忽略该消息内容。Step S221, the trusted Non-3GPP access gateway sends an EAP-Response/AKA-Notification message to the 3GPP AAA Server, and the EAP packet is encapsulated. In the DIAMETER DER message. The 3GPP AAA Server must ignore the message content.
步骤S222,鉴权成功后,需要更新鉴权过程中变化的密钥。AAA业务模块向AAA存储模块发起LDAP(Lightweight Directory Access Protocol,轻量目录访问协议)写请求,更新MSK、MSK-Timeout、重鉴权ID和重鉴权ID计数器、随机假名(如果重新生成)和伪标识ID计数器(如果改变了),还要更新EMSK。In step S222, after the authentication succeeds, the key changed in the authentication process needs to be updated. The AAA service module initiates an LDAP (Lightweight Directory Access Protocol) write request to the AAA storage module, updates the MSK, MSK-Timeout, re-authentication ID and re-authentication ID counter, random pseudonym (if regenerated), and The pseudo-ID counter (if changed) also updates the EMSK.
步骤S223,AAA存储模块更新数据后,向AAA业务模块返回LDAP响应。Step S223, after the AAA storage module updates the data, return an LDAP response to the AAA service module.
步骤S224,3GPP AAA Server检查用户是否被允许使用Non-3GPP接入、是否允许使用签约的APN7406455910s、RAT-Type是否在用户签约允许的RAT列表中、检查用户是否签约了DER请求中所带的APN7406455910、检查通过则发送EAP Success消息到授信Non-3GPP接入网关(可能在发送EAP-Notification之前,参见第23步描述)进行授权。Step S224, the 3GPP AAA Server checks whether the user is allowed to use the Non-3GPP access, whether to use the subscribed APN7406455910s, whether the RAT-Type is in the RAT list allowed by the user subscription, and check whether the user has signed the APN7406455910 in the DER request. If the check is passed, an EAP Success message is sent to the trusted Non-3GPP access gateway (may be described before step 23) before the EAP-Notification is sent.
步骤S225,授信Non-3GPP接入网关通过EAP Success消息通知UE鉴权成功。至此,EAP-AKA’交互已经成功完成。Step S225, the trusted Non-3GPP access gateway notifies the UE that the authentication is successful by using an EAP Success message. At this point, the EAP-AKA' interaction has been successfully completed.
步骤S226,AAA server携带NAI(IMSI)以及服务分配类型(REGISTRATION)向HSS发起登记请求。Step S226, the AAA server carries a NAI (IMSI) and a service allocation type (REGISTRATION) to initiate a registration request to the HSS.
步骤S227,HSS设置用户状态为REGISTERED,然后携带用户相关数据向AAA server发起SAA下插数据。Step S227, the HSS sets the user status to REGISTERED, and then carries the user related data to initiate SAA insertion data to the AAA server.
在上述步骤中,DER消息(即Diameter-EAP-Request Command)主要包括如下字段,各个字段的含义如表1所示:In the above steps, the DER message (ie, Diameter-EAP-Request Command) mainly includes the following fields, and the meanings of the respective fields are as shown in Table 1:
{Auth-Request-Type}{Auth-Request-Type}
{EAP-Payload}{EAP-Payload}
[User-Name][User-Name]
*[AVP] *[AVP]
表1Table 1
Figure PCTCN2017098628-appb-000001
Figure PCTCN2017098628-appb-000001
需要说明的是,对于Diameter上行消息而言,DAP模块给DEP模块分发消息时,根据DEP模块状态来判断是否给这个DEP模块分发消息。虚拟化引入VNF弹性伸缩特性后,当VNF内的Diameter业务执行模块缩容时,为了不让准备缩容的DEP模块处理对端新发起的业务消息,DAP模块向DEP模块分发消息时会提前把这个DEP模块过滤掉。It should be noted that, for the Diameter uplink message, when the DAP module distributes the message to the DEP module, it is determined according to the state of the DEP module whether to distribute the message to the DEP module. After the virtualization of the VNF is introduced, the DAP module in the VNF process does not allow the DEP module to process the newly-initiated service message. The DAP module forwards the message to the DEP module in advance. This DEP module is filtered out.
而DAP模块分发消息时是根据消息中携带的session(回话连接)和正在运行的DEP模块来选择合适的DEP模块。3GPP AAA SERVER网元的DER消息(即通讯消息)存在一个session下多次消息交互的场景,如果DEP模块离线(即缩容)时按照上面DAP模块的分发策略,会导致DAP模块不会再把该session下剩余DER消息分发给原来处理该消息的DEP模块,造成DER消息的呼损。The DAP module distributes the message according to the session (the callback connection) carried in the message and the running DEP module to select the appropriate DEP module. The DER message (that is, the communication message) of the 3GPP AAA SERVER network element has a scenario in which multiple messages are exchanged in a session. If the DEP module is offline (ie, reduced in size) according to the distribution policy of the DAP module above, the DAP module will not be used again. The remaining DER message in the session is distributed to the DEP module that originally processed the message, causing the call loss of the DER message.
为了克服上述问题,根据本发明实施例,提供了一种消息发送方法的 方法实施例,需要说明的是,在附图的流程图示出的步骤可以在诸如一组计算机可执行指令的计算机系统中执行,并且,虽然在流程图中示出了逻辑顺序,但是在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤。In order to overcome the above problems, according to an embodiment of the present invention, a message sending method is provided. Method Embodiments, it should be noted that the steps shown in the flowchart of the accompanying drawings may be performed in a computer system such as a set of computer executable instructions, and although the logical order is shown in the flowchart, In some cases, the steps shown or described may be performed in a different order than that.
图3是根据本发明实施例的消息发送方法的流程图,如图3所示,该方法包括如下步骤:FIG. 3 is a flowchart of a method for sending a message according to an embodiment of the present invention. As shown in FIG. 3, the method includes the following steps:
步骤S301,在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取通讯消息的消息类型。Step S301: When the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is obtained.
步骤S302,基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块。Step S302: Determine a target DEP module for processing the communication message based on the message type of the communication message.
步骤S303,发送通讯消息至目标DEP模块。Step S303, sending a communication message to the target DEP module.
通过上述实施例,在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取通讯消息的消息类型;基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块;发送通讯消息至目标DEP模块,从而解决了相关技术中由于VNF的弹性缩容特性导致的无法正确进行消息转发的技术问题,实现了在弹性缩容时仍能够正确进行消息转发的技术效果。According to the above embodiment, when the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is acquired; the target DEP module for processing the communication message is determined based on the message type of the communication message; and the communication message is sent. The target DEP module is solved, thereby solving the technical problem that the message forwarding cannot be correctly performed due to the elastic contraction characteristic of the VNF in the related art, and the technical effect of correctly performing message forwarding in the elastic contraction is realized.
本申请方法的运行环境的架构如图4所示,在Diameter逻辑架构图中,主要包括DEP模块(会话和事务管理模块及其主备模块)、DAP模块(连接管理模块及其主备模块)、DIM数据传输模块(Diameter Data Transport Point,简称为DIP模块)、平台适配模块、公共模块/PARSER模块、OAM服务模块(Operation Administration and Maintenance,也即Diameter操作管理维护模块)。The architecture of the operating environment of the method of the present application is shown in FIG. 4, and in the Diameter logical architecture diagram, the DEP module (the session and transaction management module and its active and standby modules) and the DAP module (the connection management module and its active and standby modules) are mainly included. , DIM data transmission module (Diameter Data Transport Point, DIP module for short), platform adapter module, public module / PARSER module, OAM service module (Operation Administration and Maintenance, also known as Diameter operation management and maintenance module).
上述的DIP模块包括LREG模块(Diameter Local Registry,也即Diameter本地注册节点)及其准备模块、DTP模块、GREG模块(Diameter Global Registry,也即Diameter全局注册节点)及其主备模块。The above DIP module includes a LREG module (Diameter Local Registry, that is, a Diameter local registration node) and a preparation module thereof, a DTP module, a GREG module (Diameter Global Registry, that is, a Diameter global registration node), and an active/standby module thereof.
可选地,上述步骤的执行主体可以为承载适配模块DAP等,但不限于此。上述的网元包括3GPP AAA SERVER网元;上述的通讯消息可以为3GPP  AAA SERVER网元的DER消息(Diameter-EAP-Request)。Optionally, the execution body of the foregoing step may be a bearer adaptation module DAP or the like, but is not limited thereto. The foregoing network element includes a 3GPP AAA SERVER network element; the foregoing communication message may be 3GPP DER message of the AAA SERVER network element (Diameter-EAP-Request).
在上述实施例中,在步骤S301中,获取通讯消息的消息类型包括:获取通讯消息中携带的标识信息;通过标识信息确定通讯消息的消息类型。In the above embodiment, in step S301, the message type of the communication message is obtained by: obtaining the identification information carried in the communication message; and determining the message type of the communication message by using the identification information.
具体地,获取通讯消息中携带的标识信息包括:获取通讯消息中Payload字段携带的标识信息;通过标识信息确定通讯消息的消息类型包括:判断是否存在与标识信息对应的会话连接,其中,与标识信息对应的会话连接为通讯消息所属的会话连接;若存在与标识信息对应的会话连接,则确定通讯消息的消息类型为非始发消息(即会话的第N次消息,N大于1);若不存在与标识信息对应的会话连接,则确定通讯消息的消息类型为始发消息(会话的第一次消息)。Specifically, the obtaining the identifier information carried in the communication message includes: obtaining the identifier information carried in the Payload field in the communication message; determining, by using the identifier information, the message type of the communication message includes: determining whether there is a session connection corresponding to the identifier information, where The session connection corresponding to the information is the session connection to which the communication message belongs; if there is a session connection corresponding to the identification information, it is determined that the message type of the communication message is a non-originating message (ie, the Nth message of the session, N is greater than 1); If there is no session connection corresponding to the identification information, it is determined that the message type of the communication message is an origination message (the first message of the session).
可选地,在步骤S302中,基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块包括:在通讯消息的消息类型为非始发消息的情况下,确定关联于会话连接的DEP模块为目标DEP模块;在通讯消息的消息类型为始发消息的情况下,选取多个DEP模块中的一个为目标DEP模块,其中,多个DEP模块为在预设时间段内不被允许缩容的DEP模块。Optionally, in step S302, determining, according to the message type of the communication message, the target DEP module for processing the communication message comprises: determining the DEP module associated with the session connection if the message type of the communication message is a non-originating message For the target DEP module, when the message type of the communication message is an initial message, one of the plurality of DEP modules is selected as the target DEP module, wherein the plurality of DEP modules are not allowed to be reduced during the preset time period. The DEP module.
需要说明的是,标识信息为数据信息,选取多个DEP模块中的一个为目标DEP模块包括:确定多个DEP模块的模块数;利用模块数对标识信息进行取余运算,得到标识数据;获取多个DEP模块中顺序与标识数据匹配的目标DEP模块,并关联目标DEP模块和会话连接。It should be noted that the identification information is data information, and selecting one of the plurality of DEP modules as the target DEP module includes: determining the number of modules of the plurality of DEP modules; performing the remainder operation on the identification information by using the number of modules to obtain the identification data; A target DEP module that sequentially matches the identification data among the plurality of DEP modules, and associates the target DEP module with the session connection.
具体地,本申请的方法可应用在虚拟化下3GPP AAA SERVER网元VNF弹性伸缩时,Diameter业务执行模块缩容时,DER消息不中断的消息分发策略。其流程具体如下:Specifically, the method of the present application can be applied to a message distribution policy in which the DER message is not interrupted when the Diameter service execution module is contracted under the virtualized 3GPP AAA SERVER network element VNF. The process is as follows:
DAP模块在处理DER消息时,对DER消息进行解码,确定DER消息中的Eap-payload(Extensible Authentication Protocol,简称Eap)有没有带eap-identity(即response),其分发策略如下:When processing the DER message, the DAP module decodes the DER message to determine whether the Eap-payload (Extensible Authentication Protocol, Eap) in the DER message has eap-identity (ie, response). The distribution strategy is as follows:
1,如果DER消息中的Eap-payload没有带eap-identity(response)则DAP认为是应用正在处理的DER消息(即已有会话连接中的消息),DAP 按照老的DEP模块(包含准备离线的DEP模块)分布分发消息。1. If the Eap-payload in the DER message does not carry the eap-identity (response), the DAP considers that the application is processing the DER message (that is, the message in the existing session connection), DAP. Distribute messages according to the old DEP module (including the DEP module ready to be offline).
2,如果DER消息中的Eap-payload带了eap-identity(response),则DAP认为是终端发起的新的业务消息,DAP按照新的DEP模块分布(将准备缩容的DEP模块去除)分发消息。2. If the Eap-payload in the DER message carries the eap-identity (response), the DAP considers that it is a new service message initiated by the terminal, and the DAP distributes the message according to the new DEP module distribution (remove the DEP module to be reduced) .
在上述实施例中,通过DAP模块对DER消息进行解码,根据DER消息中的Eap-payload有没有带eap-identity(即Payload字段携带的标识信息)来确定DER消息是不是对端的始发消息。如果带了eap-identity(response),则认为是始发消息,按照新的DEP模块分布分发消息,将准备缩容的DEP模块去除后进行分发。如果没有带eap-identity(response),则认为是DER的中间消息,按照老的DEP模块分布分发消息,保留准备缩容的DEP模块进行分发,可使准备缩容的DEP模块处理完DER剩余消息,且不处理对端网元新发起的DER消息,满足DEP模块缩容时业务消息不中断的要求。解决在3GPP AAA SERVER网元承载的Diameter层中DEP模块缩容时,DAP模块处理的DER消息时存在呼损、导致UE附着流程失败、用户无法接入3GPP网络的问题。In the above embodiment, the DER message is decoded by the DAP module, and whether the DER message is the originating message of the peer is determined according to whether the Eap-payload in the DER message carries the eap-identity (ie, the identifier information carried in the Payload field). If eap-identity (response) is taken, it is considered to be an initial message, and the distributed message is distributed according to the new DEP module, and the DEP module to be reduced is distributed and distributed. If there is no eap-identity (response), it is considered to be an intermediate message of the DER. The distributed message is distributed according to the old DEP module, and the DEP module that is ready to be reduced is reserved for distribution, so that the DEP module preparing to shrink can process the remaining messages of the DER. The DER message newly initiated by the peer network element is not processed, and the requirement that the service message is not interrupted when the DEP module is reduced is satisfied. When the DEP module in the Diameter layer carried by the 3GPP AAA SERVER network element is reduced, the DER message processed by the DAP module has a call loss, the UE attachment process fails, and the user cannot access the 3GPP network.
本申请中Diameter系统的DAP模块根据DER消息中的Eap-payload是否携带eap-identity(response)来确定DAP模块的消息分发策略流程如图2所示;The DAP module of the Diameter system in the present application determines the message distribution policy flow of the DAP module according to whether the Eap-payload in the DER message carries the eap-identity (response), as shown in FIG. 2;
在步骤S202中,3GPP AAA Server承载的Diameter子系统收到DER消息,Diameter的DAP模块在处理DER消息时,对DER消息进行解码,确定DER消息中的Eap-payload有没有带eap-identity(response),其分发策略如下:In step S202, the Diameter subsystem carried by the 3GPP AAA Server receives the DER message, and the DAP module of the Diameter decodes the DER message when processing the DER message, and determines whether the Eap-payload in the DER message has eap-identity (response) ), its distribution strategy is as follows:
1,如果DER消息中的Eap-payload没有带eap-identity(response)则DAP认为是应用正在处理的DER消息(即已有会话连接中的消息),DAP按照老的DEP模块(包含准备离线的DEP模块)分布分发消息。1. If the Eap-payload in the DER message does not carry the eap-identity (response), the DAP considers that the application is processing the DER message (that is, the message in the existing session connection), and the DAP follows the old DEP module (including the preparation for offline). The DEP module) distributes the distributed messages.
2,如果DER消息中的Eap-payload带了eap-identity(response),则DAP认为是终端发起的新的业务消息,DAP按照新的DEP模块分布(将 准备缩容的DEP模块去除)分发消息。2. If the Eap-payload in the DER message carries the eap-identity (response), the DAP considers that the DAP is a new service message initiated by the terminal, and the DAP is distributed according to the new DEP module. Prepare the denatured DEP module to remove the message.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到根据上述实施例的方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,或者网络设备等)执行本发明各个实施例所述的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the method according to the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course, by hardware, but in many cases, the former is A better implementation. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk, The optical disc includes a number of instructions for causing a terminal device (which may be a cell phone, a computer, a server, or a network device, etc.) to perform the methods described in various embodiments of the present invention.
实施例2Example 2
本发明实施例中还提供了一种消息发送装置。该装置用于实现上述实施例及优选实施方式,已经进行过说明的不再赘述。如以下所使用的,术语“模块”可以实现预定功能的软件和/或硬件的组合。尽管以下实施例所描述的装置较佳地以软件来实现,但是硬件,或者软件和硬件的组合的实现也是可能并被构想的。A message sending apparatus is also provided in the embodiment of the present invention. The device is used to implement the above embodiments and preferred embodiments, and the description thereof has been omitted. As used below, the term "module" may implement a combination of software and/or hardware of a predetermined function. Although the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
图5是根据本发明实施例的消息发送装置的示意图。如图5所示,该装置可以包括:获取单元51、确定单元52以及发送单元53。FIG. 5 is a schematic diagram of a message transmitting apparatus according to an embodiment of the present invention. As shown in FIG. 5, the apparatus may include an acquisition unit 51, a determination unit 52, and a transmission unit 53.
获取单元51,设置为在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取通讯消息的消息类型。The obtaining unit 51 is configured to acquire a message type of the communication message if the communication message of the network element is received when the VNF is in elastic contraction.
确定单元52,设置为基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块。The determining unit 52 is arranged to determine a target DEP module for processing the communication message based on the message type of the communication message.
发送单元53,设置为发送通讯消息至目标DEP模块。The sending unit 53 is configured to send a communication message to the target DEP module.
通过上述实施例,获取单元在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取通讯消息的消息类型;确定单元基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块;发送单元发送通讯消息至目标DEP模块。,从而解决了相关技术中由于VNF的弹性缩容特性导致的无法正确进行消息转发的技术问题,实现了在弹性缩容时仍能够正确进行消息转 发的技术效果。With the above embodiment, the acquiring unit acquires the message type of the communication message when the VNF is in the elastic contraction state, and determines the message type of the communication message based on the message type of the communication message, and determines the target DEP module for processing the communication message. The sending unit sends a communication message to the target DEP module. Therefore, the technical problem that the message forwarding cannot be correctly performed due to the elastic contraction characteristic of the VNF in the related art is solved, and the message forwarding can be correctly performed even during the elastic contraction. The technical effect of hair.
上述的网元包括3GPP AAA SERVER网元;上述的通讯消息可以为3GPP AAA SERVER网元的DER消息(Diameter-EAP-Request)。The foregoing network element includes a 3GPP AAA SERVER network element; the foregoing communication message may be a DER message (Diameter-EAP-Request) of the 3GPP AAA SERVER network element.
在上述实施例中,获取单元包括:获取模块,设置为获取通讯消息中携带的标识信息;第一确定模块,设置为通过标识信息确定通讯消息的消息类型。In the above embodiment, the obtaining unit includes: an obtaining module, configured to obtain the identifier information carried in the communication message; and the first determining module is configured to determine the message type of the communication message by using the identifier information.
具体地,获取模块还设置为获取通讯消息中Payload字段携带的标识信息。第一确定模块包括:判断子模块,设置为判断是否存在与标识信息对应的会话连接,其中,与标识信息对应的会话连接为通讯消息所属的会话连接;第一确定子模块,设置为若存在与标识信息对应的会话连接,则确定通讯消息的消息类型为非始发消息;第二确定子模块,设置为若不存在与标识信息对应的会话连接,则确定通讯消息的消息类型为始发消息。Specifically, the obtaining module is further configured to obtain the identifier information carried in the Payload field in the communication message. The first determining module includes: a determining sub-module, configured to determine whether there is a session connection corresponding to the identifier information, wherein the session connection corresponding to the identifier information is a session connection to which the communication message belongs; and the first determining sub-module is set to exist if Determining, by the session connection corresponding to the identifier information, the message type of the communication message is a non-originating message; and the second determining sub-module is configured to determine that the message type of the communication message is originating if there is no session connection corresponding to the identifier information Message.
可选地,确定单元包括:第二确定模块,设置为在通讯消息的消息类型为非始发消息的情况下,确定关联于会话连接的DEP模块为目标DEP模块;选取模块,设置为在通讯消息的消息类型为始发消息的情况下,选取多个DEP模块中的一个为目标DEP模块,其中,多个DEP模块为在预设时间段内不被允许缩容的DEP模块。Optionally, the determining unit includes: a second determining module, configured to determine that the DEP module associated with the session connection is the target DEP module if the message type of the communication message is a non-originating message; and the selecting module is set to be in the communication In the case that the message type of the message is an originating message, one of the plurality of DEP modules is selected as the target DEP module, wherein the plurality of DEP modules are DEP modules that are not allowed to be reduced in the preset time period.
需要说明的是,标识信息为数据信息,选取模块包括:第三确定子模块,设置为确定多个DEP模块的模块数;运算子模块,设置为利用模块数对标识信息进行取余运算,得到标识数据;获取子模块,设置为获取多个DEP模块中顺序与标识数据匹配的目标DEP模块,并关联目标DEP模块和会话连接。It should be noted that the identification information is data information, and the selection module includes: a third determining sub-module, configured to determine a number of modules of the plurality of DEP modules; and an operation sub-module configured to perform a remainder operation on the identification information by using the number of modules, Identifying the data; acquiring the sub-module, and setting the target DEP module that matches the sequence data in the plurality of DEP modules, and associating the target DEP module with the session connection.
需要说明的是,上述各个模块是可以通过软件或硬件来实现的,对于后者,可以通过以下方式实现,但不限于此:上述模块均位于同一处理器中;或者,上述各个模块以任意组合的形式分别位于不同的处理器中。It should be noted that each of the above modules may be implemented by software or hardware. For the latter, the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the above modules are in any combination. The forms are located in different processors.
实施例3Example 3
本发明的实施例还提供了一种存储介质。可选地,在本实施例中,上 述存储介质可以被设置为存储用于执行以下步骤的程序代码:Embodiments of the present invention also provide a storage medium. Optionally, in this embodiment, on The storage medium can be configured to store program code for performing the following steps:
S1,在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取通讯消息的消息类型;S1, when the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is obtained;
S2,基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块;S2. Determine a target DEP module for processing the communication message based on the message type of the communication message.
S3,发送通讯消息至目标DEP模块。S3, sending a communication message to the target DEP module.
可选地,在本实施例中,上述存储介质可以包括但不限于:U盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。Optionally, in this embodiment, the foregoing storage medium may include, but not limited to, a USB flash drive, a Read-Only Memory (ROM), a Random Access Memory (RAM), a mobile hard disk, and a magnetic memory. A variety of media that can store program code, such as a disc or a disc.
可选地,在本实施例中,处理器根据存储介质中已存储的程序代码执行:在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取通讯消息的消息类型;基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块;发送通讯消息至目标DEP模块。Optionally, in this embodiment, the processor executes according to the stored program code in the storage medium: when the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is acquired; The message type of the message determines the target DEP module for processing the communication message; the communication message is sent to the target DEP module.
可选地,本实施例中的具体示例可以参考上述实施例及可选实施方式中所描述的示例,本实施例在此不再赘述。For example, the specific examples in this embodiment may refer to the examples described in the foregoing embodiments and the optional embodiments, and details are not described herein again.
显然,本领域的技术人员应该明白,上述的本发明的各模块或各步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以将它们存储在存储装置中由计算装置来执行,并且在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤,或者将它们分别制作成各个集成电路模块,或者将它们中的多个模块或步骤制作成单个集成电路模块来实现。这样,本发明不限制于任何特定的硬件和软件结合。It will be apparent to those skilled in the art that the various modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein. The steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module. Thus, the invention is not limited to any specific combination of hardware and software.
以上所述仅为本发明的优选实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。 The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.
工业实用性Industrial applicability
在本发明实施例中,在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取通讯消息的消息类型;基于通讯消息的消息类型确定用于处理通讯消息的目标DEP模块;发送通讯消息至目标DEP模块,从而解决了相关技术中由于VNF的弹性缩容特性导致的无法正确进行消息转发的技术问题,实现了在弹性缩容时仍能够正确进行消息转发的技术效果。 In the embodiment of the present invention, when the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is acquired; and the target DEP module for processing the communication message is determined based on the message type of the communication message; The communication message is sent to the target DEP module, thereby solving the technical problem that the message forwarding cannot be correctly performed due to the elastic contraction characteristic of the VNF in the related art, and the technical effect of correctly performing message forwarding during the elastic contraction is realized.

Claims (15)

  1. 一种消息发送方法,包括:A method for sending a message, comprising:
    在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取所述通讯消息的消息类型;When the VNF is in elastic contraction, if the communication message of the network element is received, the message type of the communication message is obtained;
    基于所述通讯消息的消息类型确定用于处理所述通讯消息的目标DEP模块;Determining a target DEP module for processing the communication message based on a message type of the communication message;
    发送所述通讯消息至所述目标DEP模块。Sending the communication message to the target DEP module.
  2. 根据权利要求1所述的方法,其中,获取所述通讯消息的消息类型包括:The method of claim 1, wherein the obtaining the message type of the communication message comprises:
    获取所述通讯消息中携带的标识信息;Obtaining identification information carried in the communication message;
    通过所述标识信息确定所述通讯消息的消息类型。The message type of the communication message is determined by the identification information.
  3. 根据权利要求2所述的方法,其中,获取所述通讯消息中携带的标识信息包括:The method of claim 2, wherein the obtaining the identification information carried in the communication message comprises:
    获取所述通讯消息中Payload字段携带的所述标识信息。Obtaining the identifier information carried in the Payload field in the communication message.
  4. 根据权利要求2所述的方法,其中,通过所述标识信息确定所述通讯消息的消息类型包括:The method of claim 2, wherein determining the message type of the communication message by using the identification information comprises:
    判断是否存在与所述标识信息对应的会话连接,其中,与所述标识信息对应的会话连接为所述通讯消息所属的会话连接;Determining whether there is a session connection corresponding to the identifier information, where the session connection corresponding to the identifier information is a session connection to which the communication message belongs;
    若存在与所述标识信息对应的会话连接,则确定所述通讯消息的消息类型为非始发消息;If the session connection corresponding to the identifier information exists, determining that the message type of the communication message is a non-originating message;
    若不存在与所述标识信息对应的会话连接,则确定所述通讯消息的消息类型为始发消息。If there is no session connection corresponding to the identifier information, determining that the message type of the communication message is an originating message.
  5. 根据权利要求4所述的方法,其中,基于所述通讯消息的消息类型确定用于处理所述通讯消息的目标DEP模块包括:The method of claim 4, wherein determining a target DEP module for processing the communication message based on a message type of the communication message comprises:
    在所述通讯消息的消息类型为非始发消息的情况下,确定关联于 所述会话连接的DEP模块为所述目标DEP模块;In the case that the message type of the communication message is a non-originating message, determining that the association is The DEP module connected to the session is the target DEP module;
    在所述通讯消息的消息类型为始发消息的情况下,选取多个DEP模块中的一个为所述目标DEP模块,其中,所述多个DEP模块为在预设时间段内不被允许缩容的DEP模块。When the message type of the communication message is an originating message, one of the plurality of DEP modules is selected as the target DEP module, wherein the plurality of DEP modules are not allowed to be shortened within a preset time period. The capacity of the DEP module.
  6. 根据权利要求5所述的方法,其中,所述标识信息为数据信息,选取多个DEP模块中的一个为所述目标DEP模块包括:The method according to claim 5, wherein the identification information is data information, and selecting one of the plurality of DEP modules as the target DEP module comprises:
    确定所述多个DEP模块的模块数;Determining the number of modules of the plurality of DEP modules;
    利用所述模块数对所述标识信息进行取余运算,得到标识数据;Performing a remainder operation on the identification information by using the number of modules to obtain identification data;
    获取所述多个DEP模块中顺序与所述标识数据匹配的所述目标DEP模块,并关联所述目标DEP模块和所述会话连接。Obtaining the target DEP module in the plurality of DEP modules that matches the identification data in sequence, and associating the target DEP module with the session connection.
  7. 根据权利要求1所述的方法,其中,所述网元包括3GPP AAA SERVER网元。The method of claim 1 wherein said network element comprises a 3GPP AAA SERVER network element.
  8. 一种消息发送装置,包括:A message sending device includes:
    获取单元,设置为在VNF处于弹性缩容时,若接收到网元的通讯消息,则获取所述通讯消息的消息类型;Obtaining a unit, configured to acquire a message type of the communication message if a communication message of the network element is received when the VNF is in elastic contraction;
    确定单元,设置为基于所述通讯消息的消息类型确定用于处理所述通讯消息的目标DEP模块;a determining unit, configured to determine a target DEP module for processing the communication message based on a message type of the communication message;
    发送单元,设置为发送所述通讯消息至所述目标DEP模块。And a sending unit, configured to send the communication message to the target DEP module.
  9. 根据权利要求8所述的装置,其中,所述获取单元包括:The apparatus of claim 8, wherein the obtaining unit comprises:
    获取模块,设置为获取所述通讯消息中携带的标识信息;The obtaining module is configured to obtain the identifier information carried in the communication message;
    第一确定模块,设置为通过所述标识信息确定所述通讯消息的消息类型。The first determining module is configured to determine, by using the identification information, a message type of the communication message.
  10. 根据权利要求9所述的装置,其中,所述获取模块还设置为获取所述通讯消息中Payload字段携带的所述标识信息。 The apparatus according to claim 9, wherein the obtaining module is further configured to acquire the identification information carried in the Payload field in the communication message.
  11. 根据权利要求9所述的装置,其中,所述第一确定模块包括:The apparatus of claim 9, wherein the first determining module comprises:
    判断子模块,设置为判断是否存在与所述标识信息对应的会话连接,其中,与所述标识信息对应的会话连接为所述通讯消息所属的会话连接;a judging module, configured to determine whether there is a session connection corresponding to the identifier information, where the session connection corresponding to the identifier information is a session connection to which the communication message belongs;
    第一确定子模块,设置为若存在与所述标识信息对应的会话连接,则确定所述通讯消息的消息类型为非始发消息;a first determining submodule, configured to determine that the message type of the communication message is a non-originating message if there is a session connection corresponding to the identifier information;
    第二确定子模块,设置为若不存在与所述标识信息对应的会话连接,则确定所述通讯消息的消息类型为始发消息。The second determining submodule is configured to determine that the message type of the communication message is an originating message if there is no session connection corresponding to the identifier information.
  12. 根据权利要求11所述的装置,其中,所述确定单元包括:The apparatus according to claim 11, wherein said determining unit comprises:
    第二确定模块,设置为在所述通讯消息的消息类型为非始发消息的情况下,确定关联于所述会话连接的DEP模块为所述目标DEP模块;a second determining module, configured to determine that the DEP module associated with the session connection is the target DEP module if the message type of the communication message is a non-originating message;
    选取模块,设置为在所述通讯消息的消息类型为始发消息的情况下,选取多个DEP模块中的一个为所述目标DEP模块,其中,所述多个DEP模块为在预设时间段内不被允许缩容的DEP模块。And the selecting module is configured to: when the message type of the communication message is an initial message, select one of the plurality of DEP modules as the target DEP module, wherein the plurality of DEP modules are in a preset time period A DEP module that is not allowed to be reduced in size.
  13. 根据权利要求12所述的装置,其中,所述标识信息为数据信息,所述选取模块包括:The device according to claim 12, wherein the identification information is data information, and the selecting module comprises:
    第三确定子模块,设置为确定所述多个DEP模块的模块数;a third determining submodule, configured to determine a number of modules of the plurality of DEP modules;
    运算子模块,设置为利用所述模块数对所述标识信息进行取余运算,得到标识数据;An operation submodule, configured to perform a remainder operation on the identification information by using the number of modules to obtain identification data;
    获取子模块,设置为获取所述多个DEP模块中顺序与所述标识数据匹配的所述目标DEP模块,并关联所述目标DEP模块和所述会话连接。Obtaining a sub-module, configured to acquire the target DEP module in the plurality of DEP modules that matches the identification data in sequence, and associate the target DEP module with the session connection.
  14. 根据权利要求8所述的装置,其中,所述网元包括3GPP AAA SERVER网元。The apparatus of claim 8 wherein said network element comprises a 3GPP AAA SERVER network element.
  15. 一种存储介质,其特征在于,所述存储介质包括存储的程序, 其中,所述程序运行时执行权利要求1至7中任一项所述的方法。 A storage medium, characterized in that the storage medium includes a stored program. Wherein the program is executed to perform the method of any one of claims 1 to 7.
PCT/CN2017/098628 2016-08-23 2017-08-23 Method and device for sending message WO2018036514A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610708954.7 2016-08-23
CN201610708954.7A CN107770067B (en) 2016-08-23 2016-08-23 Message sending method and device

Publications (1)

Publication Number Publication Date
WO2018036514A1 true WO2018036514A1 (en) 2018-03-01

Family

ID=61246438

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/098628 WO2018036514A1 (en) 2016-08-23 2017-08-23 Method and device for sending message

Country Status (2)

Country Link
CN (1) CN107770067B (en)
WO (1) WO2018036514A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100017603A1 (en) * 2008-07-18 2010-01-21 Bridgewater Systems Corp. Extensible Authentication Protocol Authentication and Key Agreement (EAP-AKA) Optimization
CN105099789A (en) * 2015-09-02 2015-11-25 华为技术有限公司 Network element uploading method and equipment
CN105634956A (en) * 2015-12-31 2016-06-01 华为技术有限公司 Message forwarding method, device and system
CN105634780A (en) * 2014-11-04 2016-06-01 中兴通讯股份有限公司 Method and device for realizing VNF elastic scaling
CN105681060A (en) * 2014-11-17 2016-06-15 中兴通讯股份有限公司 Virtualization network function management upgrading method and apparatus and virtualization network function management server
CN105847330A (en) * 2016-03-16 2016-08-10 中国联合网络通信集团有限公司 Content distribution method and system

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104980297A (en) * 2014-04-14 2015-10-14 中兴通讯股份有限公司 Virtual machine resource changing method and device, and virtualized network function device
CN105577414A (en) * 2014-10-17 2016-05-11 中兴通讯股份有限公司 Elastically telescopic processing method, device and system for VM (Virtual Machine) resources
CN105634782B (en) * 2014-11-06 2019-03-01 华为技术有限公司 A kind of method and network element management device instantiating VNF
CN105830394B (en) * 2014-11-27 2019-05-21 华为技术有限公司 Configuration method, system and its Virtual NE and network management system of virtual network strategy
US9866408B2 (en) * 2014-12-12 2018-01-09 Oracle International Corporation Methods, systems, and computer readable media for configuring a flow interface on a network routing element

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100017603A1 (en) * 2008-07-18 2010-01-21 Bridgewater Systems Corp. Extensible Authentication Protocol Authentication and Key Agreement (EAP-AKA) Optimization
CN105634780A (en) * 2014-11-04 2016-06-01 中兴通讯股份有限公司 Method and device for realizing VNF elastic scaling
CN105681060A (en) * 2014-11-17 2016-06-15 中兴通讯股份有限公司 Virtualization network function management upgrading method and apparatus and virtualization network function management server
CN105099789A (en) * 2015-09-02 2015-11-25 华为技术有限公司 Network element uploading method and equipment
CN105634956A (en) * 2015-12-31 2016-06-01 华为技术有限公司 Message forwarding method, device and system
CN105847330A (en) * 2016-03-16 2016-08-10 中国联合网络通信集团有限公司 Content distribution method and system

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
"eHRPD Security Framework", 3GPP2 S. R0138-0 VERSION 1. 0, 14 May 2009 (2009-05-14), pages 1 - 25, XP055603013 *
ERONEN, P. ET AL.: "An Extension for EAP-Only Authentication in IKEv2", INTERNET ENGINEERING TASK FORCE (IETF) REQUEST FOR COMMENTS: 5998, 30 September 2010 (2010-09-30), XP015073010, ISSN: 2070-1721 *
ERONEN, P.ED. ET AL.: "Diameter Extensible Authentication Protocol (EAP) Application", NETWORK WORKING GROUP REQUEST FOR COMMENTS: 4072, 31 August 2005 (2005-08-31), XP015041927 *
HILLER, T. ET AL.: "Diameter Extensible Authentication Protocol (EAP) Application", DRAFT-IETF-AAA-EAP-01, 31 March 2003 (2003-03-31), XP055603024 *
MANDIN, JEFF.: "Enhancement of 802.16e to Support EAP-based Authentication / Key Distribution Rev. 4", IEEE C802. 16-71/R4, 27 January 2004 (2004-01-27), XP055603022 *

Also Published As

Publication number Publication date
CN107770067A (en) 2018-03-06
CN107770067B (en) 2021-05-11

Similar Documents

Publication Publication Date Title
US11405780B2 (en) Method for performing verification by using shared key, method for performing verification by using public key and private key, and apparatus
US11463874B2 (en) User profile, policy, and PMIP key distribution in a wireless communication network
US11825303B2 (en) Method for performing verification by using shared key, method for performing verification by using public key and private key, and apparatus
US11223947B2 (en) Enhanced registration procedure in a mobile system supporting network slicing
US8769611B2 (en) Methods and apparatus for providing PMIP key hierarchy in wireless communication networks
JP5384723B2 (en) Emergency call processing by authentication procedure in communication network
US9668139B2 (en) Secure negotiation of authentication capabilities
EP1693995B1 (en) A method for implementing access authentication of wlan user
EP1672945A1 (en) UMTS-WLAN interworking system and authentication method therefor
KR20110045796A (en) Method and system for managing security in mobile communication system
US20080070571A1 (en) System and method for providing secure network access in fixed mobile converged telecommunications networks
WO2007097101A1 (en) Radio access system and radio access method
US20240073685A1 (en) Method for authentication for nswo service, device, and storage medium
WO2018036514A1 (en) Method and device for sending message

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17842936

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17842936

Country of ref document: EP

Kind code of ref document: A1