CN102457847A - Fixed network perception user access method and system thereof - Google Patents

Fixed network perception user access method and system thereof Download PDF

Info

Publication number
CN102457847A
CN102457847A CN2010105147165A CN201010514716A CN102457847A CN 102457847 A CN102457847 A CN 102457847A CN 2010105147165 A CN2010105147165 A CN 2010105147165A CN 201010514716 A CN201010514716 A CN 201010514716A CN 102457847 A CN102457847 A CN 102457847A
Authority
CN
China
Prior art keywords
information
user accessing
bras
bng
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2010105147165A
Other languages
Chinese (zh)
Other versions
CN102457847B (en
Inventor
毛玉欣
芮通
宗在峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201010514716.5A priority Critical patent/CN102457847B/en
Publication of CN102457847A publication Critical patent/CN102457847A/en
Application granted granted Critical
Publication of CN102457847B publication Critical patent/CN102457847B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention discloses a fixed network perception user access method and a system thereof. The method is characterized in that: based on an authentication process phase of a mobile network to user equipment, authentication authorization and accounting (AAA) of a 3rd generation partnership project (3GPP) acquires user access information and further transmits to the AAA of a broadband forum (BBF); the AAA of the BBF provides the user access information to a broadband policy control function (BPCF); the BPCF discovers a policy and charging rules function (PCRF) which are served for the user according to the received user access information and initiates session establishment to the PCRF. By using the method and the system of the invention, fixed network equipment can identify user access according to the user access information so as to support and implement admission control to the service which is developed for the user.

Description

The method and system that a kind of fixed network perception user inserts
Technical field
The present invention relates to the communications field, be specifically related to the method and system that a kind of fixed network perception user inserts.
Background technology
Third generation partner program (3GPP; 3rd Generation Partnership Project) evolved packet system (EPS of exploitation; Evolved Packet System) by the UMTS land radio access web (E-UTRAN of evolution; Evolved Universal Terrestrial Radio Access Network), mobile management unit (MME; Mobility Management Entity), gateway (S-GW, ServingGateway), grouped data network gateway (P-GW or PDN GW, Packet Data NetworkGateway), home subscriber server (HSS; Home Subscriber Server), the authentication and authorization charging (AAA of 3GPP; Authentication, Authorization and Accounting) server, "Policy and Charging Rules Function (PCRF, Policy and Charging Rules Function) entity and other support nodes are formed.The grouping system of the evolution of Fig. 1 has partly been explained its system architecture, and wherein MME is responsible for the related work of the chain of command such as processing and the contextual management of user's mobile management of mobile management, Non-Access Stratum signaling; S-GW is the accessing gateway equipment that links to each other with E-UTRAN, between E-UTRAN and P-GW, transmits data, and is responsible for pending datas such as paging are carried out buffer memory; P-GW then is the borde gateway of EPS and packet data network (PDN, Packet Data Network) network, is responsible for the PDN access and reaches functions such as between EPS and PDN, transmitting data; S-GW and P-GW belong to the core net gateway; PCRF is the "Policy and Charging Rules Function entity, and it links to each other through Rx interface and carrier network agreement (IP, Internet Protocol) business network; Obtain business information; Link to each other with gateway device in the bearer network through the Gx/Gxa/Gxc interface simultaneously, responsiblely authorize to bearer network delivering service quality (QoS, Quality of Service); Guarantee the QoS of business data transmission, and the control of chargeing.
As shown in Figure 1, EPS supports that (for example, E-UTRAN), EPS also supports the access of non-3GPP network in addition in the 3GPP access.Non-3GPP network can insert the EPS network through the S2a/b/c interface, and P-GW is as the anchor point between EPS and non-3 GPP system.The non-3GPP network that inserts EPS is divided into the non-3GPP access of trusted and trustless non-3GPP access.The non-3GPP of trusted inserts and can insert P-GW through the S2a interface; Trustless non-3GPP access need insert P-GW through the packet data gateway (ePDG, Evolved PacketData Gateway) of evolution, and wherein the interface between ePDG and the P-GW is S2b; The subscriber equipment (UE, User Equipment) that non-in addition 3GPP inserts under (trusted and trustless) can also insert P-GW through the S2c interface.If S2c trusty inserts, then UE closes through the trusted non-3 GPP access network and inserts P-GW; If the S2c that is non-trust inserts, then UE closes through non-trust non-3 GPP access network, and inserts P-GW through ePDG.The S2a/b interface can adopt GPRS Tunnel Protocol (GTP, GPRSTunelling protocol) or proxy mobile IP protocol (PMIP, Proxy Mobile IP) to realize.The S2c interface can adopt two stack mobile IP protocols (DSMIP, Dual Stack MIP) to realize.
As shown in Figure 1; The business of if desired UE that inserts the EPS system being carried out uses Internet resources to implement meticulous control; Realize charging simultaneously, then need in the EPS system, control (PCC, Policy and Charging Control) function with chargeing by collocation strategy based on stream.PCC is by "Policy and Charging Rules Function PCRF, strategy and charge execution function (PCEF; Policy and Charging Enforcement Function) and carry and bind event reporting function major function entities such as (BBERF, Bearer Binding and Event Report Function) and form.Wherein PCEF can realize on P-GW, carries out the mutual of control strategy information through the Gx interface between PCRF and the PCEF.BBERF can shut realization at S-GW or trusted non-3 GPP access network.When S5 interface (between P-GW and the S-GW), S2a interface (P-GW and trusted non-3 GPP access network close) employing PMIP agreement, when perhaps trusted S2c interface adopted DSMIP, PCRF carried out the mutual of control strategy information through Gx/Gxa/Gxc interface and BBERF.
Fixing the moving that operator pays close attention to merged (FMC; Fixed Mobile Convergence) scene just is based on above-mentioned non-3GPP shown in Figure 1 and the framework of EPS intercommunication is studied; Non-3GPP network wherein is (the BBF of broadband forum; Broadband Forum) network of definition, its concrete net element information is with reference to figure 2.
As shown in Figure 2, inserting WLAN (WLAN, Wireless Local AreaNetworks), also insert the EPS network through the BBF fixed network with UE is example.UE inserts home gateway (RG, Residential Gateway) through WAP (WiFi AP, Wireless Fidelity Access Point); Insert the BBF network through RG again; The final EPS core network that inserts, wherein the BBF network is by access point (AN, Access Note), BAS Broadband Access Server (BRAS; Broadband Remote Access Server)/wideband network gateway capital equipments such as (BNG, Broadband Network Gateway) composition.Said AN can be a Digital Subscriber Line access and multiplexing device (DSLAM, Digital Subscriber Line AccessMultiplexer) etc.
The BBF fixed network of above-mentioned access EPS core network according to the credible attitude of mobile operator to the fixed network operator, is divided into credible access and insincere access:
If mobile operator is regarded as trustless access with the BBF fixed network, with shown in the Case2, UE needs and ePDG sets up IP Sec (IP safety) tunnel like the Case among Fig. 21.The data encrypted transmission between UE and the PDN network makes to guarantee safety of data transmission by the data content that fixed network equipment can't its transmission of perception.
If being regarded as trusted with the BBF fixed network, mobile operator inserts, shown in the Case among Fig. 23.When this moment, UE was through BBF network insertion EPS core network, need not pass through ePDG.Set up the DSMIP tunnel between UE and the P-GW and be used for transfer of data.
Also there are bridge joint (bridge) and two kinds of patterns of route (route) when UE inserts the BBF fixed network through the user resident network in addition; Wherein,
Route pattern: UE inserts RG through WiFi AP, and converges the back through AN and insert BRAS/BNG.RG is UE distributing IP address, and for example: UE inserts RG, adopts username and password authentication on RG, and RG is UE distributing IP address behind the authentication success.BRAS/BNG is RG distributing IP address, and for example: when RG powered on, RG initiated access authentication to BRAS/BNG, and behind the authentication success, BRAS/BNG is this RG distributing IP address.
Bridge mode: UE inserts through WiFi AP, and converges the back through AN and insert BRAS/BNG.The IP address of UE is distributed by BBF fixed network equipment (for example BRAS/BNG).Under the Bridge pattern, might have RG in the network, but this moment, RG was one two layers (data link layer) equipment, the assigning process of participating user authentication and IP address does not only provide two layers of connection between UE and the BRAS/BNG yet.
For the Route pattern, RG is private net address (home address) for the UE IP address allocated, and promptly this IP address only supplies local network of users internal unit identification UE, and BBF fixed network and EPS core net can't be according to this IP Address Recognition to UE.When UE sends uplink data messages; When sign has the data message process RG of UE implicit IP address; RG need for example be packaged into customer premises equipment, CPE (CPE, Customer premise equipment) address/RG IP address with the outer encapsulated layer public network IP address of data message; This public network address can be discerned by BBF equipment and EPS equipment.For downlink data message, the EPS network equipment sends to CPE/RG in the outer encapsulation of data message CPE/RG IP address with data message, by CPE/RG the skin of this data message is packaged into the private network IP address of UE, redispatches to UE.Therefore under the Route pattern, the mutual data message of UE and EPS equipment need pass through CPE/RG and handle, and the equipment (BBF equipment and EPS equipment) after the CPE/RG can not directly perceive the UE of access network.For the Bridge pattern, because the user carries out authentication on BRAS/BNG, and be its distributing IP address by BRAS/BNG, this IP address is a public network IP address, therefore can be discerned by BBF fixed network and EPS equipment of the core network.
After UE successfully was attached to the EPS core network through the BBF fixed network, UE just can commence business.In order to guarantee the transmission quality of data, promote user experience, need the QoS on the whole data routing paths be guaranteed, use mobile network resource and fixed network resource to carry out qos policy control to the user respectively through policy control functions and realize above-mentioned functions.To carry out consistency that qos policy control to same user at fixed network and mobile network in order guaranteeing simultaneously, need to set up S9 between PCRF and the BPCF *Session is used for PCRF and BPCF and controls the required information of UE use Internet resources, for example user profile, qos policy etc. alternately.Said policy control functions can be PCRF and the broadband policy controlled function in the BBF network (BPCF, Broadband Policy Control Function) in the EPS network.
In order to realize that above-mentioned UE is commenced business implement the process of QoS control, need the BBF fixed network and the EPS network equipment to perceive the access of UE.For the EPS network equipment,, comprised user's access information in the verification process, so the EPS network equipment can perceive the access of said UE because UE when inserting the EPS network, needs to carry out the access authentication based on 3GPP.Yet for BBF fixed network equipment; Because it does not support the access authentication mechanism based on 3GPP; Therefore when UE is linked into the EPS network through the BBF fixed network; All by transparent transmission, so BBF fixed network equipment obtains the access information less than the user to all authentication messages based on 3GPP in the BBF network, thereby can't perceive the access of UE.Therefore also just can't carry out in the fixed network side and obtain service implementation admittance control said UE.This obviously is unfavorable for carrying out smoothly of customer service, can reduce user satisfaction simultaneously.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of method and system of fixed network perception user access, makes fixed network equipment to discern the user according to user accessing information and inserts, and supports the service implementation that the user is carried out to admit control.
For achieving the above object, technical scheme of the present invention is achieved in that
The method that a kind of fixed network perception user inserts, this method comprises:
Based on the verification process stage that the mobile network carries out user equipment (UE), third generation partner program authentication and authorization charging 3GPP AAA obtains user accessing information and further passes to the authentication and authorization charging BBF AAA of broadband forum;
Said BBF AAA provides said user accessing information to broadband policy controlled function BPCF;
BPCF is found to be the "Policy and Charging Rules Function PCRF that the user serves according to the user accessing information of receiving, and sets up to this PCRF initiation session.
The process that 3GPP AAA obtains said user accessing information comprises:
If said UE is through non-trust BBF network insertion evolved packet system EPS network, then after to said access authentication of user success, the packet data gateway ePDG of evolution offers said 3GPP AAA with said user accessing information;
If said UE is through trusting BBF network insertion EPS network, then after to said access authentication of user success, grouped data network gateway P-GW offers said 3GPPAAA with said user accessing information.
Said user accessing information comprises ID, tunnel information; Said ID is: international mobile subscriber identity IMSI or network access Identifier NAI;
As UE during through non-trust BBF network insertion EPS network, if UE adopts the route pattern to insert, said tunnel information comprises IP address and the ePDG IP address of customer premises equipment, CPE CPE/ home gateway RG; If UE adopts the bridge pattern to insert, said tunnel information comprises UE IP address and ePDG IP address;
When UE passed through to trust BBF network insertion EPS network, said tunnel information comprised Care-of Address CoA and P-GW address;
EPDG provides the method for said user accessing information to be to 3GPP AAA:
EPDG directly provides said user accessing information to 3GPP AAA; Or,
EPDG offers 3GPP AAA through P-GW with said user accessing information.
Said 3GPP AAA comprises the process that said user accessing information passes to BBF AAA:
Said 3GPP AAA finds BBF AAA according to the CPE/RG IP address, UE IP address or the CoA that comprise in the tunnel information in the said user accessing information and configuration relation; Said 3GPP AAA and said BBF AAA set up session, and said user accessing information is passed to said BBF AAA.
Said BBF AAA provides the mode of said user accessing information to comprise to BPCF:
Said BBF AAA offers BPCF through BAS Broadband Access Server BRAS/ wideband network gateway BNG with said user accessing information; Perhaps,
Said BBF AAA directly offers BPCF with said user accessing information.
Said BBF AAA offers BPCF through BRAS/BNG with said user accessing information and comprises:
BBF AAA finds the process of BRAS/BNG, and sets up the process of session with BRAS/BNG, and the most said user accessing information passes to BRAS/BNG;
Also comprise said BRAS/BNG find BPCF, and and BPCF set up the process of session, guarantee said user accessing information is passed to BPCF.
Said BBF AAA comprises the detailed process that said user accessing information offers said BPCF through BRAS/BNG:
If UE adopts the route mode to insert or said ID is mobile identify label; Then BBF AAA finds BRAS/BNG according to IP address that tunnel information comprised from the said user accessing information that 3GPP AAA obtains and configuration relation; And with said BRAS/BNG set up session, also said user accessing information is sent to BRAS/BNG; Said BRAS/BNG finds BPCF according to the IP address that comprises in the said tunnel information/CoA/CPE/RG IP address and configuration relation, and sets up session with said BPCF, also said user accessing information is sent to BPCF;
If UE adopts the bridge mode to insert, then UE carries said moving and fixed network Unified Identity sign or fixed network identify label when request BRAS/BNG is its distributing IP address; Said BRAS/BNG and BBF AAA set up session, send the authentication request to said user to said BBF AAA, carry said identify label and BRAS/BNG IP address in the request; BBFAAA preserves the mapping relations of said identify label and BRAS/BNG IP address; After the authentication success, said BRAS/BNG is said user's distributing IP address; Said BBF AAA gets access to said user accessing information from 3GPP AAA, matees according to the identify label among the mobile fixed network Unified Identity sign that comprises in the said user accessing information or mobile network and fixed network dual identity sign and the BBF AAA and the mapping relations of BRAS/BNG IP address; And recognizing said user when carrying out the fixed network authentication, the session of setting up when utilizing the fixed network authentication is handed down to BRAS/BNG with said user accessing information; Said BRAS/BNG finds BPCF according to said user accessing information and configuration relation, and sets up session with said BPCF; Said BRAS/BNG sends to BPCF with said user accessing information.
Said BPCF finds said PCRF, and the process of setting up to this PCRF initiation session comprises:
Said BPCF is found to be the PCRF that the user serves according to the ID that comprises in the said user accessing information, and then initiates S9 to said PCRF *Session is set up.
The system that a kind of fixed network perception user inserts, this system comprises: information initial acquisition unit, information transfer unit, information applying unit; Wherein,
Said information initial acquisition unit was used for based on the mobile network the verification process stage that UE carries out, and obtained user accessing information and further passed to information transfer unit;
Said information transfer unit is used for to the information applying unit said user accessing information being provided;
Said information applying unit is used for being found to be the PCRF that the user serves according to the user accessing information of receiving, and sets up to this PCRF initiation session.
When said information initial acquisition unit is obtained said user accessing information, be used for:
If said UE through non-trust BBF network insertion EPS network, then after to said access authentication of user success, triggers ePDG said user accessing information is offered said information initial acquisition unit;
If said UE then after to said access authentication of user success, triggers P-GW said user accessing information is offered said information initial acquisition unit through trusting BBF network insertion EPS network.
Said user accessing information comprises ID, tunnel information; Said ID is: IMSI or NAI;
As UE during through non-trust BBF network insertion EPS network, if UE adopts the route pattern to insert, said tunnel information comprises CPE/RG IP address and ePDG IP address; If UE adopts the bridge pattern to insert, said tunnel information comprises UE IP address and ePDG IP address;
When UE passed through to trust BBF network insertion EPS network, said tunnel information comprised CoA and P-GW address.
When said information initial acquisition unit passes to said information transfer unit with said user accessing information, be used for:
Find information transfer unit according to the CPE/RG IP address, UE IP address or the CoA that comprise in the tunnel information in the said user accessing information and configuration relation; Session is set up in said information initial acquisition unit and said information transfer unit, and said user accessing information is passed to said information transfer unit.
Said information transfer unit is used for when said information applying unit provides said user accessing information:
Through BRAS/BNG said user accessing information is offered said information applying unit; Perhaps,
Directly said user accessing information is offered said information applying unit.
When said information transfer unit offers said information applying unit through BRAS/BNG with said user accessing information, be used for:
Find the process of BRAS/BNG, and set up the process of session, and the most said user accessing information passes to BRAS/BNG with BRAS/BNG;
Also comprise said BRAS/BNG find said information applying unit, and and said information applying unit set up the process of session, guarantee said user accessing information is passed to said information applying unit.
When said information transfer unit offers said information applying unit through BRAS/BNG with said user accessing information, specifically be used for:
If UE adopts the route mode to insert or said ID is mobile identify label; BRAS/BNG is found according to IP address that tunnel information comprised in the said user accessing information that obtains and configuration relation in then said information transfer unit; And with said BRAS/BNG set up session, also said user accessing information is sent to BRAS/BNG; Said BRAS/BNG finds said information applying unit according to the IP address that comprises in the said tunnel information/CoA/CPE/RG IP address and configuration relation; And with said information applying unit set up session, also said user accessing information is sent to said information applying unit;
If UE adopts the bridge mode to insert, then UE carries said moving and fixed network Unified Identity sign or fixed network identify label when request BRAS/BNG is its distributing IP address; Session is set up in said BRAS/BNG and said information transfer unit, sends the authentication request to said user to said information transfer unit, carries said identify label and BRAS/BNG IP address in the request; The mapping relations of said identify label and BRAS/BNG IP address are preserved in said information transfer unit; After the authentication success, said BRAS/BNG is said user's distributing IP address; Said information transfer unit gets access to said user accessing information, matees according to the identify label in the mobile fixed network Unified Identity sign that comprises in the said user accessing information or mobile network and fixed network dual identity sign and the said information transfer unit and the mapping relations of BRAS/BNG IP address; And recognizing said user when carrying out the fixed network authentication, the session of setting up when utilizing the fixed network authentication is handed down to BRAS/BNG with said user accessing information; Said BRAS/BNG finds said information applying unit according to said user accessing information and configuration relation, and sets up session with said information applying unit; Said BRAS/BNG sends to said information applying unit with said user accessing information.
Said information applying unit is found said PCRF, and when this PCRF initiation session is set up, is used for:
Said information applying unit is found to be the PCRF that the user serves according to the ID that comprises in the said user accessing information, and then initiates S9 to said PCRF *Session is set up.
The inventive method and system make fixed network equipment to discern the user according to user accessing information and insert, thereby can support the service implementation that the user is carried out to admit control.
Description of drawings
Fig. 1 is the sketch map of the system architecture of EPS;
Fig. 2 is the FMC system schematic;
Fig. 3 is that the BPCF of an embodiment in the insincere access scene carries out the admittance control flow chart;
Fig. 4 is that the BPCF of another embodiment in the insincere access scene carries out the admittance control flow chart;
Fig. 5 is that the BPCF of an embodiment in the credible access scene carries out the admittance control flow chart;
Fig. 6 is that the BPCF of another embodiment in the credible access scene carries out the admittance control flow chart;
Fig. 7 is the general flow chart that the fixed network perception user of the embodiment of the invention inserts;
Fig. 8 is the system diagram that the fixed network perception user of the embodiment of the invention inserts.
Embodiment
In general, based on the verification process stage that the mobile network carries out UE, 3GPP AAA can obtain user accessing information and further pass to BBF AAA; Afterwards, said BBF AAA can provide said user accessing information to BPCF, and said BPCF then can be found to be the PCRF of user's service according to the said user accessing information of receiving, and initiates S9 to this PCRF *Session is set up.
Particularly, 3GPPAAA obtain said user accessing information process can for:
If said UE is through non-trust BBF network insertion EPS network, then after to said access authentication of user success, ePDG offers said 3GPP AAA with said user accessing information.Certainly, if UE is through non-trust BBF network insertion EPS network, and adopt the S2b interface, then ePDG also can offer said 3GPP AAA through P-GW with said user accessing information.
If said UE is through trusting BBF network insertion EPS network, then after to said access authentication of user success, P-GW offers said 3GPP AAA with said user accessing information.
Said user accessing information can comprise ID, tunnel information etc.Said ID can be international mobile subscriber identity (IMSI, International Mobile Subscriber IdentificationNumber) or network access Identifier (NAI, Network Access Identifier) etc.
In addition, as UE during through non-trust BBF network insertion EPS network, if UE adopts the route pattern to insert, said tunnel information comprises CPE/RG IP address and ePDG IP address; If UE adopts the bridge pattern to insert, said tunnel information comprises UE IP address and ePDG IP address.
If UE is through trusting BBF network insertion EPS network, then said tunnel information comprises Care-of Address, and (CoA is care-of-address) with the P-GW address.
Said 3GPP AAA can comprise the process that said user accessing information further passes to BBF AAA:
Said 3GPP AAA finds BBF AAA according to the CPE/RG IP address that comprises in the tunnel information in the said user accessing information (to the route access module), UE IP address (to the bridge access module) or CoA and configuration relation.Said 3GPP AAA and said BBF AAA set up session, and said user accessing information is passed to said BBF AAA.
Said BBF AAA provides the mode of said user accessing information to comprise to BPCF:
Said BBF AAA offers BPCF through BRAS/BNG with said user accessing information; Perhaps,
Said BBF AAA directly offers BPCF with said user accessing information.
When said BBF AAA offers BPCF through BRAS/BNG with said user accessing information, relate to the process that BBF AAA finds BRAS/BNG, and set up the process of session, and the most said user accessing information passes to BRAS/BNG with BRAS/BNG.Certainly, said BRAS/BNG can find BPCF equally, and sets up session with BPCF, to guarantee that said user accessing information is passed to BPCF.
Need to prove that if said ID is for moving identify label (for example IMSI), then BBFAAA (if route inserts, is RG/CPE IP address according to the IP address that tunnel information comprised from the said user accessing information that 3GPP AAA obtains; If bridge inserts, be UE IP address or CoA) and configuration relation find BRAS/BNG, and set up session with said BRAS/BNG, also said user accessing information (tunnel information and ID) is sent to BRAS/BNG.Said BRAS/BNG finds BPCF according to the IP address that comprises in the said tunnel information/CoA/CPE/RG IP address and configuration relation; And with said BPCF set up session, also said user accessing information (comprising tunnel information and ID) is sent to BPCF.
Said method also can be used in the user with fixing mobile Unified Identity sign or have the fixing user who identifies with mobile network's dual identity.And, if said ID has mobile network and fixed network dual identity sign or moves and fixed network Unified Identity sign, so:
If UE adopts the route mode to insert, can be the route implementation when moving identify label then with reference to above-mentioned ID.
If UE adopts the bridge mode to insert, then UE carries said moving and fixed network Unified Identity sign or fixed network identify label when request BRAS/BNG is its distributing IP address.Said BRAS/BNG and BBF AAA set up session, send the authentication request to said user to said BBF AAA, carry said identify label and BRAS/BNG IP address in the request.BBF AAA preserves the mapping relations of said identify label and BRAS/BNG IP address.After the authentication success, said BRAS/BNG is said user's distributing IP address.Said BBF AAA gets access to said user accessing information from 3GPP AAA, matees according to the identify label among the mobile fixed network Unified Identity sign that comprises in the said user accessing information or mobile network and fixed network dual identity sign and the BBF AAA and the mapping relations of BRAS/BNG IP address; And recognizing said user when carrying out the fixed network authentication, the session of setting up when utilizing the fixed network authentication is handed down to BRAS/BNG with said user accessing information.Said BRAS/BNG finds BPCF according to said user accessing information and configuration relation, and sets up session with said BPCF.Said BRAS/BNG sends to BPCF with said user accessing information.
Said BPCF is found to be the PCRF of said user's service, and initiates S9 to said PCRF *The process that session is set up comprises:
Said BPCF is found to be the PCRF that the user serves according to the ID that comprises in the said user accessing information (for example IMSI, perhaps NAI), and said BPCF initiates S9 to said PCRF *Session is set up.
Below, in conjunction with accompanying drawing concrete embodiment is described.
Embodiment one
UE inserts through fixed network WLAN, and mobile operator inserts fixed network and is regarded as trustless access, disposes ePDG among the mobile network and guarantees data transmission security.When UE set up the IP-Sec tunnel to ePDG, ePDG was to the 3GPP aaa authentication, and after authentication was passed through, 3GPP AAA set up session to BBF AAA, to notify the user to insert to BBF AAA.The said message that is used for notifying is carried user accessing information, also can explain in this message this UE in mobile network authentication pass through.BBF AAA sends to BPCF through BRAS/BNG with user accessing information.BPCF finds that according to ID PCRF and PCRF set up S9 *Session.Concrete realization flow is as shown in Figure 3:
301.UE arrive the EPC network through insincere BBF network insertion.Carry out Extensible Authentication Protocol-authentication and close spoon negotiation mechanism (EAP-AKA) access authentication flow process between UE, ePDG and the 3GPP AAA based on 3GPP.In the verification process, UE need pass to 3GPPAAA with ID (for example IMSI or NAI).Because the BBF network is not supported the EAP-AKA authentication, therefore carry out the authentication message of EAP-AKA between above-mentioned UE and the EPC network and in the BBF network, carry out transparent transmission.
302.RG or BRAS/BNG gives UE distributing IP address.If UE adopts Route pattern access network, then distribute private network IP address to UE by RG; If UE adopts bridge pattern access network, then distribute public ip address to UE by BRAS/BNG.
303.UE start internet key exchange v2 (IKEv2) authentication process, carry out the authentication program between ePDG and the 3GPPAAA.After authentication is passed through, set up the IP-Sec tunnel between UE and the ePDG, ePDG sends to 3GPP AAA with user accessing information.Said user accessing information comprises ID (for example IMSI/NAI), IP-Sec tunnel information.If UE adopts the Route pattern to insert, then said ipsec tunnel information comprises RG/CPE IP address and ePDG IP address; If UE adopts the Bridge pattern to insert, then said ipsec tunnel information comprises UE IP address and ePDG IP address.
304.3GPP AAA preserves the user accessing information that receives from ePDG.3GPP AAA finds BBF AAA (for example: 3GPP AAA is according to CPE/RG IP address in the ipsec tunnel information or UE IP address and distribute the BBF fixed network configuration relation of this IP address field to inquire fixed network information, further obtains to insert for the user IP address of the BBF AAA that the EPS network served) according to user accessing information.Set up session between 3GPP AAA and the BBF AAA, said user accessing information is sent to BBF AAA, insert about said UE with notice BBF AAA, and explain that said UE has passed through the authentication of EPS network.
305.BBF IP address information that AAA comprises according to ipsec tunnel information (for example UE IP address or RG/CPE IP address) and configuration relation (this configuration relation has shown the BRAS/BNG for the service of IP address field) are found to be the BRAS/BNG of this UE access network service; Set up session between BBF AAA and this BRAS/BNG, and said user accessing information is sent to said BRAS/BNG.
306.BRAS/BNG be found to be the BPCF that this UE access network is served according to IP address information that comprises in the ipsec tunnel information (for example UE IP address or RG/CPE IP address) and configuration relation (this configuration relation has shown the BPCF for this IP address field service); Set up session between BRAS/BNG and this BPCF, and said user accessing information is sent to said BPCF.
307.BPCF be found to be the PCRF of user's access service according to the ID that comprises in the user accessing information (IMSI for example or NAI), and set up S9 with PCRF *Session.S9 *Session is set up and can be realized through the gateway control session creation facilities program (CFP).
308. after BBF AAA completion ipsec tunnel is set up the authentication success, return response message to ePDG, ePDG initiates the agent binding modification to P-GW, and (Proxy Binding Update, PBU) request are carried out PMIP and are registered.
309.PGW receive after the PMIP register requirement from ePDG, and set up the IP-CAN session between the PCRF.
310.PGW initiating the PGW address to 3GPP AAA upgrades.
311.PGW return the PMIP message that succeeds in registration to ePDG.
312. after PMIP succeeded in registration, UE carried out authentication to ePDG, accomplished the foundation of ipsec tunnel.
313.ePDG send last IKEv2 message to UE.Setting up IP between UE and the PGW connects.The data of UE and PDN network interaction are transmitted through ipsec tunnel between UE and ePDG, between ePDG and PGW, transmit through the PMIP tunnel.
314. when setting up the IP-CAN session between PGW and the PCRF, PCRF will insert relevant QoS control strategy with the user and be handed down to PGW, PCRF need provide program to be handed down to BPCF through gateway control and QoS the QoS control strategy equally.The QoS information that BPCF can provide according to PCRF, the BBF fixed network resource of using when said UE is commenced business implement to admit control.
Embodiment two
The UE of embodiment two inserts identical among scene and the embodiment one, and the main distinction is after the completion access authentication, to 3GPP AAA user accessing information to be provided through P-GW by ePDG.Concrete implementing procedure is as shown in Figure 4:
401.UE access network is carried out the process of access authentication, and be the process of UE distributing IP address, step 301 to step 302 that can reference implementation routine.
402.UE start the IKEv2 authentication process, carry out the authentication program between ePDG and the 3GPP AAA.After authentication is passed through, set up the IP-Sec tunnel between UE and the ePDG.
403.ePDG send agent binding update messages to P-GW, the PMIP registration is carried out in request.Also comprise user accessing information in the said message, said user accessing information comprises ID (for example IMSI/NAI), IP-Sec tunnel information etc.If UE adopts the Route pattern to insert, then said ipsec tunnel information comprises RG/CPE IP address and ePDG IP address; If UE adopts the Bridge pattern to insert, then said ipsec tunnel information comprises UE IP address and ePDG IP address.
404.PGW receive after the PMIP register requirement from ePDG, and set up the IP-CAN session between the PCRF.
405.PGW return the PMIP message that succeeds in registration to ePDG.
406.PGW said user accessing information is sent to 3GPP AAA.
407.BBF IP address information that AAA comprises according to ipsec tunnel information (for example UE IP address or RG/CPE IP address) and configuration relation (this configuration relation has shown the BRAS/BNG for the service of IP address field) are found to be the BRAS/BNG of this UE access network service; Set up session between BBF AAA and the BRAS/BNG, and said user accessing information is sent to said BRAS/BNG.
408.BBF AAA offers the process of BPCF with said user accessing information, can reference implementation example one step 305 to step 306.
409.BPCF be found to be the PCRF of user's access service according to the ID that comprises in the user accessing information (IMSI for example or NAI), and set up S9 with PCRF *Session.S9 *Session is set up and can be realized through the gateway control session creation facilities program (CFP).
410.IPSec tunnel establishment procedure, can reference implementation step 312 to the step 313 of example one.
Embodiment three
UE inserts through fixed network WLAN, and mobile operator inserts fixed network and is regarded as the trusted access.UE and P-GW set up the DSMIP tunnel, and P-GW transmits user accessing information to 3GPP AAA, and 3GPP AAA sets up session to BBF AAA, notifies the user to insert to BBF AAA.The said message that is used for notifying is carried user accessing information, also can explain in this message this UE in mobile network authentication pass through.BBFAAA utilizes the session of user in fixed network authentication phase and BRAS/BNG foundation, and user accessing information is passed to BRAS/BNG.Said BRAS/BNG further finds BPCF according to IP address and configuration relation, and user accessing information is passed to BPCF.BPCF finds that according to ID PCRF and PCRF set up S9 *Session.Concrete realization flow is as shown in Figure 5:
501.UE arrive the EPC network through credible BBF network insertion.Carry out EAP-AKA access authentication flow process between UE, P-GW and the 3GPP AAA based on 3GPP.In the verification process, UE need pass to 3GPP AAA with fixed network mobile network dual identity sign.Because the BBF network is not supported the EAP-AKA authentication, therefore carry out the authentication message of EAP-AKA between above-mentioned UE and the EPC network and in the BBF network, carry out transparent transmission.
502.UE to BRAS/BNG request distributing IP address.The said message that is used for asking is carried the fixed network identify label.
503.BRAS/BNG receive after user's request, and set up session between the BBF AAA, and carry out access authentication to this user to the BBFAAA request.The said message that is used for asking comprises the IP address of fixed network identify label and BRAS/BNG.BBF AAA preserves the mapping relations of said fixed network identify label and BRAS/BNG IP address to after the access authentication of user success, is UE distributing IP address simultaneously.
504.BRAS/BNG return the access authentication response of successful to UE, be included as the UE IP address allocated in this response.
505.UE start the IKEv2 authentication process, carry out the authentication program between P-GW and the 3GPP AAA.After authentication is passed through.Carry out initial guide (bootstrapping) program between UE and the P-GW, P-GW sends to 3GPP AAA with user accessing information.Said user accessing information comprises ID (said ID is a fixed network mobile network dual identity sign), also comprises the tunnel information of CoA (being that BRAS/BNG is the UE IP address allocated) and P-GW IP address.
506.3GPP AAA preserves the user accessing information that receives from P-GW.3GPP AAA finds BBF AAA (for example: 3GPP AAA is according to the IP address in the tunnel information and distribute the BBF fixed network configuration relation of this IP address field to inquire fixed network information, further obtains to insert for the user IP address of the BBF AAA that the EPS network served) according to user accessing information.Set up session between 3GPP AAA and the BBF AAA, said user accessing information is sent to BBF AAA, insert about said UE with notice BBF AAA, and explain that said UE has passed through the authentication of EPS network.
507.BBF AAA searches mapping relations according to the fixed network mobile network dual identity sign that comprises the user accessing information that receives from 3GPP AAA, this user of perception had done the fixed network authentication.
508.BBF the session that AAA utilizes this user to set up in the fixed network authentication phase sends to BRAS/BNG with said user accessing information.
509.BRAS/BNG the CoA and the configuration relation (for the BPCF of this IP address field service) that comprise according to tunnel information are found to be the BPCF that this UE access network is served, and set up session between BRAS/BNG and the BPCF, and said user accessing information is sent to BPCF.
510.BPCF be found to be the PCRF of user's access service according to the ID that comprises in the user accessing information (be fixed network mobile network dual identity sign), and set up S9 with PCRF *Session.S9 *Session is set up and can be realized through the gateway control session creation facilities program (CFP).
511.UE initiate binding update messages to P-GW, carry CoA, HoA in this message, the DSMIP registration is carried out in request.
512.PGW receive after the DSMIP register requirement from UE, and set up the IP-CAN session between the PCRF.
513.PGW initiating the PGW address to 3GPP AAA upgrades.
514.PGW return the binding acknowledgement message that DSMIP succeeds in registration to UE.Set up the DSMIP tunnel between UE and the P-GW.
515. when setting up the IP-CAN session between PGW and the PCRF, PCRF will insert relevant QoS control strategy with the user and be handed down to PGW, PCRF need provide program to be handed down to BPCF through gateway control and QoS the QoS control strategy equally.The QoS information that BPCF can provide according to PCRF, the BBF fixed network resource of using when said UE is commenced business implement to admit control.
Embodiment four
The UE of embodiment four inserts identical among scene and the embodiment three.The main distinction be BBF AAA directly and BPCF set up session, user accessing information is sent to BPCF.Concrete implementing procedure is as shown in Figure 6:
601. carry out access authentication procedure between user and the mobile network, be the process of UE distributing IP address, and 3GPP AAA obtain the process of user accessing information; Can reference implementation step 501 to the step 505 of example three.
602.3GPP AAA finds BBF AAA according to IP address in the user accessing information and configuration relation; And and BBF AAA between set up session; Also said user accessing information is sent to BBF AAA; Insert about said UE with notice BBF AAA, and explain that said UE has passed through the authentication of EPS network.
603. said BBF AAA is found to be the BPCF of user's access service according to IP address information in the user accessing information and configuration relation, sets up session between said BBF AAA and the said BPCF, and said user accessing information is sent to BPCF.
604.BPCF find PCRF according to user accessing information, and set up S9 *Session.
605.DSMIP tunnel establishment procedure, and policy update process, can reference implementation step 511 to step 515 in the example three.
Can know that in conjunction with above each embodiment the operation thinking that fixed network perception user of the present invention inserts can be represented as shown in Figure 7.Referring to Fig. 7, Fig. 7 is the general flow chart that the fixed network perception user of the embodiment of the invention inserts, and this flow process may further comprise the steps:
Step 710: based on the verification process stage that the mobile network carries out UE, 3GPP AAA obtains user accessing information and further passes to BBF AAA.
Step 720: said BBF AAA provides said user accessing information to BPCF.
Step 730:BPCF is found to be the PCRF that the user serves according to the user accessing information of receiving, and initiates S9 to this PCRF *Session is set up.Certainly, concrete session possibly also comprise S9 *Other session in addition.
In order to guarantee that aforesaid operations thinking and each embodiment can realize smoothly, can carry out setting as shown in Figure 8.Referring to Fig. 8, Fig. 8 is the system diagram that the fixed network perception user of the embodiment of the invention inserts, and this system comprises continuous information initial acquisition unit, information transfer unit, information applying unit.Wherein, the information initial acquisition unit can be arranged among the 3GPP AAA; Information transfer unit can be arranged among the BBF AAA; The information applying unit can be arranged among the BPCF.
During concrete the application, based on the verification process stage that the mobile network carries out UE, the information initial acquisition unit can be obtained user accessing information and further pass to information transfer unit; Next, information transfer unit can provide said user accessing information to the information applying unit; The information applying unit then can be found to be the PCRF of user's service according to the user accessing information of receiving, and initiates S9 to this PCRF *Session is set up.Certainly, concrete session possibly also comprise S9 *Other session in addition.
In addition, when said information initial acquisition unit is obtained said user accessing information, be used for:
If said UE through non-trust BBF network insertion EPS network, then after to said access authentication of user success, triggers ePDG said user accessing information is offered said information initial acquisition unit;
If said UE then after to said access authentication of user success, triggers P-GW said user accessing information is offered said information initial acquisition unit through trusting BBF network insertion EPS network.
Said user accessing information comprises ID, tunnel information; Said ID is: IMSI or NAI;
As UE during through non-trust BBF network insertion EPS network, if UE adopts the route pattern to insert, said tunnel information comprises CPE/RG IP address and ePDG IP address; If UE adopts the bridge pattern to insert, said tunnel information comprises UE IP address and ePDG IP address;
When UE passed through to trust BBF network insertion EPS network, said tunnel information comprised CoA and P-GW address.
When said information initial acquisition unit passes to said information transfer unit with said user accessing information, be used for:
Find information transfer unit according to the CPE/RG IP address, UE IP address or the CoA that comprise in the tunnel information in the said user accessing information and configuration relation; Session is set up in said information initial acquisition unit and said information transfer unit, and said user accessing information is passed to said information transfer unit.
Said information transfer unit is used for when said information applying unit provides said user accessing information:
Through BRAS/BNG said user accessing information is offered said information applying unit; Perhaps,
Directly said user accessing information is offered said information applying unit.
When said information transfer unit offers said information applying unit through BRAS/BNG with said user accessing information, be used for:
Find the process of BRAS/BNG, and set up the process of session, and the most said user accessing information passes to BRAS/BNG with BRAS/BNG;
Also comprise said BRAS/BNG find said information applying unit, and and said information applying unit set up the process of session, guarantee said user accessing information is passed to said information applying unit.
When said information transfer unit offers said information applying unit through BRAS/BNG with said user accessing information, specifically be used for:
If UE adopts the route mode to insert or said ID is mobile identify label; BRAS/BNG is found according to IP address that tunnel information comprised in the said user accessing information that obtains and configuration relation in then said information transfer unit; And with said BRAS/BNG set up session, also said user accessing information is sent to BRAS/BNG; Said BRAS/BNG finds said information applying unit according to the IP address that comprises in the said tunnel information/CoA/CPE/RG IP address and configuration relation; And with said information applying unit set up session, also said user accessing information is sent to said information applying unit;
If UE adopts the bridge mode to insert, then UE carries said moving and fixed network Unified Identity sign or fixed network identify label when request BRAS/BNG is its distributing IP address; Session is set up in said BRAS/BNG and said information transfer unit, sends the authentication request to said user to said information transfer unit, carries said identify label and BRAS/BNG IP address in the request; The mapping relations of said identify label and BRAS/BNG IP address are preserved in said information transfer unit; After the authentication success, said BRAS/BNG is said user's distributing IP address; Said information transfer unit gets access to said user accessing information, matees according to the identify label in the mobile fixed network Unified Identity sign that comprises in the said user accessing information or mobile network and fixed network dual identity sign and the said information transfer unit and the mapping relations of BRAS/BNG IP address; And recognizing said user when carrying out the fixed network authentication, the session of setting up when utilizing the fixed network authentication is handed down to BRAS/BNG with said user accessing information; Said BRAS/BNG finds said information applying unit according to said user accessing information and configuration relation, and sets up session with said information applying unit; Said BRAS/BNG sends to said information applying unit with said user accessing information.
Said information applying unit is found said PCRF, and when this PCRF initiation session is set up, is used for:
Said information applying unit is found to be the PCRF that the user serves according to the ID that comprises in the said user accessing information, and then initiates S9 to said PCRF *Session is set up.
Visible in sum, no matter be method or system, the technology that fixed network perception user of the present invention inserts makes fixed network equipment to discern the user according to user accessing information and inserts, thereby can support the service implementation that the user is carried out to admit control.
The above is merely preferred embodiment of the present invention, is not to be used to limit protection scope of the present invention, all any modifications of within spirit of the present invention and principle, being done, is equal to replacement and improvement etc., all should be included within protection scope of the present invention.

Claims (16)

1. the method that inserts of a fixed network perception user is characterized in that this method comprises:
Based on the verification process stage that the mobile network carries out user equipment (UE), third generation partner program authentication and authorization charging 3GPP AAA obtains user accessing information and further passes to the authentication and authorization charging BBF AAA of broadband forum;
Said BBF AAA provides said user accessing information to broadband policy controlled function BPCF;
BPCF is found to be the "Policy and Charging Rules Function PCRF that the user serves according to the user accessing information of receiving, and sets up to this PCRF initiation session.
2. method according to claim 1 is characterized in that, the process that 3GPP AAA obtains said user accessing information comprises:
If said UE is through non-trust BBF network insertion evolved packet system EPS network, then after to said access authentication of user success, the packet data gateway ePDG of evolution offers said 3GPP AAA with said user accessing information;
If said UE is through trusting BBF network insertion EPS network, then after to said access authentication of user success, grouped data network gateway P-GW offers said 3GPPAAA with said user accessing information.
3. method according to claim 2 is characterized in that said user accessing information comprises ID, tunnel information; Said ID is: international mobile subscriber identity IMSI or network access Identifier NAI;
As UE during through non-trust BBF network insertion EPS network, if UE adopts the route pattern to insert, said tunnel information comprises IP address and the ePDG IP address of customer premises equipment, CPE CPE/ home gateway RG; If UE adopts the bridge pattern to insert, said tunnel information comprises UE IP address and ePDG IP address;
When UE passed through to trust BBF network insertion EPS network, said tunnel information comprised Care-of Address CoA and P-GW address;
EPDG provides the method for said user accessing information to be to 3GPP AAA:
EPDG directly provides said user accessing information to 3GPP AAA; Or,
EPDG offers 3GPP AAA through P-GW with said user accessing information.
4. method according to claim 1 is characterized in that, said 3GPP AAA comprises the process that said user accessing information passes to BBF AAA:
Said 3GPP AAA finds BBF AAA according to the CPE/RG IP address, UE IP address or the CoA that comprise in the tunnel information in the said user accessing information and configuration relation; Said 3GPP AAA and said BBF AAA set up session, and said user accessing information is passed to said BBF AAA.
5. according to each described method of claim 1 to 4, it is characterized in that said BBF AAA provides the mode of said user accessing information to comprise to BPCF:
Said BBF AAA offers BPCF through BAS Broadband Access Server BRAS/ wideband network gateway BNG with said user accessing information; Perhaps,
Said BBF AAA directly offers BPCF with said user accessing information.
6. method according to claim 5 is characterized in that, said BBF AAA offers BPCF through BRAS/BNG with said user accessing information and comprises:
BBF AAA finds the process of BRAS/BNG, and sets up the process of session with BRAS/BNG, and the most said user accessing information passes to BRAS/BNG;
Also comprise said BRAS/BNG find BPCF, and and BPCF set up the process of session, guarantee said user accessing information is passed to BPCF.
7. method according to claim 6 is characterized in that, said BBF AAA comprises the detailed process that said user accessing information offers said BPCF through BRAS/BNG:
If UE adopts the route mode to insert or said ID is mobile identify label; Then BBF AAA finds BRAS/BNG according to IP address that tunnel information comprised from the said user accessing information that 3GPP AAA obtains and configuration relation; And with said BRAS/BNG set up session, also said user accessing information is sent to BRAS/BNG; Said BRAS/BNG finds BPCF according to the IP address that comprises in the said tunnel information/CoA/CPE/RG IP address and configuration relation, and sets up session with said BPCF, also said user accessing information is sent to BPCF;
If UE adopts the bridge mode to insert, then UE carries said moving and fixed network Unified Identity sign or fixed network identify label when request BRAS/BNG is its distributing IP address; Said BRAS/BNG and BBF AAA set up session, send the authentication request to said user to said BBF AAA, carry said identify label and BRAS/BNG IP address in the request; BBF AAA preserves the mapping relations of said identify label and BRAS/BNG IP address; After the authentication success, said BRAS/BNG is said user's distributing IP address; Said BBF AAA gets access to said user accessing information from 3GPP AAA, matees according to the identify label among the mobile fixed network Unified Identity sign that comprises in the said user accessing information or mobile network and fixed network dual identity sign and the BBF AAA and the mapping relations of BRAS/BNG IP address; And recognizing said user when carrying out the fixed network authentication, the session of setting up when utilizing the fixed network authentication is handed down to BRAS/BNG with said user accessing information; Said BRAS/BNG finds BPCF according to said user accessing information and configuration relation, and sets up session with said BPCF; Said BRAS/BNG sends to BPCF with said user accessing information.
8. according to each described method of claim 1 to 4, it is characterized in that said BPCF finds said PCRF, and the process of setting up to this PCRF initiation session comprises:
Said BPCF is found to be the PCRF that the user serves according to the ID that comprises in the said user accessing information, and then initiates S9 to said PCRF *Session is set up.
9. the system that fixed network perception user inserts is characterized in that this system comprises: information initial acquisition unit, information transfer unit, information applying unit; Wherein,
Said information initial acquisition unit was used for based on the mobile network the verification process stage that UE carries out, and obtained user accessing information and further passed to information transfer unit;
Said information transfer unit is used for to the information applying unit said user accessing information being provided;
Said information applying unit is used for being found to be the PCRF that the user serves according to the user accessing information of receiving, and sets up to this PCRF initiation session.
10. system according to claim 9 is characterized in that, when said information initial acquisition unit is obtained said user accessing information, is used for:
If said UE through non-trust BBF network insertion EPS network, then after to said access authentication of user success, triggers ePDG said user accessing information is offered said information initial acquisition unit;
If said UE then after to said access authentication of user success, triggers P-GW said user accessing information is offered said information initial acquisition unit through trusting BBF network insertion EPS network.
11. system according to claim 10 is characterized in that, said user accessing information comprises ID, tunnel information; Said ID is: IMSI or NAI;
As UE during through non-trust BBF network insertion EPS network, if UE adopts the route pattern to insert, said tunnel information comprises CPE/RG IP address and ePDG IP address; If UE adopts the bridge pattern to insert, said tunnel information comprises UE IP address and ePDG IP address;
When UE passed through to trust BBF network insertion EPS network, said tunnel information comprised CoA and P-GW address.
12. system according to claim 9 is characterized in that, when said information initial acquisition unit passes to said information transfer unit with said user accessing information, is used for:
Find information transfer unit according to the CPE/RG IP address, UE IP address or the CoA that comprise in the tunnel information in the said user accessing information and configuration relation; Session is set up in said information initial acquisition unit and said information transfer unit, and said user accessing information is passed to said information transfer unit.
13., it is characterized in that said information transfer unit is used for according to each described system of claim 9 to 12 when said information applying unit provides said user accessing information:
Through BRAS/BNG said user accessing information is offered said information applying unit; Perhaps,
Directly said user accessing information is offered said information applying unit.
14. system according to claim 13 is characterized in that, when said information transfer unit offers said information applying unit through BRAS/BNG with said user accessing information, is used for:
Find the process of BRAS/BNG, and set up the process of session, and the most said user accessing information passes to BRAS/BNG with BRAS/BNG;
Also comprise said BRAS/BNG find said information applying unit, and and said information applying unit set up the process of session, guarantee said user accessing information is passed to said information applying unit.
15. system according to claim 14 is characterized in that, when said information transfer unit offers said information applying unit through BRAS/BNG with said user accessing information, specifically is used for:
If UE adopts the route mode to insert or said ID is mobile identify label; BRAS/BNG is found according to IP address that tunnel information comprised in the said user accessing information that obtains and configuration relation in then said information transfer unit; And with said BRAS/BNG set up session, also said user accessing information is sent to BRAS/BNG; Said BRAS/BNG finds said information applying unit according to the IP address that comprises in the said tunnel information/CoA/CPE/RG IP address and configuration relation; And with said information applying unit set up session, also said user accessing information is sent to said information applying unit;
If UE adopts the bridge mode to insert, then UE carries said moving and fixed network Unified Identity sign or fixed network identify label when request BRAS/BNG is its distributing IP address; Session is set up in said BRAS/BNG and said information transfer unit, sends the authentication request to said user to said information transfer unit, carries said identify label and BRAS/BNG IP address in the request; The mapping relations of said identify label and BRAS/BNG IP address are preserved in said information transfer unit; After the authentication success, said BRAS/BNG is said user's distributing IP address; Said information transfer unit gets access to said user accessing information, matees according to the identify label in the mobile fixed network Unified Identity sign that comprises in the said user accessing information or mobile network and fixed network dual identity sign and the said information transfer unit and the mapping relations of BRAS/BNG IP address; And recognizing said user when carrying out the fixed network authentication, the session of setting up when utilizing the fixed network authentication is handed down to BRAS/BNG with said user accessing information; Said BRAS/BNG finds said information applying unit according to said user accessing information and configuration relation, and sets up session with said information applying unit; Said BRAS/BNG sends to said information applying unit with said user accessing information.
16., it is characterized in that said information applying unit is found said PCRF according to each described system of claim 9 to 12, and when this PCRF initiation session is set up, be used for:
Said information applying unit is found to be the PCRF that the user serves according to the ID that comprises in the said user accessing information, and then initiates S9 to said PCRF *Session is set up.
CN201010514716.5A 2010-10-21 2010-10-21 A kind of method and system of fixed network perception user access Active CN102457847B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201010514716.5A CN102457847B (en) 2010-10-21 2010-10-21 A kind of method and system of fixed network perception user access

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010514716.5A CN102457847B (en) 2010-10-21 2010-10-21 A kind of method and system of fixed network perception user access

Publications (2)

Publication Number Publication Date
CN102457847A true CN102457847A (en) 2012-05-16
CN102457847B CN102457847B (en) 2015-09-16

Family

ID=46040400

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010514716.5A Active CN102457847B (en) 2010-10-21 2010-10-21 A kind of method and system of fixed network perception user access

Country Status (1)

Country Link
CN (1) CN102457847B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103458390A (en) * 2012-06-04 2013-12-18 电信科学技术研究院 IP address transmitting method and device
CN103596272A (en) * 2012-08-13 2014-02-19 电信科学技术研究院 A method, an apparatus, and a system for allocating resource of a fixed broadband network
CN103974230A (en) * 2013-02-05 2014-08-06 中兴通讯股份有限公司 Positional information acquiring method and corresponding device
CN104113930A (en) * 2013-04-16 2014-10-22 中兴通讯股份有限公司 Method of realizing termination connection, and system of realizing termination connection
WO2015035795A1 (en) * 2013-09-11 2015-03-19 Tencent Technology (Shenzhen) Company Limited Method, apparatus and system for network access
CN105471611A (en) * 2014-09-05 2016-04-06 中兴通讯股份有限公司 Processing method, device and system for providing user service
WO2016131297A1 (en) * 2015-07-10 2016-08-25 中兴通讯股份有限公司 Method and device for limiting non-permissive user equipment on access to home gateway
US9451464B2 (en) 2013-09-11 2016-09-20 Tencent Technology (Shenzhen) Company Limited Method, apparatus and system for network access
WO2018192179A1 (en) * 2017-04-19 2018-10-25 中兴通讯股份有限公司 Ip address allocation method and device
CN109104435A (en) * 2018-10-12 2018-12-28 中国科学院上海高等研究院 A method of realizing that data sequentially transmit
WO2023124482A1 (en) * 2021-12-28 2023-07-06 中国电信股份有限公司 Service authentication method and apparatus, and device, system and medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101217810A (en) * 2008-01-16 2008-07-09 中兴通讯股份有限公司 A selecting method of strategy and charging rule functions
WO2010020637A1 (en) * 2008-08-18 2010-02-25 Telefonaktiebolaget L M Ericsson (Publ) Handling of aggregate maximum bit rate by policy and charge control

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101217810A (en) * 2008-01-16 2008-07-09 中兴通讯股份有限公司 A selecting method of strategy and charging rule functions
WO2010020637A1 (en) * 2008-08-18 2010-02-25 Telefonaktiebolaget L M Ericsson (Publ) Handling of aggregate maximum bit rate by policy and charge control

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
3GPP: "《3GPP TR23.839 V0.1.1》", 31 May 2010 *
MOTOROLA: "《TD S2-104849 3GPP TSG SA WG2 Meeting #81》", 15 October 2010 *
ZTE: "《TD S2-103412 3GPP TSG SA WG2 Meeting #80》", 3 September 2010 *

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103458390B (en) * 2012-06-04 2016-12-14 电信科学技术研究院 A kind of IP address transmission method and device
CN103458390A (en) * 2012-06-04 2013-12-18 电信科学技术研究院 IP address transmitting method and device
CN103596272A (en) * 2012-08-13 2014-02-19 电信科学技术研究院 A method, an apparatus, and a system for allocating resource of a fixed broadband network
WO2014026545A1 (en) * 2012-08-13 2014-02-20 电信科学技术研究院 Resource allocation method, apparatus, and system in fixed broadband network
US9750011B2 (en) 2012-08-13 2017-08-29 China Academy Of Telecommunications Technology Resource allocation method, apparatus, and system in fixed broadband network
CN103974230A (en) * 2013-02-05 2014-08-06 中兴通讯股份有限公司 Positional information acquiring method and corresponding device
CN103974230B (en) * 2013-02-05 2019-12-06 中兴通讯股份有限公司 position information acquisition method and corresponding device
CN104113930A (en) * 2013-04-16 2014-10-22 中兴通讯股份有限公司 Method of realizing termination connection, and system of realizing termination connection
WO2014169781A1 (en) * 2013-04-16 2014-10-23 中兴通讯股份有限公司 Method and system for terminating connection by user
CN104113930B (en) * 2013-04-16 2019-02-15 中兴通讯股份有限公司 A kind of method and system for realizing user's termination connection
US9961553B2 (en) 2013-09-11 2018-05-01 Tencent Technology (Shenzhen) Company Limited Method, apparatus and system for network access
US9451464B2 (en) 2013-09-11 2016-09-20 Tencent Technology (Shenzhen) Company Limited Method, apparatus and system for network access
WO2015035795A1 (en) * 2013-09-11 2015-03-19 Tencent Technology (Shenzhen) Company Limited Method, apparatus and system for network access
CN105471611A (en) * 2014-09-05 2016-04-06 中兴通讯股份有限公司 Processing method, device and system for providing user service
WO2016131297A1 (en) * 2015-07-10 2016-08-25 中兴通讯股份有限公司 Method and device for limiting non-permissive user equipment on access to home gateway
WO2018192179A1 (en) * 2017-04-19 2018-10-25 中兴通讯股份有限公司 Ip address allocation method and device
CN109104435A (en) * 2018-10-12 2018-12-28 中国科学院上海高等研究院 A method of realizing that data sequentially transmit
CN109104435B (en) * 2018-10-12 2021-04-06 中国科学院上海高等研究院 Method for realizing data in-sequence transmission
WO2023124482A1 (en) * 2021-12-28 2023-07-06 中国电信股份有限公司 Service authentication method and apparatus, and device, system and medium

Also Published As

Publication number Publication date
CN102457847B (en) 2015-09-16

Similar Documents

Publication Publication Date Title
CN102457847B (en) A kind of method and system of fixed network perception user access
CN101267319B (en) A method for distributing control rule of policy billing
CN103209401B (en) Policy control method and system in a kind of converged network
CN101150418B (en) A selection method for policy billing control server
CN102340866B (en) A kind of method and system of reporting access information of fixed network
CN101730150B (en) Method for controlling network resources during service flow transfer
CN101931946B (en) Multi-access method of terminal in evolved packet system and system thereof
CN102695236B (en) A kind of data routing method and system
CN101335675B (en) Policy control method
US9544832B2 (en) Method, apparatus and system for policy control
CN103096314A (en) Method, system and policy and charging rules function (PCRF) for achieving reflective quality of service (Qos) mechanism
EP2557729A1 (en) Method and system for information transmission
CN102421155A (en) Method and system for realizing flow migration
CN103209410A (en) Methods and system for achieving QoS (quality of service) reflection mechanism
CN103796281A (en) Management method, device and system for packet-data network type
CN102377749A (en) Policy control session association method and system
CN101459524B (en) Method for distributing policy charging control rule
CN103428800A (en) Route selection method and functional network element
CN101577931A (en) Method and system for realizing multi-access
CN102917355A (en) Access method, access system and mobile intelligent access point
CN103379569A (en) Trigger method and trigger apparatus of flow migration
CN102347892B (en) A kind of method and system of acquiring user access information by network equipment
Ahmed et al. Inter-system mobility in evolved packet system (EPS): Connecting non-3GPP accesses
CN101605373B (en) Method and system for controlling UE to access to APN
CN103024738A (en) Seaming service shunt control implementation method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant