WO2022166891A1 - Procédé, appareil et dispositif de prise en charge de sélection de réseau, et support de stockage lisible - Google Patents

Procédé, appareil et dispositif de prise en charge de sélection de réseau, et support de stockage lisible Download PDF

Info

Publication number
WO2022166891A1
WO2022166891A1 PCT/CN2022/075020 CN2022075020W WO2022166891A1 WO 2022166891 A1 WO2022166891 A1 WO 2022166891A1 CN 2022075020 W CN2022075020 W CN 2022075020W WO 2022166891 A1 WO2022166891 A1 WO 2022166891A1
Authority
WO
WIPO (PCT)
Prior art keywords
list
network
certificate
certificates
subscriptions
Prior art date
Application number
PCT/CN2022/075020
Other languages
English (en)
Chinese (zh)
Inventor
柯小婉
Original Assignee
维沃移动通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 维沃移动通信有限公司 filed Critical 维沃移动通信有限公司
Publication of WO2022166891A1 publication Critical patent/WO2022166891A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/02Access restriction performed under specific conditions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/18Selecting a network or a communication service

Definitions

  • the present application belongs to the field of communication technologies, and in particular relates to a method, apparatus, device and readable storage medium for supporting network selection.
  • a terminal for example, a user terminal (User Equipment, UE)
  • UE User Equipment
  • a terminal wishes to temporarily access the first network to obtain the certificate and/or subscription of the first object.
  • the problem of how to select the first network is an urgent problem to be solved.
  • Embodiments of the present application provide a method, apparatus, device, and readable storage medium for supporting network selection, so as to solve the problem of how to select a network for downloading a certificate and/or signing a subscription.
  • a method for supporting network selection executed by a first communication device, including:
  • first information includes: a first list, a second list and/or first indication information
  • the first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include at least one of the following: the first communication device can be limited access, enabling the first communication device to obtain a certificate and/or to sign a contract, and the first communication device can access by using a default certificate;
  • the first list includes at least one of the following:
  • the second list includes one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the second list include at least one of the following: the first communication device cannot access , the first communication device cannot obtain a certificate and/or sign a contract, and the first communication device cannot access using the default certificate;
  • the second list includes at least one of the following:
  • the network list includes one or more network objects, or identification information of one or more network objects; the network objects include networks and/or network groups;
  • the first indication information is used to indicate at least one of the following:
  • a method for supporting network selection is provided, performed by a second communication device, including:
  • the first indication information is used to indicate at least one of the following:
  • a method for supporting network selection is provided, executed by a third communication device, including:
  • the first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include at least one of the following: the first communication device can be limited access, enabling the first communication device to obtain a certificate and/or to sign a contract, and the first communication device can access by using a default certificate;
  • the first list includes at least one of the following:
  • the second list includes one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the second list include at least one of the following: the first communication device cannot access , the first communication device cannot obtain a certificate and/or sign a contract, and the first communication device cannot access using the default certificate;
  • the second list includes at least one of the following:
  • the network list includes one or more network objects, or the network list includes identification information of one or more network objects, and the network objects include networks and/or network groups.
  • an apparatus for supporting network selection is provided, which is executed by a first communication device, including:
  • a first obtaining module configured to obtain first information, where the first information includes: a first list, a second list and/or first indication information;
  • a selection module configured to select a network according to the first information
  • the first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include at least one of the following: the first communication device can be limited access, enabling the first communication device to obtain a certificate and/or to sign a contract, and the first communication device can access by using a default certificate;
  • the first list includes at least one of the following:
  • the second list includes one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the second list include at least one of the following: the first communication device cannot access , the first communication device cannot obtain a certificate and/or sign a contract, and the first communication device cannot access using the default certificate;
  • the second list includes at least one of the following:
  • the network list includes one or more network objects, or identification information of one or more network objects; the network objects include networks and/or network groups;
  • the first indication information is used to indicate at least one of the following:
  • a fifth aspect provides an apparatus for supporting network selection, which is applied to a second communication device, including:
  • a first sending module configured to send the first indication information
  • the first indication information is used to indicate at least one of the following:
  • an apparatus for supporting network selection is provided, applied to a third communication device, including:
  • a second sending module configured to send the first list and/or the second list
  • the first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include at least one of the following: the first communication device can be limited access, enabling the first communication device to obtain a certificate and/or to sign a contract, and the first communication device can access by using a default certificate;
  • the first list includes at least one of the following:
  • the second list includes one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the second list include at least one of the following: the first communication device cannot access , the first communication device cannot obtain a certificate and/or sign a contract, and the first communication device cannot access using the default certificate;
  • the second list includes at least one of the following:
  • the network list includes one or more network objects, or the network list includes identification information of one or more network objects, and the network objects include networks and/or network groups.
  • a terminal comprising: a processor, a memory, and a program stored on the memory and executable on the processor, the program being executed by the processor to implement the method described in the first aspect steps of the method described.
  • a network-side device including: a processor, a memory, and a program stored on the memory and executable on the processor, the program being executed by the processor to achieve the second The steps of the method of aspect or third aspect.
  • a readable storage medium is provided, and a program or an instruction is stored on the readable storage medium, and when the program or instruction is executed by a processor, the steps of the above-mentioned method are implemented.
  • a computer program product is provided, the computer program product being stored in a non-volatile storage medium, the computer program product being executed by at least one processor to implement the steps of the method as described above.
  • a chip in an eleventh aspect, includes a processor and a communication interface, the communication interface is coupled to the processor, and the processor is configured to run a program or an instruction to implement the steps of the above method .
  • the first communication device is supported to confirm and select a network for downloading a certificate and/or signing a contract.
  • FIG. 1 is a schematic diagram of a wireless communication system to which an embodiment of the present application can be applied;
  • FIG. 4 is the third flowchart of the method for supporting network selection provided by an embodiment of the present application.
  • FIG. 5 is a fourth flowchart of a method for supporting network selection provided by an embodiment of the present application.
  • FIG. 6 is one of the schematic diagrams of the apparatus for supporting network selection provided by an embodiment of the present application.
  • FIG. 7 is a second schematic diagram of an apparatus for supporting network selection provided by an embodiment of the present application.
  • FIG. 8 is a third schematic diagram of an apparatus for supporting network selection provided by an embodiment of the present application.
  • FIG. 9 is a schematic diagram of a terminal provided by an embodiment of the present application.
  • FIG. 10 is a schematic diagram of a network side device according to an embodiment of the present application.
  • first, second and the like in the description and claims of the present application are used to distinguish similar objects, and are not used to describe a specific order or sequence. It is to be understood that the data so used are interchangeable under appropriate circumstances so that the embodiments of the present application can be practiced in sequences other than those illustrated or described herein, and "first”, “second” distinguishes Usually it is a class, and the number of objects is not limited.
  • the first object may be one or multiple.
  • “and/or” in the description and claims refers to at least one of the connected objects, and the character “/" generally indicates that the contextual objects are in an "and/or” relationship.
  • LTE Long Term Evolution
  • LTE-Advanced LTE-Advanced
  • LTE-A Long Term Evolution
  • CDMA Code Division Multiple Access
  • TDMA Time Division Multiple Access
  • FDMA Frequency Division Multiple Access
  • OFDMA Orthogonal Frequency Division Multiple Access
  • SC-FDMA Single-carrier Frequency-Division Multiple Access
  • system and “network” in the embodiments of the present application are often used interchangeably, and the described technology can be used not only for the above-mentioned systems and radio technologies, but also for other systems and radio technologies.
  • NR New Radio
  • NR terminology is used in most of the following description, although these techniques are also applicable to applications other than NR system applications, such as 6th generation ( 6th Generation, 6G) communication system.
  • FIG. 1 shows a block diagram of a wireless communication system to which the embodiments of the present application can be applied.
  • the wireless communication system includes a terminal 11 and a network-side device 12 .
  • the terminal 11 may also be called a terminal device or a user terminal (User Equipment, UE), and the terminal 11 may be a mobile phone, a tablet computer (Tablet Personal Computer), a laptop computer (Laptop Computer) or a notebook computer, a personal digital computer Assistant (Personal Digital Assistant, PDA), PDA, Netbook, Ultra-Mobile Personal Computer (UMPC), Mobile Internet Device (Mobile Internet Device, MID), Wearable Device (Wearable Device) or vehicle-mounted device (Vehicle User Equipment, VUE), pedestrian terminal (Pedestrian User Equipment, PUE) and other terminal-side devices, wearable devices include: bracelets, headphones, glasses, etc.
  • the network side device 12 may be a base station or a core network, wherein the base station may be referred to as a Node B, an evolved Node B, an access point, a Base Transceiver Station (BTS), a radio base station, a radio transceiver, a basic service Set (Basic Service Set, BSS), Extended Service Set (Extended Service Set, ESS), Node B, Evolved Node B (eNB), Home Node B, Home Evolved Node B, Wireless Local Area Networks (WLAN) ) access point, wireless fidelity (Wireless Fidelity, WiFi) node, transmitting and receiving point (Transmitting Receiving Point, TRP) or some other suitable term in the field, as long as the same technical effect is achieved, the base station is not limited to For specific technical terms, it should be noted that in the embodiments of this application, only the base station in the NR system is used as an example,
  • a terminal eg, UE
  • a terminal can access a public land mobile network (Public Land Mobile Network, PLMN) or an independent non-public network (Standalone Non-Public Network, SNPN) 1 to download the certificate of the first object (eg SNPN2 certificate, or, for secondary authentication and/or authorization).
  • PLMN Public Land Mobile Network
  • SNPN independent non-public network
  • the UE does not have a certificate of SNPN1 (such as a certificate for unrestricted access)
  • the SNPN1 supports the function of the first access mode (such as onboarding)
  • O-SNPN Onboarding SNPN for short
  • the first access manner may be an access manner in which the certificate of the first network is acquired through a restricted access network and/or through the network.
  • the UE When accessing the Onboarding SNPN, the UE does not have an O-SNPN certificate (no certificate for unrestricted access), and uses a default certificate (Default credential, such as a certificate for restricted access) to access O- SNPN, and an onboarding indication is to be provided to illustrate the specificity of the UE's registration type. Therefore, in the scenario of O-SNPN, it includes two functions:
  • the cell of the O-SNPN may broadcast an onboarding indication for the UE to select the O-SNPN and obtain the certificate and/or subscription of the first object.
  • the PLMN or SNPN3 may not support the function of (1), Instead, only the functions of (2) can be supported. Therefore, if the PLMN or SNPN3 wants to broadcast the capabilities of the network, it is not suitable to broadcast the indication information for indicating that onboarding is supported. Therefore, the following problems have to be solved.
  • Question 1 How does the UE access and select a network (such as PLMN and SNPN3) that already has the certificate and/or subscription for unrestricted access to download the certificate of the SNPN.
  • a network such as PLMN and SNPN3
  • the optional solution is as follows:
  • the network side does not broadcast the indication information to indicate that onboarding is supported, but broadcasts the first indication information, which can be used to indicate one of the following: the first indication information to support the configuration certificate and/or the subscription, and to support the unrestricted access based on the first indication information.
  • the first list is configured on the UE.
  • the UE can access the network in the first list to obtain the certificate and/or subscription of the first object, and the first list may be a PLMN and/or SNPN type network to form a mixed list.
  • the terminal may select a network according to the first list and the first indication information.
  • the first list may include at least one of the following:
  • configuring the certificate and/or subscription by means of the control plane includes obtaining the certificate and/or subscription of the network through control plane signaling. It is not difficult to understand that the terminal needs to have the ability to obtain the certificate and/or the subscription through the control plane, and the first network needs to have the ability to configure the certificate and/or the subscription through the control plane.
  • the first network is the network in the first list.
  • configuring the network list of the certificate and/or subscription in a user plane manner includes obtaining the certificate and/or subscription of the network through a data channel.
  • the terminal establishes a data channel in the first network, and the terminal connects to a configuration server in the data network through the data channel to obtain the certificate and/or contract of the first object. Therefore, the terminal needs to have the ability to obtain a certificate and/or a subscription through the user plane.
  • the terminal needs to obtain the address information of the configuration server from the first network (the first network is the network in the first list).
  • the first network needs to have a certificate configured in a user plane manner and/or a subscription to support this.
  • obtaining or obtaining may be understood as obtaining from configuration, receiving, receiving after request, obtaining through self-learning, deriving and obtaining according to unreceived information, or obtaining according to received
  • the information obtained after processing can be determined according to actual needs, which is not limited in this embodiment of the present application. For example, when a certain capability indication information sent by the device is not received, it can be deduced that the device does not support the capability.
  • the sending may include broadcasting, broadcasting in the system message, and returning after responding to the request.
  • able can represent at least one of the following: allow, support, inclination, and preferentially have ability.
  • Impossible can mean at least one of the following: not allowed, not supported, not allowed, not inclined, not capable.
  • the first access mode includes at least one of the following: an access mode for accessing a network for obtaining a certificate and/or signing a contract, using a restricted access network access mode, The access method of using the default certificate to access the network;
  • the manner of using a restricted access network for downloading the certificate for accessing the first object, or the manner of accessing the network for downloading the certificate for accessing the first object may be called onboarding.
  • the first object includes the A network
  • the first network and the A network may be the same network or different networks.
  • the first network is a network accessed by the terminal, such as a currently accessed network.
  • the first server is used to configure the terminal with the certificate of the first object and/or the server for signing up.
  • the supporting configuration of certificates and/or subscriptions is used to further indicate at least one of the following: supporting configuration of certificates and/or subscriptions by means of a control plane, supporting configuration of certificates by means of user planes and/or contract.
  • the configuration certificate and/or subscription not supported is used to further indicate that the configuration of the certificate and/or subscription by means of the control plane is not supported, and the configuration of the certificate and/or subscription by means of the user plane is not supported. or contract.
  • the obtaining of the certificate and/or the contract is to obtain the certificate and/or the contract remotely.
  • the The provider of the certificate and/or contract is the first entity.
  • the first entity is an entity in a data network (Data Network, DN) or an entity (entity) outside the network accessed by the terminal.
  • the provider of the certificate and/or subscription is one of the following: an entity outside the network in the first list, an entity outside the network accessed by the terminal, data Entities in the network (DN), entities in other networks.
  • the entity in the data network may be an application server, a certificate and/or a contracted configuration server in the data network.
  • the objectives of a terminal accessing the network include obtaining a certificate and/or signing up.
  • the certificate and/or subscription is the certificate and/or subscription of the network accessed by the terminal.
  • the certificate and/or subscription of the network accessed by the terminal includes at least one of the following: the certificate and/or subscription of the terminal for the unrestricted access network, the certificate and/or the subscription of the terminal for the restricted access network.
  • the certificate and/or subscription includes at least one of the following: a certificate and/or subscription for unrestricted access, a certificate and/or a subscription for restricted access or subscription, certificate and/or subscription for primary authentication and/or authorization, certificate and/or subscription for non-primary authentication and/or authorization.
  • Primary authentication (such as Primary Authentication) may include: Authentication and Key Agreement (AKA), for example, 5th generation (5G) AKA, an extensible authentication protocol (Extensible Authentication Protocol, EAP) AKA.
  • AKA Authentication and Key Agreement
  • 5G 5th generation
  • EAP extensible authentication protocol
  • non-primary authentication and/or authorization includes at least one of the following: secondary authentication and/or authorization (Secondary authentication/authorization), slice-related authentication and/or authorization (Network Slice-Specific Authentication and Authorization, NSSAA).
  • Secondary authentication and/or authorization Secondary authentication/authorization
  • slice-related authentication and/or authorization NSSAA
  • the terminal may use a certificate (such as a default certificate) for a restricted access network and/or subscribe to access the first network, and then obtain the unrestricted access to the first object (including network A) through the first network. Access-restricted credentials and/or subscriptions.
  • the A network is the same as or different from the first network.
  • obtaining the certificate and/or signing through the control plane and/or configuring the certificate and/or signing through the control plane includes at least one of the following: a first entity, accessing through a terminal The terminal obtains the certificate and/or the subscription from the first entity through the control plane signaling of the network accessed by the terminal;
  • obtaining a certificate and/or signing a contract through a user plane method and/or configuring a certificate and/or signing a contract through a user plane method includes at least one of the following: the terminal establishes data on the network accessed by the terminal The channel, through the data channel, obtains the certificate and/or the contract from the first entity; or the first entity configures the certificate and/or the contract for the terminal through the data channel established by the terminal in the access network.
  • the data channel includes at least one of the following: the data channel may include but is not limited to one of the following: a protocol data unit (Protocol Data Unit, PDU) session, a public data network (Public Data Network, PDN) connection, quality of service (Quality of Service, QoS) flow, bearer, Internet Protocol Security (Internet Protocol Security, IPsec) channel, wherein, the bearer can be an evolved radio access bearer (Evolved Radio Access Bearer, E- RAB), radio access bearer (Evolved Radio Access Bearer, RAB), data radio bearer (Data Radio Bearer, DRB), signaling radio bearer (signalling radio bearers, SRB) and so on.
  • E- RAB evolved radio access bearer
  • RAB radio access bearer
  • DRB Data Radio Bearer
  • SRB signaling radio bearer
  • the network that is allowed to access by using the default certificate includes that the terminal uses the terminal identifier corresponding to the default certificate to access the network that can obtain a restricted connection.
  • the default credentials include credentials for restricted access.
  • restricted access and restricted connection have the same meaning and can be used in combination.
  • the restricted access includes at least one of the following: only the first data channel is allowed to be established, the establishment of data channels other than the first data channel is not allowed, only the certificate and/or contract is allowed, and the Businesses other than getting a certificate and/or contracting.
  • the first data channel is used to obtain a certificate and/or a contracted data channel.
  • the certificate and/or subscription of the first object may be obtained through the restricted access.
  • the restricted access includes restricted control plane access and/or restricted user plane access.
  • the restricted connection includes a restricted control plane connection and/or a restricted user plane connection. Credentials and/or subscriptions may be obtained through the restricted connection.
  • the network that can be accessed by using the default certificate includes using the terminal identification corresponding to the default certificate to access the network and passing the authentication and/or authorization of the network through the default certificate.
  • the networks in the first list include networks mapped by the network group in the first list.
  • a netgroup can be mapped to one or more nets.
  • the network in the list of networks that can configure certificates and/or subscriptions includes that the first communication device can access restricted, and enables the first communication device Network to obtain a certificate and/or sign up.
  • the characteristics of the networks in the first list include that the first communication device can access restricted, and can enable the first communication device to obtain a certificate and/or contracted network.
  • the subscription includes subscription data (subscription data), such as slice information, a data network name (Data Network Name, DNN), and the like.
  • the A network is used to refer to a network in general, or to refer to one or more networks in particular.
  • the certificate and/or subscription of the first object includes a certificate and/or subscription for accessing the first object.
  • the credentials and/or subscriptions for accessing the first object include at least one of the following: credentials and/or subscriptions for unrestricted access to the first object, credentials and/or subscriptions for restricted access to the first object contract.
  • the certificate and/or subscription of the A network includes a certificate and/or a subscription for accessing the A network.
  • the certificate and/or subscription for accessing the A network includes at least one of the following: a certificate and/or subscription for unrestricted access to the A network, and a certificate and/or subscription for restricted access to the A network.
  • configuring a certificate and/or a subscription for the first communication device includes causing the first communication device to obtain a certificate and/or a subscription.
  • causing the first communication device to obtain a certificate and/or a subscription includes: configuring a certificate and/or a subscription for the first communication device.
  • causing the first communication device to obtain the certificate and/or the subscription through the control plane method includes: configuring the certificate and/or the subscription for the first communication device through the control plane method.
  • causing the first communication device to obtain the certificate and/or subscription through the user plane method includes: configuring the certificate and/or the subscription through the user plane method for the first communication device.
  • causing the first communication device to obtain the certificate and/or contract of the first object through a control plane method includes: configuring the first communication device through a control plane method with the certificate and/or the first object's certificate contract.
  • enabling the first communication device to obtain the first object's certificate and/or signing the contract through the user plane method includes: configuring the first object's certificate and/or the first object's certificate for the first communication device through the user plane method. contract.
  • configuring a certificate and/or signing a contract for the first communication device includes: causing the first communication device to obtain a certificate and/or signing a contract includes: .
  • configuring the certificate and/or signing the first communication device through the control plane method includes: causing the first communication device to obtain the certificate and/or signing the contract through the control plane method includes:
  • configuring the certificate and/or signing the first communication device through the user plane method includes: causing the first communication device to obtain the certificate and/or signing the contract through the user plane method includes:
  • configuring the certificate and/or subscription of the first object for the first communication device through the control plane method includes causing the first communication device to obtain the certificate and/or subscription of the first object through the control plane method .
  • configuring the certificate and/or signing of the first object for the first communication device through the user plane method includes: enabling the first communication device to obtain the certificate and/or the first object's certificate through the user plane method. contract. It is not difficult to understand that when the certificate and/or subscription of the first network is provided by an entity other than the network accessed by the terminal, the configuring the certificate and/or the subscription for the first communication device may be understood as making the first communication The communication device obtains the certificate and/or the subscription of the first object by means of the user plane.
  • an embodiment of the present application provides a method for supporting network selection, which is performed by a first communication device, where the first communication device includes but is not limited to a terminal (UE).
  • the specific steps include: step 201 and step 202 .
  • Step 201 Obtain first information, where the first information includes: a first list, a second list and/or first indication information;
  • Step 202 Select a network according to the first information
  • the first list includes one of the following:
  • the characteristics of the networks in the first list include at least one of the following:
  • the first communication device is capable of restricted access
  • the first communication device can access by using the default certificate
  • the characteristics of the networks in the first list include networks to which the first communication device can access restricted and enable the first communication device to obtain a certificate and/or a subscription.
  • the default credentials include credentials for the restricted access mode.
  • the first list includes at least one of the following:
  • the characteristics of the networks in the list of networks that can be configured with certificates and/or subscribed include one of the following: the first communication device is capable of restricted access and enables the first communication device to obtain a certificate and/or contract, the first communication device can access by using the default certificate.
  • the second list includes:
  • the characteristics of the networks in the second list include at least one of the following:
  • the first communication device cannot be accessed
  • the first communication device cannot be made to obtain a certificate and/or a contract
  • the second list includes at least one of the following:
  • the network list includes:
  • the network object includes a network and/or a network group
  • the first indication information is used to indicate at least one of the following:
  • the first communication device obtains the first list and/or the second list through pre-configuration. In another implementation manner, the first communication device obtains the first list and/or the second list from the accessed network or the first server.
  • the first server is a server that configures a certificate and/or a subscription for the first communication device.
  • the certificate and/or contract includes at least one of the following: a certificate and/or a contract for the first object; a certificate and/or a contract for primary authentication and/or authorization , for certificates and/or signings other than primary authentication and/or authorization;
  • the non-primary authentication and/or authorization includes at least one of the following: secondary authentication and/or authorization (Secondary authentication/authorization), slice-related authentication and/or authorization (Network Slice-Specific Authentication and Authorization, NSSAA).
  • Secondary authentication and/or authorization Secondary authentication/authorization
  • slice-related authentication and/or authorization Network Slice-Specific Authentication and Authorization, NSSAA.
  • the first object includes at least one of the following: A network, a first entity, a network accessed by the first communication device, primary authentication and/or authorization, and non-primary authentication and/or authorization;
  • the first entity includes one of the following: an entity in a data network, an entity outside the network accessed by the first communication device;
  • the A network is the same as or different from the network in the first list
  • the A network is the same as or different from the network in the second list;
  • the A network is the same as or different from the network accessed by the first communication device; and/or,
  • the obtaining of the certificate and/or signing includes at least one of the following: obtaining the certificate and/or signing through the control plane, and obtaining the certificate and/or signing through the user plane;
  • the list of networks capable of configuring certificates and/or subscriptions includes at least one of the following: a list of networks capable of configuring certificates and/or subscriptions in a control plane manner, and a list of networks capable of configuring certificates and/or subscriptions in a user plane manner;
  • the characteristics of the networks in the list of networks that can configure certificates and/or subscriptions by means of the control plane include one of the following: the first communication device can have restricted access, and the first communication device can The certificate and/or the subscription is obtained by means of the control plane, and the first communication device can access by using the default certificate.
  • the characteristics of the networks in the list of networks that can be configured with certificates and/or subscriptions in a user plane manner include one of the following: the first communication device can have restricted access, and the first communication device can Obtaining the certificate and/or signing the contract through the user plane, the first communication device can access by using the default certificate.
  • enabling the first communication device to obtain a certificate and/or signing a contract includes at least one of the following: enabling the first communication device to obtain a certificate and/or To sign a contract, the first communication device can obtain a certificate and/or a contract through a user plane method.
  • the certificate and/or subscription of the first object includes a certificate and/or subscription for accessing the first object.
  • the first list is a first list corresponding to the first object, and the first lists corresponding to different first objects are the same or different;
  • the second list is a second list corresponding to the first object, and the second lists corresponding to different first objects are the same or different;
  • the list of networks capable of configuring certificates and/or subscriptions includes: a list of networks capable of configuring certificates and/or subscriptions of the first object;
  • the list of networks for which the certificate and/or subscription cannot be configured includes: the list of networks for which the certificate and/or subscription of the first object cannot be configured;
  • the enabling of the first communication device to obtain the certificate and/or the contract includes: enabling the first communication device to obtain the certificate and/or the contract of the first object;
  • the inability to enable the first communication device to obtain the certificate and/or the contract includes: the inability to enable the first communication device to obtain the certificate and/or the contract of the first object.
  • the first list corresponding to the first object includes: a first list corresponding to the first object through the control plane, and the first object corresponding to the user the first list of face modes;
  • the first list corresponding to the first object through the control plane method and the first list through the user plane method corresponding to the first object are the same or different;
  • the network corresponding to the first object in the first list by means of the control plane includes a network capable of enabling the first communication device to obtain the certificate and/or subscription of the first object by means of the control plane;
  • the network corresponding to the first object in the first list through the user plane method includes a network that enables the first communication device to obtain the certificate and/or subscription of the first object through the user plane method;
  • the second list corresponding to the first object includes: a second list corresponding to the first object through a control plane method, and a second list corresponding to the first object through a user plane method;
  • the second list corresponding to the first object through the control plane method and the second list corresponding to the first object through the user plane method are the same or different;
  • the networks in the second list by means of the control plane corresponding to the first object include networks that cannot enable the first communication device to obtain the certificate and/or subscription of the first object by means of the control plane;
  • the networks in the second list corresponding to the first object through the user plane method include networks that cannot enable the first communication device to obtain the certificate and/or subscription of the first object through the user plane method;
  • the list of networks that can configure the certificate and/or subscription of the first object includes at least one of the following: a list of networks that can configure the certificate and/or subscription of the first object through the control plane, and the certificate of the first object can be configured through the user plane. and/or a list of contracted networks;
  • the list of networks for which the certificate and/or subscription of the first object cannot be configured includes at least one of the following: a list of the subject's credentials and/or contracted networks;
  • the ability to enable the first communication device to obtain the certificate and/or the contract of the A object includes at least one of the following: enabling the first communication device to obtain the certificate and/or the contract of the first object by means of a control plane, enabling the first communication device to obtain the certificate and/or contract of the first object The first communication device obtains the certificate and/or the subscription of the first object by means of the user plane;
  • the inability to enable the first communication device to obtain the certificate and/or the contract of the A object includes at least one of the following: the first communication device cannot be enabled to obtain the certificate and/or the contract of the first object by means of the control plane; The first communication device is caused to obtain the certificate and/or subscription of the first object through the user plane.
  • the network type of the network in the first list, the network type of the network in the second list, and/or the network type of the A network include at least one of the following: a public network, Non-public network, PLMN, non-independent non-public network (Public Network Integrated Non-Public Network, PNI-NPN), SNPN.
  • the obtaining the first indication information includes:
  • the first indication information is broadcast from the cell or received from the second communication device.
  • the method further includes:
  • the selecting a network according to the first information includes: selecting the first network when the first condition is satisfied;
  • the first condition includes at least one of the following:
  • the first network is a network in the first list
  • the first indication information is obtained from the first network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions; support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;
  • the terminal needs to obtain the certificate and/or contract of the first object
  • the first list includes at least one of the following: a list of networks that can configure the certificate and/or subscription of the first object; a first list corresponding to the first object; the networks in the first list can enable the first communication device to obtain The certificate and/or subscription of the first object; the list of allowed networks corresponding to the certificate and/or subscription of the first object;
  • the first network has the highest priority in the first list
  • the first communication device is within the coverage of the first network or the first communication device can monitor the signal of the first network.
  • the selecting a network according to the first information includes:
  • the second network is selected
  • the second condition includes at least one of the following:
  • the second network is not a network in the second list
  • the first indication information is obtained from the second network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions; support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;
  • the terminal needs to obtain the certificate and/or contract of the first object
  • the second list includes at least one of the following: a list of networks that cannot configure the certificate and/or subscription of the first object; a second list corresponding to the first object; the networks in the second list cannot enable the first communication
  • the device obtains the certificate and/or subscription of the first object; the list of disallowed networks corresponding to the certificate and/or subscription of the first object;
  • the first communication device is out of coverage of any network in the first list or the first communication device cannot monitor the signal of any network in the first list.
  • the networks in the first list are sorted by priority.
  • the selecting a network according to the first information includes:
  • the third condition includes at least one of the following:
  • the third network is a network in the first list
  • the first indication information is obtained from the third network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions; support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;
  • the terminal needs to obtain the certificate and/or contract of the first object
  • the first list includes at least one of the following: a first list corresponding to the first object in a control plane manner, a list of networks that can configure the certificate and/or subscription of the first object in a control plane manner; networks in the first list
  • the first communication device can be enabled to obtain the certificate and/or subscription of the first object through the control plane; the first communication device is within the coverage of the third network or the first communication device can monitor the signal of the third network ;
  • the fourth condition includes at least one of the following:
  • the fourth network is a network in the first list
  • the first indication information is obtained from the fourth network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions, support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;
  • the terminal needs to obtain the certificate and/or contract of the first object
  • the first list includes at least one of the following: a first list corresponding to the first object through a user plane method, and a network list of certificates and/or subscriptions of the first object that can be configured through a user plane method; the first list The networks in the list can enable the first communication device to obtain the certificate and/or subscription of the first object through the user plane;
  • the first communication device is within the coverage of the fourth network or the first communication device can monitor the signal of the fourth network.
  • the first communication device is instructed to select a network for downloading the certificate and/or signing the contract through the first indication information.
  • the first communication device may select a network for downloading a certificate and/or signing a subscription according to the first information.
  • an embodiment of the present application provides a method for supporting network selection, which is performed by a second communication device, where the second communication device includes but is not limited to one of the following: a RAN network element, a CN network element (such as access and mobility Management function (Access and Mobility Management Function, AMF), session management function (Session Management Function, SMF)), the specific steps include:
  • Step 301 Send first indication information
  • the first indication information is used to indicate at least one of the following:
  • the first indication information is broadcast through a cell system message.
  • the second communication device is a communication device in the first network or the second network
  • the first communication device is instructed to select a network for downloading the certificate and/or signing the contract through the first indication information.
  • an embodiment of the present application provides a method for supporting network selection, which is performed by a third communication device, where the third communication device includes but is not limited to one of the following: a RAN network element, a CN network element (such as AMF, SMF),
  • the first server, the first entity, the specific steps include:
  • Step 401 Send the first list and/or the second list
  • the first list includes:
  • the first communication device is capable of restricted access
  • the first communication device can access by using the default certificate
  • the networks in the first list include networks to which the first communication device can access restricted and enable the first communication device to obtain a certificate and/or a subscription.
  • the first list includes at least one of the following:
  • the characteristics of the networks in the list of networks that can be configured with certificates and/or subscribed include one of the following: the first communication device is capable of restricted access and enables the first communication device to obtain a certificate and/or contract, the first communication device can access by using the default certificate.
  • the second list includes:
  • the first communication device cannot be accessed
  • the first communication device cannot be made to obtain a certificate and/or a contract
  • the second list includes at least one of the following:
  • the network list includes one or more network objects, or identification information of one or more network objects, and the network objects include networks and/or network groups.
  • the certificate and/or subscription includes at least one of the following: a certificate and/or a contract for the first object; a certificate and/or a certificate for primary authentication and/or authorization Contracts, certificates and/or contracts for non-primary certification and/or authorization;
  • the first object includes at least one of the following: A network, a first entity, a network accessed by the first communication device, primary authentication and/or authorization, and non-primary authentication and/or authorization;
  • the first entity includes one of the following: an entity in a data network, an entity outside the network accessed by the first communication device;
  • the A network is the same as or different from the network in the first list
  • the A network is the same as or different from the network in the second list.
  • the A network is the same as or different from the network accessed by the first communication device;
  • the obtaining of the certificate and/or signing includes at least one of the following: obtaining the certificate and/or signing through the control plane, and obtaining the certificate and/or signing through the user plane;
  • the list of networks capable of configuring certificates and/or subscriptions includes at least one of the following: a list of networks capable of configuring certificates and/or subscriptions in a control plane manner, and a list of networks capable of configuring certificates and/or subscriptions in a user plane manner;
  • the characteristics of the networks in the list of networks that can configure certificates and/or subscriptions by means of the control plane include one of the following: the first communication device can have restricted access, and the first communication device can The certificate and/or the subscription is obtained by means of the control plane, and the first communication device can access by using the default certificate.
  • the characteristics of the networks in the list of networks that can be configured with certificates and/or subscriptions in a user plane manner include one of the following: the first communication device can have restricted access, and the first communication device can Obtaining the certificate and/or signing the contract through the user plane, the first communication device can access by using the default certificate.
  • enabling the first communication device to obtain a certificate and/or signing a contract includes at least one of the following: enabling the first communication device to obtain a certificate and/or signing a contract through a control plane, enabling the first communication device to obtain a certificate and/or signing a contract; A communication device obtains a certificate and/or a subscription through the user plane.
  • the network type of the network in the first list, the network type of the network in the second list, and/or the network type of the A network include at least one of the following: a public network, Non-public network, PLMN, PNI NPN, SNPN.
  • the networks in the first list are sorted by priority.
  • the first communication device is instructed to select a network for downloading the certificate and/or signing the contract through the first list and/or the second list.
  • Step 1 Configure the terminal to obtain the first object (eg, SNPN2) certificate and/or the first list corresponding to the subscription (eg, a mixed network list of SNPN and PLMN).
  • the first object eg, SNPN2
  • the first list corresponding to the subscription eg, a mixed network list of SNPN and PLMN.
  • Step 2 Receive the first indication information sent by the second communication device (such as the RAN network element or the CN network element);
  • Step 3 Select a network according to the first list and the first indication information.
  • step 3 reference may be made to the description of the embodiment shown in FIG. 2 . ⁇ 1st>
  • an embodiment of the present application provides an apparatus for supporting network selection, which is applied to a first communication device.
  • the apparatus 600 includes:
  • a first obtaining module 601 configured to obtain first information, where the first information includes: a first list, a second list and/or first indication information;
  • a selection module 602 configured to select a network according to the first information
  • the first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include the following At least one item: the first communication device is capable of restricted access, enabling the first communication device to obtain a certificate and/or signing a contract, and the first communication device can access by using a default certificate;
  • the first list includes at least one of the following:
  • the networks in the list of networks that can be configured with certificates and/or subscriptions include networks that the first communication device can access restricted and enable the first communication device to obtain certificates and/or subscriptions. network.
  • the second list includes one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the second list include at least the following: Item 1: the first communication device cannot be accessed, the first communication device cannot be made to obtain a certificate and/or a contract, and the first communication device cannot access using a default certificate;
  • the second list includes at least one of the following:
  • the network list includes one or more network objects, or identification information of one or more network objects; the network objects include networks and/or network groups;
  • the first indication information is used to indicate at least one of the following:
  • the first communication device obtains the first list and/or the second list through pre-configuration.
  • the credentials and/or subscriptions of the first object include credentials and/or subscriptions for accessing the first object.
  • the first communication device obtains the first list and/or the second list through pre-configuration.
  • the credentials and/or subscriptions of the first object include credentials and/or subscriptions for accessing the first object.
  • the certificate and/or contract includes at least one of the following: a certificate and/or a contract for the first object; a certificate and/or a contract for primary authentication and/or authorization , for certificates and/or signings other than primary authentication and/or authorization;
  • the first object includes at least one of the following: A network, a first entity, a network accessed by the first communication device, primary authentication and/or authorization, and non-primary authentication and/or authorization;
  • the first entity includes one of the following: an entity in a data network, an entity outside the network accessed by the first communication device;
  • the A network is the same as or different from the network in the first list
  • the A network is the same as or different from the network in the second list;
  • the A network is the same as or different from the network accessed by the first communication device;
  • the obtaining of the certificate and/or signing includes at least one of the following: obtaining the certificate and/or signing through the control plane, and obtaining the certificate and/or signing through the user plane;
  • the list of networks capable of configuring certificates and/or subscriptions includes at least one of the following: a list of networks capable of configuring certificates and/or subscriptions in a control plane manner, and a list of networks capable of configuring certificates and/or subscriptions in a user plane manner;
  • Enabling the first communication device to obtain a certificate and/or signing a contract includes at least one of the following: enabling the first communication device to obtain a certificate and/or signing a contract through a control plane, enabling the first communication device to obtain a certificate and/or signing through a user plane way to obtain a certificate and/or contract.
  • the first list is a first list corresponding to the first object, and the first lists corresponding to different first objects are the same or different;
  • the second list is a second list corresponding to the first object, and the second lists corresponding to different first objects are the same or different;
  • the list of networks capable of configuring certificates and/or subscriptions includes: a list of networks capable of configuring certificates and/or subscriptions of the first object;
  • the list of networks for which the certificate and/or subscription cannot be configured includes: the list of networks for which the certificate and/or subscription of the first object cannot be configured;
  • the enabling of the first communication device to obtain the certificate and/or the contract includes: enabling the first communication device to obtain the certificate and/or the contract of the first object;
  • the inability to enable the first communication device to obtain the certificate and/or the contract includes: the inability to enable the first communication device to obtain the certificate and/or the contract of the first object.
  • the first list corresponding to the first object includes: a first list corresponding to the first object through the control plane, and the first object corresponding to the user the first list of face modes;
  • the first list corresponding to the first object through the control plane method and the first list through the user plane method corresponding to the first object are the same or different;
  • the networks in the first list by means of the control plane corresponding to the first object include: networks capable of enabling the first communication device to obtain the certificate and/or subscription of the first object by means of the control plane;
  • the network corresponding to the first object in the first list through the user plane method includes: a network capable of enabling the first communication device to obtain the certificate and/or subscription of the first object through the user plane method;
  • the second list corresponding to the first object includes: a second list corresponding to the first object through a control plane method, and a second list corresponding to the first object through a user plane method;
  • the second list corresponding to the first object through the control plane method and the second list corresponding to the first object through the user plane method are the same or different;
  • the networks in the second list by means of the control plane corresponding to the first object include networks that cannot enable the first communication device to obtain the certificate and/or subscription of the first object by means of the control plane;
  • the networks in the second list corresponding to the first object through the user plane method include networks that cannot enable the first communication device to obtain the certificate and/or subscription of the first object through the user plane method;
  • the list of networks that can configure the certificate and/or subscription of the first object includes at least one of the following: a list of networks that can configure the certificate and/or subscription of the first object in a control plane mode, and a list of networks that can configure the certificate and/or subscription of the first object in a user plane mode. the certificate and/or contracted network list of the first object;
  • the list of networks for which the certificate and/or contract of the first object cannot be configured includes at least one of the following: the list of networks for which the certificate and/or the contract of the first object cannot be configured through the control plane, and the list of networks that cannot be configured through the user plane way to configure the certificate and/or contracted network list of the first object;
  • the enabling of the first communication device to obtain the certificate and/or the contract of the first object includes at least one of the following: enabling the first communication device to obtain the certificate and/or the contract of the first object by means of a control plane , enabling the first communication device to obtain the certificate and/or contract of the first object through the user plane;
  • the inability to enable the first communication device to obtain the first object's certificate and/or the contract includes at least one of the following: inability to enable the first communication device to obtain the first object's certificate and/or by means of the control plane or contract, the first communication device cannot obtain the certificate and/or contract of the first object through the user plane method.
  • the network types of the networks in the first list, the networks in the second list, and/or the A network include at least one of the following: public network, non-public network, PLMN, PNI NPN, SNPN.
  • the first obtaining module 601 is further configured to: broadcast from a cell or receive the first indication information from a second communication device.
  • the apparatus 600 further includes:
  • the second obtaining module is configured to obtain at least one of the following items by accessing the network in the first list:
  • the selection module 602 is further configured to:
  • the first network is selected
  • the first condition includes at least one of the following:
  • the first network is a network in the first list
  • the first indication information is obtained from the first network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions; support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;
  • the terminal needs to obtain the certificate and/or contract of the first object
  • the first list includes at least one of the following: a list of networks that can configure the certificate and/or subscription of the first object; a first list corresponding to the first object; the networks in the first list can enable the first communication device to obtain The certificate and/or subscription of the first object; the list of allowed networks corresponding to the certificate and/or subscription of the first object;
  • the first network has the highest priority in the first list
  • the first communication device is within the coverage of the first network or the first communication device can monitor the signal of the first network.
  • the selection module 602 is further configured to:
  • the second network is selected
  • the second condition includes at least one of the following:
  • the second network is not a network in the second list
  • the first indication information is obtained from the second network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions; support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;
  • the terminal needs to obtain the certificate and/or contract of the first object
  • the second list includes at least one of the following: a list of networks that cannot configure the certificate and/or subscription of the first object; a second list corresponding to the first object;
  • the first communication device obtains the certificate and/or subscription of the first object; the list of disallowed networks corresponding to the certificate and/or subscription of the first object;
  • the first communication device is out of coverage of any network in the first list or the first communication device cannot monitor the signal of any network in the first list.
  • the networks in the first list are sorted by priority.
  • the selection module 602 is further configured to:
  • the third condition includes at least one of the following:
  • the third network is a network in the first list
  • the first indication information is obtained from the third network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions; support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;
  • the terminal needs to obtain the certificate and/or contract of the first object
  • the first list includes at least one of the following: a first list corresponding to the first object in a control plane manner, and a network list of certificates and/or subscriptions of the first object that can be configured in a control plane manner; the first The networks in the list can enable the first communication device to obtain the certificate and/or subscription of the first object through the control plane; the first communication device is within the coverage of the third network or the first communication device can monitor the signal to the third network;
  • the fourth condition includes at least one of the following:
  • the fourth network is a network in the first list
  • the first indication information is obtained from the fourth network, and the first indication information indicates at least one of the following: supporting the configuration of certificates and/or subscriptions; supporting the configuration of certificates and/or subscriptions by means of a control plane; supporting by means of user planes Configure certificates and/or subscriptions, support the configuration of certificates and/or subscriptions based on restricted access; support the configuration of certificates and/or subscriptions through the control plane based on restricted access; support the configuration of certificates and/or subscriptions through the user plane based on restricted access Supports configuration of certificates and/or subscriptions based on unrestricted access; supports configuration of certificates and/or subscriptions through control plane based on unrestricted access; supports configuration of certificates and/or subscriptions through user plane based on unrestricted access / or contract;
  • the terminal needs to obtain the certificate and/or contract of the first object
  • the first list includes at least one of the following: a first list corresponding to the first object through a user plane method, and a network list of certificates and/or subscriptions of the first object that can be configured through a user plane method; the first list The networks in the list can enable the first communication device to obtain the certificate and/or subscription of the first object through the user plane;
  • the first communication device is within the coverage of the fourth network or the first communication device can monitor the signal of the fourth network.
  • the apparatus provided in the embodiment of the present application can implement each process implemented by the method embodiment shown in FIG. 2 , and achieve the same technical effect. To avoid repetition, details are not described here.
  • an embodiment of the present application provides an apparatus for supporting network selection, which is applied to a second communication device.
  • the apparatus 700 includes:
  • a first sending module 701, configured to send first indication information
  • the first indication information is used to indicate at least one of the following:
  • the apparatus provided in this embodiment of the present application can implement each process implemented by the method embodiment shown in FIG. 3 , and achieve the same technical effect. To avoid repetition, details are not described here.
  • an embodiment of the present application provides an apparatus for supporting network selection, which is applied to a third communication device.
  • the apparatus 800 includes:
  • a second sending module 801, configured to send the first list and/or the second list
  • the first list includes: one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the first list include the following At least one item: the first communication device is capable of restricted access, enabling the first communication device to obtain a certificate and/or sign a contract, and the first communication device can access by using a default certificate;
  • the networks in the first list include networks to which the first communication device can access restricted and enable the first communication device to obtain a certificate and/or a subscription.
  • the first list includes at least one of the following:
  • the networks in the list of networks that can be configured with certificates and/or subscriptions include networks that the first communication device can access restricted and enable the first communication device to obtain certificates and/or subscriptions. network.
  • the second list includes one or more network objects, or identification information of one or more network objects, and the characteristics of the networks in the second list include at least the following: Item 1: the first communication device cannot be accessed, the first communication device cannot be made to obtain a certificate and/or a contract, and the first communication device cannot access using a default certificate;
  • the second list includes at least one of the following:
  • the network list includes one or more network objects, or the network list includes identification information of one or more network objects, and the network objects include networks and/or network groups.
  • the certificate and/or contract includes at least one of the following: a certificate and/or a contract for the first object; a certificate and/or a contract for primary authentication and/or authorization , for certificates and/or signings other than primary authentication and/or authorization;
  • the first object includes at least one of the following: A network, a first entity, a network accessed by the first communication device, primary authentication and/or authorization, and non-primary authentication and/or authorization;
  • the first entity includes one of the following: an entity in a data network, an entity outside the network accessed by the first communication device;
  • the A network is the same as or different from the network in the first list
  • the A network is the same as or different from the network in the second list.
  • the A network is the same as or different from the network accessed by the first communication device;
  • the obtaining of the certificate and/or signing includes at least one of the following: obtaining the certificate and/or signing through the control plane, and obtaining the certificate and/or signing through the user plane;
  • the list of networks capable of configuring certificates and/or subscriptions includes at least one of the following: a list of networks capable of configuring certificates and/or subscriptions in a control plane manner, and a list of networks capable of configuring certificates and/or subscriptions in a user plane manner;
  • Enabling the first communication device to obtain a certificate and/or signing a contract includes at least one of the following: enabling the first communication device to obtain a certificate and/or signing a contract through a control plane, enabling the first communication device to obtain a certificate and/or signing through a user plane way to obtain a certificate and/or contract.
  • the network type of the network in the first list, the network type of the network in the second list, and/or the network type of the A network include at least one of the following: public network, non-public network, PLMN, PNI NPN, SNPN.
  • the networks in the first list are sorted by priority.
  • the apparatus provided in this embodiment of the present application can implement each process implemented by the method embodiment shown in FIG. 4 , and achieve the same technical effect. To avoid repetition, details are not repeated here.
  • the apparatus provided in this embodiment of the present application can implement each process implemented by the method embodiment shown in FIG. 4 , and achieve the same technical effect. To avoid repetition, details are not repeated here.
  • FIG. 9 is a schematic diagram of the hardware structure of a terminal implementing an embodiment of the present application.
  • the terminal 900 includes but is not limited to: a radio frequency unit 901, a network module 902, an audio output unit 903, an input unit 904, a sensor 905, a display unit 906, a user Input unit 907, interface unit 908, memory 909, processor 910 and other components.
  • the terminal 900 may also include a power source (such as a battery) for supplying power to various components, and the power source may be logically connected to the processor 910 through a power management system, so as to manage charging, discharging, and power consumption through the power management system management and other functions.
  • a power source such as a battery
  • the terminal structure shown in FIG. 9 does not constitute a limitation on the terminal, and the terminal may include more or less components than shown, or combine some components, or arrange different components, which will not be repeated here.
  • the input unit 904 may include a graphics processor (Graphics Processing Unit, GPU) 9041 and a microphone 9042. Such as camera) to obtain still pictures or video image data for processing.
  • the display unit 906 may include a display panel 9061, which may be configured in the form of a liquid crystal display, an organic light emitting diode, or the like.
  • the user input unit 907 includes a touch panel 9071 and other input devices 9072 .
  • the touch panel 9071 is also called a touch screen.
  • the touch panel 9071 may include two parts, a touch detection device and a touch controller.
  • Other input devices 9072 may include, but are not limited to, physical keyboards, function keys (such as volume control keys, switch keys, etc.), trackballs, mice, and joysticks, which will not be repeated here.
  • the radio frequency unit 901 receives the downlink data from the network side device, and then processes it to the processor 910; in addition, sends the uplink data to the network side device.
  • the radio frequency unit 901 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier, a duplexer, and the like.
  • Memory 909 may be used to store software programs or instructions as well as various data.
  • the memory 909 may mainly include a storage program or instruction area and a storage data area, wherein the stored program or instruction area may store an operating system, an application program or instruction required for at least one function (such as a sound playback function, an image playback function, etc.) and the like.
  • the memory 909 may include a high-speed random access memory, and may also include a non-volatile memory, wherein the non-volatile memory may be a read-only memory (Read-Only Memory, ROM), a programmable read-only memory (Programmable ROM) , PROM), erasable programmable read-only memory (Erasable PROM, EPROM), electrically erasable programmable read-only memory (Electrically EPROM, EEPROM) or flash memory.
  • ROM Read-Only Memory
  • PROM programmable read-only memory
  • PROM erasable programmable read-only memory
  • Erasable PROM Erasable PROM
  • EPROM electrically erasable programmable read-only memory
  • EEPROM electrically erasable programmable read-only memory
  • flash memory for example at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device.
  • the processor 910 may include one or more processing units; optionally, the processor 910 may integrate an application processor and a modem processor, wherein the application processor mainly processes the operating system, user interface, application programs or instructions, etc., Modem processors mainly deal with wireless communications, such as baseband processors. It can be understood that, the above-mentioned modulation and demodulation processor may not be integrated into the processor 910.
  • the terminal provided in this embodiment of the present application can implement each process implemented by the method embodiment shown in FIG. 2 and achieve the same technical effect. To avoid repetition, details are not described here.
  • the network side device 1000 includes: an antenna 1001 , a radio frequency device 1002 , and a baseband device 1003 .
  • the antenna 1001 is connected to the radio frequency device 1002 .
  • the radio frequency device 1002 receives information through the antenna 1001, and sends the received information to the baseband device 1003 for processing.
  • the baseband device 1003 processes the information to be sent and sends it to the radio frequency device 1002
  • the radio frequency device 1002 processes the received information and sends it out through the antenna 1001 .
  • the above-mentioned frequency band processing apparatus may be located in the baseband apparatus 1003 , and the method performed by the network side device in the above embodiments may be implemented in the baseband apparatus 1003 .
  • the baseband apparatus 1003 includes a processor 1004 and a memory 1005 .
  • the baseband device 1003 may include, for example, at least one baseband board on which multiple chips are arranged, as shown in FIG. 10 , one of the chips is, for example, the processor 1004 , which is connected to the memory 1005 to call a program in the memory 1005 to execute
  • the network devices shown in the above method embodiments operate.
  • the baseband device 1003 may also include a network interface 1006 for exchanging information with the radio frequency device 1002, and the interface is, for example, a Common Public Radio Interface (CPRI for short).
  • CPRI Common Public Radio Interface
  • the network-side device in this embodiment of the present application further includes: an instruction or program stored in the memory 1005 and executable on the processor 1004, and the processor 1004 invokes the instruction or program in the memory 1005 to execute the instructions or programs shown in FIGS. 7-8.
  • the methods performed by each module are shown, and the same technical effect is achieved. In order to avoid repetition, it is not repeated here.
  • An embodiment of the present application further provides a program product, where the program product is stored in a non-volatile storage medium, and the program product is executed by at least one processor to implement the processing method as described in FIG. 2 to FIG. 4 .
  • An embodiment of the present application further provides a readable storage medium, where a program or an instruction is stored on the readable storage medium, and when the program or instruction is executed by a processor, each process of the method embodiment shown in FIG. 2 to FIG. 4 is implemented. , and can achieve the same technical effect, in order to avoid repetition, it is not repeated here.
  • the processor is the processor in the terminal described in the foregoing embodiment.
  • the readable storage medium includes a computer-readable storage medium, such as a computer read-only memory (Read-Only Memory, ROM), a random access memory (Random Access Memory, RAM), a magnetic disk or an optical disk, and the like.
  • An embodiment of the present application further provides a chip, where the chip includes a processor and a communication interface, the communication interface is coupled to the processor, and the processor is used to run a network-side device program or instruction to implement the above-mentioned FIG. 2-
  • the chip includes a processor and a communication interface
  • the communication interface is coupled to the processor
  • the processor is used to run a network-side device program or instruction to implement the above-mentioned FIG. 2-
  • the chip mentioned in the embodiments of the present application may also be referred to as a system-on-chip, a system-on-chip, a system-on-chip, or a system-on-a-chip, or the like.
  • the method of the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course can also be implemented by hardware, but in many cases the former is better implementation.
  • the technical solution of the present application can be embodied in the form of a software product in essence or in a part that contributes to the prior art, and the computer software product is stored in a storage medium (such as ROM/RAM, magnetic disk, CD-ROM), including several instructions to make a terminal (which may be a mobile phone, a computer, a server, or a network device, etc.) execute the methods described in the various embodiments of this application.
  • a storage medium such as ROM/RAM, magnetic disk, CD-ROM

Abstract

La présente demande concerne un procédé, un appareil et un dispositif de prise en charge d'une sélection de réseau, ainsi qu'un support de stockage lisible. Le procédé comprend : l'acquisition de premières informations, qui comprennent : une première liste, une seconde liste, et/ou de premières informations d'indication; et la sélection d'un réseau sur la base des premières informations.
PCT/CN2022/075020 2021-02-05 2022-01-29 Procédé, appareil et dispositif de prise en charge de sélection de réseau, et support de stockage lisible WO2022166891A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110164165.2 2021-02-05
CN202110164165.2A CN114885321A (zh) 2021-02-05 2021-02-05 支持网络选择的方法、装置、设备及可读存储介质

Publications (1)

Publication Number Publication Date
WO2022166891A1 true WO2022166891A1 (fr) 2022-08-11

Family

ID=82667165

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/075020 WO2022166891A1 (fr) 2021-02-05 2022-01-29 Procédé, appareil et dispositif de prise en charge de sélection de réseau, et support de stockage lisible

Country Status (2)

Country Link
CN (1) CN114885321A (fr)
WO (1) WO2022166891A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110636506A (zh) * 2018-06-22 2019-12-31 维沃移动通信有限公司 网络接入方法、终端及网络侧网元
CN110971641A (zh) * 2018-09-30 2020-04-07 维沃移动通信有限公司 一种网络服务控制方法及通信设备
US20200329422A1 (en) * 2019-08-05 2020-10-15 Intel Corporation Non-public networks support by ng radio access network (ng-ran)

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110636506A (zh) * 2018-06-22 2019-12-31 维沃移动通信有限公司 网络接入方法、终端及网络侧网元
CN110971641A (zh) * 2018-09-30 2020-04-07 维沃移动通信有限公司 一种网络服务控制方法及通信设备
US20200329422A1 (en) * 2019-08-05 2020-10-15 Intel Corporation Non-public networks support by ng radio access network (ng-ran)

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ANONYMOUS: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Study on enhanced support of non-public networks (Release 17)", 3GPP STANDARD; TECHNICAL REPORT; 3GPP TR 23.700-07, no. V1.0.0, 9 September 2020 (2020-09-09), pages 1 - 215, XP051925989 *
ERICSSON: "UE onboarding", 3GPP DRAFT; R3-210638, vol. RAN WG3, 14 January 2021 (2021-01-14), pages 1 - 5, XP051973083 *

Also Published As

Publication number Publication date
CN114885321A (zh) 2022-08-09

Similar Documents

Publication Publication Date Title
US10798647B2 (en) Network slice selection
US9386617B2 (en) Discovery and operation of hybrid wireless wide area and wireless local area networks
US11064422B2 (en) System and method for enabling subscriber-based policy decisions
US11910475B2 (en) Systems and methods for enabling efficient establishment of policy control associations
WO2022171086A1 (fr) Procédé de prise en charge d'acquisition d'informations, appareil, dispositif, et support de stockage lisible
US20220272577A1 (en) Communication method and communication apparatus
WO2022095850A1 (fr) Procédé et appareil permettant d'établir une association de politique, terminal et dispositif côté réseau
US9756536B2 (en) Method and apparatus for managing information in a communication system
JP6889740B2 (ja) ネットワークスライス選択
WO2022166891A1 (fr) Procédé, appareil et dispositif de prise en charge de sélection de réseau, et support de stockage lisible
WO2022057828A1 (fr) Procédé de mesure, appareil de mesure, terminal et dispositif réseau
WO2022068903A1 (fr) Procédé et appareil de sélection de réseau, procédé et appareil de transmission d'informations, et procédé et appareil d'acquisition d'informations
US10264441B2 (en) Method and apparatus for performing discovery by device supporting Wi-Fi Direct in wireless communication system
CN112789896B (zh) 切换传输路径的方法及装置
WO2023138525A1 (fr) Procédé et appareil de transmission d'informations de sélection et d'accès de réseau, procédé et appareil d'obtention d'informations de sélection et d'accès de réseau, et dispositif associé
WO2022213981A1 (fr) Procédé et appareil de traitement d'informations, et dispositif de communication
WO2022188754A1 (fr) Procédé et appareil qui utilisent une bande de fréquence sans licence, et terminal et dispositif côté réseau
WO2022206663A1 (fr) Procédé d'établissement de session pdu, dispositif associé et support de stockage lisible
WO2022156695A1 (fr) Procédé et appareil d'exploitation de sortie de réseau, dispositif et support de stockage lisible
WO2022097290A1 (fr) Terminal et système de communication
WO2022166892A1 (fr) Procédé et appareil de traitement d'informations, dispositif de communication et support de stockage lisible
US20230217531A1 (en) Methods and apparatus for inactive state initial uplink transmission using pre-configured grant at a base station in wireless communication
AU2016102415A4 (en) Network slice selection

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22749170

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 22749170

Country of ref document: EP

Kind code of ref document: A1