WO2019090515A1 - 完整性保护的控制方法、网络设备及计算机存储介质 - Google Patents

完整性保护的控制方法、网络设备及计算机存储介质 Download PDF

Info

Publication number
WO2019090515A1
WO2019090515A1 PCT/CN2017/109940 CN2017109940W WO2019090515A1 WO 2019090515 A1 WO2019090515 A1 WO 2019090515A1 CN 2017109940 W CN2017109940 W CN 2017109940W WO 2019090515 A1 WO2019090515 A1 WO 2019090515A1
Authority
WO
WIPO (PCT)
Prior art keywords
integrity protection
information
qos data
parameter configuration
data flow
Prior art date
Application number
PCT/CN2017/109940
Other languages
English (en)
French (fr)
Inventor
杨宁
亚里·加可·伊索坎加斯
Original Assignee
Oppo广东移动通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oppo广东移动通信有限公司 filed Critical Oppo广东移动通信有限公司
Priority to KR1020207013805A priority Critical patent/KR102337656B1/ko
Priority to AU2017439007A priority patent/AU2017439007A1/en
Priority to EP17931465.3A priority patent/EP3694245B1/en
Priority to JP2020524531A priority patent/JP7024077B2/ja
Priority to CA3081114A priority patent/CA3081114C/en
Priority to CN202010378856.8A priority patent/CN111641950B/zh
Priority to PCT/CN2017/109940 priority patent/WO2019090515A1/zh
Priority to US16/760,690 priority patent/US11277745B2/en
Priority to CN201780095547.6A priority patent/CN111183663A/zh
Priority to BR112020008401-8A priority patent/BR112020008401A2/pt
Priority to TW107139363A priority patent/TWI775979B/zh
Publication of WO2019090515A1 publication Critical patent/WO2019090515A1/zh

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/327Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the session layer [OSI layer 5]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/02Arrangements for optimising operational condition
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W28/00Network traffic management; Network resource management
    • H04W28/02Traffic management, e.g. flow control or congestion control
    • H04W28/0268Traffic management, e.g. flow control or congestion control using specific QoS parameters for wireless networks, e.g. QoS class identifier [QCI] or guaranteed bit rate [GBR]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup

Definitions

  • the present invention relates to the field of communication processing technologies, and in particular, to a method for controlling integrity protection, a network device, and a computer storage medium.
  • IP integrity protection
  • SRB signaling bearer
  • DRB data bearer
  • whether or not each DRB is enabled with IP can be controlled by the Radio Access Network (RAN) through RRC signaling.
  • RAN Radio Access Network
  • one problem with this is how the RAN can determine if the DRB's IP needs to be turned on.
  • an embodiment of the present invention provides a method for controlling integrity protection, a network device, and a computer storage medium.
  • a method for controlling integrity protection according to an embodiment of the present invention is applied to a network device, including:
  • parameter configuration information is parameter configuration information saved by the network device, or parameter configuration information acquired from a core network side;
  • a communication unit configured to obtain parameter configuration information, where the parameter configuration information is parameter configuration information saved by the network device, or parameter configuration information acquired from a core network side;
  • Processing unit based on the parameter configuration information, determining whether it is required to open for QoS data flow Integrity protection.
  • a network device provided by an embodiment of the present invention includes: a processor and a memory for storing a computer program capable of running on a processor,
  • processor is configured to perform the steps of the foregoing method when the computer program is run.
  • a computer storage medium is provided by the embodiment of the present invention.
  • the computer storage medium stores computer executable instructions, and the foregoing method steps are implemented when the computer executable instructions are executed.
  • the network side device itself can ensure the integrity protection judgment to ensure the timeliness and effectiveness of the integrity protection for the data stream.
  • FIG. 1 is a schematic flowchart of a method for controlling integrity protection according to an embodiment of the present invention
  • FIG. 2 is a schematic structural diagram of a network device according to an embodiment of the present invention.
  • FIG. 3 is a schematic diagram of a hardware architecture according to an embodiment of the present invention.
  • An embodiment of the present invention provides a method for controlling integrity protection, which is applied to a network device, as shown in FIG. 1 , and includes:
  • Step 101 Obtain parameter configuration information, where the parameter configuration information is parameter configuration information saved by the network device, or parameter configuration information acquired from a core network side;
  • Step 102 Determine, according to the parameter configuration information, whether the QoS data flow needs to be opened. Integrity protection.
  • the network device may be a wireless access network device, such as a device that may be a RAN.
  • the parameter configuration information may be configuration information of related information capable of characterizing integrity protection, or may be configuration information of related information capable of determining integrity protection.
  • the parameter configuration information may be obtained from the network switching selection auxiliary information in the PDU session, for example, the parameter configuration information is obtained from the S-NSSAI included in the PDU session. That is to say, the core network (CN) may add relevant information indicating integrity protection to the S-NSSAI in the PDU session, and add related information of the integrity protection to the parameter configuration information of the S-NSSAI. Further, the RAN can obtain parameter configuration information from the S-NSSAI included in the PDU, and obtain information about integrity protection from the parameter configuration information; and determine whether to enable the QoS data flow based on the information about the integrity protection and Integrity protection of PDU sessions.
  • the core network CN
  • the core network may add relevant information indicating integrity protection to the S-NSSAI in the PDU session, and add related information of the integrity protection to the parameter configuration information of the S-NSSAI.
  • the RAN can obtain parameter configuration information from the S-NSSAI included in the PDU, and obtain information about integrity protection from the parameter configuration information; and determine whether to
  • the parameter configuration information may be obtained from the 5QI, for example, may be obtained from a 5G QoS Indicator (5QI, 5G QoS Indicator).
  • information related to integrity protection may be determined based on the parameter configuration information. That is to say, before performing all operations, the RAN can complete parameter configuration with the core network.
  • the 5QI can be obtained through the control plane, and then when it is necessary to determine whether to enable integrity protection for some or some QoS data streams.
  • the parameter configuration information is obtained from the 5QI, and the information about the integrity protection is extracted from the parameter configuration information.
  • the information related to the integrity protection corresponding to the quality of service QoS data stream may be obtained from the network side.
  • the information related to the integrity protection includes at least: indication information of the integrity protection, and is used to indicate whether integrity protection needs to be turned on for the QoS data flow.
  • the letter of instruction The information may include an ID of the QoS data flow to be indicated, that is, when the indication of the integrity protection includes the ID of the QoS data flow, it is determined that the network side indicates that the integrity protection is turned on for the data flow.
  • the information about the integrity protection further includes: attribute information of the integrity protection, and an effective duration;
  • the attribute information of the integrity protection is used to indicate description information of a data packet that needs to be integrity-protected in the QoS data flow; the effective duration is used to represent the integrity protection indication information, And the duration of use of the attribute information of the integrity protection.
  • the description information includes at least one of the following: an Internet Protocol (IP) address, a Uniform Resource Locator (URL), and a URP. That is to say, the location of the information related to integrity protection can be described by attribute information.
  • IP Internet Protocol
  • URL Uniform Resource Locator
  • the effective duration can indicate the indication information of the integrity protection corresponding to a certain one, or some QoS data streams, or all QoS data flows, and the usage duration corresponding to the attribute information thereof; correspondingly, the effective duration
  • the start time may be calculated from the information related to the transmission of the integrity protection, or may be turned on when it is determined that the integrity protection for one or all of the QoS data flows is turned on until the valid duration is reached.
  • the obtaining, by the core network side, information about integrity protection corresponding to the quality of service QoS data flow includes one of the following multiple methods:
  • Manner 1 The QFI of the QoS data stream sent from the core network side acquires related information about the integrity protection.
  • the QFI is a QoS Flow Identify;
  • Manner 2 Obtain relevant information about the integrity protection from the header of the QoS data flow sent by the core network side;
  • Manner 4 Obtain relevant information about the integrity protection from the QoS profile sent from the core network side.
  • the foregoing information when received from the network side, it may be acquired through the control plane data or through the user plane data.
  • the foregoing information may be transmitted when the path is established; when acquiring through the user plane data, the foregoing may be obtained from the header of the transmitted data when the user plane data is transmitted.
  • Kind of information when the foregoing information is received from the network side, it may be acquired through the control plane data or through the user plane data.
  • how to determine whether the integrity protection is turned on for the target QoS data flow based on the configuration parameter may include the following multiple processing manners:
  • Processing mode 1 Based on the information about integrity protection, determine whether integrity protection is enabled for the target QoS data flow.
  • the indication information in the integrity protection related information has identification information (ID) for the QoS data stream, it is determined to turn on the integrity protection for the target QoS data stream; otherwise, it is not turned on.
  • ID identification information
  • the radio bearer is generated for the at least one QoS data flow that is required to be enabled for the integrity protection, and the radio bearer is used to control the Integrity protection of the at least one QoS data stream.
  • the at least one QoS data flow that needs to enable integrity protection may include all QoS data flows indicated by the network side.
  • the radio bearer for generating the radio bearer may send the identifier information of all the QoS data flows that need to be turned on for integrity protection to the receiving end by using the radio bearer.
  • the processing mode 3 when the indication information of the information about the integrity protection indicates that the integrity protection is turned on for the target QoS data flow, and the traffic of the target QoS data flow exceeds a preset threshold, The target QoS data flow turns on integrity protection.
  • determining whether the target QoS data flow exceeds a preset threshold may be the target data.
  • An embodiment of the present invention provides a network device, as shown in FIG. 2, including:
  • the communication unit 21 acquires parameter configuration information, where the parameter configuration information is parameter configuration information saved by the network device, or parameter configuration information acquired from a core network side;
  • the processing unit 22 determines, based on the parameter configuration information, whether integrity protection needs to be turned on for the QoS data flow.
  • the network device may be a wireless access network device, such as a device that may be a RAN.
  • the parameter configuration information may be configuration information of related information capable of characterizing integrity protection, or may be configuration information of related information capable of determining integrity protection.
  • the communication unit 21 may obtain parameter configuration information from the network switching selection assistance information in the PDU session, for example, obtain parameter configuration information from the S-NSSAI included in the PDU session. That is to say, the core network (CN) may add relevant information indicating integrity protection to the S-NSSAI in the PDU session, and add related information of the integrity protection to the parameter configuration information of the S-NSSAI. Further, the RAN can obtain parameter configuration information from the S-NSSAI included in the PDU, and obtain information about integrity protection from the parameter configuration information; and determine whether to enable the QoS data flow based on the information about the integrity protection and Integrity protection of PDU sessions.
  • the core network CN
  • the RAN can obtain parameter configuration information from the S-NSSAI included in the PDU, and obtain information about integrity protection from the parameter configuration information; and determine whether to enable the QoS data flow based on the information about the integrity protection and Integrity protection of PDU sessions.
  • the parameter configuration information may be obtained from the 5QI for the communication unit 21, for example, may be obtained from a 5G QoS Indicator (5QI, 5G QoS Indicator).
  • information related to integrity protection may be determined based on the parameter configuration information. That is to say, before performing all operations, the RAN can complete parameter configuration with the core network.
  • the 5QI can be obtained through the control plane, and then when it is necessary to determine whether to enable integrity protection for some or some QoS data streams.
  • the parameter configuration information is obtained from the 5QI, and the information about the integrity protection is extracted from the parameter configuration information.
  • the communication unit 21 may acquire, from the network side, information related to integrity protection corresponding to the quality of service QoS data stream.
  • the information related to the integrity protection includes at least: indication information of the integrity protection, and is used to indicate whether integrity protection needs to be turned on for the QoS data flow.
  • the indication information may include an ID of the QoS data flow to be indicated, that is, when the indication information of the integrity protection includes the ID of the QoS data flow, determining that the network side indicates that the integrity protection is turned on for the data flow. .
  • the information about the integrity protection further includes: attribute information of the integrity protection, and an effective duration;
  • the attribute information of the integrity protection is used to indicate description information of a data packet that needs to be integrity-protected in the QoS data flow; the effective duration is used to represent the integrity protection indication information, And the duration of use of the attribute information of the integrity protection.
  • the description information includes at least one of the following: an Internet Protocol (IP) address, a Uniform Resource Locator (URL), and a URP. That is to say, the location of the information related to integrity protection can be described by attribute information.
  • IP Internet Protocol
  • URL Uniform Resource Locator
  • the effective duration can indicate the indication information of the integrity protection corresponding to a certain one, or some QoS data streams, or all QoS data flows, and the usage duration corresponding to the attribute information thereof; correspondingly, the effective duration
  • the start time can be sent from the integrity guarantee The relevant information of the protection starts to be calculated, or it can be turned on when it is determined to turn on the integrity protection for one or all of the QoS data streams until the effective duration is reached.
  • the obtaining, by the core network side, information about integrity protection corresponding to the quality of service QoS data flow includes one of the following multiple methods:
  • the communication unit 21 acquires related information about the integrity protection from the QFI of the QoS data stream sent from the core network side.
  • the QFI is a QoS Flow Identify;
  • the communication unit 21 obtains related information about the integrity protection from the header of the QoS data stream sent from the core network side.
  • the communication unit 21 obtains related information about the integrity protection from the QoS parameters sent from the core network side.
  • the communication unit 21 acquires related information about the integrity protection from the QoS profile (QoS Profile) sent from the core network.
  • the foregoing information when received from the network side, it may be acquired through the control plane data or through the user plane data.
  • the foregoing information may be transmitted when the path is established; when acquiring through the user plane data, the foregoing may be obtained from the header of the transmitted data when the user plane data is transmitted.
  • Kind of information when the foregoing information is received from the network side, it may be acquired through the control plane data or through the user plane data.
  • how to determine whether to enable integrity protection for the target QoS data flow based on the configuration parameters may include the following multiple processing methods:
  • the processing unit 22 determines whether integrity protection is turned on for the target QoS data flow based on the information about the integrity protection.
  • the indication information in the integrity protection related information has identification information (ID) for the QoS data flow, it is determined to turn on the integrity protection for the target QoS data flow; Otherwise, it won't turn on.
  • ID identification information
  • the processing unit 22 In the processing mode 2, the processing unit 22 generates, according to the information about the integrity protection, a radio bearer for the at least one QoS data flow that needs to be enabled for the integrity protection indicated by the core network side, where the radio bearer is used. Controlling to turn on integrity protection of the at least one QoS data stream.
  • the at least one QoS data flow that needs to enable integrity protection may include all QoS data flows indicated by the network side.
  • the radio bearer for generating the radio bearer may send the identifier information of all the QoS data flows that need to be turned on for integrity protection to the receiving end by using the radio bearer.
  • Processing mode 3 when the indication information of the information about the integrity protection indicates that the integrity protection is turned on for the target QoS data flow, and the traffic of the target QoS data flow exceeds a preset threshold, The integrity protection is not turned on for the target QoS data stream.
  • the determining whether the target QoS data flow exceeds the preset threshold may be that the flow of the target data flow exceeds a preset threshold, and the compliance included in the corresponding bearer may be higher than the preset threshold. In this way, it can be guaranteed that the signaling load will not be increased.
  • the embodiment of the present invention further provides a hardware component architecture of the user equipment or the receiver device.
  • the method includes at least one processor 31, a memory 32, and at least one network interface 33.
  • the various components are coupled together by a bus system 34.
  • bus system 34 is used to implement connection communication between these components.
  • the bus system 34 includes a power bus, a control bus, and a status signal bus in addition to the data bus.
  • various buses are labeled as bus system 34 in FIG.
  • the memory 32 in the embodiment of the present invention may be a volatile memory or a nonvolatile memory.
  • a memory or may include both volatile and non-volatile memory.
  • memory 32 stores elements, executable modules or data structures, or a subset thereof, or their extension set:
  • the processor 31 is configured to be able to process the method steps of the foregoing first embodiment, and details are not described herein.
  • the embodiment of the present invention provides a computer storage medium, where the computer storage medium stores computer executable instructions, and when the computer executable instructions are executed, the method steps of the foregoing first embodiment are implemented.
  • Embodiments of the Invention may be stored in a computer readable storage medium if it is implemented in the form of a software function module and sold or used as a standalone product. Based on such understanding, the technical solution of the embodiments of the present invention may be embodied in the form of a software product in essence or in the form of a software product stored in a storage medium, including a plurality of instructions.
  • a computer device (which may be a personal computer, server, or network device, etc.) is caused to perform all or part of the methods described in various embodiments of the present invention.
  • the foregoing storage medium includes various media that can store program codes, such as a USB flash drive, a mobile hard disk, a read only memory (ROM), a magnetic disk, or an optical disk.
  • embodiments of the invention are not limited to any specific combination of hardware and software.
  • an embodiment of the present invention further provides a computer storage medium, wherein a computer program is configured, and the computer program is configured to execute a data scheduling method according to an embodiment of the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Emergency Protection Circuit Devices (AREA)
  • Computer And Data Communications (AREA)
  • Laying Of Electric Cables Or Lines Outside (AREA)

Abstract

本发明公开了一种完整性保护的控制方法、网络设备及计算机存储介质,包括:获取参数配置信息;其中,所述参数配置信息为所述网络设备保存的参数配置信息,或者,为从核心网侧获取的参数配置信息;基于所述参数配置信息,确定是否需要针对QoS数据流开启完整性保护。

Description

完整性保护的控制方法、网络设备及计算机存储介质 技术领域
本发明涉及通信处理技术领域,尤其涉及一种完整性保护的控制方法、网络设备及计算机存储介质。
背景技术
在LTE系统中,完整性保护(IP,integrity protection)仅用在信令承载(SRB)中,而基本不用于数据承载(DRB)。在NR中,可以由无线接入网(RAN)来通过RRC信令开控制每一个DRB是否开启IP。但是,这样存在的一个问题是,RAN如何能够确定是否需要开启DRB的IP。
发明内容
为解决上述技术问题,本发明实施例提供了一种完整性保护的控制方法、网络设备及计算机存储介质。
本发明实施例提供的一种完整性保护的控制方法,应用于网络设备,包括:
获取参数配置信息;其中,所述参数配置信息为所述网络设备保存的参数配置信息,或者,为从核心网侧获取的参数配置信息;
基于所述参数配置信息,确定是否需要针对QoS数据流开启完整性保护。
本发明实施例提供的一种网络设备,包括:
通信单元,获取参数配置信息;其中,所述参数配置信息为所述网络设备保存的参数配置信息,或者,为从核心网侧获取的参数配置信息;
处理单元,基于所述参数配置信息,确定是否需要针对QoS数据流开 启完整性保护。
本发明实施例提供的一种网络设备,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,
其中,所述处理器用于运行所述计算机程序时,执行前述方法的步骤。
本发明实施例提供的一种计算机存储介质,所述计算机存储介质存储有计算机可执行指令,所述计算机可执行指令被执行时实现前述方法步骤。
本发明实施例的技术方案,就能够就能够通过获取到的参数配置信息,确定是否开启针对QoS数据流的完整性保护。如此,就保证网络侧设备自身能够进行完整性保护的判断,来保证针对数据流开启完整性保护的及时性以及有效性。
附图说明
图1为本发明实施例提供的一种完整性保护的控制方法流程示意图;
图2为本发明实施例网络设备组成结构示意图;
图3为本发明实施例的一种硬件架构示意图。
具体实施方式
为了能够更加详尽地了解本发明实施例的特点与技术内容,下面结合附图对本发明实施例的实现进行详细阐述,所附附图仅供参考说明之用,并非用来限定本发明实施例。
实施例一、
本发明实施例提供了一种完整性保护的控制方法,应用于网络设备,如图1所示,包括:
步骤101:获取参数配置信息;其中,所述参数配置信息为所述网络设备保存的参数配置信息,或者,为从核心网侧获取的参数配置信息;
步骤102:基于所述参数配置信息,确定是否需要针对QoS数据流开 启完整性保护。
这里,所述网络设备可以为无线接入网络设备,比如可以为RAN的设备。
所述参数配置信息,可以为能够表征完整性保护的相关信息的配置信息,或者,可以为能够确定完整性保护的相关信息的配置信息。
下面针对前述步骤101,如何获取参数配置信息分多钟情况进行说明:
情况1,可以为:从PDU会话中的网络切换选择辅助信息中获取参数配置信息,比如,从PDU会话中包含的S-NSSAI中获取参数配置信息。也就是说,核心网(CN)可以在PDU会话中的S-NSSAI中添加能够指示完整性保护的相关信息,将完整性保护的相关信息添加到S-NSSAI的参数配置信息中。进而,RAN能够通过从PDU包含的S-NSSAI中获取参数配置信息,并从参数配置信息中获取完整性保护的相关信息;基于所述完整性保护的相关信息,确定是否开启针对QoS数据流以及PDU会话的完整性保护。
情况2,可以为从5QI中获取所述参数配置信息,比如,可以为从5G服务质量指示(5QI,5G QoS Indicator)中获取。这种情况中,可以基于所述参数配置信息确定完整性保护的相关信息。也就是说,在执行全部操作之前,RAN可以完成与核心网的参数配置,比如,可以通过控制面获取到5QI,然后在需要判断是否针对某些或某个QoS数据流开启完整性保护的时候,从5QI中获取到参数配置信息,进而从参数配置信息中提取完整性保护的相关信息。
情况3,可以为,从网络侧获取与服务质量QoS数据流所对应的完整性保护的相关信息。
具体的,所述完整性保护的相关信息,至少包括:完整性保护的指示信息,用于指示是否需要针对QoS数据流开启完整性保护。其中,指示信 息中可以包括有所要指示的QoS数据流的ID,也就是说,当完整性保护的指示信息中包含有QoS数据流的ID时,确定网络侧指示针对该数据流开启完整性保护。
其中,所述完整性保护的相关信息,还包括:完整性保护的属性信息、以及有效时长;
其中,所述完整性保护的属性信息,用于表示在所述QoS数据流中需要进行完整性保护的数据包的描述信息;所述有效时长,用于表征所述完整性保护的指示信息、以及所述完整性保护的属性信息的使用时长。
所述描述信息中包括以下至少之一:互联网协议(IP)地址、统一资源定位符(URL)、URP。也就是说,完整性保护的相关信息所在的位置,可以通过属性信息来描述。
另外,通过有效时长能够指示针对某一个、或者某几个QoS数据流、或者全部QoS数据流,所对应的完整性保护的指示信息以及其属性信息所对应的使用时长;相应的,该有效时长的起始时间可以从发送该完整性保护的相关信息开始计算,或者,也可以从确定开启针对某一个或全部QoS数据流的完整性保护的时候开启进行计时、直至达到有效时长为止。
可以理解的是,当达到有效时长之后,可以继续等待核心网发来新的完整性保护的相关信息。
进一步地,所述从核心网侧获取与服务质量QoS数据流所对应的完整性保护的相关信息,包括以下多种方式之一:
方式一、从所述核心网侧发来的QoS数据流的QFI中,获取对应的完整性保护的相关信息。其中,所述QFI为QoS Flow Identify;
方式二、从所述核心网侧发来的QoS数据流的包头中,获取对应的完整性保护的相关信息;
方式三、从所述核心网侧发来的QoS数据流参数(QoS Parameters)中, 获取对应的完整性保护的相关信息;
方式四、从所述核心网侧发来的QoS数据流文件(QoS Profile)中,获取对应的完整性保护的相关信息。
进一步需要指出的是,从网络侧接收前述几种信息的时候,可以在通过控制面数据获取,也可以通过用户面数据获取。当通过控制面数据获取时,可以为在进行路径建立的时候,传输前述几种信息;当通过用户面数据获取的时候,可以为在用户面数据传输的时候从传输数据的包头中获取前述几种信息。
再进一步地,前述步骤102中,如何基于配置参数,确定针对目标QoS数据流是否开启完整性保护,可以包括以下多种处理方式:
处理方式1、基于完整性保护的相关信息,确定针对目标QoS数据流是否开启完整性保护。
也就是说,当完整性保护的相关信息中的指示信息,存在针对QoS数据流的标识信息(ID),那么就确定开启针对目标QoS数据流的完整性保护;否则,不开启。
处理方式2,基于所述完整性保护的相关信息,针对所述核心网侧所指示的需要开启完整性保护的至少一个QoS数据流,生成无线承载;其中,所述无线承载,用于控制开启所述至少一个QoS数据流的完整性保护。
其中,所述需要开启完整性保护的至少一个QoS数据流,可以包括有所述网络侧指示的全部QoS数据流。针对其生成无线承载可以为将全部需要开启完整性保护的QoS数据流的标识信息通过无线承载发送至接收端。
处理方式3、当所述完整性保护的相关信息的指示信息中指示针对所述目标QoS数据流开启完整性保护、且所述目标QoS数据流的流量超过预设门限值时,不对所述目标QoS数据流开启完整性保护。
其中,判断目标QoS数据流是否超过预设门限值,可以为当目标数据 流的流程超过预设门限值,还可以为其对应的承载中包含的符合高于预设门限制。如此,就能够保证不会增加信令负荷。
可见,通过采用前述方案,就能够通过获取到的参数配置信息,确定是否开启针对QoS数据流的完整性保护。如此,就保证网络侧设备自身能够进行完整性保护的判断,来保证针对数据流开启完整性保护的及时性以及有效性。
实施例二、
本发明实施例提供了一种网络设备,如图2所示,包括:
通信单元21,获取参数配置信息;其中,所述参数配置信息为所述网络设备保存的参数配置信息,或者,为从核心网侧获取的参数配置信息;
处理单元22,基于所述参数配置信息,确定是否需要针对QoS数据流开启完整性保护。
这里,所述网络设备可以为无线接入网络设备,比如可以为RAN的设备。
所述参数配置信息,可以为能够表征完整性保护的相关信息的配置信息,或者,可以为能够确定完整性保护的相关信息的配置信息。
下面针对如何获取参数配置信息分多钟情况进行说明:
情况1,可以为:通信单元21,从PDU会话中的网络切换选择辅助信息中获取参数配置信息,比如,从PDU会话中包含的S-NSSAI中获取参数配置信息。也就是说,核心网(CN)可以在PDU会话中的S-NSSAI中添加能够指示完整性保护的相关信息,将完整性保护的相关信息添加到S-NSSAI的参数配置信息中。进而,RAN能够通过从PDU包含的S-NSSAI中获取参数配置信息,并从参数配置信息中获取完整性保护的相关信息;基于所述完整性保护的相关信息,确定是否开启针对QoS数据流以及PDU会话的完整性保护。
情况2,可以为通信单元21,从5QI中获取所述参数配置信息,比如,可以为从5G服务质量指示(5QI,5G QoS Indicator)中获取。这种情况中,可以基于所述参数配置信息确定完整性保护的相关信息。也就是说,在执行全部操作之前,RAN可以完成与核心网的参数配置,比如,可以通过控制面获取到5QI,然后在需要判断是否针对某些或某个QoS数据流开启完整性保护的时候,从5QI中获取到参数配置信息,进而从参数配置信息中提取完整性保护的相关信息。
情况3,可以为,通信单元21,从网络侧获取与服务质量QoS数据流所对应的完整性保护的相关信息。
具体的,所述完整性保护的相关信息,至少包括:完整性保护的指示信息,用于指示是否需要针对QoS数据流开启完整性保护。其中,指示信息中可以包括有所要指示的QoS数据流的ID,也就是说,当完整性保护的指示信息中包含有QoS数据流的ID时,确定网络侧指示针对该数据流开启完整性保护。
其中,所述完整性保护的相关信息,还包括:完整性保护的属性信息、以及有效时长;
其中,所述完整性保护的属性信息,用于表示在所述QoS数据流中需要进行完整性保护的数据包的描述信息;所述有效时长,用于表征所述完整性保护的指示信息、以及所述完整性保护的属性信息的使用时长。
所述描述信息中包括以下至少之一:互联网协议(IP)地址、统一资源定位符(URL)、URP。也就是说,完整性保护的相关信息所在的位置,可以通过属性信息来描述。
另外,通过有效时长能够指示针对某一个、或者某几个QoS数据流、或者全部QoS数据流,所对应的完整性保护的指示信息以及其属性信息所对应的使用时长;相应的,该有效时长的起始时间可以从发送该完整性保 护的相关信息开始计算,或者,也可以从确定开启针对某一个或全部QoS数据流的完整性保护的时候开启进行计时、直至达到有效时长为止。
可以理解的是,当达到有效时长之后,可以继续等待核心网发来新的完整性保护的相关信息。
进一步地,所述从核心网侧获取与服务质量QoS数据流所对应的完整性保护的相关信息,包括以下多种方式之一:
方式一、通信单元21,从所述核心网侧发来的QoS数据流的QFI中,获取对应的完整性保护的相关信息。其中,所述QFI为QoS Flow Identify;
方式二、通信单元21,从所述核心网侧发来的QoS数据流的包头中,获取对应的完整性保护的相关信息;
方式三、通信单元21,从所述核心网侧发来的QoS数据流参数(QoS Parameters)中,获取对应的完整性保护的相关信息;
方式四、通信单元21,从所述核心网侧发来的QoS数据流文件(QoS Profile)中,获取对应的完整性保护的相关信息。
进一步需要指出的是,从网络侧接收前述几种信息的时候,可以在通过控制面数据获取,也可以通过用户面数据获取。当通过控制面数据获取时,可以为在进行路径建立的时候,传输前述几种信息;当通过用户面数据获取的时候,可以为在用户面数据传输的时候从传输数据的包头中获取前述几种信息。
再进一步地,如何基于配置参数,确定针对目标QoS数据流是否开启完整性保护,可以包括以下多种处理方式:
处理方式1、处理单元22,基于完整性保护的相关信息,确定针对目标QoS数据流是否开启完整性保护。
也就是说,当完整性保护的相关信息中的指示信息,存在针对QoS数据流的标识信息(ID),那么就确定开启针对目标QoS数据流的完整性保护; 否则,不开启。
处理方式2,处理单元22基于所述完整性保护的相关信息,针对所述核心网侧所指示的需要开启完整性保护的至少一个QoS数据流,生成无线承载;其中,所述无线承载,用于控制开启所述至少一个QoS数据流的完整性保护。
其中,所述需要开启完整性保护的至少一个QoS数据流,可以包括有所述网络侧指示的全部QoS数据流。针对其生成无线承载可以为将全部需要开启完整性保护的QoS数据流的标识信息通过无线承载发送至接收端。
处理方式3、处理单元22当所述完整性保护的相关信息的指示信息中指示针对所述目标QoS数据流开启完整性保护、且所述目标QoS数据流的流量超过预设门限值时,不对所述目标QoS数据流开启完整性保护。
其中,判断目标QoS数据流是否超过预设门限值,可以为当目标数据流的流程超过预设门限值,还可以为其对应的承载中包含的符合高于预设门限制。如此,就能够保证不会增加信令负荷。
可见,通过采用前述方案,就能够通过获取到的参数配置信息,确定是否开启针对QoS数据流的完整性保护。如此,就保证网络侧设备自身能够进行完整性保护的判断,来保证针对数据流开启完整性保护的及时性以及有效性。
本发明实施例还提供了一种用户设备、或接收方设备的硬件组成架构,如图3所示,包括:至少一个处理器31、存储器32、至少一个网络接口33。各个组件通过总线系统34耦合在一起。可理解,总线系统34用于实现这些组件之间的连接通信。总线系统34除包括数据总线之外,还包括电源总线、控制总线和状态信号总线。但是为了清楚说明起见,在图3中将各种总线都标为总线系统34。
可以理解,本发明实施例中的存储器32可以是易失性存储器或非易失 性存储器,或可包括易失性和非易失性存储器两者。
在一些实施方式中,存储器32存储了如下的元素,可执行模块或者数据结构,或者他们的子集,或者他们的扩展集:
操作系统321和应用程序322。
其中,所述处理器31配置为:能够处理前述实施例一的方法步骤,这里不再进行赘述。
本发明实施例提供的一种计算机存储介质,所述计算机存储介质存储有计算机可执行指令,所述计算机可执行指令被执行时实施前述实施例一的方法步骤。
本发明实施例上述装置如果以软件功能模块的形式实现并作为独立的产品销售或使用时,也可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明实施例的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机、服务器、或者网络设备等)执行本发明各个实施例所述方法的全部或部分。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read Only Memory)、磁碟或者光盘等各种可以存储程序代码的介质。这样,本发明实施例不限制于任何特定的硬件和软件结合。
相应地,本发明实施例还提供一种计算机存储介质,其中存储有计算机程序,该计算机程序配置为执行本发明实施例的数据调度方法。
尽管为示例目的,已经公开了本发明的优选实施例,本领域的技术人员将意识到各种改进、增加和取代也是可能的,因此,本发明的范围应当不限于上述实施例。

Claims (32)

  1. 一种完整性保护的控制方法,应用于网络设备,包括:
    获取参数配置信息;其中,所述参数配置信息为所述网络设备保存的参数配置信息,或者,为从核心网侧获取的参数配置信息;
    基于所述参数配置信息,确定是否需要针对QoS数据流开启完整性保护。
  2. 根据权利要求1所述的方法,其中,获取参数配置信息,基于所述参数配置信息,确定是否需要针对QoS数据流开启完整性保护,包括:
    获取PDU会话中的网络切片选择辅助信息;
    基于所述网络切片选择辅助信息,确定是否开启针对QoS数据流、以及所述PDU会话的完整性保护。
  3. 根据权利要求1所述的方法,其中,获取参数配置信息,基于所述参数配置信息,包括:
    从核心网侧获取与服务质量QoS数据流所对应的完整性保护的相关信息。
  4. 根据权利要求3所述的方法,其中,所述完整性保护的相关信息,至少包括:完整性保护的指示信息,用于指示是否需要针对QoS数据流开启完整性保护。
  5. 根据权利要求4所述的方法,其中,所述完整性保护的相关信息,还包括:完整性保护的属性信息、以及有效时长;
    其中,所述完整性保护的属性信息,用于表示在所述QoS数据流中需要进行完整性保护的数据包的描述信息;所述有效时长,用于表征所述完整性保护的指示信息、以及所述完整性保护的属性信息的使用时长。
  6. 根据权利要求5所述的方法,其中,
    所述描述信息中包括以下至少之一:IP地址、URL、URP。
  7. 根据权利要求3所述的方法,其中,所述从核心网侧获取与服务质量QoS数据流所对应的完整性保护的相关信息,包括:
    从所述核心网侧发来的QoS数据流的QFI中,获取对应的完整性保护的相关信息。
  8. 根据权利要求3所述的方法,其中,所述从核心网侧获取与服务质量QoS数据流所对应的完整性保护的相关信息,包括:
    从所述核心网侧发来的QoS数据流的包头中,获取对应的完整性保护的相关信息。
  9. 根据权利要求3所述的方法,其中,所述从核心网侧获取与服务质量QoS数据流所对应的完整性保护的相关信息,包括:
    从所述核心网侧发来的QoS数据流参数中,获取对应的完整性保护的相关信息。
  10. 根据权利要求3所述的方法,其中,所述从核心网侧获取与服务质量QoS数据流所对应的完整性保护的相关信息,包括:
    从所述核心网侧发来的QoS数据流文件中,获取对应的完整性保护的相关信息。
  11. 根据权利要求3所述的方法,其中,基于所述完整性保护的相关信息,确定针对目标QoS数据流是否开启完整性保护,包括:
    基于所述完整性保护的相关信息,确定是否在传输所述目标Qos数据流的无线承载中开启完整性保护。
  12. 根据权利要求3所述的方法,其中,基于所述完整性保护的相关信息,确定针对目标QoS数据流是否开启完整性保护,包括:
    基于所述完整性保护的相关信息,针对所述核心网侧所指示的需要开启完整性保护的至少一个QoS数据流,生成无线承载;其中,所述无线承载,用于控制开启所述至少一个QoS数据流的完整性保护。
  13. 根据权利要求3所述的方法,其中,基于所述完整性保护的相关信息,确定针对目标QoS数据流是否开启完整性保护,所述方法还包括:
    当所述完整性保护的相关信息的指示信息中指示针对所述目标QoS数据流开启完整性保护、且所述目标QoS数据流的流量超过预设门限值时,不对所述目标QoS数据流开启完整性保护。
  14. 根据权利要求1所述的方法,其中,所述获取参数配置信息,包括:
    从5QI中获取所述参数配置信息。
  15. 根据权利要求14所述的方法,其中,所述方法还包括:
    基于所述参数配置信息确定完整性保护的相关信息。
  16. 一种网络设备,包括:
    通信单元,获取参数配置信息;其中,所述参数配置信息为所述网络设备保存的参数配置信息,或者,为从核心网侧获取的参数配置信息;
    处理单元,基于所述参数配置信息,确定是否需要针对QoS数据流开启完整性保护。
  17. 根据权利要求16所述的网络设备,其中,
    所述通信单元,获取PDU会话中的网络切片选择辅助信息;
    所述处理单元,基于所述网络切片选择辅助信息,确定是否开启针对QoS数据流、以及所述PDU会话的完整性保护。
  18. 根据权利要求16所述的网络设备,其中,
    所述通信单元,从核心网侧获取与服务质量QoS数据流所对应的完整性保护的相关信息。
  19. 根据权利要求18所述的网络设备,其中,所述完整性保护的相关信息,至少包括:完整性保护的指示信息,用于指示是否需要针对QoS数据流开启完整性保护。
  20. 根据权利要求19所述的网络设备,其中,所述完整性保护的相关信息,还包括:完整性保护的属性信息、以及有效时长;
    其中,所述完整性保护的属性信息,用于表示在所述QoS数据流中需要进行完整性保护的数据包的描述信息;所述有效时长,用于表征所述完整性保护的指示信息、以及所述完整性保护的属性信息的使用时长。
  21. 根据权利要求20所述的网络设备,其中,
    所述描述信息中包括以下至少之一:IP地址、URL、URP。
  22. 根据权利要求18所述的网络设备,其中,所述通信单元,从所述核心网侧发来的QoS数据流的QFI中,获取对应的完整性保护的相关信息。
  23. 根据权利要求18所述的网络设备,其中,所述通信单元,从所述核心网侧发来的QoS数据流的包头中,获取对应的完整性保护的相关信息。
  24. 根据权利要求18所述的网络设备,其中,所述通信单元,从所述核心网侧发来的QoS数据流参数中,获取对应的完整性保护的相关信息。
  25. 根据权利要求18所述的网络设备,其中,所述通信单元,从所述核心网侧发来的QoS数据流文件中,获取对应的完整性保护的相关信息。
  26. 根据权利要求18所述的网络设备,其中,所述处理单元,基于所述完整性保护的相关信息,确定是否在传输所述目标Qos数据流的无线承载中开启完整性保护。
  27. 根据权利要求18所述的网络设备,其中,所述处理单元,基于所述完整性保护的相关信息,针对所述核心网侧所指示的需要开启完整性保护的至少一个QoS数据流,生成无线承载;其中,所述无线承载,用于控制开启所述至少一个QoS数据流的完整性保护。
  28. 根据权利要求18所述的网络设备,其中,所述处理单元,当所述完整性保护的相关信息的指示信息中指示针对所述目标QoS数据流开启完整性保护、且所述目标QoS数据流的流量超过预设门限值时,不对所述目 标QoS数据流开启完整性保护。
  29. 根据权利要求16所述的网络设备,其中,所述通信单元,从5QI中获取所述参数配置信息。
  30. 根据权利要求29所述的网络设备,其中,所述处理单元,基于所述参数配置信息确定完整性保护的相关信息。
  31. 一种网络设备,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,
    其中,所述处理器用于运行所述计算机程序时,执行权利要求1-15任一项所述方法的步骤。
  32. 一种计算机存储介质,所述计算机存储介质存储有计算机可执行指令,所述计算机可执行指令被执行时实现权利要求1-15任一项所述的方法步骤。
PCT/CN2017/109940 2017-11-08 2017-11-08 完整性保护的控制方法、网络设备及计算机存储介质 WO2019090515A1 (zh)

Priority Applications (11)

Application Number Priority Date Filing Date Title
KR1020207013805A KR102337656B1 (ko) 2017-11-08 2017-11-08 무결성 보호의 제어 방법, 네트워크 기기 및 컴퓨터 저장 매체
AU2017439007A AU2017439007A1 (en) 2017-11-08 2017-11-08 Integrity protection control method, network device and computer storage medium
EP17931465.3A EP3694245B1 (en) 2017-11-08 2017-11-08 Integrity protection control method, network device and computer storage medium
JP2020524531A JP7024077B2 (ja) 2017-11-08 2017-11-08 完全性保護の制御方法、ネットワーク装置及びコンピュータ記憶媒体
CA3081114A CA3081114C (en) 2017-11-08 2017-11-08 Integrity protection control method, network device and computer storage medium
CN202010378856.8A CN111641950B (zh) 2017-11-08 2017-11-08 完整性保护的控制方法、网络设备及计算机存储介质
PCT/CN2017/109940 WO2019090515A1 (zh) 2017-11-08 2017-11-08 完整性保护的控制方法、网络设备及计算机存储介质
US16/760,690 US11277745B2 (en) 2017-11-08 2017-11-08 Integrity protection control method, network device and computer storage medium
CN201780095547.6A CN111183663A (zh) 2017-11-08 2017-11-08 完整性保护的控制方法、网络设备及计算机存储介质
BR112020008401-8A BR112020008401A2 (pt) 2017-11-08 2017-11-08 método para controlar uma proteção de integridade, dispositivo de rede e meio de armazenamento para computador
TW107139363A TWI775979B (zh) 2017-11-08 2018-11-06 完整性保護的控制方法及網路設備

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/109940 WO2019090515A1 (zh) 2017-11-08 2017-11-08 完整性保护的控制方法、网络设备及计算机存储介质

Publications (1)

Publication Number Publication Date
WO2019090515A1 true WO2019090515A1 (zh) 2019-05-16

Family

ID=66438697

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/109940 WO2019090515A1 (zh) 2017-11-08 2017-11-08 完整性保护的控制方法、网络设备及计算机存储介质

Country Status (10)

Country Link
US (1) US11277745B2 (zh)
EP (1) EP3694245B1 (zh)
JP (1) JP7024077B2 (zh)
KR (1) KR102337656B1 (zh)
CN (2) CN111641950B (zh)
AU (1) AU2017439007A1 (zh)
BR (1) BR112020008401A2 (zh)
CA (1) CA3081114C (zh)
TW (1) TWI775979B (zh)
WO (1) WO2019090515A1 (zh)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110474854B (zh) 2018-05-11 2021-08-31 华为技术有限公司 资源分配的方法和装置

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101115280A (zh) * 2006-07-27 2008-01-30 华为技术有限公司 呼叫建立过程中安全模式控制的方法及其系统
CN102158901A (zh) * 2011-02-16 2011-08-17 大唐移动通信设备有限公司 网络侧进行终端操作配置的方法及网络侧装置
CN102378393A (zh) * 2010-08-11 2012-03-14 电信科学技术研究院 一种中继节点的非接入层过程处理方法及设备
CN102487507A (zh) * 2010-12-01 2012-06-06 中兴通讯股份有限公司 一种实现完整性保护的方法及系统
US20140269613A1 (en) * 2013-03-18 2014-09-18 Nokia Siemens Networks Oy Integrity protection towards one CN after handovers involving multiple services to be handled by different CNs
CN106162626A (zh) * 2015-04-20 2016-11-23 北京信威通信技术股份有限公司 群组通信空口安全控制的方法、装置和系统

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101392697B1 (ko) 2007-08-10 2014-05-19 엘지전자 주식회사 이동통신 시스템에서의 보안 오류 검출방법 및 장치
USRE49491E1 (en) * 2012-06-08 2023-04-11 Samsung Electronics Co., Ltd. Method and system for selective protection of data exchanged between user equipment and network
US9491618B2 (en) * 2014-09-26 2016-11-08 Qualcomm Incorporated Serving network authentication
US10362011B2 (en) * 2015-07-12 2019-07-23 Qualcomm Incorporated Network security architecture
WO2017074247A1 (en) * 2015-10-30 2017-05-04 Telefonaktiebolaget Lm Ericsson (Publ) Management of integrity protection of a logical link control packet data unit
US10142994B2 (en) * 2016-04-18 2018-11-27 Electronics And Telecommunications Research Institute Communication method and apparatus using network slicing
EP4228301A1 (en) * 2017-03-17 2023-08-16 Telefonaktiebolaget LM Ericsson (publ) Security solution for switching on and off security for up data between ue and ran in 5g
WO2018201506A1 (zh) * 2017-05-05 2018-11-08 华为技术有限公司 一种通信方法及相关装置
CN109218325B (zh) * 2017-08-11 2020-03-10 华为技术有限公司 数据完整性保护方法和装置
US11297502B2 (en) * 2017-09-08 2022-04-05 Futurewei Technologies, Inc. Method and device for negotiating security and integrity algorithms
CN114500008A (zh) * 2017-09-30 2022-05-13 华为技术有限公司 通信方法、装置和系统

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101115280A (zh) * 2006-07-27 2008-01-30 华为技术有限公司 呼叫建立过程中安全模式控制的方法及其系统
CN102378393A (zh) * 2010-08-11 2012-03-14 电信科学技术研究院 一种中继节点的非接入层过程处理方法及设备
CN102487507A (zh) * 2010-12-01 2012-06-06 中兴通讯股份有限公司 一种实现完整性保护的方法及系统
CN102158901A (zh) * 2011-02-16 2011-08-17 大唐移动通信设备有限公司 网络侧进行终端操作配置的方法及网络侧装置
US20140269613A1 (en) * 2013-03-18 2014-09-18 Nokia Siemens Networks Oy Integrity protection towards one CN after handovers involving multiple services to be handled by different CNs
CN106162626A (zh) * 2015-04-20 2016-11-23 北京信威通信技术股份有限公司 群组通信空口安全控制的方法、装置和系统

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3694245A4 *

Also Published As

Publication number Publication date
EP3694245A4 (en) 2020-10-21
TW201919414A (zh) 2019-05-16
EP3694245B1 (en) 2022-09-21
US20200336912A1 (en) 2020-10-22
CN111641950B (zh) 2022-04-29
TWI775979B (zh) 2022-09-01
CA3081114C (en) 2023-08-01
JP2021503741A (ja) 2021-02-12
EP3694245A1 (en) 2020-08-12
BR112020008401A2 (pt) 2020-11-03
CA3081114A1 (en) 2019-05-16
KR102337656B1 (ko) 2021-12-09
CN111183663A (zh) 2020-05-19
CN111641950A (zh) 2020-09-08
JP7024077B2 (ja) 2022-02-22
US11277745B2 (en) 2022-03-15
AU2017439007A1 (en) 2020-05-28
KR20200081400A (ko) 2020-07-07

Similar Documents

Publication Publication Date Title
US10700961B2 (en) In-flow packet prioritization and data-dependent flexible QOS policy
EP2487872A1 (en) Method, device and system for bandwidth control
US9461894B2 (en) Packet processing method, deep packet inspection request network element and deep packet inspection device
JP7496022B2 (ja) クライアント、サーバ、受信方法及び送信方法
US10425955B2 (en) Bearer setup method and apparatus
EP3310048B1 (en) Video bit rate identification method and device
US20170094015A1 (en) Method, Device, and System for Controlling Quality of Service
EP3177063A1 (en) Congestion notification method, related device and system
WO2015081693A1 (zh) 一种网络共享用户识别方法及装置
JP2018537921A (ja) Skypeの異なる機能の通信フローに基づく識別方法及び装置
JP2016514412A5 (zh)
WO2019090515A1 (zh) 完整性保护的控制方法、网络设备及计算机存储介质
CN106471812B (zh) 用于在通信系统中发送/接收数据的设备和方法
CN110166518B (zh) 会话信息的传输方法、装置、存储介质及电子装置
JP2016502825A (ja) アクセス制御方法及び装置
JP2021518680A5 (zh)
KR20120124049A (ko) UPnP 네트워크 환경에서 QoS 정책을 선택하는 방법 및 장치
JP6566875B2 (ja) 情報処理装置、情報処理システム、および情報処理方法
JP6933883B2 (ja) 情報処理装置、情報処理方法、およびプログラム
US20190122238A1 (en) Data Inspection for Network Charging and Policy Treatment
US10070318B2 (en) Method, apparatus and system and storage medium for re-establishing radio resource
CN111770491A (zh) 一种数据链路建立方法及装置
WO2016023197A1 (zh) 参数配置装置及参数配置方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17931465

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 3081114

Country of ref document: CA

ENP Entry into the national phase

Ref document number: 2020524531

Country of ref document: JP

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 2017931465

Country of ref document: EP

Effective date: 20200506

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 20207013805

Country of ref document: KR

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 2017439007

Country of ref document: AU

Date of ref document: 20171108

Kind code of ref document: A

REG Reference to national code

Ref country code: BR

Ref legal event code: B01A

Ref document number: 112020008401

Country of ref document: BR

ENP Entry into the national phase

Ref document number: 112020008401

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20200428