WO2023187905A1 - Communication device, network node device, and authorization control method - Google Patents

Communication device, network node device, and authorization control method Download PDF

Info

Publication number
WO2023187905A1
WO2023187905A1 PCT/JP2022/015007 JP2022015007W WO2023187905A1 WO 2023187905 A1 WO2023187905 A1 WO 2023187905A1 JP 2022015007 W JP2022015007 W JP 2022015007W WO 2023187905 A1 WO2023187905 A1 WO 2023187905A1
Authority
WO
WIPO (PCT)
Prior art keywords
api
authorization
network node
calling
node device
Prior art date
Application number
PCT/JP2022/015007
Other languages
French (fr)
Japanese (ja)
Inventor
悠司 鈴木
アルフ ツーゲンマイヤー
Original Assignee
株式会社Nttドコモ
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社Nttドコモ filed Critical 株式会社Nttドコモ
Priority to PCT/JP2022/015007 priority Critical patent/WO2023187905A1/en
Publication of WO2023187905A1 publication Critical patent/WO2023187905A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/30Connection release
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Definitions

  • the present invention relates to API calls from external applications to network node devices.
  • 5G or NR New Radio
  • 5G 5G or NR (New Radio) is being developed in order to further increase system capacity, further increase data transmission speed, and further reduce latency in wireless sections.
  • ⁇ 5G'' a wireless communication system called ⁇ 5G'' (hereinafter referred to as ⁇ 5G'' or ⁇ NR'').
  • 5G various wireless technologies are being studied in order to meet the requirements of achieving a throughput of 10 Gbps or more while reducing the delay in the wireless section to 1 ms or less.
  • 5GC 5G Core Network
  • EPC Evolved Packet Core
  • RAN Radio Access Network
  • a network architecture including NG-RAN (Next Generation - Radio Access Network) corresponding to Evolved Universal Terrestrial Radio Access Network is being considered (for example, Non-Patent Document 1).
  • NEF Network Exposure Function
  • AF Application Function
  • CAPIF Common API Framework
  • network node devices open APIs (Application Programming Interfaces) for external applications, and for example, a third-party application can call the API to the network node devices.
  • APIs Application Programming Interfaces
  • the present invention has been made in view of the above points, and an object of the present invention is to provide a technology that makes it possible to revoke the authorization of an authorized API call.
  • a control unit that determines whether an event that satisfies conditions for canceling authorization for an API call has occurred;
  • a communication device comprising: a transmitting unit that transmits a request to cancel authorization for calling the API to a network node device when it is determined that the event has occurred.
  • a technology that makes it possible to revoke the authorization of an authorized API call.
  • FIG. 1 is a diagram for explaining an example of a communication system.
  • FIG. 2 is a diagram for explaining an example of a communication system under a roaming environment.
  • FIG. 3 is a diagram illustrating an example of an API call.
  • FIG. 2 is a diagram for explaining a problem.
  • FIG. 3 is a diagram for explaining an overview of a processing procedure in an embodiment of the present invention.
  • FIG. 2 is a sequence diagram showing a specific example of a processing procedure in an embodiment of the present invention.
  • FIG. 3 is a sequence diagram showing variations in processing procedures in an embodiment of the present invention.
  • 1 is a diagram showing an example of a system in an embodiment of the present invention.
  • 1 is a diagram showing an example of a system in an embodiment of the present invention.
  • FIG. 2 is a diagram showing an example of a functional configuration of a base station 10 (and a network node device 30, an authorization server 35, and a resource holder client 40) in an embodiment of the present invention. It is a diagram showing an example of the functional configuration of a terminal 20 (and a resource holder client 40) in an embodiment of the present invention.
  • 1 is a diagram showing an example of a hardware configuration of a device in an embodiment of the present invention.
  • 1 is a diagram showing an example of the configuration of a vehicle in an embodiment of the present invention.
  • Existing technologies are used as appropriate for the operation of the wireless communication system according to the embodiment of the present invention.
  • the existing technology is, for example, existing LTE or existing NR (5G), but is not limited to existing LTE or existing NR.
  • “configure” the wireless parameters etc. may mean pre-configuring predetermined values, or “pre-configuring” the wireless parameters etc.
  • wireless parameters notified from the terminal 20 may be set.
  • FIG. 1 is a diagram for explaining an example of a communication system.
  • the communication system includes a UE, which is a terminal 20, and a plurality of network node devices 30.
  • a UE which is a terminal 20
  • network node devices 30 there are no network node devices 30.
  • one network node device 30 corresponds to each function, but one network node device 30 may realize multiple functions, or multiple network node devices 30 may realize one function. It's okay.
  • the "connection" described below may be a logical connection or a physical connection.
  • the base station 10, the terminal 20, and the network node device 30 may all be referred to as a "communication device.”
  • RAN Radio Access Network
  • AMF Access and Mobility Management Function
  • UPF User plane function
  • the AMF is a network node device 30 having functions such as RAN interface termination, NAS (Non-Access Stratum) termination, registration management, connection management, reachability management, and mobility management.
  • the UPF is a network node device 30 that has functions such as a PDU (Protocol Data Unit) session point for the outside that interconnects with a DN (Data Network), packet routing and forwarding, and user plane QoS (Quality of Service) handling. .
  • the UPF and DN constitute a network slice.
  • a plurality of network slices are constructed.
  • AMF includes UE, RAN, SMF (Session Management function), NSSF (Network Slice Selection Function), NEF (Network Exposure Function), NRF (Network Repository Function), UDM (Unified Data Management), AUSF (Authentication Server Function), Connected to PCF (Policy Control Function) and AF (Application Function).
  • AMF, SMF, NSSF, NEF, NRF, UDM, AUSF, PCF, and AF are interconnected through their respective service-based interfaces, Namf, Nsmf, Nnssf, Nnef, Nnrf, Nudm, Nausf, Npcf, and Naf. This is a network node device 30.
  • the SMF is a network node device 30 that has functions such as session management, UE IP (Internet Protocol) address assignment and management, DHCP (Dynamic Host Configuration Protocol) function, ARP (Address Resolution Protocol) proxy, and roaming function.
  • the NEF is a network node device 30 that has a function of notifying other NFs (Network Functions) of capabilities and events.
  • the NSSF is a network node device 30 that has functions such as selecting a network slice to which a UE connects, determining permitted NSSAI (Network Slice Selection Assistance Information), determining NSSAI to be configured, and determining an AMF set to which a UE connects. It is.
  • the PCF is a network node device 30 that has a function of controlling network policy.
  • AF is a network node device 30 that has a function of controlling an application server.
  • NRF is a network node device 30 that has a function of discovering NF instances that provide services.
  • the UDM is a network node device 30 that manages subscriber data and authentication data.
  • the UDM is connected to a UDR (User Data Repository) that holds the data.
  • FIG. 2 is a diagram for explaining an example of a communication system under a roaming environment.
  • the network includes a UE, which is a terminal 20, and a plurality of network node devices 30.
  • a UE which is a terminal 20
  • network node devices 30 there are node devices 30.
  • one network node device 30 corresponds to each function, but one network node device 30 may realize multiple functions, or multiple network node devices 30 may realize one function. It's okay.
  • the "connection" described below may be a logical connection or a physical connection.
  • the RAN is a network node device 30 having a wireless access function, and is connected to the UE, AMF, and UPF.
  • the AMF is a network node device 30 having functions such as RAN interface termination, NAS termination, registration management, connection management, reachability management, and mobility management.
  • the UPF is a network node device 30 that has functions such as a PDU session point for the outside that interconnects with the DN, packet routing and forwarding, and user plane QoS handling.
  • the UPF and DN constitute a network slice.
  • a plurality of network slices are constructed.
  • AMF is connected to UE, RAN, SMF, NSSF, NEF, NRF, UDM, AUSF, PCF, AF, and SEPP (Security Edge Protection Proxy).
  • AMF, SMF, NSSF, NEF, NRF, UDM, AUSF, PCF, and AF are interconnected through their respective service-based interfaces, Namf, Nsmf, Nnssf, Nnef, Nnrf, Nudm, Nausf, Npcf, and Naf. This is a network node device 30.
  • the SMF is a network node device 30 that has functions such as session management, UE IP address assignment and management, DHCP function, ARP proxy, and roaming function.
  • the NEF is a network node device 30 that has a function of notifying other NFs of capabilities and events.
  • the NSSF is a network node device 30 that has functions such as selecting a network slice to which a UE connects, determining permitted NSSAIs, determining NSSAIs to be configured, and determining an AMF set to which a UE connects.
  • the PCF is a network node device 30 that has a function of controlling network policy.
  • AF is a network node device 30 that has a function of controlling an application server.
  • NRF is a network node device 30 that has a function of discovering NF instances that provide services.
  • SEPP is a non-transparent proxy that filters control plane messages between PLMNs (Public Land Mobile Networks).
  • the vSEPP shown in FIG. 2 is the SEPP in the visited network, and the hSEPP is the SEPP in the home network.
  • the UE is in a roaming environment connected to the RAN and AMF in a VPLMN (Visited PLMN).
  • VPLMN and HPLMN are connected via vSEPP and hSEPP.
  • the UE can communicate with the HPLMN's UDM via the VPLMN's AMF, for example.
  • the operation in this embodiment may be performed in either of the configurations shown in FIGS. 1 and 2. Further, the operation in this embodiment may be performed in a configuration other than the configuration shown in FIGS. 1 and 2.
  • the CAPIF architecture provides a mechanism to support service API operations, such as allowing an API caller to discover service APIs provided by an API provider and enable communication using those service APIs. do.
  • the CAPIF architecture also has a mechanism to hide the topology of the PLMN trust domain from, for example, API callers accessing the service API from outside the PLMN trust domain.
  • API caller application 30A described below may be provided in the above-mentioned AF, and the API providing function (AEF) 30C may be provided in the NEF, or the API caller application 30A and AEF30C may be provided in the NEF. Each of them may be provided in any network node device 30.
  • the base station 10 may be equipped with an AEF 30C.
  • the terminal 20 may be provided with an application 30A that calls the API.
  • resource holder client 40 (resource owner), which will be described later, may be the network node device 30, the terminal 20, the base station 10, or any other device. There may be.
  • FIG. 3 is a diagram showing an example of an API call.
  • the 3GPP core network opens APIs to external applications, and third-party applications can call the APIs to the network node device 30.
  • the calling application 30A API invoker
  • the CAPIF core function also referred to as CCF
  • CCF CAPIF core function
  • the API caller application 30A is pre-registered in the CAPIF core function 30B using the CAPIF-API.
  • the CAPIF core function 30B authenticates and authorizes the third party application 30A.
  • the service API is opened by an API providing function (also referred to as AEF) 30C for the authenticated and authorized application 30A, and the application 30A that calls the API , by calling the API, the functions of the API can be used.
  • AEF API providing function
  • the APF (API Publishing Function) 30D has a function of publishing service API information of the API provider to the CAPIF core function 30B.
  • the AMF (API Management Function) 30E has various management functions related to API calls.
  • the resource holder client 40 can authorize the API caller application 30A to make an API call via the authorization server 35.
  • the resource holder client 40 may also be called a network node device, a terminal, a resource holder client device, a resource owner, a communication device, or the like.
  • the resource holder client 40 can grant authorization to the API call request of the API caller application 30A (API invoker), but once the authorization is granted, the API caller will not be able to access the API unless the authorization is revoked. There is a possibility that an additional API call is requested from the application 30A. The challenges caused by the ability to make additional API calls unless authorization is revoked are discussed below.
  • the resource holder client 40 gives permission to call the QoS change API for temporary use of a competitive game.
  • the API caller application 30A API invoker
  • the API caller application 30A can continue to freely change the QoS of the resource holder client 40. It is undesirable that settings related to end user communication quality, such as QoS, be changed without the approval of the end user (resource holder).
  • the resource holder client 40 In addition to operations related to end-user communication quality such as QoS changes, operations related to privacy such as obtaining location information, and operations related to billing such as the generation of usage fees for each API, the resource holder client 40 is appropriate. It is desirable to be able to revoke authorization at the appropriate timing.
  • FIG. 4 is a diagram for explaining the above situation. Note that the configuration of FIG. 4 itself shows the configuration of a communication system according to an embodiment of the present invention, and each device shown in the figure can perform data communication with other devices via a network.
  • the API caller application 30A is authorized to call a certain API.
  • the authorization server 35 receives an access token for calling the API.
  • the database 50 stores information regarding authorization.
  • the API calling application 30A can call the API to the AEF 30C within the validity period of the access token, unless the authorization is revoked. This causes the above-mentioned problem, and therefore, as shown in FIG. 4, it is necessary to cancel the authorization when it becomes unnecessary.
  • the above-mentioned authorization can be canceled in a system configuration including an authorization server 35, a resource holder client 40, and a database 50.
  • the authorization server 35 is a type of network node device.
  • the authorization server 35 may include the functions of the AEF 30C, may include the functions of the CAPIF core function 30B, may be a network node device that includes both the AEF 30C and the CAPIF core function 30B, or may include the functions of the AEF 30C and the CAPIF core function 30B. It may be a network node device that does not have any of the functions 30B.
  • the database 50 is a device that holds authorization information and is a type of network node device.
  • the database 50 may be provided outside the authorization server 35 or may be provided inside the authorization server 35.
  • the authorization information held by the database 50 is, for example, information that associates an access token (character string), an ID of an API, and information indicating whether calling of the API is authorized. These pieces of information are information registered in the database 50 by the authorization server 35.
  • the resource holder client 40 has granted authorization for a specific API call to the API caller application 30A.
  • the database 50 stores an access token, the ID of the specific API, and information indicating that calling of the specific API is authorized, and the API caller Application 30A holds this access token.
  • conditions for canceling API call authorization are set in advance in the resource holder client 40.
  • the resource holder client 40 when the resource holder client 40 detects the occurrence of an event that satisfies the above conditions, it transmits an authorization cancellation request to the authorization server 35.
  • the authorization server 35 Upon receiving the authorization cancellation request, the authorization server 35 authenticates the resource holder client 40, and if the authentication (specifically, authentication information verification) is successful, the authorization server 35 invalidates the authorization for the given API call. do.
  • the authorization server 35 deletes the access token of the corresponding entry in the database 50. That is, if the entry information is ⁇ access token, API ID, callable ⁇ , " ⁇ access token, API ID, callable ⁇ " is deleted.
  • the authorization server 35 may cancel the authorization by changing ⁇ access token, API ID, callable ⁇ to ⁇ access token, API ID, callable ⁇ . In other words, authorization may be revoked by making the access token unusable.
  • Examples of conditions that trigger the transmission of an authorization cancellation request include conditions (1) to (5) below. Note that the following conditions (1) to (5) are all examples, and the conditions that trigger the transmission of an authorization cancellation request are not limited to the following conditions (1) to (5).
  • (1) Application Status For example, the resource holder client 40 cancels the QoS change API call authorization using the termination of the competitive game application as a trigger. Thereafter, the QoS change API call may be authorized again using the start of the competitive game application as a trigger.
  • the resource holder client 40 may cancel API call authorization at a preset time.
  • the resource holder client 40 may determine whether it exists in a specific location using location information obtained by the GPS function or based on the cell ID of the cell in which it is located. However, the judgment may be made from an image obtained by a camera held by the person, from sound obtained by a microphone held by the person, or by other methods.
  • the resource holder client 40 measures the communication delay to a specific server, and if it detects that the delay value has become larger than a preset reference value, the resource holder client 40 makes an API call. Revoke authorization.
  • the resource holder client 40 and an external server may cooperate to detect an event (an event indicating that a condition is met).
  • the resource holder client 40 sends a packet to a specific server, and the time required for the packet to return to the resource holder client 40 is It is possible to check whether the conditions are satisfied based on the round trip time.
  • Wireless quality For example, when the resource holder client 40 detects that the strength of radio waves received from the base station has fallen below a preset reference value for a preset period of time, the resource holder client 40 requests API call authorization. cancel.
  • the resource holder client 40 itself holds the conditions for authorization cancellation and judges whether an event that satisfies the conditions has occurred, but this is just an example. be.
  • Another entity referred to as an external server 60
  • external server 60 external to the resource holder client 40 may maintain conditions for authorization revocation and determine whether an event that satisfies the conditions has occurred.
  • the external server 60 When the external server 60 detects that an event that satisfies the conditions for authorization revocation has occurred, it notifies the resource holder client 40 that an event that satisfies the conditions for authorization revocation has occurred, for example. After that, the resource holder client 40 sends a cancellation request to the authorization server 35, similar to the process described above. Alternatively, when the external server 60 detects that an event that satisfies the conditions for authorization revocation has occurred, the external server 60 itself may transmit a revocation request to the authorization server 35.
  • the resource holder client 40 maintains the conditions for each API, and when it detects that the conditions corresponding to a certain API are met, requests cancellation of authorization for that API. Send.
  • the resource holder client 40 holds information (table) in a format such as "(API_1, condition 1), (API_2, condition 2), ..., (API_n, condition n)" as a condition, for example. .
  • the authorization server 35 Upon receiving the authorization request, the authorization server 35 authenticates the resource holder client 40, and if the authentication (specifically, verification of the authentication information) is successful, the authorization server 35 validates the authorization for the API call. For example, the authorization server 35 changes the corresponding entry ⁇ access token, API ID, callable ⁇ in the database 50 to ⁇ access token, API ID, callable ⁇ . Further, if the entry has been deleted, a new entry, that is, ⁇ access token, API ID, callable ⁇ is generated, and the access token is paid out to the API calling application 30A.
  • the resource holder client 40 When performing reauthorization, the resource holder client 40 sends a message to the authorization server 35 in the same manner as the above-mentioned cancellation, using the detection of the occurrence of an event that satisfies preset conditions as reauthorization conditions as a trigger. , an API call authorization request may be sent.
  • tokens there are access tokens and refresh tokens as tokens, which will be collectively referred to as “tokens” below.
  • the token may also be called “access permission information.”
  • the API caller application 30A holds tokens, and the database 50 stores information regarding the tokens.
  • the information regarding the token is, for example, the information ⁇ token, API ID, callable ⁇ .
  • the resource holder client 40 detects an event that satisfies preset conditions.
  • the resource holder client 40 transmits an authorization cancellation request to the authorization server 35.
  • This request message includes, for example, the ID of the target API and information indicating that it is a cancellation request.
  • the authorization server 35 authenticates the resource holder client 40. Any authentication method may be used; for example, the authorization server 35 requests the resource holder client 40 for an ID/password, and the resource holder client 40 sends the ID/password to the authorization server 35. Authentication may be performed by Here, it is assumed that the authentication was successful.
  • the authorization server 35 transmits a token deletion request to the database 50.
  • This request message includes, for example, the ID of the target API.
  • the database 50 deletes the token corresponding to the target API. Alternatively, as described above, the token may be managed as "uncallable" without being deleted.
  • the database 50 returns a deletion response to the authorization server 35.
  • the authorization server 35 returns a response to the resource holder client 40 indicating that the call authorization for the target API has been revoked.
  • the API calling application 30A uses the old token (the token that has been deleted or is disabled to call) to send a request to call the target API to the AEF 30C.
  • the AEF 30C accesses the database 50 and tries to refer to the information regarding the token, but fails to refer to the information regarding the token. Alternatively, check the information regarding the token and understand that it is "uncallable.”
  • the AEF 30C transmits an API call rejection message to the API caller application 30A.
  • the external server 60 may detect events that satisfy the cancellation conditions.
  • FIG. 7 shows an example of a sequence when the external server 60 detects an event that satisfies the cancellation conditions. In the following, description of the same parts as those in FIG. 6 will be omitted or simplified.
  • communication is possible between the resource holder client 40 and the external server 60, and the external server 60 transmits information necessary for detecting an event that satisfies the cancellation condition to the resource holder client at any time. It can be obtained from 40. Note that if it is possible to detect an event that satisfies the cancellation conditions without using information from the resource holder client 40, it is not necessary to acquire the information from the resource holder client 40.
  • the external server 60 detects an event that satisfies preset conditions.
  • the external server 60 transmits an authorization cancellation request to the authorization server 35.
  • This request message includes, for example, information indicating the resource holder client 40 (IP address, etc.), the ID of the target API, and information indicating that it is a cancellation request.
  • the authorization server 35 authenticates the resource holder client 40.
  • the authorization server 35 After S105 to S107, in S108, the authorization server 35 returns a response to the external server 60 indicating that the call authorization for the target API has been revoked. After S108, the external server may notify the API calling application 30A of information indicating that the authorization to call the target API has been revoked.
  • FIG. 8 shows a specific configuration example of a system according to this embodiment, assuming a 5G system.
  • FIG. 8 shows, as an example, a case where the UE (terminal) 20 is the resource holder client 40 and the CCF 30B is the authorization server 35.
  • the database 50 may also be included in the CCF 30B.
  • the trusted domain PLMN (PLMN Trust domain) includes CCF 30B including CAPIF-API, AEF 30C including service API, APF (API Publishing Function) 30D, AMF (API Management Function) 30E, and UE 20. (eg, resource holder client 40), core network, and access network.
  • an API caller application 30A (for example, a game server) exists outside the PLMN.
  • the UE 20 may be connected to the API calling application 30A, AEF 30C, and CCF 30B via an access network and a core network.
  • FIG. 9 is a diagram showing another example of the system configuration.
  • the CCF 30B including the CAPIF-API, the AEF 30C including the service API, the APF 30D, the AMF 30E, the UE 20-1, the UE 20-2, the core network, and the access network belong to the PLMN, which is a trusted domain.
  • the UE 20-1 includes, for example, an application that is an API call request source.
  • the UE 20-2 is, for example, the resource holder client 40. Note that the functions of the application and the resource holder client may be provided in the same device (such as a terminal).
  • the UE 20-1 may be connected to the CCF 30B and AEF 30C via an access network and a core network. Further, the UE 20-2 may be connected to the CCF 30B and the AEF 30C via an access network and a core network.
  • FIGS. 8 and 9 show an example of the system configuration, and the system configuration is not limited thereto.
  • AEF 30C, APF 30D, and AMF 30E may be outside the trusted PLMN domain.
  • the token itself can have an expiration date, but the technology according to this embodiment goes beyond that by providing dynamic information such as device location information, application status, and real-time communication quality. This makes it possible to more flexibly control authorization revocation based on relevant information.
  • base station 10 network node device 30, resource holder client 40, database 50, external server 60, and terminal 20 may all be referred to as "communication devices.”
  • FIG. 10 is a diagram showing an example of the functional configuration of the base station 10.
  • base station 10 includes a transmitting section 110, a receiving section 120, a setting section 130, and a control section 140.
  • the functional configuration shown in FIG. 10 is only an example. As long as the operations according to the embodiments of the present invention can be carried out, the functional divisions and functional parts may have any names.
  • the network node device 30 (for example, the network node device 30 having the function of the AEF 30C, the authorization server 35, the database 50, the external server 60, etc.) may have the same functional configuration as the base station 10 shown in FIG. . Further, the network node device 30 having a plurality of different functions in the system architecture may be configured from a plurality of network node devices 30 separated for each function. Further, the network node device 30 is not limited to a network node device existing in a core network or an access network, but may correspond to a network node device belonging to a PLMN domain. Further, the resource holder client 40 may also have the functional configuration shown in FIG.
  • the transmitting unit 110 includes a function of generating a signal to be transmitted to the terminal 20 or other network node device 30, and transmitting the signal by wire or wirelessly.
  • the receiving unit 120 includes a function of receiving various signals transmitted from the terminal 20 or other network node devices 30 and acquiring, for example, information of a higher layer from the received signals.
  • the setting unit 130 stores various setting information in a storage device, and reads it from the storage device as necessary.
  • the control unit 140 controls the entire device.
  • a functional unit related to signal transmission in the control unit 140 may be included in the transmitting unit 110, and a functional unit related to signal reception in the control unit 140 may be included in the receiving unit 120.
  • FIG. 11 is a diagram showing an example of the functional configuration of the terminal 20.
  • the terminal 20 includes a transmitting section 210, a receiving section 220, a setting section 230, and a control section 240.
  • the functional configuration shown in FIG. 11 is only an example. As long as the operations according to the embodiments of the present invention can be carried out, the functional divisions and functional parts may have any names.
  • the terminal 20 may function as a resource holder client 40.
  • the transmitter 210 creates a transmission signal from the transmission data and wirelessly transmits the transmission signal.
  • the receiving unit 220 wirelessly receives various signals and obtains higher layer signals from the received physical layer signals. Further, the receiving unit 220 has a function of receiving NR-PSS, NR-SSS, NR-PBCH, DL/UL control signals, reference signals, etc. transmitted from the base station 10 or the network node device 30.
  • the setting unit 230 stores various setting information received from the base station 10 or network node device 30 by the receiving unit 220 in a storage device, and reads it from the storage device as necessary.
  • the storage device also stores conditions for authorization cancellation.
  • the control unit 240 performs, for example, processing related to connection control to networks and network slices.
  • a functional unit related to signal transmission in the control unit 240 may be included in the transmitting unit 210, and a functional unit related to signal reception in the control unit 240 may be included in the receiving unit 220.
  • the terminal 20 When the terminal 20 functions as the resource holder client 40, the terminal 20 may be equipped with a display capable of inputting and outputting, similar to a smartphone or the like.
  • the present embodiment provides at least the communication device, network node device, and authorization control method shown in Additional Notes 1 to 6 below.
  • a control unit that determines whether an event that satisfies conditions for canceling authorization for calling the API has occurred; a transmission unit that transmits a request to cancel authorization for calling the API to a network node device when it is determined that the event has occurred.
  • the condition is any one of a plurality of conditions including at least a condition related to an application state, a condition related to time, a condition related to location, a condition related to communication quality, and a condition related to wireless quality. Communication device.
  • a receiving unit that receives a request to cancel authorization for calling the API from a communication device that has detected an event that satisfies conditions for canceling authorization for calling the API; and a control unit that executes a process of canceling authorization for calling the API based on the request.
  • the network node device according to appendix 3, wherein the control unit deletes the access permission information used for calling the API from the database or makes the access permission information unusable.
  • Supplementary Notes 1 to 6 provides a technology that makes it possible to revoke authorization for an API call once authorized. According to Additional Note 2, judgments can be made based on various conditions. According to Additional Note 4, the process of canceling API call permission can be appropriately executed.
  • each functional block may be realized using one physically or logically coupled device, or may be realized using two or more physically or logically separated devices directly or indirectly (e.g. , wired, wireless, etc.) and may be realized using a plurality of these devices.
  • the functional block may be realized by combining software with the one device or the plurality of devices.
  • Functions include judgment, decision, judgment, calculation, calculation, processing, derivation, investigation, exploration, confirmation, reception, transmission, output, access, resolution, selection, selection, establishment, comparison, assumption, expectation, consideration, These include, but are not limited to, broadcasting, notifying, communicating, forwarding, configuring, reconfiguring, allocating, mapping, and assigning. I can't do it.
  • a functional block (configuration unit) that performs transmission is called a transmitting unit or a transmitter. In either case, as described above, the implementation method is not particularly limited.
  • the network node device 30, terminal 20, etc. in an embodiment of the present disclosure may function as a computer that performs processing of the wireless communication method of the present disclosure.
  • FIG. 12 is a diagram illustrating an example of the hardware configuration of the base station 10, terminal 20, network node device 30, authorization server 35, resource holder client 40, external server 60, etc. according to an embodiment of the present disclosure.
  • Each of the above devices may be physically configured as a computer device including a processor 1001, a storage device 1002, an auxiliary storage device 1003, a communication device 1004, an input device 1005, an output device 1006, a bus 1007, and the like.
  • the word “apparatus” can be read as a circuit, a device, a unit, etc.
  • the hardware configuration of the base station 10, terminal 20, network node device 30, authorization server 35, resource holder client 40, etc. may be configured to include one or more of each device shown in the figure, or may be configured to include one or more of each device shown in the figure. It may also be configured without including any other device.
  • Each function in the base station 10, terminal 20, network node device 30, authorization server 35, resource holder client 40, external server 60, etc. is implemented by predetermined software (program) on hardware such as the processor 1001, storage device 1002, etc. This is achieved by causing the processor 1001 to perform calculations and controlling communication by the communication device 1004 and/or controlling at least one of data reading and writing in the storage device 1002 and the auxiliary storage device 1003.
  • the processor 1001 for example, operates an operating system to control the entire computer.
  • the processor 1001 may be configured with a central processing unit (CPU) including an interface with peripheral devices, a control device, an arithmetic unit, registers, and the like.
  • CPU central processing unit
  • control unit 140, control unit 240, etc. may be implemented by the processor 1001.
  • the processor 1001 reads programs (program codes), software modules, data, etc. from at least one of the auxiliary storage device 1003 and the communication device 1004 to the storage device 1002, and executes various processes in accordance with these.
  • the program a program that causes a computer to execute at least part of the operations described in the above embodiments is used.
  • the control unit 140 shown in FIG. 10 may be realized by a control program stored in the storage device 1002 and operated on the processor 1001.
  • the control unit 240 shown in FIG. 11 may be realized by a control program stored in the storage device 1002 and operated by the processor 1001.
  • the various processes described above have been described as being executed by one processor 1001, they may be executed by two or more processors 1001 simultaneously or sequentially.
  • Processor 1001 may be implemented by one or more chips. Note that the program may be transmitted from a network via a telecommunications line.
  • the storage device 1002 is a computer-readable recording medium, such as at least one of ROM (Read Only Memory), EPROM (Erasable Programmable ROM), EEPROM (Electrically Erasable Programmable ROM), RAM (Random Access Memory), etc. may be configured.
  • the storage device 1002 may be called a register, cache, main memory, or the like.
  • the storage device 1002 can store executable programs (program codes), software modules, and the like to implement a communication method according to an embodiment of the present disclosure.
  • the auxiliary storage device 1003 is a computer-readable recording medium, such as an optical disk such as a CD-ROM (Compact Disc ROM), a hard disk drive, a flexible disk, a magneto-optical disk (for example, a compact disk, a digital versatile disk, a Blu-ray disk, etc.). -ray disk), smart card, flash memory (eg, card, stick, key drive), floppy disk, magnetic strip, etc.
  • the above-mentioned storage medium may be, for example, a database including at least one of the storage device 1002 and the auxiliary storage device 1003, a server, or other suitable medium.
  • the communication device 1004 is hardware (transmission/reception device) for communicating between computers via at least one of a wired network and a wireless network, and is also referred to as a network device, network controller, network card, communication module, etc., for example.
  • the communication device 1004 includes, for example, a high frequency switch, a duplexer, a filter, a frequency synthesizer, etc. in order to realize at least one of frequency division duplex (FDD) and time division duplex (TDD). It may be composed of.
  • FDD frequency division duplex
  • TDD time division duplex
  • the transmitting and receiving unit may be physically or logically separated into a transmitting unit and a receiving unit.
  • the input device 1005 is an input device (eg, keyboard, mouse, microphone, switch, button, sensor, etc.) that accepts input from the outside.
  • the output device 1006 is an output device (for example, a display, a speaker, an LED lamp, etc.) that performs output to the outside. Note that the input device 1005 and the output device 1006 may have an integrated configuration (for example, a touch panel).
  • each device such as the processor 1001 and the storage device 1002 is connected by a bus 1007 for communicating information.
  • the bus 1007 may be configured using a single bus, or may be configured using different buses for each device.
  • the base station 10, terminal 20, network node device 30, authorization server 35, resource holder client 40, external server 35, etc. are equipped with a microprocessor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), etc. ), PLD (Programmable Logic Device), FPGA (Field Programmable Gate Array), etc., and a part or all of each functional block may be realized by the hardware.
  • processor 1001 may be implemented using at least one of these hardwares.
  • the vehicle 2001 may be provided with each of the terminal 20, the base station 10, the network node device 30, the authorization server 35, the resource holder client 40, and the external server 60, or any one or more of these.
  • FIG. 13 shows an example of the configuration of vehicle 2001.
  • the vehicle 2001 includes a drive unit 2002, a steering unit 2003, an accelerator pedal 2004, a brake pedal 2005, a shift lever 2006, a front wheel 2007, a rear wheel 2008, an axle 2009, an electronic control unit 2010, and various sensors 2021 to 2029. , an information service section 2012 and a communication module 2013.
  • Each aspect/embodiment described in this disclosure may be applied to a communication device mounted on vehicle 2001, for example, may be applied to communication module 2013. All or any functions of the terminal 20, base station 10, network node device 30, authorization server 35, and resource holder client 40 may be installed in the communication module 2013.
  • the drive unit 2002 is composed of, for example, an engine, a motor, or a hybrid of an engine and a motor.
  • the steering unit 2003 includes at least a steering wheel (also referred to as a steering wheel), and is configured to steer at least one of the front wheels and the rear wheels based on the operation of the steering wheel operated by the user.
  • the electronic control unit 2010 is composed of a microprocessor 2031, memory (ROM, RAM) 2032, and communication port (IO port) 2033. Signals from various sensors 2021 to 2029 provided in the vehicle 2001 are input to the electronic control unit 2010.
  • the electronic control unit 2010 may also be called an ECU (Electronic Control Unit).
  • Signals from various sensors 2021 to 2029 include a current signal from a current sensor 2021 that senses the motor current, a front wheel and rear wheel rotation speed signal obtained by a rotation speed sensor 2022, and a front wheel rotation speed signal obtained by an air pressure sensor 2023. and rear wheel air pressure signals, vehicle speed signals acquired by vehicle speed sensor 2024, acceleration signals acquired by acceleration sensor 2025, accelerator pedal depression amount signals acquired by accelerator pedal sensor 2029, and brake pedal sensor 2026. These include a brake pedal depression amount signal, a shift lever operation signal acquired by the shift lever sensor 2027, a detection signal for detecting obstacles, vehicles, pedestrians, etc. acquired by the object detection sensor 2028, and the like.
  • the information service department 2012 includes various devices such as car navigation systems, audio systems, speakers, televisions, and radios for providing various information such as driving information, traffic information, and entertainment information, as well as one or more devices that control these devices. It consists of an ECU.
  • the information service unit 2012 provides various multimedia information and multimedia services to the occupants of the vehicle 2001 using information acquired from an external device via the communication module 2013 and the like.
  • the driving support system unit 2030 includes a millimeter wave radar, LiDAR (Light Detection and Ranging), a camera, a positioning locator (for example, GNSS, etc.), map information (for example, a high-definition (HD) map, an autonomous vehicle (AV) map, etc.) ), gyro systems (e.g., IMU (Inertial Measurement Unit), INS (Inertial Navigation System), etc.), AI (Artificial Intelligence) chips, and AI processors that prevent accidents and reduce the driver's driving burden.
  • the system is comprised of various devices that provide functions for the purpose and one or more ECUs that control these devices. Further, the driving support system unit 2030 transmits and receives various information via the communication module 2013, and realizes a driving support function or an automatic driving function.
  • Communication module 2013 can communicate with microprocessor 2031 and components of vehicle 2001 via a communication port.
  • the communication module 2013 communicates with the drive unit 2002, steering unit 2003, accelerator pedal 2004, brake pedal 2005, shift lever 2006, front wheels 2007, rear wheels 2008, axle 2009, electronic Data is transmitted and received between the microprocessor 2031, memory (ROM, RAM) 2032, and sensors 2021 to 29 in the control unit 2010.
  • the communication module 2013 is a communication device that can be controlled by the microprocessor 2031 of the electronic control unit 2010 and can communicate with external devices. For example, various information is transmitted and received with an external device via wireless communication.
  • the communication module 2013 may be located either inside or outside the electronic control unit 2010.
  • the external device may be, for example, a base station, a mobile station, or the like.
  • the communication module 2013 transmits the current signal from the current sensor input to the electronic control unit 2010 to an external device via wireless communication.
  • the communication module 2013 also receives the front wheel and rear wheel rotational speed signals inputted to the electronic control unit 2010 and acquired by the rotational speed sensor 2022, the front wheel and rear wheel air pressure signals acquired by the air pressure sensor 2023, and the vehicle speed sensor. 2024, an acceleration signal obtained by acceleration sensor 2025, an accelerator pedal depression amount signal obtained by accelerator pedal sensor 2029, a brake pedal depression amount signal obtained by brake pedal sensor 2026, and a shift lever.
  • a shift lever operation signal acquired by the sensor 2027, a detection signal for detecting obstacles, vehicles, pedestrians, etc. acquired by the object detection sensor 2028 are also transmitted to the external device via wireless communication.
  • the communication module 2013 receives various information (traffic information, signal information, inter-vehicle information, etc.) transmitted from an external device, and displays it on the information service section 2012 provided in the vehicle 2001.
  • Communication module 2013 also stores various information received from external devices into memory 2032 that can be used by microprocessor 2031 . Based on the information stored in the memory 2032, the microprocessor 2031 controls the drive section 2002, steering section 2003, accelerator pedal 2004, brake pedal 2005, shift lever 2006, front wheel 2007, rear wheel 2008, and axle 2009 provided in the vehicle 2001. , sensors 2021 to 2029, etc. may be controlled.
  • the operations of a plurality of functional sections may be physically performed by one component, or the operations of one functional section may be physically performed by a plurality of components.
  • the order of processing may be changed as long as there is no contradiction.
  • the base station 10, terminal 20, network node device 30, authorization server 35, resource holder client 40, etc. have been explained using a functional block diagram, but such devices are hardware, It may be implemented in software or a combination thereof.
  • the software operated by the processors of the base station 10, terminal 20, network node device 30, authorization server 35, resource holder client 40, etc. includes random access memory (RAM), flash memory, read memory, etc.
  • the information may be stored in a dedicated memory (ROM), EPROM, EEPROM, register, hard disk (HDD), removable disk, CD-ROM, database, server, or any other suitable storage medium.
  • the notification of information is not limited to the aspects/embodiments described in this disclosure, and may be performed using other methods.
  • the notification of information may be physical layer signaling (e.g., DCI (Downlink Control Information), UCI (Uplink Control Information)), upper layer signaling (e.g., RRC (Radio Resource Control) signaling, MAC (Medium Access Control) signaling). , broadcast information (MIB (Master Information Block), SIB (System Information Block)), other signals, or a combination thereof.
  • RRC signaling may be called an RRC message, and may be, for example, an RRC Connection Setup message, an RRC Connection Reconfiguration message, or the like.
  • LTE Long Term Evolution
  • LTE-A Long Term Evolution-Advanced
  • SUPER 3G IMT-Advanced
  • 4G 4th generation mobile communication system
  • 5G 5th generation mobile communication system
  • FRA Fluture Radio Access
  • NR new Radio
  • W-CDMA registered trademark
  • GSM registered trademark
  • CDMA2000 Code Division Multiple Access 2000
  • UMB Universal Mobile Broadband
  • IEEE 802.11 Wi-Fi (registered trademark)
  • IEEE 802.16 WiMAX (registered trademark)
  • IEEE 802.20 UWB (Ultra-WideBand
  • Bluetooth registered trademark
  • a combination of a plurality of systems may be applied (for example, a combination of at least one of LTE and LTE-A and 5G).
  • the base station 10 may be performed by its upper node in some cases.
  • various operations performed for communication with a terminal 20 are performed by the base station 10 and other network nodes other than the base station 10. It is clear that this can be done by at least one of the following: for example, MME or S-GW (possible, but not limited to).
  • MME Mobility Management Entity
  • S-GW Packet Control Function
  • the other network node may be a combination of multiple other network nodes (for example, MME and S-GW).
  • the information, signals, etc. described in this disclosure can be output from an upper layer (or lower layer) to a lower layer (or upper layer). It may be input/output via multiple network nodes.
  • the input/output information may be stored in a specific location (for example, memory) or may be managed using a management table. Information etc. to be input/output may be overwritten, updated, or additionally written. The output information etc. may be deleted. The input information etc. may be transmitted to other devices.
  • the determination in the present disclosure may be performed based on a value represented by 1 bit (0 or 1), a truth value (Boolean: true or false), or a comparison of numerical values (e.g. , comparison with a predetermined value).
  • Software includes instructions, instruction sets, code, code segments, program code, programs, subprograms, software modules, whether referred to as software, firmware, middleware, microcode, hardware description language, or by any other name. , should be broadly construed to mean an application, software application, software package, routine, subroutine, object, executable, thread of execution, procedure, function, etc.
  • software, instructions, information, etc. may be sent and received via a transmission medium.
  • a transmission medium For example, if the software uses wired technology (coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), etc.) and/or wireless technology (infrared, microwave, etc.) to create a website, When transmitted from a server or other remote source, these wired and/or wireless technologies are included within the definition of transmission medium.
  • wired technology coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), etc.
  • wireless technology infrared, microwave, etc.
  • data, instructions, commands, information, signals, bits, symbols, chips, etc. which may be referred to throughout the above description, may refer to voltages, currents, electromagnetic waves, magnetic fields or magnetic particles, light fields or photons, or any of these. It may also be represented by a combination of
  • At least one of the channel and the symbol may be a signal.
  • the signal may be a message.
  • a component carrier may also be called a carrier frequency, a cell, a frequency carrier, or the like.
  • system and “network” are used interchangeably.
  • radio resources may be indicated by an index.
  • Base Station BS
  • wireless base station base station
  • base station fixed station
  • NodeB eNodeB
  • gNodeB gNodeB
  • a base station can accommodate one or more (eg, three) cells. If a base station accommodates multiple cells, the overall coverage area of the base station can be partitioned into multiple smaller areas, and each smaller area is divided into multiple subsystems (e.g., small indoor base stations (RRHs)). Communication services can also be provided by Remote Radio Head).
  • RRHs small indoor base stations
  • Communication services can also be provided by Remote Radio Head).
  • the term "cell” or “sector” refers to part or all of the coverage area of a base station and/or base station subsystem that provides communication services in this coverage.
  • MS Mobile Station
  • UE User Equipment
  • a mobile station is defined by a person skilled in the art as a subscriber station, mobile unit, subscriber unit, wireless unit, remote unit, mobile device, wireless device, wireless communication device, remote device, mobile subscriber station, access terminal, mobile terminal, wireless It may also be referred to as a terminal, remote terminal, handset, user agent, mobile client, client, or some other suitable terminology.
  • At least one of a base station and a mobile station may be called a transmitting device, a receiving device, a communication device, etc.
  • the base station and the mobile station may be a device mounted on a mobile body, the mobile body itself, or the like.
  • the moving object may be a vehicle (for example, a car, an airplane, etc.), an unmanned moving object (for example, a drone, a self-driving car, etc.), or a robot (manned or unmanned). ).
  • at least one of the base station and the mobile station includes devices that do not necessarily move during communication operations.
  • at least one of the base station and the mobile station may be an IoT (Internet of Things) device such as a sensor.
  • IoT Internet of Things
  • the base station in the present disclosure may be replaced by a terminal.
  • a configuration in which communication between a base station and a terminal is replaced with communication between a plurality of terminals 20 for example, it may be called D2D (Device-to-Device), V2X (Vehicle-to-Everything), etc.)
  • the terminal 20 may have the functions that the base station 10 described above has.
  • words such as "up” and “down” may be replaced with words corresponding to inter-terminal communication (for example, "side”).
  • uplink channels, downlink channels, etc. may be replaced with side channels.
  • a terminal in the present disclosure may be replaced by a base station.
  • a configuration may be adopted in which the base station has the functions that the above-described terminal has.
  • determining may encompass a wide variety of operations.
  • “Judgment” and “decision” include, for example, judging, calculating, computing, processing, deriving, investigating, looking up, search, and inquiry. (e.g., searching in a table, database, or other data structure), and regarding an ascertaining as a “judgment” or “decision.”
  • judgment and “decision” refer to receiving (e.g., receiving information), transmitting (e.g., sending information), input, output, and access.
  • (accessing) may include considering something as a “judgment” or “decision.”
  • judgment and “decision” refer to resolving, selecting, choosing, establishing, comparing, etc. as “judgment” and “decision”. may be included.
  • judgment and “decision” may include regarding some action as having been “judged” or “determined.”
  • judgment (decision) may be read as “assuming", “expecting", “considering”, etc.
  • connection refers to any connection or coupling, direct or indirect, between two or more elements and to each other. It may include the presence of one or more intermediate elements between two elements that are “connected” or “coupled.”
  • the bonds or connections between elements may be physical, logical, or a combination thereof. For example, "connection” may be replaced with "access.”
  • two elements may include one or more electrical wires, cables, and/or printed electrical connections, as well as in the radio frequency domain, as some non-limiting and non-inclusive examples. , electromagnetic energy having wavelengths in the microwave and optical (both visible and non-visible) ranges.
  • the reference signal can also be abbreviated as RS (Reference Signal), and may be called a pilot depending on the applied standard.
  • RS Reference Signal
  • the phrase “based on” does not mean “based solely on” unless explicitly stated otherwise. In other words, the phrase “based on” means both “based only on” and “based at least on.”
  • any reference to elements using the designations "first,” “second,” etc. does not generally limit the amount or order of those elements. These designations may be used in this disclosure as a convenient way to distinguish between two or more elements. Thus, reference to a first and second element does not imply that only two elements may be employed or that the first element must precede the second element in any way.
  • a radio frame may be composed of one or more frames in the time domain. Each frame or frames in the time domain may be called a subframe. A subframe may also be composed of one or more slots in the time domain. A subframe may have a fixed time length (eg, 1 ms) that does not depend on numerology.
  • the numerology may be a communication parameter applied to the transmission and/or reception of a certain signal or channel. Numerology includes, for example, subcarrier spacing (SCS), bandwidth, symbol length, cyclic prefix length, transmission time interval (TTI), number of symbols per TTI, radio frame configuration, and transmitter/receiver. It may also indicate at least one of a specific filtering process performed in the frequency domain, a specific windowing process performed by the transceiver in the time domain, and the like.
  • SCS subcarrier spacing
  • TTI transmission time interval
  • transmitter/receiver transmitter/receiver. It may also indicate at least one of a specific filtering process performed in the frequency domain, a specific windowing process performed by the transceiver in the time domain, and the like.
  • a slot may be composed of one or more symbols (OFDM (Orthogonal Frequency Division Multiplexing) symbols, SC-FDMA (Single Carrier Frequency Division Multiple Access) symbols, etc.) in the time domain.
  • a slot may be a unit of time based on numerology.
  • a slot may include multiple mini-slots. Each minislot may be made up of one or more symbols in the time domain. Furthermore, a mini-slot may also be called a sub-slot. A minislot may be made up of fewer symbols than a slot.
  • PDSCH (or PUSCH) transmitted in time units larger than minislots may be referred to as PDSCH (or PUSCH) mapping type A.
  • PDSCH (or PUSCH) transmitted using minislots may be referred to as PDSCH (or PUSCH) mapping type B.
  • Radio frames, subframes, slots, minislots, and symbols all represent time units when transmitting signals. Other names may be used for the radio frame, subframe, slot, minislot, and symbol.
  • one subframe may be called a transmission time interval (TTI)
  • TTI transmission time interval
  • multiple consecutive subframes may be called a TTI
  • one slot or one minislot may be called a TTI. It's okay.
  • at least one of the subframe and TTI may be a subframe (1ms) in existing LTE, a period shorter than 1ms (for example, 1-13 symbols), or a period longer than 1ms. It may be.
  • the unit representing the TTI may be called a slot, minislot, etc. instead of a subframe.
  • one slot may be called a unit time. The unit time may be different for each cell depending on the numerology.
  • TTI refers to, for example, the minimum time unit for scheduling in wireless communication.
  • a base station performs scheduling to allocate radio resources (frequency bandwidth, transmission power, etc. that can be used by each terminal 20) to each terminal 20 on a TTI basis.
  • radio resources frequency bandwidth, transmission power, etc. that can be used by each terminal 20
  • TTI is not limited to this.
  • the TTI may be a transmission time unit of a channel-coded data packet (transport block), a code block, a codeword, etc., or may be a processing unit of scheduling, link adaptation, etc. Note that when a TTI is given, the time interval (for example, the number of symbols) to which transport blocks, code blocks, code words, etc. are actually mapped may be shorter than the TTI.
  • one slot or one minislot is called a TTI
  • one or more TTIs may be the minimum time unit for scheduling.
  • the number of slots (minislot number) that constitutes the minimum time unit of the scheduling may be controlled.
  • a TTI having a time length of 1 ms may be called a normal TTI (TTI in LTE Rel. 8-12), normal TTI, long TTI, normal subframe, normal subframe, long subframe, slot, etc.
  • TTI that is shorter than the normal TTI may be referred to as an abbreviated TTI, short TTI, partial or fractional TTI, shortened subframe, short subframe, minislot, subslot, slot, etc.
  • long TTI for example, normal TTI, subframe, etc.
  • short TTI for example, short TTI, etc. It may also be read as a TTI having the above TTI length.
  • a resource block is a resource allocation unit in the time domain and frequency domain, and may include one or more continuous subcarriers in the frequency domain.
  • the number of subcarriers included in an RB may be the same regardless of the numerology, and may be 12, for example.
  • the number of subcarriers included in an RB may be determined based on newerology.
  • the time domain of an RB may include one or more symbols, and may be one slot, one minislot, one subframe, or one TTI in length.
  • One TTI, one subframe, etc. may each be composed of one or more resource blocks.
  • one or more RBs include physical resource blocks (PRBs), sub-carrier groups (SCGs), resource element groups (REGs), PRB pairs, RB pairs, etc. May be called.
  • PRBs physical resource blocks
  • SCGs sub-carrier groups
  • REGs resource element groups
  • PRB pairs RB pairs, etc. May be called.
  • a resource block may be configured by one or more resource elements (REs).
  • REs resource elements
  • 1 RE may be a radio resource region of 1 subcarrier and 1 symbol.
  • a bandwidth part (which may also be called a partial bandwidth or the like) may represent a subset of consecutive common resource blocks (RBs) for a certain numerology in a certain carrier.
  • the common RB may be specified by an RB index based on a common reference point of the carrier.
  • PRBs may be defined in a BWP and numbered within that BWP.
  • the BWP may include a UL BWP (UL BWP) and a DL BWP (DL BWP).
  • UL BWP UL BWP
  • DL BWP DL BWP
  • One or more BWPs may be configured within one carrier for a UE.
  • At least one of the configured BWPs may be active and the UE may not expect to transmit or receive a given signal/channel outside of the active BWP.
  • “cell”, “carrier”, etc. in the present disclosure may be replaced with "BWP”.
  • radio frames, subframes, slots, minislots, symbols, etc. described above are merely examples.
  • the number of subframes included in a radio frame, the number of slots per subframe or radio frame, the number of minislots included in a slot, the number of symbols and RBs included in a slot or minislot, the number of symbols included in an RB, Configurations such as the number of subcarriers, the number of symbols in a TTI, the symbol length, and the cyclic prefix (CP) length can be changed in various ways.
  • a and B are different may mean “A and B are different from each other.” Note that the term may also mean that "A and B are each different from C”. Terms such as “separate” and “coupled” may also be interpreted similarly to “different.”
  • notification of prescribed information is not limited to being done explicitly, but may also be done implicitly (for example, not notifying the prescribed information). Good too.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

This communication device comprises: a control unit that determines whether an event that satisfies conditions for canceling authorization for API calls has occurred; and a transmission unit that, when it is determined that the event has occurred, transmits a request to cancel the authorization for API calls to a network node device.

Description

通信装置、ネットワークノード装置、及び認可制御方法Communication device, network node device, and authorization control method
 本発明は、外部アプリケーションからネットワークノード装置へのAPI呼び出しに関連するものである。 The present invention relates to API calls from external applications to network node devices.
 3GPP(3rd Generation Partnership Project)では、システム容量の更なる大容量化、データ伝送速度の更なる高速化、無線区間における更なる低遅延化等を実現するために、5GあるいはNR(New Radio)と呼ばれる無線通信方式(以下、当該無線通信方式を「5G」あるいは「NR」という。)の検討が進んでいる。5Gでは、10Gbps以上のスループットを実現しつつ無線区間の遅延を1ms以下にするという要求条件を満たすために、様々な無線技術の検討が行われている。 In the 3GPP (3rd Generation Partnership Project), 5G or NR (New Radio) is being developed in order to further increase system capacity, further increase data transmission speed, and further reduce latency in wireless sections. Studies are progressing on a wireless communication system called ``5G'' (hereinafter referred to as ``5G'' or ``NR''). In 5G, various wireless technologies are being studied in order to meet the requirements of achieving a throughput of 10 Gbps or more while reducing the delay in the wireless section to 1 ms or less.
 NRでは、LTE(Long Term Evolution)のネットワークアーキテクチャにおけるコアネットワークであるEPC(Evolved Packet Core)に対応する5GC(5G Core Network)及びLTEのネットワークアーキテクチャにおけるRAN(Radio Access Network)であるE-UTRAN(Evolved Universal Terrestrial Radio Access Network)に対応するNG-RAN(Next Generation - Radio Access Network)を含むネットワークアーキテクチャが検討されている(例えば非特許文献1)。 In NR, 5GC (5G Core Network) corresponds to EPC (Evolved Packet Core), which is the core network in LTE (Long Term Evolution) network architecture, and E-UTRAN (RAN), which is RAN (Radio Access Network) in LTE network architecture. A network architecture including NG-RAN (Next Generation - Radio Access Network) corresponding to Evolved Universal Terrestrial Radio Access Network is being considered (for example, Non-Patent Document 1).
 また、例えば、5GシステムにおけるNEF(Network Exposure Function)とAF(Application Function)間のNorthboundインタフェースをCAPIF(Common API Framework)により構成するアーキテクチャが検討されている(例えば非特許文献2及び非特許文献3)。 In addition, for example, an architecture in which a Northbound interface between NEF (Network Exposure Function) and AF (Application Function) in a 5G system is configured using CAPIF (Common API Framework) is being considered (for example, Non-Patent Document 2 and Non-Patent Document 3). ).
 3GPPコアネットワークにおいてネットワークノード装置が外部のアプリケーション向けにAPI(Application Programming Interface)を開放しており、例えばサードパーティのアプリケーションからネットワークノード装置に対してAPIを呼び出すことができる。 In the 3GPP core network, network node devices open APIs (Application Programming Interfaces) for external applications, and for example, a third-party application can call the API to the network node devices.
 また、API呼び出しを認可することも可能である。すなわち、認可したAPI呼び出しのみを許可し、認可されていないAPI呼び出しを拒否することが可能である。 It is also possible to authorize API calls. That is, it is possible to permit only authorized API calls and reject unauthorized API calls.
 しかし、従来技術では、一旦認可されたAPI呼び出しの認可を取り消す仕組みがないため、必要のないAPI呼び出しが行われて、予期しない影響をユーザに与える可能性がある。 However, in the conventional technology, there is no mechanism to revoke the authorization of an API call once authorized, so there is a possibility that unnecessary API calls are made and have an unexpected impact on the user.
 本発明は上記の点に鑑みてなされたものであり、認可されたAPI呼び出しの認可を取り消すことを可能とする技術を提供することを目的とする。 The present invention has been made in view of the above points, and an object of the present invention is to provide a technology that makes it possible to revoke the authorization of an authorized API call.
 開示の技術によれば、APIの呼び出しの認可を取り消すための条件を満たすイベントが発生したか否かを判断する制御部と、
 前記イベントが発生したと判断された場合に、前記APIの呼び出しの認可を取り消す要求をネットワークノード装置に送信する送信部と
 を備える通信装置が提供される。 According to the disclosed technology, a control unit that determines whether an event that satisfies conditions for canceling authorization for an API call has occurred;
A communication device is provided, comprising: a transmitting unit that transmits a request to cancel authorization for calling the API to a network node device when it is determined that the event has occurred.
 開示の技術によれば、認可されたAPI呼び出しの認可を取り消すことを可能とする技術が提供される。 According to the disclosed technology, a technology is provided that makes it possible to revoke the authorization of an authorized API call.
通信システムの例を説明するための図である。FIG. 1 is a diagram for explaining an example of a communication system. ローミング環境下の通信システムの例を説明するための図である。FIG. 2 is a diagram for explaining an example of a communication system under a roaming environment. API呼び出しの例を示す図である。FIG. 3 is a diagram illustrating an example of an API call. 課題を説明するための図である。FIG. 2 is a diagram for explaining a problem. 本発明の実施の形態における処理手順の概要を説明するための図である。FIG. 3 is a diagram for explaining an overview of a processing procedure in an embodiment of the present invention. 本発明の実施の形態における処理手順の具体例を示すシーケンス図である。FIG. 2 is a sequence diagram showing a specific example of a processing procedure in an embodiment of the present invention. 本発明の実施の形態における処理手順のバリエーションを示すシーケンス図である。FIG. 3 is a sequence diagram showing variations in processing procedures in an embodiment of the present invention. 本発明の実施の形態におけるシステムの例を示す図である。1 is a diagram showing an example of a system in an embodiment of the present invention. 本発明の実施の形態におけるシステムの例を示す図である。1 is a diagram showing an example of a system in an embodiment of the present invention. 本発明の実施の形態における基地局10(及びネットワークノード装置30、認可サーバ35、リソース保持者クライアント40)の機能構成の一例を示す図である。FIG. 2 is a diagram showing an example of a functional configuration of a base station 10 (and a network node device 30, an authorization server 35, and a resource holder client 40) in an embodiment of the present invention. 本発明の実施の形態における端末20(及びリソース保持者クライアント40)の機能構成の一例を示す図である。It is a diagram showing an example of the functional configuration of a terminal 20 (and a resource holder client 40) in an embodiment of the present invention. 本発明の実施の形態における装置のハードウェア構成の一例を示す図である。1 is a diagram showing an example of a hardware configuration of a device in an embodiment of the present invention. 本発明の実施の形態における車両の構成の一例を示す図である。1 is a diagram showing an example of the configuration of a vehicle in an embodiment of the present invention.
 以下、図面を参照して本発明の実施の形態を説明する。なお、以下で説明する実施の形態は一例であり、本発明が適用される実施の形態は、以下の実施の形態に限られない。 Embodiments of the present invention will be described below with reference to the drawings. Note that the embodiment described below is an example, and the embodiment to which the present invention is applied is not limited to the following embodiment.
 本発明の実施の形態の無線通信システムの動作にあたっては、適宜、既存技術が使用される。当該既存技術は、例えば既存のLTE又は既存のNR(5G)であるが、既存のLTE又は既存のNRに限られない。 Existing technologies are used as appropriate for the operation of the wireless communication system according to the embodiment of the present invention. The existing technology is, for example, existing LTE or existing NR (5G), but is not limited to existing LTE or existing NR.
 また、本発明の実施の形態において、無線パラメータ等が「設定される(Configure)」とは、所定の値が予め設定(Pre-configure)されることであってもよいし、ネットワークノード装置30又は端末20から通知される無線パラメータが設定されることであってもよい。 Furthermore, in the embodiment of the present invention, "configure" the wireless parameters etc. may mean pre-configuring predetermined values, or "pre-configuring" the wireless parameters etc. Alternatively, wireless parameters notified from the terminal 20 may be set.
 図1は、通信システムの例を説明するための図である。図1に示されるように、通信システムは、端末20であるUE、複数のネットワークノード装置30から構成される。以下、機能ごとに1つのネットワークノード装置30が対応するものとするが、複数の機能を1つのネットワークノード装置30が実現してもよいし、複数のネットワークノード装置30が1つの機能を実現してもよい。また、以下に記載する「接続」は、論理的な接続であってもよいし、物理的な接続であってもよい。 FIG. 1 is a diagram for explaining an example of a communication system. As shown in FIG. 1, the communication system includes a UE, which is a terminal 20, and a plurality of network node devices 30. Hereinafter, it is assumed that one network node device 30 corresponds to each function, but one network node device 30 may realize multiple functions, or multiple network node devices 30 may realize one function. It's okay. Further, the "connection" described below may be a logical connection or a physical connection.
 また、基地局10、端末20、ネットワークノード装置30はいずれも「通信装置」と呼んでもよい。 Furthermore, the base station 10, the terminal 20, and the network node device 30 may all be referred to as a "communication device."
 RAN(Radio Access Network)は、無線アクセス機能を有するネットワークノード装置30であり、基地局10を含んでもよく、UE、AMF(Access and Mobility Management Function)及びUPF(User plane function)と接続される。AMFは、RANインタフェースの終端、NAS(Non-Access Stratum)の終端、登録管理、接続管理、到達性管理、モビリティ管理等の機能を有するネットワークノード装置30である。UPFは、DN(Data Network)と相互接続する外部に対するPDU(Protocol Data Unit)セッションポイント、パケットのルーティング及びフォワーディング、ユーザプレーンのQoS(Quality of Service)ハンドリング等の機能を有するネットワークノード装置30である。UPF及びDNは、ネットワークスライスを構成する。本発明の実施の形態における無線通信ネットワークでは、複数のネットワークスライスが構築されている。 RAN (Radio Access Network) is a network node device 30 having a radio access function, may include a base station 10, and is connected to a UE, an AMF (Access and Mobility Management Function), and a UPF (User plane function). The AMF is a network node device 30 having functions such as RAN interface termination, NAS (Non-Access Stratum) termination, registration management, connection management, reachability management, and mobility management. The UPF is a network node device 30 that has functions such as a PDU (Protocol Data Unit) session point for the outside that interconnects with a DN (Data Network), packet routing and forwarding, and user plane QoS (Quality of Service) handling. . The UPF and DN constitute a network slice. In the wireless communication network according to the embodiment of the present invention, a plurality of network slices are constructed.
 AMFは、UE、RAN、SMF(Session Management function)、NSSF(Network Slice Selection Function)、NEF(Network Exposure Function)、NRF(Network Repository Function)、UDM(Unified Data Management)、AUSF(Authentication Server Function)、PCF(Policy Control Function)、AF(Application Function)と接続される。AMF、SMF、NSSF、NEF、NRF、UDM、AUSF、PCF、AFは、各々のサービスに基づくインタフェース、Namf、Nsmf、Nnssf、Nnef、Nnrf、Nudm、Nausf、Npcf、Nafを介して相互に接続されるネットワークノード装置30である。 AMF includes UE, RAN, SMF (Session Management function), NSSF (Network Slice Selection Function), NEF (Network Exposure Function), NRF (Network Repository Function), UDM (Unified Data Management), AUSF (Authentication Server Function), Connected to PCF (Policy Control Function) and AF (Application Function). AMF, SMF, NSSF, NEF, NRF, UDM, AUSF, PCF, and AF are interconnected through their respective service-based interfaces, Namf, Nsmf, Nnssf, Nnef, Nnrf, Nudm, Nausf, Npcf, and Naf. This is a network node device 30.
 SMFは、セッション管理、UEのIP(Internet Protocol)アドレス割り当て及び管理、DHCP(Dynamic Host Configuration Protocol)機能、ARP(Address Resolution Protocol)プロキシ、ローミング機能等の機能を有するネットワークノード装置30である。NEFは、他のNF(Network Function)に能力及びイベントを通知する機能を有するネットワークノード装置30である。NSSFは、UEが接続するネットワークスライスの選択、許可されるNSSAI(Network Slice Selection Assistance Information)の決定、設定されるNSSAIの決定、UEが接続するAMFセットの決定等の機能を有するネットワークノード装置30である。PCFは、ネットワークのポリシ制御を行う機能を有するネットワークノード装置30である。AFは、アプリケーションサーバを制御する機能を有するネットワークノード装置30である。NRFは、サービスを提供するNFインスタンスを発見する機能を有するネットワークノード装置30である。UDMは、加入者データ及び認証データを管理するネットワークノード装置30である。UDMは、当該データを保持するUDR(User Data Repository)と接続される。 The SMF is a network node device 30 that has functions such as session management, UE IP (Internet Protocol) address assignment and management, DHCP (Dynamic Host Configuration Protocol) function, ARP (Address Resolution Protocol) proxy, and roaming function. The NEF is a network node device 30 that has a function of notifying other NFs (Network Functions) of capabilities and events. The NSSF is a network node device 30 that has functions such as selecting a network slice to which a UE connects, determining permitted NSSAI (Network Slice Selection Assistance Information), determining NSSAI to be configured, and determining an AMF set to which a UE connects. It is. The PCF is a network node device 30 that has a function of controlling network policy. AF is a network node device 30 that has a function of controlling an application server. NRF is a network node device 30 that has a function of discovering NF instances that provide services. The UDM is a network node device 30 that manages subscriber data and authentication data. The UDM is connected to a UDR (User Data Repository) that holds the data.
 図2は、ローミング環境下の通信システムの例を説明するための図である。図2に示されるように、ネットワークは、端末20であるUE、複数のネットワークノード装置30から構成される。以下、機能ごとに1つのネットワークノード装置30が対応するものとするが、複数の機能を1つのネットワークノード装置30が実現してもよいし、複数のネットワークノード装置30が1つの機能を実現してもよい。また、以下に記載する「接続」は、論理的な接続であってもよいし、物理的な接続であってもよい。 FIG. 2 is a diagram for explaining an example of a communication system under a roaming environment. As shown in FIG. 2, the network includes a UE, which is a terminal 20, and a plurality of network node devices 30. Hereinafter, it is assumed that one network node device 30 corresponds to each function, but one network node device 30 may realize multiple functions, or multiple network node devices 30 may realize one function. It's okay. Further, the "connection" described below may be a logical connection or a physical connection.
 RANは、無線アクセス機能を有するネットワークノード装置30であり、UE、AMF及びUPFと接続される。AMFは、RANインタフェースの終端、NASの終端、登録管理、接続管理、到達性管理、モビリティ管理等の機能を有するネットワークノード装置30である。UPFは、DNと相互接続する外部に対するPDUセッションポイント、パケットのルーティング及びフォワーディング、ユーザプレーンのQoSハンドリング等の機能を有するネットワークノード装置30である。UPF及びDNは、ネットワークスライスを構成する。本発明の実施の形態における無線通信ネットワークでは、複数のネットワークスライスが構築されている。 The RAN is a network node device 30 having a wireless access function, and is connected to the UE, AMF, and UPF. The AMF is a network node device 30 having functions such as RAN interface termination, NAS termination, registration management, connection management, reachability management, and mobility management. The UPF is a network node device 30 that has functions such as a PDU session point for the outside that interconnects with the DN, packet routing and forwarding, and user plane QoS handling. The UPF and DN constitute a network slice. In the wireless communication network according to the embodiment of the present invention, a plurality of network slices are constructed.
 AMFは、UE、RAN、SMF、NSSF、NEF、NRF、UDM、AUSF、PCF、AF、SEPP(Security Edge Protection Proxy)と接続される。AMF、SMF、NSSF、NEF、NRF、UDM、AUSF、PCF、AFは、各々のサービスに基づくインタフェース、Namf、Nsmf、Nnssf、Nnef、Nnrf、Nudm、Nausf、Npcf、Nafを介して相互に接続されるネットワークノード装置30である。 AMF is connected to UE, RAN, SMF, NSSF, NEF, NRF, UDM, AUSF, PCF, AF, and SEPP (Security Edge Protection Proxy). AMF, SMF, NSSF, NEF, NRF, UDM, AUSF, PCF, and AF are interconnected through their respective service-based interfaces, Namf, Nsmf, Nnssf, Nnef, Nnrf, Nudm, Nausf, Npcf, and Naf. This is a network node device 30.
 SMFは、セッション管理、UEのIPアドレス割り当て及び管理、DHCP機能、ARPプロキシ、ローミング機能等の機能を有するネットワークノード装置30である。NEFは、他のNFに能力及びイベントを通知する機能を有するネットワークノード装置30である。NSSFは、UEが接続するネットワークスライスの選択、許可されるNSSAIの決定、設定されるNSSAIの決定、UEが接続するAMFセットの決定等の機能を有するネットワークノード装置30である。PCFは、ネットワークのポリシ制御を行う機能を有するネットワークノード装置30である。AFは、アプリケーションサーバを制御する機能を有するネットワークノード装置30である。NRFは、サービスを提供するNFインスタンスを発見する機能を有するネットワークノード装置30である。SEPPは、非透過的なプロキシであり、PLMN(Public Land Mobile Network)間のコントロールプレーンのメッセージをフィルタリングする。図2に示されるvSEPPは、visitedネットワークにおけるSEPPであり、hSEPPは、homeネットワークにおけるSEPPである。 The SMF is a network node device 30 that has functions such as session management, UE IP address assignment and management, DHCP function, ARP proxy, and roaming function. The NEF is a network node device 30 that has a function of notifying other NFs of capabilities and events. The NSSF is a network node device 30 that has functions such as selecting a network slice to which a UE connects, determining permitted NSSAIs, determining NSSAIs to be configured, and determining an AMF set to which a UE connects. The PCF is a network node device 30 that has a function of controlling network policy. AF is a network node device 30 that has a function of controlling an application server. NRF is a network node device 30 that has a function of discovering NF instances that provide services. SEPP is a non-transparent proxy that filters control plane messages between PLMNs (Public Land Mobile Networks). The vSEPP shown in FIG. 2 is the SEPP in the visited network, and the hSEPP is the SEPP in the home network.
 図2に示されるように、UEは、VPLMN(Visited PLMN)においてRAN及びAMFと接続されているローミング環境にある。VPLMN及びHPLMN(Home PLMN)は、vSEPP及びhSEPPを経由して接続されている。UEは、例えば、VPLMNのAMFを介してHPLMNのUDMと通信が可能である。 As shown in FIG. 2, the UE is in a roaming environment connected to the RAN and AMF in a VPLMN (Visited PLMN). VPLMN and HPLMN (Home PLMN) are connected via vSEPP and hSEPP. The UE can communicate with the HPLMN's UDM via the VPLMN's AMF, for example.
 本実施の形態における動作は、図1、図2のいずれの構成で行われてもよい。また、図1、図2に示す構成以外の構成において本実施の形態における動作が行われてもよい。 The operation in this embodiment may be performed in either of the configurations shown in FIGS. 1 and 2. Further, the operation in this embodiment may be performed in a configuration other than the configuration shown in FIGS. 1 and 2.
 上述のNEFにおいて、AFから呼び出し可能であるAPI(Application Programming Interface)を、CAPIF(Common API Framework)アーキテクチャを適用して実装することが可能である。CAPIFアーキテクチャは、サービスAPI運用をサポートするメカニズムを提供し、例えば、API呼び出し元(invoker)にAPI提供者(provider)から提供されるサービスAPIを発見させ、当該サービスAPIを使用する通信を可能とする。また、CAPIFアーキテクチャは、例えば、PLMNトラストドメインの外部からサービスAPIにアクセスするAPI呼び出し元から、PLMNトラストドメインの接続形態(topology)を隠蔽するメカニズムを有する。 In the above-mentioned NEF, it is possible to implement an API (Application Programming Interface) that can be called from the AF by applying the CAPIF (Common API Framework) architecture. The CAPIF architecture provides a mechanism to support service API operations, such as allowing an API caller to discover service APIs provided by an API provider and enable communication using those service APIs. do. The CAPIF architecture also has a mechanism to hide the topology of the PLMN trust domain from, for example, API callers accessing the service API from outside the PLMN trust domain.
 なお、以下で説明するAPI呼び出し元のアプリケーション30Aは上記のAFに備え、API提供機能(AEF)30CはNEFに備えてもよいし、これに限定されず、API呼び出し元のアプリケーション30A、AEF30Cはそれぞれ、どのネットワークノード装置30に備えられてもよい。AEF30Cが基地局10に備えられてもよい。また、API呼び出し元のアプリケーション30Aが端末20に備えられてもよい。 Note that the API caller application 30A described below may be provided in the above-mentioned AF, and the API providing function (AEF) 30C may be provided in the NEF, or the API caller application 30A and AEF30C may be provided in the NEF. Each of them may be provided in any network node device 30. The base station 10 may be equipped with an AEF 30C. Further, the terminal 20 may be provided with an application 30A that calls the API.
 また、後述するリソース保持者クライアント40(リソースオーナー)は、ネットワークノード装置30であってもよいし、端末20であってもよいし、基地局10であってもよいし、これら以外の装置であってもよい。 Further, the resource holder client 40 (resource owner), which will be described later, may be the network node device 30, the terminal 20, the base station 10, or any other device. There may be.
 図3は、API呼び出しの例を示す図である。3GPPコアネットワークでは外部のアプリケーション向けにAPIを開放しており、サードパーティのアプリケーションからネットワークノード装置30に対して、APIを呼び出すことができる。APIを呼び出すとき、コアネットワーク内にあるCAPIFコア機能(CAPIF Core Function、CCFとも記載する。)によって、呼び出し元のアプリケーション30A(API invoker)を認証及び/又は認可し、いずれのアプリケーションがAPIを呼び出すことができるかを管理する。 FIG. 3 is a diagram showing an example of an API call. The 3GPP core network opens APIs to external applications, and third-party applications can call the APIs to the network node device 30. When calling an API, the calling application 30A (API invoker) is authenticated and/or authorized by the CAPIF core function (also referred to as CCF) in the core network, and which application calls the API. Manage what you can.
 図3に示されるように、API呼び出し元のアプリケーション30Aが、CAPIF-APIを利用してCAPIFコア機能30Bに事前登録される。CAPIFコア機能30Bでは、サードパーティのアプリケーション30Aを認証及び認可する。また、図3に示されるように、認証及び認可されたアプリケーション30A向けに、API提供機能(API Exposing Function、AEFとも記載する)30CによってサービスAPIが開放されており、API呼び出し元のアプリケーション30Aは、当該APIを呼び出すことで、当該APIの機能を利用可能である。 As shown in FIG. 3, the API caller application 30A is pre-registered in the CAPIF core function 30B using the CAPIF-API. The CAPIF core function 30B authenticates and authorizes the third party application 30A. Further, as shown in FIG. 3, the service API is opened by an API providing function (also referred to as AEF) 30C for the authenticated and authorized application 30A, and the application 30A that calls the API , by calling the API, the functions of the API can be used.
 APF(API Publishing Function)30Dは、APIプロバイダのサービスAPI情報をCAPIFコア機能30Bにパブリッシュする機能を有する。AMF(API Management Function)30Eは、API呼び出しに関連する種々の管理機能を有する。 The APF (API Publishing Function) 30D has a function of publishing service API information of the API provider to the CAPIF core function 30B. The AMF (API Management Function) 30E has various management functions related to API calls.
 また、CAPIFを拡張して、リソース保持者クライアント40が、認可サーバ35を介して、API呼び出し元アプリケーション30Aに対してAPI呼び出しを認可することが可能である。なお、リソース保持者クライアント40を、ネットワークノード装置、端末、リソース保持者クライアント装置、リソースオーナー、通信装置、等と呼んでもよい。 Additionally, by extending CAPIF, the resource holder client 40 can authorize the API caller application 30A to make an API call via the authorization server 35. Note that the resource holder client 40 may also be called a network node device, a terminal, a resource holder client device, a resource owner, a communication device, or the like.
 (課題について)
 リソース保持者クライアント40は、API呼び出し元アプリケーション30A(API invoker)のAPI呼び出し要求に対して認可を与えることができるが、一度認可を与えた場合には、その認可を取り消さない限り、API呼び出し元アプリケーション30Aから追加のAPI呼び出しを要求される可能性がある。認可を取り消さない限り追加のAPI呼び出しが可能であることによる課題を以下に説明する。 (About the assignment)
The resource holder client 40 can grant authorization to the API call request of the API caller application 30A (API invoker), but once the authorization is granted, the API caller will not be able to access the API unless the authorization is revoked. There is a possibility that an additional API call is requested from the application 30A. The challenges caused by the ability to make additional API calls unless authorization is revoked are discussed below.
 例えば、一時的な対戦ゲーム利用のために、リソース保持者クライアント40がQoS変更APIの呼び出しの認可を与えたとする。このとき、ゲーム終了後に認可を取り消すのを忘れた場合には、API呼び出し元アプリケーション30A(API invoker)が継続して当該リソース保持者クライアント40のQoSを自由に変更できてしまう。QoSのようにエンドユーザの通信品質に関わる設定を、エンドユーザ(リソース保持者)の認可なしに変更されてしまうことは望ましくない。 For example, assume that the resource holder client 40 gives permission to call the QoS change API for temporary use of a competitive game. At this time, if the user forgets to cancel the authorization after the game ends, the API caller application 30A (API invoker) can continue to freely change the QoS of the resource holder client 40. It is undesirable that settings related to end user communication quality, such as QoS, be changed without the approval of the end user (resource holder).
 QoS変更のようにエンドユーザの通信品質に関わる操作の他、位置情報取得などのプライバシーに関わる操作、APIごとに利用料が発生するなどの課金に関わる操作などは、リソース保持者クライアント40が適切なタイミングで認可の取り消しができるようにすることが望ましい。 In addition to operations related to end-user communication quality such as QoS changes, operations related to privacy such as obtaining location information, and operations related to billing such as the generation of usage fees for each API, the resource holder client 40 is appropriate. It is desirable to be able to revoke authorization at the appropriate timing.
 図4は、上記の状況を説明するための図である。なお、図4の構成自体は、本発明の実施の形態に係る通信システムの構成を示しており、図示する各装置は他の装置とネットワーク経由でデータ通信を行うことが可能である。 FIG. 4 is a diagram for explaining the above situation. Note that the configuration of FIG. 4 itself shows the configuration of a communication system according to an embodiment of the present invention, and each device shown in the figure can perform data communication with other devices via a network.
 図4において、API呼び出し元アプリケーション30Aは、あるAPIの呼び出しを行うことの認可を受けている。具体的には、例えば、当該APIの呼び出しを行うためのアクセストークンの払い出しを認可サーバ35から受けている。データベース50には、認可に関する情報が格納されている。 In FIG. 4, the API caller application 30A is authorized to call a certain API. Specifically, for example, the authorization server 35 receives an access token for calling the API. The database 50 stores information regarding authorization.
 API呼び出し元アプリケーション30Aは、そのアクセストークンを用いることで、アクセストークンの有効期限内であれば、認可が取り消されない限りそのAPIをAEF30Cに対して呼び出すことができる。これにより、上述した課題が発生するため、図4に示すとおり、認可が不要になったタイミングでその認可を取り消す必要がある。 By using the access token, the API calling application 30A can call the API to the AEF 30C within the validity period of the access token, unless the authorization is revoked. This causes the above-mentioned problem, and therefore, as shown in FIG. 4, it is necessary to cancel the authorization when it becomes unnecessary.
 以下、この課題を解決するための本実施の形態に係る動作例を説明する。 Hereinafter, an example of operation according to this embodiment for solving this problem will be described.
 (実施の形態に係る構成及び動作例)
 本実施の形態では、図5に示すように、認可サーバ35、リソース保持者クライアント40、データベース50を有するシステム構成において、上述した認可の取り消しを可能としている。 (Configuration and operation example according to embodiment)
In this embodiment, as shown in FIG. 5, the above-mentioned authorization can be canceled in a system configuration including an authorization server 35, a resource holder client 40, and a database 50.
 認可サーバ35は、ネットワークノード装置の一種である。認可サーバ35は、AEF30Cの機能を含んでもよいし、CAPIFコア機能30Bの機能を含んでもよいし、AEF30CとCAPIFコア機能30Bの両方を含むネットワークノード装置であってもよいし、AEF30CとCAPIFコア機能30Bのいずれでもないネットワークノード装置であってもよい。 The authorization server 35 is a type of network node device. The authorization server 35 may include the functions of the AEF 30C, may include the functions of the CAPIF core function 30B, may be a network node device that includes both the AEF 30C and the CAPIF core function 30B, or may include the functions of the AEF 30C and the CAPIF core function 30B. It may be a network node device that does not have any of the functions 30B.
 データベース50は、認可情報を保持する装置であり、ネットワークノード装置の一種である。データベース50は、認可サーバ35の外部に備えられていてもよいし、認可サーバ35の内部に備えられていてもよい。データベース50が保持する認可情報は、例えば、アクセストークン(文字列)と、APIのIDと、そのAPIの呼び出しが認可されているか否かを示す情報とを対応付けた情報である。これらの情報は、認可サーバ35によりデータベース50に対して登録される情報である。 The database 50 is a device that holds authorization information and is a type of network node device. The database 50 may be provided outside the authorization server 35 or may be provided inside the authorization server 35. The authorization information held by the database 50 is, for example, information that associates an access token (character string), an ID of an API, and information indicating whether calling of the API is authorized. These pieces of information are information registered in the database 50 by the authorization server 35.
 図5を参照して、動作例を説明する。 An example of operation will be described with reference to FIG.
 まず、前提条件として、リソース保持者クライアント40は特定のAPI呼び出しに対する認可をAPI呼び出し元アプリケーション30Aに対して与えている。具体的には、この状態において、データベース50には、アクセストークンと、上記特定のAPIのIDと、当該特定のAPIの呼び出しが認可されていることを示す情報が格納されており、API呼び出し元アプリケーション30Aは、このアクセストークンを保持している。 First, as a precondition, the resource holder client 40 has granted authorization for a specific API call to the API caller application 30A. Specifically, in this state, the database 50 stores an access token, the ID of the specific API, and information indicating that calling of the specific API is authorized, and the API caller Application 30A holds this access token.
 事前準備として、リソース保持者クライアント40に予めAPI呼び出し認可を取り消す条件を設定しておく。 As a preliminary preparation, conditions for canceling API call authorization are set in advance in the resource holder client 40.
 図5に示すように、リソース保持者クライアント40が、上記条件を満たすイベント発生を検知したときに、認可サーバ35に対して認可取り消し要求を送信する。 As shown in FIG. 5, when the resource holder client 40 detects the occurrence of an event that satisfies the above conditions, it transmits an authorization cancellation request to the authorization server 35.
 認可取り消し要求を受信した認可サーバ35は、リソース保持者クライアント40を認証し、認証(具体的には認証情報の検証)に成功すると、認可サーバ35は、与えられたAPI呼び出しの認可を無効にする。 Upon receiving the authorization cancellation request, the authorization server 35 authenticates the resource holder client 40, and if the authentication (specifically, authentication information verification) is successful, the authorization server 35 invalidates the authorization for the given API call. do.
 例えば、認可サーバ35は、データベース50における該当のエントリのアクセストークンを削除する。つまり、エントリの情報が{アクセストークン、APIのID、呼び出し可}である場合、「{アクセストークン、APIのID、呼び出し可}」を削除する。 For example, the authorization server 35 deletes the access token of the corresponding entry in the database 50. That is, if the entry information is {access token, API ID, callable}, "{access token, API ID, callable}" is deleted.
 あるいは、認可サーバ35は、{アクセストークン、APIのID、呼び出し可}を{アクセストークン、APIのID、呼び出し不可}に変更することで、認可を取り消してもよい。つまり、アクセストークンを使用不可の状態にすることで認可を取り消してもよい。 Alternatively, the authorization server 35 may cancel the authorization by changing {access token, API ID, callable} to {access token, API ID, callable}. In other words, authorization may be revoked by making the access token unusable.
 <認可取り消しの条件について>
 認可取り消し要求を送信するトリガとなる条件として、例えは下記の条件(1)~(5)がある。なお、下記の条件(1)~(5)はいずれも例であり、認可取り消し要求を送信するトリガとなる条件は、下記の(1)~(5)に限られない。 <Conditions for revocation of approval>
Examples of conditions that trigger the transmission of an authorization cancellation request include conditions (1) to (5) below. Note that the following conditions (1) to (5) are all examples, and the conditions that trigger the transmission of an authorization cancellation request are not limited to the following conditions (1) to (5).
 (1)アプリの状態
 例えば、リソース保持者クライアント40は、対戦ゲームアプリケーションの終了をトリガとして、QoS変更API呼び出し認可を取り消す。その後、対戦ゲームアプリケーションの開始をトリガとして、QoS変更API呼び出しを再度認可してもよい。 (1) Application Status For example, the resource holder client 40 cancels the QoS change API call authorization using the termination of the competitive game application as a trigger. Thereafter, the QoS change API call may be authorized again using the start of the competitive game application as a trigger.
 (2)時間・時刻
 例えば、リソース保持者クライアント40は、API呼び出しを認可した時刻から、予め設定した時間が経過した時点で、そのAPI呼び出し認可を取り消す。 (2) Time/Time For example, the resource holder client 40 cancels the API call authorization when a preset time has elapsed from the time when the API call was authorized.
 また、例えば、リソース保持者クライアント40は、予め設定した時刻になった時点で、API呼び出し認可を取り消すこととしてもよい。 Also, for example, the resource holder client 40 may cancel API call authorization at a preset time.
 (3)位置情報
 例えば、リソース保持者クライアント40は、自身が、予め設定した場所(位置)に移動したこと(例:東京都外に移動したこと)を検知すると、API呼び出し認可を取り消す。 (3) Location information For example, when the resource holder client 40 detects that it has moved to a preset location (eg, moved outside Tokyo), it cancels API call authorization.
 リソース保持者クライアント40は、自身が特定の位置に存在することを、GPS機能で取得した位置情報を用いて判断してもよいし、在圏するセルのセルIDに基づいて判断してもよいし、自身が保持するカメラで得られた画像から判断してもよいし、自身が保持するマイクで得られた音から判断してもよいし、これら以外の方法で判断してもよい。 The resource holder client 40 may determine whether it exists in a specific location using location information obtained by the GPS function or based on the cell ID of the cell in which it is located. However, the judgment may be made from an image obtained by a camera held by the person, from sound obtained by a microphone held by the person, or by other methods.
 (4)通信品質
 例えば、リソース保持者クライアント40は、特定のサーバへの通信遅延を測定し、その遅延の値が、予め設定した基準値よりも大きくなったことを検知した場合に、API呼び出し認可を取り消す。 (4) Communication quality For example, the resource holder client 40 measures the communication delay to a specific server, and if it detects that the delay value has become larger than a preset reference value, the resource holder client 40 makes an API call. Revoke authorization.
 また、リソース保持者クライアント40と外部のサーバとが連携してイベント(条件が満たされたことを示すイベント)を検知してもよい。 Additionally, the resource holder client 40 and an external server may cooperate to detect an event (an event indicating that a condition is met).
 例えば、「あるサーバまでの通信遅延が閾値を上回る」ことが条件であれば、リソース保持者クライアント40が特定のサーバまでパケットを送出し、そのパケットがリソース保持者クライアント40に帰ってくるまでの往復時間をもって条件が満たされたか否かを確認することができる。 For example, if the condition is that "the communication delay to a certain server exceeds a threshold", the resource holder client 40 sends a packet to a specific server, and the time required for the packet to return to the resource holder client 40 is It is possible to check whether the conditions are satisfied based on the round trip time.
 (5)無線品質
 例えば、リソース保持者クライアント40は、基地局から受信する電波の強度が、予め設定した一定期間、予め設定した基準値以下になったことを検知した場合に、API呼び出し認可を取り消す。 (5) Wireless quality For example, when the resource holder client 40 detects that the strength of radio waves received from the base station has fallen below a preset reference value for a preset period of time, the resource holder client 40 requests API call authorization. cancel.
 なお、上記(1)~(5)の例では、リソース保持者クライアント40自身が認可取り消しの条件を保持し、条件を満たすイベントが発生したかどうかの判断を行っていたが、これは例である。リソース保持者クライアント40の外部にある他のエンティティ(外部サーバ60と呼ぶ)が、認可取り消しの条件を保持し、条件を満たすイベントが発生したかどうかの判断を行ってもよい。 Note that in the examples (1) to (5) above, the resource holder client 40 itself holds the conditions for authorization cancellation and judges whether an event that satisfies the conditions has occurred, but this is just an example. be. Another entity (referred to as an external server 60) external to the resource holder client 40 may maintain conditions for authorization revocation and determine whether an event that satisfies the conditions has occurred.
 外部サーバ60が、認可取り消しの条件を満たすイベントが発生したことを検知した場合、例えば、認可取り消しの条件を満たすイベントが発生したことをリソース保持者クライアント40に通知する。その後は、上述した処理と同じく、リソース保持者クライアント40は取り消し要求を認可サーバ35に送信する。あるいは、外部サーバ60が、認可取り消しの条件を満たすイベントが発生したことを検知した場合、外部サーバ60自身が取り消し要求を認可サーバ35に送信することとしてもよい。 When the external server 60 detects that an event that satisfies the conditions for authorization revocation has occurred, it notifies the resource holder client 40 that an event that satisfies the conditions for authorization revocation has occurred, for example. After that, the resource holder client 40 sends a cancellation request to the authorization server 35, similar to the process described above. Alternatively, when the external server 60 detects that an event that satisfies the conditions for authorization revocation has occurred, the external server 60 itself may transmit a revocation request to the authorization server 35.
 <複数API>
 認可したAPIが複数存在する場合には、リソース保持者クライアント40は、それぞれのAPIについての条件を保持し、あるAPIに対応する条件を満たしたことを検知した場合に、そのAPIに対する認可取り消し要求を送信する。 <Multiple APIs>
If there are multiple authorized APIs, the resource holder client 40 maintains the conditions for each API, and when it detects that the conditions corresponding to a certain API are met, requests cancellation of authorization for that API. Send.
 この場合、リソース保持者クライアント40は、例えば、「(API_1、条件1)、(API_2、条件2)、...、(API_n、条件n)」といった形式の情報(テーブル)を条件として保持する。 In this case, the resource holder client 40 holds information (table) in a format such as "(API_1, condition 1), (API_2, condition 2), ..., (API_n, condition n)" as a condition, for example. .
 <再認可について>
 なお、上記のようにAPI呼び出し認可を取り消した後に、再び認可をすることも可能である。その場合、例えば、リソース保持者クライアント40は、認可サーバ35に対して、API呼び出し認可要求を送信する。 <About reauthorization>
Note that after canceling API call authorization as described above, it is also possible to authorize again. In that case, for example, the resource holder client 40 transmits an API call authorization request to the authorization server 35.
 認可要求を受信した認可サーバ35は、リソース保持者クライアント40を認証し、認証(具体的には認証情報の検証)に成功すると、認可サーバ35は、API呼び出しの認可を有効にする。例えば、認可サーバ35は、データベース50における該当のエントリ{アクセストークン、APIのID、呼び出し不可}を、{アクセストークン、APIのID、呼び出し可}に変更する。また、エントリが削除されている場合には、新たにエントリ、つまり、{アクセストークン、APIのID、呼び出し可}を生成し、アクセストークンをAPI呼び出し元アプリケーション30Aに払い出す。 Upon receiving the authorization request, the authorization server 35 authenticates the resource holder client 40, and if the authentication (specifically, verification of the authentication information) is successful, the authorization server 35 validates the authorization for the API call. For example, the authorization server 35 changes the corresponding entry {access token, API ID, callable} in the database 50 to {access token, API ID, callable}. Further, if the entry has been deleted, a new entry, that is, {access token, API ID, callable} is generated, and the access token is paid out to the API calling application 30A.
 再認可を行う際に、上記の取り消しと同様にして、リソース保持者クライアント40は、再認可条件として予め設定した条件を満たしたイベントの発生を検知したことをトリガとして、認可サーバ35に対して、API呼び出し認可要求を送信することとしてもよい。 When performing reauthorization, the resource holder client 40 sends a message to the authorization server 35 in the same manner as the above-mentioned cancellation, using the detection of the occurrence of an event that satisfies preset conditions as reauthorization conditions as a trigger. , an API call authorization request may be sent.
 (シーケンス例)
 次に、本実施の形態におけるより詳細な動作例を図6のシーケンス図を参照して説明する。以下の動作の前提として、あるAPIに対する呼び出しが認可されているものとする。また、リソース保持者クライアント40は、認可の取り消しを要求する条件を保持している。 (Sequence example)
Next, a more detailed example of operation in this embodiment will be described with reference to the sequence diagram of FIG. 6. As a premise for the following operations, it is assumed that calls to a certain API are authorized. Additionally, the resource holder client 40 holds conditions for requesting cancellation of authorization.
 なお、トークンとして、アクセストークンとリフレッシュトークンがあるが、以下では、これらを総称して「トークン」と呼ぶ。トークンを「アクセス許可情報」と呼んでもよい。 Note that there are access tokens and refresh tokens as tokens, which will be collectively referred to as "tokens" below. The token may also be called "access permission information."
 S101として示すように、API呼び出し元アプリケーション30Aは、トークンを保持し、データベース50はトークンに関する情報を保管している。トークンに関する情報は、例えば、{トークン、APIのID、呼び出し可}の情報である。 As shown in S101, the API caller application 30A holds tokens, and the database 50 stores information regarding the tokens. The information regarding the token is, for example, the information {token, API ID, callable}.
 S102において、リソース保持者クライアント40は、事前に設定しておいた条件を満たすイベントを検知する。 At S102, the resource holder client 40 detects an event that satisfies preset conditions.
 S103において、リソース保持者クライアント40は、認可サーバ35に対して認可取り消し要求を送信する。この要求のメッセージには、例えば、対象のAPIのIDと、取り消し要求であることを示す情報が含まれる。 In S103, the resource holder client 40 transmits an authorization cancellation request to the authorization server 35. This request message includes, for example, the ID of the target API and information indicating that it is a cancellation request.
 S104において、認可サーバ35はリソース保持者クライアント40を認証する。認証方法はどのような方法であってもよく、例えば、認可サーバ35がリソース保持者クライアント40に対してID/パスワードを要求し、リソース保持者クライアント40が認可サーバ35にID/パスワードを送信することで認証を行ってもよい。ここでは認証に成功したとする。 In S104, the authorization server 35 authenticates the resource holder client 40. Any authentication method may be used; for example, the authorization server 35 requests the resource holder client 40 for an ID/password, and the resource holder client 40 sends the ID/password to the authorization server 35. Authentication may be performed by Here, it is assumed that the authentication was successful.
 S105において、認可サーバ35は、データベース50に対して、トークンの削除要求を送信する。この要求のメッセージには、例えば、対象のAPIのIDが含まれている。S106において、データベース50は、対象のAPIに対応するトークンを削除する。あるいは、前述したように、当該トークンを削除せずに、「呼び出し不可」として管理することとしてもよい。 In S105, the authorization server 35 transmits a token deletion request to the database 50. This request message includes, for example, the ID of the target API. In S106, the database 50 deletes the token corresponding to the target API. Alternatively, as described above, the token may be managed as "uncallable" without being deleted.
 S107において、データベース50は、削除応答を認可サーバ35に返す。S108において、認可サーバ35は、対象のAPIに対する呼び出し認可が取り消されたことを示す応答をリソース保持者クライアント40に返す。 In S107, the database 50 returns a deletion response to the authorization server 35. In S108, the authorization server 35 returns a response to the resource holder client 40 indicating that the call authorization for the target API has been revoked.
 その後、S109において、API呼び出し元アプリケーション30Aが、古いトークン(削除されている、又は、呼び出し不可となっているトークン)を用いて、対象のAPIの呼び出し要求をAEF30Cに送信する。AEF30Cは、データベース50にアクセスして、当該トークンに関する情報の参照を試みるが、当該トークンに関する情報の参照に失敗する。あるいは、当該トークンに関する情報を確認して、「呼び出し不可」であることを把握する。S111において、AEF30Cは、API呼び出し元アプリケーション30Aに対して、API呼び出し拒否のメッセージを送信する。 After that, in S109, the API calling application 30A uses the old token (the token that has been deleted or is disabled to call) to send a request to call the target API to the AEF 30C. The AEF 30C accesses the database 50 and tries to refer to the information regarding the token, but fails to refer to the information regarding the token. Alternatively, check the information regarding the token and understand that it is "uncallable." In S111, the AEF 30C transmits an API call rejection message to the API caller application 30A.
 <シーケンスのバリエーション>
 前述したように、取り消し条件を満たすイベントの検知を外部サーバ60が行ってもよい。取り消し条件を満たすイベントの検知を外部サーバ60が行う場合のシーケンス例を図7に示す。以下では、図6と同じ部分については説明を省略又は簡単な説明とする。 <Sequence variations>
As described above, the external server 60 may detect events that satisfy the cancellation conditions. FIG. 7 shows an example of a sequence when the external server 60 detects an event that satisfies the cancellation conditions. In the following, description of the same parts as those in FIG. 6 will be omitted or simplified.
 図7に示すように、リソース保持者クライアント40と外部サーバ60との間では通信が可能であり、外部サーバ60は、取り消し条件を満たすイベントの検知のために必要な情報を随時リソース保持者クライアント40から取得可能である。なお、リソース保持者クライアント40からの情報を使用することなく、取り消し条件を満たすイベントの検知を行うことができる場合には、リソース保持者クライアント40から情報を取得しなくてもよい。 As shown in FIG. 7, communication is possible between the resource holder client 40 and the external server 60, and the external server 60 transmits information necessary for detecting an event that satisfies the cancellation condition to the resource holder client at any time. It can be obtained from 40. Note that if it is possible to detect an event that satisfies the cancellation conditions without using information from the resource holder client 40, it is not necessary to acquire the information from the resource holder client 40.
 S102において、外部サーバ60は、事前に設定しておいた条件を満たすイベントを検知する。 In S102, the external server 60 detects an event that satisfies preset conditions.
 S103において、外部サーバ60は、認可サーバ35に対して認可取り消し要求を送信する。この要求のメッセージには、例えば、リソース保持者クライアント40を示す情報(IPアドレス等)と、対象のAPIのIDと、取り消し要求であることを示す情報が含まれる。S104において、認可サーバ35はリソース保持者クライアント40を認証する。 In S103, the external server 60 transmits an authorization cancellation request to the authorization server 35. This request message includes, for example, information indicating the resource holder client 40 (IP address, etc.), the ID of the target API, and information indicating that it is a cancellation request. In S104, the authorization server 35 authenticates the resource holder client 40.
 S105~S107を経て、S108において、認可サーバ35は、対象のAPIに対する呼び出し認可が取り消されたことを示す応答を外部サーバ60に返す。S108の後、外部サーバがAPI呼び出し元アプリケーション30Aに対して、対象のAPIに対する呼び出し認可が取り消されたことを示す情報を通知してもよい。 After S105 to S107, in S108, the authorization server 35 returns a response to the external server 60 indicating that the call authorization for the target API has been revoked. After S108, the external server may notify the API calling application 30A of information indicating that the authorization to call the target API has been revoked.
 (具体的なシステム構成例)
 図8は、5Gシステムを想定した、本実施の形態に係るシステムの具体的な構成例を示す。図8では、一例として、UE(端末)20が、リソース保持者クライアント40であり、CCF30Bが認可サーバ35である場合を示している。データベース50についてもCCF30Bに含まれていてもよい。 (Specific system configuration example)
FIG. 8 shows a specific configuration example of a system according to this embodiment, assuming a 5G system. FIG. 8 shows, as an example, a case where the UE (terminal) 20 is the resource holder client 40 and the CCF 30B is the authorization server 35. The database 50 may also be included in the CCF 30B.
 図8の例において、信頼済ドメインであるPLMN(PLMN Trust domain)には、CAPIF-APIを含むCCF30B、サービスAPIを含むAEF30C、APF(API Publishing Function)30D、AMF(API Management Function)30E、UE20(例えばリソース保持者クライアント40)、コアネットワーク及びアクセスネットワークが属する。一方、PLMN外には、API呼び出し元アプリケーション30A(例えばゲームサーバ)が存在する。 In the example of FIG. 8, the trusted domain PLMN (PLMN Trust domain) includes CCF 30B including CAPIF-API, AEF 30C including service API, APF (API Publishing Function) 30D, AMF (API Management Function) 30E, and UE 20. (eg, resource holder client 40), core network, and access network. On the other hand, an API caller application 30A (for example, a game server) exists outside the PLMN.
 図8に示されるように、UE20は、アクセスネットワーク及びコアネットワークを介して、API呼び出し元アプリケーション30A、AEF30C、及びCCF30Bと接続されてもよい。 As shown in FIG. 8, the UE 20 may be connected to the API calling application 30A, AEF 30C, and CCF 30B via an access network and a core network.
 図9は、システム構成の他の例を示す図である。図9に示されるように、信頼済ドメインであるPLMNには、CAPIF-APIを含むCCF30B、サービスAPIを含むAEF30C、APF30D、AMF30E、UE20-1、UE20-2、コアネットワーク及びアクセスネットワークが属する。UE20-1は、例えば、API呼び出し要求元のアプリケーションを備える。UE20-2は、例えば、リソース保持者クライアント40である。なお、アプリケーションとリソース保持者クライアントの機能が同一の装置(端末等)に備えられてもよい。 FIG. 9 is a diagram showing another example of the system configuration. As shown in FIG. 9, the CCF 30B including the CAPIF-API, the AEF 30C including the service API, the APF 30D, the AMF 30E, the UE 20-1, the UE 20-2, the core network, and the access network belong to the PLMN, which is a trusted domain. The UE 20-1 includes, for example, an application that is an API call request source. The UE 20-2 is, for example, the resource holder client 40. Note that the functions of the application and the resource holder client may be provided in the same device (such as a terminal).
 図9に示されるように、UE20-1は、アクセスネットワーク及びコアネットワークを介して、CCF30B、AEF30Cと接続されてもよい。また、UE20-2は、アクセスネットワーク及びコアネットワークを介して、CCF30B、AEF30Cと接続されてもよい。 As shown in FIG. 9, the UE 20-1 may be connected to the CCF 30B and AEF 30C via an access network and a core network. Further, the UE 20-2 may be connected to the CCF 30B and the AEF 30C via an access network and a core network.
 なお、図8及び図9はシステム構成の一例を示すものであり、これに限られない。例えば、AEF30C、APF30D及びAMF30Eが信頼済PLMNドメイン外にあってもよい。 Note that FIGS. 8 and 9 show an example of the system configuration, and the system configuration is not limited thereto. For example, AEF 30C, APF 30D, and AMF 30E may be outside the trusted PLMN domain.
 (実施の形態の効果)
 以上説明した技術により、リソース保持者クライアント40(リソース保持者が保持する端末)に対してあらかじめ認可を取り消す条件を設定しておくことで、不用意にAPI呼び出しが許可されたままになることを防ぐことができる。 (Effects of embodiment)
Using the technology described above, by setting conditions for revoking authorization in advance for the resource holder client 40 (terminal held by the resource holder), it is possible to prevent API calls from being inadvertently allowed. It can be prevented.
 既存のOAuth 2.0の仕様ではトークン自身に有効期限を持たせることができるが、本実施の形態に係る技術ではそれ以上に、端末の位置情報やアプリの状態、リアルタイムな通信品質など、動的な情報をもとに認可の取り消しをより柔軟に制御することが可能になる。 In the existing OAuth 2.0 specification, the token itself can have an expiration date, but the technology according to this embodiment goes beyond that by providing dynamic information such as device location information, application status, and real-time communication quality. This makes it possible to more flexibly control authorization revocation based on relevant information.
 これにより、特定の条件下でのみAPI呼び出しを許可し、それ以外の場合にはAPI呼び出しを取り消す操作が、端末利用者の手動でなく、自動でできるようになる。 This allows the terminal user to automatically allow API calls only under certain conditions and cancel them otherwise.
 (装置構成)
 次に、これまでに説明した処理及び動作を実施する基地局10、ネットワークノード装置30、リソース保持者クライアント40、データベース50、及び端末20の機能構成例を説明する。なお、認可サーバ35とデータベース50と外部サーバ60はいずれも、ネットワークノード装置30の一種である。なお、認可サーバ35の内部にデータベース50が備えられてもよい。 (Device configuration)
Next, an example of the functional configuration of the base station 10, network node device 30, resource holder client 40, database 50, and terminal 20 that implement the processes and operations described above will be described. Note that the authorization server 35, database 50, and external server 60 are all types of network node device 30. Note that the database 50 may be provided inside the authorization server 35.
 なお、基地局10、ネットワークノード装置30、リソース保持者クライアント40、データベース50、外部サーバ60、及び端末20はいずれも「通信装置」と呼んでもよい。 Note that the base station 10, network node device 30, resource holder client 40, database 50, external server 60, and terminal 20 may all be referred to as "communication devices."
 <基地局10及びネットワークノード装置30>
 図10は、基地局10の機能構成の一例を示す図である。図10に示されるように、基地局10は、送信部110と、受信部120と、設定部130と、制御部140とを有する。図10に示される機能構成は一例に過ぎない。本発明の実施の形態に係る動作を実施できるのであれば、機能区分及び機能部の名称はどのようなものでもよい。 <Base station 10 and network node device 30>
FIG. 10 is a diagram showing an example of the functional configuration of the base station 10. As shown in FIG. As shown in FIG. 10, base station 10 includes a transmitting section 110, a receiving section 120, a setting section 130, and a control section 140. The functional configuration shown in FIG. 10 is only an example. As long as the operations according to the embodiments of the present invention can be carried out, the functional divisions and functional parts may have any names.
 なお、ネットワークノード装置30(例えばAEF30Cの機能を有するネットワークノード装置30、認可サーバ35、データベース50、外部サーバ60等)は、図10に示す基地局10と同様の機能構成を有してもよい。また、システムアーキテクチャ上で複数の異なる機能を有するネットワークノード装置30は、機能ごとに分離された複数のネットワークノード装置30から構成されてもよい。また、ネットワークノード装置30は、コアネットワーク又はアクセスネットワークに存在するネットワークノード装置に限定されず、PLMNドメインに属するネットワークノード装置に対応してもよい。また、リソース保持者クライアント40についても図10に示す機能構成を有してもよい。 Note that the network node device 30 (for example, the network node device 30 having the function of the AEF 30C, the authorization server 35, the database 50, the external server 60, etc.) may have the same functional configuration as the base station 10 shown in FIG. . Further, the network node device 30 having a plurality of different functions in the system architecture may be configured from a plurality of network node devices 30 separated for each function. Further, the network node device 30 is not limited to a network node device existing in a core network or an access network, but may correspond to a network node device belonging to a PLMN domain. Further, the resource holder client 40 may also have the functional configuration shown in FIG.
 送信部110は、端末20又は他のネットワークノード装置30に送信する信号を生成し、当該信号を有線又は無線で送信する機能を含む。受信部120は、端末20又は他のネットワークノード装置30から送信された各種の信号を受信し、受信した信号から、例えばより上位のレイヤの情報を取得する機能を含む。 The transmitting unit 110 includes a function of generating a signal to be transmitted to the terminal 20 or other network node device 30, and transmitting the signal by wire or wirelessly. The receiving unit 120 includes a function of receiving various signals transmitted from the terminal 20 or other network node devices 30 and acquiring, for example, information of a higher layer from the received signals.
 設定部130は、各種の設定情報を記憶装置に格納し、必要に応じて記憶装置から読み出す。 The setting unit 130 stores various setting information in a storage device, and reads it from the storage device as necessary.
 制御部140は、装置全体の制御を行う。制御部140における信号送信に関する機能部を送信部110に含め、制御部140における信号受信に関する機能部を受信部120に含めてもよい。 The control unit 140 controls the entire device. A functional unit related to signal transmission in the control unit 140 may be included in the transmitting unit 110, and a functional unit related to signal reception in the control unit 140 may be included in the receiving unit 120.
 <端末20>
 図11は、端末20の機能構成の一例を示す図である。図11に示されるように、端末20は、送信部210と、受信部220と、設定部230と、制御部240とを有する。図11に示される機能構成は一例に過ぎない。本発明の実施の形態に係る動作を実施できるのであれば、機能区分及び機能部の名称はどのようなものでもよい。端末20は、リソース保持者クライアント40として機能するものであってもよい。 <Terminal 20>
FIG. 11 is a diagram showing an example of the functional configuration of the terminal 20. As shown in FIG. 11, the terminal 20 includes a transmitting section 210, a receiving section 220, a setting section 230, and a control section 240. The functional configuration shown in FIG. 11 is only an example. As long as the operations according to the embodiments of the present invention can be carried out, the functional divisions and functional parts may have any names. The terminal 20 may function as a resource holder client 40.
 送信部210は、送信データから送信信号を作成し、当該送信信号を無線で送信する。受信部220は、各種の信号を無線受信し、受信した物理レイヤの信号からより上位のレイヤの信号を取得する。また、受信部220は、基地局10あるいはネットワークノード装置30から送信されるNR-PSS、NR-SSS、NR-PBCH、DL/UL制御信号又は参照信号等を受信する機能を有する。 The transmitter 210 creates a transmission signal from the transmission data and wirelessly transmits the transmission signal. The receiving unit 220 wirelessly receives various signals and obtains higher layer signals from the received physical layer signals. Further, the receiving unit 220 has a function of receiving NR-PSS, NR-SSS, NR-PBCH, DL/UL control signals, reference signals, etc. transmitted from the base station 10 or the network node device 30.
 設定部230は、受信部220により基地局10あるいはネットワークノード装置30から受信した各種の設定情報を記憶装置に格納し、必要に応じて記憶装置から読み出す。また、当該記憶装置には、認可取り消しの条件も格納される。 The setting unit 230 stores various setting information received from the base station 10 or network node device 30 by the receiving unit 220 in a storage device, and reads it from the storage device as necessary. The storage device also stores conditions for authorization cancellation.
 制御部240は、例えば、ネットワーク及びネットワークスライスへの接続制御に係る処理を行う。制御部240における信号送信に関する機能部を送信部210に含め、制御部240における信号受信に関する機能部を受信部220に含めてもよい。端末20がリソース保持者クライアント40として機能する場合において、端末20は、スマートフォン等と同様の、入出力可能なディスプレイを備えてもよい。 The control unit 240 performs, for example, processing related to connection control to networks and network slices. A functional unit related to signal transmission in the control unit 240 may be included in the transmitting unit 210, and a functional unit related to signal reception in the control unit 240 may be included in the receiving unit 220. When the terminal 20 functions as the resource holder client 40, the terminal 20 may be equipped with a display capable of inputting and outputting, similar to a smartphone or the like.
 <付記>
 本実施の形態により、少なくとも、下記の付記項1~付記項6に示す通信装置、ネットワークノード装置、及び認可制御方法が提供される。
(付記項1)
 APIの呼び出しの認可を取り消すための条件を満たすイベントが発生したか否かを判断する制御部と、
 前記イベントが発生したと判断された場合に、前記APIの呼び出しの認可を取り消す要求をネットワークノード装置に送信する送信部と
 を備える通信装置。
(付記項2)
 前記条件は、少なくとも、アプリケーションの状態に関する条件、時間に関する条件、位置に関する条件、通信品質に関する条件、及び無線品質に関する条件を含む複数の条件のうちのいずれかの条件である
 付記項1に記載の通信装置。
(付記項3)
 APIの呼び出しの認可を取り消すための条件を満たすイベントを検知した通信装置から、前記APIの呼び出しの認可を取り消す要求を受信する受信部と、
 前記要求に基づいて、前記APIの呼び出しの認可を取り消す処理を実行する制御部と
 を備えるネットワークノード装置。
(付記項4)
 前記制御部は、前記APIの呼び出しに使用されるアクセス許可情報をデータベースから削除する、又は、前記アクセス許可情報を使用不可の状態とする
 付記項3に記載のネットワークノード装置。
(付記項5)
 APIの呼び出しの認可を取り消すための条件を満たすイベントが発生したか否かを判断し、
 前記イベントが発生したと判断された場合に、前記APIの呼び出しの認可を取り消す要求をネットワークノード装置に送信する、
 通信装置が実行する認可制御方法。
(付記項6)
 APIの呼び出しの認可を取り消すための条件を満たすイベントを検知した通信装置から、前記APIの呼び出しの認可を取り消す要求を受信し、
 前記要求に基づいて、前記APIの呼び出しの認可を取り消す処理を実行する、
 ネットワークノード装置が実行する認可制御方法。 <Additional notes>
The present embodiment provides at least the communication device, network node device, and authorization control method shown in Additional Notes 1 to 6 below.
(Additional note 1)
a control unit that determines whether an event that satisfies conditions for canceling authorization for calling the API has occurred;
a transmission unit that transmits a request to cancel authorization for calling the API to a network node device when it is determined that the event has occurred.
(Additional note 2)
The condition is any one of a plurality of conditions including at least a condition related to an application state, a condition related to time, a condition related to location, a condition related to communication quality, and a condition related to wireless quality. Communication device.
(Additional note 3)
a receiving unit that receives a request to cancel authorization for calling the API from a communication device that has detected an event that satisfies conditions for canceling authorization for calling the API;
and a control unit that executes a process of canceling authorization for calling the API based on the request.
(Additional note 4)
The network node device according to appendix 3, wherein the control unit deletes the access permission information used for calling the API from the database or makes the access permission information unusable.
(Additional note 5)
Determine whether an event that satisfies the conditions for revoking the authorization of the API call has occurred;
If it is determined that the event has occurred, transmitting a request to cancel authorization for calling the API to the network node device;
An authorization control method executed by a communication device.
(Additional note 6)
receiving a request to revoke authorization for calling the API from a communication device that has detected an event that satisfies conditions for revoking authorization for calling the API;
Based on the request, perform processing to revoke authorization for calling the API;
An authorization control method executed by a network node device.
 付記項1~付記項6のいずれによっても、一旦認可されたAPI呼び出しの認可を取り消すことを可能とする技術が提供される。付記項2によれば、種々の条件に基づく判断が可能となる。付記項4によれば、API呼び出し許可を取り消す処理を適切に実行できる。 Any of Supplementary Notes 1 to 6 provides a technology that makes it possible to revoke authorization for an API call once authorized. According to Additional Note 2, judgments can be made based on various conditions. According to Additional Note 4, the process of canceling API call permission can be appropriately executed.
 (ハードウェア構成)
 上記実施形態の説明に用いたブロック図(図10及び図11)は、機能単位のブロックを示している。これらの機能ブロック(構成部)は、ハードウェア及びソフトウェアの少なくとも一方の任意の組み合わせによって実現される。また、各機能ブロックの実現方法は特に限定されない。すなわち、各機能ブロックは、物理的又は論理的に結合した1つの装置を用いて実現されてもよいし、物理的又は論理的に分離した2つ以上の装置を直接的又は間接的に(例えば、有線、無線などを用いて)接続し、これら複数の装置を用いて実現されてもよい。機能ブロックは、上記1つの装置又は上記複数の装置にソフトウェアを組み合わせて実現されてもよい。 (Hardware configuration)
The block diagrams (FIGS. 10 and 11) used to explain the above embodiments show blocks in functional units. These functional blocks (components) are realized by any combination of at least one of hardware and software. Furthermore, the method for realizing each functional block is not particularly limited. That is, each functional block may be realized using one physically or logically coupled device, or may be realized using two or more physically or logically separated devices directly or indirectly (e.g. , wired, wireless, etc.) and may be realized using a plurality of these devices. The functional block may be realized by combining software with the one device or the plurality of devices.
 機能には、判断、決定、判定、計算、算出、処理、導出、調査、探索、確認、受信、送信、出力、アクセス、解決、選択、選定、確立、比較、想定、期待、見做し、報知(broadcasting)、通知(notifying)、通信(communicating)、転送(forwarding)、構成(configuring)、再構成(reconfiguring)、割り当て(allocating、mapping)、割り振り(assigning)などがあるが、これらに限られない。たとえば、送信を機能させる機能ブロック(構成部)は、送信部(transmitting unit)や送信機(transmitter)と呼称される。いずれも、上述したとおり、実現方法は特に限定されない。 Functions include judgment, decision, judgment, calculation, calculation, processing, derivation, investigation, exploration, confirmation, reception, transmission, output, access, resolution, selection, selection, establishment, comparison, assumption, expectation, consideration, These include, but are not limited to, broadcasting, notifying, communicating, forwarding, configuring, reconfiguring, allocating, mapping, and assigning. I can't do it. For example, a functional block (configuration unit) that performs transmission is called a transmitting unit or a transmitter. In either case, as described above, the implementation method is not particularly limited.
 例えば、本開示の一実施の形態におけるネットワークノード装置30、端末20等は、本開示の無線通信方法の処理を行うコンピュータとして機能してもよい。図12は、本開示の一実施の形態に係る基地局10、端末20、ネットワークノード装置30、認可サーバ35、リソース保持者クライアント40、外部サーバ60等のハードウェア構成の一例を示す図である。上述の各装置は、物理的には、プロセッサ1001、記憶装置1002、補助記憶装置1003、通信装置1004、入力装置1005、出力装置1006、バス1007などを含むコンピュータ装置として構成されてもよい。 For example, the network node device 30, terminal 20, etc. in an embodiment of the present disclosure may function as a computer that performs processing of the wireless communication method of the present disclosure. FIG. 12 is a diagram illustrating an example of the hardware configuration of the base station 10, terminal 20, network node device 30, authorization server 35, resource holder client 40, external server 60, etc. according to an embodiment of the present disclosure. . Each of the above devices may be physically configured as a computer device including a processor 1001, a storage device 1002, an auxiliary storage device 1003, a communication device 1004, an input device 1005, an output device 1006, a bus 1007, and the like.
 なお、以下の説明では、「装置」という文言は、回路、デバイス、ユニット等に読み替えることができる。基地局10、端末20、ネットワークノード装置30、認可サーバ35、リソース保持者クライアント40等のハードウェア構成は、図に示した各装置を1つ又は複数含むように構成されてもよいし、一部の装置を含まずに構成されてもよい。 Note that in the following description, the word "apparatus" can be read as a circuit, a device, a unit, etc. The hardware configuration of the base station 10, terminal 20, network node device 30, authorization server 35, resource holder client 40, etc. may be configured to include one or more of each device shown in the figure, or may be configured to include one or more of each device shown in the figure. It may also be configured without including any other device.
 基地局10、端末20、ネットワークノード装置30、認可サーバ35、リソース保持者クライアント40、外部サーバ60等における各機能は、プロセッサ1001、記憶装置1002等のハードウェア上に所定のソフトウェア(プログラム)を読み込ませることによって、プロセッサ1001が演算を行い、通信装置1004による通信を制御したり、記憶装置1002及び補助記憶装置1003におけるデータの読み出し及び書き込みの少なくとも一方を制御したりすることによって実現される。 Each function in the base station 10, terminal 20, network node device 30, authorization server 35, resource holder client 40, external server 60, etc. is implemented by predetermined software (program) on hardware such as the processor 1001, storage device 1002, etc. This is achieved by causing the processor 1001 to perform calculations and controlling communication by the communication device 1004 and/or controlling at least one of data reading and writing in the storage device 1002 and the auxiliary storage device 1003.
 プロセッサ1001は、例えば、オペレーティングシステムを動作させてコンピュータ全体を制御する。プロセッサ1001は、周辺装置とのインタフェース、制御装置、演算装置、レジスタ等を含む中央処理装置(CPU:Central Processing Unit)で構成されてもよい。例えば、上述の制御部140、制御部240等は、プロセッサ1001によって実現されてもよい。 The processor 1001, for example, operates an operating system to control the entire computer. The processor 1001 may be configured with a central processing unit (CPU) including an interface with peripheral devices, a control device, an arithmetic unit, registers, and the like. For example, the above-described control unit 140, control unit 240, etc. may be implemented by the processor 1001.
 また、プロセッサ1001は、プログラム(プログラムコード)、ソフトウェアモジュール又はデータ等を、補助記憶装置1003及び通信装置1004の少なくとも一方から記憶装置1002に読み出し、これらに従って各種の処理を実行する。プログラムとしては、上述の実施の形態において説明した動作の少なくとも一部をコンピュータに実行させるプログラムが用いられる。例えば、図10に示した制御部140は、記憶装置1002に格納され、プロセッサ1001で動作する制御プログラムによって実現されてもよい。また、例えば、図11に示した制御部240は、記憶装置1002に格納され、プロセッサ1001で動作する制御プログラムによって実現されてもよい。上述の各種処理は、1つのプロセッサ1001によって実行される旨を説明してきたが、2以上のプロセッサ1001により同時又は逐次に実行されてもよい。プロセッサ1001は、1以上のチップによって実装されてもよい。なお、プログラムは、電気通信回線を介してネットワークから送信されてもよい。 Furthermore, the processor 1001 reads programs (program codes), software modules, data, etc. from at least one of the auxiliary storage device 1003 and the communication device 1004 to the storage device 1002, and executes various processes in accordance with these. As the program, a program that causes a computer to execute at least part of the operations described in the above embodiments is used. For example, the control unit 140 shown in FIG. 10 may be realized by a control program stored in the storage device 1002 and operated on the processor 1001. Further, for example, the control unit 240 shown in FIG. 11 may be realized by a control program stored in the storage device 1002 and operated by the processor 1001. Although the various processes described above have been described as being executed by one processor 1001, they may be executed by two or more processors 1001 simultaneously or sequentially. Processor 1001 may be implemented by one or more chips. Note that the program may be transmitted from a network via a telecommunications line.
 記憶装置1002は、コンピュータ読み取り可能な記録媒体であり、例えば、ROM(Read Only Memory)、EPROM(Erasable Programmable ROM)、EEPROM(Electrically Erasable Programmable ROM)、RAM(Random Access Memory)等の少なくとも1つによって構成されてもよい。記憶装置1002は、レジスタ、キャッシュ、メインメモリ(主記憶装置)等と呼ばれてもよい。記憶装置1002は、本開示の一実施の形態に係る通信方法を実施するために実行可能なプログラム(プログラムコード)、ソフトウェアモジュール等を保存することができる。 The storage device 1002 is a computer-readable recording medium, such as at least one of ROM (Read Only Memory), EPROM (Erasable Programmable ROM), EEPROM (Electrically Erasable Programmable ROM), RAM (Random Access Memory), etc. may be configured. The storage device 1002 may be called a register, cache, main memory, or the like. The storage device 1002 can store executable programs (program codes), software modules, and the like to implement a communication method according to an embodiment of the present disclosure.
 補助記憶装置1003は、コンピュータ読み取り可能な記録媒体であり、例えば、CD-ROM(Compact Disc ROM)等の光ディスク、ハードディスクドライブ、フレキシブルディスク、光磁気ディスク(例えば、コンパクトディスク、デジタル多用途ディスク、Blu-ray(登録商標)ディスク)、スマートカード、フラッシュメモリ(例えば、カード、スティック、キードライブ)、フロッピー(登録商標)ディスク、磁気ストリップ等の少なくとも1つによって構成されてもよい。上述の記憶媒体は、例えば、記憶装置1002及び補助記憶装置1003の少なくとも一方を含むデータベース、サーバその他の適切な媒体であってもよい。 The auxiliary storage device 1003 is a computer-readable recording medium, such as an optical disk such as a CD-ROM (Compact Disc ROM), a hard disk drive, a flexible disk, a magneto-optical disk (for example, a compact disk, a digital versatile disk, a Blu-ray disk, etc.). -ray disk), smart card, flash memory (eg, card, stick, key drive), floppy disk, magnetic strip, etc. The above-mentioned storage medium may be, for example, a database including at least one of the storage device 1002 and the auxiliary storage device 1003, a server, or other suitable medium.
 通信装置1004は、有線ネットワーク及び無線ネットワークの少なくとも一方を介してコンピュータ間の通信を行うためのハードウェア(送受信デバイス)であり、例えばネットワークデバイス、ネットワークコントローラ、ネットワークカード、通信モジュールなどともいう。通信装置1004は、例えば周波数分割複信(FDD:Frequency Division Duplex)及び時分割複信(TDD:Time Division Duplex)の少なくとも一方を実現するために、高周波スイッチ、デュプレクサ、フィルタ、周波数シンセサイザなどを含んで構成されてもよい。例えば、送受信アンテナ、アンプ部、送受信部、伝送路インタフェース等は、通信装置1004によって実現されてもよい。送受信部は、送信部と受信部とで、物理的に、または論理的に分離された実装がなされてもよい。 The communication device 1004 is hardware (transmission/reception device) for communicating between computers via at least one of a wired network and a wireless network, and is also referred to as a network device, network controller, network card, communication module, etc., for example. The communication device 1004 includes, for example, a high frequency switch, a duplexer, a filter, a frequency synthesizer, etc. in order to realize at least one of frequency division duplex (FDD) and time division duplex (TDD). It may be composed of. For example, a transmitting/receiving antenna, an amplifier section, a transmitting/receiving section, a transmission line interface, etc. may be realized by the communication device 1004. The transmitting and receiving unit may be physically or logically separated into a transmitting unit and a receiving unit.
 入力装置1005は、外部からの入力を受け付ける入力デバイス(例えば、キーボード、マウス、マイクロフォン、スイッチ、ボタン、センサ等)である。出力装置1006は、外部への出力を実施する出力デバイス(例えば、ディスプレイ、スピーカー、LEDランプ等)である。なお、入力装置1005及び出力装置1006は、一体となった構成(例えば、タッチパネル)であってもよい。 The input device 1005 is an input device (eg, keyboard, mouse, microphone, switch, button, sensor, etc.) that accepts input from the outside. The output device 1006 is an output device (for example, a display, a speaker, an LED lamp, etc.) that performs output to the outside. Note that the input device 1005 and the output device 1006 may have an integrated configuration (for example, a touch panel).
 また、プロセッサ1001及び記憶装置1002等の各装置は、情報を通信するためのバス1007によって接続される。バス1007は、単一のバスを用いて構成されてもよいし、装置間ごとに異なるバスを用いて構成されてもよい。 Further, each device such as the processor 1001 and the storage device 1002 is connected by a bus 1007 for communicating information. The bus 1007 may be configured using a single bus, or may be configured using different buses for each device.
 また、基地局10、端末20、ネットワークノード装置30、認可サーバ35,リソース保持者クライアント40、外部サーバ35等は、マイクロプロセッサ、デジタル信号プロセッサ(DSP:Digital Signal Processor)、ASIC(Application Specific Integrated Circuit)、PLD(Programmable Logic Device)、FPGA(Field Programmable Gate Array)等のハードウェアを含んで構成されてもよく、当該ハードウェアにより、各機能ブロックの一部又は全てが実現されてもよい。例えば、プロセッサ1001は、これらのハードウェアの少なくとも1つを用いて実装されてもよい。 In addition, the base station 10, terminal 20, network node device 30, authorization server 35, resource holder client 40, external server 35, etc. are equipped with a microprocessor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), etc. ), PLD (Programmable Logic Device), FPGA (Field Programmable Gate Array), etc., and a part or all of each functional block may be realized by the hardware. For example, processor 1001 may be implemented using at least one of these hardwares.
 また、端末20、基地局10、ネットワークノード装置30、認可サーバ35、リソース保持者クライアント40、外部サーバ60のそれぞれ、又は、これらのうちのいずれか1つ又は複数を車両2001に備えてもよい。図13に車両2001の構成例を示す。図13に示すように、車両2001は駆動部2002、操舵部2003、アクセルペダル2004、ブレーキペダル2005、シフトレバー2006、前輪2007、後輪2008、車軸2009、電子制御部2010、各種センサ2021~2029、情報サービス部2012と通信モジュール2013を備える。本開示において説明した各態様/実施形態は、車両2001に搭載される通信装置に適用されてもよく、例えば、通信モジュール2013に適用されてもよい。端末20、基地局10、ネットワークノード装置30、認可サーバ35、及びリソース保持者クライアント40の全ての機能あるいはこれらのうちのいずれかの機能が通信モジュール2013に搭載されてもよい。 Further, the vehicle 2001 may be provided with each of the terminal 20, the base station 10, the network node device 30, the authorization server 35, the resource holder client 40, and the external server 60, or any one or more of these. . FIG. 13 shows an example of the configuration of vehicle 2001. As shown in FIG. 13, the vehicle 2001 includes a drive unit 2002, a steering unit 2003, an accelerator pedal 2004, a brake pedal 2005, a shift lever 2006, a front wheel 2007, a rear wheel 2008, an axle 2009, an electronic control unit 2010, and various sensors 2021 to 2029. , an information service section 2012 and a communication module 2013. Each aspect/embodiment described in this disclosure may be applied to a communication device mounted on vehicle 2001, for example, may be applied to communication module 2013. All or any functions of the terminal 20, base station 10, network node device 30, authorization server 35, and resource holder client 40 may be installed in the communication module 2013.
 駆動部2002は例えば、エンジン、モータ、エンジンとモータのハイブリッドで構成される。操舵部2003は、少なくともステアリングホイール(ハンドルとも呼ぶ)を含み、ユーザによって操作されるステアリングホイールの操作に基づいて前輪及び後輪の少なくとも一方を操舵するように構成される。 The drive unit 2002 is composed of, for example, an engine, a motor, or a hybrid of an engine and a motor. The steering unit 2003 includes at least a steering wheel (also referred to as a steering wheel), and is configured to steer at least one of the front wheels and the rear wheels based on the operation of the steering wheel operated by the user.
 電子制御部2010は、マイクロプロセッサ2031、メモリ(ROM、RAM)2032、通信ポート(IOポート)2033で構成される。電子制御部2010には、車両2001に備えられた各種センサ2021~2029からの信号が入力される。電子制御部2010は、ECU(Electronic Control Unit)と呼んでも良い。 The electronic control unit 2010 is composed of a microprocessor 2031, memory (ROM, RAM) 2032, and communication port (IO port) 2033. Signals from various sensors 2021 to 2029 provided in the vehicle 2001 are input to the electronic control unit 2010. The electronic control unit 2010 may also be called an ECU (Electronic Control Unit).
 各種センサ2021~2029からの信号としては、モータの電流をセンシングする電流センサ2021からの電流信号、回転数センサ2022によって取得された前輪や後輪の回転数信号、空気圧センサ2023によって取得された前輪や後輪の空気圧信号、車速センサ2024によって取得された車速信号、加速度センサ2025によって取得された加速度信号、アクセルペダルセンサ2029によって取得されたアクセルペダルの踏み込み量信号、ブレーキペダルセンサ2026によって取得されたブレーキペダルの踏み込み量信号、シフトレバーセンサ2027によって取得されたシフトレバーの操作信号、物体検知センサ2028によって取得された障害物、車両、歩行者等を検出するための検出信号等がある。 Signals from various sensors 2021 to 2029 include a current signal from a current sensor 2021 that senses the motor current, a front wheel and rear wheel rotation speed signal obtained by a rotation speed sensor 2022, and a front wheel rotation speed signal obtained by an air pressure sensor 2023. and rear wheel air pressure signals, vehicle speed signals acquired by vehicle speed sensor 2024, acceleration signals acquired by acceleration sensor 2025, accelerator pedal depression amount signals acquired by accelerator pedal sensor 2029, and brake pedal sensor 2026. These include a brake pedal depression amount signal, a shift lever operation signal acquired by the shift lever sensor 2027, a detection signal for detecting obstacles, vehicles, pedestrians, etc. acquired by the object detection sensor 2028, and the like.
 情報サービス部2012は、カーナビゲーションシステム、オーディオシステム、スピーカー、テレビ、ラジオといった、運転情報、交通情報、エンターテイメント情報等の各種情報を提供するための各種機器と、これらの機器を制御する1つ以上のECUとから構成される。情報サービス部2012は、外部装置から通信モジュール2013等を介して取得した情報を利用して、車両2001の乗員に各種マルチメディア情報及びマルチメディアサービスを提供する。 The information service department 2012 includes various devices such as car navigation systems, audio systems, speakers, televisions, and radios for providing various information such as driving information, traffic information, and entertainment information, as well as one or more devices that control these devices. It consists of an ECU. The information service unit 2012 provides various multimedia information and multimedia services to the occupants of the vehicle 2001 using information acquired from an external device via the communication module 2013 and the like.
 運転支援システム部2030は、ミリ波レーダ、LiDAR(Light Detection and Ranging)、カメラ、測位ロケータ(例えば、GNSS等)、地図情報(例えば、高精細(HD)マップ、自動運転車(AV)マップ等)、ジャイロシステム(例えば、IMU(Inertial Measurement Unit)、INS(Inertial Navigation System)等)、AI(Artificial Intelligence)チップ、AIプロセッサといった、事故を未然に防止したりドライバの運転負荷を軽減したりするための機能を提供するための各種機器と、これらの機器を制御する1つ以上のECUとから構成される。また、運転支援システム部2030は、通信モジュール2013を介して各種情報を送受信し、運転支援機能又は自動運転機能を実現する。 The driving support system unit 2030 includes a millimeter wave radar, LiDAR (Light Detection and Ranging), a camera, a positioning locator (for example, GNSS, etc.), map information (for example, a high-definition (HD) map, an autonomous vehicle (AV) map, etc.) ), gyro systems (e.g., IMU (Inertial Measurement Unit), INS (Inertial Navigation System), etc.), AI (Artificial Intelligence) chips, and AI processors that prevent accidents and reduce the driver's driving burden. The system is comprised of various devices that provide functions for the purpose and one or more ECUs that control these devices. Further, the driving support system unit 2030 transmits and receives various information via the communication module 2013, and realizes a driving support function or an automatic driving function.
 通信モジュール2013は通信ポートを介して、マイクロプロセッサ2031および車両2001の構成要素と通信することができる。例えば、通信モジュール2013は通信ポート2033を介して、車両2001に備えられた駆動部2002、操舵部2003、アクセルペダル2004、ブレーキペダル2005、シフトレバー2006、前輪2007、後輪2008、車軸2009、電子制御部2010内のマイクロプロセッサ2031及びメモリ(ROM、RAM)2032、センサ2021~29との間でデータを送受信する。 Communication module 2013 can communicate with microprocessor 2031 and components of vehicle 2001 via a communication port. For example, the communication module 2013 communicates with the drive unit 2002, steering unit 2003, accelerator pedal 2004, brake pedal 2005, shift lever 2006, front wheels 2007, rear wheels 2008, axle 2009, electronic Data is transmitted and received between the microprocessor 2031, memory (ROM, RAM) 2032, and sensors 2021 to 29 in the control unit 2010.
 通信モジュール2013は、電子制御部2010のマイクロプロセッサ2031によって制御可能であり、外部装置と通信を行うことが可能な通信デバイスである。例えば、外部装置との間で無線通信を介して各種情報の送受信を行う。通信モジュール2013は、電子制御部2010の内部と外部のどちらにあってもよい。外部装置は、例えば、基地局、移動局等であってもよい。 The communication module 2013 is a communication device that can be controlled by the microprocessor 2031 of the electronic control unit 2010 and can communicate with external devices. For example, various information is transmitted and received with an external device via wireless communication. The communication module 2013 may be located either inside or outside the electronic control unit 2010. The external device may be, for example, a base station, a mobile station, or the like.
 通信モジュール2013は、電子制御部2010に入力された電流センサからの電流信号を、無線通信を介して外部装置へ送信する。また、通信モジュール2013は、電子制御部2010に入力された、回転数センサ2022によって取得された前輪や後輪の回転数信号、空気圧センサ2023によって取得された前輪や後輪の空気圧信号、車速センサ2024によって取得された車速信号、加速度センサ2025によって取得された加速度信号、アクセルペダルセンサ2029によって取得されたアクセルペダルの踏み込み量信号、ブレーキペダルセンサ2026によって取得されたブレーキペダルの踏み込み量信号、シフトレバーセンサ2027によって取得されたシフトレバーの操作信号、物体検知センサ2028によって取得された障害物、車両、歩行者等を検出するための検出信号等についても無線通信を介して外部装置へ送信する。 The communication module 2013 transmits the current signal from the current sensor input to the electronic control unit 2010 to an external device via wireless communication. In addition, the communication module 2013 also receives the front wheel and rear wheel rotational speed signals inputted to the electronic control unit 2010 and acquired by the rotational speed sensor 2022, the front wheel and rear wheel air pressure signals acquired by the air pressure sensor 2023, and the vehicle speed sensor. 2024, an acceleration signal obtained by acceleration sensor 2025, an accelerator pedal depression amount signal obtained by accelerator pedal sensor 2029, a brake pedal depression amount signal obtained by brake pedal sensor 2026, and a shift lever. A shift lever operation signal acquired by the sensor 2027, a detection signal for detecting obstacles, vehicles, pedestrians, etc. acquired by the object detection sensor 2028 are also transmitted to the external device via wireless communication.
 通信モジュール2013は、外部装置から送信されてきた種々の情報(交通情報、信号情報、車間情報等)を受信し、車両2001に備えられた情報サービス部2012へ表示する。また、通信モジュール2013は、外部装置から受信した種々の情報をマイクロプロセッサ2031によって利用可能なメモリ2032へ記憶する。メモリ2032に記憶された情報に基づいて、マイクロプロセッサ2031が車両2001に備えられた駆動部2002、操舵部2003、アクセルペダル2004、ブレーキペダル2005、シフトレバー2006、前輪2007、後輪2008、車軸2009、センサ2021~2029等の制御を行ってもよい。 The communication module 2013 receives various information (traffic information, signal information, inter-vehicle information, etc.) transmitted from an external device, and displays it on the information service section 2012 provided in the vehicle 2001. Communication module 2013 also stores various information received from external devices into memory 2032 that can be used by microprocessor 2031 . Based on the information stored in the memory 2032, the microprocessor 2031 controls the drive section 2002, steering section 2003, accelerator pedal 2004, brake pedal 2005, shift lever 2006, front wheel 2007, rear wheel 2008, and axle 2009 provided in the vehicle 2001. , sensors 2021 to 2029, etc. may be controlled.
 (実施形態の補足)
 以上、本発明の実施の形態を説明してきたが、開示される発明はそのような実施形態に限定されず、当業者は様々な変形例、修正例、代替例、置換例等を理解するであろう。発明の理解を促すため具体的な数値例を用いて説明がなされたが、特に断りのない限り、それらの数値は単なる一例に過ぎず適切な如何なる値が使用されてもよい。上記の説明における項目の区分けは本発明に本質的ではなく、2以上の項目に記載された事項が必要に応じて組み合わせて使用されてよいし、ある項目に記載された事項が、別の項目に記載された事項に(矛盾しない限り)適用されてよい。機能ブロック図における機能部又は処理部の境界は必ずしも物理的な部品の境界に対応するとは限らない。複数の機能部の動作が物理的には1つの部品で行われてもよいし、あるいは1つの機能部の動作が物理的には複数の部品により行われてもよい。実施の形態で述べた処理手順については、矛盾の無い限り処理の順序を入れ替えてもよい。処理説明の便宜上、基地局10、端末20、ネットワークノード装置30、認可サーバ35、リソース保持者クライアント40等は機能的なブロック図を用いて説明されたが、そのような装置はハードウェアで、ソフトウェアで又はそれらの組み合わせで実現されてもよい。本発明の実施の形態に従って基地局10、端末20、ネットワークノード装置30、認可サーバ35、リソース保持者クライアント40等が有するプロセッサにより動作するソフトウェアはそれぞれ、ランダムアクセスメモリ(RAM)、フラッシュメモリ、読み取り専用メモリ(ROM)、EPROM、EEPROM、レジスタ、ハードディスク(HDD)、リムーバブルディスク、CD-ROM、データベース、サーバその他の適切な如何なる記憶媒体に保存されてもよい。 (Supplementary information on the embodiment)
Although the embodiments of the present invention have been described above, the disclosed invention is not limited to such embodiments, and those skilled in the art will understand various modifications, modifications, alternatives, replacements, etc. Probably. Although the invention has been explained using specific numerical examples to facilitate understanding of the invention, unless otherwise specified, these numerical values are merely examples, and any appropriate values may be used. The classification of items in the above explanation is not essential to the present invention, and matters described in two or more items may be used in combination as necessary, and matters described in one item may be used in another item. may be applied to the matters described in (unless inconsistent). The boundaries of functional units or processing units in the functional block diagram do not necessarily correspond to the boundaries of physical components. The operations of a plurality of functional sections may be physically performed by one component, or the operations of one functional section may be physically performed by a plurality of components. Regarding the processing procedures described in the embodiments, the order of processing may be changed as long as there is no contradiction. For convenience of processing explanation, the base station 10, terminal 20, network node device 30, authorization server 35, resource holder client 40, etc. have been explained using a functional block diagram, but such devices are hardware, It may be implemented in software or a combination thereof. According to the embodiment of the present invention, the software operated by the processors of the base station 10, terminal 20, network node device 30, authorization server 35, resource holder client 40, etc. includes random access memory (RAM), flash memory, read memory, etc. The information may be stored in a dedicated memory (ROM), EPROM, EEPROM, register, hard disk (HDD), removable disk, CD-ROM, database, server, or any other suitable storage medium.
 また、情報の通知は、本開示で説明した態様/実施形態に限られず、他の方法を用いて行われてもよい。例えば、情報の通知は、物理レイヤシグナリング(例えば、DCI(Downlink Control Information)、UCI(Uplink Control Information))、上位レイヤシグナリング(例えば、RRC(Radio Resource Control)シグナリング、MAC(Medium Access Control)シグナリング)、報知情報(MIB(Master Information Block)、SIB(System Information Block))、その他の信号又はこれらの組み合わせによって実施されてもよい。また、RRCシグナリングは、RRCメッセージと呼ばれてもよく、例えば、RRC接続セットアップ(RRC Connection Setup)メッセージ、RRC接続再構成(RRC Connection Reconfiguration)メッセージ等であってもよい。 Furthermore, the notification of information is not limited to the aspects/embodiments described in this disclosure, and may be performed using other methods. For example, the notification of information may be physical layer signaling (e.g., DCI (Downlink Control Information), UCI (Uplink Control Information)), upper layer signaling (e.g., RRC (Radio Resource Control) signaling, MAC (Medium Access Control) signaling). , broadcast information (MIB (Master Information Block), SIB (System Information Block)), other signals, or a combination thereof. Further, RRC signaling may be called an RRC message, and may be, for example, an RRC Connection Setup message, an RRC Connection Reconfiguration message, or the like.
 本開示において説明した各態様/実施形態は、LTE(Long Term Evolution)、LTE-A(LTE-Advanced)、SUPER 3G、IMT-Advanced、4G(4th generation mobile communication system)、5G(5th generation mobile communication system)、FRA(Future Radio Access)、NR(new Radio)、W-CDMA(登録商標)、GSM(登録商標)、CDMA2000、UMB(Ultra Mobile Broadband)、IEEE 802.11(Wi-Fi(登録商標))、IEEE 802.16(WiMAX(登録商標))、IEEE 802.20、UWB(Ultra-WideBand)、Bluetooth(登録商標)、その他の適切なシステムを利用するシステム及びこれらに基づいて拡張された次世代システムの少なくとも一つに適用されてもよい。また、複数のシステムが組み合わされて(例えば、LTE及びLTE-Aの少なくとも一方と5Gとの組み合わせ等)適用されてもよい。 Each aspect/embodiment described in this disclosure is LTE (Long Term Evolution), LTE-A (LTE-Advanced), SUPER 3G, IMT-Advanced, 4G (4th generation mobile communication system), 5G (5th generation mobile communication system). system), FRA (Future Radio Access), NR (new Radio), W-CDMA (registered trademark), GSM (registered trademark), CDMA2000, UMB (Ultra Mobile Broadband), IEEE 802.11 (Wi-Fi (registered trademark) )), IEEE 802.16 (WiMAX (registered trademark)), IEEE 802.20, UWB (Ultra-WideBand), Bluetooth (registered trademark), and other appropriate systems and systems expanded based on these. It may be applied to at least one next generation system. Furthermore, a combination of a plurality of systems may be applied (for example, a combination of at least one of LTE and LTE-A and 5G).
 本明細書で説明した各態様/実施形態の処理手順、シーケンス、フローチャート等は、矛盾の無い限り、順序を入れ替えてもよい。例えば、本開示において説明した方法については、例示的な順序を用いて様々なステップの要素を提示しており、提示した特定の順序に限定されない。 The order of the processing procedures, sequences, flowcharts, etc. of each aspect/embodiment described in this specification may be changed as long as there is no contradiction. For example, the methods described in this disclosure use an example order to present elements of the various steps and are not limited to the particular order presented.
 本明細書において基地局10によって行われるとした特定動作は、場合によってはその上位ノード(upper node)によって行われることもある。基地局10を有する1つ又は複数のネットワークノード(network nodes)からなるネットワークにおいて、端末20との通信のために行われる様々な動作は、基地局10及び基地局10以外の他のネットワークノード(例えば、MME又はS-GW等が考えられるが、これらに限られない)の少なくとも1つによって行われ得ることは明らかである。上記において基地局10以外の他のネットワークノードが1つである場合を例示したが、他のネットワークノードは、複数の他のネットワークノードの組み合わせ(例えば、MME及びS-GW)であってもよい。 In this specification, specific operations performed by the base station 10 may be performed by its upper node in some cases. In a network consisting of one or more network nodes including a base station 10, various operations performed for communication with a terminal 20 are performed by the base station 10 and other network nodes other than the base station 10. It is clear that this can be done by at least one of the following: for example, MME or S-GW (possible, but not limited to). Although the case where there is one network node other than the base station 10 is illustrated above, the other network node may be a combination of multiple other network nodes (for example, MME and S-GW). .
 本開示において説明した情報又は信号等は、上位レイヤ(又は下位レイヤ)から下位レイヤ(又は上位レイヤ)へ出力され得る。複数のネットワークノードを介して入出力されてもよい。 The information, signals, etc. described in this disclosure can be output from an upper layer (or lower layer) to a lower layer (or upper layer). It may be input/output via multiple network nodes.
 入出力された情報等は特定の場所(例えば、メモリ)に保存されてもよいし、管理テーブルを用いて管理してもよい。入出力される情報等は、上書き、更新、又は追記され得る。出力された情報等は削除されてもよい。入力された情報等は他の装置へ送信されてもよい。 The input/output information may be stored in a specific location (for example, memory) or may be managed using a management table. Information etc. to be input/output may be overwritten, updated, or additionally written. The output information etc. may be deleted. The input information etc. may be transmitted to other devices.
 本開示における判定は、1ビットで表される値(0か1か)によって行われてもよいし、真偽値(Boolean:true又はfalse)によって行われてもよいし、数値の比較(例えば、所定の値との比較)によって行われてもよい。 The determination in the present disclosure may be performed based on a value represented by 1 bit (0 or 1), a truth value (Boolean: true or false), or a comparison of numerical values (e.g. , comparison with a predetermined value).
 ソフトウェアは、ソフトウェア、ファームウェア、ミドルウェア、マイクロコード、ハードウェア記述言語と呼ばれるか、他の名称で呼ばれるかを問わず、命令、命令セット、コード、コードセグメント、プログラムコード、プログラム、サブプログラム、ソフトウェアモジュール、アプリケーション、ソフトウェアアプリケーション、ソフトウェアパッケージ、ルーチン、サブルーチン、オブジェクト、実行可能ファイル、実行スレッド、手順、機能などを意味するよう広く解釈されるべきである。 Software includes instructions, instruction sets, code, code segments, program code, programs, subprograms, software modules, whether referred to as software, firmware, middleware, microcode, hardware description language, or by any other name. , should be broadly construed to mean an application, software application, software package, routine, subroutine, object, executable, thread of execution, procedure, function, etc.
 また、ソフトウェア、命令、情報などは、伝送媒体を介して送受信されてもよい。例えば、ソフトウェアが、有線技術(同軸ケーブル、光ファイバケーブル、ツイストペア、デジタル加入者回線(DSL:Digital Subscriber Line)など)及び無線技術(赤外線、マイクロ波など)の少なくとも一方を使用してウェブサイト、サーバ、又は他のリモートソースから送信される場合、これらの有線技術及び無線技術の少なくとも一方は、伝送媒体の定義内に含まれる。 Additionally, software, instructions, information, etc. may be sent and received via a transmission medium. For example, if the software uses wired technology (coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), etc.) and/or wireless technology (infrared, microwave, etc.) to create a website, When transmitted from a server or other remote source, these wired and/or wireless technologies are included within the definition of transmission medium.
 本開示において説明した情報、信号などは、様々な異なる技術のいずれかを使用して表されてもよい。例えば、上記の説明全体に渡って言及され得るデータ、命令、コマンド、情報、信号、ビット、シンボル、チップなどは、電圧、電流、電磁波、磁界若しくは磁性粒子、光場若しくは光子、又はこれらの任意の組み合わせによって表されてもよい。 The information, signals, etc. described in this disclosure may be represented using any of a variety of different technologies. For example, data, instructions, commands, information, signals, bits, symbols, chips, etc., which may be referred to throughout the above description, may refer to voltages, currents, electromagnetic waves, magnetic fields or magnetic particles, light fields or photons, or any of these. It may also be represented by a combination of
 なお、本開示において説明した用語及び本開示の理解に必要な用語については、同一の又は類似する意味を有する用語と置き換えてもよい。例えば、チャネル及びシンボルの少なくとも一方は信号(シグナリング)であってもよい。また、信号はメッセージであってもよい。また、コンポーネントキャリア(CC:Component Carrier)は、キャリア周波数、セル、周波数キャリアなどと呼ばれてもよい。 Note that terms explained in this disclosure and terms necessary for understanding this disclosure may be replaced with terms having the same or similar meanings. For example, at least one of the channel and the symbol may be a signal. Also, the signal may be a message. Further, a component carrier (CC) may also be called a carrier frequency, a cell, a frequency carrier, or the like.
 本開示において使用する「システム」及び「ネットワーク」という用語は、互換的に使用される。 As used in this disclosure, the terms "system" and "network" are used interchangeably.
 また、本開示において説明した情報、パラメータなどは、絶対値を用いて表されてもよいし、所定の値からの相対値を用いて表されてもよいし、対応する別の情報を用いて表されてもよい。例えば、無線リソースはインデックスによって指示されるものであってもよい。 In addition, the information, parameters, etc. described in this disclosure may be expressed using absolute values, relative values from a predetermined value, or using other corresponding information. may be expressed. For example, radio resources may be indicated by an index.
 上述したパラメータに使用する名称はいかなる点においても限定的な名称ではない。さらに、これらのパラメータを使用する数式等は、本開示で明示的に開示したものと異なる場合もある。様々なチャネル(例えば、PUCCH、PDCCHなど)及び情報要素は、あらゆる好適な名称によって識別できるので、これらの様々なチャネル及び情報要素に割り当てている様々な名称は、いかなる点においても限定的な名称ではない。 The names used for the parameters mentioned above are not restrictive in any respect. Furthermore, the mathematical formulas etc. using these parameters may differ from those explicitly disclosed in this disclosure. Since the various channels (e.g. PUCCH, PDCCH, etc.) and information elements may be identified by any suitable designation, the various names assigned to these various channels and information elements are in no way exclusive designations. isn't it.
 本開示においては、「基地局(BS:Base Station)」、「無線基地局」、「基地局」、「固定局(fixed station)」、「NodeB」、「eNodeB(eNB)」、「gNodeB(gNB)」、「アクセスポイント(access point)」、「送信ポイント(transmission point)」、「受信ポイント(reception point)」、「送受信ポイント(transmission/reception point)」、「セル」、「セクタ」、「セルグループ」、「キャリア」、「コンポーネントキャリア」などの用語は、互換的に使用され得る。基地局は、マクロセル、スモールセル、フェムトセル、ピコセルなどの用語で呼ばれる場合もある。 In this disclosure, "Base Station (BS)," "wireless base station," "base station," "fixed station," "NodeB," "eNodeB (eNB)," and "gNodeB ( gNB)”, “access point”, “transmission point”, “reception point”, “transmission/reception point”, “cell”, “sector”, Terms such as "cell group," "carrier," "component carrier," and the like may be used interchangeably. A base station is sometimes referred to by terms such as macrocell, small cell, femtocell, and picocell.
 基地局は、1つ又は複数(例えば、3つ)のセルを収容することができる。基地局が複数のセルを収容する場合、基地局のカバレッジエリア全体は複数のより小さいエリアに区分でき、各々のより小さいエリアは、基地局サブシステム(例えば、屋内用の小型基地局(RRH:Remote Radio Head))によって通信サービスを提供することもできる。「セル」又は「セクタ」という用語は、このカバレッジにおいて通信サービスを行う基地局及び基地局サブシステムの少なくとも一方のカバレッジエリアの一部又は全体を指す。 A base station can accommodate one or more (eg, three) cells. If a base station accommodates multiple cells, the overall coverage area of the base station can be partitioned into multiple smaller areas, and each smaller area is divided into multiple subsystems (e.g., small indoor base stations (RRHs)). Communication services can also be provided by Remote Radio Head). The term "cell" or "sector" refers to part or all of the coverage area of a base station and/or base station subsystem that provides communication services in this coverage.
 本開示においては、「移動局(MS:Mobile Station)」、「端末(user terminal)」、「端末(UE:User Equipment)」、「端末」などの用語は、互換的に使用され得る。 In this disclosure, terms such as "Mobile Station (MS)," "user terminal," "User Equipment (UE)," and "terminal" may be used interchangeably.
 移動局は、当業者によって、加入者局、モバイルユニット、加入者ユニット、ワイヤレスユニット、リモートユニット、モバイルデバイス、ワイヤレスデバイス、ワイヤレス通信デバイス、リモートデバイス、モバイル加入者局、アクセス端末、モバイル端末、ワイヤレス端末、リモート端末、ハンドセット、ユーザエージェント、モバイルクライアント、クライアント、又はいくつかの他の適切な用語で呼ばれる場合もある。 A mobile station is defined by a person skilled in the art as a subscriber station, mobile unit, subscriber unit, wireless unit, remote unit, mobile device, wireless device, wireless communication device, remote device, mobile subscriber station, access terminal, mobile terminal, wireless It may also be referred to as a terminal, remote terminal, handset, user agent, mobile client, client, or some other suitable terminology.
 基地局及び移動局の少なくとも一方は、送信装置、受信装置、通信装置などと呼ばれてもよい。なお、基地局及び移動局の少なくとも一方は、移動体に搭載されたデバイス、移動体自体などであってもよい。当該移動体は、乗り物(例えば、車、飛行機など)であってもよいし、無人で動く移動体(例えば、ドローン、自動運転車など)であってもよいし、ロボット(有人型又は無人型)であってもよい。なお、基地局及び移動局の少なくとも一方は、必ずしも通信動作時に移動しない装置も含む。例えば、基地局及び移動局の少なくとも一方は、センサなどのIoT(Internet of Things)機器であってもよい。 At least one of a base station and a mobile station may be called a transmitting device, a receiving device, a communication device, etc. Note that at least one of the base station and the mobile station may be a device mounted on a mobile body, the mobile body itself, or the like. The moving object may be a vehicle (for example, a car, an airplane, etc.), an unmanned moving object (for example, a drone, a self-driving car, etc.), or a robot (manned or unmanned). ). Note that at least one of the base station and the mobile station includes devices that do not necessarily move during communication operations. For example, at least one of the base station and the mobile station may be an IoT (Internet of Things) device such as a sensor.
 また、本開示における基地局は、端末で読み替えてもよい。例えば、基地局及び端末間の通信を、複数の端末20間の通信(例えば、D2D(Device-to-Device)、V2X(Vehicle-to-Everything)などと呼ばれてもよい)に置き換えた構成について、本開示の各態様/実施形態を適用してもよい。この場合、上述の基地局10が有する機能を端末20が有する構成としてもよい。また、「上り」及び「下り」などの文言は、端末間通信に対応する文言(例えば、「サイド(side)」)で読み替えられてもよい。例えば、上りチャネル、下りチャネルなどは、サイドチャネルで読み替えられてもよい。 Additionally, the base station in the present disclosure may be replaced by a terminal. For example, a configuration in which communication between a base station and a terminal is replaced with communication between a plurality of terminals 20 (for example, it may be called D2D (Device-to-Device), V2X (Vehicle-to-Everything), etc.) Each aspect/embodiment of the present disclosure may be applied. In this case, the terminal 20 may have the functions that the base station 10 described above has. Further, words such as "up" and "down" may be replaced with words corresponding to inter-terminal communication (for example, "side"). For example, uplink channels, downlink channels, etc. may be replaced with side channels.
 同様に、本開示における端末は、基地局で読み替えてもよい。この場合、上述の端末が有する機能を基地局が有する構成としてもよい。 Similarly, a terminal in the present disclosure may be replaced by a base station. In this case, a configuration may be adopted in which the base station has the functions that the above-described terminal has.
 本開示で使用する「判断(determining)」、「決定(determining)」という用語は、多種多様な動作を包含する場合がある。「判断」、「決定」は、例えば、判定(judging)、計算(calculating)、算出(computing)、処理(processing)、導出(deriving)、調査(investigating)、探索(looking up、search、inquiry)(例えば、テーブル、データベース又は別のデータ構造での探索)、確認(ascertaining)した事を「判断」「決定」したとみなす事などを含み得る。また、「判断」、「決定」は、受信(receiving)(例えば、情報を受信すること)、送信(transmitting)(例えば、情報を送信すること)、入力(input)、出力(output)、アクセス(accessing)(例えば、メモリ中のデータにアクセスすること)した事を「判断」「決定」したとみなす事などを含み得る。また、「判断」、「決定」は、解決(resolving)、選択(selecting)、選定(choosing)、確立(establishing)、比較(comparing)などした事を「判断」「決定」したとみなす事を含み得る。つまり、「判断」「決定」は、何らかの動作を「判断」「決定」したとみなす事を含み得る。また、「判断(決定)」は、「想定する(assuming)」、「期待する(expecting)」、「みなす(considering)」などで読み替えられてもよい。 As used in this disclosure, the terms "determining" and "determining" may encompass a wide variety of operations. "Judgment" and "decision" include, for example, judging, calculating, computing, processing, deriving, investigating, looking up, search, and inquiry. (e.g., searching in a table, database, or other data structure), and regarding an ascertaining as a "judgment" or "decision." In addition, "judgment" and "decision" refer to receiving (e.g., receiving information), transmitting (e.g., sending information), input, output, and access. (accessing) (e.g., accessing data in memory) may include considering something as a "judgment" or "decision." In addition, "judgment" and "decision" refer to resolving, selecting, choosing, establishing, comparing, etc. as "judgment" and "decision". may be included. In other words, "judgment" and "decision" may include regarding some action as having been "judged" or "determined." Further, "judgment (decision)" may be read as "assuming", "expecting", "considering", etc.
 「接続された(connected)」、「結合された(coupled)」という用語、又はこれらのあらゆる変形は、2又はそれ以上の要素間の直接的又は間接的なあらゆる接続又は結合を意味し、互いに「接続」又は「結合」された2つの要素間に1又はそれ以上の中間要素が存在することを含むことができる。要素間の結合又は接続は、物理的なものであっても、論理的なものであっても、或いはこれらの組み合わせであってもよい。例えば、「接続」は「アクセス」で読み替えられてもよい。本開示で使用する場合、2つの要素は、1又はそれ以上の電線、ケーブル及びプリント電気接続の少なくとも一つを用いて、並びにいくつかの非限定的かつ非包括的な例として、無線周波数領域、マイクロ波領域及び光(可視及び不可視の両方)領域の波長を有する電磁エネルギーなどを用いて、互いに「接続」又は「結合」されると考えることができる。 The terms "connected", "coupled", or any variations thereof, refer to any connection or coupling, direct or indirect, between two or more elements and to each other. It may include the presence of one or more intermediate elements between two elements that are "connected" or "coupled." The bonds or connections between elements may be physical, logical, or a combination thereof. For example, "connection" may be replaced with "access." As used in this disclosure, two elements may include one or more electrical wires, cables, and/or printed electrical connections, as well as in the radio frequency domain, as some non-limiting and non-inclusive examples. , electromagnetic energy having wavelengths in the microwave and optical (both visible and non-visible) ranges.
 参照信号は、RS(Reference Signal)と略称することもでき、適用される標準によってパイロット(Pilot)と呼ばれてもよい。 The reference signal can also be abbreviated as RS (Reference Signal), and may be called a pilot depending on the applied standard.
 本開示において使用する「に基づいて」という記載は、別段に明記されていない限り、「のみに基づいて」を意味しない。言い換えれば、「に基づいて」という記載は、「のみに基づいて」と「に少なくとも基づいて」の両方を意味する。 As used in this disclosure, the phrase "based on" does not mean "based solely on" unless explicitly stated otherwise. In other words, the phrase "based on" means both "based only on" and "based at least on."
 本開示において使用する「第1の」、「第2の」などの呼称を使用した要素へのいかなる参照も、それらの要素の量又は順序を全般的に限定しない。これらの呼称は、2つ以上の要素間を区別する便利な方法として本開示において使用され得る。したがって、第1及び第2の要素への参照は、2つの要素のみが採用され得ること、又は何らかの形で第1の要素が第2の要素に先行しなければならないことを意味しない。 As used in this disclosure, any reference to elements using the designations "first," "second," etc. does not generally limit the amount or order of those elements. These designations may be used in this disclosure as a convenient way to distinguish between two or more elements. Thus, reference to a first and second element does not imply that only two elements may be employed or that the first element must precede the second element in any way.
 上記の各装置の構成における「手段」を、「部」、「回路」、「デバイス」等に置き換えてもよい。 "Means" in the configurations of each of the above devices may be replaced with "unit", "circuit", "device", etc.
 本開示において、「含む(include)」、「含んでいる(including)」及びそれらの変形が使用されている場合、これらの用語は、用語「備える(comprising)」と同様に、包括的であることが意図される。さらに、本開示において使用されている用語「又は(or)」は、排他的論理和ではないことが意図される。 Where "include", "including" and variations thereof are used in this disclosure, these terms, like the term "comprising," are inclusive. It is intended that Furthermore, the term "or" as used in this disclosure is not intended to be exclusive or.
 無線フレームは時間領域において1つ又は複数のフレームによって構成されてもよい。時間領域において1つ又は複数の各フレームはサブフレームと呼ばれてもよい。サブフレームは更に時間領域において1つ又は複数のスロットによって構成されてもよい。サブフレームは、ニューメロロジ(numerology)に依存しない固定の時間長(例えば、1ms)であってもよい。 A radio frame may be composed of one or more frames in the time domain. Each frame or frames in the time domain may be called a subframe. A subframe may also be composed of one or more slots in the time domain. A subframe may have a fixed time length (eg, 1 ms) that does not depend on numerology.
 ニューメロロジは、ある信号又はチャネルの送信及び受信の少なくとも一方に適用される通信パラメータであってもよい。ニューメロロジは、例えば、サブキャリア間隔(SCS:SubCarrier Spacing)、帯域幅、シンボル長、サイクリックプレフィックス長、送信時間間隔(TTI:Transmission Time Interval)、TTIあたりのシンボル数、無線フレーム構成、送受信機が周波数領域において行う特定のフィルタリング処理、送受信機が時間領域において行う特定のウィンドウイング処理などの少なくとも1つを示してもよい。 The numerology may be a communication parameter applied to the transmission and/or reception of a certain signal or channel. Numerology includes, for example, subcarrier spacing (SCS), bandwidth, symbol length, cyclic prefix length, transmission time interval (TTI), number of symbols per TTI, radio frame configuration, and transmitter/receiver. It may also indicate at least one of a specific filtering process performed in the frequency domain, a specific windowing process performed by the transceiver in the time domain, and the like.
 スロットは、時間領域において1つ又は複数のシンボル(OFDM(Orthogonal Frequency Division Multiplexing)シンボル、SC-FDMA(Single Carrier Frequency Division Multiple Access)シンボル等)で構成されてもよい。スロットは、ニューメロロジに基づく時間単位であってもよい。 A slot may be composed of one or more symbols (OFDM (Orthogonal Frequency Division Multiplexing) symbols, SC-FDMA (Single Carrier Frequency Division Multiple Access) symbols, etc.) in the time domain. A slot may be a unit of time based on numerology.
 スロットは、複数のミニスロットを含んでもよい。各ミニスロットは、時間領域において1つ又は複数のシンボルによって構成されてもよい。また、ミニスロットは、サブスロットと呼ばれてもよい。ミニスロットは、スロットよりも少ない数のシンボルによって構成されてもよい。ミニスロットより大きい時間単位で送信されるPDSCH(又はPUSCH)は、PDSCH(又はPUSCH)マッピングタイプAと呼ばれてもよい。ミニスロットを用いて送信されるPDSCH(又はPUSCH)は、PDSCH(又はPUSCH)マッピングタイプBと呼ばれてもよい。 A slot may include multiple mini-slots. Each minislot may be made up of one or more symbols in the time domain. Furthermore, a mini-slot may also be called a sub-slot. A minislot may be made up of fewer symbols than a slot. PDSCH (or PUSCH) transmitted in time units larger than minislots may be referred to as PDSCH (or PUSCH) mapping type A. PDSCH (or PUSCH) transmitted using minislots may be referred to as PDSCH (or PUSCH) mapping type B.
 無線フレーム、サブフレーム、スロット、ミニスロット及びシンボルは、いずれも信号を伝送する際の時間単位を表す。無線フレーム、サブフレーム、スロット、ミニスロット及びシンボルは、それぞれに対応する別の呼称が用いられてもよい。 Radio frames, subframes, slots, minislots, and symbols all represent time units when transmitting signals. Other names may be used for the radio frame, subframe, slot, minislot, and symbol.
 例えば、1サブフレームは送信時間間隔(TTI:Transmission Time Interval)と呼ばれてもよいし、複数の連続したサブフレームがTTIと呼ばれてよいし、1スロット又は1ミニスロットがTTIと呼ばれてもよい。つまり、サブフレーム及びTTIの少なくとも一方は、既存のLTEにおけるサブフレーム(1ms)であってもよいし、1msより短い期間(例えば、1-13シンボル)であってもよいし、1msより長い期間であってもよい。なお、TTIを表す単位は、サブフレームではなくスロット、ミニスロットなどと呼ばれてもよい。また、1スロットが単位時間と呼ばれてもよい。単位時間は、ニューメロロジに応じてセル毎に異なっていてもよい。 For example, one subframe may be called a transmission time interval (TTI), multiple consecutive subframes may be called a TTI, and one slot or one minislot may be called a TTI. It's okay. In other words, at least one of the subframe and TTI may be a subframe (1ms) in existing LTE, a period shorter than 1ms (for example, 1-13 symbols), or a period longer than 1ms. It may be. Note that the unit representing the TTI may be called a slot, minislot, etc. instead of a subframe. Furthermore, one slot may be called a unit time. The unit time may be different for each cell depending on the numerology.
 ここで、TTIは、例えば、無線通信におけるスケジューリングの最小時間単位のことをいう。例えば、LTEシステムでは、基地局が各端末20に対して、無線リソース(各端末20において使用することが可能な周波数帯域幅、送信電力など)を、TTI単位で割り当てるスケジューリングを行う。なお、TTIの定義はこれに限られない。 Here, TTI refers to, for example, the minimum time unit for scheduling in wireless communication. For example, in the LTE system, a base station performs scheduling to allocate radio resources (frequency bandwidth, transmission power, etc. that can be used by each terminal 20) to each terminal 20 on a TTI basis. Note that the definition of TTI is not limited to this.
 TTIは、チャネル符号化されたデータパケット(トランスポートブロック)、コードブロック、コードワードなどの送信時間単位であってもよいし、スケジューリング、リンクアダプテーションなどの処理単位となってもよい。なお、TTIが与えられたとき、実際にトランスポートブロック、コードブロック、コードワードなどがマッピングされる時間区間(例えば、シンボル数)は、当該TTIよりも短くてもよい。 The TTI may be a transmission time unit of a channel-coded data packet (transport block), a code block, a codeword, etc., or may be a processing unit of scheduling, link adaptation, etc. Note that when a TTI is given, the time interval (for example, the number of symbols) to which transport blocks, code blocks, code words, etc. are actually mapped may be shorter than the TTI.
 なお、1スロット又は1ミニスロットがTTIと呼ばれる場合、1以上のTTI(すなわち、1以上のスロット又は1以上のミニスロット)が、スケジューリングの最小時間単位となってもよい。また、当該スケジューリングの最小時間単位を構成するスロット数(ミニスロット数)は制御されてもよい。 Note that when one slot or one minislot is called a TTI, one or more TTIs (that is, one or more slots or one or more minislots) may be the minimum time unit for scheduling. Further, the number of slots (minislot number) that constitutes the minimum time unit of the scheduling may be controlled.
 1msの時間長を有するTTIは、通常TTI(LTE Rel.8-12におけるTTI)、ノーマルTTI、ロングTTI、通常サブフレーム、ノーマルサブフレーム、ロングサブフレーム、スロットなどと呼ばれてもよい。通常TTIより短いTTIは、短縮TTI、ショートTTI、部分TTI(partial又はfractional TTI)、短縮サブフレーム、ショートサブフレーム、ミニスロット、サブスロット、スロットなどと呼ばれてもよい。 A TTI having a time length of 1 ms may be called a normal TTI (TTI in LTE Rel. 8-12), normal TTI, long TTI, normal subframe, normal subframe, long subframe, slot, etc. A TTI that is shorter than the normal TTI may be referred to as an abbreviated TTI, short TTI, partial or fractional TTI, shortened subframe, short subframe, minislot, subslot, slot, etc.
 なお、ロングTTI(例えば、通常TTI、サブフレームなど)は、1msを超える時間長を有するTTIで読み替えてもよいし、ショートTTI(例えば、短縮TTIなど)は、ロングTTIのTTI長未満かつ1ms以上のTTI長を有するTTIで読み替えてもよい。 Note that long TTI (for example, normal TTI, subframe, etc.) may be read as TTI with a time length exceeding 1 ms, and short TTI (for example, short TTI, etc.) It may also be read as a TTI having the above TTI length.
 リソースブロック(RB)は、時間領域及び周波数領域のリソース割当単位であり、周波数領域において、1つ又は複数個の連続した副搬送波(subcarrier)を含んでもよい。RBに含まれるサブキャリアの数は、ニューメロロジに関わらず同じであってもよく、例えば12であってもよい。RBに含まれるサブキャリアの数は、ニューメロロジに基づいて決定されてもよい。 A resource block (RB) is a resource allocation unit in the time domain and frequency domain, and may include one or more continuous subcarriers in the frequency domain. The number of subcarriers included in an RB may be the same regardless of the numerology, and may be 12, for example. The number of subcarriers included in an RB may be determined based on newerology.
 また、RBの時間領域は、1つ又は複数個のシンボルを含んでもよく、1スロット、1ミニスロット、1サブフレーム、又は1TTIの長さであってもよい。1TTI、1サブフレームなどは、それぞれ1つ又は複数のリソースブロックで構成されてもよい。 Additionally, the time domain of an RB may include one or more symbols, and may be one slot, one minislot, one subframe, or one TTI in length. One TTI, one subframe, etc. may each be composed of one or more resource blocks.
 なお、1つ又は複数のRBは、物理リソースブロック(PRB:Physical RB)、サブキャリアグループ(SCG:Sub-Carrier Group)、リソースエレメントグループ(REG:Resource Element Group)、PRBペア、RBペアなどと呼ばれてもよい。 Note that one or more RBs include physical resource blocks (PRBs), sub-carrier groups (SCGs), resource element groups (REGs), PRB pairs, RB pairs, etc. May be called.
 また、リソースブロックは、1つ又は複数のリソースエレメント(RE:Resource Element)によって構成されてもよい。例えば、1REは、1サブキャリア及び1シンボルの無線リソース領域であってもよい。 Additionally, a resource block may be configured by one or more resource elements (REs). For example, 1 RE may be a radio resource region of 1 subcarrier and 1 symbol.
 帯域幅部分(BWP:Bandwidth Part)(部分帯域幅などと呼ばれてもよい)は、あるキャリアにおいて、あるニューメロロジ用の連続する共通RB(common resource blocks)のサブセットのことを表してもよい。ここで、共通RBは、当該キャリアの共通参照ポイントを基準としたRBのインデックスによって特定されてもよい。PRBは、あるBWPで定義され、当該BWP内で番号付けされてもよい。 A bandwidth part (BWP) (which may also be called a partial bandwidth or the like) may represent a subset of consecutive common resource blocks (RBs) for a certain numerology in a certain carrier. Here, the common RB may be specified by an RB index based on a common reference point of the carrier. PRBs may be defined in a BWP and numbered within that BWP.
 BWPには、UL用のBWP(UL BWP)と、DL用のBWP(DL BWP)とが含まれてもよい。UEに対して、1キャリア内に1つ又は複数のBWPが設定されてもよい。 The BWP may include a UL BWP (UL BWP) and a DL BWP (DL BWP). One or more BWPs may be configured within one carrier for a UE.
 設定されたBWPの少なくとも1つがアクティブであってもよく、UEは、アクティブなBWPの外で所定の信号/チャネルを送受信することを想定しなくてもよい。なお、本開示における「セル」、「キャリア」などは、「BWP」で読み替えられてもよい。 At least one of the configured BWPs may be active and the UE may not expect to transmit or receive a given signal/channel outside of the active BWP. Note that "cell", "carrier", etc. in the present disclosure may be replaced with "BWP".
 上述した無線フレーム、サブフレーム、スロット、ミニスロット及びシンボルなどの構造は例示に過ぎない。例えば、無線フレームに含まれるサブフレームの数、サブフレーム又は無線フレームあたりのスロットの数、スロット内に含まれるミニスロットの数、スロット又はミニスロットに含まれるシンボル及びRBの数、RBに含まれるサブキャリアの数、並びにTTI内のシンボル数、シンボル長、サイクリックプレフィックス(CP:Cyclic Prefix)長などの構成は、様々に変更することができる。 The structures of radio frames, subframes, slots, minislots, symbols, etc. described above are merely examples. For example, the number of subframes included in a radio frame, the number of slots per subframe or radio frame, the number of minislots included in a slot, the number of symbols and RBs included in a slot or minislot, the number of symbols included in an RB, Configurations such as the number of subcarriers, the number of symbols in a TTI, the symbol length, and the cyclic prefix (CP) length can be changed in various ways.
 本開示において、例えば、英語でのa, an及びtheのように、翻訳により冠詞が追加された場合、本開示は、これらの冠詞の後に続く名詞が複数形であることを含んでもよい。 In this disclosure, when articles are added by translation, such as a, an, and the in English, the present disclosure may include that the nouns following these articles are plural.
 本開示において、「AとBが異なる」という用語は、「AとBが互いに異なる」ことを意味してもよい。なお、当該用語は、「AとBがそれぞれCと異なる」ことを意味してもよい。「離れる」、「結合される」などの用語も、「異なる」と同様に解釈されてもよい。 In the present disclosure, the term "A and B are different" may mean "A and B are different from each other." Note that the term may also mean that "A and B are each different from C". Terms such as "separate" and "coupled" may also be interpreted similarly to "different."
 本開示において説明した各態様/実施形態は単独で用いてもよいし、組み合わせて用いてもよいし、実行に伴って切り替えて用いてもよい。また、所定の情報の通知(例えば、「Xであること」の通知)は、明示的に行うものに限られず、暗黙的(例えば、当該所定の情報の通知を行わない)ことによって行われてもよい。 Each aspect/embodiment described in this disclosure may be used alone, in combination, or may be switched and used in accordance with execution. In addition, notification of prescribed information (for example, notification of "X") is not limited to being done explicitly, but may also be done implicitly (for example, not notifying the prescribed information). Good too.
 以上、本開示について詳細に説明したが、当業者にとっては、本開示が本開示中に説明した実施形態に限定されるものではないということは明らかである。本開示は、請求の範囲の記載により定まる本開示の趣旨及び範囲を逸脱することなく修正及び変更態様として実施することができる。したがって、本開示の記載は、例示説明を目的とするものであり、本開示に対して何ら制限的な意味を有するものではない。 Although the present disclosure has been described in detail above, it is clear for those skilled in the art that the present disclosure is not limited to the embodiments described in the present disclosure. The present disclosure can be implemented as modifications and variations without departing from the spirit and scope of the present disclosure as determined by the claims. Therefore, the description of the present disclosure is for the purpose of illustrative explanation and is not intended to have any limiting meaning on the present disclosure.
10    基地局
110   送信部
120   受信部
130   設定部
140   制御部
20    端末
210   送信部
220   受信部
230   設定部
240   制御部
30    ネットワークノード
35 認可サーバ
40 リソース保持者クライアント
50 データベース
60 外部サーバ
1001  プロセッサ
1002  記憶装置
1003  補助記憶装置
1004  通信装置
1005  入力装置
1006  出力装置
2001  車両
2002  駆動部
2003  操舵部
2004  アクセルペダル
2005  ブレーキペダル
2006  シフトレバー
2007  前輪
2008  後輪
2009  車軸
2010  電子制御部
2012  情報サービス部
2013  通信モジュール
2021  電流センサ
2022  回転数センサ
2023  空気圧センサ
2024  車速センサ
2025  加速度センサ
2026  ブレーキペダルセンサ
2027  シフトレバーセンサ
2028  物体検出センサ
2029  アクセルペダルセンサ
2030  運転支援システム部
2031  マイクロプロセッサ
2032  メモリ(ROM,RAM)
2033  通信ポート(IOポート) 10 base station 110 transmitting section 120 receiving section 130 setting section 140 control section 20 terminal 210 transmitting section 220 receiving section 230 setting section 240 control section 30 network node 35 authorization server 40 resource holder client 50 database 60 external server 1001 processor 1002 storage device 1003 Auxiliary storage device 1004 Communication device 1005 Input device 1006 Output device 2001 Vehicle 2002 Drive section 2003 Steering section 2004 Accelerator pedal 2005 Brake pedal 2006 Shift lever 2007 Front wheel 2008 Rear wheel 2009 Axle 2010 Electronic control section 2012 Information service section 2013 Communication module 2021 current Sensor 2022 Rotational speed sensor 2023 Air pressure sensor 2024 Vehicle speed sensor 2025 Acceleration sensor 2026 Brake pedal sensor 2027 Shift lever sensor 2028 Object detection sensor 2029 Accelerator pedal sensor 2030 Driving support system section 2031 Microprocessor 2032 Memory (ROM, RAM)
2033 Communication port (IO port)

Claims (6)

  1.  APIの呼び出しの認可を取り消すための条件を満たすイベントが発生したか否かを判断する制御部と、
     前記イベントが発生したと判断された場合に、前記APIの呼び出しの認可を取り消す要求をネットワークノード装置に送信する送信部と
     を備える通信装置。     a control unit that determines whether an event that satisfies conditions for canceling authorization for calling the API has occurred;
    a transmission unit that transmits a request to cancel authorization for calling the API to a network node device when it is determined that the event has occurred.
  2.  前記条件は、少なくとも、アプリケーションの状態に関する条件、時間に関する条件、位置に関する条件、通信品質に関する条件、及び無線品質に関する条件を含む複数の条件のうちのいずれかの条件である
     請求項1に記載の通信装置。     The condition is any one of a plurality of conditions including at least a condition related to an application state, a condition related to time, a condition related to location, a condition related to communication quality, and a condition related to wireless quality. Communication device.
  3.  APIの呼び出しの認可を取り消すための条件を満たすイベントを検知した通信装置から、前記APIの呼び出しの認可を取り消す要求を受信する受信部と、
     前記要求に基づいて、前記APIの呼び出しの認可を取り消す処理を実行する制御部と
     を備えるネットワークノード装置。     a receiving unit that receives a request to cancel authorization for calling the API from a communication device that has detected an event that satisfies conditions for canceling authorization for calling the API;
    and a control unit that executes a process of canceling authorization for calling the API based on the request.
  4.  前記制御部は、前記APIの呼び出しに使用されるアクセス許可情報をデータベースから削除する、又は、前記アクセス許可情報を使用不可の状態とする
     請求項3に記載のネットワークノード装置。     The network node device according to claim 3, wherein the control unit deletes the access permission information used for calling the API from the database or makes the access permission information unusable.
  5.  APIの呼び出しの認可を取り消すための条件を満たすイベントが発生したか否かを判断し、
     前記イベントが発生したと判断された場合に、前記APIの呼び出しの認可を取り消す要求をネットワークノード装置に送信する、
     通信装置が実行する認可制御方法。     Determine whether an event that satisfies the conditions for revoking the authorization of the API call has occurred;
    If it is determined that the event has occurred, transmitting a request to cancel authorization for calling the API to the network node device;
    An authorization control method executed by a communication device.
  6.  APIの呼び出しの認可を取り消すための条件を満たすイベントを検知した通信装置から、前記APIの呼び出しの認可を取り消す要求を受信し、
     前記要求に基づいて、前記APIの呼び出しの認可を取り消す処理を実行する、
     ネットワークノード装置が実行する認可制御方法。     receiving a request to revoke authorization for calling the API from a communication device that has detected an event that satisfies conditions for revoking authorization for calling the API;
    Based on the request, perform processing to revoke authorization for calling the API;
    An authorization control method executed by a network node device.
PCT/JP2022/015007 2022-03-28 2022-03-28 Communication device, network node device, and authorization control method WO2023187905A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/015007 WO2023187905A1 (en) 2022-03-28 2022-03-28 Communication device, network node device, and authorization control method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/015007 WO2023187905A1 (en) 2022-03-28 2022-03-28 Communication device, network node device, and authorization control method

Publications (1)

Publication Number Publication Date
WO2023187905A1 true WO2023187905A1 (en) 2023-10-05

Family

ID=88199648

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/015007 WO2023187905A1 (en) 2022-03-28 2022-03-28 Communication device, network node device, and authorization control method

Country Status (1)

Country Link
WO (1) WO2023187905A1 (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190239064A1 (en) * 2018-04-10 2019-08-01 Intel Corporation Ue capabilities provisioning and retrieval in cellular networks

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190239064A1 (en) * 2018-04-10 2019-08-01 Intel Corporation Ue capabilities provisioning and retrieval in cellular networks

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
NEC: "Correction/enhancement in CAPIF TS", 3GPP TSG SA WG3 #93 S3-183713, 16 November 2018 (2018-11-16), XP051499884 *

Similar Documents

Publication Publication Date Title
WO2023187905A1 (en) Communication device, network node device, and authorization control method
WO2022113370A1 (en) Network node and communication method
WO2023152800A1 (en) Communication device, network node device, system, and communication method
WO2023084606A1 (en) Network node, resource owner device, system, and communication method
WO2024079799A1 (en) Approval device, communication system, and approval method
WO2024079798A1 (en) Authorization device, communication system, and authorization method
WO2024079797A1 (en) User information disclosure device, communication system, and user information disclosure method
WO2024111070A1 (en) Network node device, communication system, and communication method
WO2024034135A1 (en) Network node and authorization method
WO2024057549A1 (en) Network node and communication method
WO2023067742A1 (en) Network node and communication method
WO2023181385A1 (en) Terminal, network device, wireless communication system, and wireless communication method
WO2024095485A1 (en) Authentication security device, terminal, communication system, and communication method
WO2024038488A1 (en) Terminal and communication method
WO2024062582A1 (en) Network node, communication system, and communication method
WO2023218670A1 (en) Network node and communication method
WO2023152846A1 (en) Network node and communication method
WO2023218671A1 (en) Network node and communication method
WO2024116337A1 (en) Terminal, base station, communication method, and wireless communication system
WO2023079718A1 (en) Network node and communication method
WO2024004156A1 (en) Network node, base station, and communication method
WO2024095490A1 (en) Network node and communication method
WO2023100237A1 (en) Network node and communication method
WO2024062583A1 (en) Network node and communication method
WO2023152847A1 (en) Network node and communication method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22935059

Country of ref document: EP

Kind code of ref document: A1