WO2024079797A1 - Dispositif de divulgation d'informations d'utilisateur, système de communication et procédé de divulgation d'informations d'utilisateur - Google Patents

Dispositif de divulgation d'informations d'utilisateur, système de communication et procédé de divulgation d'informations d'utilisateur Download PDF

Info

Publication number
WO2024079797A1
WO2024079797A1 PCT/JP2022/037931 JP2022037931W WO2024079797A1 WO 2024079797 A1 WO2024079797 A1 WO 2024079797A1 JP 2022037931 W JP2022037931 W JP 2022037931W WO 2024079797 A1 WO2024079797 A1 WO 2024079797A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
terminal
authorization
user
user information
Prior art date
Application number
PCT/JP2022/037931
Other languages
English (en)
Japanese (ja)
Inventor
淳 巳之口
悠司 鈴木
健太 山内
Original Assignee
株式会社Nttドコモ
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社Nttドコモ filed Critical 株式会社Nttドコモ
Priority to PCT/JP2022/037931 priority Critical patent/WO2024079797A1/fr
Publication of WO2024079797A1 publication Critical patent/WO2024079797A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines
    • G06F16/9535Search customisation based on user profiles and personalisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W92/00Interfaces specially adapted for wireless communication networks

Definitions

  • the present invention relates to technology for ID integration.
  • 5G Fifth Generation Partnership Project
  • 5G New Radio
  • 5G 5G
  • various wireless technologies are being studied to meet the requirements of achieving a throughput of 10 Gbps or more while keeping latency in wireless sections to 1 ms or less.
  • NR is considering a network architecture including 5GC (5G Core Network), which corresponds to EPC (Evolved Packet Core), the core network in the network architecture of LTE (Long Term Evolution), and NG-RAN (Next Generation-Radio Access Network), which corresponds to E-UTRAN (Evolved Universal Terrestrial Radio Access Network), the RAN (Radio Access Network) in the network architecture of LTE (for example, non-patent document 1).
  • 5GC 5G Core Network
  • EPC Evolved Packet Core
  • LTE Long Term Evolution
  • NG-RAN Next Generation-Radio Access Network
  • E-UTRAN Evolved Universal Terrestrial Radio Access Network
  • the RAN Radio Access Network
  • an architecture is being considered in which the northbound interface between the NEF (Network Exposure Function) and AF (Application Function) in a 5G system is configured using the CAPIF (Common API Framework) (for example, Non-Patent Document 2, Non-Patent Document 3, and Non-Patent Document 4).
  • NEF Network Exposure Function
  • AF Application Function
  • CAPIF Common API Framework
  • 3GPP TS 23.501 V17.6.0 (2022-09) 3GPP TS 23.222 V17.7.0 (2022-09) 3GPP TS 33.122 V17.0.0 (2022-03) 3GPP TR 23.700-95 V1.5.0 (2022-09)
  • ID linking technology which allows users to centrally manage the ID information that they previously registered separately for each site, is attracting attention.
  • OpenID registered trademark
  • ID linking technology such as OpenID (registered trademark) Connect has not been introduced into the 5G system.
  • the present invention was made in consideration of the above points, and aims to provide technology that makes it possible to provide dynamic information to an application server within a mechanism for ID federation.
  • a receiving unit receives a user information request including a user identifier from an application server authorized to perform a specific process; a control unit that acquires information corresponding to the user identifier from a data storage device in the communication system;
  • a user information disclosure device comprising: a transmission unit that transmits user information created based on the information to the application server.
  • the disclosed technology provides a technique that enables dynamic information to be provided to an application server within a mechanism for ID federation.
  • FIG. 1 is a diagram illustrating an example of a communication system.
  • FIG. 1 is a diagram for explaining an example of a communication system in a roaming environment.
  • FIG. 2 illustrates an example of an API call.
  • 1 is a diagram illustrating an example of a communication system according to an embodiment of the present invention.
  • FIG. 2 is a sequence diagram of the first embodiment.
  • FIG. 2 is a sequence diagram of the first embodiment.
  • FIG. 2 is a sequence diagram of the first embodiment.
  • FIG. 11 is a sequence diagram of the second embodiment.
  • FIG. 13 is a sequence diagram of the third embodiment.
  • FIG. 2 is a diagram illustrating an example of a functional configuration of an authorization device 40 according to an embodiment of the present invention.
  • FIG. 2 is a diagram illustrating an example of a functional configuration of a user information disclosure device 50 according to an embodiment of the present invention.
  • FIG. 2 is a diagram illustrating an example of a hardware configuration of an apparatus according to an embodiment of the present invention.
  • 1 is a diagram showing an example of a configuration of a vehicle according to an embodiment of the present invention.
  • existing technologies are used as appropriate.
  • the existing technologies are, for example, existing LTE or existing NR (5G), but are not limited to existing LTE or existing NR.
  • OIDC OpenID (registered trademark) Connect
  • OIDC OpenID (registered trademark) Connect
  • “configuring" wireless parameters etc. may mean that predetermined values are pre-configured, or that wireless parameters notified from the network node device 30 or the terminal 20 are configured.
  • FIG. 1 is a diagram for explaining an example of a communication system.
  • the communication system is composed of a UE, which is a terminal 20, and multiple network node devices.
  • a UE which is a terminal 20
  • multiple network node devices In the following, it is assumed that one network node device corresponds to each function, but multiple functions may be realized by one network node device, or multiple network node devices may realize one function.
  • the "connection" described below may be a logical connection or a physical connection.
  • the RAN Radio Access Network
  • the RAN is a network node device having a radio access function, which may include a base station, and is connected to a UE, an AMF (Access and Mobility Management Function), and a UPF (User plane function).
  • the AMF is a network node device having functions such as RAN interface termination, NAS (Non-Access Stratum) termination, registration management, connection management, reachability management, and mobility management.
  • the UPF is a network node device having functions such as a PDU (Protocol Data Unit) session point to the outside that interconnects with a DN (Data Network), packet routing and forwarding, and user plane QoS (Quality of Service) handling.
  • the UPF and DN constitute a network slice. In the wireless communication network in an embodiment of the present invention, multiple network slices are constructed.
  • the AMF is connected to the UE, RAN, SMF (Session Management function), NSSF (Network Slice Selection Function), NEF (Network Exposure Function), NRF (Network Repository Function), UDM (Unified Data Management), UDR (Unified Data Repository), AUSF (Authentication Server Function), PCF (Policy Control Function), and AF (Application Function).
  • the AMF, SMF, NSSF, NEF, NRF, UDM, UDR, AUSF, PCF, and AF are network node devices that are interconnected via interfaces based on their respective services: Namf, Nsmf, Nnssf, Nnef, Nnrf, Nudm, Nudr, Nausf, Npcf, and Naf.
  • the SMF is a network node device having functions such as session management, IP (Internet Protocol) address allocation and management for UEs, DHCP (Dynamic Host Configuration Protocol) function, ARP (Address Resolution Protocol) proxy, and roaming function.
  • the NEF is a network node device having a function of notifying other NFs (Network Functions) of capabilities and events.
  • the NSSF is a network node device having functions such as selecting the network slice to which the UE connects, determining the allowed NSSAI (Network Slice Selection Assistance Information), determining the NSSAI to be set, and determining the AMF set to which the UE connects.
  • the PCF is a network node device having a function of controlling network policies.
  • the AF is a network node device having a function of controlling application servers.
  • the NRF is a network node device having a function of discovering NF instances that provide services.
  • the UDM is a network node device that manages subscriber data, authentication data, etc. The UDM also stores (manages) dynamic information according to the connection status of the terminal 20, etc.
  • the UDM is connected to a UDR (User Data Repository) that holds data.
  • FIG. 2 is a diagram for explaining an example of a communication system in a roaming environment.
  • the network is composed of a UE, which is a terminal 20, and multiple network node devices.
  • the SEPP is a non-transparent proxy that filters control plane messages between PLMNs (Public Land Mobile Networks).
  • the vSEPP shown in Figure 2 is a SEPP in a visited network, and the hSEPP is a SEPP in a home network.
  • the UE is in a roaming environment connected to the RAN and AMF in the VPLMN (Visited PLMN).
  • the VPLMN and the HPLMN (Home PLMN) are connected via vSEPP and hSEPP.
  • the UE can communicate with the UDM of the HPLMN, for example, via the AMF of the VPLMN.
  • the operation of this embodiment may be performed in either the configuration shown in FIG. 1 or FIG. 2. Furthermore, the operation of this embodiment may be performed in a configuration other than the configuration shown in FIG. 1 or FIG. 2.
  • the authorization device 40, user information disclosure device 50, etc. described below are assumed to be network node devices in 5GS, but are not limited to this assumption, and the authorization device 40, user information disclosure device 50, etc. may be devices in a communication system other than 5GS.
  • an API Application Programming Interface
  • CAPIF Common API Framework
  • the CAPIF architecture provides a mechanism that supports service API operations, for example, allowing an API invoker to discover a service API provided by an API provider and enabling communication using that service API.
  • the application server 60 (hereinafter referred to as the app server 60) that is the API caller described below may be provided in the above AF, and the API providing function (AEF) may be provided in the NEF, but this is not limited to this, and the app server 60 and the AEF may each be provided in any network node device. Furthermore, the app server 60 may be provided in a certain terminal or a certain base station. The app server 60 may also be referred to as the API caller (invoker).
  • the resource owner may be a network node device, a terminal 20, a base station, or another device. In this embodiment, it is assumed that the terminal 20 is the resource owner.
  • FIG. 3 shows an example of an API call.
  • APIs are open to external applications, and an API can be called from a third-party application server 60 to a network node device.
  • an application that calls an API is preregistered in the CAPIF core device 30 from the app server 60 using the CAPIF-API.
  • the CAPIF core device 30 authenticates and authorizes the application.
  • a service API is opened by the API Exposing Function (also written as AEF) 91 for authenticated and authorized applications, and the application that calls the API can use the functions of the API by calling the API.
  • the APF (API Publishing Function) 92 has the function of publishing the service API information of the API provider to the CAPIF core device 30.
  • the AMF (API Management Function) 91 has various management functions related to API calls.
  • the terminal 20 can authorize an API call to the application server 60 via the authorization device 40.
  • authorization can be achieved using the OAuth 2.0 mechanism.
  • the first, second and third embodiments will be described below.
  • the first embodiment is the basic embodiment.
  • the second and third embodiments are each modified versions of the first embodiment.
  • the second and third embodiments may each be implemented independently of the first embodiment.
  • the first, second and third embodiments may be implemented in combination.
  • a "user” is an entity (typically a person) that uses a terminal
  • a “terminal” is a device such as a smartphone.
  • a “terminal” may also be called a "user.”
  • ID federation technology that enables users to centrally manage ID information that was previously registered separately for each site has been attracting attention.
  • OpenID registered trademark
  • ID federation instead of introducing ID federation into 5GS, it is also possible to realize ID federation at the application layer. However, in that case, it is likely that only static user information will be handled in the user information federation that constitutes ID federation.
  • OIDC OpenID (registered trademark) Connect
  • OP OpenID (registered trademark) Provider
  • token endpoint function of OIDC OP can be included by slightly extending the CAPIF authorization function (authorization device 40) and the CAPIF core function (CAPIF core device 30), respectively.
  • 5GS does not have a function corresponding to the user information endpoint function of OIDC OP. Therefore, there is an issue with the conventional technology in that it is not possible to properly perform ID federation based on OIDC.
  • OIDC is introduced into a communication system (assuming 5GS here) so that the communication system can provide ID federation, including dynamic user information federation.
  • the CAPIF authorization function (called the authorization device 40) includes the authorization endpoint function of the OIDC OP.
  • an interface with the authorization device 40 is provided in the CAPIF core function (called the CAPIF core device 30) so that it can generate ID tokens. This enables the CAPIF core device 30 to execute the token termination point function of the OIDC OP.
  • a user information disclosure device 50 will be newly introduced as a "user information disclosure function" in the communication system, enabling the execution of the user information termination point function of the OIDC OP.
  • OIDC user information is sent from an OIDC OP to an OIDC RP (Relying Party).
  • the user information is information that characterizes each user's identifier (i.e., for each of the multiple identifiers per one SUPI (Subscription Permanent Identifier)).
  • SUPI Subscribescription Permanent Identifier
  • the user information is not limited to this, and user information independent of the identifier may also be used.
  • the user information is one or more or all of the following: static information, dynamic information, and a URI for obtaining dynamic information.
  • user information including these three is used.
  • the user information disclosure device 50 needs to acquire (generate) the user information to be disclosed. Any method may be used to acquire the user information, but in this embodiment, the UDR (corresponding to the data storage device 70 described later) stores the information necessary for the user information disclosure device 50 to generate the user information.
  • the UDR corresponding to the data storage device 70 described later
  • the following information (1) to (3) is stored in the relevant area of the UDR by offline input or by using Nnef_UserInfoProvision.
  • the user information disclosure device 50 can, for example, use SUPI to access the UDM (corresponding to the data management device 80 described later), obtain information indicating the user's current status (e.g., AMF registration information, etc.), and include that information (or a part of that information) in the user information as dynamic information.
  • FIG. 4 shows an example of the configuration of a communication system in the first embodiment.
  • the configuration shown in Fig. 4 is basically also applied to the second and third embodiments.
  • the communication system in this embodiment has a terminal 20 (user terminal 20), a CAPIF core device 30, an authorization device 40, a user information disclosure device 50, an application server 60, an information server 65, a data storage device 70, a data management device 80, and a NEF 90.
  • each device can communicate with at least other devices connected by the lines shown in the figure.
  • the data storage device 70 corresponds to UDR and the data management device 80 corresponds to UDM, but this is not limited to this.
  • the "data storage device 70 and the data management device 80" may be configured as one device (which may be called a data storage device).
  • the "CAPIF core device 30 and the authorization device 40" may be one device. This one device may be called a core device, an authorization device, or a network node device.
  • the terminal 20 has a browser, and that the device communicating with the terminal 20 has a web server function, and the terminal 20 transmits information to other devices as HTTP requests and receives information from other devices as HTTP responses.
  • this assumption is merely an example, and the present invention is not limited to this assumption.
  • communication between the application server 60 and the authorization device 40 is performed by redirection via the terminal (browser), but this is just one example. Communication may also be performed directly between the application server 60 and the authorization device 40.
  • the terminal 20 transmits a user information addition request to the NEF 90.
  • the user information addition request is, for example, a Nnef_UserInfoProvision request.
  • the user information addition request here is assumed to include the following information:
  • the above information is for adding the above user information having the identifier a2.
  • the application server 60 sends an authentication request to the authorization device 40 via the browser of the terminal 20 (by redirection).
  • the authorization device 40 authenticates the terminal 20 (or the user) via the browser in the terminal 20 or a mechanism in the 5GS, and obtains authorization from the user for "the application server 60 to access the user information.”
  • an input screen is displayed by the browser on the terminal 20, and the user inputs information from the input screen indicating authorization for "the application server 60 to access the user information.”
  • Information indicating that authorization has been granted is sent to the authorization device 40.
  • Authorization may be authorization from the user for "application server 60 to use a specific API," or authorization for a specific process of application server 60 other than the above.
  • the content of “authorization” is the same in the second and third embodiments.
  • the authorization device 40 sends an authorization code to the application server 60 via the browser in the terminal 20, indicating that the user has authorized access to the user information.
  • the application server 60 presents (sends) an authorization code to the CAPIF core device 30.
  • the CAPIF core device 30 accesses the authorization device 40 and obtains information related to authentication (e.g., the time when authentication was performed and the authentication method).
  • the CAPIF core device 30 In S110, the CAPIF core device 30 generates an ID token based on the information obtained from the authorization device 40. The CAPIF core device 30 also generates an access token.
  • the CAPIF core device 30 transmits an ID token and an access token to the application server 60.
  • the application server 60 transmits a user information request to the user information disclosure device 50.
  • the access confirmation URI and the RAT confirmation URI are both URIs in the information server 65.
  • the information server 65 may be the data management device 80, in which case the access confirmation URI and the RAT confirmation URI may be URIs disclosed by the NEF 90.
  • the technology according to the first embodiment described above makes it possible to realize OIDC in 5GS.
  • dynamic information can be handled as user information in OIDC, the service can be flexibly adapted to the situation of the terminal 20.
  • information on currently used access and information on currently used RAT are acquired as dynamic information acquired by the communication system, but these are merely examples and are not limiting.
  • location information of the terminal 20 is acquired as dynamic information by utilizing a positioning mechanism in the communication system.
  • OIDC specification OpenID Connect Core 1.0 incorporating errata set 1 states the following.
  • the authorization server below corresponds to authorization device 40.
  • “none” may be rephrased as “none”.
  • the authorization server MUST attempt to authenticate the end-user if: - The end user has not yet been authenticated.
  • the authentication request contains a prompt parameter with the value "login".
  • the authorization server must re-authenticate the end user even if the end user has already been authenticated.
  • the authorization server must not interact with the end user in the following cases:
  • the authentication request contains a prompt parameter with the value "none". In this case, if the end user is not already authenticated or cannot be silently authenticated, the authorization server MUST return an error." In the authorization device 40, it is important to appropriately process the case where "the authentication request includes a prompt parameter having a value "none"" in order to make the user feel that the transition between applications is smooth.
  • the authorization device 40 when the authorization device 40 receives a promptless authentication request, the authorization device 40 confirms that the terminal 20 (or the user, or both the terminal 20 and the user) are authenticated based on the 5GS authentication result/FIDO authentication result. Furthermore, the authorization device 40 confirms whether automatic login is permitted for the terminal 20 (user). If these confirmations are made, the authorization device 40 issues an authorization code to the application server 60.
  • the terminal 20 registers information on the terminal authenticator capabilities (such as FIDO) in the data management device 80 during the registration procedure for registering with the communication system (here, 5GS).
  • FIDO is an abbreviation for Fast Identity Online.
  • FIDO authentication can achieve high security by performing identity authentication (such as biometric authentication) in the local environment of the terminal 20 and authentication using a public key authentication method.
  • the authorization device 40 executes the following processes in the authentication stage and the login authorization stage. Note that the condition for the case where the user (terminal 20) has not yet been authenticated (at the application layer) may not be used.
  • the authorization device 40 first confirms the presence of AMF registration information in the data management device 80.
  • the fact that the AMF registration information of the terminal 20 is stored in the data management device 80 means that the terminal 20 has been authenticated in the communication system (authentication has been successful).
  • the authorization device 40 performs the following (i) and (ii) to confirm the result of the authentication (e.g., biometric authentication) performed between the user and the terminal 20.
  • the authentication e.g., biometric authentication
  • the FIDO server is accessed, and if storage information indicating that the terminal 20 has been authenticated is stored, it is determined that the terminal 20 (and the user) has been authenticated.
  • the authorization device 40 confirms that the subscriber information of the data management device 80 includes information indicating that automatic login is permitted.
  • the authorization device 40 After the above-mentioned checks at the authentication stage and login authorization stage, the authorization device 40 transmits an authorization code to the application server 60 without re-authentication at the application layer. Note that, of the checks at the authentication stage and login authorization stage, the check at the login authorization stage may not be performed.
  • the authorization device 40 may determine that the terminal 20 (or the user) has not been authenticated and may not issue an authorization code.
  • the terminal 20 includes information on the terminal authenticator capability in a registration request.
  • the AMF includes the terminal authenticator capability information when registering the terminal 20 with the data management device 80. That is, the terminal registration process causes the terminal authenticator capability information for the terminal 20 to be stored in the data management device 80. It is assumed that if the terminal 20 has terminal authenticator capability, FIDO authentication is possible in the terminal 20, and if it does not have terminal authenticator capability, FIDO authentication in the terminal 20 cannot be performed.
  • the FIDO server 100 may be a network node device in the communication system or a device outside the communication system.
  • the FIDO server 100 may be called an authentication server.
  • the application server 60 sends an authentication request to the authorization device 40 via the browser of the terminal 20.
  • the authentication request includes the following parameters:
  • (A) client_id parameter The value is the identifier of the application server 60.
  • login_hint parameter The value is the user's email address.
  • the above “user email address” is used as identification information for the terminal 20 (or the user) as described below.
  • the “user email address” is an example, and information other than the “user email address” may be used.
  • the authorization device 40 accesses the FIDO server 100 and obtains information indicating that authenticated storage information exists for the terminal 20. If there is no authenticated storage information, for example, an error is returned to the application server 60.
  • the authorization device 40 sends an authorization code to the application server 60 without performing authentication at the application layer.
  • Authentication at the application layer is, for example, the authentication and authorization process of S104 described in the first embodiment.
  • the subsequent processes are the same as those from S107 in the first embodiment.
  • Avatars do not behave freely, but rather act while obtaining permission from people as appropriate.
  • the mechanism by which avatars obtain authorization for actions from people is provided by OAuth 2.0 for API access.
  • OAuth 2.0 for API access.
  • conventional technology does not have such a mechanism for logging in to other applications or providing ID information.
  • OIDC conventional technology does not allow people who give permission to avatars to be involved in the related flows.
  • the authorization device 40 transmits an authorization code to the application server 60 after obtaining confirmation from both the avatar and the person.
  • the person is referred to as the "first terminal 20A” and the avatar is referred to as the "second terminal 20B.”
  • the "first terminal 20A” is assumed to be a physical terminal such as a smartphone used by a user (person).
  • the “second terminal 20B” may be a physical terminal used by an avatar (software), or it may be software (virtual terminal) on a computer (which may be a server or a terminal).
  • the user of the second terminal 20B in the third embodiment is not limited to an avatar.
  • Both the "first terminal 20A” and the “second terminal 20B” may be used by human users.
  • the "first terminal 20A” may be used by a parent
  • the "second terminal 20B” may be used by a child.
  • the first terminal 20A subscribes to Web push notifications from the authorization device 40 in advance.
  • the first terminal 20A is enabled to receive Web push notifications from the authorization device 40 when an authentication request for the second terminal 20B is triggered.
  • the authorization device 40 When the authorization device 40 receives an authentication request from the application server 60 via the second terminal 20B, it transmits an authentication and authorization request (which may also be called an authentication request or an authorization request) to both the second terminal 20B and the first terminal 20A.
  • the authorization device 40 transmits the authentication and authorization request to the first terminal 20A by a Web push notification.
  • the authorization device 40 authenticates both the second terminal 20B and the first terminal 20A, and if authorization is obtained from both, it sends an authorization code for access from the second terminal 20B to the application server 60.
  • the application server 60 sends an authentication request to the authorization device 40 via the browser of the second terminal 20B.
  • the authentication request includes the following parameters:
  • - login_hint parameter The value is the email address of the second terminal 20B.
  • the above “email address” is used as identification information for the second terminal 20B, as described below.
  • the "email address” is an example, and information other than the "email address” may be used.
  • the authorization device 40 performs authentication and authorization processing with the second terminal 20B. That is, the authorization device 40 transmits an authentication and authorization request to the second terminal 20B.
  • the authentication and authorization processing based on the authentication and authorization request is the same as the authentication and authorization processing between the terminal 20 and the authorization device 40 in the first embodiment.
  • the authorization device 40 sends an authentication and authorization request to the first terminal 20A by Web push.
  • the process based on this authentication and authorization request is the same as the authentication and authorization process between the terminal 20 and the authorization device 40 in the first embodiment.
  • the authorization device 40 obtains confirmation of authentication authorization (information indicating that authorization has been obtained) from both the first terminal 20A and the second terminal 20B.
  • the authorization device 40 having obtained authorization from both the first terminal 20A and the second terminal 20B, decides to send an authorization code to the application server 60, and performs the transmission. Specifically, the authorization device 40 returns an HTTP response including the authorization code and the redirection endpoint of the RP to the second terminal 20B. An empty HTTP response is returned to the first terminal 20A.
  • the OIDC procedure for the second terminal 20B continues in the same manner as the processing from S106 onwards in the first embodiment.
  • steps S309 to S310 if the authorization device 40 does not receive confirmation of authentication and authorization from at least one of the first terminal 20A and the second terminal 20B, the authorization device 40 does not send an authorization code to the application server 60.
  • authorization refers to, for example, authorizing the application server 60 to access user information of the user (e.g., avatar) of the second terminal 20B, as in the first embodiment.
  • authorization may be authorization for a process other than authorizing access to user information.
  • a terminal in a mechanism for ID federation, can be involved in the operation of another terminal. Therefore, for example, in the OIDC procedure, it is possible to prevent an avatar from acting freely.
  • Fig. 10 is a diagram showing an example of the functional configuration of the authorization device 40.
  • the authorization device 40 has a transmitting unit 110, a receiving unit 120, a setting unit 130, and a control unit 140.
  • the functional configuration shown in Fig. 10 is merely an example. As long as the operation related to the embodiment of the present invention can be performed, the names of the functional divisions and functional units may be any.
  • Each network node device shown in Fig. 4 also has the configuration shown in Fig. 10.
  • the transmitting unit 110 generates information to be transmitted to the terminal 20 or other network node devices, and transmits the information by wire or wirelessly.
  • the receiving unit 120 receives various types of information transmitted from the terminal 20 or other network node devices.
  • the setting unit 130 stores various setting information in a storage device and reads it from the storage device as needed.
  • the control unit 140 controls the entire device.
  • the functional units in the control unit 140 related to information transmission may be included in the transmitting unit 110, and the functional units in the control unit 140 related to information reception may be included in the receiving unit 120.
  • Fig. 11 is a diagram showing an example of the functional configuration of the user information disclosure device 50.
  • the user information disclosure device 50 has a transmitting unit 210, a receiving unit 220, a setting unit 230, and a control unit 240.
  • the functional configuration shown in Fig. 11 is merely an example.
  • the names of the functional divisions and functional units may be any as long as the operations related to the embodiment of the present invention can be performed.
  • the transmitting unit 210 generates information to be transmitted to the terminal 20 or other network node devices, and transmits the information by wire or wirelessly.
  • the receiving unit 220 receives various types of information transmitted from the terminal 20 or other network node devices.
  • the setting unit 230 stores various setting information in a storage device and reads it from the storage device as needed.
  • the control unit 240 controls the entire device.
  • the functional units in the control unit 240 related to information transmission may be included in the transmission unit 210, and the functional units in the control unit 240 related to information reception may be included in the reception unit 220.
  • This embodiment discloses at least the following Supplementary Notes 1 to 3.
  • ⁇ Appendix 1> (Additional Note 1) a receiving unit for receiving a user information request including a user identifier from an application server authorized to perform a specific process; a control unit that acquires information corresponding to the user identifier from a data storage device in the communication system; A user information disclosure device comprising: a transmission unit that transmits user information created based on the information to the application server. (Additional Note 2) The user information disclosure device according to claim 1, wherein the user information transmitted to the application server includes information of an access destination for monitoring a status of a terminal corresponding to the user identifier. (Additional Note 3) 3.
  • the user information disclosure device according to claim 1, wherein the control unit acquires dynamic information of the terminal from a data management device that manages the dynamic information, and includes the dynamic information in the user information.
  • the user information disclosure device described in Appendix 3 wherein when the control unit detects that specific information is included in the information obtained from the data storage device, the control unit accesses the data management device and obtains the dynamic information.
  • a communication system comprising: a user information disclosure device according to any one of claims 1 to 4; and an authorization device that executes a process for authorization of the specific process for the application server.
  • Supplementary Items 1 to 6 provide technology that makes it possible to provide dynamic information to an application server within a mechanism for ID federation.
  • the application server can continue to obtain dynamic information about the user even after the user logs in.
  • the application server can obtain dynamic information about the user when the user logs in.
  • dynamic information can be obtained only when necessary.
  • ⁇ Appendix 2> a receiving unit that receives an authentication request from an application server accessed by a terminal; a control unit that, when a specific parameter is included in the authentication request, checks whether specific registration information related to the terminal is stored in a network node device of a communication system used by the terminal, and determines whether the terminal is authenticated based on the check result; a transmission unit that transmits an authorization code to the application server when the control unit determines that the terminal is at least authenticated.
  • the control unit Confirming whether the terminal has terminal authenticator capability using the specific registration information; 2.
  • the authorization device determines that the terminal has been authenticated if the terminal has the terminal authentication capability and an authentication server stores information indicating that the terminal has been authenticated.
  • the control unit confirms whether or not automatic login is permitted based on subscriber information of the user of the terminal stored in the network node device; 3.
  • the transmission unit transmits the authorization code to the application server.
  • the specific parameter is a prompt parameter having a value of none.
  • a communication system comprising: an authorization device according to any one of claims 1 to 4; and a user information disclosure device configured to transmit user information to the application server that has received the authorization code from the authorization device.
  • (Additional Note 6) receiving an authentication request from an application server accessed by the terminal; When a specific parameter is included in the authentication request, checking whether or not specific registration information related to the terminal is stored in a network node device of a communication system used by the terminal, and judging whether or not the terminal is authenticated based on the checking result; and transmitting an authorization code to the application server when it is determined that the terminal is authenticated.
  • Supplementary Items 1 to 6 provide a technique for performing appropriate processing when an authorization device receives an authentication request that includes specific parameters.
  • Supplementary Item 2 makes it possible to perform appropriate processing depending on whether or not the terminal authentication device has capabilities.
  • Supplementary Item 3 makes it possible to perform appropriate processing depending on whether or not automatic login is permitted.
  • Supplementary Item 4 makes it possible to determine specific parameters.
  • a receiving unit that receives, after receiving a notification request including identification information from a first terminal, an authentication request related to the second terminal from an application server accessed by the second terminal; a transmission unit that transmits an authentication and authorization request to the first terminal and transmits an authentication and authorization request to the second terminal based on the notification request; and a control unit that, when authorization is obtained from both the first terminal and the second terminal, determines to transmit, to the application server, an authorization code indicating that a specific process is authorized.
  • the control unit acquires identification information of the second terminal from a network node device based on parameters included in the authentication request, and determines that the notification request is a notification request related to the second terminal based on the identification information.
  • a communication system comprising: an authorization device according to any one of claims 1 to 3; and a user information disclosure device configured to transmit user information to the application server that has received the authorization code from the authorization device.
  • Supplementary Items 1 to 5 provide technology that allows one terminal to be involved in the operation of another terminal within a mechanism for ID linking.
  • Supplementary Item 2 allows notification requests to be processed appropriately.
  • Supplementary Item 3 uses Web push notifications, enabling rapid notifications.
  • each functional block may be realized using one device that is physically or logically coupled, or may be realized using two or more devices that are physically or logically separated and directly or indirectly connected (for example, using wires, wirelessly, etc.) and these multiple devices.
  • the functional blocks may be realized by combining the one device or the multiple devices with software.
  • Functions include, but are not limited to, judgement, determination, judgment, calculation, computation, processing, derivation, investigation, search, confirmation, reception, transmission, output, access, resolution, selection, election, establishment, comparison, assumption, expectation, regard, broadcasting, notifying, communicating, forwarding, configuring, reconfiguring, allocating, mapping, and assignment.
  • a functional block (component) that performs the transmission function is called a transmitting unit or transmitter.
  • the base station 10, the terminal 20, etc. in one embodiment of the present disclosure may function as a computer that performs processing of the wireless communication method of the present disclosure.
  • FIG. 12 is a diagram showing an example of the hardware configuration of the authorization device 40 and the user information disclosure device 50 in one embodiment of the present disclosure.
  • the authorization device 40 and the user information disclosure device 50 described above may be physically configured as a computer device including a processor 1001, a storage device 1002, an auxiliary storage device 1003, a communication device 1004, an input device 1005, an output device 1006, a bus 1007, etc.
  • the network node devices other than the authorization device 40 and the user information disclosure device 50 also have the configuration shown in FIG. 12.
  • the term "apparatus" can be interpreted as a circuit, device, unit, etc.
  • the hardware configuration of the base station 10 and the terminal 20 may be configured to include one or more of the devices shown in the figure, or may be configured to exclude some of the devices.
  • the functions of the authorization device 40 and the user information disclosure device 50 are realized by loading specific software (programs) onto hardware such as the processor 1001 and the storage device 1002, causing the processor 1001 to perform calculations, control communications via the communication device 1004, and control at least one of the reading and writing of data in the storage device 1002 and the auxiliary storage device 1003.
  • the processor 1001 for example, operates an operating system to control the entire computer.
  • the processor 1001 may be configured as a central processing unit (CPU) including an interface with peripheral devices, a control device, an arithmetic unit, registers, etc.
  • CPU central processing unit
  • control unit 140, control unit 240, etc. may be realized by the processor 1001.
  • the processor 1001 reads out a program (program code), a software module, or data, etc., from at least one of the auxiliary storage device 1003 and the communication device 1004 to the storage device 1002, and executes various processes according to the program.
  • the program is a program that causes a computer to execute at least a part of the operations described in the above-mentioned embodiment.
  • the control unit 140 of the authorization device 40 shown in FIG. 10 may be stored in the storage device 1002 and realized by a control program that runs on the processor 1001.
  • the control unit 240 of the user information disclosure device 50 shown in FIG. 11 may be stored in the storage device 1002 and realized by a control program that runs on the processor 1001.
  • the processor 1001 may be implemented by one or more chips.
  • the program may be transmitted from a network via a telecommunication line.
  • the storage device 1002 is a computer-readable recording medium and may be composed of, for example, at least one of a ROM (Read Only Memory), an EPROM (Erasable Programmable ROM), an EEPROM (Electrically Erasable Programmable ROM), a RAM (Random Access Memory), etc.
  • the storage device 1002 may also be called a register, a cache, a main memory, etc.
  • the storage device 1002 can store executable programs (program codes), software modules, etc. for implementing a communication method relating to one embodiment of the present disclosure.
  • the auxiliary storage device 1003 is a computer-readable recording medium, and may be, for example, at least one of an optical disk such as a CD-ROM (Compact Disc ROM), a hard disk drive, a flexible disk, a magneto-optical disk (e.g., a compact disk, a digital versatile disk, a Blu-ray (registered trademark) disk), a smart card, a flash memory (e.g., a card, a stick, a key drive), a floppy (registered trademark) disk, a magnetic strip, etc.
  • the above-mentioned storage medium may be, for example, a database, a server, or other suitable medium that includes at least one of the storage device 1002 and the auxiliary storage device 1003.
  • the communication device 1004 is hardware (transmitting/receiving device) for communicating between computers via at least one of a wired network and a wireless network, and is also referred to as, for example, a network device, a network controller, a network card, a communication module, etc.
  • the communication device 1004 may be configured to include a high-frequency switch, a duplexer, a filter, a frequency synthesizer, etc., to realize at least one of, for example, Frequency Division Duplex (FDD) and Time Division Duplex (TDD).
  • FDD Frequency Division Duplex
  • TDD Time Division Duplex
  • the transmitting/receiving antenna, an amplifier unit, a transmitting/receiving unit, a transmission path interface, etc. may be realized by the communication device 1004.
  • the transmitting/receiving unit may be implemented as a transmitting unit or a receiving unit that is physically or logically separated.
  • the input device 1005 is an input device (e.g., a keyboard, a mouse, a microphone, a switch, a button, a sensor, etc.) that accepts input from the outside.
  • the output device 1006 is an output device (e.g., a display, a speaker, an LED lamp, etc.) that performs output to the outside. Note that the input device 1005 and the output device 1006 may be integrated into one structure (e.g., a touch panel).
  • each device such as the processor 1001 and the storage device 1002 is connected by a bus 1007 for communicating information.
  • the bus 1007 may be configured using a single bus, or may be configured using different buses between each device.
  • the authorization device 40 and the user information disclosure device 50 may be configured to include hardware such as a microprocessor, a digital signal processor (DSP: Digital Signal Processor), an ASIC (Application Specific Integrated Circuit), a PLD (Programmable Logic Device), or an FPGA (Field Programmable Gate Array), and some or all of the functional blocks may be realized by the hardware.
  • DSP Digital Signal Processor
  • ASIC Application Specific Integrated Circuit
  • PLD Physical Location Deposition
  • FPGA Field Programmable Gate Array
  • the processor 1001 may be implemented using at least one of these pieces of hardware.
  • the authorization device 40 or the user information disclosure device 50 may be provided in the vehicle 2001.
  • FIG. 13 shows an example of the configuration of the vehicle 2001.
  • the vehicle 2001 includes a drive unit 2002, a steering unit 2003, an accelerator pedal 2004, a brake pedal 2005, a shift lever 2006, front wheels 2007, rear wheels 2008, an axle 2009, an electronic control unit 2010, various sensors 2021 to 2029, an information service unit 2012, and a communication module 2013.
  • the authorization device 40 or the user information disclosure device 50 according to each aspect/embodiment described in this disclosure may be applied to a communication device mounted on the vehicle 2001, for example, to the communication module 2013.
  • the drive unit 2002 is composed of, for example, an engine, a motor, or a hybrid of an engine and a motor.
  • the steering unit 2003 includes at least a steering wheel (also called a handlebar), and is configured to steer at least one of the front wheels and the rear wheels based on the operation of the steering wheel operated by the user.
  • the electronic control unit 2010 is composed of a microprocessor 2031, memory (ROM, RAM) 2032, and a communication port (IO port) 2033. Signals are input to the electronic control unit 2010 from various sensors 2021 to 2029 provided in the vehicle 2001.
  • the electronic control unit 2010 may also be called an ECU (Electronic Control Unit).
  • Signals from the various sensors 2021-2029 include a current signal from a current sensor 2021 that senses the motor current, a front and rear wheel rotation speed signal obtained by a rotation speed sensor 2022, a front and rear wheel air pressure signal obtained by an air pressure sensor 2023, a vehicle speed signal obtained by a vehicle speed sensor 2024, an acceleration signal obtained by an acceleration sensor 2025, an accelerator pedal depression amount signal obtained by an accelerator pedal sensor 2029, a brake pedal depression amount signal obtained by a brake pedal sensor 2026, a shift lever operation signal obtained by a shift lever sensor 2027, and a detection signal for detecting obstacles, vehicles, pedestrians, etc. obtained by an object detection sensor 2028.
  • the information service unit 2012 is composed of various devices, such as a car navigation system, an audio system, speakers, a television, and a radio, for providing (outputting) various information such as driving information, traffic information, and entertainment information, and one or more ECUs for controlling these devices.
  • the information service unit 2012 uses information acquired from an external device via the communication module 2013 or the like to provide various multimedia information and multimedia services to the occupants of the vehicle 2001.
  • the information service unit 2012 may include input devices (e.g., a keyboard, a mouse, a microphone, a switch, a button, a sensor, a touch panel, etc.) that accept input from the outside, and may also include output devices (e.g., a display, a speaker, an LED lamp, a touch panel, etc.) that perform output to the outside.
  • input devices e.g., a keyboard, a mouse, a microphone, a switch, a button, a sensor, a touch panel, etc.
  • output devices e.g., a display, a speaker, an LED lamp, a touch panel, etc.
  • the driving assistance system unit 2030 is composed of various devices that provide functions for preventing accidents and reducing the driving burden on the driver, such as a millimeter wave radar, LiDAR (Light Detection and Ranging), a camera, a positioning locator (e.g., GNSS, etc.), map information (e.g., high definition (HD) maps, autonomous vehicle (AV) maps, etc.), a gyro system (e.g., IMU (Inertial Measurement Unit), INS (Inertial Navigation System), etc.), AI (Artificial Intelligence) chip, and AI processor, as well as one or more ECUs that control these devices.
  • the driving assistance system unit 2030 transmits and receives various information via the communication module 2013 to realize driving assistance functions or autonomous driving functions.
  • the communication module 2013 can communicate with the microprocessor 2031 and components of the vehicle 2001 via the communication port.
  • the communication module 2013 transmits and receives data via the communication port 2033 between the drive unit 2002, steering unit 2003, accelerator pedal 2004, brake pedal 2005, shift lever 2006, front wheels 2007, rear wheels 2008, axle 2009, microprocessor 2031 and memory (ROM, RAM) 2032 in the electronic control unit 2010, and sensors 2021 to 29, which are provided on the vehicle 2001.
  • the communication module 2013 is a communication device that can be controlled by the microprocessor 2031 of the electronic control unit 2010 and can communicate with an external device. For example, it transmits and receives various information to and from the external device via wireless communication.
  • the communication module 2013 may be located either inside or outside the electronic control unit 2010.
  • the external device may be, for example, a base station, a mobile station, etc.
  • the communication module 2013 may transmit at least one of the signals from the various sensors 2021-2028 described above input to the electronic control unit 2010, information obtained based on the signals, and information based on input from the outside (user) obtained via the information service unit 2012 to an external device via wireless communication.
  • the electronic control unit 2010, the various sensors 2021-2028, the information service unit 2012, etc. may be referred to as input units that accept input.
  • the PUSCH transmitted by the communication module 2013 may include information based on the above input.
  • the communication module 2013 receives various information (traffic information, signal information, vehicle distance information, etc.) transmitted from an external device and displays it on the information service unit 2012 provided in the vehicle 2001.
  • the information service unit 2012 may be called an output unit that outputs information (for example, outputs information to a device such as a display or speaker based on the PDSCH (or data/information decoded from the PDSCH) received by the communication module 2013).
  • the communication module 2013 also stores various information received from an external device in a memory 2032 that can be used by the microprocessor 2031.
  • the microprocessor 2031 may control the drive unit 2002, steering unit 2003, accelerator pedal 2004, brake pedal 2005, shift lever 2006, front wheels 2007, rear wheels 2008, axles 2009, sensors 2021 to 2029, etc. provided in the vehicle 2001.
  • the operations of multiple functional units may be physically performed by one part, or the operations of one functional unit may be physically performed by multiple parts.
  • the order of the processing procedures described in the embodiment may be changed as long as there is no contradiction.
  • the authorization device 40 and the user information disclosure device 50 have been described using functional block diagrams, but such devices may be realized by hardware, software, or a combination thereof.
  • the software operated by the processor possessed by the base station 10 in accordance with an embodiment of the present invention and the software operated by the processor possessed by the terminal 20 in accordance with an embodiment of the present invention may each be stored in random access memory (RAM), flash memory, read only memory (ROM), EPROM, EEPROM, register, hard disk (HDD), removable disk, CD-ROM, database, server or any other suitable storage medium.
  • the notification of information is not limited to the aspects/embodiments described in the present disclosure and may be performed using other methods.
  • the notification of information may be performed by physical layer signaling (e.g., Downlink Control Information (DCI), Uplink Control Information (UCI)), higher layer signaling (e.g., Radio Resource Control (RRC) signaling, Medium Access Control (MAC) signaling), broadcast information (Master Information Block (MIB), System Information Block (SIB)), other signals, or a combination of these.
  • RRC signaling may be referred to as an RRC message, and may be, for example, an RRC Connection Setup message, an RRC Connection Reconfiguration message, etc.
  • Each aspect/embodiment described in this disclosure may be a mobile communication system (mobile communications system) for mobile communications over a wide range of networks, including LTE (Long Term Evolution), LTE-A (LTE-Advanced), SUPER 3G, IMT-Advanced, 4G (4th generation mobile communication system), 5G (5th generation mobile communication system), 6th generation mobile communication system (6G), xth generation mobile communication system (xG) (xG (x is, for example, an integer or a decimal number)), FRA (Future Ra).
  • the present invention may be applied to at least one of systems using IEEE 802.11 (Wi-Fi (registered trademark)), IEEE 802.16 (WiMAX (registered trademark)), IEEE 802.20, UWB (Ultra-WideBand), Bluetooth (registered trademark), and other appropriate systems, and next-generation systems that are expanded, modified, created, or defined based on these. It may also be applied to a combination of multiple systems (for example, a combination of at least one
  • certain operations that are described as being performed by the base station 10 may in some cases be performed by its upper node.
  • various operations performed for communication with a terminal 20 may be performed by at least one of the base station 10 and other network nodes other than the base station 10 (such as, but not limited to, an MME or S-GW).
  • the base station 10 may be a combination of multiple other network nodes (such as an MME and an S-GW).
  • the information or signals described in this disclosure may be output from a higher layer (or a lower layer) to a lower layer (or a higher layer). They may be input and output via multiple network nodes.
  • the input and output information may be stored in a specific location (e.g., memory) or may be managed using a management table.
  • the input and output information may be overwritten, updated, or added to.
  • the output information may be deleted.
  • the input information may be sent to another device.
  • the determination in this disclosure may be based on a value represented by one bit (0 or 1), a Boolean (true or false) value, or a comparison of numerical values (e.g., a comparison with a predetermined value).
  • Software shall be construed broadly to mean instructions, instruction sets, code, code segments, program code, programs, subprograms, software modules, applications, software applications, software packages, routines, subroutines, objects, executable files, threads of execution, procedures, functions, etc., whether referred to as software, firmware, middleware, microcode, hardware description language, or otherwise.
  • Software, instructions, information, etc. may also be transmitted and received via a transmission medium.
  • a transmission medium For example, if the software is transmitted from a website, server, or other remote source using at least one of wired technologies (such as coaxial cable, fiber optic cable, twisted pair, Digital Subscriber Line (DSL)), and/or wireless technologies (such as infrared, microwave), then at least one of these wired and wireless technologies is included within the definition of a transmission medium.
  • wired technologies such as coaxial cable, fiber optic cable, twisted pair, Digital Subscriber Line (DSL)
  • wireless technologies such as infrared, microwave
  • the information, signals, etc. described in this disclosure may be represented using any of a variety of different technologies.
  • the data, instructions, commands, information, signals, bits, symbols, chips, etc. that may be referred to throughout the above description may be represented by voltages, currents, electromagnetic waves, magnetic fields or magnetic particles, optical fields or photons, or any combination thereof.
  • the channel and the symbol may be a signal (signaling).
  • the signal may be a message.
  • the component carrier (CC) may be called a carrier frequency, a cell, a frequency carrier, etc.
  • system and “network” are used interchangeably.
  • a radio resource may be indicated by an index.
  • the names used for the above-mentioned parameters are not limiting in any respect. Furthermore, the formulas etc. using these parameters may differ from those explicitly disclosed in this disclosure.
  • the various channels (e.g., PUCCH, PDCCH, etc.) and information elements may be identified by any suitable names, and therefore the various names assigned to these various channels and information elements are not limiting in any respect.
  • base station BS
  • radio base station base station
  • base station fixed station
  • NodeB eNodeB
  • gNodeB gNodeB
  • access point e.g., "transmission point”
  • gNodeB gNodeB
  • a base station may also be referred to by terms such as macrocell, small cell, femtocell, and picocell.
  • a base station can accommodate one or more (e.g., three) cells.
  • a base station accommodates multiple cells, the entire coverage area of the base station can be divided into multiple smaller areas, and each smaller area can also provide communication services by a base station subsystem (e.g., a small indoor base station (RRH: Remote Radio Head)).
  • RRH Remote Radio Head
  • the term "cell” or “sector” refers to a part or the entire coverage area of at least one of the base station and base station subsystems that provide communication services in this coverage.
  • a base station transmitting information to a terminal may be interpreted as the base station instructing the terminal to control or operate based on the information.
  • MS Mobile Station
  • UE User Equipment
  • a mobile station may also be referred to by those skilled in the art as a subscriber station, mobile unit, subscriber unit, wireless unit, remote unit, mobile device, wireless device, wireless communication device, remote device, mobile subscriber station, access terminal, mobile terminal, wireless terminal, remote terminal, handset, user agent, mobile client, client, or some other suitable terminology.
  • At least one of the base station and the mobile station may be called a transmitting device, a receiving device, a communication device, etc.
  • At least one of the base station and the mobile station may be a device mounted on a moving object, the moving object itself, etc.
  • the moving object is a movable object, and the moving speed is arbitrary. It also includes the case where the moving object is stopped.
  • the moving object includes, but is not limited to, for example, a vehicle, a transport vehicle, an automobile, a motorcycle, a bicycle, a connected car, an excavator, a bulldozer, a wheel loader, a dump truck, a forklift, a train, a bus, a handcar, a rickshaw, a ship and other watercraft, an airplane, a rocket, an artificial satellite, a drone (registered trademark), a multicopter, a quadcopter, a balloon, and objects mounted thereon.
  • the moving object may also be a moving object that travels autonomously based on an operation command.
  • At least one of the base station and the mobile station may be a device that does not necessarily move during communication operations.
  • at least one of the base station and the mobile station may be an IoT (Internet of Things) device such as a sensor.
  • IoT Internet of Things
  • the base station in the present disclosure may be read as a terminal.
  • each aspect/embodiment of the present disclosure may be applied to a configuration in which communication between a base station and a terminal is replaced with communication between multiple terminals 20 (which may be called, for example, D2D (Device-to-Device) or V2X (Vehicle-to-Everything)).
  • the terminal 20 may be configured to have the functions of the base station 10 described above.
  • terms such as "uplink” and "downlink” may be read as terms corresponding to communication between terminals (for example, "side”).
  • the uplink channel, downlink channel, etc. may be read as a side channel.
  • the terminal in this disclosure may be interpreted as a base station.
  • the base station may be configured to have the functions of the terminal described above.
  • determining may encompass a wide variety of actions.
  • Determining and “determining” may include, for example, judging, calculating, computing, processing, deriving, investigating, looking up, search, inquiry (e.g., searching in a table, database, or other data structure), and considering ascertaining as “judging” or “determining.”
  • determining and “determining” may include receiving (e.g., receiving information), transmitting (e.g., sending information), input, output, accessing (e.g., accessing data in memory), and considering ascertaining as “judging” or “determining.”
  • judgment” and “decision” can include considering resolving, selecting, choosing, establishing, comparing, etc., to have been “judged” or “decided.” In other words, “judgment” and “decision” can include considering some action to have been “judged” or “decided.” Additionally, “judgment (decision)” can be interpreted as “assuming,” “ex
  • connection refers to any direct or indirect connection or coupling between two or more elements, and may include the presence of one or more intermediate elements between two elements that are “connected” or “coupled” to each other.
  • the coupling or connection between elements may be physical, logical, or a combination thereof.
  • “connected” may be read as "access.”
  • two elements may be considered to be “connected” or “coupled” to each other using at least one of one or more wires, cables, and printed electrical connections, as well as electromagnetic energy having wavelengths in the radio frequency range, microwave range, and optical (both visible and invisible) range, as some non-limiting and non-exhaustive examples.
  • the reference signal may also be abbreviated as RS (Reference Signal) or may be called a pilot depending on the applicable standard.
  • the phrase “based on” does not mean “based only on,” unless expressly stated otherwise. In other words, the phrase “based on” means both “based only on” and “based at least on.”
  • any reference to an element using a designation such as "first,” “second,” etc., used in this disclosure does not generally limit the quantity or order of those elements. These designations may be used in this disclosure as a convenient method of distinguishing between two or more elements. Thus, a reference to a first and a second element does not imply that only two elements may be employed or that the first element must precede the second element in some way.
  • a radio frame may be composed of one or more frames in the time domain. Each of the one or more frames in the time domain may be called a subframe. A subframe may further be composed of one or more slots in the time domain. A subframe may have a fixed time length (e.g., 1 ms) that is independent of numerology.
  • Numerology may be a communication parameter that applies to at least one of the transmission and reception of a signal or channel. Numerology may indicate, for example, at least one of the following: subcarrier spacing (SCS), bandwidth, symbol length, cyclic prefix length, transmission time interval (TTI), number of symbols per TTI, radio frame structure, a specific filtering process performed by the transceiver in the frequency domain, a specific windowing process performed by the transceiver in the time domain, etc.
  • SCS subcarrier spacing
  • TTI transmission time interval
  • radio frame structure a specific filtering process performed by the transceiver in the frequency domain
  • a specific windowing process performed by the transceiver in the time domain etc.
  • a slot may consist of one or more symbols in the time domain (such as OFDM (Orthogonal Frequency Division Multiplexing) symbols, SC-FDMA (Single Carrier Frequency Division Multiple Access) symbols, etc.).
  • a slot may be a time unit based on numerology.
  • a slot may include multiple minislots. Each minislot may consist of one or multiple symbols in the time domain. A minislot may also be called a subslot. A minislot may consist of fewer symbols than a slot.
  • a PDSCH (or PUSCH) transmitted in a time unit larger than a minislot may be called PDSCH (or PUSCH) mapping type A.
  • a PDSCH (or PUSCH) transmitted using a minislot may be called PDSCH (or PUSCH) mapping type B.
  • Radio frame, subframe, slot, minislot, and symbol all represent time units for transmitting signals. Radio frame, subframe, slot, minislot, and symbol may each be referred to by a different name that corresponds to the radio frame, subframe, slot, minislot, and symbol.
  • one subframe may be called a transmission time interval (TTI), multiple consecutive subframes may be called a TTI, or one slot or one minislot may be called a TTI.
  • TTI transmission time interval
  • the subframe and the TTI may be a subframe (1 ms) in existing LTE, a period shorter than 1 ms (e.g., 1-13 symbols), or a period longer than 1 ms.
  • the unit representing the TTI may be called a slot, minislot, etc., instead of a subframe.
  • one slot may be called a unit time. The unit time may differ for each cell depending on the numerology.
  • TTI refers to, for example, the smallest time unit for scheduling in wireless communication.
  • a base station performs scheduling to allocate wireless resources (such as frequency bandwidth and transmission power that can be used by each terminal 20) to each terminal 20 in TTI units.
  • wireless resources such as frequency bandwidth and transmission power that can be used by each terminal 20
  • TTI is not limited to this.
  • the TTI may be a transmission time unit for a channel-coded data packet (transport block), a code block, a code word, etc., or may be a processing unit for scheduling, link adaptation, etc.
  • the time interval e.g., the number of symbols
  • the time interval in which a transport block, a code block, a code word, etc. is actually mapped may be shorter than the TTI.
  • one or more TTIs may be the minimum time unit of scheduling.
  • the number of slots (minislots) that constitute the minimum time unit of scheduling may be controlled.
  • a TTI having a time length of 1 ms may be called a normal TTI (TTI in LTE Rel. 8-12), normal TTI, long TTI, normal subframe, normal subframe, long subframe, slot, etc.
  • TTI shorter than a normal TTI may be called a shortened TTI, short TTI, partial or fractional TTI, shortened subframe, short subframe, minislot, subslot, slot, etc.
  • a long TTI (e.g., a normal TTI, a subframe, etc.) may be interpreted as a TTI having a time length of more than 1 ms
  • a short TTI e.g., a shortened TTI, etc.
  • TTI length shorter than the TTI length of a long TTI and equal to or greater than 1 ms.
  • a resource block is a resource allocation unit in the time domain and frequency domain, and may include one or more consecutive subcarriers in the frequency domain.
  • the number of subcarriers included in an RB may be the same regardless of the numerology, and may be, for example, 12.
  • the number of subcarriers included in an RB may be determined based on the numerology.
  • the time domain of an RB may include one or more symbols and may be one slot, one minislot, one subframe, or one TTI in length.
  • One TTI, one subframe, etc. may each be composed of one or more resource blocks.
  • one or more RBs may be referred to as a physical resource block (PRB), a sub-carrier group (SCG), a resource element group (REG), a PRB pair, an RB pair, etc.
  • PRB physical resource block
  • SCG sub-carrier group
  • REG resource element group
  • PRB pair an RB pair, etc.
  • a resource block may be composed of one or more resource elements (REs).
  • REs resource elements
  • one RE may be a radio resource area of one subcarrier and one symbol.
  • a Bandwidth Part which may also be referred to as a partial bandwidth, may represent a subset of contiguous common resource blocks (RBs) for a given numerology on a given carrier, where the common RBs may be identified by an index of the RB relative to a common reference point of the carrier.
  • PRBs may be defined in a BWP and numbered within the BWP.
  • the BWP may include a BWP for UL (UL BWP) and a BWP for DL (DL BWP).
  • UL BWP UL BWP
  • DL BWP DL BWP
  • One or more BWPs may be configured for a UE within one carrier.
  • At least one of the configured BWPs may be active, and the UE may not expect to transmit or receive a given signal/channel outside the active BWP.
  • BWP bitmap
  • radio frames, subframes, slots, minislots, and symbols are merely examples.
  • the number of subframes included in a radio frame, the number of slots per subframe or radio frame, the number of minislots included in a slot, the number of symbols and RBs included in a slot or minislot, the number of subcarriers included in an RB, as well as the number of symbols in a TTI, the symbol length, and the cyclic prefix (CP) length can be changed in various ways.
  • a and B are different may mean “A and B are different from each other.”
  • the term may also mean “A and B are each different from C.”
  • Terms such as “separate” and “combined” may also be interpreted in the same way as “different.”
  • notification of specific information is not limited to being done explicitly, but may be done implicitly (e.g., not notifying the specific information).

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un dispositif de divulgation d'informations d'utilisateur qui comprend : une unité de réception qui reçoit une demande d'informations d'utilisateur comprenant un identifiant d'utilisateur provenant d'un serveur d'application autorisé à effectuer un traitement spécifique ; une unité de commande qui acquiert des informations correspondant à l'identifiant d'utilisateur à partir d'un dispositif de stockage de données dans un système de communication ; et une unité de transmission qui transmet des informations d'utilisateur créées sur la base des informations au serveur d'application.
PCT/JP2022/037931 2022-10-11 2022-10-11 Dispositif de divulgation d'informations d'utilisateur, système de communication et procédé de divulgation d'informations d'utilisateur WO2024079797A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/037931 WO2024079797A1 (fr) 2022-10-11 2022-10-11 Dispositif de divulgation d'informations d'utilisateur, système de communication et procédé de divulgation d'informations d'utilisateur

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/037931 WO2024079797A1 (fr) 2022-10-11 2022-10-11 Dispositif de divulgation d'informations d'utilisateur, système de communication et procédé de divulgation d'informations d'utilisateur

Publications (1)

Publication Number Publication Date
WO2024079797A1 true WO2024079797A1 (fr) 2024-04-18

Family

ID=90668990

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/037931 WO2024079797A1 (fr) 2022-10-11 2022-10-11 Dispositif de divulgation d'informations d'utilisateur, système de communication et procédé de divulgation d'informations d'utilisateur

Country Status (1)

Country Link
WO (1) WO2024079797A1 (fr)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021136633A1 (fr) * 2020-01-03 2021-07-08 Sony Group Corporation Service de rapport pour des informations d'état dynamique (dsi) sur une liaison de données

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021136633A1 (fr) * 2020-01-03 2021-07-08 Sony Group Corporation Service de rapport pour des informations d'état dynamique (dsi) sur une liaison de données

Similar Documents

Publication Publication Date Title
WO2020208913A1 (fr) Nœud de réseau
WO2024079797A1 (fr) Dispositif de divulgation d'informations d'utilisateur, système de communication et procédé de divulgation d'informations d'utilisateur
WO2024079799A1 (fr) Dispositif d'approbation, système de communication et procédé d'approbation
WO2024079798A1 (fr) Dispositif d'autorisation, système de communication, et procédé d'autorisation
WO2024111070A1 (fr) Dispositif de nœud de réseau, système de communication, et procédé de communication
WO2023152800A1 (fr) Dispositif de communication, dispositif de nœud de réseau, système, et procédé de communication
WO2023187905A1 (fr) Dispositif de communication, dispositif nœud de réseau et procédé de contrôle d'autorisation
WO2023084606A1 (fr) Nœud de réseau, dispositif de propriétaire de ressource, système et procédé de communication
WO2024038488A1 (fr) Terminal et procédé de communication
WO2024095485A1 (fr) Dispositif de sécurité d'authentification, terminal, système de communication, et procédé de communication
WO2023067742A1 (fr) Nœud de réseau et procédé de communication
WO2023181385A1 (fr) Terminal, dispositif réseau, système de communication sans fil et procédé de communication sans fil
WO2024034135A1 (fr) Nœud de réseau et procédé d'autorisation
WO2024004156A1 (fr) Nœud de réseau, station de base et procédé de communication
WO2023067814A1 (fr) Nœud de réseau et procédé de communication
WO2024057549A1 (fr) Nœud de réseau et procédé de communication
WO2023218670A1 (fr) Nœud de réseau et procédé de communication
WO2024095490A1 (fr) Nœud de réseau et procédé de communication
WO2023119385A1 (fr) Nœud de réseau
WO2024062582A1 (fr) Nœud de réseau, système de communication, et procédé de communication
WO2023223512A1 (fr) Nœud de réseau et procédé de communication
WO2024034073A1 (fr) Terminal et procédé de communication
WO2023181424A1 (fr) Nœud de réseau et procédé de communication
WO2023181425A1 (fr) Nœud de réseau et procédé de communication
WO2023119386A1 (fr) Nœud de réseau

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22962017

Country of ref document: EP

Kind code of ref document: A1