WO2023202503A1

WO2023202503A1 - Communication method and apparatus

Info

Publication number: WO2023202503A1
Application number: PCT/CN2023/088566
Authority: WO
Inventors: 赵鹏涛; 李岩
Original assignee: 华为技术有限公司
Priority date: 2022-04-22
Filing date: 2023-04-17
Publication date: 2023-10-26
Also published as: CN116980897A

Abstract

The present application provides a communication method and apparatus. The method comprises: a mobility management network element sends first indication information to a terminal device connected to a first access network device after determining that the first access network device is untrusted, so as to indicate that the first access network device is untrusted, or instructs to disconnect from the first access network device. After receiving the first indication information, the terminal device is disconnected from the first access network device. The solution provided by the present application improves the communication security of a terminal device.

Description

Communication methods and devices

This application claims priority to the Chinese patent application filed with the China Patent Office on April 22, 2022, with the application number 202210429002.7 and the application title "Communication Method and Device", the entire content of which is incorporated into this application by reference.

Technical field

The present application relates to the field of communication technology, and in particular, to a communication method and device.

Background technique

Access network equipment can provide network access functions for authorized user equipment in a specific area, but there is a risk that access network equipment may be controlled by a third party. For example, in a campus edge computing scenario, access network equipment is usually deployed inside the campus. However, the security management capabilities of the computer rooms inside the campus are weak, and third parties may control the access network equipment in certain ways. If a third party controls the access network equipment, it can control the user plane and control plane of the mobile communication network, thus posing huge risks to communication security.

Therefore, it is worth studying how to improve the communication security of terminal equipment after the access network equipment is controlled.

Contents of the invention

This application provides a communication method and device, which can improve the communication security of terminal equipment when the access network equipment is controlled.

In a first aspect, a communication method is provided, which method includes: a mobility management network element determines that a first access network device is untrustworthy; and the mobility management network element sends a first indication to a terminal device connected to the first access network device. Information, the first indication information is used to indicate that the first access network device is untrustworthy, or to instruct to disconnect from the first access network device.

Based on the above solution, after the mobility management network element determines that the first access network device is untrustworthy, it can indicate to the terminal device under the first access network device that the first access network device is untrustworthy, or instruct it to disconnect from the third access network device. The first access network device is connected so that the terminal device can disconnect from the first access network device according to the instructions of the mobility management network element, thereby improving the communication security of the terminal device.

With reference to the first aspect, in some implementations of the first aspect, the method further includes: the mobility management network element determines that the second access network device is untrustworthy; the mobility management network element sends the second access network device to the terminal device. The identification of the device connected to the network.

It should be understood that the second access network device may include one or more access network devices.

The second access network device is any of the following devices: an access network device controlled by the mobility management network element; an access network device connected to the first access network device; an access network physically adjacent to the terminal device Equipment; access network equipment that the terminal equipment can access.

Based on the above solution, if the mobility management network element determines that one or more access network devices are untrustworthy, the mobility management network element can send the identification of the one or more access network devices to the terminal device so that the terminal device can subsequently The cell access process does not access the one or more access network devices, further improving the communication security of the terminal equipment.

Optionally, the mobility management network element may also send the identification of the first access network device to the terminal device.

With reference to the first aspect, in some implementations of the first aspect, the method further includes: the mobility management network element sending timer information to the terminal device, the timer information being used to indicate that the first access network device is unavailable. letter time.

Based on the above solution, the mobility management network element can also send timer information to the terminal device to indicate the time when the first access network device is untrustworthy, so that the terminal device can determine that it can be used after the time indicated by the timer information expires. Access to the cell of the first access network device improves communication security of the terminal device and ensures effective utilization of resources of the first access network device.

With reference to the first aspect, in some implementations of the first aspect, the mobility management network element sends the first instruction information to the terminal device, including: the mobility management network element sends a deregistration request message to the terminal device, and the deregistration request message is sent to the terminal device. The request message is used to request the terminal device to deregister from the currently connected network, and the deregistration request message includes the first indication information.

Based on the above solution, the mobility management network element can send the first indication information to the terminal device through the de-registration request message. That is to say, the mobility management network element can request the terminal device to deregister while sending the first indication information to the terminal device. After the terminal device is de-registered, the mobility management network element can delete the context of the first terminal device, thereby saving resources of the mobility management network element.

With reference to the first aspect, in some implementations of the first aspect, the mobility management network element sends a de-registration request message to the terminal device, including: the mobility management network element determines whether the coverage of the first access network device is There is an alternative access network device; when there is an alternative access network device in the coverage area of the first access network device, the mobility management network element sends the deregistration request message to the terminal device.

Based on the above solution, the mobility management network element can request the terminal device to register when there is no alternative access network device within the coverage range of the first access network device. That is to say, when the terminal device has no other alternative access network device, When an access network device enters, the mobility management network element can trigger the terminal device to register, that is, the context of the terminal device is no longer retained, thereby saving the resources of the mobility management network element.

Combined with the first aspect, in some implementations of the first aspect, when the terminal device accesses the network through the third generation partner plan technology and the non-third generation partner plan technology, the mobile management network element provides The terminal device sends the first instruction information, including: the mobility management network element sends the first instruction information to the terminal device through a non-3rd generation partnership program technology interoperability function network element.

Based on the above solution, when the terminal device also accesses the network through non-3rd generation partner program technology, the mobile management network element can send the first instruction information to the terminal device through the non-3rd generation partner program technology interworking function network element , to prevent the first access network device from being unable to forward the first indication information to the terminal device after it is controlled by a third party.

With reference to the first aspect, in some implementations of the first aspect, the method further includes: the mobility management network element sending configuration information to a third access network device, the configuration information being used to indicate not to provide access to the first access network device. Network equipment cell to switch.

Based on the above solution, the mobility management network element can instruct the third access network device not to perform handover to the cell of the first access network device through configuration information. Therefore, according to the configuration information, when the terminal device performs cell handover, the third access network device The third access network device does not switch the terminal device to the cell of the first access network device, thereby improving communication security.

Optionally, the method further includes: before the mobility management network element sends the configuration information to the third access network device, the method further includes: the mobility management network element determines the third access network device, and the third access network device It is any of the following equipment: access network equipment controlled by the mobility management network element; access network equipment connected to the first access network equipment; access network equipment connected to the first access network equipment; The access network equipment adjacent to the terminal equipment; the access network equipment that the terminal equipment can access.

In conjunction with the first aspect, in some implementations of the first aspect, the mobility management network element determines the first access network device Before the device is untrusted, the method further includes: the mobility management network element receiving second indication information from the security policy control network element, the second indication information being used to indicate that the first access network device is untrusted.

Based on the above solution, the mobility management network element can determine that the first access network device is untrustworthy according to the instruction information of the security policy control network element.

With reference to the first aspect, in some implementations of the first aspect, the method further includes: the mobility management network element releases the connection with the first access network device; the mobility management network element triggers the session deletion of the terminal device. activation.

Based on the above solution, after determining that the first access network device is untrustworthy, the mobility management network element can release the connection with the first access network device and trigger the deactivation of the session of the terminal device to prevent the first access network device from Control the user plane and data plane of the mobile access network to improve communication security.

With reference to the first aspect, in some implementations of the first aspect, the method further includes: when the mobility management network element does not receive a confirmation message from the terminal device, the mobility management network element reports to the data management network element Send the identification of the first access network device, the identification of the terminal device and third indication information. The confirmation message is used to indicate that the terminal device successfully received the first indication information. The third indication information is used to indicate that the third indication information is received. An access network device is not trustworthy, or is used to indicate to the terminal device that the access network device is not trustworthy.

Based on the above solution, when the mobility management network element does not receive the confirmation message from the terminal device, or in other words, when the terminal device does not receive the first indication information from the mobility management network element, the mobility management network element can access the first The identifier of the network device and the identifier of the terminal device are sent to the data management network element, and the data management network element is instructed to indicate that the first access network device is untrustworthy, or the first access network device is instructed to be indicated to the terminal device to be untrustworthy. Based on this, the data management network element can indicate to the terminal device that the first access network device is untrustworthy after the terminal device reconnects to the network, so that the terminal device does not access the cell of the first access network device and improves the communication of the terminal device. Safety.

In a second aspect, a communication method is provided. The method includes: a terminal device receiving first indication information from a mobility management network element, the first indication information being used to indicate that the first access network device connected to the terminal device is unavailable. message, or used to instruct to disconnect from the first access network device; after receiving the first instruction message, the terminal device disconnects from the first access network device.

Based on the above solution, the mobility management network element indicates to the terminal device that the first access network device is untrustworthy, or after instructing to disconnect from the first access network device, the terminal device disconnects from the first access network device, Preventing the first access network device from controlling communication of the terminal device improves communication security of the terminal device.

With reference to the second aspect, in some implementations of the second aspect, after the terminal device receives the first indication information, the method further includes: the terminal device stores first policy information, the first policy information is used to indicate not to A cell that accesses the first access network device.

Based on the above solution, after receiving the first indication information, the terminal device saves the first policy information for instructing not to access the cell of the first access network device. That is to say, when the terminal device subsequently performs cell access, it will not access the cell of the first access device according to the first policy information, thereby improving communication security of the terminal device.

With reference to the second aspect, in some implementations of the second aspect, the method further includes: the terminal device receiving timer information from the mobility management network element, the timer information being used to indicate the first access network device Untrustworthy time; after the time indicated by the timer information expires, the terminal device deletes the first policy information.

Based on the above solution, the mobility management network element can also indicate to the terminal device the time when the first access network device is untrustworthy through timer information. In this case, when the time indicated by the timer information expires, the terminal device may delete the first policy information. That is to say, after the time indicated by the timer information expires, the terminal device can access the cell of the first access network device. Through the above solution, the communication security of terminal equipment can be improved and the first connection can be reduced. The resources of the network equipment are wasted.

With reference to the second aspect, in some implementations of the second aspect, the method further includes: the terminal device receiving the identification of the second access network device from the mobility management network element; the terminal device storing the second policy information, The second policy information is used to indicate not to access the cell of the second access network device.

Based on the above solution, when the mobility management network element determines that one or more access network devices are untrustworthy, the identification of the one or more access network devices can be sent to the terminal device so that the terminal device can save it and use it to indicate not to access. Second policy information of the cell of the second access network device. That is to say, when the terminal device subsequently performs cell access, according to the second policy information, the terminal device does not access the cell of the second access network device, thereby improving communication security of the terminal device.

With reference to the second aspect, in some implementations of the second aspect, the terminal device receives the first indication information from the mobility management network element, including: the terminal device receives a deregistration request message from the mobility management network element, the The deregistration request message is used to request the terminal device to deregister from the currently connected network, and the deregistration request message includes the first indication information.

Based on the above solution, the mobility management network element can send the first indication information to the terminal device through the de-registration request message. That is to say, the mobility management network element can request the terminal device to deregister while sending the first indication information to the terminal device. In this case, after the terminal device deregisters, the mobility management network element can delete the context of the first terminal device, thereby saving resources of the mobility management network element.

In connection with the second aspect, in some implementations of the second aspect, in the case where the terminal device also accesses the network through non-3rd generation partnership plan technology, the terminal device receives the first indication from the mobility management network element The information includes: the terminal device receives the first instruction information from the mobility management network element through a non-3rd generation partner program technology interworking function network element.

Based on the above solution, when the terminal device also accesses the network through non-3rd generation partner program technology, the mobile management network element can send the first instruction information to the terminal device through the non-3rd generation partner program technology interworking function network element , to prevent the mobility management network element from being unable to forward the first indication information to the terminal device after the first access network device is controlled by a third party.

With reference to the second aspect, in some implementations of the second aspect, the method further includes: the terminal device sending a confirmation message to the mobility management network element, the confirmation message being used to indicate that the terminal device successfully receives the first indication information. .

In a third aspect, a communication method is provided, which method includes: a first device receiving second indication information from a security policy control network element, the second indication information being used to indicate that the first access network device is untrustworthy; A device sends configuration information to a third access network device. The configuration information includes an identification of the first access network device and a cell switching policy. The cell switching policy is used to indicate not to switch the terminal device to the first access network. device cell.

It should be understood that the first device can be any network device. For example, the first device can be a mobility management network element, or the first device can also be a network management device, which is not limited in this application.

Based on the above solution, after receiving the second indication information from the security policy control network element, the first device can determine that the first access network device is untrustworthy based on the second indication information. Based on this, the first device may send configuration information to the third access network device to instruct not to switch the terminal device to the cell of the first access network device, so that the third access network device does not switch the terminal device to the first cell. Cells with access network equipment improve communication security of terminal equipment.

With reference to the third aspect, in some implementations of the third aspect, the method further includes: the first device determines the third access network device based on the first access network device, and the third access network device is Any of the following equipment: access network equipment controlled by the mobility management network element, access network equipment adjacent to the first access network equipment, access network connected to the first access network equipment Access network equipment that may be connected to equipment and terminal equipment.

In a fourth aspect, a communication method is provided, which method includes: a third access network device receives configuration information from the first device, the configuration information includes the cell switching policy, and the cell switching policy is used to indicate not to use the cell switching policy. The terminal device switches to the cell of the first access network device; the third access network device determines not to switch to the cell of the first access network device according to the cell switching policy.

Based on the above solution, the third access network device can not switch to the cell of the first access network device according to the configuration information of the first device, thereby improving communication security.

In a fifth aspect, a communication method is provided. The method includes: the data management network element receiving the identification of the terminal device and the identification of the first access network device and third indication information from the mobility management network element. The third indication information It is used to indicate that the first access network device is not trustworthy, or the third indication information is used to instruct the terminal device to notify the access network device that the access network device is not trustworthy; after receiving the third indication information, the data management network element sends a notification to the terminal device. The terminal device sends fourth indication information, where the fourth indication information is used to indicate that the first access network device is untrustworthy.

It should be understood that if the terminal device is not connected to the network when the data management network element receives the third indication information, the data management network element will send the fourth indication information to the terminal device after the terminal device accesses the network.

Based on the above solution, if the terminal device does not receive the information from the mobility management network element indicating that the first access network device is untrustworthy, the data management network element can indicate to the terminal device that the first access network device is untrustworthy after the terminal device reconnects to the network. The first access network device is untrustworthy, so that the terminal device does not access the cell of the first access network device, thereby improving communication security of the terminal device.

A sixth aspect provides a communication device, which is used to perform any of the methods provided in the above first to fourth aspects. Specifically, the device may include units and/or modules for executing the methods provided in the first to fourth aspects, such as a processing module and/or a transceiver module (which may also be a communication module). In one implementation, the device is a network device, for example, the device is a mobility management network element, a data management network element, or a first device. When the device is a network device, the communication module may be a transceiver, or an input/output interface; the processing module may be a processor.

In one implementation, the device is a chip, chip system or circuit used in network equipment. When the device is a chip, chip system or circuit used in a communication device, the communication module may be an input/output interface, interface circuit, output circuit, input circuit, pin or related circuit on the chip, chip system or circuit etc.; the processing module may be a processor, a processing circuit or a logic circuit, etc.

In one possible case, the device is a chip, chip system or circuit in the mobile management network element. In this case, the apparatus may comprise units and/or modules for performing the method provided in the first aspect, such as a processing unit and/or a communication unit.

In another possible situation, the device is the first device, or a chip, chip system or circuit in the first device. In this case, the device may include units and/or modules for performing the method provided in the third aspect, such as a processing module and/or a transceiver module.

In another possible situation, the device is a third access network device, or a chip, chip system or circuit in the third access network device. In this case, the device may include units and/or modules for performing the method provided in the fourth aspect, such as a processing module and/or a transceiver module.

In another case, the device is a data management network element, or a chip, chip system or circuit in the data management network element. In this case, the device may include units and/or modules for performing the method provided in the fifth aspect, such as a processing module and/or a transceiver module.

In another implementation, the device is a terminal device. When the device is a terminal device, the communication unit may be a transceiver, or an input/output interface; the processing unit may be a processor.

In one possible case, the device is a terminal device or a chip, a chip system or a circuit in the terminal device (10). In this case, the device may include units and/or modules for performing the method provided in the second aspect, such as a processing module and/or a transceiver module.

Optionally, the above-mentioned transceiver may be a transceiver circuit. Optionally, the above input/output interface may be an input/output circuit.

A seventh aspect provides a communication device. The device includes: a memory for storing a program; a processor for executing the program stored in the memory. When the program stored in the memory is executed, the processor is configured to execute the above-mentioned first aspect to Any method provided by the fifth aspect.

In an eighth aspect, this application provides a processor for executing the methods provided in the above aspects. During the execution of these methods, the process of sending the above information and obtaining/receiving the above information in the above method can be understood as the process of the processor outputting the above information, and the process of the processor receiving the input above information. When outputting the above information, the processor outputs the above information to the transceiver for transmission by the transceiver. After the above information is output by the processor, it may also need to undergo other processing before reaching the transceiver. Similarly, when the processor receives the above information input, the transceiver obtains/receives the above information and inputs it into the processor. Furthermore, after the transceiver receives the above information, the above information may need to undergo other processing before being input to the processor.

Based on the above principles, for example, the receiving request message mentioned in the foregoing method can be understood as the processor receiving input information.

For operations such as emission, sending, and acquisition/reception involved in the processor, if there is no special explanation, or if it does not conflict with its actual role or internal logic in the relevant description, it can be more generally understood as a processor. Output and receive, input and other operations, rather than the transmit, send and receive operations performed directly by radio frequency circuits and antennas.

During implementation, the above-mentioned processor may be a processor specifically designed to perform these methods, or may be a processor that executes computer instructions in a memory to perform these methods, such as a general-purpose processor. The above-mentioned memory can be a non-transitory memory, such as a read-only memory (ROM), which can be integrated on the same chip as the processor, or can be separately provided on different chips. This application The embodiment does not limit the type of memory and the arrangement of the memory and the processor.

A ninth aspect provides a computer-readable storage medium that stores program code for device execution, where the program code includes execution of any of the methods provided in the above-mentioned first to fifth aspects.

A tenth aspect provides a computer program product containing instructions, which when the computer program product is run on a computer, causes the computer to execute any of the methods provided in the first to fifth aspects.

In an eleventh aspect, a chip is provided. The chip includes a processor and a communication interface. The processor reads instructions stored in the memory through the communication interface and executes any of the methods provided in the first to fifth aspects.

Optionally, as an implementation manner, the chip may also include a memory, in which instructions are stored, and the processor is used to execute the instructions stored in the memory. When the instructions are executed, the processor is used to execute the above-mentioned first step. Any method provided by the first aspect to the fifth aspect.

In a twelfth aspect, a communication system is provided, including one or more of the aforementioned mobility management network element, first device, and data management network element.

Optionally, the communication system may also include the above-mentioned third access network device.

Optionally, the communication system may also include the above-mentioned terminal device.

Description of the drawings

Figure 1 shows a schematic diagram of a network architecture.

Figure 2 shows another schematic diagram of network architecture.

Figure 3 is a schematic flow chart of a communication method 300 provided by an embodiment of the present application.

Figure 4 is a schematic flow chart of a communication method 400 provided by an embodiment of the present application.

Figure 5 is a schematic flow chart of a communication method 500 provided by an embodiment of the present application.

Figure 6 is a schematic flow chart of a communication method 600 provided by an embodiment of the present application.

Figure 7 is a schematic flow chart of a communication method 700 provided by an embodiment of the present application.

Figure 8 is a schematic block diagram of a communication device provided by an embodiment of the present application.

Figure 9 is a schematic block diagram of a communication device provided by another embodiment of the present application.

Figure 10 is a schematic block diagram of a communication device provided by yet another embodiment of the present application.

Detailed ways

In order to make the purpose, technical solutions and advantages of the present application clearer, the present application will be described in further detail below in conjunction with the accompanying drawings. The specific operation methods in the method embodiments can also be applied to the device embodiments or system embodiments. Among them, in the description of this application, unless otherwise stated, the meaning of "plurality" is two or more.

In the various embodiments of this application, if there is no special explanation or logical conflict, the terms and/or descriptions between different embodiments are consistent and can be referenced to each other. The technical features in different embodiments are based on their inherent Logical relationships can be combined to form new embodiments.

It can be understood that the various numerical numbers involved in this application are only for convenience of description and are not used to limit the scope of this application. The size of the serial numbers of the above processes does not mean the order of execution. The execution order of each process should be determined by its function and internal logic.

The terms "first", "second", "third", "fourth" and other various terminology labels (if any) in the description and claims of this application and the above-mentioned drawings are used to distinguish similar objects and not necessarily used to describe a specific order or sequence. It is to be understood that the data so used are interchangeable under appropriate circumstances so that the embodiments described herein can be practiced in sequences other than those illustrated or described herein. In addition, the terms "including" and "having" and any variations thereof are intended to cover non-exclusive inclusions, e.g., a process, method, system, product, or apparatus that encompasses a series of steps or units and need not be limited to those explicitly listed. Those steps or elements may instead include other steps or elements not expressly listed or inherent to the process, method, product or apparatus.

The technical solutions provided by this application can be applied to various communication systems, such as fifth generation (5th generation, 5G) or new radio (NR) systems, long term evolution (LTE) systems, LTE frequency division Duplex (frequency division duplex, FDD) system, LTE time division duplex (TDD) system, etc. The technical solution provided by this application can also be applied to future communication systems, such as the sixth generation mobile communication system. The technical solution provided by this application can also be applied to device-to-device (D2D) communication, vehicle-to-everything (V2X) communication, machine-to-machine (M2M) communication, machine type Communication (machine type communication, MTC), and Internet of Things (Internet of things, IoT) communication systems or other communication systems.

The following will illustrate the 5G system applicable to the embodiments of this application with reference to Figures 1 and 2. It should be understood that described herein The 5G system is only an example and should not constitute any limitation on this application.

It should also be understood that some network elements in the 5G system can use service-based interfaces or point-to-point interfaces to communicate. The following describes the 5G system framework based on point-to-point interfaces and 5G based on service-based interfaces in conjunction with Figure 1 and Figure 2. system framework.

As an exemplary illustration, FIG. 1 shows a schematic architectural diagram of a 5G system 100 applicable to the embodiment of the present application. Figure 1 is a schematic diagram of the 5G network architecture based on point-to-point interfaces. As shown in Figure 1, the network architecture may include but is not limited to the following network elements (also known as functional network elements, functional entities, nodes, devices, etc.):

(Wireless) access network equipment (radio access network, (R)AN), access and mobility management function (AMF) network elements, session management function (SMF) network elements, User plane function (UPF) network element, policy control function (PCF) network element, unified data management (UDM) network element, AF network element, data network (DN) ), network slice selection function (NSSF), authentication server function (AUSF), unified data management (UDM), BSF network element, unified data repository (UDR) )wait.

The following is a brief introduction to each network element shown in Figure 1:

1. User equipment (UE): can be called terminal equipment (terminal equipment), terminal device, access terminal, user unit, user station, mobile station, mobile station (MS), mobile terminal (mobile terminal, MT), remote station, remote terminal, mobile device, user terminal, terminal, wireless communications equipment, user agent or user device. The terminal device may be a device that provides voice/data connectivity to the user, such as a handheld device, a vehicle-mounted device, etc. with wireless connectivity capabilities. At present, some examples of terminals can be: mobile phones, tablets, computers with wireless transceiver functions (such as laptops, handheld computers, etc.), mobile Internet devices (mobile internet device, MID), virtual reality (virtual reality, VR) equipment, augmented reality (AR) equipment, wireless terminals in industrial control, wireless terminals in self-driving, wireless terminals in remote medical Terminals, wireless terminals in smart grids, wireless terminals in transportation safety, wireless terminals in smart cities, wireless terminals in smart homes, cellular phones, cordless Telephone, session initiation protocol (SIP) telephone, wireless local loop (WLL) station, personal digital assistant (PDA), handheld device with wireless communication capabilities, computing device or connection Other processing equipment to wireless modems, vehicle-mounted equipment, wearable devices, terminal equipment in the 5G network or terminal equipment in the future evolved public land mobile communication network (public land mobile network, PLMN), etc.

In addition, the terminal device can also be a terminal device in an Internet of things (IoT) system. IoT is an important part of the future development of information technology. Its main technical feature is to connect objects to the network through communication technology, thereby realizing an intelligent network of human-computer interconnection and object interconnection. IoT technology can achieve massive connections, deep coverage, and terminal power saving through narrowband (NB) technology, for example.

In addition, terminal equipment can also include smart printers, train detectors, etc. Its main functions include collecting data (some terminal equipment), receiving control information and downlink data from network equipment, and sending electromagnetic waves to transmit uplink data to network equipment.

It should be understood that the user equipment can be any device that can access the network. Terminal equipment and access network equipment can communicate with each other using some air interface technology.

Optionally, the user equipment can be used to act as a base station. For example, user equipment may act as a scheduling entity that provides sidelink signals between user equipments in V2X or D2D, etc. For example, cell phones and cars use sidelink signals to communicate with each other. Cell phones and smart home devices communicate between each other without having to relay communication signals through base stations.

2. (Radio) access network (R)AN) equipment: used to provide network access functions for authorized user equipment in a specific area, and can use different services according to the level of user equipment, business needs, etc. Quality transmission tunnel.

(R)AN can manage wireless resources, provide access services to user equipment, and then complete the forwarding of control signals and user equipment data between user equipment and the core network. (R)AN can also be understood as a base station in a traditional network.

Illustratively, the access network device in the embodiment of the present application may be any communication device with wireless transceiver functions used to communicate with user equipment. The access network equipment includes but is not limited to evolved Node B (eNB) or 5G, such as NR, gNB in the system, or transmission point (TRP or TP), one of the base stations in the 5G system Or a group (including multiple antenna panels) of antenna panels, or it can also be a network node that constitutes a gNB or transmission point, such as a baseband unit (BBU), or a distributed unit (DU), etc.

In some deployments, gNB may include centralized units (CUs) and DUs. The gNB may also include an active antenna unit (AAU). CU implements some functions of gNB, and DU implements some functions of gNB. For example, CU is responsible for processing non-real-time protocols and services, implementing radio resource control (RRC), and packet data convergence protocol (PDCP) layer functions. DU is responsible for processing physical layer protocols and real-time services, and implementing the functions of the radio link control (RLC) layer, media access control (MAC) layer and physical (physical, PHY) layer. AAU implements some physical layer processing functions, radio frequency processing and active antenna related functions. Since RRC layer information will eventually become PHY layer information, or transformed from PHY layer information, in this architecture, high-level signaling, such as RRC layer signaling, can also be considered to be sent by DU , or sent by DU+AAU. It can be understood that the access network device may be a device including one or more of a CU node, a DU node, and an AAU node. In addition, the CU can be divided into access network equipment in the access network (radio access network, RAN), or the CU can be divided into access network equipment in the core network (core network, CN). This application does not Make limitations.

3. User plane function (UPF) network element: used for packet routing and forwarding and quality of service (QoS) processing of user plane data.

In the 5G communication system, the user plane network element may be a user plane function (UPF) network element. In future communication systems, user plane network elements can still be UPF network elements, or they can have other names, which are not limited in this application.

4. Access and mobility management function (AMF) network element: The access and mobility management function network element is mainly used for mobility management and access management, etc., and can be used to implement MME functions in addition to session management. Other functions, such as access authorization/authentication and other functions.

In future communication systems, the access and mobility management equipment may still be an AMF, or may have other names, which are not limited in this application.

5. Session management function (SMF) network element: mainly used for session management, Internet protocol (IP) address allocation and management of user equipment, selection of manageable user plane functions, policy control and charging The endpoint of the functional interface and downstream data notification, etc.

In future communication systems, the session management network element can still be an SMF network element, or it can also have other names, which is not limited in this application.

6. Policy control function (PCF) network element: a unified policy framework used to guide network behavior and provide policy rule information for control plane functional network elements (such as AMF, SMF, etc.).

In future communication systems, the policy control network element can still be a PCF network element, or it can also have other names, which is not limited in this application.

7. Application function (AF): used for data routing affected by applications, wireless access network open function network elements, interaction with the policy framework for policy control, etc.

In future communication systems, application network elements can still be AF network elements, or they can have other names, which are not limited in this application.

8. Data management network element: used to process UE identification, access authentication, registration and mobility management, etc. The data management network element may refer to a unified data management (UDM) network element in the system 100 and/or a unified data repository (UDR) network element.

9. Authentication server function (AUSF) network element: used for authentication services, generating keys to implement two-way authentication of user equipment, and supporting a unified authentication framework.

In future communication systems, the authentication server functional network element can still be an AUSF network element, or it can also have other names, which is not limited in this application.

10. Network data analytics function (NWDAF) network element: used to identify network slicing instances and load load level information of network slicing instances. The network data analysis function enables NF consumers to subscribe or unsubscribe to periodic notifications and notify consumers when thresholds are exceeded.

In future communication systems, network data analysis function network elements can still be NWDAF network elements, or they can have other names, which are not limited in this application.

11. Data network (DN): DN is a network located outside the operator's network. The operator's network can access multiple DNs. A variety of services can be deployed on the DN, which can provide data and/or voice for terminal devices. Waiting for service. For example, DN is a private network of a smart factory. The sensors installed in the workshop of the smart factory can be terminal devices. The control server of the sensor is deployed in the DN, and the control server can provide services for the sensor. The sensor can communicate with the control server, obtain instructions from the control server, and transmit the collected sensor data to the control server according to the instructions. For another example, DN is the internal office network of a company. The mobile phones or computers of employees of the company can be used as terminal devices. The employees' mobile phones or computers can access information and data resources on the company's internal office network.

In Figure 1, Nausf, Nnef, Npcf, Nudm, Naf, Namf, Nsmf, N1, N2, N3, N4, and N6 are interface serial numbers. The meaning of these interface serial numbers can be found in the meaning defined in the 3GPP standard protocol, and is not limited here.

In the network architecture shown in Figure 1, network elements can communicate with each other through the interfaces shown in the figure. As shown in the figure, the UE and the AMF can interact through the N1 interface, and the interaction message can be called an N1 message (N1Message), for example. RAN and AMF can interact through the N2 interface, which can be used for sending non-access stratum (NAS) messages. RAN and UPF can interact through the N3 interface, which can be used to transmit user plane data, etc. SMF and UPF can interact through the N4 interface. The N4 interface can be used to transmit information such as tunnel identification information of the N3 connection, data cache indication information, and downlink data notification messages. UPF and DN can interact through the N6 interface, which can transmit user plane data, etc. The relationship between other interfaces and each network element is shown in 1. For the sake of simplicity, they will not be described in detail here.

As shown in Figure 2, it is a schematic diagram of the 5G network architecture based on point-to-point interfaces. For the introduction of the functions of the network elements, please refer to the introduction of the functions of the corresponding network elements in 1, and will not be described again. The main difference between Figure 2 and Figure 1 is: in Figure 2 The interface between each network element is a point-to-point interface, not a service-oriented interface.

In the architecture shown in Figure 2, the interface names and functions between each network element are as follows:

1) N7: The interface between PCF and SMF, used to deliver protocol data unit (PDU) session granularity and business data flow granularity control policy.

2) N15: The interface between PCF and AMF, used to deliver UE policies and access control related policies.

3) N5: The interface between AF and PCF, used for issuing application service requests and reporting network events.

4) N4: The interface between SMF and UPF, used to transfer information between the control plane and the user plane, including controlling the delivery of forwarding rules for the user plane, QoS control rules, traffic statistics rules, etc., and reporting of user plane information. .

5) N11: The interface between SMF and AMF, used to transfer PDU session tunnel information between RAN and UPF, transfer control messages sent to UE, transfer radio resource control information sent to RAN, etc.

6) N2: The interface between AMF and RAN, used to transmit wireless bearer control information from the core network side to the RAN.

7) N1: The interface between AMF and UE, independent of access, is used to deliver QoS control rules to UE, etc.

8) N8: The interface between AMF and UDM, used for AMF to obtain access and mobility management-related subscription data and authentication data from UDM, and for AMF to register UE's current mobility management-related information with UDM.

9) N10: The interface between SMF and UDM, used for SMF to obtain session management-related subscription data from UDM, and for SMF to register UE current session-related information with UDM.

10) N35: The interface between UDM and UDR, used by UDM to obtain user subscription data information from UDR.

11) N36: The interface between PCF and UDR, used for PCF to obtain policy-related contract data and application data-related information from UDR.

12) N12: The interface between AMF and AUSF, used for AMF to initiate the authentication process to AUSF, which can carry SUCI as the contract identification;

13) N13: The interface between UDM and AUSF, used by AUSF to obtain the user authentication vector from UDM to perform the authentication process.

It should be understood that the above nomenclature is only defined to facilitate the differentiation of different functions and should not constitute any limitation on this application. This application does not rule out the possibility of using other naming in 5G networks and other future networks. For example, in a 6G network, some or all of the above network elements may use the terminology used in 5G, or may adopt other names. The interface names between each network element in Figure 1 are just an example. In specific implementations, the names of the interfaces may be other names, and this application does not specifically limit this. In addition, the names of the messages (or signaling) transmitted between the various network elements are only examples and do not constitute any limitation on the function of the messages themselves.

It can be understood that the above network elements or functions can be network elements in hardware devices, software functions running on dedicated hardware, or virtualization functions instantiated on a platform (for example, a cloud platform). For convenience of explanation, in the following description of this application, the network device is the access and mobility management network element AMF, and the base station is the wireless access network RAN as an example.

It should be understood that the above network architecture applied to the embodiments of the present application is only an example. The network architecture applicable to the embodiments of the present application is not limited to this. Any network architecture that can realize the functions of each of the above network elements is suitable for this application. Application examples.

The network architecture and business scenarios described in the embodiments of this application are for the purpose of explaining the technical solutions of the embodiments of this application more clearly, and do not constitute a limitation on the technical solutions provided by the embodiments of this application. Those of ordinary skill in the art will know that with the network With the evolution of architecture and the emergence of new business scenarios, the technical solutions provided by the embodiments of this application are suitable for similar technologies. question, the same applies.

Various aspects or features of embodiments of the present application may be implemented as methods, or may be implemented by means of devices or articles of standard programming and/or engineering techniques. The term "article of manufacture" as used in this application encompasses a computer program accessible from any computer-readable device, carrier or medium. For example, computer-readable media may include, but are not limited to: magnetic storage devices (e.g., hard disks, floppy disks, tapes, etc.), optical disks (e.g., compact discs (CD), digital versatile discs (DVD)) etc.), smart cards and flash memory devices (e.g. erasable programmable read-only memory (EPROM), cards, sticks or key drives, etc.). Additionally, the various storage media described herein may represent one or more devices and/or other machine-readable media for storing information. The term "machine-readable medium" may include, but is not limited to, wireless channels and various other media capable of storing, containing and/or carrying instructions and/or data.

In order to facilitate understanding of the technical solutions of the embodiments of the present application, before introducing the solutions of the embodiments of the present application based on the 5G architecture, first of all, some terms or concepts in 5G that may be involved in the embodiments of the present application, as well as the above-mentioned terms that may be involved in this application Network elements that are not shown in the network architecture are briefly described.

1. 5G architecture.

The evolved packet system (EPS) defined in the 3rd generation partnership project (3GPP) includes a 5G network architecture based on service-oriented interfaces or a 5G network architecture based on point-to-point interfaces. The 5G network can It is divided into three parts, namely UE, DN and operator network.

Among them, the operator's network may include one or more of the network elements shown in Figure 1 except for the UE and DN, or may also include other network elements. This application does not limit the 5G network structure. You may refer to the current Introduction to related technologies.

2. Edge computing

The rapid development of mobile communications has promoted the continuous emergence of various new services. In addition to traditional mobile broadband and the Internet of Things, mobile communications have spawned many new application fields such as augmented reality (AR) technology, virtual reality (virtual reality), etc. reality, VR) technology, Internet of Vehicles technology, industrial control, IOT, etc., have also put forward higher demands on network bandwidth, delay and other performance, further increasing the network load.

The traditional centralized anchor point deployment method in LTE is increasingly difficult to support the rapidly growing mobile service traffic model. On the one hand, in a network with centralized deployment of anchor gateways, the increased traffic is ultimately concentrated at the gateway and core computer room, which places higher and higher requirements on backhaul network bandwidth, computer room throughput, and gateway specifications; on the other hand, The long-distance backhaul network and complex transmission environment from the access network to the anchor gateway lead to large delays and jitter in user packet transmission.

Based on the above situation, the industry has proposed edge computing (EC). By moving user plane network elements and business processing capabilities down to the edge of the network, edge computing realizes local processing of distributed business traffic and avoids excessive concentration of traffic, thus greatly reducing the specification requirements for core computer rooms and centralized gateways. At the same time, edge computing also shortens the distance of the backhaul network and reduces the end-to-end transmission delay and jitter of user messages, making it possible to deploy ultra-low-latency services.

3. Campus edge computing

Campus edge computing refers to a technology that applies edge computing to smart campuses. By combining edge computing with smart campuses, rapid deployment can be achieved, local business closed-loop can be realized, and a more optimized network can save transmission and ensure user experience for campus users.

4. Security policy control function (SPCF)

SPCF is mainly responsible for security events, information collection and analysis, etc. It can provide control plane functional network elements (such as AMF, SMF etc.) provide security policy control. In future communication systems, the security policy control network element can still be SPCF, or it can also have other names, which are not limited in this application.

The above describes applicable scenarios of the embodiments of the present application with reference to Figures 1 and 2, and also briefly introduces the basic concepts involved in the present application. The communication method and device provided by the present application will be introduced in detail below with reference to the accompanying drawings.

The embodiments shown below do not specifically limit the specific structure of the execution body of the method provided by the embodiment of the present application, as long as it can be provided according to the embodiment of the present application by running a program that records the code of the method provided by the embodiment of the present application. For example, the execution subject of the method provided by the embodiment of the present application can be the core network device and the terminal device, or a functional module in the core network device or the terminal device that can call the program and execute the program.

In order to facilitate understanding of the embodiments of the present application, the following points are explained.

First, in this application, "for indicating" can be understood as "enabling", and "enabling" can include direct enabling and indirect enabling. When describing a piece of information used to enable A, it can include that the information directly enables A or indirectly enables A, but it does not mean that the information must contain A.

The information enabled by the information is called to-be-enabled information. In the specific implementation process, there are many ways to enable the to-be-enabled information. For example, but not limited to, the to-be-enabled information can be directly enabled, such as to-be-enabled information. The enabling information itself or the index of the information to be enabled, etc. The information to be enabled can also be indirectly enabled by enabling other information, where there is an association relationship between the other information and the information to be enabled. It is also possible to enable only a part of the information to be enabled, while other parts of the information to be enabled are known or agreed in advance. For example, the enabling of specific information can also be achieved by means of a pre-agreed (for example, protocol stipulated) arrangement order of each piece of information, thereby reducing the enabling overhead to a certain extent. At the same time, the common parts of each information can also be identified and enabled uniformly to reduce the enabling overhead caused by enabling the same information individually.

Second, the first, second and various numerical numbers (for example, "#1", "#2", etc.) shown in this application are only for convenience of description and are used to distinguish objects, and are not used to limit this application. Scope of Application Embodiments. For example, distinguish between different messages, etc. It is not used to describe a specific order or sequence. It is to be understood that objects so described are interchangeable where appropriate to enable description of aspects other than the embodiments of the present application.

Third, the terms "including" and "having" and any variations thereof are intended to cover non-exclusive inclusions, for example, a process, method, system, product or device that includes a series of steps or units and need not be limited to those explicitly listed may include other steps or elements not expressly listed or inherent to the process, method, product or apparatus.

Fourth, in this application, "preconfigured" may include predefined, for example, protocol definitions. Among them, "pre-definition" can be realized by pre-saving corresponding codes, tables or other methods that can be used to indicate relevant information in the device (for example, including each network element). This application does not limit its specific implementation method.

Fifth, the “save” involved in the embodiments of this application may refer to saving in one or more memories. The one or more memories may be provided separately, or may be integrated in an encoder or decoder, a processor, or a communication device. The one or more memories may also be partially provided separately and partially integrated in the decoder, processor, or communication device. The type of memory can be any form of storage medium, and this application is not limited thereto.

Sixth, the "protocol" involved in the embodiments of this application may refer to standard protocols in the communication field, which may include, for example, 5G protocols, new radio (NR) protocols, and related protocols applied in future communication systems. There are no restrictions on this application.

Seventh, the dotted boxes in the method flow chart in the accompanying drawings of this application represent optional steps.

In the following, the communication method provided by the embodiment of the present application will be described in detail by taking the interaction between network elements as an example. It should be understood that this application The terms and steps in the various embodiments in the application may be referred to each other.

Figure 3 shows an exemplary flowchart of the method 300 provided by the embodiment of the present application. The method 300 is exemplarily described below in conjunction with each step.

Optionally, S301, the mobility management network element determines that the first access network device is untrustworthy.

For example, the mobility management network element may determine that the first access network device is untrustworthy based on instructions from other network elements. For example, the mobility management network element receives second indication information from the security policy control network element, and the second indication information is used to indicate that the first access network device is untrustworthy. After receiving the second indication information, the mobility management network element determines that the first access network device is not trustworthy according to the second indication information; or, the mobility management network element can also determine on its own that the first access network device is not trustworthy, specifically The implementation method is not limited in this application.

It should be understood that the mobility management network element determines that the first access network device is not trustworthy. It can also be said that the mobility management network element determines that the first access network device is controlled by a third party. It can also be said that the mobility management network element determines that the first access network device is controlled by a third party. The first access network equipment is not secure, etc.

S302: The mobility management network element sends the first instruction information to the terminal device connected to the first access network device. Correspondingly, the terminal device receives the first indication information from the mobility management network element.

Exemplarily, after determining that the first access network device is untrustworthy, the mobility management network element sends the first indication information to the terminal device connected to the first access network device. For example, after determining that the first access network device is untrustworthy, the mobility management network element queries the terminal device connected to the first access network device, and then sends the first indication information to the terminal device. It should be understood that multiple terminal devices may be connected to the first access network device. For convenience, one of the terminal devices is used as an example for description here.

The first indication information is used to indicate that the first access network device is not trustworthy, or the first indication information is used to indicate to disconnect from the first access network device. It should be understood that in addition to the above examples, the first indication information may also indicate other contents. For example, the first indication information is used to indicate that the first access network device is controlled by a third party, or the first indication information is used to indicate that the first access network device is controlled by a third party. Indicating that the first access network equipment is unsafe, etc., is not limited by this application.

Optionally, before sending the first indication information to the terminal device, the mobility management network element may also determine the radio resource control connection state of the terminal device (including connected state, idle state, inactive state, etc.). When the terminal device is in the connected state and the terminal device is connected to the first access network device, the mobility management network element sends the first indication information to the terminal device.

Optionally, before determining to send the first indication information to the terminal device, the mobility management network element may also determine whether there is an alternative access network device in the coverage area of the first access network device, where the alternative access network device here It may refer to an access network device connected to the first access network device, or to other access network devices that can be used for terminal devices within the coverage of the first access network device to access the network. It should be understood that when the first access network device has an alternative access network device, after the terminal device is disconnected from the first access network device, it can choose to access the alternative access network device according to needs.

Optionally, when the mobility management network element determines that the first access network device has no alternative access network device, the mobility management network element may send a deregistration request message to the terminal device and carry the first indication information in the Go to the registration request message. The de-registration request message is used to request the terminal device to de-register from the network. After receiving the de-registration request message from the mobility management network element, the terminal device may send a de-registration acceptance message to the mobility management network element. After receiving the de-registration acceptance message, the mobility management network element triggers the network side to execute the de-registration process of the terminal device. In the de-registration process, the mobility management network element deletes the context of the terminal device.

It should be noted that when the first access network device has no alternative access network device, if the terminal device disconnects from the first access network device, there may not be (or may not be found in a short time) other connections. Network access equipment to access the network, At this time, the mobile management network element can trigger the de-registration of the terminal device. During the de-registration process, the mobile management network element deletes the context of the terminal device, thereby saving the resources of the mobile management network element. If the first access network device has an alternative access network device, the mobility management network element does not need to trigger the de-registration of the terminal device. That is to say, the mobility management network element can retain the context of the terminal device. In this case, after the terminal device disconnects from the first access network device, the redirection or mobility registration update process can be used to quickly reconnect to the network, thereby improving the efficiency of the terminal device's network access and improving user experience.

It should be understood that when the mobility management network element sends the first indication information to the terminal device, it may or may not carry the identifier of the first access network device. In the case where the identification of the first access network device is not carried, the first indication information may be used to indicate to the terminal device that the access network device currently connected to the terminal device is not trustworthy, or in other words, the first indication information Used to instruct the terminal device to disconnect from the currently connected access network device, etc.

Optionally, in the case where the terminal device only accesses the network through the 3rd generation partnership project (3GPP) technology, the mobility management network element can use non-access layer messages (i.e., through the 3rd generation partnership project). planning technology) to send the first instruction information to the terminal device; in the case where the terminal device accesses the network through the third generation partner planning technology and the non-third generation partner planning technology, the mobile management network element passes the non-third generation partner planning technology The planned technical interworking function (non-3gpp interworking function, N3IWF) network element sends the first instruction information to the terminal device. That is to say, if the mobility management network element can send the first indication information to the terminal device through a non-access layer message or can send the first indication information to the terminal device through other methods, the mobility management network element will give priority to using other methods.

It should be noted that since the terminal device is connected to the first access network device, when the mobility management network element sends the first indication information to the terminal device through a non-access layer message, the non-access layer message needs to pass through the first access network device. The network access device forwards it to the terminal device. Since the first access network device is not trustworthy, the first access network device may not forward the non-access layer message, resulting in the terminal device being unable to successfully receive the first indication information. If the mobility management network element sends the first instruction information to the terminal device through non-3rd generation partner program technology, it can prevent the first instruction information from being successfully delivered due to the first access network device not forwarding the non-access layer message. The situation of the terminal equipment.

Optionally, S303, the mobility management network element sends the identifier of the second access network device to the terminal device. Correspondingly, the terminal device receives the identification of the second access network device from the mobility management network element.

For example, if the mobility management network element determines that the second access network device is not trustworthy (the mobility management network element can determine that the second access network device is not trustworthy based on instructions from other network elements, or it can determine that the second access network device is not trustworthy by itself) untrusted), the mobility management network element may also send the identification of the second access network device to the terminal device. The second access network device may include one or more access network devices. That is to say, if the mobility management network element determines that in addition to the first access network device, there are one or more other access network devices that are not trustworthy, the mobility management network element can change the identity of the one or more access network devices to sent to the terminal device.

Optionally, S304, the mobility management network element sends timer information to the terminal device. Correspondingly, the terminal device receives the timer information from the mobility management network element.

For example, the mobility management network element may also send timer information to the terminal device, where the timer information is used to indicate the time when one or more access network devices are untrustworthy.

In a possible implementation, the timer information is used to indicate the time when the first access network device is untrustworthy. That is to say, when the time indicated by the timer information expires, it can be considered that the first access network device becomes trustworthy again, or that the first access network device regains security, or that it can access the first access network device. Cell for access network equipment.

In another possible implementation, the mobility management network element also sends the identification of the second access network device to the terminal device. At this time, the timer information can be used to indicate the first access network device and the second access network device. The time when the access network device is untrustworthy, or the timer information can be used to indicate the time when one or more access network devices in the first access network device and the second access network device are untrustworthy, or the timer The information is used to indicate the time when one or more access network devices in the second access network device are untrustworthy.

In another possible implementation manner, the mobility management network element also sends the identifier of the second access network device to the terminal device. At this time, the mobility management network element can send multiple timer information to the terminal device. The timer information corresponds one-to-one to multiple access network devices in the first access network device and the second access network device, and the multiple timer information is used to indicate the untrustworthy time of the multiple access network devices respectively. . At this time, the times indicated by the plurality of timer information may be the same or different, and are not limited in this application.

Optionally, after receiving the first indication information, the terminal device may send a confirmation message to the mobility management network element, where the confirmation message is used to indicate that the terminal device successfully received the first indication information. The mobility management network element determines that the first indication information is sent successfully based on the confirmation message.

Optionally, if the mobility management network element does not receive the confirmation message from the terminal device, the mobility management network element determines that the first indication information was not sent successfully. In this case, the mobility management network element may send the first indication message to the data management network element. The identifier of the terminal device and the identifier of the first access network device. Optionally, an indication information may also be sent, the indication information being used to indicate that the first access network device is not trustworthy, or the indication information being used to indicate that the terminal device failed to receive the information indicating that the first access network device is not trustworthy. information, or the indication information is used to indicate that the terminal device fails to learn that the first access network device is untrustworthy. Optionally, the mobility management network element also sends the identification of the second access network device to the data management network element. The data management network element receives and stores the identity of the terminal device, the identity of the first access network device, and optionally the identity of the second access network device. After the terminal device reconnects to the network, the data management network element sends indication information indicating that the first access network device and the second access network device are untrustworthy to the terminal device, so that the terminal device can access the network in the subsequent process. , do not access the cell of the first access network device and the second access network device, thereby improving communication security of the terminal device.

S305: After receiving the first instruction information, the terminal device disconnects from the first access network device.

Exemplarily, after receiving the first indication information, the terminal device disconnects the connection with the first access network device according to the first indication information.

Optionally, S306, the terminal device stores the first policy information.

Exemplarily, after receiving the first indication information, the terminal device stores the first policy information.

The first policy information may be first instruction information or other information. The first policy information may also have different names in different scenarios. For example, the first policy information may also be called configuration information, or indication information, etc., which is not limited in this application. The first policy information is used in a cell where the terminal device does not access the first access network device, or in other words, the first policy information is used in a cell where the terminal device accesses an access network device other than the first access network device. The terminal device may select a cell for access based on the first policy information. For example, during the cell access process, the terminal device receives a system message broadcast by an access network device. The system message includes the identifier of the access network device. The terminal device determines whether the identifier of the access network device is the same as the first access network device. The identifiers of network access devices are the same. If they are the same, the terminal device does not try to access the cell of the access network device; if they are different, the terminal device can try to access the cell of the access network device.

Optionally, if the terminal device also receives timer information indicating the time when the first access network device is untrustworthy, the terminal device deletes the first policy information after the time indicated by the timer information expires. That is to say, after the time indicated by the timer information expires, the terminal device may try to access the cell of the first access network device.

Optionally, if the terminal device also receives the identification of the second access network device from the mobility management network element, the terminal The device may store the second policy information after receiving the identification of the second access network device. The second policy information is used in a cell where the terminal device does not access the second access network device. It should be understood that the first policy information and the second policy information may be the same information element or different information elements, which is not limited in this application.

Optionally, the first device sends configuration information to the third access network device, where the configuration information is used to indicate not to perform handover to the cell of the first access network device. The third access network device may include one or more access network devices. The first device may be any network device. For example, the first device may be a mobility management network element, or the first device may be a network management device. For example, the first device receives second indication information from the security policy control network element. The second indication information is used to indicate that the first access network device is untrustworthy. The first device can send a request to the third access network device according to the second indication information. The network access device sends the configuration information.

Optionally, the first device may first determine the third access network device. The third access network device may be an access network device controlled or managed by the first device, or the third access network device may be an access network device adjacent to the first access network device, or the third access network device may The access network device is an access network device connected to the first access network device, or the third access network device is an access network device near the terminal device, or the third access network device is a terminal device Access network equipment that can be accessed is not limited in this application. The configuration information may be first indication information or other information. In different scenarios, the configuration information may also have other names. For example, the configuration information may also be called policy information, indication information, or cell access policy, etc., which is not limited in this application.

Correspondingly, after receiving the configuration information from the first device, the third access network device can save the configuration information and perform cell switching based on the configuration information. For example, during the cell handover process, a terminal device on the third access network device measures the signal strength of the candidate cell, and then reports the measurement report to the third access network device. After the third access network device receives the measurement report, if the identity of the access network device where the candidate cell is located is the same as the identity of the first access network device, the third access network device does not switch the terminal device to the candidate cells, thereby improving the communication security of terminal equipment. Optionally, the first device may also send timer information to the third access network device, where the timer information is used to indicate a time when the first access network device is untrustworthy. In this case, after the time indicated by the timer information expires, the third access network device can delete the configuration information, or the third access network device can modify the configuration information, so that the modified configuration information Indicates that handover can be performed to the cell of the first access network device.

It should be understood that the above example is based on the example that the configuration information is used to indicate not to perform handover to the cell of the first access network device. However, if the first device also determines that the second access network device is not trustworthy, the first device The device can also use the configuration information to instruct the third access network device not to perform handover to the cell of the second access network device. The specific implementation method is similar to the above example and will not be described again here.

Based on the above solution, after the mobility management network element determines that the first access network device is untrustworthy, it may indicate to the terminal device connected to the first access network device that the first access network device is untrustworthy, or may instruct the terminal device to disconnect from the first access network device. The connection with the first access network device is such that the terminal device can disconnect from the first access network device according to the instructions of the mobility management network element, thereby improving communication security of the terminal device.

Based on the 5G system, the communication method provided by the embodiment of this application is introduced below. It should be understood that subsequent methods 400 to 700 can be applied to the network architecture shown in Figure 1 or Figure 2 .

Figure 4 shows an exemplary flow chart of the method 400 provided by the embodiment of the present application. In one implementation, AMF1 in method 400 may correspond to the mobility management network element in method 300, RAN1 in method 400 may correspond to the first access network device in method 300, and RAN2 in method 400 may correspond to For the second access network device in the method 300, the method 400 UE may correspond to the terminal device in the method 300, and the indication information #1 in the method 400 may correspond to the first indication information in the method 300. The method 400 can be applied in the network architecture shown in Figure 1 or Figure 2.

In method 400, after AMF1 determines that RAN1 is not trustworthy, it indicates to the UE on RAN1 that RAN1 is not trustworthy (or indicates to disconnect from RAN1), but does not trigger the deregistration process of the UE. After the UE disconnects according to the instruction of AMF1 After connecting to RAN1, the UE can quickly re-access the network through the redirection process or mobility registration process, which can improve the efficiency of the UE re-accessing the network and improve user experience. The following is an exemplary description of the method 400 in combination with each step.

S401, AMF1 determines that RAN1 is not trustworthy.

It should be understood that this application does not limit the specific way in which AMF1 determines that RAN1 is untrustworthy. In a possible implementation manner, after determining that RAN1 is untrustworthy, the SPCF notifies AMF1 that RAN1 is untrustworthy, where AMF1 is the AMF corresponding to RAN1. In another possible implementation, AMF1 can also determine on its own that RAN1 is not trustworthy, which is not limited in this application.

Optionally, S402, AMF1 determines that RAN1 has an alternative RAN.

For example, after AMF1 determines that RAN1 is untrustworthy, it can determine whether there is an alternative RAN in the coverage area of RAN1, where the alternative RAN here may refer to the RAN connected to RAN1, or may refer to the coverage that can be used for RAN1 The RAN of the UE access network within the range can be a 5G base station (gNB), a 4G base station (eNB), or a base station under other network systems, which is not limited in this application.

For example, RAN1 is a base station under a private network (such as a campus network). If there is a public network base station that can cover the coverage area of RAN1, it means that RAN1 has an alternative RAN; for another example, RAN1 is a base station under the public network. base stations. If there is a 4G base station that can cover the coverage area of RAN1, it means that RAN1 has an alternative RAN.

AMF1 can combine PLMN ID, TAI, etc. to determine whether RAN1 has an alternative RAN. The specific method is not limited in this application.

Optionally, the AMF can also verify the RRC connection status (including connected state, idle state, inactive state, etc.) and the way the UE accesses the network (including 3GPP mode and non-3GPP mode), where the UE refers to the UE connected to the network. The UE on RAN1, or in other words, the UE accesses the network through RAN1. It should be understood that one or more UEs may be connected to RAN1. For convenience, one of the UEs is taken as an example for description here.

When the UE is in the connected state and the UE is connected to RAN1, AMF1 notifies the UE that RAN1 is not trustworthy. The details are shown in S403.

S403. AMF1 sends indication information #1 to the UE. Correspondingly, the UE receives indication information #1 from AMF1.

For example, the indication information #1 is used to indicate that the RAN (i.e., RAN1) to which the UE is connected is not trustworthy, or the indication information #1 is used to instruct the UE to disconnect the current network connection, or the indication information #1 is is used to instruct the UE to switch to other RAN, or the indication information #1 is used to instruct the UE to perform redirection.

It should be understood that the indication information #1 can be carried in a certain message in the existing process, such as a PDU session establishment response message or a deregistration request message. That is to say, AMF1 can reuse the existing message to indicate to the UE that RAN1 is not trustworthy, thereby saving signaling overhead; or, the indication information #1 can also be carried in a newly generated message by AMF1, thereby eliminating the need to modify the existing message. Change the content in the message.

It should be understood that when the UE only registers with the network through 3GPP, AMF1 may send the indication information #1 to the UE through the NAS message.

It should also be understood that AMF1 may retain the UE's context if RAN1 has an alternative RAN. In other words, AMF1 does not trigger the UE to register. It should be noted that since RAN1 has an alternative RAN, if the UE disconnects from RAN1, the UE can reconnect to the alternative RAN. Since AMF1 retains the context of the UE, the UE can use redirection or mobility to The registration update process quickly accesses the alternative RAN, thereby improving UE access to the network. efficiency and improve user experience.

Optionally, AMF1 may also send the identification of RAN1 to UE1.

Optionally, if AMF1 determines that RAN2 is not trustworthy, AMF1 may also send the identification of RAN2 to the UE. It should be understood that AMF1 can determine that RAN2 is untrustworthy based on instructions from other network elements, or can determine on its own that RAN2 is untrustworthy, which is not limited in this application. The RAN2 may include one or more RANs. That is to say, if AMF1 determines that one or more RANs are untrustworthy, AMF1 may send the identifier of the one or more RANs to UEl. For example, after SPCF determines that multiple RANs are untrustworthy, it notifies AMF1 that the multiple RANs are untrustworthy. In this case, AMF1 can send the identifiers of the multiple untrusted RANs to the UE.

It should be understood that the above two optional solutions can also be described as: AMF1 sends a RAN ID list to UE1. The RAN ID list includes the identification of one or more untrusted RANs. The RAN ID list includes the identification of RAN1 and/or Identification of RAN2.

Optionally, AMF1 can also send timer information to the UE. The timer information can be used to indicate the time when RAN1 is untrustworthy, or the timer information can be used to indicate one or more of the RAN ID lists. A time when RAN cannot be trusted. Therefore, when the time indicated by the timer information expires, the UE can determine that the RAN corresponding to the timer information is restored to be trusted, or in other words, the UE can remove the identity of the RAN corresponding to the timer information from the untrusted RAN ID list. deleted, or in other words, the UE can access the RAN cell corresponding to the timer information. It should be understood that AMF1 may send multiple timers to the UE, and the multiple timer information may respectively correspond to multiple untrusted RANs.

S404: The UE sends an Ack (acknowledgement) message to AMF1. Correspondingly, AMF1 receives the Ack message from the UE.

For example, after receiving the indication information #1 from AMF1, the UE replies with an Ack message to AMF1. After receiving the Ack message from the UE, AMF1 determines that the indication information #1 has been delivered to the UE, or that the UE has learned the untrustworthy information of RAN1.

S405, the UE disconnects from RAN1.

For example, after receiving the indication information #1 from AMF1, the UE determines that RAN1 is untrustworthy according to the indication information #1, and then the UE disconnects from RAN1.

Optionally, S406, the UE stores policy information.

Illustratively, the UE stores policy information. This policy information is used for the UE not to access cells of untrusted RAN. Several possible implementation methods are illustrated below.

In a possible implementation, after the UE determines that RAN1 is untrustworthy, it stores policy information (recorded as policy information #1), and selects a cell for access based on the policy information #1 during the cell access process. The policy information #1 1 is used for cells where the UE does not access RAN1. For example, during the cell access process, the UE receives a system message broadcast by a certain RAN. The system message includes the identifier of the RAN. The UE determines whether the identifier of the RAN is the same as the identifier of RAN1. If they are the same, the UE does not attempt to connect. Enter the cell of the RAN; if different, the UE may try to access the cell of the RAN. Optionally, if the UE also receives timer information indicating the time when RAN1 is untrustworthy, the UE deletes policy information #1 after the time indicated by the timer information expires. That is to say, after the timer expires, the UE can Try to access the cell of RAN1.

In another possible implementation, the UE receives a RAN ID list, and the RAN ID list includes the identity of RAN1 and/or the identity of RAN2. In this case, the UE stores policy information (denoted as policy information #2), and selects a cell for access based on the policy information #2 during the cell access process. The policy information #2 is used for the UE not to access the RAN. RAN corresponding to the ID list. For example, during the cell access process, the UE receives a system message broadcast by a certain RAN. The identity of the RAN is included in the system message. The UE determines whether the identity of the RAN is included in the RANID list. If it is, the UE does not try to access the cell of the RAN. If not, the UE can try to access the cell of the RAN. community. Optionally, if the UE also receives timer information indicating the time when one or more RANs in the RAN ID list are untrustworthy, the UE will use the timer information after the time indicated by the timer information expires. The corresponding RAN identifier is deleted from the RAN ID list.

It should be noted that policy information #1 and policy information #2 may be two independent cells or one cell, which is not limited in this application.

Optionally, S407, AMF1 releases the N2 connection with RAN1, triggering PDU session deactivation.

For example, after AMF1 determines that RAN1 is untrustworthy, it releases the N2 connection with RAN1 and triggers the deactivation of the PDU session corresponding to the UE. The specific process is not limited in this application.

It should be understood that S407 can be executed after S401, which means that AMF1 can release the N2 connection with RAN1 after determining that RAN1 is untrustworthy; or, S407 can also be executed after S404, which is not limited in this application.

Optionally, S408, AMF1 sends the identity of the UE and the identity of RAN1 to the UDM. Correspondingly, UDM receives the identity of the UE from AMF1 and the identity of RAN1.

For example, if AMF1 does not receive the Ack message from UE, then AMF1 determines that UE has not received indication information #1 from AMF1, or in other words, AMF1 determines that UE does not have information that can know that RAN1 is untrustworthy, then AMF1 can send the The identity of the UE and the identity of RAN1 are sent to UDM. Optionally, AMF1 can also send an indication message #2 to UDM. The indication message #2 is used to indicate that RAN1 is not trustworthy, or to indicate that the UE has not learned that RAN1 is untrustworthy. Information about the trust, or used to instruct UDM to notify the UE that RAN1 is not trustworthy.

Optionally, if AMF1 also determines that RAN2 is not trustworthy, AMF1 may also send the identification of RAN2 to UDM.

Alternatively, S408 can also be described as: AMF1 sends a RAN ID list to UDM, and the RAN ID list includes the identifier of RAN1 and/or the identifier of RAN2.

Optionally, S409, UDM saves the identity of the UE and the identity of RAN1.

For example, after receiving the identity of the UE and the identity of RAN1 from AMF1, UDM saves the identity of the UE and the identity of RAN1. Optionally, if the UDM also receives the identifier of RAN2 from AMF1, the UDM also saves the identifier of RAN2.

Alternatively, S409 can also be described as: If the UDM receives the RAN ID list from AMF1, the UDM saves the RAN ID list.

It should be understood that in a possible implementation, AMF1 may not send the identity of UE1 and the identity of RAN1 to the UDM, but locally maintain the identity of UE1 and the identity of RAN1 (or a RAN ID list).

Optionally, after the UE disconnects from RAN1, it may reconnect to the network. The following is an illustrative explanation combined with 2 examples.

Example 1: S410, the UE accesses the 4G network through the redirection process.

For example, the eNB is an alternative RAN of RAN1. After the UE disconnects from the RAN1, it can access the 4G network through the eNB and the MME corresponding to the eNB. The MME can obtain the context of the UE through AMF1.

Optionally, S411, UDM sends the identification and indication information #3 of RAN1 to the UE.

For example, if the UDM saves the identity of the UE and the identity of RAN1 in S409, then the UE passes the 4G After the base station reconnects to the network, UDM can send the identification of RAN1 and indication information #3 to the UE through the interworking process of the 4G and 5G networks, where the indication information #3 is used to indicate that RAN1 is not trustworthy.

It should be understood that if the UDM also receives and saves the identifier of RAN2 in S409, the UDM also sends the identifier of RAN2 to the UE. At this time, the indication information #3 is also used to indicate that RAN2 is untrustworthy.

Alternatively, S411 can also be described as: If the UDM receives and saves the RAN ID list in S409, the UDM sends the RAN ID list and indication information #3 to the UE. The indication information #3 is used to indicate that the RAN corresponding to the RAN ID list is not trustworthy. . It should be understood that after receiving the identification and indication information #3 of RAN1 from UDM, the UE can store policy information, which is used for cells in which the UE does not access RAN1 (optionally also including RAN2). For the specific implementation process, please refer to S406 and will not be repeated here.

It should be understood that if AMF1 locally maintains the identity of the UE and the identity of RAN1 (optionally also including RAN2), S411 may be performed by AMF1.

Example 2: S412, the UE reconnects to the 5G network through the mobility registration update process.

For example, RAN3 is an alternative RAN to RAN1. After the UE disconnects from RAN1, it can reconnect to the 5G network through RAN3 and AMF2. AMF2 can obtain the context of the UE from AMF1. It should be understood that AMF2 may be the same as AMF1 or may be different from AMF1. If AMF2 is the same as AMF1, then AMF2 does not need to perform the steps of obtaining the UE's context from AMF1.

Optionally, S413, UDM sends the identification of RAN1 and indication information #4 to the UE. The indication information #4 is used to indicate that RAN1 is untrustworthy.

It should be understood that if the UDM also receives and saves the identifier of RAN2 in S409, the UDM also sends the identifier of RAN2 to the UE. At this time, the indication information #4 is also used to indicate that RAN2 is untrustworthy.

Alternatively, S413 can also be described as: If the UDM receives and saves the RAN ID list in S409, the UDM sends the RAN ID list and indication information #4 to the UE. The indication information #4 is used to indicate that the RAN corresponding to the RAN ID list is not trustworthy. .

Figure 5 shows an exemplary flowchart of the method 500 provided by the embodiment of the present application. In one implementation, AMF1 in method 500 may correspond to the mobility management network element in method 300, RAN1 in method 500 may correspond to the first access network device in method 300, and RAN2 in method 500 may correspond to For the second access network device in method 300, the UE in method 500 may correspond to the terminal device in method 300, and the indication information #1 in method 500 may correspond to the first indication information in method 300.

In method 500, after AMF1 determines that RAN1 is not trustworthy, it indicates to the UE on RAN1 that RAN1 is not trustworthy (or instructs to disconnect from RAN1), and triggers the deregistration process of the UE. After the UE disconnects from RAN1, the UE can re-access the network through the initial registration process. In this way, AMF1 can release the context of the UE, thereby saving AMF1's resources. The method 500 is exemplarily described below in conjunction with each step.

S501, AMF1 determines that RAN1 is not trustworthy.

It should be understood that this application does not limit the specific manner in which AMF1 determines that RAN1 is untrustworthy, and reference may be made to S401 in method 400 for specific instructions.

Optionally, S502, AMF1 determines that RAN1 has no alternative RAN.

For example, after AMF1 determines that RAN1 is untrustworthy, it determines whether there is an alternative RAN in the coverage area of RAN1.

On the other hand, AMF1 can also verify the RRC connection status of the UE (including connected state, idle state, inactive state, etc.) and the mode of the UE accessing the network (including 3GPP mode and non-3GPP mode).

When the UE is in the connected state and the UE is connected to RAN1, AMF1 notifies the UE that RAN1 is not trustworthy.

It should be understood that if the UE only accesses the network through 3GPP, AMF1 may indicate to the UE that RAN1 is untrustworthy through a NAS message.

It should also be understood that if RAN1 has no alternative RAN, AMF1 may indicate to the UE that RAN1 is untrustworthy during the de-registration process. The details are shown in S503.

S503. AMF1 sends a deregistration request message to the UE.

For example, the deregistration request message is used to request the terminal device to deregister from the network.

The deregistration request message includes indication information #1. The indication information #1 is used to indicate that the RAN (i.e., RAN1) to which the UE is connected is not trustworthy, or the indication information is used to indicate to disconnect from RAN1, or the The indication information #1 is used to instruct the UE to switch to another RAN, or the indication information #1 is used to instruct the UE to perform redirection.

It should be noted that RAN1 has no alternative RAN. If the UE disconnects from RAN1, there may not be (or may not be found in a short time) other RANs for accessing the network, and AMF1 can trigger the UE to deregister. During the de-registration process, AMF1 deletes the context of the UE, thereby saving AMF1's resources.

Optionally, the deregistration request message may include the identity of RAN1.

Optionally, the de-registration request message may also include a RAN ID list, which includes the identification of one or more untrusted RANs. For example, after SPCF determines that multiple RANs are untrustworthy, it notifies AMF1 that the multiple RANs are untrustworthy. In this case, AMF1 can send the RAN ID list to the UE.

Optionally, the de-registration request message may also include timer information, which may be used to indicate the time when RAN1 is untrustworthy, or the timer information may be used to indicate one or more of the RAN ID lists. RAN can't be trusted at all times. Therefore, when the time indicated by the timer information expires, the UE can determine that the RAN corresponding to the timer is trustworthy, or in other words, the UE can delete the identifier of the RAN corresponding to the timer information from the untrusted RAN ID list. .

S504: The UE sends a deregistration acceptance message to AMF1.

Exemplarily, after receiving the deregistration request message from AMF1, the UE sends a deregistration accept message to AMF1.

Further, AMF1 triggers the network side to de-register the UE. The specific process may refer to the existing protocol, which is not limited in this application.

S505, the UE disconnects from RAN1.

Optionally, S506, the UE stores policy information.

Optionally, S507, AMF1 sends the identity of the UE and the identity of RAN1 to the UDM.

Optionally, S508, UDM stores the identity of the UE and the identity of RAN1.

It should be understood that S505 to S508 are similar to S405, S406, S408, and S409 in method 400, and will not be described again here for the sake of brevity.

Example 1: S509, the UE accesses the 4G network through the initial registration process.

For example, the eNB is an alternative RAN of RAN1. After the UE disconnects from the RAN1, it can access the 4G network through the eNB and the MME corresponding to the eNB. It should be understood that since the network side performs the de-registration process of the UE, in S509, the UE accesses the 4G network through the initial registration process.

S510. UDM sends the identification and indication information #3 of RAN1 to the UE.

It should be understood that S510 is similar to S411 in method 400, and will not be described again here for the sake of brevity.

Example 2: S511, the UE re-accesses the 5G network through the initial registration process.

For example, RAN3 is an alternative RAN to RAN1. After the UE disconnects from RAN1, it can reconnect to the 5G network through RAN3 and AMF2. It should be understood that since the network side performs the de-registration process of the UE, in S511, the UE accesses the 5G network through the initial registration process.

S512: UDM sends the identification and indication information #4 of RAN1 to the UE.

It should be understood that S512 is similar to S511 in method 400, and will not be described again here for the sake of brevity.

Figure 6 shows an exemplary flowchart of the method 600 provided by the embodiment of the present application. In one implementation, AMF1 in method 600 may correspond to the mobility management network element in method 300, RAN1 in method 600 may correspond to the first access network device in method 300, and RAN2 in method 600 may correspond to For the second access network device in the method 300, the UE in the method 600 may correspond to the terminal device in the method 300, and the N3IWF/TNGF in the method 600 may correspond to the non-3rd Generation Partnership Project technical interworking in the method 300. Functional network element, the indication information #1 in the method 600 may correspond to the first indication information in the method 300.

In method 600, after AMF1 determines that RAN1 is untrustworthy, if AMF1 finds that the UE accesses the network through 3GPP and non-3GPP, AMF1 can send indication information #1 to the UE through non-3GPP to trigger the UE to disconnect from RAN1 , thereby preventing the situation where indication information #1 cannot be delivered to the UE due to RAN1 not forwarding the NAS message. The following is an exemplary description of the method 600 in combination with each step.

S601, AMF1 determines that RAN1 is not trustworthy.

It should be understood that this application does not limit the specific manner in which AMF1 determines that RAN1 is untrustworthy. For specific description, reference may be made to S401 in method 400, which will not be described again here.

Optionally, S602, AMF1 determines that the UE accesses the network through 3GPP or non-3GPP.

For example, after AMF1 determines that RAN1 is untrustworthy, it can verify the RRC connection status of the UE (including connected state, idle state, inactive state, etc.) and the method of the UE accessing the network (including 3GPP method and non-3GPP method).

If the UE is in the connected state and the UE is connected to RAN1, AMF1 notifies the UE that RAN1 is not trustworthy.

If the UE accesses the network through 3GPP and non-3GPP at the same time, AMF1 can notify the UE that RAN1 is not trustworthy through N3IWF/TNGF. Details are shown in S603 to S605.

S603, AMF1 sends the N2 message to the non-3GPP interworking function (N3IWF) network element/trusted non-3GPP gateway function (TNGF) network element.

Exemplarily, the N2 message includes indication information #1. The indication information #1 is used to indicate that the RAN (i.e., RAN1) to which the UE is connected is not trustworthy, or the indication information is used to instruct the UE to disconnect from RAN1. , or the indication information is used to instruct the UE to switch to other RAN.

Optionally, the N2 message may include the identity of RAN1.

Optionally, the N2 message may also include a RAN ID list, which includes the identities of multiple untrusted RANs, including the identity of RAN1.

Optionally, the N2 message may also include a timer, which is used to indicate the time when RAN1 is untrustworthy, or the timer is used to indicate the time when one or more RANs in the RAN ID list are untrustworthy. That is to say, when the timer expires, the UE can determine that the RAN corresponding to the timer has become trusted, or in other words, the UE can delete the identity of the RAN corresponding to the timer from the RAN ID list.

S604, T3IWF/TNGF sends indication information #1 to the UE.

For example, after receiving the N2 message from AMF1, T3IWF/TNGF sends indication information #1 to the UE.

Optionally, T3IWF/TNGF can also send a RAN ID list and/or timer to the UE, which is not limited by this application. Certainly.

S605: The UE sends an Ack message to AMF1 through T3IWF/TNGF.

For example, after receiving the indication information #1, the UE may send an Ack message to AMF1 through T3IWF/TNGF.

S606: The UE disconnects from RAN1.

It should be understood that S606 is similar to S405 in method 400 and will not be described again here.

S607: The UE stores policy information.

Illustratively, the UE stores policy information. This policy information is used for the UE not to access a cell of an untrusted RAN, or this policy information is used for the UE not to access the network through 3GPP.

In one implementation, according to the policy information, the UE does not attempt to access the network through 3GPP before receiving a new indication.

In another implementation manner, the UE selects a cell for access according to the policy information. The specific implementation manner is similar to S406 in method 400. For the sake of simplicity, details will not be described here.

It should be understood that S608 to S609 are similar to S408 to S409 in method 400, and will not be described again here.

It should also be understood that after the UE disconnects from RAN1, it can access the 4G network through the redirection process, or re-access the 5G network through the mobility registration update process. Example 1 (S410-S411) in the specific process and method 400 It is similar to Example 2 (S412-S413) and will not be described again here.

Figure 7 shows an exemplary flow chart of the communication method 700 provided by the embodiment of the present application. In one implementation, the SPCF in method 700 may correspond to the security policy control network element in method 300, the AMF1/network management device in method 700 may correspond to the first device in method 300, and the RAN4 in method 700 It may correspond to the third access network device in method 300.

In method 700, after the AMF1/network management device determines that RAN1 is untrustworthy, it may instruct other RANs (such as RAN4 in Figure 7) not to switch the UE to the cell of RAN1 to improve communication security. It should be understood that method 700 can be implemented independently or in combination with methods 400 to 600. For example, method 700 can be used as a parallel solution of method 400 and executed after S401 in method 400, which is not limited by this application. The following is an exemplary description of the method 700 in combination with each step.

S701, SPCF sends instruction information #3 to AMF1/network management device. Correspondingly, AMF1/network management device receives indication information #3 from SPCF.

For example, after the SPCF determines that RAN1 is not trustworthy, it may send indication information #3 to the AMF1/network management device. The indication information #3 is used to indicate that RAN1 is not trustworthy. The network management device is, for example, an operation, administration and maintenance (OAM) device. For convenience, the following description will take OAM as the network management device as an example. It should be noted that the AMF1/network management device in the embodiment of this application refers to the AMF1 or the network management device, and other similar places will not be repeatedly explained.

Optionally, if the SPCF determines that multiple RANs are untrustworthy, the indication information #3 may be used to indicate that the multiple RANs are untrustworthy. As an implementation method, SPCF can send a RAN ID list to AMF1/OAM. The RAN ID list includes the identification of one or more untrusted RANs.

Optionally, SPCF can also send a timer to AMF1/OAM, which is used to indicate the time when RAN1 is untrustworthy.

After receiving the instruction message #3, AMF1/OAM can save the identity of RAN1. If the OAM also receives a timer indicating the untrusted time of RAN1, after the timer expires, the OAM can delete the RAN1 logo.

S702, AMF1/OAM sends configuration information to RAN4.

For example, after receiving the instruction information #3 from SPCF, AMF1/OAM can send configuration information to RAN4. The configuration information includes the identity of RAN1 and the cell switching strategy. The cell switching strategy is used to not switch the UE to RAN1. community.

Optionally, the configuration information may also include a RAN ID list and a timer, which are not limited in this application.

It should be understood that the RAN4 can be any RAN, or it can be a RAN connected to RAN1, or a RAN that has overlapping coverage with RAN1, or any RAN controlled by AMF1, or a RAN that is physically adjacent to RAN1. This application is not limited.

After receiving the configuration information, RAN4 performs cell handover according to the configuration information. For example, during the cell handover process, a UE on RAN4 measures the signal strength of the candidate cell, and then reports the measurement report of the candidate cell to RAN4. After RAN4 receives the measurement report from the UE, if the identity of the RAN where the candidate cell is located is the same as the identity of RAN1 (or is included in the RAN ID list), RAN4 determines not to handover the UE to the candidate cell, or in other words, RAN4 does not switch the candidate cell. The candidate cell is used as the target cell.

It should be understood that method 700 can be implemented independently or in combination with methods 400 to 600, which is not limited in this application.

Based on the above solution, after receiving the indication information #3 from the SPCF, AMF1/OAM can determine that RAN1 is not trustworthy based on the indication information #3. Based on this, AMF1/OAM can send configuration information to RAN4 to instruct not to switch the UE to the cell of RAN1, so that RAN4 does not switch the terminal device to the cell of RAN1, thereby improving the communication security of the UE.

Corresponding to the methods provided in each of the above method embodiments, embodiments of the present application also provide corresponding devices, which include modules for executing corresponding modules in each of the above method embodiments. The module can be software, hardware, or a combination of software and hardware. It can be understood that the technical features described in the above method embodiments are also applicable to the following device embodiments. Therefore, content that is not described in detail can be referred to the above method embodiments. For the sake of brevity, they will not be described again here.

FIG. 8 is a schematic block diagram of the communication device 10 provided by the embodiment of the present application. The device 10 includes a transceiver module 11 and a processing module 12 . The transceiver module 11 can implement corresponding communication functions, and the processing module 12 is used to perform data processing, or in other words, the transceiver module 11 is used to perform operations related to receiving and sending, and the processing module 12 is used to perform other operations besides receiving and sending. . The transceiver module 11 may also be called a communication interface or communication unit.

Optionally, the device 10 may also include a storage module 13, which may be used to store instructions and/or data, and the processing module 12 may read the instructions and/or data in the storage module, so that the device implements each of the foregoing. Actions of the device or network element in the method embodiment.

In the first design, the device 10 may correspond to the mobility management network element in the above method embodiment (such as the mobility management network element in method 300, or AMF1 in methods 400 to 700), or a mobile management network element. Management network element components (such as chips).

The device 10 can implement steps or processes corresponding to the execution of the mobility management network element in the above method embodiment, wherein the transceiver module 11 can be used to perform operations related to the transceiver of the mobility management network element in the above method embodiment, and the processing module 12 It can be used to perform operations related to processing of the mobile mobility management network element in the above method embodiment.

In a possible implementation, the processing module 12 is used to determine that the first access network device is untrustworthy; the transceiver module 11 is used to send first indication information to a terminal device connected to the first access network device. An indication information is used to indicate that the first access network device is untrustworthy, or to instruct to disconnect from the first access network device.

Optionally, the processing module 12 is also configured to determine that the second access network device is untrustworthy; the transceiver module 11 is also configured to send the identification of the second access network device to the terminal device.

Optionally, the transceiver module 11 is also configured to send timer information to the terminal device, where the timer information is used to indicate the time when the first access network device is untrustworthy.

Optionally, the transceiver module 11 is specifically configured to send a de-registration request message to the terminal device. The de-registration request message is used to request the terminal device to de-register from the currently connected network. The de-registration request message includes the first indication. information.

Optionally, when the terminal device accesses the network through the third generation partnership program technology and the non-third generation partnership program technology, the transceiver module 11 is specifically used to interoperate through the non-third generation partnership program technology. The network element sends the first indication information to the terminal device.

Optionally, the transceiver module 11 is also configured to send configuration information to the third access network device, where the configuration information is used to indicate not to perform handover to the cell of the first access network device.

Optionally, the transceiver module 11 is also configured to receive second indication information from the security policy control network element, where the second indication information is used to indicate that the first access network device is untrustworthy.

In the second design, the device 10 may correspond to the terminal equipment in the above method embodiment (such as the terminal equipment in method 300, or the UE in methods 400 to 600), or a component of the terminal equipment. (such as chips).

The device 10 can implement steps or processes corresponding to those performed by the terminal device in the above method embodiment, wherein the transceiver module 11 can be used to perform operations related to the transceiver of the terminal device in the above method embodiment, and the processing module 12 can be used to perform Operations related to processing of the terminal device in the above method embodiment.

In one possible implementation, the transceiver module 11 is configured to receive first indication information from the mobility management network element. The first indication information is used to indicate that the first access network device connected to the terminal device is not trustworthy, or is used to indicate that the first access network device connected to the terminal device is untrustworthy. To instruct to disconnect from the first access network device; the processing module 12 is configured to disconnect from the first access network device.

Optionally, the processing module 12 is also configured to store first policy information, where the first policy information is used to indicate a cell in which the first access network device is not to be accessed.

Optionally, the transceiver module 11 is also configured to receive timer information from the mobility management network element, where the timer information is used to indicate the time when the first access network device is untrustworthy; the processing module 12 is also configured to After the time indicated by the timer information expires, the first policy information is deleted.

Optionally, the transceiver module 11 is also configured to receive the identity of the second access network device from the mobility management network element; the processing module 12 is also configured to store second policy information, the second policy information is used to indicate that no A cell that accesses the second access network device.

The transceiver module 11 is specifically configured to receive a de-registration request message from the mobility management network element. The de-registration request message is used to request the terminal device to de-register from the currently connected network. The de-registration request message includes the first indication information. .

Optionally, in the case where the terminal device also accesses the network through non-3rd Generation Partner Program technology, the transceiver module 11 is specifically configured to receive information from the mobile management network element through non-3rd Generation Partner Program technology interworking function network element. The first indication information of the network element.

It should be understood that the specific process of each module performing the above corresponding steps has been described in detail in each of the above method embodiments, and will not be described again for the sake of brevity.

It should also be understood that the device 10 here is embodied in the form of a functional module. The term "module" as used herein may refer to an application specific integrated circuit (ASIC), an electronic circuit, for executing a or Multiple software or firmware programs of processors (eg, shared processors, dedicated processors, or group processors, etc.) and memory, merged logic, and/or other suitable components to support the described functionality. In an optional example, those skilled in the art can understand that the device 10 can be specifically the mobility management network element in the above embodiments, and can be used to execute various processes and/or corresponding to the mobility management network element in the above method embodiments. or steps; alternatively, the apparatus 10 may be specifically a terminal device in the above embodiments, and may be used to execute various processes and/or steps corresponding to the terminal devices in the above method embodiments. To avoid duplication, they will not be described again here.

The apparatus 10 of each of the above solutions is executed by equipment (such as a mobility management network element, a first device, a third access network device, a data management network element, a terminal device, etc.) that implements the above method. function of the corresponding steps. This function can be implemented by hardware, or it can be implemented by hardware executing corresponding software. The hardware or software includes one or more modules corresponding to the above functions; for example, the transceiver module can be replaced by a transceiver (for example, the sending unit in the transceiver module can be replaced by a transmitter, and the receiving unit in the transceiver module can be replaced by a receiver. Instead), other units, such as processing modules, etc. can be replaced by processors to respectively perform the sending and receiving operations and related processing operations in each method embodiment.

In addition, the above-mentioned transceiver module 11 may also be a transceiver circuit (for example, it may include a receiving circuit and a transmitting circuit), and the processing module may be a processing circuit.

FIG. 9 is a schematic diagram of another communication device 20 according to an embodiment of the present application. The device 20 includes a processor 21, which is used to execute computer programs or instructions stored in the memory 22, or read data/signaling stored in the memory 22, to perform the methods in each of the above method embodiments. Optionally, there are one or more processors 21 .

Optionally, as shown in Figure 9, the device 20 further includes a memory 22, which is used to store computer programs or instructions and/or data. The memory 22 may be integrated with the processor 21 or may be provided separately. Optionally, there are one or more memories 22 .

Optionally, as shown in Figure 9, the device 20 also includes a transceiver 23, which is used for receiving and/or transmitting signals. For example, the processor 21 is used to control the transceiver 23 to receive and/or transmit signals.

As a solution, the device 20 is used to implement the operations performed by the mobility management network element in each of the above method embodiments.

For example, the processor 21 is used to execute the computer program or instructions stored in the memory 22 to implement the related operations of the mobility management network element in each of the above method embodiments. For example, the processor 21 executes the computer program or instructions stored in the memory 22 to implement The method performed by the mobility management network element in Figure 3, or the method used to instruct the AMF1 in Figures 4 to 7.

As another solution, the device 20 is used to implement the operations performed by the terminal device in each of the above method embodiments.

For example, the processor 21 is used to execute computer programs or instructions stored in the memory 22 to implement related operations of the terminal device in each of the above method embodiments. For example, the processor 21 executes the computer program or execution stored in the memory 22, which may implement the method executed by the terminal device in FIG. 3, or be used to instruct the method executed by the UE in FIGS. 4 to 7.

It should be understood that the processor mentioned in the embodiments of this application may be a central processing unit (CPU), or other general-purpose processor, digital signal processor (DSP), or application-specific integrated circuit (ASIC). application specific integrated circuit (ASIC), off-the-shelf programmable gate array (field programmable gate array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. A general-purpose processor may be a microprocessor or the processor may be any conventional processor, etc.

It should also be understood that the memory mentioned in the embodiments of the present application may be a volatile memory and/or a non-volatile memory. Among them, the non-volatile memory can be read-only memory (ROM), programmable read-only memory Programmable ROM (PROM), erasable programmable read-only memory (erasable PROM, EPROM), electrically erasable programmable read-only memory (electrically EPROM, EEPROM) or flash memory. Volatile memory may be random access memory (RAM). For example, RAM can be used as an external cache. By way of example and not limitation, RAM includes the following forms: static random access memory (static RAM, SRAM), dynamic random access memory (dynamic RAM, DRAM), synchronous dynamic random access memory (synchronous DRAM, SDRAM), Double data rate synchronous dynamic random access memory (double data rate SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (enhanced SDRAM, ESDRAM), synchronous link dynamic random access memory (synchlink DRAM, SLDRAM) and direct Memory bus random access memory (direct rambus RAM, DR RAM).

It should be noted that when the processor is a general-purpose processor, DSP, ASIC, FPGA or other programmable logic device, discrete gate or transistor logic device, or discrete hardware component, the memory (storage module) can be integrated in the processor.

It should also be noted that the memories described herein are intended to include, but are not limited to, these and any other suitable types of memories.

FIG. 10 is a schematic diagram of a chip system 30 provided by an embodiment of the present application. The chip system 30 (or can also be called a processing system) includes a logic circuit 31 and an input/output interface 32.

The logic circuit 31 may be a processing circuit in the chip system 30 . The logic circuit 31 can be coupled to the memory unit and call instructions in the memory unit, so that the chip system 30 can implement the methods and functions of various embodiments of the present application. The input/output interface 32 can be an input/output circuit in the chip system 30, which outputs information processed by the chip system 30, or inputs data or signaling information to be processed into the chip system 30 for processing.

Specifically, for example, if the mobile management network element is installed with the chip system 30, the logic circuit 31 is coupled with the input/output interface 32, the logic circuit 31 can determine that the first access network device is not trustworthy, and then send it through the input/output interface 32. First instruction message. For another example, if the terminal device is equipped with the chip system 30, the logic circuit 31 is coupled to the input/output interface 32, the logic circuit 31 can receive the first instruction information through the input/output interface 32, and the input/output interface 32 can transmit the first instruction information. The information is input to the logic circuit 31 for processing, and the logic circuit 31 can disconnect from the first access network device according to the first instruction information.

As a solution, the chip system 30 is used to implement the operations performed by the mobility management network element (the mobility management network element in Figure 3, or AMF1 in Figures 4-7) in each of the above method embodiments.

For example, the logic circuit 31 is used to implement the processing-related operations performed by the mobility management network element in the above method embodiment, such as the processing-related operations performed by the mobility management network element in the embodiment shown in Figure 3, or Figure 4 to the processing related operations performed by AMF1 in any embodiment shown in Figure 7; the input/output interface 32 is used to implement the sending and/or receiving related operations performed by the mobility management network element in the above method embodiment, For example, the sending and/or receiving related operations performed by the mobility management network element in the embodiment shown in Figure 3, or the sending and/or receiving related operations performed by AMF1 in any one of the embodiments shown in Figures 4 to 7. operate.

As another solution, the chip system 30 is used to implement the operations performed by the terminal device (the terminal device in Figure 3, or the UE in Figures 4 to 7) in each of the above method embodiments.

For example, the logic circuit 31 is used to implement the processing-related operations performed by the terminal device in the above method embodiment, such as the processing-related operations performed by the terminal device in the embodiment shown in Figure 3, or Figures 4 to 7 Processing-related operations performed by the UE in any of the embodiments shown; the input/output interface 32 is used to implement the sending and/or reception-related operations performed by the terminal device in the above method embodiments, such as shown in Figure 3 The terminal device in the illustrated embodiment executes Transmitting and/or receiving related operations, or transmitting and/or receiving related operations performed by the UE in any one of the embodiments shown in FIGS. 4 to 7 .

Embodiments of the present application also provide a computer-readable storage medium on which computer instructions for implementing the methods executed by the device in each of the above method embodiments are stored.

For example, when the computer program is executed by a computer, the computer can implement the method executed by the mobility management network element in each embodiment of the above method.

For another example, when the computer program is executed by a computer, the computer can implement the method executed by the terminal device in each embodiment of the above method.

Embodiments of the present application also provide a computer program product, which includes instructions. When the instructions are executed by a computer, the instructions in the above method embodiments are implemented by a device (such as a mobile management network element, a first device, or a third access device). Network equipment, such as data management network elements, terminal equipment, etc.) execution method.

Embodiments of the present application also provide a communication system, including one or more of the aforementioned network elements (such as mobility management network elements, data management network elements, third access network equipment, first equipment, etc.), and/or terminals equipment.

For explanations of relevant content and beneficial effects of any of the devices provided above, please refer to the corresponding method embodiments provided above, and will not be described again here.

In the several embodiments provided in this application, it should be understood that the disclosed devices and methods can be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components may be combined or can be integrated into another system, or some features can be ignored, or not implemented. In addition, the coupling or direct coupling or communication connection between each other shown or discussed may be through some interfaces, and the indirect coupling or communication connection of the devices or units may be in electrical, mechanical or other forms.

In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented using software, it may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on a computer, the processes or functions described in the embodiments of the present application are generated in whole or in part. The computer may be a general-purpose computer, a special-purpose computer, a computer network, or other programmable device. For example, the computer may be a personal computer, a server, or a network device. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another, e.g., the computer instructions may be transferred from a website, computer, server, or data center Transmission to another website, computer, server or data center by wired (such as coaxial cable, optical fiber, digital subscriber line (DSL)) or wireless (such as infrared, wireless, microwave, etc.) means. The computer-readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains one or more available media integrated. The available media may be magnetic media (such as floppy disks, hard disks, magnetic tapes), optical media (such as DVDs), or semiconductor media (such as solid state disks (SSD)), etc. For example, the aforementioned available media include but Not limited to: U disk, mobile hard disk, read-only memory (ROM), random access memory (RAM), magnetic disk or optical disk and other media that can store program code.

The above are only specific embodiments of the present application, but the protection scope of the present application is not limited thereto. Any person familiar with the technical field can easily think of changes or substitutions within the technical scope disclosed in the present application. should be covered by the protection scope of this application. Therefore, the protection scope of this application should be subject to the protection scope of the claims.

Claims

A communication method, characterized by including:

The mobility management network element determines that the first access network device is not trustworthy;

The mobility management network element sends first indication information to a terminal device connected to the first access network device. The first indication information is used to indicate that the first access network device is untrustworthy, or to indicate that the first access network device is disconnected. Open a connection with the first access network device.
The method of claim 1, further comprising:

The mobility management network element determines that the second access network device is not trustworthy;

The mobility management network element sends the identification of the second access network device to the terminal device.
The method according to claim 1 or 2, characterized in that, the method further includes:

The mobility management network element sends timer information to the terminal device, where the timer information is used to indicate the time when the first access network device is untrustworthy.
The method according to any one of claims 1 to 3, characterized in that the mobility management network element sends first indication information to the terminal device, including:

The mobility management network element sends a deregistration request message to the terminal device. The deregistration request message is used to request the terminal device to deregister from the currently connected network. The deregistration request message includes the first indication. information.
The method according to any one of claims 1 to 3, characterized in that when the terminal device accesses the network through the third generation partnership program technology and the non-third generation partnership program technology, the The mobility management network element sends first instruction information to the terminal device, including:

The mobility management network element sends the first instruction information to the terminal device through a non-3rd generation partnership program technology interworking function network element.
The method according to any one of claims 1 to 5, characterized in that the method further includes:

The mobility management network element sends configuration information to the third access network device, where the configuration information is used to indicate not to perform handover to the cell of the first access network device.
The method according to any one of claims 1 to 6, characterized in that, before the mobility management network element determines that the first access network device is untrustworthy, the method further includes:

The mobility management network element receives second indication information from the security policy control network element, and the second indication information is used to indicate that the first access network device is untrustworthy.
A communication method, characterized by including:

The terminal device receives first indication information from the mobility management network element. The first indication information is used to indicate that the first access network device connected to the terminal device is untrustworthy, or to indicate disconnection from the first access network device. Connection of access network equipment;

After receiving the first indication information, the terminal device disconnects from the first access network device.
The method according to claim 8, characterized in that after the terminal device receives the first indication information, the method further includes:

The terminal device stores first policy information, and the first policy information is used to indicate not to access a cell of the first access network device.
The method of claim 9, further comprising:

The terminal device receives timer information from the mobility management network element, and the timer information is used to indicate that the The time when the first access network device is untrustworthy;

After the time indicated by the timer information expires, the terminal device deletes the first policy information.
The method according to any one of claims 8 to 10, characterized in that the method further includes:

The terminal device receives the identification of the second access network device from the mobility management network element;

The terminal device stores second policy information, and the second policy information is used to indicate not to access a cell of the second access network device.
The method according to any one of claims 8 to 11, characterized in that the terminal device receives the first indication information from the mobility management network element, including:

The terminal device receives a de-registration request message from the mobility management network element. The de-registration request message is used to request the terminal device to de-register from the currently connected network. The de-registration request message includes the first Instructions.
The method according to any one of claims 8 to 11, characterized in that when the terminal device also accesses the network through non-3rd Generation Partnership Project technology,

The terminal device receives the first indication information from the mobility management network element, including:

The terminal device receives the first indication information from the mobility management network element through a non-3rd Generation Partnership Project technology interworking function network element.
A communication device, characterized in that the device includes one or more functional modules, and the one or more functional modules are: used to perform the method according to any one of claims 1 to 7, or used to The method as claimed in any one of claims 8 to 13 is carried out.
A communication device, characterized by including:

Processor, configured to execute a computer program stored in the memory, so that the device performs the method as claimed in any one of claims 1 to 7, or so that the device performs the method as claimed in any one of claims 8 to 13 method described in the item.
A computer program product, characterized in that the computer program product includes instructions for executing the method as claimed in any one of claims 1 to 7, or the computer program product includes instructions for executing the method as claimed in any one of claims 1 to 7. Instructions for the method described in any one of 8 to 13.
A computer-readable storage medium, characterized by comprising: the computer-readable storage medium stores a computer program; when the computer program is run on a computer, it causes the computer to execute any one of claims 1 to 7 The method described in claim 8, or causing the computer to perform the method described in any one of claims 8 to 13.