WO2023051401A1 - 用户相关的数据服务的处理方法、装置及网元 - Google Patents
用户相关的数据服务的处理方法、装置及网元 Download PDFInfo
- Publication number
- WO2023051401A1 WO2023051401A1 PCT/CN2022/120854 CN2022120854W WO2023051401A1 WO 2023051401 A1 WO2023051401 A1 WO 2023051401A1 CN 2022120854 W CN2022120854 W CN 2022120854W WO 2023051401 A1 WO2023051401 A1 WO 2023051401A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- user
- information
- data service
- service
- Prior art date
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 14
- 238000013475 authorization Methods 0.000 claims abstract description 87
- 238000000034 method Methods 0.000 claims abstract description 63
- 238000004891 communication Methods 0.000 claims abstract description 22
- 230000006870 function Effects 0.000 claims description 226
- 238000013480 data collection Methods 0.000 claims description 42
- 238000013500 data storage Methods 0.000 claims description 27
- 238000012545 processing Methods 0.000 claims description 19
- 238000004590 computer program Methods 0.000 claims description 9
- 230000004044 response Effects 0.000 claims description 9
- 238000012795 verification Methods 0.000 claims description 5
- 230000008569 process Effects 0.000 description 11
- 238000010586 diagram Methods 0.000 description 8
- 230000000694 effects Effects 0.000 description 8
- 238000005070 sampling Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 4
- 238000005457 optimization Methods 0.000 description 4
- 230000011664 signaling Effects 0.000 description 4
- 239000013256 coordination polymer Substances 0.000 description 3
- 230000002452 interceptive effect Effects 0.000 description 3
- 238000007726 management method Methods 0.000 description 3
- 230000003190 augmentative effect Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000013523 data management Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 230000008447 perception Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 238000012517 data analytics Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 239000004984 smart glass Substances 0.000 description 1
- 238000005406 washing Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W60/00—Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration
- H04W60/04—Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration using triggered events
Definitions
- the present application belongs to the technical field of communications, and in particular relates to a processing method, device and network element for user-related data services.
- NWDAF Network Data Analytics Function
- 5G fifth-generation mobile communication
- 5G fifth-generation mobile communication
- UE Radio access network and user equipment
- the existing network does not yet support user-level data service node registration and authorization of user-related data services, resulting in the inability of users to have complete control over personal digital assets and realize them according to personal wishes.
- the interface performance and function design do not support it.
- the current network function-centric design does not consider the differentiated user-level data service requirements, and because the functions related to data services are not standardized, the network element equipment does not Consider this part of the overhead and therefore affect network performance.
- Embodiments of the present application provide a processing method, device, and network element for user-related data services, which can solve the problem that existing networks do not support authorization and registration of user-related data services.
- a method for processing user-related data services including:
- the first data plane function acquires user authorization information of user-related data services
- the first data plane function performs a first operation according to the user authorization information, and the first operation includes at least one of the following:
- a user-related data service processing device which is applied to the first data plane function, including:
- An acquisition module configured to acquire user authorization information for user-related data services
- An executing module configured to execute a first operation according to the user authorization information, where the first operation includes at least one of the following:
- a network element with a first data plane function includes a processor, a memory, and a program or instruction stored in the memory and operable on the processor, the program Or the steps of the method described in the first aspect are implemented when the instruction is executed by the processor.
- a network element with a first data plane function including a processor and a communication interface, wherein the communication interface is used to obtain user authorization information for user-related data services;
- the user authorization information performs a first operation, and the first operation includes at least one of the following: determining whether to accept a user-related data service request; performing authentication and/or security configuration for the user; establishing user-level data for the user Service anchor.
- a readable storage medium is provided, and a program or an instruction is stored on the readable storage medium, and when the program or instruction is executed by a processor, the steps of the method according to the first aspect are implemented.
- a sixth aspect provides a chip, the chip includes a processor and a communication interface, the communication interface is coupled to the processor, and the processor is used to run programs or instructions to implement the method as described in the first aspect .
- a computer program product is provided, the computer program product is stored in a non-transitory storage medium, and the computer program product is executed by at least one processor to implement the method as described in the first aspect step.
- the embodiment of the present application provides a communication device configured to execute the method as described in the first aspect.
- the first data plane function determines whether to accept the user-related data service request according to the user authorization information of the user-related data service, and/or performs authentication and/or security configuration on the user, and/or Or establish a user-level data service anchor point for users, so as to realize the authorization and registration of user-related data services, so that users have complete control over personal data, including data realization according to personal wishes, and setting range according to personal wishes Share data within, and cancel or modify access rights according to changes.
- FIG. 1 shows a block diagram of a wireless communication system to which an embodiment of the present application is applicable
- FIG. 2 shows a flow chart of the steps of the processing method of the user-related data service provided by the embodiment of the present application
- FIG. 3 shows an interactive schematic diagram of Example 1 provided by the embodiment of the present application
- FIG. 4 shows an interactive schematic diagram of Example 2 provided by the embodiment of the present application
- FIG. 5 shows an interactive schematic diagram of Example 3 provided by the embodiment of the present application.
- FIG. 6 shows a schematic structural diagram of a processing device for user-related data services provided by an embodiment of the present application
- FIG. 7 shows one of the schematic structural diagrams of a network element having a first data plane function provided by an embodiment of the present application
- FIG. 8 shows a second schematic structural diagram of a network element with a first data plane function provided by an embodiment of the present application.
- first, second and the like in the specification and claims of the present application are used to distinguish similar objects, and are not used to describe a specific sequence or sequence. It is to be understood that the terms so used are interchangeable under appropriate circumstances such that the embodiments of the application are capable of operation in sequences other than those illustrated or described herein and that "first" and “second” distinguish objects. It is usually one category, and the number of objects is not limited. For example, there may be one or more first objects.
- “and/or” in the description and claims means at least one of the connected objects, and the character “/” generally means that the related objects are an "or” relationship.
- LTE Long Term Evolution
- LTE-Advanced LTE-Advanced
- LTE-A Long Term Evolution-Advanced
- CDMA Code Division Multiple Access
- TDMA Time Division Multiple Access
- FDMA Frequency Division Multiple Access
- OFDMA Orthogonal Frequency Division Multiple Access
- SC-FDMA Single-carrier Frequency-Division Multiple Access
- SC-FDMA Single-carrier Frequency-Division Multiple Access
- system and “network” in the embodiments of the present application are often used interchangeably, and the described technologies can be used for the above-mentioned systems and radio technologies as well as other systems and radio technologies.
- NR New Radio
- the following description describes the New Radio (NR) system for illustrative purposes, and uses NR terminology in most of the following descriptions, but these techniques can also be applied to applications other than NR system applications, such as the 6th generation (6 th Generation, 6G) communication system.
- 6G 6th Generation
- Fig. 1 shows a block diagram of a wireless communication system to which the embodiment of the present application is applicable.
- the wireless communication system includes a terminal 11 and a network side device 12 .
- the terminal 11 can be a mobile phone, a tablet computer (Tablet Personal Computer), a laptop computer (Laptop Computer) or a notebook computer, a personal digital assistant (Personal Digital Assistant, PDA), a palmtop computer, a netbook, a super mobile personal computer (ultra-mobile personal computer, UMPC), mobile Internet device (Mobile Internet Device, MID), augmented reality (augmented reality, AR) / virtual reality (virtual reality, VR) equipment, robot, wearable device (Wearable Device) , vehicle equipment (VUE), pedestrian terminal (PUE), smart home (home equipment with wireless communication functions, such as refrigerators, TVs, washing machines or furniture, etc.) Rings, smart earphones, smart glasses, smart jewelry (smart bracelets, smart bracelets, smart rings, smart necklaces, smart anklets, smart anklets
- the network side device 12 may be a base station or a core network, where a base station may be called a node B, an evolved node B, an access point, a base transceiver station (Base Transceiver Station, BTS), a radio base station, a radio transceiver, a basic service Basic Service Set (BSS), Extended Service Set (ESS), Node B, Evolved Node B (eNB), Home Node B, Home Evolved Node B, Wireless Local Area Network (WLAN) ) access point, wireless fidelity (Wireless Fidelity, WiFi) node, transmitting and receiving point (Transmitting Receiving Point, TRP) or some other suitable term in the field, as long as the same technical effect is achieved, the base station is not limited to Specific technical terms, it should be noted that in the embodiment of the present application, only the base station in the NR system is taken as an example, but the specific type of the base station is not limited.
- the network functions provided by the embodiments of the present application include but are not limited to the first function, the second function, the third function, the core network control plane function, the core network user plane function, the application function, and the wireless access network user plane function.
- At least one of the plane functions and the radio access network control plane functions has corresponding network elements or nodes or units or modules, etc., which are not specifically limited here.
- the embodiment of the present application also provides a method for processing user-related data services, including:
- Step 201 the first data plane function obtains user authorization information of user-related data services
- Step 202 the first data plane function performs a first operation according to the user authorization information, and the first operation includes at least one of the following:
- the user-level service anchor interacts with the data plane function to collect and store the data authorized by the user, and provide the user's data service to the user authorization function.
- the user-level data service anchor point may be established on the core network side, or may be established on the radio access network side, which is not specifically limited here.
- the first data plane function includes at least one of the following:
- the first function of the core network data plane is connected with the core network control plane function, the core network user plane function, the application function, the radio access network user plane function, the radio access network control plane function, the UE, the second At least one of the second function and the third function interacts to realize the data service;
- Two functions of the data plane of the radio access network are connected with at least one of the control plane function of the radio access network, the user plane function of the radio access network, the application function, the UE, the first function, and the third function Interact and implement data services.
- the first function is one of the network functions of the core network, which may also be called the data plane function of the core network;
- the second function is one of the network functions of the radio access network, and may also be called the data plane function of the radio access network.
- the data plane function of the core network or the data plane function of the radio access network determines whether to accept the data service request related to the user according to the user authorization information of the data service related to the user, and/or authenticates the user And/or security configuration, so as to realize the authorization and registration of user-related data services, so that users have complete control over personal data, including realizing data according to personal wishes, sharing data within the scope of settings according to personal wishes, and Access rights may be revoked or modified upon change.
- the user-related data service includes at least one of the following:
- Data collection including user identification
- a request for data that includes a user ID includes a user ID.
- the user identification can be: a persistent identification, such as a user permanent identifier (Subscription Permanent Identifier, SUPI), an external network IP address, a media access control (Media Access Control, MAC) address, an internal network IP address, User Concealed Identifier (Subscription Concealed Identifier, SUCI), etc.; can also be a temporary identifier, Random Access-Radio Network Temporary Identifier (Random Access-Radio Network Temporary Identifier, RA-RNTI), temporary cell wireless network temporary identifier (Temporary Cell- RNTI, TC-RNTI), cell radio network temporary identifier (Cell-RNTI, C-RNTI), semi-persistent scheduling radio network temporary identifier (Configured Scheduling-RNTI, CS-RNTI), modulation and coding mechanism cell radio network temporary identifier (Modulation and coding scheme-C-RNTI, MCS-C-RNTI) etc).
- a persistent identification such as a user permanent identifier (Subscription Permanent Identifier,
- the user authorization information of the user-related data service includes at least one of the following:
- the authorization type of the data service including allowing or disallowing the execution of the user-related data service, and/or asking the user for permission when the user-related data service arrives;
- User data classification information users define different levels and the data contained in different levels according to their personal wishes. For example, define high, medium, and low levels and the data contained in them.
- the high level includes data identified by the user's mobile phone number or SUPI, instant messaging software such as WeChat data, etc.; the middle level data is positioning data, perception data, etc.; Measurement data identified by the radio domain ID (C-RNTI);
- the data range that allows the network to provide data services for example, it is represented by one of the above user data classification information of high, medium and low, or any combination of the three;
- the configuration information of the data collection includes at least one of the following:
- Allow time information for data collection such as start time, and/or end time;
- the frequency information that allows data collection for example, the maximum collection frequency is 1000 times/second.
- the configuration information of the data storage includes at least one of the following:
- Data information that can be stored by different data plane functions include: at least one of the first function, the second function, and the data plane functions on the UE side:
- storage space information for example, storage space size
- the configuration information of the data access includes at least one of the following:
- Configure the data information that each network function is allowed to access or obtain for example, configure which network functions are allowed to access or obtain which data;
- real-time includes data sampling rate and/or latency from data generation to data requester. If real-time data is provided, the above-mentioned time parameters corresponding to real-time can be configured or preset correspondingly.
- the real-time data service parameter is the data sampling rate of one sample point per ms (that is, milliseconds), and the delay from data generation to data requester On the order of 10ms;
- Data security configuration information for example, data watermarking and/or encryption
- the frequency information that allows data collection for example, the maximum collection frequency is 1000 times/second;
- Data access or service record configuration such as operator records, multi-party distributed ledger, etc.
- step 201 includes at least one of the following:
- the first data plane function obtains user-related data service subscription information, and the data service subscription information includes the user authorization information; the data service subscription information can be stored in a core network storage function (such as unified data management (Unified Data Management) Management, UDM)), and may also be stored in a data plane function with a subscription information storage function (such as a core network data plane function or a radio access network data plane function or a UE side data plane function);
- a core network storage function such as unified data management (Unified Data Management) Management, UDM)
- UDM Unified Data Management
- a data plane function with a subscription information storage function such as a core network data plane function or a radio access network data plane function or a UE side data plane function
- the first data plane function obtains the user authorization information of the user-related data service sent by the user equipment UE or the application function;
- the first data plane function obtains the user authorization information of the user-related data service stored by the radio access network storage function, and the user authorization information of the user-related data service stored by the radio access network storage function is reported by the terminal or the application function.
- the method before the first data plane function performs authentication and/or security configuration on the user, the method further includes:
- the first data plane function receives a registration request message of a user data service anchor, and the registration request message includes at least one of the following:
- User-level anchor point establishment request information the user requests to establish the user's data service anchor point in the core network or wireless access network according to his personal wishes, for the data collection, storage and data services required by the user;
- the configuration information of the user-level anchor requesting registration includes at least one of the following:
- User data classification information users define different levels and the data contained in different levels according to their personal wishes. For example, define high, medium, and low levels and the data contained in them.
- the high level includes data identified by the user's mobile phone number or SUPI, instant messaging software such as WeChat data, etc.; the middle level data is positioning data, perception data, etc.; Measurement data identified by the radio domain ID (C-RNTI);
- the data range that allows the network to provide data services for example, it is represented by one of the above user data classification information of high, medium and low, or any combination of the three;
- the configuration information of the data collection includes at least one of the following:
- Allow time information for data collection such as start time, and/or end time;
- the frequency information that allows data collection for example, the maximum collection frequency is 1000 times/second.
- the configuration information of the data storage includes at least one of the following:
- Data information that can be stored by different data plane functions include: at least one of the first function, the second function, and the data plane functions on the UE side:
- storage space information for example, storage space size
- the configuration information of the data access includes at least one of the following:
- Configure the data information that each network function is allowed to access or obtain for example, configure which network functions are allowed to access or obtain which data;
- real-time includes data sampling rate and/or latency from data generation to data requester. If real-time data is provided, the above-mentioned time parameters corresponding to real-time can be configured or preset accordingly.
- the real-time data service parameter is the data sampling rate of one sample point per ms, and the delay from data generation to data requester is on the order of 10ms ;
- Data security configuration information for example, data watermarking and/or encryption
- the frequency information that allows data collection for example, the maximum collection frequency is 1000 times/second;
- Data access or service record configuration such as operator records, multi-party distributed ledger, etc.
- the method further includes:
- a user data service anchor registration acceptance message is sent to the terminal, and a user-level data service anchor is established for the user.
- the method also includes:
- the first data plane function queries relevant information of the user data service anchor point to determine whether to accept it User-related data service requests.
- the first data plane function can collect and store user data according to the configuration of the user data service anchor point .
- the function of the first data plane is mainly to determine whether the data service consumer is allowed to access the requested user data service.
- the method when the authorization type of the data service is: asking the user whether to allow when the user-related data service arrives, the method further includes:
- the first data plane function sends request information to the terminal, where the request information is used to ask the terminal whether to allow the data service;
- the first data plane function receives request response information sent by the terminal, where the request response information includes: allowing the data service, or disallowing the data service.
- the first data plane function may directly send the request information to the terminal, or send the request information to the terminal through an Access and Mobility Management Function (Access and Mobility Management Function, AMF), or, through a radio resource control (Radio Resource Control, RRC) signaling to send the request information, or through the application function AF to send the request information.
- AMF Access and Mobility Management Function
- RRC Radio Resource Control
- the request information includes at least one of the following:
- the quality of service requirements for the requested data service is the quality of service requirements for the requested data service.
- the data plane function of the core network or the data plane function of the radio access network determines whether to accept the data service request related to the user according to the user authorization information of the data service related to the user, and/or conducts Authentication and/or security configuration, so as to realize the authorization and registration of user-related data services, so that users have complete control over personal data, including the realization of data according to personal wishes, and sharing within the set range according to personal wishes data, and access rights may be revoked or amended according to changes.
- Example 1 user service authorization based on subscription information
- the system includes a data service consumer, a first data plane function, a UDM and a UE.
- the first data plane function is a core network data service function or a radio access network data service function, including a data service control plane function, and/or a data service data plane function, and a core network and/or a wireless access network
- the control plane function and the user plane function of the network are connected. It can be deployed in a centralized manner or in a distributed manner according to the scenario, which is not specifically limited here.
- Data service consumers can be Application Function (Application Function, AF), Core Network-Control Plane (Core Network-Control Plane, CN-CP) function, Core Network-User Plane (Core Network-User Plane, CN-UP) function, wireless Access network functions (such as base station (gNB), centralized unit (Centralized Unit, CU), centralized unit control plane (Centralized Unit-Control Plane, CU-CP), centralized unit user plane (Centralized Unit-User Plane, CU-UP ), a distributed unit (Distributed Unit, DU), etc.) and one or more of UE.
- Application Function Application Function
- AF Core Network-Control Plane
- CN-CP Core Network-User Plane
- CN-UP Core Network-User Plane
- wireless Access network functions such as base station (gNB), centralized unit (Centralized Unit, CU), centralized unit control plane (Centralized Unit-Control Plane, CU-CP), centralized unit user plane (Centralized Unit-Us
- the first data plane function receives a data service request
- the data service request includes a description of the data service, including at least one of the following: the content of the requested data service, the purpose of the data service, the validity period of the data service, and the Quality of service requirements such as accuracy, sampling frequency, and delay of the requested data service.
- the request includes a UE identifier or a UE group identifier (such as network slice selection assistance information NSSAI).
- Step 32 if the request in step 31 includes the UE identifier, or the first data plane function judges whether it is necessary to collect, store or access data of each UE (per UE) according to the received data service request, if necessary, the second A function may decide or request from other functions which UEs need to participate;
- Step 33 the first data plane function requests the UDM to check the data service subscription information of the relevant UE, so as to know the consent information of the user.
- the first data plane function with the user subscription information storage function may already know the subscription information of the user data service for some users (for example, obtained from previous requests, or the first data plane function pre-requests all user subscription information information or user subscription information to allow data services)
- Step 34 the UDM feeds back the user subscription information of the corresponding user-related data service
- Step 35 if the authorization type of the data service in the user's subscription information is asking the user whether to allow when the user-related data service arrives, then request the data provider whether to allow the data service.
- the first data plane function may be sent directly to the UE, or sent through the AMF, or sent through the radio access network RRC signaling, or sent through the AF.
- the request information includes at least one of the following: description information of the data service, including the content of the requested data service, the purpose of the data service, the validity period of the data service, the accuracy, sampling frequency and time delay of the requested data service One or more of the service quality requirements.
- the UE responds to the request information, including at least one of the following items: allowing or not allowing the data service.
- Step 36 Accept or reject the data service request according to the interaction information in step 34 and/or step 35.
- Example 2 user service authorization based on UE and/or application function AF
- the system includes an application function AF, a data service consumer, a first data plane function, a UDM and a UE.
- the first data plane function is a core network data service function or a radio access network data service function, including a data service control plane function, and/or a data service data plane function, and a core network and/or a wireless access network
- the control plane function and the user plane function of the network are connected. It can be deployed in a centralized manner or in a distributed manner according to the scenario, which is not specifically limited here.
- Data service consumers can be application functions AF, core network control plane functions, core network user plane functions, radio access network functions (such as base station gNB, centralized unit CU, centralized unit control plane CU-CP, centralized unit user plane CU- UP, distribution unit DU, etc.) and one or more of UE.
- application functions AF core network control plane functions
- core network user plane functions radio access network functions (such as base station gNB, centralized unit CU, centralized unit control plane CU-CP, centralized unit user plane CU- UP, distribution unit DU, etc.) and one or more of UE.
- Step 41a, 41b, UE and/or AF sends user authorization information of user-related data services to the network.
- the network can be UDM or a data plane function with user authorization information storage function.
- the UE can send to the UDM through the AMF; or, the UE can directly send to the data plane function, or send through the AMF, or send through the radio access network RRC signaling.
- AF can be sent to the data plane function or UDM through the Network Exposure Function (NEF) or directly.
- NEF Network Exposure Function
- the network may overwrite the user data service subscription information according to the received user data service authorization information.
- the network simultaneously saves the received user data service authorization information and the user data service subscription information.
- the network may save the user's data service authorization information and store it in the UDM as the UE's temporary subscription information.
- Step 42 the first data plane function receives a data service request
- the data service request includes a description of the data service, including at least one of the following: the content of the requested data service, the purpose of the data service, the validity period of the data service, and the Quality of service requirements such as accuracy, sampling frequency, and delay of the requested data service.
- the request includes a UE identifier or a UE group identifier (such as network slice selection assistance information NSSAI).
- Step 43 if the request in step 42 includes the UE identity, or the first data plane function judges whether per UE data collection, storage or access is required according to the received data service request, if necessary, the first function may decide or Which UEs need to participate in requesting other functions;
- Step 44 the first data plane function requests the UDM to check the data service subscription information of the relevant UE, so as to know the consent information of the user.
- the first data plane function with the user subscription information storage function may already know the subscription information of the user data service for some users (for example, obtained from previous requests, or the first data plane function pre-requests all user subscription information information or user subscription information to allow data services);
- Step 45 the UDM feeds back the user subscription information of the corresponding user-related data service
- Step 46 if the authorization type of the data service in the user's subscription information is asking the user whether to allow when the user-related data service arrives, then request the data provider whether to allow the data service.
- the first data plane function may be sent directly to the UE, or sent through the AMF, or sent through the radio access network RRC signaling, or sent through the AF.
- the request information includes at least one of the following: description information of the data service, including the content of the requested data service, the purpose of the data service, the validity period of the data service, the accuracy, sampling frequency and time delay of the requested data service One or more of the service quality requirements.
- the UE responds to the request information, including at least one of the following items: allowing or not allowing the data service.
- Step 47 Accept or reject the data service request according to the interaction information in step 45 and/or step 46.
- Figure 5 shows the registration scheme of the user data service anchor, which refers to the function that can provide user data collection, storage or data access/acquisition services.
- the system includes a data service consumer, a first data plane function, a (radio) access network function ((R)AN), a user-level data service anchor and a UE.
- R radio access network function
- Step 51 the UE sends the registration request information of the user data service anchor to the network;
- Step 52 the wireless access network selects a data service function according to the user identification provided by the user and/or user data service anchor registration information (such as real-time and security);
- the wireless access network selects a certain data service function of the core network
- the radio access network selects a certain data service function of the radio access network, and the data service function of the radio access network is responsible for data collection, storage and access of the radio access network.
- Step 53 the wireless access network sends the registration request to the selected first data service function. If the data service function is one of the core network functions, it can be sent through the AMF or directly to the first data plane function;
- Step 54 the first data plane function performs authentication and security configuration according to the user authorization information of the data service.
- the authorization information may be based on the subscription information and/or the user data service authorization information. Examples 1 and 2 have already been described and will not be repeated here.
- Step 55 if the above authentication and security configuration verification pass, send a data anchor registration acceptance message to the UE.
- Step 56 If the data service anchor point registration is successful, then the first data plane function establishes a user-level data service anchor point for the user according to the user's registration information on the data anchor point; and collects the user's data to the relevant data providing function , and save it on the user's data service anchor according to the configuration.
- Step 57 optionally, if the user data service anchor can provide the user data service, the data consumer sends a data service request;
- Step 58 the first data function judges that the data service request needs the data of the established user-level data service anchor point
- step 59 the first data plane function interacts with the user-level data service anchor point for the data service request and response, and determines whether the request is allowed.
- Step 60 accept or reject the data service request according to the information in step 59.
- the first data plane function is collecting and storing user data according to the configuration of the user data service anchor point.
- a data service consumer requests data, it mainly judges whether the data service consumer is allowed to access the requested user data service.
- the execution body may be a processing device for user-related data services, or the user-related data service processing device for executing the user A control module related to the processing method of the data service.
- the user-related data service processing device provided by the embodiment of the present application is described by taking the user-related data service processing device executing the user-related data service processing method as an example.
- the embodiment of the present application also provides a user-related data service processing device 600, which is applied to the first data plane function, including:
- An acquisition module 601, configured to acquire user authorization information of user-related data services
- An executing module 602 configured to execute a first operation according to the user authorization information, where the first operation includes at least one of the following:
- the first data plane function includes at least one of the following:
- the first function of the core network data plane is the core network data plane
- the user authorization information of the user-related data service includes at least one of the following:
- the user-related data service includes at least one of the following:
- Data collection including user identification
- a request for data that includes a user ID includes a user ID.
- the acquisition module includes at least one of the following:
- the first acquiring submodule is used to acquire user-related data service subscription information, where the data service subscription information includes the user authorization information;
- the second acquisition sub-module is used to acquire user authorization information of the user-related data service sent by the terminal or the application function;
- the third obtaining sub-module is used to obtain the user authorization information of the user-related data service stored by the wireless access network storage function, and the user authorization information of the user-related data service stored by the wireless access network storage function is reported by the terminal or the application function .
- the device also includes:
- the first receiving module is configured to receive a registration request message of a user data service anchor, where the registration request message includes at least one of the following:
- the configuration information of the user-level anchor requesting registration includes at least one of the following:
- the configuration information of the data collection includes at least one of the following:
- the configuration information of the data storage includes at least one of the following:
- the data access configuration information includes at least one of the following:
- the device when the authorization type of the data service is: asking the user whether to allow when the user-related data service arrives, the device further includes:
- a first sending module configured to send request information to the terminal, where the request information is used to inquire whether the terminal allows the data service;
- the second receiving module is configured to receive request response information sent by the terminal, where the request response information includes: allowing the data service, or disallowing the data service.
- the request information includes at least one of the following:
- the quality of service requirements for the requested data service is the quality of service requirements for the requested data service.
- the device also includes:
- the second sending module is configured to send a user data service anchor registration acceptance message to the terminal when the authentication and/or security configuration verification is passed, and establish a user-level data service anchor for the user.
- the device also includes:
- the determining module is configured to, when a user-related data service request is received, and the data service request requires user data for which a user data service anchor point has been established, query the relevant information of the user data service anchor point to determine whether to accept the user-related data service request. data service requests.
- the data plane function of the core network or the data plane function of the radio access network determines whether to accept the data service request related to the user according to the user authorization information of the data service related to the user, and/or authenticates the user And/or security configuration, so as to realize the authorization and registration of user-related data services, so that users have complete control over personal data, including realizing data according to personal wishes, sharing data within the scope of settings according to personal wishes, and Access rights may be revoked or modified upon change.
- the user-related data service processing device provided in the embodiment of the present application is a device capable of executing the above-mentioned user-related data service processing method, and the above-mentioned user-related data service processing method embodiments are applicable to The device, and all can achieve the same or similar beneficial effects.
- the user-related data service processing device in the embodiment of the present application may be a device, a device with an operating system or an electronic device, or a component, an integrated circuit, or a chip in a terminal.
- the apparatus or electronic equipment may be a mobile terminal or a non-mobile terminal.
- the mobile terminal may include but not limited to the types of terminals 11 listed above, and the non-mobile terminal may be a server, a network attached storage (Network Attached Storage, NAS), a personal computer (personal computer, PC), a television ( television, TV), teller machines or self-service machines, etc., are not specifically limited in this embodiment of the present application.
- the user-related data service processing device provided by the embodiment of the present application can realize each process realized by the method embodiments in Fig. 1 to Fig. 5 and achieve the same technical effect. To avoid repetition, details are not repeated here.
- this embodiment of the present application also provides a network element 700 with a first data plane function, including a processor 701 and a memory 702, which are stored in the memory 702 and can be stored on the processor 701.
- the program or instruction running on the Internet when the program or instruction is executed by the processor 701, implements the various processes of the above-mentioned user-related data service processing method embodiment, and can achieve the same technical effect. To avoid repetition, details are not repeated here.
- the embodiment of the present application also provides a network element with a first data plane function, including a processor and a communication interface, wherein the communication interface is used to obtain user authorization information for user-related data services;
- the user authorization information performs a first operation, and the first operation includes at least one of the following: determining whether to accept a user-related data service request; performing authentication and/or security configuration for the user; establishing user-level data for the user Service anchor.
- This network element embodiment corresponds to the above-mentioned network element method embodiment, and each implementation process and implementation mode of the above-mentioned method embodiment can be applied to this network element embodiment, and can achieve the same technical effect.
- the embodiment of the present application also provides a network element.
- the network element 800 includes: an antenna 81 , a radio frequency device 82 , and a baseband device 83 .
- the antenna 81 is connected to a radio frequency device 82 .
- the radio frequency device 82 receives information through the antenna 81, and sends the received information to the baseband device 83 for processing.
- the baseband device 83 processes the information to be sent and sends it to the radio frequency device 82
- the radio frequency device 82 processes the received information and sends it out through the antenna 81 .
- the foregoing frequency band processing device may be located in the baseband device 83 , and the method performed by the network element in the above embodiment may be implemented in the baseband device 83 , and the baseband device 83 includes a processor 84 and a memory 85 .
- Baseband device 83 for example can comprise at least one baseband board, and this baseband board is provided with a plurality of chips, as shown in Fig. The network device operations shown in the above method embodiments.
- the baseband device 83 may also include a network interface 86 for exchanging information with the radio frequency device 82, and the interface is, for example, a Common Public Radio Interface (CPRI).
- CPRI Common Public Radio Interface
- the network element in the embodiment of the present invention also includes: instructions or programs stored in the memory 85 and operable on the processor 84, and the processor 84 calls the instructions or programs in the memory 85 to execute the modules shown in FIG. 6 method, and achieve the same technical effect, in order to avoid repetition, it is not repeated here.
- the embodiment of the present application also provides a readable storage medium, the readable storage medium stores a program or an instruction, and when the program or instruction is executed by the processor, each process of the above-mentioned user-related data service processing method embodiment is implemented , and can achieve the same technical effect, in order to avoid repetition, it will not be repeated here.
- the processor is the processor in the terminal described in the foregoing embodiments.
- the readable storage medium includes computer readable storage medium, such as computer read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk, etc.
- the embodiment of the present application further provides a chip, the chip includes a processor and a communication interface, the communication interface is coupled to the processor, and the processor is used to run programs or instructions to realize the above-mentioned user-related data services
- the chip includes a processor and a communication interface
- the communication interface is coupled to the processor
- the processor is used to run programs or instructions to realize the above-mentioned user-related data services
- the chip mentioned in the embodiment of the present application may also be called a system-on-chip, a system-on-chip, a system-on-a-chip, or a system-on-a-chip.
- the embodiment of the present application further provides a computer program product, the computer program product is stored in a non-volatile storage medium, and the computer program product is executed by at least one processor to implement the various processes of the above method embodiments, And can achieve the same technical effect, in order to avoid repetition, no more details here.
- the term “comprising”, “comprising” or any other variation thereof is intended to cover a non-exclusive inclusion such that a process, method, article or apparatus comprising a set of elements includes not only those elements, It also includes other elements not expressly listed, or elements inherent in the process, method, article, or device. Without further limitations, an element defined by the phrase “comprising a " does not preclude the presence of additional identical elements in the process, method, article, or apparatus comprising that element.
- the scope of the methods and devices in the embodiments of the present application is not limited to performing functions in the order shown or discussed, and may also include performing functions in a substantially simultaneous manner or in reverse order according to the functions involved. Functions are performed, for example, the described methods may be performed in an order different from that described, and various steps may also be added, omitted, or combined. Additionally, features described with reference to certain examples may be combined in other examples.
- the methods of the above embodiments can be implemented by means of software plus a necessary general-purpose hardware platform, and of course also by hardware, but in many cases the former is better implementation.
- the technical solution of the present application can be embodied in the form of computer software products, which are stored in a storage medium (such as ROM/RAM, magnetic disk, etc.) , CD-ROM), including several instructions to make a terminal (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) execute the methods described in the various embodiments of the present application.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
本申请公开了一种用户相关的数据服务的处理方法、装置及网元,属于通信技术领域,本申请实施例的方法包括:第一数据面功能获取用户相关的数据服务的用户授权信息;所述第一数据面功能根据所述用户授权信息,执行第一操作,所述第一操作包括以下至少一项:确定是否接受用户相关的数据服务请求;对用户进行鉴权认证和/或安全配置;为用户建立用户级数据服务锚点。
Description
相关申请的交叉引用
本申请主张在2021年09月30日在中国提交的中国专利申请No.202111163445.8的优先权,其全部内容通过引用包含于此。
本申请属于通信技术领域,具体涉及一种用户相关的数据服务的处理方法、装置及网元。
网络数据分析功能(Network Data Analytics Function,NWDAF)是第五代移动通信(5th-Generation,5G)核心网控制面的网络功能之一,其功能仅限于5G核心网控制面网络功能所提供的订阅事件,并不支持核心网用户面、无线接入网和用户设备(User Equipment,UE)的数据收集。并且,现有网络尚不支持用户级的数据服务节点注册,以及用户相关的数据服务的授权,导致用户无法对个人的数字资产应拥有完全的控制权,以及根据个人意愿变现。一方面接口性能和功能设计不支持,另一方面是目前以网络功能为中心进行设计,未考虑差异化的用户级的数据服务需求,且因未标准化数据服务相关的功能导致网元设备并未考虑这部分开销,因此会影响网络性能。
发明内容
本申请实施例提供一种用户相关的数据服务的处理方法、装置及网元,能够解决现有网络不支持用户相关的数据服务的授权与注册的问题。
第一方面,提供了一种用户相关的数据服务的处理方法,包括:
第一数据面功能获取用户相关的数据服务的用户授权信息;
所述第一数据面功能根据所述用户授权信息,执行第一操作,所述第一操作包括以下至少一项:
确定是否接受用户相关的数据服务请求;
对用户进行鉴权认证和/或安全配置;
为用户建立用户级数据服务锚点。
第二方面,提供了一种用户相关的数据服务的处理装置,应用于第一数据面功能,包括:
获取模块,用于获取用户相关的数据服务的用户授权信息;
执行模块,用于根据所述用户授权信息,执行第一操作,所述第一操作包括以下至少一项:
确定是否接受用户相关的数据服务请求;
对用户进行鉴权认证和/或安全配置;
为用户建立用户级数据服务锚点。
第三方面,提供了一种具有第一数据面功能的网元,该网元包括处理器、存储器及存储在所述存储器上并可在所述处理器上运行的程序或指令,所述程序或指令被所述处理器执行时实现如第一方面所述的方法的步骤。
第四方面,提供了一种具有第一数据面功能的网元,包括处理器及通信接口,其中,所述通信接口用于获取用户相关的数据服务的用户授权信息;所述处理器用于根据所述用户授权信息,执行第一操作,所述第一操作包括以下至少一项:确定是否接受用户相关的数据服务请求;对用户进行鉴权认证和/或安全配置;为用户建立用户级数据服务锚点。
第五方面,提供了一种可读存储介质,所述可读存储介质上存储程序或指令,所述程序或指令被处理器执行时实现如第一方面所述的方法的步骤。
第六方面,提供了一种芯片,所述芯片包括处理器和通信接口,所述通信接口和所述处理器耦合,所述处理器用于运行程序或指令,实现如第一方面所述的方法。
第七方面,提供了一种计算机程序产品,所述计算机程序产品被存储在非瞬态的存储介质中,所述计算机程序产品被至少一个处理器执行以实现如第一方面所述的方法的步骤。
第八方面,本申请实施例提供了一种通信设备,所述通信设备被配置成用于执行如第一方面所述的方法。
在本申请实施例中,第一数据面功能根据用户相关的数据服务的用户授权信息,确定是否接受用户相关的数据服务请求,和/或对用户进行鉴权认证和/或安全配置,和/或为用户建立用户级数据服务锚点,从而实现用户相关的数据服务的授权与注册,进而使得用户对个人的数据拥有完全的控制权,包括根据个人意愿的数据变现、根据个人意愿在设置范围内分享数据,并可根据变化对访问权限进行取消或修改。
图1表示本申请实施例可应用的一种无线通信系统的框图;
图2表示本申请实施例提供的用户相关的数据服务的处理方法的步骤流程图;
图3表示本申请实施例提供的示例一的交互示意图;
图4表示本申请实施例提供的示例二的交互示意图;
图5表示本申请实施例提供的示例三的交互示意图;
图6表示本申请实施例提供的用户相关的数据服务的处理装置的结构示意图;
图7表示本申请实施例提供的具有第一数据面功能的网元的结构示意图之一;
图8表示本申请实施例提供的具有第一数据面功能的网元的结构示意图之二。
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员所获得的所有其他实施 例,都属于本申请保护的范围。
本申请的说明书和权利要求书中的术语“第一”、“第二”等是用于区别类似的对象,而不用于描述特定的顺序或先后次序。应该理解这样使用的术语在适当情况下可以互换,以便本申请的实施例能够以除了在这里图示或描述的那些以外的顺序实施,且“第一”、“第二”所区别的对象通常为一类,并不限定对象的个数,例如第一对象可以是一个,也可以是多个。此外,说明书以及权利要求中“和/或”表示所连接对象的至少其中之一,字符“/”一般表示前后关联对象是一种“或”的关系。
值得指出的是,本申请实施例所描述的技术不限于长期演进型(Long Term Evolution,LTE)/LTE的演进(LTE-Advanced,LTE-A)系统,还可用于其他无线通信系统,诸如码分多址(Code Division Multiple Access,CDMA)、时分多址(Time Division Multiple Access,TDMA)、频分多址(Frequency Division Multiple Access,FDMA)、正交频分多址(Orthogonal Frequency Division Multiple Access,OFDMA)、单载波频分多址(Single-carrier Frequency-Division Multiple Access,SC-FDMA)和其他系统。本申请实施例中的术语“系统”和“网络”常被可互换地使用,所描述的技术既可用于以上提及的系统和无线电技术,也可用于其他系统和无线电技术。以下描述出于示例目的描述了新空口(New Radio,NR)系统,并且在以下大部分描述中使用NR术语,但是这些技术也可应用于NR系统应用以外的应用,如第6代(6
th Generation,6G)通信系统。
图1示出本申请实施例可应用的一种无线通信系统的框图。无线通信系统包括终端11和网络侧设备12。其中,终端11可以是手机、平板电脑(Tablet Personal Computer)、膝上型电脑(Laptop Computer)或称为笔记本电脑、个人数字助理(Personal Digital Assistant,PDA)、掌上电脑、上网本、超级移动个人计算机(ultra-mobile personal computer,UMPC)、移动上网装置(Mobile Internet Device,MID)、增强现实(augmented reality,AR)/虚拟现实(virtual reality,VR)设备、机器人、可穿戴式设备(Wearable Device)、车载设备(VUE)、 行人终端(PUE)、智能家居(具有无线通信功能的家居设备,如冰箱、电视、洗衣机或者家具等)等终端侧设备,可穿戴式设备包括:智能手表、智能手环、智能耳机、智能眼镜、智能首饰(智能手镯、智能手链、智能戒指、智能项链、智能脚镯、智能脚链等)、智能腕带、智能服装、游戏机等。网络侧设备12可以是基站或核心网,其中,基站可被称为节点B、演进节点B、接入点、基收发机站(Base Transceiver Station,BTS)、无线电基站、无线电收发机、基本服务集(Basic Service Set,BSS)、扩展服务集(Extended Service Set,ESS)、B节点、演进型B节点(eNB)、家用B节点、家用演进型B节点、无线局域网(Wireless Local Area Network,WLAN)接入点、无线保真(Wireless Fidelity,WiFi)节点、发送接收点(Transmitting Receiving Point,TRP)或所述领域中其他某个合适的术语,只要达到相同的技术效果,所述基站不限于特定技术词汇,需要说明的是,在本申请实施例中仅以NR系统中的基站为例,但是并不限定基站的具体类型。
下面结合附图,通过一些实施例及其应用场景对本申请实施例提供的用户相关的数据服务的处理方法、装置及网元进行详细地说明。
需要说明的是,本申请实施例提供的网络功能,包括但不限于第一功能、第二功能、第三功能、核心网控制面功能、核心网用户面功能、应用功能、无线接入网用户面功能、无线接入网控制面功能中的至少一项,均具有分别对应的网元或节点或单元或模块等,在此不做具体限定。
如图2所示,本申请实施例还提供一种用户相关的数据服务的处理方法,包括:
步骤201,第一数据面功能获取用户相关的数据服务的用户授权信息;
步骤202,所述第一数据面功能根据所述用户授权信息,执行第一操作,所述第一操作包括以下至少一项:
确定是否接受用户相关的数据服务请求;
对用户进行鉴权认证和/或安全配置;
为用户建立用户级数据服务锚点。
作为一个可选实施例,该用户级服务锚点与数据面功能交互用于采集、存储用户授权的数据,以及向用户授权功能提供该用户的数据服务。
作为另一个可选实施例,该用户级数据服务锚点可建立在核心网侧,也可以建立在无线接入网侧,在此不做具体限定。
在本申请的至少一个可选实施例中,所述第一数据面功能包括以下至少一项:
核心网数据面的第一功能;所述第一功能通过与核心网控制面功能、核心网用户面功能、应用功能、无线接入网用户面功能、无线接入网控制面功能、UE、第二功能以及第三功能中的至少一项进行交互,实现数据服务;
无线接入网数据面的二功能;所述第二功能通过与无线接入网控制面功能、无线接入网用户面功能、应用功能、UE、第一功能以及第三功能中的至少一项进行交互,实现数据服务。
可选地,第一功能为核心网网络功能之一,也可以称为核心网数据面功能;第二功能为无线接入网网络功能之一,也可以称为无线接入网数据面功能。
在本申请实施例中,核心网数据面功能或无线接入网数据面功能根据用户相关的数据服务的用户授权信息,确定是否接受用户相关的数据服务请求,和/或对用户进行鉴权认证和/或安全配置,从而实现用户相关的数据服务的授权与注册,进而使得用户对个人的数据拥有完全的控制权,包括根据个人意愿的数据变现、根据个人意愿在设置范围内分享数据,并可根据变化对访问权限进行取消或修改。
作为一个可选实施例,所述用户相关的数据服务包括以下至少一项:
包含用户标识的数据采集;
包含用户标识的数据存储;
包含用户标识的数据访问;
包含用户标识的数据请求。
可选地,其中用户标识可以为:持久性标识,如用户永久标识符 (SUbscription Permanent Identifier,SUPI)、外网IP地址、媒体接入控制(Media Access Control,MAC)地址、内网IP地址、用户隐藏标识符(Subscription Concealed Identifier,SUCI)等;也可以为临时标识,随机接入无线网络临时标识(Random Access-Radio Network Temporary Identifier,RA-RNTI),临时小区无线网络临时标识(Temporary Cell-RNTI,TC-RNTI),小区无线网络临时标识(Cell-RNTI,C-RNTI),半静态调度无线网络临时标识(Configured Scheduling-RNTI,CS-RNTI),调制编码机制小区无线网络临时标识(Modulation and coding scheme-C-RNTI,MCS-C-RNTI)等)。
在本申请的至少一个可选实施例中,所述用户相关的数据服务的用户授权信息包括以下至少一项:
数据服务的授权类型,包括允许或不允许执行用户相关的数据服务,和/或,在用户相关的数据服务到达时询问用户是否允许;
数据服务的授权信息;
数据服务授权的有效时长;
用户数据分级信息;用户根据个人意愿定义不同等级和不同等级所包含的数据。例如定义高、中和低三级和所包含的数据,高级包括以用户手机号码或SUPI标识的数据,即时通信软件如微信的数据等;中级数据为定位数据、感知数据等;低级数据为以无线域ID(C-RNTI)标识的测量数据;
允许网络进行数据服务的数据范围;例如通过上述用户数据分级信息的高、中、低之一,或三者任意组合来表示;
数据采集的配置信息;
数据存储的配置信息;
数据访问的配置信息。
可选地,所述数据采集的配置信息包括以下至少一项:
允许进行数据采集的数据面功能信息;
不同数据面功能可采集到的数据信息;
允许数据采集的时间信息;例如开始时间,和/或结束时间;
允许数据采集的频率信息;例如最大采集频率为1000次/秒。
可选地,所述数据存储的配置信息包括以下至少一项:
允许进行数据存储的数据面功能信息;
不同数据面功能可存储的数据信息;该数据面功能包括:第一功能、第二功能、UE侧的数据面功能中的至少一项:
存储的时间长度;
存储空间信息;例如,存储空间大小;
数据存储的安全要求信息;例如,是否需要分布式存储。
可选地,所述数据访问的配置信息包括以下至少一项:
配置各个网络功能允许访问或获取的数据信息;例如,配置允许哪些网络功能访问或获取哪些数据;
基于授权和/或鉴权的数据访问配置;
是否提供时间序列数据;
是否提供实时数据;实时包括数据采样率和/或从数据产生到数据请求方的时延。如果提供实时数据,那么实时对应的上述时间参数可对应配置或预置对应参数,例如实时数据服务参数为数据采样率每ms(即毫秒)级一个样点,从数据产生到数据请求方时延为10ms量级;
数据安全配置信息;例如,数据水印和/或加密;
允许的数据用途;包括网络优化、用户业务优化、公共服务、数据变现等;
允许数据访问的时间信息;例如开始时间,和/或结束时间;
允许数据采集的频率信息;例如最大采集频率为1000次/秒;
数据访问或服务记录配置;例如运营商记录,多方分布式记账等。
在本申请的至少一个实施例中,步骤201包括以下至少一项:
所述第一数据面功能获取用户相关的数据服务签约信息,所述数据服务签约信息中包括所述用户授权信息;该数据服务签约信息可存储在核心网存储功能(如统一数据管理(Unified Data Management,UDM))中,也可以存 储在具有签约信息存储功能的数据面功能(如核心网数据面功能或无线接入网数据面功能或UE侧数据面功能)中;
所述第一数据面功能获取用户设备UE或应用功能发送的用户相关的数据服务的用户授权信息;
所述第一数据面功能获取无线接入网存储功能存储的用户相关的数据服务的用户授权信息,无线接入网存储功能存储的用户相关的数据服务的用户授权信息由终端或应用功能上报。
在本申请的至少一个可选实施例中,所述第一数据面功能对用户进行鉴权认证和/或安全配置之前,所述方法还包括:
所述第一数据面功能接收用户数据服务锚点的注册请求消息,所述注册请求消息包括以下至少一项:
用户级锚点建立请求信息;用户根据个人意愿请求在核心网或无线接入网建立该用户的数据服务锚点,用于该用户所需的数据采集、存储和数据服务等;
请求注册的用户级锚点的配置信息。
作为一个可选实施例,该请求注册的用户级锚点的配置信息包括以下至少一项:
用户数据分级信息;用户根据个人意愿定义不同等级和不同等级所包含的数据。例如定义高、中和低三级和所包含的数据,高级包括以用户手机号码或SUPI标识的数据,即时通信软件如微信的数据等;中级数据为定位数据、感知数据等;低级数据为以无线域ID(C-RNTI)标识的测量数据;
允许网络进行数据服务的数据范围;例如通过上述用户数据分级信息的高、中、低之一,或三者任意组合来表示;
数据采集的配置信息;
数据存储的配置信息;
数据访问的配置信息。
可选地,所述数据采集的配置信息包括以下至少一项:
允许进行数据采集的数据面功能信息;
不同数据面功能可采集到的数据信息;
允许数据采集的时间信息;例如开始时间,和/或结束时间;
允许数据采集的频率信息;例如最大采集频率为1000次/秒。
可选地,所述数据存储的配置信息包括以下至少一项:
允许进行数据存储的数据面功能信息;
不同数据面功能可存储的数据信息;该数据面功能包括:第一功能、第二功能、UE侧的数据面功能中的至少一项:
存储的时间长度;
存储空间信息;例如,存储空间大小;
数据存储的安全要求信息;例如,是否需要分布式存储。
可选地,所述数据访问的配置信息包括以下至少一项:
配置各个网络功能允许访问或获取的数据信息;例如,配置允许哪些网络功能访问或获取哪些数据;
基于授权和/或鉴权的数据访问配置;
是否提供时间序列数据;
是否提供实时数据;实时包括数据采样率和/或从数据产生到数据请求方的时延。如果提供实时数据,那么实时对应的上述时间参数可对应配置或预置对应参数,例如实时数据服务参数为数据采样率每ms级一个样点,从数据产生到数据请求方时延为10ms量级;
数据安全配置信息;例如,数据水印和/或加密;
允许的数据用途;包括网络优化、用户业务优化、公共服务、数据变现等;
允许数据访问的时间信息;例如开始时间,和/或结束时间;
允许数据采集的频率信息;例如最大采集频率为1000次/秒;
数据访问或服务记录配置;例如运营商记录,多方分布式记账等。
在本申请的至少一个可选实施例中,所述第一数据面功能对用户进行鉴 权认证和/或安全配置之后,所述方法还包括:
在鉴权认证和/或安全配置验证通过的情况下,向终端发送用户数据服务锚点注册接受消息,并为用户建立用户级数据服务锚点。
进一步的,所述方法还包括:
在接收到用户相关的数据服务请求,且所述数据服务请求需要已建立用户数据服务锚点的用户数据的情况下,所述第一数据面功能查询用户数据服务锚点的相关信息确定是否接受用户相关的数据服务请求。
需要说明的是,本申请实施例中无论是否有数据服务消费者向第一数据面功能发送数据服务请求,第一数据面功能均能够根据用户数据服务锚点的配置对用户数据进行采集和存储。当有数据服务消费者请求数据服务时第一数据面功能主要是判断该数据服务消费者是否允许访问其请求的用户数据服务。
在本申请的至少一个实施例中,在所述数据服务的授权类型为:在用户相关的数据服务到达时询问用户是否允许,所述方法还包括:
所述第一数据面功能向终端发送请求信息,所述请求信息用于询问终端是否允许所述数据服务;
所述第一数据面功能接收所述终端发送的请求响应信息,所述请求响应信息包括:允许所述数据服务,或者,不允许所述数据服务。
例如,第一数据面功能可以直接向终端发送该请求信息,或者通过接入和移动性管理功能(Access and Mobility Management Function,AMF)向终端发送该请求信息,或者,通过无线资源控制(Radio Resource Control,RRC)信令发送该请求信息,或通过应用功能AF发送该请求信息。
可选地,所述请求信息包括以下至少一项:
数据服务的描述信息;
包括所请求的数据服务的内容;
数据服务的用途;
数据服务的有效期;
对所请求的数据服务的服务质量要求。
综上,在本申请实施例中,核心网数据面功能或无线接入网数据面功能根据用户相关的数据服务的用户授权信息,确定是否接受用户相关的数据服务请求,和/或对用户进行鉴权认证和/或安全配置,从而实现用户相关的数据服务的授权与注册,进而使得用户对个人的数据拥有完全的控制权,包括根据个人意愿的数据变现、根据个人意愿在设置范围内分享数据,并可根据变化对访问权限进行取消或修改。
为了更清楚的描述本申请实施例提供的用户相关的数据服务的处理方法,下面结合三个示例进行说明。
示例一,基于签约信息的用户服务授权
如图3所示,该系统包括数据服务消费者、第一数据面功能,UDM和UE。其中所述第一数据面功能是核心网数据服务功能或无线接入网数据服务功能,包括数据服务的控制面功能,和/或数据服务的数据面功能,与核心网和/或无线接入网的控制面功能和用户面功能连接。既可集中部署,也可根据场景分布式部署,在此不做具体限定。数据服务消费者可以是应用功能(Application Function,AF)、核心网控制面(Core Network-Control Plane,CN-CP)功能、核心网用户面(Core Network-User Plane,CN-UP)功能、无线接入网功能(如基站(gNB)、集中单元(Centralized Unit,CU)、集中单元控制面(Centralized Unit-Control Plane,CU-CP)、集中单元用户面(Centralized Unit-User Plane,CU-UP)、分布单元(Distributed Unit,DU)等)和UE中的一个或多个。相关步骤如下:
步骤31,第一数据面功能接收数据服务请求,所述数据服务请求包括数据服务的描述,包括以下至少一项:所请求的数据服务的内容,数据服务的用途,数据服务的有效期,对所请求的数据服务的精度、采样频率和时延等服务质量要求。可选地,所述请求中包括UE标识或UE组标识(如网络切片选择辅助信息NSSAI)。
步骤32,如果步骤31的请求中包括UE标识,或第一数据面功能根据所 接收到的数据服务请求判断是否需要进行每个UE(per UE)的数据采集、存储或访问,如果需要,第一功能可决定或向其他功能请求需哪些UE参与;
步骤33,第一数据面功能向UDM请求检查所述相关UE的数据服务签约信息,以了解所述用户的同意信息。可选地,具有用户签约信息存储功能的第一数据面功能对于某些用户可已经知道用户数据服务的签约信息(例如,从以前的请求中获得,或第一数据面功能预先请求所有用户签约信息或允许数据服务的用户签约信息)
步骤34,UDM反馈相应的用户相关的数据服务的用户签约信息;
步骤35,如果用户签约信息中数据服务的授权类型为用户相关的数据服务到达时询问用户是否允许,那么向数据提供者请求是否允许所述数据服务。第一数据面功能可直接向UE发送,或通过AMF发送,或通过无线接入网RRC信令发送,或通过AF发送。所述请求信息中包括以下至少一项:数据服务的描述信息,包括所请求的数据服务的内容,数据服务的用途,数据服务的有效期,对所请求的数据服务的精度、采样频率和时延等服务质量要求中一项或多项。UE响应所述请求信息,包括以下至少一项:允许或不允许所述数据服务。
步骤36,根据步骤34和/或步骤35的交互信息,接受或拒绝所述数据服务请求。
示例二,基于UE和/或应用功能AF的用户服务授权
如图4所示,该系统包括应用功能AF、数据服务消费者、第一数据面功能,UDM和UE。其中所述第一数据面功能是核心网数据服务功能或无线接入网数据服务功能,包括数据服务的控制面功能,和/或数据服务的数据面功能,与核心网和/或无线接入网的控制面功能和用户面功能连接。既可集中部署,也可根据场景分布式部署,在此不做具体限定。数据服务消费者可以是应用功能AF、核心网控制面功能、核心网用户面功能、无线接入网功能(如基站gNB、集中单元CU、集中单元控制面CU-CP、集中单元用户面CU-UP、分布单元DU等)和UE中的一个或多个。
步骤41a,41b,UE和/或AF向网络发送用户相关的数据服务的用户授权信息。其中网络可以为UDM或具有用户授权信息存储功能的数据面功能。UE可通过AMF发送给UDM;或者,UE可直接向数据面功能发送,或通过AMF发送,或通过无线接入网RRC信令发送。AF可通过网络开放功能(Network Exposure Function,NEF)或直接发送给数据面功能或UDM。
一种实施方式中,如果UE或AF所发送的授权信息与签约信息不一致,那么网络可以根据所收到的用户数据服务授权信息覆盖所述用户数据服务签约信息。
另一种实施方式中,如果UE或AF所发送端授权信息与签约信息互为补充,网络同时保存所示收到的用户数据服务授权信息,和所述用户数据服务签约信息。
另一种实施方式中,如果网络中不存在所述用户数据服务签约信息,网络可保存用户的数据服务授权信息,并存入UDM作为UE的临时签约信息。
步骤42,第一数据面功能接收数据服务请求,所述数据服务请求包括数据服务的描述,包括以下至少一项:所请求的数据服务的内容,数据服务的用途,数据服务的有效期,对所请求的数据服务的精度、采样频率和时延等服务质量要求。可选地,所述请求中包括UE标识或UE组标识(如网络切片选择辅助信息NSSAI)。
步骤43,如果步骤42的请求中包括UE标识,或第一数据面功能根据所接收到的数据服务请求判断是否需要进行per UE的数据采集、存储或访问,如果需要,第一功能可决定或向其他功能请求需哪些UE参与;
步骤44,第一数据面功能向UDM请求检查所述相关UE的数据服务签约信息,以了解所述用户的同意信息。可选地,具有用户签约信息存储功能的第一数据面功能对于某些用户可已经知道用户数据服务的签约信息(例如,从以前的请求中获得,或第一数据面功能预先请求所有用户签约信息或允许数据服务的用户签约信息);
步骤45,UDM反馈相应的用户相关的数据服务的用户签约信息;
步骤46,如果用户签约信息中数据服务的授权类型为用户相关的数据服务到达时询问用户是否允许,那么向数据提供者请求是否允许所述数据服务。第一数据面功能可直接向UE发送,或通过AMF发送,或通过无线接入网RRC信令发送,或通过AF发送。所述请求信息中包括以下至少一项:数据服务的描述信息,包括所请求的数据服务的内容,数据服务的用途,数据服务的有效期,对所请求的数据服务的精度、采样频率和时延等服务质量要求中一项或多项。UE响应所述请求信息,包括以下至少一项:允许或不允许所述数据服务。
步骤47,根据步骤45和/或步骤46的交互信息,接受或拒绝所述数据服务请求。
示例三,用户数据服务锚点的注册
如图5所示为用户数据服务锚点的注册方案,所述用户服务锚点是指可提供用户数据采集、存储或数据访问/获取服务的功能。该系统包括数据服务消费者、第一数据面功能、(无线)接入网功能((R)AN)、用户级数据服务锚点以及UE。相关步骤如下:
步骤51,UE向网络发送用户数据服务锚点的注册请求信息;
步骤52,无线接入网络根据用户提供的用户标识和/或用户数据服务锚点注册信息(如实时性和安全等)选择数据服务功能;
一种实施方式中,无线接入网选择了核心网某一数据服务功能;
另一种实施方式中,无线接入网选择了无线接入网的某一数据服务功能,该无线接入网的数据服务功能负责无线接入网的数据采集、存储和访问等。
步骤53,无线接入网络向所选择的第一数据服务功能发送所述注册请求。如果该数据服务功能为核心网功能之一,可通过AMF发送或直接发送给第一数据面功能;
步骤54,第一数据面功能根据数据服务的用户授权信息,进行鉴权认证和安全配置。所述用于授权信息可基于签约信息和/或用户数据服务授权信息,示例一和二已阐述,在此不再赘述。
步骤55,如果上述鉴权认证和安全配置验证通过,向UE发送数据锚点注册接受消息。
步骤56,如果该数据服务锚点注册成功,那么第一数据面功能则根据用户对数据锚点的注册信息,为用户建立用户级数据服务锚点;并向相关数据提供功能采集该用户的数据,并根据配置保存在该用户的数据服务锚点上。
步骤57,可选地,如果用户数据服务锚点可提供用户数据服务,数据消费者发送数据服务请求;
步骤58,第一数据功能判断该数据服务请求需要已建立的用户级数据服务锚点的数据;
步骤59,第一数据面功能与用户级数据服务锚点交互数据服务请求与响应,判断该请求是否允许。
步骤60,根据步骤59的信息接受或拒绝该数据服务请求。
在本示例中无论是否有数据服务消费者向第一数据面功能请求数据服务,第一数据面功能根据用户数据服务锚点的配置都在对用户数据进行采集和存储。当有数据服务消费者请求数据时主要是判断该数据服务消费这是否允许访问其请求的用户数据服务。
需要说明的是,本申请实施例提供的用户相关的数据服务的处理方法,执行主体可以为用户相关的数据服务的处理装置,或者,该用户相关的数据服务的处理装置中的用于执行用户相关的数据服务的处理方法的控制模块。本申请实施例中以用户相关的数据服务的处理装置执行用户相关的数据服务的处理方法为例,说明本申请实施例提供的用户相关的数据服务的处理装置。
如图6所示,本申请实施例还提供一种用户相关的数据服务的处理装置600,应用于第一数据面功能,包括:
获取模块601,用于获取用户相关的数据服务的用户授权信息;
执行模块602,用于根据所述用户授权信息,执行第一操作,所述第一操作包括以下至少一项:
确定是否接受用户相关的数据服务请求;
对用户进行鉴权认证和/或安全配置;
为用户建立用户级数据服务锚点。
作为一个可选实施例,所述第一数据面功能包括以下至少一项:
核心网数据面的第一功能;
无线接入网数据面的二功能。
作为一个可选实施例,所述用户相关的数据服务的用户授权信息包括以下至少一项:
数据服务的授权类型;
数据服务的授权信息;
数据服务授权的有效时长;
用户数据分级信息;
允许网络进行数据服务的数据范围;
数据采集的配置信息;
数据存储的配置信息;
数据访问的配置信息。
作为一个可选实施例,所述用户相关的数据服务包括以下至少一项:
包含用户标识的数据采集;
包含用户标识的数据存储;
包含用户标识的数据访问;
包含用户标识的数据请求。
作为一个可选实施例,所述获取模块包括以下至少一项:
第一获取子模块,用于获取用户相关的数据服务签约信息,所述数据服务签约信息中包括所述用户授权信息;
第二获取子模块,用于获取终端或应用功能发送的用户相关的数据服务的用户授权信息;
第三获取子模块,用于获取无线接入网存储功能存储的用户相关的数据服务的用户授权信息,无线接入网存储功能存储的用户相关的数据服务的用 户授权信息由终端或应用功能上报。
作为一个可选实施例,所述装置还包括:
第一接收模块,用于接收用户数据服务锚点的注册请求消息,所述注册请求消息包括以下至少一项:
用户级锚点建立请求信息;
请求注册的用户级锚点的配置信息。
作为一个可选实施例,所述请求注册的用户级锚点的配置信息包括以下至少一项:
用户数据分级信息;
允许网络进行数据服务的数据范围;
数据采集的配置信息;
数据存储的配置信息;
数据访问的配置信息。
作为一个可选实施例,所述数据采集的配置信息包括以下至少一项:
允许进行数据采集的数据面功能信息;
不同数据面功能可采集到的数据信息;
允许数据采集的时间信息;
允许数据采集的频率信息。
作为一个可选实施例,所述数据存储的配置信息包括以下至少一项:
允许进行数据存储的数据面功能信息;
不同数据面功能可存储的数据信息;
存储的时间长度;
存储空间信息;
数据存储的安全要求信息。
作为一个可选实施例,所述数据访问的配置信息包括以下至少一项:
配置各个网络功能允许访问或获取的数据信息;
基于授权和/或鉴权的数据访问配置;
是否提供时间序列数据;
是否提供实时数据;
数据安全配置信息;
允许的数据用途;
允许数据访问的时间信息;
允许数据采集的频率信息;
数据访问或服务记录配置。
作为一个可选实施例,在所述数据服务的授权类型为:在用户相关的数据服务到达时询问用户是否允许,所述装置还包括:
第一发送模块,用于向终端发送请求信息,所述请求信息用于询问终端是否允许所述数据服务;
第二接收模块,用于接收所述终端发送的请求响应信息,所述请求响应信息包括:允许所述数据服务,或者,不允许所述数据服务。
作为一个可选实施例,所述请求信息包括以下至少一项:
数据服务的描述信息;
包括所请求的数据服务的内容;
数据服务的用途;
数据服务的有效期;
对所请求的数据服务的服务质量要求。
作为一个可选实施例,所述装置还包括:
第二发送模块,用于在鉴权认证和/或安全配置验证通过的情况下,向终端发送用户数据服务锚点注册接受消息,并为用户建立用户级数据服务锚点。
作为一个可选实施例,所述装置还包括:
确定模块,用于在接收到用户相关的数据服务请求,且所述数据服务请求需要已建立用户数据服务锚点的用户数据的情况下,查询用户数据服务锚点的相关信息确定是否接受用户相关的数据服务请求。
在本申请实施例中,核心网数据面功能或无线接入网数据面功能根据用 户相关的数据服务的用户授权信息,确定是否接受用户相关的数据服务请求,和/或对用户进行鉴权认证和/或安全配置,从而实现用户相关的数据服务的授权与注册,进而使得用户对个人的数据拥有完全的控制权,包括根据个人意愿的数据变现、根据个人意愿在设置范围内分享数据,并可根据变化对访问权限进行取消或修改。
需要说明的是,本申请实施例提供的用户相关的数据服务的处理装置是能够执行上述用户相关的数据服务的处理方法的装置,则上述用户相关的数据服务的处理方法的实施例均适用于该装置,且均能达到相同或相似的有益效果。
本申请实施例中的用户相关的数据服务的处理装置可以是装置,具有操作系统的装置或电子设备,也可以是终端中的部件、集成电路、或芯片。该装置或电子设备可以是移动终端,也可以为非移动终端。示例性的,移动终端可以包括但不限于上述所列举的终端11的类型,非移动终端可以为服务器、网络附属存储器(Network Attached Storage,NAS)、个人计算机(personal computer,PC)、电视机(television,TV)、柜员机或者自助机等,本申请实施例不作具体限定。
本申请实施例提供的用户相关的数据服务的处理装置能够实现图1至图5的方法实施例实现的各个过程,并达到相同的技术效果,为避免重复,这里不再赘述。
可选的,如图7所示,本申请实施例还提供一种具有第一数据面功能的网元700,包括处理器701,存储器702,存储在存储器702上并可在所述处理器701上运行的程序或指令,该程序或指令被处理器701执行时实现上述用户相关的数据服务的处理方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。
本申请实施例还提供一种具有第一数据面功能的网元,包括处理器及通信接口,其中,所述通信接口用于获取用户相关的数据服务的用户授权信息;所述处理器用于根据所述用户授权信息,执行第一操作,所述第一操作包括 以下至少一项:确定是否接受用户相关的数据服务请求;对用户进行鉴权认证和/或安全配置;为用户建立用户级数据服务锚点。该网元实施例是与上述网元方法实施例对应的,上述方法实施例的各个实施过程和实现方式均可适用于该网元实施例中,且能达到相同的技术效果。
具体地,本申请实施例还提供了一种网元。如图8所示,该网元800包括:天线81、射频装置82、基带装置83。天线81与射频装置82连接。在上行方向上,射频装置82通过天线81接收信息,将接收的信息发送给基带装置83进行处理。在下行方向上,基带装置83对要发送的信息进行处理,并发送给射频装置82,射频装置82对收到的信息进行处理后经过天线81发送出去。
上述频带处理装置可以位于基带装置83中,以上实施例中网元执行的方法可以在基带装置83中实现,该基带装置83包括处理器84和存储器85。
基带装置83例如可以包括至少一个基带板,该基带板上设置有多个芯片,如图8所示,其中一个芯片例如为处理器84,与存储器85连接,以调用存储器85中的程序,执行以上方法实施例中所示的网络设备操作。
该基带装置83还可以包括网络接口86,用于与射频装置82交互信息,该接口例如为通用公共无线接口(Common Public Radio Interface,CPRI)。
具体地,本发明实施例的网元还包括:存储在存储器85上并可在处理器84上运行的指令或程序,处理器84调用存储器85中的指令或程序执行图6所示各模块执行的方法,并达到相同的技术效果,为避免重复,故不在此赘述。
本申请实施例还提供一种可读存储介质,所述可读存储介质上存储有程序或指令,该程序或指令被处理器执行时实现上述用户相关的数据服务的处理方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。
其中,所述处理器为上述实施例中所述的终端中的处理器。所述可读存储介质,包括计算机可读存储介质,如计算机只读存储器(Read-Only Memory, ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等。
本申请实施例另提供了一种芯片,所述芯片包括处理器和通信接口,所述通信接口和所述处理器耦合,所述处理器用于运行程序或指令,实现上述用户相关的数据服务的处理方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。
应理解,本申请实施例提到的芯片还可以称为系统级芯片,系统芯片,芯片系统或片上系统芯片等。
本申请实施例另提供了一种计算机程序产品,所述计算机程序产品被存储在非易失的存储介质中,所述计算机程序产品被至少一个处理器执行以实现上述方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。
需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。此外,需要指出的是,本申请实施方式中的方法和装置的范围不限按示出或讨论的顺序来执行功能,还可包括根据所涉及的功能按基本同时的方式或按相反的顺序来执行功能,例如,可以按不同于所描述的次序来执行所描述的方法,并且还可以添加、省去、或组合各种步骤。另外,参照某些示例所描述的特征可在其他示例中被组合。
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分可以以计算机软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁 碟、光盘)中,包括若干指令用以使得一台终端(可以是手机,计算机,服务器,空调器,或者网络设备等)执行本申请各个实施例所述的方法。
上面结合附图对本申请的实施例进行了描述,但是本申请并不局限于上述的具体实施方式,上述的具体实施方式仅仅是示意性的,而不是限制性的,本领域的普通技术人员在本申请的启示下,在不脱离本申请宗旨和权利要求所保护的范围情况下,还可做出很多形式,均属于本申请的保护之内。
Claims (34)
- 一种用户相关的数据服务的处理方法,包括:第一数据面功能获取用户相关的数据服务的用户授权信息;所述第一数据面功能根据所述用户授权信息,执行第一操作,所述第一操作包括以下至少一项:确定是否接受用户相关的数据服务请求;对用户进行鉴权认证和/或安全配置;为用户建立用户级数据服务锚点。
- 根据权利要求1所述的方法,其中,所述第一数据面功能包括以下至少一项:核心网数据面的第一功能;无线接入网数据面的二功能。
- 根据权利要求1所述的方法,其中,所述用户相关的数据服务的用户授权信息包括以下至少一项:数据服务的授权类型;数据服务的授权信息;数据服务授权的有效时长;用户数据分级信息;允许网络进行数据服务的数据范围;数据采集的配置信息;数据存储的配置信息;数据访问的配置信息。
- 根据权利要求1所述的方法,其中,所述用户相关的数据服务包括以下至少一项:包含用户标识的数据采集;包含用户标识的数据存储;包含用户标识的数据访问;包含用户标识的数据请求。
- 根据权利要求1所述的方法,其中,所述第一数据面功能获取用户相关的数据服务的用户授权信息,包括以下至少一项:所述第一数据面功能获取用户相关的数据服务签约信息,所述数据服务签约信息中包括所述用户授权信息;所述第一数据面功能获取用户设备UE或应用功能发送的用户相关的数据服务的用户授权信息;所述第一数据面功能获取无线接入网存储功能存储的用户相关的数据服务的用户授权信息,无线接入网存储功能存储的用户相关的数据服务的用户授权信息由终端或应用功能上报。
- 根据权利要求1所述的方法,其中,所述第一数据面功能对用户进行鉴权认证和/或安全配置,和/或,所述第一数据面功能为用户建立用户级数据服务锚点之前,所述方法还包括:所述第一数据面功能接收用户数据服务锚点的注册请求消息,所述注册请求消息包括以下至少一项:用户级锚点建立请求信息;请求注册的用户级锚点的配置信息。
- 根据权利要求6所述的方法,其中,所述请求注册的用户级锚点的配置信息包括以下至少一项:用户数据分级信息;允许网络进行数据服务的数据范围;数据采集的配置信息;数据存储的配置信息;数据访问的配置信息。
- 根据权利要求2或7所述的方法,其中,所述数据采集的配置信息包括以下至少一项:允许进行数据采集的数据面功能信息;不同数据面功能可采集到的数据信息;允许数据采集的时间信息;允许数据采集的频率信息。
- 根据权利要求2或7所述的方法,其中,所述数据存储的配置信息包括以下至少一项:允许进行数据存储的数据面功能信息;不同数据面功能可存储的数据信息;存储的时间长度;存储空间信息;数据存储的安全要求信息。
- 根据权利要求2或7所述的方法,其中,所述数据访问的配置信息包括以下至少一项:配置各个网络功能允许访问或获取的数据信息;基于授权和/或鉴权的数据访问配置;是否提供时间序列数据;是否提供实时数据;数据安全配置信息;允许的数据用途;允许数据访问的时间信息;允许数据采集的频率信息;数据访问或服务记录配置。
- 根据权利要求3所述的方法,其中,在所述数据服务的授权类型为:在用户相关的数据服务到达时询问用户是否允许,所述方法还包括:所述第一数据面功能向终端发送请求信息,所述请求信息用于询问终端是否允许所述数据服务;所述第一数据面功能接收所述终端发送的请求响应信息,所述请求响应 信息包括:允许所述数据服务,或者,不允许所述数据服务。
- 根据权利要求11所述的方法,其中,所述请求信息包括以下至少一项:数据服务的描述信息;包括所请求的数据服务的内容;数据服务的用途;数据服务的有效期;对所请求的数据服务的服务质量要求。
- 根据权利要求6所述的方法,其中,所述第一数据面功能对用户进行鉴权认证和/或安全配置之后,所述方法还包括:在鉴权认证和/或安全配置验证通过的情况下,向终端发送用户数据服务锚点注册接受消息,并为用户建立用户级数据服务锚点。
- 根据权利要求13所述的方法,其中,所述方法还包括:在接收到用户相关的数据服务请求,且所述数据服务请求需要已建立用户数据服务锚点的用户数据的情况下,所述第一数据面功能查询用户数据服务锚点的相关信息确定是否接受用户相关的数据服务请求。
- 一种用户相关的数据服务的处理装置,应用于第一数据面功能,所述装置包括:获取模块,用于获取用户相关的数据服务的用户授权信息;执行模块,用于根据所述用户授权信息,执行第一操作,所述第一操作包括以下至少一项:确定是否接受用户相关的数据服务请求;对用户进行鉴权认证和/或安全配置;为用户建立用户级数据服务锚点。
- 根据权利要求15所述的装置,其中,所述第一数据面功能包括以下至少一项:核心网数据面的第一功能;无线接入网数据面的二功能。
- 根据权利要求15所述的装置,其中,所述用户相关的数据服务的用户授权信息包括以下至少一项:数据服务的授权类型;数据服务的授权信息;数据服务授权的有效时长;用户数据分级信息;允许网络进行数据服务的数据范围;数据采集的配置信息;数据存储的配置信息;数据访问的配置信息。
- 根据权利要求15所述的装置,其中,所述用户相关的数据服务包括以下至少一项:包含用户标识的数据采集;包含用户标识的数据存储;包含用户标识的数据访问;包含用户标识的数据请求。
- 根据权利要求15所述的装置,其中,所述获取模块包括以下至少一项:第一获取子模块,用于获取用户相关的数据服务签约信息,所述数据服务签约信息中包括所述用户授权信息;第二获取子模块,用于获取终端或应用功能发送的用户相关的数据服务的用户授权信息;第三获取子模块,用于获取无线接入网存储功能存储的用户相关的数据服务的用户授权信息,无线接入网存储功能存储的用户相关的数据服务的用户授权信息由终端或应用功能上报。
- 根据权利要求15所述的装置,所述装置还包括:第一接收模块,用于接收用户数据服务锚点的注册请求消息,所述注册请求消息包括以下至少一项:用户级锚点建立请求信息;请求注册的用户级锚点的配置信息。
- 根据权利要求20所述的装置,其中,所述请求注册的用户级锚点的配置信息包括以下至少一项:用户数据分级信息;允许网络进行数据服务的数据范围;数据采集的配置信息;数据存储的配置信息;数据访问的配置信息。
- 根据权利要求16或21所述的装置,其中,所述数据采集的配置信息包括以下至少一项:允许进行数据采集的数据面功能信息;不同数据面功能可采集到的数据信息;允许数据采集的时间信息;允许数据采集的频率信息。
- 根据权利要求16或21所述的装置,其中,所述数据存储的配置信息包括以下至少一项:允许进行数据存储的数据面功能信息;不同数据面功能可存储的数据信息;存储的时间长度;存储空间信息;数据存储的安全要求信息。
- 根据权利要求16或21所述的装置,其中,所述数据访问的配置信息包括以下至少一项:配置各个网络功能允许访问或获取的数据信息;基于授权和/或鉴权的数据访问配置;是否提供时间序列数据;是否提供实时数据;数据安全配置信息;允许的数据用途;允许数据访问的时间信息;允许数据采集的频率信息;数据访问或服务记录配置。
- 根据权利要求17所述的装置,其中,在所述数据服务的授权类型为:在用户相关的数据服务到达时询问用户是否允许,所述装置还包括:第一发送模块,用于向终端发送请求信息,所述请求信息用于询问终端是否允许所述数据服务;第二接收模块,用于接收所述终端发送的请求响应信息,所述请求响应信息包括:允许所述数据服务,或者,不允许所述数据服务。
- 根据权利要求25所述的装置,其中,所述请求信息包括以下至少一项:数据服务的描述信息;包括所请求的数据服务的内容;数据服务的用途;数据服务的有效期;对所请求的数据服务的服务质量要求。
- 根据权利要求20所述的装置,所述装置还包括:第二发送模块,用于在鉴权认证和/或安全配置验证通过的情况下,向终端发送用户数据服务锚点注册接受消息,并为用户建立用户级数据服务锚点。
- 根据权利要求27所述的装置,所述装置还包括:确定模块,用于在接收到用户相关的数据服务请求,且所述数据服务请求需要已建立用户数据服务锚点的用户数据的情况下,查询用户数据服务锚 点的相关信息确定是否接受用户相关的数据服务请求。
- 一种具有第一数据面功能的网元,包括处理器,存储器及存储在所述存储器上并可在所述处理器上运行的程序或指令,所述程序或指令被所述处理器执行时实现如权利要求1至14任一项所述的用户相关的数据服务的处理方法的步骤。
- 一种具有第一数据面功能的网元,包括处理器及通信接口,其中,所述通信接口用于获取用户相关的数据服务的用户授权信息;所述处理器用于根据所述用户授权信息,执行第一操作,所述第一操作包括以下至少一项:确定是否接受用户相关的数据服务请求;对用户进行鉴权认证和/或安全配置;为用户建立用户级数据服务锚点。
- 一种可读存储介质,所述可读存储介质上存储程序或指令,所述程序或指令被处理器执行时实现如权利要求1至14任一项所述的用户相关的数据服务的处理方法的步骤。
- 一种芯片,包括处理器和通信接口,所述通信接口和所述处理器耦合,所述处理器用于运行程序或指令,实现如权利要求1至14中任一项所述的方法。
- 一种计算机程序产品,所述计算机程序产品被存储在非易失的存储介质中,所述计算机程序产品被至少一个处理器执行以实现如权利要求1至14中任一项所述的方法。
- 一种通信设备,所述通信设备被配置成用于执行如权利要求1至14中任一项所述的方法。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP22874787.9A EP4412271A4 (en) | 2021-09-30 | 2022-09-23 | METHOD AND DEVICE FOR PROCESSING USER-RELATED DATA SERVICES AND NETWORK ELEMENT |
US18/621,525 US20240244431A1 (en) | 2021-09-30 | 2024-03-29 | Method and apparatus for processing user-related data service and network element |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111163445.8 | 2021-09-30 | ||
CN202111163445.8A CN115915127A (zh) | 2021-09-30 | 2021-09-30 | 用户相关的数据服务的处理方法、装置及网元 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US18/621,525 Continuation US20240244431A1 (en) | 2021-09-30 | 2024-03-29 | Method and apparatus for processing user-related data service and network element |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2023051401A1 true WO2023051401A1 (zh) | 2023-04-06 |
Family
ID=85767786
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2022/120854 WO2023051401A1 (zh) | 2021-09-30 | 2022-09-23 | 用户相关的数据服务的处理方法、装置及网元 |
Country Status (4)
Country | Link |
---|---|
US (1) | US20240244431A1 (zh) |
EP (1) | EP4412271A4 (zh) |
CN (1) | CN115915127A (zh) |
WO (1) | WO2023051401A1 (zh) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110621032A (zh) * | 2019-09-27 | 2019-12-27 | 腾讯科技(深圳)有限公司 | 一种通信的方法、相关装置及设备 |
CN111614767A (zh) * | 2020-05-22 | 2020-09-01 | 中国联合网络通信集团有限公司 | 一种数据存储方法及装置 |
CN112437456A (zh) * | 2020-12-07 | 2021-03-02 | 中国联合网络通信集团有限公司 | 一种非公共网络中的通信方法及设备 |
CN112910969A (zh) * | 2017-02-28 | 2021-06-04 | 华为技术有限公司 | 一种业务管理方法及其装置 |
US20210184989A1 (en) * | 2020-03-04 | 2021-06-17 | Geng Wu | Data-centric service-based network architecture |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3934203A1 (en) * | 2016-12-30 | 2022-01-05 | INTEL Corporation | Decentralized data storage and processing for iot devices |
-
2021
- 2021-09-30 CN CN202111163445.8A patent/CN115915127A/zh active Pending
-
2022
- 2022-09-23 EP EP22874787.9A patent/EP4412271A4/en active Pending
- 2022-09-23 WO PCT/CN2022/120854 patent/WO2023051401A1/zh unknown
-
2024
- 2024-03-29 US US18/621,525 patent/US20240244431A1/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112910969A (zh) * | 2017-02-28 | 2021-06-04 | 华为技术有限公司 | 一种业务管理方法及其装置 |
CN110621032A (zh) * | 2019-09-27 | 2019-12-27 | 腾讯科技(深圳)有限公司 | 一种通信的方法、相关装置及设备 |
US20210184989A1 (en) * | 2020-03-04 | 2021-06-17 | Geng Wu | Data-centric service-based network architecture |
CN111614767A (zh) * | 2020-05-22 | 2020-09-01 | 中国联合网络通信集团有限公司 | 一种数据存储方法及装置 |
CN112437456A (zh) * | 2020-12-07 | 2021-03-02 | 中国联合网络通信集团有限公司 | 一种非公共网络中的通信方法及设备 |
Also Published As
Publication number | Publication date |
---|---|
CN115915127A (zh) | 2023-04-04 |
EP4412271A1 (en) | 2024-08-07 |
US20240244431A1 (en) | 2024-07-18 |
EP4412271A4 (en) | 2024-10-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112423301B (zh) | 专网注册管理方法和amf网元 | |
WO2023051401A1 (zh) | 用户相关的数据服务的处理方法、装置及网元 | |
WO2020254925A1 (en) | Policy-based authorization for indirect communications between network functions in a communication system | |
WO2024083045A1 (zh) | 鉴权确定方法、鉴权方法、装置及节点 | |
WO2023051405A1 (zh) | 数据服务系统 | |
WO2024083040A1 (zh) | 感知鉴权方法、装置及节点 | |
WO2023185725A1 (zh) | 数据获取方法、装置及网络侧设备 | |
WO2024120285A1 (zh) | 信息传输方法、装置、终端及网络侧设备 | |
WO2023169473A1 (zh) | 业务处理方法、装置、通信设备及可读存储介质 | |
WO2024120352A1 (zh) | 通信方法、终端及核心网功能 | |
CN115190105B (zh) | 信息处理方法、装置和通信设备 | |
WO2023216960A1 (zh) | 数据处理方法、装置、核心网节点、电子设备和存储介质 | |
CN117692982A (zh) | 路由选择策略执行情况处理方法、装置及设备 | |
WO2024146315A1 (zh) | 通信方法和通信装置 | |
WO2024120353A1 (zh) | 通信方法、终端及核心网功能 | |
WO2024098323A1 (zh) | 一种通过托管网络提供本地化服务的方法及其装置 | |
WO2023179672A1 (zh) | 用户面功能网元确定方法及装置 | |
WO2024065706A1 (zh) | 一种构建连接的方法及装置 | |
WO2023179571A1 (zh) | 非公共网络接入方法、装置及终端 | |
CN117241230A (zh) | Ims服务获取方法、终端及网络侧设备 | |
CN116566949A (zh) | Ip地址分配方法、设备及可读存储介质 | |
CN116847328A (zh) | 用户面功能网元确定方法及装置 | |
CN118301068A (zh) | 会话路由配置的方法、装置及设备 | |
CN116828444A (zh) | 信息获取方法及装置 | |
CN117633851A (zh) | 设备关联方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 22874787 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 2022874787 Country of ref document: EP Effective date: 20240430 |