CN110100481B - Access control method, device and computer storage medium - Google Patents

Access control method, device and computer storage medium Download PDF

Info

Publication number
CN110100481B
CN110100481B CN201880003666.9A CN201880003666A CN110100481B CN 110100481 B CN110100481 B CN 110100481B CN 201880003666 A CN201880003666 A CN 201880003666A CN 110100481 B CN110100481 B CN 110100481B
Authority
CN
China
Prior art keywords
ssi
network slice
network
access control
nssai
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201880003666.9A
Other languages
Chinese (zh)
Other versions
CN110100481A (en
Inventor
***
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Oppo Mobile Telecommunications Corp Ltd
Original Assignee
Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Oppo Mobile Telecommunications Corp Ltd filed Critical Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority to CN202010787409.8A priority Critical patent/CN112020121B/en
Publication of CN110100481A publication Critical patent/CN110100481A/en
Application granted granted Critical
Publication of CN110100481B publication Critical patent/CN110100481B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/02Access restriction performed under specific conditions
    • H04W48/06Access restriction performed under specific conditions based on traffic conditions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/18Selecting a network or a communication service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/20Manipulation of established connections
    • H04W76/27Transitions between radio resource control [RRC] states

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention provides an access control method, equipment and a computer storage medium; the method can comprise the following steps: the method comprises the steps that a mapping relation between a short slice identifier SSI and network slice selection auxiliary information NSSAI is established between User Equipment (UE) and network side equipment; the SSI and NSSAI with the mapping relation indicate the same network slice; and said SSI is shorter in length than said NSSAI; the UE loads the SSI of the target network slice in an uplink signaling based on the mapping relation; the UE sends the uplink signaling carrying the SSI of the target network slice; wherein, the uplink signaling is used for the network side device to perform access control for the target network slice based on the SSI. The method not only reduces the signaling resource consumption, avoids the waste of the signaling resource between the UE and the network side, but also reduces the time delay of access control for the network slice.

Description

Access control method, device and computer storage medium
Technical Field
The embodiment of the invention relates to the technical field of wireless communication, in particular to an access control method, access control equipment and a computer storage medium.
Background
In a Long Term Evolution (LTE) system, in order to avoid the occurrence of a network overload phenomenon, an Access Control Admission (ACB) mechanism is introduced. With the development of communication technology, research on the fifth Generation mobile communication technology (5G, 5th Generation) has also been conducted. The wireless access of 5G is called New Radio, NR for short. In 5G NR, a concept of Network slice is introduced, and different slices have corresponding slice instances (instances) at a Radio Access Network (RAN) side and a Core Network (CN) side, because different slice instances (instances) have a certain isolation characteristic therebetween.
At present, a terminal can acquire network slice information only after entering a connection state and performing attachment (attach), and a network side can perform access control on a network slice only based on a behavior of acquiring the network slice information by the terminal. Therefore, when the terminal is in the process of changing from the idle state to the connected state, if the target network slice is overloaded, the network side can only perform access control on the target network slice according to the target network slice identifier carried in the message sent by the connected state terminal after the terminal enters the connected state, and release the terminal. Therefore, the signaling resource consumption between the terminal and the network side is increased, the signaling resource waste is generated between the terminal and the network side, and the access control delay is also increased.
Disclosure of Invention
The embodiment of the invention provides a method, equipment and a computer storage medium for access control; the method can reduce the consumption of signaling resources, avoid the waste of the signaling resources between the terminal and the network side and reduce the time delay of access control.
The technical scheme of the embodiment of the invention can be realized as follows:
in a first aspect, an embodiment of the present invention provides an access control method, where the method includes:
the method comprises the steps that a mapping relation between a short Slice identifier SSI and Network Slice Selection Assistance Information (NSSAI) is established between User Equipment (UE) and Network side equipment; the SSI and NSSAI with the mapping relation indicate the same network slice; and said SSI is shorter in length than said NSSAI;
when the UE is in a non-connection state, the UE loads the SSI of the target network slice in an uplink signaling based on the mapping relation;
the UE sends the uplink signaling carrying the SSI of the target network slice; wherein, the uplink signaling is used for the network side device to perform access control for the target network slice based on the SSI.
In a second aspect, an embodiment of the present invention provides an access control method, where the method includes:
the method comprises the steps that a mapping relation between a short slice identification SSI and network slice selection auxiliary information NSSAI is established between network side equipment and UE; the SSI and NSSAI with the mapping relation indicate the same network slice; and said SSI is shorter in length than said NSSAI;
the network side equipment receives an uplink signaling which is sent by the UE and carries SSI;
and the network side equipment performs access control according to a set access control strategy aiming at the network slice indicated by the SSI loaded in the uplink signaling.
In a third aspect, an embodiment of the present invention provides a user equipment UE, including: a first establishing part, a bearing part and a sending part; wherein the content of the first and second substances,
the first establishing part is configured to establish a mapping relation between a short slice identifier SSI and network slice selection auxiliary information NSSAI with network side equipment; the SSI and NSSAI with the mapping relation indicate the same network slice; and said SSI is shorter in length than said NSSAI;
the bearing part is configured to bear the SSI of the target network slice in an uplink signaling based on the mapping relation;
the sending part is configured to send the uplink signaling carrying the SSI of the target network slice; wherein, the uplink signaling is used for the network side device to perform access control for the target network slice based on the SSI.
In a fourth aspect, an embodiment of the present invention provides a network device, including a second establishing part, a receiving part, and an access control part; wherein the content of the first and second substances,
the second establishing part is configured to establish a mapping relation between the short slice identification SSI and the network slice selection auxiliary information NSSAI with the UE; the SSI and NSSAI with the mapping relation indicate the same network slice; and said SSI is shorter in length than said NSSAI;
the receiving part is configured to receive the uplink signaling which is sent by the UE and carries SSI;
and the access control part is configured to perform access control according to a set access control strategy for the network slice indicated by the SSI carried in the uplink signaling.
In a fifth aspect, an embodiment of the present invention provides a user equipment, including: a first network interface, a first memory and a first processor; the first network interface is used for receiving and sending signals in the process of receiving and sending information with other external network elements;
the first memory for storing a computer program operable on the first processor;
the first processor is configured to, when running the computer program, perform the steps of the method of the first aspect.
In a sixth aspect, an embodiment of the present invention provides a network device, including a second network interface, a second memory, and a second processor;
the second network interface is used for receiving and sending signals in the process of receiving and sending information with other external network elements;
the second memory for storing a computer program operable on a second processor;
the second processor is configured to, when running the computer program, perform the steps of the method of the second aspect.
In a seventh aspect, an embodiment of the present invention provides a computer storage medium, where an information transmission program is stored, and when executed by at least one processor, the information transmission program implements the steps of the method according to the first aspect or the second aspect.
The embodiment of the invention provides an access control method, equipment and a computer storage medium; after the UE establishes a mapping relationship between a Short Slice Identifier (SSI) and Network Slice Selection Assistance Information (NSSAI) with a network-side device, such as an access device (e.g., a gNB) or a core network device (e.g., an AMF), when the UE is in an IDLE (IDLE) state or an INACTIVE (INACTIVE) state, the UE can carry the SSI with a shorter length in uplink signaling (e.g., a third-type message MSG3) applicable to an unconnected state and send the SSI to the network-side device, so that the network-side device can use the received SSI to perform access control on a network slice. Compared with the prior art, when a Network Slice is overloaded, the Network side device does not need to wait until receiving the MSG5 to perform ACB on the Network Slice according to the Network Slice Selection Auxiliary Information (NSSAI) carried by the MSG5, and can perform ACB on the Network Slice in advance. The method not only reduces the signaling resource consumption, avoids the waste of the signaling resource between the UE and the network side, but also reduces the time delay of access control for the network slice.
Drawings
Fig. 1 is a schematic diagram of a network architecture according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating an access control method according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating another method for access control according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of an access control according to an embodiment of the present invention;
fig. 5 is a schematic composition diagram of a ue according to an embodiment of the present invention;
fig. 6 is a schematic diagram of a specific hardware structure of a ue according to an embodiment of the present invention;
fig. 7 is a schematic diagram illustrating a network device according to an embodiment of the present invention;
fig. 8 is a schematic diagram of a specific hardware structure of a network device according to an embodiment of the present invention.
Detailed Description
So that the manner in which the features and aspects of the embodiments of the present invention can be understood in detail, a more particular description of the embodiments of the invention, briefly summarized above, may be had by reference to the embodiments, some of which are illustrated in the appended drawings.
The concept of network slice (slice) is currently proposed in the related art of 5G systems; the method is essentially to logically divide a physical network of an operator into a plurality of virtual networks, and each virtual network is divided according to different service requirements, for example, the virtual networks can be divided according to service requirement information such as time delay, bandwidth, priority, safety, reliability and the like, so that different network application scenarios can be flexibly handled. Thus, different network slices (i.e., virtual networks) are isolated from each other so that an error or failure of one network slice does not affect the normal communication of other network slices.
Based on the above description of the Network slice, it can be known that the Network slice type may include an Access Network slice (Access Network slice), a Core Network slice (Core Network slice), and a Data Network and Service slice (Data Network and Service slice). Therefore, Access Control (AC) is performed for the network slice, and the involved network side devices include radio access network devices of a 5G system, such as a gNB; core network equipment of the 5G system, such as Core Access and Mobility Management (AMF), may also be included. Therefore, the technical solution of the embodiment of the present invention may be atypical applied to the network architecture scenario shown in fig. 1, in which a terminal may access a Radio Access Network (RAN) and then access a 5G core network through an N2 interface; or directly connected with the 5G core network through an N1 interface. N1 is an NAS signaling interface between the UE and the AMF, and N2 is an interface between the gNB and the AMF. Additionally, in the scenario shown in fig. 1, a Radio Access Network (RAN) device may include a gNB; the 5G core network device may include an AMF; a User Equipment (UE) may include a cellular phone, a smart phone, a Session Initiation Protocol (SIP) phone, a laptop, a Personal Digital Assistant (PDA), a satellite radio, a global positioning system, a multimedia device, a video device, a digital audio player (e.g., MP3 player), a camera, a game console, a tablet computer, or any other device with similar functionality. Meanwhile, user equipment may also be referred to by those skilled in the art as a terminal, a mobile station, a subscriber station, a mobile unit, a subscriber unit, a wireless unit, a remote unit, a mobile device, a wireless communications device, a remote device, a mobile subscriber station, an access terminal, a mobile terminal, a wireless terminal, a remote terminal, a handset, a user agent, a mobile client, a client, or some other suitable terminology.
Based on the network architecture shown in fig. 1, in the related network slicing mechanism, the network side and the Non-Access Stratum (NAS) of the UE are mainly targeted, but the Access Stratum (AS) of the UE is almost transparent to the network slicing, for example, NR System Information including a Master Information Block (MIB), Remaining Minimum System Information (RMSI), and other System Information does not carry network slicing Information. Based on this, the UE in IDLE state cannot know the network slicing service provided by the network side by reading the system information. If the UE desires to obtain the service related to the network slice, it needs to enter a connected state and attach (attach) before the UE can obtain the network slice information from a network side entity such as the AMF. In addition, in the related third Generation Partnership Project (3 GPP) standard Rel-15, direct mapping between a Physical Random Access CHannel (PARCH) and a network slice is not supported, so that the UE cannot perform ACB for different network slices based on the PRACH during Radio Resource Control (RRC) signaling interaction through the PRACH.
With respect to the above description of the related network slicing mechanism, it can be known that: for an IDLE-state UE, ACB cannot be performed in combination with information of a network slice (slice). The reason is that:
first, it is difficult to establish a corresponding relationship between the slice information and the PARCH resource, the RACH resource itself is limited, and there are many supported slices, so that the PARCH of different slices cannot perform ACB based on different Random Access CHannel (RACH) parameters.
Secondly, because the existing Network Slice Selection Assistance Information (NSSAI) for identifying a network Slice is long, and includes Service and Slice Type (SST) Information and Service and Slice Differentiation (SSD), the total length of the SST and the SSD reaches 32 bits, and each UE can currently support 8 network slices in parallel, the total length of the identification Information NSSAI of the network Slice can reach up to a byte at most, and far exceeds the limit of 48 bits set for the third Type of message (g 3) on the Common Control Channel (CCCH). Therefore, ACB cannot be implemented for network slices based on MSG 3. This then leads to the following: if a certain network slice is overloaded, the MSG3 sent by the UE, such as an RRC Connection Request (RRC Connection Request) message or an RRC Connection recovery (RRC Connection response) message, cannot carry network slice information, so that the network side cannot reject the Request according to the overloaded network slice, but continues to reply to a fourth type of message (MSG4), such as an RRC Connection Establishment (RRC Connection Establishment) message; the UE continues to send the fifth type message (MSG5) after receiving the MSG4, and carries the network slice identifier in the MSG 5; until this time, the network side can not perform ACB according to the network slice identifier, and after finding that the network slice is overloaded, the network side can release the RRC connection of the terminal. In this process, the interaction of the MSG4 and the subsequent MSG5 between the UE and the network side can be considered as increasing the consumption of signaling resources, resulting in unnecessary signaling resource waste.
In order to perform access control on a network slice before MSG5 sends, an embodiment of the present invention provides an access control method, which may be applied to a UE, and referring to fig. 2, the method may include:
s201: the method comprises the steps that a mapping relation between a Short Slice Identifier (SSI) and network Slice selection auxiliary information NSSAI is established between UE and network side equipment; wherein, the short slice identification SSI with the mapping relation and the network slice selection auxiliary information NSSAI both indicate the same network slice; and said SSI is shorter in length than said NSSAI;
s202: the UE loads the SSI of the target network slice in an uplink signaling based on the mapping relation;
s203: UE sends an uplink signaling carrying SSI of a target network slice; wherein, the uplink signaling is used for the network side device to perform access control for the target network slice based on the SSI.
Based on the technical scheme shown in fig. 2, after the UE establishes a mapping relationship between the short slice identifier SSI and the network slice selection auxiliary information NSSAI with a network side device, such as an access device (e.g., a gNB) or a core network device (e.g., an AMF), when the UE is in an IDLE state or an INACTIVE state, the short SSI can be carried in an uplink signaling (e.g., a third type message MSG3) and sent to the network side device, so that the network side device can perform access control on a network slice using the received SSI. Compared with the prior art, when the network slice is overloaded, the network-side device does not need to wait until receiving the MSG5 before performing ACB for the network slice according to the NSSAI carried by the MSG5, and can perform ACB for the network slice in advance. The method not only reduces the signaling resource consumption, avoids the waste of the signaling resource between the UE and the network side, but also reduces the time delay of access control for the network slice.
For the technical solution shown in fig. 2, in a specific implementation process, the network side device may include a radio access network device, such as a gNB; core network devices, such as AMFs; therefore, the uplink signaling may include RRC signaling or NAS signaling. Specifically, when the UE is in the IDLE state or the INACTIVE state, the access control is performed by the gNB, and therefore, the uplink signaling may specifically be RRC signaling, including MSG3, a fifth type message (MSG5), or other RRC messages; when the AMF performs access control, the uplink signaling may specifically be NAS signaling.
In a possible implementation manner for the scheme shown in fig. 2, preferably, the establishing, for the UE and the network-side device in step S201, a mapping relationship between the short slice identifier SSI and the network slice selection auxiliary information NSSAI may include:
UE sends a registration request to network side equipment; the registration request comprises network slice information to be registered;
the UE receives a registration response message returned by the network side equipment aiming at the network slice information to be registered in the registration request; wherein, the registration response message includes the mapping relationship between the NSSAI and the SSI of the network slice to be registered.
Through the above preferred implementation manner, the network side device may establish a corresponding relationship between the NSSAI and the SSI according to the network slice information that the terminal desires to register, and return the corresponding relationship to the UE. Therefore, when the UE indicates the target network slice through the SSI, the network side equipment can acquire the target network slice through uplink signaling carrying the SSI, and access control is performed according to the load condition of the target network slice.
In addition, after the UE knows the mapping relationship between the short slice identifier SSI and the NSSAI, the UE may perform access control on the target network slice indicated by the SSI by determining whether to send the uplink signaling carrying the SSI based on the SSI of the target network slice.
For example, after the UE generates the MSG3 carrying the SSI of the target network slice, the UE may determine whether to send uplink signaling through the SSI of the target network slice to perform access control on the target network slice. For example, the UE may determine whether to transmit the MSG3 carrying the SSI according to the priority of the SSI and the probability, which is related to the corresponding access type.
Based on the same inventive concept as the technical solution shown in fig. 2, referring to fig. 3, a method for access control provided in an embodiment of the present invention is shown, and the method can be applied to a network side device. It is understood that the network side device may include a radio access network device, such as a gNB; core network devices, such as AMFs; the method can comprise the following steps:
s301: the method comprises the steps that a mapping relation between a Short Slice Identifier (SSI) and network Slice selection auxiliary information NSSAI is established between network side equipment and UE; wherein, the short slice identification SSI with the mapping relation and the network slice selection auxiliary information NSSAI both indicate the same network slice; and said SSI is shorter in length than said NSSAI;
s302: the method comprises the steps that network side equipment receives an uplink signaling which is sent by UE and bears SSI;
s303: and the network side equipment performs access control according to a set access control strategy aiming at the network slice indicated by the SSI loaded in the uplink signaling.
Based on the technical scheme shown in fig. 3, after the network side device establishes a mapping relationship between the short slice identifier SSI and the network slice selection auxiliary information NSSAI with the UE, the network side device performs access control on the network slice by using the received uplink signaling carrying the SSI. Compared with the prior art, when the network slice is overloaded, the network-side device does not need to wait until receiving the MSG5 before performing ACB for the network slice according to the NSSAI carried by the MSG5, and can perform ACB for the network slice in advance. The method not only reduces the signaling resource consumption, avoids the waste of the signaling resource between the UE and the network side, but also reduces the time delay of access control for the network slice.
Since the network side device may include a radio access network device, such as a gNB; core network devices, such as AMFs; therefore, the uplink signaling may include RRC signaling or NAS signaling. Specifically, when the UE is in the IDLE state or the INACTIVE state, the access control is performed by the gNB, and therefore, the uplink signaling may specifically be RRC signaling, including MSG3, a fifth type message (MSG5), or other RRC messages; when the AMF performs access control, the uplink signaling may specifically be NAS signaling.
In a possible implementation manner for the scheme shown in fig. 3, preferably, the establishing, by the network side device and the UE, a mapping relationship between the SSI and the network slice selection assistance information NSSAI in step S301 may include:
network side equipment receives a registration request sent by UE; the registration request comprises network slice information to be registered;
the network side equipment generates a mapping relation between NSSAI and SSI of the network slice to be registered aiming at the network slice information to be registered in the registration request;
network side equipment sends a registration response message to the UE; wherein, the registration response message includes a mapping relationship between the NSSAI and the SSI of the network slice to be registered.
Through the above preferred implementation manner, the network side device may establish a corresponding relationship between the NSSAI and the SSI according to the network slice information that the terminal desires to register, and return the corresponding relationship to the UE. Therefore, when the subsequent UE indicates the target network slice through the SSI, the network side equipment can acquire the target network slice through the uplink signaling carrying the SSI, and access control is carried out according to the load condition of the target network slice.
In a possible implementation manner for the scheme shown in fig. 3, preferably, the performing, by the network side device, access control according to a set access control policy for a network slice indicated by the SSI carried in the uplink signaling includes:
the network side equipment performs access control on the network slice indicated by the SSI based on the load condition of the network slice indicated by the SSI;
or the network side device performs access control on the network slice indicated by the SSI by determining whether to receive the uplink signaling or not based on the priority of the SSI.
Specifically, after the network-side device knows the indicated network slice according to the SSI, it may control whether the UE can access according to the load of the network slice. In detail, the network side device may set a load threshold for indicating overload (overload) for the load condition; releasing (release) access by the UE in response to the load of the network slice exceeding the load threshold; the load corresponding to the network slice does not exceed the load threshold, allowing the UE access to the network slice.
Based on the same inventive concept as that in the technical solutions shown in fig. 2 and fig. 3, referring to fig. 4, a specific procedure of access control provided in an embodiment of the present invention is shown, where the procedure may be applied to the network architecture shown in fig. 1, and it can be understood that, for the radio access network RAN device and the 5G core network device in the architecture shown in fig. 1, a network-side device is used for replacement in the technical solution shown in fig. 4, and details are not described later; the process may include:
s401: the method comprises the steps that a mapping relation between SSI and NSSAI is established between network side equipment and UE;
s402: the network side equipment informs the UE of the mapping relation between the SSI and the NSSAI applicable to the AS or the NAS;
s403: the UE loads the SSI of the target network slice in an uplink signaling based on the mapping relation;
s404: UE generates an uplink signaling of SSI with a target network slice;
s405: the UE performs access control on the network slice indicated by the SSI based on the SSI of the target network slice by determining whether to send the uplink signaling carrying the SSI of the target network slice;
s406: the UE determines to send an uplink signaling carrying SSI of a target network slice to network side equipment;
s407: and the network side equipment performs access control according to the load condition aiming at the network slice indicated by the SSI loaded in the uplink signaling.
Specifically, the network side device performs access control on the network slice indicated by the SSI based on the load condition of the network slice indicated by the SSI;
or the network side device performs access control on the network slice indicated by the SSI by determining whether to receive the uplink signaling or not based on the priority of the SSI.
As for the technical solution shown in fig. 4, it can be known by combining the foregoing technical solutions that the uplink signaling may include RRC signaling or NAS signaling. Taking the network side device as the gNB as an example, the uplink signaling may specifically include MSG 3. Therefore, the network side equipment does not need to wait until receiving the MSG5 before being able to perform ACB for the network slice according to the NSSAI carried by the MSG5, and can perform ACB for the network slice in advance. The method not only reduces the signaling resource consumption, avoids the waste of the signaling resource between the UE and the network side, but also reduces the time delay of access control for the network slice.
Based on the foregoing technical solution, referring to fig. 5, a composition of a user equipment UE50 provided in an embodiment of the present invention is shown, including: a first establishment section 501, a bearer section 502, and a transmission section 503; wherein the content of the first and second substances,
the first establishing part 501 is configured to establish a mapping relationship between a short slice identifier SSI and network slice selection auxiliary information NSSAI with a network side device; the SSI and NSSAI with the mapping relation indicate the same network slice; and said SSI is shorter in length than said NSSAI;
the carrying part 502 is configured to carry the SSI of the target network slice in the uplink signaling based on the mapping relationship;
the sending part 503 is configured to send the uplink signaling carrying the SSI of the target network slice; wherein, the uplink signaling is used for the network side device to perform access control for the target network slice based on the SSI.
In the foregoing scheme, the uplink signaling may include radio resource control RRC signaling or non-access stratum NAS signaling.
In the above scheme, in the case that the UE is in the IDLE state or the INACTIVE state, the RRC signaling includes a message of the third type (MSG3) or a message of the fifth type (MSG5) or other RRC messages.
In the above scheme, the first establishing part 501 is configured to:
sending a registration request to the network side equipment; the registration request comprises network slice information to be registered;
receiving a registration response message returned by the network side equipment aiming at the network slice information to be registered in the registration request; wherein, the registration response message includes a mapping relationship between the NSSAI and the SSI of the network slice to be registered.
In the above solution, the UE further includes a control part configured to perform access control for the network slice indicated by the SSI by determining whether to send the uplink signaling carrying the SSI based on the SSI of the target network slice.
It is understood that in this embodiment, "part" may be part of a circuit, part of a processor, part of a program or software, etc., and may also be a unit, and may also be a module or a non-modular.
In addition, each component in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit. The integrated unit can be realized in a form of hardware or a form of a software functional module.
Based on the understanding that the technical solution of the present embodiment essentially or a part contributing to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, and include several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor (processor) to execute all or part of the steps of the method of the present embodiment. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
Accordingly, the present embodiments provide a computer storage medium storing an information transfer program that, when executed by at least one processor, performs the steps of the method described above in fig. 2.
Based on the user equipment UE50 and the computer storage medium, referring to fig. 6, a specific hardware structure of the user equipment UE50 provided in the embodiment of the present invention is shown, and may include: a first network interface 601, a first memory 602, and a first processor 603; the various components are coupled together by a bus system 604. It is understood that the bus system 604 is used to enable communications among the components. The bus system 604 includes a power bus, a control bus, and a status signal bus in addition to a data bus. For clarity of illustration, however, the various buses are labeled as bus system 604 in fig. 6. The first network interface 601 is configured to receive and transmit signals in a process of receiving and transmitting information with other external network elements;
a first memory 602 for storing a computer program capable of running on the first processor 603;
a first processor 603 configured to, when running the computer program, perform:
the method comprises the steps that a mapping relation between a Short Slice Identifier (SSI) and network Slice selection auxiliary information NSSAI is established between UE and network side equipment; wherein, the short slice identification SSI with the mapping relation and the network slice selection auxiliary information NSSAI both indicate the same network slice; and said SSI is shorter in length than said NSSAI;
the UE loads the SSI of the target network slice in an uplink signaling based on the mapping relation;
UE sends an uplink signaling carrying SSI of a target network slice; wherein, the uplink signaling is used for the network side device to perform access control for the target network slice based on the SSI.
It will be appreciated that the first memory 602 in embodiments of the invention may be either volatile memory or nonvolatile memory, or may include both volatile and nonvolatile memory. The non-volatile Memory may be a Read-Only Memory (ROM), a Programmable ROM (PROM), an Erasable PROM (EPROM), an Electrically Erasable PROM (EEPROM), or a flash Memory. Volatile Memory can be Random Access Memory (RAM), which acts as external cache Memory. By way of example, but not limitation, many forms of RAM are available, such as Static random access memory (Static RAM, SRAM), Dynamic Random Access Memory (DRAM), Synchronous Dynamic random access memory (Synchronous DRAM, SDRAM), Double data rate Synchronous Dynamic random access memory (ddr DRAM), Enhanced Synchronous SDRAM (ESDRAM), Synchronous link SDRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The first memory 602 of the systems and methods described herein is intended to comprise, without being limited to, these and any other suitable types of memory.
The first processor 603 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the first processor 603. The first processor 603 may be a general-purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, or discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in the first memory 602, and the first processor 603 reads the information in the first memory 602, and completes the steps of the method in combination with the hardware thereof.
It is to be understood that the embodiments described herein may be implemented in hardware, software, firmware, middleware, microcode, or any combination thereof. For a hardware implementation, the Processing units may be implemented within one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), general purpose processors, controllers, micro-controllers, microprocessors, other electronic units configured to perform the functions described herein, or a combination thereof.
For a software implementation, the techniques described herein may be implemented with modules (e.g., procedures, functions, and so on) that perform the functions described herein. The software codes may be stored in a memory and executed by a processor. The memory may be implemented within the processor or external to the processor.
Specifically, when the first processor 603 in the user equipment UE50 is further configured to run the computer program, the method steps described in the foregoing technical solution shown in fig. 2 are executed, and are not described herein again.
Based on the foregoing technical solution, referring to fig. 7, it shows a composition of a network device 70 provided in an embodiment of the present invention, which includes a second establishing part 701, a receiving part 702, and an access control part 703; wherein the content of the first and second substances,
the second establishing part 701 is configured to establish a mapping relationship between the short slice identifier SSI and the network slice selection auxiliary information NSSAI with the UE; the SSI and NSSAI with the mapping relation indicate the same network slice; and said SSI is shorter in length than said NSSAI;
the receiving part 702 is configured to receive the uplink signaling carrying the SSI and sent by the UE;
the access control part 703 is configured to perform access control according to a set access control policy for a network slice indicated by the SSI carried in the uplink signaling.
In the foregoing scheme, the uplink signaling may include RRC signaling or NAS signaling.
In the above scheme, the second establishing part 701 is configured to:
receiving a registration request sent by the UE; the registration request comprises network slice information to be registered;
generating a mapping relation between NSSAI and SSI of the network slice to be registered aiming at the network slice information to be registered in the registration request;
sending a registration response message to the UE; wherein, the registration response message includes a mapping relationship between the NSSAI and the SSI of the network slice to be registered.
In the above scheme, the access control part 703 is configured to:
performing access control on the network slice indicated by the SSI based on the load condition of the network slice indicated by the SSI;
or, based on the priority of the SSI, performing access control on the network slice indicated by the SSI by determining whether to receive the uplink signaling.
In the above scheme, the access control part 703 is configured to:
acquiring the load condition of the network slice after acquiring the indicated network slice according to the SSI;
releasing access of the UE corresponding to the load of the network slice exceeding a set load threshold;
allowing the UE to access the network slice corresponding to the load of the network slice not exceeding the load threshold.
In addition, the present embodiment provides a computer storage medium storing an information transmission program, which when executed by at least one processor implements the steps of the method of the second embodiment. For specific description of the computer storage medium, refer to the description in embodiment three, and are not described herein again.
Based on the above network device 70 and the computer storage medium, referring to fig. 8, a specific hardware structure of the network device 70 provided by the embodiment of the present invention is shown, which may include: a second network interface 801, a second memory 802, and a second processor 803; the various components are coupled together by a bus system 804. It is understood that the bus system 804 is used to enable communications among the components. The bus system 804 includes a power bus, a control bus, and a status signal bus in addition to a data bus. For clarity of illustration, however, the various buses are labeled as bus system 804 in FIG. 8. Wherein the content of the first and second substances,
the second network interface 801 is configured to receive and transmit signals in a process of receiving and transmitting information with other external network elements;
a second memory 802 for storing a computer program capable of running on the second processor 803;
a second processor 803, configured to, when running the computer program, perform:
the method comprises the steps that a mapping relation between a short slice identification SSI and network slice selection auxiliary information NSSAI is established between network side equipment and UE; the SSI and NSSAI with the mapping relation indicate the same network slice; and said SSI is shorter in length than said NSSAI;
the network side equipment receives an uplink signaling which is sent by the UE and carries SSI;
and the network side equipment performs access control according to a set access control strategy aiming at the network slice indicated by the SSI loaded in the uplink signaling.
It can be understood that, in this embodiment, components in the specific hardware structure of the network device 70 are similar to corresponding components in fig. 6, and are not described herein again.
Specifically, the second processor 803 in the network device 70 is further configured to execute the method steps in the foregoing technical solution shown in fig. 3 when running the computer program, which is not described herein again.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention.
Industrial applicability
In the embodiment of the present invention, after the UE establishes a mapping relationship between a short slice identifier SSI and network slice selection auxiliary information NSSAI with a network side device, such as an access device (e.g., a gNB) or a core network device (e.g., an AMF), when the UE is in an IDLE state or an INACTIVE state, the UE can bear the SSI with a shorter length in an uplink signaling (e.g., a third message MSG3) applicable to an unconnected state and send the SSI to the network side device, so that the network side device can use the received SSI to perform access control on a network slice. Compared with the prior art, when the network slice is overloaded, the network-side device does not need to wait until receiving the MSG5 before performing ACB for the network slice according to the NSSAI carried by the MSG5, and can perform ACB for the network slice in advance. The method not only reduces the signaling resource consumption, avoids the waste of the signaling resource between the UE and the network side, but also reduces the time delay of access control for the network slice.

Claims (20)

1. A method of access control, the method comprising:
the method comprises the steps that a mapping relation between a short slice identifier SSI and network slice selection auxiliary information NSSAI is established between User Equipment (UE) and network side equipment; the SSI and NSSAI with the mapping relation indicate the same network slice; and said SSI is shorter in length than said NSSAI;
the UE loads the SSI of the target network slice in an uplink signaling based on the mapping relation;
the UE sends the uplink signaling carrying the SSI of the target network slice; the uplink signaling is used for the network side equipment to perform access control on the target network slice based on the SSI;
the UE and the network side equipment establish a mapping relationship between SSI and NSSAI, and the mapping relationship comprises the following steps:
the UE sends a registration request to the network side equipment; wherein, the registration request includes the network slice information to be registered.
2. The method of claim 1, wherein the uplink signaling may comprise Radio Resource Control (RRC) signaling or non-access stratum (NAS) signaling.
3. The method of claim 2, wherein the RRC signaling comprises a third type message MSG3 or a fifth type message MSG5 or other RRC messages when the UE is in an IDLE IDLE state or an INACTIVE state.
4. The method as claimed in claim 1, wherein the UE and the network side device establish a mapping relationship between a short slice identifier SSI and network slice selection assistance information NSSAI, and further comprising:
the UE receives a registration response message returned by the network side equipment aiming at the network slice information to be registered in the registration request; wherein, the registration response message includes a mapping relationship between the NSSAI and the SSI of the network slice to be registered.
5. The method of any of claims 1 to 4, wherein the method further comprises:
and the UE performs access control on a target network slice by determining whether to send the uplink signaling carrying the SSI or not based on the SSI of the target network slice.
6. A method of access control, the method comprising:
the method comprises the steps that a mapping relation between a short slice identification SSI and network slice selection auxiliary information NSSAI is established between network side equipment and UE; the SSI and NSSAI with the mapping relation indicate the same network slice; and said SSI is shorter in length than said NSSAI;
the network side equipment receives an uplink signaling which is sent by the UE and carries SSI;
the network side equipment performs access control according to a set access control strategy aiming at the network slice indicated by the SSI loaded in the uplink signaling;
the network side equipment and the UE establish a mapping relation between SSI and NSSAI, and the mapping relation comprises the following steps:
the network side equipment receives a registration request sent by the UE; wherein, the registration request includes the network slice information to be registered.
7. The method of claim 6, wherein the uplink signaling may comprise RRC signaling or NAS signaling.
8. The method of claim 6, wherein the network-side device establishes a mapping relationship between SSI and NSSAI with the UE, and further comprising:
the network side equipment generates a mapping relation between NSSAI and SSI of the network slice to be registered aiming at the network slice information to be registered in the registration request;
the network side equipment sends a registration response message to the UE; wherein, the registration response message includes a mapping relationship between the NSSAI and the SSI of the network slice to be registered.
9. The method of claim 6, wherein the performing, by the network-side device, access control according to a set access control policy for a network slice indicated by the SSI carried in the uplink signaling includes:
the network side equipment performs access control on the network slice indicated by the SSI based on the load condition of the network slice indicated by the SSI;
or the network side device performs access control on the network slice indicated by the SSI by determining whether to receive the uplink signaling or not based on the priority of the SSI.
10. The method of claim 9, wherein the performing, by the network-side device, access control for the network slice indicated by the SSI based on a load condition of the network slice indicated by the SSI comprises:
the network side equipment acquires the load condition of the network slice after acquiring the indicated network slice according to the SSI;
releasing access of the UE corresponding to the load of the network slice exceeding a set load threshold;
allowing the UE to access the network slice corresponding to the load of the network slice not exceeding the load threshold.
11. A user equipment, UE, comprising: a first establishing part, a bearing part and a sending part; wherein the content of the first and second substances,
the first establishing part is configured to establish a mapping relation between a short slice identifier SSI and network slice selection auxiliary information NSSAI with network side equipment; the SSI and NSSAI with the mapping relation indicate the same network slice; and said SSI is shorter in length than said NSSAI; the network side equipment is configured to send a registration request to the network side equipment; the registration request comprises network slice information to be registered;
the bearing part is configured to bear the SSI of the target network slice in an uplink signaling based on the mapping relation;
the sending part is configured to send the uplink signaling carrying the SSI of the target network slice; wherein, the uplink signaling is used for the network side device to perform access control for the target network slice based on the SSI.
12. The UE of claim 11, wherein the first setup portion is configured to:
receiving a registration response message returned by the network side equipment aiming at the network slice information to be registered in the registration request; wherein, the registration response message includes a mapping relationship between the NSSAI and the SSI of the network slice to be registered.
13. The UE of claim 11, wherein the UE further comprises a control part configured to perform access control for a network slice indicated by the SSI by determining whether to transmit the uplink signaling carrying the SSI based on the SSI of a target network slice.
14. A network device includes a second establishment section, a reception section, and an access control section; wherein the content of the first and second substances,
the second establishing part is configured to establish a mapping relation between the short slice identification SSI and the network slice selection auxiliary information NSSAI with the UE; the SSI and NSSAI with the mapping relation indicate the same network slice; and said SSI is shorter in length than said NSSAI; configured to receive a registration request sent by the UE; the registration request comprises network slice information to be registered;
the receiving part is configured to receive the uplink signaling which is sent by the UE and carries SSI;
and the access control part is configured to perform access control according to a set access control strategy for the network slice indicated by the SSI carried in the uplink signaling.
15. The network device of claim 14, wherein the second setup portion is configured to:
generating a mapping relation between NSSAI and SSI of the network slice to be registered aiming at the network slice information to be registered in the registration request;
sending a registration response message to the UE; wherein, the registration response message includes a mapping relationship between the NSSAI and the SSI of the network slice to be registered.
16. The network device of claim 14, wherein the access control portion is configured to:
performing access control on the network slice indicated by the SSI based on the load condition of the network slice indicated by the SSI;
or, based on the priority of the SSI, performing access control on the network slice indicated by the SSI by determining whether to receive the uplink signaling.
17. The network device of claim 16, wherein the access control portion is configured to:
acquiring the load condition of the network slice after acquiring the indicated network slice according to the SSI;
releasing access of the UE corresponding to the load of the network slice exceeding a set load threshold;
allowing the UE to access the network slice corresponding to the load of the network slice not exceeding the load threshold.
18. A user equipment, comprising: a first network interface, a first memory and a first processor; the first network interface is used for receiving and sending signals in the process of receiving and sending information with other external network elements;
the first memory for storing a computer program operable on the first processor;
the first processor, when executing the computer program, is configured to perform the steps of the method of any of claims 1 to 5.
19. A network device comprising a second network interface, a second memory, and a second processor;
the second network interface is used for receiving and sending signals in the process of receiving and sending information with other external network elements;
the second memory for storing a computer program operable on a second processor;
the second processor, when executing the computer program, is configured to perform the steps of the method of any of claims 6 to 10.
20. A computer storage medium storing an information transfer program that, when executed by at least one processor, implements the steps of the method of any of claims 1 to 5 or any of claims 6 to 10.
CN201880003666.9A 2018-01-19 2018-01-19 Access control method, device and computer storage medium Active CN110100481B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010787409.8A CN112020121B (en) 2018-01-19 2018-01-19 Access control method, equipment and computer storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/073390 WO2019140629A1 (en) 2018-01-19 2018-01-19 Access control method, device, and computer storage medium

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN202010787409.8A Division CN112020121B (en) 2018-01-19 2018-01-19 Access control method, equipment and computer storage medium

Publications (2)

Publication Number Publication Date
CN110100481A CN110100481A (en) 2019-08-06
CN110100481B true CN110100481B (en) 2020-09-08

Family

ID=67301165

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201880003666.9A Active CN110100481B (en) 2018-01-19 2018-01-19 Access control method, device and computer storage medium
CN202010787409.8A Active CN112020121B (en) 2018-01-19 2018-01-19 Access control method, equipment and computer storage medium

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN202010787409.8A Active CN112020121B (en) 2018-01-19 2018-01-19 Access control method, equipment and computer storage medium

Country Status (2)

Country Link
CN (2) CN110100481B (en)
WO (1) WO2019140629A1 (en)

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114631340B (en) * 2019-11-08 2024-01-05 株式会社Ntt都科摩 Terminal
CN112822754A (en) * 2019-11-15 2021-05-18 中国电信股份有限公司 Control method, device and system for access slice and computer readable storage medium
CN111490899A (en) * 2020-03-27 2020-08-04 腾讯科技(深圳)有限公司 Network access method, device, computer readable medium and electronic equipment
EP4135412A4 (en) * 2020-05-07 2023-05-10 Guangdong Oppo Mobile Telecommunications Corp., Ltd. Information sending method, information receiving method, terminal and network device
EP4156844A4 (en) * 2020-07-03 2023-06-28 Guangdong Oppo Mobile Telecommunications Corp., Ltd. Wireless communication method, terminal device, and network device
WO2022006828A1 (en) * 2020-07-09 2022-01-13 Oppo广东移动通信有限公司 Wireless communication method and device
CN115606247A (en) * 2020-07-27 2023-01-13 Oppo广东移动通信有限公司(Cn) Wireless communication method and apparatus
CN114071576A (en) * 2020-07-28 2022-02-18 中国联合网络通信集团有限公司 Network slice selection method, system, computer device and storage medium
CN114389943B (en) * 2020-10-22 2023-08-15 中移(成都)信息通信科技有限公司 Network configuration method, device, equipment and computer storage medium
CN114760663A (en) * 2020-12-28 2022-07-15 ***通信有限公司研究院 Information transmission method, device, related equipment and storage medium
CN115087071B (en) * 2021-03-16 2024-01-30 中国联合网络通信集团有限公司 Slice management method, user equipment and storage medium
CN115250510A (en) * 2021-04-08 2022-10-28 维沃移动通信有限公司 Method, device, terminal and network equipment for selecting network
CN113556761B (en) * 2021-06-25 2024-03-22 中国联合网络通信集团有限公司 Slice resource adjustment method, system, terminal equipment and storage medium
WO2023151049A1 (en) * 2022-02-11 2023-08-17 北京小米移动软件有限公司 Relationship indication method and device, information transmission method and device, communication device, and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106572516A (en) * 2016-09-28 2017-04-19 华为技术有限公司 Network slice selection method, terminal equipment and network equipment
WO2017135860A1 (en) * 2016-02-05 2017-08-10 Telefonaktiebolaget Lm Ericsson (Publ) Network nodes and methods performed therein for enabling communication in a communication network
CN107426797A (en) * 2017-04-28 2017-12-01 中国科学院计算技术研究所 For accessing the section managing and control system and method for net side
CN107579948A (en) * 2016-07-05 2018-01-12 华为技术有限公司 A kind of management system of network security, method and device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9775045B2 (en) * 2015-09-11 2017-09-26 Intel IP Corporation Slicing architecture for wireless communication
US10142994B2 (en) * 2016-04-18 2018-11-27 Electronics And Telecommunications Research Institute Communication method and apparatus using network slicing
CN106851589B (en) * 2016-12-30 2019-02-19 北京小米移动软件有限公司 Wireless network access method, apparatus and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017135860A1 (en) * 2016-02-05 2017-08-10 Telefonaktiebolaget Lm Ericsson (Publ) Network nodes and methods performed therein for enabling communication in a communication network
CN107579948A (en) * 2016-07-05 2018-01-12 华为技术有限公司 A kind of management system of network security, method and device
CN106572516A (en) * 2016-09-28 2017-04-19 华为技术有限公司 Network slice selection method, terminal equipment and network equipment
CN107426797A (en) * 2017-04-28 2017-12-01 中国科学院计算技术研究所 For accessing the section managing and control system and method for net side

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Slice Indication at Service Request – Why Efficient Mechanism is required?;Panasonic;《3GPP TSG-RAN WG2 NR Ad hoc 1801 R2-1800372》;20180112;正文第1-3部分 *

Also Published As

Publication number Publication date
WO2019140629A1 (en) 2019-07-25
CN110100481A (en) 2019-08-06
CN112020121B (en) 2023-05-30
CN112020121A (en) 2020-12-01

Similar Documents

Publication Publication Date Title
CN110100481B (en) Access control method, device and computer storage medium
CN112004243B (en) Method for configuring network slice identifier
CN109257769B (en) Method, related equipment and system for processing network slice congestion
US11405785B2 (en) Data radio bearer integrity protection configuration method, user equipment and network device
RU2767307C1 (en) Wireless communication method, terminal and network device
US20220061023A1 (en) Wireless communication method, network device, and terminal device
CN109891943B (en) Access control method, device and computer readable medium
CN111586811B (en) Information processing method and terminal
CN108141901B (en) Method and terminal for controlling service connection
US11115879B2 (en) State switching method, network device and terminal device
RU2767991C1 (en) Information processing method, terminal device and data medium
RU2729397C1 (en) Method of obtaining contextual configuration information, terminal device and network access device
US20210410207A1 (en) Data sending method, terminal device, and storage medium
CN113228762B (en) Method for managing node paging terminal device and managing node used in wireless communication network
CN114339927A (en) Network access guiding method and device and electronic equipment
CN112770392A (en) Communication configuration method and device
WO2018082039A1 (en) Method, device and system of signaling transmission
CN111615208A (en) Random access communication method, device, related equipment and storage medium
CN109891939B (en) Access control method, device and computer readable medium
CN110521258B (en) Connection establishment method and user equipment
CN115606247A (en) Wireless communication method and apparatus
CN112203333A (en) Connection release method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant