CN1567863B - A method for controlling external network accessing - Google Patents
A method for controlling external network accessing Download PDFInfo
- Publication number
- CN1567863B CN1567863B CN 03142529 CN03142529A CN1567863B CN 1567863 B CN1567863 B CN 1567863B CN 03142529 CN03142529 CN 03142529 CN 03142529 A CN03142529 A CN 03142529A CN 1567863 B CN1567863 B CN 1567863B
- Authority
- CN
- China
- Prior art keywords
- network
- data
- address
- tunnel
- packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000004891 communication Methods 0.000 claims abstract description 6
- 238000013507 mapping Methods 0.000 claims description 23
- 230000008569 process Effects 0.000 claims description 9
- 238000003780 insertion Methods 0.000 claims description 7
- 230000037431 insertion Effects 0.000 claims description 7
- 230000006855 networking Effects 0.000 claims description 2
- 238000005538 encapsulation Methods 0.000 description 9
- 238000001914 filtration Methods 0.000 description 7
- 238000013475 authorization Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 238000010295 mobile communication Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000005641 tunneling Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an external network access controlling method, applied to the condition that under the circumstance of wireless local-area network-the third-generation partner plan (WLAN-3GPP)network intercommunication, external network transmits data to internal network composed of WLAN and 3GGP network, including: building data list to store network identifications, and in the course that the internal network and external network build a communication tunnel, according to safety policy, selecting corresponding network identification to store in the data list; as the data packet transmitted by the external network to the internal network reaches the gateway of the external gateway, checking if the network identification information in the data packet is contained in the data list:if it is, allow the data to pass and otherwise discard the data packet. It filters the illegal and invalid data packets, thus assuring network safety and making network resources effectively utilized .
Description
Technical field
The present invention relates to control technology, be meant in WLAN (wireless local area network) and third generation partner program (WLAN-3GPP) network interworking control method especially outside network insertion to outside network insertion.
Background technology
Rise and development along with the WLAN technology, WLAN and wireless mobile communication network comprise that the fusion of networks such as global system for mobile communications (GSM), code division multiple access (CDMA), Wideband Code Division Multiple Access (WCDMA) (WCDMA), TD SDMA (TD-SCDMA) and CDMA 2000 is just becoming the emphasis of current research.Wherein, GSM, CDMA, WCDMA, TD-SCDMA have brought 3GPP into, and CDMA 2000 belongs to 3GPP2.
3GPP TS23.234 is defined as for WLAN-3GPP intercommunication scene 3: after UE passes through the service authorization of 3GPP home network, carry out tunnel establishment procedure between UE and the PDG, store CAMEL-Subscription-Information, tunnel information and other relevant information of UE this moment in PDG, this process is Mobile Origination (MO) process.
Referring to shown in Figure 1, under the non-roaming situation of WLAN and 3GPP network interworking scene 3.WLAN Access Network 102 directly is connected with external the Internet (internet) or Intranet (intranet) 104, and, subscriber equipment (UE) 101 by WLAN Access Network 102 respectively with the 3GPP authentication and authorization charging server (AS of 3GPP home network (3GPP Home Network), 3GPP AAAServer) 103 and packet data gateway (PDG, Packet Data Gateway) 105 connect, PDG105 is connected to the packet data network (PDN, PacketData Network) that belongs to the external network part by the Wi interface.Generally, when UE 101 hope directly insert Internet/Intranet 104 by WLAN Access Network 102, can be to the business of 3GPP home network application intercommunication scene 2.If UE 101 also wishes to insert 3GPP packet switching (PS) territory business, by the WLAN-3GPP network insertion to PDN, can be further to the business of 3GPP home network application intercommunication scene 3.It is UE 101 initiates service authorization process request from intercommunication scene 3 to the AS 103 of 3GPP home network, 103 pairs of service request of the AS of 3GPP home network are carried out service authentication and mandate, if success, then AS 103 sends access grant message to the user, AS 103 distributes corresponding PDG 105 for UE 101, sets up the tunnel between the PDG 105 of UE 101 and distribution.And the 107a/ of charging gateway (CGw) 107a/ charging information collecting system (CCF) Online Charging System (OCS) 107b is according to the network operating position recording gauge charge information of UE 101.The tunnel of setting up for non-roaming situation is UE-WLAN-PDG.At this moment, UE 101 just can insert 3GPP PS territory business, UE 101 can by and the tunnel of PDG 105 and belonging between the PDN of external network exchange visits, PDN comprises all packet data network beyond the mobile networks such as Internet, Intranet.
The WLAN Access Network is similar to non-roaming situation to the roaming condition in the 3GPP intercommunication scene 3, and it simplifies network configuration referring to shown in Figure 2.Under roaming condition, WLAN Access Network 102 links to each other with the 3GPP home network by 3GPP accesses network (3GPP Visited Network).WLAN Access Network 102 links to each other with wireless access gateway (WAG) 202 with UE 101,3GPP aaa server agency (AS Proxy) 201, Internet/Intranet 104.UE 101 can arrive Internet/Intranet 104 to 3GPP access network application intercommunication scene 2 service accesses by the 3GPP accesses network.If UE 101 also wishes application intercommunication scene 3 business, be linked into 3GPP PS territory business, UE 101 needs to initiate the service authorization process by the 3GPP accesses network to the 3GPP home network, this process is carried out between the AS 103 of UE 101 and 3GPP home network equally, after authorizing successfully, AS 103 distributes corresponding ownership PDG 105 for UE 101, sets up the tunnel between the PDG 105 of UE 101 by WAG in the 3GPP accesses network 202 and distribution.For roaming condition, the tunnel of being set up is UE-WLAN-WAG-PDG.At this moment, the 3GPP PS territory business that UE 101 can access belonging network.
After the tunnel was set up, UE can insert the PS territory business of 3GPP by PDG, and the data that UE sends are after the tunnel arrives PDG, and PDG carries out decapsulation to data, then data is sent to external network by the Wi interface.When external network when UE sends data, after PDG encapsulated data, the tunnel that passes through to be set up sent to UE, UE carries out decapsulation and receives data.But because the Wi interface is an open interface, therefore, after the tunnel was set up, legal external network and illegal external network can send data to UE by this interface.If illegal malicious attacker gets access to the address informations such as IP address of UE by illegal means, send hash to UE then, will influence UE and insert normal business; Perhaps illegal malicious attacker sends hash not obtaining under the situation of UE address in a large number to PDG, if PDG does not screen and filters packet, will cause professional the obstruction or the waste Internet resources.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of method to outside network insertion control.External network is filtered to the inner data that send of WLAN-3GPP intercommunication network, and the packet of the illegal external network of filtering only allows legal external network data to enter, thereby guarantees that the UE access is professional normally and network is unimpeded.
A kind of control method of the present invention to outside network insertion, be applied to the internal network that external network under WLAN (wireless local area network) and third generation partner program (WLAN-3GPP) the network interworking scene forms to WLAN and 3GPP network and transmit data conditions, may further comprise the steps:
A) level of security of taking according to network is set up the tables of data that is used for the storage networking distinguishing identifier, select corresponding network distinguishing identifier to deposit this tables of data in according to security strategy, and set up in the process in tunnel at each outer net gateway, deposit corresponding network distinguishing identifier in this tables of data;
When b) packet that sends to inner network user device when external network arrives the outer net gateway, check whether network distinguishing identifier information is included in the tables of data in this packet, if, then allow these data to pass through, otherwise with this data packet discarding.
The network distinguishing identifier of the described different choice according to security strategy of this method is a user device address, or the wireless local network connecting point name of subscriber equipment, or the combination of above situation.
If described subscriber equipment and the outer net gateway at internal network of this method set up communication tunnel, then the network distinguishing identifier of selecting according to security strategy is to set up the outside network address in tunnel, or set up the user device address in tunnel, or set up the target UE address in tunnel and the mapping relations of tunnel attribute, or set up the outside network address in tunnel and the mapping relations of tunnel attribute, or the combination of above situation.
If described subscriber equipment and the outer net gateway at internal network of this method set up communication tunnel, purpose station address in the packet adopts the IPV6 form, and purpose subscriber equipment and external network support stream, during traffic identifier non-zero in the packet, the described network distinguishing identifier of selecting according to security strategy is the destination user device address, or set up the outside network address in tunnel, the user device address of setting up the tunnel and traffic identifier mapping relations, or the combination of above situation.
Further comprise customer equipment identification in the described tables of data of this method, and set up the mapping relations of customer equipment identification and network distinguishing identifier.
The described address of this method is IP address, tcp port number or their combination.
The described address of this method is IP address, udp port number, wireless local network connecting point name (W-APN) or above combination.
The described tunnel attribute of this method comprises Tunnel Identifier at least.
The described outer net gateway of this method is a packet data gateway.
The described subscriber equipment of this method is the subscriber equipment of WLAN Access Network.
From such scheme as can be seen, the inventive method is kept at tables of data by setting up in the tunneling process at user and external network with user attaching address information, and when externally the packet that sends to the user of network arrives the outer net gateway, check whether contained address information is included in the tables of data in the packet, make the packet that only includes institute's recording address information in the tables of data arrive internal network by the outer net gateway, thereby filter out useless, illegal packet, ensure network security, realized effective utilization of Internet resources.
Description of drawings
Fig. 1 is the structural representation under WLAN and the 3GPP network interworking scene 3 non-roaming situations;
Fig. 2 is the structural representation under WLAN and 3GPP network interworking scene 3 roaming conditions;
Fig. 3 adopts UDP/IP encapsulation format schematic diagram for the IPV6 packet;
Fig. 4 adopts UDP/IP encapsulation format schematic diagram for the IPV4 packet;
Fig. 5 adopts TCP/IP encapsulation format schematic diagram for the IPV6 packet;
Fig. 6 adopts TCP/IP encapsulation format schematic diagram for the IPV4 packet;
Fig. 7 is the data representation intention of the preferable embodiment of the present invention.
Embodiment
The present invention is further described in more detail below in conjunction with drawings and the specific embodiments.
When the present invention is used to receive the outer net gateway of external network data at the packet arrival WLAN-3GPP intercommunication network that sends from external network,, discern and the illegal packet of filtering by analyzing the network distinguishing identifier in the packet.
According to existing 3GPP TS23.234 standard, finish the service authorization that inserts external network as UE, with the outer net gateway, be after PDG sets up the tunnel, the wireless local network connecting point name (W-APN) of this UE sign of storage, UE home address information, tunnel attribute information and UE waits other relevant information in PDG.As UE during by PDG and Wi interface and external network communication, PDG can further be known address informations such as the IP address, udp port number of UE or tcp port number, address information such as the IP address of this external network, udp port number or tcp port number; In addition, this external network also will be known IP address, udp port number or the tcp port number of UE, and information such as tunnel attribute.More than these information, be called the network distinguishing identifier among the present invention and be used for mutual differentiation between the network equipment or the tunnel, and can be further used for discerning legal data and invalid data by the tunnel.
At this point, the present invention sets up the tables of data that is used for storing intercommunication network network distinguishing identifier in the outer net gateway.The level of security that content in the tables of data is taked according to network is determined.Usually, operator can wait according to user, business, external network and network carrying ability and decide the network security rank that is adopted in its sole discretion, perhaps selects the access whether external network is controlled in measure safe in utilization.
And further set up the safety filtering functional module, at the subscriber equipment and the external network of each internal network, promptly the outer net gateway is set up in the process in tunnel, deposits corresponding network distinguishing identifier in tables of data.Externally whether network is included in the tables of data by checking the network distinguishing identifier information that is comprised in the packet when the packet of inner network user's transmission arrives the outer net interface gateway, filters out illegal packet.
Safety filtering functional module of the present invention and tables of data also can be based upon outside the outer net gateway device, and the network distinguishing identifier derives from the outer net gateway, and the packet that arrives the outer net gateway is checked.
Network distinguishing identifier that the present invention preserves in tables of data and corresponding with it safety filtering strategy can have following several scheme:
(1) source address that adopts packet is as network distinguishing identifier, i.e. outside network address:
The IP address of corresponding external network or tcp port number or IP address and tcp port number are kept at tables of data; If external network adopts the UDP/IP agreement, then accordingly the IP address of external network or udp port number or IP address and udp port number are kept in the tables of data, as legal source address.
Behind the packet arrival outer net gateway that external network is sent, check whether source address is included in the tables of data source address list in the packet, if, then allow it to pass through, otherwise, with this data packet discarding.
(2) destination address that adopts packet is as the network distinguishing identifier, i.e. the UE address:
User device IP address or tcp port number or W-APN or above combination are kept at tables of data; If internal network adopts the UDP/IP agreement, then accordingly the IP address of external network or udp port number or W-APN or above combination are kept in the tables of data, as legal source address.
Behind the packet arrival outer net gateway that external network is sent, check whether destination address is included in the tables of data destination address list in the packet, if, then allow it to pass through, otherwise, with this data packet discarding.
(3) adopt the mapping relations of destination address and tunnel attribute, or destination address, source address and tunnel attribute three's mapping relations are as the network distinguishing identifier:
If only set up the mapping relations of destination address and tunnel attribute, the address and the tunnel attribute of subscriber equipment is kept in the tables of data, and sets up between them mapping relations one to one, in tunnel attribute, include Tunnel Identifier at least.
Behind the packet arrival outer net gateway that external network is sent, the address of checking UE in the packet and packet between the outer net gateway that will pass through and the UE tunnel mapping relations whether with tables of data in the mapping relations that comprise mate, if then allow it to pass through, otherwise, with this data packet discarding.
For the situation of destination address, source address and tunnel attribute three's mapping relations by that analogy.
(4) adopt the IPV6 form for the purpose station address in the packet, and purpose subscriber equipment and external network are supported stream format, during traffic identifier non-zero in the packet, except can adopting (1), (2) dual mode network distinguishing identifier to be set to source address or the destination address, but also the setting network distinguishing identifier is the mapping relations of source address, destination address and traffic identifier:
The address and the traffic identifier of outside network address, subscriber equipment are kept in the tables of data, and set up mapping relations between them.
Behind the packet arrival outer net gateway that external network is sent, check whether outside network address, the address of subscriber equipment and the mapping relations of traffic identifier are included in the tables of data, if, then allow it to pass through, otherwise, with this data packet discarding.
In addition, for filtering useless data to a greater extent, preferred implementation of the present invention is that above-mentioned four kinds of scheme combination are used, and make up in twos as scheme (1), (2), (3), or three schemes is used jointly; Adopt the IPV6 form for the purpose station address in the packet, scheme (1), (2), (4) can make ups in twos, or common use.
For example, by in outer net gateway and the external network that internal network is communicated by letter, the encapsulation format of following several packets is arranged:
A) IPV6 form, packet adopts the UDP/IP encapsulation format, referring to shown in Figure 3;
B) IPV4 form, packet adopts the UDP/IP encapsulation format, referring to shown in Figure 4;
C) IPV6 form, packet adopts the TCP/IP encapsulation format, referring to shown in Figure 5;
D) IPV4 form, packet adopts the TCP/IP encapsulation format, referring to shown in Figure 6.
In PDG, set up the tables of data that comprises UE sign, UE IP address, UE and PDG tunnel attribute information, outside network address, referring to shown in Figure 7.Wherein, at the IPV4 form, set up the mapping relations of tunnel attribute, UE address and outside network address; And, set up the mapping relations of traffic identifier, UE address and outside network address at the IPV6 form, flow identification information only is applicable to the IPV6 form.
After UE and PDG set up the tunnel, UE address, outside network address and this tunnel attribute are recorded in the tables of data at every turn;
When the packet of IPV4 form arrives PDG, check whether source address, destination address in the packet have been recorded in the tables of data, if, the attribute in the tunnel that further this packet of inspection will pass through and source address, destination address mapping relations, whether consistent with the mapping relations in being kept at tables of data, if consistent, then allow this packet pass through, otherwise with this data packet discarding.
Similarly when the packet of IPV4 form arrives PDG, then can check traffic identifier in the packet and source address, destination address, whether consistent with mapping relations in being kept at tables of data.
Scheme in this example also will be considered the factors such as disposal ability of user, business, external network situation and outer net gateway in specific implementation, appropriate design tables of data content and safety filtering mechanism.
In addition, the present invention program also can be applicable to after UE and HPLMN signature traffic contract permission access 3GPP PS territory business, but when UE and outer net gateway are not set up the tunnel as yet, when external network sends packet arrival outer net gateway to UE, the outer net gateway also can adopt the present invention program to judge earlier whether this packet is legal, whether sets up the tunnel with decision and receives this packet.In such cases, can according to security strategy in tables of data, store above-mentioned except that tunnel attribute as one or more network distinguishing identifier information of the wireless local network connecting point name (W-APN) of the IP address of this UE, the UDP/TCP port numbers of UE, user ID, UE etc.The outer net gateway filters packet according to canned data in the tables of data again.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being done, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. control method to outside network insertion, be applied to the internal network that external network under WLAN (wireless local area network) and third generation partner program (WLAN-3GPP) the network interworking scene forms to WLAN and 3GPP network and transmit data conditions, it is characterized in that, may further comprise the steps:
A) level of security of taking according to network is set up the tables of data that is used for the storage networking distinguishing identifier, select corresponding network distinguishing identifier to deposit this tables of data in according to security strategy, and set up in the process in tunnel at each outer net gateway, deposit corresponding network distinguishing identifier in this tables of data;
When b) packet that sends to inner network user device when external network arrives the outer net gateway, check whether network distinguishing identifier information is included in the tables of data in this packet, if, then allow these data to pass through, otherwise with this data packet discarding.
2. according to the described method of claim 1, it is characterized in that the network distinguishing identifier of described different choice according to security strategy is a user device address, or the wireless local network connecting point name of subscriber equipment, or the combination of above situation.
3. according to the described method of claim 1, it is characterized in that, if described subscriber equipment and outer net gateway at internal network set up communication tunnel, then the network distinguishing identifier of selecting according to security strategy is to set up the outside network address in tunnel, or set up the user device address in tunnel, or set up the target UE address in tunnel and the mapping relations of tunnel attribute, or set up the outside network address in tunnel and the mapping relations of tunnel attribute, or the combination of above situation.
4. according to the described method of claim 1, it is characterized in that, if described subscriber equipment and outer net gateway at internal network set up communication tunnel, purpose station address in the packet adopts the IPV6 form, and purpose subscriber equipment and external network support stream, during traffic identifier non-zero in the packet, the described network distinguishing identifier of selecting according to security strategy is the destination user device address, or set up the outside network address in tunnel, the user device address of setting up the tunnel and traffic identifier mapping relations, or the combination of above situation.
5. according to the described method of claim 1, it is characterized in that, further comprise customer equipment identification in the described tables of data, and set up the mapping relations of customer equipment identification and network distinguishing identifier.
6. according to claim 2,3 or 4 described methods, it is characterized in that described address is IP address, tcp port number or their combination.
7. according to claim 2,3 or 4 described methods, it is characterized in that described address is IP address, udp port number, wireless local network connecting point name (W-APN) or above combination.
8. according to the described method of claim 3, it is characterized in that described tunnel attribute comprises Tunnel Identifier at least.
9. according to the described method of claim 1, it is characterized in that described outer net gateway is a packet data gateway.
10. according to the described method of claim 1, it is characterized in that described subscriber equipment is the subscriber equipment of WLAN Access Network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 03142529 CN1567863B (en) | 2003-06-17 | 2003-06-17 | A method for controlling external network accessing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 03142529 CN1567863B (en) | 2003-06-17 | 2003-06-17 | A method for controlling external network accessing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1567863A CN1567863A (en) | 2005-01-19 |
| CN1567863B true CN1567863B (en) | 2010-04-07 |
Family
ID=34471125
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 03142529 Expired - Fee Related CN1567863B (en) | 2003-06-17 | 2003-06-17 | A method for controlling external network accessing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1567863B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100426777C (en) * | 2006-06-02 | 2008-10-15 | 华为技术有限公司 | System and method for accessing 3GPP deductive network by non-3GPP technology |
| CN101127652B (en) * | 2006-08-17 | 2011-04-27 | 华为技术有限公司 | A method, device and system for identifying access anchor of user terminal to external network |
| CN101299660B (en) * | 2007-04-30 | 2010-12-08 | 华为技术有限公司 | Method, system and equipment for executing security control |
| EP2659624B1 (en) * | 2010-12-28 | 2017-04-12 | Citrix Systems Inc. | Systems and methods for vlan tagging via cloud bridge |
| JP5993022B2 (en) * | 2011-11-04 | 2016-09-14 | テレフオンアクチーボラゲット エルエム エリクソン(パブル) | Method and apparatus for establishing and using a PDN connection |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1411209A (en) * | 2002-03-29 | 2003-04-16 | 华为技术有限公司 | Method of detecting and monitoring malicious user host machine attack |
| CN1411210A (en) * | 2002-03-08 | 2003-04-16 | 华为技术有限公司 | Method of acting address analytic protocol Ethernet Switch in application |
-
2003
- 2003-06-17 CN CN 03142529 patent/CN1567863B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1411210A (en) * | 2002-03-08 | 2003-04-16 | 华为技术有限公司 | Method of acting address analytic protocol Ethernet Switch in application |
| CN1411209A (en) * | 2002-03-29 | 2003-04-16 | 华为技术有限公司 | Method of detecting and monitoring malicious user host machine attack |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1567863A (en) | 2005-01-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103444148B (en) | Control the business detection Route Selection of functional node disposed or the network node walked around and method | |
| EP3477993B1 (en) | Method for processing pdu session establishment procedure and amf node | |
| JP4270888B2 (en) | Service and address management method in WLAN interconnection | |
| US6226523B1 (en) | Internet protocol traffic filter for a mobile radio network | |
| US7519036B2 (en) | Method of user access authorization in wireless local area network | |
| CN102905390B (en) | Session association methods, devices and systems | |
| CN104137504B (en) | Access by method and the entity of the service of the business transmission platform transmission in 3GPP HPLMN | |
| US20040151155A1 (en) | Method for activating a connection in a communications system, mobile station, network element and packet filter | |
| US8208898B2 (en) | Method for managing local terminal equipment accessing a network | |
| JP5695577B2 (en) | Multiple access system | |
| CN101330740A (en) | Method for selecting gateway in wireless network | |
| EP2941922A1 (en) | Openflow enabled wifi management entity architecture | |
| US20050059398A1 (en) | Telecommunication method and system | |
| WO2008084287A1 (en) | Mechanism to uniquely identify and unify a user's set of packet bearer contexts in a mobile telecommunications network | |
| CN101472263B (en) | Method for deciding network connection mode | |
| US7224699B2 (en) | Wireless local area network access gateway and method for ensuring network security therewith | |
| AU2004250733A1 (en) | Method for transmitting traffic data to wireless local area network users | |
| CN1319344C (en) | Method for receiving external network data by target user equipment | |
| CN104506406B (en) | A kind of authentication equipment | |
| CN1567863B (en) | A method for controlling external network accessing | |
| CN100355251C (en) | Method for sending a ata of user mark after renewing | |
| EP1833201B1 (en) | Method of managing interworking for the transfer of service sessions from a mobile network to a wireless local area network, and corresponding TTG gateway | |
| CN103929726B (en) | Wireless LAN accesses control correlation technique and system in interacting with fixed network | |
| JP4802238B2 (en) | How to set up a network-based tunnel for mobile terminals in a local network interconnection | |
| Interworking | 1 Over All Description |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20160422 Address after: American California Patentee after: Snaptrack, Inc. Address before: 518057 Guangdong city of Shenzhen province science and Technology Park of HUAWEI Road Service Building Patentee before: Huawei Technologies Co., Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100407 Termination date: 20180617 |