WO2022142740A1 - 一种网络切片连接方法、装置、存储介质及电子装置 - Google Patents
一种网络切片连接方法、装置、存储介质及电子装置 Download PDFInfo
- Publication number
- WO2022142740A1 WO2022142740A1 PCT/CN2021/129363 CN2021129363W WO2022142740A1 WO 2022142740 A1 WO2022142740 A1 WO 2022142740A1 CN 2021129363 W CN2021129363 W CN 2021129363W WO 2022142740 A1 WO2022142740 A1 WO 2022142740A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- slice
- application
- uid
- network
- network slice
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 41
- 230000004913 activation Effects 0.000 claims abstract description 19
- 230000015654 memory Effects 0.000 claims description 18
- 238000004590 computer program Methods 0.000 claims description 16
- 230000004044 response Effects 0.000 claims description 3
- 238000004891 communication Methods 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 13
- 230000005540 biological transmission Effects 0.000 description 11
- 230000009977 dual effect Effects 0.000 description 9
- 238000005516 engineering process Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 230000000977 initiatory effect Effects 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/18—Selecting a network or a communication service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/08—Access restriction or access information delivery, e.g. discovery data delivery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/16—Discovering, processing access restriction or access information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
- H04W12/033—Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
Definitions
- the embodiments of the present application relate to the field of communications, and in particular, to a network slice connection method, device, storage medium, and electronic device.
- 5G network slicing technology (Network Slicing), the simplest understanding, is to cut a physical network into multiple virtual end-to-end networks, between each virtual network, including the equipment, access, transmission and core network in the network , are logically independent, and the failure of any one virtual network will not affect other virtual networks.
- Each virtual network has different functional characteristics and faces different needs and services.
- 5G network slicing technology brings the following values: guaranteeing the service quality of different levels of services, including traditional network indicators such as bandwidth, delay, packet loss and jitter; enabling users to obtain a logically independent network, avoiding network risks, and avoiding leaks; Users can view the network statistics and statuses related to their own slice packages.
- 5G network slicing technology generally divides network slicing into five levels: L0, L1, L2, L3, and L4.
- L0, L1, L2, L3, and L4 For industry-customized 5G terminal products, the use of corresponding levels of slicing will be selected according to the industry in the future. If you choose to use L3, the government chooses to use L3 or L4, and there is a large space for the terminal to develop in the technology of slicing and grading.
- the dual system of two android systems it is divided into a working system and a living system, which can be switched between each other.
- the two systems share a Subscriber Identity Model (SIM) card.
- SIM Subscriber Identity Model
- the working system is a custom system, it can only be used.
- this method is unaware of the APP on the working system and the living system, that is, there is no need to make any targeted changes at the APP level.
- URSP UE Route Selection Policy
- An embodiment of the present application provides a network slice connection method, the method includes: acquiring a network slice activation request of an application, wherein the network slice activation request carries an application user identity (User Identity, UID for short) and Slice traffic descriptor identifier; determine the system to which the application belongs according to the UID, and obtain the target application package name corresponding to the UID under the system to which the application belongs; determine the permission corresponding to the target application package name The first slice level used by the application; establishes a network slice connection with the first slice level range according to the slice traffic descriptor identifier.
- UID application user identity
- An embodiment of the present application further provides a network slice connection apparatus, the apparatus includes: a first acquisition module, configured to acquire a network slice activation request of an application, wherein the network slice activation request carries an application user identifier UID and a slice traffic descriptor identifier; a second obtaining module, configured to determine the system to which the application belongs according to the UID, and obtain the target application package name corresponding to the UID under the system to which the application belongs; a determining module , used to determine the first slice level scope corresponding to the target application package name that is allowed to be used by the application; a connection establishment module, configured to establish a network slice connection with the first slice level scope according to the slice traffic descriptor identifier .
- the embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored in the storage medium, wherein the computer program is configured to execute the steps in any one of the above method embodiments when running.
- Embodiments of the present application further provide an electronic device, including a memory and a processor, where a computer program is stored in the memory, and the processor is configured to run the computer program to execute any one of the foregoing method embodiments. A step of.
- FIG. 1 is a block diagram of a hardware structure of a mobile terminal according to a network slice connection method according to an embodiment of the present application
- FIG. 2 is a flowchart of a network slice connection method according to an embodiment of the present application.
- FIG. 3 is a block diagram of dual-system automatic slice grading control according to an embodiment of the present application.
- FIG. 5 is a block diagram of a network slice connection apparatus according to another embodiment of the present application.
- FIG. 6 is a block diagram 1 of a network slice connection apparatus according to an embodiment of the present application.
- FIG. 7 is a second block diagram of a network slice connection apparatus according to an embodiment of the present application.
- FIG. 8 is a third block diagram of a network slice connection apparatus according to an embodiment of the present application.
- Embodiments of the present application provide a network slice connection method, device, storage medium, and electronic device, so as to at least solve the problem of how to implement network slice classification for dual systems or multiple systems under the requirement of non-interference between network slices.
- FIG. 1 is a block diagram of the hardware structure of a mobile terminal of a network slice connection method according to an embodiment of the present application.
- the mobile terminal may include one or more (in FIG. 1 only A) processor 102 is shown (the processor 102 may include, but is not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA, etc.) and a memory 104 for storing data, wherein the above-mentioned mobile terminal may also include a Communication function transmission device 106 and input and output device 108.
- FIG. 1 is only a schematic diagram, which does not limit the structure of the above-mentioned mobile terminal.
- the mobile terminal may also include more or fewer components than those shown in FIG. 1 , or have a different configuration than that shown in FIG. 1 .
- the memory 104 can be used to store computer programs, for example, software programs and modules of application software, such as the computer programs corresponding to the network slice connection method in the embodiments of the present application.
- the processor 102 executes the computer programs stored in the memory 104 to execute Various functional applications and business chain address pool slicing processing implement the above methods.
- Memory 104 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some instances, memory 104 may further include memory located remotely from processor 102, and these remote memories may be connected to the mobile terminal through a network. Examples of such networks include, but are not limited to, the Internet, an intranet, a local area network, a mobile communication network, and combinations thereof.
- Transmission means 106 are used to receive or transmit data via a network.
- the specific example of the above-mentioned network may include a wireless network provided by a communication provider of the mobile terminal.
- the transmission device 106 includes a network adapter (Network Interface Controller, NIC for short), which can be connected to other network devices through a base station so as to communicate with the Internet.
- the transmission device 106 may be a radio frequency (Radio Frequency, RF for short) module, which is used to communicate with the Internet in a wireless manner.
- RF Radio Frequency
- FIG. 2 is a flowchart of a network slice connection method according to an embodiment of the present application. As shown in FIG. 2 , the process It includes the following steps:
- Step S202 obtaining a network slice activation request of the application, wherein the network slice activation request carries the application user identifier UID and the slice traffic descriptor identifier;
- the UID of the same application is different, and different systems can be distinguished by the UID, and the corresponding relationship between the system and the UID can be recorded through the mapping table.
- Step S204 determining the system to which the application belongs according to the UID, and obtaining the target application package name corresponding to the UID under the system to which the application belongs;
- step S204 it may further include: in the case that the authentication identity authentication information is also carried in the network slice activation request, performing system authentication according to the authentication identity authentication information and device identity authentication, the target application package name corresponding to the UID is obtained only when the system authentication and device identity authentication are passed, and the system is authenticated and authenticated to ensure that the system is legal.
- the system stores the corresponding relationship between the UID and the application package name.
- the system can also be directly reflected, that is, the corresponding relationship between the storage system, the UID and the application package name is stored.
- the above step S204 can specifically be The method includes: determining the target application package name corresponding to the UID according to the preset correspondence between the UID and the application package name.
- Step S206 determining the first slice level corresponding to the target application package name that is allowed to be used by the application
- the above step S206 may specifically include: determining the first slice level range corresponding to the target application package name based on the pre-established correspondence table of the system identifier, the application package name and the slice level. Of course, it may also be reflected in the correspondence table. It can easily determine the slice level corresponding to the application package name, thereby distinguishing network slices of different systems.
- Step S208 Establish a network slice connection with the first slice level range according to the slice traffic descriptor identifier.
- step S208 may specifically include:
- the foregoing step S2081 may specifically include: determining a second slice level corresponding to the slice traffic descriptor identifier according to a pre-established correspondence table between the slice level and the slice traffic descriptor.
- S2082 Determine whether the application has the slice usage authority within the scope of the first slice level according to the second slice level, and specifically, determine whether the second slice level belongs to the first slice level; If the result is yes, it is determined that the application has the slice usage permission of the first slice level range; if the determination result is no, it is determined that the application does not have the slice of the first slice level range Use permissions.
- the foregoing step S2083 may specifically include: sending a network slice connection request carrying the slice traffic descriptor identifier to the network side, and receiving a network slice connection response sent by the network side, that is, the completed slice network connection.
- the problem of how to implement network slice grading for dual systems or multiple systems can be solved under the requirement of non-interference between network slices.
- the activation request is distinguished, the slice levels that can be used by different systems are determined, and the network slice connection is performed according to the slice traffic descriptor identifier, so that multiple systems can implement network hierarchical slice without interfering with each other.
- corresponding UID allocation ranges are respectively set for multiple systems, wherein the UID allocation ranges among the multiple systems do not overlap; according to the UID allocation ranges for the multiple systems
- the UID is assigned to the installed applications in the system, so that the UIDs are different for different system configurations.
- the data is encrypted according to the UID or the system authentication identity authentication information, and the encrypted data is transmitted through the established network slice connection.
- the UID or system authentication identity authentication information has been obtained, and the transmitted data can be encrypted through the UID or system authentication identity authentication information to further improve the security of data transmission.
- the network slicing is divided into 5 levels, including L0, L1, L2, L3, and L4, as shown in Table 1 below.
- the characteristics of the industry customization project are dual systems, two android systems, which are divided into work system and living system, which can be switched with each other, and the two systems share the SIM card. If the work system is a government-customized system, only L3/L4 slices can be used. For the living system, the L3/L4 slice of the same SIM card cannot be accessed, because the security level of L3/L4 is high, and a safe and reliable method is needed to block the APP of the living system from initiating the L3/L4 slice request.
- the first method is that the APP on the working system and the living system is unaware, that is, no targeted changes are required at the APP level, because Google has not released a dual-system solution, and the URSP rules on the mobile phone side defined by the 5G protocol are not.
- Dual systems will be considered.
- the rules and implementations of how to match the slices applied on the specific dual systems need to be defined by the mobile phone manufacturers themselves. Therefore, innovative ways to solve the above problems are needed.
- the wireless protocol stack module needs to effectively identify whether the application slice request comes from the living system or the working system.
- the working system only allows professional industry slices, and the living system only allows life and entertainment slices.
- This embodiment implements the management of hierarchical slices for dual-system projects, distinguishes application slice requests from different systems, determines the slice level that can be used by the identity of the system, and solves the requirement for dual-system mobile phones to use graded slices without interfering with each other.
- the implementation is modified, only the system call is modified, and the protocol stack is implemented to solve the problem. Wide applicability and low cost, it is an effective solution for dual-system projects to solve such problems, and improves the hierarchical slicing function of dual-system projects. It is suitable for dual-card smartphone terminals that support 5G Standalone (SA), and 5G networks that support slicing.
- SA Standalone
- Fig. 3 is a block diagram of the dual-system automatic slice grading control according to the present embodiment.
- a slice request grading authentication module is added on the basis of the original provided framework to realize the main functions, and at the same time, the original module application is transformed accordingly. It includes an application management module, a connection management module, and a wireless protocol stack interface.
- the slice request hierarchical authentication module is based on the UE Route Selection Policy (URSP for short), and is used to determine whether the system is allowed to send the corresponding hierarchical slice.
- the request can be implemented in the dual system or in the modem wireless protocol stack.
- FIG. 4 is a flowchart of the dual-system automatic slice grading control according to the present embodiment, as shown in FIG. 4 , including:
- Step S401 install the application, limit the UID distribution scope of each system, for the dual-system project, the application management module defines the distribution scope of each system to the application user ID (User ID, referred to as UID), and the UID scope of the two systems does not overlap and overlap. , UID ranges can be preconfigured.
- UID application user ID
- Step S402 the corresponding table of application package name, slice level, and system is preset in the slice request classification authentication module, and a list of applications corresponding to graded slices is established according to a total of 5 classifications of L0 to L4 of the slice, as shown in Table 2, that is, Each system has a corresponding level of slice, and each level of slice has a corresponding application.
- an application can limit its slice level permissions to one level or multiple levels at the same time; in a dual-system project, an application that belongs to a system can only have the slice level of its system, and the living system has a slice level of authority. It is separate from the slice level that the work system has permissions to, which is required for industry security.
- An application can be installed in the working system and the living system at the same time. It exists independently of each other in the respective operating systems, and the assigned UIDs are different.
- Step S403 Obtain the slice set that the network allows the SIM card user to use from the URSP, and establish a slice level and slice traffic descriptor correspondence table. If the URSP in the 3GPP protocol does not yet support slice level classification, it can also be preset by the mobile phone or a mobile phone built-in program. Set up the corresponding table of slice level and slice traffic descriptor, as shown in Table 3.
- step S404 system authentication and identity authentication information is preset in the connection management module of each system, which is used to perform authentication and identity authentication when initiating a slice request.
- Step S405 the application initiates a slice connection request, and delivers key parameters of the slice, and the key parameters include the data network name (Data Network Name, DNN for short) (or other parameters in the traffic descriptor, and the slice traffic descriptor is used to identify a certain slice. , which can be DNN, Application ID, etc., which are specifically defined in the 3GPP protocol. The following descriptions in this article are represented by DNN.)
- the connection management module obtains the caller's UID, and can carry parameters such as DNN, UID, authentication and identity authentication information to initiate a slice connection Request to the wireless protocol interface.
- Step S406 the wireless protocol interface sends the slice connection request to the slice request hierarchical authentication module, and the module judges according to the UID range to determine whether it is a work system request or a living system request.
- Step S407 if it is a working system, perform work system authentication and identity authentication, if it is a living system, perform living system authentication and identity authentication, and return failure if it does not pass.
- Step S408 after the identity authentication is passed, reversely query the application package name to the corresponding system through the UID.
- Step S409 through the application package name, perform a permission query in the data table established in step S402, and query the slice-level permissions that the application can use.
- Step S410 according to the DNN initiated by the application, query the slice level of the DNN in the data table established in step S103 to determine whether the application has the right to use the slice level, and returns a failure if not.
- Step S411 initiate a DNN slice request to the URSP rule module.
- Step S412 after the slice is successfully established, in the data transmission process, the UID and system authentication and authentication information can be used to encrypt the transmission data to prevent other applications or other system applications from monitoring the slice data stream.
- the above steps can be applied to the use of hierarchical slicing in dual-system projects, and can also be applied to the use of hierarchical slicing by multiple systems, as well as the security management of slices used by multiple systems, which ensures the safe use of industry slicing by industry systems and ensures that industry systems network restrictions.
- FIG. 5 is a block diagram of the network slice connection apparatus according to this embodiment. As shown in FIG. 5 , the apparatus includes:
- a first obtaining module 52 configured to obtain a network slice activation request of an application, wherein the network slice activation request carries an application user identifier UID and a slice traffic descriptor identifier;
- the second obtaining module 54 is configured to determine the system to which the application belongs according to the UID, and obtain the target application package name corresponding to the UID under the system to which the application belongs;
- a determination module 56 configured to determine a first slice level range corresponding to the target application package name that is allowed to be used by the application;
- a connection establishment module 58 is configured to establish a network slice connection with the first slice level range according to the slice traffic descriptor identifier.
- FIG. 6 is a block diagram 1 of a network slice connection apparatus according to an embodiment of the present application.
- the connection establishment module 58 includes:
- a determination submodule 62 configured to determine the second slice level to which the slice traffic descriptor identifier belongs; determine whether the application has the slice usage authority within the scope of the first slice level according to the second slice level;
- a connection establishment sub-module 64 is configured to establish a network slice connection according to the slice traffic descriptor identifier when the determination result is yes.
- the determining sub-module 62 is further configured to
- the establishing connection sub-module 64 is also used for
- a network slice connection response sent by the network side is received.
- the apparatus further includes:
- An authentication module configured to perform system authentication and identity authentication according to the authentication identity authentication information in the case that the authentication identity authentication information is also carried in the network slice activation request.
- the second obtaining module 54 is further configured to determine the target application package name corresponding to the UID according to the preset correspondence between the UID and the application package name.
- the determining module 56 is also used to
- the first slice level range corresponding to the target application package name is determined based on a pre-established correspondence table of system identifiers, application package names, and slice levels.
- FIG. 7 is a second block diagram of an apparatus for connecting network slices according to an embodiment of the present application. As shown in FIG. 7 , the apparatus further includes:
- a setting module 72 configured to respectively set corresponding UID allocation ranges for multiple systems, wherein the UID allocation ranges among the multiple systems do not overlap;
- the configuration module 74 is configured to allocate the UID to the installed applications in the multiple systems according to the UID allocation range.
- FIG. 8 is a block diagram 3 of an apparatus for connecting network slices according to an embodiment of the present application. As shown in FIG. 8 , the apparatus further includes:
- An encryption module 82 configured to encrypt data according to the UID or the system authentication identity authentication information
- a transmission module 84 configured to transmit the encrypted data through the established network slice connection.
- Embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, wherein the computer program is configured to execute the steps in any one of the above method embodiments when running.
- the above-mentioned computer-readable storage medium may include, but is not limited to, a USB flash drive, a read-only memory (Read-Only Memory, referred to as ROM for short), and a random access memory (Random Access Memory, referred to as RAM for short) , mobile hard disks, magnetic disks or CD-ROMs and other media that can store computer programs.
- ROM Read-Only Memory
- RAM Random Access Memory
- Embodiments of the present application further provide an electronic device, including a memory and a processor, where a computer program is stored in the memory, and the processor is configured to run the computer program to execute the steps in any one of the above method embodiments.
- the above-mentioned electronic device may further include a transmission device and an input-output device, wherein the transmission device is connected to the above-mentioned processor, and the input-output device is connected to the above-mentioned processor.
- modules or steps of the present application can be implemented by a general-purpose computing device, and they can be centralized on a single computing device, or distributed in a network composed of multiple computing devices
- they can be implemented in program code executable by a computing device, so that they can be stored in a storage device and executed by the computing device, and in some cases, can be performed in a different order than shown here.
- the described steps, or they are respectively made into individual integrated circuit modules, or a plurality of modules or steps in them are made into a single integrated circuit module to realize.
- the present application is not limited to any particular combination of hardware and software.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
切片级别 | 切片流量描述符 |
L0 | Dnn1,dnn2,dnn3,application id1 |
L1 | application id2 |
L2 | Dnn4,application id3 |
L3 | Dnn5,Dnn6 |
L4 | Dnn7,application id4 |
Claims (12)
- 一种网络切片连接方法,所述方法包括:获取应用的网络切片激活请求,其中,所述网络切片激活请求中携带有应用用户标识UID以及切片流量描述符标识;根据所述UID确定所述应用所归属的系统,并在所述应用所归属的系统下获取所述UID对应的目标应用包名;确定所述目标应用包名对应的允许所述应用使用的第一切片级别范围;根据所述切片流量描述符标识与所述第一切片级别范围建立网络切片连接。
- 根据权利要求1所述的方法,其中,所述根据所述切片流量描述符标识与所述第一切片级别范围建立网络切片连接包括:确定所述切片流量描述符标识所归属的第二切片级别,并根据所述第二切片级别确定所述应用是否具有所述第一切片级别范围的切片使用权限;在确定结果为是的情况下,根据所述切片流量描述符标识建立网络切片连接。
- 根据权利要求2所述的方法,其中,所述确定所述切片流量描述符标识所归属的第二切片级别,并根据所述第二切片级别确定所述应用是否具有所述第一切片级别范围的切片使用权限包括:根据预先建立的切片级别与切片流量描述符的对应表,确定所述切片流量描述符标识对应的所述第二切片级别;判断所述第二切片级别是否属于所述第一切片级别范围;在判断结果为是的情况下,确定所述应用具有所述第一切片级别范围的切片使用权限;在判断结果为否的情况下,确定所述应用不具有所述第一切片级别范围的切片使用权限。
- 根据权利要求2或3所述的方法,其中,所述根据所述切片流量描述符标识建立网络切片连接包括:向网络侧发送携带所述切片流量描述符标识的网络切片连接请求;接收所述网络侧发送的网络切片连接响应。
- 根据权利要求1至4中任一项所述的方法,其中,在所述应用所归属的系统下获取所述UID对应的目标应用包名之前,所述方法还包括:在所述网络切片激活请求中还携带有鉴权身份认证信息的情况下,根据所述鉴权身份认证信息进行系统鉴权和设备身份认证。
- 根据权利要求1至5中任一项所述的方法,其中,所述在所述应用所归属的系统下获取所述UID对应的目标应用包名,包括:根据预先设置的UID与应用包名的对应关系确定所述UID对应的所述目标应用包名。
- 根据权利要求1至6中任一项所述的方法,其中,所述确定所述目标应用包名对应的允许所述应用使用的第一切片级别范围包括:基于预先建立的系统标识、应用包名以及切片级别的对应表,确定所述目标应用包名对 应的所述第一切片级别范围。
- 根据权利要求1至7中任一项所述的方法,其中,在所述获取应用的网络切片激活请求之前,所述方法还包括:为多个系统分别设置对应的UID分配范围,其中,所述多个系统之间的所述UID分配范围无重叠;根据所述UID分配范围为所述多个系统中已安装应用分配所述UID。
- 根据权利要求1至8中任一项所述的方法,其中,在根据所述切片流量描述符标识与所述第一切片级别范围建立网络切片连接之后,所述方法还包括:根据所述UID或所述系统鉴权身份认证信息对数据进行加密;通过建立的所述网络切片连接传输加密后的所述数据。
- 一种网络切片连接装置,所述装置包括:第一获取模块,用于获取应用的网络切片激活请求,其中,所述网络切片激活请求中携带有应用用户标识UID以及切片流量描述符标识;第二获取模块,用于根据所述UID确定所述应用所归属的系统,并在所述应用所归属的系统下获取所述UID对应的目标应用包名;确定模块,用于确定所述目标应用包名对应的允许所述应用使用的第一切片级别范围;建立连接模块,用于根据所述切片流量描述符标识与所述第一切片级别范围建立网络切片连接。
- 一种计算机可读的存储介质,所述存储介质中存储有计算机程序,其中,所述计算机程序被设置为运行时执行所述权利要求1至9任一项中所述的方法。
- 一种电子装置,包括存储器和处理器,所述存储器中存储有计算机程序,所述处理器被设置为运行所述计算机程序以执行所述权利要求1至9任一项中所述的方法。
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US18/255,084 US20240031928A1 (en) | 2020-12-29 | 2021-11-08 | Network slice connection method and apparatus, storage medium, and electronic apparatus |
EP21913484.8A EP4247050A4 (en) | 2020-12-29 | 2021-11-08 | NETWORK LAYER INTERCONNECTION METHOD AND APPARATUS, STORAGE MEDIUM AND ELECTRONIC DEVICE |
JP2023533780A JP7499971B2 (ja) | 2020-12-29 | 2021-11-08 | ネットワークスライス接続方法、ネットワークスライス接続装置、記憶媒体及び電子装置 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011608100.4A CN112804679B (zh) | 2020-12-29 | 2020-12-29 | 一种网络切片连接方法、装置、存储介质及电子装置 |
CN202011608100.4 | 2020-12-29 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2022142740A1 true WO2022142740A1 (zh) | 2022-07-07 |
Family
ID=75804355
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2021/129363 WO2022142740A1 (zh) | 2020-12-29 | 2021-11-08 | 一种网络切片连接方法、装置、存储介质及电子装置 |
Country Status (5)
Country | Link |
---|---|
US (1) | US20240031928A1 (zh) |
EP (1) | EP4247050A4 (zh) |
JP (1) | JP7499971B2 (zh) |
CN (1) | CN112804679B (zh) |
WO (1) | WO2022142740A1 (zh) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112804679B (zh) * | 2020-12-29 | 2023-07-14 | 中兴通讯股份有限公司 | 一种网络切片连接方法、装置、存储介质及电子装置 |
CN113055190B (zh) * | 2021-06-02 | 2021-07-30 | 支付宝(杭州)信息技术有限公司 | 针对客户端的访问控制方法 |
CN115996378A (zh) * | 2021-10-20 | 2023-04-21 | 华为技术有限公司 | 鉴权方法及装置 |
CN114978911B (zh) * | 2022-05-20 | 2024-03-08 | 中国联合网络通信集团有限公司 | 网络切片的关联方法、设备主体、通信模组及终端设备 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109429277A (zh) * | 2017-07-05 | 2019-03-05 | 中兴通讯股份有限公司 | 网络切片的选择方法、装置及系统 |
WO2019075848A1 (zh) * | 2017-10-16 | 2019-04-25 | 华为技术有限公司 | 协同终端切片功能和网络切片功能 |
CN110720203A (zh) * | 2017-06-01 | 2020-01-21 | 奥兰治 | 与应用有关的网络切片的选择 |
CN111416745A (zh) * | 2020-03-26 | 2020-07-14 | 腾讯科技(深圳)有限公司 | 一种网络切片确定方法和相关装置 |
CN111865872A (zh) * | 2019-04-26 | 2020-10-30 | 大唐移动通信设备有限公司 | 一种网络切片内终端安全策略实现方法及设备 |
CN112804679A (zh) * | 2020-12-29 | 2021-05-14 | 中兴通讯股份有限公司 | 一种网络切片连接方法、装置、存储介质及电子装置 |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102529714B1 (ko) * | 2016-06-15 | 2023-05-09 | 인터디지탈 패튼 홀딩스, 인크 | 네트워크 슬라이스 발견 및 선택 |
CN110149670B (zh) * | 2018-02-13 | 2024-05-14 | 华为技术有限公司 | 一种数据路由选择的方法及装置 |
WO2020040752A1 (en) * | 2018-08-21 | 2020-02-27 | Nokia Technologies Oy | Support for enterprise network slicing and flexible sub-slicing controlled by an enterprise |
US10602422B1 (en) * | 2018-12-10 | 2020-03-24 | Verizon Patent And Licensing Inc. | Application-based user equipment route selection policy mapping |
EP3981199A1 (en) | 2019-06-07 | 2022-04-13 | Convida Wireless, LLC | Performing service delivery for multi-user mobile terminals cross-reference to related application |
-
2020
- 2020-12-29 CN CN202011608100.4A patent/CN112804679B/zh active Active
-
2021
- 2021-11-08 WO PCT/CN2021/129363 patent/WO2022142740A1/zh active Application Filing
- 2021-11-08 EP EP21913484.8A patent/EP4247050A4/en active Pending
- 2021-11-08 JP JP2023533780A patent/JP7499971B2/ja active Active
- 2021-11-08 US US18/255,084 patent/US20240031928A1/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110720203A (zh) * | 2017-06-01 | 2020-01-21 | 奥兰治 | 与应用有关的网络切片的选择 |
CN109429277A (zh) * | 2017-07-05 | 2019-03-05 | 中兴通讯股份有限公司 | 网络切片的选择方法、装置及系统 |
WO2019075848A1 (zh) * | 2017-10-16 | 2019-04-25 | 华为技术有限公司 | 协同终端切片功能和网络切片功能 |
CN111865872A (zh) * | 2019-04-26 | 2020-10-30 | 大唐移动通信设备有限公司 | 一种网络切片内终端安全策略实现方法及设备 |
CN111416745A (zh) * | 2020-03-26 | 2020-07-14 | 腾讯科技(深圳)有限公司 | 一种网络切片确定方法和相关装置 |
CN112804679A (zh) * | 2020-12-29 | 2021-05-14 | 中兴通讯股份有限公司 | 一种网络切片连接方法、装置、存储介质及电子装置 |
Non-Patent Citations (4)
Title |
---|
See also references of EP4247050A4 * |
ZHANG KAI, HUAWEI: "UID_760065 Provisioning of 5G networks and network slicing OAM Rapporteur Report", 3GPP TSG-SA5 (TELECOM MANAGEMENT) S5-183024, 14-18 MAY 2018 LA JOLLA (US), 18 May 2018 (2018-05-18), 14-18 May 2018 La Jolla (US), XP055947930, Retrieved from the Internet <URL:https://www.3gpp.org/ftp/TSG_SA/WG5_TM/TSGS5_119/Docs/S5-183024.zip> [retrieved on 20220802] * |
ZTE, TELECOM ITALIA, ORACLE, CHINA TELECOM, INTERDIGITAL INC, ITRI, HUAWEI: "Key Issues considerations to support isolated and coexisted slices", 3GPP DRAFT; S2-183923, 3RD GENERATION PARTNERSHIP PROJECT (3GPP),SOPHIA-ANTIPOLIS CEDEX ; FRANCE, 19 April 2018 (2018-04-19), Sanya, China; 20180416 - 20180420, XP051432580 * |
ZTE, TELECOM ITALIA, ORACLE, CHINA TELECOM: "Key Issues considerations to support isolated and coexisted slices", 3GPP DRAFT; S2-183180, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), SOPHIA-ANTIPOLIS CEDEX ; FRANCE, 10 April 2018 (2018-04-10), Sanya, China; 20180416 - 20180420, XP051437553 * |
Also Published As
Publication number | Publication date |
---|---|
JP7499971B2 (ja) | 2024-06-14 |
US20240031928A1 (en) | 2024-01-25 |
EP4247050A1 (en) | 2023-09-20 |
CN112804679A (zh) | 2021-05-14 |
EP4247050A4 (en) | 2024-04-24 |
JP2023552361A (ja) | 2023-12-15 |
CN112804679B (zh) | 2023-07-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2022142740A1 (zh) | 一种网络切片连接方法、装置、存储介质及电子装置 | |
US10616077B2 (en) | System architecture and methods for controlling and managing networking devices and expediting new service delivery in a subscriber's home network using micro-domains | |
CN110896355B (zh) | 一种网络切片的选择方法及装置 | |
EP3595244B1 (en) | Network slice management method, unit and system | |
US10805268B2 (en) | Method and apparatuses for enabling routing of data packets between a wireless device and a service provider based in the local service cloud | |
CN109560948B (zh) | 一种网络切片的部署方法及相关设备 | |
US9009317B2 (en) | System for and method of managing network resources | |
CN106936804B (zh) | 一种访问控制方法以及认证设备 | |
US10485043B2 (en) | Multi-connection access point | |
US10701582B2 (en) | Dynamic application QoS profile provisioning | |
US10070343B2 (en) | Mobile device traffic management | |
CN112367160B (zh) | 一种虚拟量子链路服务方法与装置 | |
CN113141260B (zh) | 基于软件定义广域网sd-wan的安全访问方法、系统及设备 | |
CN105357168A (zh) | 一种设备访问权限分配方法及装置 | |
US20200374957A1 (en) | Multi-connection access point | |
CN113904871B (zh) | 网络切片的接入方法、pcf实体、终端和通信系统 | |
WO2018082574A1 (zh) | 一种信息发送方法、单元和系统 | |
CN116346294A (zh) | 通信方法、装置、相关设备及存储介质 | |
CN108650179B (zh) | 一种配置转发表的方法、转发装置及计算机可读存储介质 | |
RU139969U1 (ru) | Исполняющий блок вычислительного комплекса контроля, ограничения и анонимизации доступа к сетевым устройствам с функцией фильтрации и модификации данных | |
CN110417566B (zh) | 一种多头配置方法、设备及系统 | |
US20240056485A1 (en) | Systems and methods for network access control using distributed ledgers | |
JP2023002449A (ja) | Ipネットワークにアクセスするための通信サービスを提供するための装置、方法及びそのためのプログラム | |
JP2023002448A (ja) | Ipネットワークにアクセスするための通信サービスを提供するための装置、方法及びそのためのプログラム | |
CN113518089A (zh) | 访问设备的管理方法及装置、存储介质、电子装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 21913484 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 18255084 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2023533780 Country of ref document: JP |
|
ENP | Entry into the national phase |
Ref document number: 2021913484 Country of ref document: EP Effective date: 20230613 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |