CN101616463B - Method, device and system for realizing pre-certification - Google Patents
Method, device and system for realizing pre-certification Download PDFInfo
- Publication number
- CN101616463B CN101616463B CN200810115813XA CN200810115813A CN101616463B CN 101616463 B CN101616463 B CN 101616463B CN 200810115813X A CN200810115813X A CN 200810115813XA CN 200810115813 A CN200810115813 A CN 200810115813A CN 101616463 B CN101616463 B CN 101616463B
- Authority
- CN
- China
- Prior art keywords
- mobile node
- candidate network
- authentication
- information
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 65
- 230000005540 biological transmission Effects 0.000 claims description 3
- 230000008569 process Effects 0.000 abstract description 20
- 238000004891 communication Methods 0.000 abstract description 5
- 230000001934 delay Effects 0.000 abstract 1
- 238000013459 approach Methods 0.000 description 6
- 238000012795 verification Methods 0.000 description 5
- 238000003780 insertion Methods 0.000 description 3
- 230000037431 insertion Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000010276 construction Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/062—Pre-authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W36/00—Hand-off or reselection arrangements
- H04W36/24—Reselection being triggered by specific parameters
- H04W36/32—Reselection being triggered by specific parameters by location or mobility data, e.g. speed data
- H04W36/322—Reselection being triggered by specific parameters by location or mobility data, e.g. speed data by location data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W36/00—Hand-off or reselection arrangements
- H04W36/0005—Control or signalling for completing the hand-off
- H04W36/0011—Control or signalling for completing the hand-off for data sessions of end-to-end connection
- H04W36/0016—Hand-off preparation specially adapted for end-to-end data sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W36/00—Hand-off or reselection arrangements
- H04W36/24—Reselection being triggered by specific parameters
- H04W36/32—Reselection being triggered by specific parameters by location or mobility data, e.g. speed data
- H04W36/324—Reselection being triggered by specific parameters by location or mobility data, e.g. speed data by mobility data, e.g. speed data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
Abstract
The invention discloses a method, an information server, a mobile node and a system for realizing pre-certification, which belong to the technical field of communication. The method comprises the following steps that: the information server selects a candidate network for the mobile node and forecasts the position information of the mobile node to be appeared in the candidate network; and the information server sends a pre-certification indication carrying the candidate network information and the position information to the mobile node so that the mobile node performs the pre-certification according to the pre-certification indication and the candidate network. The information server comprises a forecasting module and an indication module. The mobile node comprises a receiving module and a pre-certification module. The system comprises the information server and the mobile node. The method, the information server, the mobile node and the system improve the service continuity in the process of the pre-certification by the mobile node and the candidate network, and can be suitable for application scenes of high-speed movements of the mobile node. Compared with the prior art, the probability of service delays or interrupts of the mobile node in the process of the pre-certification is reduced.
Description
Technical field
The present invention relates to communication technical field, particularly a kind of realization pre-authentication method, device and system.
Background technology
The appearance of many interfaces MN (MobileNode, mobile node) can connect single mobile node simultaneously with a plurality of networks.Support the multiple interface mobile node that a plurality of networks connect, can between different networks, switch.Because heterogeneous network there are differences on the medium access technology, mobile node is carrying out relating to safety problem when objective network inserts, therefore objective network must carry out authentication to mobile node, but can not adopt the conventional authentication method relevant with the medium Access Layer because the isomerism of network makes when carrying out access authentication.Based on EAP (Extensible Authentication Protocol, Extensible Authentication Protocol) authentication method, utilize MIH (Media Independent Handover, media-independent switches) layer can realize the handover of mobile node between heterogeneous network.Need the long time but be based on the EAP verification process, can cause the handoff procedure of mobile node to be affected, cause professional delay or interruption.In order to address this problem, active pre-authentication techniques based on EAP has appearred, a mobile node can carry out pre-authentication process with a plurality of networks simultaneously, solve to a certain extent and finish the delay problem that verification process causes, can realize the seamless switching of mobile node between heterogeneous network generally speaking.
Active pre-authenticating method based on EAP mainly is that mobile node is before needs switch, by the MIH information server, the heterogeneous network that selection may switch to is as candidate network, and after mobile node enters the overlay area of candidate network, initiatively initiate with candidate network in certificate server carry out pre-authentication, pre-authentication finishes the back and set up pre-Security Association between the access point of mobile node and candidate network.When mobile node determines to switch to certain candidate network; this candidate network promptly becomes the objective network of switching; the pre-Security Association that the access point utilization of mobile node and objective network has been set up authenticates mutually, and produces the key that is used to protect access link, finishes the access of objective network.
After above-mentioned prior art was analyzed, the inventor found:
Active pre-authentication process itself based on EAP also needs certain hour, for the multiple interface mobile node that is in high-speed mobile, the very possible coverage that before pre-authentication is finished, has just broken away from the current service network, this mobile node can only be carried out complete verification process with objective network and realize network insertion at this moment, therefore can cause professional continuity to be damaged, can not satisfy the demand of real time business.
Summary of the invention
In order to guarantee continuity professional in the handoff procedure, the embodiment of the invention provides a kind of realization pre-authentication method, device and system.Described technical scheme is as follows:
On the one hand, the embodiment of the invention provides a kind of realization pre-authentication method, and described method comprises:
The positional information in service network that information server is repeatedly sent according to mobile node, predict the motion track of described mobile node, according to described motion track, determine the candidate network of described mobile node, and predict the positional information that described mobile node will occur in described candidate network;
Described information server sends the information of carrying described candidate network and the pre-authentication indication of positional information to described mobile node, so that described mobile node according to the information and the positional information of described candidate network, carries out pre-authentication with described candidate network.
On the other hand, the embodiment of the invention also provides a kind of information server, and described information server comprises: prediction module and indicating module;
Described prediction module comprises:
The trajectory predictions unit is used for the positional information in service network repeatedly sent according to mobile node, predicts the motion track of described mobile node;
The candidate network selected cell is used for the motion track according to the prediction of described trajectory predictions unit, determines the candidate network of described mobile node;
Position prediction unit is used for motion track and the definite candidate network of described candidate network selected cell according to the prediction of described trajectory predictions unit, predicts the positional information that described mobile node will occur in described candidate network;
Described indicating module, be used for sending the pre-authentication indication of the positional information of the information of carrying the selected candidate network of described prediction module and prediction to described mobile node, so that described mobile node according to the information and the positional information of described candidate network, carries out pre-authentication with candidate network.
Another aspect, the embodiment of the invention also provide a kind of mobile node, and described mobile node comprises:
Receiver module is used to receive the pre-authentication indication that information server is sent, and comprises the position that the described mobile node of selected candidate network of described information server and prediction will occur in described candidate network in the described pre-authentication indication;
Pre-authentication module is used for after described receiver module is received the indication of described pre-authentication, and pre-authentication as current position, is carried out with described candidate network in the position of described information server prediction;
Wherein, described candidate network is after the positional information in service network that described information server is repeatedly sent according to described mobile node is predicted the motion track of described mobile node, determines according to described motion track.
On the one hand, the embodiment of the invention also provides a kind of system that realizes pre-authentication again, and described system comprises information server and mobile node;
Described information server, be used for the positional information in service network repeatedly sent according to described mobile node, predict the motion track of described mobile node, according to described motion track, determine the candidate network of described mobile node, and predict the positional information that described mobile node will occur in described candidate network, carry the pre-authentication indication of the information and the positional information of described candidate network to described mobile node transmission, so that described mobile node according to the information and the positional information of described candidate network, carries out pre-authentication with candidate network;
Described mobile node is used to receive the pre-authentication indication that described information server is sent, and the described positional information of carrying during described pre-authentication is indicated is carried out pre-authentication as current position information with described candidate network.
The following position that the embodiment of the invention is determined candidate network and predicted mobile node by information server, the indication mobile node carries out pre-authentication, improve mobile node and candidate network and carried out continuity professional in the pre-authentication process, and gone for the application scenarios of mobile node high-speed mobile.Compared with prior art, for the mobile node that is in high-speed moving state, can avoid since from the overlay area of target approach network to time of the overlay area of leaving service network less than the needed time of objective network access authentication procedure, and the traffic delay of the mobile node that brings or interruption; Can avoid again because the overlapping area of coverage of current service network and objective network is less, mobile node is overlapping covered to leaving this overlapping covered time less than the needed time of objective network access authentication procedure from entering this, and the traffic delay of the mobile node that brings or interruption.
Description of drawings
Fig. 1 is a kind of flow chart of realization pre-authentication method that the embodiment of the invention provides;
Fig. 2 is the another kind of flow chart of realization pre-authentication method that the embodiment of the invention provides;
To be the mobile node that provides of the embodiment of the invention move to the schematic flow sheet of pre-authentication the scene of wireless MAN from WLAN (wireless local area network) to Fig. 3;
Fig. 4 is the structure chart of the information server that provides of the embodiment of the invention;
Fig. 5 is the structure chart of the mobile node that provides of the embodiment of the invention;
Fig. 6 is the system construction drawing of the realization pre-authentication that provides of the embodiment of the invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, embodiment of the present invention is described further in detail below in conjunction with accompanying drawing.
Referring to Fig. 1, the embodiment of the invention provides a kind of realization pre-authentication method, comprising:
101: information server is the selected candidate network of mobile node, and predicts the positional information that this mobile node will occur in selected candidate network;
102: information server sends the pre-authentication indication of the positional information of the information carry selected candidate network and prediction to mobile node, so that this mobile node according to the information and the positional information of this candidate network, carries out pre-authentication with candidate network.
Candidate network in the embodiment of the invention includes but not limited to: the network that mobile node will enter under the state of high-speed mobile.The technical scheme that the embodiment of the invention provides is mainly used in the scene that mobile node does not also enter candidate network, especially smaller scene in the overlay region of the covering of the service network of the scene of mobile node high-speed mobile and mobile node and candidate network or the like.The following position that the embodiment of the invention is determined candidate network and predicted mobile node by information server, the indication mobile node carries out pre-authentication, improve mobile node and candidate network and carried out continuity professional in the pre-authentication process, and gone for the application scenarios of mobile node high-speed mobile.Compared with prior art, for the mobile node that is in high-speed moving state, can avoid since from the overlay area of target approach network to time of the overlay area of leaving service network less than the needed time of objective network access authentication procedure, and the traffic delay of the mobile node that brings or interruption; Can avoid again because the overlapping area of coverage of current service network and objective network is less, mobile node is overlapping covered to leaving this overlapping covered time less than the needed time of objective network access authentication procedure from entering this, and the traffic delay of the mobile node that brings or interruption.
Referring to Fig. 2, the realization pre-authentication method that the embodiment of the invention provides can specifically comprise:
201: mobile node reports the current location information in the service network of place to give information server, can regularly report according to report cycle, this report cycle can be pre-if be handed down to mobile node by information server in mobile node, promptly or by mobile node initiatively current position is reported information server, or information server active request mobile node reports current location information; Further, mobile node can also report the signal strength information of the current service network that monitors etc.
202: information server receives the positional information that mobile node reports, after receiving a plurality of positional informations, motion track according to these a plurality of positional information prediction mobile nodes, if mobile node has reported signal strength information, then predict the motion track of mobile node, thereby can improve prediction accuracy according to positional information and signal strength information.
203: information server is according to the motion track of the mobile node of prediction, determine the access possibility of mobile node and each network, thereby determine the candidate network of mobile node, the candidate network of determining can be for one or more, when being a plurality of, can determine the priority of each candidate network according to the size of the access possibility of mobile node and each candidate network, thereby obtain the candidate network tabulation.
Further, information server can also be determined candidate network according to the motion track and the default collocation strategy of the mobile node of predicting.Wherein, Yu She collocation strategy is according at least a selection candidate network in the roaming agreement between signal cover, signal strength signal intensity, bandwidth information, power supply status, tariff information and the operator.For example, configured strategy is a candidate network for selecting the stronger network of signal strength signal intensity.Configured strategy is to select candidate network according to the power supply status of mobile node for another example, be specifically as follows: when the electric quantity of power supply abundance of mobile node, preferential higher, QoS (the Quality ofService of transmission rate that selects, service quality) network preferably, when the electric quantity of power supply deficiency of mobile node, the preferential relatively network of power saving of selecting; Perhaps when the electric quantity of power supply of mobile node is sufficient and a plurality of candidate network carry out pre-authentication, when the electric quantity of power supply of mobile node is not enough, only and the highest network of priority carry out pre-authentication or the like.
Because mobile node is the dynamic real-time reporting position information, therefore information server also is dynamically to generate the candidate network tabulation, change in location along with mobile node, the priority orders of the candidate network in the candidate network tabulation also changes, if the priority orders in the priority orders of current definite candidate network and the tabulation of existing candidate network is inconsistent, then information server can be revised the candidate network tabulation according to the priority orders of current definite candidate network, make its priority orders consistent, thereby can indicate mobile node to initiate pre-authentication according to the priority orders of the candidate network of current affirmation with current definite candidate network.
For example, mobile node is in the 3GPP2 network, information server is selected WLAN (Wireless Local Area Network, WLAN (wireless local area network)) and WMAN (Wireless metropolitan area network, wireless MAN) two candidate network, and the access priority of wlan network is higher than the WMAN network.Mobile node reports current location information to give information server by the 3GPP2 interface, the motion track of information server prediction mobile node, determine the current wlan network that more likely inserts of mobile node, therefore need not revise the priority of existing candidate network tabulation, information server indication mobile node at first carries out pre-authentication with wlan network, and then whether decision will carry out pre-authentication with the WMAN network according to strategy.
204: information server is according to the motion track and the candidate network of determining of prediction, the positional information that the prediction mobile node will occur in the candidate network of determining.
205: information server sends the pre-authentication indication to mobile node, carries the selected candidate network information and the positional information of prediction in this pre-authentication indication, so that mobile node carries out pre-authentication according to the information of candidate network and positional information and candidate network.
206: after mobile node receives the pre-authentication indication that information server sends,, this predicted position information as current position information, is carried out pre-authentication with this candidate network according to the candidate network information and the predicted position information that comprise in this pre-authentication indication.
Further, after pre-authentication is finished, between the certificate server of mobile node and candidate network, set up pre-Security Association, in the time of in mobile node moves to the scope that this candidate network covers, can carry out the access of network according to the access point of the pre-Security Association of having set up and this candidate network (being generally the certificate server selection of candidate network).
Further, the method in the embodiment of the invention can also comprise:
After mobile node and candidate network were finished pre-authentication, mobile node was opened the interface corresponding with described candidate network when entering candidate network or when not entering described candidate network.Open interface when entering candidate network and be meant unlatching interface when mobile node detects corresponding candidate network signal, promptly adopt means same as the prior art to open interface; After the unlatching interface is meant that verification process is finished when not entering candidate network, start a timer, length of timer in the time of timer expiry, is opened interface by information server indication or the local configuration of mobile node automatically.Thereby can avoid mobile node to be under the high-speed moving state, open the time-delay that the interface that is in closed condition brings and destroy professional continuity.When candidate network has when a plurality of, mobile node can select to open the interface of the highest candidate network correspondence of access priority, also can select opening section or whole interfaces of candidate network correspondences according to the power supply situation of mobile node.
Mobile node and candidate network are carried out the process of pre-authentication in the above-mentioned steps 206, can finish by the access point of current service network.When the candidate network of determining when information server is a plurality of, mobile node can according to the priority orders of candidate network successively with a plurality of candidate network in subnetwork or overall network carry out pre-authentication.Referring to Fig. 3, moving to WMAN with mobile node from WLAN is that example specifies, and wherein, the communications protocol that adopts between mobile node, information server and the access point is the MIH agreement, the embodiment of the invention is not limited thereto, and also can adopt other communications protocol to realize.
301: the current wlan network that is in of mobile node, the access point by interface 802.11 and wlan network carries out the business datum exchange;
302: mobile node regularly reports the current location information in WLAN to give information server, as reporting once every 1 minute;
303: information server is received the definite candidate network WMAN in back, and predicts position that mobile node will occur in the WMAN network and the access point of selecting WMAN;
304: information server returns the position of definite candidate network, prediction and the WMAN access-in point information of selection, and indication mobile node and WMAN carry out pre-authentication; Wherein, the WMAN access-in point information comprises at least: the MIH ID of access point, the IP address information of MIH transport layer and access base station information or the like;
305: the information that mobile node returns according to information server, carry out pre-authentication by the MIH module in the WLAN access point, MIH module in the WMAN access point and the certificate server (AAA Server) of WMAN, this pre-authentication process carries out according to existing EAP verification process, wherein, MIH module in the WLAN access point is responsible for transmitting verify data, and MIH module and the MIH module in the WMAN access point in the WLAN access point are carried out in the process of communication, do not get rid of and can also carry out data forwarding or the like through other MIH entity;
306: after pre-authentication process was finished, movable contact was opened 802.16 interfaces, prepared for inserting WMAN.
307: when mobile node enters the coverage of WMAN, carry out the link access procedure by pre-established Security Association and WMAN access point;
308: after mobile node was finished the network switching, movable contact disconnection and WLAN were connected, and close 802.11 interfaces;
309: after mobile node access WMAN finished, mobile node and WMAN network carried out the business datum exchange.
In application scenarios shown in Figure 3, mobile node can also report information server with the network signal intensity that monitors, and network signal intensity when sudden change especially, can make information server definite candidate network that upgrades in time.For example, the candidate network priority that information server is determined from height to low order is: WMAN, WLAN, mobile node carries out pre-authentication with the WMAN network earlier according to this order, in the process of pre-authentication, the signal that mobile node monitors wlan network strengthens suddenly, then this information is reported information server, information server is predicted the motion track of mobile node again, judging the candidate network that mobile node more likely inserts is wlan network, therefore upgrade the order of candidate network tabulation medium priority, upgrading back priority from height to low order is: WLAN, WMAN, and indicate mobile node to carry out pre-authentication again according to the result after upgrading, after mobile node was received this indication, then the pre-authentication of termination and WMAN network began to carry out pre-authentication with wlan network.
The following position that the said method that the embodiment of the invention provides is determined candidate network and predicted mobile node by information server, the indication mobile node carries out pre-authentication, improve mobile node and candidate network and carried out continuity professional in the pre-authentication process, and gone for the application scenarios of mobile node high-speed mobile.Compared with prior art, for the mobile node that is in high-speed moving state, can avoid since from the overlay area of target approach network to time of the overlay area of leaving service network less than the needed time of objective network access authentication procedure, and the traffic delay of the mobile node that brings or interruption; Can avoid again because current service network and objective network overlapping covered less, mobile node is overlapping covered to leaving this overlapping covered time less than the needed time of objective network access authentication procedure from entering this, and the traffic delay of the mobile node that brings or interruption.The motion track of the positional information prediction mobile node that reports by mobile node by information server, dynamically determine candidate network, the continuity that can keep the mobile node business better, reduce the network insertion failed probability, go for the situation of the moving direction generation flip-flop of mobile node.After pre-authentication was finished, mobile node was opened the interface of candidate network correspondence, had further improved the speed that the mobile node network switches.
Referring to Fig. 4, the embodiment of the invention also provides a kind of information server, specifically comprises:
Indicating module 402 is used for sending to mobile node the pre-authentication indication of the positional information carry selected candidate network information of prediction module 401 and prediction, so that mobile node according to this candidate network information and positional information, carries out pre-authentication with candidate network.
Wherein, prediction module 401 can specifically comprise:
The trajectory predictions unit is used for the positional information in service network repeatedly sent according to mobile node, the motion track of prediction mobile node;
The candidate network selected cell is used for motion track and default collocation strategy according to the prediction of trajectory predictions unit, determines the candidate network of mobile node;
Position prediction unit is used for motion track and the definite candidate network of candidate network selected cell according to the prediction of trajectory predictions unit, the positional information that the prediction mobile node will occur in candidate network.
Further, above-mentioned information server also comprises:
Select module 403, be used for selecting the access point of candidate network according to the selected candidate network of prediction module 401; Correspondingly, indicating module 402 specifically comprises:
Indicating member, be used for pre-authentication indication from the access point that module 403 selects to mobile node that send the positional information of the information carry the selected candidate network of prediction module 401, prediction and select, so that mobile node according to information, positional information and the access point of candidate network, carries out pre-authentication with candidate network.
In addition, prediction module 401 can specifically comprise:
Selected cell is used to mobile node to select a plurality of candidate network, and determines the priority of a plurality of candidate network;
Predicting unit is used for predicting the positional information that mobile node will occur in a plurality of candidate network; Correspondingly, indicating module 402 also is used for carrying the precedence information that selected cell is determined in the pre-authentication indication.
The information server that the embodiment of the invention provides is by determining candidate network and the following position of predicting mobile node, the indication mobile node carries out pre-authentication, improve mobile node and candidate network and carried out continuity professional in the pre-authentication process, and gone for the application scenarios of mobile node high-speed mobile.Compared with prior art, for the mobile node that is in high-speed moving state, can avoid since from the overlay area of target approach network to time of the overlay area of leaving service network less than the needed time of objective network access authentication procedure, and the traffic delay of the mobile node that brings or interruption; Can avoid again because current service network and objective network overlapping covered less, mobile node is overlapping covered to leaving this overlapping covered time less than the needed time of objective network access authentication procedure from entering this, and the traffic delay of the mobile node that brings or interruption.Predict the motion track of mobile node by the positional information that reports by mobile node, dynamically determine candidate network, the continuity that can keep the mobile node business better reduces the network insertion failed probability, goes for the situation of the moving direction generation flip-flop of mobile node.
Referring to Fig. 5, the embodiment of the invention also provides a kind of mobile node, comprising:
Further, can also comprise the access point of the candidate network that information server is selected in the pre-authentication indication that receiver module 501 receives, correspondingly, pre-authentication module 502 can specifically comprise:
The first pre-authentication unit, be used for after receiver module 501 receives the pre-authentication indication, pre-authentication as current position, by the access point of service network and the access point of candidate network, is carried out to the certificate server of candidate network in the position of information server prediction.
In addition, can also comprise the priority of a plurality of candidate network that information server is selected in the pre-authentication indication that receiver module 501 receives, correspondingly, pre-authentication module 502 can specifically comprise:
The second pre-authentication unit is used for after receiver module 501 receives pre-authentication indication, and pre-authentication as current position, is carried out according to priority and candidate network in this pre-authentication indication in the position of information server prediction.
Further, above-mentioned mobile node also comprises:
Opening module 503 is used for after mobile node and candidate network are finished pre-authentication, and mobile node is opened the interface corresponding with candidate network when entering candidate network or when not entering candidate network.
The mobile node that the embodiment of the invention provides, candidate network and the predicted position information sent according to information server, carry out pre-authentication with candidate network, improve mobile node and candidate network and carried out continuity professional in the pre-authentication process, and gone for the application scenarios of mobile node high-speed mobile.Compared with prior art, for the mobile node that is in high-speed moving state, can avoid since from the overlay area of target approach network to time of the overlay area of leaving service network less than the needed time of objective network access authentication procedure, and the traffic delay of the mobile node that brings or interruption; Can avoid again because current service network and objective network overlapping covered less, mobile node is overlapping covered to leaving this overlapping covered time less than the needed time of objective network access authentication procedure from entering this, and the traffic delay of the mobile node that brings or interruption.
Referring to Fig. 6, the embodiment of the invention also provides a kind of system that realizes pre-authentication, comprising:
Wherein, the positional information in service network that information server 601 can repeatedly be sent according to mobile node, the motion track of prediction mobile node, and determine candidate network according to this motion track.The candidate network of determining can further, can also be determined the priority of these a plurality of candidate network for a plurality of, and is carried in the pre-authentication indication, so that mobile node can carry out pre-authentication with these a plurality of candidate network respectively according to the order of this priority.
Further, information server 601 also is used to select the access point of candidate network, and the information of carrying this access point in above-mentioned pre-authentication indication, and correspondingly, said system can also comprise:
The certificate server of candidate network (AAA Server) is used for carrying out pre-authentication by the access point and the mobile node of above-mentioned candidate network.
In addition, mobile node 602 is opened the interface corresponding with this candidate network when can or not enter this candidate network when mobile node enters this candidate network after finishing pre-authentication with candidate network.
The following position that the said system that the embodiment of the invention provides is determined candidate network and predicted mobile node by information server, the indication mobile node carries out pre-authentication, improve mobile node and candidate network and carried out continuity professional in the pre-authentication process, and gone for the application scenarios of mobile node high-speed mobile.Compared with prior art, for the mobile node that is in high-speed moving state, can avoid since from the overlay area of target approach network to time of the overlay area of leaving service network less than the needed time of objective network access authentication procedure, and the traffic delay of the mobile node that brings or interruption; Can avoid again because current service network and objective network overlapping covered less, mobile node is overlapping covered to leaving this overlapping covered time less than the needed time of objective network access authentication procedure from entering this, and the traffic delay of the mobile node that brings or interruption.
The embodiment of the invention can utilize software to realize that corresponding software programs can be stored in the storage medium that can read, for example, and in the hard disk of computer, buffer memory or the CD.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being done, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (16)
1. realize pre-authentication method for one kind, it is characterized in that described method comprises:
The positional information in service network that information server is repeatedly sent according to mobile node, predict the motion track of described mobile node, according to described motion track, determine the candidate network of described mobile node, and predict the positional information that described mobile node will occur in described candidate network;
Described information server sends the information of carrying described candidate network and the pre-authentication indication of positional information to described mobile node, so that described mobile node according to the information and the positional information of described candidate network, carries out pre-authentication with described candidate network.
2. realization pre-authentication method according to claim 1 is characterized in that, and is described according to described motion track, determines the candidate network of described mobile node, specifically comprises:
Described information server is according to described motion track and default collocation strategy, determine the candidate network of described mobile node, described default collocation strategy is according at least a selection candidate network in the roaming agreement between signal cover, signal strength signal intensity, bandwidth information, power supply status, tariff information and the operator.
3. realization pre-authentication method according to claim 1 is characterized in that, the positional information that the described mobile node of described prediction will occur in described candidate network specifically comprises:
Described information server is predicted the positional information that described mobile node will occur according to described motion track and candidate network in described candidate network.
4. realization pre-authentication method according to claim 1 is characterized in that, described method also comprises:
After described mobile node receives the pre-authentication indication of described information server, the positional information of described information server prediction as current position information, is carried out pre-authentication with described candidate network.
5. realization pre-authentication method according to claim 1 is characterized in that, described method also comprises:
Described information server is selected the access point of described candidate network, and the information of carrying the access point of described candidate network in described pre-authentication indication;
After described mobile node receives the pre-authentication indication of described information server, with the positional information of described information server prediction as current position information, by the access point of service network and the access point of described candidate network, carry out pre-authentication to the certificate server of described candidate network.
6. realization pre-authentication method according to claim 1, it is characterized in that, when the selected candidate network of described information server when being a plurality of, the pre-authentication indication that described information server sends to described mobile node also comprises the priority of these a plurality of candidate network, carries out pre-authentication to indicate described mobile node according to described priority and candidate network.
7. realization pre-authentication method according to claim 1 is characterized in that, described method also comprises:
After described mobile node and candidate network were finished pre-authentication, described mobile node was opened the interface corresponding with described candidate network when entering described candidate network or when not entering described candidate network.
8. an information server is characterized in that, described information server comprises: prediction module and indicating module;
Described prediction module comprises:
The trajectory predictions unit is used for the positional information in service network repeatedly sent according to mobile node, predicts the motion track of described mobile node;
The candidate network selected cell is used for the motion track according to the prediction of described trajectory predictions unit, determines the candidate network of described mobile node;
Position prediction unit is used for motion track and the definite candidate network of described candidate network selected cell according to the prediction of described trajectory predictions unit, predicts the positional information that described mobile node will occur in described candidate network;
Described indicating module, be used for sending the pre-authentication indication of the positional information of the information of carrying the selected candidate network of described prediction module and prediction to described mobile node, so that described mobile node according to the information and the positional information of described candidate network, carries out pre-authentication with candidate network.
9. information server according to claim 8 is characterized in that, described information server also comprises:
Select module, be used for selecting the access point of described candidate network according to the selected candidate network of described prediction module;
Described indicating module specifically comprises:
Indicating member, be used for sending the information of carrying the selected candidate network of described prediction module, the positional information of prediction and the pre-authentication indication of the access point that described selection module is selected to described mobile node, so that described mobile node according to information, positional information and the access point of described candidate network, carries out pre-authentication with candidate network.
10. information server according to claim 8 is characterized in that, described prediction module specifically comprises:
Selected cell is used to mobile node to select a plurality of candidate network, and determines the priority of described a plurality of candidate network;
Predicting unit is used for predicting the positional information that described mobile node will occur in described a plurality of candidate network;
Described indicating module also is used for carrying the precedence information that described selected cell is determined in described pre-authentication indication.
11. a mobile node is characterized in that, described mobile node comprises:
Receiver module is used to receive the pre-authentication indication that information server is sent, and comprises the position that the described mobile node of selected candidate network of described information server and prediction will occur in described candidate network in the described pre-authentication indication;
Pre-authentication module is used for after described receiver module is received the indication of described pre-authentication, and pre-authentication as current position, is carried out with described candidate network in the position of described information server prediction;
Wherein, described candidate network is after the positional information in service network that described information server is repeatedly sent according to described mobile node is predicted the motion track of described mobile node, determines according to described motion track.
12. mobile node according to claim 11 is characterized in that, also comprises the access point of the described candidate network that described information server is selected in the pre-authentication indication that described receiver module receives, described pre-authentication module specifically comprises:
The first pre-authentication unit, be used for after described receiver module receives described pre-authentication indication, pre-authentication as current position, by the access point of service network and the access point of described candidate network, is carried out to the certificate server of described candidate network in the position of described information server prediction.
13. mobile node according to claim 11 is characterized in that, also comprises the priority of a plurality of candidate network that described information server is selected in the pre-authentication indication that described receiver module receives, described pre-authentication module specifically comprises:
The second pre-authentication unit is used for after described receiver module receives the indication of described pre-authentication, and pre-authentication as current position, is carried out according to described priority and candidate network in the position of described information server prediction.
14. mobile node according to claim 11 is characterized in that, described mobile node also comprises:
Opening module is used for after described mobile node and candidate network are finished pre-authentication, and described mobile node is opened the interface corresponding with described candidate network when entering described candidate network or when not entering described candidate network.
15. a system that realizes pre-authentication is characterized in that described system comprises information server and mobile node;
Described information server, be used for the positional information in service network repeatedly sent according to described mobile node, predict the motion track of described mobile node, according to described motion track, determine the candidate network of described mobile node, and predict the positional information that described mobile node will occur in described candidate network, carry the pre-authentication indication of the information and the positional information of described candidate network to described mobile node transmission, so that described mobile node according to the information and the positional information of described candidate network, carries out pre-authentication with candidate network;
Described mobile node is used to receive the pre-authentication indication that described information server is sent, and the described positional information of carrying during described pre-authentication is indicated is carried out pre-authentication as current position information with described candidate network.
16. the system of realization pre-authentication according to claim 15 is characterized in that, described information server also is used to select the access point of described candidate network, and the information of carrying described access point in described pre-authentication indication, and described system also comprises:
The certificate server of described candidate network is used for carrying out pre-authentication by described access point and described mobile node.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810115813XA CN101616463B (en) | 2008-06-27 | 2008-06-27 | Method, device and system for realizing pre-certification |
| PCT/CN2009/072295 WO2009155831A1 (en) | 2008-06-27 | 2009-06-16 | Method, system, information server and mobile node for pre-authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810115813XA CN101616463B (en) | 2008-06-27 | 2008-06-27 | Method, device and system for realizing pre-certification |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101616463A CN101616463A (en) | 2009-12-30 |
| CN101616463B true CN101616463B (en) | 2011-11-16 |
Family
ID=41444020
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810115813XA Active CN101616463B (en) | 2008-06-27 | 2008-06-27 | Method, device and system for realizing pre-certification |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN101616463B (en) |
| WO (1) | WO2009155831A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106714251A (en) * | 2017-01-24 | 2017-05-24 | 维沃移动通信有限公司 | Network connection method and mobile terminal |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102202368B (en) * | 2010-03-26 | 2014-10-08 | 华为终端有限公司 | Method and device for acquiring network information |
| CN102075353B (en) * | 2010-12-29 | 2013-06-19 | 北京星网锐捷网络技术有限公司 | Mobility management method of working station and network management server |
| EP2783535B1 (en) * | 2011-11-25 | 2016-09-14 | Bandwidthx Inc. | System for providing intelligent network access selection for a mobile wireless device |
| US9313613B2 (en) * | 2012-02-24 | 2016-04-12 | Lg Electronics Inc. | Method, apparatus, and system for performing unsolicited location-based download |
| CN102625378B (en) * | 2012-02-29 | 2015-08-12 | 西安电子科技大学 | A kind of heterogeneous wireless network fast handover protocol flow process |
| CN103582082A (en) * | 2012-08-02 | 2014-02-12 | 中兴通讯股份有限公司 | Web selecting method and device |
| US9826464B2 (en) | 2013-03-26 | 2017-11-21 | Bandwidthx Inc. | Systems and methods for establishing wireless connections based on access conditions |
| CN104581757B (en) * | 2013-10-18 | 2019-04-30 | 中兴通讯股份有限公司 | M2M terminal active switching method and device in a kind of M2M network |
| CN104066134A (en) * | 2014-05-26 | 2014-09-24 | 河南省尖端智能控制技术有限公司 | Seamless switching method for multiple access points of WiFi network |
| US10194382B2 (en) | 2016-12-27 | 2019-01-29 | Bandwidthx Inc. | Auto-discovery of amenities |
| US10856151B2 (en) | 2016-12-27 | 2020-12-01 | Bandwidthx Inc. | Radio management based on user intervention |
| CN108712715B (en) * | 2018-04-04 | 2020-08-21 | 天地融科技股份有限公司 | Method for switching network by using Bluetooth hotspot |
| CN111417169B (en) * | 2018-12-19 | 2022-06-17 | 中国电信股份有限公司 | Wireless access control method, wireless access control device, communication network system and storage medium |
| CN113938986B (en) * | 2020-07-14 | 2023-11-17 | 华为技术有限公司 | Method and device for determining wireless access strategy |
| CN116209030B (en) * | 2023-05-06 | 2023-08-18 | 四川中普盈通科技有限公司 | Mobile platform anti-weak network communication gateway access method and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6711408B1 (en) * | 2000-02-05 | 2004-03-23 | Ericsson Inc. | Position assisted handoff within a wireless communications network |
| CN1943211A (en) * | 2005-02-04 | 2007-04-04 | 株式会社东芝 | Framework of media-independent pre-authentication |
| CN1969568A (en) * | 2004-01-22 | 2007-05-23 | 株式会社东芝 | Mobility architecture using pre-authentication, pre-configuration and/or virtual soft-handoff |
| KR100739888B1 (en) * | 2006-02-13 | 2007-07-13 | 주식회사 팬택앤큐리텔 | Method for shortening ppp access time to the cdma network when a mobile phone does handover from wcdma network to cdma network |
-
2008
- 2008-06-27 CN CN200810115813XA patent/CN101616463B/en active Active
-
2009
- 2009-06-16 WO PCT/CN2009/072295 patent/WO2009155831A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6711408B1 (en) * | 2000-02-05 | 2004-03-23 | Ericsson Inc. | Position assisted handoff within a wireless communications network |
| CN1969568A (en) * | 2004-01-22 | 2007-05-23 | 株式会社东芝 | Mobility architecture using pre-authentication, pre-configuration and/or virtual soft-handoff |
| CN1943211A (en) * | 2005-02-04 | 2007-04-04 | 株式会社东芝 | Framework of media-independent pre-authentication |
| KR100739888B1 (en) * | 2006-02-13 | 2007-07-13 | 주식회사 팬택앤큐리텔 | Method for shortening ppp access time to the cdma network when a mobile phone does handover from wcdma network to cdma network |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106714251A (en) * | 2017-01-24 | 2017-05-24 | 维沃移动通信有限公司 | Network connection method and mobile terminal |
| CN106714251B (en) * | 2017-01-24 | 2019-04-12 | 维沃移动通信有限公司 | A kind of method for connecting network and mobile terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101616463A (en) | 2009-12-30 |
| WO2009155831A1 (en) | 2009-12-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101616463B (en) | Method, device and system for realizing pre-certification | |
| CN101287014B (en) | Method, system and device for realizing stream media service | |
| US20220264390A1 (en) | Cho resource processing method, apparatus and system | |
| JP4585969B2 (en) | Target network selection for seamless handover from multiple wireless networks | |
| EP1471665B1 (en) | Seamless switching in a combined long and short distance wireless communication system | |
| CA2598372C (en) | Mobile communication system, core network node selection method, and base station and mobile station used therefor | |
| CN1103177C (en) | Selecting communications channel for a mobile station based on handover intensity | |
| Aljeri et al. | Mobility management in 5G-enabled vehicular networks: Models, protocols, and classification | |
| US9031551B2 (en) | Cellular telecommunications system network element | |
| CN105376813A (en) | Techniques for improved allocation of network resources using geolocation and handover management | |
| US6792283B1 (en) | Method of selecting cells in a cellular mobile radio system | |
| CN104041118A (en) | High speed handovers in a wireless network | |
| KR20100029869A (en) | Apparatus and method for supporting media independent seamless service in heterogeneous wireless network | |
| CN101370293A (en) | User terminal access control method and system in heterogeneous network | |
| CN101600239A (en) | Group vertical handoff method in heterogeneous wireless environment and system | |
| CN100593929C (en) | Mobile switch method of wireless packet network | |
| Aljeri et al. | Smart and green mobility management for 5G‐enabled vehicular networks | |
| KR100939217B1 (en) | METHOD FOR SERVICING A QoS SINCE HANDOVER OF A MOBILE TERMINAL | |
| CN102084691B (en) | Method and apparatus for group handover in wireless network | |
| Al Emam et al. | Coordinated handover signaling and cross-layer adaptation in heterogeneous wireless networking | |
| Smith et al. | An adaptive mobile wireless handover | |
| KR100753845B1 (en) | Method for supporting handover of mobile node having multiple interfaces in ip-based bcn | |
| EP2039063B1 (en) | User network and method for using multiple access systems to connect to remote communications network(s) | |
| KR100678125B1 (en) | Method of Handover in Cellular Networks with Overlapped Cell Group | |
| US6233453B1 (en) | Method of improving co-operation between entities of a cellular mobile radiocommunications network during call handover between cells |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |