[go: up one dir, main page]

CN113473417B - Processing method and device for access service, storage medium and electronic equipment - Google Patents

Processing method and device for access service, storage medium and electronic equipment Download PDF

Info

Publication number
CN113473417B
CN113473417B CN202110609505.8A CN202110609505A CN113473417B CN 113473417 B CN113473417 B CN 113473417B CN 202110609505 A CN202110609505 A CN 202110609505A CN 113473417 B CN113473417 B CN 113473417B
Authority
CN
China
Prior art keywords
access
strategy
information
policy
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110609505.8A
Other languages
Chinese (zh)
Other versions
CN113473417A (en
Inventor
王旗
郑伟
杨骏泽
皋宇
林文通
李冬晔
张孟康
宋依欣
徐良红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN202110609505.8A priority Critical patent/CN113473417B/en
Publication of CN113473417A publication Critical patent/CN113473417A/en
Application granted granted Critical
Publication of CN113473417B publication Critical patent/CN113473417B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/50Service provisioning or reconfiguring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • H04W8/205Transfer to or from user equipment or user record carrier

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The disclosure relates to a processing method and device for access service, a storage medium and an electronic device, and relates to the technical field of 5G communication, wherein the method comprises the following steps: the AMF receives an access request sent by User Equipment (UE) and forwards the access request to the SMF; the SMF generates a strategy acquisition request according to the current access point information and the international mobile subscriber identity IMSI which are included in the access request, and sends the strategy acquisition request to the PCF; the PCF inquires a preset MDN and a strategy binding online information base according to the current access point information and the IMSI included in the strategy acquisition request to obtain an access strategy of the UE, and sends the access strategy to the SMF; and the SMF matches the access rule for the UE according to the access policy, and sends the access rule and the access request to the UPF, and the UPF processes the access service included in the access request according to the access rule. The present disclosure improves security of user information.

Description

Processing method and device for access service, storage medium and electronic equipment
Technical Field
The embodiment of the disclosure relates to the technical field of 5G communication, and in particular, to a method and a device for generating a user access policy, a computer-readable storage medium, and an electronic device.
Background
With the advent of the 5G era, the challenges of emerging information security of the Internet and multi-application scenes are unprecedented, and enterprise information security has become a trend as a basic requirement of the 5G era. The 5G slice private network, the 5G virtual private dial-up network and the services based on the slice private network and the virtual private dial-up network can establish a safe private network by combining the bearing functions of the IP network and carrying out corresponding authentication and authorization mechanisms, and are the choices of most enterprise users.
In the prior art, it is required to ensure that a terminal correctly sets access point information when accessing an enterprise private network so as to avoid accessing a public network and causing information leakage.
However, the existing systems and solutions have the following problems: because the 5G terminals are numerous in types, some terminals can also be defaulted to initiate connection with a public network bearer when initiating access to an intranet bearer, and because the network side can not limit the access of the public network bearer of the terminal, when the terminal configuration is wrong, the network side can select the public network access point by default, so that the terminal is accessed to the public network, and further user information is leaked.
Therefore, a new method and apparatus for processing access service are needed.
It is to be noted that the information invented in the background section above is only for enhancement of understanding of the background of the present disclosure, and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The present disclosure is directed to a method for generating a user access policy, an apparatus for generating a user access policy, a computer-readable storage medium, and an electronic device, so as to overcome, at least to some extent, a problem of user information leakage caused by a terminal accessing a public network due to limitations and disadvantages of related art.
According to an aspect of the present disclosure, there is provided a processing method for accessing a service, including:
an access and mobility management function (AMF) receives an access request sent by User Equipment (UE) and forwards the access request to a Session Management Function (SMF);
the SMF generates a policy acquisition request according to current access point information included in the access request and an International Mobile Subscriber Identity (IMSI) included in the access request, and sends the policy acquisition request to a Policy Control Function (PCF);
the PCF inquires a preset MDN and a policy binding online information base according to the current access point information and the IMSI included in the policy acquisition request to obtain an access policy of the UE, and sends the access policy to the SMF;
and the SMF matches an access rule for the UE according to the access policy, and sends the access rule and an access request to a User Plane Function (UPF), and the UPF processes an access service included in the access request according to the access rule.
In an exemplary embodiment of the disclosure, forwarding the access request to a session management function SMF includes:
acquiring subscription information stored in a unified data management function (UDM) by the UE according to an International Mobile Subscriber Identity (IMSI) included in the access request;
checking the current access point information according to the target access point information included in the subscription information to obtain a first checking result, and judging whether the current access point information is accurate according to the first checking result; and/or
Checking the current terminal information included in the access request according to the standard terminal information included in the subscription information to obtain a second checking result, and judging whether the UE is standard or not according to the second checking result;
and if the current access point information is accurate and the UE is normative, sending the access request to the session management function SMF as a private network access request, and if the current access point information is inaccurate and/or the UE is not normative, sending the access request to the session management function SMF as a common public network access request.
In an exemplary embodiment of the present disclosure, querying a preset MDN and a policy binding online information base according to current access point information and IMSI included in the policy acquisition request to obtain an access policy of the UE includes:
establishing a mapping relation between a mobile user directory number MDN and one or more access points of the UE;
based on the mapping relation and the strategy information corresponding to the one or more access points, an MDN and strategy binding online information base is constructed;
determining the MDN of the UE according to the IMSI included in the strategy acquisition request, and matching the subscription strategy of the UE from the strategy binding online information base according to the MDN of the UE;
and determining a current strategy which can be supported by the UE under the scene of the current access point information from the subscription strategy.
In an exemplary embodiment of the disclosure, after determining, from the subscription policy, a current policy that can be supported by the UE in the context of the current access point information, the method for processing the access service further includes:
when the subscription information stored in the unified data management function (UDM) by the UE is determined to include a public network access limiting function, determining whether an access port of the current access point information is a public network or not;
and if the access port of the current access point information is a public network, determining that the current strategy is only allowed to access 0 port service, and the access rate is 0 Kb.
In an exemplary embodiment of the present disclosure, matching an access rule for the UE according to the access policy includes:
and when the current strategy is determined to be only allowing access to the 0 port service and the access rate is 0Kb, matching the access rule supporting the 0Kb rate for the UE.
In an exemplary embodiment of the present disclosure, processing the access service included in the access request according to the access rule includes:
and when the access rule is an access rule supporting the rate of 0Kb, stopping forwarding the access service under the information of the current access point of which the access port is the public network and which is included in the access request.
In an exemplary embodiment of the present disclosure, the method for processing the access service further includes:
and generating prompt information which corresponds to the access service which is stopped to be forwarded and cannot be reached by the network, and sending the prompt information to the UE so that the UE switches and/or modifies the current access point information according to the prompt information.
According to an aspect of the present disclosure, there is provided a processing system for accessing a service, including:
a first receiving module, configured to receive, by using an access and mobility management function AMF, an access request sent by a user equipment UE, and forward the access request to a session management function SMF;
a first sending module, configured to generate a policy acquisition request according to current access point information and an international mobile subscriber identity IMSI included in the access request by using the SMF, and send the policy acquisition request to a policy control function PCF;
an access policy query module, configured to query, by using the PCF, a preset MDN and a policy binding online information base according to the current access point information and IMSI included in the policy acquisition request, to obtain an access policy of the UE, and send the access policy to the SMF;
and the service processing module is used for matching an access rule for the UE by using the SMF according to the access policy, and sending the access rule and the access request to a User Plane Function (UPF), and the UPF processes the access service included in the access request according to the access rule.
According to an aspect of the present disclosure, there is provided a computer-readable storage medium, on which a computer program is stored, the computer program, when executed by a processor, implementing the processing method of the access service according to any one of the above.
According to an aspect of the present disclosure, there is provided an electronic device including:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to execute the processing method of the access service according to any one of the above items via executing the executable instruction.
On one hand, because the access strategy is matched in the preset MDN and strategy binding online information base according to the current access point information and IMSI and the access strategy is not directly accessed to the public network, the method and the device for processing the access service provided by the embodiment of the disclosure avoid the problem that the terminal is accessed to the public network and user information is leaked because the network side can not limit the public network bearing access of the terminal in the prior art and can select the public network access point by default when the terminal configuration is wrong, and improve the safety of the user information; on the other hand, the access strategy is matched in the preset MDN and strategy binding online information base according to the current access point information and IMSI, so that the corresponding access strategy can be matched according to the actual condition of the current access point information, and the problem that normal access cannot be realized due to the fact that only a single access strategy can be selected in the prior art is solved; on the other hand, by setting the MDN and policy binding online information base, when new current access point information is added, an access policy corresponding to the new current access point information can be directly configured in the MDN and policy binding online information base, so that the multi-network access function of a single user is realized, and the user experience is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure. It is to be understood that the drawings in the following description are merely exemplary of the disclosure, and that other drawings may be derived from those drawings by one of ordinary skill in the art without the exercise of inventive faculty.
Fig. 1 schematically shows a flowchart of a processing method for accessing a service according to an example embodiment of the present disclosure.
Fig. 2 schematically shows a diagram of a structure example of a network side according to an example embodiment of the present disclosure.
Fig. 3 schematically shows a flowchart of a method for forwarding the access request to a session management function, SMF, according to an example embodiment of the present disclosure.
Fig. 4 is a flowchart schematically illustrating a method for querying a preset MDN and policy binding online information base according to current access point information and IMSI included in the policy acquisition request to obtain an access policy of the UE according to an exemplary embodiment of the present disclosure.
Fig. 5 schematically shows a flowchart of another processing method for accessing a service according to an example embodiment of the present disclosure.
Fig. 6 is a diagram schematically illustrating an example of a scenario of service processing by using the processing method for accessing a service according to the exemplary embodiment of the present disclosure.
Fig. 7 schematically illustrates a block diagram of a processing device for accessing a service according to an example embodiment of the present disclosure.
Fig. 8 schematically illustrates an electronic device for implementing the processing method for accessing a service according to an exemplary embodiment of the present disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the embodiments of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, etc. In other instances, well-known technical solutions have not been shown or described in detail to avoid obscuring aspects of the present disclosure.
Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus their repetitive description will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
The types of terminals in the 5G network are various, private network users in an independent networking network want to flexibly access an internal network without worrying about terminal setting or lack of standardization to realize mutual access with a public network, and the users are developed on the basis of common large-network users, so that the terminals can realize public network access. At present, the technical route of limiting the access of the existing terminal of the operator to the public network is as follows:
firstly, a user sets information of Access Point DNN (data Network Name)/APN (Access Point Name) in a terminal, initiates an Access request, an AMF receives the information of the Access Point DNN/APN brought by the terminal, and goes to a UDM to acquire user subscription information for checking; if the access point information is required by the using terminal in accordance with the check, if the access point information is not required to be selected from the UDM subscription information, the default access point information is sent to the SMF;
secondly, after receiving the request, the SMF initiates a policy request by the PCF, and the PCF issues a service rule according to a signing rule; wherein, SMF selects PCF issuing strategy to match resource; if the PCF does not issue the corresponding strategy, the SMF starts a local bottom-holding strategy;
then, after the SMF selects and finishes the strategy matching, a connection request is sent to the UPF, and the service rule information is transmitted to the UPF;
and finally, after receiving the access request, the UPF allocates an address and a service strategy to the terminal according to the information in the SMF request, and the terminal accesses the network according to the strategy after obtaining the address.
However, in the existing method for limiting the access of the terminal to the public network, if the terminal configuration is not correct, the AMF has an error correction function, and the access point information of the public network of the common user is selected by default, so that the terminal is accessed to the public network by mistake, the safety is poor, the flow is misused, and the charging complaint and the loss are caused; meanwhile, even if the UDM is locally configured with single subscription data, if the terminal needs to be accessed to different private networks or private network service cancellation is changed into a common user, the terminal cannot be accessed, the card needs to be opened again, the flexibility is poor, multiple private network users with a single terminal cannot be effectively realized, the problem of low user experience flexibility is caused, the risk of realizing multiple private network access by the user is increased, and the user uncontrollable property is also increased.
That is to say, in the current 5G large connection and multi-application scenario, for a scenario in which a user terminal needs to access to different networks, if access point information needs to be modified to switch to different network services, the existing configuration scheme cannot effectively handle the scenario. In order to solve the problem, the disclosure provides a method for processing an access service, which realizes that a 5G private network user limits a terminal to access a public network and can flexibly switch different private network services based on an SA architecture, and provides a safe and convenient private network service and multi-scene flexible configuration experience for an enterprise. In addition, the scheme is also suitable for a 4G LTE network for deploying the PCRF.
In the present exemplary embodiment, a method for processing an access service is first provided, where the method may be performed in a server, a server cluster or a cloud server where a network side is located; of course, those skilled in the art may also operate the method of the present disclosure on other platforms as needed, which is not particularly limited in the exemplary embodiment. Referring to fig. 1, the method for processing the access service may include the following steps:
s110, receiving an access request sent by User Equipment (UE) by an access and mobile management function (AMF), and forwarding the access request to a Session Management Function (SMF);
step S120, the SMF generates a strategy acquisition request according to the current access point information and the international mobile subscriber identity IMSI which are included in the access request, and sends the strategy acquisition request to a strategy control function PCF;
step S130, the PCF inquires a preset MDN and a policy binding online information base according to the current access point information and IMSI included in the policy acquisition request to obtain an access policy of the UE, and sends the access policy to the SMF;
and S140, the SMF matches an access rule for the UE according to the access policy, and sends the access rule and an access request to a User Plane Function (UPF), and the UPF processes an access service included in the access request according to the access rule.
In the processing method of the access service, on one hand, the access strategy is matched in the preset MDN and strategy binding online information base according to the current access point information and IMSI, and the access strategy is not directly accessed to the public network, so that the problem that the public network bearing access of the terminal cannot be limited in the prior art because the network side selects the public network access point in a default manner when the terminal is configured incorrectly, so that the terminal is accessed to the public network, and further the user information is leaked is solved, and the safety of the user information is improved; on the other hand, as the access strategy is matched in the preset MDN and strategy binding online information base according to the current access point information and the IMSI, the corresponding access strategy can be matched according to the actual condition of the current access point information, and the problem that only a single access strategy can be selected in the prior art so that normal access cannot be realized is solved; on the other hand, by setting the MDN and policy binding online information base, when new current access point information is added, an access policy corresponding to the new current access point information can be directly configured in the MDN and policy binding online information base, so that the multi-network access function of a single user is realized, and the user experience is improved.
Hereinafter, the processing method for accessing the service according to the exemplary embodiment of the present disclosure will be further explained and explained with reference to the drawings.
First, terms referred to in the exemplary embodiments of the present disclosure are explained and explained with reference to fig. 2.
The UE: the User Equipment 201 may also be referred to as a User terminal.
AMF: access and Mobility Management Function 202, which performs registration, connection, accessibility, and Mobility Management, may provide a session Management message transmission channel for UE and SMF, provides authentication and authorization functions for user Access, and provides a terminal and a wireless core network control plane Access point.
SMF: session Management function, Session Management function 204, is responsible for tunnel maintenance, IP address allocation and Management, UP function selection, policy enforcement, control in QoS, charging data acquisition, roaming, etc. The SMF may select a UPF based on the granularity of the UE or session, may assign an IP address, collect charging data, and connect to a charging center.
UPF: the User plane function 206, packet routing forwarding, policy enforcement, traffic reporting, and Qos processing; the UPF is an anchor point of the session and records the traffic forwarding amount.
PCF: policy Control function 205, a unified Policy framework, and Policy rules that provide Control plane functions.
UDM: the Unified Data Management, Unified Data Management 203, 3GPP AKA authentication, user identification, access authorization, registration, mobility, subscription, short message Management, etc.
The connection relationship between the above functions can be specifically referred to as shown in fig. 2.
Next, the objects of the present disclosure will be explained and explained. The method can prevent 5G private line users from accessing the public network due to the fact that the terminals are not standard or randomly set, and achieves the function that the users flexibly use a single terminal and access different private networks in a multi-access point mode through an effective mechanism.
The method provided by the present disclosure modifies the original limiting mode, after a user initiates an access request, PCF firstly acquires the user service function by inquiring MDN and the service ordering information base, if the user has the limited public network access function, inquires the access point and the strategy binding information base, matches the corresponding limiting strategy information, and issues the corresponding limiting strategy in PCF authorization information; the SMF matches the resource information execution requirement for the service according to the issued corresponding strategy information of the access network, and issues a UPF execution service rule, and the UPF restricts access to the service accessed to the public network according to the rule and can only access to a professional network. If other private network needs to be accessed, network access can be realized only by modifying different private network information.
Further, in a processing method for accessing a service according to an exemplary embodiment of the present disclosure:
in step S110, the access and mobility management function AMF receives an access request sent by the user equipment UE, and forwards the access request to the session management function SMF.
In this exemplary embodiment, first, in order to implement normal service access, a private network user may set current access point information, such as APN1, APN2, …, and APNn, in a user equipment, where the number of the current access point information may be automatically selected according to an actual situation of an access point, and this example does not specially limit this; of course, the current access point information may include a public network access point or a private network access point, which is not particularly limited in this example; secondly, after the access point is set, if service access is needed, the terminal may initiate an access request including current access point information and IMSI, and send the access request to the network side, and after receiving the access request, the AMF of the network side may forward the access request to the session management function SMF. Specifically, referring to fig. 3, the method may include the following steps:
step S310, obtaining the subscription information stored in the unified data management function UDM by the UE according to the international mobile subscriber identity IMSI included in the access request;
step S320, checking the current access point information according to the target access point information included in the subscription information to obtain a first checking result, and judging whether the current access point information is accurate according to the first checking result; and/or
Step S330, checking the current terminal information included in the access request according to the standard terminal information included in the subscription information to obtain a second checking result, and judging whether the UE is normative according to the second checking result;
step S340, if the current access point information is accurate and the UE is normal, the access request is sent to the session management function SMF as a private network access request, and if the current access point information is inaccurate and/or the UE is not normal, the access request is sent to the session management function SMF as a common public network access request.
Hereinafter, steps S310 to S340 will be explained and explained. Specifically, firstly, the SMF acquires subscription information stored by a home subscriber server UDM from the UDM according to an international mobile subscriber identity IMSI included in an access request, and verifies current access point information and current terminal information corresponding to user equipment according to target access point information and standard terminal information included in the subscription information; and if the check is passed, the access request is sent to the SMF as a private network access request, and if any check is not passed, the access request is sent to the SMF as a common public network access request. By the method, the problems that in the prior art, due to the fact that the terminal configuration is not correct, the AMF has an error correction function, and the access point information of the common user public network can be selected by default, the terminal is accessed to the public network by mistake, the safety is poor, flow misuse is caused, and charging complaints and losses are caused are solved.
It should be added here that, when the user transacts the network access service, the corresponding subscription information is already filled in according to the form provided by the service provider, and the subscription information may include target access point information (for example, the specification that the access point needs to conform to, etc.), standard terminal information (when accessing the 5G network, the specification that the terminal needs to conform to, etc.)
In step S120, the SMF generates a policy acquisition request according to the current access point information and the international mobile subscriber identity IMSI included in the access request, and sends the policy acquisition request to a policy control function PCF.
Specifically, after receiving an access request (a private network access request or a general public network access request), the SMF generates a policy acquisition request according to current access point information (for example, APN1) and the IMSI, and then sends the policy acquisition request to the PCF. The international mobile subscriber identity is a mark for distinguishing mobile subscribers, is stored in the SIM card, and can be used for distinguishing valid information of mobile subscribers.
In step S130, the PCF queries a preset MDN and a policy binding online information base according to the current access point information and IMSI included in the policy acquisition request, obtains an access policy of the UE, and sends the access policy to the SMF.
In this example embodiment, first, according to the current access point information and the IMSI included in the policy acquisition request, a preset MDN and policy binding online information base is queried to obtain an access policy of the UE. Specifically, as shown in fig. 4, the method may include the following steps:
step S410, establishing a mapping relation between a mobile user directory number MDN and one or more access points of the UE;
step S420, building an MDN and strategy binding online information base based on the mapping relation and the strategy information corresponding to the one or more access points;
step S430, determining the MDN of the UE according to the IMSI included in the strategy acquisition request, and matching the subscription strategy of the UE from the strategy binding online information base according to the MDN of the UE;
step S440, determining a current policy that the UE can support in the context of the current access point information from the subscription policy.
Hereinafter, steps S410 to S440 will be explained and explained. First, in order to match a corresponding access policy according to the actual situation of the current access point information, an MDN and a policy binding online information base need to be configured first. Specifically, a mapping relationship between the MDN and one or more access points may be established at the PCF side, without configuring corresponding policy information for each access point, and then configuring the MDN and the policy binding online information base based on the policy information and the mapping relationship; after receiving a service request command (policy acquisition request), the PCF identifies the IMSI of the user and the current access point information, and acquires the current policy of the UE in the context of the current access point information by querying the MDN and policy binding online information base.
Further, in order to further improve the security of the user information and avoid the problem of user information leakage caused by accessing the public network, the method for processing the access service further includes: when the subscription information stored in the unified data management function (UDM) by the UE is determined to include a public network access limiting function, determining whether an access port of the current access point information is a public network; and if the access port of the current access point information is a public network, determining that the current strategy is only allowed to access 0-port service, and the access rate is 0 Kb.
Specifically, a policy corresponding to public network access point information requested by the MDN may be added on the PCF side. For example, if the user signs up to limit the public network access function (or the received access request is a common public network access request), a public network access limiting policy is obtained, the PCF issues a service only allowing access to the port 0, and the rate is reduced to 0 Kb; meanwhile, SMF restriction public network access strategy information is issued; and if the limited public network access strategy is not inquired, returning to the normal internet access strategy.
In step S140, the SMF matches an access rule for the UE according to the access policy, and sends the access rule and an access request to a user plane function UPF, where the UPF processes an access service included in the access request according to the access rule.
In this exemplary embodiment, first, the matching, by the SMF, the access rule for the UE according to the access policy may specifically include: when the current strategy is determined to be only allowing to access 0 port service and the access rate is 0Kb, matching an access rule supporting 0Kb rate for the UE; secondly, after obtaining the access rule, the access rule and the access request may be sent to the UPF, and the UPF may process the fangen service included in the access request according to the access rule (limit mutual access or implement mutual access). Further, when the access rule is an access rule supporting a rate of 0Kb, stopping forwarding the access service under the information of the current access point of which the access port included in the access request is a public network; meanwhile, in order to enable the UE to realize normal service access, prompt information which corresponds to the access service which is stopped to be forwarded and cannot be reached by the network can be generated and sent to the UE, so that the UE can switch and/or modify the current access point information according to the prompt information.
For example, after the SMF acquires the PCF return policy message, the SMF performs resource matching on the acquired rule information and sends the rule information to the UPF; the UPF receives the access request sent by the SMF and continues to execute, and the mutual access service under the public network access point sent by the terminal is not forwarded any more; if the user accesses multiple access points, the mutual access service under the public network access point is limited, if the terminal setting error is only a single public network access point, the user terminal prompts that the network is not accessible, and prompts the user to check the terminal setting.
By the method, if the terminal receives the prompt that the network is not reachable, the terminal only needs to modify the correct access point information and normally accesses the private network; if the terminal is switched to other private network, the terminal can modify the access point information of other private networks without considering the problem of public network access caused by setting errors or non-specification of the terminal; when the private network service is not used or the public network is required to be accessed, the function only needs to be cancelled.
Hereinafter, the processing method of the access service according to the exemplary embodiment of the present disclosure is further explained and explained with reference to fig. 5. Referring to fig. 5, the processing method of the access service may include the following steps:
step S501, user equipment initiates an access request to a network side, wherein the access request carries current access point information;
step S502, AMF obtains target access point information and standard terminal information signed by user from UDM;
step S503, the UDM returns the target access point information and the standard terminal information;
step S504, the AMF checks the target access point information and the current terminal information according to the target access point information and the standard terminal information, and forwards the access request to the SMF;
step S505, SMF sends UE access strategy request including current access point information and MDN to PCF;
step S506, PCF inquires about UE ordering strategy according to MDN, matches current strategy according to current access point information, and returns the matched current strategy in current access point information scene to SMF;
step S507, the SMF matches the access rule according to the current strategy and sends the access rule to the UPF, so that the UPF determines whether the public network interaction request initiated by the UE carries out mutual access according to the access rule.
In the processing method for access service provided by the exemplary embodiment of the present disclosure, when the processing method is specifically implemented, the current 5G private network service access flow does not need to be modified, but PCF and SMF equipment need to be upgraded and modified; after receiving the access request, PCF inquires the matching rule of the user access information through an internal trigger mechanism, and automatically matches and issues the corresponding service strategy for the user; the PCF implements the implementation of the rule issuing of the user access information matching service, which may specifically refer to fig. 6.
So far, it goes without saying that the technical solutions described in the exemplary embodiments of the present disclosure have the following advantages over the prior art:
on one hand, the problem that in the prior art, a larger safety risk exists when a terminal for a private network user is freely set to access a private network, and a part of terminals are not standardized and can simultaneously access a public network when accessing the private network, so that network information potential safety hazards are caused is solved;
on the other hand, the problem that in the prior art, a single subscription policy of local configuration of the UDM is to limit a user to use a single private network only by one card, and cannot aim at partial multiple private network users, and when the user needs to cancel private network services, the card needs to be opened again is solved, the flexibility of the user terminal can be controlled, the user can select different private network services, multiple purposes are realized by one card, and the operation efficiency of the enterprise private network can be greatly improved;
on the other hand, the method and the system have the advantages that the PCF online policy information base is improved, so that the function of realizing multi-private network access by a single user is realized, and meanwhile, the terminal can realize the replacement of other private network services or the cancellation of private network services without modifying user information. Only the terminal configuration is needed to be modified or the function is needed to be cancelled, the function is directly converted into other private networks or normal common users for use, the user use perception can be greatly improved, other services which are unavailable and obstacle complaints caused by the fact that the terminal switches private network services or cancels the private network services are reduced, and the telephone traffic of the same type of customer service complaints is effectively reduced.
Furthermore, the method not only can solve the problem that a single terminal of a private network user in the 5G SA network has flexible access to multiple private networks, but also retains the common internet access function data of the terminal user, and the scheme is also suitable for networks such as 4G LTE and the like with PCRF deployed; in addition, the method does not need to increase network elements, fully considers the compatibility of the current network, improves the access flow of the private network, and can realize the simple database and version function transformation of PCF and SMF equipment.
The disclosure also provides a processing device for accessing the service. Referring to fig. 7, the apparatus for processing access service may include a first receiving module 710, a first sending module 720, an access policy querying module 730, and a service processing module 740. Wherein:
the first receiving module 710 may be configured to receive an access request sent by a user equipment UE by using an access and mobility management function AMF, and forward the access request to a session management function SMF;
the first sending module 720 may be configured to generate a policy acquisition request according to the current access point information and the international mobile subscriber identity IMSI included in the access request by using the SMF, and send the policy acquisition request to a policy control function PCF;
the access policy query module 730 may be configured to query, by using the PCF according to the current access point information and the IMSI included in the policy acquisition request, a preset MDN and a policy binding online information base to obtain an access policy of the UE, and send the access policy to the SMF;
the service processing module 740 may be configured to match an access rule for the UE by using the SMF according to the access policy, and send the access rule and an access request to a user plane function UPF, where the UPF processes an access service included in the access request according to the access rule.
In an exemplary embodiment of the disclosure, forwarding the access request to a session management function SMF includes:
acquiring subscription information stored in a unified data management function (UDM) by the UE according to the International Mobile Subscriber Identity (IMSI) included in the access request;
checking the current access point information according to the target access point information included in the subscription information to obtain a first checking result, and judging whether the current access point information is accurate according to the first checking result; and/or
Checking the current terminal information included in the access request according to the standard terminal information included in the subscription information to obtain a second checking result, and judging whether the UE is standard or not according to the second checking result;
and if the current access point information is accurate and the UE is normative, the access request is sent to the session management function SMF as a private network access request, and if the current access point information is inaccurate and/or the UE is not normative, the access request is sent to the session management function SMF as a common public network access request.
In an exemplary embodiment of the present disclosure, querying a preset MDN and a policy binding online information base according to current access point information and IMSI included in the policy acquisition request to obtain an access policy of the UE includes:
establishing a mapping relation between a mobile user directory number (MDN) and one or more access points of the UE;
constructing an MDN and strategy binding online information base based on the mapping relation and the strategy information corresponding to the one or more access points;
determining the MDN of the UE according to the IMSI included in the strategy acquisition request, and matching the subscription strategy of the UE from the strategy binding online information base according to the MDN of the UE;
and determining a current strategy which can be supported by the UE under the scene of the current access point information from the subscription strategy.
In an exemplary embodiment of the disclosure, the processing apparatus for accessing a service further includes:
a current access point information determining module, configured to determine whether an access port of the current access point information is a public network when it is determined that subscription information stored in a unified data management function (UDM) of the UE includes a public network access restriction function;
the current policy determining module may be configured to determine that the current policy is only allowed to access a 0-port service and the access rate is 0Kb if the access port of the current access point information is a public network.
In an exemplary embodiment of the present disclosure, matching an access rule for the UE according to the access policy includes:
and when the current strategy is determined to be only allowing to access 0 port service and the access rate is 0Kb, matching the access rule supporting the 0Kb rate for the UE.
In an exemplary embodiment of the disclosure, processing the access service included in the access request according to the access rule includes:
and when the access rule is an access rule supporting a rate of 0Kb, stopping forwarding the access service under the information that the access port included in the access request is the current access point of the public network.
In an exemplary embodiment of the present disclosure, the processing apparatus for accessing a service further includes:
and the second sending module is used for generating prompt information which corresponds to the access service which is stopped forwarding and cannot be reached by the network, and sending the prompt information to the UE so that the UE switches and/or modifies the current access point information according to the prompt information.
The specific details of each module in the processing apparatus for accessing services have been described in detail in the corresponding processing method for accessing services, and therefore are not described herein again.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
Moreover, although the steps of the methods of the present disclosure are depicted in the drawings in a particular order, this does not require or imply that the steps must be performed in this particular order, or that all of the depicted steps must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions, etc.
In an exemplary embodiment of the present disclosure, an electronic device capable of implementing the above method is also provided.
As will be appreciated by one skilled in the art, aspects of the present disclosure may be embodied as a system, method or program product. Accordingly, various aspects of the present disclosure may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.), or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
An electronic device 800 according to this embodiment of the disclosure is described below with reference to fig. 8. The electronic device 800 shown in fig. 8 is only an example and should not bring any limitations to the functionality and scope of use of the embodiments of the present disclosure.
As shown in fig. 8, the electronic device 800 is in the form of a general purpose computing device. The components of the electronic device 800 may include, but are not limited to: the at least one processing unit 810, the at least one memory unit 820, a bus 830 connecting various system components (including the memory unit 820 and the processing unit 810), and a display unit 840.
Wherein the storage unit stores program code that is executable by the processing unit 810 to cause the processing unit 810 to perform steps according to various exemplary embodiments of the present disclosure as described in the "exemplary methods" section above in this specification. For example, the processing unit 810 may perform step S110 as shown in fig. 1: an access and mobility management function (AMF) receives an access request sent by User Equipment (UE) and forwards the access request to a Session Management Function (SMF); step S120: the SMF generates a strategy acquisition request according to the current access point information and the international mobile subscriber identity IMSI which are included in the access request, and sends the strategy acquisition request to a strategy control function PCF; step S130: the PCF inquires a preset MDN and a policy binding online information base according to the current access point information and the IMSI included in the policy acquisition request to obtain an access policy of the UE, and sends the access policy to the SMF; step S140: and the SMF matches an access rule for the UE according to the access policy, and sends the access rule and an access request to a User Plane Function (UPF), and the UPF processes an access service included in the access request according to the access rule.
The memory unit 820 may include readable media in the form of volatile memory units, such as a random access memory unit (RAM)8201 and/or a cache memory unit 8202, and may further include a read only memory unit (ROM) 8203.
Storage unit 820 may also include a program/utility module 8204 having a set (at least one) of program modules 8205, such program modules 8205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which or some combination thereof may comprise an implementation of a network environment.
Bus 830 may be any of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 800 may also communicate with one or more external devices 900 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 800, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 800 to communicate with one or more other computing devices. Such communication may occur via input/output (I/O) interfaces 850. Also, the electronic device 800 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the internet) via the network adapter 860. As shown, the network adapter 860 communicates with the other modules of the electronic device 800 via the bus 830. It should be appreciated that although not shown, other hardware and/or software modules may be used in conjunction with the electronic device 800, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, and may also be implemented by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
In an exemplary embodiment of the present disclosure, there is also provided a computer-readable storage medium having stored thereon a program product capable of implementing the above-described method of the present specification. In some possible embodiments, various aspects of the disclosure may also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps according to various exemplary embodiments of the disclosure described in the "exemplary methods" section above of this specification, when the program product is run on the terminal device.
According to the program product for implementing the above method of the embodiments of the present disclosure, it may employ a portable compact disc read only memory (CD-ROM) and include program codes, and may be run on a terminal device, such as a personal computer. However, the program product of the present disclosure is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In situations involving remote computing devices, the remote computing devices may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to external computing devices (e.g., through the internet using an internet service provider).
Furthermore, the above-described drawings are merely schematic illustrations of processes involved in methods according to exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed, for example, synchronously or asynchronously in multiple modules.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

Claims (10)

1. A processing method for accessing service is characterized by comprising the following steps:
an access and mobility management function (AMF) receives an access request sent by User Equipment (UE) and forwards the access request to a Session Management Function (SMF);
the SMF generates a strategy acquisition request according to the current access point information and the international mobile subscriber identity IMSI which are included in the access request, and sends the strategy acquisition request to a strategy control function PCF;
the PCF inquires a preset MDN and a strategy binding online information base according to the current access point information and the IMSI included in the strategy acquisition request to obtain an access strategy of the UE, and sends the access strategy to the SMF;
and the SMF matches an access rule for the UE according to the access policy, and sends the access rule and an access request to a User Plane Function (UPF), and the UPF processes an access service included in the access request according to the access rule.
2. The method of claim 1, wherein forwarding the access request to a Session Management Function (SMF) comprises:
acquiring subscription information stored in a unified data management function (UDM) by the UE according to the International Mobile Subscriber Identity (IMSI) included in the access request;
checking the current access point information according to the target access point information included in the subscription information to obtain a first checking result, and judging whether the current access point information is accurate according to the first checking result; and/or
Checking the current terminal information included in the access request according to the standard terminal information included in the subscription information to obtain a second checking result, and judging whether the UE is standard or not according to the second checking result;
and if the current access point information is accurate and the UE is normative, the access request is sent to the session management function SMF as a private network access request, and if the current access point information is inaccurate and/or the UE is not normative, the access request is sent to the session management function SMF as a common public network access request.
3. The method for processing the access service according to claim 1, wherein the step of querying a preset MDN and policy binding online information base according to the current access point information and IMSI included in the policy acquisition request to obtain the access policy of the UE comprises:
establishing a mapping relation between a mobile user directory number MDN and one or more access points of the UE;
constructing an MDN and strategy binding online information base based on the mapping relation and the strategy information corresponding to the one or more access points;
determining the MDN of the UE according to the IMSI included in the strategy acquisition request, and matching the subscription strategy of the UE from the strategy binding online information base according to the MDN of the UE;
and determining a current strategy which can be supported by the UE under the scene of the current access point information from the subscription strategy.
4. The method of claim 3, wherein after determining a current policy that can be supported by the UE in the context of the current access point information from the subscription policy, the method further comprises:
when the subscription information stored in the unified data management function (UDM) by the UE is determined to include a public network access limiting function, determining whether an access port of the current access point information is a public network or not;
and if the access port of the current access point information is a public network, determining that the current strategy is only allowed to access 0-port service, and the access rate is 0 Kb.
5. The method of claim 4, wherein matching an access rule for the UE according to the access policy comprises:
and when the current strategy is determined to be only allowing access to the 0 port service and the access rate is 0Kb, matching the access rule supporting the 0Kb rate for the UE.
6. The method for processing access service according to claim 5, wherein processing the access service included in the access request according to the access rule includes:
and when the access rule is an access rule supporting a rate of 0Kb, stopping forwarding the access service under the information that the access port included in the access request is the current access point of the public network.
7. The method for processing access service according to claim 6, further comprising:
and generating prompt information which corresponds to the access service which is stopped to be forwarded and cannot be reached by the network, and sending the prompt information to the UE so that the UE switches and/or modifies the current access point information according to the prompt information.
8. A processing apparatus for accessing services, comprising:
the system comprises a first receiving module, a Session Management Function (SMF), a second receiving module and a third receiving module, wherein the first receiving module is used for receiving an access request sent by User Equipment (UE) by using an access and mobile management function (AMF) and forwarding the access request to the SMF;
a first sending module, configured to generate a policy acquisition request according to current access point information and an international mobile subscriber identity IMSI included in the access request by using the SMF, and send the policy acquisition request to a policy control function PCF;
an access policy query module, configured to query, by using the PCF, a preset MDN and a policy binding online information base according to the current access point information and IMSI included in the policy acquisition request, to obtain an access policy of the UE, and send the access policy to the SMF;
and the service processing module is used for matching an access rule for the UE by using the SMF according to the access policy, and sending the access rule and the access request to a User Plane Function (UPF), and the UPF processes the access service included in the access request according to the access rule.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method for processing an access service according to any one of claims 1 to 7.
10. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of processing access traffic of any of claims 1-7 via execution of the executable instructions.
CN202110609505.8A 2021-06-01 2021-06-01 Processing method and device for access service, storage medium and electronic equipment Active CN113473417B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110609505.8A CN113473417B (en) 2021-06-01 2021-06-01 Processing method and device for access service, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110609505.8A CN113473417B (en) 2021-06-01 2021-06-01 Processing method and device for access service, storage medium and electronic equipment

Publications (2)

Publication Number Publication Date
CN113473417A CN113473417A (en) 2021-10-01
CN113473417B true CN113473417B (en) 2022-08-19

Family

ID=77871914

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110609505.8A Active CN113473417B (en) 2021-06-01 2021-06-01 Processing method and device for access service, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN113473417B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114025412B (en) * 2021-11-03 2024-03-26 中国联合网络通信集团有限公司 Service access method, system, device and storage medium
CN115426139B (en) * 2021-11-19 2025-06-24 华为技术有限公司 Access control method and communication device based on SIM card information
CN115001862B (en) * 2022-07-25 2022-11-15 阿里巴巴达摩院(杭州)科技有限公司 Data communication method, storage medium and electronic device
CN115484602B (en) * 2022-09-15 2025-04-29 中国联合网络通信集团有限公司 Single-user level policy control method, device, base station and medium
CN117057811B (en) * 2023-08-10 2025-01-10 广东宜通衡睿科技有限公司 Automatic analysis method, device, equipment and medium for complaints of Internet of things

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1968139A (en) * 2006-06-15 2007-05-23 华为技术有限公司 Subscriber contract information processing method and apparatus in strategy and charging control
WO2010020637A1 (en) * 2008-08-18 2010-02-25 Telefonaktiebolaget L M Ericsson (Publ) Handling of aggregate maximum bit rate by policy and charge control
WO2013155942A1 (en) * 2012-04-18 2013-10-24 中兴通讯股份有限公司 Policy and charging control method, v-pcrf and v-ocs
EP3018943A1 (en) * 2014-11-09 2016-05-11 Cisco Technology, Inc. System and method for radio aware traffic management based wireless authorization
WO2017147840A1 (en) * 2016-03-03 2017-09-08 华为技术有限公司 Message routing method and device, and diameter routing entity
CN112291752A (en) * 2020-11-16 2021-01-29 中国联合网络通信集团有限公司 Network registration method and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1968139A (en) * 2006-06-15 2007-05-23 华为技术有限公司 Subscriber contract information processing method and apparatus in strategy and charging control
WO2010020637A1 (en) * 2008-08-18 2010-02-25 Telefonaktiebolaget L M Ericsson (Publ) Handling of aggregate maximum bit rate by policy and charge control
WO2013155942A1 (en) * 2012-04-18 2013-10-24 中兴通讯股份有限公司 Policy and charging control method, v-pcrf and v-ocs
EP3018943A1 (en) * 2014-11-09 2016-05-11 Cisco Technology, Inc. System and method for radio aware traffic management based wireless authorization
WO2017147840A1 (en) * 2016-03-03 2017-09-08 华为技术有限公司 Message routing method and device, and diameter routing entity
CN112291752A (en) * 2020-11-16 2021-01-29 中国联合网络通信集团有限公司 Network registration method and device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于3G的SCADA系统虚拟专用监控网络;史翔;《计算机工程与设计》;20110516(第05期);全文 *

Also Published As

Publication number Publication date
CN113473417A (en) 2021-10-01

Similar Documents

Publication Publication Date Title
CN113473417B (en) Processing method and device for access service, storage medium and electronic equipment
US10425393B2 (en) Wireless local area network WLAN access method, terminal, and server
CN103493541B (en) Method and terminal for switching operator network
CN110650070A (en) Household appliance network configuration method and WiFi module
EP3657762B1 (en) Network service system and network service method
CN106686591B (en) Method and device for accessing wireless network
CN110139265B (en) Management method for double-system terminal double-SIM card data service
US20210368324A1 (en) Edge computing management device and operating method of edge computing management device
JP2018506761A (en) Implicit file generation in APDU script
KR20200112960A (en) Multipath construction method and device
US11057241B2 (en) Network interworking method, network element, and system
CN114900833A (en) Authentication method, authentication device, storage medium and electronic equipment
CN114268607A (en) Fixed IP address allocation method, system, user plane function network element and storage medium
US10863345B2 (en) Technique for administrating a subscription to an administrator
RU2709286C1 (en) Method, apparatus and device for controlling access to a communication network
CN109863790A (en) The WLAN discovery and selection of cellular network auxiliary
CN101720085B (en) Application method and device of intelligent card
CN114363918A (en) Network slicing signing method, user equipment, core network equipment and system
US20190090311A1 (en) Virtual network system, management device, and virtual network management method
CN111436028B (en) Service access method, system and communication open platform
CN114640999B (en) Network access method, device, system, storage medium and electronic equipment
GB2594930A (en) Authentication of devices to third party services
US11876866B2 (en) Method for assisting unregistered user device to access end-to-end call service of private network and communication system
CN115988479B (en) eUICC-based code number change method, SM-SR and readable storage medium
KR20130010698A (en) Method for simultaneously transmitting data in heterogeneous network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant