WO2021239098A1 - 业务获取方法、装置、通信设备及可读存储介质 - Google Patents

业务获取方法、装置、通信设备及可读存储介质 Download PDF

Info

Publication number
WO2021239098A1
WO2021239098A1 PCT/CN2021/096692 CN2021096692W WO2021239098A1 WO 2021239098 A1 WO2021239098 A1 WO 2021239098A1 CN 2021096692 W CN2021096692 W CN 2021096692W WO 2021239098 A1 WO2021239098 A1 WO 2021239098A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
terminal
service
data
authentication process
Prior art date
Application number
PCT/CN2021/096692
Other languages
English (en)
French (fr)
Inventor
康艳超
秦飞
Original Assignee
维沃移动通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 维沃移动通信有限公司 filed Critical 维沃移动通信有限公司
Priority to EP21813736.2A priority Critical patent/EP4149173A4/en
Priority to JP2022572363A priority patent/JP7416984B2/ja
Publication of WO2021239098A1 publication Critical patent/WO2021239098A1/zh
Priority to US17/993,864 priority patent/US20230096402A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/18Selecting a network or a communication service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • H04W48/10Access restriction or access information delivery, e.g. discovery data delivery using broadcasted information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • H04W8/205Transfer to or from user equipment or user record carrier
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W60/00Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration
    • H04W60/04Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration using triggered events
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data

Definitions

  • This application belongs to the field of communication technology, and specifically relates to a service acquisition method, device, communication device, and readable storage medium.
  • a terminal when a terminal obtains a service from a certain network, it needs to sign a contract with the operator of the network in advance, and obtain the service provided by the operator based on the contract data. It can be seen that the existing business acquisition methods are relatively simple.
  • the purpose of the embodiments of the present application is to provide a service acquisition method, device, communication device, and readable storage medium, so as to solve the problem that the existing service acquisition method is relatively single.
  • a service acquisition method which is applied to a terminal, and includes:
  • a service acquisition method is provided, which is applied to a network side device in a first network, including:
  • connection Establishing a connection with the terminal, wherein the connection is established by the terminal using subscription data requested by the terminal, and the subscription data is obtained by the terminal from the second network;
  • a service acquisition method is provided, which is applied to a network-side device in a second network, including:
  • the subscription data is used by the terminal to select a first network according to the subscription data, access the first network, and obtain the subscription data corresponding to the subscription data from the first network Contract business.
  • a service acquisition device which is applied to a terminal, and includes:
  • the first obtaining module is used to obtain contract data from the second network
  • the selection module is configured to use the subscription data to select the first network
  • the second acquiring module is configured to acquire the contract service corresponding to the contract data from the first network.
  • a service acquisition device which is applied to a network side device in a first network, and includes:
  • An establishment module configured to establish a connection with a terminal, wherein the connection is established by the terminal using subscription data requested by the terminal, and the subscription data is obtained by the terminal from the second network;
  • the transmission module is used to transmit the subscription service corresponding to the subscription data to the terminal.
  • a service acquisition device which is applied to a network-side device in a second network, and includes:
  • the sending module is configured to send subscription data to the terminal; wherein the subscription data is used by the terminal to select a first network according to the subscription data, access the first network, and obtain all the data from the first network The contracted business corresponding to the contracted data.
  • a communication device in a seventh aspect, includes a processor, a memory, and a program or instruction that is stored on the memory and can run on the processor, and the program or instruction is executed by the processor. When executed, the steps of the method described in the first aspect, or the steps of the method described in the second aspect, or the steps of the method described in the third aspect are implemented.
  • a readable storage medium is provided, and a program or instruction is stored on the readable storage medium.
  • the program or instruction is executed by a processor, the steps of the method described in the first aspect are implemented, or The steps of the method described in the second aspect, or the steps of the method described in the third aspect.
  • a chip in a ninth aspect, includes a processor and a communication interface.
  • the communication interface is coupled to the processor.
  • a computer software product is provided, the computer software product is stored in a non-volatile storage medium, and the software product is configured to be executed by at least one processor to implement the computer software product described in the first aspect.
  • a communication device configured to perform the method described in the first aspect, or the method described in the second aspect, or the method described in the third aspect .
  • the terminal may obtain contract data from the second network, use the contract data to select the first network, access the first network, and obtain the contract service corresponding to the contract data from the first network.
  • the terminal may dynamically obtain contract data through a third-party entity, and to obtain the contracted service in the current network (previously not associated with the terminal) based on the contracted data, thereby enriching service obtaining methods.
  • FIG. 1 is a schematic structural diagram of a wireless communication system provided by an embodiment of the present application.
  • FIG. 2 is a flowchart of a service acquisition method provided by an embodiment of the present application
  • FIG. 3 is a flowchart of another service acquisition method provided by an embodiment of the present application.
  • Fig. 4 is a flowchart of another service acquisition method provided by an embodiment of the present application.
  • FIG. 5 is a schematic structural diagram of a service acquisition apparatus provided by an embodiment of the present application.
  • FIG. 6 is a schematic structural diagram of another service acquisition apparatus provided by an embodiment of the present application.
  • FIG. 7 is a schematic structural diagram of another service acquisition apparatus provided by an embodiment of the present application.
  • FIG. 8 is a schematic structural diagram of a communication device provided by an embodiment of the present application.
  • FIG. 9 is a schematic structural diagram of a terminal provided by an embodiment of the present application.
  • FIG. 10 is a schematic structural diagram of a network side device provided by an embodiment of the present application.
  • first and second in the specification and claims of this application are used to distinguish similar objects, but not to describe a specific sequence or sequence. It should be understood that the data used in this way can be interchanged under appropriate circumstances, so that the embodiments of the present application can be implemented in an order other than those illustrated or described here, and the objects distinguished by "first” and “second” It is usually one type, and the number of objects is not limited.
  • the first object may be one or more.
  • “and/or” in the description and claims means at least one of the connected objects, and the character “/” generally means that the associated objects before and after are in an "or” relationship.
  • LTE Long Term Evolution
  • LTE-A Long Term Evolution-Advanced
  • CDMA Code Division Multiple Access
  • TDMA Time Division Multiple Access
  • FDMA Frequency Division Multiple Access
  • OFDMA Orthogonal Frequency Division Multiple Access
  • SC-FDMA Single-carrier Frequency-Division Multiple Access
  • system and “network” in the embodiments of the present application are often used interchangeably, and the described technology can be used for the aforementioned systems and radio technologies as well as other systems and radio technologies.
  • NR New Radio
  • 6G 6th Generation
  • Fig. 1 shows a block diagram of a wireless communication system to which an embodiment of the present application can be applied.
  • the wireless communication system includes a terminal 11 and a network side device 12.
  • the terminal 11 may also be referred to as a terminal device or a user terminal (User Equipment, UE), and the terminal 11 may be a mobile phone, a tablet computer (Tablet Personal Computer), a laptop computer (Laptop Computer), or a notebook computer or a personal digital device.
  • UE User Equipment
  • Terminal-side devices such as vehicle user equipment (VUE) and pedestrian terminal (PUE), and wearable devices include: bracelets, headsets, glasses, etc. It should be noted that the specific type of the terminal 11 is not limited in the embodiment of the present application.
  • the network side device 12 may be a base station and/or a core network, where the base station may be called Node B, Evolved Node B, Access Point, Base Transceiver Station (BTS), radio base station, radio transceiver, Basic Service Set (BSS), Extended Service Set (ESS), Node B, Evolved Node B (eNB), Home Node B, Home Evolved Node B, Wireless Local Area Network , WLAN) access point, wireless fidelity (Wireless Fidelity, WiFi) node, transmitting and receiving point (Transmitting Receiving Point, TRP) or some other appropriate term in the field, as long as the same technical effect is achieved, the base station It is not limited to a specific technical vocabulary. It should be noted that in the embodiments of the present application, only the base station in the NR system is taken as an example, but the specific type of the base station is not limited.
  • Entities in the core network including but not limited to Access Management Function (AMF), Authentication Server Function (AUSF), Policy Control Function (PCF), Session Management Function (Session Management Function (SMF), User Plane Function (UPF), Charging Function (CHF), Unified Data Management (UDM), Network Exposure Function (NEF), etc.
  • AMF Access Management Function
  • AUSF Authentication Server Function
  • PCF Policy Control Function
  • Session Management Function Session Management Function
  • UPF User Plane Function
  • Charging Function CHF
  • UDM Unified Data Management
  • NEF Network Exposure Function
  • FIG. 2 is a flowchart of a service acquisition method provided by an embodiment of the present application. The method is applied to a terminal. As shown in FIG. 2, the method includes the following steps:
  • Step 201 Obtain contract data from the second network.
  • Step 202 Use the subscription data to select a first network, and access the first network.
  • Step 203 Obtain the subscription service corresponding to the subscription data from the first network.
  • the first network and the second network may belong to the same network, or may belong to different networks.
  • the first network may be a fifth generation (5 th Generation, 5G) public land mobile network (Public Land Mobile Network, PLMN) , a non-public network (Non-Public Network, NPN) , or other mobile communication networks.
  • the second network may be 5G PLMN, NPN, third-party service provider network, mobile phone manufacturer network, or other mobile communication network.
  • the terminal may obtain the contracted business service in the form of multicast or broadcast in the first network. Before acquiring the contracted business service in the form of multicast or broadcast, the terminal may receive the access information provided by the first network to acquire the multicast or broadcast service.
  • the terminal acquires the subscription data from the network side device and/or the application layer in the second network.
  • the foregoing access to the first network is essentially: the terminal establishes a connection with the network side device in the first network.
  • the foregoing acquisition of the contracted service from the first network is essentially: the terminal obtains the contracted service from the network-side device in the first network.
  • the terminal can obtain contract data from the second network, use the contract data to select the first network, and access the first network, and obtain the contract service corresponding to the contract data from the first network .
  • the terminal can dynamically obtain contract data through a third-party entity, and to obtain the contracted service in the current network (previously not associated with the terminal) based on the contracted data, thereby enriching service obtaining methods.
  • the above-mentioned subscription data may also be referred to as specific subscription data.
  • the above-mentioned contract data can be any one of permanent contract data and temporary contract data, that is, the contract data can be temporary contract data or permanent contract data.
  • For permanent subscription data it can be 5G PLMN subscription data, NPN subscription data, or other mobile network subscription data.
  • For temporary subscription data it can be 1) 5G PLMN subscription data for a certain period of time, NPN subscription data, or subscription data for other mobile networks; the subscription data is only valid for this period of time, for example, several days after accessing the network; 2) Signing data of a certain business, such as audio/video of concerts, video of competitions, games of Augmented Reality (AR)/Virtual Reality (VR) services, etc.; the data is contracted It can specify the service quality (Quality of Service, QoS) level of the service provided; 3) The subscription data of a specific location, such as the wireless data service subscription data of a specific location such as shopping malls, conference venues, and campuses.
  • the type of temporary contract data is not limited in the embodiment of this application.
  • the second network provides a way for the terminal to sign up, that is, the way for the terminal to obtain contract data from the second network may include any one of the following:
  • the terminal obtains the contract data through the application layer of the second network; for example, the terminal obtains the contract data through a direct connection with the second network, logging in to the webpage of the second network or application (APP) and other application layer forms;
  • APP application
  • the terminal obtains the subscription data through the physical entity of the second network; this physical entity includes but is not limited to the subscriber identification module (SIM) of the second network;
  • SIM subscriber identification module
  • the terminal obtains the subscription data through the application layer and physical entity of the second network.
  • the second network provides subscription data for the terminal in the form of an embedded SIM card (eSIM card) or a soft SIM card (soft SIM).
  • eSIM card embedded SIM card
  • soft SIM soft SIM
  • the second network may also provide the subscription data to the first network with a cooperative relationship.
  • the first network may store the contract data in a contract database such as Unified Data Management (UDM).
  • UDM Unified Data Management
  • the subscription data provided by the second network for the terminal may include an access security token provided for the terminal to authenticate a legitimate base station in the first network.
  • the second network may also provide the same access security token token to the first network.
  • the subscription data including the terminal identifier; the terminal identifier can be a permanent terminal identifier, such as International Mobile Subscriber Identity (IMSI), Subscription Permanent Identifier (SUPI) or other forms of terminal permanent logo
  • IMSI International Mobile Subscriber Identity
  • SUPI Subscription Permanent Identifier
  • a service access identifier that includes at least one of a user name and a password; at this time, the first network and the second network can agree on the form of authentication of the terminal, such as a packet data unit (PDU) session establishment process
  • PDU packet data unit
  • the secondary authorization or authentication process Secondary authentication/authorization by a DN-AAA server during the establishment of a PDU Session
  • the service access identifier including at least one of the user name and password; at this time, the first network and the second network can agree on the form of authentication of the terminal, such as the authorization and authentication process based on network slice (network slice- specific authorization and authentication, NSSAA).
  • network slice network slice- specific authorization and authentication, NSSAA
  • the above-mentioned contract data may also include at least one of the following:
  • the name of the data network that provides the contracted service for example, can be an access point name (Access Point Name, APN), a data network name (Data Network Name, DNN), or other forms of data network names.
  • APN Access Point Name
  • DNN Data Network Name
  • the terminal before the terminal obtains the service through the first network, it needs to access the first network and complete the authentication process through the contract data.
  • the terminal needs to complete the user real-name authentication process before acquiring the contract data from the second network.
  • the user real-name authentication process includes, but is not limited to, the user's input of a personal identification (Identifier, ID), the user's input of a facial ID, and so on.
  • the terminal may also determine that the first network can provide the subscription service through the indication in the subscription data and/or the broadcast information of the first network, that is, determine that the first network can provide Required business.
  • the indicator in the broadcast information of the first network may be, but is not limited to, any of the following:
  • the first network may add an indicator bit to the existing system broadcast information (System Information Block (System Information Block, SIB)), or add new system broadcast information (SIB) to broadcast the indicator.
  • SIB System Information Block
  • SIB new system broadcast information
  • the foregoing process of determining that the first network can provide a contracted service may include, but is not limited to, any of the following:
  • the indication identifier is a service name
  • the first network can provide the contracted service by including the location information of the service in the location information for providing the contracted service provided by the contract data;
  • the indication identifier is a second network identifier
  • the indication identifier is a first network identifier
  • the terminal when the terminal discovers the first network, the terminal can authenticate the first network through a certain security mechanism.
  • the security mechanism can be:
  • the second network also provides the same token to the first network
  • the indication identifier in the broadcast information of the first network that is, the specific indication broadcast by the first network, such as the service name, the first network identifier, the second network identifier, etc., are ciphertext encrypted by the token;
  • the terminal uses the token provided by the second network to decrypt, obtain the indication identifier of the plaintext, and compare it with the indication identifier provided by the second network to determine the current Whether the network has a legal first network base station authorized by the second network.
  • SIB broadcast information
  • the foregoing process of determining that the first network can provide the contract service may include: obtaining broadcast information of the first network, where the broadcast information includes the first ciphertext; and decrypting the first ciphertext using the token obtained from the second network In the case of decrypting to obtain the plaintext indication identifier, it is determined that the first network is a legal network authorized by the second network; through the plaintext indication identifier is included in the obtained subscription data, it is determined that the first network can provide Contract business.
  • the process for the terminal to access the first network may be: using the subscription data obtained from the second network, sending a registration request message to the first network, and completing the registration process initiated according to the registration request message During the authentication process, access to the first network.
  • the registration request message may include: a slice identifier for providing services to the terminal. That is, the terminal needs to include the slice identifier that provides services for the terminal in the requested slice information provided in the registration request message,
  • the foregoing authentication and authentication process may include a real-name authentication process, that is, the real-name authentication process is completed during the registration process.
  • a real-name authentication process that is, the real-name authentication process is completed during the registration process.
  • the real-name authentication process can include any of the following:
  • the terminal completes the real-name authentication process (including but not limited to the user’s personal ID input, the user’s facial ID input, etc.) while obtaining the contract data from the second network.
  • the first network passes and The interaction of the second network completes the real-name authentication process;
  • the terminal and the first network complete the real-name authentication process through the real-name authentication interaction process (including but not limited to the user's input of personal ID, user's input of facial ID, etc.).
  • the terminal may also skip the authentication in the registration process initiated according to the registration request message. Right authentication process, and access to the first network.
  • the relevant authentication and authentication conditions may include:
  • the authentication and authentication process can be selected as the authentication and authentication process in the existing registration process of the 5G network:
  • the first network executes the existing authentication and authentication process; optionally, complete the real-name authentication process in the authentication and authentication process, for example, refer to the above-mentioned real-name authentication process;
  • the first network needs to determine to provide the UE according to the UE’s instructions (newly added in the registration request message, the second network identity, etc.) or the UE’s identity and other information
  • the second network that signs the contract, and obtains the contract corresponding to the UE ID from the second network, and executes the existing authentication and authentication process; optionally, complete the real-name authentication process in the authentication and authentication process, for example, refer to the above-mentioned real-name authentication process;
  • the subscription data provided by the second network is not the subscription data that contains the UE identity such as IMSI or SUPI
  • the UE needs to provide special instructions during the registration process (for example, through the requested slice identification), and the first network skips the existing
  • the authentication process in the registration process marks the UE as a special user.
  • the first network and the second network agree to authenticate the UE in the form of slice-based authentication (NSAAA)
  • the first network may perform the slice authentication process for the UE based on the slice provided by the UE; optionally, in Complete the real-name authentication process during the slice authentication process, for example, refer to the above-mentioned real-name authentication process;
  • the process for the terminal to obtain the subscription service corresponding to the subscription data from the first network may include: the terminal sends a PDU session establishment request to the first network, and establishes a PDU session according to the PDU session establishment request Data connection, and obtain the subscription service corresponding to the subscription data through the PDU session data connection.
  • the terminal may first obtain service-related policy (policy) information from the first network, including but not limited to User Equipment Routing Selection Policy (URSP) , Access and mobility management strategies, etc.
  • policy policy
  • the URSP may include information such as a slice identifier for the terminal to establish a PDU session for acquiring data services, and a data network name DNN.
  • the terminal may carry other information such as DNN and slice identifier in the PDU session establishment request message.
  • the DNN, slice identification and other information may come from the subscription data obtained from the second network, or from the URSP information provided by the first network.
  • the terminal may perform the real-name authentication process in the secondary authorization or authentication process (Secondary Authentication/Authorization) initiated by the first network.
  • Secondary Authentication/Authorization Secondary Authentication/Authorization
  • the terminal may also perform the first network initiation before establishing the PDU session data connection
  • the terminal requests the network slice authorization and authentication process of the slice.
  • the network slice authorization and authentication process includes: a real-name recognition process completed through a real-name authentication interaction process, including but not limited to a user's personal ID input, a user's facial ID input, and so on.
  • the UE establishes a PDU session data connection in the first network and obtains subscription data.
  • Related content may include:
  • the first network and the second network agree to authenticate the UE in the form of secondary authorization or authentication during the establishment of a PDU session (Secondary authentication/authorization by a DN-AAA server during the establishment of a PDU Session) ,
  • the first network initiates the secondary authorization or authentication process on behalf of the second network;
  • the real-name authentication process is completed in the secondary authorization or authentication process, for example, refer to the above-mentioned real-name authentication process;
  • PDU session data connection can be associated with information such as DNN and slice ID given in the contract data;
  • the UE can establish a QoS flow of the QoS level required by the contracted service.
  • the QoS level is the QoS level allowed in the contract data or the policy provided by the first network.
  • the first network and the second network complete the charging function at the same time or after the terminal obtains the contracted service.
  • the terminal can perform charging data statistics and report according to the instructions of the first network.
  • the first network and the second network agree that the charging executor is the first network, and agree on a charging split mode.
  • the first network completes charging data statistics and generates bills.
  • the charging method agreed upon by the second network and the UE is: charging according to traffic.
  • the first network and the second network agree that the charging executor is the second network, and agree on a charging split mode.
  • the second network and the UE agree on a charging method: charging according to traffic, charging according to service events (events, concerts, etc.), or charging according to duration (such as monthly charging, etc.).
  • the first network completes charging data statistics and provides it to the second network, and the second network charges the UE and splits the charging with the first network according to the agreement.
  • Figure 3 is a flowchart of a service acquisition method provided by an embodiment of the present application.
  • the method is applied to network side equipment in the first network, including but not limited to base stations, AMF, AUSF, SMF, CHF, NEF, etc.; as shown in Figure 3, the method includes the following steps:
  • Step 301 Establish a connection with a terminal, the connection being established by the terminal using subscription data requested by the terminal, the subscription data being acquired by the terminal from the second network.
  • the first network and the second network may belong to the same network, or may belong to different networks.
  • the first network can be 5G PLMN, NPN, or other mobile communication networks.
  • the second network may be 5G PLMN, NPN, third-party service provider network, mobile phone manufacturer network, or other mobile communication network.
  • the above-mentioned connection may be a PDU session connection, which is established by a PDU session establishment request of the terminal.
  • Step 302 Transmit the contract service corresponding to the contract data to the terminal.
  • the terminal may obtain the contracted business service in the form of multicast or broadcast in the first network. Before acquiring the contracted business service in the form of multicast or broadcast, the terminal may receive the access information provided by the first network to acquire the multicast or broadcast service.
  • the service acquisition method of the embodiment of the present application can support the terminal to dynamically obtain contract data through a third-party entity, and obtain the contract service in the current network (previously not associated with the terminal) based on the contract data, thereby enriching service acquisition methods.
  • the first network may negotiate with the second network the content of the agreement to provide services for the terminal.
  • the content of the agreement may include but is not limited to at least one of the following: the name of the contracted service, the location information for providing the contracted service, the time information for providing the contracted service, the token, and the business security certificate.
  • the first network may send at least one of the following to the second network: slice identification, service QoS information, data network information DNN, and so on.
  • the first network may obtain the subscription data of the terminal from the second network.
  • the content of the agreement may also include at least one of the following: whether the terminal requires a network slicing authorization and authentication (NSSAA) process for requesting slices, and whether the terminal needs to perform a secondary authorization or authentication (Secondary Authentication/Authorization) process , The charging mechanism of the first network and the second network, the real-name authentication mechanism, etc.
  • NSSAA network slicing authorization and authentication
  • Secondary Authentication/Authorization Secondary Authentication/Authorization
  • the first network may also send broadcast information to the terminal.
  • the broadcast information may include an indication identifier or an indication identifier encrypted with a token; the indication identifier is used by the terminal to determine that the first network can provide the contracted service.
  • the indicator may be specifically as described in the embodiment of FIG. 2.
  • the base station in the first network sends broadcast information to the terminal.
  • the first network (for example, the base station in the first network) may provide the terminal with configuration information for obtaining services in the form of broadcast or multicast.
  • the foregoing process of establishing a connection with the terminal may include: receiving a registration request message sent by the terminal, completing an authentication process in the registration process initiated according to the registration request message, and establishing a connection with the terminal.
  • the AMF entity in the first network may complete the registration process
  • the AUSF entity in the first network may complete the authentication and authentication process
  • the SMF in the first network may establish a connection with the terminal.
  • the authentication process includes a real-name authentication process.
  • the first network interacts with the first network to obtain the subscription data of the terminal.
  • the real-name authentication process can include any of the following:
  • the first network completes the real-name authentication process through interaction with the second network
  • the first network and the terminal complete the real-name authentication process through the real-name authentication interaction process.
  • the process of establishing a connection with the terminal may include: receiving a registration request message sent by the terminal, and skipping the registration request message initiated according to the registration request message.
  • the authentication process in the registration process and the establishment of a connection with the terminal may include: receiving a registration request message sent by the terminal, and skipping the registration request message initiated according to the registration request message.
  • the first network may also perform network slicing authorization for the requested slicing of the terminal And authentication process.
  • NSSAA network slicing authorization and authentication
  • the network slice authorization and authentication process includes: a real-name recognition process completed through a real-name authentication interactive process.
  • the first network interacts with the network, and the second network completes network slice-specific authentication, authorization, and accounting (AAA) server functions.
  • AAA authentication, authorization, and accounting
  • the first network may send service acquisition policy information to the terminal.
  • the policy information includes but is not limited to URSP, access and mobility management policies, etc.
  • the URSP may include information such as a slice identifier for the terminal to establish a PDU session for acquiring data services, and a data network name DNN.
  • the second network dynamically updates the service requirement information to the first network (directly through the PCF or NEF entity) for the first network to dynamically generate service policy information.
  • the first network may perform a real-name authentication process in a secondary authorization or authentication (Secondary Authentication/Authorization) process with the terminal.
  • a secondary authorization or authentication Secondary Authentication/Authorization
  • the second network completes the data network (DN)-AAA server function.
  • the first network and the second network complete the charging function at the same time or after the terminal obtains the contracted service.
  • the first network (such as the CHF entity in the first network) may perform the following operations: perform statistics on the charging data, generate charging information, and send the charging information to the terminal; or, perform statistics on the charging data, and The charging data obtained by statistics is sent to the second network, and the second network generates charging information and sends the charging information to the terminal.
  • Figure 4 is a flowchart of a service acquisition method provided by an embodiment of the present application.
  • the method is applied to network side equipment in the second network, including but not limited to base stations, AMF, AUSF, SMF, CHF, etc. ; As shown in Figure 4, the method includes the following steps:
  • Step 401 Send contract data to the terminal; the contract data is used by the terminal to select a first network according to the contract data, access the first network, and obtain the contract data corresponding to the first network from the first network. Contracted business.
  • the first network and the second network may belong to the same network, or may belong to different networks.
  • the first network can be 5G PLMN, NPN, or other mobile communication networks.
  • the second network may be 5G PLMN, NPN, third-party service provider network, mobile phone manufacturer network, or other mobile communication network.
  • the service acquisition method of the embodiment of the present application can support the terminal to dynamically obtain contract data through a third-party entity, and obtain the contract service in the current network (previously not associated with the terminal) based on the contract data, thereby enriching service acquisition methods.
  • the second network may negotiate with the first network the content of the agreement to provide services for the terminal.
  • the content of the agreement may include but is not limited to at least one of the following: the name of the contracted service, the location information for providing the contracted service, the time information for providing the contracted service, the token, and the business security certificate.
  • the second network may receive at least one of the following from the first network: a slice identifier, QoS information of a service, data network information DNN, and so on.
  • the second network may send the subscription data of the terminal to the first network.
  • the content of the protocol may also include at least one of the following: whether the terminal requires a network slicing authorization and authentication (NSSAA) process to request slicing, whether the terminal needs to perform a secondary authorization or authentication process, the first network and the first network 2.
  • NSSAA network slicing authorization and authentication
  • the second network may also perform any one of the following: through interaction with the first network, send terminal subscription data to the first network; or through interaction with the first network, perform authorization and completion of network slicing The authentication process; or, through the interaction with the first network, the authorization and authentication process of the data network is completed.
  • the second network dynamically provides service QoS requirements for the first network to generate policy information
  • the second network may also dynamically request service provision requirements from the first network, and the first network generates service acquisition policy information, and sends the service acquisition policy information to the terminal.
  • the service acquisition strategy information includes but is not limited to user equipment routing strategy URSP, access and mobility management strategy, etc.
  • the URSP may include information such as a slice identifier for the terminal to establish a PDU session for acquiring data services, and a data network name DNN.
  • the first network and the second network complete the charging function at the same time or after the terminal obtains the contracted service.
  • the second network may perform the following operations: receive charging information generated by the first network, and perform charging split with the first network; or, receive charging data generated by the first network, and generate charging information based on the charging data, And send the charging information to the terminal, and perform charging split with the first network.
  • Sub-scenario 1 The first network is VPLMN (Visited PLMN) or Visited NPN (Visited NPN), and the second network is HPLMN (Home PLMN, home PLMN) or Home NPN (home NPN);
  • Sub-scenario 2 The first network is VPLMN (visited PLMN) or Visited NPN (visited NPN), and the second network is a mobile phone manufacturer network or entity.
  • VPLMN visited PLMN
  • Visited NPN Visited NPN
  • the manner in which the second network provides a contract for the terminal can be provided in the form of an application layer and/or a physical entity
  • This scenario is applicable when the form of subscription data is subscription data including terminal identification; while other forms, such as service access identification including at least one of a user name and password, do not apply to this scenario, and correspondingly the terminal in this case The authentication process does not apply to this scenario;
  • the terminal may determine that the first network can provide the contracted service through the network identifier that provides the service given in the subscription data of the second network and contains the identifier of the first network. However, it is not applicable to determine that the first network can provide the contracted service by using the indicator in the broadcast information of the first network;
  • the second network is HPLMN or Home NPN
  • the content a.1.2 in the above embodiment in Figure 2 applies to this scenario, the content a.1.1 does not apply to this scenario, and the content a.2 does not apply to this scenario
  • the second network is In the case of a mobile phone manufacturer’s network
  • the content of a.1.1 in the above embodiment in Figure 2 applies to this scenario, the content of a.1.2 does not apply to this scenario, and the content a.2 does not apply to this scenario;
  • the applicable real-name authentication process is: the terminal and the second network have been real-named authentication, the terminal completes the real-name authentication process while obtaining the contract data from the second network, and the first network passes and The interaction of the second network completes the real-name authentication process;
  • the applicable real-name authentication process is: the terminal and the second network do not have real-name authentication, and the terminal and the first network complete the real-name authentication process through the real-name authentication interaction process ;
  • the applicable charging method is: the first network and the second network agree that the charging executor is the second network, and the charging split method is agreed; the first network completes the charging data statistics and provides it to the second network The second network, the second network charges the terminal, and divides the charging with the first network according to the agreement.
  • Application scenario two competition scene, concert hall scene, movie theater scene
  • the first network may be VPLMN or Visited NPN
  • the second network is a network or entity corresponding to a competition event/concert hall/movie provider.
  • the way that the second network provides the terminal with a subscription can be provided in the form of an application layer, or provided in the form of an application layer and a physical entity; and the form of a separate physical entity is not applicable to this scenario;
  • the first network may be VPLMN or Visited NPN
  • the second network is a network or entity corresponding to a shopping mall.
  • this scenario is applicable to the contract data of a specific location, while the contract data of a certain period of time and the contract data of a certain service are not applicable to this scenario;
  • the way that the second network provides the terminal with a subscription can be provided in the form of an application layer, or provided in the form of an application layer and a physical entity; and the form of a separate physical entity is not applicable to this scenario;
  • the execution subject may be the service acquisition device, or the control module for executing the service acquisition method in the service acquisition device.
  • the service acquisition method executed by the service acquisition device is taken as an example to illustrate the service acquisition device provided in the embodiment of the application.
  • FIG. 5 is a schematic structural diagram of a service acquisition device provided by an embodiment of the present application. The device is applied to a terminal. As shown in FIG. 5, the service acquisition device 50 may include:
  • the first obtaining module 51 is configured to obtain contract data from the second network
  • the selection module 52 is configured to use the subscription data to select the first network
  • the access module 53 is used to access the first network
  • the second obtaining module 54 is configured to obtain the contract service corresponding to the contract data from the first network.
  • the contract data is any one of permanent contract data and temporary contract data.
  • the acquisition of subscription data from the second network includes any one of the following:
  • the subscription data is any one of the following:
  • Contract data including terminal identification
  • the service access identifier including at least one of the user name and the password.
  • the subscription data includes at least one of the following:
  • the service acquisition device 50 further includes:
  • the first execution module is used to execute and complete the user real-name authentication process.
  • the service acquisition device 50 further includes:
  • the determining module is configured to determine that the first network can provide the subscription service through the indication identifier in the subscription data and/or broadcast information of the first network.
  • the determining module is specifically used for any one of the following:
  • the indication identifier is a service name
  • the location information of the service is included in the location information for providing the contracted service provided by the subscription data, so as to determine that the first network can provide the contracted service;
  • the indication identifier is a second network identifier
  • the indication identifier is a first network identifier
  • the one or more first network identifiers included in the subscription data include the first network identifier, and it is determined that the first network can provide the Contract business.
  • the determining module includes:
  • An acquiring unit configured to acquire broadcast information of the first network, wherein the broadcast information includes the first ciphertext
  • a decryption unit configured to use the token obtained from the second network to decrypt the first ciphertext
  • a first determining unit configured to determine that the first network is a legitimate network authorized by the second network in a case where the indication identifier of the plaintext is obtained by decryption;
  • the second determining unit is configured to determine that the first network can provide the contract service by including the indication identifier in the plain text in the subscription data.
  • the access module 53 is specifically configured to:
  • the registration request message includes: a slice identifier for providing a service for the terminal.
  • the authentication and authentication process includes a real-name authentication process; the real-name authentication process includes any one of the following:
  • the terminal completes the real-name authentication process while obtaining the contract data from the second network, and the first network passes the real-name authentication process with the second network.
  • the terminal completes the real-name authentication process while obtaining the contract data from the second network, and the first network passes the real-name authentication process with the second network.
  • the terminal and the first network complete the real-name authentication process through a real-name authentication interaction process.
  • the access module 53 is further configured to: use the subscription data to send a registration request message to the first network, skipping according to the The authentication process in the registration process initiated by the registration request message is to access the first network.
  • the service acquisition device 50 further includes:
  • the second execution module is configured to perform the network slice authorization and authentication process of the terminal request slice initiated by the first network before establishing the PDU session data connection.
  • the network slice authorization and authentication process includes: a real-name recognition process completed through a real-name authentication interaction process.
  • the second obtaining module 54 is specifically configured to: send a PDU session establishment request to the first network, establish a PDU session data connection according to the PDU session establishment request, and obtain all information through the PDU session data connection.
  • the service acquisition device 50 further includes:
  • the third execution module is used to execute the real-name authentication process in the secondary authorization or authentication process initiated by the first network.
  • the service acquisition device 50 further includes:
  • the fourth execution module is configured to perform charging data statistics and reporting according to the instructions of the first network at the same time or after obtaining the contracted service corresponding to the contracted data from the first network.
  • the service acquisition apparatus 50 provided in the embodiment of the present application can implement each process implemented in the method embodiment of FIG. 2 and achieve the same technical effect. To avoid repetition, details are not described herein again.
  • FIG. 6 is a schematic structural diagram of a service acquisition apparatus provided by an embodiment of the present application.
  • the apparatus is applied to a network side device in a first network.
  • the service acquisition apparatus 60 may include:
  • the establishment module 61 is configured to establish a connection with a terminal, where the connection is established by the terminal using subscription data requested by the terminal, and the subscription data is obtained by the terminal from the second network;
  • the transmission module 62 is configured to transmit the subscription service corresponding to the subscription data to the terminal.
  • the service acquisition device 60 further includes:
  • the first negotiation module is used to negotiate with the second network the content of the agreement to provide services for the terminal; the content of the agreement includes at least one of the following: the name of the contracted service, the location information for the contracted service, and the time for the contracted service to be provided Information, token, business security certificate.
  • the service acquisition device 60 further includes:
  • the first transceiver module is configured to send at least one of the following to the second network based on the protocol content: slice identification, service QoS information, data network information; and/or, based on the protocol content, from the The second network obtains the contract data of the terminal.
  • the content of the agreement further includes at least one of the following:
  • the terminal requests whether the slicing requires a network slicing authorization and authentication process, whether the terminal requires a secondary authorization or authentication process, the charging mechanism of the first network and the second network, and the real-name authentication mechanism.
  • the first transceiver module is further configured to: send broadcast information to the terminal based on the protocol content;
  • the broadcast information includes an indication identifier or an indication identifier encrypted with a token; the indication identifier is used by the terminal to determine that the first network can provide the subscription service.
  • the establishment module 61 is specifically configured to:
  • the registration request message sent by the terminal is received, the authentication process is completed in the registration process initiated according to the registration request message, and the connection with the terminal is established.
  • the authentication and authentication process includes a real-name authentication process; the real-name authentication process includes any one of the following:
  • the first network completes the real-name authentication process through interaction with the second network
  • the first network and the terminal complete the real-name authentication process through a real-name authentication interaction process.
  • the establishment module 61 is further configured to:
  • the service acquisition device 60 further includes:
  • the fifth execution module is configured to execute the network slice authorization and authentication process for the requested slice of the terminal before establishing the connection with the terminal.
  • the network slice authorization and authentication process includes: a real-name recognition process completed through a real-name authentication interaction process.
  • the first transceiving module is further configured to: based on the protocol content, send policy information for obtaining services to the terminal.
  • the service acquisition device 60 further includes:
  • the sixth execution module is used to execute the real-name authentication process in the secondary authorization or authentication process with the terminal.
  • the service acquisition device 60 further includes:
  • the first charging module is configured to perform statistics on charging data, generate charging information, and send the charging information to the terminal; or, perform statistics on the charging data, and send the calculated charging data
  • the second network generates charging information and sends the charging information to the terminal.
  • the service acquisition apparatus 60 provided in the embodiment of the present application can implement each process implemented in the method embodiment of FIG. 3 and achieve the same technical effect. To avoid repetition, details are not described herein again.
  • FIG. 7 is a schematic structural diagram of a service acquisition apparatus provided by an embodiment of the present application.
  • the apparatus is applied to a network side device in a second network.
  • the service acquisition apparatus 70 may include:
  • the sending module 71 is configured to send subscription data to the terminal; wherein the subscription data is used by the terminal to select a first network according to the subscription data, access the first network, and obtain it from the first network The contract service corresponding to the contract data.
  • the service acquisition device 70 further includes:
  • the second negotiation module is used to negotiate with the first network the content of the agreement to provide services for the terminal; the content of the agreement includes at least one of the following: the name of the contracted service, the location information for providing the contracted service, and the time for providing the contracted service Information, token, business security certificate.
  • the service acquisition device 70 further includes:
  • the second transceiver module is configured to receive at least one of the following from the first network based on the protocol content: a slice identifier, service QoS information, and data network information;
  • the content of the agreement further includes at least one of the following:
  • the terminal requests whether the slicing requires a network slicing authorization and authentication process, whether the terminal requires a secondary authorization or authentication process, the charging mechanism of the first network and the second network, and the real-name authentication mechanism.
  • the service acquisition device 70 further includes:
  • the sixth execution module is used for any of the following:
  • the authorization and authentication process of completing the network slicing is executed;
  • the first network dynamically requests the service requirement, and the first network generates service acquisition policy information, and sends the service acquisition policy information to the terminal.
  • the service acquisition device 70 further includes:
  • the second charging module is configured to receive charging information generated by the first network, and perform charging division with the first network; or, receive charging data generated by the first network, and generate according to the charging data And send the charging information to the terminal, and perform charging split with the first network.
  • the service acquisition apparatus 70 provided in the embodiment of the present application can implement each process implemented in the method embodiment of FIG. 4 and achieve the same technical effect. To avoid repetition, details are not described herein again.
  • the service acquisition device in the embodiment of the present application may be a device, or a component, integrated circuit, or chip in a terminal.
  • the device can be a mobile terminal or a non-mobile terminal.
  • the mobile terminal may include but is not limited to the types of the terminal 11 listed above, and the non-mobile terminal may be a server, a network attached storage (NAS), a personal computer (PC), a television ( Television, TV), teller machines, self-service machines, etc., are not specifically limited in the embodiments of the present application.
  • the service acquisition device in the embodiment of the present application may be a device with an operating system.
  • the operating system may be an Android operating system, an ios operating system, or other possible operating systems, which are not specifically limited in the embodiment of the present application.
  • an embodiment of the present application further provides a communication device 800, which includes a processor 801, a memory 802, and a program or instruction that is stored on the memory 802 and can run on the processor 801.
  • a communication device 800 which includes a processor 801, a memory 802, and a program or instruction that is stored on the memory 802 and can run on the processor 801.
  • the communication device 800 is a terminal, when the program or instruction is executed by the processor 801, each process of the method embodiment in FIG. 2 can be implemented, and the same technical effect can be achieved.
  • the communication device 800 is a network-side device in the first network, when the program or instruction is executed by the processor 801, each process of the method embodiment in FIG. 3 can be realized, and the same technical effect can be achieved. To avoid repetition, here No longer.
  • the communication device 800 is a network side device in the second network, when the program or instruction is executed by the processor 801, each process of the method embodiment in FIG. 4 can be realized, and the same technical effect can be achieved. To avoid repetition, here No
  • FIG. 9 is a schematic diagram of the hardware structure of a terminal that implements an embodiment of the present application.
  • the terminal 900 includes but is not limited to: a radio frequency unit 901, a network module 902, an audio output unit 903, an input unit 904, a sensor 905, a display unit 906, a user input unit 907, an interface unit 908, a memory 909, a processor 910 and other components .
  • the terminal 900 may also include a power source (such as a battery) for supplying power to various components.
  • the power source may be logically connected to the processor 910 through a power management system, so as to manage charging, discharging, and power consumption through the power management system. Management and other functions.
  • the terminal structure shown in FIG. 9 does not constitute a limitation on the terminal, and the terminal may include more or fewer components than shown in the figure, or combine some components, or different component arrangements, which will not be repeated here.
  • the input unit 904 may include a graphics processing unit (GPU) 9049 and a microphone 9042.
  • the graphics processor 9049 is paired by the image capture device ( For example, the image data of the still picture or video obtained by the camera) is processed.
  • the display unit 906 may include a display panel 9069, and the display panel 9069 may be configured in the form of a liquid crystal display, an organic light emitting diode, or the like.
  • the user input unit 907 includes a touch panel 9079 and other input devices 9072.
  • the touch panel 9079 is also called a touch screen.
  • the touch panel 9079 may include two parts: a touch detection device and a touch controller.
  • Other input devices 9072 may include, but are not limited to, a physical keyboard, function keys (such as volume control buttons, switch buttons, etc.), trackball, mouse, and joystick, which will not be repeated here.
  • the radio frequency unit 901 receives the downlink data from the network-side device and sends it to the processor 910 for processing; in addition, it sends the uplink data to the network-side device.
  • the radio frequency unit 901 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier, a duplexer, and the like.
  • the memory 909 can be used to store software programs or instructions and various data.
  • the memory 909 may mainly include a storage program or instruction area and a data storage area, where the storage program or instruction area may store an operating system, an application program or instruction required by at least one function (such as a sound playback function, an image playback function, etc.).
  • the memory 909 may include a high-speed random access memory, and may also include a non-volatile memory, where the non-volatile memory may be a read-only memory (Read-Only Memory, ROM) or a programmable read-only memory (Programmable ROM).
  • PROM erasable programmable read-only memory
  • Erasable PROM EPROM
  • Electrically erasable programmable read-only memory Electrically EPROM, EEPROM
  • flash memory For example, at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device.
  • the processor 910 may include one or more processing units; optionally, the processor 910 may integrate an application processor and a modem processor, where the application processor mainly processes an operating system, a user interface, and application programs or instructions, etc.
  • the modem processor mainly deals with wireless communication, such as a baseband processor. It can be understood that the foregoing modem processor may not be integrated into the processor 910.
  • the processor 910 is configured to obtain contract data from the second network, use the contract data to select the first network, and access the first network, and obtain the contract data corresponding to the contract data from the first network. Contracted business.
  • terminal 900 provided in the embodiment of the present application can implement each process implemented in the method embodiment of FIG. 2 and achieve the same technical effect. To avoid repetition, details are not described herein again.
  • the embodiment of the present application also provides a network side device.
  • the network side equipment 100 includes: an antenna 101, a radio frequency device 102, and a baseband device 103.
  • the antenna 101 is connected to the radio frequency device 102.
  • the radio frequency device 102 receives information through the antenna 101, and sends the received information to the baseband device 103 for processing.
  • the baseband device 103 processes the information to be sent and sends it to the radio frequency device 102, and the radio frequency device 102 processes the received information and sends it out via the antenna 101.
  • the foregoing frequency band processing apparatus may be located in the baseband apparatus 103, and the method executed by the network-side device in the above embodiment may be implemented in the baseband apparatus 103.
  • the baseband apparatus 103 includes a processor 104 and a memory 105.
  • the baseband device 103 may include, for example, at least one baseband board, and multiple chips are arranged on the baseband board, as shown in FIG.
  • the network side device shown in the above method embodiment operates.
  • the baseband device 103 may also include a network interface 106 for exchanging information with the radio frequency device 102, and the interface is, for example, a common public radio interface (CPRI).
  • CPRI common public radio interface
  • the network-side device of the embodiment of the present application further includes: instructions or programs stored in the memory 105 and capable of running on the processor 104, and the processor 104 calls the instructions or programs in the memory 105 to execute the instructions or programs in FIG. 6 or FIG. 7
  • the execution methods of each module are shown and achieve the same technical effect. In order to avoid repetition, it is not repeated here.
  • the embodiment of the present application also provides a readable storage medium, and the readable storage medium stores a program or instruction.
  • the program or instruction is executed by a processor, each process of the method embodiment shown in FIG. 2 is implemented, or The various processes of the method embodiment shown in FIG. 3 or the various processes of the method embodiment shown in FIG. 4 can be realized, and the same technical effect can be achieved. To avoid repetition, details are not repeated here.
  • the processor is the processor in the terminal described in the foregoing embodiment.
  • the readable storage medium includes a computer readable storage medium, such as a computer read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disks, or optical disks.
  • An embodiment of the present application further provides a chip, the chip includes a processor and a communication interface, the communication interface is coupled to the processor, and the processor is used to run a network-side device program or instruction to implement the above-mentioned FIG. 2
  • the chip includes a processor and a communication interface
  • the communication interface is coupled to the processor
  • the processor is used to run a network-side device program or instruction to implement the above-mentioned FIG. 2
  • chips mentioned in the embodiments of the present application may also be referred to as system-level chips, system-on-chips, system-on-chips, or system-on-chips.
  • the disclosed device and method may be implemented in other ways.
  • the device embodiments described above are merely illustrative, for example, the division of the units is only a logical function division, and there may be other divisions in actual implementation, for example, multiple units or components can be combined or It can be integrated into another system, or some features can be ignored or not implemented.
  • the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or they may be distributed on multiple network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • the functional units in the various embodiments of the present disclosure may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit.
  • the method of the above embodiments can be implemented by means of software plus the necessary general hardware platform. Of course, it can also be implemented by hardware, but in many cases the former is better. ⁇
  • the technical solution of this application essentially or the part that contributes to the existing technology can be embodied in the form of a software product, and the computer software product is stored in a storage medium (such as ROM/RAM, magnetic disk, The optical disc) includes several instructions to make a terminal (which may be a mobile phone, a computer, a server, an air conditioner, or a network side device, etc.) execute the methods described in the various embodiments of the present application.
  • a terminal which may be a mobile phone, a computer, a server, an air conditioner, or a network side device, etc.
  • the program can be stored in a computer readable storage medium. When executed, it may include the procedures of the above-mentioned method embodiments.
  • the storage medium may be a magnetic disk, an optical disc, a read-only memory (Read-Only Memory, ROM), or a random access memory (Random Access Memory, RAM), etc.
  • modules, units, and subunits can be implemented in one or more application specific integrated circuits (ASIC), digital signal processors (Digital Signal Processor, DSP), digital signal processing equipment (DSP Device, DSPD) ), programmable logic devices (Programmable Logic Device, PLD), Field-Programmable Gate Array (Field-Programmable Gate Array, FPGA), general-purpose processors, controllers, microcontrollers, microprocessors, used to execute the present disclosure Described functions in other electronic units or combinations thereof.
  • ASIC application specific integrated circuits
  • DSP Digital Signal Processor
  • DSP Device digital signal processing equipment
  • PLD programmable logic devices
  • Field-Programmable Gate Array Field-Programmable Gate Array
  • FPGA Field-Programmable Gate Array
  • the technology described in the embodiments of the present disclosure can be implemented by modules (for example, procedures, functions, etc.) that perform the functions described in the embodiments of the present disclosure.
  • the software codes can be stored in the memory and executed by the processor.
  • the memory can be implemented in the processor or external to the processor.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本申请公开了一种业务获取方法、装置、通信设备及可读存储介质,属于通信技术领域。应用于终端的业务获取方法包括:从第二网络中获取签约数据;利用所述签约数据,选择第一网络,并接入所述第一网络;从所述第一网络中获取所述签约数据对应的签约业务。

Description

业务获取方法、装置、通信设备及可读存储介质
相关申请的交叉引用
本申请主张在2020年5月28日在中国提交的中国专利申请号No.202010471085.7的优先权,其全部内容通过引用包含于此。
技术领域
本申请属于通信技术领域,具体涉及一种业务获取方法、装置、通信设备及可读存储介质。
背景技术
目前,终端在从某网络中获取业务服务时,需要提前与该网络的运营商签约,并基于签约数据获取该运营商提供的业务。由此可以看出,现有的业务获取方法比较单一。
发明内容
本申请实施例的目的是提供一种业务获取方法、装置、通信设备及可读存储介质,以解决现有的业务获取方法比较单一的问题。
为了解决上述技术问题,本申请是这样实现的:
第一方面,提供了一种业务获取方法,应用于终端,包括:
从第二网络中获取签约数据;
利用所述签约数据,选择第一网络,并接入所述第一网络;
从所述第一网络中获取所述签约数据对应的签约业务
第二方面,提供了一种业务获取方法,应用于第一网络中的网络侧设备,包括:
建立与终端的连接,其中,所述连接是所述终端利用签约数据请求建立的,所述签约数据是所述终端从第二网络中获取的;
向所述终端传输所述签约数据对应的签约业务。
第三方面,提供了一种业务获取方法,应用于第二网络中的网络侧设备, 包括:
向终端发送签约数据;其中,所述签约数据用于所述终端根据所述签约数据选择第一网络,接入所述第一网络,并从所述第一网络中获取所述签约数据对应的签约业务。
第四方面,提供了一种业务获取装置,应用于终端,包括:
第一获取模块,用于从第二网络中获取签约数据;
选择模块,用于利用所述签约数据,选择第一网络;
接入模块,用于接入所述第一网络;
第二获取模块,用于从所述第一网络中获取所述签约数据对应的签约业务。
第五方面,提供了一种业务获取装置,应用于第一网络中的网络侧设备,包括:
建立模块,用于建立与终端的连接,其中,所述连接是所述终端利用签约数据请求建立的,所述签约数据是所述终端从第二网络中获取的;
传输模块,用于向所述终端传输所述签约数据对应的签约业务。
第六方面,提供了一种业务获取装置,应用于第二网络中的网络侧设备,包括:
发送模块,用于向终端发送签约数据;其中,所述签约数据用于所述终端根据所述签约数据选择第一网络,接入所述第一网络,并从所述第一网络中获取所述签约数据对应的签约业务。
第七方面,提供了一种通信设备,该通信设备包括处理器、存储器及存储在所述存储器上并可在所述处理器上运行的程序或指令,所述程序或指令被所述处理器执行时实现如第一方面所述的方法的步骤,或者如第二方面所述的方法的步骤,或者如第三方面所述的方法的步骤。
第八方面,提供了一种可读存储介质,所述可读存储介质上存储程序或指令,所述程序或指令被处理器执行时实现如第一方面所述的方法的步骤,或者如第二方面所述的方法的步骤,或者如第三方面所述的方法的步骤。
第九方面,提供了一种芯片,所述芯片包括处理器和通信接口,所述通信接口和所述处理器耦合,所述处理器用于运行网络侧设备程序或指令,实 现如第一方面所述的方法的步骤,或者如第二方面所述的方法的步骤,或者如第三方面所述的方法的步骤。
第十方面,提供了一种计算机软件产品,所述计算机软件产品被存储在非易失的存储介质中,所述软件产品被配置成被至少一个处理器执行以实现如第一方面所述的方法的步骤,或者如第二方面所述的方法的步骤,或者如第三方面所述的方法的步骤。
第十一方面,提供了一种通信设备,所述通信设备被配置成用于执行如第一方面所述的方法,或者如第二方面所述的方法,或者如第三方面所述的方法。
在本申请实施例中,终端可以从第二网络中获取签约数据,利用所述签约数据,选择第一网络,并接入第一网络,从第一网络中获取该签约数据对应的签约业务。由此,可以支持终端通过第三方实体动态的获取签约数据,并基于该签约数据在(之前与终端无关联的)当下网络中获取签约业务,从而丰富业务获取方式。
附图说明
图1是本申请实施例提供的一种无线通信系统的结构示意图;
图2是本申请实施例提供的一种业务获取方法的流程图;
图3是本申请实施例提供的另一种业务获取方法的流程图;
图4是本申请实施例提供的另一种业务获取方法的流程图;
图5是本申请实施例提供的一种业务获取装置的结构示意图;
图6是本申请实施例提供的另一种业务获取装置的结构示意图;
图7是本申请实施例提供的另一种业务获取装置的结构示意图;
图8是本申请实施例提供的一种通信设备的结构示意图;
图9是本申请实施例提供的一种终端的结构示意图;
图10是本申请实施例提供的一种网络侧设备的结构示意图。
具体实施方式
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行 清楚、完整地描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。
本申请的说明书和权利要求书中的术语“第一”、“第二”等是用于区别类似的对象,而不用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便本申请的实施例能够以除了在这里图示或描述的那些以外的顺序实施,且“第一”、“第二”所区别的对象通常为一类,并不限定对象的个数,例如第一对象可以是一个,也可以是多个。此外,说明书以及权利要求中“和/或”表示所连接对象的至少其中之一,字符“/”一般表示前后关联对象是一种“或”的关系。
值得指出的是,本申请实施例所描述的技术不限于长期演进型(Long Term Evolution,LTE)/LTE的演进(LTE-Advanced,LTE-A)系统,还可用于其他无线通信系统,诸如码分多址(Code Division Multiple Access,CDMA)、时分多址(Time Division Multiple Access,TDMA)、频分多址(Frequency Division Multiple Access,FDMA)、正交频分多址(Orthogonal Frequency Division Multiple Access,OFDMA)、单载波频分多址(Single-carrier Frequency-Division Multiple Access,SC-FDMA)和其他系统。本申请实施例中的术语“系统”和“网络”常被可互换地使用,所描述的技术既可用于以上提及的系统和无线电技术,也可用于其他系统和无线电技术。然而,以下描述出于示例目的描述了新空口(New Radio,NR)系统,并且在以下大部分描述中使用NR术语,尽管这些技术也可应用于NR系统应用以外的应用,如第6代(6th Generation,6G)通信系统。
图1示出本申请实施例可应用的一种无线通信系统的框图。无线通信系统包括终端11和网络侧设备12。其中,终端11也可以称作终端设备或者用户终端(User Equipment,UE),终端11可以是手机、平板电脑(Tablet Personal Computer)、膝上型电脑(Laptop Computer)或称为笔记本电脑、个人数字助理(Personal Digital Assistant,PDA)、掌上电脑、上网本、超级移动个人计算机(ultra-mobile personal computer,UMPC)、移动上网装置(Mobile Internet Device,MID)、可穿戴式设备(Wearable Device)或车载设备(vehicle user  equipment,VUE)、行人终端(pedestrian user equipment,PUE)等终端侧设备,可穿戴式设备包括:手环、耳机、眼镜等。需要说明的是,在本申请实施例并不限定终端11的具体类型。网络侧设备12可以是基站和/或核心网,其中,基站可被称为节点B、演进节点B、接入点、基收发机站(Base Transceiver Station,BTS)、无线电基站、无线电收发机、基本服务集(Basic Service Set,BSS)、扩展服务集(Extended Service Set,ESS)、B节点、演进型B节点(eNB)、家用B节点、家用演进型B节点、无线局域网(Wireless Local Area Network,WLAN)接入点、无线保真(Wireless Fidelity,WiFi)节点、发送接收点(Transmitting Receiving Point,TRP)或所述领域中其他某个合适的术语,只要达到相同的技术效果,所述基站不限于特定技术词汇,需要说明的是,在本申请实施例中仅以NR系统中的基站为例,但是并不限定基站的具体类型。
核心网中的实体,包括但不限于接入移动管理功能(Access Management Function,AMF)、认证服务功能(Authentication Server Function,AUSF)、策略控制功能(Policy Control Function、PCF)、会话管理功能(Session Management Function,SMF)、用户平面功能(User Plane Function,UPF)、计费功能(Charging Function,CHF)、统一数据管理(Unified Data Management,UDM)、网络开放功能(Network Exposure Function,NEF)等。
下面结合附图,通过具体的实施例及其应用场景对本申请实施例提供的业务获取方法进行详细地说明。
请参见图2,图2是本申请实施例提供的一种业务获取方法的流程图,该方法应用于终端,如图2所示,该方法包括如下步骤:
步骤201:从第二网络中获取签约数据。
步骤202:利用所述签约数据,选择第一网络,并接入所述第一网络。
步骤203:从所述第一网络中获取所述签约数据对应的签约业务。
本申请实施例中,第一网络与第二网络可以属于同一网络,也可以属于不同的网络。可选的,第一网络可以是第五代(5 th Generation,5G)公共陆地移动网络(Public Land Mobile Network,PLMN)、非公共网络(Non-Public Network,NPN),或者其他移动通信网络。第二网络可以是5G PLMN、NPN、第三方服务提供商网络、手机制造商网络,或者其他移动通信网络。
一种实施方式中,终端在第一网络中可以通过多播或者广播的形式获取签约业务服务。而在通过多播或者广播的形式获取签约业务服务之前,终端可以接收第一网络提供的获取多播或者广播业务的接入信息。
可理解的,上述从第二网络中获取签约数据实质上为:终端从第二网络中的网络侧设备和/或者应用层获取签约数据。上述接入第一网络实质上为:终端与第一网络中的网络侧设备建立连接。上述从第一网络中获取签约业务实质上为:终端从第一网络中的网络侧设备获取签约业务。
本申请实施例的业务获取方法,终端可以从第二网络中获取签约数据,利用该签约数据,选择第一网络,并接入第一网络,从第一网络中获取该签约数据对应的签约业务。由此,可以支持终端通过第三方实体动态的获取签约数据,并基于该签约数据在(之前与终端无关联的)当下网络中获取签约业务,从而丰富业务获取方式。
本申请实施例中,上述签约数据(credentials)也可称为特定签约数据。上述签约数据可以为永久签约数据和临时签约数据中的任意一者,即该签约数据可以是临时签约数据,也可以是永久签约数据。
对于永久签约数据,可以是5G PLMN签约数据,NPN签约数据,或者其他移动网络的签约数据。
对于临时签约数据,可以是1)某段时间的5G PLMN签约数据,NPN签约数据,或者其他移动网络的签约数据;该签约数据只在该段时间内有效,例如接入网络后的若干天;2)某种业务的签约数据,例如音乐会的音频/视频、比赛赛事的视频、游戏的增强现实(Augmented Reality,AR)/虚拟现实(Virtual Reality,VR)业务等的签约数据;该数据签约中可以规定提供业务的服务质量(Quality of Service,QoS)等级;3)特定位置的签约数据,例如商场、会场、校园等特定位置的无线数据业务的签约数据等。对于临时签约数据的种类,本本申请实施例中不进行限制。
可选的,第二网络为终端提供签约的方式,即终端从第二网络中获取签约数据的方式可以包括以下任意一项:
a.终端通过第二网络的应用层,获取签约数据;比如,终端通过与第二网络的直接连接,登陆第二网络的网页或者应用程序(Application,APP)等 应用层形式,获取签约数据;
b.终端通过第二网络的物理实体,获取签约数据;该物理实体包括但不限于第二网络的用户身份识别卡(Subscriber Identification Module,SIM);
c.终端通过第二网络的应用层和物理实体,获取签约数据。比如,第二网络通过嵌入式SIM卡(eSIM卡),或者软SIM卡(soft SIM)的形式为终端提供签约数据。
可选的,第二网络在为终端提供签约数据的同时,还可以将该签约数据提供给有合作关系的第一网络。第一网络可以将该签约数据存储在统一数据管理(Unified Data Management,UDM)等签约数据库中。
可选的,第二网络为终端提供的签约数据中,可以包括为终端提供用来鉴权第一网络中合法基站的接入安全令牌token。进一步的,第二网络也可将相同的接入安全令牌token提供给第一网络。
可选的,上述签约数据的体现形式可以为以下任意一项:
1)包括终端标识的签约数据;该终端标识可为永久终端标识,比如是国际移动用户识别码(International Mobile Subscriber Identity,IMSI)、签约永久标识(Subscription Permanent Identifier,SUPI)或者其他形式的终端永久标识;
2)包括用户名和密码中至少一者的业务接入标识;此时,第一网络与第二网络可以约定对终端鉴权的形式,比如为分组数据单元(packet data unit,PDU)会话建立过程中的二次授权或鉴权过程(Secondary authentication/authorization by a DN-AAA server during the establishment of a PDU Session);
3)包括用户名和密码中至少一者的业务接入标识;此时,第一网络与第二网络可以约定对终端鉴权的形式,比如为基于网络切片的授权与鉴权过程(network slice-specific authorization and authentication,NSSAA)。
可选的,上述签约数据中还可以包括以下至少一项:
签约服务名称;
提供签约服务的位置信息;
提供签约服务的时间信息;
一个或多个第一网络标识;
第二网络标识;
接入安全令牌token;
业务安全证书;
提供签约服务的切片标识;
提供签约服务的服务质量QoS信息;
提供签约服务的数据网络名称;比如,该数据网络名称可以是接入点名称(Access Point Name,APN)、数据网络名称(Data Network Name,DNN)或者其他形式的数据网络名称。
可选的,终端在通过第一网络获取业务之前,需要接入第一网络,并通过签约数据完成鉴权认证过程。
一种实施方式中,终端在从第二网络中获取签约数据之前,还需执行完成用户实名认证过程。该用户实名认证过程包括但不限于用户输入个人标识(Identifier,ID)、用户录入面部ID等。
可选的,终端在利用签约数据选择第一网络之前,还可通过签约数据和/或第一网络的广播信息中的指示标识,确定第一网络能够提供签约业务,即判定第一网络能够提供所需业务。
其中,第一网络的广播信息中的指示标识可为但不限于以下任意一项:
1)为第二网络用户提供服务的标识,比如“运营商名称”、“服务提供商名称”、“地点(商场,学校,体育馆)名称”等;
2)业务内容标识,比如“音乐会”、“比赛赛事”、“游戏”等的标识。
一种实施方式中,第一网络可以在现有系统广播信息(系统信息块(System Information Block,SIB))中增加指示位,或者增加新的系统广播信息(SIB),用于广播该指示标识。
可选的,上述确定第一网络能够提供签约业务的过程可包括但不限于以下任意一项:
在所述指示标识为服务名称的情况下,通过所述服务名称包含在签约数据提供的签约服务名称中,确定第一网络能够提供签约业务;
在所述指示标识为服务的位置信息的情况下,通过所述服务的位置信息 包含在签约数据提供的提供签约服务的位置信息中,确定第一网络能够提供签约业务;
在所述指示标识为第二网络标识的情况下,通过所述第二网络标识为签约数据提供的第二网络标识,确定第一网络能够提供签约业务;
在所述指示标识为第一网络标识的情况下,通过签约数据包括的一个或多个第一网络标识中,包括有该第一网络标识,确定第一网络能够提供签约业务。
本申请实施例中,在终端发现第一网络的同时,可以通过一定的安全机制完成终端对第一网络的鉴权。该安全机制可以为:
1)第二网络与终端通过签约的过程完成了互信过程,第二网络在为终端提供签约数据的同时提供token;
2)第二网络也将相同的token提供给第一网络;
3)第一网络的广播信息中的指示标识,即第一网络广播的特定指示,比如服务名称、第一网络标识,第二网络标识等,是经过token加密的密文;
4)终端针对第一网络的广播信息(SIB)中的密文字段,用第二网络提供的token进行解密,获取明文的指示标识,并与第二网络提供的指示标识进行比较判断,判断当前网络是否有合法的经过第二网络授权的第一网络基站。
可选的,上述确定第一网络能够提供签约业务的过程可以包括:获取第一网络的广播信息,其中该广播信息中包括第一密文;利用从第二网络获取的token,解密第一密文;在解密得到明文的指示标识的情况下,确定该第一网络为合法的经过第二网络授权的网络;通过所述明文的指示标识包含在获取的签约数据中,确定第一网络能够提供签约业务。
本申请实施例中,终端接入第一网络的过程可为:利用从第二网络中获取签约数据,向第一网络发送注册请求消息,并在根据所述注册请求消息发起的注册过程中完成鉴权认证过程,接入所述第一网络。可选的,所述注册请求消息中可包括:为终端提供服务的切片标识。即终端需要在注册请求消息中提供的请求切片信息中包含为终端提供服务的切片标识,
可选的,上述鉴权认证过程可包括实名认证过程,即在注册过程中完成实名认证过程。比如根据特定国家或者地区的要求,如果接入第一网络的业 务需要实名认证的,在注册过程的鉴权认证过程中,完成实名认证过程。该实名认证过程可包括以下任意一项:
在终端和第二网络已经实名认证的情况下,终端在从第二网络获得签约数据的同时完成实名认证过程(包括但不限于用户输入个人ID、用户录入面部ID等),第一网络通过与第二网络的交互完成实名认证过程;
在终端和第二网络没有实名认证的情况下,终端与第一网络通过实名认证交互过程完成实名认证过程(包括但不限于用户输入个人ID、用户录入面部ID等)。
可选的,在终端获取的签约数据不是包括终端标识的签约数据的情况下,在向第一网络发送注册请求消息之后,终端还可跳过根据所述注册请求消息发起的注册过程中的鉴权认证过程,并接入第一网络。
一种实施方式中,UE在第一网络发起注册过程时,相关的鉴权认证情况可以包括:
a在注册过程中,利用从第二网络获取的签约数据完成鉴权认证过程;
a.1若第二网络提供的签约数据为包含IMSI或SUPI等UE标识的签约数据,鉴权认证过程可选为5G网络现有的注册过程中的鉴权认证过程:
a.1.1若第一网络的签约数据库中能够找到UE的签约,第一网络执行现有的鉴权认证过程;可选的,在鉴权认证过程中完成实名认证过程,如参考上述的实名认证过程;
a.1.2若第一网络的签约数据库中没有UE的签约,第一网络需要根据UE的指示(注册请求消息中新加、第二网络标识等)或者UE的标识等信息,判断出为UE提供签约的第二网络,并从第二网络获取UE标识对应的签约,执行现有的鉴权认证过程;可选的,在鉴权认证过程中完成实名认证过程,如参考上述的实名认证过程;
a.2若第二网络提供的签约数据不是包含IMSI或SUPI等UE标识的签约数据,UE需要在注册过程中提供特殊指示(例如通过请求的切片标识来指示),第一网络跳过现有注册过程中的鉴权认证过程,标记UE为特殊用户。进一步的,若第一网络与第二网络约定对UE鉴权的形式为基于切片的鉴权(NSAAA),第一网络可基于UE提供的切片为UE进行切片鉴权过程;可选 的,在切片鉴权过程中完成实名认证过程,如参考上述的实名认证过程;
b在注册过程后,利用从第二网络获取的或者第一网络本地存储的签约数据完成鉴权认证过程中;可选的,在鉴权认证过程中完成实名认证过程,如参考上述的实名认证过程。
本申请实施例中,终端从第一网络中获取签约数据对应的签约业务的过程可以包括:终端向所述第一网络发送PDU会话(session)建立请求,根据所述PDU会话建立请求建立PDU会话数据连接,并通过该PDU会话数据连接获取签约数据对应的签约业务。
可选的,终端在从第一网络中获取签约业务之前,可以先从第一网络获取业务相关的策略(policy)信息,包括但不限于用户设备路由选择策略(User equipment Routing Selection Policy,URSP)、接入与移动性管理策略等。该URSP中可以包含终端为获取数据业务建立PDU session的切片标识、数据网络名称DNN等信息。
可选的,终端在PDU会话建立请求消息中,可以携带DNN、切片标识等其他信息。该DNN、切片标识等信息可以来自于从第二网络获取的签约数据中,或者来自于第一网络提供的URSP信息。
可选的,终端根据PDU会话建立请求建立PDU会话数据连接的过程中,可以执行完成第一网络发起的二次授权或鉴权过程(Secondary authentication/authorization)中的实名认证过程。
进一步的,在第一网络和第二网络约定对终端鉴权的形式为进行网络切片的授权与鉴权过程(NSSAA)时,在建立PDU会话数据连接之前,终端还可执行完成第一网络发起的终端请求切片的网络切片授权与鉴权过程。
可选的,所述网络切片授权与鉴权过程中包括:通过实名认证交互过程完成的实名认知过程,包括但不限于用户输入个人ID、用户录入面部ID等。
一种实施方式中,UE在第一网络中建立PDU session数据连接,并获取签约数据,相关内容可以包括:
1)若第一网络与第二网络约定对UE鉴权的形式为PDU会话建立过程中的二次授权或鉴权过程(Secondary authentication/authorization by a DN-AAA server during the establishment of a PDU Session),则第一网络代理第二网络发 起二次授权或鉴权过程;可选的,在二次授权或鉴权过程中完成实名认证过程,如参考上述的实名认证过程;
2)PDU session数据连接可以与签约数据中给出的DNN、切片标识等信息关联;
3)UE可以建立签约业务需要的QoS等级的QoS流,该QoS等级是签约数据或者第一网络提供的策略中允许的QoS等级。
本申请实施例中,在终端获取签约业务的同时或者之后,第一网络和第二网络完成计费功能。终端可按照第一网络的指示执行计费数据统计和上报。
一种实施方式中,第一网络与第二网络约定计费执行主体为第一网络,并约定计费分割方式。第一网络完成计费数据统计,并生成账单。第二网络与UE约定计费方式为:按照流量计费。
另一种实施方式中,第一网络与第二网络约定计费执行主体为第二网络,并约定计费分割方式。第二网络与UE约定计费方式为:按照流量计费,按照服务事件event计费(赛事,演唱会等),或者按照时长计费(如按月计费等)等。第一网络完成计费数据统计并提供给第二网络,第二网络向UE收费,并与第一网络按照约定分割计费。
请参见图3,图3是本申请实施例提供的一种业务获取方法的流程图,该方法应用于第一网络中的网络侧设备,包括但不限于基站、AMF、AUSF、SMF、CHF、NEF等;如图3所示,该方法包括如下步骤:
步骤301:建立与终端的连接,所述连接是所述终端利用签约数据请求建立的,所述签约数据是终端从第二网络中获取的。
本实施例中,第一网络与第二网络可以属于同一网络,也可以属于不同的网络。第一网络可以是5G PLMN、NPN,或者其他移动通信网络。第二网络可以是5G PLMN、NPN、第三方服务提供商网络、手机制造商网络,或者其他移动通信网络。
对于该签约数据的具体内容,可以参见上述图2方法实施例中所述,在此不再赘述。
一种实施方式,上述连接可为PDU会话连接,借由终端的PDU会话建立请求建立。
步骤302:向终端传输签约数据对应的签约业务。
一种实施方式中,终端在第一网络中可以通过多播或者广播的形式获取签约业务服务。而在通过多播或者广播的形式获取签约业务服务之前,终端可以接收第一网络提供的获取多播或者广播业务的接入信息。
本申请实施例的业务获取方法,可以支持终端通过第三方实体动态的获取签约数据,并基于该签约数据在(之前与终端无关联的)当下网络中获取签约业务,从而丰富业务获取方式。
本申请实施例中,第一网络可以与第二网络协商为终端提供服务的协议内容。该协议内容可以包括但不限于以下至少一项:签约服务名称、提供签约服务的位置信息、提供签约服务的时间信息、token、业务安全证书。
可选的,基于该协议内容,第一网络可以向第二网络发送以下至少一项:切片标识,业务的QoS信息、数据网络信息DNN等。
可选的,基于该协议内容,第一网络可从第二网络获取终端的签约数据。
可选的,该协议内容中还可以包括以下至少一项:终端请求切片是否需要进行网络切片授权与鉴权(NSSAA)过程、终端是否需要进行二次授权或鉴权(Secondary authentication/authorization)过程、第一网络与第二网络的计费机制、实名认证机制等。
可选的,基于该协议内容,第一网络还可向终端发送广播信息。其中,该广播信息中可包括指示标识或者利用token加密后的指示标识;该指示标识用于终端确定第一网络能够提供所述签约业务。该指示标识具体可如图2实施例中所述。
一种实施方式中,第一网络中的基站向终端发送广播信息。
可选的,基于该协议内容,第一网络(比如第一网络中的基站)可向终端提供通过广播或者多播形式获取业务的配置信息。
可选的,上述建立与终端的连接的过程可以包括:接收终端发送的注册请求消息,在根据所述注册请求消息发起的注册过程中完成鉴权认证过程,并建立与终端的连接。
作为一种可选的实施方式,可由第一网络中AMF实体完成注册过程,由第一网络中的AUSF实体完成鉴权认证过程,由第一网络的中的SMF建立与 终端的连接。
可选的,所述鉴权认证过程包括实名认证过程。这里可选的,第一网络与第一网络交互,获取终端的签约数据。该实名认证过程可包括以下任意一项:
在终端和第二网络已经实名认证的情况下,第一网络通过与第二网络的交互完成实名认证过程;
在终端和第二网络没有实名认证的情况下,第一网络与终端通过实名认证交互过程完成实名认证过程。
可选的,在所述签约数据不是包括终端标识的签约数据的情况下,所述建立与终端的连接的过程可以包括:接收终端发送的注册请求消息,跳过根据所述注册请求消息发起的注册过程中的鉴权认证过程,并建立与终端的连接。
进一步的,当终端的请求切片需要进行网络切片授权与鉴权(NSSAA)过程时,在建立与终端的连接(如PDU会话连接)之前,第一网络还可对终端的请求切片执行网络切片授权与鉴权过程。
可选的,该网络切片授权与鉴权过程中包括:通过实名认证交互过程完成的实名认知过程。这里可选的,第一网络与网络交互,第二网络完成网络切片授权与鉴权服务(Network Slice-Specific authentication,authorization,and accounting(AAA)server功能)功能。
可选的,基于与第二网络协商的服务协议内容,第一网络可以向终端发送获取业务的策略信息。该策略信息包括但不限于URSP、接入与移动性管理策略等。该URSP中可以包含终端为获取数据业务建立PDU session的切片标识、数据网络名称DNN等信息。而第二网络动态的向第一网络(直接通过PCF或者NEF)实体)更新业务需求信息,用于第一网络动态的生成业务的策略信息。
可选的,第一网络在建立与终端的连接之前,可以执行完成与终端的二次授权或鉴权(Secondary authentication/authorization)过程中的实名认证过程。这里可选的,与第二网络交互,第二网络完成数据网络(Data Network,DN)-AAA server功能。
本申请实施例中,在终端获取签约业务的同时或者之后,第一网络和第二网络完成计费功能。第一网络(比如第一网络中的CHF实体)可以执行如下操作:对计费数据进行统计,生成计费信息,并向终端发送所述计费信息;或者,对计费数据进行统计,并将统计得到的计费数据发送给第二网络,由所述第二网络生成计费信息以及向终端发送所述计费信息。
请参见图4,图4是本申请实施例提供的一种业务获取方法的流程图,该方法应用于第二网络中的网络侧设备,包括但不限于基站、AMF、AUSF、SMF、CHF等;如图4所示,该方法包括如下步骤:
步骤401:向终端发送签约数据;所述签约数据用于所述终端根据所述签约数据选择第一网络,接入所述第一网络,并从所述第一网络中获取所述签约数据对应的签约业务。
本实施例中,第一网络与第二网络可以属于同一网络,也可以属于不同的网络。第一网络可以是5G PLMN、NPN,或者其他移动通信网络。第二网络可以是5G PLMN、NPN、第三方服务提供商网络、手机制造商网络,或者其他移动通信网络。
对于该签约数据的具体内容,可以参见上述图2方法实施例中所述,在此不再赘述。
本申请实施例的业务获取方法,可以支持终端通过第三方实体动态的获取签约数据,并基于该签约数据在(之前与终端无关联的)当下网络中获取签约业务,从而丰富业务获取方式。
本申请实施例中,第二网络可以与第一网络协商为终端提供服务的协议内容。该协议内容可以包括但不限于以下至少一项:签约服务名称、提供签约服务的位置信息、提供签约服务的时间信息、token、业务安全证书。
可选的,基于该协议内容,第二网络可以从第一网络接收以下至少一项:切片标识,业务的QoS信息、数据网络信息DNN等。
可选的,基于该协议内容,第二网络可向第一网络发送终端的签约数据。
可选的,该协议内容中还可以包括以下至少一项:终端请求切片是否需要进行网络切片授权与鉴权(NSSAA)过程、终端是否需要进行二次授权或鉴权过程、第一网络与第二网络的计费机制、实名认证机制等。
可选的,第二网络还可执行以下任意一项:通过与第一网络的交互,向第一网络发送终端的签约数据;或者,通过与第一网络的交互,执行完成网络切片的授权与鉴权过程;或者,通过与第一网络的交互,执行完成数据网络的授权与鉴权过程。第二网络动态提供业务的QoS需求,供第一网络生成策略信息,
可选的,第二网络还可向第一网络动态请求提供业务的需求,由第一网络生成获取业务的策略信息,并将该获取业务的策略信息发送给终端。该获取业务的策略信息包括但不限于用户设备路由选择策略URSP、接入与移动性管理策略等。该URSP中可以包含终端为获取数据业务建立PDU session的切片标识、数据网络名称DNN等信息。
本申请实施例中,在终端获取签约业务的同时或者之后,第一网络和第二网络完成计费功能。第二网络可以执行如下操作:接收第一网络生成的计费信息,与第一网络进行计费分割;或者,接收第一网络生成的计费数据,根据所述计费数据生成计费信息,并将所述计费信息发送给所述终端,并与所述第一网络进行计费分割。
下面,结合具体应用场景对本申请中的业务获取过程进行说明。
应用场景一:漫游场景
子场景1:第一网络为VPLMN(Visited PLMN,访问PLMN)或Visited NPN(访问NPN),第二网络为HPLMN(Home PLMN,归属PLMN)或Home NPN(归属NPN);
子场景2:第一网络为VPLMN(访问PLMN)或Visited NPN(访问NPN),第二网络为手机制造商网络或者实体。
对于此漫游场景,上述图2至图4实施例中描述的方案全部适用。特殊说明如下(此中没有说明的方案都适用与本场景):
(1)若从第二网络获取的签约数据为临时签约数据,则某段时间的签约数据适用本场景,某种业务的签约数据在本场景中不使用,特定位置的签约数据不适用本场景;
(2)本场景中,第二网络为终端提供签约的方式可以是,应用层和/或物理实体的形式提供;
(3)签约数据的体现形式为包括终端标识的签约数据时适用本场景;而其他形式比如包括用户名和密码中至少一者的业务接入标识,不适用本场景,相应的此情况下的终端鉴权认证过程不适用本场景;
(4)本场景中,终端可以通过第二网络的签约数据中给出提供服务的网络标识中含有第一网络的标识,确定第一网络能够提供签约业务。但是不适用借助第一网络的广播信息中指示标识来确定第一网络能够提供签约业务;
(5)第二网络为HPLMN或Home NPN时,上述图2实施例中的a.1.2内容适用本场景,a.1.1内容不适用本场景,a.2内容不适用本场景;第二网络为手机制造商网络时,上述图2实施例中的a.1.1内容适用本场景,a.1.2内容不适用本场景,a.2内容不适用本场景;
(6)第二网络为HPLMN或Home NPN时,适用的实名认证过程为:终端和第二网络已经实名认证,终端在从第二网络获得签约数据的同时完成实名认证过程,第一网络通过与第二网络的交互完成实名认证过程;第二网络为手机制造商网络时,适用的实名认证过程为:终端和第二网络没有实名认证,终端与第一网络通过实名认证交互过程完成实名认证过程;
(7)本场景中,适用的计费方式为:第一网络与第二网络约定计费执行主体为第二网络,并约定计费分割方式;第一网络完成计费数据统计并提供给第二网络,第二网络向终端收费,并与第一网络按照约定分割计费。
应用场景二:比赛赛事场景、音乐厅场景、电影院场景
本场景中,第一网络可以为VPLMN或Visited NPN,第二网络为比赛赛事/音乐厅/电影提供者对应的网络或者实体。
对于本场景,上述图2至图4实施例中描述的方案全部适用。特殊说明如下(此中没有说明的方案都适用与本场景):
(1)永久签约数据不适用于本场景;
(2)若从第二网络获取的签约数据为临时签约数据,则某段时间的签约数据、某种业务的签约数据、特定位置的签约数据都适用本场景;
(3)本场景中,第二网络为终端提供签约的方式可以是,应用层的形式提供,或者,应用层和物理实体的形式提供;而单独的物理实体的形式不适用于本场景;
(4)上述图2实施例中所述的签约数据的体现形式,都适用本场景;
(5)上述图2实施例中所述的确定第一网络能够提供签约业务的方式,都适用本场景;
(6)上述图2实施例中所述的a.1.1内容不适用本场景,a.1.2内容适用本场景,a.2内容适用本场景;
(7)上述图2实施例中所述的实名认证过程都适用本场景;
(8)上述图2实施例中所述的计费方案都适用本场景。
应用场景三:商场场景
本场景中,第一网络可以为VPLMN或Visited NPN,第二网络为商场对应的网络或者实体。
对于本场景,上述图2至图4实施例中描述的方案全部适用。特殊说明如下(此中没有说明的方案都适用与本场景):
(1)永久签约数据不适用于本场景;
(2)若从第二网络获取的签约数据为临时签约数据,则特定位置的签约数据适用本场景,而某段时间的签约数据、某种业务的签约数据不适用本场景;
(3)本场景中,第二网络为终端提供签约的方式可以是,应用层的形式提供,或者,应用层和物理实体的形式提供;而单独的物理实体的形式不适用于本场景;
(4)上述图2实施例中所述的签约数据的体现形式,都适用本场景;
(5)上述图2实施例中所述的确定第一网络能够提供签约业务的方式(除基于业务内容标识之外),都适用本场景;
(6)上述图2实施例中所述的a.1.1内容不适用本场景,a.1.2内容适用本场景,a.2内容适用本场景;
(7)上述图2实施例中所述的实名认证过程都适用本场景;
(8)上述图2实施例中所述的计费方案都适用本场景。
需要说明的是,本申请实施例提供的业务获取方法,执行主体可以为业务获取装置,或者,该业务获取装置中的用于执行业务获取方法的控制模块。本申请实施例中以业务获取装置执行业务获取方法为例,说明本申请实施例 提供的业务获取装置。
请参见图5,图5是本申请实施例提供的一种业务获取装置的结构示意图,该装置应用于终端,如图5所示,该业务获取装置50可以包括:
第一获取模块51,用于从第二网络中获取签约数据;
选择模块52,用于利用所述签约数据,选择第一网络;
接入模块53,用于接入所述第一网络;
第二获取模块54,用于从第一网络中获取所述签约数据对应的签约业务。
可选的,所述签约数据为永久签约数据和临时签约数据中的任意一者。
可选的,所述从第二网络中获取签约数据,包括以下任意一项:
通过所述第二网络的应用层,获取所述签约数据;
通过所述第二网络的物理实体,获取所述签约数据;
通过所述第二网络的应用层和物理实体,获取所述签约数据。
可选的,所述签约数据为以下任意一项:
包括终端标识的签约数据;
包括用户名和密码中至少一者的业务接入标识。
可选的,所述签约数据中包括以下至少一项:
签约服务名称;
提供签约服务的位置信息;
提供签约服务的时间信息;
一个或多个第一网络标识;
第二网络标识;
接入安全令牌token;
业务安全证书;
提供签约服务的切片标识;
提供签约服务的服务质量QoS信息;
提供签约服务的数据网络名称。
可选的,所述业务获取装置50还包括:
第一执行模块,用于执行完成用户实名认证过程。
可选的,所述业务获取装置50还包括:
确定模块,用于通过所述签约数据和/或所述第一网络的广播信息中的指示标识,确定所述第一网络能够提供所述签约业务。
可选的,所述确定模块具体用于以下任意一项:
在所述指示标识为服务名称的情况下,通过所述服务名称包含在所述签约数据提供的签约服务名称中,确定所述第一网络能够提供所述签约业务;
在所述指示标识为服务的位置信息的情况下,通过所述服务的位置信息包含在所述签约数据提供的提供签约服务的位置信息中,确定所述第一网络能够提供所述签约业务;
在所述指示标识为第二网络标识的情况下,通过所述第二网络标识为所述签约数据提供的第二网络标识,确定所述第一网络能够提供所述签约业务;
在所述指示标识为第一网络标识的情况下,通过所述签约数据包括的一个或多个第一网络标识中,包括有所述第一网络标识,确定所述第一网络能够提供所述签约业务。
可选的,所述确定模块包括:
获取单元,用于获取所述第一网络的广播信息,其中,所述广播信息中包括第一密文;
解密单元,用于利用从所述第二网络获取的token,解密所述第一密文;
第一确定单元,用于在解密得到明文的指示标识的情况下,确定所述第一网络为合法的经过所述第二网络授权的网络;
第二确定单元,用于通过所述明文的指示标识包含在所述签约数据中,确定所述第一网络能够提供所述签约业务。
可选的,所述接入模块53具体用于:
利用所述签约数据,向所述第一网络发送注册请求消息,并在根据所述注册请求消息发起的注册过程中完成鉴权认证过程,接入所述第一网络。
可选的,所述注册请求消息中包括:为所述终端提供服务的切片标识。
可选的,所述鉴权认证过程包括实名认证过程;所述实名认证过程包括以下任意一项:
在所述终端和所述第二网络已经实名认证的情况下,所述终端在从所述第二网络获得签约数据的同时完成实名认证过程,所述第一网络通过与所述 第二网络的交互完成实名认证过程;
在所述终端和所述第二网络没有实名认证的情况下,所述终端与所述第一网络通过实名认证交互过程完成实名认证过程。
可选的,在所述签约数据不是包括终端标识的签约数据的情况下,所述接入模块53还用于:利用所述签约数据,向第一网络发送注册请求消息,跳过根据所述注册请求消息发起的注册过程中的鉴权认证过程,接入第一网络。
可选的,在所述第一网络和所述第二网络约定对所述终端鉴权的形式为进行网络切片的授权与鉴权过程时,所述业务获取装置50还包括:
第二执行模块,用于在建立PDU会话数据连接之前,执行完成所述第一网络发起的终端请求切片的网络切片授权与鉴权过程。
可选的,所述网络切片授权与鉴权过程中包括:通过实名认证交互过程完成的实名认知过程。
可选的,所述第二获取模块54具体用于:向所述第一网络发送PDU会话建立请求,根据所述PDU会话建立请求建立PDU会话数据连接,并通过所述PDU会话数据连接获取所述签约数据对应的签约业务。
可选的,所述业务获取装置50还包括:
第三执行模块,用于执行完成所述第一网络发起的二次授权或鉴权过程中的实名认证过程。
可选的,所述业务获取装置50还包括:
第四执行模块,用于在从所述第一网络中获取所述签约数据对应的签约业务的同时或者之后,按照所述第一网络的指示执行计费数据统计和上报。
可理解的,本申请实施例提供的业务获取装置50能够实现图2的方法实施例中实现的各个过程,并达到相同的技术效果,为避免重复,这里不再赘述。
请参见图6,图6是本申请实施例提供的一种业务获取装置的结构示意图,该装置应用于第一网络中的网络侧设备,如图6所示,该业务获取装置60可以包括:
建立模块61,用于建立与终端的连接,其中,所述连接是所述终端利用签约数据请求建立的,所述签约数据是所述终端从第二网络中获取的;
传输模块62,用于向所述终端传输所述签约数据对应的签约业务。
可选的,所述业务获取装置60还包括:
第一协商模块,用于与所述第二网络协商为所述终端提供服务的协议内容;所述协议内容包括以下至少一项:签约服务名称、提供签约服务的位置信息、提供签约服务的时间信息、token、业务安全证书。
可选的,所述业务获取装置60还包括:
第一收发模块,用于基于所述协议内容,向所述第二网络发送以下至少一项:切片标识、业务的QoS信息、数据网络信息;和/或,基于所述协议内容,从所述第二网络获取所述终端的签约数据。
可选的,所述协议内容还包括以下至少一项:
终端请求切片是否需要进行网络切片授权与鉴权过程、所述终端是否需要进行二次授权或鉴权过程、所述第一网络与所述第二网络的计费机制、实名认证机制。
可选的,所述第一收发模块还用于:基于所述协议内容,向所述终端发送广播信息;
其中,所述广播信息中包括指示标识或者利用token加密后的指示标识;所述指示标识用于所述终端确定所述第一网络能够提供所述签约业务。
可选的,所述建立模块61具体用于:
接收所述终端发送的注册请求消息,在根据所述注册请求消息发起的注册过程中完成鉴权认证过程,并建立与所述终端的连接。
可选的,所述鉴权认证过程包括实名认证过程;所述实名认证过程包括以下任意一项:
在所述终端和所述第二网络已经实名认证的情况下,所述第一网络通过与所述第二网络的交互完成实名认证过程;
在所述终端和所述第二网络没有实名认证的情况下,所述第一网络与所述终端通过实名认证交互过程完成实名认证过程。
可选的,在所述签约数据不是包括终端标识的签约数据的情况下,所述建立模块61还用于:
接收所述终端发送的注册请求消息,跳过根据所述注册请求消息发起的 注册过程中的鉴权认证过程,并建立与所述终端的连接。
可选的,所述业务获取装置60还包括:
第五执行模块,用于在建立与所述终端的连接之前,对终端的请求切片执行网络切片授权与鉴权过程。
可选的,所述网络切片授权与鉴权过程中包括:通过实名认证交互过程完成的实名认知过程。
可选的,所述第一收发模块还用于:基于所述协议内容,向所述终端发送获取业务的策略信息。
可选的,所述业务获取装置60还包括:
第六执行模块,用于执行完成与所述终端的二次授权或鉴权过程中的实名认证过程。
可选的,所述业务获取装置60还包括:
第一计费模块,用于对计费数据进行统计,生成计费信息,并向所述终端发送所述计费信息;或者,对计费数据进行统计,并将统计得到的计费数据发送给所述第二网络,由所述第二网络生成计费信息以及向所述终端发送所述计费信息。
可理解的,本申请实施例提供的业务获取装置60能够实现图3的方法实施例中实现的各个过程,并达到相同的技术效果,为避免重复,这里不再赘述。
请参见图7,图7是本申请实施例提供的一种业务获取装置的结构示意图,该装置应用于第二网络中的网络侧设备,如图7所示,该业务获取装置70可以包括:
发送模块71,用于向终端发送签约数据;其中,所述签约数据用于所述终端根据所述签约数据选择第一网络,接入所述第一网络,并从所述第一网络中获取所述签约数据对应的签约业务。
可选的,所述业务获取装置70还包括:
第二协商模块,用于与所述第一网络协商为所述终端提供服务的协议内容;所述协议内容包括以下至少一项:签约服务名称、提供签约服务的位置信息、提供签约服务的时间信息、token、业务安全证书。
可选的,所述业务获取装置70还包括:
第二收发模块,用于基于所述协议内容,从所述第一网络接收以下至少一项:切片标识,业务的QoS信息、数据网络信息;
和/或,基于所述协议内容,向所述第一网络发送所述终端的签约数据。
可选的,所述协议内容还包括以下至少一项:
终端请求切片是否需要进行网络切片授权与鉴权过程、所述终端是否需要进行二次授权或鉴权过程、所述第一网络与所述第二网络的计费机制、实名认证机制。
可选的,所述业务获取装置70还包括:
第六执行模块,用于以下任意一项:
通过与所述第一网络的交互,向所述第一网络发送所述终端的签约数据;
或者,通过与所述第一网络的交互,执行完成网络切片的授权与鉴权过程;
或者,通过与所述第一网络的交互,执行完成数据网络的授权与鉴权过程;
或者,向所述第一网络动态请求提供业务的需求,由所述第一网络生成获取业务的策略信息,并将所述获取业务的策略信息发送给所述终端。
可选的,所述业务获取装置70还包括:
第二计费模块,用于接收所述第一网络生成计费信息,并与所述第一网络进行计费分割;或者,接收第一网络生成的计费数据,根据所述计费数据生成计费信息,并将所述计费信息发送给所述终端,与所述第一网络进行计费分割。
可理解的,本申请实施例提供的业务获取装置70能够实现图4的方法实施例中实现的各个过程,并达到相同的技术效果,为避免重复,这里不再赘述。
本申请实施例中的业务获取装置可以是装置,也可以是终端中的部件、集成电路、或芯片。该装置可以是移动终端,也可以为非移动终端。示例性的,移动终端可以包括但不限于上述所列举的终端11的类型,非移动终端可以为服务器、网络附属存储器(Network Attached Storage,NAS)、个人计算 机(personal computer,PC)、电视机(television,TV)、柜员机或者自助机等,本申请实施例不作具体限定。
本申请实施例中的业务获取装置可以为具有操作系统的装置。该操作系统可以为安卓(Android)操作系统,可以为ios操作系统,还可以为其他可能的操作系统,本申请实施例不作具体限定。
可选的,如图8所示,本申请实施例还提供一种通信设备800,包括处理器801,存储器802,存储在存储器802上并可在所述处理器801上运行的程序或指令。例如,该通信设备800为终端时,该程序或指令被处理器801执行时可实现上述图2方法实施例的各个过程,且能达到相同的技术效果。该通信设备800为第一网络中的网络侧设备时,该程序或指令被处理器801执行时可实现上述图3方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。该通信设备800为第二网络中的网络侧设备时,该程序或指令被处理器801执行时可实现上述图4方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。
图9为实现本申请实施例的一种终端的硬件结构示意图。
该终端900包括但不限于:射频单元901、网络模块902、音频输出单元903、输入单元904、传感器905、显示单元906、用户输入单元907、接口单元908、存储器909、以及处理器910等部件。
本领域技术人员可以理解,终端900还可以包括给各个部件供电的电源(比如电池),电源可以通过电源管理系统与处理器910逻辑相连,从而通过电源管理系统实现管理充电、放电、以及功耗管理等功能。图9中示出的终端结构并不构成对终端的限定,终端可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置,在此不再赘述。
应理解的是,本申请实施例中,输入单元904可以包括图形处理器(Graphics Processing Unit,GPU)9049和麦克风9042,图形处理器9049对在视频捕获模式或图像捕获模式中由图像捕获装置(如摄像头)获得的静态图片或视频的图像数据进行处理。显示单元906可包括显示面板9069,可以采用液晶显示器、有机发光二极管等形式来配置显示面板9069。用户输入单元907包括触控面板9079以及其他输入设备9072。触控面板9079,也称为 触摸屏。触控面板9079可包括触摸检测装置和触摸控制器两个部分。其他输入设备9072可以包括但不限于物理键盘、功能键(比如音量控制按键、开关按键等)、轨迹球、鼠标、操作杆,在此不再赘述。
本申请实施例中,射频单元901将来自网络侧设备的下行数据接收后,给处理器910处理;另外,将上行的数据发送给网络侧设备。通常,射频单元901包括但不限于天线、至少一个放大器、收发信机、耦合器、低噪声放大器、双工器等。
存储器909可用于存储软件程序或指令以及各种数据。存储器909可主要包括存储程序或指令区和存储数据区,其中,存储程序或指令区可存储操作系统、至少一个功能所需的应用程序或指令(比如声音播放功能、图像播放功能等)等。此外,存储器909可以包括高速随机存取存储器,还可以包括非易失性存储器,其中,非易失性存储器可以是只读存储器(Read-Only Memory,ROM)、可编程只读存储器(Programmable ROM,PROM)、可擦除可编程只读存储器(Erasable PROM,EPROM)、电可擦除可编程只读存储器(Electrically EPROM,EEPROM)或闪存。例如至少一个磁盘存储器件、闪存器件、或其他非易失性固态存储器件。
处理器910可包括一个或多个处理单元;可选的,处理器910可集成应用处理器和调制解调处理器,其中,应用处理器主要处理操作系统、用户界面和应用程序或指令等,调制解调处理器主要处理无线通信,如基带处理器。可以理解的是,上述调制解调处理器也可以不集成到处理器910中。
其中,处理器910,用于从第二网络中获取签约数据,利用所述签约数据,选择第一网络,并接入所述第一网络,从所述第一网络中获取所述签约数据对应的签约业务。
可理解的,本申请实施例提供的终端900能够实现图2的方法实施例中实现的各个过程,并达到相同的技术效果,为避免重复,这里不再赘述。
具体地,本申请实施例还提供了一种网络侧设备。如图10所示,该网络侧设备100包括:天线101、射频装置102、基带装置103。天线101与射频装置102连接。在上行方向上,射频装置102通过天线101接收信息,将接收的信息发送给基带装置103进行处理。在下行方向上,基带装置103对要 发送的信息进行处理,并发送给射频装置102,射频装置102对收到的信息进行处理后经过天线101发送出去。
上述频带处理装置可以位于基带装置103中,以上实施例中网络侧设备执行的方法可以在基带装置103中实现,该基带装置103包括处理器104和存储器105。
基带装置103例如可以包括至少一个基带板,该基带板上设置有多个芯片,如图10所示,其中一个芯片例如为处理器104,与存储器105连接,以调用存储器105中的程序,执行以上方法实施例中所示的网络侧设备操作。
该基带装置103还可以包括网络接口106,用于与射频装置102交互信息,该接口例如为通用公共无线接口(common public radio interface,CPRI)。
具体地,本申请实施例的网络侧设备还包括:存储在存储器105上并可在处理器104上运行的指令或程序,处理器104调用存储器105中的指令或程序执行图6或图7中所示各模块执行的方法,并达到相同的技术效果,为避免重复,故不在此赘述。
本申请实施例还提供一种可读存储介质,所述可读存储介质上存储有程序或指令,该程序或指令被处理器执行时实现上述图2所示方法实施例的各个过程,或者实现上述图3所示方法实施例的各个过程,或者实现上述图4所示方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。
其中,所述处理器为上述实施例中所述的终端中的处理器。所述可读存储介质,包括计算机可读存储介质,如计算机只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等。
本申请实施例另提供了一种芯片,所述芯片包括处理器和通信接口,所述通信接口和所述处理器耦合,所述处理器用于运行网络侧设备程序或指令,实现上述图2所示方法实施例的各个过程,或者实现上述图3所示方法实施例的各个过程,或者实现上述图4所示方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。
应理解,本申请实施例提到的芯片还可以称为系统级芯片,系统芯片, 芯片系统或片上系统芯片等。
需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。此外,需要指出的是,本申请实施方式中的方法和装置的范围不限按示出或讨论的顺序来执行功能,还可包括根据所涉及的功能按基本同时的方式或按相反的顺序来执行功能,例如,可以按不同于所描述的次序来执行所描述的方法,并且还可以添加、省去、或组合各种步骤。另外,参照某些示例所描述的特征可在其他示例中被组合。
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本公开的范围。
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统、装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。
在本申请所提供的实施例中,应该理解到,所揭露的装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或 者全部单元来实现本实施例方案的目的。
另外,在本公开各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端(可以是手机,计算机,服务器,空调器,或者网络侧设备等)执行本申请各个实施例所述的方法。
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来控制相关的硬件来完成,所述的程序可存储于计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。其中,所述的存储介质可为磁碟、光盘、只读存储器(Read-Only Memory,ROM)或随机存取存储器(Random Access Memory,RAM)等。
可以理解的是,本公开实施例描述的这些实施例可以用硬件、软件、固件、中间件、微码或其组合来实现。对于硬件实现,模块、单元、子单元可以实现在一个或多个专用集成电路(Application Specific Integrated Circuits,ASIC)、数字信号处理器(Digital Signal Processor,DSP)、数字信号处理设备(DSP Device,DSPD)、可编程逻辑设备(Programmable Logic Device,PLD)、现场可编程门阵列(Field-Programmable Gate Array,FPGA)、通用处理器、控制器、微控制器、微处理器、用于执行本公开所述功能的其它电子单元或其组合中。
对于软件实现,可通过执行本公开实施例所述功能的模块(例如过程、函数等)来实现本公开实施例所述的技术。软件代码可存储在存储器中并通过处理器执行。存储器可以在处理器中或在处理器外部实现。
上面结合附图对本申请的实施例进行了描述,但是本申请并不局限于上述的具体实施方式,上述的具体实施方式仅仅是示意性的,而不是限制性的, 本领域的普通技术人员在本申请的启示下,在不脱离本申请宗旨和权利要求所保护的范围情况下,还可做出很多形式,均属于本申请的保护之内。

Claims (46)

  1. 一种业务获取方法,应用于终端,包括:
    从第二网络中获取签约数据;
    利用所述签约数据,选择第一网络,并接入所述第一网络;
    从所述第一网络中获取所述签约数据对应的签约业务。
  2. 根据权利要求1所述的方法,其中,所述签约数据为永久签约数据和临时签约数据中的任意一者。
  3. 根据权利要求1所述的方法,其中,所述从第二网络中获取签约数据,包括以下任意一项:
    通过所述第二网络的应用层,获取所述签约数据;
    通过所述第二网络的物理实体,获取所述签约数据;
    通过所述第二网络的应用层和物理实体,获取所述签约数据。
  4. 根据权利要求1所述的方法,其中,所述签约数据为以下任意一项:
    包括终端标识的签约数据;
    包括用户名和密码中至少一者的业务接入标识。
  5. 根据权利要求1所述的方法,其中,所述签约数据中包括以下至少一项:
    签约服务名称;
    提供签约服务的位置信息;
    提供签约服务的时间信息;
    一个或多个第一网络标识;
    第二网络标识;
    接入安全令牌token;
    业务安全证书;
    提供签约服务的切片标识;
    提供签约服务的服务质量QoS信息;
    提供签约服务的数据网络名称。
  6. 根据权利要求1所述的方法,其中,所述从第二网络中获取签约数据 之前,所述方法还包括:
    执行完成用户实名认证过程。
  7. 根据权利要求1所述的方法,其中,所述利用所述签约数据,选择第一网络之前,所述方法还包括:
    通过所述签约数据和/或所述第一网络的广播信息中的指示标识,确定所述第一网络能够提供所述签约业务。
  8. 根据权利要求7所述的方法,其中,所述通过所述签约数据和/或所述第一网络的广播信息中的指示标识,确定所述第一网络能够提供所述签约业务,包括以下任意一项:
    在所述指示标识为服务名称的情况下,通过所述服务名称包含在所述签约数据提供的签约服务名称中,确定所述第一网络能够提供所述签约业务;
    在所述指示标识为服务的位置信息的情况下,通过所述服务的位置信息包含在所述签约数据提供的提供签约服务的位置信息中,确定所述第一网络能够提供所述签约业务;
    在所述指示标识为第二网络标识的情况下,通过所述第二网络标识为所述签约数据提供的第二网络标识,确定所述第一网络能够提供所述签约业务;
    在所述指示标识为第一网络标识的情况下,通过所述签约数据包括的一个或多个第一网络标识中,包括有所述第一网络标识,确定所述第一网络能够提供所述签约业务。
  9. 根据权利要求7或8所述的方法,其中,所述通过所述签约数据和/或所述第一网络的广播信息中的指示标识,确定所述第一网络能够提供所述签约业务,包括:
    获取所述第一网络的广播信息,其中,所述广播信息中包括第一密文;
    利用从所述第二网络获取的token,解密所述第一密文;
    在解密得到明文的指示标识的情况下,确定所述第一网络为合法的经过所述第二网络授权的网络;
    通过所述明文的指示标识包含在所述签约数据中,确定所述第一网络能够提供所述签约业务。
  10. 根据权利要求1所述的方法,其中,所述接入所述第一网络,包括:
    利用所述签约数据,向所述第一网络发送注册请求消息,并在根据所述注册请求消息发起的注册过程中完成鉴权认证过程,接入所述第一网络。
  11. 根据权利要求10所述的方法,其中,所述注册请求消息中包括:为所述终端提供服务的切片标识。
  12. 根据权利要求10所述的方法,其中,所述鉴权认证过程包括实名认证过程;所述实名认证过程包括以下任意一项:
    在所述终端和所述第二网络已经实名认证的情况下,所述终端在从所述第二网络获得签约数据的同时完成实名认证过程,所述第一网络通过与所述第二网络的交互完成实名认证过程;
    在所述终端和所述第二网络没有实名认证的情况下,所述终端与所述第一网络通过实名认证交互过程完成实名认证过程。
  13. 根据权利要求10所述的方法,其中,在所述签约数据不是包括终端标识的签约数据的情况下,所述向所述第一网络发送注册请求消息之后,所述方法还包括:
    跳过根据所述注册请求消息发起的注册过程中的鉴权认证过程,接入所述第一网络。
  14. 根据权利要求1所述的方法,其中,所述从所述第一网络中获取所述签约数据对应的签约业务,包括:
    向所述第一网络发送分组数据单元PDU会话建立请求,根据所述PDU会话建立请求建立PDU会话数据连接,并通过所述PDU会话数据连接获取所述签约数据对应的签约业务。
  15. 根据权利要求14所述的方法,其中,在所述第一网络和所述第二网络约定对所述终端鉴权的形式为进行网络切片的授权与鉴权过程时,所述建立PDU会话数据连接之前,所述方法还包括:
    执行完成所述第一网络发起的终端请求切片的网络切片授权与鉴权过程。
  16. 根据权利要求15所述的方法,其中,所述网络切片授权与鉴权过程中包括:通过实名认证交互过程完成的实名认知过程。
  17. 根据权利要求14所述的方法,其中,所述根据所述PDU会话建立请求建立PDU会话数据连接的过程中,所述方法还包括:
    执行完成所述第一网络发起的二次授权或鉴权过程中的实名认证过程。
  18. 根据权利要求1所述的方法,其中,在从所述第一网络中获取所述签约数据对应的签约业务的同时或者之后,所述方法还包括:
    按照所述第一网络的指示执行计费数据统计和上报。
  19. 一种业务获取方法,应用于第一网络中的网络侧设备,包括:
    建立与终端的连接,其中,所述连接是所述终端利用签约数据请求建立的,所述签约数据是所述终端从第二网络中获取的;
    向所述终端传输所述签约数据对应的签约业务。
  20. 根据权利要求19所述的方法,还包括:
    与所述第二网络协商为所述终端提供服务的协议内容;
    其中,所述协议内容包括以下至少一项:签约服务名称、提供签约服务的位置信息、提供签约服务的时间信息、token、业务安全证书。
  21. 根据权利要求20所述的方法,还包括:
    基于所述协议内容,向所述第二网络发送以下至少一项:切片标识、业务的QoS信息、数据网络信息;
    和/或,
    基于所述协议内容,从所述第二网络获取所述终端的签约数据。
  22. 根据权利要求20所述的方法,其中,所述协议内容还包括以下至少一项:
    终端请求切片是否需要进行网络切片授权与鉴权过程、所述终端是否需要进行二次授权或鉴权过程、所述第一网络与所述第二网络的计费机制、实名认证机制。
  23. 根据权利要求20所述的方法,还包括:
    基于所述协议内容,向所述终端发送广播信息;
    其中,所述广播信息中包括指示标识或者利用token加密后的指示标识;
    所述指示标识用于所述终端确定所述第一网络能够提供所述签约业务。
  24. 根据权利要求19所述的方法,其中,所述建立与终端的连接,包括:
    接收所述终端发送的注册请求消息,在根据所述注册请求消息发起的注册过程中完成鉴权认证过程,并建立与所述终端的连接。
  25. 根据权利要求24所述的方法,其中,所述鉴权认证过程包括实名认证过程;所述实名认证过程包括以下任意一项:
    在所述终端和所述第二网络已经实名认证的情况下,所述第一网络通过与所述第二网络的交互完成实名认证过程;
    在所述终端和所述第二网络没有实名认证的情况下,所述第一网络与所述终端通过实名认证交互过程完成实名认证过程。
  26. 根据权利要求24所述的方法,其中,在所述签约数据不是包括终端标识的签约数据的情况下,所述建立与终端的连接,包括:
    接收所述终端发送的注册请求消息,跳过根据所述注册请求消息发起的注册过程中的鉴权认证过程,并建立与所述终端的连接。
  27. 根据权利要求19所述的方法,其中,当所述终端的请求切片需要进行网络切片授权与鉴权过程时,所述建立与所述终端的连接之前,所述方法还包括:
    对所述终端的请求切片执行网络切片授权与鉴权过程。
  28. 根据权利要求27所述的方法,其中,所述网络切片授权与鉴权过程中包括:通过实名认证交互过程完成的实名认知过程。
  29. 根据权利要求20所述的方法,还包括:
    基于所述协议内容,向所述终端发送获取业务的策略信息。
  30. 根据权利要19所述的方法,其中,所述建立与所述终端的连接之前,所述方法还包括:
    执行完成与所述终端的二次授权或鉴权过程中的实名认证过程。
  31. 根据权利要19所述的方法,还包括:
    对计费数据进行统计,生成计费信息,并向所述终端发送所述计费信息;
    或者,
    对计费数据进行统计,并将统计得到的计费数据发送给所述第二网络,由所述第二网络生成计费信息以及向所述终端发送所述计费信息。
  32. 一种业务获取方法,应用于第二网络中的网络侧设备,包括:
    向终端发送签约数据;其中,所述签约数据用于所述终端根据所述签约数据选择第一网络,接入所述第一网络,并从所述第一网络中获取所述签约 数据对应的签约业务。
  33. 根据权利要求32所述的方法,还包括:
    与所述第一网络协商为所述终端提供服务的协议内容;
    其中,所述协议内容包括以下至少一项:签约服务名称、提供签约服务的位置信息、提供签约服务的时间信息、token、业务安全证书。
  34. 根据权利要求33所述的方法,还包括:
    基于所述协议内容,从所述第一网络接收以下至少一项:切片标识,业务的QoS信息、数据网络信息;
    和/或,
    基于所述协议内容,向所述第一网络发送所述终端的签约数据。
  35. 根据权利要求33所述的方法,其中,所述协议内容还包括以下至少一项:
    终端请求切片是否需要进行网络切片授权与鉴权过程、所述终端是否需要进行二次授权或鉴权过程、所述第一网络与所述第二网络的计费机制、实名认证机制。
  36. 根据权利要求32所述的方法,还包括:
    向所述第一网络动态请求提供业务的需求,由所述第一网络生成获取业务的策略信息,并将所述获取业务的策略信息发送给所述终端。
  37. 根据权利要求32所述的方法,还包括以下任意一项:
    通过与所述第一网络的交互,向所述第一网络发送所述终端的签约数据;
    或者,
    通过与所述第一网络的交互,执行完成网络切片的授权与鉴权过程;
    或者,
    通过与所述第一网络的交互,执行完成数据网络的授权与鉴权过程。
  38. 根据权利要求32所述的方法,还包括:
    接收所述第一网络生成计费信息,并与所述第一网络进行计费分割;
    或者,
    接收第一网络生成的计费数据,根据所述计费数据生成计费信息,并将所述计费信息发送给所述终端,与所述第一网络进行计费分割。
  39. 一种业务获取装置,应用于终端,包括:
    第一获取模块,用于从第二网络中获取签约数据;
    选择模块,用于利用所述签约数据,选择第一网络;
    接入模块,用于接入所述第一网络;
    第二获取模块,用于从所述第一网络中获取所述签约数据对应的签约业务。
  40. 一种业务获取装置,应用于第一网络中的网络侧设备,包括:
    建立模块,用于建立与终端的连接,其中,所述连接是所述终端利用签约数据请求建立的,所述签约数据是所述终端从第二网络中获取的;
    传输模块,用于向所述终端传输所述签约数据对应的签约业务。
  41. 一种业务获取装置,应用于第二网络中的网络侧设备,包括:
    发送模块,用于向终端发送签约数据;其中,所述签约数据用于所述终端根据所述签约数据选择第一网络,接入所述第一网络,并从所述第一网络中获取所述签约数据对应的签约业务。
  42. 一种通信设备,包括处理器,存储器及存储在所述存储器上并可在所述处理器上运行的程序或指令,所述程序或指令被所述处理器执行时实现如权利要求1至18中任一项所述的业务获取方法的步骤,或者如权利要求19至31中任一项所述的业务获取方法的步骤,或者如权利要求32至38中任一项所述的业务获取方法的步骤。
  43. 一种可读存储介质,所述可读存储介质上存储程序或指令,所述程序或指令被所述处理器执行时实现如权利要求1至18中任一项所述的业务获取方法的步骤,或者如权利要求19至31中任一项所述的业务获取方法的步骤,或者如权利要求32至38中任一项所述的业务获取方法的步骤。
  44. 一种芯片,所述芯片包括处理器和通信接口,所述通信接口和所述处理器耦合,所述处理器用于运行网络侧设备程序或指令,实现如权利要求1至18中任一项所述的业务获取方法的步骤,或者如权利要求19至31中任一项所述的业务获取方法的步骤,或者如权利要求32至38中任一项所述的业务获取方法的步骤。
  45. 一种计算机软件产品,所述计算机软件产品被存储在非易失的存储 介质中,所述软件产品被配置成被至少一个处理器执行以实现如权利要求1至18中任一项所述的业务获取方法的步骤,或者如权利要求19至31中任一项所述的业务获取方法的步骤,或者如权利要求32至38中任一项所述的业务获取方法的步骤。
  46. 一种通信设备,所述通信设备被配置成用于执行如权利要求1至18中任一项所述的业务获取方法,或者如权利要求19至31中任一项所述的业务获取方法,或者如权利要求32至38中任一项所述的业务获取方法。
PCT/CN2021/096692 2020-05-28 2021-05-28 业务获取方法、装置、通信设备及可读存储介质 WO2021239098A1 (zh)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP21813736.2A EP4149173A4 (en) 2020-05-28 2021-05-28 METHOD AND DEVICE FOR OBTAINING A SERVICE AND COMMUNICATION DEVICE AND READABLE STORAGE MEDIUM
JP2022572363A JP7416984B2 (ja) 2020-05-28 2021-05-28 サービス取得方法、装置、通信機器及び可読記憶媒体
US17/993,864 US20230096402A1 (en) 2020-05-28 2022-11-23 Service obtaining method and apparatus, and communication device and readable storage medium

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010471085.7 2020-05-28
CN202010471085.7A CN113747547B (zh) 2020-05-28 2020-05-28 业务获取方法、装置、通信设备及可读存储介质

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US17/993,864 Continuation US20230096402A1 (en) 2020-05-28 2022-11-23 Service obtaining method and apparatus, and communication device and readable storage medium

Publications (1)

Publication Number Publication Date
WO2021239098A1 true WO2021239098A1 (zh) 2021-12-02

Family

ID=78724431

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/096692 WO2021239098A1 (zh) 2020-05-28 2021-05-28 业务获取方法、装置、通信设备及可读存储介质

Country Status (5)

Country Link
US (1) US20230096402A1 (zh)
EP (1) EP4149173A4 (zh)
JP (1) JP7416984B2 (zh)
CN (1) CN113747547B (zh)
WO (1) WO2021239098A1 (zh)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023138304A1 (zh) * 2022-01-24 2023-07-27 华为技术有限公司 获取签约信息的方法和装置

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116456353A (zh) * 2022-01-06 2023-07-18 维沃移动通信有限公司 托管网络接入处理方法、装置、终端及网络侧设备

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103475512A (zh) * 2013-09-02 2013-12-25 中国联合网络通信集团有限公司 物联网远程管理平台迁移方法、装置及物联网终端
CN109151804A (zh) * 2018-09-03 2019-01-04 中国联合网络通信集团有限公司 一种双模制式的网络切换方法及系统
CN109168171A (zh) * 2018-09-14 2019-01-08 腾讯科技(深圳)有限公司 配置信息获取方法、装置、设备及系统
CN109756938A (zh) * 2017-11-03 2019-05-14 华为技术有限公司 通信方法、网元、终端装置和系统

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10233606A1 (de) 2002-07-24 2004-02-12 Siemens Ag Verfahren und Datensystem zum Anbinden eines drahtlosen lokalen Netzwerks an eine UMTS-Endstation
US9055040B2 (en) 2006-02-03 2015-06-09 Qualcomm Incorporated Method and apparatus for content protection in wireless communications
CN108200570A (zh) * 2012-06-29 2018-06-22 华为技术有限公司 在线签约数据配置方法、装置及系统
CN102984686B (zh) * 2012-12-26 2016-08-03 华为技术有限公司 通信服务方法和动态签约服务器
EP3515098B1 (en) * 2016-09-30 2021-12-15 Huawei Technologies Co., Ltd. Local service authorization method and related device
EP3567926B1 (en) 2017-01-05 2021-11-10 Nec Corporation Base station, wireless terminal, methods therefor, and non-temporary computer-readable medium
CN108632945B (zh) * 2017-03-20 2020-11-06 华为技术有限公司 一种网络切片选择方法、用户设备及网络设备
WO2018170696A1 (zh) * 2017-03-20 2018-09-27 华为技术有限公司 会话管理方法、接入管理功能设备和会话管理设备
CN109327883B (zh) 2017-07-31 2023-07-14 华为技术有限公司 传输信息的方法和装置
CN110049072B (zh) * 2018-01-15 2021-09-21 华为技术有限公司 会话建立方法及设备
CN110461013A (zh) * 2018-05-08 2019-11-15 华为技术有限公司 一种网元选择方法及装置
CN110650500B (zh) * 2018-06-26 2021-07-30 大唐移动通信设备有限公司 一种amf、网络切片的选择方法及amf
CN110661753B (zh) * 2018-06-30 2021-10-22 华为技术有限公司 一种网络的注册方法、装置及系统
WO2020071689A1 (ko) * 2018-10-05 2020-04-09 삼성전자 주식회사 사설 이동통신망 및 사업자 이동통신망 접속을 지원하는 장치 및 방법
CN111182543B (zh) * 2018-11-12 2021-10-19 华为技术有限公司 切换网络的方法和装置
CN111132123B (zh) * 2019-12-31 2023-04-07 中国联合网络通信集团有限公司 策略控制的路由方法、装置及系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103475512A (zh) * 2013-09-02 2013-12-25 中国联合网络通信集团有限公司 物联网远程管理平台迁移方法、装置及物联网终端
CN109756938A (zh) * 2017-11-03 2019-05-14 华为技术有限公司 通信方法、网元、终端装置和系统
CN109151804A (zh) * 2018-09-03 2019-01-04 中国联合网络通信集团有限公司 一种双模制式的网络切换方法及系统
CN109168171A (zh) * 2018-09-14 2019-01-08 腾讯科技(深圳)有限公司 配置信息获取方法、装置、设备及系统

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP4149173A4 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023138304A1 (zh) * 2022-01-24 2023-07-27 华为技术有限公司 获取签约信息的方法和装置

Also Published As

Publication number Publication date
CN113747547A (zh) 2021-12-03
EP4149173A1 (en) 2023-03-15
CN113747547B (zh) 2023-05-05
EP4149173A4 (en) 2023-10-18
JP2023527193A (ja) 2023-06-27
US20230096402A1 (en) 2023-03-30
JP7416984B2 (ja) 2024-01-17

Similar Documents

Publication Publication Date Title
US10848970B2 (en) Network authentication method, and related device and system
US20220385445A1 (en) EMBEDDED UNIVERSAL INTEGRATED CIRCUIT CARD (eUICC) PROFILE CONTENT MANAGEMENT
JP4160049B2 (ja) 第1のネットワークを通じた第2のネットワークのサービスへのアクセスを提供する方法及びシステム
CN106102038B (zh) 移动设备为中心的电子订户身份模块(eSIM)的供应
US8611859B2 (en) System and method for providing secure network access in fixed mobile converged telecommunications networks
US20230096402A1 (en) Service obtaining method and apparatus, and communication device and readable storage medium
US20200045554A1 (en) Wireless network management and online signup of services
WO2023280194A1 (zh) 网络连接管理方法、装置、可读介质、程序产品及电子设备
US11871223B2 (en) Authentication method and apparatus and device
US8023484B1 (en) Method for obtaining a mobile internet protocol address
US20220225095A1 (en) External Authentication Method, Communication Apparatus, and Communication System
US20230048066A1 (en) Slice authentication method and apparatus
US20230020413A1 (en) Systems and methods for paging over wifi for mobile terminating calls
US9807819B1 (en) Cross-technology session continuity
US8036222B1 (en) Method for obtaining a mobile internet protocol address
US10959097B1 (en) Method and system for accessing private network services
WO2021212497A1 (zh) 安全认证方法、装置、设备及存储介质
WO2023071836A1 (zh) 一种通信方法及装置
US11564193B2 (en) Authentication in public land mobile networks comprising tenant slices
US8279872B1 (en) Method for obtaining a mobile internet protocol address
WO2021233286A1 (zh) 数据处理方法、装置、网络设备及终端
US20240187856A1 (en) Registration authentication based on a capability
WO2024065843A1 (zh) 私有物联网单元pine的接入认证方法和装置
WO2021249325A1 (zh) 切片服务验证方法及其装置
WO2023246457A1 (zh) 安全决策协商方法及网元

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21813736

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2022572363

Country of ref document: JP

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 2021813736

Country of ref document: EP

Effective date: 20221206

NENP Non-entry into the national phase

Ref country code: DE