WO2023083174A1

WO2023083174A1 - Subscription update method and device, network element, and medium

Info

Publication number: WO2023083174A1
Application number: PCT/CN2022/130604
Authority: WO
Inventors: 李欢; 柯小婉
Original assignee: 维沃移动通信有限公司
Priority date: 2021-11-10
Filing date: 2022-11-08
Publication date: 2023-05-19
Also published as: CN116112925A

Abstract

The present application relates to the technical field of communications, and discloses a subscription update method and device, a network element, and a medium. The subscription update method in embodiments of the present application comprises: a unified data network element receives a certificate pushing success indication, the certificate pushing success indication being used for indicating that a certificate corresponding to a target service parameter has been successfully pushed to a target terminal; and the unified data network element enables the target service parameter during subscription of the target terminal.

Description

Method, device, network element and medium for subscription renewal

Cross References to Related Applications

This application claims priority to Chinese Patent Application No. 202111327554.9 filed in China on November 10, 2021, the entire contents of which are hereby incorporated by reference.

technical field

The present application belongs to the technical field of communication, and in particular relates to a method, device, network element and medium for subscription renewal.

Background technique

After the terminal registers to the 5G core network, it can use the data network name (Data Network Name, DNN) and/or single network slice selection assistance information (S-Network Slice Selection Assistance Information S-NSSAI) to establish a PDU session. Some DNNs need to perform secondary authentication, that is, when a terminal establishes a protocol data unit (Protocol Data Unit, PDU) session of the DNN, it needs to provide credential information to authenticate the terminal through the authentication server in the DNN. Some S-NSSAI require Network Slice-Specific Authentication and Authorization (NSSAA, Network Slice-Specific Authentication and Authorization), that is, when the terminal requests the S-NSSAI, it needs to provide the credential information related to the slice to pass the corresponding authentication of the S-NSSAI right.

In related technologies, the push server (Provisioning Server, PVS) can automatically push the credential information of business parameters (for example, the credential used for the second authentication of DNN, or the credential information used for network slicing authentication). sent to the terminal. Subsequently, the terminal may request the network to use the service parameter. However, if the subscription data of the terminal in the network is not updated in time, the network will still reject the terminal's request for the service parameter, thus causing the terminal to be unable to use the corresponding service.

Contents of the invention

The embodiments of the present application provide a subscription renewal method, device, network element and medium, which enable target service parameters by updating the subscription data of the terminal, so as to solve the problem of timely renewal of the terminal subscription existing in related technologies.

In the first aspect, a method for updating a subscription is provided, the method comprising: a unified data network element receives an indication of successful credential push; the successful push indication of credential is used to indicate that the credential corresponding to the target service parameter has been successfully pushed to the target A terminal: the unified data network element enables the target service parameter in the subscription of the target terminal.

In a second aspect, a device for updating a subscription is provided, which includes: a receiving module configured to receive an indication of a successful credential push; the successful credential push indication is used to indicate that the credential corresponding to the target service parameter has been successfully pushed to The target terminal; an execution module, configured to enable the target service parameter in the subscription of the target terminal.

In a third aspect, a method for updating a subscription is provided. The method includes: a server sends an indication of a successful credential push to a unified data network element; wherein the successful credential push indication is used to indicate that the credential corresponding to the target service parameter has Successfully pushed to the target terminal.

In a fourth aspect, a device for updating a subscription is provided, which includes: a sending module, configured to send an indication of a successful credential push to a unified data network element; wherein, the successful push of a credential is used to indicate: the target service parameter The corresponding credentials have been successfully pushed to the target terminal.

According to the fifth aspect, a method for updating a contract is provided, the method comprising: an open network element obtains an indication of successfully pushing a credential; the open network element sends the indication of successfully pushing the credential to a unified data network element; wherein, the The credential push success indication is used to indicate that the credential corresponding to the target service parameter has been successfully pushed to the target terminal.

According to the sixth aspect, a device for updating a subscription is provided, which includes: an execution module, configured to obtain a certificate success push indication; a sending module, configured to send the certificate success certificate obtained by the execution module to a unified data network element. Push indication; wherein, the credential success push indication is used to indicate that the credential corresponding to the target service parameter has been successfully pushed to the target terminal.

In a seventh aspect, a method for updating a subscription is provided, the method comprising: a policy control network element acquires a destination address of a target terminal, where the destination address includes the IP address of the target terminal or the media access control (MAC) address of the target terminal (Medium Access Control, MAC) address; the policy control network element determines the second terminal identifier corresponding to the target address; the policy control network element sends the second terminal identifier to the network open network element or unified data network element A terminal identifier; wherein, the second terminal identifier is used to update the subscription of the terminal indicated by the second terminal identifier.

According to an eighth aspect, there is provided a device for updating a subscription, which includes: an execution module configured to obtain a destination address of a target terminal, where the destination address includes the IP address of the target terminal or the MAC address of the target terminal; An execution module, configured to determine the second terminal identifier corresponding to the target address received by the receiving module; a transmission module, further configured to send the second terminal identifier to the network open network element or unified data network element; Wherein, the second terminal identifier is used to update the subscription of the terminal indicated by the second terminal identifier.

In a ninth aspect, a network side device is provided, the terminal includes a processor, a memory, and a program or instruction stored in the memory and operable on the processor, and the program or instruction is executed by the processor When executed, the steps of the method described in the first aspect are realized.

In the tenth aspect, a network side device is provided, which is a unified data network element, including a processor and a communication interface, wherein: the communication interface is used to receive an indication of successful credential push; the indication of successful credential push is used to indicate : The certificate corresponding to the target service parameter has been successfully pushed to the target terminal; the processor is configured to enable the target service parameter in the subscription of the target terminal.

In an eleventh aspect, a network side device is provided, the network side device is a server, and includes a processor and a communication interface, wherein: the communication interface is used to send a certificate push indication to a unified data network element; wherein, the certificate success The push indication is used to indicate that: the voucher corresponding to the target service parameter has been successfully pushed to the target terminal.

In the twelfth aspect, a network side device is provided, the network side device is an open network element, including a processor and a communication interface, wherein: the processor is used to obtain the certificate push indication; the communication interface is used to send the unified data network element Sending the successful credential pushing indication; wherein, the credential successful pushing indication is used to indicate that the credential corresponding to the target service parameter has been successfully pushed to the target terminal.

In a thirteenth aspect, a network side device is provided, the network side device is a policy control network element, including a processor and a communication interface, wherein: the communication interface is used to receive the destination address of the target terminal from the network open network element, so The destination address includes the IP address of the target terminal or the MAC address of the target terminal; the processor is configured to determine a second terminal identifier corresponding to the target address.

In a fourteenth aspect, there is provided a readable storage medium, where programs or instructions are stored on the readable storage medium, and when the programs or instructions are executed by a processor, the steps of the method as described in the first aspect are implemented, or The steps of the method as described in the third aspect.

In a fifteenth aspect, there is provided a chip, the chip includes a processor and a communication interface, the communication interface is coupled to the processor, and the processor is used to run a program or an instruction to implement the method described in the first aspect method, or implement the method as described in the third aspect, or implement the method as described in the fifth aspect, or implement the method as described in the seventh aspect.

In a sixteenth aspect, a computer program/program product is provided, the computer program/program product is stored in a non-volatile storage medium, and the program/program product is executed by at least one processor to implement the first The method described in the aspect, or realize the method described in the third aspect, or realize the method described in the fifth aspect, or realize the steps of the method described in the seventh aspect.

In this embodiment of the application, after receiving the certificate push indication, the unified data network element can enable the target service parameters in the subscription of the target terminal, so as to update the subscription data of the target terminal in time, and then can subscribe according to the target terminal. Authorized terminal service request to provide services for the target terminal.

Description of drawings

FIG. 1 is a schematic diagram of a system architecture of a wireless communication system provided by an embodiment of the present application;

FIG. 2 is one of the flow charts of a method for updating a subscription provided in an embodiment of the present application;

Fig. 3 is the second flow chart of a method for updating a subscription provided by an embodiment of the present application;

Fig. 4 is the third flowchart of a method for updating a subscription provided by the embodiment of the present application;

FIG. 5 is the fourth flowchart of a method for updating a subscription provided by an embodiment of the present application;

Fig. 6 is the fifth flowchart of a method for updating a subscription provided by the embodiment of the present application;

FIG. 7 is the sixth flowchart of a method for updating a subscription provided by the embodiment of the present application;

FIG. 8 is one of the schematic structural diagrams of a device for updating a subscription provided in an embodiment of the present application;

Fig. 9 is the second structural schematic diagram of a device for updating a subscription provided by an embodiment of the present application;

Fig. 10 is the third schematic structural diagram of a device for updating a subscription provided in the embodiment of the present application;

Fig. 11 is a fourth structural schematic diagram of a device for updating a subscription provided by an embodiment of the present application;

Fig. 12 is a schematic structural diagram of a communication device provided by an embodiment of the present application;

FIG. 13 is a schematic diagram of a hardware structure of a network side device provided by an embodiment of the present application.

Detailed ways

The technical solutions in the embodiments of the present application will be clearly described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments are part of the embodiments of the present application, but not all of them. All other embodiments obtained by persons of ordinary skill in the art based on the embodiments in this application belong to the protection scope of this application.

The terms "first", "second" and the like in the specification and claims of the present application are used to distinguish similar objects, and are not used to describe a specific sequence or sequence. It is to be understood that the terms so used are interchangeable under appropriate circumstances such that the embodiments of the application are capable of operation in sequences other than those illustrated or described herein and that "first" and "second" distinguish objects. It is usually one category, and the number of objects is not limited. For example, there may be one or more first objects. In addition, "and/or" in the description and claims means at least one of the connected objects, and the character "/" generally means that the related objects are an "or" relationship.

It is worth noting that the technology described in the embodiment of this application is not limited to the Long Term Evolution (Long Term Evolution, LTE)/LTE-Advanced (LTE-Advanced, LTE-A) system, and can also be used in other wireless communication systems, such as code Code Division Multiple Access (CDMA), Time Division Multiple Access (TDMA), Frequency Division Multiple Access (FDMA), Orthogonal Frequency Division Multiple Access, OFDMA), Single-carrier Frequency-Division Multiple Access (Single-carrier Frequency-Division Multiple Access, SC-FDMA) and other systems. The terms "system" and "network" in the embodiments of the present application are often used interchangeably, and the described technology can be used for the above-mentioned system and radio technology, and can also be used for other systems and radio technologies. The following description describes the New Radio (New Radio, NR) system for example purposes, and uses NR terminology in most of the following descriptions, but these techniques can also be applied to applications other than NR system applications, such as the 6th generation (6th Generation , 6G) communication system.

Fig. 1 shows a block diagram of a wireless communication system to which the embodiment of the present application is applicable. The wireless communication system includes a terminal (such as terminal 1 and terminal 2 in FIG. 1 ), a radio access network (Radio Access Network, RAN) (such as RAN1 and RAN2 in FIG. 1 ) and a core network.

Exemplarily, a terminal can also be called a terminal device or a user equipment (User Equipment, UE), which can be a mobile phone, a tablet computer (Tablet Personal Computer), a laptop computer (Laptop Computer) or a notebook computer, a personal digital Assistant (Personal Digital Assistant, PDA), handheld computer, netbook, ultra-mobile personal computer (ultra-mobile personal computer, UMPC), mobile internet device (Mobile Internet Device, MID), augmented reality (augmented reality, AR)/virtual reality (virtual reality, VR) equipment, robots, wearable devices (Wearable Device), vehicle-mounted equipment (VUE), pedestrian terminal (PUE), smart home (home equipment with wireless communication functions, such as refrigerators, TVs, washing machines or furniture etc.) and other terminal-side devices, wearable devices include: smart watches, smart bracelets, smart headphones, smart glasses, smart jewelry (smart bracelets, smart bracelets, smart rings, smart necklaces, smart anklets, smart anklets, etc.) , smart wristbands, smart clothing, game consoles, etc. It should be noted that, the embodiment of the present application does not limit the specific type of the terminal.

It is worth noting that the wireless access network described in the embodiments of this application is not limited to the LTE/LTE-A system, and can also be used in other wireless communication systems, such as CDMA, TDMA, FDMA, OFDMA, SC-FDMA and other systems. The terms "system" and "network" in the embodiments of this application are often used interchangeably, and the described technology can be used for the above-mentioned system and radio technology, and can also be used for other systems and radio technologies, such as non-3GPP Access systems (eg, WLAN, fixed access systems, Bluetooth, etc.). The following description describes the NR system for example purposes, and uses NR terminology in most of the following descriptions, and these techniques can also be applied to applications other than NR system applications, such as 6G communication systems.

Exemplarily, the aforementioned core network may include at least one of the following functions or network elements: session management function (e.g. Session Management Function, SMF), access and mobility management function (e.g. Access and Mobility Management Function, AMF), user plane function ( e.g.User Port Function, UPF), policy control function (e.g.Policy Control Function, PCF), unified data network element, and network exposure function (e.g.Network Exposure Function, NEF). It should be noted that the above-mentioned core network functions may be jointly implemented by multiple devices, or multiple core network functions may be implemented by one device, which is not limited in this embodiment of the present application.

Exemplarily, in a 5G system, the above-mentioned unified data network element may include a unified data management network element (e.g. Unified Data Management, UDM) or a unified data storage network element (Unified Data Repository, UDR). It should be noted that the above-mentioned unified data network element may also be called a user subscription database.

It should be noted that the above-mentioned network element may also be another network element with the same function or type, but the specific name may be different from the name of the above-mentioned network element, which is not limited in this embodiment of the present application.

In related technologies, the PVS can send credential information of service parameters (eg, credential for DNN's secondary authentication, or credential information for network slicing authentication) to the terminal in an automatic push manner. However, after the PVS successfully and automatically pushes the credential information to the terminal, the terminal's subscription also needs to be updated in time to allow the terminal to use the service parameter. Otherwise, when a terminal requests to access the DNN or network slice, the network may reject the terminal's request. How to update the contract of the terminal in time, there is no effective solution at present.

In the technical solution provided by the embodiment of this application, after receiving the certificate push indication, the unified data network element knows that the certificate corresponding to the target service parameter has been successfully pushed to the target terminal, so that it can directly enable Target business parameters, and then update the subscription data of the target terminal in time, and provide services for the target terminal according to the terminal service request authorized by the target terminal for signing.

The subscription update method, device, network element and medium provided by the embodiments of the present application will be described in detail below through some embodiments and application scenarios with reference to the accompanying drawings.

An embodiment of the present application provides a method for updating a subscription. As shown in FIG. 2 , the method for updating a subscription provided in the embodiment of the present application may include the following steps 201 and 202:

Step 201: The unified data network element receives the certificate push indication successfully.

In the embodiment of the present application, the above indication of successfully pushing the credential is used to indicate that the credential corresponding to the target service parameter has been successfully pushed to the target terminal.

In some possible embodiments, the aforementioned target terminal may be a predetermined or preconfigured terminal. For example, the unified data network element or the target terminal corresponding to the pre-configured target parameters in the communication network. The unified data network element can acquire the target terminal corresponding to the target parameter from the local area or the communication network.

In some possible embodiments, the subscription renewal method provided in this embodiment of the application may further include step 201a:

Step 201a: the unified data network element receives the first terminal identifier.

Wherein, the above-mentioned target terminal may include a terminal indicated by the first terminal identifier.

Further, the above step 201a may include the following step 201a1:

Step 201a1: the unified data network element receives the first terminal identifier from the open network element.

In some possible embodiments, the above step 201 may include the following step 201b:

Step 201b: The unified data network element receives the certificate push indication from the network open network element.

In some possible embodiments, the above-mentioned credential push success indication includes target service parameters.

In some possible embodiments, the above-mentioned credential push success indication includes information used to describe target service parameters.

In some possible embodiments, the above target service parameters include at least one of the following: DNN, S-NSSAI.

In some possible embodiments, the first terminal identifier includes at least one of the following: the IP address of the target terminal, the MAC address of the target terminal, the International Mobile Subscriber Identity (IMSI) of the target terminal, the target terminal Subscription Permanent Identifier (SUPI) of the target terminal, Mobile Station International Service Digital Network (MSISDN) of the target terminal, and Generic Public Subscription Identifier (GPSI) of the target terminal.

In some possible embodiments, the above indication of successfully pushing the credential further includes: a credential corresponding to the target service parameter.

In some possible embodiments, the above-mentioned credential push indication further includes a first authentication indication;

Wherein, the above-mentioned first authentication indication is used to indicate that the target service parameter requires further authentication;

The first authentication indication includes at least one of the following:

An indication for indicating that a second authentication of the target service parameters is required,

It is used to indicate that network slice authentication needs to be performed on target service parameters.

In some possible embodiments, the unified data network element may receive the first terminal identifier and the certificate push indication from the server successfully.

In some other possible embodiments, the unified data network element may receive from the network open network element the first terminal identifier and the certificate push success indication from the server.

Step 202: The unified data network element enables target service parameters in the subscription of the target terminal.

In some possible embodiments, the unified data network element activates the configured target service parameters during the subscription of the target terminal.

In some possible embodiments, the above step 202 may also include the following process: the unified data network element stores the target service parameter in the subscription of the target terminal.

Optionally, the unified data network element may further activate the target service parameter after storing the target service parameter in the subscription of the target terminal.

Optionally, the process of the unified data network element activating the target service parameter in the subscription of the target terminal can be regarded as: the unified data network element first determines the configured target service parameter, and then activates the target service parameter. It is worth noting that for the subscription data of different users, some service parameters may have been configured, and some service parameters have not been configured. In this scenario, the unified data network element can first determine whether there is a configuration in the subscription data of related users The service parameter, and then, based on whether the service parameter is configured, a corresponding action of activating or storing the service parameter is performed.

In some possible embodiments, the subscription renewal method provided in the embodiment of the present application may further include the following step 203:

Step 203: The unified data network element determines a closed access group identifier (Closed Access Group Identifier, CAG) that can be used by the target terminal according to the target service parameters.

Exemplarily, the unified data network element may determine the CAG available to the target terminal based on the enabled DNN and/or the enabled S-NSSAI.

Further, based on step 203, the subscription renewal method provided by the embodiment of the present application may also include the following step 204:

Step 204: The unified data network element activates or stores the CAG in the subscription of the target terminal.

For example, for the subscription data of different users, some of them may have been configured with CAG, and some may not be configured with CAG. Therefore, after the unified data network element determines the CAG that can be used by the target terminal, it performs corresponding The action of activating or storing the CAG. For example, the unified data network element directly activates the configured CAG, or activates the stored CAG after storing the unconfigured CAG.

It is worth noting that steps 203 and 204 may occur before or after step 202, and step 204 may also occur at the same time as step 202, that is, the order of steps 203 and 204 and step 202 is not limited in this application.

In some possible embodiments, the subscription renewal method provided in the embodiment of the present application may further include the following step 205:

Step 205: The unified data network element sends the updated subscription of the target terminal to the target terminal.

Exemplarily, the above-mentioned updated contract includes at least one of the following:

enabled DNN,

Enabled S-NSSAI,

CAG determined based on enabled DNN and/or enabled S-NSSAI.

In an example, the above-mentioned updated contract includes at least one of the following:

Activated DNN,

Activated S-NSSAI,

CAG determined based on activated DNN and/or activated S-NSSAI.

Further, based on step 205, in the case that the unified data network element is a UDR, the subscription renewal method provided by the embodiment of the present application may also include the following step 206:

Step 206: UDR sends the updated subscription of the target terminal to UDM.

In the subscription renewal method provided in the embodiment of the present application, after receiving the certificate push indication, the unified data network element can enable the target service parameters in the subscription of the target terminal, thereby updating the subscription data of the target terminal in time, Furthermore, the service can be provided for the target terminal according to the terminal service request signed and authorized by the target terminal.

The embodiment of the present application provides another method for updating the subscription. As shown in FIG. 2 and FIG. 3 , the method for updating the subscription provided in the embodiment of the present application may include the following steps 301 to 303:

Step 301: the server sends a certificate push indication to the unified data network element.

Step 302: The unified data network element receives the certificate push indication successfully.

Step 303: The unified data network element enables the target service parameters in the subscription of the target terminal.

It should be noted that, for related descriptions of step 302 and step 303 in this embodiment, reference may be made to the foregoing description, and details are not repeated here to avoid repetition.

In some possible embodiments, the above step 301 may also include the following step 301a:

Step 301a: the server sends the first terminal identifier to the unified data network element.

In some possible embodiments, the above step 301a may also include the following step 301a1:

Step 301a1: The server sends the first terminal identifier to the unified data network element through the open network element.

In some possible embodiments, the above step 302 may also include the following step 302a:

Step 302a: The unified data network element receives the first terminal identifier.

In some possible embodiments, the above step 301 may also include the following step 301b:

Step 301b: The server sends an indication of successful credential push to the unified data network element.

Exemplarily, the server sends an indication that the credential is successfully pushed to the unified data network element through the open network element.

In the subscription renewal method provided in the embodiment of the present application, the server sends the certificate push indication to the unified data network element, so that the unified data network element can enable the subscription of the target terminal after receiving the certificate push success indication. Target service parameters, thereby updating the subscription data of the target terminal in time, and then providing services for the target terminal according to the terminal service request authorized by the target terminal for signing.

The embodiment of the present application provides another method for updating the subscription. With reference to FIG. 2 , as shown in FIG. 4 , the method for updating the subscription provided in the embodiment of the present application may include the following steps 401:

Step 401: Push an indication that the network open network element obtains the certificate successfully.

Step 402: The network open network element sends a certificate pushing success indication to the unified data network element.

Step 403: The unified data network element receives the certificate push indication successfully.

Step 404: The unified data network element enables the target service parameters in the subscription of the target terminal.

It should be noted that, for related descriptions of step 403 and step 404 in this embodiment, reference may be made to the foregoing description, and details are not repeated here to avoid repetition.

In some possible embodiments, the above step 401 may also include step A1:

Step A1: The network opening network element acquires the first terminal identifier.

In some possible embodiments, the above step 402 may also include step A2:

Step A2: The network open network element sends the first terminal identifier to the unified data network element.

In some possible embodiments, the above step 403 may also include step A3:

Step A3: The unified data network element receives the first terminal identifier.

In some possible embodiments, the network opening network element may receive the first terminal identifier and the certificate push success indication from the server side.

In some possible embodiments, the above step A1 may include the following steps 401a and 401b:

Step 401a: The network opening network element obtains the target address of the target terminal and an indication of successful credential push.

Wherein, the above-mentioned target address of the target terminal includes the IP address of the target terminal or the MAC address of the target terminal.

Exemplarily, the network opening network element may receive the target address of the target terminal from the server and the certificate push indication successfully.

Step 401b: The network opening network element obtains the second terminal identifier corresponding to the target address of the target terminal.

Exemplarily, in combination with the above step 401a and step 401b, the above step 402 may include: the network open network element sends the second terminal identifier and the certificate push indication to the unified data network element; correspondingly, the above step 403 may include: the unified data network The unit receives the second terminal identifier and the certificate push indication successfully.

It should be noted that the above-mentioned second terminal identifier may be the same as the first terminal identifier, or may be different from the first terminal identifier, which is not limited in this embodiment of the present application.

It can be understood that the terminal identifier sent by the network open network element to the unified data network element is the second terminal identifier, or the terminal identifier sent by the network open network element to the unified data network element may include the IP address or MAC address of the target terminal at the same time. The address and the second terminal identifier are not limited in this embodiment of the present application.

In a possible example, the above step 401b may include the following steps 401b1 and 401b2:

Step 401b1: The network opening network element sends the target address of the target terminal to the policy control network element.

Step 401b2: The network opening network element acquires the second terminal identifier corresponding to the target address of the target terminal from the policy control network element.

In a possible example, the second terminal identifier includes at least one of the following: IMSI of the target terminal, SUPI of the target terminal, MSISDN of the target terminal, and GPSI of the target terminal.

In a possible example, the network opening network element sends a policy service request (for example, Npcf_PolicyAuthorization_Create service request) to the policy control network element, where the policy service request includes the target address (for example, IP address or MAC address) of the target terminal After receiving the policy service request, the policy control network element will send a policy service response (for example, Npcf_PolicyAuthorization_Create service response) to the network open network element, and the policy service response includes the second terminal identifier of the target terminal.

In the subscription renewal method provided by the embodiment of the present application, the network open network element sends the certificate push indication to the unified data network element, so that the unified data network element can be in the subscription of the target terminal after receiving the certificate push success indication. The target service parameter is activated, so that the subscription data of the target terminal is updated in time, and services can be provided for the target terminal according to the terminal service request authorized by the target terminal for signing.

The embodiment of the present application provides another method for updating the subscription. As shown in FIG. 5 , the method for updating the subscription provided in the embodiment of the present application may include the following steps 501:

Step 501: The policy control network element obtains the target address of the target terminal.

In a possible example, the policy control network element may receive the target address of the target terminal from the server and an indication of successful credential push. Optionally, the policy control network element may receive the target address of the target terminal from the server and the certificate push indication from the server through the network opening network element.

Step 502: The policy control network element determines the second terminal identifier corresponding to the target address of the target terminal.

Step 503: The policy control network element sends the second terminal identifier to the network open network element or the unified data network element.

Wherein, the above-mentioned second terminal identifier is used to update the subscription of the terminal indicated by the second terminal identifier.

In a possible example, the policy control network element may also send the second terminal identifier to the network open network element. The network opening network element may also send the second terminal identifier and a certificate push indication to the unified data network element, so that the unified data network element updates the subscription data of the terminal indicated by the second terminal identifier according to the second terminal identifier.

In a possible example, the policy control network element may also send the second terminal identifier to the unified data network element, so that the unified data network element updates the subscription data of the terminal indicated by the second terminal identifier according to the second terminal identifier.

In the subscription renewal method provided by the embodiment of the present application, the policy control network element obtains the target address of the target terminal (that is, the IP address of the target terminal or the MAC address of the target terminal), and the corresponding second terminal identifier, so that the communication network The subscription of the terminal indicated by the second terminal identifier may be updated in time.

It should be noted that, in this embodiment of the application, the subscription renewal methods shown in the foregoing embodiments may be combined with each other. That is, during specific implementation, the subscription renewal method shown in each of the above embodiments can also be implemented in combination with any one or more of the other embodiments shown in the above embodiments that can be combined, and will not be repeated here. For example, after combining the subscription renewal methods provided by the embodiments shown in Fig. 4 and Fig. 5 above, the IP address and/or MAC address can be used to obtain the terminal identification used inside the communication system, and then update the terminal identification indication The signing of the target terminal.

The subscription renewal solution provided by the embodiment of the present application will be exemplarily described below.

The following example uses PVS as the server, UDM and/or UDR as the unified data network element, NEF as the network open network element, PCF as the policy control network element, and UE as the terminal. It should be noted that the network element name in the following example is only an example, and other network element names may also be used in practical applications, which is not limited in this embodiment of the present application.

Embodiment one:

The preconditions for the execution of this embodiment may be: the service parameters (that is, DNN or S-NSSAI) can be configured in the UE in advance, and an indication that secondary authentication or NSSAA is required, but no credentials (credential) are configured; or, the UE can also The aforementioned information may not be configured in advance. Meanwhile, the DNN or S-NSSAI is not configured in UDR/UDM.

Exemplarily, as shown in FIG. 6, the technical solution provided by this embodiment may specifically be implemented through the following steps:

Step S11: The UE establishes a PDU session, and downloads the credentials of the DNN or S-NSSAI from the PVS.

Exemplarily, the UE uses the configured DNN or S-NSSAI to request to establish a PDU session, and obtains a PVS address during the process of establishing the session. The UE contacts the PVS indicated by the PVS address to obtain the credentials of the DNN or S-NSSAI.

Step S12: The PVS sends the UE ID and the DNN or S-NSSAI credential success push indication to the UDM of the UE.

Wherein, the UE identity may include at least one of the following: the IP address of the UE, the MAC address of the UE, the IMSI of the UE, the GPSI of the UE, the MSISDN of the UE, the SUPI of the UE, the SUCI of the UE, or other temporary or permanent identifiers of the UE, or , other internal or external identifiers of the UE.

Among them, the credential success push indication may include DNN or S-NSSAI and the corresponding credential, or may send DNN or S-NSSAI and an indication of "Need Second Authentication" or "Need NSSAA", or send "Need Second Authentication DNN" or "S-NSSAI with NSSAA" parameter. At the same time, the DNN or S-NSSAI is included in the indication that the credential is successfully pushed.

It should be noted that, in this step, the PVS may directly send to the UDM, or the PVS may send to the UDM through the NEF.

Exemplarily, the PVS can use the Nnef_ServiceParameter_Create service to send the UE identity and the credential push indication to the NEF successfully. NEF sends UE identity and credential push indication to UDM successfully.

Step S13: UDM receives the certificate push indication, and stores the DNN or S-NSSAI and the indication of the need for secondary authentication or NSSAA in the subscription of the UE.

Step S14: The UDM can determine the CAG available to the UE according to the DNN or S-NSSAI, and store the CAG in the UE subscription.

It should be noted that the UDM in this embodiment can be replaced by a UDR.

In one example, the UDR sends the UE's updated subscription, including the new DNN or S-NSSAI, to the UDM. Further, the updated subscription also includes: the CAG determined according to the new DNN or S-NSSAI.

Optionally, the scheme of this embodiment may also include:

Step S15: The UDM sends the updated subscription to the UE.

Wherein, the updated subscription includes a new DNN or S-NSSAI. Further, the updated subscription also includes: the CAG determined according to the new DNN or S-NSSAI.

Optionally, the scheme of this embodiment may also include:

Step S16: UE activates the configured DNN or S-NSSAI.

Wherein, the DNN or S-NSSAI is configured in the UE in advance, and the corresponding DNN or S-NSSAI is activated after receiving the updated subscription. Optionally, the UE also activates corresponding CAG information. Exemplarily, the UE marks the DNN, S-NSSAI or CAG as "activated" or deletes the DNN, S-NSSAI or CAG as "inactive".

Alternatively, the DNN or S-NSSAI is not configured in the UE, and the UE stores the corresponding DNN or S-NSSAI after receiving the updated subscription. Optionally, the UE also stores corresponding CAG information.

It is worth noting that in actual use, the UE may not need to determine whether the aforementioned information has been configured in advance, that is, the UE performs the aforementioned activation or storage operations after receiving an updated subscription.

Embodiment two:

The preconditions for the execution of this embodiment are: DNN or S-NSSAI is configured in UDR/UDM in advance, and a secondary authentication or NSSAA indication is required, but no credential is configured. Service parameters (that is, DNN or S-NSSAI) and an indication of the need for secondary authentication or NSSAA can be configured in the UE in advance, but credentials (credential) are not configured; or, the foregoing information may not be configured in the UE in advance.

Exemplarily, as shown in FIG. 7, the technical solution provided by this embodiment may be implemented through the following steps:

Step S21: The UE establishes a PDU session, and downloads the credentials of the DNN or S-NSSAI from the PVS.

For a specific description of relevant content in this step, reference may be made to the description of Embodiment 1, and details are not repeated here.

Step S22: The PVS sends the UE ID and the DNN or S-NSSAI credential success push indication to the UDM of the UE.

Step S23: The UDM receives the certificate push indication, and activates the DNN or S-NSSAI in the subscription of the UE.

Step S24: The UDM can determine the CAG that the UE can use according to the DNN or S-NSSAI, store the CAG in the UE subscription, or directly activate the corresponding CAG.

It should be noted that the UDM in this embodiment can be replaced by a UDR.

Optionally, the scheme of this embodiment may also include:

Step S25: The UDM sends the updated subscription to the UE.

Optionally, the scheme of this embodiment may also include:

Step S26: UE activates the configured DNN or S-NSSAI.

For steps S25-S26, reference may be made to the description of steps S15-S16 in the first embodiment above.

In addition, it should be noted that if in step S12 in the first embodiment and step S22 in the second embodiment: the UE identifier received by the NEF is the IP address and/or MAC address of the UE, the NEF may first query the PCF for the UE identifier. The internal identifier of the UE corresponding to the IP address, such as GPSI, IMSI, SUPI, MSISDN or SUCI.

In one example, the NEF sends an Npcf_PolicyAuthorization_Create service request to the PCF, wherein the Npcf_PolicyAuthorization_Create service request includes the IP address and/or MAC address of the UE, and the PCF sends an Npcf_PolicyAuthorization_Create service response to the NEF, and the Npcf_PolicyAuthorization_Create service response includes the IMSI of the UE. NEF sends UE's IMSI and credential push indication to UDR/UDM successfully.

It should be noted that, for the subscription renewal method provided in the embodiment of the present application, the execution subject may be a subscription renewal device, or a control module in the subscription renewal device for executing the subscription renewal method. In the embodiment of the present application, the method for executing the subscription renewal by the subscription renewal device is taken as an example to describe the subscription renewal device provided in the embodiment of the present application.

An apparatus for updating a subscription provided in an embodiment of the present application, as shown in FIG. 8 , the apparatus for updating a subscription may include: a transmission module 601 and an execution module 602, wherein:

The transmission module 601 is configured to receive an indication of successful credential push; the above-mentioned successful credential push indication is used to indicate that the credential corresponding to the target service parameter has been successfully pushed to the target terminal; the execution module 602 is used to enable the target service in the subscription of the target terminal parameter.

In some possible embodiments, the indication of successful credential push includes target service parameters.

In some possible embodiments, the transmission module 601 is further configured to receive a first terminal identifier; wherein the target terminal includes a terminal indicated by the first terminal identifier.

In some possible embodiments, the first terminal identifier includes at least one of the following: IP address of the target terminal, MAC address of the target terminal, IMSI of the target terminal, SUPI of the target terminal, MSISDN of the target terminal, GPSI of the target terminal .

Wherein, the above-mentioned first authentication indication includes at least one of the following:

In some possible embodiments, the execution module 602 is specifically configured to: activate and/or store target service parameters in the subscription of the target terminal.

In some possible embodiments, the execution module 602 is further configured to determine the CAG available to the target terminal according to the target service parameters.

In some possible embodiments, the execution module 602 is further configured to activate or store the CAG in the subscription of the target terminal.

In some possible embodiments, the transmitting module 601 is further configured to send the updated subscription of the target terminal to the target terminal.

In some possible embodiments, the transmitting module 601 is further configured to send the updated subscription of the target terminal to the UDM.

In some possible embodiments, the above-mentioned updated subscription includes at least one of the following:

enabled DNN,

Enabled S-NSSAI,

CAG determined based on enabled DNN and/or enabled S-NSSAI.

In some possible embodiments, the transmission module 601 is specifically configured to: receive a certificate push indication from an open network element of the network.

In some possible embodiments, the transmission module 601 is specifically configured to: receive the first terminal identifier from an open network element of the network.

In the device for subscription renewal provided in the embodiment of the present application, after receiving the successful certificate push indication, the device can know that the certificate corresponding to the target service parameter has been successfully pushed to the target terminal based on the successful certificate push indication. At this time, the device can The target service parameter is enabled in the subscription of the target terminal, so that the subscription data of the target terminal is updated in time, and then the service can be provided for the target terminal according to the terminal service request authorized by the subscription of the target terminal.

An apparatus for updating a subscription provided in an embodiment of the present application, as shown in FIG. 9 , the apparatus for updating a subscription may include: a transmission module 701, wherein:

The transmission module 701 is configured to send a certificate push success indication to the unified data network element; the above certificate success push indication is used to indicate that the certificate corresponding to the target service parameter has been successfully pushed to the target terminal.

In some possible embodiments, the transmission module 701 is further configured to send the first terminal identifier to the unified data network element; wherein the target terminal includes a terminal indicated by the first terminal identifier.

The above-mentioned first authentication indication includes at least one of the following:

In some possible embodiments, the transmission module 701 is specifically configured to: send an indication of successful credential push to the network opening network element.

In some possible embodiments, the transmission module 701 is specifically configured to: send the first terminal identifier to the unified data network element through the network open network element.

In the subscription renewal device provided in the embodiment of the present application, the device sends a certificate push indication to the unified data network element, so that the unified data network element can enable the subscription of the target terminal after receiving the certificate push success indication. Target service parameters, thereby updating the subscription data of the target terminal in time, and then providing services for the target terminal according to the terminal service request authorized by the target terminal for signing.

An apparatus for updating a subscription provided in an embodiment of the present application, as shown in FIG. 10 , may include: an execution module 801 and a transmission module 802, wherein:

The execution module 801 is configured to obtain an indication of a successful credential push; the sending module 802 is configured to send the above-mentioned credential successful push indication obtained by the execution module 801 to the unified data network element; the above-mentioned credential successful push indication is used to indicate: Credentials have been successfully pushed to the target endpoint.

In some possible embodiments, the execution module 801 is further configured to obtain the first terminal identifier; the transmission module 802 is further configured to send the first terminal identifier to a unified data network element.

In some possible embodiments, the transmission module 802 is further configured to receive a target address of the target terminal and an indication of successful credential push, where the target address includes the IP address of the target terminal or the MAC address of the target terminal; the execution module 801 is specifically used to Obtain the second terminal identifier corresponding to the above target address.

In some possible embodiments, the transmission module 802 is further configured to send the target address of the above target terminal to the policy control network element; the transmission module 802 is also used to receive the second terminal corresponding to the above target address from the policy control network element logo.

In some possible embodiments, the above-mentioned second terminal identifier includes at least one of the following: IMSI of the target terminal, SUPI of the target terminal, MSISDN of the target terminal, and GPSI of the target terminal.

An apparatus for updating a subscription provided in an embodiment of the present application, as shown in FIG. 11 , may include: a transmission module 901 and an execution module 902, wherein:

The execution module 902 is used to obtain the destination address of the target terminal, and the above destination address includes the IP address of the target terminal or the MAC address of the target terminal; the execution module 902 is also used to determine the second terminal identifier corresponding to the above target address; the transmission module 901 , further configured to send the second terminal identifier to the network open network element or unified data network element; where the second terminal identifier is used to update the subscription of the terminal indicated by the second terminal identifier.

In the device for updating the subscription provided in the embodiment of the present application, the device obtains the target address of the target terminal (that is, the IP address of the target terminal or the MAC address of the target terminal), corresponding to the second terminal identifier, so that the communication network can timely The subscription of the terminal indicated by the second terminal identifier is updated.

The computing task resource allocation device or computing task policy determination device in the embodiment of the present application may be a device, a device with an operating system or an electronic device, or a component, an integrated circuit, or a chip in the device. The device or electronic device may be a network element, a node device, a server, a network attached storage (Network Attached Storage, NAS), a personal computer (personal computer, PC), etc., which are not specifically limited in this embodiment of the present application.

The subscription renewal device provided by the embodiment of the present application can realize the various processes realized by the method embodiments in Fig. 2 to Fig. 7 and achieve the same technical effect, and to avoid repetition, details are not repeated here.

Optionally, as shown in FIG. 12 , this embodiment of the present application further provides a communication device 1000, including a processor 1001, a memory 1002, and programs or instructions stored in the memory 1002 and operable on the processor 1001, For example, when the communication device 1000 is a network-side device, when the program or instruction is executed by the processor 1001, various processes of the above-mentioned method embodiments can be achieved, and the same technical effect can be achieved. To avoid repetition, details are not repeated here.

The embodiment of the present application also provides a network side device, including a processor and a communication interface. The network-side device embodiment corresponds to the above-mentioned network-side device method embodiment, and each implementation process and implementation mode of the above-mentioned method embodiment can be applied to this network-side device embodiment, and can achieve the same technical effect.

In one example, the network side device is a unified data network element, including a processor and a communication interface, wherein the communication interface is used to receive an indication of a successful credential push; the above indication of a successful credential push is used to indicate: The credential has been successfully pushed to the target terminal; the processor is used to enable the target service parameter in the subscription of the target terminal.

In some possible examples, the credential successfully pushed indication includes target service parameters.

In some possible examples, the above target service parameters include at least one of the following: DNN, S-NSSAI.

In some possible examples, the foregoing communication interface is further configured to receive a first terminal identifier; wherein the target terminal includes a terminal indicated by the first terminal identifier.

In some possible examples, the first terminal identifier includes at least one of the following: the IP address of the target terminal, the MAC address of the target terminal, the IMSI of the target terminal, the SUPI of the target terminal, the MSISDN of the target terminal, and the GPSI of the target terminal.

In some possible examples, the above indication of successfully pushing the credential further includes: a credential corresponding to the target service parameter.

In some possible examples, the above-mentioned certificate push indication further includes a first authentication indication;

In some possible examples, the processor is specifically configured to: activate and/or store target service parameters in subscription of the target terminal.

In some possible examples, the processor is further configured to determine the CAG usable by the target terminal according to the target service parameters.

In some possible examples, the processor is further configured to enable or store the foregoing CAG in the subscription of the target terminal.

In some possible examples, the communication interface is further configured to send the updated subscription of the target terminal to the target terminal.

In some possible examples, the communication interface is further configured to send the updated subscription of the target terminal to the UDM.

In some possible examples, the above-mentioned updated contract includes at least one of the following:

enabled DNN,

Enabled S-NSSAI,

CAG determined based on enabled DNN and/or enabled S-NSSAI.

In some possible examples, the communication interface is specifically configured to: receive an indication from a network open network element that the credential is successfully pushed.

In some possible examples, the communication interface is specifically configured to: receive the first terminal identifier from an open network element of the network.

In the unified data network element provided in the example of this application, after the unified data network element receives the successful push indication of the certificate, it can know that the certificate corresponding to the target service parameter has been successfully pushed to the target terminal based on the successful push indication of the certificate. At this time, the The device can enable the target service parameters in the subscription of the target terminal, thereby updating the subscription data of the target terminal in time, and then can provide services for the target terminal according to the terminal service request authorized by the target terminal subscription.

In one example, the network-side device is a server, including a processor and a communication interface, wherein the communication interface is used to send an indication of successful credential push to a unified data network element; wherein, the above-mentioned successful credential push indication is used to indicate: target The certificate corresponding to the business parameter has been successfully pushed to the target terminal.

In some possible examples, the communication interface is further configured to send the first terminal identifier to the unified data network element; wherein the target terminal is a terminal indicated by the first terminal identifier.

In some possible examples, the communication interface is specifically configured to: send an indication of successful credential push to the network opening network element.

In some possible examples, the communication interface is specifically configured to: send the first terminal identifier to the unified data network element through the network open network element.

In the server provided in the example of this application, the server sends a certificate push indication to the unified data network element, so that the unified data network element can enable the target service parameter in the subscription of the target terminal after receiving the certificate push success indication, Therefore, the subscription data of the target terminal is updated in time, and the service can be provided for the target terminal according to the terminal service request of the target terminal's contract authorization.

In one example, the network-side device is an open network element, including a processor and a communication interface, wherein the processor is used to obtain an indication of successful credential push; the communication interface is used to send the information obtained by the processor to the unified data network element. The above indication of successfully pushing the voucher; wherein, the indication of successfully pushing the voucher includes target service parameters; the above indication of successfully pushing the voucher is used to indicate that the voucher corresponding to the target service parameter has been successfully pushed to the target terminal.

An indication for indicating that the target service parameter requires secondary authentication,

An indication used to indicate that the target service parameter requires network slice authentication.

In some possible examples, the processor is further configured to acquire the first terminal identifier; the communication interface is further configured to send the first terminal identifier to a unified data network element.

In some possible examples, the communication interface is further configured to receive a target address of the target terminal and an indication of successful credential push, where the target address includes the IP address of the target terminal or the MAC address of the target terminal; the processor is specifically configured to obtain the target terminal The second terminal identifier corresponding to the address.

In some possible examples, the communication interface is further configured to send the target address of the target terminal to the policy control network element; the communication interface is further configured to receive the second terminal identifier corresponding to the target address from the policy control network element.

In some possible examples, the second terminal identifier includes at least one of the following: IMSI of the target terminal, SUPI of the target terminal, MSISDN of the target terminal, and GPSI of the target terminal.

In the network open network element provided in the example of this application, the network open network element sends a certificate push indication to the unified data network element, so that after receiving the certificate push successful indication, the unified data network element can sign up for the target terminal The target service parameters are enabled, so that the subscription data of the target terminal is updated in time, and services can be provided for the target terminal according to the terminal service request authorized by the target terminal for signing.

In one example, the network side device is a policy control network element, including a processor and a communication interface, wherein the processor is used to obtain the destination address of the target terminal, and the destination address includes the IP address of the target terminal or the IP address of the target terminal. A MAC address; a processor, further configured to determine a second terminal identifier corresponding to the above-mentioned target address; a communication interface, further configured to send the second terminal identifier to the network open network element or unified data network element; wherein, the The second terminal identifier is used to update the subscription of the terminal indicated by the second terminal identifier.

In the policy control network element provided in the example of this application, the policy control network element obtains the second terminal identifier corresponding to the target address of the target terminal (that is, the IP address of the target terminal or the MAC address of the target terminal), so that the communication network can The subscription of the terminal indicated by the second terminal identifier is updated in time.

The embodiment of the present application also provides a network side device. As shown in FIG. 13 , the network side device in this embodiment of the present invention includes: a processor 1101 , a transceiver 1102 , a memory 1103 , a network interface 1104 and a bus interface. In FIG. 13 , the bus architecture may include any number of interconnected buses and bridges, specifically one or more processors represented by processor 1101 and various circuits of memory represented by memory 1103 are linked together. The bus architecture can also link together various other circuits such as peripherals, voltage regulators, and power management circuits, etc., which are well known in the art and therefore will not be further described herein. The bus interface provides the interface. Transceiver 1102 may be a plurality of elements, including a transmitter and a receiver, providing a means for communicating with various other devices over transmission media. The processor 1101 is responsible for managing the bus architecture and general processing, and the memory 1103 can store data used by the processor 1101 when performing operations. In addition, the network side device also includes some unshown functional modules, which will not be repeated here.

Specifically, the network side device further includes: instructions or programs stored in the memory 1103 and operable on the processor 1101, and the processor 1101 invokes the instructions or programs in the memory 1103 to execute FIG. 8 or FIG. 9 or FIG. 10 or FIG. The method executed by each module shown in 11 achieves the same technical effect. In order to avoid repetition, it is not repeated here.

The embodiment of the present application also provides a readable storage medium, on which a program or instruction is stored, and when the program or instruction is executed by a processor, each process of the method embodiment of the above-mentioned subscription renewal method is implemented, and The same technical effect can be achieved, so in order to avoid repetition, details will not be repeated here.

Wherein, the processor is the processor in the terminal described in the foregoing embodiments. The readable storage medium includes computer readable storage medium, such as computer read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk, etc.

The embodiment of the present application further provides a chip, the chip includes a processor and a communication interface, the communication interface is coupled to the processor, and the processor is used to run programs or instructions to implement the above-mentioned subscription renewal method The various processes of the embodiment can achieve the same technical effect, so in order to avoid repetition, details are not repeated here.

It should be understood that the chip mentioned in the embodiment of the present application may also be called a system-on-chip, a system-on-chip, a system-on-a-chip, or a system-on-a-chip.

It should be noted that, in this document, the term "comprising", "comprising" or any other variation thereof is intended to cover a non-exclusive inclusion such that a process, method, article or apparatus comprising a set of elements includes not only those elements, It also includes other elements not expressly listed, or elements inherent in the process, method, article, or device. Without further limitations, an element defined by the phrase "comprising a ..." does not preclude the presence of additional identical elements in the process, method, article, or apparatus comprising that element. In addition, it should be pointed out that the scope of the methods and devices in the embodiments of the present application is not limited to performing functions in the order shown or discussed, and may also include performing functions in a substantially simultaneous manner or in reverse order according to the functions involved. Functions are performed, for example, the described methods may be performed in an order different from that described, and various steps may also be added, omitted, or combined. Additionally, features described with reference to certain examples may be combined in other examples.

Through the description of the above embodiments, those skilled in the art can clearly understand that the methods of the above embodiments can be implemented by means of software plus a necessary general-purpose hardware platform, and of course also by hardware, but in many cases the former is better implementation. Based on such an understanding, the technical solution of the present application can be embodied in the form of computer software products, which are stored in a storage medium (such as ROM/RAM, magnetic disk, etc.) , CD-ROM), including several instructions to make a terminal (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) execute the methods described in the various embodiments of the present application.

The embodiments of the present application have been described above in conjunction with the accompanying drawings, but the present application is not limited to the above-mentioned specific implementations. The above-mentioned specific implementations are only illustrative and not restrictive. Those of ordinary skill in the art will Under the inspiration of this application, without departing from the purpose of this application and the scope of protection of the claims, many forms can also be made, all of which belong to the protection of this application.

Claims

A method for subscription renewal, comprising:

The unified data network element receives the voucher success push indication; the voucher success push indication is used to indicate that the voucher corresponding to the target service parameter has been successfully pushed to the target terminal;

The unified data network element enables the target service parameter in the subscription of the target terminal.
The method according to claim 1, wherein the indication of successful credential push includes the target service parameter.
The method according to claim 2, wherein the target service parameters include at least one of the following: data network name DNN, single network slice selection auxiliary information S-NSSAI.
The method according to claim 1, wherein the method further comprises:

The unified data network element receives the first terminal identifier;

Wherein, the target terminal includes the terminal indicated by the first terminal identifier.
The method according to claim 4, wherein the first terminal identifier includes at least one of the following: the IP address of the target terminal, the MAC address of the target terminal, and the International Mobile Subscriber Identity (IMSI) of the target terminal , the subscription permanent identifier SUPI of the target terminal, the mobile station integrated services digital network number MSISDN of the target terminal, and the general public subscription identifier GPSI of the target terminal.
The method according to claim 1, wherein, the indication of successful credential pushing further includes: a credential corresponding to the target service parameter.
The method according to claim 2, wherein the indication of successful certificate pushing further comprises a first authentication indication;

Wherein, the first authentication indication includes at least one of the following:

An indication for indicating that the target service parameter needs to be authenticated twice,

An indication for indicating that network slice authentication needs to be performed on the target service parameter.
The method according to claim 1, wherein the unified data network element enabling the target service parameter in the subscription of the target terminal comprises:

The unified data network element stores and/or activates the target service parameter in the subscription of the target terminal.
The method according to claim 2, wherein the method further comprises:

The unified data network element determines the closed access group identifier CAG usable by the target terminal according to the target service parameters.
The method according to claim 7, wherein the method further comprises:

The unified data network element activates or stores the CAG in the subscription of the target terminal.
The method according to any one of claims 1 to 10, wherein the method further comprises:

The unified data network element sends the updated subscription of the target terminal to the target terminal.
The method according to claim 11, wherein, when the unified data network element is a unified data storage network element UDR, the method further comprises:

The UDR sends the updated subscription of the target terminal to the unified data management network element UDM.
The method according to claim 11, wherein the updated subscription includes at least one of the following:

enabled DNN,

Enabled S-NSSAI,

CAG determined based on enabled DNN and/or enabled S-NSSAI.
The method according to claim 1, wherein the unified data network element receiving the certificate push success indication comprises:

The unified data network element receives the certificate push indication from the network open network element.
The method according to claim 4, wherein the receiving the first terminal identifier by the unified data network element comprises:

The unified data network element receives the first terminal identifier from the network open network element.
A method for subscription renewal, comprising:

The server sends a certificate push indication to the unified data network element;

Wherein, the credential push success indication is used to indicate that the credential corresponding to the target service parameter has been successfully pushed to the target terminal.
The method according to claim 16, characterized in that, the indication of successful push of the credential includes the target service parameter.
The method according to claim 17, wherein the target service parameters include at least one of the following: DNN, S-NSSAI.
The method according to claim 16, further comprising:

The server sends the first terminal identifier to the unified data network element;

Wherein, the target terminal includes the terminal indicated by the first terminal identifier.
The method according to claim 19, wherein the first terminal identifier includes at least one of the following: the IP address of the target terminal, the MAC address of the target terminal, the IMSI of the target terminal, the The SUPI of the target terminal, the MSISDN of the target terminal, and the GPSI of the target terminal.
The method according to claim 16, wherein the indication of successful credential push further includes: the credential corresponding to the target service parameter.
The method according to claim 17, characterized in that, the indication of successful credential push further includes a first authentication indication;

Wherein, the first authentication indication includes at least one of the following:

An indication for indicating that the target service parameter needs to be authenticated twice,

An indication for indicating that network slice authentication needs to be performed on the target service parameter.
The method according to claim 16, wherein the server sends an indication that the certificate is successfully pushed to the unified data network element, including:

The server sends an indication that the certificate is successfully pushed to the open network element.
The method according to claim 19, wherein the server sends the first terminal identifier to the unified data network element, comprising:

The server sends the first terminal identifier to the unified data network element through an open network element.
A method for subscription renewal, comprising:

The network open network element obtains the certificate and successfully pushes the indication;

The network open network element sends the certificate push indication to the unified data network element;

Wherein, the credential push success indication is used to indicate that the credential corresponding to the target service parameter has been successfully pushed to the target terminal.
The method according to claim 25, wherein the credential push success indication includes the target service parameter.
The method according to claim 26, wherein the target service parameters include at least one of the following: DNN, S-NSSAI.
The method according to claim 25, wherein the indication of successful push of the credential further includes: the credential corresponding to the target service parameter.
The method according to claim 26, wherein the credential successfully pushed indication further comprises a first authentication indication;

Wherein, the first authentication indication includes at least one of the following:

An indication for indicating that the target service parameter needs to be authenticated twice,

An indication for indicating that network slice authentication needs to be performed on the target service parameter.
The method according to claim 26, wherein said method further comprises:

The network opening network element acquires the first terminal identifier;

The network open network element sends the first terminal identifier to the unified data network element.
The method according to claim 30, wherein said network opening network element acquiring the first terminal identifier comprises:

The network opening network element receives a target address of the target terminal and a certificate push indication, where the target address includes the IP address of the target terminal or the MAC address of the target terminal;

The network opening network element acquires the second terminal identifier corresponding to the target address.
The method according to claim 31, wherein the network opening network element obtaining the second terminal identifier corresponding to the target address comprises:

The network opening network element sends the target address of the target terminal to the policy control network element;

The network opening network element receives the second terminal identifier corresponding to the target address from the policy control network element.
The method according to claim 31, wherein the first terminal identifier includes at least one of the following: the IP address of the target terminal, the MAC address of the target terminal, the IMSI of the target terminal, the target terminal SUPI, MSISDN of the target terminal, GPSI of the target terminal.
The method according to claim 32 or 33, wherein the second terminal identifier includes at least one of the following: the IMSI of the target terminal, the SUPI of the target terminal, the MSISDN of the target terminal, the target terminal GPSI.
A method for subscription renewal, comprising:

The policy control network element acquires the destination address of the target terminal, where the destination address includes the IP address of the target terminal or the MAC address of the target terminal;

The policy control network element determines a second terminal identifier corresponding to the target address;

The policy control network element sends the second terminal identifier to the open network element or unified data network element;

Wherein, the second terminal identifier is used to update the subscription of the terminal indicated by the second terminal identifier.
The method according to claim 35, wherein the second terminal identifier includes at least one of the following: IMSI of the target terminal, SUPI of the target terminal, MSISDN of the target terminal, GPSI of the target terminal .
A device for subscription renewal, comprising:

A receiving module, configured to receive an indication of successful credential push; the successful credential push indication is used to indicate that the credential corresponding to the target service parameter has been successfully pushed to the target terminal;

An execution module, configured to activate the target service parameter in the subscription of the target terminal.
A device for subscription renewal, comprising:

A sending module, configured to send an indication of successful credential push to the unified data network element;

Wherein, the credential successfully pushed indication is used to indicate that the credential corresponding to the target service parameter has been successfully pushed to the target terminal.
A device for subscription renewal, comprising:

Executing the module, used to obtain the successful push indication of the credential;

A sending module, configured to send the successful push indication of the credential obtained by the execution module to a unified data network element;

Wherein, the credential successfully pushed indication is used to indicate that the credential corresponding to the target service parameter has been successfully pushed to the target terminal.
A device for subscription renewal, comprising:

An execution module, configured to obtain a destination address of the target terminal, where the destination address includes the IP address of the target terminal or the MAC address of the target terminal;

The execution module is further configured to determine a second terminal identifier corresponding to the target address;

The transmission module is further configured to send the second terminal identifier to the network open network element or unified data network element;

Wherein, the second terminal identifier is used to update the subscription of the terminal indicated by the second terminal identifier.
A unified data network element, comprising a processor, a memory, and a program or instruction stored in the memory and operable on the processor, when the program or instruction is executed by the processor, the claim 1 is realized The steps of the subscription renewal method described in any one of 15 to 15.
A server, comprising a processor, a memory, and a program or instruction stored on the memory and operable on the processor, when the program or instruction is executed by the processor, any of claims 16 to 24 can be implemented. A step in the method for renewal of a subscription.
An open network element of a network, comprising a processor, a memory, and a program or instruction stored on the memory and operable on the processor, when the program or instruction is executed by the processor, claim 25 is realized Steps of the subscription renewal method described in any one of 34 to 34.
A policy control network element, comprising a processor, a memory, and a program or instruction stored in the memory and operable on the processor, when the program or instruction is executed by the processor, the claim 35 is implemented Or the steps in the method for updating the subscription described in 36.
A readable storage medium, on which a program or instruction is stored, and when the program or instruction is executed by a processor, the subscription renewal method according to any one of claims 1 to 15 is realized, or the method as described in any one of claims 1 to 15 is realized, or The subscription renewal method according to any one of claims 16 to 24, or the subscription renewal method according to any one of claims 25 to 34, or the subscription renewal method according to claim 35 or 36 A step of.