CN102457847B - A kind of method and system of fixed network perception user access - Google Patents

A kind of method and system of fixed network perception user access Download PDF

Info

Publication number
CN102457847B
CN102457847B CN201010514716.5A CN201010514716A CN102457847B CN 102457847 B CN102457847 B CN 102457847B CN 201010514716 A CN201010514716 A CN 201010514716A CN 102457847 B CN102457847 B CN 102457847B
Authority
CN
China
Prior art keywords
information
address
user accessing
bng
bras
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201010514716.5A
Other languages
Chinese (zh)
Other versions
CN102457847A (en
Inventor
毛玉欣
芮通
宗在峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201010514716.5A priority Critical patent/CN102457847B/en
Publication of CN102457847A publication Critical patent/CN102457847A/en
Application granted granted Critical
Publication of CN102457847B publication Critical patent/CN102457847B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The invention discloses the method and system of a kind of fixed network perception user access, in the verification process stage all can carried out subscriber equipment based on mobile network, third generation partner program authentication and authorization charging obtains user accessing information and passes to Broadband Forum authentication and authorization charging further; Described Broadband Forum authentication and authorization charging provides described user accessing information to broadband policy controlling functions; Broadband policy controlling functions is found to be the "Policy and Charging Rules Function of user's service according to the user accessing information received, and sets up to this "Policy and Charging Rules Function initiation session.The inventive method and system, make fixed network equipment can access according to user accessing information identification user, thus can support the service implementation call access control carried out user.

Description

A kind of method and system of fixed network perception user access
Technical field
The present invention relates to the communications field, be specifically related to the method and system of a kind of fixed network perception user access.
Background technology
Third generation partner program (3GPP, 3rd Generation Partnership Project) evolved packet system (EPS that develops, Evolved Packet System) by the universal mobile telecommunications system land radio access web (E-UTRAN of evolution, Evolved Universal Terrestrial Radio Access Network), mobile management unit (MME, Mobility Management Entity), gateway (S-GW, ServingGateway), grouped data network gateway (P-GW or PDN GW, Packet Data NetworkGateway), home subscriber server (HSS, Home Subscriber Server), authentication and authorization charging (the AAA of 3GPP, Authentication, Authorization and Accounting) server, "Policy and Charging Rules Function (PCRF, Policy and Charging Rules Function) entity and other support nodes composition.The grouping system part of the evolution of Fig. 1 describes its system architecture, and wherein MME is responsible for the related work of the chain of command such as process and the contextual management of user's mobile management of mobile management, Non-Access Stratum signaling; S-GW is the accessing gateway equipment be connected with E-UTRAN, forwarding data between E-UTRAN and P-GW, and is responsible for carrying out buffer memory to pending datas such as pagings; P-GW is then the borde gateway of EPS and packet data network (PDN, Packet Data Network) network, is responsible for PDN access and the function such as forwarding data between EPS and PDN; S-GW and P-GW belongs to core network gateway; PCRF is "Policy and Charging Rules Function entity, it is by Rx interface and carrier network agreement (IP, Internet Protocol) business network be connected, obtain business information, be connected with the gateway device in bearer network by Gx/Gxa/Gxc interface simultaneously, be responsible for authorizing to bearer network delivering service quality (QoS, Quality of Service), ensure the QoS of business data transmission, and carry out charging control.
As shown in Figure 1, EPS supports 3GPP access (such as, E-UTRAN), and EPS also supports the access of non-3 GPP network in addition.Non-3 GPP network can by S2a/b/c interface access EPS network, and P-GW is as the anchor point between EPS and non-3 GPP system.The non-3 GPP network of access EPS is divided into trusted non-3 GPP access and trustless non-3 GPP access.Trusted non-3 GPP access is by S2a interface access P-GW; Trustless non-3 GPP access needs to access P-GW by the packet data gateway (ePDG, Evolved PacketData Gateway) of evolution, and the interface wherein between ePDG and P-GW is S2b; In addition the subscriber equipment (UE, User Equipment) under non-3 GPP access (trusted and trustless) can also by S2c interface access P-GW.If S2c access trusty, then UE is by trusted non-3 GPP access gateway access P-GW; If the S2c access of non-trusted, then UE is by non-trusted non-3 GPP access gateway, and accesses P-GW through ePDG.S2a/b interface can adopt GPRS Tunnel Protocol (GTP, GPRSTunelling protocol) or proxy mobile IP protocol (PMIP, Proxy Mobile IP) to realize.S2c interface can adopt two stack mobile IP protocol (DSMIP, Dual Stack MIP) to realize.
As shown in Figure 1, if need the business of carrying out the UE of access EPS to use Internet resources to implement precise controlling, realize the charging based on stream simultaneously, then need collocation strategy and charging in EPS to control (PCC, Policy and Charging Control) function.PCC is by "Policy and Charging Rules Function PCRF, strategy and charge execution function (PCEF, Policy and Charging Enforcement Function) and the major function entity such as carrying and binding event reporting function (BBERF, Bearer Binding and Event Report Function) composition.Wherein PCEF can realize on P-GW, carries out the mutual of control strategy information between PCRF and PCEF by Gx interface.BBERF can shut realization at S-GW or trusted non-3 GPP access network.When S5 interface (between P-GW and S-GW), S2a interface (P-GW and trusted non-3 GPP access gateway) adopt PMIP agreement, or during trusted S2c interface employing DSMIP, PCRF carries out the mutual of control strategy information by Gx/Gxa/Gxc interface and BBERF.
Fixed estropia (the FMC that operator pays close attention to, Fixed Mobile Convergence) scene is exactly study based on the framework of the non-3 gpp shown in above-mentioned Fig. 1 and EPS intercommunication, non-3 GPP network is wherein Broadband Forum (BBF, Broadband Forum) network that defines, its concrete net element information is with reference to figure 2.
As shown in Figure 2, with UE accessing WLAN network (WLAN, Wireless Local AreaNetworks) and through BBF fixed network access EPS network for example.UE is by WAP (wireless access point) (WiFi AP, Wireless Fidelity Access Point) access home gateway (RG, Residential Gateway), BBF network is accessed again by RG, final access EPS core network, wherein BBF network is by access point (AN, Access Note), BAS Broadband Access Server (BRAS, Broadband Remote Access Server) capital equipment such as/wideband network gateway (BNG, Broadband Network Gateway) composition.Described AN can be Digital Subscriber Line access and multiplexing device (DSLAM, Digital Subscriber Line AccessMultiplexer) etc.
The BBF fixed network of above-mentioned access EPS core network, according to the credible attitude of mobile operator to fixed network operator, is divided into credible access and insincere access:
If BBF fixed network is considered as trustless access by mobile operator, as shown in the Case 1 in Fig. 2 and Case2, UE needs and ePDG sets up IP Sec (IP safety) tunnel.Data acquisition encrypted transmission between UE and PDN network, makes fixed network equipment cannot data content of its transmission of perception, ensures the fail safe of transfer of data.
If BBF fixed network is considered as trusted access by mobile operator, as shown in the Case 3 in Fig. 2.When now UE is by BBF network insertion EPS core network, do not need through ePDG.DSMIP tunnel is set up for transfer of data between UE and P-GW.
Also there are bridge joint (bridge) and route (route) two kinds of patterns by during user resident network access BBF fixed network in UE in addition; Wherein,
Route pattern: UE accesses RG by WiFi AP, and accesses BRAS/BNG after being converged by AN.RG is UE distributing IP address, and such as: UE accesses RG, adopt username and password certification on RG, after authentication success, RG is UE distributing IP address.BRAS/BNG is RG distributing IP address, and such as: when RG powers on, RG initiates access authentication to BRAS/BNG, after authentication success, BRAS/BNG is this RG distributing IP address.
Bridge mode: UE is accessed by WiFi AP, and accesses BRAS/BNG after being converged by AN.The IP address of UE is distributed by BBF fixed network equipment (such as BRAS/BNG).Under Bridge pattern, in network, also likely there is RG, but now RG is one two layers (data link layer) equipment, the not assigning process of participating user certification and IP address, two layers of connection between UE and BRAS/BNG are only provided.
For Route pattern, RG is the IP address that UE distributes is private net address (home address), and namely this IP address only supplies local network of users internal unit identification UE, and BBF fixed network and EPS core net cannot according to this IP Address Recognition to UE.When UE sends uplink data messages, mark has the data message of UE implicit IP address through RG, RG needs data message outer envelope layer public network IP address, such as, be packaged into customer premises equipment, CPE (CPE, Customer premise equipment) address/RG IP address; This public network address can by BBF equipment and EPS equipment identify.For downlink data message, data message, in data message outer envelope CPE/RG IP address, is sent to CPE/RG, by CPE/RG, the outer envelope of this data message is become the private network IP address of UE, then send to UE by the EPS network equipment.Therefore, under Route pattern, the mutual data message of UE and EPS equipment needs through CPE/RG process, and the equipment (BBF equipment and EPS equipment) after CPE/RG directly can not perceive the UE of access network.For Bridge pattern, because user carries out certification on BRAS/BNG, and be its distributing IP address by BRAS/BNG, this IP address is public network IP address, therefore can by BBF fixed network and the identification of EPS equipment of the core network.
After UE is successfully attached to EPS core network by BBF fixed network, UE just can commence business.In order to ensure the transmission quality of data, promoting Consumer's Experience, needing to ensure the QoS in whole data routing paths, use mobile network resource and fixed network resource to carry out qos policy control realization above-mentioned functions to user respectively by policy control functions.Simultaneously in order to ensure the consistency of carrying out qos policy control for same user fixed network and mobile network, need between PCRF and BPCF to set up S9 *session, uses the information needed for Internet resources for PCRF and BPCF interactive controlling UE, such as user profile, qos policy etc.Described policy control functions can be the broadband policy controlling functions (BPCF, Broadband Policy Control Function) in PCRF and the BBF network in EPS network.
In order to realize above-mentioned to UE commence business implement QoS control process, need BBF fixed network and the EPS network equipment to perceive the access of UE.For the EPS network equipment, because UE is when accessing EPS network, need to perform the access authentication based on 3GPP, contain the access information of user in verification process, therefore the EPS network equipment can perceive the access of described UE.But for BBF fixed network equipment, because it does not support the access authentication mechanism based on 3GPP, therefore when UE is linked into EPS network by BBF fixed network, all authentication messages based on 3GPP in BBF network all by transparent transmission, therefore BBF fixed network equipment obtains the access information less than user, thus cannot perceive the access of UE.Therefore also just cannot carry out described UE in fixed network side and obtain service implementation call access control.This is obviously unfavorable for carrying out smoothly of customer service, can reduce user satisfaction simultaneously.
Summary of the invention
In view of this, main purpose of the present invention is the method and system providing a kind of fixed network perception user to access, and fixed network equipment can be accessed according to user accessing information identification user, support the service implementation call access control carried out user.
For achieving the above object, technical scheme of the present invention is achieved in that
A method for fixed network perception user access, the method comprises:
Based on the verification process stage that mobile network carries out user equipment (UE), third generation partner program authentication and authorization charging 3GPP AAA obtains user accessing information and passes to Broadband Forum authentication and authorization charging BBF AAA further;
Described BBF AAA provides described user accessing information to broadband policy controlling functions BPCF;
BPCF is found to be the "Policy and Charging Rules Function PCRF of user's service according to the user accessing information received, and sets up to this PCRF initiation session.
The process that 3GPP AAA obtains described user accessing information comprises:
If described UE is by non-trusted BBF network insertion evolved packet system EPS network, then, after to described access authentication of user success, described user accessing information is supplied to described 3GPP AAA by the packet data gateway ePDG of evolution;
If described UE is by trusting BBF network insertion EPS network, then, after to described access authentication of user success, described user accessing information is supplied to described 3GPPAAA by grouped data network gateway P-GW.
Described user accessing information comprises user ID, tunnel information; Described user ID is: international mobile subscriber identity IMSI or network access Identifier NAI;
When UE is by non-trusted BBF network insertion EPS network, if UE adopts the access of route pattern, described tunnel information comprises IP address and the ePDG IP address of customer premises equipment, CPE CPE/ home gateway RG; If UE adopts the access of bridge pattern, described tunnel information comprises UE IP address and ePDG IP address;
When UE is by trusting BBF network insertion EPS network, described tunnel information comprises Care-of Address CoA and P-GW address;
EPDG provides the method for described user accessing information to be to 3GPP AAA:
EPDG provides described user accessing information directly to 3GPP AAA; Or,
Described user accessing information is supplied to 3GPP AAA by P-GW by ePDG.
The process that described user accessing information passes to BBF AAA comprises by described 3GPP AAA:
Described 3GPP AAA finds BBF AAA according to the CPE/RG IP address comprised in the tunnel information in described user accessing information, UE IP address or CoA and configuration relation; Described 3GPP AAA and described BBF AAA sets up session, and described user accessing information is passed to described BBF AAA.
Described BBF AAA provides the mode of described user accessing information to comprise to BPCF:
Described user accessing information is supplied to BPCF by BAS Broadband Access Server BRAS/ wideband network gateway BNG by described BBF AAA; Or,
Described user accessing information is directly supplied to BPCF by described BBF AAA.
Described user accessing information is supplied to BPCF by BRAS/BNG and comprises by described BBF AAA:
BBF AAA finds the process of BRAS/BNG, and sets up the process of session with BRAS/BNG, and the most described user accessing information passes to BRAS/BNG;
Also comprise described BRAS/BNG find BPCF and and BPCF set up the process of session, guarantee described user accessing information to pass to BPCF.
The detailed process that described user accessing information is supplied to described BPCF is comprised by BRAS/BNG by described BBF AAA:
If UE adopts route mode to access or described user ID is mobile identify label, then the IP address that comprises according to the tunnel information in the described user accessing information obtained from 3GPP AAA of BBF AAA and configuration relation find BRAS/BNG, and set up session with described BRAS/BNG, also described user accessing information is sent to BRAS/BNG; Described BRAS/BNG finds BPCF according to the IP address comprised in described tunnel information/CoA/CPE/RG IP address and configuration relation, and sets up session with described BPCF, also described user accessing information is sent to BPCF;
If UE adopts bridge mode to access, then UE is when asking BRAS/BNG be its distributing IP address, carries described movement and fixed network Unified Identity identifies or fixed network identify label; Described BRAS/BNG and BBF AAA sets up session, sends the authentication request for described user, carry described identify label and BRAS/BNG IP address in request to described BBF AAA; BBFAAA preserves the mapping relations of described identify label and BRAS/BNG IP address; After authentication success, described BRAS/BNG is described user's distributing IP address; Described BBF AAA gets described user accessing information from 3GPP AAA, and the mapping relations according to the identify label in the mobile fixed network Unified Identity mark comprised in described user accessing information or mobile network and fixed network dual identity mark and BBF AAA and BRAS/BNG IP address are mated; And when recognizing described user and carrying out fixed network certification, utilize the session of setting up during fixed network certification that described user accessing information is handed down to BRAS/BNG; Described BRAS/BNG finds BPCF according to described user accessing information and configuration relation, and sets up session with described BPCF; Described user accessing information is sent to BPCF by described BRAS/BNG.
Described BPCF finds described PCRF, and comprises to the process that this PCRF initiation session is set up:
Described BPCF is found to be the PCRF of user's service according to the user ID comprised in described user accessing information, and then initiates S9 to described PCRF *session establishment.
A system for fixed network perception user access, this system comprises: information initial acquisition unit, information transfer unit, Information application unit; Wherein,
Described information initial acquisition unit, for the verification process stage of carrying out UE based on mobile network, obtains user accessing information and passes to information transfer unit further;
Described information transfer unit, for providing described user accessing information to Information application unit;
Described Information application unit, for being found to be the PCRF of user's service according to the user accessing information received, and sets up to this PCRF initiation session.
When described information initial acquisition unit obtains described user accessing information, for:
If described UE is by non-trusted BBF network insertion EPS network, then, after to described access authentication of user success, triggers ePDG and described user accessing information is supplied to described information initial acquisition unit;
If described UE is by trusting BBF network insertion EPS network, then, after to described access authentication of user success, triggers P-GW and described user accessing information is supplied to described information initial acquisition unit.
Described user accessing information comprises user ID, tunnel information; Described user ID is: IMSI or NAI;
When UE is by non-trusted BBF network insertion EPS network, if UE adopts the access of route pattern, described tunnel information comprises CPE/RG IP address and ePDG IP address; If UE adopts the access of bridge pattern, described tunnel information comprises UE IP address and ePDG IP address;
When UE is by trusting BBF network insertion EPS network, described tunnel information comprises CoA and P-GW address.
When described user accessing information is passed to described information transfer unit by described information initial acquisition unit, for:
Information transfer unit is found according to the CPE/RG IP address comprised in the tunnel information in described user accessing information, UE IP address or CoA and configuration relation; Described information initial acquisition unit and described information transfer unit set up session, described user accessing information are passed to described information transfer unit.
When described information transfer unit provides described user accessing information to described Information application unit, for:
By BRAS/BNG, described user accessing information is supplied to described Information application unit; Or,
Directly described user accessing information is supplied to described Information application unit.
When described user accessing information is supplied to described Information application unit by BRAS/BNG by described information transfer unit, for:
Find the process of BRAS/BNG, and set up the process of session with BRAS/BNG, and the most described user accessing information passes to BRAS/BNG;
Also comprise described BRAS/BNG find described Information application unit and and described Information application unit set up the process of session, guarantee described user accessing information to pass to described Information application unit.
When described user accessing information is supplied to described Information application unit by BRAS/BNG by described information transfer unit, specifically for:
If UE adopts route mode to access or described user ID is mobile identify label, then described information transfer unit finds BRAS/BNG according to the IP address that comprises of tunnel information in the described user accessing information obtained and configuration relation, and set up session with described BRAS/BNG, also described user accessing information is sent to BRAS/BNG; Described BRAS/BNG finds described Information application unit according to the IP address comprised in described tunnel information/CoA/CPE/RG IP address and configuration relation, and set up session with described Information application unit, also described user accessing information is sent to described Information application unit;
If UE adopts bridge mode to access, then UE is when asking BRAS/BNG be its distributing IP address, carries described movement and fixed network Unified Identity identifies or fixed network identify label; Described BRAS/BNG and described information transfer unit set up session, send the authentication request for described user, carry described identify label and BRAS/BNG IP address in request to described information transfer unit; Described information transfer unit preserves the mapping relations of described identify label and BRAS/BNG IP address; After authentication success, described BRAS/BNG is described user's distributing IP address; Described information transfer unit gets described user accessing information, and the mapping relations according to the identify label in the mobile fixed network Unified Identity mark comprised in described user accessing information or mobile network and fixed network dual identity mark and described information transfer unit and BRAS/BNG IP address are mated; And when recognizing described user and carrying out fixed network certification, utilize the session of setting up during fixed network certification that described user accessing information is handed down to BRAS/BNG; Described BRAS/BNG finds described Information application unit according to described user accessing information and configuration relation, and sets up session with described Information application unit; Described user accessing information is sent to described Information application unit by described BRAS/BNG.
Described Information application unit finds described PCRF, and when setting up to this PCRF initiation session, for:
Described Information application unit is found to be the PCRF of user's service according to the user ID comprised in described user accessing information, and then initiates S9 to described PCRF *session establishment.
The inventive method and system, make fixed network equipment can access according to user accessing information identification user, thus can support the service implementation call access control carried out user.
Accompanying drawing explanation
Fig. 1 is the schematic diagram of the system architecture of EPS;
Fig. 2 is FMC system schematic;
Fig. 3 is that the BPCF of an embodiment in insincere access scene performs call access control flow chart;
Fig. 4 is that the BPCF of another embodiment in insincere access scene performs call access control flow chart;
Fig. 5 is that the BPCF of an embodiment in credible access scene performs call access control flow chart;
Fig. 6 is that the BPCF of another embodiment in credible access scene performs call access control flow chart;
Fig. 7 is the general flow chart of the fixed network perception user access of the embodiment of the present invention;
Fig. 8 is the system diagram of the fixed network perception user access of the embodiment of the present invention.
Embodiment
In general, based on the verification process stage that mobile network carries out UE, 3GPP AAA can obtain user accessing information and pass to BBF AAA further; Afterwards, described BBF AAA can provide described user accessing information to BPCF, and described BPCF then can be found to be the PCRF of user's service according to the described user accessing information received, and initiates S9 to this PCRF *session establishment.
Specifically, 3GPPAAA obtains the process of described user accessing information and can be:
If described UE is by non-trusted BBF network insertion EPS network, then, after to described access authentication of user success, described user accessing information is supplied to described 3GPP AAA by ePDG.Certainly, if UE is by non-trusted BBF network insertion EPS network, and adopt S2b interface, then described user accessing information also can be supplied to described 3GPP AAA by P-GW by ePDG.
If described UE is by trusting BBF network insertion EPS network, then, after to described access authentication of user success, described user accessing information is supplied to described 3GPP AAA by P-GW.
Described user accessing information can comprise user ID, tunnel information etc.Described user ID can be: international mobile subscriber identity (IMSI, International Mobile Subscriber IdentificationNumber) or network access Identifier (NAI, Network Access Identifier) etc.
In addition, when UE is by non-trusted BBF network insertion EPS network, if UE adopts the access of route pattern, described tunnel information comprises CPE/RG IP address and ePDG IP address; If UE adopts the access of bridge pattern, described tunnel information comprises UE IP address and ePDG IP address.
If UE is by trusting BBF network insertion EPS network, then described tunnel information comprises Care-of Address (CoA, care-of-address) and P-GW address.
The process that described user accessing information is passed to BBF AAA by described 3GPP AAA further can comprise:
Described 3GPP AAA finds BBF AAA according to the CPE/RG IP address (for route access module) comprised in the tunnel information in described user accessing information, UE IP address (for bridge access module) or CoA and configuration relation.Described 3GPP AAA and described BBF AAA sets up session, and described user accessing information is passed to described BBF AAA.
Described BBF AAA provides the mode of described user accessing information to comprise to BPCF:
Described user accessing information is supplied to BPCF by BRAS/BNG by described BBF AAA; Or,
Described user accessing information is directly supplied to BPCF by described BBF AAA.
When described user accessing information is supplied to BPCF by BRAS/BNG by described BBF AAA, relate to the process that BBF AAA finds BRAS/BNG, and set up the process of session with BRAS/BNG, and the most described user accessing information passes to BRAS/BNG.Certainly, described BRAS/BNG can find BPCF equally, and sets up session, to guarantee described user accessing information to pass to BPCF with BPCF.
It should be noted that, if described user ID is mobile identify label (such as IMSI), the IP address that then BBFAAA comprises according to the tunnel information in the described user accessing information obtained from 3GPP AAA (if route access, is RG/CPE IP address; If bridge access, be UE IP address or CoA) and configuration relation discovery BRAS/BNG, and set up session with described BRAS/BNG, also described user accessing information (tunnel information and user ID) is sent to BRAS/BNG.Described BRAS/BNG finds BPCF according to the IP address comprised in described tunnel information/CoA/CPE/RG IP address and configuration relation, and set up session with described BPCF, also described user accessing information (comprising tunnel information and user ID) is sent to BPCF.
Said method also can be used in the user with fixing mobile Unified Identity mark or have user that is fixing and mobile network's dual identity mark.Further, if described user ID has mobile network and fixed network dual identity mark or moves and fixed network Unified Identity mark, so:
If UE adopts route mode to access, then route implementation when can be mobile identify label with reference to above-mentioned user ID.
If UE adopts bridge mode to access, then UE is when asking BRAS/BNG be its distributing IP address, carries described movement and fixed network Unified Identity identifies or fixed network identify label.Described BRAS/BNG and BBF AAA sets up session, sends the authentication request for described user, carry described identify label and BRAS/BNG IP address in request to described BBF AAA.BBF AAA preserves the mapping relations of described identify label and BRAS/BNG IP address.After authentication success, described BRAS/BNG is described user's distributing IP address.Described BBF AAA gets described user accessing information from 3GPP AAA, and the mapping relations according to the identify label in the mobile fixed network Unified Identity mark comprised in described user accessing information or mobile network and fixed network dual identity mark and BBF AAA and BRAS/BNG IP address are mated; And when recognizing described user and carrying out fixed network certification, utilize the session of setting up during fixed network certification that described user accessing information is handed down to BRAS/BNG.Described BRAS/BNG finds BPCF according to described user accessing information and configuration relation, and sets up session with described BPCF.Described user accessing information is sent to BPCF by described BRAS/BNG.
Described BPCF is found to be the PCRF of described user service, and initiates S9 to described PCRF *the process of session establishment comprises:
Described BPCF is found to be the PCRF of user's service according to the user ID comprised in described user accessing information (such as IMSI, or NAI), and described BPCF initiates S9 to described PCRF *session establishment.
Below, by reference to the accompanying drawings specific embodiment is described.
Embodiment one
UE is accessed by fixed network WLAN, and fixed network access is considered as trustless access by mobile operator, disposes ePDG to ensure data transmission security in mobile network.When UE sets up IP-Sec tunnel to ePDG, ePDG is to 3GPP aaa authentication, and after certification is passed through, 3GPP AAA sets up session to BBF AAA, to notify that user accesses to BBF AAA.Carry user accessing information in the described message that notifies, in this message alternatively this UE bright in mobile network certification pass through.User accessing information is sent to BPCF by BRAS/BNG by BBF AAA.BPCF finds PCRF according to user ID, and PCRF sets up S9 *session.Concrete realization flow is as shown in Figure 3:
301.UE by insincere BBF network insertion to EPC network.Extensible Authentication Protocol-the certification based on 3GPP and secret key negotiation mechanism (EAP-AKA) access authentication flow process is performed between UE, ePDG and 3GPP AAA.In verification process, UE needs user ID (such as IMSI or NAI) to pass to 3GPPAAA.Because BBF network does not support EAP-AKA certification, the authentication message therefore performing EAP-AKA between above-mentioned UE and EPC network carries out transparent transmission in BBF network.
302.RG or BRAS/BNG is to UE distributing IP address.If UE adopts Route pattern access network, then distribute private network IP address by RG to UE; If UE adopts bridge pattern access network, then distribute public ip address by BRAS/BNG to UE.
303.UE starts internet key exchange v2 (IKEv2) authentication process, performs authentication program between ePDG and 3GPPAAA.After certification is passed through, set up IP-Sec tunnel between UE and ePDG, user accessing information is sent to 3GPP AAA by ePDG.Described user accessing information comprises user ID (such as IMSI/NAI), IP-Sec tunnel information.If UE adopts the access of Route pattern, then described ipsec tunnel packets of information is containing RG/CPE IP address and ePDG IP address; If UE adopts the access of Bridge pattern, then described ipsec tunnel packets of information is containing UE IP address and ePDG IP address.
304.3GPP AAA preserves the user accessing information received from ePDG.3GPP AAA finds BBF AAA (such as: 3GPP AAA inquires fixed network information according to the CPE/RG IP address in ipsec tunnel information or UE IP address and the BBF fixed network configuration relation that distributes this IP address field, obtaining further as user accesses the IP address of the BBF AAA that EPS network is served) according to user accessing information.Set up session between 3GPP AAA and BBF AAA, described user accessing information is sent to BBF AAA, to notify that BBF AAA accesses about described UE, and illustrate that described UE have passed the certification of EPS network.
The IP address information (such as UE IP address or RG/CPE IP address) that 305.BBF AAA contains according to ipsec tunnel packets of information and configuration relation (this configuration relation indicates the BRAS/BNG for the service of IP address field) are found to be the BRAS/BNG of this UE access network service, set up session between BBF AAA and this BRAS/BNG, and described user accessing information is sent to described BRAS/BNG.
306.BRAS/BNG is found to be the BPCF of this UE access network service according to the IP address information comprised in ipsec tunnel information (such as UE IP address or RG/CPE IP address) and configuration relation (this configuration relation indicates the BPCF for the service of this IP address field), set up session between BRAS/BNG and this BPCF, and described user accessing information is sent to described BPCF.
307.BPCF is found to be the PCRF of user's access service according to the user ID comprised in user accessing information (IMSI or NAI such as), and sets up S9 with PCRF *session.S9 *session establishment can be realized by gateway control session creation facilities program (CFP).
308. when BBF AAA complete ipsec tunnel set up authentication success after, return response message to ePDG, ePDG to P-GW initiate agent binding amendment (Proxy Binding Update, PBU) request, carry out PMIP registration.
After 309.PGW receives the PMIP registration request from ePDG, and between PCRF, set up IP-CAN session.
310.PGW initiates PGW address to 3GPP AAA and upgrades.
311.PGW returns PMIP to ePDG and to succeed in registration message.
312. after PMIP succeeds in registration, and UE carries out authentication to ePDG, completes the foundation of ipsec tunnel.
313.ePDG sends last IKEv2 message to UE.Set up IP between UE and PGW to connect.The data of UE and PDN network interaction are transmitted by ipsec tunnel between UE and ePDG, are transmitted between ePDG and PGW by PMIP tunnel.
314. when setting up IP-CAN session between PGW and PCRF, and PCRF is handed down to PGW by accessing relevant QoS control strategy with user, and PCRF needs QoS control strategy to provide program to be handed down to BPCF by gateway control and QoS equally.The QoS information that BPCF can provide according to PCRF, the BBF fixed network resource used when commencing business to described UE implements call access control.
Embodiment two
The UE access scene of embodiment two and identical in embodiment one, the main distinction is after completing access authentication, provides user accessing information by ePDG by P-GW to 3GPP AAA.Concrete implementing procedure is as shown in Figure 4:
401.UE access network, performs the process of access authentication, and is the process of UE distributing IP address, can the step 301 of reference example one to step 302.
402.UE starts IKEv2 authentication process, performs authentication program between ePDG and 3GPP AAA.After certification is passed through, between UE and ePDG, set up IP-Sec tunnel.
403.ePDG sends agent binding update messages to P-GW, and PMIP registration is carried out in request.Also comprise user accessing information in described message, described user accessing information comprises user ID (such as IMSI/NAI), IP-Sec tunnel information etc.If UE adopts the access of Route pattern, then described ipsec tunnel packets of information is containing RG/CPE IP address and ePDG IP address; If UE adopts the access of Bridge pattern, then described ipsec tunnel packets of information is containing UE IP address and ePDG IP address.
After 404.PGW receives the PMIP registration request from ePDG, and between PCRF, set up IP-CAN session.
405.PGW returns PMIP to ePDG and to succeed in registration message.
Described user accessing information is sent to 3GPP AAA by 406.PGW.
The IP address information (such as UE IP address or RG/CPE IP address) that 407.BBF AAA contains according to ipsec tunnel packets of information and configuration relation (this configuration relation indicates the BRAS/BNG for the service of IP address field) are found to be the BRAS/BNG of this UE access network service, set up session between BBF AAA and BRAS/BNG, and described user accessing information is sent to described BRAS/BNG.
Described user accessing information is supplied to the process of BPCF by 408.BBF AAA, can reference example one step 305 to step 306.
409.BPCF is found to be the PCRF of user's access service according to the user ID comprised in user accessing information (IMSI or NAI such as), and sets up S9 with PCRF *session.S9 *session establishment can be realized by gateway control session creation facilities program (CFP).
410.IPSec tunnel establishment procedure, can the step 312 of reference example one to step 313.
Embodiment three
UE is accessed by fixed network WLAN, and fixed network access is considered as trusted access by mobile operator.UE and P-GW sets up DSMIP tunnel, and P-GW transmits user accessing information to 3GPP AAA, and 3GPP AAA sets up session to BBF AAA, notifies that user accesses to BBF AAA.Carry user accessing information in the described message that notifies, in this message alternatively this UE bright in mobile network certification pass through.The session that BBFAAA utilizes user to set up in fixed network authentication phase and BRAS/BNG, passes to BRAS/BNG by user accessing information.Described BRAS/BNG finds BPCF according to IP address and configuration relation further, and user accessing information is passed to BPCF.BPCF finds PCRF according to user ID, and PCRF sets up S9 *session.Concrete realization flow is as shown in Figure 5:
501.UE by credible BBF network insertion to EPC network.The EAP-AKA access authentication flow process based on 3GPP is performed between UE, P-GW and 3GPP AAA.In verification process, UE needs fixed network mobile network dual identity mark to pass to 3GPP AAA.Because BBF network does not support EAP-AKA certification, the authentication message therefore performing EAP-AKA between above-mentioned UE and EPC network carries out transparent transmission in BBF network.
502.UE is to BRAS/BNG request dispatching IP address.Fixed network identify label is carried in the described message of asking.
After 503.BRAS/BNG receives user's request, and set up session between BBF AAA, and perform access authentication to BBFAAA request for this user.For comprising the IP address of fixed network identify label and BRAS/BNG in the described message of asking.BBF AAA is to after access authentication of user success, and preserve the mapping relations of described fixed network identify label and BRAS/BNG IP address, be UE distributing IP address simultaneously.
504.BRAS/BNG returns access authentication to UE and successfully responds, and is included as the IP address that UE distributes in this response.
505.UE starts IKEv2 authentication process, performs authentication program between P-GW and 3GPP AAA.After certification is passed through.Perform initial guide (bootstrapping) program between UE and P-GW, user accessing information is sent to 3GPP AAA by P-GW.Described user accessing information comprises user ID (described user ID is fixed network mobile network dual identity mark), also comprises the tunnel information of CoA (namely BRAS/BNG is the IP address that UE distributes) and P-GW IP address.
506.3GPP AAA preserves the user accessing information received from P-GW.3GPP AAA finds BBF AAA (such as: 3GPP AAA inquires fixed network information according to the IP address in tunnel information and the BBF fixed network configuration relation that distributes this IP address field, obtaining further as user accesses the IP address of the BBF AAA that EPS network is served) according to user accessing information.Set up session between 3GPP AAA and BBF AAA, described user accessing information is sent to BBF AAA, to notify that BBF AAA accesses about described UE, and illustrate that described UE have passed the certification of EPS network.
507.BBF AAA is according to the fixed network mobile network dual identity identifier lookup mapping relations comprised in the user accessing information received from 3GPP AAA, and this user of perception had done fixed network certification.
The session that 508.BBF AAA utilizes this user to set up in fixed network authentication phase, sends to BRAS/BNG by described user accessing information.
The CoA that 509.BRAS/BNG comprises according to tunnel information and configuration relation (BPCF for the service of this IP address field) are found to be the BPCF of this UE access network service, set up session between BRAS/BNG and BPCF, and described user accessing information is sent to BPCF.
510.BPCF is found to be the PCRF of user's access service according to the user ID comprised in user accessing information (i.e. fixed network mobile network dual identity mark), and sets up S9 with PCRF *session.S9 *session establishment can be realized by gateway control session creation facilities program (CFP).
511.UE initiates binding update messages to P-GW, carries CoA, HoA in this message, and DSMIP registration is carried out in request.
After 512.PGW receives the DSMIP registration request from UE, and between PCRF, set up IP-CAN session.
513.PGW initiates PGW address to 3GPP AAA and upgrades.
514.PGW returns to UE the binding acknowledgement message that DSMIP succeeds in registration.DSMIP tunnel is set up between UE and P-GW.
515. when setting up IP-CAN session between PGW and PCRF, and PCRF is handed down to PGW by accessing relevant QoS control strategy with user, and PCRF needs QoS control strategy to provide program to be handed down to BPCF by gateway control and QoS equally.The QoS information that BPCF can provide according to PCRF, the BBF fixed network resource used when commencing business to described UE implements call access control.
Embodiment four
The UE access scene of embodiment four and identical in embodiment three.The main distinction be BBF AAA directly and BPCF set up session, user accessing information is sent to BPCF.Concrete implementing procedure is as shown in Figure 6:
Performing access authentication procedure between 601. users and mobile network, is the process of UE distributing IP address, and 3GPP AAA obtains the process of user accessing information; Can the step 501 of reference example three to step 505.
602.3GPP AAA finds BBF AAA according to the IP address in user accessing information and configuration relation, and and set up session between BBF AAA, also described user accessing information is sent to BBF AAA, to notify that BBF AAA accesses about described UE, and illustrate that described UE have passed the certification of EPS network.
BBF AAA described in 603. is found to be the BPCF of user's access service according to the IP address information in user accessing information and configuration relation, sets up session, and described user accessing information is sent to BPCF between described BBF AAA and described BPCF.
604.BPCF finds PCRF according to user accessing information, and sets up S9 *session.
605.DSMIP tunnel establishment procedure, and policy update process, can step 511 in reference example three to step 515.
Known in conjunction with above each embodiment, the operation thinking of fixed network perception user access of the present invention can represent as shown in Figure 7.Be the general flow chart of the fixed network perception user access of the embodiment of the present invention see Fig. 7, Fig. 7, this flow process comprises the following steps:
Step 710: the verification process stage of carrying out UE based on mobile network, 3GPP AAA obtains user accessing information and passes to BBF AAA further.
Step 720: described BBF AAA provides described user accessing information to BPCF.
Step 730:BPCF is found to be the PCRF of user's service according to the user accessing information received, and initiates S9 to this PCRF *session establishment.Certainly, concrete session also may comprise S9 *other session in addition.
In order to ensure that aforesaid operations thinking and each embodiment can realize smoothly, setting as shown in Figure 8 can be carried out.Be the system diagram of the fixed network perception user access of the embodiment of the present invention see Fig. 8, Fig. 8, this system comprises connected information initial acquisition unit, information transfer unit, Information application unit.Wherein, information initial acquisition unit can be arranged in 3GPP AAA; Information transfer unit can be arranged in BBF AAA; Information application unit can be arranged in BPCF.
During embody rule, based on the verification process stage that mobile network carries out UE, information initial acquisition unit can obtain user accessing information and pass to information transfer unit further; Next, information transfer unit can provide described user accessing information to Information application unit; Information application unit then can be found to be the PCRF of user's service according to the user accessing information received, and initiates S9 to this PCRF *session establishment.Certainly, concrete session also may comprise S9 *other session in addition.
In addition, when described information initial acquisition unit obtains described user accessing information, for:
If described UE is by non-trusted BBF network insertion EPS network, then, after to described access authentication of user success, triggers ePDG and described user accessing information is supplied to described information initial acquisition unit;
If described UE is by trusting BBF network insertion EPS network, then, after to described access authentication of user success, triggers P-GW and described user accessing information is supplied to described information initial acquisition unit.
Described user accessing information comprises user ID, tunnel information; Described user ID is: IMSI or NAI;
When UE is by non-trusted BBF network insertion EPS network, if UE adopts the access of route pattern, described tunnel information comprises CPE/RG IP address and ePDG IP address; If UE adopts the access of bridge pattern, described tunnel information comprises UE IP address and ePDG IP address;
When UE is by trusting BBF network insertion EPS network, described tunnel information comprises CoA and P-GW address.
When described user accessing information is passed to described information transfer unit by described information initial acquisition unit, for:
Information transfer unit is found according to the CPE/RG IP address comprised in the tunnel information in described user accessing information, UE IP address or CoA and configuration relation; Described information initial acquisition unit and described information transfer unit set up session, described user accessing information are passed to described information transfer unit.
When described information transfer unit provides described user accessing information to described Information application unit, for:
By BRAS/BNG, described user accessing information is supplied to described Information application unit; Or,
Directly described user accessing information is supplied to described Information application unit.
When described user accessing information is supplied to described Information application unit by BRAS/BNG by described information transfer unit, for:
Find the process of BRAS/BNG, and set up the process of session with BRAS/BNG, and the most described user accessing information passes to BRAS/BNG;
Also comprise described BRAS/BNG find described Information application unit and and described Information application unit set up the process of session, guarantee described user accessing information to pass to described Information application unit.
When described user accessing information is supplied to described Information application unit by BRAS/BNG by described information transfer unit, specifically for:
If UE adopts route mode to access or described user ID is mobile identify label, then described information transfer unit finds BRAS/BNG according to the IP address that comprises of tunnel information in the described user accessing information obtained and configuration relation, and set up session with described BRAS/BNG, also described user accessing information is sent to BRAS/BNG; Described BRAS/BNG finds described Information application unit according to the IP address comprised in described tunnel information/CoA/CPE/RG IP address and configuration relation, and set up session with described Information application unit, also described user accessing information is sent to described Information application unit;
If UE adopts bridge mode to access, then UE is when asking BRAS/BNG be its distributing IP address, carries described movement and fixed network Unified Identity identifies or fixed network identify label; Described BRAS/BNG and described information transfer unit set up session, send the authentication request for described user, carry described identify label and BRAS/BNG IP address in request to described information transfer unit; Described information transfer unit preserves the mapping relations of described identify label and BRAS/BNG IP address; After authentication success, described BRAS/BNG is described user's distributing IP address; Described information transfer unit gets described user accessing information, and the mapping relations according to the identify label in the mobile fixed network Unified Identity mark comprised in described user accessing information or mobile network and fixed network dual identity mark and described information transfer unit and BRAS/BNG IP address are mated; And when recognizing described user and carrying out fixed network certification, utilize the session of setting up during fixed network certification that described user accessing information is handed down to BRAS/BNG; Described BRAS/BNG finds described Information application unit according to described user accessing information and configuration relation, and sets up session with described Information application unit; Described user accessing information is sent to described Information application unit by described BRAS/BNG.
Described Information application unit finds described PCRF, and when setting up to this PCRF initiation session, for:
Described Information application unit is found to be the PCRF of user's service according to the user ID comprised in described user accessing information, and then initiates S9 to described PCRF *session establishment.
Visible in sum, no matter be method or system, the technology of fixed network perception user of the present invention access, makes fixed network equipment can access according to user accessing information identification user, thus can support the service implementation call access control carried out user.
The above, be only preferred embodiment of the present invention, be not intended to limit protection scope of the present invention, and all any amendments done within the spirit and principles in the present invention, equivalent replacement and improvement etc., all should be included within protection scope of the present invention.

Claims (14)

1. a method for fixed network perception user access, it is characterized in that, the method comprises:
Based on the verification process stage that mobile network carries out user equipment (UE), third generation partner program authentication and authorization charging 3GPP AAA obtains user accessing information and passes to Broadband Forum authentication and authorization charging BBF AAA further;
Described BBF AAA provides described user accessing information to broadband policy controlling functions BPCF;
BPCF is found to be the "Policy and Charging Rules Function PCRF of user's service according to the user accessing information received, and sets up to this PCRF initiation session;
Wherein, described user accessing information comprises user ID and tunnel information; Described user ID is: international mobile subscriber identity IMSI or network access Identifier NAI; Described tunnel information comprises: procotol IP address and configuration relation; Described IP address is the packet data gateway ePDG IP address of home gateway/customer premises equipment, CPE RG/CPE IP address and evolution or UE IP address and ePDG IP address or Care-of Address CoA and grouped data network gateway P-GW address;
Described 3GPP AAA obtains user accessing information and passes to BBF AAA further, comprising: described 3GPP AAA finds BBF AAA according to the CPE/RG IP address comprised in the tunnel information in described user accessing information, UE IP address or CoA and configuration relation; Described 3GPP AAA and described BBFAAA sets up session, and described user accessing information is passed to described BBF AAA.
2. method according to claim 1, is characterized in that, the process that 3GPP AAA obtains described user accessing information comprises:
If described UE is by non-trusted BBF network insertion evolved packet system EPS network, then, after to described access authentication of user success, described user accessing information is supplied to described 3GPP AAA by the packet data gateway ePDG of evolution;
If described UE is by trusting BBF network insertion EPS network, then, after to described access authentication of user success, described user accessing information is supplied to described 3GPPAAA by grouped data network gateway P-GW.
3. method according to claim 2, is characterized in that, described user accessing information comprises user ID, tunnel information; Described user ID is: international mobile subscriber identity IMSI or network access Identifier NAI;
When UE is by non-trusted BBF network insertion EPS network, if UE adopts the access of route pattern, described tunnel information comprises IP address and the ePDG IP address of customer premises equipment, CPE CPE/ home gateway RG; If UE adopts the access of bridge pattern, described tunnel information comprises UE IP address and ePDG IP address;
When UE is by trusting BBF network insertion EPS network, described tunnel information comprises Care-of Address CoA and P-GW address;
EPDG provides the method for described user accessing information to be to 3GPP AAA:
EPDG provides described user accessing information directly to 3GPP AAA; Or,
Described user accessing information is supplied to 3GPP AAA by P-GW by ePDG.
4. the method according to any one of claims 1 to 3, is characterized in that, described BBF AAA provides the mode of described user accessing information to comprise to BPCF:
Described user accessing information is supplied to BPCF by BAS Broadband Access Server BRAS/ wideband network gateway BNG by described BBF AAA; Or,
Described user accessing information is directly supplied to BPCF by described BBF AAA.
5. method according to claim 4, is characterized in that, described user accessing information is supplied to BPCF by BRAS/BNG and comprises by described BBF AAA:
BBF AAA finds the process of BRAS/BNG, and sets up the process of session with BRAS/BNG, and the most described user accessing information passes to BRAS/BNG;
Also comprise described BRAS/BNG find BPCF and and BPCF set up the process of session, guarantee described user accessing information to pass to BPCF.
6. method according to claim 5, is characterized in that, the detailed process that described user accessing information is supplied to described BPCF is comprised by BRAS/BNG by described BBF AAA:
If UE adopts route mode to access or described user ID is mobile identify label, then the IP address that comprises according to the tunnel information in the described user accessing information obtained from 3GPP AAA of BBF AAA and configuration relation find BRAS/BNG, and set up session with described BRAS/BNG, also described user accessing information is sent to BRAS/BNG; Described BRAS/BNG finds BPCF according to the IP address comprised in described tunnel information/CoA/CPE/RG IP address and configuration relation, and sets up session with described BPCF, also described user accessing information is sent to BPCF;
If UE adopts bridge mode to access, then UE is when asking BRAS/BNG be its distributing IP address, carries mobile and fixed network Unified Identity and identifies or fixed network identify label; Described BRAS/BNG and BBF AAA sets up session, sends the authentication request for described user, carry described identify label and BRAS/BNG IP address in request to described BBF AAA; BBF AAA preserves the mapping relations of described identify label and BRAS/BNG IP address; After authentication success, described BRAS/BNG is described user's distributing IP address; Described BBF AAA gets described user accessing information from 3GPP AAA, and the mapping relations according to the identify label in the mobile fixed network Unified Identity mark comprised in described user accessing information or mobile network and fixed network dual identity mark and BBF AAA and BRAS/BNG IP address are mated; And when recognizing described user and carrying out fixed network certification, utilize the session of setting up during fixed network certification that described user accessing information is handed down to BRAS/BNG; Described BRAS/BNG finds BPCF according to described user accessing information and configuration relation, and sets up session with described BPCF; Described user accessing information is sent to BPCF by described BRAS/BNG.
7. the method according to any one of claims 1 to 3, is characterized in that, described BPCF finds described PCRF, and comprises to the process that this PCRF initiation session is set up:
Described BPCF is found to be the PCRF of user's service according to the user ID comprised in described user accessing information, and then initiates S9* session establishment to described PCRF.
8. a system for fixed network perception user access, it is characterized in that, this system comprises: information initial acquisition unit, information transfer unit, Information application unit; Wherein,
Described information initial acquisition unit, for the verification process stage of carrying out UE based on mobile network, obtains user accessing information and passes to information transfer unit further;
Described information transfer unit, for providing described user accessing information to Information application unit;
Described Information application unit, for being found to be the PCRF of user's service according to the user accessing information received, and sets up to this PCRF initiation session;
Wherein, described user accessing information comprises user ID and tunnel information; Described user ID is: international mobile subscriber identity IMSI or network access Identifier NAI; Described tunnel information comprises: IP address and configuration relation; Described IP address is RG/CPE IP address and ePDG IP address or UE IP address and ePDG IP address or CoA and P-GW address;
When described user accessing information is passed to described information transfer unit by described information initial acquisition unit, for: find information transfer unit according to the CPE/RG IP address comprised in the tunnel information in described user accessing information, UE IP address or CoA and configuration relation; Described information initial acquisition unit and described information transfer unit set up session, described user accessing information are passed to described information transfer unit.
9. system according to claim 8, is characterized in that, when described information initial acquisition unit obtains described user accessing information, for:
If described UE is by non-trusted BBF network insertion EPS network, then, after to described access authentication of user success, triggers ePDG and described user accessing information is supplied to described information initial acquisition unit;
If described UE is by trusting BBF network insertion EPS network, then, after to described access authentication of user success, triggers P-GW and described user accessing information is supplied to described information initial acquisition unit.
10. system according to claim 8, is characterized in that, described user accessing information comprises user ID, tunnel information; Described user ID is: IMSI or NAI;
When UE is by non-trusted BBF network insertion EPS network, if UE adopts the access of route pattern, described tunnel information comprises CPE/RG IP address and ePDG IP address; If UE adopts the access of bridge pattern, described tunnel information comprises UE IP address and ePDG IP address;
When UE is by trusting BBF network insertion EPS network, described tunnel information comprises CoA and P-GW address.
System described in 11. any one of according to Claim 8 to 10, is characterized in that, when described information transfer unit provides described user accessing information to described Information application unit, for:
By BRAS/BNG, described user accessing information is supplied to described Information application unit; Or,
Directly described user accessing information is supplied to described Information application unit.
12. systems according to claim 11, is characterized in that, when described user accessing information is supplied to described Information application unit by BRAS/BNG by described information transfer unit, for:
Find the process of BRAS/BNG, and set up the process of session with BRAS/BNG, and the most described user accessing information passes to BRAS/BNG;
Also comprise described BRAS/BNG find described Information application unit and and described Information application unit set up the process of session, guarantee described user accessing information to pass to described Information application unit.
13. systems according to claim 12, is characterized in that, when described user accessing information is supplied to described Information application unit by BRAS/BNG by described information transfer unit, specifically for:
If UE adopts route mode to access or described user ID is mobile identify label, then described information transfer unit finds BRAS/BNG according to the IP address that comprises of tunnel information in the described user accessing information obtained and configuration relation, and set up session with described BRAS/BNG, also described user accessing information is sent to BRAS/BNG; Described BRAS/BNG finds described Information application unit according to the IP address comprised in described tunnel information/CoA/CPE/RG IP address and configuration relation, and set up session with described Information application unit, also described user accessing information is sent to described Information application unit;
If UE adopts bridge mode to access, then UE is when asking BRAS/BNG be its distributing IP address, carries mobile and fixed network Unified Identity and identifies or fixed network identify label; Described BRAS/BNG and described information transfer unit set up session, send the authentication request for described user, carry described identify label and BRAS/BNG IP address in request to described information transfer unit; Described information transfer unit preserves the mapping relations of described identify label and BRAS/BNG IP address; After authentication success, described BRAS/BNG is described user's distributing IP address; Described information transfer unit gets described user accessing information, and the mapping relations according to the identify label in the mobile fixed network Unified Identity mark comprised in described user accessing information or mobile network and fixed network dual identity mark and described information transfer unit and BRAS/BNG IP address are mated; And when recognizing described user and carrying out fixed network certification, utilize the session of setting up during fixed network certification that described user accessing information is handed down to BRAS/BNG; Described BRAS/BNG finds described Information application unit according to described user accessing information and configuration relation, and sets up session with described Information application unit; Described user accessing information is sent to described Information application unit by described BRAS/BNG.
System described in 14. any one of according to Claim 8 to 10, it is characterized in that, described Information application unit finds described PCRF, and when setting up to this PCRF initiation session, for:
Described Information application unit is found to be the PCRF of user's service according to the user ID comprised in described user accessing information, and then initiates S9* session establishment to described PCRF.
CN201010514716.5A 2010-10-21 2010-10-21 A kind of method and system of fixed network perception user access Active CN102457847B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201010514716.5A CN102457847B (en) 2010-10-21 2010-10-21 A kind of method and system of fixed network perception user access

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010514716.5A CN102457847B (en) 2010-10-21 2010-10-21 A kind of method and system of fixed network perception user access

Publications (2)

Publication Number Publication Date
CN102457847A CN102457847A (en) 2012-05-16
CN102457847B true CN102457847B (en) 2015-09-16

Family

ID=46040400

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010514716.5A Active CN102457847B (en) 2010-10-21 2010-10-21 A kind of method and system of fixed network perception user access

Country Status (1)

Country Link
CN (1) CN102457847B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103458390B (en) * 2012-06-04 2016-12-14 电信科学技术研究院 A kind of IP address transmission method and device
CN103596272B (en) * 2012-08-13 2017-03-15 电信科学技术研究院 A kind of resource allocation methods of fixed broadband network, apparatus and system
CN103974230B (en) * 2013-02-05 2019-12-06 中兴通讯股份有限公司 position information acquisition method and corresponding device
CN104113930B (en) * 2013-04-16 2019-02-15 中兴通讯股份有限公司 A kind of method and system for realizing user's termination connection
US9451464B2 (en) 2013-09-11 2016-09-20 Tencent Technology (Shenzhen) Company Limited Method, apparatus and system for network access
CN104427501B (en) * 2013-09-11 2016-04-06 腾讯科技(深圳)有限公司 Method for network access, device and system
CN105471611A (en) * 2014-09-05 2016-04-06 中兴通讯股份有限公司 Processing method, device and system for providing user service
CN106341374B (en) * 2015-07-10 2020-09-29 中兴通讯股份有限公司 Method and device for limiting access of unlicensed user equipment to home gateway
CN114422473B (en) * 2017-04-19 2023-10-17 中兴通讯股份有限公司 IP address allocation method and device
CN109104435B (en) * 2018-10-12 2021-04-06 中国科学院上海高等研究院 Method for realizing data in-sequence transmission
CN114338157B (en) * 2021-12-28 2023-11-07 中国电信股份有限公司 Terminal service authentication method, device, equipment, system and medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101217810A (en) * 2008-01-16 2008-07-09 中兴通讯股份有限公司 A selecting method of strategy and charging rule functions

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8832208B2 (en) * 2008-08-18 2014-09-09 Telefonaktiebolaget L M Ericsson (Publ) Handling of aggregate maximum bit rate by policy and charge control

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101217810A (en) * 2008-01-16 2008-07-09 中兴通讯股份有限公司 A selecting method of strategy and charging rule functions

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
3GPP.study on support of BBF access interworking(release 10).《3GPP TR23.839 V0.1.1》.2010,第5.1.2节. *
Motorola.3GPP-based access authentication over BBF when WLAN is used.《TD S2-104849 3GPP TSG SA WG2 Meeting #81》.2010,正文第5.3节. *
ZTE.Discussion on an alternative architecture for BBF interworking via WLAN access.《TD S2-103412 3GPP TSG SA WG2 Meeting #80》.2010,全文. *

Also Published As

Publication number Publication date
CN102457847A (en) 2012-05-16

Similar Documents

Publication Publication Date Title
CN102457847B (en) A kind of method and system of fixed network perception user access
CN103209401B (en) Policy control method and system in a kind of converged network
CN101150418B (en) A selection method for policy billing control server
CN102340866B (en) A kind of method and system of reporting access information of fixed network
CN101931946B (en) Multi-access method of terminal in evolved packet system and system thereof
CN102457444B (en) A kind of converging fixed network and the system and method for mobile network
CN102695236B (en) A kind of data routing method and system
CN101335675B (en) Policy control method
CN103096314A (en) Method, system and policy and charging rules function (PCRF) for achieving reflective quality of service (Qos) mechanism
CN102378280B (en) Policy control method and system for realizing BBF (Broadband Forum) access
US9544832B2 (en) Method, apparatus and system for policy control
CN102316602B (en) A kind of system, Apparatus and method for of subscriber equipment access to mobile network
CN102340763B (en) Obtain the method and system of user bandwidth accessing position information
EP2557729A1 (en) Method and system for information transmission
CN103209410A (en) Methods and system for achieving QoS (quality of service) reflection mechanism
CN102377749A (en) Policy control session association method and system
CN103686671A (en) Method and system for notifying position information of access network
CN102347892B (en) A kind of method and system of acquiring user access information by network equipment
CN101605373B (en) Method and system for controlling UE to access to APN
CN103702311A (en) Method and system for selecting VPLMN (visited public land mobile network) and packet data network gateway
CN104113930B (en) A kind of method and system for realizing user's termination connection
CN102761932B (en) Strategy control method and system for IP flow mobility
CN102378399B (en) User equipment access method, Apparatus and system
CN102316533B (en) The method that in call access control, information is transmitted and acceptance control system
CN102378143B (en) A kind of method and system triggering fixed network mobile fusion policy conferring

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant