WO2022021139A1 - Procédé et appareil d'abonnement et d'approvisionnement - Google Patents

Procédé et appareil d'abonnement et d'approvisionnement Download PDF

Info

Publication number
WO2022021139A1
WO2022021139A1 PCT/CN2020/105495 CN2020105495W WO2022021139A1 WO 2022021139 A1 WO2022021139 A1 WO 2022021139A1 CN 2020105495 W CN2020105495 W CN 2020105495W WO 2022021139 A1 WO2022021139 A1 WO 2022021139A1
Authority
WO
WIPO (PCT)
Prior art keywords
snpn
provisioning
subscribing
response
identity
Prior art date
Application number
PCT/CN2020/105495
Other languages
English (en)
Inventor
Jianning Liu
Genadi Velev
Andreas Kunz
Tingfang Tang
Sheeba Backia MARY BASKARAN
Original Assignee
Lenovo (Beijing) Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lenovo (Beijing) Limited filed Critical Lenovo (Beijing) Limited
Priority to PCT/CN2020/105495 priority Critical patent/WO2022021139A1/fr
Publication of WO2022021139A1 publication Critical patent/WO2022021139A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/50Service provisioning or reconfiguring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/72Subscriber identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • H04W8/205Transfer to or from user equipment or user record carrier

Definitions

  • Embodiments of the present application generally relate to wireless communication technology, and especially to a method and apparatus for subscribing and provisioning.
  • a private 5G network is also termed a non-public network (NPN) .
  • NPN non-public network
  • the 5G private network provides 5G network services to a clearly defined user organization or group of user organizations.
  • the 5G private network is deployed on the organization’s defined premises, such as a campus or a factory.
  • 3GPP 3rd generation partnership project
  • SNPN standalone non-public network
  • PLMN public land mobile network
  • PNI-NPN public network integrated NPN
  • a new PLMN user equipment can get full subscription data from a universal subscriber identity module (USIM) card or an embedded subscriber identity module (eSIM) that configured with the full subscription data, and there is a flexible and specified way to remotely provision the eSIM.
  • a NPN UE has no USIM or eSIM inside.
  • a new UE without any subscription data is assumed to be pre-configured with default configuration in order to access to an onboarding network and obtain the provisioning data from a home network that owns subscription data of the UE.
  • a UE has subscribed to a PLMN or a NPN, while it wants to access to a SNPN only for temporary purposes. For example, when the UE moves into a region providing music or sport events etc., where a specific SNPN provides dedicated service for the music or sport events, the UE may want to access the specific SNPN to obtain better service for the music or sport events than the PLMN or NPN. In this situation, the UE has no default configuration to access the specific SNPN and the SNPN has no subscription data for this UE. How the UE subscribes to the specific SNTN and gets provisioning data from SNPN should be solved.
  • Embodiments of the present application provide a method and apparatus for subscribing and provisioning.
  • An embodiment of the present application provides a method, including: transmitting a subscribing and provisioning request associated with a SNPN for a UE, wherein the subscribing and provisioning request at least indicates an identity of the UE; and receiving a subscribing and provisioning response in response to the subscribing and provisioning request, wherein the subscribing and provisioning response at least indicates the identity of the UE and a provisioning data container associated with the SNPN.
  • Another embodiment of the present application provides a method, including: receiving a provisioning request associated with a SNPN for a UE, wherein the provisioning request at least indicates an identity of the UE; and transmitting a provisioning response in response to the provisioning request, wherein the provisioning response at least indicates the identity of the UE and a provisioning data container associated with the SNPN in the case of the provisioning request being accepted.
  • Yet another embodiment of the present application provides a method, including: receiving a subscribing and provisioning request associated with a SNPN for a UE, wherein the subscribing and provisioning request at least indicates an identity of the UE; transmitting a provisioning response in the case of the subscribing and provisioning request being accepted, wherein the provisioning request at least indicates the identity of the UE; and receiving a provisioning response in response to the provisioning request, wherein the provisioning response at least indicates the identity of the UE and a provisioning data container associated with the SNPN.
  • the apparatus may include at least one non-transitory computer-readable medium having stored thereon computer-executable instructions; at least one receiving circuitry; at least one transmitting circuitry; and at least one processor coupled to the at least one non-transitory computer-readable medium, the at least one receiving circuitry and the at least one transmitting circuitry, wherein the computer-executable instructions cause the at least one processor to implement a method with the at least one receiving circuitry and the at least one transmitting circuitry.
  • Embodiments of the present application can provide technical solutions for subscribing and provisioning in SNPN scenarios, which can facilitate the deployment and implementation of NPN technology.
  • FIG. 1 is a flow chart illustrating a UE onboarding procedure in PNI-NPN scenarios according to one solution proposed in 3GPP TR 23.700-07 v0.4.0;
  • FIG. 2 is a schematic diagram illustrating an exemplary scenario, in which a UE has subscribed and provisioned to a third party according to some embodiments of the present application;
  • FIG. 3 is a flow chart illustrating a basic procedure of a method for subscribing and provisioning according to some embodiments of the present application
  • FIG. 4 is a flow chart illustrating a detailed exemplary procedure including a method for subscribing and provisioning according to some embodiments of the present application.
  • FIG. 5 illustrates an apparatus according to some embodiments of the present application.
  • FIG. 1 is a flow chart illustrating a UE onboarding procedure in PNI-NPN scenarios according to one solution proposed in 3GPP TR 23.700-07 v0.4.0, which can enable the UE to be provisioned with necessary information for accessing a PNI-NPN and vertical networks attached to this PNI-NPN.
  • the PLMN which the UE is to access includes a 5G-access network (5G-AN) , 5G core network (5GC) , and on-boarding information mapping function (OIMF) , wherein the 5G-AN connects to the 5GC via N2 and N3 reference points.
  • the PNI-NPN includes a provisioning server (PS) data network (DN) and a vertical server (VS) DN. All the elements, especially the UE and 5GC are pre-configured with necessary information, which can refer to clause 6.7.1 of 3GPP TR 23.700-07 v0.4.0.
  • the OIMF is pre-configured with mapping information of PNI-NPN ID (e.g. closed access group (CAG) ID) and Provisioning Server Routing Information.
  • CAG closed access group
  • step 100 which is related to enquiry on-boarding information: the UE registers to the PLMN using the public subscription/credentials and primary authentication is performed.
  • the UE either manually or automatically discovers and selects the PNI-NPN ID for UE on-boarding (e.g. CAG ID) based on the broadcast information.
  • the UE requests the OIMF for the Provisioning Server Routing Information (e.g. PS data network name (DNN) , PS network slice selection assistance information (NSSAI) , allowed PS and/or PS authentication-authorization-account (AAA) address list, port ID) using PNI-NPN ID via non-access stratum (NAS) message.
  • DNN PS data network name
  • NSSAI PS network slice selection assistance information
  • AAA allowed PS and/or PS authentication-authorization-account
  • the PLMN shall provide the UE with the restricted registration and protocol data unit (PDU) Session for limited services based on the valid period in the public subscription, and extra restriction information involved in Provisioning Server Routing Information (e.g. session management function (SMF) selection subscription data, and allowed number of PDU Session for provisioning per UE, allowed PS address list and quality of service (QoS) ) .
  • PDU protocol data unit
  • SMF session management function
  • QoS quality of service
  • a following step is related to on-boarding authentication and PLMN subscription update: the UE selects the slice or DNN to access PS according to Provisioning Server Routing Information. The UE may re-register to the PLMN using selected slice. The UE performs on-boarding authentication via 5GC with PS AAA using the on-boarding credentials, potentially reusing the secondary authentication procedure, which triggered by SMF, to realize the on-boarding authentication. When the UE has been successfully authenticated, the PLMN subscription should be updated, including static vertical subscriptions and dynamic vertical credentials.
  • step 102-1 which is related to static vertical subscriptions update: the static vertical subscription (e.g. subscription owner (SO) DNN, SO NSSAI) is preconfigured in PLMN based on the agreement between PLMN and VS DN.
  • the 5GC can be aware of authentication result. If the authentication is successful, the 5GC authorizes the UE, and updates UE's subscriptions according to pre-configured static vertical subscriptions.
  • step 102-2 which is related to dynamic vertical subscriptions update: the dynamic vertical subscription (e.g. updated CAG information, updated QoS) is the information that the VS DN intends to revised to UE's subscription.
  • the PLMN may reject the update of dynamic vertical subscriptions. If the provisioning is successful, the PS DN may transfer the UE's dynamic vertical subscriptions (e.g. updated CAG information, updated QoS) to the PLMN via network exposure function (NEF) (not shown) , and the PLMN may update UE's subscriptions for dynamic vertical subscriptions.
  • NEF network exposure function
  • a next step is related to provisioning: the PS DN provisions the UE configuration parameters to the PLMN and vertical credentials to UE.
  • step 104-1 which is related to UE configuration update: when the UE configurations are updated, the PLMN may update the UE configurations to the UE by triggering the UE Configuration Update procedure.
  • Step 104-2 is related to vertical credentials provisioning: after successful on-boarding authentication, the UE is authorized to establish the PDU session to access the PS DN and the PS DN provisions the vertical credentials to the UE by the established user plane path.
  • the UE may reuse existing N3GPP credential management protocol with the PS DN. For example, to reuse CMPv2 protocol to ask certificate authority (CA) for signing a vertical's certificate.
  • the vertical credentials can be stored in either mobile equipment (ME) or universal integrated circuit card (UICC) but is expected to be stored in UICC in this solution.
  • the UE may try to access to the vertical network, e.g., the UE accessing the NPN using the obtained UE configuration parameters and vertical credentials.
  • step 106-1 which is related to re-registration using updated UE configuration: after the provisioning procedure, the UE may perform re-registration procedures using UE configuration to reselect CAG ID, slice and DNN, establish specific PDU session with suitable QoS.
  • step 106-2 which is related to secondary/slice authentication using vertical credentials: when the UE requests to access the VS DN, the PLMN may trigger secondary/slice authentication, and the UE uses vertical credentials to process the authentication.
  • step 106-3 normal service (s) will be performed in step 106-3, wherein the UE can initiate regular services to the vertical network via the PNI-NPN.
  • the PLMN can trigger the network-initiated de-registration.
  • the UE shall be in the coverage of the PLMN. It cannot work for onboarding and provisioning, when UE is out of the coverage of the PLMN.
  • the UE is pre-configured with PLMN information so that the UE can access the PLMN and obtain the NPN subscription from the PNI-NPN via the PLMN. That is, for a NPN scenario, when a UE has no default configuration, the solution is not adaptable even if the UE has normal PLMN or NPN subscription.
  • the UE should be pre-configured with PLMN subscription and default credentials. It does not apply the case that a UE only has PLMN subscriptions without default credentials. In addition, the UE should be within the coverage of the PLMN. When the UE is only in a SNPN coverage, it cannot perform onboarding and provisioning to the SNPN.
  • embodiments of the present application provide a novel solution for subscribing and provisioning of a UE into a SNPN, which can even work when the UE is within the coverage of SNPN, independent of the PLMN coverage.
  • the UE only has normal PLMN or SNPN subscription, but not has any default configuration.
  • FIG. 2 is a schematic diagram illustrating an exemplary scenario, in which a UE has subscribed and provisioned to a third party in accordance with some embodiments of the present application.
  • a UE 200 has subscribed to a third party 220, e.g., a PLMN and has the subscription data (or information) to the PLMN.
  • the third party 220 may be a NPN, that is, the UE 200 may have subscribed to a NPN and has the subscription data to the NPN.
  • the UE 200 may have subscribed to both a PLMN and a NPN, and has the respective subscription data to the PLMN and NPN.
  • the UE 200 may be a computing device, such as a desktop computer, a laptop computer, a personal digital assistant (PDA) , a tablet computer, a smart television (e.g., television connected to the Internet) , a set-top box, a game console, a security system (including a security camera) , a vehicle on-board computer, a network device (e.g., a router, a switch, and a modem) , or the like.
  • a computing device such as a desktop computer, a laptop computer, a personal digital assistant (PDA) , a tablet computer, a smart television (e.g., television connected to the Internet) , a set-top box, a game console, a security system (including a security camera) , a vehicle on-board computer, a network device (e.g., a router, a switch, and a modem) , or the like.
  • the UE 200 may be a portable wireless communication device, a smart phone, a cellular telephone, a flip phone, a device having a subscriber identity module, a personal computer, a selective call receiver, or any other device that is capable of sending and receiving communication signals on a wireless network.
  • the UE 200 may include a wearable device, such as a smart watch, a fitness band, an optical head-mounted display, or the like.
  • the UE 200 may be referred to as a subscriber unit, a mobile phone, a mobile station, a user, a terminal, a mobile terminal, a wireless terminal, a fixed terminal, a subscriber station, a user terminal, or any device described using other terminology used in the art.
  • the SNPN 230 is based on 3GPP-defined technologies and is entirely independent on its own dedicated SNPN identifier (ID) .
  • ID dedicated SNPN identifier
  • NID network identifier
  • the combination of a PLMN ID and a network identifier (NID) may identify a SNPN 230.
  • the SNPN 230 is also within the coverage of the PLMN 220, in some other embodiments of the present application, the SNPN 230 may be outside of the coverage of the PLMN 220, i.e., being independent from the PLMN 220.
  • an exemplary SNPN 230 can be various.
  • an exemplary SNPN 230 may include an AN, an access and mobility management function (AMF) , an authentication server function (AUSF) , a unified data management (UDM) , a default credential sever (DCS) , and/or a provisioning server etc.
  • AMF access and mobility management function
  • AUSF authentication server function
  • UDM unified data management
  • DCS default credential sever
  • provisioning server etc.
  • the AN may be configured to provide a network access service for the UE 200.
  • An AN entity may also be referred to as radio access network (RAN) entity, an access point, an access terminal, a base, a macro cell, a Node-B, an enhanced Node B (eNB) , a gNB, a home Node-B, a relay node, or any device described using other terminology used in the art.
  • RAN radio access network
  • the AMF, the AUSF, and the UDM are network function entities of a 5G core network.
  • the AMF is a network function entity used for receiving all the connection and session information from a UE 200 or the AN and handling connection and mobility management tasks.
  • the AUSF is a network function entity used for authentication.
  • the UDM is a network function entity used for managing network user data in a single, centralized element.
  • a UDM of an onboarding network (ON) is also provisioned with the subscription permanent identifier (SUPI) s of UEs to be used for the onboarding procedure, and is not authorized to establish any PDU session.
  • SUPI subscription permanent identifier
  • the DCS is able to authenticate a vendor or manufacturer of the UE 200 (i.e. a device vendor) and authorize the UE 200 to proceed with an onboarding procedure.
  • the DCS may be provisioned with the certificate path of the device vendor, as well as the unique identifier (e.g., host ID or MAC address) of the UE 200, which are used to authorize the UE 200 to perform the onboarding procedure.
  • the DCS is provisioned with the UE-specific credential of the UE 200 that is used to authorize the UE 200 to perform the onboarding procedure.
  • the provisioning server is provisioned with the subscription data that needs to be configured to the UE 200.
  • the provisioning server is also administered by a SO, e.g. the SNPN or a delegated administration entity, which is able to provide the configuration parameters of the SO to the UE 200.
  • the user of the UE 200 may be interested in the dedicated service provided by the SNPN 230, and thus may want to access the SNPN 230 to obtain the dedicated service.
  • a SNPN-enabled UE also called a SNPN UE
  • SUPI subscription permanent identifier
  • the UE 200 has no default configuration to obtain the provisioning data to the SNPN 230and cannot access the SNPN 230.
  • the SNPN 230 has no subscription data for the UE 200.
  • a subscribing and provisioning procedure (which may be also referred to "a subscribing procedure" or "a provisioning procedure” ) is needed for the UE 200 to access the SNPN 230.
  • FIG. 3 is a flow chart illustrating a basic procedure of a method for subscribing and provisioning according to some embodiments of the present application.
  • a first function entity of the SNPN e.g., an AMF
  • a second function entity of the SNPN e.g., a UDM
  • persons skilled in the art can totally understand that the method respectively performed in the UE, in the AMF and in the UDM can be performed in other corresponding network elements or function entities with similar functions in other embodiments of the present application, and can be integrated with other adaptive methods in some other embodiments of the present application.
  • the method performed in the UDM can be performed in a provisioning server, and the UE, the AMF and the provisioning server can cooperate to perform a system level method.
  • part or all of the procedures respectively performed in the UE, AMF and UDM may be different from the illustrated.
  • the name of various messages, e.g., a subscribing and provisioning request in the illustrated embodiments are only for distinguishing them, which should not be deemed as the substantial limit to these messages.
  • a UE may transmit a subscribing and provisioning request associated with a SNPN, which the UE wants to access.
  • the subscribing and provisioning request may be an on demand subscribing and provisioning request, which is also referred to as "online subscribing and provisioning request. " The subscribing and provisioning request at least indicates an identity of the UE.
  • subscribing information associated with the UE may be transmitted together with the identity of the UE via the subscribing and provisioning request.
  • the subscribing information associated with the UE includes at least one of the following: a username, a password, an identity of the SNPN, and subscribed service (s) .
  • the UE may obtain the information of the SNPN, i.e., the identity of the SNPN by downloading and installing an application (i.e., an APP) of the SNPN.
  • the user of the UE may register a user account of the SNPN through the APP with a username and password (if necessary) .
  • the APP of the SNPN may provide kinds of subscribed service (s) for the users to select.
  • the subscribing information associated with the UE may be transmitted via a message different from the subscribing and provisioning request, that is, the subscribing information associated with the UE may be transmitted separated from the identity of the UE.
  • the subscribing and provisioning request may be transmitted to the AMF of the SNPN via the AN of the SNPN in some embodiments of the present application.
  • the first entity of the SNPN may be another function entity integrating the function of the AMF and AN, and the related messages between the first entity and the UE may be directly transmitted.
  • the AMF receives the subscribing and provisioning request associated with the SNPN for the UE.
  • the AMF will determine whether to accept the subscribing and provisioning request.
  • the AMF will transmit a provisioning request in the case of the subscribing and provisioning request being accepted.
  • the AMF may transmit a subscribing and provisioning response for rejecting the subscribing and provisioning request or make no response. Similar to the subscribing and provisioning request, the provisioning request at least indicates the identity of the UE.
  • the subscribing information associated with the UE can be transmitted together via the provisioning request or separately transmitted via another message.
  • the provisioning request may be transmitted to the UDM of the SNPN or the like (e.g., a provisioning server or other adaptive function entity of the SNPN) depending on the selection of the AMF.
  • the UDM or provisioning server etc. of the SNPN receives the provisioning request.
  • the UDM or the like will check whether there is existing subscription information (or data) of the SNPN for the UE. When there is no existing subscription information of the SNPN for the UE, the UDM or the like will create subscription information of the SNPN for the UE.
  • the UDM or the like will transmit a provisioning response in response to the provisioning request.
  • the provisioning response at least indicates the identity of the UE and a provisioning data container associated with the SNPN.
  • the provisioning data container at least includes necessary subscription information of the SNPN for the UE, e.g., an identity of the SNPN, a credential of the SNPN, and a SUPI of the UE.
  • the subscription information of the SNPN for the UE may further include at least one of subscribed single network slice selection assistance information (S-NSSAI) , and subscribed data network name (DNN) etc.
  • S-NSSAI subscribed single network slice selection assistance information
  • DNN subscribed data network name
  • the AMF may receive a provisioning response in response to the provisioning request.
  • the AMF may transmit a subscribing and provisioning response in response to the subscribing and provisioning request.
  • the subscribing and provisioning response at least indicates the identity of the UE and the provisioning data container associated with the SNPN.
  • the subscribing and provisioning response may be transmitted by the AMF to the UE via the AN, and the UE may receive the subscribing and provisioning response in step 302.
  • the subscribing and provisioning response may be an on demand the subscribing and provisioning response.
  • the UE can obtain the necessary subscription information for accessing the SNPN. Then, the UE may try to a re-registration procedure to access the SNPN.
  • a UE with subscription information to a third party it is possible for a UE with subscription information to a third party to subscribe and provision to a SNPN within or outside of the coverage of the third party.
  • the SNPN has service agreement with the third party.
  • the SNPN can authenticate the UE and establish secured connection between the UE and the SNPN by using the keys derived from the third party.
  • UE can download the subscription and provisioning data from the SNPN securely.
  • the UE can trigger to perform re-registration and access the SNPN by the obtained subscription and provisioning data.
  • FIG. 4 is a flow chart illustrating a detailed exemplary procedure including a method for subscribing and provisioning according to some embodiments of the present application.
  • the procedure is illustrated in a system level among a UE, a SNPN and a third party
  • persons skilled in the art can totally understand that the method respectively performed in the UE, in the illustrated function entities of the SNPN, e.g., the AMF and in the illustrated function entity of the third party, can be performed in other corresponding network elements or function entities with similar functions in other embodiments of the present application, and can be integrated with other adaptive methods in some other embodiments of the present application.
  • part or all of the procedures performed in the UE and SNPN may be different from the illustrated.
  • a UE which has subscribed to a third party may trigger to select a SNPN, e.g., based on a request from the SNPN APP.
  • the SNPN APP may indicate the identity of the SNPN.
  • the user of the UE may manually select the SNPN.
  • the UE may initiate and transmit a registration request to the SNPN based on the existing subscription data (information) .
  • the registration request at least indicates the identity of the UE, e.g., an identifier of the UE in the third party.
  • the registration request may be first transmitted to the AN of the SNPN in step 402-1, and then be transmitted to the AMF of the SNPN by the AN in step 402-2.
  • the AMF After receiving the registration request, the AMF will perform an Authentication&Authorization procedure in step 404 to derive keys from the third party, e.g., from the UDM of the third party so that the SNPN can authenticate the UE and establish secured connection between the UE and SNPN.
  • the Authentication&Authorization procedure is substantially identical with the authentication and authorization in a PLMN roaming case.
  • the AMF may transmit a registration response in response to the registration request indicating rejecting or accepting the registration request, which is first transmitted to the AN in step 406-1 and then is transmitted to the UE by the AN in step 406-2.
  • the UE may transmit a subscribing and provisioning request to the SNPN.
  • the subscribing and provisioning request may be first transmitted to the AN of the SNPN in step 408-1, and then is transmitted to the AMF by the AN in step 408-2.
  • the subscribing and provisioning request at least indicates an identity of the UE.
  • subscribing information associated with the UE may be transmitted together with the identity of the UE via the subscribing and provisioning request.
  • the subscribing information associated with the UE includes at least one of the following: a username, a password, an identity of the SNPN, and subscribed service (s) .
  • the subscribing information associated with the UE may be transmitted separated from the identity of the UE.
  • the AMF After receiving the subscribing and provisioning request, the AMF will determine whether to accept the subscribing and provisioning request e.g., determining whether the SNPN can support the UE based on the SNPN capabilities. When the subscribing and provisioning request is accepted, the AMF will select a UDM of the SNPN in step 410 and transmit a provisioning request to the selected UDM of the SNPN in step 412. Similar to the subscribing and provisioning request, the provisioning request at least indicates the identity of the UE. The subscribing information associated with the UE (if any) can be transmitted together via the provisioning request or separately transmitted via another message.
  • the UDM may be a provisioning server or the like.
  • the AMF may transmit a subscribing and provisioning response for rejecting the subscribing and provisioning request or make no response.
  • the UDM After receiving the provisioning request, the UDM will check whether there is existing subscription information (or data) of the SNPN for the UE in step 414. When there is no existing subscription information of the SNPN for the UE, the UDM may reuse the existing subscription information. When there is no existing subscription information of the SNPN for the UE, the UDM will create subscription information of the SNPN for the UE. For example, the UDM may create new subscription information of the SNPN, and correlate the new subscription information of the SNPN with the UE.
  • the UDM will transmit a provisioning response to the AMF in response to the provisioning request.
  • the provisioning response at least indicates the identity of the UE and a provisioning data container associated with the SNPN.
  • the provisioning data container at least includes necessary subscription information of the SNPN for the UE, e.g., an identity of the SNPN, a credential of the SNPN, and a SUPI.
  • the subscription information of the SNPN for the UE may further include at least one of S-NSSAI, and subscribed DNN etc.
  • the AMF may transmit a subscribing and provisioning response in response to the subscribing and provisioning request.
  • the subscribing and provisioning response at least indicates the identity of the UE and the provisioning data container associated with the SNPN.
  • the subscribing and provisioning response can be first transmitted to the AN in step 418-1 by the AMF, and be transmitted to the UE via the AN in step 418-2.
  • the UE can obtain the necessary subscription information to the SNPN. Then, the UE may transmit a re-registration request to access the SNPN based on the provisioning data container associated with the SNPN in step 420.
  • the re-registration request at least indicates part of the subscription information of the SNPN for the UE, e.g., the identity of the SNPN, the credential of the SNPN, and the SUPI of the UE etc.
  • FIG. 5 illustrates an example block diagram of an apparatus 600 according to some embodiments of the present application.
  • the apparatus 500 may include at least one non-transitory computer-readable medium 501, at least one receiving circuitry 502, at least one transmitting circuitry 504, and at least one processor 506 coupled to the non-transitory computer-readable medium 501, the receiving circuitry 502 and the transmitting circuitry 504.
  • the apparatus 500 may be a function entity of the SNPN (e.g., an AMF, UDM or provisioning server etc. ) , or a communication device (e.g., a UE) configured to perform a method illustrated in FIGS. 3 and 4 and the like.
  • the at least one processor 506, transmitting circuitry 504, and receiving circuitry 502 are described in the singular, the plural is contemplated unless a limitation to the singular is explicitly stated.
  • the receiving circuitry 502 and the transmitting circuitry 504 are combined into a single device, such as a transceiver.
  • the apparatus 500 may further include an input device, a memory, and/or other components.
  • the non-transitory computer-readable medium 501 may have stored thereon computer-executable instructions to cause a processor to implement the method with respect to the UE as described above.
  • the computer-executable instructions when executed, cause the processor 506 interacting with receiving circuitry 502 and transmitting circuitry 504, so as to perform the steps with respect to a UE depicted in FIGS. 3 and 4.
  • the computer-executable instructions when executed, cause the processor 506 interacting with receiving circuitry 502 and transmitting circuitry 504, so as to perform the steps with respect to a SNPN (including the related function entities, e.g., AMF, UDM, provisioning server or the like) depicted in FIGS. 3 and 4.
  • SNPN including the related function entities, e.g., AMF, UDM, provisioning server or the like
  • a software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, a hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
  • the steps of a method may reside as one or any combination or set of codes and/or instructions on a non-transitory computer-readable medium, which may be incorporated into a computer program product.
  • the terms “includes” , “including” , or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that includes a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
  • An element proceeded by “a” , “an” , or the like does not, without more constraints, preclude the existence of additional identical elements in the process, method, article, or apparatus that includes the element.
  • the term “another” is defined as at least a second or more.
  • the term “having” and the like, as used herein, are defined as "including. "

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

Selon des modes de réalisation, la présente invention concerne un procédé et un appareil d'abonnement et d'approvisionnement. Un procédé donné à titre d'exemple de la présente invention consiste à : transmettre une demande d'abonnement et d'approvisionnement associée à un réseau non public autonome (SNPN) pour un équipement utilisateur (UE), la demande d'abonnement et d'approvisionnement indiquant au moins une identité de l'UE ; et recevoir une réponse d'abonnement et d'approvisionnement en réponse à la demande d'abonnement et d'approvisionnement, la réponse d'abonnement et d'approvisionnement indiquant au moins l'identité de l'UE et un conteneur de données d'approvisionnement associé au SNPN.
PCT/CN2020/105495 2020-07-29 2020-07-29 Procédé et appareil d'abonnement et d'approvisionnement WO2022021139A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2020/105495 WO2022021139A1 (fr) 2020-07-29 2020-07-29 Procédé et appareil d'abonnement et d'approvisionnement

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2020/105495 WO2022021139A1 (fr) 2020-07-29 2020-07-29 Procédé et appareil d'abonnement et d'approvisionnement

Publications (1)

Publication Number Publication Date
WO2022021139A1 true WO2022021139A1 (fr) 2022-02-03

Family

ID=80037056

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/105495 WO2022021139A1 (fr) 2020-07-29 2020-07-29 Procédé et appareil d'abonnement et d'approvisionnement

Country Status (1)

Country Link
WO (1) WO2022021139A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024020290A1 (fr) * 2022-07-20 2024-01-25 Cisco Technology, Inc. Authentification de dispositifs et enregistrement et découverte de fonctions de réseau pour réseaux 5g verticaux

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008034366A1 (fr) * 2006-09-15 2008-03-27 Huawei Technologies Co., Ltd. Procédé et système d'inscription à un service et dispositif associé
US8838725B2 (en) * 2011-07-27 2014-09-16 Verizon Patent And Licensing Inc. Internet cache subscription for wireless mobile users
EP3043585A1 (fr) * 2015-01-12 2016-07-13 Verisign, Inc. Systèmes et procédés pour fournir des services sécurisés
WO2018013925A1 (fr) * 2016-07-15 2018-01-18 Idac Holdings, Inc. Structure d'autorisation adaptative pour réseaux de communication
US20180063564A1 (en) * 2016-08-26 2018-03-01 Adobe Systems Incorporated Subscription service for authorizing access to media content
CN109788040A (zh) * 2018-12-27 2019-05-21 北京航天智造科技发展有限公司 微服务授权与调度方法和系统

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008034366A1 (fr) * 2006-09-15 2008-03-27 Huawei Technologies Co., Ltd. Procédé et système d'inscription à un service et dispositif associé
US8838725B2 (en) * 2011-07-27 2014-09-16 Verizon Patent And Licensing Inc. Internet cache subscription for wireless mobile users
EP3043585A1 (fr) * 2015-01-12 2016-07-13 Verisign, Inc. Systèmes et procédés pour fournir des services sécurisés
WO2018013925A1 (fr) * 2016-07-15 2018-01-18 Idac Holdings, Inc. Structure d'autorisation adaptative pour réseaux de communication
US20180063564A1 (en) * 2016-08-26 2018-03-01 Adobe Systems Incorporated Subscription service for authorizing access to media content
CN109788040A (zh) * 2018-12-27 2019-05-21 北京航天智造科技发展有限公司 微服务授权与调度方法和系统

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024020290A1 (fr) * 2022-07-20 2024-01-25 Cisco Technology, Inc. Authentification de dispositifs et enregistrement et découverte de fonctions de réseau pour réseaux 5g verticaux

Similar Documents

Publication Publication Date Title
CN111263334B (zh) 向移动无线设备配置电子用户身份模块
US11659481B2 (en) Methods and systems for UE to request appropriate NSSAI in 5G
EP3881606B1 (fr) Sélection de réseau d'accès pour un ue ne prenant pas en charge un nas sur un accès non-3gpp
US20240064514A1 (en) Delegated data connection
US20220337995A1 (en) Apparatus and method for providing subscription data to non-subscriber registered terminal in wireless communication system
US20240224163A1 (en) Snpn onboarding and obtaining snpn services from a plmn
US20240023013A1 (en) Methods and Apparatus for Service Assurance for Time-Restricted Short-Lived Networks
US20230048066A1 (en) Slice authentication method and apparatus
CN114342549A (zh) 用于连接网络的方法和设备
US12041448B2 (en) Methods and apparatus for controlling permissions of a UE for accessing a network
US20230156457A1 (en) Method and apparatus for providing onboarding and provisioning services
CN116390203A (zh) 选择网络的方法和装置
WO2022021139A1 (fr) Procédé et appareil d'abonnement et d'approvisionnement
WO2020208295A1 (fr) Établissement de trajets de communication sécurisés avec un serveur de connexion par trajets multiples, avec une connexion initiale sur un réseau privé
WO2023016160A1 (fr) Procédé d'établissement de session et appareil associé
US12127005B2 (en) Minimal configuration synthetic eSIM profiles for wireless devices
CN116074821A (zh) 一种通信方法及装置
CN113574917A (zh) 无线通信的方法和设备
US20230262444A1 (en) Systems and methods for supporting multiple universal subscriber identity modules
US20240064683A1 (en) Receiving a subscription for accessing a local server
WO2024105576A1 (fr) Condition de validité basée sur l'emplacement d'un réseau de desserte pour un service localisé et procédure sor améliorée pour un service localisé
CN118120201A (zh) 私有物联网单元pine的接入认证方法和装置
KR20240110301A (ko) 무선 통신 시스템에서의 사용자 기기의 가입자 식별 모듈을 설정하는 방법 및 이를 위한 장치
EP4454349A1 (fr) Informations de sélection de réseau à base de tranche
CN117377030A (zh) 接入网络的方法和通信装置

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 22/05/2023)

122 Ep: pct application non-entry in european phase

Ref document number: 20947261

Country of ref document: EP

Kind code of ref document: A1