WO2022166891A1

WO2022166891A1 - Method, apparatus, and device for supporting network selection, and readable storage medium

Info

Publication number: WO2022166891A1
Application number: PCT/CN2022/075020
Authority: WO
Inventors: 柯小婉
Original assignee: 维沃移动通信有限公司
Priority date: 2021-02-05
Filing date: 2022-01-29
Publication date: 2022-08-11
Also published as: CN114885321A

Abstract

The present application discloses a method, apparatus, and device for supporting network selection, and a readable storage medium. The method comprises: acquiring first information, which comprises: a first list, a second list, and/or first indication information; and selecting a network on the basis of the first information.

Description

Method, apparatus, device and readable storage medium for supporting network selection

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority to Chinese Patent Application No. 202110164165.2 filed in China on Feb. 05, 2021, the entire contents of which are hereby incorporated by reference.

technical field

The present application belongs to the field of communication technologies, and in particular relates to a method, apparatus, device and readable storage medium for supporting network selection.

Background technique

A terminal (for example, a user terminal (User Equipment, UE)) wishes to temporarily access the first network to obtain the certificate and/or subscription of the first object. The problem of how to select the first network is an urgent problem to be solved.

SUMMARY OF THE INVENTION

Embodiments of the present application provide a method, apparatus, device, and readable storage medium for supporting network selection, so as to solve the problem of how to select a network for downloading a certificate and/or signing a subscription.

In a first aspect, a method for supporting network selection is provided, executed by a first communication device, including:

obtaining first information, where the first information includes: a first list, a second list and/or first indication information;

selecting a network according to the first information;

in,

The first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include at least one of the following: the first communication device can be limited access, enabling the first communication device to obtain a certificate and/or to sign a contract, and the first communication device can access by using a default certificate;

Alternatively, the first list includes at least one of the following:

A list of networks that can be restricted access;

A list of networks that can configure certificates and/or subscriptions;

A list of networks that can be accessed using the default certificate;

The second list includes one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the second list include at least one of the following: the first communication device cannot access , the first communication device cannot obtain a certificate and/or sign a contract, and the first communication device cannot access using the default certificate;

Alternatively, the second list includes at least one of the following:

A list of networks that cannot be restricted to access;

inability to configure certificates and/or signed network lists;

A list of networks that cannot be accessed using the default certificate;

Wherein, the network list includes one or more network objects, or identification information of one or more network objects; the network objects include networks and/or network groups;

The first indication information is used to indicate at least one of the following:

Supports or does not support provisioning certificates and/or signing;

Supports or does not support the configuration of certificates and/or signing through the control plane;

Supports or does not support the configuration of certificates and/or signing through the user plane;

Supports or does not support configuration of certificates and/or subscriptions based on restricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the control plane based on restricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the user plane based on restricted access;

Supports or does not support provisioning credentials and/or subscriptions based on unrestricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the control plane based on unrestricted access;

Configuration of certificates and/or subscriptions through the user plane based on unrestricted access is supported or not.

In a second aspect, a method for supporting network selection is provided, performed by a second communication device, including:

sending first indication information;

Wherein, the first indication information is used to indicate at least one of the following:

Supports or does not support provisioning certificates and/or signing;

In a third aspect, a method for supporting network selection is provided, executed by a third communication device, including:

send the first list and/or the second list;

Alternatively, the first list includes at least one of the following:

A list of networks that can be restricted to access,

Ability to configure a list of certificates and/or signed networks,

A list of networks that can be accessed using the default certificate;

Alternatively, the second list includes at least one of the following:

A list of networks that cannot be restricted to access;

inability to configure certificates and/or signed network lists;

A list of networks that cannot be accessed using the default certificate;

The network list includes one or more network objects, or the network list includes identification information of one or more network objects, and the network objects include networks and/or network groups.

In a fourth aspect, an apparatus for supporting network selection is provided, which is executed by a first communication device, including:

a first obtaining module, configured to obtain first information, where the first information includes: a first list, a second list and/or first indication information;

a selection module, configured to select a network according to the first information;

in,

Alternatively, the first list includes at least one of the following:

A list of networks that can be restricted access;

A list of networks that can configure certificates and/or subscriptions;

A list of networks that can be accessed using the default certificate;

Alternatively, the second list includes at least one of the following:

A list of networks that cannot be restricted to access;

inability to configure certificates and/or signed network lists;

A list of networks that cannot be accessed using the default certificate;

Supports or does not support provisioning certificates and/or signing;

A fifth aspect provides an apparatus for supporting network selection, which is applied to a second communication device, including:

a first sending module, configured to send the first indication information;

Supports or does not support provisioning certificates and/or signing;

In a sixth aspect, an apparatus for supporting network selection is provided, applied to a third communication device, including:

a second sending module, configured to send the first list and/or the second list;

Alternatively, the first list includes at least one of the following:

A list of networks that can be restricted to access,

Ability to configure a list of certificates and/or signed networks,

A list of networks that can be accessed using the default certificate;

Alternatively, the second list includes at least one of the following:

A list of networks that cannot be restricted to access;

inability to configure certificates and/or signed network lists;

A list of networks that cannot be accessed using the default certificate;

In a seventh aspect, a terminal is provided, comprising: a processor, a memory, and a program stored on the memory and executable on the processor, the program being executed by the processor to implement the method described in the first aspect steps of the method described.

In an eighth aspect, a network-side device is provided, including: a processor, a memory, and a program stored on the memory and executable on the processor, the program being executed by the processor to achieve the second The steps of the method of aspect or third aspect.

In a ninth aspect, a readable storage medium is provided, and a program or an instruction is stored on the readable storage medium, and when the program or instruction is executed by a processor, the steps of the above-mentioned method are implemented.

In a tenth aspect, a computer program product is provided, the computer program product being stored in a non-volatile storage medium, the computer program product being executed by at least one processor to implement the steps of the method as described above.

In an eleventh aspect, a chip is provided, the chip includes a processor and a communication interface, the communication interface is coupled to the processor, and the processor is configured to run a program or an instruction to implement the steps of the above method .

In this embodiment of the present application, the first communication device is supported to confirm and select a network for downloading a certificate and/or signing a contract.

Description of drawings

FIG. 1 is a schematic diagram of a wireless communication system to which an embodiment of the present application can be applied;

2 is one of the flowcharts of the method for supporting network selection provided by an embodiment of the present application;

3 is the second flowchart of the method for supporting network selection provided by an embodiment of the present application;

FIG. 4 is the third flowchart of the method for supporting network selection provided by an embodiment of the present application;

FIG. 5 is a fourth flowchart of a method for supporting network selection provided by an embodiment of the present application;

6 is one of the schematic diagrams of the apparatus for supporting network selection provided by an embodiment of the present application;

7 is a second schematic diagram of an apparatus for supporting network selection provided by an embodiment of the present application;

8 is a third schematic diagram of an apparatus for supporting network selection provided by an embodiment of the present application;

9 is a schematic diagram of a terminal provided by an embodiment of the present application;

FIG. 10 is a schematic diagram of a network side device according to an embodiment of the present application.

Detailed ways

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application. Obviously, the described embodiments are part of the embodiments of the present application, not all of the embodiments. Based on the embodiments in this application, all other embodiments obtained by those of ordinary skill in the art without creative work fall within the protection scope of this application.

The terms "first", "second" and the like in the description and claims of the present application are used to distinguish similar objects, and are not used to describe a specific order or sequence. It is to be understood that the data so used are interchangeable under appropriate circumstances so that the embodiments of the present application can be practiced in sequences other than those illustrated or described herein, and "first", "second" distinguishes Usually it is a class, and the number of objects is not limited. For example, the first object may be one or multiple. In addition, "and/or" in the description and claims refers to at least one of the connected objects, and the character "/" generally indicates that the contextual objects are in an "and/or" relationship.

It is worth noting that the technologies described in the embodiments of this application are not limited to Long Term Evolution (LTE)/LTE-Advanced (LTE-Advanced, LTE-A) systems, and can also be used in other wireless communication systems, such as code Division Multiple Access (Code Division Multiple Access, CDMA), Time Division Multiple Access (Time Division Multiple Access, TDMA), Frequency Division Multiple Access (Frequency Division Multiple Access, FDMA), Orthogonal Frequency Division Multiple Access (Orthogonal Frequency Division Multiple Access, OFDMA), Single-carrier Frequency-Division Multiple Access (SC-FDMA) and other systems. The terms "system" and "network" in the embodiments of the present application are often used interchangeably, and the described technology can be used not only for the above-mentioned systems and radio technologies, but also for other systems and radio technologies. However, the following description describes a New Radio (NR) system for example purposes, and NR terminology is used in most of the following description, although these techniques are also applicable to applications other than NR system applications, such as 6th generation ( 6th Generation, 6G) communication system.

FIG. 1 shows a block diagram of a wireless communication system to which the embodiments of the present application can be applied. The wireless communication system includes a terminal 11 and a network-side device 12 . The terminal 11 may also be called a terminal device or a user terminal (User Equipment, UE), and the terminal 11 may be a mobile phone, a tablet computer (Tablet Personal Computer), a laptop computer (Laptop Computer) or a notebook computer, a personal digital computer Assistant (Personal Digital Assistant, PDA), PDA, Netbook, Ultra-Mobile Personal Computer (UMPC), Mobile Internet Device (Mobile Internet Device, MID), Wearable Device (Wearable Device) or vehicle-mounted device (Vehicle User Equipment, VUE), pedestrian terminal (Pedestrian User Equipment, PUE) and other terminal-side devices, wearable devices include: bracelets, headphones, glasses, etc. It should be noted that, the embodiment of the present application does not limit the specific type of the terminal 11 . The network side device 12 may be a base station or a core network, wherein the base station may be referred to as a Node B, an evolved Node B, an access point, a Base Transceiver Station (BTS), a radio base station, a radio transceiver, a basic service Set (Basic Service Set, BSS), Extended Service Set (Extended Service Set, ESS), Node B, Evolved Node B (eNB), Home Node B, Home Evolved Node B, Wireless Local Area Networks (WLAN) ) access point, wireless fidelity (Wireless Fidelity, WiFi) node, transmitting and receiving point (Transmitting Receiving Point, TRP) or some other suitable term in the field, as long as the same technical effect is achieved, the base station is not limited to For specific technical terms, it should be noted that in the embodiments of this application, only the base station in the NR system is used as an example, but the specific type of the base station is not limited.

In the related art, a terminal (eg, UE) can access a public land mobile network (Public Land Mobile Network, PLMN) or an independent non-public network (Standalone Non-Public Network, SNPN) 1 to download the certificate of the first object (eg SNPN2 certificate, or, for secondary authentication and/or authorization). When the UE does not have a certificate of SNPN1 (such as a certificate for unrestricted access), if the SNPN1 supports the function of the first access mode (such as onboarding), then the SNPN1 may be called an Onboarding SNPN (O-SNPN for short). The first access manner may be an access manner in which the certificate of the first network is acquired through a restricted access network and/or through the network. When accessing the Onboarding SNPN, the UE does not have an O-SNPN certificate (no certificate for unrestricted access), and uses a default certificate (Default credential, such as a certificate for restricted access) to access O- SNPN, and an onboarding indication is to be provided to illustrate the specificity of the UE's registration type. Therefore, in the scenario of O-SNPN, it includes two functions:

(1) Default credential onboarding or restricted access to the network;

(2) Configure the certificate and/or contract of the first object.

The cell of the O-SNPN may broadcast an onboarding indication for the UE to select the O-SNPN and obtain the certificate and/or subscription of the first object.

When the SNPN2 certificate is downloaded through the PLMN or SNPN3, since the UE has a certificate capable of accessing the PLMN or SNPN3 (such as a certificate for unrestricted access), essentially the PLMN or SNPN3 may not support the function of (1), Instead, only the functions of (2) can be supported. Therefore, if the PLMN or SNPN3 wants to broadcast the capabilities of the network, it is not suitable to broadcast the indication information for indicating that onboarding is supported. Therefore, the following problems have to be solved.

Question 1: How does the UE access and select a network (such as PLMN and SNPN3) that already has the certificate and/or subscription for unrestricted access to download the certificate of the SNPN.

In order to support the problem of network selection, in an optional embodiment of the present application, the optional solution is as follows:

The network side does not broadcast the indication information to indicate that onboarding is supported, but broadcasts the first indication information, which can be used to indicate one of the following: the first indication information to support the configuration certificate and/or the subscription, and to support the unrestricted access based on the first indication information. Configure certificates and/or sign up.

For the UE, if the UE wants to obtain the certificate and/or subscription of the first object (eg SNPN2), the first list is configured on the UE. The UE can access the network in the first list to obtain the certificate and/or subscription of the first object, and the first list may be a PLMN and/or SNPN type network to form a mixed list.

The terminal may select a network according to the first list and the first indication information.

In one embodiment, the first list may include at least one of the following:

(1) Configure the certificate and/or the contracted network list by means of the control plane;

Optionally, configuring the certificate and/or subscription by means of the control plane includes obtaining the certificate and/or subscription of the network through control plane signaling. It is not difficult to understand that the terminal needs to have the ability to obtain the certificate and/or the subscription through the control plane, and the first network needs to have the ability to configure the certificate and/or the subscription through the control plane. The first network is the network in the first list.

(2) Configure the certificate and/or subscribed network list through the user plane.

Optionally, configuring the network list of the certificate and/or subscription in a user plane manner includes obtaining the certificate and/or subscription of the network through a data channel. For example, the terminal establishes a data channel in the first network, and the terminal connects to a configuration server in the data network through the data channel to obtain the certificate and/or contract of the first object. Therefore, the terminal needs to have the ability to obtain a certificate and/or a subscription through the user plane.

In an implementation manner, the terminal needs to obtain the address information of the configuration server from the first network (the first network is the network in the first list). In this case, the first network needs to have a certificate configured in a user plane manner and/or a subscription to support this.

In an optional embodiment of the present application, optionally, obtaining or obtaining may be understood as obtaining from configuration, receiving, receiving after request, obtaining through self-learning, deriving and obtaining according to unreceived information, or obtaining according to received The information obtained after processing can be determined according to actual needs, which is not limited in this embodiment of the present application. For example, when a certain capability indication information sent by the device is not received, it can be deduced that the device does not support the capability.

In an optional embodiment of the present invention, the sending may include broadcasting, broadcasting in the system message, and returning after responding to the request.

In an optional embodiment of the present invention, able can represent at least one of the following: allow, support, inclination, and preferentially have ability. Impossible can mean at least one of the following: not allowed, not supported, not allowed, not inclined, not capable.

In an optional embodiment of the present application, the first access mode includes at least one of the following: an access mode for accessing a network for obtaining a certificate and/or signing a contract, using a restricted access network access mode, The access method of using the default certificate to access the network;

In an implementation manner, the manner of using a restricted access network for downloading the certificate for accessing the first object, or the manner of accessing the network for downloading the certificate for accessing the first object may be called onboarding. When the first object includes the A network, the first network and the A network may be the same network or different networks. The first network is a network accessed by the terminal, such as a currently accessed network.

In an optional embodiment of the present application, the first server is used to configure the terminal with the certificate of the first object and/or the server for signing up.

In an optional embodiment of the present invention, the supporting configuration of certificates and/or subscriptions is used to further indicate at least one of the following: supporting configuration of certificates and/or subscriptions by means of a control plane, supporting configuration of certificates by means of user planes and/or contract.

In an optional embodiment of the present invention, the configuration certificate and/or subscription not supported is used to further indicate that the configuration of the certificate and/or subscription by means of the control plane is not supported, and the configuration of the certificate and/or subscription by means of the user plane is not supported. or contract.

In an optional embodiment of the present invention, the obtaining of the certificate and/or the contract is to obtain the certificate and/or the contract remotely. For example, when the terminal accesses the first network to obtain the certificate and/or the contract, the The provider of the certificate and/or contract is the first entity. The first entity is an entity in a data network (Data Network, DN) or an entity (entity) outside the network accessed by the terminal.

In an optional embodiment of the present invention, the provider of the certificate and/or subscription is one of the following: an entity outside the network in the first list, an entity outside the network accessed by the terminal, data Entities in the network (DN), entities in other networks. The entity in the data network may be an application server, a certificate and/or a contracted configuration server in the data network. The objectives of a terminal accessing the network include obtaining a certificate and/or signing up.

In an optional embodiment of the present invention, the certificate and/or subscription is the certificate and/or subscription of the network accessed by the terminal. The certificate and/or subscription of the network accessed by the terminal includes at least one of the following: the certificate and/or subscription of the terminal for the unrestricted access network, the certificate and/or the subscription of the terminal for the restricted access network.

In an optional embodiment of the present invention, the certificate and/or subscription includes at least one of the following: a certificate and/or subscription for unrestricted access, a certificate and/or a subscription for restricted access or subscription, certificate and/or subscription for primary authentication and/or authorization, certificate and/or subscription for non-primary authentication and/or authorization. Primary authentication (such as Primary Authentication) may include: Authentication and Key Agreement (AKA), for example, 5th generation (5G) AKA, an extensible authentication protocol (Extensible Authentication Protocol, EAP) AKA.

For non-primary authentication and/or authorization, it includes at least one of the following: secondary authentication and/or authorization (Secondary authentication/authorization), slice-related authentication and/or authorization (Network Slice-Specific Authentication and Authorization, NSSAA).

In an implementation manner, the terminal may use a certificate (such as a default certificate) for a restricted access network and/or subscribe to access the first network, and then obtain the unrestricted access to the first object (including network A) through the first network. Access-restricted credentials and/or subscriptions. The A network is the same as or different from the first network.

In an optional embodiment of the present invention, obtaining the certificate and/or signing through the control plane and/or configuring the certificate and/or signing through the control plane includes at least one of the following: a first entity, accessing through a terminal The terminal obtains the certificate and/or the subscription from the first entity through the control plane signaling of the network accessed by the terminal;

In an optional embodiment of the present invention, obtaining a certificate and/or signing a contract through a user plane method and/or configuring a certificate and/or signing a contract through a user plane method includes at least one of the following: the terminal establishes data on the network accessed by the terminal The channel, through the data channel, obtains the certificate and/or the contract from the first entity; or the first entity configures the certificate and/or the contract for the terminal through the data channel established by the terminal in the access network.

In an optional embodiment of the present invention, the data channel includes at least one of the following: the data channel may include but is not limited to one of the following: a protocol data unit (Protocol Data Unit, PDU) session, a public data network (Public Data Network, PDN) connection, quality of service (Quality of Service, QoS) flow, bearer, Internet Protocol Security (Internet Protocol Security, IPsec) channel, wherein, the bearer can be an evolved radio access bearer (Evolved Radio Access Bearer, E- RAB), radio access bearer (Evolved Radio Access Bearer, RAB), data radio bearer (Data Radio Bearer, DRB), signaling radio bearer (signalling radio bearers, SRB) and so on.

In an optional embodiment of the present invention, the network that is allowed to access by using the default certificate includes that the terminal uses the terminal identifier corresponding to the default certificate to access the network that can obtain a restricted connection.

In an optional embodiment of the present invention, the default credentials include credentials for restricted access.

In an optional embodiment of the present invention, restricted access and restricted connection have the same meaning and can be used in combination.

In one embodiment, the restricted access includes at least one of the following: only the first data channel is allowed to be established, the establishment of data channels other than the first data channel is not allowed, only the certificate and/or contract is allowed, and the Businesses other than getting a certificate and/or contracting. The first data channel is used to obtain a certificate and/or a contracted data channel.

In one embodiment, the certificate and/or subscription of the first object may be obtained through the restricted access.

In an optional embodiment of the present invention, the restricted access includes restricted control plane access and/or restricted user plane access.

In an optional embodiment of the present invention, the restricted connection includes a restricted control plane connection and/or a restricted user plane connection. Credentials and/or subscriptions may be obtained through the restricted connection.

In an optional embodiment of the present invention, the network that can be accessed by using the default certificate includes using the terminal identification corresponding to the default certificate to access the network and passing the authentication and/or authorization of the network through the default certificate.

In an optional embodiment of the present invention, the networks in the first list include networks mapped by the network group in the first list. A netgroup can be mapped to one or more nets.

In an optional embodiment of the present invention, the network in the list of networks that can configure certificates and/or subscriptions includes that the first communication device can access restricted, and enables the first communication device Network to obtain a certificate and/or sign up.

In an optional embodiment of the present invention, the characteristics of the networks in the first list include that the first communication device can access restricted, and can enable the first communication device to obtain a certificate and/or contracted network.

In an optional embodiment of the present invention, the subscription (suscription) includes subscription data (subscription data), such as slice information, a data network name (Data Network Name, DNN), and the like.

In an optional embodiment of the present invention, the A network is used to refer to a network in general, or to refer to one or more networks in particular.

In an optional embodiment of the present invention, the certificate and/or subscription of the first object includes a certificate and/or subscription for accessing the first object. The credentials and/or subscriptions for accessing the first object include at least one of the following: credentials and/or subscriptions for unrestricted access to the first object, credentials and/or subscriptions for restricted access to the first object contract.

In an optional embodiment of the present invention, the certificate and/or subscription of the A network includes a certificate and/or a subscription for accessing the A network. The certificate and/or subscription for accessing the A network includes at least one of the following: a certificate and/or subscription for unrestricted access to the A network, and a certificate and/or subscription for restricted access to the A network.

In an optional embodiment of the present invention, configuring a certificate and/or a subscription for the first communication device includes causing the first communication device to obtain a certificate and/or a subscription.

In an optional embodiment of the present invention,

(1) Optionally, causing the first communication device to obtain a certificate and/or a subscription includes: configuring a certificate and/or a subscription for the first communication device.

(2) Optionally, causing the first communication device to obtain the certificate and/or the subscription through the control plane method includes: configuring the certificate and/or the subscription for the first communication device through the control plane method.

(3) Optionally, causing the first communication device to obtain the certificate and/or subscription through the user plane method includes: configuring the certificate and/or the subscription through the user plane method for the first communication device.

(4) Optionally, causing the first communication device to obtain the certificate and/or contract of the first object through a control plane method includes: configuring the first communication device through a control plane method with the certificate and/or the first object's certificate contract.

and / or

(5) Optionally, enabling the first communication device to obtain the first object's certificate and/or signing the contract through the user plane method includes: configuring the first object's certificate and/or the first object's certificate for the first communication device through the user plane method. contract.

In an optional embodiment of the present invention,

(1) Optionally, configuring a certificate and/or signing a contract for the first communication device includes: causing the first communication device to obtain a certificate and/or signing a contract includes: .

(2) Optionally, configuring the certificate and/or signing the first communication device through the control plane method includes: causing the first communication device to obtain the certificate and/or signing the contract through the control plane method includes:

(3) Optionally, configuring the certificate and/or signing the first communication device through the user plane method includes: causing the first communication device to obtain the certificate and/or signing the contract through the user plane method includes:

(4) Optionally, configuring the certificate and/or subscription of the first object for the first communication device through the control plane method includes causing the first communication device to obtain the certificate and/or subscription of the first object through the control plane method .

and / or

(5) Optionally, configuring the certificate and/or signing of the first object for the first communication device through the user plane method includes: enabling the first communication device to obtain the certificate and/or the first object's certificate through the user plane method. contract. It is not difficult to understand that when the certificate and/or subscription of the first network is provided by an entity other than the network accessed by the terminal, the configuring the certificate and/or the subscription for the first communication device may be understood as making the first communication The communication device obtains the certificate and/or the subscription of the first object by means of the user plane.

A method, apparatus, device, and readable storage medium for supporting network selection provided by the embodiments of the present application will be described in detail below with reference to the accompanying drawings through some embodiments and application scenarios thereof.

<1st>

Referring to FIG. 2 , an embodiment of the present application provides a method for supporting network selection, which is performed by a first communication device, where the first communication device includes but is not limited to a terminal (UE). The specific steps include: step 201 and step 202 .

Step 201: Obtain first information, where the first information includes: a first list, a second list and/or first indication information;

Step 202: Select a network according to the first information;

In an optional embodiment of the present invention, the first list includes one of the following:

(1) one or more network objects;

(2) Identification information of one or more network objects;

In an optional embodiment of the present invention, the characteristics of the networks in the first list include at least one of the following:

(1) The first communication device is capable of restricted access;

(2) enabling the first communication device to obtain a certificate and/or to sign a contract;

(3) The first communication device can access by using the default certificate;

In an implementation manner, the characteristics of the networks in the first list include networks to which the first communication device can access restricted and enable the first communication device to obtain a certificate and/or a subscription.

In one embodiment, the default credentials include credentials for the restricted access mode.

In another optional embodiment of the present invention, the first list includes at least one of the following:

(1) A list of networks that can be restricted to access;

(2) A list of networks that can configure certificates and/or subscriptions;

(3) A list of networks that can be accessed using the default certificate;

In an implementation manner, the characteristics of the networks in the list of networks that can be configured with certificates and/or subscribed include one of the following: the first communication device is capable of restricted access and enables the first communication device to obtain a certificate and/or contract, the first communication device can access by using the default certificate.

In an optional embodiment of the present invention, the second list includes:

(1) one or more network objects;

(2) Identification information of one or more network objects;

In an optional embodiment of the present invention, the characteristics of the networks in the second list include at least one of the following:

(1) The first communication device cannot be accessed;

(2) The first communication device cannot be made to obtain a certificate and/or a contract;

(3) The first communication device cannot access using the default certificate;

In another optional embodiment of the present invention, the second list includes at least one of the following:

(1) A list of networks that cannot be restricted to access;

(2) The list of networks for which certificates and/or subscriptions cannot be configured;

(3) A list of networks that cannot be accessed using the default certificate;

Wherein, the network list includes:

(1) one or more network objects;

(2) Identification information of one or more network objects;

Wherein, the network object includes a network and/or a network group;

(1) Supports or does not support configuring certificates and/or signing;

(2) Support or not support the configuration of certificates and/or signing through the control plane;

(3) Support or not support the configuration of certificates and/or signing through the user plane;

(4) Supports or does not support configuration of certificates and/or subscriptions based on restricted access;

(5) Supports or does not support the configuration of certificates and/or subscriptions by means of the control plane based on restricted access;

(6) Supports or does not support the configuration of certificates and/or subscriptions through the user plane based on restricted access;

(7) Support or not support the configuration of certificates and/or subscriptions based on unrestricted access;

(8) Supports or does not support the configuration of certificates and/or subscriptions based on unrestricted access by means of the control plane;

(9) Supports or does not support the configuration of certificates and/or subscriptions through the user plane based on unrestricted access.

In an implementation manner, the first communication device obtains the first list and/or the second list through pre-configuration. In another implementation manner, the first communication device obtains the first list and/or the second list from the accessed network or the first server. The first server is a server that configures a certificate and/or a subscription for the first communication device.

In an optional embodiment of the present invention, the certificate and/or contract includes at least one of the following: a certificate and/or a contract for the first object; a certificate and/or a contract for primary authentication and/or authorization , for certificates and/or signings other than primary authentication and/or authorization;

In one embodiment, the non-primary authentication and/or authorization includes at least one of the following: secondary authentication and/or authorization (Secondary authentication/authorization), slice-related authentication and/or authorization (Network Slice-Specific Authentication and Authorization, NSSAA).

in,

The first object includes at least one of the following: A network, a first entity, a network accessed by the first communication device, primary authentication and/or authorization, and non-primary authentication and/or authorization;

The first entity includes one of the following: an entity in a data network, an entity outside the network accessed by the first communication device;

in,

The A network is the same as or different from the network in the first list;

and / or,

the A network is the same as or different from the network in the second list;

and / or,

The A network is the same as or different from the network accessed by the first communication device; and/or,

The obtaining of the certificate and/or signing includes at least one of the following: obtaining the certificate and/or signing through the control plane, and obtaining the certificate and/or signing through the user plane;

and / or,

The list of networks capable of configuring certificates and/or subscriptions includes at least one of the following: a list of networks capable of configuring certificates and/or subscriptions in a control plane manner, and a list of networks capable of configuring certificates and/or subscriptions in a user plane manner;

In an implementation manner, the characteristics of the networks in the list of networks that can configure certificates and/or subscriptions by means of the control plane include one of the following: the first communication device can have restricted access, and the first communication device can The certificate and/or the subscription is obtained by means of the control plane, and the first communication device can access by using the default certificate.

In an implementation manner, the characteristics of the networks in the list of networks that can be configured with certificates and/or subscriptions in a user plane manner include one of the following: the first communication device can have restricted access, and the first communication device can Obtaining the certificate and/or signing the contract through the user plane, the first communication device can access by using the default certificate.

In an optional embodiment of the present invention, enabling the first communication device to obtain a certificate and/or signing a contract includes at least one of the following: enabling the first communication device to obtain a certificate and/or To sign a contract, the first communication device can obtain a certificate and/or a contract through a user plane method.

In an optional embodiment of the present invention, the certificate and/or subscription of the first object includes a certificate and/or subscription for accessing the first object.

In an optional embodiment of the present invention, the first list is a first list corresponding to the first object, and the first lists corresponding to different first objects are the same or different;

and / or,

The second list is a second list corresponding to the first object, and the second lists corresponding to different first objects are the same or different;

and / or,

The list of networks capable of configuring certificates and/or subscriptions includes: a list of networks capable of configuring certificates and/or subscriptions of the first object;

and / or,

The list of networks for which the certificate and/or subscription cannot be configured includes: the list of networks for which the certificate and/or subscription of the first object cannot be configured;

and / or,

The enabling of the first communication device to obtain the certificate and/or the contract includes: enabling the first communication device to obtain the certificate and/or the contract of the first object;

and / or,

The inability to enable the first communication device to obtain the certificate and/or the contract includes: the inability to enable the first communication device to obtain the certificate and/or the contract of the first object.

In an optional embodiment of the present invention, the first list corresponding to the first object includes: a first list corresponding to the first object through the control plane, and the first object corresponding to the user the first list of face modes;

in,

The first list corresponding to the first object through the control plane method and the first list through the user plane method corresponding to the first object are the same or different;

The network corresponding to the first object in the first list by means of the control plane includes a network capable of enabling the first communication device to obtain the certificate and/or subscription of the first object by means of the control plane;

The network corresponding to the first object in the first list through the user plane method includes a network that enables the first communication device to obtain the certificate and/or subscription of the first object through the user plane method;

and / or,

The second list corresponding to the first object includes: a second list corresponding to the first object through a control plane method, and a second list corresponding to the first object through a user plane method;

in,

The second list corresponding to the first object through the control plane method and the second list corresponding to the first object through the user plane method are the same or different;

The networks in the second list by means of the control plane corresponding to the first object include networks that cannot enable the first communication device to obtain the certificate and/or subscription of the first object by means of the control plane;

The networks in the second list corresponding to the first object through the user plane method include networks that cannot enable the first communication device to obtain the certificate and/or subscription of the first object through the user plane method;

and / or,

The list of networks that can configure the certificate and/or subscription of the first object includes at least one of the following: a list of networks that can configure the certificate and/or subscription of the first object through the control plane, and the certificate of the first object can be configured through the user plane. and/or a list of contracted networks;

and / or,

The list of networks for which the certificate and/or subscription of the first object cannot be configured includes at least one of the following: a list of the subject's credentials and/or contracted networks;

and / or,

The ability to enable the first communication device to obtain the certificate and/or the contract of the A object includes at least one of the following: enabling the first communication device to obtain the certificate and/or the contract of the first object by means of a control plane, enabling the first communication device to obtain the certificate and/or contract of the first object The first communication device obtains the certificate and/or the subscription of the first object by means of the user plane;

and / or,

The inability to enable the first communication device to obtain the certificate and/or the contract of the A object includes at least one of the following: the first communication device cannot be enabled to obtain the certificate and/or the contract of the first object by means of the control plane; The first communication device is caused to obtain the certificate and/or subscription of the first object through the user plane.

In an optional embodiment of the present invention, the network type of the network in the first list, the network type of the network in the second list, and/or the network type of the A network include at least one of the following: a public network, Non-public network, PLMN, non-independent non-public network (Public Network Integrated Non-Public Network, PNI-NPN), SNPN.

In an optional embodiment of the present invention, the obtaining the first indication information includes:

The first indication information is broadcast from the cell or received from the second communication device.

In an optional embodiment of the present invention, the method further includes:

Obtain at least one of the following by accessing the network in the first list:

(1) the certificate and/or contract of the first object,

(2) identification information of the first object;

(3) the first list corresponding to the first object;

(4) the second list corresponding to the first object;

In an optional embodiment of the present invention, the selecting a network according to the first information includes: selecting the first network when the first condition is satisfied;

Wherein, the first condition includes at least one of the following:

the first network is a network in the first list;

The first indication information is obtained from the first network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions; support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;

The terminal needs to obtain the certificate and/or contract of the first object;

The first list includes at least one of the following: a list of networks that can configure the certificate and/or subscription of the first object; a first list corresponding to the first object; the networks in the first list can enable the first communication device to obtain The certificate and/or subscription of the first object; the list of allowed networks corresponding to the certificate and/or subscription of the first object;

The first network has the highest priority in the first list;

The first communication device is within the coverage of the first network or the first communication device can monitor the signal of the first network.

In an optional embodiment of the present invention, the selecting a network according to the first information includes:

When the second condition is met, the second network is selected;

Wherein, the second condition includes at least one of the following:

the second network is not a network in the second list;

The first indication information is obtained from the second network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions; support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;

The second list includes at least one of the following: a list of networks that cannot configure the certificate and/or subscription of the first object; a second list corresponding to the first object; the networks in the second list cannot enable the first communication The device obtains the certificate and/or subscription of the first object; the list of disallowed networks corresponding to the certificate and/or subscription of the first object;

The first communication device is out of coverage of any network in the first list or the first communication device cannot monitor the signal of any network in the first list.

In an optional embodiment of the present invention, the networks in the first list are sorted by priority.

When the third condition is met, select the third network;

Wherein, the third condition includes at least one of the following:

the third network is a network in the first list;

The first indication information is obtained from the third network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions; support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;

The first list includes at least one of the following: a first list corresponding to the first object in a control plane manner, a list of networks that can configure the certificate and/or subscription of the first object in a control plane manner; networks in the first list The first communication device can be enabled to obtain the certificate and/or subscription of the first object through the control plane; the first communication device is within the coverage of the third network or the first communication device can monitor the signal of the third network ;

and / or,

When the fourth condition is met, select the fourth network;

Wherein, the fourth condition includes at least one of the following:

the fourth network is a network in the first list;

The first indication information is obtained from the fourth network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions, support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;

The first list includes at least one of the following: a first list corresponding to the first object through a user plane method, and a network list of certificates and/or subscriptions of the first object that can be configured through a user plane method; the first list The networks in the list can enable the first communication device to obtain the certificate and/or subscription of the first object through the user plane;

The first communication device is within the coverage of the fourth network or the first communication device can monitor the signal of the fourth network.

In this embodiment of the present application, the first communication device is instructed to select a network for downloading the certificate and/or signing the contract through the first indication information.

In this embodiment of the present application, the first communication device may select a network for downloading a certificate and/or signing a subscription according to the first information.

Referring to FIG. 3 , an embodiment of the present application provides a method for supporting network selection, which is performed by a second communication device, where the second communication device includes but is not limited to one of the following: a RAN network element, a CN network element (such as access and mobility Management function (Access and Mobility Management Function, AMF), session management function (Session Management Function, SMF)), the specific steps include:

Step 301: Send first indication information;

(1) Supports or does not support configuring certificates and/or signing;

(3) Support or not support the configuration of certificates and/or signing through the control plane;

(4) Support or not support the configuration of certificates and/or signing through the user plane;

(5) Supports or does not support configuration of certificates and/or subscriptions based on restricted access;

(6) Supports or does not support the configuration of certificates and/or subscriptions through the control plane based on restricted access;

(7) Supports or does not support the configuration of certificates and/or subscriptions through the user plane based on restricted access;

(8) Supports or does not support configuration of certificates and/or subscriptions based on unrestricted access;

(9) Supports or does not support the configuration of certificates and/or subscriptions through the control plane based on unrestricted access;

(10) Supports or does not support the configuration of certificates and/or subscriptions through the user plane based on unrestricted access.

In an implementation manner, the first indication information is broadcast through a cell system message.

In an implementation manner, the second communication device is a communication device in the first network or the second network

Referring to FIG. 4 , an embodiment of the present application provides a method for supporting network selection, which is performed by a third communication device, where the third communication device includes but is not limited to one of the following: a RAN network element, a CN network element (such as AMF, SMF), The first server, the first entity, the specific steps include:

Step 401: Send the first list and/or the second list;

In an optional embodiment of the present invention, the first list includes:

(1) one or more network objects;

(2) Identification information of one or more network objects;

The characteristics of the networks in the first list include at least one of the following:

(1) The first communication device is capable of restricted access;

(2) enabling the first communication device to obtain a certificate and/or sign a contract;

(3) The first communication device can access by using the default certificate;

In an implementation manner, the networks in the first list include networks to which the first communication device can access restricted and enable the first communication device to obtain a certificate and/or a subscription.

(1) A list of networks that can be restricted to access,

(2) A list of networks capable of configuring certificates and/or subscriptions,

(3) A list of networks that can be accessed using the default certificate;

, in an optional embodiment of the present invention, the second list includes:

(1) one or more network objects;

(2) Identification information of one or more network objects;

The characteristics of the networks in the second list include at least one of the following:

(1) The first communication device cannot be accessed;

(3) The first communication device cannot access using the default certificate;

(1) A list of networks that cannot be restricted to access;

(3) A list of networks that cannot be accessed using the default certificate;

Wherein, the network list includes one or more network objects, or identification information of one or more network objects, and the network objects include networks and/or network groups.

In another optional embodiment of the present invention, the certificate and/or subscription includes at least one of the following: a certificate and/or a contract for the first object; a certificate and/or a certificate for primary authentication and/or authorization Contracts, certificates and/or contracts for non-primary certification and/or authorization;

in,

The A network is the same as or different from the network in the first list;

and / or,

The A network is the same as or different from the network in the second list.

and / or,

The A network is the same as or different from the network accessed by the first communication device;

and / or,

In an implementation manner, enabling the first communication device to obtain a certificate and/or signing a contract includes at least one of the following: enabling the first communication device to obtain a certificate and/or signing a contract through a control plane, enabling the first communication device to obtain a certificate and/or signing a contract; A communication device obtains a certificate and/or a subscription through the user plane.

In an optional embodiment of the present invention, the network type of the network in the first list, the network type of the network in the second list, and/or the network type of the A network include at least one of the following: a public network, Non-public network, PLMN, PNI NPN, SNPN.

In this embodiment of the present application, the first communication device is instructed to select a network for downloading the certificate and/or signing the contract through the first list and/or the second list.

Referring to Figure 5, the specific steps are as follows

Step 1: Configure the terminal to obtain the first object (eg, SNPN2) certificate and/or the first list corresponding to the subscription (eg, a mixed network list of SNPN and PLMN).

Step 2: Receive the first indication information sent by the second communication device (such as the RAN network element or the CN network element);

Step 3: Select a network according to the first list and the first indication information.

It can be understood that, for the implementation of step 3, reference may be made to the description of the embodiment shown in FIG. 2 . <1st>

Referring to FIG. 6 , an embodiment of the present application provides an apparatus for supporting network selection, which is applied to a first communication device. The apparatus 600 includes:

A first obtaining module 601, configured to obtain first information, where the first information includes: a first list, a second list and/or first indication information;

a selection module 602, configured to select a network according to the first information;

In an optional embodiment of the present invention, the first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include the following At least one item: the first communication device is capable of restricted access, enabling the first communication device to obtain a certificate and/or signing a contract, and the first communication device can access by using a default certificate;

A list of networks that can be restricted to access;

A list of networks that can configure certificates and/or subscriptions;

A list of networks that can be accessed using the default certificate;

In an implementation manner, the networks in the list of networks that can be configured with certificates and/or subscriptions include networks that the first communication device can access restricted and enable the first communication device to obtain certificates and/or subscriptions. network.

In an optional embodiment of the present invention, the second list includes one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the second list include at least the following: Item 1: the first communication device cannot be accessed, the first communication device cannot be made to obtain a certificate and/or a contract, and the first communication device cannot access using a default certificate;

A list of networks that cannot be restricted to access;

inability to configure certificates and/or signed network lists;

A list of networks that cannot be accessed using the default certificate;

Supports or does not support provisioning certificates and/or signing;

In an implementation manner, the first communication device obtains the first list and/or the second list through pre-configuration.

The credentials and/or subscriptions of the first object include credentials and/or subscriptions for accessing the first object.

in,

Wherein, the A network is the same as or different from the network in the first list;

and / or,

the A network is the same as or different from the network in the second list;

and / or,

Enabling the first communication device to obtain a certificate and/or signing a contract includes at least one of the following: enabling the first communication device to obtain a certificate and/or signing a contract through a control plane, enabling the first communication device to obtain a certificate and/or signing through a user plane way to obtain a certificate and/or contract.

and / or,

in,

The networks in the first list by means of the control plane corresponding to the first object include: networks capable of enabling the first communication device to obtain the certificate and/or subscription of the first object by means of the control plane;

The network corresponding to the first object in the first list through the user plane method includes: a network capable of enabling the first communication device to obtain the certificate and/or subscription of the first object through the user plane method;

and / or,

in,

and / or,

The list of networks that can configure the certificate and/or subscription of the first object includes at least one of the following: a list of networks that can configure the certificate and/or subscription of the first object in a control plane mode, and a list of networks that can configure the certificate and/or subscription of the first object in a user plane mode. the certificate and/or contracted network list of the first object;

and / or,

The list of networks for which the certificate and/or contract of the first object cannot be configured includes at least one of the following: the list of networks for which the certificate and/or the contract of the first object cannot be configured through the control plane, and the list of networks that cannot be configured through the user plane way to configure the certificate and/or contracted network list of the first object;

and / or,

The enabling of the first communication device to obtain the certificate and/or the contract of the first object includes at least one of the following: enabling the first communication device to obtain the certificate and/or the contract of the first object by means of a control plane , enabling the first communication device to obtain the certificate and/or contract of the first object through the user plane;

and / or,

The inability to enable the first communication device to obtain the first object's certificate and/or the contract includes at least one of the following: inability to enable the first communication device to obtain the first object's certificate and/or by means of the control plane or contract, the first communication device cannot obtain the certificate and/or contract of the first object through the user plane method.

In an optional embodiment of the present invention, the network types of the networks in the first list, the networks in the second list, and/or the A network include at least one of the following: public network, non-public network, PLMN, PNI NPN, SNPN.

In an optional embodiment of the present invention, the first obtaining module 601 is further configured to: broadcast from a cell or receive the first indication information from a second communication device.

In an optional embodiment of the present invention, the apparatus 600 further includes:

The second obtaining module is configured to obtain at least one of the following items by accessing the network in the first list:

the certificate and/or contract of the first object,

identification information of the first object;

a first list corresponding to the first object;

a second list corresponding to the first object;

In an optional embodiment of the present invention, the selection module 602 is further configured to:

When the first condition is met, the first network is selected;

Wherein, the first condition includes at least one of the following:

the first network is a network in the first list;

The first network has the highest priority in the first list;

When the second condition is met, the second network is selected;

Wherein, the second condition includes at least one of the following:

the second network is not a network in the second list;

The second list includes at least one of the following: a list of networks that cannot configure the certificate and/or subscription of the first object; a second list corresponding to the first object; The first communication device obtains the certificate and/or subscription of the first object; the list of disallowed networks corresponding to the certificate and/or subscription of the first object;

When the third condition is met, select the third network;

Wherein, the third condition includes at least one of the following:

the third network is a network in the first list;

The first list includes at least one of the following: a first list corresponding to the first object in a control plane manner, and a network list of certificates and/or subscriptions of the first object that can be configured in a control plane manner; the first The networks in the list can enable the first communication device to obtain the certificate and/or subscription of the first object through the control plane; the first communication device is within the coverage of the third network or the first communication device can monitor the signal to the third network;

and / or,

When the fourth condition is met, select the fourth network;

Wherein, the fourth condition includes at least one of the following:

the fourth network is a network in the first list;

The apparatus provided in the embodiment of the present application can implement each process implemented by the method embodiment shown in FIG. 2 , and achieve the same technical effect. To avoid repetition, details are not described here.

Referring to FIG. 7 , an embodiment of the present application provides an apparatus for supporting network selection, which is applied to a second communication device. The apparatus 700 includes:

a first sending module 701, configured to send first indication information;

Supports or does not support provisioning certificates and/or signing;

The apparatus provided in this embodiment of the present application can implement each process implemented by the method embodiment shown in FIG. 3 , and achieve the same technical effect. To avoid repetition, details are not described here.

Referring to FIG. 8 , an embodiment of the present application provides an apparatus for supporting network selection, which is applied to a third communication device. The apparatus 800 includes:

A second sending module 801, configured to send the first list and/or the second list;

In an optional embodiment of the present invention, the first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include the following At least one item: the first communication device is capable of restricted access, enabling the first communication device to obtain a certificate and/or sign a contract, and the first communication device can access by using a default certificate;

A list of networks that can be restricted to access,

Ability to configure a list of certificates and/or signed networks,

A list of networks that can be accessed using the default certificate;

A list of networks that cannot be restricted to access;

inability to configure certificates and/or signed network lists;

A list of networks that cannot be accessed using the default certificate;

in,

The A network is the same as or different from the network in the first list;

and / or,

The A network is the same as or different from the network in the second list.

and / or,

In an optional embodiment of the present invention, the network type of the network in the first list, the network type of the network in the second list, and/or the network type of the A network include at least one of the following: public network, non-public network, PLMN, PNI NPN, SNPN.

The apparatus provided in this embodiment of the present application can implement each process implemented by the method embodiment shown in FIG. 4 , and achieve the same technical effect. To avoid repetition, details are not repeated here.

FIG. 9 is a schematic diagram of the hardware structure of a terminal implementing an embodiment of the present application. The terminal 900 includes but is not limited to: a radio frequency unit 901, a network module 902, an audio output unit 903, an input unit 904, a sensor 905, a display unit 906, a user Input unit 907, interface unit 908, memory 909, processor 910 and other components.

Those skilled in the art can understand that the terminal 900 may also include a power source (such as a battery) for supplying power to various components, and the power source may be logically connected to the processor 910 through a power management system, so as to manage charging, discharging, and power consumption through the power management system management and other functions. The terminal structure shown in FIG. 9 does not constitute a limitation on the terminal, and the terminal may include more or less components than shown, or combine some components, or arrange different components, which will not be repeated here.

It should be understood that, in this embodiment of the present application, the input unit 904 may include a graphics processor (Graphics Processing Unit, GPU) 9041 and a microphone 9042. Such as camera) to obtain still pictures or video image data for processing. The display unit 906 may include a display panel 9061, which may be configured in the form of a liquid crystal display, an organic light emitting diode, or the like. The user input unit 907 includes a touch panel 9071 and other input devices 9072 . The touch panel 9071 is also called a touch screen. The touch panel 9071 may include two parts, a touch detection device and a touch controller. Other input devices 9072 may include, but are not limited to, physical keyboards, function keys (such as volume control keys, switch keys, etc.), trackballs, mice, and joysticks, which will not be repeated here.

In the embodiment of the present application, the radio frequency unit 901 receives the downlink data from the network side device, and then processes it to the processor 910; in addition, sends the uplink data to the network side device. Generally, the radio frequency unit 901 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier, a duplexer, and the like.

Memory 909 may be used to store software programs or instructions as well as various data. The memory 909 may mainly include a storage program or instruction area and a storage data area, wherein the stored program or instruction area may store an operating system, an application program or instruction required for at least one function (such as a sound playback function, an image playback function, etc.) and the like. In addition, the memory 909 may include a high-speed random access memory, and may also include a non-volatile memory, wherein the non-volatile memory may be a read-only memory (Read-Only Memory, ROM), a programmable read-only memory (Programmable ROM) , PROM), erasable programmable read-only memory (Erasable PROM, EPROM), electrically erasable programmable read-only memory (Electrically EPROM, EEPROM) or flash memory. For example at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device.

The processor 910 may include one or more processing units; optionally, the processor 910 may integrate an application processor and a modem processor, wherein the application processor mainly processes the operating system, user interface, application programs or instructions, etc., Modem processors mainly deal with wireless communications, such as baseband processors. It can be understood that, the above-mentioned modulation and demodulation processor may not be integrated into the processor 910.

The terminal provided in this embodiment of the present application can implement each process implemented by the method embodiment shown in FIG. 2 and achieve the same technical effect. To avoid repetition, details are not described here.

The embodiment of the present application also provides a network side device. As shown in FIG. 10 , the network side device 1000 includes: an antenna 1001 , a radio frequency device 1002 , and a baseband device 1003 . The antenna 1001 is connected to the radio frequency device 1002 . In the uplink direction, the radio frequency device 1002 receives information through the antenna 1001, and sends the received information to the baseband device 1003 for processing. In the downlink direction, the baseband device 1003 processes the information to be sent and sends it to the radio frequency device 1002 , and the radio frequency device 1002 processes the received information and sends it out through the antenna 1001 .

The above-mentioned frequency band processing apparatus may be located in the baseband apparatus 1003 , and the method performed by the network side device in the above embodiments may be implemented in the baseband apparatus 1003 . The baseband apparatus 1003 includes a processor 1004 and a memory 1005 .

The baseband device 1003 may include, for example, at least one baseband board on which multiple chips are arranged, as shown in FIG. 10 , one of the chips is, for example, the processor 1004 , which is connected to the memory 1005 to call a program in the memory 1005 to execute The network devices shown in the above method embodiments operate.

The baseband device 1003 may also include a network interface 1006 for exchanging information with the radio frequency device 1002, and the interface is, for example, a Common Public Radio Interface (CPRI for short).

Specifically, the network-side device in this embodiment of the present application further includes: an instruction or program stored in the memory 1005 and executable on the processor 1004, and the processor 1004 invokes the instruction or program in the memory 1005 to execute the instructions or programs shown in FIGS. 7-8. The methods performed by each module are shown, and the same technical effect is achieved. In order to avoid repetition, it is not repeated here.

An embodiment of the present application further provides a program product, where the program product is stored in a non-volatile storage medium, and the program product is executed by at least one processor to implement the processing method as described in FIG. 2 to FIG. 4 . A step of.

An embodiment of the present application further provides a readable storage medium, where a program or an instruction is stored on the readable storage medium, and when the program or instruction is executed by a processor, each process of the method embodiment shown in FIG. 2 to FIG. 4 is implemented. , and can achieve the same technical effect, in order to avoid repetition, it is not repeated here.

Wherein, the processor is the processor in the terminal described in the foregoing embodiment. The readable storage medium includes a computer-readable storage medium, such as a computer read-only memory (Read-Only Memory, ROM), a random access memory (Random Access Memory, RAM), a magnetic disk or an optical disk, and the like.

An embodiment of the present application further provides a chip, where the chip includes a processor and a communication interface, the communication interface is coupled to the processor, and the processor is used to run a network-side device program or instruction to implement the above-mentioned FIG. 2- The various processes of the method embodiment shown in FIG. 4 can achieve the same technical effect, and are not repeated here in order to avoid repetition.

It should be understood that the chip mentioned in the embodiments of the present application may also be referred to as a system-on-chip, a system-on-chip, a system-on-chip, or a system-on-a-chip, or the like.

It should be noted that, herein, the terms "comprising", "comprising" or any other variation thereof are intended to encompass non-exclusive inclusion, such that a process, method, article or device comprising a series of elements includes not only those elements, It also includes other elements not expressly listed or inherent to such a process, method, article or apparatus. Without further limitation, an element qualified by the phrase "comprising a..." does not preclude the presence of additional identical elements in a process, method, article or apparatus that includes the element. Furthermore, it should be noted that the scope of the methods and apparatus in the embodiments of the present application is not limited to performing the functions in the order shown or discussed, but may also include performing the functions in a substantially simultaneous manner or in the reverse order depending on the functions involved. To perform functions, for example, the described methods may be performed in an order different from that described, and various steps may also be added, omitted, or combined. Additionally, features described with reference to some examples may be combined in other examples.

From the description of the above embodiments, those skilled in the art can clearly understand that the method of the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course can also be implemented by hardware, but in many cases the former is better implementation. Based on this understanding, the technical solution of the present application can be embodied in the form of a software product in essence or in a part that contributes to the prior art, and the computer software product is stored in a storage medium (such as ROM/RAM, magnetic disk, CD-ROM), including several instructions to make a terminal (which may be a mobile phone, a computer, a server, or a network device, etc.) execute the methods described in the various embodiments of this application.

The embodiments of the present application have been described above in conjunction with the accompanying drawings, but the present application is not limited to the above-mentioned specific embodiments, which are merely illustrative rather than restrictive. Under the inspiration of this application, without departing from the scope of protection of the purpose of this application and the claims, many forms can be made, which all fall within the protection of this application.

Claims

A method for supporting network selection, performed by a first communication device, comprising:

obtaining first information, where the first information includes: a first list, a second list and/or first indication information;

selecting a network according to the first information;

in,

The first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include at least one of the following: the first communication device can be limited access, enabling the first communication device to obtain a certificate and/or to sign a contract, and the first communication device can access by using a default certificate;

Alternatively, the first list includes at least one of the following:

A list of networks that can be restricted to access;

A list of networks that can configure certificates and/or subscriptions;

A list of networks that can be accessed using the default certificate;

The second list includes one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the second list include at least one of the following: the first communication device cannot access , the first communication device cannot obtain a certificate and/or sign a contract, and the first communication device cannot access using the default certificate;

Alternatively, the second list includes at least one of the following:

A list of networks that cannot be restricted to access;

inability to configure certificates and/or signed network lists;

A list of networks that cannot be accessed using the default certificate;

Wherein, the network list includes one or more network objects, or identification information of one or more network objects; the network objects include networks and/or network groups;

The first indication information is used to indicate at least one of the following:

Supports or does not support provisioning certificates and/or signing;

Supports or does not support the configuration of certificates and/or signing through the control plane;

Supports or does not support the configuration of certificates and/or signing through the user plane;

Supports or does not support configuration of certificates and/or subscriptions based on restricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the control plane based on restricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the user plane based on restricted access;

Supports or does not support provisioning credentials and/or subscriptions based on unrestricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the control plane based on unrestricted access;

Configuration of certificates and/or subscriptions via the user plane based on unrestricted access is supported or not.
The method according to claim 1, wherein the certificate and/or subscription includes at least one of the following: a certificate and/or a subscription for the first object; a certificate and/or a subscription for primary authentication and/or authorization, using for certificates and/or contracts other than primary certification and/or authorization;

in,

The first object includes at least one of the following: A network, a first entity, a network accessed by the first communication device, primary authentication and/or authorization, and non-primary authentication and/or authorization;

The first entity includes one of the following: an entity in a data network, an entity outside the network accessed by the first communication device;

in,

The A network is the same as or different from the network in the first list;

and / or,

the A network is the same as or different from the network in the second list;

and / or,

The A network is the same as or different from the network accessed by the first communication device;

and / or,

The obtaining of the certificate and/or signing includes at least one of the following: obtaining the certificate and/or signing through the control plane, and obtaining the certificate and/or signing through the user plane;

and / or,

The list of networks capable of configuring certificates and/or subscriptions includes at least one of the following: a list of networks capable of configuring certificates and/or subscriptions in a control plane manner, and a list of networks capable of configuring certificates and/or subscriptions in a user plane manner;

and / or,

Enabling the first communication device to obtain a certificate and/or signing a contract includes at least one of the following: enabling the first communication device to obtain a certificate and/or signing a contract through a control plane, enabling the first communication device to obtain a certificate through a user plane way to obtain a certificate and/or contract.
The method of claim 2, wherein,

The first list is a first list corresponding to the first object, and the first lists corresponding to different first objects are the same or different;

and / or,

The second list is a second list corresponding to the first object, and the second lists corresponding to different first objects are the same or different;

and / or,

The list of networks capable of configuring certificates and/or subscriptions includes: a list of networks capable of configuring certificates and/or subscriptions of the first object;

and / or,

The list of networks for which the certificate and/or subscription cannot be configured includes: the list of networks for which the certificate and/or subscription of the first object cannot be configured;

and / or,

The enabling of the first communication device to obtain the certificate and/or the contract includes: enabling the first communication device to obtain the certificate and/or the contract of the first object;

and / or,

The inability to enable the first communication device to obtain the certificate and/or the contract includes: the inability to enable the first communication device to obtain the certificate and/or the contract of the first object.
The method according to claim 3, wherein the first list corresponding to the first object comprises: a first list corresponding to the first object through a control plane method, and a user plane method corresponding to the first object the first list of;

in,

The first list corresponding to the first object through the control plane method and the first list corresponding to the first object through the user plane method are the same or different;

The networks in the first list by means of the control plane corresponding to the first object include: networks capable of enabling the first communication device to obtain the certificate and/or subscription of the first object by means of the control plane;

The network in the first list corresponding to the first object through the user plane method includes: a network that enables the first communication device to obtain the certificate and/or subscription of the first object through the user plane method;

and / or,

The second list corresponding to the first object includes: a second list corresponding to the first object through a control plane method, and a second list corresponding to the first object through a user plane method;

in,

The second list corresponding to the first object through the control plane method and the second list corresponding to the first object through the user plane method are the same or different;

The networks in the second list by means of the control plane corresponding to the first object include networks that cannot enable the first communication device to obtain the certificate and/or subscription of the first object by means of the control plane;

The networks in the second list corresponding to the first object through the user plane method include networks that cannot enable the first communication device to obtain the certificate and/or subscription of the first object through the user plane method;

and / or,

The list of networks that can configure the certificate and/or subscription of the first object includes at least one of the following: a list of networks that can configure the certificate and/or subscription of the first object in a control plane mode, and a list of networks that can configure the certificate and/or subscription of the first object in a user plane mode. the certificate and/or contracted network list of the first object;

and / or,

The list of networks for which the certificate and/or contract of the first object cannot be configured includes at least one of the following: the list of networks for which the certificate and/or the contract of the first object cannot be configured through the control plane, and the list of networks that cannot be configured through the user plane way to configure the certificate and/or contracted network list of the first object;

and / or,

The enabling of the first communication device to obtain the certificate and/or the contract of the first object includes at least one of the following: enabling the first communication device to obtain the certificate and/or the contract of the first object by means of a control plane , enabling the first communication device to obtain the certificate and/or contract of the first object through the user plane;

and / or,

The inability to enable the first communication device to obtain the first object's certificate and/or the contract includes at least one of the following: inability to enable the first communication device to obtain the first object's certificate and/or by means of the control plane or contract, the first communication device cannot obtain the certificate and/or contract of the first object through the user plane method.
The method according to claim 1 or 2, wherein the network types of the network in the first list, the network in the second list, and/or the A network include at least one of the following: public network, non-public network, PLMN, PNI NPN, SNPN.
The method according to claim 1, wherein the obtaining the first indication information comprises:

The first indication information is broadcast from the cell or received from the second communication device.
The method of claim 1, wherein the method further comprises:

Obtain at least one of the following by accessing the network in the first list:

the certificate and/or contract of the first object,

the identification information of the first object;

a first list corresponding to the first object;

the second list corresponding to the first object.
The method according to any one of claims 1 to 3, wherein the selecting a network according to the first information comprises:

When the first condition is met, the first network is selected;

Wherein, the first condition includes at least one of the following:

the first network is a network in the first list;

The first indication information is obtained from the first network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions; support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;

The terminal needs to obtain the certificate and/or contract of the first object;

The first list includes at least one of the following: a list of networks that can configure the certificate and/or subscription of the first object; a first list corresponding to the first object; the networks in the first list can enable the first communication device to obtain The certificate and/or subscription of the first object; the list of allowed networks corresponding to the certificate and/or subscription of the first object;

The first network has the highest priority in the first list;

The first communication device is within the coverage of the first network or the first communication device can monitor the signal of the first network.
The method according to any one of claims 1 to 4, wherein the selecting a network according to the first information comprises:

When the second condition is met, the second network is selected;

Wherein, the second condition includes at least one of the following:

the second network is not a network in the second list;

The first indication information is obtained from the second network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions; support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;

The terminal needs to obtain the certificate and/or contract of the first object;

The second list includes at least one of the following: a list of networks that cannot configure the certificate and/or subscription of the first object; a second list corresponding to the first object; The first communication device obtains the certificate and/or subscription of the first object; the list of disallowed networks corresponding to the certificate and/or subscription of the first object;

The first communication device is out of coverage of any network in the first list or the first communication device cannot monitor the signal of any network in the first list.
The method of claim 1, wherein the networks in the first list are ordered by priority.
The method according to any one of claims 2 to 4, wherein the selecting a network according to the first information comprises:

When the third condition is met, select the third network;

Wherein, the third condition includes at least one of the following:

the third network is a network in the first list;

The first indication information is obtained from the third network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions; support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;

The terminal needs to obtain the certificate and/or contract of the first object;

The first list includes at least one of the following: a first list corresponding to the first object in a control plane manner, and a network list of certificates and/or subscriptions of the first object that can be configured in a control plane manner; the first The networks in the list can enable the first communication device to obtain the certificate and/or subscription of the first object through the control plane; the first communication device is within the coverage of the third network or the first communication device can monitor the signal to the third network;

and / or,

When the fourth condition is met, select the fourth network;

Wherein, the fourth condition includes at least one of the following:

the fourth network is a network in the first list;

The first indication information is obtained from the fourth network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions, support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;

The terminal needs to obtain the certificate and/or contract of the first object;

The first list includes at least one of the following: a first list corresponding to the first object through a user plane method, and a network list of certificates and/or subscriptions of the first object that can be configured through a user plane method; the first list The networks in the list can enable the first communication device to obtain the certificate and/or subscription of the first object through the user plane;

The first communication device is within the coverage of the fourth network or the first communication device can monitor the signal of the fourth network.
A method of supporting network selection, performed by a second communication device, comprising:

sending first indication information;

Wherein, the first indication information is used to indicate at least one of the following:

Supports or does not support provisioning certificates and/or signing;

Supports or does not support the configuration of certificates and/or signing through the control plane;

Supports or does not support the configuration of certificates and/or signing through the user plane;

Supports or does not support configuration of certificates and/or subscriptions based on restricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the control plane based on restricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the user plane based on restricted access;

Supports or does not support provisioning credentials and/or subscriptions based on unrestricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the control plane based on unrestricted access;

Configuration of certificates and/or subscriptions through the user plane based on unrestricted access is supported or not.
A method of supporting network selection, performed by a third communication device, comprising:

send the first list and/or the second list;

The first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include at least one of the following: the first communication device can be limited access, enabling the first communication device to obtain a certificate and/or to sign a contract, and the first communication device can access by using a default certificate;

Alternatively, the first list includes at least one of the following:

A list of networks that can be restricted to access,

Ability to configure a list of certificates and/or signed networks,

A list of networks that can be accessed using the default certificate;

The second list includes one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the second list include at least one of the following: the first communication device cannot access , the first communication device cannot obtain a certificate and/or sign a contract, and the first communication device cannot access using the default certificate;

Alternatively, the second list includes at least one of the following:

A list of networks that cannot be restricted to access;

inability to configure certificates and/or signed network lists;

A list of networks that cannot be accessed using the default certificate;

The network list includes one or more network objects, or the network list includes identification information of one or more network objects, and the network objects include networks and/or network groups.
The method according to claim 13, wherein the certificate and/or subscription includes at least one of the following: a certificate and/or a subscription for the first object; a certificate and/or a subscription for primary authentication and/or authorization, using for certificates and/or contracts other than primary certification and/or authorization;

in,

The first object includes at least one of the following: A network, a first entity, a network accessed by the first communication device, primary authentication and/or authorization, and non-primary authentication and/or authorization;

The first entity includes one of the following: an entity in a data network, an entity outside the network accessed by the first communication device;

The A network is the same as or different from the network in the first list;

and / or,

the A network is the same as or different from the network in the second list;

and / or,

The A network is the same as or different from the network accessed by the first communication device;

and / or,

The obtaining of the certificate and/or signing includes at least one of the following: obtaining the certificate and/or signing through the control plane, and obtaining the certificate and/or signing through the user plane;

and / or,

The list of networks capable of configuring certificates and/or subscriptions includes at least one of the following: a list of networks capable of configuring certificates and/or subscriptions in a control plane manner, and a list of networks capable of configuring certificates and/or subscriptions in a user plane manner;

and / or,

Enabling the first communication device to obtain a certificate and/or signing a contract includes at least one of the following: enabling the first communication device to obtain a certificate and/or signing a contract through a control plane, enabling the first communication device to obtain a certificate through a user plane way to obtain a certificate and/or contract.
The method according to claim 13 or 14, wherein the network type of the network in the first list, the network type of the network in the second list, and/or the network type of the A network include at least one of the following: public network, non-public network, PLMN, PNI NPN, SNPN.
14. The method of claim 13, wherein the networks in the first list are ordered by priority.
An apparatus for supporting network selection, using a first communication device, includes:

a first obtaining module, configured to obtain first information, where the first information includes: a first list, a second list and/or first indication information;

a selection module, configured to select a network according to the first information;

in,

The first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include at least one of the following: the first communication device can be limited access, enabling the first communication device to obtain a certificate and/or to sign a contract, and the first communication device can access by using a default certificate;

Alternatively, the first list includes at least one of the following:

A list of networks that can be restricted to access;

A list of networks that can configure certificates and/or subscriptions;

A list of networks that can be accessed using the default certificate;

The second list includes one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the second list include at least one of the following: the first communication device cannot access , the first communication device cannot obtain a certificate and/or sign a contract, and the first communication device cannot access using the default certificate;

Alternatively, the second list includes at least one of the following:

A list of networks that cannot be restricted to access;

inability to configure certificates and/or signed network lists;

A list of networks that cannot be accessed using the default certificate;

Wherein, the network list includes one or more network objects, or identification information of one or more network objects; the network objects include networks and/or network groups;

The first indication information is used to indicate at least one of the following:

Supports or does not support provisioning certificates and/or signing;

Supports or does not support the configuration of certificates and/or signing through the control plane;

Supports or does not support the configuration of certificates and/or signing through the user plane;

Supports or does not support configuration of certificates and/or subscriptions based on restricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the control plane based on restricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the user plane based on restricted access;

Supports or does not support provisioning credentials and/or subscriptions based on unrestricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the control plane based on unrestricted access;

Configuration of certificates and/or subscriptions through the user plane based on unrestricted access is supported or not.
An apparatus for supporting network selection, applied to a second communication device, comprising:

a first sending module, configured to send the first indication information;

Wherein, the first indication information is used to indicate at least one of the following:

Supports or does not support provisioning certificates and/or signing;

Supports or does not support the configuration of certificates and/or signing through the control plane;

Supports or does not support the configuration of certificates and/or signing through the user plane;

Supports or does not support configuration of certificates and/or subscriptions based on restricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the control plane based on restricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the user plane based on restricted access;

Supports or does not support provisioning credentials and/or subscriptions based on unrestricted access;

Supports or does not support the configuration of certificates and/or subscriptions through the control plane based on unrestricted access;

Configuration of certificates and/or subscriptions via the user plane based on unrestricted access is supported or not.
A device for supporting network selection, applied to a third communication device, comprising:

a second sending module, configured to send the first list and/or the second list;

The first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include at least one of the following: the first communication device can be limited access, enabling the first communication device to obtain a certificate and/or to sign a contract, and the first communication device can access by using a default certificate;

Alternatively, the first list includes at least one of the following:

A list of networks that can be restricted to access,

Ability to configure a list of certificates and/or signed networks,

A list of networks that can be accessed using the default certificate;

The second list includes one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the second list include at least one of the following: the first communication device cannot access , the first communication device cannot obtain a certificate and/or sign a contract, and the first communication device cannot access using the default certificate;

Alternatively, the second list includes at least one of the following:

A list of networks that cannot be restricted to access;

inability to configure certificates and/or signed network lists;

A list of networks that cannot be accessed using the default certificate;

The network list includes one or more network objects, or the network list includes identification information of one or more network objects, and the network objects include networks and/or network groups.
A terminal, comprising: a processor, a memory, and a program stored on the memory and executable on the processor, wherein, when the program is executed by the processor, any one of claims 1 to 11 is implemented A step of the method.
A network-side device, comprising: a processor, a memory, and a program stored on the memory and running on the processor, wherein, when the program is executed by the processor, the implementation of claims 12 to 16 The steps of any one of the methods.
A readable storage medium, wherein a program or an instruction is stored on the readable storage medium, and the program or instruction implements the steps of the method according to any one of claims 1 to 16 when executed by a processor.
A chip, the chip includes a processor and a communication interface, wherein the communication interface is coupled with the processor, and the processor is used to run a network device program or instruction to implement the method as claimed in any one of claims 1 to 11 The steps of the method for supporting network selection described above, or the steps for implementing the method for supporting network selection as claimed in claim 12, or the steps for implementing the method for supporting network selection as claimed in any one of claims 13 to 16.
A computer program product, stored in a non-volatile storage medium, wherein the computer program product is executed by at least one processor to implement a support network as claimed in any one of claims 1 to 11 The steps of the method of selection, or the steps of implementing the method of supporting network selection as claimed in claim 12, or the steps of implementing the method of supporting network selection as claimed in any one of claims 13 to 16.