WO2021072970A1 - Method for restricting user terminal to access upf - Google Patents

Method for restricting user terminal to access upf Download PDF

Info

Publication number
WO2021072970A1
WO2021072970A1 PCT/CN2019/127745 CN2019127745W WO2021072970A1 WO 2021072970 A1 WO2021072970 A1 WO 2021072970A1 CN 2019127745 W CN2019127745 W CN 2019127745W WO 2021072970 A1 WO2021072970 A1 WO 2021072970A1
Authority
WO
WIPO (PCT)
Prior art keywords
upf
user terminal
private
identification information
smf
Prior art date
Application number
PCT/CN2019/127745
Other languages
French (fr)
Chinese (zh)
Inventor
廖雪松
周远长
Original Assignee
广州爱浦路网络技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 广州爱浦路网络技术有限公司 filed Critical 广州爱浦路网络技术有限公司
Publication of WO2021072970A1 publication Critical patent/WO2021072970A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/02Access restriction performed under specific conditions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/11Allocation or use of connection identifiers

Definitions

  • the present invention relates to the field of mobile communication, in particular to a method for restricting user terminals from accessing UPF.
  • the session management function entity manages one or more user plane function entities (UPF).
  • the SMF is responsible for selecting the UPF to connect with the user terminal UE.
  • the SMF is also responsible for the establishment, modification and release of the PDU session between the user terminal UE and the data network DN.
  • UPF User Planar Function
  • the Chinese patent application publication number is CN108307402A, and the title of the invention is "Methods, devices and systems for managing UPF".
  • capability information of one or more UPFs in the preset area such as node information, Qos Information, supported APN information, supported DCN information, network slice information, service type information, etc., combined with CPF node information, location/area information, UE request, Qos information, DCN information, APN, etc.
  • flexibly choose UPF flexibly choose UPF.
  • the flexibility of management and selection of UPF is improved, and the orientation is relatively broad, and there is no mention of UPF's restrictions on user terminal access.
  • the Chinese patent application publication number is CN110149675A, and the invention name is "A UPF selection method and device".
  • UPF service application ID supported by UPF
  • the inaccuracy during UPF does not involve the use of the SUPI and other identification information of the user terminal.
  • the Chinese patent application publication number is CN108271229A, and the title of the invention is "a user plane selection method and device".
  • the UPF is re-selected for the UE to optimize and enhance the business path. Selection strategy for private UPF.
  • UPFs managed by SMF are basically the same as those of the prior art, such as data packet inspection, packet routing and forwarding, connection points between PDU sessions and data networks, QoS processing and policy control, and so on.
  • the difference is that the service type, geographic location information, access point and other information supported by UPF, the existing UPF selection methods mostly control the selection of UPF based on the one or more kinds of information, and there is no mention of docking.
  • the user terminal that enters the UPF carries out the restriction strategy.
  • a specific user terminal UE needs a corresponding private UPF to provide services in order to work normally.
  • other user terminals may connect to the private UPF, occupy the resources of the private UPF, and indirectly affect the normal operation of the specific user terminal UE.
  • the present invention provides a method for restricting user terminals from accessing UPF, allowing specific user terminals to access private UPF, satisfying user-level access restrictions, and avoiding other users that do not need to access the private UPF.
  • the user terminal of the UPF accesses the private UPF, realizing the dedicated or private UPF.
  • a method for restricting user terminals from accessing UPF includes the following steps:
  • Step S1 Configure private UPF
  • Step S2 SMF obtains the identification information of the current user terminal
  • Step S3 The SMF selects the UPF for the current user terminal according to the identification information.
  • the step S1 includes:
  • Step S101 Configure identification information of at least one specific user terminal in the private UPF
  • Step S102 The private UPF sends the configured identification information of the specific user terminal when registering with the SMF;
  • Step S103 The SMF saves the identification information of a specific user terminal, and establishes a mapping table from the identification information to the corresponding private UPF.
  • the step S2 includes:
  • Step S201 The current user terminal initiates a PDU session establishment request to the core network through a nearby base station;
  • Step S202 The AMF receives the PDU session establishment request of the current user terminal, and forwards the PDU session establishment request to the SMF, and the request carries the identification information of the current user terminal;
  • Step S203 The SMF receives the PDU session establishment request, and saves the identification information of the current user terminal.
  • the identification information includes but is not limited to SUPI, MSISDN or PEI.
  • the step S3 includes:
  • Step S301 The SMF selects a UPF group among the UPFs managed by the SMF according to the existing UPF selection method;
  • Step S302 judge whether there is a private UPF in the UPF group, if there is a private UPF, go to step S303; if not, go to step S305;
  • Step S303 Judge whether the private UPF can provide services for the current user terminal, if yes, go to step S304; if not, go to step S305;
  • Step S304 selecting the private UPF to provide services for the current user terminal
  • Step S305 Select a non-private UPF in the UPF group to provide services for the current user terminal.
  • a specific user terminal can be connected to multiple private UPFs.
  • step S303 it is judged according to the mapping table whether the private UPF can provide services for the current user terminal.
  • the mapping table includes the corresponding relationship between the identification information of the specific user terminal and the private UPF.
  • the identification information in the mapping table is empty, it means that the private UPF does not restrict the identification information of the user terminal.
  • the private UPF can provide services for the current user terminal.
  • Non-specific user terminals access ordinary UPF, which meets the needs of specific user terminals and achieves the purpose of user-level UPF access restriction.
  • Figure 1 is a schematic diagram of the steps of restricting user terminal access to UPF according to the present invention
  • Figure 2 is a schematic diagram of the steps of configuring a private UPF according to the present invention.
  • FIG. 3 is a schematic diagram of the steps in which the SMF of the present invention obtains the identification information of the current user terminal;
  • FIG. 4 is a schematic diagram of the steps in which the SMF of the present invention selects the UPF for the current user terminal according to the identification information;
  • Figure 5 is a flow chart of matching and accessing UPF of the present invention.
  • Fig. 6 is a schematic diagram of SMF selecting UPF access according to the present invention.
  • the present invention achieves the purpose of UPF user-level access restriction, and the method of using identification information matching achieves the effect of a specific user terminal accessing a private UPF, and realizes the exclusiveness or privacy of the UPF.
  • the method for restricting user terminal access to UPF of the present invention is as follows:
  • Step S1 configure private UPF, the specific steps are as follows:
  • Step S101 Configure identification information of a specific user terminal in the private UPF
  • the identification information of one or more specific user terminals is configured in the private UPF.
  • the identification information may be a single identification information, an identification information interval or a null value.
  • Step S102 The private UPF sends the configured identification information of the specific user terminal when registering with the SMF;
  • each private UPF sends identification information of a specific user terminal to the SMF of its home core network.
  • the identification information includes but is not limited to the following: SUPI, MSISDN, PEI, etc.
  • SUPI, MSISDN and PEI can determine a user terminal to the greatest extent, ensuring that only specific user terminals can access the corresponding private UPF.
  • SUPI SUbscription Permanent Identifier user permanent identification
  • MSISDN Mobile Station international ISDN number mobile station identification code
  • PEI Permanent Equipment Identifier permanent equipment identification
  • Step S103 The SMF saves the identification information of the specific user terminal, and establishes a mapping table from the identification information to the corresponding private UPF.
  • the SMF establishes a mapping table from the identification information to the corresponding private UPF according to the identification information of the specific user terminal sent by the private UPF.
  • a specific user terminal can be connected to multiple private UPFs. If the identification information is empty, it means that no restriction is imposed on the identification information of the user terminal; the identification information carrying symbol (*) represents an identification information interval, and the identification information of the user terminal to which the UPF restricts access is within the identification interval.
  • the following table is an example of the mapping between the identification information in the SMF and the UPF. This example is only an example and does not represent the final solution.
  • Step S2 SMF obtains the identification information of the current user terminal, which specifically includes:
  • Step S201 The current user terminal UE initiates a PDU session establishment request to the core network by connecting to a nearby base station.
  • the base station forwards the PDU session establishment request of the user terminal UE to the AMF of the home core network, and the request includes identification information such as SUCI and PEI of the user terminal UE.
  • Step S202 The AMF receives the PDU session establishment request of the current user terminal UE, interacts with the control plane network functions (AUSF, UDM, NSSF, etc.), and verifies the identity of the user terminal UE.
  • SUPI corresponds to MSISDN and so on, and then forwards the PDU session establishment request to SMF.
  • Step S203 The SMF receives the PDU session establishment request, and saves the identification information of the current user terminal UE.
  • Step S3 The SMF selects the UPF for the current user terminal according to the identification information.
  • SMF After SMF obtains the identification information of the current user terminal UE, it first selects the UPF group according to the existing UPF selection method; the existing UPF selection method such as the patent CN108307402A method, device and system for managing UPF, the patent CN110149675A is a UPF selection method and Device, but not limited to this method, here is just an example.
  • the existing UPF selection method such as the patent CN108307402A method, device and system for managing UPF
  • the patent CN110149675A is a UPF selection method and Device, but not limited to this method, here is just an example.
  • the private UPF is selected to provide services for the current user terminal. If the private UPF cannot provide services for the current user terminal UE, select a non-private UPF in the UPF group to provide services for the current user terminal. If there is no private UPF, select a non-private UPF in the UPF group to provide services for the current user terminal.
  • SMF1 when the user terminal UE1 is connected to the core network, SMF1 first selects the UPF group (UPF1, UPF2, UPF3, UPF4, UPF5, etc.) according to the identification information of the user terminal according to a certain selection method; UPF1, UPF2, and UPF3 are private UPFs, and UPF4 and UPF5 are non-private UPFs.
  • UPF1, UPF2, and UPF3 are private UPFs
  • UPF4 and UPF5 are non-private UPFs.
  • the identification information of the current user terminal UE1 meets the identification information corresponding to UPF1, and UPF1 can provide services for UE1.
  • SMF1 selects UPF1 to provide services for the current user terminal UE1.
  • SMF1 When the user terminal UE2 connects to the core network, SMF1 first selects the UPF group (UPF1, UPF2, UPF3, UPF4, UPF5, etc.) according to the identification information of the user terminal according to a certain selection method; among them, UPF1, UPF2 and UPF3 They are private UPF, and UPF4 and UPF5 are non-private UPF.
  • UPF1, UPF2 and UPF3 They are private UPF
  • UPF4 and UPF5 are non-private UPF.
  • the identification information of the current user terminal UE2 does not meet the identification information corresponding to the private UPF, and the private UPF cannot provide services for UE2.
  • SMF1 designates a non-private UPF in the selected UPF to provide services for the current user terminal UE2 (such as UPF4).
  • the SMF2 When the user terminal UE3 is connected to the core network, the SMF2 first selects the UPF group (UPF6) according to a certain selection method according to the identification information of the user terminal, where UPF6 is not a private UPF. As shown in Fig. 6, there is no private UPF in the UPF group selected by SMF2. SMF designates a UPF in the UPF group to provide services for the current user terminal UE3 (for example, UPF6).

Abstract

Provided in the present invention is a method for limiting a user terminal in accessing a UPF. The method comprises: firstly, configuring a private UPF; an SMF acquiring identification information of the current user terminal; and the SMF selecting a UPF for the current user terminal according to the identification information. According to the present invention, the purpose of user-level access restriction of the UPF is realized, and specificity or privacy of the UPF is realized.

Description

一种限制用户终端接入UPF的方法A method of restricting user terminal access to UPF 技术领域Technical field
本发明涉及移动通信领域,特别涉及一种限制用户终端接入UPF的方法。The present invention relates to the field of mobile communication, in particular to a method for restricting user terminals from accessing UPF.
背景技术Background technique
在目前5G核心网中,会话管理功能实体(SMF)管理着一个或多个用户平面功能实体(UPF)。用户终端UE注册成功后,SMF负责选择UPF与用户终端UE连接。同时,SMF还负责用户终端UE和数据网络DN的PDU会话的建立、修改和释放。In the current 5G core network, the session management function entity (SMF) manages one or more user plane function entities (UPF). After the user terminal UE is successfully registered, the SMF is responsible for selecting the UPF to connect with the user terminal UE. At the same time, the SMF is also responsible for the establishment, modification and release of the PDU session between the user terminal UE and the data network DN.
目前选择UPF的方法有很多种,中国专利申请公开号为CN108307402A,发明名称为“管理UPF的方法、装置及系统”,根据预设区域中一个或多个UPF的能力信息,比如节点信息、Qos信息、支持的APN信息、支持的DCN信息、网络切片信息和业务类型信息等等,再结合CPF的节点信息、位置/区域信息、UE的请求、Qos信息、DCN信息、APN等等,灵活地选择UPF。提升了管理和选择UPF的灵活性,面向比较宽泛,并未提及UPF对用户终端接入限制的。There are many ways to select UPF. The Chinese patent application publication number is CN108307402A, and the title of the invention is "Methods, devices and systems for managing UPF". According to the capability information of one or more UPFs in the preset area, such as node information, Qos Information, supported APN information, supported DCN information, network slice information, service type information, etc., combined with CPF node information, location/area information, UE request, Qos information, DCN information, APN, etc., flexibly Choose UPF. The flexibility of management and selection of UPF is improved, and the orientation is relatively broad, and there is no mention of UPF's restrictions on user terminal access.
中国专利申请公开号为CN110149675A,发明名称为“一种UPF选择方法和装置”,通过获取UPF支持的业务应用ID,与用户终端UE的业务应用ID进行匹配,解决了当前5G使用DNN等参数选择UPF时的不准确问题,并未涉及使用用户终端的SUPI等标识信息。The Chinese patent application publication number is CN110149675A, and the invention name is "A UPF selection method and device". By obtaining the service application ID supported by UPF, it matches the service application ID of the user terminal UE, which solves the current 5G use of DNN and other parameter selection The inaccuracy during UPF does not involve the use of the SUPI and other identification information of the user terminal.
中国专利申请公开号为CN108271229A,发明名称为“一种用户面选择方法及装置”,通过确定UE接入应用服务器的变化,为UE重新选择UPF,实现业 务路径的优化和增强,并未提及对私有UPF的选择策略。The Chinese patent application publication number is CN108271229A, and the title of the invention is "a user plane selection method and device". By determining the change of the UE's access to the application server, the UPF is re-selected for the UE to optimize and enhance the business path. Selection strategy for private UPF.
SMF管理的一个或多个UPF的功能基本都与现有技术相同,如数据包检查,分组路由转发,PDU会话与数据网络的连接点,Qos处理和策略控制等等。不同之处在于,UPF支持的业务类型、地理位置信息、接入点等等信息,现有UPF的选择方法大多根据所述一种或多种信息来控制UPF的选择,并未提及对接入UPF的用户终端进行限制的策略。The functions of one or more UPFs managed by SMF are basically the same as those of the prior art, such as data packet inspection, packet routing and forwarding, connection points between PDU sessions and data networks, QoS processing and policy control, and so on. The difference is that the service type, geographic location information, access point and other information supported by UPF, the existing UPF selection methods mostly control the selection of UPF based on the one or more kinds of information, and there is no mention of docking. The user terminal that enters the UPF carries out the restriction strategy.
以上现有技术均能达到为用户终端UE接入UPF的目的。但是在5G核心网中,对于一些私有UPF,需要对接入该UPF的用户终端进行限制,只有某些特定用户终端才能接入该UPF。The above existing technologies can all achieve the purpose of accessing the UPF for the user terminal UE. However, in the 5G core network, for some private UPFs, user terminals accessing the UPF need to be restricted, and only certain specific user terminals can access the UPF.
在某些特殊情况下,特定用户终端UE需要对应的私有UPF提供服务才能正常工作。同时,其它用户终端可能会连接到该私有UPF,占用该私有UPF的资源,间接影响特定用户终端UE的正常工作。In some special cases, a specific user terminal UE needs a corresponding private UPF to provide services in order to work normally. At the same time, other user terminals may connect to the private UPF, occupy the resources of the private UPF, and indirectly affect the normal operation of the specific user terminal UE.
发明内容Summary of the invention
有鉴于此,为了解决上述问题,本发明提供一种限制用户终端接入UPF的方法,让特定用户终端接入了私有UPF,满足了用户级接入限制,避免了其它不需要接入该私有UPF的用户终端接入该私有UPF,实现了UPF的专用或私有性。In view of this, in order to solve the above problems, the present invention provides a method for restricting user terminals from accessing UPF, allowing specific user terminals to access private UPF, satisfying user-level access restrictions, and avoiding other users that do not need to access the private UPF. The user terminal of the UPF accesses the private UPF, realizing the dedicated or private UPF.
本发明的技术方案如下:The technical scheme of the present invention is as follows:
一种限制用户终端接入UPF的方法,包括以下步骤:A method for restricting user terminals from accessing UPF includes the following steps:
步骤S1、配置私有UPF;Step S1: Configure private UPF;
步骤S2、SMF获取当前用户终端的标识信息;Step S2, SMF obtains the identification information of the current user terminal;
步骤S3、SMF根据标识信息为当前用户终端选择UPF。Step S3: The SMF selects the UPF for the current user terminal according to the identification information.
具体的,所述的步骤S1包括:Specifically, the step S1 includes:
步骤S101、在私有UPF中配置至少一个特定用户终端的标识信息;Step S101: Configure identification information of at least one specific user terminal in the private UPF;
步骤S102、私有UPF向SMF注册时发送配置的特定用户终端的标识信息;Step S102: The private UPF sends the configured identification information of the specific user terminal when registering with the SMF;
步骤S103、所述SMF保存特定用户终端的标识信息,并建立所述标识信息到对应的私有UPF的映射表。Step S103: The SMF saves the identification information of a specific user terminal, and establishes a mapping table from the identification information to the corresponding private UPF.
具体的,所述的步骤S2包括:Specifically, the step S2 includes:
步骤S201、当前用户终端通过附近的基站向核心网发起PDU会话建立请求;Step S201: The current user terminal initiates a PDU session establishment request to the core network through a nearby base station;
步骤S202、AMF接收当前用户终端的PDU会话建立请求,并转发PDU会话建立请求到SMF,请求中携带当前用户终端的标识信息;Step S202: The AMF receives the PDU session establishment request of the current user terminal, and forwards the PDU session establishment request to the SMF, and the request carries the identification information of the current user terminal;
步骤S203、SMF接收PDU会话建立请求,保存所述当前用户终端的标识信息。Step S203: The SMF receives the PDU session establishment request, and saves the identification information of the current user terminal.
优选的,所述的标识信息包括但不限于SUPI、MSISDN或PEI。Preferably, the identification information includes but is not limited to SUPI, MSISDN or PEI.
具体的,所述的步骤S3包括:Specifically, the step S3 includes:
步骤S301、SMF根据现有UPF选择方法在归属其管理的UPF中选出UPF组;Step S301: The SMF selects a UPF group among the UPFs managed by the SMF according to the existing UPF selection method;
步骤S302、判断UPF组中是否有私有UPF,如果有则到步骤S303;如果没有,则到步骤S305;Step S302, judge whether there is a private UPF in the UPF group, if there is a private UPF, go to step S303; if not, go to step S305;
步骤S303、判断私有UPF是否能为当前用户终端提供服务,如果是,则到步骤S304;如果否,则到步骤S305;Step S303: Judge whether the private UPF can provide services for the current user terminal, if yes, go to step S304; if not, go to step S305;
步骤S304、选择所述私有UPF为当前用户终端提供服务;Step S304, selecting the private UPF to provide services for the current user terminal;
步骤S305、在所述UPF组中选择一个非私有UPF为当前用户终端提供服务。Step S305: Select a non-private UPF in the UPF group to provide services for the current user terminal.
优选的,一个特定用户终端能与多个私有UPF连接。Preferably, a specific user terminal can be connected to multiple private UPFs.
优选的,所述的步骤S303中,是根据映射表来判断私有UPF是否能为当前用户终端提供服务的。Preferably, in the step S303, it is judged according to the mapping table whether the private UPF can provide services for the current user terminal.
优选的,所述映射表中包括了特定用户终端的标识信息与私有UPF的对应关系。Preferably, the mapping table includes the corresponding relationship between the identification information of the specific user terminal and the private UPF.
优选的,如果映射表中的标识信息为空,表示私有UPF对用户终端的所述标识信息不做限制。Preferably, if the identification information in the mapping table is empty, it means that the private UPF does not restrict the identification information of the user terminal.
优选的,所述当前用户终端的标识信息满足映射表中私有UPF对应的标识信息时,所述私有UPF可以为当前用户终端提供服务。Preferably, when the identification information of the current user terminal satisfies the identification information corresponding to the private UPF in the mapping table, the private UPF can provide services for the current user terminal.
本发明的有益效果在于:The beneficial effects of the present invention are:
在SMF中保存私有UPF和该UPF支持的特定用户终端的标识信息,方便SMF判断该UPF组中的私有UPF可以为当前用户终端UE提供服务,确保了特定 用户终端一定接入相应的私有UPF,非特定用户终端则接入普通UPF,满足了特定用户终端的需求,达到了用户级UPF接入限制的目的。Save the private UPF and the identification information of the specific user terminal supported by the UPF in the SMF, so that the SMF can judge that the private UPF in the UPF group can provide services for the current user terminal UE, ensuring that the specific user terminal must access the corresponding private UPF. Non-specific user terminals access ordinary UPF, which meets the needs of specific user terminals and achieves the purpose of user-level UPF access restriction.
附图说明Description of the drawings
图1为本发明的限制用户终端接入UPF的步骤示意图;Figure 1 is a schematic diagram of the steps of restricting user terminal access to UPF according to the present invention;
图2为本发明配置私有UPF的步骤示意图;Figure 2 is a schematic diagram of the steps of configuring a private UPF according to the present invention;
图3为本发明SMF获取当前用户终端的标识信息的步骤示意图;FIG. 3 is a schematic diagram of the steps in which the SMF of the present invention obtains the identification information of the current user terminal;
图4为本发明SMF根据标识信息为当前用户终端选择UPF的步骤示意图;FIG. 4 is a schematic diagram of the steps in which the SMF of the present invention selects the UPF for the current user terminal according to the identification information;
图5为本发明的匹配和接入UPF流程图;Figure 5 is a flow chart of matching and accessing UPF of the present invention;
图6为本发明的SMF选择UPF接入的示意图。Fig. 6 is a schematic diagram of SMF selecting UPF access according to the present invention.
具体实施方式Detailed ways
下面结合附图对本公开实施例进行详细描述。The embodiments of the present disclosure will be described in detail below with reference to the accompanying drawings.
以下通过特定的具体实例说明本公开的实施方式,本领域技术人员可由本说明书所揭露的内容轻易地了解本公开的其他优点与功效。显然,所描述的实施例仅仅是本公开一部分实施例,而不是全部的实施例。本公开还可以通过另外不同的具体实施方式加以实施或应用,本说明书中的各项细节也可以基于不同观点与应用,在没有背离本公开的精神下进行各种修饰或改变。需说明的是,在不冲突的情况下,以下实施例及实施例中的特征可以相互组合。基于本公开中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的 所有其他实施例,都属于本公开保护的范围。The following describes the implementation of the present disclosure through specific specific examples, and those skilled in the art can easily understand other advantages and effects of the present disclosure from the content disclosed in this specification. Obviously, the described embodiments are only a part of the embodiments of the present disclosure, rather than all of the embodiments. The present disclosure can also be implemented or applied through other different specific embodiments, and various details in this specification can also be modified or changed based on different viewpoints and applications without departing from the spirit of the present disclosure. It should be noted that, in the case of no conflict, the following embodiments and the features in the embodiments can be combined with each other. Based on the embodiments in the present disclosure, all other embodiments obtained by those of ordinary skill in the art without creative work fall within the protection scope of the present disclosure.
实施例一Example one
本发明实现了UPF用户级接入限制的目的,使用标识信息匹配的方法达到了特定用户终端接入私有UPF的效果,实现了UPF的专用或私有性。The present invention achieves the purpose of UPF user-level access restriction, and the method of using identification information matching achieves the effect of a specific user terminal accessing a private UPF, and realizes the exclusiveness or privacy of the UPF.
本发明的限制用户终端接入UPF的方法如下:The method for restricting user terminal access to UPF of the present invention is as follows:
步骤S1、配置私有UPF,具体的步骤如下:Step S1, configure private UPF, the specific steps are as follows:
步骤S101、在私有UPF中配置特定用户终端的标识信息;Step S101: Configure identification information of a specific user terminal in the private UPF;
在私有UPF部署时,向私有UPF中配置一个或多个特定用户终端的标识信息。所述标识信息可以为单个标识信息、标识信息区间或空值。When the private UPF is deployed, the identification information of one or more specific user terminals is configured in the private UPF. The identification information may be a single identification information, an identification information interval or a null value.
步骤S102、私有UPF向SMF注册时发送配置的特定用户终端的标识信息;Step S102: The private UPF sends the configured identification information of the specific user terminal when registering with the SMF;
在UPF注册时,每个私有UPF都向其归属核心网的SMF发送特定用户终端的标识信息,所述特定用户终端为一个或多个,所述标识信息包括但不限于以下几种:SUPI、MSISDN、PEI等等。根据用户的需求,在配置UPF时,使用所述标识信息中的一种或多种对接入该UPF的用户终端进行限制。使用一种或多种标识信息配置UPF,以满足不同的UPF配置需求。SUPI、MSISDN和PEI能最大程度地确定一个用户终端,确保只有特定用户终端才能接入对应的私有UPF。During UPF registration, each private UPF sends identification information of a specific user terminal to the SMF of its home core network. There are one or more specific user terminals. The identification information includes but is not limited to the following: SUPI, MSISDN, PEI, etc. According to user requirements, when configuring the UPF, one or more of the identification information is used to restrict user terminals that access the UPF. Use one or more types of identification information to configure UPF to meet different UPF configuration requirements. SUPI, MSISDN and PEI can determine a user terminal to the greatest extent, ensuring that only specific user terminals can access the corresponding private UPF.
SUPI:SUbscription Permanent Identifier用户永久标识;SUPI: SUbscription Permanent Identifier user permanent identification;
MSISDN:Mobile Station international ISDN number移动台识别码;MSISDN: Mobile Station international ISDN number mobile station identification code;
PEI:Permanent Equipment Identifier永久设备标识。PEI: Permanent Equipment Identifier permanent equipment identification.
步骤S103、SMF保存特定用户终端的标识信息,并建立所述标识信息到对 应的私有UPF的映射表。Step S103: The SMF saves the identification information of the specific user terminal, and establishes a mapping table from the identification information to the corresponding private UPF.
SMF根据私有UPF发送的特定用户终端的标识信息,建立标识信息到对应私有UPF的映射表。一个特定用户终端可以与多个私有UPF连接。所述标识信息为空代表不对用户终端的该标识信息做任何限制;所述标识信息携带符号(*)代表一个标识信息区间,UPF限制接入的用户终端的标识信息处于所述标识区间内。下表为SMF中的标识信息与UPF的映射表示例,此示例只是举例说明,不代表最终方案。The SMF establishes a mapping table from the identification information to the corresponding private UPF according to the identification information of the specific user terminal sent by the private UPF. A specific user terminal can be connected to multiple private UPFs. If the identification information is empty, it means that no restriction is imposed on the identification information of the user terminal; the identification information carrying symbol (*) represents an identification information interval, and the identification information of the user terminal to which the UPF restricts access is within the identification interval. The following table is an example of the mapping between the identification information in the SMF and the UPF. This example is only an example and does not represent the final solution.
Figure PCTCN2019127745-appb-000001
Figure PCTCN2019127745-appb-000001
步骤S2、SMF获取当前用户终端的标识信息,具体包括:Step S2, SMF obtains the identification information of the current user terminal, which specifically includes:
步骤S201、当前用户终端UE通过连接附近的基站,向核心网发起PDU会话建立请求。基站将用户终端UE的PDU会话建立请求转发给归属核心网的AMF,请求中包含用户终端UE的SUCI、PEI等等标识信息。Step S201: The current user terminal UE initiates a PDU session establishment request to the core network by connecting to a nearby base station. The base station forwards the PDU session establishment request of the user terminal UE to the AMF of the home core network, and the request includes identification information such as SUCI and PEI of the user terminal UE.
步骤S202、AMF接收当前用户终端UE的PDU会话建立请求,与控制面网络功能(AUSF、UDM、NSSF等等)进行交互,对用户终端UE的身份进行验证,如解密SUCI得到SUPI,查找与该SUPI对应得MSISDN等等,然后将PDU会话建立请求转发给SMF。Step S202: The AMF receives the PDU session establishment request of the current user terminal UE, interacts with the control plane network functions (AUSF, UDM, NSSF, etc.), and verifies the identity of the user terminal UE. SUPI corresponds to MSISDN and so on, and then forwards the PDU session establishment request to SMF.
步骤S203、SMF接收PDU会话建立请求,保存当前用户终端UE的标识信息。Step S203: The SMF receives the PDU session establishment request, and saves the identification information of the current user terminal UE.
步骤S3、SMF根据标识信息为当前用户终端选择UPF。Step S3: The SMF selects the UPF for the current user terminal according to the identification information.
具体包括:Specifically:
SMF获取当前用户终端UE的标识信息后,先根据现有的UPF选择方法选出UPF组;现有的UPF选择方法如专利CN108307402A管理UPF的方法、装置及系统,专利CN110149675A一种UPF选择方法和装置,但不限于这一种方法,这里只是举例说明。After SMF obtains the identification information of the current user terminal UE, it first selects the UPF group according to the existing UPF selection method; the existing UPF selection method such as the patent CN108307402A method, device and system for managing UPF, the patent CN110149675A is a UPF selection method and Device, but not limited to this method, here is just an example.
判断UPF组中是否有私有UPF,如果有,并且该私有UPF可以为当前用户终端UE提供服务,则选择该私有UPF为当前用户终端提供服务。如果该私有UPF不能为当前用户终端UE提供服务,则在UPF组中选择一个非私有UPF为当前用户终端提供服务。如果没有私有UPF,则在UPF组中选择一个非私有UPF为当前用户终端提供服务。It is judged whether there is a private UPF in the UPF group, and if there is, and the private UPF can provide services for the current user terminal UE, then the private UPF is selected to provide services for the current user terminal. If the private UPF cannot provide services for the current user terminal UE, select a non-private UPF in the UPF group to provide services for the current user terminal. If there is no private UPF, select a non-private UPF in the UPF group to provide services for the current user terminal.
在图6的实例中,用户终端UE1连接核心网时,SMF1根据该用户终端的标识信息,先根据一定的选择方法,选出UPF组(UPF1,UPF2,UPF3,UPF4,UPF5等等);其中UPF1、UPF2和UPF3为私有UPF,UPF4和UPF5为非私有UPF。图6所示的映射表中,当前用户终端UE1的标识信息满足UPF1对应的标识信息,UPF1可以为UE1提供服务。SMF1选择UPF1为当前用户终端UE1提供服务。In the example of Figure 6, when the user terminal UE1 is connected to the core network, SMF1 first selects the UPF group (UPF1, UPF2, UPF3, UPF4, UPF5, etc.) according to the identification information of the user terminal according to a certain selection method; UPF1, UPF2, and UPF3 are private UPFs, and UPF4 and UPF5 are non-private UPFs. In the mapping table shown in FIG. 6, the identification information of the current user terminal UE1 meets the identification information corresponding to UPF1, and UPF1 can provide services for UE1. SMF1 selects UPF1 to provide services for the current user terminal UE1.
用户终端UE2连接核心网时,SMF1根据该用户终端的标识信息,先根据一定的选择方法,选出选出UPF组(UPF1,UPF2,UPF3,UPF4,UPF5等等);其中UPF1、UPF2和UPF3为私有UPF,UPF4和UPF5为非私有UPF。图6所示映射表中,当前用户终端UE2的标识信息不满足私有UPF对应的标识信息,私有UPF不能为UE2提供服务。,SMF1在选出的UPF中指定一个非私有UPF为当前用户终端UE2提供服务(如UPF4)。When the user terminal UE2 connects to the core network, SMF1 first selects the UPF group (UPF1, UPF2, UPF3, UPF4, UPF5, etc.) according to the identification information of the user terminal according to a certain selection method; among them, UPF1, UPF2 and UPF3 They are private UPF, and UPF4 and UPF5 are non-private UPF. In the mapping table shown in FIG. 6, the identification information of the current user terminal UE2 does not meet the identification information corresponding to the private UPF, and the private UPF cannot provide services for UE2. , SMF1 designates a non-private UPF in the selected UPF to provide services for the current user terminal UE2 (such as UPF4).
用户终端UE3连接核心网时,SMF2根据该用户终端的标识信息,先根据一定的选择方法选出UPF组(UPF6),其中UPF6不是私有UPF。图6所示SMF2选 出的UPF组中没有私有UPF,SMF在UPF组中指定一个UPF为当前用户终端UE3提供服务(如UPF6)。When the user terminal UE3 is connected to the core network, the SMF2 first selects the UPF group (UPF6) according to a certain selection method according to the identification information of the user terminal, where UPF6 is not a private UPF. As shown in Fig. 6, there is no private UPF in the UPF group selected by SMF2. SMF designates a UPF in the UPF group to provide services for the current user terminal UE3 (for example, UPF6).
以上仅为说明本发明的实施方式,并不用于限制本发明,对于本领域的技术人员来说,凡在本发明的精神和原则之内,不经过创造性劳动所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。The above is only to illustrate the embodiments of the present invention and not to limit the present invention. For those skilled in the art, all modifications, equivalent substitutions, and improvements made without creative work are within the spirit and principle of the present invention. Etc., should be included in the protection scope of the present invention.

Claims (10)

  1. 一种限制用户终端接入UPF的方法,其特征在于:包括以下步骤:A method for restricting user terminal access to UPF is characterized in that it includes the following steps:
    步骤S1、配置私有UPF;Step S1: Configure private UPF;
    步骤S2、SMF获取当前用户终端的标识信息;Step S2, SMF obtains the identification information of the current user terminal;
    步骤S3、SMF根据标识信息为当前用户终端选择UPF。Step S3: The SMF selects the UPF for the current user terminal according to the identification information.
  2. 根据权利要求1所述的一种限制用户终端接入UPF的方法,其特征在于:所述的步骤S1包括:The method for restricting user terminal access to UPF according to claim 1, characterized in that: said step S1 comprises:
    步骤S101、在私有UPF中配置至少一个特定用户终端的标识信息;Step S101: Configure identification information of at least one specific user terminal in the private UPF;
    步骤S102、私有UPF在向SMF注册时发送配置的特定用户终端的标识信息;Step S102: The private UPF sends the configured identification information of the specific user terminal when registering with the SMF;
    步骤S103、所述SMF保存特定用户终端的标识信息,并建立所述标识信息到对应的私有UPF的映射表。Step S103: The SMF saves the identification information of a specific user terminal, and establishes a mapping table from the identification information to the corresponding private UPF.
  3. 根据权利要求1所述的一种限制用户终端接入UPF的方法,其特征在于:所述的步骤S2包括:The method for restricting user terminal access to UPF according to claim 1, characterized in that: said step S2 comprises:
    步骤S201、当前用户终端通过附近的基站向核心网发起PDU会话建立请求;Step S201: The current user terminal initiates a PDU session establishment request to the core network through a nearby base station;
    步骤S202、AMF接收当前用户终端的PDU会话建立请求,并转发PDU会话建立请求到SMF,请求中携带当前用户终端的标识信息;Step S202: The AMF receives the PDU session establishment request of the current user terminal, and forwards the PDU session establishment request to the SMF, and the request carries the identification information of the current user terminal;
    步骤S203、SMF接收PDU会话建立请求,保存所述当前用户终端的标识信息。Step S203: The SMF receives the PDU session establishment request, and saves the identification information of the current user terminal.
  4. 根据权利要求1至3任意一项所述的一种限制用户终端接入UPF的方法,其特征在于:所述的标识信息包括但不限于SUPI、MSISDN或PEI。The method for restricting user terminal access to UPF according to any one of claims 1 to 3, characterized in that: the identification information includes but is not limited to SUPI, MSISDN or PEI.
  5. 根据权利要求1所述的一种限制用户终端接入UPF的方法,其特征在于:所述的步骤S3包括:The method for restricting user terminal access to UPF according to claim 1, characterized in that: said step S3 comprises:
    步骤S301、SMF根据现有UPF选择方法在归属其管理的UPF中选出UPF组;Step S301: The SMF selects a UPF group from the UPF managed by the SMF according to the existing UPF selection method;
    步骤S302、判断UPF组中是否有私有UPF,如果有则到步骤S303;如果没有,则到步骤S305;Step S302: Determine whether there is a private UPF in the UPF group, if there is a private UPF, go to step S303; if not, go to step S305;
    步骤S303、判断私有UPF是否能为当前用户终端提供服务,如果是,则到步骤S304;如果否,则到步骤S305;Step S303: Judge whether the private UPF can provide services for the current user terminal, if yes, go to step S304; if not, go to step S305;
    步骤S304、选择所述私有UPF为当前用户终端提供服务;Step S304: Select the private UPF to provide services for the current user terminal;
    步骤S305、在所述UPF组中选择一个非私有UPF为当前用户终端提供服务。Step S305: Select a non-private UPF in the UPF group to provide services for the current user terminal.
  6. 根据权利要求5所述的一种限制用户终端接入UPF的方法,其特征在于:一个特定用户终端能与一个以上的私有UPF连接。A method for restricting user terminal access to UPF according to claim 5, characterized in that: a specific user terminal can be connected to more than one private UPF.
  7. 根据权利要求5所述的一种限制用户终端接入UPF的方法,其特征在于:所述的步骤S303中,是根据映射表来判断私有UPF是否能为当前用户终端提供服务的。A method for restricting user terminal access to UPF according to claim 5, characterized in that: in said step S303, it is judged according to the mapping table whether the private UPF can provide services for the current user terminal.
  8. 根据权利要求7所述的一种限制用户终端接入UPF的方法,其特征在 于:所述映射表中包括了特定用户终端的标识信息与私有UPF的对应关系。A method for restricting user terminals from accessing UPF according to claim 7, characterized in that: the mapping table includes the corresponding relationship between the identification information of the specific user terminal and the private UPF.
  9. 根据权利要求7或8所述的一种限制用户终端接入UPF的方法,其特征在于:当前用户终端的标识信息满足映射表中私有UPF对应的标识信息时,所述私有UPF可以为当前用户终端提供服务。A method for restricting user terminal access to UPF according to claim 7 or 8, characterized in that: when the identification information of the current user terminal meets the identification information corresponding to the private UPF in the mapping table, the private UPF may be the current user The terminal provides services.
  10. 根据权利要求8所述的一种限制用户终端接入UPF的方法,其特征在于:如果映射表中的标识信息为空,表示私有UPF对用户终端的所述标识信息不做限制。The method for restricting user terminal access to UPF according to claim 8, characterized in that: if the identification information in the mapping table is empty, it means that the private UPF does not restrict the identification information of the user terminal.
PCT/CN2019/127745 2019-10-15 2019-12-24 Method for restricting user terminal to access upf WO2021072970A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910977304.6A CN110602803B (en) 2019-10-15 2019-10-15 Method for limiting user terminal to access UPF
CN201910977304.6 2019-10-15

Publications (1)

Publication Number Publication Date
WO2021072970A1 true WO2021072970A1 (en) 2021-04-22

Family

ID=68867349

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/127745 WO2021072970A1 (en) 2019-10-15 2019-12-24 Method for restricting user terminal to access upf

Country Status (2)

Country Link
CN (1) CN110602803B (en)
WO (1) WO2021072970A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110602803B (en) * 2019-10-15 2020-12-08 广州爱浦路网络技术有限公司 Method for limiting user terminal to access UPF
BR112022019957A2 (en) * 2020-03-31 2022-12-13 Huawei Tech Co Ltd METHOD FOR OBTAINING TERMINAL DEVICE, DEVICE AND SYSTEM IDENTIFIER
CN114071791B (en) * 2020-08-06 2024-01-26 北京佰才邦技术股份有限公司 User plane function information reporting method, access network equipment and core network equipment
CN113422772B (en) * 2021-06-22 2023-05-30 中国联合网络通信集团有限公司 Private network terminal access processing method and device and electronic equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108271229A (en) * 2018-01-31 2018-07-10 中国联合网络通信集团有限公司 A kind of user plane selection method and device
WO2018224126A1 (en) * 2017-06-06 2018-12-13 Telefonaktiebolaget Lm Ericsson (Publ) Technique for user plane function allocation
CN110049504A (en) * 2018-01-15 2019-07-23 华为技术有限公司 A kind of conversation managing method and device
CN110149675A (en) * 2018-02-11 2019-08-20 大唐移动通信设备有限公司 A kind of UPF selection method and device
CN110167003A (en) * 2018-01-12 2019-08-23 华为技术有限公司 Conversation managing method, equipment and system
CN110602803A (en) * 2019-10-15 2019-12-20 广州爱浦路网络技术有限公司 Method for limiting user terminal to access UPF

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108307402A (en) * 2016-08-31 2018-07-20 中兴通讯股份有限公司 Manage the method, apparatus and system of UPF
US10728952B2 (en) * 2017-01-09 2020-07-28 Huawei Technologies Co., Ltd. System and methods for session management
JP6931066B2 (en) * 2017-05-09 2021-09-01 華為技術有限公司Huawei Technologies Co.,Ltd. Session management method and system and terminal
CN113596744B (en) * 2017-09-30 2023-11-03 华为技术有限公司 Communication method, device and system
CN109996346B (en) * 2017-12-29 2021-07-16 华为技术有限公司 Session establishment method, device and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018224126A1 (en) * 2017-06-06 2018-12-13 Telefonaktiebolaget Lm Ericsson (Publ) Technique for user plane function allocation
CN110167003A (en) * 2018-01-12 2019-08-23 华为技术有限公司 Conversation managing method, equipment and system
CN110049504A (en) * 2018-01-15 2019-07-23 华为技术有限公司 A kind of conversation managing method and device
CN108271229A (en) * 2018-01-31 2018-07-10 中国联合网络通信集团有限公司 A kind of user plane selection method and device
CN110149675A (en) * 2018-02-11 2019-08-20 大唐移动通信设备有限公司 A kind of UPF selection method and device
CN110602803A (en) * 2019-10-15 2019-12-20 广州爱浦路网络技术有限公司 Method for limiting user terminal to access UPF

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Procedures for the 5G System (5GS); Stage 2 (Release 16)", 3GPP STANDARD; TECHNICAL SPECIFICATION; 3GPP TS 23.502, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, no. V16.2.0, 30 September 2019 (2019-09-30), Mobile Competence Centre ; 650, route des Lucioles ; F-06921 Sophia-Antipolis Cedex ; France, pages 1 - 525, XP051784671 *
ANONYMOUS: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; System Architecture for the 5G System (5GS); Stage 2 (Release 16)", 3GPP STANDARD; TECHNICAL SPECIFICATION; 3GPP TS 23.501, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. SA WG2, no. V16.2.0, 24 September 2019 (2019-09-24), Mobile Competence Centre ; 650, route des Lucioles ; F-06921 Sophia-Antipolis Cedex ; France, pages 1 - 391, XP051784669 *
HUAWEI ET AL.: "Update to Solution 15: Support of Traffic Routing in Backbone UP", 3GPP TSG-SA WG2 MEETING #129, S2-1810787, 19 October 2018 (2018-10-19), XP051539736 *

Also Published As

Publication number Publication date
CN110602803A (en) 2019-12-20
CN110602803B (en) 2020-12-08

Similar Documents

Publication Publication Date Title
CN109842906B (en) Communication method, device and system
JP7240689B2 (en) Control plane based configuration for time sensitive networking
CN109314917B (en) Network slice selection strategy updating method and device
US10939276B2 (en) Method and apparatus for session management function selection
CN111010673B (en) Communication method and device
WO2021072970A1 (en) Method for restricting user terminal to access upf
WO2019114684A1 (en) User policy acquisition
US11445515B2 (en) Network slice selection based on requested service
WO2021135663A1 (en) Application instance determination method, device, and system
JP2023500931A (en) Policy-based Access and Mobility Management Function (AMF) selection using Network Slice Selection Assistance Information (NSSAI) availability information
US20120063437A1 (en) Method for supporting pdn gw selection
EP3445072B1 (en) Mobile radio communication network and method for associating a mobile radio terminal device to a network slice instance of a mobile radio communication network
WO2020048469A1 (en) Communication method and apparatus
US20090010249A1 (en) Method of distributing geo-localisation information
CN114902634A (en) Apparatus and method for providing information of application server in mobile communication system
WO2018045983A1 (en) Information processing method and device, and network system
EP2469962A1 (en) Methods and systems for implementing inter-network roam, querying and attaching network
WO2021051420A1 (en) Dns cache record determination method and apparatus
WO2022052875A1 (en) Terminal cross-region communication method, network element device, and storage medium
JP2021508418A (en) How to connect network components, communication terminals, communication terminals and how to use communication networks
JP2021526744A (en) How to make mobile and mobile network configurations work to support non-public networks
CN113709905A (en) Communication method, device and computer readable storage medium
JP7268203B2 (en) Access control component and method for controlling usage of mobile communication system
EP4068848A1 (en) Communication network arrangement and method for selecting a network function of a communication network
CN113438641B (en) Group processing method, equipment and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19949085

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19949085

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 10/10/2022)

122 Ep: pct application non-entry in european phase

Ref document number: 19949085

Country of ref document: EP

Kind code of ref document: A1